627 files changed, 19812 insertions, 37240 deletions

diff --git a/bin/setfacl/setfacl.1 b/bin/setfacl/setfacl.1
index a310c64..b581dc4 100644
--- a/bin/setfacl/setfacl.1
+++ b/bin/setfacl/setfacl.1
@@ -26,7 +26,7 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd September 4, 2015
+.Dd January 23, 2016
 .Dt SETFACL 1
 .Os
 .Sh NAME
@@ -62,8 +62,9 @@ starting at position
 counting from zero.
 This option is only applicable to NFSv4 ACLs.
 .It Fl b
-Remove all ACL entries except for the three required entries
-(POSIX.1e ACLs) or six "canonical" entries (NFSv4 ACLs).
+Remove all ACL entries except for the ones synthesized
+from the file mode - the three mandatory entries in case
+of POSIX.1e ACL.
 If the POSIX.1e ACL contains a
 .Dq Li mask
 entry, the permissions of the
diff --git a/bin/sh/cd.c b/bin/sh/cd.c
index 88f03f5..d034896 100644
--- a/bin/sh/cd.c
+++ b/bin/sh/cd.c
@@ -68,15 +68,13 @@ __FBSDID("$FreeBSD$");
 static int cdlogical(char *);
 static int cdphysical(char *);
 static int docd(char *, int, int);
-static char *getcomponent(void);
+static char *getcomponent(char **);
 static char *findcwd(char *);
 static void updatepwd(char *);
 static char *getpwd(void);
 static char *getpwd2(void);
 
 static char *curdir = NULL;	/* current working directory */
-static char *prevdir;		/* previous working directory */
-static char *cdcomppath;
 
 int
 cdcmd(int argc __unused, char **argv __unused)
@@ -112,11 +110,10 @@ cdcmd(int argc __unused, char **argv __unused)
 	if (*dest == '\0')
 		dest = ".";
 	if (dest[0] == '-' && dest[1] == '\0') {
-		dest = prevdir ? prevdir : curdir;
-		if (dest)
-			print = 1;
-		else
-			dest = ".";
+		dest = bltinlookup("OLDPWD", 1);
+		if (dest == NULL)
+			error("OLDPWD not set");
+		print = 1;
 	}
 	if (dest[0] == '/' ||
 	    (dest[0] == '.' && (dest[1] == '/' || dest[1] == '\0')) ||
@@ -179,6 +176,7 @@ cdlogical(char *dest)
 	char *p;
 	char *q;
 	char *component;
+	char *path;
 	struct stat statb;
 	int first;
 	int badstat;
@@ -189,14 +187,14 @@ cdlogical(char *dest)
 	 *  next time we get the value of the current directory.
 	 */
 	badstat = 0;
-	cdcomppath = stsavestr(dest);
+	path = stsavestr(dest);
 	STARTSTACKSTR(p);
 	if (*dest == '/') {
 		STPUTC('/', p);
-		cdcomppath++;
+		path++;
 	}
 	first = 1;
-	while ((q = getcomponent()) != NULL) {
+	while ((q = getcomponent(&path)) != NULL) {
 		if (q[0] == '\0' || (q[0] == '.' && q[1] == '\0'))
 			continue;
 		if (! first)
@@ -245,25 +243,25 @@ cdphysical(char *dest)
 }
 
 /*
- * Get the next component of the path name pointed to by cdcomppath.
- * This routine overwrites the string pointed to by cdcomppath.
+ * Get the next component of the path name pointed to by *path.
+ * This routine overwrites *path and the string pointed to by it.
  */
 static char *
-getcomponent(void)
+getcomponent(char **path)
 {
 	char *p;
 	char *start;
 
-	if ((p = cdcomppath) == NULL)
+	if ((p = *path) == NULL)
 		return NULL;
-	start = cdcomppath;
+	start = *path;
 	while (*p != '/' && *p != '\0')
 		p++;
 	if (*p == '\0') {
-		cdcomppath = NULL;
+		*path = NULL;
 	} else {
 		*p++ = '\0';
-		cdcomppath = p;
+		*path = p;
 	}
 	return start;
 }
@@ -274,6 +272,7 @@ findcwd(char *dir)
 {
 	char *new;
 	char *p;
+	char *path;
 
 	/*
 	 * If our argument is NULL, we don't know the current directory
@@ -282,14 +281,14 @@ findcwd(char *dir)
 	 */
 	if (dir == NULL || curdir == NULL)
 		return getpwd2();
-	cdcomppath = stsavestr(dir);
+	path = stsavestr(dir);
 	STARTSTACKSTR(new);
 	if (*dir != '/') {
 		STPUTS(curdir, new);
 		if (STTOPC(new) == '/')
 			STUNPUTC(new);
 	}
-	while ((p = getcomponent()) != NULL) {
+	while ((p = getcomponent(&path)) != NULL) {
 		if (equal(p, "..")) {
 			while (new > stackblock() && (STUNPUTC(new), *new) != '/');
 		} else if (*p != '\0' && ! equal(p, ".")) {
@@ -311,14 +310,15 @@ findcwd(char *dir)
 static void
 updatepwd(char *dir)
 {
+	char *prevdir;
+
 	hashcd();				/* update command hash table */
 
-	if (prevdir)
-		ckfree(prevdir);
+	setvar("PWD", dir, VEXPORT);
+	setvar("OLDPWD", curdir, VEXPORT);
 	prevdir = curdir;
 	curdir = dir ? savestr(dir) : NULL;
-	setvar("PWD", curdir, VEXPORT);
-	setvar("OLDPWD", prevdir, VEXPORT);
+	ckfree(prevdir);
 }
 
 int
diff --git a/bin/sh/expand.c b/bin/sh/expand.c
index c661541..6129bb6 100644
--- a/bin/sh/expand.c
+++ b/bin/sh/expand.c
@@ -91,13 +91,13 @@ struct worddest {
 static char *expdest;			/* output of current string */
 static struct nodelist *argbackq;	/* list of back quote expressions */
 
-static char *argstr(char *, int, struct worddest *);
-static char *exptilde(char *, int);
-static char *expari(char *, int, struct worddest *);
+static const char *argstr(const char *, int, struct worddest *);
+static const char *exptilde(const char *, int);
+static const char *expari(const char *, int, struct worddest *);
 static void expbackq(union node *, int, int, struct worddest *);
-static void subevalvar_trim(char *, int, int, int);
-static int subevalvar_misc(char *, const char *, int, int, int);
-static char *evalvar(char *, int, struct worddest *);
+static void subevalvar_trim(const char *, int, int, int);
+static int subevalvar_misc(const char *, const char *, int, int, int);
+static const char *evalvar(const char *, int, struct worddest *);
 static int varisset(const char *, int);
 static void strtodest(const char *, int, int, int, struct worddest *);
 static void reprocess(int, int, int, int, struct worddest *);
@@ -262,8 +262,8 @@ expandarg(union node *arg, struct arglist *arglist, int flag)
  *
  * If EXP_SPLIT is set, dst receives any complete words produced.
  */
-static char *
-argstr(char *p, int flag, struct worddest *dst)
+static const char *
+argstr(const char *p, int flag, struct worddest *dst)
 {
 	char c;
 	int quotes = flag & (EXP_GLOB | EXP_CASE);	/* do CTLESC */
@@ -352,12 +352,15 @@ argstr(char *p, int flag, struct worddest *dst)
  * Perform tilde expansion, placing the result in the stack string and
  * returning the next position in the input string to process.
  */
-static char *
-exptilde(char *p, int flag)
+static const char *
+exptilde(const char *p, int flag)
 {
-	char c, *startp = p;
+	char c;
+	const char *startp = p;
+	const char *user;
 	struct passwd *pw;
 	char *home;
+	int len;
 
 	for (;;) {
 		c = *p;
@@ -377,14 +380,17 @@ exptilde(char *p, int flag)
 		case '\0':
 		case '/':
 		case CTLENDVAR:
-			*p = '\0';
-			if (*(startp+1) == '\0') {
+			len = p - startp - 1;
+			STPUTBIN(startp + 1, len, expdest);
+			STACKSTRNUL(expdest);
+			user = expdest - len;
+			if (*user == '\0') {
 				home = lookupvar("HOME");
 			} else {
-				pw = getpwnam(startp+1);
+				pw = getpwnam(user);
 				home = pw != NULL ? pw->pw_dir : NULL;
 			}
-			*p = c;
+			STADJUST(-len, expdest);
 			if (home == NULL || *home == '\0')
 				return (startp);
 			strtodest(home, flag, VSNORMAL, 1, NULL);
@@ -398,8 +404,8 @@ exptilde(char *p, int flag)
 /*
  * Expand arithmetic expression.
  */
-static char *
-expari(char *p, int flag, struct worddest *dst)
+static const char *
+expari(const char *p, int flag, struct worddest *dst)
 {
 	char *q, *start;
 	arith_t result;
@@ -532,7 +538,7 @@ recordleft(const char *str, const char *loc, char *startp)
 }
 
 static void
-subevalvar_trim(char *p, int strloc, int subtype, int startloc)
+subevalvar_trim(const char *p, int strloc, int subtype, int startloc)
 {
 	char *startp;
 	char *loc = NULL;
@@ -606,7 +612,7 @@ subevalvar_trim(char *p, int strloc, int subtype, int startloc)
 
 
 static int
-subevalvar_misc(char *p, const char *var, int subtype, int startloc,
+subevalvar_misc(const char *p, const char *var, int subtype, int startloc,
   int varflags)
 {
 	char *startp;
@@ -645,12 +651,12 @@ subevalvar_misc(char *p, const char *var, int subtype, int startloc,
  * input string.
  */
 
-static char *
-evalvar(char *p, int flag, struct worddest *dst)
+static const char *
+evalvar(const char *p, int flag, struct worddest *dst)
 {
 	int subtype;
 	int varflags;
-	char *var;
+	const char *var;
 	const char *val;
 	int patloc;
 	int c;
diff --git a/bin/sh/tests/builtins/Makefile b/bin/sh/tests/builtins/Makefile
index 1511f70..4811bb3 100644
--- a/bin/sh/tests/builtins/Makefile
+++ b/bin/sh/tests/builtins/Makefile
@@ -112,6 +112,8 @@ FILES+=		local2.0
 FILES+=		local3.0
 FILES+=		local4.0
 FILES+=		local5.0
+FILES+=		local6.0
+FILES+=		local7.0
 .if ${MK_NLS} != "no"
 FILES+=		locale1.0
 .endif
diff --git a/bin/sh/tests/builtins/local6.0 b/bin/sh/tests/builtins/local6.0
new file mode 100644
index 0000000..017bb12
--- /dev/null
+++ b/bin/sh/tests/builtins/local6.0
@@ -0,0 +1,10 @@
+# $FreeBSD$
+
+f() {
+	local x
+	readonly x=2
+}
+x=3
+f
+x=4
+[ "$x" = 4 ]
diff --git a/bin/sh/tests/builtins/local7.0 b/bin/sh/tests/builtins/local7.0
new file mode 100644
index 0000000..f7e6fc0
--- /dev/null
+++ b/bin/sh/tests/builtins/local7.0
@@ -0,0 +1,10 @@
+# $FreeBSD$
+
+f() {
+	local x
+	readonly x=2
+}
+unset x
+f
+x=4
+[ "$x" = 4 ]
diff --git a/bin/sh/var.c b/bin/sh/var.c
index 3af7dbe..03d529b 100644
--- a/bin/sh/var.c
+++ b/bin/sh/var.c
@@ -802,6 +802,7 @@ poplocalvars(void)
 			ckfree(lvp->text);
 			optschanged();
 		} else if ((lvp->flags & (VUNSET|VSTRFIXED)) == VUNSET) {
+			vp->flags &= ~VREADONLY;
 			(void)unsetvar(vp->text);
 		} else {
 			islocalevar = (vp->flags | lvp->flags) & VEXPORT &&
diff --git a/cddl/lib/Makefile b/cddl/lib/Makefile
index 9371865..2bfc6c1 100644
--- a/cddl/lib/Makefile
+++ b/cddl/lib/Makefile
@@ -26,7 +26,7 @@ _libzpool=	libzpool
 .endif
 .endif
 
-.if ${MACHINE_CPUARCH} != "sparc64"
+.if ${MACHINE_CPUARCH} != "sparc64" && ${MACHINE_CPUARCH} != "riscv"
 _drti=		drti
 _libdtrace=	libdtrace
 .endif
diff --git a/contrib/bsnmp/snmp_mibII/mibII.c b/contrib/bsnmp/snmp_mibII/mibII.c
index d3fe27a..b62ee66 100644
--- a/contrib/bsnmp/snmp_mibII/mibII.c
+++ b/contrib/bsnmp/snmp_mibII/mibII.c
@@ -443,6 +443,7 @@ mib_fetch_ifmib(struct mibif *ifp)
 	size_t len;
 	void *newmib;
 	struct ifmibdata oldmib = ifp->mib;
+	struct ifreq irr;
 
 	if (fetch_generic_mib(ifp, &oldmib) == -1)
 		return (-1);
@@ -514,6 +515,18 @@ mib_fetch_ifmib(struct mibif *ifp)
 	}
 
   out:
+	strncpy(irr.ifr_name, ifp->name, sizeof(irr.ifr_name));
+	irr.ifr_buffer.buffer = MIBIF_PRIV(ifp)->alias;
+	irr.ifr_buffer.length = sizeof(MIBIF_PRIV(ifp)->alias);
+	if (ioctl(mib_netsock, SIOCGIFDESCR, &irr) == -1) {
+		MIBIF_PRIV(ifp)->alias[0] = 0;
+		if (errno != ENOMSG)
+			syslog(LOG_WARNING, "SIOCGIFDESCR (%s): %m", ifp->name);
+	} else if (irr.ifr_buffer.buffer == NULL) {
+		MIBIF_PRIV(ifp)->alias[0] = 0;
+		syslog(LOG_WARNING, "SIOCGIFDESCR (%s): too long (%zu)",
+		    ifp->name, irr.ifr_buffer.length);
+	}
 	ifp->mibtick = get_ticks();
 	return (0);
 }
diff --git a/contrib/bsnmp/snmp_mibII/mibII.h b/contrib/bsnmp/snmp_mibII/mibII.h
index 8d50528..f7b230d 100644
--- a/contrib/bsnmp/snmp_mibII/mibII.h
+++ b/contrib/bsnmp/snmp_mibII/mibII.h
@@ -57,6 +57,9 @@
 #include "snmp_mibII.h"
 #include "mibII_tree.h"
 
+/* maximum size of the interface alias */
+#define	MIBIF_ALIAS_SIZE	(64 + 1)
+
 /*
  * Interface list and flags.
  */
@@ -77,6 +80,9 @@ struct mibif_private {
 	uint64_t	hc_opackets;
 	uint64_t	hc_imcasts;
 	uint64_t	hc_ipackets;
+
+	/* this should be made public */
+	char		alias[MIBIF_ALIAS_SIZE];
 };
 #define	MIBIF_PRIV(IFP) ((struct mibif_private *)((IFP)->private))
 
diff --git a/contrib/bsnmp/snmp_mibII/mibII_interfaces.c b/contrib/bsnmp/snmp_mibII/mibII_interfaces.c
index f425a27..654e9c3 100644
--- a/contrib/bsnmp/snmp_mibII/mibII_interfaces.c
+++ b/contrib/bsnmp/snmp_mibII/mibII_interfaces.c
@@ -528,7 +528,7 @@ op_ifxtable(struct snmp_context *ctx, struct snmp_value *value,
 		break;
 
 	  case LEAF_ifAlias:
-		ret = string_get(value, "", -1);
+		ret = string_get(value, MIBIF_PRIV(ifp)->alias, -1);
 		break;
 
 	  case LEAF_ifCounterDiscontinuityTime:
diff --git a/contrib/compiler-rt/lib/builtins/int_lib.h b/contrib/compiler-rt/lib/builtins/int_lib.h
index ceb348c2..985534d 100644
--- a/contrib/compiler-rt/lib/builtins/int_lib.h
+++ b/contrib/compiler-rt/lib/builtins/int_lib.h
@@ -74,11 +74,13 @@
  * global header to prevent other C files from making the detour
  * through __c?zdi2() as well.
  *
- * This problem has only been observed on FreeBSD for sparc64 and
- * mips64 with GCC 4.2.1.
+ * This problem has been observed on FreeBSD for sparc64 and
+ * mips64 with GCC 4.2.1, and for riscv with GCC 5.2.0.
+ * Presumably it's any version of GCC, and targeting an arch that
+ * does not have dedicated bit counting instructions.
  */
 #if defined(__FreeBSD__) && (defined(__sparc64__) || \
-    defined(__mips_n64) || defined(__mips_o64))
+    defined(__mips_n64) || defined(__mips_o64) || defined(__riscv__))
 si_int __clzsi2(si_int);
 si_int __ctzsi2(si_int);
 #define	__builtin_clz __clzsi2
diff --git a/contrib/compiler-rt/lib/sanitizer_common/sanitizer_platform_limits_posix.h b/contrib/compiler-rt/lib/sanitizer_common/sanitizer_platform_limits_posix.h
index 4da7c70..ea95fb6 100644
--- a/contrib/compiler-rt/lib/sanitizer_common/sanitizer_platform_limits_posix.h
+++ b/contrib/compiler-rt/lib/sanitizer_common/sanitizer_platform_limits_posix.h
@@ -76,6 +76,10 @@ namespace __sanitizer {
 #elif defined(__powerpc64__)
   const unsigned struct_kernel_stat_sz = 144;
   const unsigned struct_kernel_stat64_sz = 104;
+#elif defined(__riscv__)
+  /* RISCVTODO: check that these values are correct */
+  const unsigned struct_kernel_stat_sz = 128;
+  const unsigned struct_kernel_stat64_sz = 128;
 #elif defined(__mips__)
   #if SANITIZER_WORDSIZE == 64
   const unsigned struct_kernel_stat_sz = 216;
@@ -103,7 +107,7 @@ namespace __sanitizer {
 
 #if SANITIZER_LINUX || SANITIZER_FREEBSD
 
-#if defined(__powerpc64__)
+#if defined(__powerpc64__) || defined(__riscv__)
   const unsigned struct___old_kernel_stat_sz = 0;
 #else
   const unsigned struct___old_kernel_stat_sz = 32;
@@ -481,7 +485,7 @@ namespace __sanitizer {
   typedef long __sanitizer___kernel_off_t;
 #endif
 
-#if defined(__powerpc__) || defined(__mips__)
+#if defined(__powerpc__) || defined(__mips__) || defined(__riscv__)
   typedef unsigned int __sanitizer___kernel_old_uid_t;
   typedef unsigned int __sanitizer___kernel_old_gid_t;
 #else
diff --git a/contrib/elftoolchain/libelf/_libelf_config.h b/contrib/elftoolchain/libelf/_libelf_config.h
index 1b8f35b..602eb89 100644
--- a/contrib/elftoolchain/libelf/_libelf_config.h
+++ b/contrib/elftoolchain/libelf/_libelf_config.h
@@ -97,6 +97,12 @@
 #define	LIBELF_BYTEORDER	ELFDATA2MSB
 #define	LIBELF_CLASS		ELFCLASS32
 
+#elif	defined(__riscv64)
+
+#define	LIBELF_ARCH		EM_RISCV
+#define	LIBELF_BYTEORDER	ELFDATA2LSB
+#define	LIBELF_CLASS		ELFCLASS64
+
 #elif	defined(__sparc__)
 
 #define	LIBELF_ARCH		EM_SPARCV9
diff --git a/contrib/gcc/config/riscv64/freebsd.h b/contrib/gcc/config/riscv64/freebsd.h
new file mode 100644
index 0000000..7ce1487
--- /dev/null
+++ b/contrib/gcc/config/riscv64/freebsd.h
@@ -0,0 +1,6 @@
+/* $FreeBSD$ */
+
+#undef INIT_SECTION_ASM_OP
+#undef FINI_SECTION_ASM_OP
+#define INIT_ARRAY_SECTION_ASM_OP "\t.section\t.init_array,\"aw\",%init_array"
+#define FINI_ARRAY_SECTION_ASM_OP "\t.section\t.fini_array,\"aw\",%fini_array"
diff --git a/contrib/gcc/config/riscv64/riscv64.h b/contrib/gcc/config/riscv64/riscv64.h
new file mode 100644
index 0000000..da23dbe
--- /dev/null
+++ b/contrib/gcc/config/riscv64/riscv64.h
@@ -0,0 +1 @@
+/* $FreeBSD$ */
diff --git a/contrib/jemalloc/include/jemalloc/internal/jemalloc_internal.h b/contrib/jemalloc/include/jemalloc/internal/jemalloc_internal.h
index fe0160a..c34c237 100644
--- a/contrib/jemalloc/include/jemalloc/internal/jemalloc_internal.h
+++ b/contrib/jemalloc/include/jemalloc/internal/jemalloc_internal.h
@@ -253,6 +253,9 @@ typedef unsigned szind_t;
 #  ifdef __powerpc__
 #    define LG_QUANTUM		4
 #  endif
+#  ifdef __riscv__
+#    define LG_QUANTUM		4
+#  endif
 #  ifdef __s390__
 #    define LG_QUANTUM		4
 #  endif
diff --git a/contrib/jemalloc/include/jemalloc/jemalloc_FreeBSD.h b/contrib/jemalloc/include/jemalloc/jemalloc_FreeBSD.h
index 737542e..1ab2ce5 100644
--- a/contrib/jemalloc/include/jemalloc/jemalloc_FreeBSD.h
+++ b/contrib/jemalloc/include/jemalloc/jemalloc_FreeBSD.h
@@ -52,6 +52,9 @@
 #elif defined(__powerpc__)
 #  define LG_SIZEOF_PTR		2
 #endif
+#ifdef __riscv__
+#  define LG_SIZEOF_PTR		3
+#endif
 
 #ifndef JEMALLOC_TLS_MODEL
 #  define JEMALLOC_TLS_MODEL	/* Default. */
diff --git a/contrib/llvm/projects/libunwind/include/libunwind.h b/contrib/llvm/projects/libunwind/include/libunwind.h
index 6045bec..4f08381 100644
--- a/contrib/llvm/projects/libunwind/include/libunwind.h
+++ b/contrib/llvm/projects/libunwind/include/libunwind.h
@@ -295,6 +295,77 @@ enum {
   UNW_PPC_SPEFSCR = 112
 };
 
+// 64-bit RISC-V registers
+enum {
+  UNW_RISCV_X0  = 0,
+  UNW_RISCV_X1  = 1,
+  UNW_RISCV_RA  = 1,
+  UNW_RISCV_X2  = 2,
+  UNW_RISCV_SP  = 2,
+  UNW_RISCV_X3  = 3,
+  UNW_RISCV_X4  = 4,
+  UNW_RISCV_X5  = 5,
+  UNW_RISCV_X6  = 6,
+  UNW_RISCV_X7  = 7,
+  UNW_RISCV_X8  = 8,
+  UNW_RISCV_X9  = 9,
+  UNW_RISCV_X10 = 10,
+  UNW_RISCV_X11 = 11,
+  UNW_RISCV_X12 = 12,
+  UNW_RISCV_X13 = 13,
+  UNW_RISCV_X14 = 14,
+  UNW_RISCV_X15 = 15,
+  UNW_RISCV_X16 = 16,
+  UNW_RISCV_X17 = 17,
+  UNW_RISCV_X18 = 18,
+  UNW_RISCV_X19 = 19,
+  UNW_RISCV_X20 = 20,
+  UNW_RISCV_X21 = 21,
+  UNW_RISCV_X22 = 22,
+  UNW_RISCV_X23 = 23,
+  UNW_RISCV_X24 = 24,
+  UNW_RISCV_X25 = 25,
+  UNW_RISCV_X26 = 26,
+  UNW_RISCV_X27 = 27,
+  UNW_RISCV_X28 = 28,
+  UNW_RISCV_X29 = 29,
+  UNW_RISCV_X30 = 30,
+  UNW_RISCV_X31 = 31,
+  // reserved block
+  UNW_RISCV_D0  = 64,
+  UNW_RISCV_D1  = 65,
+  UNW_RISCV_D2  = 66,
+  UNW_RISCV_D3  = 67,
+  UNW_RISCV_D4  = 68,
+  UNW_RISCV_D5  = 69,
+  UNW_RISCV_D6  = 70,
+  UNW_RISCV_D7  = 71,
+  UNW_RISCV_D8  = 72,
+  UNW_RISCV_D9  = 73,
+  UNW_RISCV_D10 = 74,
+  UNW_RISCV_D11 = 75,
+  UNW_RISCV_D12 = 76,
+  UNW_RISCV_D13 = 77,
+  UNW_RISCV_D14 = 78,
+  UNW_RISCV_D15 = 79,
+  UNW_RISCV_D16 = 80,
+  UNW_RISCV_D17 = 81,
+  UNW_RISCV_D18 = 82,
+  UNW_RISCV_D19 = 83,
+  UNW_RISCV_D20 = 84,
+  UNW_RISCV_D21 = 85,
+  UNW_RISCV_D22 = 86,
+  UNW_RISCV_D23 = 87,
+  UNW_RISCV_D24 = 88,
+  UNW_RISCV_D25 = 89,
+  UNW_RISCV_D26 = 90,
+  UNW_RISCV_D27 = 91,
+  UNW_RISCV_D28 = 92,
+  UNW_RISCV_D29 = 93,
+  UNW_RISCV_D30 = 94,
+  UNW_RISCV_D31 = 95,
+};
+
 // 64-bit ARM64 registers
 enum {
   UNW_ARM64_X0  = 0,
diff --git a/contrib/llvm/projects/libunwind/src/Registers.hpp b/contrib/llvm/projects/libunwind/src/Registers.hpp
index 875ea20..04bbfe6 100644
--- a/contrib/llvm/projects/libunwind/src/Registers.hpp
+++ b/contrib/llvm/projects/libunwind/src/Registers.hpp
@@ -1024,6 +1024,264 @@ inline const char *Registers_ppc::getRegisterName(int regNum) {
 
 }
 
+/// Registers_riscv holds the register state of a thread in a 64-bit RISC-V
+/// process.
+class _LIBUNWIND_HIDDEN Registers_riscv {
+public:
+  Registers_riscv();
+  Registers_riscv(const void *registers);
+
+  bool        validRegister(int num) const;
+  uint64_t    getRegister(int num) const;
+  void        setRegister(int num, uint64_t value);
+  bool        validFloatRegister(int num) const;
+  double      getFloatRegister(int num) const;
+  void        setFloatRegister(int num, double value);
+  bool        validVectorRegister(int num) const;
+  v128        getVectorRegister(int num) const;
+  void        setVectorRegister(int num, v128 value);
+  const char *getRegisterName(int num);
+  void        jumpto();
+  static int  lastDwarfRegNum() { return 95; }
+
+  uint64_t  getSP() const         { return _registers.__x[2]; }
+  void      setSP(uint64_t value) { _registers.__x[2] = value; }
+  uint64_t  getIP() const         { return _registers.__x[1]; }
+  void      setIP(uint64_t value) { _registers.__x[1] = value; }
+
+private:
+  struct GPRs {
+    uint64_t __x[32]; // x0-x31
+  };
+
+  GPRs    _registers;
+  double  _vectorHalfRegisters[32];
+  // Currently only the lower double in 128-bit vectore registers
+  // is perserved during unwinding.  We could define new register
+  // numbers (> 96) which mean whole vector registers, then this
+  // struct would need to change to contain whole vector registers.
+};
+
+inline Registers_riscv::Registers_riscv(const void *registers) {
+  static_assert(sizeof(Registers_riscv) < sizeof(unw_context_t),
+                    "riscv registers do not fit into unw_context_t");
+  memcpy(&_registers, registers, sizeof(_registers));
+  static_assert(sizeof(GPRs) == 0x100,
+                "expected VFP registers to be at offset 256");
+  memcpy(_vectorHalfRegisters,
+         static_cast<const uint8_t *>(registers) + sizeof(GPRs),
+         sizeof(_vectorHalfRegisters));
+}
+
+inline Registers_riscv::Registers_riscv() {
+  memset(&_registers, 0, sizeof(_registers));
+  memset(&_vectorHalfRegisters, 0, sizeof(_vectorHalfRegisters));
+}
+
+inline bool Registers_riscv::validRegister(int regNum) const {
+  if (regNum == UNW_REG_IP)
+    return true;
+  if (regNum == UNW_REG_SP)
+    return true;
+  if (regNum < 0)
+    return false;
+  if (regNum > 95)
+    return false;
+  if ((regNum > 31) && (regNum < 64))
+    return false;
+  return true;
+}
+
+inline uint64_t Registers_riscv::getRegister(int regNum) const {
+  if (regNum == UNW_REG_IP)
+    return _registers.__x[1];
+  if (regNum == UNW_REG_SP)
+    return _registers.__x[2];
+  if ((regNum >= 0) && (regNum < 32))
+    return _registers.__x[regNum];
+  _LIBUNWIND_ABORT("unsupported riscv register");
+}
+
+inline void Registers_riscv::setRegister(int regNum, uint64_t value) {
+  if (regNum == UNW_REG_IP)
+    _registers.__x[1] = value;
+  else if (regNum == UNW_REG_SP)
+    _registers.__x[2] = value;
+  else if ((regNum >= 0) && (regNum < 32))
+    _registers.__x[regNum] = value;
+  else
+    _LIBUNWIND_ABORT("unsupported riscv register");
+}
+
+inline const char *Registers_riscv::getRegisterName(int regNum) {
+  switch (regNum) {
+  case UNW_REG_IP:
+    return "ra";
+  case UNW_REG_SP:
+    return "sp";
+  case UNW_RISCV_X0:
+    return "x0";
+  case UNW_RISCV_X1:
+    return "ra";
+  case UNW_RISCV_X2:
+    return "sp";
+  case UNW_RISCV_X3:
+    return "x3";
+  case UNW_RISCV_X4:
+    return "x4";
+  case UNW_RISCV_X5:
+    return "x5";
+  case UNW_RISCV_X6:
+    return "x6";
+  case UNW_RISCV_X7:
+    return "x7";
+  case UNW_RISCV_X8:
+    return "x8";
+  case UNW_RISCV_X9:
+    return "x9";
+  case UNW_RISCV_X10:
+    return "x10";
+  case UNW_RISCV_X11:
+    return "x11";
+  case UNW_RISCV_X12:
+    return "x12";
+  case UNW_RISCV_X13:
+    return "x13";
+  case UNW_RISCV_X14:
+    return "x14";
+  case UNW_RISCV_X15:
+    return "x15";
+  case UNW_RISCV_X16:
+    return "x16";
+  case UNW_RISCV_X17:
+    return "x17";
+  case UNW_RISCV_X18:
+    return "x18";
+  case UNW_RISCV_X19:
+    return "x19";
+  case UNW_RISCV_X20:
+    return "x20";
+  case UNW_RISCV_X21:
+    return "x21";
+  case UNW_RISCV_X22:
+    return "x22";
+  case UNW_RISCV_X23:
+    return "x23";
+  case UNW_RISCV_X24:
+    return "x24";
+  case UNW_RISCV_X25:
+    return "x25";
+  case UNW_RISCV_X26:
+    return "x26";
+  case UNW_RISCV_X27:
+    return "x27";
+  case UNW_RISCV_X28:
+    return "x28";
+  case UNW_RISCV_X29:
+    return "x29";
+  case UNW_RISCV_X30:
+    return "x30";
+  case UNW_RISCV_X31:
+    return "x31";
+  case UNW_RISCV_D0:
+    return "d0";
+  case UNW_RISCV_D1:
+    return "d1";
+  case UNW_RISCV_D2:
+    return "d2";
+  case UNW_RISCV_D3:
+    return "d3";
+  case UNW_RISCV_D4:
+    return "d4";
+  case UNW_RISCV_D5:
+    return "d5";
+  case UNW_RISCV_D6:
+    return "d6";
+  case UNW_RISCV_D7:
+    return "d7";
+  case UNW_RISCV_D8:
+    return "d8";
+  case UNW_RISCV_D9:
+    return "d9";
+  case UNW_RISCV_D10:
+    return "d10";
+  case UNW_RISCV_D11:
+    return "d11";
+  case UNW_RISCV_D12:
+    return "d12";
+  case UNW_RISCV_D13:
+    return "d13";
+  case UNW_RISCV_D14:
+    return "d14";
+  case UNW_RISCV_D15:
+    return "d15";
+  case UNW_RISCV_D16:
+    return "d16";
+  case UNW_RISCV_D17:
+    return "d17";
+  case UNW_RISCV_D18:
+    return "d18";
+  case UNW_RISCV_D19:
+    return "d19";
+  case UNW_RISCV_D20:
+    return "d20";
+  case UNW_RISCV_D21:
+    return "d21";
+  case UNW_RISCV_D22:
+    return "d22";
+  case UNW_RISCV_D23:
+    return "d23";
+  case UNW_RISCV_D24:
+    return "d24";
+  case UNW_RISCV_D25:
+    return "d25";
+  case UNW_RISCV_D26:
+    return "d26";
+  case UNW_RISCV_D27:
+    return "d27";
+  case UNW_RISCV_D28:
+    return "d28";
+  case UNW_RISCV_D29:
+    return "d29";
+  case UNW_RISCV_D30:
+    return "d30";
+  case UNW_RISCV_D31:
+    return "d31";
+  default:
+    return "unknown register";
+  }
+}
+
+inline bool Registers_riscv::validFloatRegister(int regNum) const {
+  if (regNum < UNW_RISCV_D0)
+    return false;
+  if (regNum > UNW_RISCV_D31)
+    return false;
+  return true;
+}
+
+inline double Registers_riscv::getFloatRegister(int regNum) const {
+  assert(validFloatRegister(regNum));
+  return _vectorHalfRegisters[regNum - UNW_RISCV_D0];
+}
+
+inline void Registers_riscv::setFloatRegister(int regNum, double value) {
+  assert(validFloatRegister(regNum));
+  _vectorHalfRegisters[regNum - UNW_RISCV_D0] = value;
+}
+
+inline bool Registers_riscv::validVectorRegister(int) const {
+  return false;
+}
+
+inline v128 Registers_riscv::getVectorRegister(int) const {
+  _LIBUNWIND_ABORT("no riscv vector register support yet");
+}
+
+inline void Registers_riscv::setVectorRegister(int, v128) {
+  _LIBUNWIND_ABORT("no riscv vector register support yet");
+}
+
 
 /// Registers_arm64  holds the register state of a thread in a 64-bit arm
 /// process.
diff --git a/contrib/llvm/projects/libunwind/src/UnwindCursor.hpp b/contrib/llvm/projects/libunwind/src/UnwindCursor.hpp
index 9068316..166e2fd 100644
--- a/contrib/llvm/projects/libunwind/src/UnwindCursor.hpp
+++ b/contrib/llvm/projects/libunwind/src/UnwindCursor.hpp
@@ -562,6 +562,10 @@ private:
   compact_unwind_encoding_t dwarfEncoding(Registers_or1k &) const {
     return 0;
   }
+
+  compact_unwind_encoding_t dwarfEncoding(Registers_riscv &) const {
+    return 0;
+  }
 #endif // _LIBUNWIND_SUPPORT_DWARF_UNWIND
 
 
diff --git a/contrib/llvm/projects/libunwind/src/UnwindRegistersRestore.S b/contrib/llvm/projects/libunwind/src/UnwindRegistersRestore.S
index 3a4ea62..61e4568 100644
--- a/contrib/llvm/projects/libunwind/src/UnwindRegistersRestore.S
+++ b/contrib/llvm/projects/libunwind/src/UnwindRegistersRestore.S
@@ -478,4 +478,8 @@ DEFINE_LIBUNWIND_PRIVATE_FUNCTION(_ZN9libunwind14Registers_or1k6jumptoEv)
   l.jr     r9
    l.nop
 
+#elif defined(__riscv__)
+
+/* RISCVTODO */
+
 #endif
diff --git a/contrib/llvm/projects/libunwind/src/UnwindRegistersSave.S b/contrib/llvm/projects/libunwind/src/UnwindRegistersSave.S
index f84b711..e49566e 100644
--- a/contrib/llvm/projects/libunwind/src/UnwindRegistersSave.S
+++ b/contrib/llvm/projects/libunwind/src/UnwindRegistersSave.S
@@ -463,4 +463,9 @@ DEFINE_LIBUNWIND_FUNCTION(unw_getcontext)
   l.sw     116(r3), r29
   l.sw     120(r3), r30
   l.sw     124(r3), r31
+
+#elif defined(__riscv__)
+
+/* RISCVTODO */
+
 #endif
diff --git a/contrib/llvm/projects/libunwind/src/config.h b/contrib/llvm/projects/libunwind/src/config.h
index ecc0a6b..7ebd57f 100644
--- a/contrib/llvm/projects/libunwind/src/config.h
+++ b/contrib/llvm/projects/libunwind/src/config.h
@@ -74,7 +74,8 @@
   #define _LIBUNWIND_BUILD_ZERO_COST_APIS (defined(__i386__) || \
                                            defined(__x86_64__) || \
                                            defined(__arm__) || \
-                                           defined(__aarch64__))
+                                           defined(__aarch64__) || \
+                                           defined(__riscv__))
   #define _LIBUNWIND_BUILD_SJLJ_APIS      0
   #define _LIBUNWIND_SUPPORT_FRAME_APIS   (defined(__i386__) || \
                                            defined(__x86_64__))
diff --git a/contrib/llvm/projects/libunwind/src/libunwind.cpp b/contrib/llvm/projects/libunwind/src/libunwind.cpp
index f9f32f0..c4e3e45 100644
--- a/contrib/llvm/projects/libunwind/src/libunwind.cpp
+++ b/contrib/llvm/projects/libunwind/src/libunwind.cpp
@@ -66,6 +66,9 @@ _LIBUNWIND_EXPORT int unw_init_local(unw_cursor_t *cursor,
                                  context, LocalAddressSpace::sThisAddressSpace);
 #elif defined(__mips__)
 #warning The MIPS architecture is not supported.
+#elif defined(__riscv__)
+  new ((void *)cursor) UnwindCursor<LocalAddressSpace, Registers_riscv>(
+                                 context, LocalAddressSpace::sThisAddressSpace);
 #else
 #error Architecture not supported
 #endif
diff --git a/contrib/ntp/ChangeLog b/contrib/ntp/ChangeLog
index 304bd85..cfe4aa1 100644
--- a/contrib/ntp/ChangeLog
+++ b/contrib/ntp/ChangeLog
@@ -1,4 +1,38 @@
 ---
+(4.2.8p6) 2016/01/20 Released by Harlan Stenn <stenn@ntp.org>
+
+* [Sec 2935] Deja Vu: Replay attack on authenticated broadcast mode. HStenn.
+* [Sec 2936] Skeleton Key: Any trusted key system can serve time. HStenn.
+* [Sec 2937] ntpq: nextvar() missing length check. perlinger@ntp.org
+* [Sec 2938] ntpq saveconfig command allows dangerous characters
+  in filenames. perlinger@ntp.org
+* [Sec 2939] reslist NULL pointer dereference.  perlinger@ntp.org
+* [Sec 2940] Stack exhaustion in recursive traversal of restriction
+  list. perlinger@ntp.org
+* [Sec 2942]: Off-path DoS attack on auth broadcast mode.  HStenn.
+* [Sec 2945] Zero Origin Timestamp Bypass. perlinger@ntp.org
+* [Sec 2948] Potential Infinite Loop in ntpq ( and ntpdc) perlinger@ntp.org
+* [Bug 2772] adj_systime overflows tv_usec. perlinger@ntp.org
+* [Bug 2814] msyslog deadlock when signaled. perlinger@ntp.org
+  - applied patch by shenpeng11@huawei.com with minor adjustments
+* [Bug 2882] Look at ntp_request.c:list_peers_sum(). perlinger@ntp.org
+* [Bug 2891] Deadlock in deferred DNS lookup framework. perlinger@ntp.org
+* [Bug 2892] Several test cases assume IPv6 capabilities even when
+             IPv6 is disabled in the build. perlinger@ntp.org
+  - Found this already fixed, but validation led to cleanup actions.
+* [Bug 2905] DNS lookups broken. perlinger@ntp.org
+  - added limits to stack consumption, fixed some return code handling
+* [Bug 2971] ntpq bails on ^C: select fails: Interrupted system call
+  - changed stacked/nested handling of CTRL-C. perlinger@ntp.org
+  - make CTRL-C work for retrieval and printing od MRU list. perlinger@ntp.org
+* [Bug 2980] reduce number of warnings. perlinger@ntp.org
+  - integrated several patches from Havard Eidnes (he@uninett.no)
+* [Bug 2985] bogus calculation in authkeys.c perlinger@ntp.org
+  - implement 'auth_log2()' using integer bithack instead of float calculation
+* Make leapsec_query debug messages less verbose.  Harlan Stenn.
+* Disable incomplete t-ntp_signd.c test.  Harlan Stenn.
+
+---
 (4.2.8p5) 2016/01/07 Released by Harlan Stenn <stenn@ntp.org>
 
 * [Sec 2956] small-step/big-step.  Close the panic gate earlier.  HStenn.
@@ -47,6 +81,7 @@
               lots of clients. perlinger@ntp.org
 * [Bug 2971] ntpq bails on ^C: select fails: Interrupted system call
   - changed stacked/nested handling of CTRL-C. perlinger@ntp.org
+  - make CTRL-C work for retrieval and printing od MRU list. perlinger@ntp.org
 * Unity cleanup for FreeBSD-6.4.  Harlan Stenn.
 * Unity test cleanup.  Harlan Stenn.
 * Libevent autoconf pthread fixes for FreeBSD-10.  Harlan Stenn.
@@ -55,9 +90,8 @@
 * Quiet a warning from clang.  Harlan Stenn.
 * Update the NEWS file.  Harlan Stenn.
 * Update scripts/calc_tickadj/Makefile.am.  Harlan Stenn.
+
 ---
-(4.2.8p4) 2015/10/21 Released by Harlan Stenn <stenn@ntp.org>
-(4.2.8p4-RC1) 2015/10/06 Released by Harlan Stenn <stenn@ntp.org>
 
 * [Sec 2899] CVE-2014-9297  perlinger@ntp.org
 * [Sec 2901] Drop invalid packet before checking KoD. Check for all KoD's.
diff --git a/contrib/ntp/CommitLog b/contrib/ntp/CommitLog
index 9caeaa2..26afcc5 100644
--- a/contrib/ntp/CommitLog
+++ b/contrib/ntp/CommitLog
@@ -1,8 +1,633 @@
-ChangeSet@1.3623, 2016-01-07 23:33:11+00:00, stenn@deacon.udel.edu
+ChangeSet@1.3628, 2016-01-20 04:20:12-05:00, stenn@deacon.udel.edu
+  NTP_4_2_8P6
+  TAG: NTP_4_2_8P6
+
+  ChangeLog@1.1793 +1 -0
+    NTP_4_2_8P6
+
+  ntpd/invoke-ntp.conf.texi@1.196 +1 -1
+    NTP_4_2_8P6
+
+  ntpd/invoke-ntp.keys.texi@1.188 +1 -1
+    NTP_4_2_8P6
+
+  ntpd/invoke-ntpd.texi@1.504 +2 -2
+    NTP_4_2_8P6
+
+  ntpd/ntp.conf.5man@1.230 +3 -3
+    NTP_4_2_8P6
+
+  ntpd/ntp.conf.5mdoc@1.230 +2 -3
+    NTP_4_2_8P6
+
+  ntpd/ntp.conf.html@1.183 +60 -2
+    NTP_4_2_8P6
+
+  ntpd/ntp.conf.man.in@1.230 +3 -3
+    NTP_4_2_8P6
+
+  ntpd/ntp.conf.mdoc.in@1.230 +2 -3
+    NTP_4_2_8P6
+
+  ntpd/ntp.keys.5man@1.222 +2 -2
+    NTP_4_2_8P6
+
+  ntpd/ntp.keys.5mdoc@1.222 +3 -3
+    NTP_4_2_8P6
+
+  ntpd/ntp.keys.html@1.184 +21 -33
+    NTP_4_2_8P6
+
+  ntpd/ntp.keys.man.in@1.222 +2 -2
+    NTP_4_2_8P6
+
+  ntpd/ntp.keys.mdoc.in@1.222 +3 -3
+    NTP_4_2_8P6
+
+  ntpd/ntpd-opts.c@1.526 +10 -10
+    NTP_4_2_8P6
+
+  ntpd/ntpd-opts.h@1.525 +4 -4
+    NTP_4_2_8P6
+
+  ntpd/ntpd.1ntpdman@1.333 +4 -4
+    NTP_4_2_8P6
+
+  ntpd/ntpd.1ntpdmdoc@1.333 +3 -3
+    NTP_4_2_8P6
+
+  ntpd/ntpd.html@1.177 +2 -2
+    NTP_4_2_8P6
+
+  ntpd/ntpd.man.in@1.333 +4 -4
+    NTP_4_2_8P6
+
+  ntpd/ntpd.mdoc.in@1.333 +3 -3
+    NTP_4_2_8P6
+
+  ntpdc/invoke-ntpdc.texi@1.501 +2 -2
+    NTP_4_2_8P6
+
+  ntpdc/ntpdc-opts.c@1.519 +10 -10
+    NTP_4_2_8P6
+
+  ntpdc/ntpdc-opts.h@1.518 +4 -4
+    NTP_4_2_8P6
+
+  ntpdc/ntpdc.1ntpdcman@1.332 +4 -4
+    NTP_4_2_8P6
+
+  ntpdc/ntpdc.1ntpdcmdoc@1.332 +3 -3
+    NTP_4_2_8P6
+
+  ntpdc/ntpdc.html@1.345 +2 -2
+    NTP_4_2_8P6
+
+  ntpdc/ntpdc.man.in@1.332 +4 -4
+    NTP_4_2_8P6
+
+  ntpdc/ntpdc.mdoc.in@1.332 +3 -3
+    NTP_4_2_8P6
+
+  ntpq/invoke-ntpq.texi@1.508 +2 -2
+    NTP_4_2_8P6
+
+  ntpq/ntpq-opts.c@1.525 +10 -10
+    NTP_4_2_8P6
+
+  ntpq/ntpq-opts.h@1.523 +4 -4
+    NTP_4_2_8P6
+
+  ntpq/ntpq.1ntpqman@1.336 +4 -4
+    NTP_4_2_8P6
+
+  ntpq/ntpq.1ntpqmdoc@1.336 +3 -3
+    NTP_4_2_8P6
+
+  ntpq/ntpq.html@1.174 +2 -2
+    NTP_4_2_8P6
+
+  ntpq/ntpq.man.in@1.336 +4 -4
+    NTP_4_2_8P6
+
+  ntpq/ntpq.mdoc.in@1.336 +3 -3
+    NTP_4_2_8P6
+
+  ntpsnmpd/invoke-ntpsnmpd.texi@1.503 +2 -2
+    NTP_4_2_8P6
+
+  ntpsnmpd/ntpsnmpd-opts.c@1.521 +10 -10
+    NTP_4_2_8P6
+
+  ntpsnmpd/ntpsnmpd-opts.h@1.520 +4 -4
+    NTP_4_2_8P6
+
+  ntpsnmpd/ntpsnmpd.1ntpsnmpdman@1.332 +4 -4
+    NTP_4_2_8P6
+
+  ntpsnmpd/ntpsnmpd.1ntpsnmpdmdoc@1.332 +3 -3
+    NTP_4_2_8P6
+
+  ntpsnmpd/ntpsnmpd.html@1.172 +1 -1
+    NTP_4_2_8P6
+
+  ntpsnmpd/ntpsnmpd.man.in@1.332 +4 -4
+    NTP_4_2_8P6
+
+  ntpsnmpd/ntpsnmpd.mdoc.in@1.332 +3 -3
+    NTP_4_2_8P6
+
+  packageinfo.sh@1.524 +2 -2
+    NTP_4_2_8P6
+
+  scripts/calc_tickadj/calc_tickadj.1calc_tickadjman@1.93 +3 -3
+    NTP_4_2_8P6
+
+  scripts/calc_tickadj/calc_tickadj.1calc_tickadjmdoc@1.94 +2 -2
+    NTP_4_2_8P6
+
+  scripts/calc_tickadj/calc_tickadj.html@1.95 +1 -1
+    NTP_4_2_8P6
+
+  scripts/calc_tickadj/calc_tickadj.man.in@1.92 +3 -3
+    NTP_4_2_8P6
+
+  scripts/calc_tickadj/calc_tickadj.mdoc.in@1.94 +2 -2
+    NTP_4_2_8P6
+
+  scripts/calc_tickadj/invoke-calc_tickadj.texi@1.97 +1 -1
+    NTP_4_2_8P6
+
+  scripts/invoke-plot_summary.texi@1.114 +2 -2
+    NTP_4_2_8P6
+
+  scripts/invoke-summary.texi@1.114 +2 -2
+    NTP_4_2_8P6
+
+  scripts/ntp-wait/invoke-ntp-wait.texi@1.324 +2 -2
+    NTP_4_2_8P6
+
+  scripts/ntp-wait/ntp-wait-opts@1.60 +2 -2
+    NTP_4_2_8P6
+
+  scripts/ntp-wait/ntp-wait.1ntp-waitman@1.321 +3 -3
+    NTP_4_2_8P6
+
+  scripts/ntp-wait/ntp-wait.1ntp-waitmdoc@1.322 +2 -2
+    NTP_4_2_8P6
+
+  scripts/ntp-wait/ntp-wait.html@1.341 +2 -2
+    NTP_4_2_8P6
+
+  scripts/ntp-wait/ntp-wait.man.in@1.321 +3 -3
+    NTP_4_2_8P6
+
+  scripts/ntp-wait/ntp-wait.mdoc.in@1.322 +2 -2
+    NTP_4_2_8P6
+
+  scripts/ntpsweep/invoke-ntpsweep.texi@1.112 +2 -2
+    NTP_4_2_8P6
+
+  scripts/ntpsweep/ntpsweep-opts@1.62 +2 -2
+    NTP_4_2_8P6
+
+  scripts/ntpsweep/ntpsweep.1ntpsweepman@1.100 +3 -3
+    NTP_4_2_8P6
+
+  scripts/ntpsweep/ntpsweep.1ntpsweepmdoc@1.100 +2 -2
+    NTP_4_2_8P6
+
+  scripts/ntpsweep/ntpsweep.html@1.113 +2 -2
+    NTP_4_2_8P6
+
+  scripts/ntpsweep/ntpsweep.man.in@1.100 +3 -3
+    NTP_4_2_8P6
+
+  scripts/ntpsweep/ntpsweep.mdoc.in@1.101 +2 -2
+    NTP_4_2_8P6
+
+  scripts/ntptrace/invoke-ntptrace.texi@1.113 +2 -2
+    NTP_4_2_8P6
+
+  scripts/ntptrace/ntptrace-opts@1.62 +2 -2
+    NTP_4_2_8P6
+
+  scripts/ntptrace/ntptrace.1ntptraceman@1.100 +3 -3
+    NTP_4_2_8P6
+
+  scripts/ntptrace/ntptrace.1ntptracemdoc@1.101 +2 -2
+    NTP_4_2_8P6
+
+  scripts/ntptrace/ntptrace.html@1.114 +2 -2
+    NTP_4_2_8P6
+
+  scripts/ntptrace/ntptrace.man.in@1.100 +3 -3
+    NTP_4_2_8P6
+
+  scripts/ntptrace/ntptrace.mdoc.in@1.102 +2 -2
+    NTP_4_2_8P6
+
+  scripts/plot_summary-opts@1.62 +2 -2
+    NTP_4_2_8P6
+
+  scripts/plot_summary.1plot_summaryman@1.112 +3 -3
+    NTP_4_2_8P6
+
+  scripts/plot_summary.1plot_summarymdoc@1.112 +2 -2
+    NTP_4_2_8P6
+
+  scripts/plot_summary.html@1.115 +2 -2
+    NTP_4_2_8P6
+
+  scripts/plot_summary.man.in@1.112 +3 -3
+    NTP_4_2_8P6
+
+  scripts/plot_summary.mdoc.in@1.112 +2 -2
+    NTP_4_2_8P6
+
+  scripts/summary-opts@1.62 +2 -2
+    NTP_4_2_8P6
+
+  scripts/summary.1summaryman@1.112 +3 -3
+    NTP_4_2_8P6
+
+  scripts/summary.1summarymdoc@1.112 +2 -2
+    NTP_4_2_8P6
+
+  scripts/summary.html@1.115 +2 -2
+    NTP_4_2_8P6
+
+  scripts/summary.man.in@1.112 +3 -3
+    NTP_4_2_8P6
+
+  scripts/summary.mdoc.in@1.112 +2 -2
+    NTP_4_2_8P6
+
+  scripts/update-leap/invoke-update-leap.texi@1.13 +1 -1
+    NTP_4_2_8P6
+
+  scripts/update-leap/update-leap-opts@1.13 +2 -2
+    NTP_4_2_8P6
+
+  scripts/update-leap/update-leap.1update-leapman@1.13 +3 -3
+    NTP_4_2_8P6
+
+  scripts/update-leap/update-leap.1update-leapmdoc@1.13 +2 -2
+    NTP_4_2_8P6
+
+  scripts/update-leap/update-leap.html@1.13 +1 -1
+    NTP_4_2_8P6
+
+  scripts/update-leap/update-leap.man.in@1.13 +3 -3
+    NTP_4_2_8P6
+
+  scripts/update-leap/update-leap.mdoc.in@1.13 +2 -2
+    NTP_4_2_8P6
+
+  sntp/invoke-sntp.texi@1.501 +2 -2
+    NTP_4_2_8P6
+
+  sntp/sntp-opts.c@1.520 +10 -10
+    NTP_4_2_8P6
+
+  sntp/sntp-opts.h@1.518 +4 -4
+    NTP_4_2_8P6
+
+  sntp/sntp.1sntpman@1.336 +4 -4
+    NTP_4_2_8P6
+
+  sntp/sntp.1sntpmdoc@1.336 +3 -3
+    NTP_4_2_8P6
+
+  sntp/sntp.html@1.516 +2 -2
+    NTP_4_2_8P6
+
+  sntp/sntp.man.in@1.336 +4 -4
+    NTP_4_2_8P6
+
+  sntp/sntp.mdoc.in@1.336 +3 -3
+    NTP_4_2_8P6
+
+  util/invoke-ntp-keygen.texi@1.504 +2 -2
+    NTP_4_2_8P6
+
+  util/ntp-keygen-opts.c@1.522 +10 -10
+    NTP_4_2_8P6
+
+  util/ntp-keygen-opts.h@1.520 +4 -4
+    NTP_4_2_8P6
+
+  util/ntp-keygen.1ntp-keygenman@1.332 +4 -4
+    NTP_4_2_8P6
+
+  util/ntp-keygen.1ntp-keygenmdoc@1.332 +3 -3
+    NTP_4_2_8P6
+
+  util/ntp-keygen.html@1.178 +2 -2
+    NTP_4_2_8P6
+
+  util/ntp-keygen.man.in@1.332 +4 -4
+    NTP_4_2_8P6
+
+  util/ntp-keygen.mdoc.in@1.332 +3 -3
+    NTP_4_2_8P6
+
+ChangeSet@1.3627, 2016-01-20 04:14:51-05:00, stenn@deacon.udel.edu
+  solaris hack
+
+  libntp/work_thread.c@1.20 +2 -0
+    solaris hack
+
+ChangeSet@1.3626, 2016-01-20 01:50:09-05:00, stenn@deacon.udel.edu
+  4.2.8p6
+
+  packageinfo.sh@1.523 +1 -1
+    4.2.8p6
+
+ChangeSet@1.3625, 2016-01-20 00:34:15+00:00, stenn@psp-deb1.ntp.org
+  updates
+
+  NEWS@1.160 +24 -24
+    updates
+
+ChangeSet@1.3624, 2016-01-19 22:28:41+00:00, stenn@psp-deb1.ntp.org
+  typo
+
+  NEWS@1.159 +1 -1
+    typo
+
+ChangeSet@1.3623, 2016-01-18 11:55:56+00:00, stenn@psp-deb1.ntp.org
+  [Sec 2936] Skeleton Key: Any trusted key system can serve time. HStenn.
+
+  ChangeLog@1.1792 +1 -0
+    [Sec 2936] Skeleton Key: Any trusted key system can serve time. HStenn.
+
+  NEWS@1.158 +40 -0
+    [Sec 2936] Skeleton Key: Any trusted key system can serve time. HStenn.
+
+  include/Makefile.am@1.54 +1 -0
+    [Sec 2936] Skeleton Key: Any trusted key system can serve time. HStenn.
+
+  include/ntp_io.h@1.23 +2 -1
+    [Sec 2936] Skeleton Key: Any trusted key system can serve time. HStenn.
+
+  include/ntp_keyacc.h@1.1 +13 -0
+    BitKeeper file /home/stenn/ntp-stable-2936/include/ntp_keyacc.h
+
+  include/ntp_keyacc.h@1.0 +0 -0
+
+  include/ntp_stdlib.h@1.81 +4 -1
+    [Sec 2936] Skeleton Key: Any trusted key system can serve time. HStenn.
+
+  include/ntp_types.h@1.36 +1 -0
+    [Sec 2936] Skeleton Key: Any trusted key system can serve time. HStenn.
+
+  libntp/Makefile.am@1.77 +1 -0
+    [Sec 2936] Skeleton Key: Any trusted key system can serve time. HStenn.
+
+  libntp/authkeys.c@1.31 +60 -6
+    [Sec 2936] Skeleton Key: Any trusted key system can serve time. HStenn.
+
+  libntp/authreadkeys.c@1.25 +50 -1
+    [Sec 2936] Skeleton Key: Any trusted key system can serve time. HStenn.
+
+  libntp/authusekey.c@1.11 +1 -1
+    [Sec 2936] Skeleton Key: Any trusted key system can serve time. HStenn.
+
+  libntp/is_ip_address.c@1.1 +129 -0
+    BitKeeper file /home/stenn/ntp-stable-2936/libntp/is_ip_address.c
+
+  libntp/is_ip_address.c@1.0 +0 -0
+
+  ntpd/invoke-ntp.keys.texi@1.187 +11 -3
+    [Sec 2936] Skeleton Key: Any trusted key system can serve time. HStenn.
+
+  ntpd/ntp.keys.5man@1.221 +13 -5
+    [Sec 2936] Skeleton Key: Any trusted key system can serve time. HStenn.
+
+  ntpd/ntp.keys.5mdoc@1.221 +14 -6
+    [Sec 2936] Skeleton Key: Any trusted key system can serve time. HStenn.
+
+  ntpd/ntp.keys.def@1.11 +10 -2
+    [Sec 2936] Skeleton Key: Any trusted key system can serve time. HStenn.
+
+  ntpd/ntp.keys.html@1.183 +42 -22
+    [Sec 2936] Skeleton Key: Any trusted key system can serve time. HStenn.
+
+  ntpd/ntp.keys.man.in@1.221 +13 -5
+    [Sec 2936] Skeleton Key: Any trusted key system can serve time. HStenn.
+
+  ntpd/ntp.keys.mdoc.in@1.221 +14 -6
+    [Sec 2936] Skeleton Key: Any trusted key system can serve time. HStenn.
+
+  ntpd/ntp_crypto.c@1.186 +1 -1
+    [Sec 2936] Skeleton Key: Any trusted key system can serve time. HStenn.
+
+  ntpd/ntp_io.c@1.412 +0 -72
+    [Sec 2936] Skeleton Key: Any trusted key system can serve time. HStenn.
+
+  ntpd/ntp_proto.c@1.373 +34 -0
+    [Sec 2936] Skeleton Key: Any trusted key system can serve time. HStenn.
+
+  tests/libntp/authkeys.c@1.15 +1 -1
+    [Sec 2936] Skeleton Key: Any trusted key system can serve time. HStenn.
+
+ChangeSet@1.3622, 2016-01-17 09:03:57+00:00, stenn@psp-deb1.ntp.org
+  Disable incomplete t-ntp_signd.c test.  Harlan Stenn.
+
+  ChangeLog@1.1791 +1 -0
+    Disable incomplete t-ntp_signd.c test.  Harlan Stenn.
+
+  tests/ntpd/t-ntp_signd.c@1.16 +4 -0
+    Disable incomplete t-ntp_signd.c test.  Harlan Stenn.
+
+ChangeSet@1.3621, 2016-01-17 05:51:14+00:00, stenn@psp-deb1.ntp.org
+  Update NEWS file for 2942
+
+  NEWS@1.157 +22 -0
+    Update NEWS file for 2942
+
+ChangeSet@1.3615.13.1, 2016-01-17 05:07:22+00:00, stenn@psp-deb1.ntp.org
+  [Sec 2942]: Off-path DoS attack on auth broadcast mode.  HStenn.
+
+  ChangeLog@1.1786.13.1 +4 -0
+    [Sec 2942]: Off-path DoS attack on auth broadcast mode.  HStenn.
+
+  html/miscopt.html@1.85 +11 -3
+    [Sec 2942]: Off-path DoS attack on auth broadcast mode.  HStenn.
+
+  include/ntp.h@1.213.1.1 +3 -0
+    [Sec 2942]: Off-path DoS attack on auth broadcast mode.  HStenn.
+
+  ntpd/invoke-ntp.conf.texi@1.195 +64 -3
+    [Sec 2942]: Off-path DoS attack on auth broadcast mode.  HStenn.
+
+  ntpd/keyword-gen-utd@1.27 +1 -1
+    [Sec 2942]: Off-path DoS attack on auth broadcast mode.  HStenn.
+
+  ntpd/keyword-gen.c@1.33 +3 -0
+    [Sec 2942]: Off-path DoS attack on auth broadcast mode.  HStenn.
+
+  ntpd/ntp.conf.5man@1.229 +71 -7
+    [Sec 2942]: Off-path DoS attack on auth broadcast mode.  HStenn.
+
+  ntpd/ntp.conf.5mdoc@1.229 +71 -7
+    [Sec 2942]: Off-path DoS attack on auth broadcast mode.  HStenn.
+
+  ntpd/ntp.conf.def@1.21 +67 -4
+    [Sec 2942]: Off-path DoS attack on auth broadcast mode.  HStenn.
+
+  ntpd/ntp.conf.man.in@1.229 +71 -7
+    [Sec 2942]: Off-path DoS attack on auth broadcast mode.  HStenn.
+
+  ntpd/ntp.conf.mdoc.in@1.229 +71 -7
+    [Sec 2942]: Off-path DoS attack on auth broadcast mode.  HStenn.
+
+  ntpd/ntp_config.c@1.335.1.1 +12 -0
+    [Sec 2942]: Off-path DoS attack on auth broadcast mode.  HStenn.
+
+  ntpd/ntp_keyword.h@1.29 +505 -468
+    [Sec 2942]: Off-path DoS attack on auth broadcast mode.  HStenn.
+
+  ntpd/ntp_parser.c@1.101 +1762 -1513
+    [Sec 2942]: Off-path DoS attack on auth broadcast mode.  HStenn.
+
+  ntpd/ntp_parser.h@1.65 +257 -235
+    [Sec 2942]: Off-path DoS attack on auth broadcast mode.  HStenn.
+
+  ntpd/ntp_parser.y@1.91 +6 -0
+    [Sec 2942]: Off-path DoS attack on auth broadcast mode.  HStenn.
+
+  ntpd/ntp_proto.c@1.368.2.1 +40 -4
+    [Sec 2942]: Off-path DoS attack on auth broadcast mode.  HStenn.
+
+ChangeSet@1.3619, 2016-01-14 12:19:16+00:00, stenn@psp-at1.ntp.org
+  NEWS file updates
+
+  NEWS@1.156 +21 -0
+    NEWS file updates
+
+ChangeSet@1.3615.1.9, 2016-01-14 11:33:43+00:00, stenn@psp-at1.ntp.org
+  merge cleanup
+
+  ChangeLog@1.1786.1.9 +3 -0
+    merge cleanup
+
+ChangeSet@1.3615.1.5, 2016-01-14 10:44:13+00:00, stenn@psp-at1.ntp.org
+  merge cleanup
+
+  ChangeLog@1.1786.1.5 +0 -1
+    merge cleanup
+
+ChangeSet@1.3615.12.4, 2016-01-14 10:27:23+00:00, stenn@psp-at1.ntp.org
+  merge cleanup
+
+  ChangeLog@1.1786.12.4 +1 -1
+    merge cleanup
+
+ChangeSet@1.3615.12.2, 2016-01-14 09:49:52+00:00, stenn@psp-at1.ntp.org
+  merge cleanup
+
+  ChangeLog@1.1786.12.2 +2 -2
+    merge cleanup
+
+ChangeSet@1.3615.3.17, 2016-01-14 09:33:56+00:00, stenn@psp-at1.ntp.org
+  merge cleanup
+
+  ChangeLog@1.1786.3.14 +1 -1
+    merge cleanup
+
+ChangeSet@1.3615.3.14, 2016-01-14 07:36:57+00:00, stenn@psp-at1.ntp.org
+  NEWS update
+
+  NEWS@1.155 +98 -7
+    NEWS update
+
+ChangeSet@1.3615.3.12, 2016-01-13 08:07:30+00:00, stenn@psp-deb1.ntp.org
+  typo
+
+  ChangeLog@1.1786.3.10 +1 -1
+    typo
+
+ChangeSet@1.3615.3.10, 2016-01-13 06:08:29+00:00, stenn@psp-deb1.ntp.org
+  Update NEWS file for bug 2938
+
+  NEWS@1.154 +29 -2
+    Update NEWS file for bug 2938
+
+ChangeSet@1.3615.3.8, 2016-01-13 04:23:46+00:00, stenn@psp-deb1.ntp.org
+  Update NEWS file for bug 2935
+
+  NEWS@1.153 +52 -0
+    Update NEWS file for bug 2935
+
+ChangeSet@1.3615.7.12, 2016-01-12 09:53:06+00:00, stenn@psp-at1.ntp.org
+  [Sec 2935] use L_SUB instead of L_ISGT.  Juergen Perlinger
+
+  ntpd/ntp_proto.c@1.368.1.5 +4 -1
+    [Sec 2935] use L_SUB instead of L_ISGT.  Juergen Perlinger
+
+ChangeSet@1.3615.7.11, 2016-01-11 03:02:53-08:00, harlan@max.pfcs.com
+  [Sec 2935] Deja Vu: Replay attack on authenticated broadcast mode.
+
+  ChangeLog@1.1786.9.1 +4 -0
+    [Sec 2935] Deja Vu: Replay attack on authenticated broadcast mode.
+
+  include/ntp.h@1.215 +1 -0
+    [Sec 2935] Deja Vu: Replay attack on authenticated broadcast mode.
+
+  ntpd/ntp_proto.c@1.368.1.4 +67 -0
+    [Sec 2935] Deja Vu: Replay attack on authenticated broadcast mode.
+
+ChangeSet@1.3615.7.10, 2016-01-11 02:44:25-08:00, harlan@max.pfcs.com
+  make leapsec_query messages less verbose.
+
+  ntpd/ntp_timer.c@1.93.1.1 +6 -4
+    make leapsec_query messages less verbose.
+
+ChangeSet@1.3615.9.1, 2016-01-11 10:26:12+01:00, jnperlin@hydra.localnet
+  [Bug 2985] bogus calculation in authkeys.c
+   - implement 'auth_log2()' using integer bithack instead of float calculation
+
+  ChangeLog@1.1786.7.5 +2 -0
+    [Bug 2985] bogus calculation in authkeys.c
+     - implement 'auth_log2()' using integer bithack instead of float calculation
+
+  libntp/authkeys.c@1.30 +33 -10
+    [Bug 2985] bogus calculation in authkeys.c
+     - implement 'auth_log2()' using integer bithack instead of float calculation
+
+  tests/libntp/authkeys.c@1.14 +38 -0
+    [Bug 2985] bogus calculation in authkeys.c
+     - test bithack implementation of 'auth_log2()'
+
+  tests/libntp/run-authkeys.c@1.12 +9 -6
+    [Bug 2985] bogus calculation in authkeys.c
+     - update auto-generated file
+
+ChangeSet@1.3615.7.9, 2016-01-09 09:52:44+00:00, stenn@psp-at1.ntp.org
+  Add timelastrec to the peer structure
+
+  include/ntp.h@1.214 +2 -1
+    Add timelastrec to the peer structure
+
+ChangeSet@1.3615.3.6, 2016-01-08 10:00:03+00:00, stenn@psp-at1.ntp.org
+  4.2.8p5 merge cleanup
+
+  ChangeLog@1.1786.3.6 +1 -1
+    4.2.8p5 merge cleanup
+
+ChangeSet@1.3615.7.8, 2016-01-08 00:26:09+00:00, stenn@deacon.udel.edu
+  Update copyright year
+
+  sntp/include/copyright.def@1.26 +1 -1
+    Update copyright year
+
+ChangeSet@1.3615.7.7, 2016-01-07 23:33:11+00:00, stenn@deacon.udel.edu
   NTP_4_2_8P5
   TAG: NTP_4_2_8P5
 
-  ChangeLog@1.1791 +1 -0
+  ChangeLog@1.1786.7.4 +1 -0
     NTP_4_2_8P5
 
   ntpd/invoke-ntp.conf.texi@1.194 +1 -1
@@ -332,60 +957,349 @@ ChangeSet@1.3623, 2016-01-07 23:33:11+00:00, stenn@deacon.udel.edu
   util/ntp-keygen.mdoc.in@1.331 +2 -2
     NTP_4_2_8P5
 
-ChangeSet@1.3622, 2016-01-07 17:52:24-05:00, stenn@deacon.udel.edu
+ChangeSet@1.3615.7.6, 2016-01-07 17:52:24-05:00, stenn@deacon.udel.edu
   ntp-4.2.8p5
 
   packageinfo.sh@1.521 +1 -1
     ntp-4.2.8p5
 
-ChangeSet@1.3621, 2016-01-07 22:20:05+00:00, stenn@psp-at1.ntp.org
+ChangeSet@1.3615.7.5, 2016-01-07 22:20:05+00:00, stenn@psp-at1.ntp.org
   cleanup
 
   NEWS@1.152 +2 -2
     cleanup
 
-ChangeSet@1.3620, 2016-01-07 09:33:11+00:00, stenn@psp-at1.ntp.org
+ChangeSet@1.3615.7.4, 2016-01-07 09:33:11+00:00, stenn@psp-at1.ntp.org
   typo in ntp_proto.c - leap smear.  Reported by Martin Burnicki
 
-  ntpd/ntp_proto.c@1.371 +1 -1
+  ntpd/ntp_proto.c@1.368.1.3 +1 -1
     typo in ntp_proto.c - leap smear.  Reported by Martin Burnicki
 
-ChangeSet@1.3619, 2016-01-07 06:33:08+00:00, stenn@psp-at1.ntp.org
+ChangeSet@1.3615.7.3, 2016-01-07 06:33:08+00:00, stenn@psp-at1.ntp.org
   Update scripts/calc_tickadj/Makefile.am.  Harlan Stenn.
 
-  ChangeLog@1.1790 +1 -0
+  ChangeLog@1.1786.7.3 +1 -0
     Update scripts/calc_tickadj/Makefile.am.  Harlan Stenn.
 
   scripts/calc_tickadj/Makefile.am@1.11 +2 -0
     Update scripts/calc_tickadj/Makefile.am.  Harlan Stenn.
 
-ChangeSet@1.3616.1.1, 2016-01-05 10:57:45+00:00, stenn@psp-at1.ntp.org
+ChangeSet@1.3615.3.2, 2016-01-05 12:34:56+00:00, stenn@psp-at1.ntp.org
+  ntp-4.2.8p6
+
+  ChangeLog@1.1786.3.2 +2 -0
+    ntp-4.2.8p6
+
+ChangeSet@1.3615.8.1, 2016-01-05 10:57:45+00:00, stenn@psp-at1.ntp.org
   Bug 2952 fixes
 
-  ChangeLog@1.1787.1.1 +1 -0
+  ChangeLog@1.1786.8.1 +1 -0
     Bug 2952 fixes
 
-  ntpd/ntp_proto.c@1.370 +165 -152
+  ntpd/ntp_proto.c@1.368.1.2 +165 -152
     Bug 2952 fixes
 
-ChangeSet@1.3617, 2016-01-05 09:56:31+00:00, stenn@psp-at1.ntp.org
+ChangeSet@1.3615.7.1, 2016-01-05 09:56:31+00:00, stenn@psp-at1.ntp.org
   ntp-4.2.8p5 prep
 
-  ChangeLog@1.1788 +2 -1
+  ChangeLog@1.1786.7.1 +2 -1
     ntp-4.2.8p5 prep
 
   NEWS@1.151 +104 -3
     ntp-4.2.8p5 prep
 
-ChangeSet@1.3616, 2015-12-06 11:20:02+00:00, stenn@psp-deb1.ntp.org
+ChangeSet@1.3615.5.1, 2015-12-13 13:35:12+01:00, jnperlin@hydra.localnet
+  [Bug 2892] Several test cases assume IPv6 capabilities even when IPv6 is disabled in the build
+    Found this already fixed, but validation lead to further cleanup:
+     - source code formatting
+     - inline variable definitions moved to start of block
+     - made some pure input data pointers 'const void*' instead of 'char*'; avoids casts and warnings
+
+  ChangeLog@1.1786.5.1 +3 -0
+    [Bug 2892] Several test cases assume IPv6 capabilities even when IPv6 is disabled in the build
+
+  sntp/crypto.c@1.19 +13 -12
+    [Bug 2892] Several test cases assume IPv6 capabilities even when IPv6 is disabled in the build
+     - sidekick: make pure input pointers 'const void*' instead of 'char*'
+     - sidekick: remove unnecessary casts
+
+  sntp/crypto.h@1.11 +11 -9
+    [Bug 2892] Several test cases assume IPv6 capabilities even when IPv6 is disabled in the build
+     - sidekick: make pure input pointers 'const void*' instead of 'char*'
+     - source formatting
+
+  sntp/main.c@1.99 +1 -1
+    [Bug 2892] Several test cases assume IPv6 capabilities even when IPv6 is disabled in the build
+     - no need to cast input to 'make_mac()' any more
+
+  sntp/networking.c@1.68 +1 -1
+    [Bug 2892] Several test cases assume IPv6 capabilities even when IPv6 is disabled in the build
+     - no need to cast input to 'auth_md5()' any more
+
+  sntp/tests/crypto.c@1.10 +41 -27
+    [Bug 2892] Several test cases assume IPv6 capabilities even when IPv6 is disabled in the build
+     - remove unnecessary casts
+     - source code formatting
+
+  sntp/tests/fileHandlingTest.c@1.4 +43 -20
+    [Bug 2892] Several test cases assume IPv6 capabilities even when IPv6 is disabled in the build
+     - create 'DestroyPath()' companion to 'CreatePath()' to avoid trouble with 'free()' on 'const char*'
+
+  sntp/tests/fileHandlingTest.h.in@1.15 +6 -15
+    [Bug 2892] Several test cases assume IPv6 capabilities even when IPv6 is disabled in the build
+     - create 'DestroyPath()' companion to 'CreatePath()' to avoid trouble with 'free()' on 'const char*'
+
+  sntp/tests/keyFile.c@1.13 +66 -46
+    [Bug 2892] Several test cases assume IPv6 capabilities even when IPv6 is disabled in the build
+     - use 'DestroyPath()' avoid trouble with 'free()' on 'const char*'
+     - printf() combined
+     - source code formatting
+     - move variable declarations to front
+
+  sntp/tests/packetHandling.c@1.6 +75 -64
+    [Bug 2892] Several test cases assume IPv6 capabilities even when IPv6 is disabled in the build
+     - move variable declarations to front
+     - source code formatting
+
+  sntp/tests/packetProcessing.c@1.9 +124 -90
+    [Bug 2892] Several test cases assume IPv6 capabilities even when IPv6 is disabled in the build
+     - move variable declarations to front
+     - source code formatting
+     - drop unnecessary casts
+
+  sntp/tests/run-packetProcessing.c@1.10 +18 -18
+    [Bug 2892] Several test cases assume IPv6 capabilities even when IPv6 is disabled in the build
+
+  sntp/unity/unity_internals.h@1.6 +1 -1
+    [Bug 2892] Several test cases assume IPv6 capabilities even when IPv6 is disabled in the build
+     - added missing 'const' in pointer casts
+
+  tests/libntp/decodenetnum.c@1.11 +33 -23
+    [Bug 2892] Several test cases assume IPv6 capabilities even when IPv6 is disabled in the build
+     - source code formatting +  cleanup
+
+  tests/libntp/run-decodenetnum.c@1.11 +4 -4
+    [Bug 2892] Several test cases assume IPv6 capabilities even when IPv6 is disabled in the build
+
+  tests/libntp/run-socktoa.c@1.14 +5 -5
+    [Bug 2892] Several test cases assume IPv6 capabilities even when IPv6 is disabled in the build
+
+  tests/libntp/socktoa.c@1.12 +23 -17
+    [Bug 2892] Several test cases assume IPv6 capabilities even when IPv6 is disabled in the build
+     - source code formatting +  cleanup
+
+ChangeSet@1.3615.4.1, 2015-12-11 18:24:16+01:00, jnperlin@hydra.localnet
+  [Bug 2882] Look at ntp_request.c:list_peers_sum()
+
+  ChangeLog@1.1786.4.1 +1 -0
+    [Bug 2882] Look at ntp_request.c:list_peers_sum()
+
+  ntpd/ntp_request.c@1.116 +57 -72
+    [Bug 2882] Look at ntp_request.c:list_peers_sum()
+     - 'list_peers()' and 'list_peers_sum()' skip IPv6 entires if client does not support them,
+       but continue processing until end of list now.
+
+ChangeSet@1.3615.1.3, 2015-12-09 18:23:31+01:00, jnperlin@hydra.localnet
+  [Bug 2891] Deadlock in deferred DNS lookup framework.
+
+  ChangeLog@1.1786.1.3 +1 -0
+    [Bug 2891] Deadlock in deferred DNS lookup framework.
+
+  include/ntp_worker.h@1.5 +31 -22
+    [Bug 2891] Deadlock in deferred DNS lookup framework.
+     - provide signal-safe result-ready detection
+
+  libntp/ntp_worker.c@1.7 +27 -0
+    [Bug 2891] Deadlock in deferred DNS lookup framework.
+     - support signal-safe result-ready detection
+     - provide function to harvest async results from mainloop
+
+  ntpd/ntp_io.c@1.409.1.1 +160 -133
+    [Bug 2891] Deadlock in deferred DNS lookup framework.
+     - do not process async-resolver results from signal handler
+     - set notification tags to harvest asyn-resolver results from mainloop
+     - avoid double select for synchronous IO
+     - avoid several syslog calls in signal-handler context
+     - refactor / conditionalize some functions that cannot be used in signal-driven IO
+
+  ntpd/ntpd.c@1.169 +4 -0
+    [Bug 2891] Deadlock in deferred DNS lookup framework.
+     - reap/harvest async resolver results from mainloop
+
+ChangeSet@1.3615.1.2, 2015-12-06 21:33:26+01:00, jnperlin@hydra.localnet
+  [Bug 2814] msyslog deadlock when signaled. perlinger@ntp.org
+   - applied patch by shenpeng11@huawei.com with minor adjustments
+
+  ChangeLog@1.1786.1.2 +2 -0
+    [Bug 2814] msyslog deadlock when signaled. perlinger@ntp.org
+     - applied patch by shenpeng11@huawei.com with minor adjustments
+
+  ntpd/ntpd.c@1.168 +26 -3
+    [Bug 2814] msyslog deadlock when signaled. perlinger@ntp.org
+     - applied patch by shenpeng11@huawei.com with minor adjustments
+
+ChangeSet@1.3615.2.1, 2015-12-06 20:19:32+01:00, jnperlin@hydra.localnet
+  [Bug 2772] adj_systime overflows tv_usec
+
+  ChangeLog@1.1786.2.1 +1 -0
+    [Bug 2772] adj_systime overflows tv_usec
+
+  libntp/systime.c@1.71 +12 -3
+    [Bug 2772] adj_systime overflows tv_usec
+     - add missing normalisation for nitpicking implementations of 'adjtime()'
+
+ChangeSet@1.3615.1.1, 2015-12-06 11:20:02+00:00, stenn@psp-deb1.ntp.org
   Quiet a warning from clang.  Harlan Stenn.
 
-  ChangeLog@1.1787 +1 -0
+  ChangeLog@1.1786.1.1 +1 -0
     Quiet a warning from clang.  Harlan Stenn.
 
   libntp/ntp_rfc2553.c@1.50 +3 -2
     Quiet a warning from clang.  Harlan Stenn.
 
+ChangeSet@1.3616, 2015-12-05 20:28:19+00:00, perlinger@psp-deb1.ntp.org
+  [Bug 2980] reduce number of warnings
+   - string formatting(arguments should be literals)
+   - applying constness where necessary
+   - removing bad consts that are superfluous
+   - avoid signed/unsigned clashes in conditionals (either by cast or type change)
+   - signed/unsigned and promotion conflicts
+   - add prototypes for function pointer tables
+   - force unsigned argument promotion in calls to 'ctype' functions (is{digit,cntrl,...})
+
+  ChangeLog@1.1787 +2 -0
+    [Bug 2980] reduce number of warnings
+
+  include/parse.h@1.14 +3 -3
+    [Bug 2980] reduce number of warnings
+     - make GPSWRAP and GPSWEEK unqualified literals to avoid signed/unsigned clashes
+
+  ntpd/ntp_config.c@1.336 +2 -0
+    [Bug 2980] reduce number of warnings
+     - add forward declaration of yyparse()
+
+  ntpd/ntp_io.c@1.410 +1 -1
+    [Bug 2980] reduce number of warnings
+     - fix a signedness comparison by adding a cast to size_t
+
+  ntpd/ntp_scanner.c@1.49 +1 -1
+    [Bug 2980] reduce number of warnings
+     - for type compatibility, make counter 'i' a size_t
+
+  ntpd/ntp_timer.c@1.94 +5 -6
+    [Bug 2980] reduce number of warnings
+     - fix a signed / unsigned compare
+
+  ntpd/refclock_chu.c@1.58 +1 -1
+    [Bug 2980] reduce number of warnings
+     - rewrite check to avoid warning about integer overflow
+
+  ntpd/refclock_gpsdjson.c@1.24 +13 -15
+    [Bug 2980] reduce number of warnings
+     - reshuffle to use a literal format string
+     - fix signed/unsigned clashes in compare
+
+  ntpd/refclock_jjy.c@1.30 +47 -44
+    Bug 2980 - reduce number of warnings
+     - make several pointers 'const char*'
+     - add prototypes for function pointer tables
+     - force unsigned argument promotion in calls to 'ctype' functions (is{digit,cntrl,...})
+
+  ntpd/refclock_shm.c@1.39 +1 -1
+    [Bug 2980] reduce number of warnings
+     - fix signed/unsigned clashes in compare
+
+  ntpq/ntpq-subs.c@1.114.1.1 +1 -1
+    [Bug 2980] reduce number of warnings
+     - avoid signed/unsigned clashe in compare
+
+  ntpq/ntpq.c@1.165.1.1 +47 -7
+    [Bug 2980] reduce number of warnings
+     - avoid juggling with formatting into dynamic buffers by a 'asprintf' like function
+
+  sntp/libopts/configfile.c@1.24 +22 -22
+    [Bug 2980] reduce number of warnings
+     - add some pointer constness to avoid casting it away
+
+  sntp/libopts/enum.c@1.14 +5 -5
+    [Bug 2980] reduce number of warnings
+     - avoid some unnecessary casts
+     - avoid shift/promote ambiguity by proper typing
+
+  sntp/libopts/find.c@1.13 +1 -1
+    [Bug 2980] reduce number of warnings
+     - Use VOIDP instead of a (char*) cast
+
+  sntp/libopts/init.c@1.9 +2 -3
+    [Bug 2980] reduce number of warnings
+     - use VOIDP() to replace a complicated double cast
+     - remove one useless cast
+
+  sntp/libopts/load.c@1.22 +1 -1
+    [Bug 2980] reduce number of warnings
+     - remove a useless cast
+
+  sntp/libopts/makeshell.c@1.21 +3 -3
+    [Bug 2980] reduce number of warnings
+     - fix integer promotion in calls to toupper/tolower
+
+  sntp/libopts/nested.c@1.17 +3 -1
+    [Bug 2980] reduce number of warnings
+     - avoid casting away constness by using a helper variable
+
+  sntp/libopts/parse-duration.c@1.15 +8 -2
+    [Bug 2980] reduce number of warnings
+     - avoid casting away constness by using a helper variable
+
+  sntp/libopts/reset.c@1.18 +1 -1
+    [Bug 2980] reduce number of warnings
+     - remove a useless cast
+
+  sntp/libopts/save.c@1.19 +2 -2
+    [Bug 2980] reduce number of warnings
+     - use VOIDP() instead of cast via (void**)
+
+  sntp/libopts/tokenize.c@1.14 +1 -1
+    [Bug 2980] reduce number of warnings
+     - add a required const qualification
+
+ChangeSet@1.3597.1.5, 2015-12-05 14:29:10+01:00, jnperlin@hydra.localnet
+  [Bug 2971] ntpq bails on ^C: select fails: Interrupted system call
+    - make CTRL-C work for retrieval and printing od MRU list.
+
+  ChangeLog@1.1770.1.3 +1 -0
+    [Bug 2971] ntpq bails on ^C: select fails: Interrupted system call
+      - make CTRL-C work for retrieval and printing od MRU list.
+
+  ntpq/ntpq-subs.c@1.115 +6 -0
+    [Bug 2971] ntpq bails on ^C: select fails: Interrupted system call
+     - make CTRL-C work for retrieval and printing od MRU list:
+        1) CTRL-C while collecting terminates the assembling of respose.
+        2) CTRL-C while printing will terminate the print loop.
+        3) both work independently of each other.
+
+  ntpq/ntpq.c@1.166 +16 -0
+    [Bug 2971] ntpq bails on ^C: select fails: Interrupted system call
+     - when collecting fragments, CTRL-C will try to cleanly return the list of fragments so far.
+
+ChangeSet@1.3597.5.1, 2015-12-05 13:44:57+01:00, jnperlin@hydra.localnet
+  [Bug 2905] DNS lookups broken.
+    - added limits to stack consumption, fixed some return code handling
+
+  ChangeLog@1.1770.5.1 +2 -0
+    [Bug 2905] DNS lookups broken.
+      - added limits to stack consumption, fixed some return code handling
+
+  libntp/work_thread.c@1.19 +55 -17
+    [Bug 2905] DNS lookups broken.
+     - added limits to stack consumption
+     - fixed some return code handling
+     - harden queue handling
+
+  ntpd/ntpd.c@1.166.1.1 +21 -4
+    [Bug 2905] DNS lookups broken.
+      - added limits to stack consumption of wartmup thread
+
 ChangeSet@1.3615, 2015-12-05 10:41:51+00:00, stenn@psp-at1.ntp.org
   CID 1341677: Nits in sntp/tests/keyFile.c.  HStenn.
 
@@ -1113,7 +2027,7 @@ ChangeSet@1.3584.1.1, 2015-11-13 22:54:35+01:00, jnperlin@hydra.localnet
     [Bug 2962] truncation of size_t/ptrdiff_t on 64bit targets
      - avoid 'unused' warnings
 
-  ntpd/ntp_proto.c@1.369 +8 -6
+  ntpd/ntp_proto.c@1.368.1.1 +8 -6
     [Bug 2962] truncation of size_t/ptrdiff_t on 64bit targets
      - promote use of 'size_t' for values that express a size
      - format string fixes 
@@ -1164,7 +2078,7 @@ ChangeSet@1.3584.1.1, 2015-11-13 22:54:35+01:00, jnperlin@hydra.localnet
      - promote use of 'size_t' for values that express a size
      - avoid truncation of SOCKET handles
 
-  ntpdc/ntpdc.c@1.105 +36 -34
+  ntpdc/ntpdc.c@1.104.1.1 +36 -34
     [Bug 2962] truncation of size_t/ptrdiff_t on 64bit targets
      - promote use of 'size_t' for values that express a size
      - format string fixes
@@ -1827,6 +2741,31 @@ ChangeSet@1.3574, 2015-10-20 08:00:43+00:00, stenn@psp-deb1.ntp.org
   NEWS@1.149 +16 -16
     Update CVEs
 
+ChangeSet@1.3558.8.1, 2015-10-17 23:19:57+02:00, jnperlin@hydra.localnet
+  [Bug 2945] Zero Origin Timestamp Bypass
+
+  ChangeLog@1.1743.8.1 +2 -0
+    [Bug 2945] Zero Origin Timestamp Bypass
+
+  ntpd/ntp_proto.c@1.364.2.1 +9 -1
+    [Bug 2945] Zero Origin Timestamp Bypass
+     - in basic mode 'aorg' is cleared to indicate a response has been received. So a reply has to be dropped
+       when it either does not match the origin timestamp OR the origin time stamp is zero.
+
+ChangeSet@1.3558.7.1, 2015-10-17 21:15:39+02:00, jnperlin@hydra.localnet
+  [Bug 2948] Potential Infinite Loop in ntpq and ntpdc
+
+  ChangeLog@1.1743.7.1 +2 -0
+    [Bug 2948] Potential Infinite Loop in ntpq and ntpdc
+
+  ntpdc/ntpdc.c@1.105 +20 -1
+    [Bug 2948] Potential Infinite Loop in ntpq and ntpdc
+     - check timeout between request and valid response(s) instead of *any* incoming data
+
+  ntpq/ntpq.c@1.161.2.1 +22 -2
+    [Bug 2948] Potential Infinite Loop in ntpq and ntpdc
+     - check timeout between request and valid response(s) instead of *any* incoming data
+
 ChangeSet@1.3573, 2015-10-17 06:28:49+00:00, stenn@psp-deb1.ntp.org
   ntp-4.2.8p4-sec-RC2
 
@@ -2172,6 +3111,53 @@ ChangeSet@1.3571, 2015-10-17 01:39:22+00:00, stenn@psp-deb1.ntp.org
   ChangeLog@1.1755 +4 -1
     [Sec 2941] NAK to the Future: Symmetric association authentication bypass via crypto-NAK
 
+ChangeSet@1.3558.6.2, 2015-10-13 23:31:28+02:00, jnperlin@hydra.localnet
+  [Bug 2938] ntpq saveconfig command allows dangerous characters in filenames.
+   - make sure the file does not exist (no overwrite allowed)
+   - ensure text mode where applicable (windows)
+
+  ntpd/ntp_control.c@1.203.1.2 +17 -3
+    [Bug 2938] ntpq saveconfig command allows dangerous characters in filenames.
+     - make sure the file does not exist (no overwrite allowed)
+     - ensure text mode where applicable (windows)
+
+ChangeSet@1.3558.6.1, 2015-10-12 08:18:56+02:00, jnperlin@hydra.localnet
+  [Bug 2938] ntpq saveconfig command allows dangerous characters in filenames
+
+  ChangeLog@1.1743.6.1 +3 -0
+    [Bug 2938] ntpq saveconfig command allows dangerous characters in filenames
+
+  ntpd/ntp_control.c@1.203.1.1 +161 -37
+    [Bug 2938] ntpq saveconfig command allows dangerous characters in filenames
+     - added function to check safe file names ([_A-Za-z0-9][-+._A-Za-z0-9]*)
+     - checked for truncation, too, not only overrun safey
+
+ChangeSet@1.3558.5.1, 2015-10-11 14:12:31+02:00, jnperlin@hydra.localnet
+  [Bug 2939] reslist NULL pointer dereference
+  [Bug 2940] Stack exhaustion in recursive traversal of restriction list
+    -- these two where fixed together --
+
+  ChangeLog@1.1743.5.1 +4 -0
+    [Bug 2939] reslist NULL pointer dereference
+    [Bug 2940] Stack exhaustion in recursive traversal of restriction list
+
+  ntpd/ntp_request.c@1.113.1.1 +127 -39
+    [Bug 2939] reslist NULL pointer dereference
+    [Bug 2940] Stack exhaustion in recursive traversal of restriction list
+     - use iteration and a scratch pad stack to do the list reversal; deep recusrsion can be dangerous in C
+     - properly terminate processing when 'more_pkt()' indicates packet full
+     - check the return value of 'more_pkt()' when used in iterations, or trash it explicitely
+     - fixed uint32_t vs. u_long clash that would cause security problems on big-endian 64bit machines
+
+ChangeSet@1.3558.4.1, 2015-10-11 09:32:40+02:00, jnperlin@hydra.localnet
+  [Bug 2937] (NTPQ) nextvar() missing length check
+
+  ChangeLog@1.1743.4.1 +2 -0
+    [Bug 2937] (NTPQ) nextvar() missing length check
+
+  ntpq/ntpq.c@1.161.1.1 +2 -0
+    [Bug 2937] (NTPQ) nextvar() missing length check
+
 ChangeSet@1.3558.3.3, 2015-10-11 08:10:20+02:00, jnperlin@hydra.localnet
   [Bug 2941] NAK to the Future: Symmetric association authentication bypass via crypto-NAK
 
diff --git a/contrib/ntp/NEWS b/contrib/ntp/NEWS
index 32c9288..278943c 100644
--- a/contrib/ntp/NEWS
+++ b/contrib/ntp/NEWS
@@ -1,5 +1,258 @@
 ---
 
+NTP 4.2.8p6
+
+Focus: Security, Bug fixes, enhancements.
+
+Severity: MEDIUM
+
+In addition to bug fixes and enhancements, this release fixes the
+following X low- and Y medium-severity vulnerabilities:
+
+* Potential Infinite Loop in 'ntpq'
+   Date Resolved: Stable (4.2.8p6) 19 Jan 2016; Dev (4.3.90) 19 Jan 2016
+   References: Sec 2548 / CVE-2015-8158
+   Affects: All ntp-4 releases up to, but not including 4.2.8p6, and
+	4.3.0 up to, but not including 4.3.90
+   CVSS2: (AV:N/AC:M/Au:N/C:N/I:N/A:P) Base Score: 4.3 - MEDIUM
+   CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N Base Score: 5.3 - MEDIUM
+   Summary: 'ntpq' processes incoming packets in a loop in 'getresponse()'.
+	The loop's only stopping conditions are receiving a complete and
+	correct response or hitting a small number of error conditions.
+	If the packet contains incorrect values that don't trigger one of
+	the error conditions, the loop continues to receive new packets.
+	Note well, this is an attack against an instance of 'ntpq', not
+	'ntpd', and this attack requires the attacker to do one of the
+	following:
+	* Own a malicious NTP server that the client trusts
+	* Prevent a legitimate NTP server from sending packets to
+	    the 'ntpq' client
+	* MITM the 'ntpq' communications between the 'ntpq' client
+	    and the NTP server
+   Mitigation:
+	Upgrade to 4.2.8p6, or later, from the NTP Project Download Page
+	or the NTP Public Services Project Download Page
+   Credit: This weakness was discovered by Jonathan Gardner of Cisco ASIG.
+
+* 0rigin: Zero Origin Timestamp Bypass
+   Date Resolved: Stable (4.2.8p6) 19 Jan 2016; Dev (4.3.90) 19 Jan 2016
+   References: Sec 2945 / CVE-2015-8138
+   Affects: All ntp-4 releases up to, but not including 4.2.8p6, and
+	4.3.0 up to, but not including 4.3.90
+   CVSS2: (AV:N/AC:L/Au:N/C:N/I:P/A:N) Base Score: 5.0 - MEDIUM
+   CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N Base Score: 5.3 - MEDIUM
+	(3.7 - LOW if you score AC:L)
+   Summary: To distinguish legitimate peer responses from forgeries, a
+	client attempts to verify a response packet by ensuring that the
+	origin timestamp in the packet matches the origin timestamp it
+	transmitted in its last request.  A logic error exists that
+	allows packets with an origin timestamp of zero to bypass this
+	check whenever there is not an outstanding request to the server.
+   Mitigation:
+	Configure 'ntpd' to get time from multiple sources.
+	Upgrade to 4.2.8p6, or later, from the NTP Project Download Page
+	    or the NTP Public Services Project Download Page.
+	Monitor your 'ntpd= instances.
+   Credit: This weakness was discovered by Jonathan Gardner of Cisco ASIG.
+
+* Stack exhaustion in recursive traversal of restriction list
+   Date Resolved: Stable (4.2.8p6) 19 Jan 2016
+   References: Sec 2940 / CVE-2015-7978
+   Affects: All ntp-4 releases up to, but not including 4.2.8p6, and
+	4.3.0 up to, but not including 4.3.90
+   CVSS: (AV:N/AC:M/Au:N/C:N/I:N/A:P) Base Score: 4.3 - MEDIUM
+   Summary: An unauthenticated 'ntpdc reslist' command can cause a
+   	segmentation fault in ntpd by exhausting the call stack.
+   Mitigation:
+	Implement BCP-38.
+	Upgrade to 4.2.8p6, or later, from the NTP Project Download Page
+	    or the NTP Public Services Project Download Page.
+	If you are unable to upgrade:
+            In ntp-4.2.8, mode 7 is disabled by default. Don't enable it.
+	    If you must enable mode 7:
+		configure the use of a 'requestkey' to control who can
+		    issue mode 7 requests.
+		configure 'restrict noquery' to further limit mode 7
+		    requests to trusted sources.
+		Monitor your ntpd instances.
+   Credit: This weakness was discovered by Stephen Gray at Cisco ASIG.
+
+* Off-path Denial of Service (!DoS) attack on authenticated broadcast mode
+   Date Resolved: Stable (4.2.8p6) 19 Jan 2016; Dev (4.3.90) 19 Jan 2016
+   References: Sec 2942 / CVE-2015-7979
+   Affects: All ntp-4 releases up to, but not including 4.2.8p6, and
+	4.3.0 up to, but not including 4.3.90
+   CVSS: (AV:N/AC:M/Au:N/C:N/I:P/A:P) Base Score: 5.8
+   Summary: An off-path attacker can send broadcast packets with bad
+	authentication (wrong key, mismatched key, incorrect MAC, etc)
+	to broadcast clients. It is observed that the broadcast client
+	tears down the association with the broadcast server upon
+	receiving just one bad packet.
+   Mitigation:
+	Implement BCP-38.
+	Upgrade to 4.2.8p6, or later, from the NTP Project Download Page
+	or the NTP Public Services Project Download Page.
+	Monitor your 'ntpd' instances.
+	If this sort of attack is an active problem for you, you have
+	    deeper problems to investigate.  In this case also consider
+	    having smaller NTP broadcast domains.
+   Credit: This weakness was discovered by Aanchal Malhotra of Boston
+   	University.
+
+* reslist NULL pointer dereference
+   Date Resolved: Stable (4.2.8p6) 19 Jan 2016; Dev (4.3.90) 19 Jan 2016
+   References: Sec 2939 / CVE-2015-7977
+   Affects: All ntp-4 releases up to, but not including 4.2.8p6, and
+	4.3.0 up to, but not including 4.3.90
+   CVSS: (AV:N/AC:M/Au:N/C:N/I:N/A:P) Base Score: 4.3 - MEDIUM
+   Summary: An unauthenticated 'ntpdc reslist' command can cause a
+	segmentation fault in ntpd by causing a NULL pointer dereference.
+   Mitigation:
+	Implement BCP-38.
+	Upgrade to 4.2.8p6, or later, from NTP Project Download Page or
+	the NTP Public Services Project Download Page.
+	If you are unable to upgrade:
+	    mode 7 is disabled by default.  Don't enable it.
+	    If you must enable mode 7:
+		configure the use of a 'requestkey' to control who can
+		    issue mode 7 requests.
+		configure 'restrict noquery' to further limit mode 7
+		    requests to trusted sources. 
+	Monitor your ntpd instances.
+   Credit: This weakness was discovered by Stephen Gray of Cisco ASIG.
+
+* 'ntpq saveconfig' command allows dangerous characters in filenames.
+   Date Resolved: Stable (4.2.8p6) 19 Jan 2016; Dev (4.3.90) 19 Jan 2016
+   References: Sec 2938 / CVE-2015-7976
+   Affects: All ntp-4 releases up to, but not including 4.2.8p6, and
+	4.3.0 up to, but not including 4.3.90
+   CVSS: (AV:N/AC:L/Au:S/C:N/I:P/A:N) Base Score: 4.0 - MEDIUM
+   Summary: The ntpq saveconfig command does not do adequate filtering
+   	of special characters from the supplied filename.
+	Note well: The ability to use the saveconfig command is controlled
+	by the 'restrict nomodify' directive, and the recommended default
+	configuration is to disable this capability.  If the ability to
+	execute a 'saveconfig' is required, it can easily (and should) be
+	limited and restricted to a known small number of IP addresses.
+   Mitigation:
+	Implement BCP-38.
+	use 'restrict default nomodify' in your 'ntp.conf' file.
+	Upgrade to 4.2.8p6, or later, from the NTP Project Download Page.
+	If you are unable to upgrade:
+	    build NTP with 'configure --disable-saveconfig' if you will
+	    	never need this capability, or
+	    use 'restrict default nomodify' in your 'ntp.conf' file.  Be
+		careful about what IPs have the ability to send 'modify'
+		requests to 'ntpd'.
+	Monitor your ntpd instances.
+	'saveconfig' requests are logged to syslog - monitor your syslog files.
+   Credit: This weakness was discovered by Jonathan Gardner of Cisco ASIG.
+
+* nextvar() missing length check in ntpq
+   Date Resolved: Stable (4.2.8p6) 19 Jan 2016; Dev (4.3.90) 19 Jan 2016
+   References: Sec 2937 / CVE-2015-7975
+   Affects: All ntp-4 releases up to, but not including 4.2.8p6, and
+	4.3.0 up to, but not including 4.3.90
+   CVSS: (AV:L/AC:H/Au:N/C:N/I:N/A:P) Base Score: 1.2 - LOW
+	If you score A:C, this becomes 4.0.
+   CVSSv3: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L) Base Score 2.9, LOW
+   Summary: ntpq may call nextvar() which executes a memcpy() into the
+	name buffer without a proper length check against its maximum
+	length of 256 bytes. Note well that we're taking about ntpq here.
+	The usual worst-case effect of this vulnerability is that the
+	specific instance of ntpq will crash and the person or process
+	that did this will have stopped themselves.
+   Mitigation:
+	Upgrade to 4.2.8p6, or later, from the NTP Project Download Page
+	    or the NTP Public Services Project Download Page.
+	If you are unable to upgrade:
+	    If you have scripts that feed input to ntpq make sure there are
+		some sanity checks on the input received from the "outside".
+	    This is potentially more dangerous if ntpq is run as root. 
+   Credit: This weakness was discovered by Jonathan Gardner at Cisco ASIG.
+
+* Skeleton Key: Any trusted key system can serve time
+   Date Resolved: Stable (4.2.8p6) 19 Jan 2016; Dev (4.3.90) 19 Jan 2016
+   References: Sec 2936 / CVE-2015-7974
+   Affects: All ntp-4 releases up to, but not including 4.2.8p6, and
+	4.3.0 up to, but not including 4.3.90
+   CVSS: (AV:N/AC:H/Au:S/C:N/I:C/A:N) Base Score: 4.9
+   Summary: Symmetric key encryption uses a shared trusted key. The
+	reported title for this issue was "Missing key check allows
+	impersonation between authenticated peers" and the report claimed
+	"A key specified only for one server should only work to
+	authenticate that server, other trusted keys should be refused."
+	Except there has never been any correlation between this trusted
+	key and server v. clients machines and there has never been any
+	way to specify a key only for one server. We have treated this as
+	an enhancement request, and ntp-4.2.8p6 includes other checks and
+	tests to strengthen clients against attacks coming from broadcast
+	servers.
+   Mitigation:
+	Implement BCP-38.
+	If this scenario represents a real or a potential issue for you,
+	    upgrade to 4.2.8p6, or later, from the NTP Project Download
+	    Page or the NTP Public Services Project Download Page, and
+	    use the new field in the ntp.keys file that specifies the list
+	    of IPs that are allowed to serve time. Note that this alone
+	    will not protect against time packets with forged source IP
+	    addresses, however other changes in ntp-4.2.8p6 provide
+	    significant mitigation against broadcast attacks. MITM attacks
+	    are a different story.
+	If you are unable to upgrade:
+	    Don't use broadcast mode if you cannot monitor your client
+	    	servers.
+	    If you choose to use symmetric keys to authenticate time
+	    	packets in a hostile environment where ephemeral time
+		servers can be created, or if it is expected that malicious
+		time servers will participate in an NTP broadcast domain,
+		limit the number of participating systems that participate
+		in the shared-key group. 
+	Monitor your ntpd instances. 
+   Credit: This weakness was discovered by Matt Street of Cisco ASIG. 
+
+* Deja Vu: Replay attack on authenticated broadcast mode
+   Date Resolved: Stable (4.2.8p6) 19 Jan 2016; Dev (4.3.90) 19 Jan 2016
+   References: Sec 2935 / CVE-2015-7973
+   Affects: All ntp-4 releases up to, but not including 4.2.8p6, and
+   	4.3.0 up to, but not including 4.3.90
+   CVSS: (AV:A/AC:M/Au:N/C:N/I:P/A:P) Base Score: 4.3 - MEDIUM
+   Summary: If an NTP network is configured for broadcast operations then
+   	either a man-in-the-middle attacker or a malicious participant
+	that has the same trusted keys as the victim can replay time packets.
+   Mitigation:
+	Implement BCP-38.
+	Upgrade to 4.2.8p6, or later, from the NTP Project Download Page
+	    or the NTP Public Services Project Download Page.
+	If you are unable to upgrade:
+	    Don't use broadcast mode if you cannot monitor your client servers.
+	Monitor your ntpd instances.
+   Credit: This weakness was discovered by Aanchal Malhotra of Boston
+	University.
+
+Other fixes:
+
+* [Bug 2772] adj_systime overflows tv_usec. perlinger@ntp.org
+* [Bug 2814] msyslog deadlock when signaled. perlinger@ntp.org
+  - applied patch by shenpeng11@huawei.com with minor adjustments
+* [Bug 2882] Look at ntp_request.c:list_peers_sum(). perlinger@ntp.org
+* [Bug 2891] Deadlock in deferred DNS lookup framework. perlinger@ntp.org
+* [Bug 2892] Several test cases assume IPv6 capabilities even when
+             IPv6 is disabled in the build. perlinger@ntp.org
+  - Found this already fixed, but validation led to cleanup actions.
+* [Bug 2905] DNS lookups broken. perlinger@ntp.org
+  - added limits to stack consumption, fixed some return code handling
+* [Bug 2971] ntpq bails on ^C: select fails: Interrupted system call
+  - changed stacked/nested handling of CTRL-C. perlinger@ntp.org
+  - make CTRL-C work for retrieval and printing od MRU list. perlinger@ntp.org
+* [Bug 2980] reduce number of warnings. perlinger@ntp.org
+  - integrated several patches from Havard Eidnes (he@uninett.no)
+* [Bug 2985] bogus calculation in authkeys.c perlinger@ntp.org
+  - implement 'auth_log2()' using integer bithack instead of float calculation
+* Make leapsec_query debug messages less verbose.  Harlan Stenn.
+
+---
+
 NTP 4.2.8p5
 
 Focus: Security, Bug fixes, enhancements.
diff --git a/contrib/ntp/configure b/contrib/ntp/configure
index 758ffa9..75724cc 100755
--- a/contrib/ntp/configure
+++ b/contrib/ntp/configure
@@ -1,6 +1,6 @@
 #! /bin/sh
 # Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.69 for ntp 4.2.8p5.
+# Generated by GNU Autoconf 2.69 for ntp 4.2.8p6.
 #
 # Report bugs to <http://bugs.ntp.org./>.
 #
@@ -590,8 +590,8 @@ MAKEFLAGS=
 # Identity of this package.
 PACKAGE_NAME='ntp'
 PACKAGE_TARNAME='ntp'
-PACKAGE_VERSION='4.2.8p5'
-PACKAGE_STRING='ntp 4.2.8p5'
+PACKAGE_VERSION='4.2.8p6'
+PACKAGE_STRING='ntp 4.2.8p6'
 PACKAGE_BUGREPORT='http://bugs.ntp.org./'
 PACKAGE_URL='http://www.ntp.org./'
 
@@ -1616,7 +1616,7 @@ if test "$ac_init_help" = "long"; then
   # Omit some internal or obsolete options to make the list less imposing.
   # This message is too long to be a string in the A/UX 3.1 sh.
   cat <<_ACEOF
-\`configure' configures ntp 4.2.8p5 to adapt to many kinds of systems.
+\`configure' configures ntp 4.2.8p6 to adapt to many kinds of systems.
 
 Usage: $0 [OPTION]... [VAR=VALUE]...
 
@@ -1686,7 +1686,7 @@ fi
 
 if test -n "$ac_init_help"; then
   case $ac_init_help in
-     short | recursive ) echo "Configuration of ntp 4.2.8p5:";;
+     short | recursive ) echo "Configuration of ntp 4.2.8p6:";;
    esac
   cat <<\_ACEOF
 
@@ -1919,7 +1919,7 @@ fi
 test -n "$ac_init_help" && exit $ac_status
 if $ac_init_version; then
   cat <<\_ACEOF
-ntp configure 4.2.8p5
+ntp configure 4.2.8p6
 generated by GNU Autoconf 2.69
 
 Copyright (C) 2012 Free Software Foundation, Inc.
@@ -2749,7 +2749,7 @@ cat >config.log <<_ACEOF
 This file contains any messages produced by compilers while
 running configure, to aid debugging if configure makes a mistake.
 
-It was created by ntp $as_me 4.2.8p5, which was
+It was created by ntp $as_me 4.2.8p6, which was
 generated by GNU Autoconf 2.69.  Invocation command line was
 
   $ $0 $@
@@ -3750,7 +3750,7 @@ fi
 
 # Define the identity of the package.
  PACKAGE='ntp'
- VERSION='4.2.8p5'
+ VERSION='4.2.8p6'
 
 
 cat >>confdefs.h <<_ACEOF
@@ -37840,7 +37840,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
 # report actual input values of CONFIG_FILES etc. instead of their
 # values after options handling.
 ac_log="
-This file was extended by ntp $as_me 4.2.8p5, which was
+This file was extended by ntp $as_me 4.2.8p6, which was
 generated by GNU Autoconf 2.69.  Invocation command line was
 
   CONFIG_FILES    = $CONFIG_FILES
@@ -37907,7 +37907,7 @@ _ACEOF
 cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
 ac_cs_version="\\
-ntp config.status 4.2.8p5
+ntp config.status 4.2.8p6
 configured by $0, generated by GNU Autoconf 2.69,
   with options \\"\$ac_cs_config\\"
 
diff --git a/contrib/ntp/html/miscopt.html b/contrib/ntp/html/miscopt.html
index 261b08f..bc520f6 100644
--- a/contrib/ntp/html/miscopt.html
+++ b/contrib/ntp/html/miscopt.html
@@ -11,7 +11,7 @@
 <img src="pic/boom3.gif" alt="gif" align="left"><a href="http://www.eecis.udel.edu/~mills/pictures.html">from <i>Pogo</i>, Walt Kelly</a>
 <p>We have three, now looking for more.</p>
 <p>Last update:
-  <!-- #BeginDate format:En2m -->17-Nov-2015  11:06<!-- #EndDate -->
+  <!-- #BeginDate format:En2m -->16-Jan-2016  13:08<!-- #EndDate -->
     UTC</p>
 <br clear="left">
 <h4>Related Links</h4>
@@ -29,8 +29,9 @@
   <dd>The file format consists of a single line containing a single floating point number, which records the frequency offset measured in parts-per-million (PPM). The file is updated by first writing the current drift value into a temporary file and then renaming this file to replace the old version.</dd>
   <dt id="dscp"><tt>dscp <i>dscp</i></tt></dt>
   <dd>This command specifies the Differentiated Services Code Point (DSCP) value that is used in sent NTP packets.  The default value is 46 for Expedited Forwarding (EF).</dd>
-  <dt id="enable"><tt>enable [auth | bclient | calibrate | kernel | mode7 | monitor | ntp | stats]</tt><br>
-    <tt>disable [auth | bclient | calibrate | kernel | mode7 | monitor | ntp | stats]</tt></dt>
+  <dt id="enable"><tt>enable [auth | bclient | calibrate | kernel | mode7 | monitor | ntp | stats | unpeer_crypto_early | unpeer_crypto_nak_early | unpeer_digest_early]</tt></dt>
+
+  <dt><tt>disable [auth | bclient | calibrate | kernel | mode7 | monitor | ntp | stats | unpeer_crypto_early | unpeer_crypto_nak_early | unpeer_digest_early]</tt></dt>
   <dd>Provides a way to enable or disable various system options. Flags not mentioned are unaffected. Note that most of these flags can be modified remotely using <a href="ntpq.html"><tt>ntpq</tt></a> utility program's <tt>:config</tt> and <tt>config-from-file</tt> commands.
     <dl>
       <dt><tt>auth</tt></dt>
@@ -50,6 +51,13 @@
       <dd>Enables time and frequency discipline. In effect, this switch opens and closes the feedback loop, which is useful for testing. The default for this flag is enable.</dd>
       <dt><tt>stats</tt></dt>
       <dd>Enables the statistics facility. See the <a href="monopt.html">Monitoring Options</a> page for further information. The default for this flag is enabled. This flag is excluded from runtime configuration using <tt>ntpq</tt>.</dd>
+| unpeer_crypto_early | unpeer_crypto_nak_early | unpeer_digest_early
+      <dt><tt>unpeer_crypto_early</tt></dt>
+      <dd>Enables the early resetting of an association in case of a crypto failure.  This is generally a feature, but it can be used in a DoS attack.  If you are seeing these packets being used as a DoS attack against your server, you should disable this flag.  The default for this flag is enabled. This flag is excluded from runtime configuration using <tt>ntpq</tt>.</dd>
+      <dt><tt>unpeer_crypto_nak_early</tt></dt>
+      <dd>Enables the early resetting of an association in case of a crypto_NAK message.  This is generally a feature, but it can be used in a DoS attack.  If you are seeing these packets being used as a DoS attack against your server, you should disable this flag.  The default for this flag is enabled. This flag is excluded from runtime configuration using <tt>ntpq</tt>.</dd>
+      <dt><tt>unpeer_digest_early</tt></dt>
+      <dd>Enables the early resetting of an association in case of an autokey digest failur.  This is generally a feature, but it can be used in a DoS attack.  If you are seeing these packets being used as a DoS attack against your server, you should disable this flag.  The default for this flag is enabled. This flag is excluded from runtime configuration using <tt>ntpq</tt>.</dd>
     </dl>
   </dd>
   <dt id="includefile"><tt>includefile <i>includefile</i></tt></dt>
diff --git a/contrib/ntp/include/Makefile.am b/contrib/ntp/include/Makefile.am
index d8b4dd2..521ac14 100644
--- a/contrib/ntp/include/Makefile.am
+++ b/contrib/ntp/include/Makefile.am
@@ -36,6 +36,7 @@ noinst_HEADERS =	\
 	ntp_if.h	\
 	ntp_intres.h	\
 	ntp_io.h	\
+	ntp_keyacc.h	\
 	ntp_libopts.h	\
 	ntp_lineedit.h	\
 	ntp_lists.h	\
diff --git a/contrib/ntp/include/Makefile.in b/contrib/ntp/include/Makefile.in
index 6e45e93..ef92804 100644
--- a/contrib/ntp/include/Makefile.in
+++ b/contrib/ntp/include/Makefile.in
@@ -521,6 +521,7 @@ noinst_HEADERS = \
 	ntp_if.h	\
 	ntp_intres.h	\
 	ntp_io.h	\
+	ntp_keyacc.h	\
 	ntp_libopts.h	\
 	ntp_lineedit.h	\
 	ntp_lists.h	\
diff --git a/contrib/ntp/include/ntp.h b/contrib/ntp/include/ntp.h
index 4ffc35f..6a4e9aa 100644
--- a/contrib/ntp/include/ntp.h
+++ b/contrib/ntp/include/ntp.h
@@ -350,6 +350,7 @@ struct peer {
 	l_fp	dst;		/* destination timestamp */
 	l_fp	aorg;		/* origin timestamp */
 	l_fp	borg;		/* alternate origin timestamp */
+	l_fp	bxmt;		/* most recent broadcast transmit timestamp */
 	double	offset;		/* peer clock offset */
 	double	delay;		/* peer roundtrip delay */
 	double	jitter;		/* peer jitter (squares) */
@@ -382,7 +383,8 @@ struct peer {
 	 * Statistic counters
 	 */
 	u_long	timereset;	/* time stat counters were reset */
-	u_long	timereceived;	/* last packet received time */
+	u_long	timelastrec;	/* last packet received time */
+	u_long	timereceived;	/* last (clean) packet received time */
 	u_long	timereachable;	/* last reachable/unreachable time */
 
 	u_long	sent;		/* packets sent */
@@ -708,6 +710,9 @@ struct pkt {
 #define	PROTO_ORPHAN		26
 #define	PROTO_ORPHWAIT		27
 #define	PROTO_MODE7		28
+#define	PROTO_UECRYPTO		29
+#define	PROTO_UECRYPTONAK	30
+#define	PROTO_UEDIGEST		31
 
 /*
  * Configuration items for the loop filter
diff --git a/contrib/ntp/include/ntp_io.h b/contrib/ntp/include/ntp_io.h
index 5950f00..d34d60a 100644
--- a/contrib/ntp/include/ntp_io.h
+++ b/contrib/ntp/include/ntp_io.h
@@ -40,6 +40,8 @@
 
 #include "libntp.h"	/* This needs Something above for GETDTABLESIZE */
 
+#include "ntp_keyacc.h"
+
 /*
  * Define FNDELAY and FASYNC using O_NONBLOCK and O_ASYNC if we need
  * to (and can).  This is here initially for QNX, but may help for
@@ -83,7 +85,6 @@ typedef enum {
 extern int	qos;
 SOCKET		move_fd(SOCKET fd);
 isc_boolean_t	get_broadcastclient_flag(void);
-extern int	is_ip_address(const char *, u_short, sockaddr_u *);
 extern void	sau_from_netaddr(sockaddr_u *, const isc_netaddr_t *);
 extern void	add_nic_rule(nic_rule_match match_type,
 			     const char *if_name, int prefixlen,
diff --git a/contrib/ntp/include/ntp_keyacc.h b/contrib/ntp/include/ntp_keyacc.h
new file mode 100644
index 0000000..730c310
--- /dev/null
+++ b/contrib/ntp/include/ntp_keyacc.h
@@ -0,0 +1,13 @@
+/*
+ *  ntp_keyacc.h - key access stuff
+ */
+#ifndef NTP_KEYACC_H
+#define NTP_KEYACC_H
+
+typedef struct keyaccess KeyAccT;
+struct keyaccess {
+	KeyAccT *	next;
+	sockaddr_u	addr;
+};
+
+#endif	/* NTP_KEYACC_H */
diff --git a/contrib/ntp/include/ntp_stdlib.h b/contrib/ntp/include/ntp_stdlib.h
index d735b41..98ac69e 100644
--- a/contrib/ntp/include/ntp_stdlib.h
+++ b/contrib/ntp/include/ntp_stdlib.h
@@ -16,6 +16,7 @@
 #include "ntp_malloc.h"
 #include "ntp_string.h"
 #include "ntp_syslog.h"
+#include "ntp_keyacc.h"
 
 #ifdef __GNUC__
 #define NTP_PRINTF(fmt, args) __attribute__((__format__(__printf__, fmt, args)))
@@ -69,6 +70,7 @@ extern	int	authdecrypt	(keyid_t, u_int32 *, size_t, size_t);
 extern	size_t	authencrypt	(keyid_t, u_int32 *, size_t);
 extern	int	authhavekey	(keyid_t);
 extern	int	authistrusted	(keyid_t);
+extern	int	authistrustedip	(keyid_t, sockaddr_u *);
 extern	int	authreadkeys	(const char *);
 extern	void	authtrust	(keyid_t, u_long);
 extern	int	authusekey	(keyid_t, int, const u_char *);
@@ -97,7 +99,7 @@ extern	int	ymd2yd		(int, int, int);
 /* a_md5encrypt.c */
 extern	int	MD5authdecrypt	(int, const u_char *, u_int32 *, size_t, size_t);
 extern	size_t	MD5authencrypt	(int, const u_char *, u_int32 *, size_t);
-extern	void	MD5auth_setkey	(keyid_t, int, const u_char *, size_t);
+extern	void	MD5auth_setkey	(keyid_t, int, const u_char *, size_t, KeyAccT *c);
 extern	u_int32	addr2refid	(sockaddr_u *);
 
 /* emalloc.c */
@@ -141,6 +143,7 @@ extern	int	atouint		(const char *, u_long *);
 extern	int	hextoint	(const char *, u_long *);
 extern	const char *	humanlogtime	(void);
 extern	const char *	humantime	(time_t);
+extern int	is_ip_address	(const char *, u_short, sockaddr_u *);
 extern	char *	mfptoa		(u_int32, u_int32, short);
 extern	char *	mfptoms		(u_int32, u_int32, short);
 extern	const char * modetoa	(size_t);
diff --git a/contrib/ntp/include/ntp_types.h b/contrib/ntp/include/ntp_types.h
index a947f30..7ff3125 100644
--- a/contrib/ntp/include/ntp_types.h
+++ b/contrib/ntp/include/ntp_types.h
@@ -218,6 +218,7 @@ typedef uint16_t	associd_t; /* association ID */
 #define ASSOCID_MAX	USHRT_MAX
 typedef u_int32 keyid_t;	/* cryptographic key ID */
 #define KEYID_T_MAX	(0xffffffff)
+
 typedef u_int32 tstamp_t;	/* NTP seconds timestamp */
 
 /*
diff --git a/contrib/ntp/include/ntp_worker.h b/contrib/ntp/include/ntp_worker.h
index 50616b3..7720b8c 100644
--- a/contrib/ntp/include/ntp_worker.h
+++ b/contrib/ntp/include/ntp_worker.h
@@ -60,33 +60,35 @@ typedef sema_type	*sem_ref;
 #if defined(WORK_FORK)
 
 typedef struct blocking_child_tag {
-	int	reusable;
-	int	pid;
-	int	req_write_pipe;		/* parent */
-	int	resp_read_pipe;
-	void *	resp_read_ctx;
-	int	req_read_pipe;		/* child */
-	int	resp_write_pipe;
-	int	ispipe;
+	int		reusable;
+	int		pid;
+	int		req_write_pipe;		/* parent */
+	int		resp_read_pipe;
+	void *		resp_read_ctx;
+	int		req_read_pipe;		/* child */
+	int		resp_write_pipe;
+	int		ispipe;	
+	volatile u_int	resp_ready_seen;	/* signal/scan */
+	volatile u_int	resp_ready_done;	/* consumer/mainloop */
 } blocking_child;
 
 #elif defined(WORK_THREAD)
 
 typedef struct blocking_child_tag {
-/*
- * blocking workitems and blocking_responses are dynamically-sized
- * one-dimensional arrays of pointers to blocking worker requests and
- * responses.
- *
- * IMPORTANT: This structure is shared between threads, and all access
- * that is not atomic (especially queue operations) must hold the
- * 'accesslock' semaphore to avoid data races.
- *
- * The resource management (thread/semaphore creation/destruction)
- * functions and functions just testing a handle are safe because these
- * are only changed by the main thread when no worker is running on the
- * same data structure.
- */
+	/*
+	 * blocking workitems and blocking_responses are
+	 * dynamically-sized one-dimensional arrays of pointers to
+	 * blocking worker requests and responses.
+	 *
+	 * IMPORTANT: This structure is shared between threads, and all
+	 * access that is not atomic (especially queue operations) must
+	 * hold the 'accesslock' semaphore to avoid data races.
+	 *
+	 * The resource management (thread/semaphore
+	 * creation/destruction) functions and functions just testing a
+	 * handle are safe because these are only changed by the main
+	 * thread when no worker is running on the same data structure.
+	 */
 	int			reusable;
 	sem_ref			accesslock;	/* shared access lock */
 	thr_ref			thread_ref;	/* thread 'handle' */
@@ -117,6 +119,8 @@ typedef struct blocking_child_tag {
 	int			resp_write_pipe;	/* child */
 	int			ispipe;
 	void *			resp_read_ctx;		/* child */
+	volatile u_int		resp_ready_seen;	/* signal/scan */
+	volatile u_int		resp_ready_done;	/* consumer/mainloop */
 #else
 	sem_ref			responses_pending;	/* signalling */
 #endif
@@ -126,6 +130,10 @@ typedef struct blocking_child_tag {
 
 #endif	/* WORK_THREAD */
 
+/* we need some global tag to indicate any blocking child may be ready: */
+extern volatile u_int		blocking_child_ready_seen;/* signal/scan */
+extern volatile u_int		blocking_child_ready_done;/* consumer/mainloop */
+
 extern	blocking_child **	blocking_children;
 extern	size_t			blocking_children_alloc;
 extern	int			worker_per_query;	/* boolean */
@@ -139,6 +147,7 @@ extern	int	queue_blocking_response(blocking_child *,
 					blocking_pipe_header *, size_t,
 					const blocking_pipe_header *);
 extern	void	process_blocking_resp(blocking_child *);
+extern	void	harvest_blocking_responses(void);
 extern	int	send_blocking_req_internal(blocking_child *,
 					   blocking_pipe_header *,
 					   void *);
diff --git a/contrib/ntp/include/parse.h b/contrib/ntp/include/parse.h
index 9b1ffb2..02dbb30 100644
--- a/contrib/ntp/include/parse.h
+++ b/contrib/ntp/include/parse.h
@@ -107,9 +107,9 @@ extern unsigned int splclock (void);
 /*
  * some constants useful for GPS time conversion
  */
-#define GPSORIGIN       2524953600UL                /* NTP origin - GPS origin in seconds */
-#define GPSWRAP         990U                        /* assume week count less than this in the previous epoch */
-#define GPSWEEKS        1024U                       /* number of weeks until the GPS epch rolls over */
+#define GPSORIGIN       2524953600UL         /* NTP origin - GPS origin in seconds */
+#define GPSWRAP         990                  /* assume week count less than this in the previous epoch */
+#define GPSWEEKS        1024                 /* number of weeks until the GPS epch rolls over */
 
 /*
  * state flags
diff --git a/contrib/ntp/libntp/Makefile.am b/contrib/ntp/libntp/Makefile.am
index 914badb..a3b50e1 100644
--- a/contrib/ntp/libntp/Makefile.am
+++ b/contrib/ntp/libntp/Makefile.am
@@ -70,6 +70,7 @@ libntp_a_SRCS =						\
 	humandate.c					\
 	icom.c						\
 	iosignal.c					\
+	is_ip_address.c					\
 	lib_strbuf.c					\
 	machines.c					\
 	mktime.c					\
diff --git a/contrib/ntp/libntp/Makefile.in b/contrib/ntp/libntp/Makefile.in
index 6e40cd4..5cf5703 100644
--- a/contrib/ntp/libntp/Makefile.in
+++ b/contrib/ntp/libntp/Makefile.in
@@ -150,12 +150,12 @@ am__libntp_a_SOURCES_DIST = systime.c a_md5encrypt.c adjtime.c \
 	calyearstart.c clocktime.c clocktypes.c decodenetnum.c \
 	dofptoa.c dolfptoa.c emalloc.c findconfig.c getopt.c \
 	hextoint.c hextolfp.c humandate.c icom.c iosignal.c \
-	lib_strbuf.c machines.c mktime.c modetoa.c mstolfp.c msyslog.c \
-	netof.c ntp_calendar.c ntp_crypto_rnd.c ntp_intres.c \
-	ntp_libopts.c ntp_lineedit.c ntp_random.c ntp_rfc2553.c \
-	ntp_worker.c numtoa.c numtohost.c octtoint.c prettydate.c \
-	refidsmear.c recvbuff.c refnumtoa.c snprintf.c socket.c \
-	socktoa.c socktohost.c ssl_init.c statestr.c strdup.c \
+	is_ip_address.c lib_strbuf.c machines.c mktime.c modetoa.c \
+	mstolfp.c msyslog.c netof.c ntp_calendar.c ntp_crypto_rnd.c \
+	ntp_intres.c ntp_libopts.c ntp_lineedit.c ntp_random.c \
+	ntp_rfc2553.c ntp_worker.c numtoa.c numtohost.c octtoint.c \
+	prettydate.c refidsmear.c recvbuff.c refnumtoa.c snprintf.c \
+	socket.c socktoa.c socktohost.c ssl_init.c statestr.c strdup.c \
 	strl_obsd.c syssignal.c timetoa.c timevalops.c uglydate.c \
 	vint64ops.c work_fork.c work_thread.c ymd2yd.c \
 	$(srcdir)/../lib/isc/assertions.c \
@@ -207,21 +207,21 @@ am__objects_4 = a_md5encrypt.$(OBJEXT) adjtime.$(OBJEXT) \
 	dolfptoa.$(OBJEXT) emalloc.$(OBJEXT) findconfig.$(OBJEXT) \
 	getopt.$(OBJEXT) hextoint.$(OBJEXT) hextolfp.$(OBJEXT) \
 	humandate.$(OBJEXT) icom.$(OBJEXT) iosignal.$(OBJEXT) \
-	lib_strbuf.$(OBJEXT) machines.$(OBJEXT) mktime.$(OBJEXT) \
-	modetoa.$(OBJEXT) mstolfp.$(OBJEXT) msyslog.$(OBJEXT) \
-	netof.$(OBJEXT) ntp_calendar.$(OBJEXT) \
-	ntp_crypto_rnd.$(OBJEXT) ntp_intres.$(OBJEXT) \
-	ntp_libopts.$(OBJEXT) ntp_lineedit.$(OBJEXT) \
-	ntp_random.$(OBJEXT) ntp_rfc2553.$(OBJEXT) \
-	ntp_worker.$(OBJEXT) numtoa.$(OBJEXT) numtohost.$(OBJEXT) \
-	octtoint.$(OBJEXT) prettydate.$(OBJEXT) refidsmear.$(OBJEXT) \
-	recvbuff.$(OBJEXT) refnumtoa.$(OBJEXT) snprintf.$(OBJEXT) \
-	socket.$(OBJEXT) socktoa.$(OBJEXT) socktohost.$(OBJEXT) \
-	ssl_init.$(OBJEXT) statestr.$(OBJEXT) strdup.$(OBJEXT) \
-	strl_obsd.$(OBJEXT) syssignal.$(OBJEXT) timetoa.$(OBJEXT) \
-	timevalops.$(OBJEXT) uglydate.$(OBJEXT) vint64ops.$(OBJEXT) \
-	work_fork.$(OBJEXT) work_thread.$(OBJEXT) ymd2yd.$(OBJEXT) \
-	$(am__objects_3) $(am__objects_1)
+	is_ip_address.$(OBJEXT) lib_strbuf.$(OBJEXT) \
+	machines.$(OBJEXT) mktime.$(OBJEXT) modetoa.$(OBJEXT) \
+	mstolfp.$(OBJEXT) msyslog.$(OBJEXT) netof.$(OBJEXT) \
+	ntp_calendar.$(OBJEXT) ntp_crypto_rnd.$(OBJEXT) \
+	ntp_intres.$(OBJEXT) ntp_libopts.$(OBJEXT) \
+	ntp_lineedit.$(OBJEXT) ntp_random.$(OBJEXT) \
+	ntp_rfc2553.$(OBJEXT) ntp_worker.$(OBJEXT) numtoa.$(OBJEXT) \
+	numtohost.$(OBJEXT) octtoint.$(OBJEXT) prettydate.$(OBJEXT) \
+	refidsmear.$(OBJEXT) recvbuff.$(OBJEXT) refnumtoa.$(OBJEXT) \
+	snprintf.$(OBJEXT) socket.$(OBJEXT) socktoa.$(OBJEXT) \
+	socktohost.$(OBJEXT) ssl_init.$(OBJEXT) statestr.$(OBJEXT) \
+	strdup.$(OBJEXT) strl_obsd.$(OBJEXT) syssignal.$(OBJEXT) \
+	timetoa.$(OBJEXT) timevalops.$(OBJEXT) uglydate.$(OBJEXT) \
+	vint64ops.$(OBJEXT) work_fork.$(OBJEXT) work_thread.$(OBJEXT) \
+	ymd2yd.$(OBJEXT) $(am__objects_3) $(am__objects_1)
 am_libntp_a_OBJECTS = systime.$(OBJEXT) $(am__objects_4)
 libntp_a_OBJECTS = $(am_libntp_a_OBJECTS)
 libntpsim_a_AR = $(AR) $(ARFLAGS)
@@ -232,12 +232,12 @@ am__libntpsim_a_SOURCES_DIST = systime_s.c a_md5encrypt.c adjtime.c \
 	calyearstart.c clocktime.c clocktypes.c decodenetnum.c \
 	dofptoa.c dolfptoa.c emalloc.c findconfig.c getopt.c \
 	hextoint.c hextolfp.c humandate.c icom.c iosignal.c \
-	lib_strbuf.c machines.c mktime.c modetoa.c mstolfp.c msyslog.c \
-	netof.c ntp_calendar.c ntp_crypto_rnd.c ntp_intres.c \
-	ntp_libopts.c ntp_lineedit.c ntp_random.c ntp_rfc2553.c \
-	ntp_worker.c numtoa.c numtohost.c octtoint.c prettydate.c \
-	refidsmear.c recvbuff.c refnumtoa.c snprintf.c socket.c \
-	socktoa.c socktohost.c ssl_init.c statestr.c strdup.c \
+	is_ip_address.c lib_strbuf.c machines.c mktime.c modetoa.c \
+	mstolfp.c msyslog.c netof.c ntp_calendar.c ntp_crypto_rnd.c \
+	ntp_intres.c ntp_libopts.c ntp_lineedit.c ntp_random.c \
+	ntp_rfc2553.c ntp_worker.c numtoa.c numtohost.c octtoint.c \
+	prettydate.c refidsmear.c recvbuff.c refnumtoa.c snprintf.c \
+	socket.c socktoa.c socktohost.c ssl_init.c statestr.c strdup.c \
 	strl_obsd.c syssignal.c timetoa.c timevalops.c uglydate.c \
 	vint64ops.c work_fork.c work_thread.c ymd2yd.c \
 	$(srcdir)/../lib/isc/assertions.c \
@@ -660,6 +660,7 @@ libntp_a_SRCS = \
 	humandate.c					\
 	icom.c						\
 	iosignal.c					\
+	is_ip_address.c					\
 	lib_strbuf.c					\
 	machines.c					\
 	mktime.c					\
@@ -806,6 +807,7 @@ distclean-compile:
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/inet_pton.Po@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/interfaceiter.Po@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/iosignal.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/is_ip_address.Po@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/lib.Po@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/lib_strbuf.Po@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/log.Po@am__quote@
diff --git a/contrib/ntp/libntp/authkeys.c b/contrib/ntp/libntp/authkeys.c
index f7462a2..36fdd8b 100644
--- a/contrib/ntp/libntp/authkeys.c
+++ b/contrib/ntp/libntp/authkeys.c
@@ -15,6 +15,7 @@
 #include "ntp_string.h"
 #include "ntp_malloc.h"
 #include "ntp_stdlib.h"
+#include "ntp_keyacc.h"
 
 /*
  * Structure to store keys in in the hash table.
@@ -25,6 +26,7 @@ struct savekey {
 	symkey *	hlink;		/* next in hash bucket */
 	DECL_DLIST_LINK(symkey, llink);	/* for overall & free lists */
 	u_char *	secret;		/* shared secret */
+	KeyAccT *	keyacclist;	/* Private key access list */
 	u_long		lifetime;	/* remaining lifetime */
 	keyid_t		keyid;		/* key identifier */
 	u_short		type;		/* OpenSSL digest NID */
@@ -48,13 +50,13 @@ struct symkey_alloc_tag {
 symkey_alloc *	authallocs;
 #endif	/* DEBUG */
 
-static inline u_short	auth_log2(double x);
-static void		auth_resize_hashtable(void);
-static void		allocsymkey(symkey **, keyid_t,	u_short,
-				    u_short, u_long, u_short, u_char *);
-static void		freesymkey(symkey *, symkey **);
+static u_short	auth_log2(size_t);
+static void	auth_resize_hashtable(void);
+static void	allocsymkey(symkey **, keyid_t,	u_short, u_short,
+			    u_long, u_short, u_char *, KeyAccT *);
+static void	freesymkey(symkey *, symkey **);
 #ifdef DEBUG
-static void		free_auth_mem(void);
+static void	free_auth_mem(void);
 #endif
 
 symkey	key_listhead;		/* list of all in-use keys */;
@@ -97,6 +99,7 @@ u_char *cache_secret;		/* secret */
 u_short	cache_secretsize;	/* secret length */
 int	cache_type;		/* OpenSSL digest NID */
 u_short cache_flags;		/* flags that wave */
+KeyAccT *cache_keyacclist;	/* key access list */
 
 
 /*
@@ -142,6 +145,7 @@ free_auth_mem(void)
 	key_hash = NULL;
 	cache_keyid = 0;
 	cache_flags = 0;
+	cache_keyacclist = NULL;
 	for (alloc = authallocs; alloc != NULL; alloc = next_alloc) {
 		next_alloc = alloc->link;
 		free(alloc->mem);	
@@ -210,10 +214,33 @@ auth_prealloc_symkeys(
 }
 
 
-static inline u_short
-auth_log2(double x)
+static u_short
+auth_log2(size_t x)
 {
-	return (u_short)(log10(x) / log10(2));
+	/*
+	** bithack to calculate floor(log2(x))
+	**
+	** This assumes
+	**   - (sizeof(size_t) is a power of two
+	**   - CHAR_BITS is a power of two
+	**   - returning zero for arguments <= 0 is OK.
+	**
+	** Does only shifts, masks and sums in integer arithmetic in
+	** log2(CHAR_BIT*sizeof(size_t)) steps. (that is, 5/6 steps for
+	** 32bit/64bit size_t)
+	*/
+	int	s;
+	int	r = 0;
+	size_t  m = ~(size_t)0;
+
+	for (s = sizeof(size_t) / 2 * CHAR_BIT; s != 0; s >>= 1) {
+		m <<= s;
+		if (x & m)
+			r += s;
+		else
+			x <<= s;
+	}
+	return (u_short)r;
 }
 
 
@@ -234,7 +261,7 @@ auth_resize_hashtable(void)
 	symkey *	sk;
 
 	totalkeys = authnumkeys + authnumfreekeys;
-	hashbits = auth_log2(totalkeys / 4.0) + 1;
+	hashbits = auth_log2(totalkeys / 4) + 1;
 	hashbits = max(4, hashbits);
 	hashbits = min(15, hashbits);
 
@@ -267,7 +294,8 @@ allocsymkey(
 	u_short		type,
 	u_long		lifetime,
 	u_short		secretsize,
-	u_char *	secret
+	u_char *	secret,
+	KeyAccT *	ka
 	)
 {
 	symkey *	sk;
@@ -281,6 +309,7 @@ allocsymkey(
 	sk->type = type;
 	sk->secretsize = secretsize;
 	sk->secret = secret;
+	sk->keyacclist = ka;
 	sk->lifetime = lifetime;
 	LINK_SLIST(*bucket, sk, hlink);
 	LINK_TAIL_DLIST(key_listhead, sk, llink);
@@ -412,6 +441,7 @@ authhavekey(
 	cache_flags = sk->flags;
 	cache_secret = sk->secret;
 	cache_secretsize = sk->secretsize;
+	cache_keyacclist = sk->keyacclist;
 
 	return TRUE;
 }
@@ -451,6 +481,7 @@ authtrust(
 		if (cache_keyid == id) {
 			cache_flags = 0;
 			cache_keyid = 0;
+			cache_keyacclist = NULL;
 		}
 
 		/*
@@ -480,7 +511,7 @@ authtrust(
 	} else {
 		lifetime = 0;
 	}
-	allocsymkey(bucket, id, KEY_TRUSTED, 0, lifetime, 0, NULL);
+	allocsymkey(bucket, id, KEY_TRUSTED, 0, lifetime, 0, NULL, NULL);
 }
 
 
@@ -511,6 +542,49 @@ authistrusted(
 	return TRUE;
 }
 
+
+/*
+ * authistrustedip - determine if the IP is OK for the keyid
+ */
+ int
+ authistrustedip(
+ 	keyid_t		keyno,
+	sockaddr_u *	sau
+	)
+{
+	symkey *	sk;
+	symkey **	bucket;
+	KeyAccT *	kal;
+	KeyAccT *	k;
+
+	if (keyno == cache_keyid)
+		kal = cache_keyacclist;
+	else {
+		authkeyuncached++;
+		bucket = &key_hash[KEYHASH(keyno)];
+		for (sk = *bucket; sk != NULL; sk = sk->hlink) {
+			if (keyno == sk->keyid)
+				break;
+		}
+		if (NULL == sk || !(KEY_TRUSTED & sk->flags)) {
+			INSIST(!"authistrustedip: keyid not found/trusted!");
+			return FALSE;
+		}
+		kal = sk->keyacclist;
+	}
+
+	if (NULL == kal)
+		return TRUE;
+
+	for (k = kal; k; k = k->next) {
+		if (SOCK_EQ(&k->addr, sau))
+			return TRUE;
+	}
+
+	return FALSE;
+}
+
+
 /* Note: There are two locations below where 'strncpy()' is used. While
  * this function is a hazard by itself, it's essential that it is used
  * here. Bug 1243 involved that the secret was filled with NUL bytes
@@ -527,7 +601,8 @@ MD5auth_setkey(
 	keyid_t keyno,
 	int	keytype,
 	const u_char *key,
-	size_t len
+	size_t	len,
+	KeyAccT *ka
 	)
 {
 	symkey *	sk;
@@ -553,6 +628,7 @@ MD5auth_setkey(
 			sk->type = (u_short)keytype;
 			secretsize = len;
 			sk->secretsize = (u_short)secretsize;
+			sk->keyacclist = ka;
 #ifndef DISABLE_BUG1243_FIX
 			memcpy(sk->secret, key, secretsize);
 #else
@@ -563,6 +639,7 @@ MD5auth_setkey(
 			if (cache_keyid == keyno) {
 				cache_flags = 0;
 				cache_keyid = 0;
+				cache_keyacclist = NULL;
 			}
 			return;
 		}
@@ -580,7 +657,7 @@ MD5auth_setkey(
 	strncpy((char *)secret, (const char *)key, secretsize);
 #endif
 	allocsymkey(bucket, keyno, 0, (u_short)keytype, 0,
-		    (u_short)secretsize, secret);
+		    (u_short)secretsize, secret, ka);
 #ifdef DEBUG
 	if (debug >= 4) {
 		size_t	j;
diff --git a/contrib/ntp/libntp/authreadkeys.c b/contrib/ntp/libntp/authreadkeys.c
index 95a357a..1d4ee30 100644
--- a/contrib/ntp/libntp/authreadkeys.c
+++ b/contrib/ntp/libntp/authreadkeys.c
@@ -5,10 +5,12 @@
 #include <stdio.h>
 #include <ctype.h>
 
+#include "ntpd.h"	/* Only for DPRINTF */
 #include "ntp_fp.h"
 #include "ntp.h"
 #include "ntp_syslog.h"
 #include "ntp_stdlib.h"
+#include "ntp_keyacc.h"
 
 #ifdef OPENSSL
 #include "openssl/objects.h"
@@ -85,6 +87,7 @@ static void log_maybe(u_int*, const char*, ...) NTP_PRINTF(2, 3);
 typedef struct keydata KeyDataT;
 struct keydata {
 	KeyDataT *next;		/* queue/stack link		*/
+	KeyAccT  *keyacclist;	/* key access list		*/
 	keyid_t   keyid;	/* stored key ID		*/
 	u_short   keytype;	/* stored key type		*/
 	u_short   seclen;	/* length of secret		*/
@@ -228,6 +231,7 @@ authreadkeys(
 		len = strlen(token);
 		if (len <= 20) {	/* Bug 2537 */
 			next = emalloc(sizeof(KeyDataT) + len);
+			next->keyacclist = NULL;
 			next->keyid   = keyno;
 			next->keytype = keytype;
 			next->seclen  = len;
@@ -257,11 +261,48 @@ authreadkeys(
 			}
 			len = jlim/2; /* hmmmm.... what about odd length?!? */
 			next = emalloc(sizeof(KeyDataT) + len);
+			next->keyacclist = NULL;
 			next->keyid   = keyno;
 			next->keytype = keytype;
 			next->seclen  = len;
 			memcpy(next->secbuf, keystr, len);
 		}
+
+		token = nexttok(&line);
+DPRINTF(0, ("authreadkeys: full access list <%s>\n", (token) ? token : "NULL"));
+		if (token != NULL) {	/* A comma-separated IP access list */
+			char *tp = token;
+
+			while (tp) {
+				char *i;
+				KeyAccT ka;
+
+				i = strchr(tp, (int)',');
+				if (i)
+					*i = '\0';
+DPRINTF(0, ("authreadkeys: access list:  <%s>\n", tp));
+
+				if (is_ip_address(tp, AF_UNSPEC, &ka.addr)) {
+					KeyAccT *kap;
+
+					kap = emalloc(sizeof(KeyAccT));
+					memcpy(kap, &ka, sizeof ka);
+					kap->next = next->keyacclist;
+					next->keyacclist = kap;
+				} else {
+					log_maybe(&nerr,
+						  "authreadkeys: invalid IP address <%s> for key %d",
+						  tp, keyno);
+				}
+
+				if (i) {
+					tp = i + 1;
+				} else {
+					tp = 0;
+				}
+			}
+		}
+
 		INSIST(NULL != next);
 		next->next = list;
 		list = next;
@@ -286,7 +327,7 @@ authreadkeys(
 	while (NULL != (next = list)) {
 		list = next->next;
 		MD5auth_setkey(next->keyid, next->keytype,
-			       next->secbuf, next->seclen);
+			       next->secbuf, next->seclen, next->keyacclist);
 		/* purge secrets from memory before free()ing it */
 		memset(next, 0, sizeof(*next) + next->seclen);
 		free(next);
@@ -297,6 +338,14 @@ authreadkeys(
 	/* Mop up temporary storage before bailing out. */
 	while (NULL != (next = list)) {
 		list = next->next;
+
+		while (next->keyacclist) {
+			KeyAccT *kap = next->keyacclist;
+
+			next->keyacclist = kap->next;
+			free(kap);
+		}
+
 		/* purge secrets from memory before free()ing it */
 		memset(next, 0, sizeof(*next) + next->seclen);
 		free(next);
diff --git a/contrib/ntp/libntp/authusekey.c b/contrib/ntp/libntp/authusekey.c
index 0ccf522..ff449d3 100644
--- a/contrib/ntp/libntp/authusekey.c
+++ b/contrib/ntp/libntp/authusekey.c
@@ -29,6 +29,6 @@ authusekey(
 	if (0 == len)
 		return 0;
 
-	MD5auth_setkey(keyno, keytype, str, len);
+	MD5auth_setkey(keyno, keytype, str, len, NULL);
 	return 1;
 }
diff --git a/contrib/ntp/libntp/is_ip_address.c b/contrib/ntp/libntp/is_ip_address.c
new file mode 100644
index 0000000..1f21376
--- /dev/null
+++ b/contrib/ntp/libntp/is_ip_address.c
@@ -0,0 +1,129 @@
+/*
+ * is_ip_address
+ *
+ */
+
+#ifdef HAVE_CONFIG_H
+# include <config.h>
+#endif
+
+#if 0
+#include <stdio.h>
+#include <signal.h>
+#ifdef HAVE_FNMATCH_H
+# include <fnmatch.h>
+# if !defined(FNM_CASEFOLD) && defined(FNM_IGNORECASE)
+#  define FNM_CASEFOLD FNM_IGNORECASE
+# endif
+#endif
+#ifdef HAVE_SYS_PARAM_H
+# include <sys/param.h>
+#endif
+#ifdef HAVE_SYS_IOCTL_H
+# include <sys/ioctl.h>
+#endif
+#ifdef HAVE_SYS_SOCKIO_H	/* UXPV: SIOC* #defines (Frank Vance <fvance@waii.com>) */
+# include <sys/sockio.h>
+#endif
+#ifdef HAVE_SYS_UIO_H
+# include <sys/uio.h>
+#endif
+#endif
+
+#include "ntp_assert.h"
+#include "ntp_stdlib.h"
+#include "safecast.h"
+
+#if 0
+#include "ntp_machine.h"
+#include "ntpd.h"
+#include "ntp_io.h"
+#include "iosignal.h"
+#include "ntp_lists.h"
+#include "ntp_refclock.h"
+#include "ntp_worker.h"
+#include "ntp_request.h"
+#include "timevalops.h"
+#include "timespecops.h"
+#include "ntpd-opts.h"
+#endif
+
+/* Don't include ISC's version of IPv6 variables and structures */
+#define ISC_IPV6_H 1
+#include <isc/mem.h>
+#include <isc/interfaceiter.h>
+#include <isc/netaddr.h>
+#include <isc/result.h>
+#include <isc/sockaddr.h>
+
+
+/*
+ * Code to tell if we have an IP address
+ * If we have then return the sockaddr structure
+ * and set the return value
+ * see the bind9/getaddresses.c for details
+ */
+int
+is_ip_address(
+	const char *	host,
+	u_short		af,
+	sockaddr_u *	addr
+	)
+{
+	struct in_addr in4;
+	struct addrinfo hints;
+	struct addrinfo *result;
+	struct sockaddr_in6 *resaddr6;
+	char tmpbuf[128];
+	char *pch;
+
+	REQUIRE(host != NULL);
+	REQUIRE(addr != NULL);
+
+	ZERO_SOCK(addr);
+
+	/*
+	 * Try IPv4, then IPv6.  In order to handle the extended format
+	 * for IPv6 scoped addresses (address%scope_ID), we'll use a local
+	 * working buffer of 128 bytes.  The length is an ad-hoc value, but
+	 * should be enough for this purpose; the buffer can contain a string
+	 * of at least 80 bytes for scope_ID in addition to any IPv6 numeric
+	 * addresses (up to 46 bytes), the delimiter character and the
+	 * terminating NULL character.
+	 */
+	if (AF_UNSPEC == af || AF_INET == af)
+		if (inet_pton(AF_INET, host, &in4) == 1) {
+			AF(addr) = AF_INET;
+			SET_ADDR4N(addr, in4.s_addr);
+
+			return TRUE;
+		}
+
+	if (AF_UNSPEC == af || AF_INET6 == af)
+		if (sizeof(tmpbuf) > strlen(host)) {
+			if ('[' == host[0]) {
+				strlcpy(tmpbuf, &host[1], sizeof(tmpbuf));
+				pch = strchr(tmpbuf, ']');
+				if (pch != NULL)
+					*pch = '\0';
+			} else {
+				strlcpy(tmpbuf, host, sizeof(tmpbuf));
+			}
+			ZERO(hints);
+			hints.ai_family = AF_INET6;
+			hints.ai_flags |= AI_NUMERICHOST;
+			if (getaddrinfo(tmpbuf, NULL, &hints, &result) == 0) {
+				AF(addr) = AF_INET6;
+				resaddr6 = UA_PTR(struct sockaddr_in6, result->ai_addr);
+				SET_ADDR6N(addr, resaddr6->sin6_addr);
+				SET_SCOPE(addr, resaddr6->sin6_scope_id);
+
+				freeaddrinfo(result);
+				return TRUE;
+			}
+		}
+	/*
+	 * If we got here it was not an IP address
+	 */
+	return FALSE;
+}
diff --git a/contrib/ntp/libntp/ntp_worker.c b/contrib/ntp/libntp/ntp_worker.c
index f5642e1..087f06c 100644
--- a/contrib/ntp/libntp/ntp_worker.c
+++ b/contrib/ntp/libntp/ntp_worker.c
@@ -27,6 +27,8 @@ blocking_child **	blocking_children;
 size_t			blocking_children_alloc;
 int			worker_per_query;	/* boolean */
 int			intres_req_pending;
+volatile u_int		blocking_child_ready_seen;
+volatile u_int		blocking_child_ready_done;
 
 
 #ifndef HAVE_IO_COMPLETION_PORT
@@ -262,6 +264,31 @@ process_blocking_resp(
 		req_child_exit(c);
 }
 
+void
+harvest_blocking_responses(void)
+{
+	int		idx;
+	blocking_child*	cp;
+	u_int		scseen, scdone;
+
+	scseen = blocking_child_ready_seen;
+	scdone = blocking_child_ready_done;
+	if (scdone != scseen) {
+		blocking_child_ready_done = scseen;
+		for (idx = 0; idx < blocking_children_alloc; idx++) {
+			cp = blocking_children[idx];
+			if (NULL == cp)
+				continue;
+			scseen = cp->resp_ready_seen;
+			scdone = cp->resp_ready_done;
+			if (scdone != scseen) {
+				cp->resp_ready_done = scseen;
+				process_blocking_resp(cp);
+			}
+		}
+	}
+}
+
 
 /*
  * blocking_child_common runs as a forked child or a thread
diff --git a/contrib/ntp/libntp/systime.c b/contrib/ntp/libntp/systime.c
index c89d157..29f1e86 100644
--- a/contrib/ntp/libntp/systime.c
+++ b/contrib/ntp/libntp/systime.c
@@ -323,9 +323,18 @@ adj_systime(
 	else
 		quant = 1e-6;
 	ticks = (long)(dtemp / quant + .5);
-	adjtv.tv_usec = (long)(ticks * quant * 1e6);
-	dtemp -= adjtv.tv_usec / 1e6;
-	sys_residual = dtemp;
+	adjtv.tv_usec = (long)(ticks * quant * 1.e6 + .5);
+	/* The rounding in the conversions could us push over the
+	 * limits: make sure the result is properly normalised!
+	 * note: sign comes later, all numbers non-negative here.
+	 */
+	if (adjtv.tv_usec >= 1000000) {
+		adjtv.tv_sec  += 1;
+		adjtv.tv_usec -= 1000000;
+		dtemp         -= 1.;
+	}
+	/* set the new residual with leftover from correction */
+	sys_residual = dtemp - adjtv.tv_usec * 1.e-6;
 
 	/*
 	 * Convert to signed seconds and microseconds for the Unix
diff --git a/contrib/ntp/libntp/work_thread.c b/contrib/ntp/libntp/work_thread.c
index 49e90c1..11e3267 100644
--- a/contrib/ntp/libntp/work_thread.c
+++ b/contrib/ntp/libntp/work_thread.c
@@ -25,13 +25,38 @@
 
 #define CHILD_EXIT_REQ	((blocking_pipe_header *)(intptr_t)-1)
 #define CHILD_GONE_RESP	CHILD_EXIT_REQ
+/* Queue size increments:
+ * The request queue grows a bit faster than the response queue -- the
+ * deamon can push requests and pull results faster on avarage than the
+ * worker can process requests and push results...  If this really pays
+ * off is debatable.
+ */
 #define WORKITEMS_ALLOC_INC	16
 #define RESPONSES_ALLOC_INC	4
 
+/* Fiddle with min/max stack sizes. 64kB minimum seems to work, so we
+ * set the maximum to 256kB. If the minimum goes below the
+ * system-defined minimum stack size, we have to adjust accordingly.
+ */
 #ifndef THREAD_MINSTACKSIZE
-#define THREAD_MINSTACKSIZE	(64U * 1024)
+# define THREAD_MINSTACKSIZE	(64U * 1024)
+#endif
+#ifndef __sun
+#if defined(PTHREAD_STACK_MIN) && THREAD_MINSTACKSIZE < PTHREAD_STACK_MIN
+# undef THREAD_MINSTACKSIZE
+# define THREAD_MINSTACKSIZE PTHREAD_STACK_MIN
+#endif
 #endif
 
+#ifndef THREAD_MAXSTACKSIZE
+# define THREAD_MAXSTACKSIZE	(256U * 1024)
+#endif
+#if THREAD_MAXSTACKSIZE < THREAD_MINSTACKSIZE
+# undef  THREAD_MAXSTACKSIZE
+# define THREAD_MAXSTACKSIZE THREAD_MINSTACKSIZE
+#endif
+
+
 #ifdef SYS_WINNT
 
 # define thread_exit(c)	_endthreadex(c)
@@ -148,15 +173,19 @@ ensure_workitems_empty_slot(
 
 	size_t	new_alloc;
 	size_t  slots_used;
+	size_t	sidx;
 
 	slots_used = c->head_workitem - c->tail_workitem;
 	if (slots_used >= c->workitems_alloc) {
 		new_alloc  = c->workitems_alloc + WORKITEMS_ALLOC_INC;
 		c->workitems = erealloc(c->workitems, new_alloc * each);
+		for (sidx = c->workitems_alloc; sidx < new_alloc; ++sidx)
+		    c->workitems[sidx] = NULL;
 		c->tail_workitem   = 0;
 		c->head_workitem   = c->workitems_alloc;
 		c->workitems_alloc = new_alloc;
 	}
+	INSIST(NULL == c->workitems[c->head_workitem % c->workitems_alloc]);
 	return (0 == slots_used);
 }
 
@@ -180,15 +209,19 @@ ensure_workresp_empty_slot(
 
 	size_t	new_alloc;
 	size_t  slots_used;
+	size_t	sidx;
 
 	slots_used = c->head_response - c->tail_response;
 	if (slots_used >= c->responses_alloc) {
 		new_alloc  = c->responses_alloc + RESPONSES_ALLOC_INC;
 		c->responses = erealloc(c->responses, new_alloc * each);
+		for (sidx = c->responses_alloc; sidx < new_alloc; ++sidx)
+		    c->responses[sidx] = NULL;
 		c->tail_response   = 0;
 		c->head_response   = c->responses_alloc;
 		c->responses_alloc = new_alloc;
 	}
+	INSIST(NULL == c->responses[c->head_response % c->responses_alloc]);
 	return (0 == slots_used);
 }
 
@@ -478,11 +511,11 @@ start_blocking_thread_internal(
 # endif
 	pthread_attr_t	thr_attr;
 	int		rc;
-	int		saved_errno;
 	int		pipe_ends[2];	/* read then write */
 	int		is_pipe;
 	int		flags;
-	size_t		stacksize;
+	size_t		ostacksize;
+	size_t		nstacksize;
 	sigset_t	saved_sig_mask;
 
 	c->thread_ref = NULL;
@@ -522,21 +555,29 @@ start_blocking_thread_internal(
 	pthread_attr_setdetachstate(&thr_attr, PTHREAD_CREATE_DETACHED);
 #if defined(HAVE_PTHREAD_ATTR_GETSTACKSIZE) && \
     defined(HAVE_PTHREAD_ATTR_SETSTACKSIZE)
-	rc = pthread_attr_getstacksize(&thr_attr, &stacksize);
-	if (-1 == rc) {
+	rc = pthread_attr_getstacksize(&thr_attr, &ostacksize);
+	if (0 != rc) {
 		msyslog(LOG_ERR,
-			"start_blocking_thread: pthread_attr_getstacksize %m");
-	} else if (stacksize < THREAD_MINSTACKSIZE) {
-		rc = pthread_attr_setstacksize(&thr_attr,
-					       THREAD_MINSTACKSIZE);
-		if (-1 == rc)
+			"start_blocking_thread: pthread_attr_getstacksize() -> %s",
+			strerror(rc));
+	} else {
+		if (ostacksize < THREAD_MINSTACKSIZE)
+			nstacksize = THREAD_MINSTACKSIZE;
+		else if (ostacksize > THREAD_MAXSTACKSIZE)
+			nstacksize = THREAD_MAXSTACKSIZE;
+		else
+			nstacksize = ostacksize;
+		if (nstacksize != ostacksize)
+			rc = pthread_attr_setstacksize(&thr_attr, nstacksize);
+		if (0 != rc)
 			msyslog(LOG_ERR,
-				"start_blocking_thread: pthread_attr_setstacksize(0x%lx -> 0x%lx) %m",
-				(u_long)stacksize,
-				(u_long)THREAD_MINSTACKSIZE);
+				"start_blocking_thread: pthread_attr_setstacksize(0x%lx -> 0x%lx) -> %s",
+				(u_long)ostacksize, (u_long)nstacksize,
+				strerror(rc));
 	}
 #else
-	UNUSED_ARG(stacksize);
+	UNUSED_ARG(nstacksize);
+	UNUSED_ARG(ostacksize);
 #endif
 #if defined(PTHREAD_SCOPE_SYSTEM) && defined(NEED_PTHREAD_SCOPE_SYSTEM)
 	pthread_attr_setscope(&thr_attr, PTHREAD_SCOPE_SYSTEM);
@@ -545,12 +586,11 @@ start_blocking_thread_internal(
 	block_thread_signals(&saved_sig_mask);
 	rc = pthread_create(&c->thr_table[0], &thr_attr,
 			    &blocking_thread, c);
-	saved_errno = errno;
 	pthread_sigmask(SIG_SETMASK, &saved_sig_mask, NULL);
 	pthread_attr_destroy(&thr_attr);
 	if (0 != rc) {
-		errno = saved_errno;
-		msyslog(LOG_ERR, "pthread_create() blocking child: %m");
+		msyslog(LOG_ERR, "start_blocking_thread: pthread_create() -> %s",
+			strerror(rc));
 		exit(1);
 	}
 	c->thread_ref = &c->thr_table[0];
diff --git a/contrib/ntp/ntpd/invoke-ntp.conf.texi b/contrib/ntp/ntpd/invoke-ntp.conf.texi
index 32b41e6..1d8a621 100644
--- a/contrib/ntp/ntpd/invoke-ntp.conf.texi
+++ b/contrib/ntp/ntpd/invoke-ntp.conf.texi
@@ -6,7 +6,7 @@
 #
 # EDIT THIS FILE WITH CAUTION  (invoke-ntp.conf.texi)
 #
-# It has been AutoGen-ed  January  7, 2016 at 11:30:49 PM by AutoGen 5.18.5
+# It has been AutoGen-ed  January 20, 2016 at 04:17:59 AM by AutoGen 5.18.5
 # From the definitions    ntp.conf.def
 # and the template file   agtexi-file.tpl
 @end ignore
@@ -2294,8 +2294,8 @@ otherwise, should be avoided.
 @item @code{dscp} @kbd{value}
 This option specifies the Differentiated Services Control Point (DSCP) value,
 a 6-bit code.  The default value is 46, signifying Expedited Forwarding.
-@item @code{enable} @code{[@code{auth} | @code{bclient} | @code{calibrate} | @code{kernel} | @code{mode7} | @code{monitor} | @code{ntp} | @code{stats}]}
-@item @code{disable} @code{[@code{auth} | @code{bclient} | @code{calibrate} | @code{kernel} | @code{mode7} | @code{monitor} | @code{ntp} | @code{stats}]}
+@item @code{enable} @code{[@code{auth} | @code{bclient} | @code{calibrate} | @code{kernel} | @code{mode7} | @code{monitor} | @code{ntp} | @code{stats} | @code{unpeer_crypto_early} | @code{unpeer_crypto_nak_early} | @code{unpeer_digest_early}]}
+@item @code{disable} @code{[@code{auth} | @code{bclient} | @code{calibrate} | @code{kernel} | @code{mode7} | @code{monitor} | @code{ntp} | @code{stats} | @code{unpeer_crypto_early} | @code{unpeer_crypto_nak_early} | @code{unpeer_digest_early}]}
 Provides a way to enable or disable various server options.
 Flags not mentioned are unaffected.
 Note that all of these flags
@@ -2367,6 +2367,67 @@ See the
 section for further information.
 The default for this flag is
 @code{disable}.
+@item @code{unpeer_crypto_early}
+By default, if
+@code{ntpd(1ntpdmdoc)}
+receives an autokey packet that fails TEST9,
+a crypto failure,
+the association is immediately cleared.
+This is almost certainly a feature,
+but if, in spite of the current recommendation of not using autokey,
+you are
+.B still
+using autokey
+.B and
+you are seeing this sort of DoS attack
+disabling this flag will delay
+tearing down the association until the reachability counter
+becomes zero.
+You can check your
+@code{peerstats}
+file for evidence of any of these attacks.
+The
+default for this flag is
+@code{enable}.
+@item @code{unpeer_crypto_nak_early}
+By default, if
+@code{ntpd(1ntpdmdoc)}
+receives a crypto-NAK packet that
+passes the duplicate packet and origin timestamp checks
+the association is immediately cleared.
+While this is generally a feature
+as it allows for quick recovery if a server key has changed,
+a properly forged and appropriately delivered crypto-NAK packet
+can be used in a DoS attack.
+If you have active noticable problems with this type of DoS attack
+then you should consider
+disabling this option.
+You can check your
+@code{peerstats}
+file for evidence of any of these attacks.
+The
+default for this flag is
+@code{enable}.
+@item @code{unpeer_digest_early}
+By default, if
+@code{ntpd(1ntpdmdoc)}
+receives what should be an authenticated packet
+that passes other packet sanity checks but
+contains an invalid digest
+the association is immediately cleared.
+While this is generally a feature
+as it allows for quick recovery,
+if this type of packet is carefully forged and sent
+during an appropriate window it can be used for a DoS attack.
+If you have active noticable problems with this type of DoS attack
+then you should consider
+disabling this option.
+You can check your
+@code{peerstats}
+file for evidence of any of these attacks.
+The
+default for this flag is
+@code{enable}.
 @end table
 @item @code{includefile} @kbd{includefile}
 This command allows additional configuration commands
diff --git a/contrib/ntp/ntpd/invoke-ntp.keys.texi b/contrib/ntp/ntpd/invoke-ntp.keys.texi
index b755d97..915044e 100644
--- a/contrib/ntp/ntpd/invoke-ntp.keys.texi
+++ b/contrib/ntp/ntpd/invoke-ntp.keys.texi
@@ -6,7 +6,7 @@
 #
 # EDIT THIS FILE WITH CAUTION  (invoke-ntp.keys.texi)
 #
-# It has been AutoGen-ed  January  7, 2016 at 11:30:52 PM by AutoGen 5.18.5
+# It has been AutoGen-ed  January 20, 2016 at 04:18:02 AM by AutoGen 5.18.5
 # From the definitions    ntp.keys.def
 # and the template file   agtexi-file.tpl
 @end ignore
@@ -37,7 +37,7 @@ as the configuration file.
 Key entries use a fixed format of the form
 
 @example
-@kbd{keyno} @kbd{type} @kbd{key}
+@kbd{keyno} @kbd{type} @kbd{key} @kbd{opt_IP_list}
 @end example
 
 where
@@ -47,7 +47,15 @@ is a positive integer (between 1 and 65534),
 is the message digest algorithm,
 and
 @kbd{key}
-is the key itself.
+is the key itself, and
+@kbd{opt_IP_list}
+is an optional comma-separated list of IPs
+that are allowed to serve time.
+If
+@kbd{opt_IP_list}
+is empty,
+any properly-authenticated server message will be
+accepted.
 
 The
 @kbd{key}
diff --git a/contrib/ntp/ntpd/invoke-ntpd.texi b/contrib/ntp/ntpd/invoke-ntpd.texi
index 66ce19d..50e8f65 100644
--- a/contrib/ntp/ntpd/invoke-ntpd.texi
+++ b/contrib/ntp/ntpd/invoke-ntpd.texi
@@ -6,7 +6,7 @@
 #
 # EDIT THIS FILE WITH CAUTION  (invoke-ntpd.texi)
 #
-# It has been AutoGen-ed  January  7, 2016 at 11:30:54 PM by AutoGen 5.18.5
+# It has been AutoGen-ed  January 20, 2016 at 04:18:04 AM by AutoGen 5.18.5
 # From the definitions    ntpd-opts.def
 # and the template file   agtexi-cmd.tpl
 @end ignore
@@ -142,7 +142,7 @@ with a status code of 0.
 
 @exampleindent 0
 @example
-ntpd - NTP daemon program - Ver. 4.2.8p5
+ntpd - NTP daemon program - Ver. 4.2.8p6
 Usage:  ntpd [ -<flag> [<val>] | --<name>[@{=| @}<val>] ]... \
                 [ <server1> ... <serverN> ]
   Flg Arg Option-Name    Description
diff --git a/contrib/ntp/ntpd/keyword-gen-utd b/contrib/ntp/ntpd/keyword-gen-utd
index 467351b..99c7220 100644
--- a/contrib/ntp/ntpd/keyword-gen-utd
+++ b/contrib/ntp/ntpd/keyword-gen-utd
@@ -1 +1 @@
- *	 Generated 2015-06-25 03:57:00 UTC	  diff_ignore_line
+ *	 Generated 2016-01-16 08:33:03 UTC	  diff_ignore_line
diff --git a/contrib/ntp/ntpd/keyword-gen.c b/contrib/ntp/ntpd/keyword-gen.c
index 42e9497..2e7f621 100644
--- a/contrib/ntp/ntpd/keyword-gen.c
+++ b/contrib/ntp/ntpd/keyword-gen.c
@@ -202,6 +202,9 @@ struct key_tok ntp_keywords[] = {
 { "ntp",		T_Ntp,			FOLLBY_TOKEN },
 { "mode7",		T_Mode7,		FOLLBY_TOKEN },
 { "stats",		T_Stats,		FOLLBY_TOKEN },
+{ "unpeer_crypto_early",	T_UEcrypto,	FOLLBY_TOKEN },
+{ "unpeer_crypto_nak_early",	T_UEcryptonak,	FOLLBY_TOKEN },
+{ "unpeer_digest_early",	T_UEdigest,	FOLLBY_TOKEN },
 /* rlimit_option */
 { "memlock",		T_Memlock,		FOLLBY_TOKEN },
 { "stacksize",		T_Stacksize,		FOLLBY_TOKEN },
diff --git a/contrib/ntp/ntpd/ntp.conf.5man b/contrib/ntp/ntpd/ntp.conf.5man
index 6e6aa32..1e5e464 100644
--- a/contrib/ntp/ntpd/ntp.conf.5man
+++ b/contrib/ntp/ntpd/ntp.conf.5man
@@ -10,11 +10,11 @@
 .ds B-Font B
 .ds I-Font I
 .ds R-Font R
-.TH ntp.conf 5man "07 Jan 2016" "4.2.8p5" "File Formats"
+.TH ntp.conf 5man "20 Jan 2016" "4.2.8p6" "File Formats"
 .\"
-.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-8qayqp/ag-Vraqpp)
+.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-gsaOxR/ag-XsaGwR)
 .\"
-.\" It has been AutoGen-ed January 7, 2016 at 11:30:35 PM by AutoGen 5.18.5
+.\" It has been AutoGen-ed January 20, 2016 at 04:17:45 AM by AutoGen 5.18.5
 .\" From the definitions ntp.conf.def
 .\" and the template file agman-cmd.tpl
 .SH NAME
@@ -2573,9 +2573,9 @@ otherwise, should be avoided.
 This option specifies the Differentiated Services Control Point (DSCP) value,
 a 6-bit code.  The default value is 46, signifying Expedited Forwarding.
 .TP 7
-.NOP \f\*[B-Font]enable\f[] [\f\*[B-Font]auth\f[] | \f\*[B-Font]bclient\f[] | \f\*[B-Font]calibrate\f[] | \f\*[B-Font]kernel\f[] | \f\*[B-Font]mode7\f[] | \f\*[B-Font]monitor\f[] | \f\*[B-Font]ntp\f[] | \f\*[B-Font]stats\f[]]
+.NOP \f\*[B-Font]enable\f[] [\f\*[B-Font]auth\f[] | \f\*[B-Font]bclient\f[] | \f\*[B-Font]calibrate\f[] | \f\*[B-Font]kernel\f[] | \f\*[B-Font]mode7\f[] | \f\*[B-Font]monitor\f[] | \f\*[B-Font]ntp\f[] | \f\*[B-Font]stats\f[] | \f\*[B-Font]unpeer_crypto_early\f[] | \f\*[B-Font]unpeer_crypto_nak_early\f[] | \f\*[B-Font]unpeer_digest_early\f[]]
 .TP 7
-.NOP \f\*[B-Font]disable\f[] [\f\*[B-Font]auth\f[] | \f\*[B-Font]bclient\f[] | \f\*[B-Font]calibrate\f[] | \f\*[B-Font]kernel\f[] | \f\*[B-Font]mode7\f[] | \f\*[B-Font]monitor\f[] | \f\*[B-Font]ntp\f[] | \f\*[B-Font]stats\f[]]
+.NOP \f\*[B-Font]disable\f[] [\f\*[B-Font]auth\f[] | \f\*[B-Font]bclient\f[] | \f\*[B-Font]calibrate\f[] | \f\*[B-Font]kernel\f[] | \f\*[B-Font]mode7\f[] | \f\*[B-Font]monitor\f[] | \f\*[B-Font]ntp\f[] | \f\*[B-Font]stats\f[] | \f\*[B-Font]unpeer_crypto_early\f[] | \f\*[B-Font]unpeer_crypto_nak_early\f[] | \f\*[B-Font]unpeer_digest_early\f[]]
 Provides a way to enable or disable various server options.
 Flags not mentioned are unaffected.
 Note that all of these flags
@@ -2655,6 +2655,70 @@ See the
 section for further information.
 The default for this flag is
 \f\*[B-Font]disable\f[].
+.TP 7
+.NOP \f\*[B-Font]unpeer_crypto_early\f[]
+By default, if
+\fCntpd\f[]\fR(1ntpdmdoc)\f[]
+receives an autokey packet that fails TEST9,
+a crypto failure,
+the association is immediately cleared.
+This is almost certainly a feature,
+but if, in spite of the current recommendation of not using autokey,
+you are
+.B still
+using autokey
+.B and
+you are seeing this sort of DoS attack
+disabling this flag will delay
+tearing down the association until the reachability counter
+becomes zero.
+You can check your
+\f\*[B-Font]peerstats\f[]
+file for evidence of any of these attacks.
+The
+default for this flag is
+\f\*[B-Font]enable\f[].
+.TP 7
+.NOP \f\*[B-Font]unpeer_crypto_nak_early\f[]
+By default, if
+\fCntpd\f[]\fR(1ntpdmdoc)\f[]
+receives a crypto-NAK packet that
+passes the duplicate packet and origin timestamp checks
+the association is immediately cleared.
+While this is generally a feature
+as it allows for quick recovery if a server key has changed,
+a properly forged and appropriately delivered crypto-NAK packet
+can be used in a DoS attack.
+If you have active noticable problems with this type of DoS attack
+then you should consider
+disabling this option.
+You can check your
+\f\*[B-Font]peerstats\f[]
+file for evidence of any of these attacks.
+The
+default for this flag is
+\f\*[B-Font]enable\f[].
+.TP 7
+.NOP \f\*[B-Font]unpeer_digest_early\f[]
+By default, if
+\fCntpd\f[]\fR(1ntpdmdoc)\f[]
+receives what should be an authenticated packet
+that passes other packet sanity checks but
+contains an invalid digest
+the association is immediately cleared.
+While this is generally a feature
+as it allows for quick recovery,
+if this type of packet is carefully forged and sent
+during an appropriate window it can be used for a DoS attack.
+If you have active noticable problems with this type of DoS attack
+then you should consider
+disabling this option.
+You can check your
+\f\*[B-Font]peerstats\f[]
+file for evidence of any of these attacks.
+The
+default for this flag is
+\f\*[B-Font]enable\f[].
 .RE
 .TP 7
 .NOP \f\*[B-Font]includefile\f[] \f\*[I-Font]includefile\f[]
@@ -3027,7 +3091,7 @@ RFC5905
 .SH "AUTHORS"
 The University of Delaware and Network Time Foundation
 .SH "COPYRIGHT"
-Copyright (C) 1992-2015 The University of Delaware and Network Time Foundation all rights reserved.
+Copyright (C) 1992-2016 The University of Delaware and Network Time Foundation all rights reserved.
 This program is released under the terms of the NTP license, <http://ntp.org/license>.
 .SH BUGS
 The syntax checking is not picky; some combinations of
diff --git a/contrib/ntp/ntpd/ntp.conf.5mdoc b/contrib/ntp/ntpd/ntp.conf.5mdoc
index 800e995..f2b418b 100644
--- a/contrib/ntp/ntpd/ntp.conf.5mdoc
+++ b/contrib/ntp/ntpd/ntp.conf.5mdoc
@@ -1,9 +1,9 @@
-.Dd January 7 2016
+.Dd January 20 2016
 .Dt NTP_CONF 5mdoc File Formats
 .Os
 .\"  EDIT THIS FILE WITH CAUTION  (ntp.mdoc)
 .\"
-.\"  It has been AutoGen-ed  January  7, 2016 at 11:30:57 PM by AutoGen 5.18.5
+.\"  It has been AutoGen-ed  January 20, 2016 at 04:18:07 AM by AutoGen 5.18.5
 .\"  From the definitions    ntp.conf.def
 .\"  and the template file   agmdoc-cmd.tpl
 .Sh NAME
@@ -2393,16 +2393,18 @@ a 6\-bit code.  The default value is 46, signifying Expedited Forwarding.
 .Oo
 .Cm auth | Cm bclient |
 .Cm calibrate | Cm kernel |
-.Cm mode7 | monitor |
-.Cm ntp | Cm stats
+.Cm mode7 | Cm monitor |
+.Cm ntp | Cm stats |
+.Cm unpeer_crypto_early | Cm unpeer_crypto_nak_early | Cm unpeer_digest_early
 .Oc
 .Xc
 .It Xo Ic disable
 .Oo
 .Cm auth | Cm bclient |
 .Cm calibrate | Cm kernel |
-.Cm mode7 | monitor |
-.Cm ntp | Cm stats
+.Cm mode7 | Cm monitor |
+.Cm ntp | Cm stats |
+.Cm unpeer_crypto_early | Cm unpeer_crypto_nak_early | Cm unpeer_digest_early
 .Oc
 .Xc
 Provides a way to enable or disable various server options.
@@ -2476,6 +2478,67 @@ See the
 section for further information.
 The default for this flag is
 .Ic disable .
+.It Cm unpeer_crypto_early
+By default, if
+.Xr ntpd 1ntpdmdoc
+receives an autokey packet that fails TEST9,
+a crypto failure,
+the association is immediately cleared.
+This is almost certainly a feature,
+but if, in spite of the current recommendation of not using autokey,
+you are
+.B still
+using autokey
+.B and
+you are seeing this sort of DoS attack
+disabling this flag will delay
+tearing down the association until the reachability counter
+becomes zero.
+You can check your
+.Cm peerstats
+file for evidence of any of these attacks.
+The
+default for this flag is
+.Ic enable .
+.It Cm unpeer_crypto_nak_early
+By default, if
+.Xr ntpd 1ntpdmdoc
+receives a crypto\-NAK packet that
+passes the duplicate packet and origin timestamp checks
+the association is immediately cleared.
+While this is generally a feature
+as it allows for quick recovery if a server key has changed,
+a properly forged and appropriately delivered crypto\-NAK packet
+can be used in a DoS attack.
+If you have active noticable problems with this type of DoS attack
+then you should consider
+disabling this option.
+You can check your
+.Cm peerstats
+file for evidence of any of these attacks.
+The
+default for this flag is
+.Ic enable .
+.It Cm unpeer_digest_early
+By default, if
+.Xr ntpd 1ntpdmdoc
+receives what should be an authenticated packet
+that passes other packet sanity checks but
+contains an invalid digest
+the association is immediately cleared.
+While this is generally a feature
+as it allows for quick recovery,
+if this type of packet is carefully forged and sent
+during an appropriate window it can be used for a DoS attack.
+If you have active noticable problems with this type of DoS attack
+then you should consider
+disabling this option.
+You can check your
+.Cm peerstats
+file for evidence of any of these attacks.
+The
+default for this flag is
+.Ic enable .
 .El
 .It Ic includefile Ar includefile
 This command allows additional configuration commands
@@ -2834,7 +2897,7 @@ A snapshot of this documentation is available in HTML format in
 .Sh "AUTHORS"
 The University of Delaware and Network Time Foundation
 .Sh "COPYRIGHT"
-Copyright (C) 1992\-2015 The University of Delaware and Network Time Foundation all rights reserved.
+Copyright (C) 1992\-2016 The University of Delaware and Network Time Foundation all rights reserved.
 This program is released under the terms of the NTP license, <http://ntp.org/license>.
 .Sh BUGS
 The syntax checking is not picky; some combinations of
diff --git a/contrib/ntp/ntpd/ntp.conf.def b/contrib/ntp/ntpd/ntp.conf.def
index 43835bc..25d9fd0 100644
--- a/contrib/ntp/ntpd/ntp.conf.def
+++ b/contrib/ntp/ntpd/ntp.conf.def
@@ -2395,16 +2395,18 @@ a 6-bit code.  The default value is 46, signifying Expedited Forwarding.
 .Oo
 .Cm auth | Cm bclient |
 .Cm calibrate | Cm kernel |
-.Cm mode7 | monitor |
-.Cm ntp | Cm stats
+.Cm mode7 | Cm monitor |
+.Cm ntp | Cm stats |
+.Cm unpeer_crypto_early | Cm unpeer_crypto_nak_early | Cm unpeer_digest_early
 .Oc
 .Xc
 .It Xo Ic disable
 .Oo
 .Cm auth | Cm bclient |
 .Cm calibrate | Cm kernel |
-.Cm mode7 | monitor |
-.Cm ntp | Cm stats
+.Cm mode7 | Cm monitor |
+.Cm ntp | Cm stats |
+.Cm unpeer_crypto_early | Cm unpeer_crypto_nak_early | Cm unpeer_digest_early
 .Oc
 .Xc
 Provides a way to enable or disable various server options.
@@ -2478,6 +2480,67 @@ See the
 section for further information.
 The default for this flag is
 .Ic disable .
+.It Cm unpeer_crypto_early
+By default, if
+.Xr ntpd 1ntpdmdoc
+receives an autokey packet that fails TEST9,
+a crypto failure,
+the association is immediately cleared.
+This is almost certainly a feature,
+but if, in spite of the current recommendation of not using autokey,
+you are
+.B still
+using autokey
+.B and
+you are seeing this sort of DoS attack
+disabling this flag will delay
+tearing down the association until the reachability counter
+becomes zero.
+You can check your
+.Cm peerstats
+file for evidence of any of these attacks.
+The
+default for this flag is
+.Ic enable .
+.It Cm unpeer_crypto_nak_early
+By default, if
+.Xr ntpd 1ntpdmdoc
+receives a crypto-NAK packet that
+passes the duplicate packet and origin timestamp checks
+the association is immediately cleared.
+While this is generally a feature
+as it allows for quick recovery if a server key has changed,
+a properly forged and appropriately delivered crypto-NAK packet
+can be used in a DoS attack.
+If you have active noticable problems with this type of DoS attack
+then you should consider
+disabling this option.
+You can check your
+.Cm peerstats
+file for evidence of any of these attacks.
+The
+default for this flag is
+.Ic enable .
+.It Cm unpeer_digest_early
+By default, if
+.Xr ntpd 1ntpdmdoc
+receives what should be an authenticated packet
+that passes other packet sanity checks but
+contains an invalid digest
+the association is immediately cleared.
+While this is generally a feature
+as it allows for quick recovery,
+if this type of packet is carefully forged and sent
+during an appropriate window it can be used for a DoS attack.
+If you have active noticable problems with this type of DoS attack
+then you should consider
+disabling this option.
+You can check your
+.Cm peerstats
+file for evidence of any of these attacks.
+The
+default for this flag is
+.Ic enable .
 .El
 .It Ic includefile Ar includefile
 This command allows additional configuration commands
diff --git a/contrib/ntp/ntpd/ntp.conf.html b/contrib/ntp/ntpd/ntp.conf.html
index d10a88d..c50f0e1 100644
--- a/contrib/ntp/ntpd/ntp.conf.html
+++ b/contrib/ntp/ntpd/ntp.conf.html
@@ -33,7 +33,7 @@ Up:&nbsp;<a rel="up" accesskey="u" href="#dir">(dir)</a>
 <p>This document describes the configuration file for the NTP Project's
 <code>ntpd</code> program.
 
-  <p>This document applies to version 4.2.8p5 of <code>ntp.conf</code>.
+  <p>This document applies to version 4.2.8p6 of <code>ntp.conf</code>.
 
   <div class="shortcontents">
 <h2>Short Contents</h2>
@@ -2288,7 +2288,7 @@ drift file is located in, and that file system links, symbolic or
 otherwise, should be avoided. 
 <br><dt><code>dscp</code> <kbd>value</kbd><dd>This option specifies the Differentiated Services Control Point (DSCP) value,
 a 6-bit code.  The default value is 46, signifying Expedited Forwarding. 
-<br><dt><code>enable</code> <code>[auth | bclient | calibrate | kernel | mode7 | monitor | ntp | stats]</code><br><dt><code>disable</code> <code>[auth | bclient | calibrate | kernel | mode7 | monitor | ntp | stats]</code><dd>Provides a way to enable or disable various server options. 
+<br><dt><code>enable</code> <code>[auth | bclient | calibrate | kernel | mode7 | monitor | ntp | stats | unpeer_crypto_early | unpeer_crypto_nak_early | unpeer_digest_early]</code><br><dt><code>disable</code> <code>[auth | bclient | calibrate | kernel | mode7 | monitor | ntp | stats | unpeer_crypto_early | unpeer_crypto_nak_early | unpeer_digest_early]</code><dd>Provides a way to enable or disable various server options. 
 Flags not mentioned are unaffected. 
 Note that all of these flags
 can be controlled remotely using the
@@ -2351,6 +2351,64 @@ See the
 section for further information. 
 The default for this flag is
 <code>disable</code>. 
+<br><dt><code>unpeer_crypto_early</code><dd>By default, if
+<code>ntpd(1ntpdmdoc)</code>
+receives an autokey packet that fails TEST9,
+a crypto failure,
+the association is immediately cleared. 
+This is almost certainly a feature,
+but if, in spite of the current recommendation of not using autokey,
+you are
+.B still
+using autokey
+.B and
+you are seeing this sort of DoS attack
+disabling this flag will delay
+tearing down the association until the reachability counter
+becomes zero. 
+You can check your
+<code>peerstats</code>
+file for evidence of any of these attacks. 
+The
+default for this flag is
+<code>enable</code>. 
+<br><dt><code>unpeer_crypto_nak_early</code><dd>By default, if
+<code>ntpd(1ntpdmdoc)</code>
+receives a crypto-NAK packet that
+passes the duplicate packet and origin timestamp checks
+the association is immediately cleared. 
+While this is generally a feature
+as it allows for quick recovery if a server key has changed,
+a properly forged and appropriately delivered crypto-NAK packet
+can be used in a DoS attack. 
+If you have active noticable problems with this type of DoS attack
+then you should consider
+disabling this option. 
+You can check your
+<code>peerstats</code>
+file for evidence of any of these attacks. 
+The
+default for this flag is
+<code>enable</code>. 
+<br><dt><code>unpeer_digest_early</code><dd>By default, if
+<code>ntpd(1ntpdmdoc)</code>
+receives what should be an authenticated packet
+that passes other packet sanity checks but
+contains an invalid digest
+the association is immediately cleared. 
+While this is generally a feature
+as it allows for quick recovery,
+if this type of packet is carefully forged and sent
+during an appropriate window it can be used for a DoS attack. 
+If you have active noticable problems with this type of DoS attack
+then you should consider
+disabling this option. 
+You can check your
+<code>peerstats</code>
+file for evidence of any of these attacks. 
+The
+default for this flag is
+<code>enable</code>. 
 </dl>
      <br><dt><code>includefile</code> <kbd>includefile</kbd><dd>This command allows additional configuration commands
 to be included from a separate file. 
diff --git a/contrib/ntp/ntpd/ntp.conf.man.in b/contrib/ntp/ntpd/ntp.conf.man.in
index f701b41..7a5b750 100644
--- a/contrib/ntp/ntpd/ntp.conf.man.in
+++ b/contrib/ntp/ntpd/ntp.conf.man.in
@@ -10,11 +10,11 @@
 .ds B-Font B
 .ds I-Font I
 .ds R-Font R
-.TH ntp.conf 5 "07 Jan 2016" "4.2.8p5" "File Formats"
+.TH ntp.conf 5 "20 Jan 2016" "4.2.8p6" "File Formats"
 .\"
-.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-8qayqp/ag-Vraqpp)
+.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-gsaOxR/ag-XsaGwR)
 .\"
-.\" It has been AutoGen-ed January 7, 2016 at 11:30:35 PM by AutoGen 5.18.5
+.\" It has been AutoGen-ed January 20, 2016 at 04:17:45 AM by AutoGen 5.18.5
 .\" From the definitions ntp.conf.def
 .\" and the template file agman-cmd.tpl
 .SH NAME
@@ -2573,9 +2573,9 @@ otherwise, should be avoided.
 This option specifies the Differentiated Services Control Point (DSCP) value,
 a 6-bit code.  The default value is 46, signifying Expedited Forwarding.
 .TP 7
-.NOP \f\*[B-Font]enable\f[] [\f\*[B-Font]auth\f[] | \f\*[B-Font]bclient\f[] | \f\*[B-Font]calibrate\f[] | \f\*[B-Font]kernel\f[] | \f\*[B-Font]mode7\f[] | \f\*[B-Font]monitor\f[] | \f\*[B-Font]ntp\f[] | \f\*[B-Font]stats\f[]]
+.NOP \f\*[B-Font]enable\f[] [\f\*[B-Font]auth\f[] | \f\*[B-Font]bclient\f[] | \f\*[B-Font]calibrate\f[] | \f\*[B-Font]kernel\f[] | \f\*[B-Font]mode7\f[] | \f\*[B-Font]monitor\f[] | \f\*[B-Font]ntp\f[] | \f\*[B-Font]stats\f[] | \f\*[B-Font]unpeer_crypto_early\f[] | \f\*[B-Font]unpeer_crypto_nak_early\f[] | \f\*[B-Font]unpeer_digest_early\f[]]
 .TP 7
-.NOP \f\*[B-Font]disable\f[] [\f\*[B-Font]auth\f[] | \f\*[B-Font]bclient\f[] | \f\*[B-Font]calibrate\f[] | \f\*[B-Font]kernel\f[] | \f\*[B-Font]mode7\f[] | \f\*[B-Font]monitor\f[] | \f\*[B-Font]ntp\f[] | \f\*[B-Font]stats\f[]]
+.NOP \f\*[B-Font]disable\f[] [\f\*[B-Font]auth\f[] | \f\*[B-Font]bclient\f[] | \f\*[B-Font]calibrate\f[] | \f\*[B-Font]kernel\f[] | \f\*[B-Font]mode7\f[] | \f\*[B-Font]monitor\f[] | \f\*[B-Font]ntp\f[] | \f\*[B-Font]stats\f[] | \f\*[B-Font]unpeer_crypto_early\f[] | \f\*[B-Font]unpeer_crypto_nak_early\f[] | \f\*[B-Font]unpeer_digest_early\f[]]
 Provides a way to enable or disable various server options.
 Flags not mentioned are unaffected.
 Note that all of these flags
@@ -2655,6 +2655,70 @@ See the
 section for further information.
 The default for this flag is
 \f\*[B-Font]disable\f[].
+.TP 7
+.NOP \f\*[B-Font]unpeer_crypto_early\f[]
+By default, if
+\fCntpd\f[]\fR(@NTPD_MS@)\f[]
+receives an autokey packet that fails TEST9,
+a crypto failure,
+the association is immediately cleared.
+This is almost certainly a feature,
+but if, in spite of the current recommendation of not using autokey,
+you are
+.B still
+using autokey
+.B and
+you are seeing this sort of DoS attack
+disabling this flag will delay
+tearing down the association until the reachability counter
+becomes zero.
+You can check your
+\f\*[B-Font]peerstats\f[]
+file for evidence of any of these attacks.
+The
+default for this flag is
+\f\*[B-Font]enable\f[].
+.TP 7
+.NOP \f\*[B-Font]unpeer_crypto_nak_early\f[]
+By default, if
+\fCntpd\f[]\fR(@NTPD_MS@)\f[]
+receives a crypto-NAK packet that
+passes the duplicate packet and origin timestamp checks
+the association is immediately cleared.
+While this is generally a feature
+as it allows for quick recovery if a server key has changed,
+a properly forged and appropriately delivered crypto-NAK packet
+can be used in a DoS attack.
+If you have active noticable problems with this type of DoS attack
+then you should consider
+disabling this option.
+You can check your
+\f\*[B-Font]peerstats\f[]
+file for evidence of any of these attacks.
+The
+default for this flag is
+\f\*[B-Font]enable\f[].
+.TP 7
+.NOP \f\*[B-Font]unpeer_digest_early\f[]
+By default, if
+\fCntpd\f[]\fR(@NTPD_MS@)\f[]
+receives what should be an authenticated packet
+that passes other packet sanity checks but
+contains an invalid digest
+the association is immediately cleared.
+While this is generally a feature
+as it allows for quick recovery,
+if this type of packet is carefully forged and sent
+during an appropriate window it can be used for a DoS attack.
+If you have active noticable problems with this type of DoS attack
+then you should consider
+disabling this option.
+You can check your
+\f\*[B-Font]peerstats\f[]
+file for evidence of any of these attacks.
+The
+default for this flag is
+\f\*[B-Font]enable\f[].
 .RE
 .TP 7
 .NOP \f\*[B-Font]includefile\f[] \f\*[I-Font]includefile\f[]
@@ -3027,7 +3091,7 @@ RFC5905
 .SH "AUTHORS"
 The University of Delaware and Network Time Foundation
 .SH "COPYRIGHT"
-Copyright (C) 1992-2015 The University of Delaware and Network Time Foundation all rights reserved.
+Copyright (C) 1992-2016 The University of Delaware and Network Time Foundation all rights reserved.
 This program is released under the terms of the NTP license, <http://ntp.org/license>.
 .SH BUGS
 The syntax checking is not picky; some combinations of
diff --git a/contrib/ntp/ntpd/ntp.conf.mdoc.in b/contrib/ntp/ntpd/ntp.conf.mdoc.in
index 7ad4cc1..fe85d85 100644
--- a/contrib/ntp/ntpd/ntp.conf.mdoc.in
+++ b/contrib/ntp/ntpd/ntp.conf.mdoc.in
@@ -1,9 +1,9 @@
-.Dd January 7 2016
+.Dd January 20 2016
 .Dt NTP_CONF 5 File Formats
 .Os
 .\"  EDIT THIS FILE WITH CAUTION  (ntp.mdoc)
 .\"
-.\"  It has been AutoGen-ed  January  7, 2016 at 11:30:57 PM by AutoGen 5.18.5
+.\"  It has been AutoGen-ed  January 20, 2016 at 04:18:07 AM by AutoGen 5.18.5
 .\"  From the definitions    ntp.conf.def
 .\"  and the template file   agmdoc-cmd.tpl
 .Sh NAME
@@ -2393,16 +2393,18 @@ a 6\-bit code.  The default value is 46, signifying Expedited Forwarding.
 .Oo
 .Cm auth | Cm bclient |
 .Cm calibrate | Cm kernel |
-.Cm mode7 | monitor |
-.Cm ntp | Cm stats
+.Cm mode7 | Cm monitor |
+.Cm ntp | Cm stats |
+.Cm unpeer_crypto_early | Cm unpeer_crypto_nak_early | Cm unpeer_digest_early
 .Oc
 .Xc
 .It Xo Ic disable
 .Oo
 .Cm auth | Cm bclient |
 .Cm calibrate | Cm kernel |
-.Cm mode7 | monitor |
-.Cm ntp | Cm stats
+.Cm mode7 | Cm monitor |
+.Cm ntp | Cm stats |
+.Cm unpeer_crypto_early | Cm unpeer_crypto_nak_early | Cm unpeer_digest_early
 .Oc
 .Xc
 Provides a way to enable or disable various server options.
@@ -2476,6 +2478,67 @@ See the
 section for further information.
 The default for this flag is
 .Ic disable .
+.It Cm unpeer_crypto_early
+By default, if
+.Xr ntpd @NTPD_MS@
+receives an autokey packet that fails TEST9,
+a crypto failure,
+the association is immediately cleared.
+This is almost certainly a feature,
+but if, in spite of the current recommendation of not using autokey,
+you are
+.B still
+using autokey
+.B and
+you are seeing this sort of DoS attack
+disabling this flag will delay
+tearing down the association until the reachability counter
+becomes zero.
+You can check your
+.Cm peerstats
+file for evidence of any of these attacks.
+The
+default for this flag is
+.Ic enable .
+.It Cm unpeer_crypto_nak_early
+By default, if
+.Xr ntpd @NTPD_MS@
+receives a crypto\-NAK packet that
+passes the duplicate packet and origin timestamp checks
+the association is immediately cleared.
+While this is generally a feature
+as it allows for quick recovery if a server key has changed,
+a properly forged and appropriately delivered crypto\-NAK packet
+can be used in a DoS attack.
+If you have active noticable problems with this type of DoS attack
+then you should consider
+disabling this option.
+You can check your
+.Cm peerstats
+file for evidence of any of these attacks.
+The
+default for this flag is
+.Ic enable .
+.It Cm unpeer_digest_early
+By default, if
+.Xr ntpd @NTPD_MS@
+receives what should be an authenticated packet
+that passes other packet sanity checks but
+contains an invalid digest
+the association is immediately cleared.
+While this is generally a feature
+as it allows for quick recovery,
+if this type of packet is carefully forged and sent
+during an appropriate window it can be used for a DoS attack.
+If you have active noticable problems with this type of DoS attack
+then you should consider
+disabling this option.
+You can check your
+.Cm peerstats
+file for evidence of any of these attacks.
+The
+default for this flag is
+.Ic enable .
 .El
 .It Ic includefile Ar includefile
 This command allows additional configuration commands
@@ -2834,7 +2897,7 @@ A snapshot of this documentation is available in HTML format in
 .Sh "AUTHORS"
 The University of Delaware and Network Time Foundation
 .Sh "COPYRIGHT"
-Copyright (C) 1992\-2015 The University of Delaware and Network Time Foundation all rights reserved.
+Copyright (C) 1992\-2016 The University of Delaware and Network Time Foundation all rights reserved.
 This program is released under the terms of the NTP license, <http://ntp.org/license>.
 .Sh BUGS
 The syntax checking is not picky; some combinations of
diff --git a/contrib/ntp/ntpd/ntp.keys.5man b/contrib/ntp/ntpd/ntp.keys.5man
index bb0028b..6d270b6 100644
--- a/contrib/ntp/ntpd/ntp.keys.5man
+++ b/contrib/ntp/ntpd/ntp.keys.5man
@@ -1,8 +1,8 @@
-.TH ntp.keys 5man "07 Jan 2016" "4.2.8p5" "File Formats"
+.TH ntp.keys 5man "20 Jan 2016" "4.2.8p6" "File Formats"
 .\"
 .\"  EDIT THIS FILE WITH CAUTION  (ntp.man)
 .\"
-.\"  It has been AutoGen-ed  January  7, 2016 at 11:30:41 PM by AutoGen 5.18.5
+.\"  It has been AutoGen-ed  January 20, 2016 at 04:17:51 AM by AutoGen 5.18.5
 .\"  From the definitions    ntp.keys.def
 .\"  and the template file   agman-file.tpl
 .Sh NAME
@@ -66,7 +66,7 @@ Key entries use a fixed format of the form
 .ne 2
 
 .in +4
-\f\*[I-Font]keyno\f[] \f\*[I-Font]type\f[] \f\*[I-Font]key\f[]
+\f\*[I-Font]keyno\f[] \f\*[I-Font]type\f[] \f\*[I-Font]key\f[] \f\*[I-Font]opt_IP_list\f[]
 .in -4
 .sp \n(Ppu
 .ne 2
@@ -78,7 +78,15 @@ is a positive integer (between 1 and 65534),
 is the message digest algorithm,
 and
 \f\*[I-Font]key\f[]
-is the key itself.
+is the key itself, and
+\f\*[I-Font]opt_IP_list\f[]
+is an optional comma-separated list of IPs
+that are allowed to serve time.
+If
+\f\*[I-Font]opt_IP_list\f[]
+is empty,
+any properly-authenticated server message will be
+accepted.
 .sp \n(Ppu
 .ne 2
 
@@ -160,7 +168,7 @@ the default name of the configuration file
 .SH "AUTHORS"
 The University of Delaware and Network Time Foundation
 .SH "COPYRIGHT"
-Copyright (C) 1992-2015 The University of Delaware and Network Time Foundation all rights reserved.
+Copyright (C) 1992-2016 The University of Delaware and Network Time Foundation all rights reserved.
 This program is released under the terms of the NTP license, <http://ntp.org/license>.
 .SH "BUGS"
 Please send bug reports to: http://bugs.ntp.org, bugs@ntp.org
diff --git a/contrib/ntp/ntpd/ntp.keys.5mdoc b/contrib/ntp/ntpd/ntp.keys.5mdoc
index 9524989..6091e09 100644
--- a/contrib/ntp/ntpd/ntp.keys.5mdoc
+++ b/contrib/ntp/ntpd/ntp.keys.5mdoc
@@ -1,9 +1,9 @@
-.Dd January 7 2016
+.Dd January 20 2016
 .Dt NTP_KEYS 5mdoc File Formats
 .Os SunOS 5.10
 .\"  EDIT THIS FILE WITH CAUTION  (ntp.mdoc)
 .\"
-.\"  It has been AutoGen-ed  January  7, 2016 at 11:31:00 PM by AutoGen 5.18.5
+.\"  It has been AutoGen-ed  January 20, 2016 at 04:18:10 AM by AutoGen 5.18.5
 .\"  From the definitions    ntp.keys.def
 .\"  and the template file   agmdoc-file.tpl
 .Sh NAME
@@ -44,7 +44,7 @@ The key file uses the same comment conventions
 as the configuration file.
 Key entries use a fixed format of the form
 .Pp
-.D1 Ar keyno type key
+.D1 Ar keyno type key opt_IP_list
 .Pp
 where
 .Ar keyno
@@ -53,7 +53,15 @@ is a positive integer (between 1 and 65534),
 is the message digest algorithm,
 and
 .Ar key
-is the key itself.
+is the key itself, and
+.Ar opt_IP_list
+is an optional comma\-separated list of IPs
+that are allowed to serve time.
+If
+.Ar opt_IP_list
+is empty,
+any properly\-authenticated server message will be
+accepted.
 .Pp
 The
 .Ar key
@@ -147,7 +155,7 @@ it to autogen\-users@lists.sourceforge.net.  Thank you.
 .Sh "AUTHORS"
 The University of Delaware and Network Time Foundation
 .Sh "COPYRIGHT"
-Copyright (C) 1992\-2015 The University of Delaware and Network Time Foundation all rights reserved.
+Copyright (C) 1992\-2016 The University of Delaware and Network Time Foundation all rights reserved.
 This program is released under the terms of the NTP license, <http://ntp.org/license>.
 .Sh "BUGS"
 Please send bug reports to: http://bugs.ntp.org, bugs@ntp.org
diff --git a/contrib/ntp/ntpd/ntp.keys.def b/contrib/ntp/ntpd/ntp.keys.def
index dcb3d55..efe774c 100644
--- a/contrib/ntp/ntpd/ntp.keys.def
+++ b/contrib/ntp/ntpd/ntp.keys.def
@@ -43,7 +43,7 @@ The key file uses the same comment conventions
 as the configuration file.
 Key entries use a fixed format of the form
 .Pp
-.D1 Ar keyno type key
+.D1 Ar keyno type key opt_IP_list
 .Pp
 where
 .Ar keyno
@@ -52,7 +52,15 @@ is a positive integer (between 1 and 65534),
 is the message digest algorithm,
 and
 .Ar key
-is the key itself.
+is the key itself, and
+.Ar opt_IP_list
+is an optional comma-separated list of IPs
+that are allowed to serve time.
+If
+.Ar opt_IP_list
+is empty,
+any properly-authenticated server message will be
+accepted.
 .Pp
 The
 .Ar key
diff --git a/contrib/ntp/ntpd/ntp.keys.html b/contrib/ntp/ntpd/ntp.keys.html
index 738f9e0..409e7fc 100644
--- a/contrib/ntp/ntpd/ntp.keys.html
+++ b/contrib/ntp/ntpd/ntp.keys.html
@@ -33,7 +33,7 @@ Up:&nbsp;<a rel="up" accesskey="u" href="#dir">(dir)</a>
 <p>This document describes the symmetric key file for the NTP Project's
 <code>ntpd</code> program.
 
-  <p>This document applies to version 4.2.8p5 of <code>ntp.keys</code>.
+  <p>This document applies to version 4.2.8p6 of <code>ntp.keys</code>.
 
   <div class="shortcontents">
 <h2>Short Contents</h2>
@@ -93,7 +93,7 @@ may be arbitrarily set in the keys file.
 as the configuration file. 
 Key entries use a fixed format of the form
 
-<pre class="example">     <kbd>keyno</kbd> <kbd>type</kbd> <kbd>key</kbd>
+<pre class="example">     <kbd>keyno</kbd> <kbd>type</kbd> <kbd>key</kbd> <kbd>opt_IP_list</kbd>
 </pre>
   <p>where
 <kbd>keyno</kbd>
@@ -102,7 +102,15 @@ is a positive integer (between 1 and 65534),
 is the message digest algorithm,
 and
 <kbd>key</kbd>
-is the key itself.
+is the key itself, and
+<kbd>opt_IP_list</kbd>
+is an optional comma-separated list of IPs
+that are allowed to serve time. 
+If
+<kbd>opt_IP_list</kbd>
+is empty,
+any properly-authenticated server message will be
+accepted.
 
   <p>The
 <kbd>key</kbd>
diff --git a/contrib/ntp/ntpd/ntp.keys.man.in b/contrib/ntp/ntpd/ntp.keys.man.in
index 78d5f09..2e97e27 100644
--- a/contrib/ntp/ntpd/ntp.keys.man.in
+++ b/contrib/ntp/ntpd/ntp.keys.man.in
@@ -1,8 +1,8 @@
-.TH ntp.keys 5 "07 Jan 2016" "4.2.8p5" "File Formats"
+.TH ntp.keys 5 "20 Jan 2016" "4.2.8p6" "File Formats"
 .\"
 .\"  EDIT THIS FILE WITH CAUTION  (ntp.man)
 .\"
-.\"  It has been AutoGen-ed  January  7, 2016 at 11:30:41 PM by AutoGen 5.18.5
+.\"  It has been AutoGen-ed  January 20, 2016 at 04:17:51 AM by AutoGen 5.18.5
 .\"  From the definitions    ntp.keys.def
 .\"  and the template file   agman-file.tpl
 .Sh NAME
@@ -66,7 +66,7 @@ Key entries use a fixed format of the form
 .ne 2
 
 .in +4
-\f\*[I-Font]keyno\f[] \f\*[I-Font]type\f[] \f\*[I-Font]key\f[]
+\f\*[I-Font]keyno\f[] \f\*[I-Font]type\f[] \f\*[I-Font]key\f[] \f\*[I-Font]opt_IP_list\f[]
 .in -4
 .sp \n(Ppu
 .ne 2
@@ -78,7 +78,15 @@ is a positive integer (between 1 and 65534),
 is the message digest algorithm,
 and
 \f\*[I-Font]key\f[]
-is the key itself.
+is the key itself, and
+\f\*[I-Font]opt_IP_list\f[]
+is an optional comma-separated list of IPs
+that are allowed to serve time.
+If
+\f\*[I-Font]opt_IP_list\f[]
+is empty,
+any properly-authenticated server message will be
+accepted.
 .sp \n(Ppu
 .ne 2
 
@@ -160,7 +168,7 @@ the default name of the configuration file
 .SH "AUTHORS"
 The University of Delaware and Network Time Foundation
 .SH "COPYRIGHT"
-Copyright (C) 1992-2015 The University of Delaware and Network Time Foundation all rights reserved.
+Copyright (C) 1992-2016 The University of Delaware and Network Time Foundation all rights reserved.
 This program is released under the terms of the NTP license, <http://ntp.org/license>.
 .SH "BUGS"
 Please send bug reports to: http://bugs.ntp.org, bugs@ntp.org
diff --git a/contrib/ntp/ntpd/ntp.keys.mdoc.in b/contrib/ntp/ntpd/ntp.keys.mdoc.in
index 40c821e..3b4fa2c 100644
--- a/contrib/ntp/ntpd/ntp.keys.mdoc.in
+++ b/contrib/ntp/ntpd/ntp.keys.mdoc.in
@@ -1,9 +1,9 @@
-.Dd January 7 2016
+.Dd January 20 2016
 .Dt NTP_KEYS 5 File Formats
 .Os SunOS 5.10
 .\"  EDIT THIS FILE WITH CAUTION  (ntp.mdoc)
 .\"
-.\"  It has been AutoGen-ed  January  7, 2016 at 11:31:00 PM by AutoGen 5.18.5
+.\"  It has been AutoGen-ed  January 20, 2016 at 04:18:10 AM by AutoGen 5.18.5
 .\"  From the definitions    ntp.keys.def
 .\"  and the template file   agmdoc-file.tpl
 .Sh NAME
@@ -44,7 +44,7 @@ The key file uses the same comment conventions
 as the configuration file.
 Key entries use a fixed format of the form
 .Pp
-.D1 Ar keyno type key
+.D1 Ar keyno type key opt_IP_list
 .Pp
 where
 .Ar keyno
@@ -53,7 +53,15 @@ is a positive integer (between 1 and 65534),
 is the message digest algorithm,
 and
 .Ar key
-is the key itself.
+is the key itself, and
+.Ar opt_IP_list
+is an optional comma\-separated list of IPs
+that are allowed to serve time.
+If
+.Ar opt_IP_list
+is empty,
+any properly\-authenticated server message will be
+accepted.
 .Pp
 The
 .Ar key
@@ -147,7 +155,7 @@ it to autogen\-users@lists.sourceforge.net.  Thank you.
 .Sh "AUTHORS"
 The University of Delaware and Network Time Foundation
 .Sh "COPYRIGHT"
-Copyright (C) 1992\-2015 The University of Delaware and Network Time Foundation all rights reserved.
+Copyright (C) 1992\-2016 The University of Delaware and Network Time Foundation all rights reserved.
 This program is released under the terms of the NTP license, <http://ntp.org/license>.
 .Sh "BUGS"
 Please send bug reports to: http://bugs.ntp.org, bugs@ntp.org
diff --git a/contrib/ntp/ntpd/ntp_config.c b/contrib/ntp/ntpd/ntp_config.c
index 1c754bd..cb32737 100644
--- a/contrib/ntp/ntpd/ntp_config.c
+++ b/contrib/ntp/ntpd/ntp_config.c
@@ -53,6 +53,8 @@
 #include "ntp_parser.h"
 #include "ntpd-opts.h"
 
+extern int yyparse(void);
+
 /* Bug 2817 */
 #if defined(HAVE_SYS_MMAN_H)
 # include <sys/mman.h>
@@ -2981,6 +2983,18 @@ apply_enable_disable(
 			proto_config(PROTO_FILEGEN, enable, 0., NULL);
 			break;
 
+		case T_UEcrypto:
+			proto_config(PROTO_UECRYPTO, enable, 0., NULL);
+			break;
+
+		case T_UEcryptonak:
+			proto_config(PROTO_UECRYPTONAK, enable, 0., NULL);
+			break;
+
+		case T_UEdigest:
+			proto_config(PROTO_UEDIGEST, enable, 0., NULL);
+			break;
+
 #ifdef BC_LIST_FRAMEWORK_NOT_YET_USED
 		case T_Bc_bugXXXX:
 			pentry = bc_list;
diff --git a/contrib/ntp/ntpd/ntp_control.c b/contrib/ntp/ntpd/ntp_control.c
index b3e5acd..3c02218 100644
--- a/contrib/ntp/ntpd/ntp_control.c
+++ b/contrib/ntp/ntpd/ntp_control.c
@@ -79,6 +79,7 @@ static	void	ctl_putarray	(const char *, double *, int);
 static	void	ctl_putsys	(int);
 static	void	ctl_putpeer	(int, struct peer *);
 static	void	ctl_putfs	(const char *, tstamp_t);
+static	void	ctl_printf	(const char *, ...) NTP_PRINTF(1, 2);
 #ifdef REFCLOCK
 static	void	ctl_putclock	(int, struct refclockstat *, int);
 #endif	/* REFCLOCK */
@@ -115,6 +116,8 @@ static	void	unset_trap	(struct recvbuf *, int);
 static	struct ctl_trap *ctlfindtrap(sockaddr_u *,
 				     struct interface *);
 
+int/*BOOL*/ is_safe_filename(const char * name);
+
 static const struct ctl_proc control_codes[] = {
 	{ CTL_OP_UNSPEC,		NOAUTH,	control_unspec },
 	{ CTL_OP_READSTAT,		NOAUTH,	read_status },
@@ -877,10 +880,66 @@ ctl_error(
 			CTL_HEADER_LEN);
 }
 
+int/*BOOL*/
+is_safe_filename(const char * name)
+{
+	/* We need a strict validation of filenames we should write: The
+	 * daemon might run with special permissions and is remote
+	 * controllable, so we better take care what we allow as file
+	 * name!
+	 *
+	 * The first character must be digit or a letter from the ASCII
+	 * base plane or a '_' ([_A-Za-z0-9]), the following characters
+	 * must be from [-._+A-Za-z0-9].
+	 *
+	 * We do not trust the character classification much here: Since
+	 * the NTP protocol makes no provisions for UTF-8 or local code
+	 * pages, we strictly require the 7bit ASCII code page.
+	 *
+	 * The following table is a packed bit field of 128 two-bit
+	 * groups. The LSB in each group tells us if a character is
+	 * acceptable at the first position, the MSB if the character is
+	 * accepted at any other position.
+	 *
+	 * This does not ensure that the file name is syntactically
+	 * correct (multiple dots will not work with VMS...) but it will
+	 * exclude potential globbing bombs and directory traversal. It
+	 * also rules out drive selection. (For systems that have this
+	 * notion, like Windows or VMS.)
+	 */
+	static const uint32_t chclass[8] = {
+		0x00000000, 0x00000000,
+		0x28800000, 0x000FFFFF,
+		0xFFFFFFFC, 0xC03FFFFF,
+		0xFFFFFFFC, 0x003FFFFF
+	};
+
+	u_int widx, bidx, mask;
+	if (!*name)
+		return FALSE;
+	
+	mask = 1u;
+	while (0 != (widx = (u_char)*name++)) {
+		bidx = (widx & 15) << 1;
+		widx = widx >> 4;
+		if (widx >= sizeof(chclass))
+			return FALSE;
+		if (0 == ((chclass[widx] >> bidx) & mask))
+			return FALSE;
+		mask |= 2u;
+	}
+	return TRUE;
+}
+
+
 /*
  * save_config - Implements ntpq -c "saveconfig <filename>"
  *		 Writes current configuration including any runtime
  *		 changes by ntpq's :config or config-from-file
+ *
+ * Note: There should be no buffer overflow or truncation in the
+ * processing of file names -- both cause security problems. This is bit
+ * painful to code but essential here.
  */
 void
 save_config(
@@ -908,24 +967,38 @@ save_config(
 	    "\\/"	/* separator and critical char for POSIX */
 #endif
 	    ;
-
-
 	char reply[128];
 #ifdef SAVECONFIG
+	static const char savedconfig_eq[] = "savedconfig=";
+
+	/* Build a safe open mode from the available mode flags. We want
+	 * to create a new file and write it in text mode (when
+	 * applicable -- only Windows does this...)
+	 */
+	static const int openmode = O_CREAT | O_TRUNC | O_WRONLY
+#  if defined(O_EXCL)		/* posix, vms */
+	    | O_EXCL
+#  elif defined(_O_EXCL)	/* windows is alway very special... */
+	    | _O_EXCL
+#  endif
+#  if defined(_O_TEXT)		/* windows, again */
+	    | _O_TEXT
+#endif
+	    ; 
+	
 	char filespec[128];
 	char filename[128];
 	char fullpath[512];
-	const char savedconfig_eq[] = "savedconfig=";
 	char savedconfig[sizeof(savedconfig_eq) + sizeof(filename)];
 	time_t now;
 	int fd;
 	FILE *fptr;
+	int prc;
+	size_t reqlen;
 #endif
 
 	if (RES_NOMODIFY & restrict_mask) {
-		snprintf(reply, sizeof(reply),
-			 "saveconfig prohibited by restrict ... nomodify");
-		ctl_putdata(reply, strlen(reply), 0);
+		ctl_printf("%s", "saveconfig prohibited by restrict ... nomodify");
 		ctl_flushpkt(0);
 		NLOG(NLOG_SYSINFO)
 			msyslog(LOG_NOTICE,
@@ -937,9 +1010,7 @@ save_config(
 
 #ifdef SAVECONFIG
 	if (NULL == saveconfigdir) {
-		snprintf(reply, sizeof(reply),
-			 "saveconfig prohibited, no saveconfigdir configured");
-		ctl_putdata(reply, strlen(reply), 0);
+		ctl_printf("%s", "saveconfig prohibited, no saveconfigdir configured");
 		ctl_flushpkt(0);
 		NLOG(NLOG_SYSINFO)
 			msyslog(LOG_NOTICE,
@@ -948,21 +1019,79 @@ save_config(
 		return;
 	}
 
-	if (0 == reqend - reqpt)
+	/* The length checking stuff gets serious. Do not assume a NUL
+	 * byte can be found, but if so, use it to calculate the needed
+	 * buffer size. If the available buffer is too short, bail out;
+	 * likewise if there is no file spec. (The latter will not
+	 * happen when using NTPQ, but there are other ways to craft a
+	 * network packet!)
+	 */
+	reqlen = (size_t)(reqend - reqpt);
+	if (0 != reqlen) {
+		char * nulpos = (char*)memchr(reqpt, 0, reqlen);
+		if (NULL != nulpos)
+			reqlen = (size_t)(nulpos - reqpt);
+	}
+	if (0 == reqlen)
 		return;
+	if (reqlen >= sizeof(filespec)) {
+		ctl_printf("saveconfig exceeded maximum raw name length (%u)",
+			   (u_int)sizeof(filespec));
+		ctl_flushpkt(0);
+		msyslog(LOG_NOTICE,
+			"saveconfig exceeded maximum raw name length from %s",
+			stoa(&rbufp->recv_srcadr));
+		return;
+	}
 
-	strlcpy(filespec, reqpt, sizeof(filespec));
-	time(&now);
-
+	/* copy data directly as we exactly know the size */
+	memcpy(filespec, reqpt, reqlen);
+	filespec[reqlen] = '\0';
+	
 	/*
 	 * allow timestamping of the saved config filename with
 	 * strftime() format such as:
 	 *   ntpq -c "saveconfig ntp-%Y%m%d-%H%M%S.conf"
 	 * XXX: Nice feature, but not too safe.
+	 * YYY: The check for permitted characters in file names should
+	 *      weed out the worst. Let's hope 'strftime()' does not
+	 *      develop pathological problems.
 	 */
+	time(&now);
 	if (0 == strftime(filename, sizeof(filename), filespec,
-			       localtime(&now)))
+			  localtime(&now)))
+	{
+		/*
+		 * If we arrive here, 'strftime()' balked; most likely
+		 * the buffer was too short. (Or it encounterd an empty
+		 * format, or just a format that expands to an empty
+		 * string.) We try to use the original name, though this
+		 * is very likely to fail later if there are format
+		 * specs in the string. Note that truncation cannot
+		 * happen here as long as both buffers have the same
+		 * size!
+		 */
 		strlcpy(filename, filespec, sizeof(filename));
+	}
+
+	/*
+	 * Check the file name for sanity. This might/will rule out file
+	 * names that would be legal but problematic, and it blocks
+	 * directory traversal.
+	 */
+	if (!is_safe_filename(filename)) {
+		ctl_printf("saveconfig rejects unsafe file name '%s'",
+			   filename);
+		ctl_flushpkt(0);
+		msyslog(LOG_NOTICE,
+			"saveconfig rejects unsafe file name from %s",
+			stoa(&rbufp->recv_srcadr));
+		return;
+	}
+
+	/*
+	 * XXX: This next test may not be needed with is_safe_filename()
+	 */
 
 	/* block directory/drive traversal */
 	/* TALOS-CAN-0062: block directory traversal for VMS, too */
@@ -972,38 +1101,49 @@ save_config(
 		ctl_putdata(reply, strlen(reply), 0);
 		ctl_flushpkt(0);
 		msyslog(LOG_NOTICE,
-			"saveconfig with path from %s rejected",
+			"saveconfig rejects unsafe file name from %s",
 			stoa(&rbufp->recv_srcadr));
 		return;
 	}
 
-	snprintf(fullpath, sizeof(fullpath), "%s%s",
-		 saveconfigdir, filename);
+	/* concatenation of directory and path can cause another
+	 * truncation...
+	 */
+	prc = snprintf(fullpath, sizeof(fullpath), "%s%s",
+		       saveconfigdir, filename);
+	if (prc < 0 || prc >= sizeof(fullpath)) {
+		ctl_printf("saveconfig exceeded maximum path length (%u)",
+			   (u_int)sizeof(fullpath));
+		ctl_flushpkt(0);
+		msyslog(LOG_NOTICE,
+			"saveconfig exceeded maximum path length from %s",
+			stoa(&rbufp->recv_srcadr));
+		return;
+	}
 
-	fd = open(fullpath, O_CREAT | O_TRUNC | O_WRONLY,
-		  S_IRUSR | S_IWUSR);
+	fd = open(fullpath, openmode, S_IRUSR | S_IWUSR);
 	if (-1 == fd)
 		fptr = NULL;
 	else
 		fptr = fdopen(fd, "w");
 
 	if (NULL == fptr || -1 == dump_all_config_trees(fptr, 1)) {
-		snprintf(reply, sizeof(reply),
-			 "Unable to save configuration to file %s",
-			 filename);
+		ctl_printf("Unable to save configuration to file '%s': %m",
+			   filename);
 		msyslog(LOG_ERR,
 			"saveconfig %s from %s failed", filename,
 			stoa(&rbufp->recv_srcadr));
 	} else {
-		snprintf(reply, sizeof(reply),
-			 "Configuration saved to %s", filename);
+		ctl_printf("Configuration saved to '%s'", filename);
 		msyslog(LOG_NOTICE,
-			"Configuration saved to %s (requested by %s)",
+			"Configuration saved to '%s' (requested by %s)",
 			fullpath, stoa(&rbufp->recv_srcadr));
 		/*
 		 * save the output filename in system variable
 		 * savedconfig, retrieved with:
 		 *   ntpq -c "rv 0 savedconfig"
+		 * Note: the way 'savedconfig' is defined makes overflow
+		 * checks unnecessary here.
 		 */
 		snprintf(savedconfig, sizeof(savedconfig), "%s%s",
 			 savedconfig_eq, filename);
@@ -1013,11 +1153,9 @@ save_config(
 	if (NULL != fptr)
 		fclose(fptr);
 #else	/* !SAVECONFIG follows */
-	snprintf(reply, sizeof(reply),
-		 "saveconfig unavailable, configured with --disable-saveconfig");
-#endif
-
-	ctl_putdata(reply, strlen(reply), 0);
+	ctl_printf("%s",
+		   "saveconfig unavailable, configured with --disable-saveconfig");
+#endif	
 	ctl_flushpkt(0);
 }
 
@@ -1761,6 +1899,29 @@ ctl_putarray(
 	ctl_putdata(buffer, (unsigned)(cp - buffer), 0);
 }
 
+/*
+ * ctl_printf - put a formatted string into the data buffer
+ */
+static void
+ctl_printf(
+	const char * fmt,
+	...
+	)
+{
+	static const char * ellipsis = "[...]";
+	va_list va;
+	char    fmtbuf[128];
+	int     rc;
+	
+	va_start(va, fmt);
+	rc = vsnprintf(fmtbuf, sizeof(fmtbuf), fmt, va);
+	va_end(va);
+	if (rc < 0 || rc >= sizeof(fmtbuf))
+		strcpy(fmtbuf + sizeof(fmtbuf) - strlen(ellipsis) - 1,
+		       ellipsis);
+	ctl_putdata(fmtbuf, strlen(fmtbuf), 0);
+}
+
 
 /*
  * ctl_putsys - output a system variable
diff --git a/contrib/ntp/ntpd/ntp_crypto.c b/contrib/ntp/ntpd/ntp_crypto.c
index 8574266..5b87f19 100644
--- a/contrib/ntp/ntpd/ntp_crypto.c
+++ b/contrib/ntp/ntpd/ntp_crypto.c
@@ -269,7 +269,7 @@ session_key(
 	memcpy(&keyid, dgst, 4);
 	keyid = ntohl(keyid);
 	if (lifetime != 0) {
-		MD5auth_setkey(keyno, crypto_nid, dgst, len);
+		MD5auth_setkey(keyno, crypto_nid, dgst, len, NULL);
 		authtrust(keyno, lifetime);
 	}
 	DPRINTF(2, ("session_key: %s > %s %08x %08x hash %08x life %lu\n",
diff --git a/contrib/ntp/ntpd/ntp_io.c b/contrib/ntp/ntpd/ntp_io.c
index dd23459..ee52b1a 100644
--- a/contrib/ntp/ntpd/ntp_io.c
+++ b/contrib/ntp/ntpd/ntp_io.c
@@ -62,6 +62,9 @@
 # endif
 #endif
 
+#if defined(HAVE_SIGNALED_IO) && defined(DEBUG_TIMING)
+# undef DEBUG_TIMING
+#endif
 
 /*
  * setsockopt does not always have the same arg declaration
@@ -280,9 +283,12 @@ static int	addr_samesubnet	(const sockaddr_u *, const sockaddr_u *,
 				 const sockaddr_u *, const sockaddr_u *);
 static	int	create_sockets	(u_short);
 static	SOCKET	open_socket	(sockaddr_u *, int, int, endpt *);
-static	char *	fdbits		(int, fd_set *);
 static	void	set_reuseaddr	(int);
 static	isc_boolean_t	socket_broadcast_enable	 (struct interface *, SOCKET, sockaddr_u *);
+
+#if !defined(HAVE_IO_COMPLETION_PORT) && !defined(HAVE_SIGNALED_IO)
+static	char *	fdbits		(int, const fd_set *);
+#endif
 #ifdef  OS_MISSES_SPECIFIC_ROUTE_UPDATES
 static	isc_boolean_t	socket_broadcast_disable (struct interface *, sockaddr_u *);
 #endif
@@ -337,12 +343,15 @@ static int		cmp_addr_distance(const sockaddr_u *,
 #if !defined(HAVE_IO_COMPLETION_PORT)
 static inline int	read_network_packet	(SOCKET, struct interface *, l_fp);
 static void		ntpd_addremove_io_fd	(int, int, int);
-static input_handler_t  input_handler;
+static void 		input_handler_scan	(const l_fp*, const fd_set*);
+static int/*BOOL*/	sanitize_fdset		(int errc);
 #ifdef REFCLOCK
 static inline int	read_refclock_packet	(SOCKET, struct refclockio *, l_fp);
 #endif
+#ifdef HAVE_SIGNALED_IO
+static void 		input_handler		(l_fp*);
+#endif
 #endif
-
 
 
 #ifndef HAVE_IO_COMPLETION_PORT
@@ -455,11 +464,9 @@ init_io(void)
 	addremove_io_fd = &ntpd_addremove_io_fd;
 #endif
 
-#ifdef SYS_WINNT
+#if defined(SYS_WINNT)
 	init_io_completion_port();
-#endif
-
-#if defined(HAVE_SIGNALED_IO)
+#elif defined(HAVE_SIGNALED_IO)
 	(void) set_signal(input_handler);
 #endif
 }
@@ -475,7 +482,8 @@ ntpd_addremove_io_fd(
 	UNUSED_ARG(is_pipe);
 
 #ifdef HAVE_SIGNALED_IO
-	init_socket_sig(fd);
+	if (!remove_it)
+		init_socket_sig(fd);
 #endif /* not HAVE_SIGNALED_IO */
 
 	maintain_activefds(fd, remove_it);
@@ -717,78 +725,6 @@ addr_samesubnet(
 
 
 /*
- * Code to tell if we have an IP address
- * If we have then return the sockaddr structure
- * and set the return value
- * see the bind9/getaddresses.c for details
- */
-int
-is_ip_address(
-	const char *	host,
-	u_short		af,
-	sockaddr_u *	addr
-	)
-{
-	struct in_addr in4;
-	struct addrinfo hints;
-	struct addrinfo *result;
-	struct sockaddr_in6 *resaddr6;
-	char tmpbuf[128];
-	char *pch;
-
-	REQUIRE(host != NULL);
-	REQUIRE(addr != NULL);
-
-	ZERO_SOCK(addr);
-
-	/*
-	 * Try IPv4, then IPv6.  In order to handle the extended format
-	 * for IPv6 scoped addresses (address%scope_ID), we'll use a local
-	 * working buffer of 128 bytes.  The length is an ad-hoc value, but
-	 * should be enough for this purpose; the buffer can contain a string
-	 * of at least 80 bytes for scope_ID in addition to any IPv6 numeric
-	 * addresses (up to 46 bytes), the delimiter character and the
-	 * terminating NULL character.
-	 */
-	if (AF_UNSPEC == af || AF_INET == af)
-		if (inet_pton(AF_INET, host, &in4) == 1) {
-			AF(addr) = AF_INET;
-			SET_ADDR4N(addr, in4.s_addr);
-
-			return TRUE;
-		}
-
-	if (AF_UNSPEC == af || AF_INET6 == af)
-		if (sizeof(tmpbuf) > strlen(host)) {
-			if ('[' == host[0]) {
-				strlcpy(tmpbuf, &host[1], sizeof(tmpbuf));
-				pch = strchr(tmpbuf, ']');
-				if (pch != NULL)
-					*pch = '\0';
-			} else {
-				strlcpy(tmpbuf, host, sizeof(tmpbuf));
-			}
-			ZERO(hints);
-			hints.ai_family = AF_INET6;
-			hints.ai_flags |= AI_NUMERICHOST;
-			if (getaddrinfo(tmpbuf, NULL, &hints, &result) == 0) {
-				AF(addr) = AF_INET6;
-				resaddr6 = UA_PTR(struct sockaddr_in6, result->ai_addr);
-				SET_ADDR6N(addr, resaddr6->sin6_addr);
-				SET_SCOPE(addr, resaddr6->sin6_scope_id);
-
-				freeaddrinfo(result);
-				return TRUE;
-			}
-		}
-	/*
-	 * If we got here it was not an IP address
-	 */
-	return FALSE;
-}
-
-
-/*
  * interface list enumerator - visitor pattern
  */
 void
@@ -2354,6 +2290,7 @@ get_broadcastclient_flag(void)
 {
 	return (broadcast_client_enabled);
 }
+
 /*
  * Check to see if the address is a multicast address
  */
@@ -3204,15 +3141,15 @@ sendpkt(
 }
 
 
-#if !defined(HAVE_IO_COMPLETION_PORT)
+#if !defined(HAVE_IO_COMPLETION_PORT) && !defined(HAVE_SIGNALED_IO)
 /*
  * fdbits - generate ascii representation of fd_set (FAU debug support)
  * HFDF format - highest fd first.
  */
 static char *
 fdbits(
-	int count,
-	fd_set *set
+	int		count,
+	const fd_set*	set
 	)
 {
 	static char buffer[256];
@@ -3228,7 +3165,7 @@ fdbits(
 
 	return buffer;
 }
-
+#endif
 
 #ifdef REFCLOCK
 /*
@@ -3265,7 +3202,7 @@ read_refclock_packet(
 	/* TALOS-CAN-0064: avoid signed/unsigned clashes that can lead
 	 * to buffer overrun and memory corruption
 	 */
-	if (rp->datalen <= 0 || rp->datalen > sizeof(rb->recv_space))
+	if (rp->datalen <= 0 || (size_t)rp->datalen > sizeof(rb->recv_space))
 		read_count = sizeof(rb->recv_space);
 	else
 		read_count = (u_int)rp->datalen;
@@ -3582,6 +3519,7 @@ io_handler(void)
 	 * and - lacking a hardware reference clock - I have
 	 * yet to learn about anything else that is.
 	 */
+	++handler_calls;
 	rdfdes = activefds;
 #   if !defined(VMS) && !defined(SYS_VXWORKS)
 	nfound = select(maxactivefd + 1, &rdfdes, NULL,
@@ -3590,20 +3528,29 @@ io_handler(void)
 	/* make select() wake up after one second */
 	{
 		struct timeval t1;
-
-		t1.tv_sec = 1;
+		t1.tv_sec  = 1;
 		t1.tv_usec = 0;
 		nfound = select(maxactivefd + 1,
 				&rdfdes, NULL, NULL,
 				&t1);
 	}
 #   endif	/* VMS, VxWorks */
+	if (nfound < 0 && sanitize_fdset(errno)) {
+		struct timeval t1;
+		t1.tv_sec  = 0;
+		t1.tv_usec = 0;
+		rdfdes = activefds;
+		nfound = select(maxactivefd + 1,
+				&rdfdes, NULL, NULL,
+				&t1);
+	}
+
 	if (nfound > 0) {
 		l_fp ts;
 
 		get_systime(&ts);
 
-		input_handler(&ts);
+		input_handler_scan(&ts, &rdfdes);
 	} else if (nfound == -1 && errno != EINTR) {
 		msyslog(LOG_ERR, "select() error: %m");
 	}
@@ -3619,46 +3566,22 @@ io_handler(void)
 #  endif /* HAVE_SIGNALED_IO */
 }
 
+#ifdef HAVE_SIGNALED_IO
 /*
  * input_handler - receive packets asynchronously
+ *
+ * ALWAYS IN SIGNAL HANDLER CONTEXT -- only async-safe functions allowed!
  */
-static void
+static RETSIGTYPE
 input_handler(
 	l_fp *	cts
 	)
 {
-	int		buflen;
 	int		n;
-	u_int		idx;
-	int		doing;
-	SOCKET		fd;
-	blocking_child *c;
 	struct timeval	tvzero;
-	l_fp		ts;	/* Timestamp at BOselect() gob */
-#ifdef DEBUG_TIMING
-	l_fp		ts_e;	/* Timestamp at EOselect() gob */
-#endif
 	fd_set		fds;
-	size_t		select_count;
-	endpt *		ep;
-#ifdef REFCLOCK
-	struct refclockio *rp;
-	int		saved_errno;
-	const char *	clk;
-#endif
-#ifdef HAS_ROUTING_SOCKET
-	struct asyncio_reader *	asyncio_reader;
-	struct asyncio_reader *	next_asyncio_reader;
-#endif
-
-	handler_calls++;
-	select_count = 0;
-
-	/*
-	 * If we have something to do, freeze a timestamp.
-	 * See below for the other cases (nothing left to do or error)
-	 */
-	ts = *cts;
+	
+	++handler_calls;
 
 	/*
 	 * Do a poll to see who has data
@@ -3668,82 +3591,133 @@ input_handler(
 	tvzero.tv_sec = tvzero.tv_usec = 0;
 
 	n = select(maxactivefd + 1, &fds, NULL, NULL, &tvzero);
+	if (n < 0 && sanitize_fdset(errno)) {
+		fds = activefds;
+		tvzero.tv_sec = tvzero.tv_usec = 0;
+		n = select(maxactivefd + 1, &fds, NULL, NULL, &tvzero);
+	}
+	if (n > 0)
+		input_handler_scan(cts, &fds);
+}
+#endif /* HAVE_SIGNALED_IO */
+
+
+/*
+ * Try to sanitize the global FD set
+ *
+ * SIGNAL HANDLER CONTEXT if HAVE_SIGNALED_IO, ordinary userspace otherwise
+ */
+static int/*BOOL*/
+sanitize_fdset(
+	int	errc
+	)
+{
+	int j, b, maxscan;
 
+#  ifndef HAVE_SIGNALED_IO
 	/*
-	 * If there are no packets waiting just return
+	 * extended FAU debugging output
 	 */
-	if (n < 0) {
-		int err = errno;
-		int j, b, prior;
-		/*
-		 * extended FAU debugging output
-		 */
-		if (err != EINTR)
-			msyslog(LOG_ERR,
-				"select(%d, %s, 0L, 0L, &0.0) error: %m",
-				maxactivefd + 1,
-				fdbits(maxactivefd, &activefds));
-		if (err != EBADF)
-			goto ih_return;
-		for (j = 0, prior = 0; j <= maxactivefd; j++) {
-			if (FD_ISSET(j, &activefds)) {
-				if (-1 != read(j, &b, 0)) {
-					prior = j;
-					continue;
-				}
-				msyslog(LOG_ERR,
-					"Removing bad file descriptor %d from select set",
-					j);
-				FD_CLR(j, &activefds);
-				if (j == maxactivefd)
-					maxactivefd = prior;
+	if (errc != EINTR) {
+		msyslog(LOG_ERR,
+			"select(%d, %s, 0L, 0L, &0.0) error: %m",
+			maxactivefd + 1,
+			fdbits(maxactivefd, &activefds));
+	}
+#   endif
+	
+	if (errc != EBADF)
+		return FALSE;
+
+	/* if we have oviously bad FDs, try to sanitize the FD set. */
+	for (j = 0, maxscan = 0; j <= maxactivefd; j++) {
+		if (FD_ISSET(j, &activefds)) {
+			if (-1 != read(j, &b, 0)) {
+				maxscan = j;
+				continue;
 			}
+#		    ifndef HAVE_SIGNALED_IO
+			msyslog(LOG_ERR,
+				"Removing bad file descriptor %d from select set",
+				j);
+#		    endif
+			FD_CLR(j, &activefds);
 		}
-		goto ih_return;
 	}
-	else if (n == 0)
-		goto ih_return;
+	if (maxactivefd != maxscan)
+		maxactivefd = maxscan;
+	return TRUE;
+}
+
+/*
+ * scan the known FDs (clocks, servers, ...) for presence in a 'fd_set'. 
+ *
+ * SIGNAL HANDLER CONTEXT if HAVE_SIGNALED_IO, ordinary userspace otherwise
+ */
+static void
+input_handler_scan(
+	const l_fp *	cts,
+	const fd_set *	pfds
+	)
+{
+	int		buflen;
+	u_int		idx;
+	int		doing;
+	SOCKET		fd;
+	blocking_child *c;
+	l_fp		ts;	/* Timestamp at BOselect() gob */
+
+#if defined(DEBUG_TIMING)
+	l_fp		ts_e;	/* Timestamp at EOselect() gob */
+#endif
+	endpt *		ep;
+#ifdef REFCLOCK
+	struct refclockio *rp;
+	int		saved_errno;
+	const char *	clk;
+#endif
+#ifdef HAS_ROUTING_SOCKET
+	struct asyncio_reader *	asyncio_reader;
+	struct asyncio_reader *	next_asyncio_reader;
+#endif
 
 	++handler_pkts;
+	ts = *cts;
 
 #ifdef REFCLOCK
 	/*
 	 * Check out the reference clocks first, if any
 	 */
-
-	if (refio != NULL) {
-		for (rp = refio; rp != NULL; rp = rp->next) {
-			fd = rp->fd;
-
-			if (!FD_ISSET(fd, &fds))
-				continue;
-			++select_count;
-			buflen = read_refclock_packet(fd, rp, ts);
-			/*
-			 * The first read must succeed after select()
-			 * indicates readability, or we've reached
-			 * a permanent EOF.  http://bugs.ntp.org/1732
-			 * reported ntpd munching CPU after a USB GPS
-			 * was unplugged because select was indicating
-			 * EOF but ntpd didn't remove the descriptor
-			 * from the activefds set.
-			 */
-			if (buflen < 0 && EAGAIN != errno) {
-				saved_errno = errno;
-				clk = refnumtoa(&rp->srcclock->srcadr);
-				errno = saved_errno;
-				msyslog(LOG_ERR, "%s read: %m", clk);
-				maintain_activefds(fd, TRUE);
-			} else if (0 == buflen) {
-				clk = refnumtoa(&rp->srcclock->srcadr);
-				msyslog(LOG_ERR, "%s read EOF", clk);
-				maintain_activefds(fd, TRUE);
-			} else {
-				/* drain any remaining refclock input */
-				do {
-					buflen = read_refclock_packet(fd, rp, ts);
-				} while (buflen > 0);
-			}
+	
+	for (rp = refio; rp != NULL; rp = rp->next) {
+		fd = rp->fd;
+		
+		if (!FD_ISSET(fd, pfds))
+			continue;
+		buflen = read_refclock_packet(fd, rp, ts);
+		/*
+		 * The first read must succeed after select() indicates
+		 * readability, or we've reached a permanent EOF.
+		 * http://bugs.ntp.org/1732 reported ntpd munching CPU
+		 * after a USB GPS was unplugged because select was
+		 * indicating EOF but ntpd didn't remove the descriptor
+		 * from the activefds set.
+		 */
+		if (buflen < 0 && EAGAIN != errno) {
+			saved_errno = errno;
+			clk = refnumtoa(&rp->srcclock->srcadr);
+			errno = saved_errno;
+			msyslog(LOG_ERR, "%s read: %m", clk);
+			maintain_activefds(fd, TRUE);
+		} else if (0 == buflen) {
+			clk = refnumtoa(&rp->srcclock->srcadr);
+			msyslog(LOG_ERR, "%s read EOF", clk);
+			maintain_activefds(fd, TRUE);
+		} else {
+			/* drain any remaining refclock input */
+			do {
+				buflen = read_refclock_packet(fd, rp, ts);
+			} while (buflen > 0);
 		}
 	}
 #endif /* REFCLOCK */
@@ -3762,9 +3736,8 @@ input_handler(
 			}
 			if (fd < 0)
 				continue;
-			if (FD_ISSET(fd, &fds))
+			if (FD_ISSET(fd, pfds))
 				do {
-					++select_count;
 					buflen = read_network_packet(
 							fd, ep, ts);
 				} while (buflen > 0);
@@ -3781,10 +3754,8 @@ input_handler(
 	while (asyncio_reader != NULL) {
 		/* callback may unlink and free asyncio_reader */
 		next_asyncio_reader = asyncio_reader->link;
-		if (FD_ISSET(asyncio_reader->fd, &fds)) {
-			++select_count;
+		if (FD_ISSET(asyncio_reader->fd, pfds))
 			(*asyncio_reader->receiver)(asyncio_reader);
-		}
 		asyncio_reader = next_asyncio_reader;
 	}
 #endif /* HAS_ROUTING_SOCKET */
@@ -3796,26 +3767,14 @@ input_handler(
 		c = blocking_children[idx];
 		if (NULL == c || -1 == c->resp_read_pipe)
 			continue;
-		if (FD_ISSET(c->resp_read_pipe, &fds)) {
-			select_count++;
-			process_blocking_resp(c);
+		if (FD_ISSET(c->resp_read_pipe, pfds)) {
+			++c->resp_ready_seen;
+			++blocking_child_ready_seen;
 		}
 	}
 
-	/*
-	 * Done everything from that select.
-	 * If nothing to do, just return.
-	 * If an error occurred, complain and return.
-	 */
-	if (select_count == 0) { /* We really had nothing to do */
-#ifdef DEBUG
-		if (debug)
-			msyslog(LOG_DEBUG, "input_handler: select() returned 0");
-#endif /* DEBUG */
-		goto ih_return;
-	}
 	/* We've done our work */
-#ifdef DEBUG_TIMING
+#if defined(DEBUG_TIMING)
 	get_systime(&ts_e);
 	/*
 	 * (ts_e - ts) is the amount of time we spent
@@ -3829,11 +3788,7 @@ input_handler(
 			"input_handler: Processed a gob of fd's in %s msec",
 			lfptoms(&ts_e, 6));
 #endif /* DEBUG_TIMING */
-	/* We're done... */
-    ih_return:
-	return;
 }
-#endif /* !HAVE_IO_COMPLETION_PORT */
 
 
 /*
diff --git a/contrib/ntp/ntpd/ntp_keyword.h b/contrib/ntp/ntpd/ntp_keyword.h
index 0a593f6..c726c60 100644
--- a/contrib/ntp/ntpd/ntp_keyword.h
+++ b/contrib/ntp/ntpd/ntp_keyword.h
@@ -2,7 +2,7 @@
  * ntp_keyword.h
  * 
  * NOTE: edit this file with caution, it is generated by keyword-gen.c
- *	 Generated 2015-06-25 03:57:00 UTC	  diff_ignore_line
+ *	 Generated 2016-01-16 08:33:03 UTC	  diff_ignore_line
  *
  */
 #include "ntp_scanner.h"
@@ -10,7 +10,7 @@
 
 #define LOWEST_KEYWORD_ID 258
 
-const char * const keyword_text[191] = {
+const char * const keyword_text[194] = {
 	/* 0       258             T_Abbrev */	"abbrev",
 	/* 1       259                T_Age */	"age",
 	/* 2       260                T_All */	"all",
@@ -182,31 +182,34 @@ const char * const keyword_text[191] = {
 	/* 168     426                T_Ttl */	"ttl",
 	/* 169     427               T_Type */	"type",
 	/* 170     428              T_U_int */	NULL,
-	/* 171     429           T_Unconfig */	"unconfig",
-	/* 172     430             T_Unpeer */	"unpeer",
-	/* 173     431            T_Version */	"version",
-	/* 174     432    T_WanderThreshold */	NULL,
-	/* 175     433               T_Week */	"week",
-	/* 176     434           T_Wildcard */	"wildcard",
-	/* 177     435             T_Xleave */	"xleave",
-	/* 178     436               T_Year */	"year",
-	/* 179     437               T_Flag */	NULL,
-	/* 180     438                T_EOC */	NULL,
-	/* 181     439           T_Simulate */	"simulate",
-	/* 182     440         T_Beep_Delay */	"beep_delay",
-	/* 183     441       T_Sim_Duration */	"simulation_duration",
-	/* 184     442      T_Server_Offset */	"server_offset",
-	/* 185     443           T_Duration */	"duration",
-	/* 186     444        T_Freq_Offset */	"freq_offset",
-	/* 187     445             T_Wander */	"wander",
-	/* 188     446             T_Jitter */	"jitter",
-	/* 189     447         T_Prop_Delay */	"prop_delay",
-	/* 190     448         T_Proc_Delay */	"proc_delay"
+	/* 171     429           T_UEcrypto */	"unpeer_crypto_early",
+	/* 172     430        T_UEcryptonak */	"unpeer_crypto_nak_early",
+	/* 173     431           T_UEdigest */	"unpeer_digest_early",
+	/* 174     432           T_Unconfig */	"unconfig",
+	/* 175     433             T_Unpeer */	"unpeer",
+	/* 176     434            T_Version */	"version",
+	/* 177     435    T_WanderThreshold */	NULL,
+	/* 178     436               T_Week */	"week",
+	/* 179     437           T_Wildcard */	"wildcard",
+	/* 180     438             T_Xleave */	"xleave",
+	/* 181     439               T_Year */	"year",
+	/* 182     440               T_Flag */	NULL,
+	/* 183     441                T_EOC */	NULL,
+	/* 184     442           T_Simulate */	"simulate",
+	/* 185     443         T_Beep_Delay */	"beep_delay",
+	/* 186     444       T_Sim_Duration */	"simulation_duration",
+	/* 187     445      T_Server_Offset */	"server_offset",
+	/* 188     446           T_Duration */	"duration",
+	/* 189     447        T_Freq_Offset */	"freq_offset",
+	/* 190     448             T_Wander */	"wander",
+	/* 191     449             T_Jitter */	"jitter",
+	/* 192     450         T_Prop_Delay */	"prop_delay",
+	/* 193     451         T_Proc_Delay */	"proc_delay"
 };
 
-#define SCANNER_INIT_S 853
+#define SCANNER_INIT_S 887
 
-const scan_state sst[856] = {
+const scan_state sst[890] = {
 /*SS_T( ch,	f-by, match, other ),				 */
   0,				      /*     0                   */
   S_ST( '-',	3,      323,     0 ), /*     1                   */
@@ -252,7 +255,7 @@ const scan_state sst[856] = {
   S_ST( 'd',	3,       42,     0 ), /*    41 beep_             */
   S_ST( 'e',	3,       43,     0 ), /*    42 beep_d            */
   S_ST( 'l',	3,       44,     0 ), /*    43 beep_de           */
-  S_ST( 'a',	3,      440,     0 ), /*    44 beep_del          */
+  S_ST( 'a',	3,      443,     0 ), /*    44 beep_del          */
   S_ST( 'r',	3,       46,    34 ), /*    45 b                 */
   S_ST( 'o',	3,       47,     0 ), /*    46 br                */
   S_ST( 'a',	3,       48,     0 ), /*    47 bro               */
@@ -352,7 +355,7 @@ const scan_state sst[856] = {
   S_ST( 'a',	3,      142,     0 ), /*   141 dur               */
   S_ST( 't',	3,      143,     0 ), /*   142 dura              */
   S_ST( 'i',	3,      144,     0 ), /*   143 durat             */
-  S_ST( 'o',	3,      443,     0 ), /*   144 durati            */
+  S_ST( 'o',	3,      446,     0 ), /*   144 durati            */
   S_ST( 'e',	3,      146,   105 ), /*   145                   */
   S_ST( 'n',	3,      293,     0 ), /*   146 e                 */
   S_ST( 'a',	3,      148,     0 ), /*   147 en                */
@@ -378,7 +381,7 @@ const scan_state sst[856] = {
   S_ST( 'f',	3,      168,     0 ), /*   167 freq_o            */
   S_ST( 'f',	3,      169,     0 ), /*   168 freq_of           */
   S_ST( 's',	3,      170,     0 ), /*   169 freq_off          */
-  S_ST( 'e',	3,      444,     0 ), /*   170 freq_offs         */
+  S_ST( 'e',	3,      447,     0 ), /*   170 freq_offs         */
   S_ST( 'u',	3,      172,   163 ), /*   171 f                 */
   S_ST( 'd',	3,      173,     0 ), /*   172 fu                */
   S_ST( 'g',	3,      305,     0 ), /*   173 fud               */
@@ -438,7 +441,7 @@ const scan_state sst[856] = {
   S_ST( 'i',	3,      228,     0 ), /*   227 j                 */
   S_ST( 't',	3,      229,     0 ), /*   228 ji                */
   S_ST( 't',	3,      230,     0 ), /*   229 jit               */
-  S_ST( 'e',	3,      446,     0 ), /*   230 jitt              */
+  S_ST( 'e',	3,      449,     0 ), /*   230 jitt              */
   S_ST( 'k',	3,      238,   226 ), /*   231                   */
   S_ST( 'e',	3,      325,     0 ), /*   232 k                 */
   S_ST( 'r',	3,      234,     0 ), /*   233 ke                */
@@ -447,7 +450,7 @@ const scan_state sst[856] = {
   S_ST( 'd',	3,      237,     0 ), /*   236 keys              */
   S_ST( 'i',	3,      327,     0 ), /*   237 keysd             */
   S_ST( 'o',	3,      328,   232 ), /*   238 k                 */
-  S_ST( 'l',	3,      449,   231 ), /*   239                   */
+  S_ST( 'l',	3,      452,   231 ), /*   239                   */
   S_ST( 'e',	3,      241,     0 ), /*   240 l                 */
   S_ST( 'a',	3,      242,     0 ), /*   241 le                */
   S_ST( 'p',	3,      246,     0 ), /*   242 lea               */
@@ -495,7 +498,7 @@ const scan_state sst[856] = {
   S_ST( 'e',	0,        0,     0 ), /*   284 T_Disable         */
   S_ST( 'd',	0,        0,     0 ), /*   285 T_Discard         */
   S_ST( 'n',	0,        0,     0 ), /*   286 T_Dispersion      */
-  S_ST( 'i',	3,      432,   240 ), /*   287 l                 */
+  S_ST( 'i',	3,      435,   240 ), /*   287 l                 */
   S_ST( 'e',	1,        0,     0 ), /*   288 T_Driftfile       */
   S_ST( 'p',	0,        0,     0 ), /*   289 T_Drop            */
   S_ST( 'p',	0,        0,     0 ), /*   290 T_Dscp            */
@@ -557,7 +560,7 @@ const scan_state sst[856] = {
   S_ST( 'm',	0,        0,     0 ), /*   346 T_Maxmem          */
   S_ST( 'l',	0,        0,     0 ), /*   347 T_Maxpoll         */
   S_ST( 's',	0,        0,     0 ), /*   348 T_Mdnstries       */
-  S_ST( 'm',	0,      518,     0 ), /*   349 T_Mem             */
+  S_ST( 'm',	0,      521,     0 ), /*   349 T_Mem             */
   S_ST( 'k',	0,        0,     0 ), /*   350 T_Memlock         */
   S_ST( 'k',	0,        0,     0 ), /*   351 T_Minclock        */
   S_ST( 'h',	0,        0,     0 ), /*   352 T_Mindepth        */
@@ -583,23 +586,23 @@ const scan_state sst[856] = {
   S_ST( 'e',	0,        0,     0 ), /*   372 T_Noserve         */
   S_ST( 'p',	0,        0,     0 ), /*   373 T_Notrap          */
   S_ST( 't',	0,        0,     0 ), /*   374 T_Notrust         */
-  S_ST( 'p',	0,      614,     0 ), /*   375 T_Ntp             */
+  S_ST( 'p',	0,      617,     0 ), /*   375 T_Ntp             */
   S_ST( 't',	0,        0,     0 ), /*   376 T_Ntpport         */
   S_ST( 't',	1,        0,     0 ), /*   377 T_NtpSignDsocket  */
-  S_ST( 'n',	0,      629,     0 ), /*   378 T_Orphan          */
+  S_ST( 'n',	0,      632,     0 ), /*   378 T_Orphan          */
   S_ST( 't',	0,        0,     0 ), /*   379 T_Orphanwait      */
   S_ST( 'c',	0,        0,     0 ), /*   380 T_Panic           */
-  S_ST( 'r',	1,      638,     0 ), /*   381 T_Peer            */
+  S_ST( 'r',	1,      641,     0 ), /*   381 T_Peer            */
   S_ST( 's',	0,        0,     0 ), /*   382 T_Peerstats       */
   S_ST( 'e',	2,        0,     0 ), /*   383 T_Phone           */
-  S_ST( 'd',	0,      646,     0 ), /*   384 T_Pid             */
+  S_ST( 'd',	0,      649,     0 ), /*   384 T_Pid             */
   S_ST( 'e',	1,        0,     0 ), /*   385 T_Pidfile         */
   S_ST( 'l',	1,        0,     0 ), /*   386 T_Pool            */
   S_ST( 't',	0,        0,     0 ), /*   387 T_Port            */
   S_ST( 't',	0,        0,     0 ), /*   388 T_Preempt         */
   S_ST( 'r',	0,        0,     0 ), /*   389 T_Prefer          */
   S_ST( 's',	0,        0,     0 ), /*   390 T_Protostats      */
-  S_ST( 'w',	1,        0,   652 ), /*   391 T_Pw              */
+  S_ST( 'w',	1,        0,   655 ), /*   391 T_Pw              */
   S_ST( 'e',	1,        0,     0 ), /*   392 T_Randfile        */
   S_ST( 's',	0,        0,     0 ), /*   393 T_Rawstats        */
   S_ST( 'd',	1,        0,     0 ), /*   394 T_Refid           */
@@ -609,20 +612,20 @@ const scan_state sst[856] = {
   S_ST( 'e',	0,        0,     0 ), /*   398 T_Revoke          */
   S_ST( 't',	0,        0,     0 ), /*   399 T_Rlimit          */
   S_ST( 'r',	1,        0,     0 ), /*   400 T_Saveconfigdir   */
-  S_ST( 'r',	1,      729,     0 ), /*   401 T_Server          */
+  S_ST( 'r',	1,      732,     0 ), /*   401 T_Server          */
   S_ST( 'r',	1,        0,     0 ), /*   402 T_Setvar          */
   S_ST( 'e',	0,        0,     0 ), /*   403 T_Source          */
   S_ST( 'e',	0,        0,     0 ), /*   404 T_Stacksize       */
   S_ST( 's',	0,        0,     0 ), /*   405 T_Statistics      */
-  S_ST( 's',	0,      772,   767 ), /*   406 T_Stats           */
+  S_ST( 's',	0,      775,   770 ), /*   406 T_Stats           */
   S_ST( 'r',	1,        0,     0 ), /*   407 T_Statsdir        */
-  S_ST( 'p',	0,      780,     0 ), /*   408 T_Step            */
+  S_ST( 'p',	0,      783,     0 ), /*   408 T_Step            */
   S_ST( 'k',	0,        0,     0 ), /*   409 T_Stepback        */
   S_ST( 'd',	0,        0,     0 ), /*   410 T_Stepfwd         */
   S_ST( 't',	0,        0,     0 ), /*   411 T_Stepout         */
   S_ST( 'm',	0,        0,     0 ), /*   412 T_Stratum         */
   S_ST( 'e',	3,      332,     0 ), /*   413 limit             */
-  S_ST( 's',	0,      787,     0 ), /*   414 T_Sys             */
+  S_ST( 's',	0,      790,     0 ), /*   414 T_Sys             */
   S_ST( 's',	0,        0,     0 ), /*   415 T_Sysstats        */
   S_ST( 'k',	0,        0,     0 ), /*   416 T_Tick            */
   S_ST( '1',	0,        0,     0 ), /*   417 T_Time1           */
@@ -637,432 +640,466 @@ const scan_state sst[856] = {
   S_ST( 'l',	0,        0,     0 ), /*   426 T_Ttl             */
   S_ST( 'e',	0,        0,     0 ), /*   427 T_Type            */
   S_ST( 'n',	3,      333,   294 ), /*   428 li                */
-  S_ST( 'g',	1,        0,     0 ), /*   429 T_Unconfig        */
-  S_ST( 'r',	1,        0,     0 ), /*   430 T_Unpeer          */
-  S_ST( 'n',	0,        0,     0 ), /*   431 T_Version         */
-  S_ST( 's',	3,      437,   428 ), /*   432 li                */
-  S_ST( 'k',	0,        0,     0 ), /*   433 T_Week            */
-  S_ST( 'd',	0,        0,     0 ), /*   434 T_Wildcard        */
-  S_ST( 'e',	0,        0,     0 ), /*   435 T_Xleave          */
-  S_ST( 'r',	0,        0,     0 ), /*   436 T_Year            */
-  S_ST( 't',	3,      438,     0 ), /*   437 lis               */
-  S_ST( 'e',	3,      334,     0 ), /*   438 list              */
-  S_ST( 'e',	0,        0,     0 ), /*   439 T_Simulate        */
-  S_ST( 'y',	0,        0,     0 ), /*   440 T_Beep_Delay      */
-  S_ST( 'n',	0,        0,     0 ), /*   441 T_Sim_Duration    */
-  S_ST( 't',	0,        0,     0 ), /*   442 T_Server_Offset   */
-  S_ST( 'n',	0,        0,     0 ), /*   443 T_Duration        */
-  S_ST( 't',	0,        0,     0 ), /*   444 T_Freq_Offset     */
-  S_ST( 'r',	0,        0,     0 ), /*   445 T_Wander          */
-  S_ST( 'r',	0,        0,     0 ), /*   446 T_Jitter          */
-  S_ST( 'y',	0,        0,     0 ), /*   447 T_Prop_Delay      */
-  S_ST( 'y',	0,        0,     0 ), /*   448 T_Proc_Delay      */
-  S_ST( 'o',	3,      465,   287 ), /*   449 l                 */
-  S_ST( 'g',	3,      456,     0 ), /*   450 lo                */
-  S_ST( 'c',	3,      452,     0 ), /*   451 log               */
-  S_ST( 'o',	3,      453,     0 ), /*   452 logc              */
-  S_ST( 'n',	3,      454,     0 ), /*   453 logco             */
-  S_ST( 'f',	3,      455,     0 ), /*   454 logcon            */
-  S_ST( 'i',	3,      335,     0 ), /*   455 logconf           */
-  S_ST( 'f',	3,      457,   451 ), /*   456 log               */
-  S_ST( 'i',	3,      458,     0 ), /*   457 logf              */
-  S_ST( 'l',	3,      336,     0 ), /*   458 logfi             */
-  S_ST( 'o',	3,      460,   450 ), /*   459 lo                */
-  S_ST( 'p',	3,      461,     0 ), /*   460 loo               */
-  S_ST( 's',	3,      462,     0 ), /*   461 loop              */
-  S_ST( 't',	3,      463,     0 ), /*   462 loops             */
-  S_ST( 'a',	3,      464,     0 ), /*   463 loopst            */
-  S_ST( 't',	3,      337,     0 ), /*   464 loopsta           */
-  S_ST( 'w',	3,      466,   459 ), /*   465 lo                */
-  S_ST( 'p',	3,      467,     0 ), /*   466 low               */
-  S_ST( 'r',	3,      468,     0 ), /*   467 lowp              */
-  S_ST( 'i',	3,      469,     0 ), /*   468 lowpr             */
-  S_ST( 'o',	3,      470,     0 ), /*   469 lowpri            */
-  S_ST( 't',	3,      471,     0 ), /*   470 lowprio           */
-  S_ST( 'r',	3,      472,     0 ), /*   471 lowpriot          */
-  S_ST( 'a',	3,      338,     0 ), /*   472 lowpriotr         */
-  S_ST( 'm',	3,      554,   239 ), /*   473                   */
-  S_ST( 'a',	3,      492,     0 ), /*   474 m                 */
-  S_ST( 'n',	3,      476,     0 ), /*   475 ma                */
-  S_ST( 'y',	3,      477,     0 ), /*   476 man               */
-  S_ST( 'c',	3,      478,     0 ), /*   477 many              */
-  S_ST( 'a',	3,      479,     0 ), /*   478 manyc             */
-  S_ST( 's',	3,      480,     0 ), /*   479 manyca            */
-  S_ST( 't',	3,      486,     0 ), /*   480 manycas           */
-  S_ST( 'c',	3,      482,     0 ), /*   481 manycast          */
-  S_ST( 'l',	3,      483,     0 ), /*   482 manycastc         */
-  S_ST( 'i',	3,      484,     0 ), /*   483 manycastcl        */
-  S_ST( 'e',	3,      485,     0 ), /*   484 manycastcli       */
-  S_ST( 'n',	3,      339,     0 ), /*   485 manycastclie      */
-  S_ST( 's',	3,      487,   481 ), /*   486 manycast          */
-  S_ST( 'e',	3,      488,     0 ), /*   487 manycasts         */
-  S_ST( 'r',	3,      489,     0 ), /*   488 manycastse        */
-  S_ST( 'v',	3,      490,     0 ), /*   489 manycastser       */
-  S_ST( 'e',	3,      340,     0 ), /*   490 manycastserv      */
-  S_ST( 's',	3,      341,   475 ), /*   491 ma                */
-  S_ST( 'x',	3,      507,   491 ), /*   492 ma                */
-  S_ST( 'a',	3,      494,     0 ), /*   493 max               */
-  S_ST( 'g',	3,      342,     0 ), /*   494 maxa              */
-  S_ST( 'c',	3,      496,   493 ), /*   495 max               */
-  S_ST( 'l',	3,      497,     0 ), /*   496 maxc              */
-  S_ST( 'o',	3,      498,     0 ), /*   497 maxcl             */
-  S_ST( 'c',	3,      343,     0 ), /*   498 maxclo            */
-  S_ST( 'd',	3,      503,   495 ), /*   499 max               */
-  S_ST( 'e',	3,      501,     0 ), /*   500 maxd              */
-  S_ST( 'p',	3,      502,     0 ), /*   501 maxde             */
-  S_ST( 't',	3,      344,     0 ), /*   502 maxdep            */
-  S_ST( 'i',	3,      504,   500 ), /*   503 maxd              */
-  S_ST( 's',	3,      345,     0 ), /*   504 maxdi             */
-  S_ST( 'm',	3,      506,   499 ), /*   505 max               */
-  S_ST( 'e',	3,      346,     0 ), /*   506 maxm              */
-  S_ST( 'p',	3,      508,   505 ), /*   507 max               */
-  S_ST( 'o',	3,      509,     0 ), /*   508 maxp              */
-  S_ST( 'l',	3,      347,     0 ), /*   509 maxpo             */
-  S_ST( 'd',	3,      511,   474 ), /*   510 m                 */
-  S_ST( 'n',	3,      512,     0 ), /*   511 md                */
-  S_ST( 's',	3,      513,     0 ), /*   512 mdn               */
-  S_ST( 't',	3,      514,     0 ), /*   513 mdns              */
-  S_ST( 'r',	3,      515,     0 ), /*   514 mdnst             */
-  S_ST( 'i',	3,      516,     0 ), /*   515 mdnstr            */
-  S_ST( 'e',	3,      348,     0 ), /*   516 mdnstri           */
-  S_ST( 'e',	3,      349,   510 ), /*   517 m                 */
-  S_ST( 'l',	3,      519,     0 ), /*   518 mem               */
-  S_ST( 'o',	3,      520,     0 ), /*   519 meml              */
-  S_ST( 'c',	3,      350,     0 ), /*   520 memlo             */
-  S_ST( 'i',	3,      522,   517 ), /*   521 m                 */
-  S_ST( 'n',	3,      539,     0 ), /*   522 mi                */
-  S_ST( 'c',	3,      524,     0 ), /*   523 min               */
-  S_ST( 'l',	3,      525,     0 ), /*   524 minc              */
-  S_ST( 'o',	3,      526,     0 ), /*   525 mincl             */
-  S_ST( 'c',	3,      351,     0 ), /*   526 minclo            */
-  S_ST( 'd',	3,      531,   523 ), /*   527 min               */
-  S_ST( 'e',	3,      529,     0 ), /*   528 mind              */
-  S_ST( 'p',	3,      530,     0 ), /*   529 minde             */
-  S_ST( 't',	3,      352,     0 ), /*   530 mindep            */
-  S_ST( 'i',	3,      532,   528 ), /*   531 mind              */
-  S_ST( 's',	3,      353,     0 ), /*   532 mindi             */
-  S_ST( 'i',	3,      534,   527 ), /*   533 min               */
-  S_ST( 'm',	3,      535,     0 ), /*   534 mini              */
-  S_ST( 'u',	3,      354,     0 ), /*   535 minim             */
-  S_ST( 'p',	3,      537,   533 ), /*   536 min               */
-  S_ST( 'o',	3,      538,     0 ), /*   537 minp              */
-  S_ST( 'l',	3,      355,     0 ), /*   538 minpo             */
-  S_ST( 's',	3,      540,   536 ), /*   539 min               */
-  S_ST( 'a',	3,      541,     0 ), /*   540 mins              */
-  S_ST( 'n',	3,      356,     0 ), /*   541 minsa             */
-  S_ST( 'o',	3,      544,   521 ), /*   542 m                 */
-  S_ST( 'd',	3,      357,     0 ), /*   543 mo                */
-  S_ST( 'n',	3,      548,   543 ), /*   544 mo                */
-  S_ST( 'i',	3,      546,     0 ), /*   545 mon               */
-  S_ST( 't',	3,      547,     0 ), /*   546 moni              */
-  S_ST( 'o',	3,      359,     0 ), /*   547 monit             */
-  S_ST( 't',	3,      360,   545 ), /*   548 mon               */
-  S_ST( 'r',	3,      361,   542 ), /*   549 m                 */
-  S_ST( 's',	3,      551,   549 ), /*   550 m                 */
-  S_ST( 's',	3,      552,     0 ), /*   551 ms                */
-  S_ST( 'n',	3,      553,     0 ), /*   552 mss               */
-  S_ST( 't',	3,      329,     0 ), /*   553 mssn              */
-  S_ST( 'u',	3,      555,   550 ), /*   554 m                 */
-  S_ST( 'l',	3,      556,     0 ), /*   555 mu                */
-  S_ST( 't',	3,      557,     0 ), /*   556 mul               */
-  S_ST( 'i',	3,      558,     0 ), /*   557 mult              */
-  S_ST( 'c',	3,      559,     0 ), /*   558 multi             */
-  S_ST( 'a',	3,      560,     0 ), /*   559 multic            */
-  S_ST( 's',	3,      561,     0 ), /*   560 multica           */
-  S_ST( 't',	3,      562,     0 ), /*   561 multicas          */
-  S_ST( 'c',	3,      563,     0 ), /*   562 multicast         */
-  S_ST( 'l',	3,      564,     0 ), /*   563 multicastc        */
-  S_ST( 'i',	3,      565,     0 ), /*   564 multicastcl       */
-  S_ST( 'e',	3,      566,     0 ), /*   565 multicastcli      */
-  S_ST( 'n',	3,      362,     0 ), /*   566 multicastclie     */
-  S_ST( 'n',	3,      610,   473 ), /*   567                   */
-  S_ST( 'i',	3,      363,     0 ), /*   568 n                 */
-  S_ST( 'o',	3,      605,   568 ), /*   569 n                 */
-  S_ST( 'l',	3,      571,     0 ), /*   570 no                */
-  S_ST( 'i',	3,      572,     0 ), /*   571 nol               */
-  S_ST( 'n',	3,      364,     0 ), /*   572 noli              */
-  S_ST( 'm',	3,      578,   570 ), /*   573 no                */
-  S_ST( 'o',	3,      575,     0 ), /*   574 nom               */
-  S_ST( 'd',	3,      576,     0 ), /*   575 nomo              */
-  S_ST( 'i',	3,      577,     0 ), /*   576 nomod             */
-  S_ST( 'f',	3,      365,     0 ), /*   577 nomodi            */
-  S_ST( 'r',	3,      579,   574 ), /*   578 nom               */
-  S_ST( 'u',	3,      580,     0 ), /*   579 nomr              */
-  S_ST( 'l',	3,      581,     0 ), /*   580 nomru             */
-  S_ST( 'i',	3,      582,     0 ), /*   581 nomrul            */
-  S_ST( 's',	3,      366,     0 ), /*   582 nomruli           */
-  S_ST( 'n',	3,      584,   573 ), /*   583 no                */
-  S_ST( 'v',	3,      585,   367 ), /*   584 non               */
-  S_ST( 'o',	3,      586,     0 ), /*   585 nonv              */
-  S_ST( 'l',	3,      587,     0 ), /*   586 nonvo             */
-  S_ST( 'a',	3,      588,     0 ), /*   587 nonvol            */
-  S_ST( 't',	3,      589,     0 ), /*   588 nonvola           */
-  S_ST( 'i',	3,      590,     0 ), /*   589 nonvolat          */
-  S_ST( 'l',	3,      368,     0 ), /*   590 nonvolati         */
-  S_ST( 'p',	3,      592,   583 ), /*   591 no                */
-  S_ST( 'e',	3,      593,     0 ), /*   592 nop               */
-  S_ST( 'e',	3,      369,     0 ), /*   593 nope              */
-  S_ST( 'q',	3,      595,   591 ), /*   594 no                */
-  S_ST( 'u',	3,      596,     0 ), /*   595 noq               */
-  S_ST( 'e',	3,      597,     0 ), /*   596 noqu              */
-  S_ST( 'r',	3,      370,     0 ), /*   597 noque             */
-  S_ST( 's',	3,      599,   594 ), /*   598 no                */
-  S_ST( 'e',	3,      603,     0 ), /*   599 nos               */
-  S_ST( 'l',	3,      601,     0 ), /*   600 nose              */
-  S_ST( 'e',	3,      602,     0 ), /*   601 nosel             */
-  S_ST( 'c',	3,      371,     0 ), /*   602 nosele            */
-  S_ST( 'r',	3,      604,   600 ), /*   603 nose              */
-  S_ST( 'v',	3,      372,     0 ), /*   604 noser             */
-  S_ST( 't',	3,      606,   598 ), /*   605 no                */
-  S_ST( 'r',	3,      608,     0 ), /*   606 not               */
-  S_ST( 'a',	3,      373,     0 ), /*   607 notr              */
-  S_ST( 'u',	3,      609,   607 ), /*   608 notr              */
-  S_ST( 's',	3,      374,     0 ), /*   609 notru             */
-  S_ST( 't',	3,      375,   569 ), /*   610 n                 */
-  S_ST( 'p',	3,      612,     0 ), /*   611 ntp               */
-  S_ST( 'o',	3,      613,     0 ), /*   612 ntpp              */
-  S_ST( 'r',	3,      376,     0 ), /*   613 ntppo             */
-  S_ST( 's',	3,      615,   611 ), /*   614 ntp               */
-  S_ST( 'i',	3,      616,     0 ), /*   615 ntps              */
-  S_ST( 'g',	3,      617,     0 ), /*   616 ntpsi             */
-  S_ST( 'n',	3,      618,     0 ), /*   617 ntpsig            */
-  S_ST( 'd',	3,      619,     0 ), /*   618 ntpsign           */
-  S_ST( 's',	3,      620,     0 ), /*   619 ntpsignd          */
-  S_ST( 'o',	3,      621,     0 ), /*   620 ntpsignds         */
-  S_ST( 'c',	3,      622,     0 ), /*   621 ntpsigndso        */
-  S_ST( 'k',	3,      623,     0 ), /*   622 ntpsigndsoc       */
-  S_ST( 'e',	3,      377,     0 ), /*   623 ntpsigndsock      */
-  S_ST( 'o',	3,      625,   567 ), /*   624                   */
-  S_ST( 'r',	3,      626,     0 ), /*   625 o                 */
-  S_ST( 'p',	3,      627,     0 ), /*   626 or                */
-  S_ST( 'h',	3,      628,     0 ), /*   627 orp               */
-  S_ST( 'a',	3,      378,     0 ), /*   628 orph              */
-  S_ST( 'w',	3,      630,     0 ), /*   629 orphan            */
-  S_ST( 'a',	3,      631,     0 ), /*   630 orphanw           */
-  S_ST( 'i',	3,      379,     0 ), /*   631 orphanwa          */
-  S_ST( 'p',	3,      391,   624 ), /*   632                   */
-  S_ST( 'a',	3,      634,     0 ), /*   633 p                 */
-  S_ST( 'n',	3,      635,     0 ), /*   634 pa                */
-  S_ST( 'i',	3,      380,     0 ), /*   635 pan               */
-  S_ST( 'e',	3,      637,   633 ), /*   636 p                 */
-  S_ST( 'e',	3,      381,     0 ), /*   637 pe                */
-  S_ST( 's',	3,      639,     0 ), /*   638 peer              */
-  S_ST( 't',	3,      640,     0 ), /*   639 peers             */
-  S_ST( 'a',	3,      641,     0 ), /*   640 peerst            */
-  S_ST( 't',	3,      382,     0 ), /*   641 peersta           */
-  S_ST( 'h',	3,      643,   636 ), /*   642 p                 */
-  S_ST( 'o',	3,      644,     0 ), /*   643 ph                */
-  S_ST( 'n',	3,      383,     0 ), /*   644 pho               */
-  S_ST( 'i',	3,      384,   642 ), /*   645 p                 */
-  S_ST( 'f',	3,      647,     0 ), /*   646 pid               */
-  S_ST( 'i',	3,      648,     0 ), /*   647 pidf              */
-  S_ST( 'l',	3,      385,     0 ), /*   648 pidfi             */
-  S_ST( 'o',	3,      651,   645 ), /*   649 p                 */
-  S_ST( 'o',	3,      386,     0 ), /*   650 po                */
-  S_ST( 'r',	3,      387,   650 ), /*   651 po                */
-  S_ST( 'r',	3,      659,   649 ), /*   652 p                 */
-  S_ST( 'e',	3,      657,     0 ), /*   653 pr                */
-  S_ST( 'e',	3,      655,     0 ), /*   654 pre               */
-  S_ST( 'm',	3,      656,     0 ), /*   655 pree              */
-  S_ST( 'p',	3,      388,     0 ), /*   656 preem             */
-  S_ST( 'f',	3,      658,   654 ), /*   657 pre               */
-  S_ST( 'e',	3,      389,     0 ), /*   658 pref              */
-  S_ST( 'o',	3,      672,   653 ), /*   659 pr                */
-  S_ST( 'c',	3,      661,     0 ), /*   660 pro               */
-  S_ST( '_',	3,      662,     0 ), /*   661 proc              */
-  S_ST( 'd',	3,      663,     0 ), /*   662 proc_             */
-  S_ST( 'e',	3,      664,     0 ), /*   663 proc_d            */
-  S_ST( 'l',	3,      665,     0 ), /*   664 proc_de           */
-  S_ST( 'a',	3,      448,     0 ), /*   665 proc_del          */
-  S_ST( 'p',	3,      667,   660 ), /*   666 pro               */
-  S_ST( '_',	3,      668,     0 ), /*   667 prop              */
-  S_ST( 'd',	3,      669,     0 ), /*   668 prop_             */
-  S_ST( 'e',	3,      670,     0 ), /*   669 prop_d            */
-  S_ST( 'l',	3,      671,     0 ), /*   670 prop_de           */
-  S_ST( 'a',	3,      447,     0 ), /*   671 prop_del          */
-  S_ST( 't',	3,      673,   666 ), /*   672 pro               */
-  S_ST( 'o',	3,      674,     0 ), /*   673 prot              */
-  S_ST( 's',	3,      675,     0 ), /*   674 proto             */
-  S_ST( 't',	3,      676,     0 ), /*   675 protos            */
-  S_ST( 'a',	3,      677,     0 ), /*   676 protost           */
-  S_ST( 't',	3,      390,     0 ), /*   677 protosta          */
-  S_ST( 'r',	3,      709,   632 ), /*   678                   */
-  S_ST( 'a',	3,      685,     0 ), /*   679 r                 */
-  S_ST( 'n',	3,      681,     0 ), /*   680 ra                */
-  S_ST( 'd',	3,      682,     0 ), /*   681 ran               */
-  S_ST( 'f',	3,      683,     0 ), /*   682 rand              */
-  S_ST( 'i',	3,      684,     0 ), /*   683 randf             */
-  S_ST( 'l',	3,      392,     0 ), /*   684 randfi            */
-  S_ST( 'w',	3,      686,   680 ), /*   685 ra                */
-  S_ST( 's',	3,      687,     0 ), /*   686 raw               */
-  S_ST( 't',	3,      688,     0 ), /*   687 raws              */
-  S_ST( 'a',	3,      689,     0 ), /*   688 rawst             */
-  S_ST( 't',	3,      393,     0 ), /*   689 rawsta            */
-  S_ST( 'e',	3,      706,   679 ), /*   690 r                 */
-  S_ST( 'f',	3,      692,     0 ), /*   691 re                */
-  S_ST( 'i',	3,      394,     0 ), /*   692 ref               */
-  S_ST( 'q',	3,      694,   691 ), /*   693 re                */
-  S_ST( 'u',	3,      695,     0 ), /*   694 req               */
-  S_ST( 'e',	3,      696,     0 ), /*   695 requ              */
-  S_ST( 's',	3,      697,     0 ), /*   696 reque             */
-  S_ST( 't',	3,      698,     0 ), /*   697 reques            */
-  S_ST( 'k',	3,      699,     0 ), /*   698 request           */
-  S_ST( 'e',	3,      395,     0 ), /*   699 requestk          */
-  S_ST( 's',	3,      702,   693 ), /*   700 re                */
-  S_ST( 'e',	3,      396,     0 ), /*   701 res               */
-  S_ST( 't',	3,      703,   701 ), /*   702 res               */
-  S_ST( 'r',	3,      704,     0 ), /*   703 rest              */
-  S_ST( 'i',	3,      705,     0 ), /*   704 restr             */
-  S_ST( 'c',	3,      397,     0 ), /*   705 restri            */
-  S_ST( 'v',	3,      707,   700 ), /*   706 re                */
-  S_ST( 'o',	3,      708,     0 ), /*   707 rev               */
-  S_ST( 'k',	3,      398,     0 ), /*   708 revo              */
-  S_ST( 'l',	3,      710,   690 ), /*   709 r                 */
-  S_ST( 'i',	3,      711,     0 ), /*   710 rl                */
-  S_ST( 'm',	3,      712,     0 ), /*   711 rli               */
-  S_ST( 'i',	3,      399,     0 ), /*   712 rlim              */
-  S_ST( 's',	3,      786,   678 ), /*   713                   */
-  S_ST( 'a',	3,      715,     0 ), /*   714 s                 */
-  S_ST( 'v',	3,      716,     0 ), /*   715 sa                */
-  S_ST( 'e',	3,      717,     0 ), /*   716 sav               */
-  S_ST( 'c',	3,      718,     0 ), /*   717 save              */
-  S_ST( 'o',	3,      719,     0 ), /*   718 savec             */
-  S_ST( 'n',	3,      720,     0 ), /*   719 saveco            */
-  S_ST( 'f',	3,      721,     0 ), /*   720 savecon           */
-  S_ST( 'i',	3,      722,     0 ), /*   721 saveconf          */
-  S_ST( 'g',	3,      723,     0 ), /*   722 saveconfi         */
-  S_ST( 'd',	3,      724,     0 ), /*   723 saveconfig        */
-  S_ST( 'i',	3,      400,     0 ), /*   724 saveconfigd       */
-  S_ST( 'e',	3,      735,   714 ), /*   725 s                 */
-  S_ST( 'r',	3,      727,     0 ), /*   726 se                */
-  S_ST( 'v',	3,      728,     0 ), /*   727 ser               */
-  S_ST( 'e',	3,      401,     0 ), /*   728 serv              */
-  S_ST( '_',	3,      730,     0 ), /*   729 server            */
-  S_ST( 'o',	3,      731,     0 ), /*   730 server_           */
-  S_ST( 'f',	3,      732,     0 ), /*   731 server_o          */
-  S_ST( 'f',	3,      733,     0 ), /*   732 server_of         */
-  S_ST( 's',	3,      734,     0 ), /*   733 server_off        */
-  S_ST( 'e',	3,      442,     0 ), /*   734 server_offs       */
-  S_ST( 't',	3,      736,   726 ), /*   735 se                */
-  S_ST( 'v',	3,      737,     0 ), /*   736 set               */
-  S_ST( 'a',	3,      402,     0 ), /*   737 setv              */
-  S_ST( 'i',	3,      739,   725 ), /*   738 s                 */
-  S_ST( 'm',	3,      740,     0 ), /*   739 si                */
-  S_ST( 'u',	3,      741,     0 ), /*   740 sim               */
-  S_ST( 'l',	3,      742,     0 ), /*   741 simu              */
-  S_ST( 'a',	3,      743,     0 ), /*   742 simul             */
-  S_ST( 't',	3,      744,     0 ), /*   743 simula            */
-  S_ST( 'i',	3,      745,   439 ), /*   744 simulat           */
-  S_ST( 'o',	3,      746,     0 ), /*   745 simulati          */
-  S_ST( 'n',	3,      747,     0 ), /*   746 simulatio         */
-  S_ST( '_',	3,      748,     0 ), /*   747 simulation        */
-  S_ST( 'd',	3,      749,     0 ), /*   748 simulation_       */
-  S_ST( 'u',	3,      750,     0 ), /*   749 simulation_d      */
-  S_ST( 'r',	3,      751,     0 ), /*   750 simulation_du     */
-  S_ST( 'a',	3,      752,     0 ), /*   751 simulation_dur    */
-  S_ST( 't',	3,      753,     0 ), /*   752 simulation_dura   */
-  S_ST( 'i',	3,      754,     0 ), /*   753 simulation_durat  */
-  S_ST( 'o',	3,      441,     0 ), /*   754 simulation_durati */
-  S_ST( 'o',	3,      756,   738 ), /*   755 s                 */
-  S_ST( 'u',	3,      757,     0 ), /*   756 so                */
-  S_ST( 'r',	3,      758,     0 ), /*   757 sou               */
-  S_ST( 'c',	3,      403,     0 ), /*   758 sour              */
-  S_ST( 't',	3,      782,   755 ), /*   759 s                 */
-  S_ST( 'a',	3,      766,     0 ), /*   760 st                */
-  S_ST( 'c',	3,      762,     0 ), /*   761 sta               */
-  S_ST( 'k',	3,      763,     0 ), /*   762 stac              */
-  S_ST( 's',	3,      764,     0 ), /*   763 stack             */
-  S_ST( 'i',	3,      765,     0 ), /*   764 stacks            */
-  S_ST( 'z',	3,      404,     0 ), /*   765 stacksi           */
-  S_ST( 't',	3,      406,   761 ), /*   766 sta               */
-  S_ST( 'i',	3,      768,     0 ), /*   767 stat              */
-  S_ST( 's',	3,      769,     0 ), /*   768 stati             */
-  S_ST( 't',	3,      770,     0 ), /*   769 statis            */
-  S_ST( 'i',	3,      771,     0 ), /*   770 statist           */
-  S_ST( 'c',	3,      405,     0 ), /*   771 statisti          */
-  S_ST( 'd',	3,      773,     0 ), /*   772 stats             */
-  S_ST( 'i',	3,      407,     0 ), /*   773 statsd            */
-  S_ST( 'e',	3,      408,   760 ), /*   774 st                */
-  S_ST( 'b',	3,      776,     0 ), /*   775 step              */
-  S_ST( 'a',	3,      777,     0 ), /*   776 stepb             */
-  S_ST( 'c',	3,      409,     0 ), /*   777 stepba            */
-  S_ST( 'f',	3,      779,   775 ), /*   778 step              */
-  S_ST( 'w',	3,      410,     0 ), /*   779 stepf             */
-  S_ST( 'o',	3,      781,   778 ), /*   780 step              */
-  S_ST( 'u',	3,      411,     0 ), /*   781 stepo             */
-  S_ST( 'r',	3,      783,   774 ), /*   782 st                */
-  S_ST( 'a',	3,      784,     0 ), /*   783 str               */
-  S_ST( 't',	3,      785,     0 ), /*   784 stra              */
-  S_ST( 'u',	3,      412,     0 ), /*   785 strat             */
-  S_ST( 'y',	3,      414,   759 ), /*   786 s                 */
-  S_ST( 's',	3,      788,     0 ), /*   787 sys               */
-  S_ST( 't',	3,      789,     0 ), /*   788 syss              */
-  S_ST( 'a',	3,      790,     0 ), /*   789 sysst             */
-  S_ST( 't',	3,      415,     0 ), /*   790 syssta            */
-  S_ST( 't',	3,      817,   713 ), /*   791                   */
-  S_ST( 'i',	3,      803,     0 ), /*   792 t                 */
-  S_ST( 'c',	3,      416,     0 ), /*   793 ti                */
-  S_ST( 'm',	3,      796,   793 ), /*   794 ti                */
-  S_ST( 'e',	3,      419,     0 ), /*   795 tim               */
-  S_ST( 'i',	3,      797,   795 ), /*   796 tim               */
-  S_ST( 'n',	3,      798,     0 ), /*   797 timi              */
-  S_ST( 'g',	3,      799,     0 ), /*   798 timin             */
-  S_ST( 's',	3,      800,     0 ), /*   799 timing            */
-  S_ST( 't',	3,      801,     0 ), /*   800 timings           */
-  S_ST( 'a',	3,      802,     0 ), /*   801 timingst          */
-  S_ST( 't',	3,      420,     0 ), /*   802 timingsta         */
-  S_ST( 'n',	3,      804,   794 ), /*   803 ti                */
-  S_ST( 'k',	3,      805,     0 ), /*   804 tin               */
-  S_ST( 'e',	3,      421,     0 ), /*   805 tink              */
-  S_ST( 'o',	3,      422,   792 ), /*   806 t                 */
-  S_ST( 'r',	3,      809,   806 ), /*   807 t                 */
-  S_ST( 'a',	3,      423,     0 ), /*   808 tr                */
-  S_ST( 'u',	3,      810,   808 ), /*   809 tr                */
-  S_ST( 's',	3,      811,   424 ), /*   810 tru               */
-  S_ST( 't',	3,      812,     0 ), /*   811 trus              */
-  S_ST( 'e',	3,      813,     0 ), /*   812 trust             */
-  S_ST( 'd',	3,      814,     0 ), /*   813 truste            */
-  S_ST( 'k',	3,      815,     0 ), /*   814 trusted           */
-  S_ST( 'e',	3,      425,     0 ), /*   815 trustedk          */
-  S_ST( 't',	3,      426,   807 ), /*   816 t                 */
-  S_ST( 'y',	3,      818,   816 ), /*   817 t                 */
-  S_ST( 'p',	3,      427,     0 ), /*   818 ty                */
-  S_ST( 'u',	3,      820,   791 ), /*   819                   */
-  S_ST( 'n',	3,      826,     0 ), /*   820 u                 */
-  S_ST( 'c',	3,      822,     0 ), /*   821 un                */
-  S_ST( 'o',	3,      823,     0 ), /*   822 unc               */
-  S_ST( 'n',	3,      824,     0 ), /*   823 unco              */
-  S_ST( 'f',	3,      825,     0 ), /*   824 uncon             */
-  S_ST( 'i',	3,      429,     0 ), /*   825 unconf            */
-  S_ST( 'p',	3,      827,   821 ), /*   826 un                */
-  S_ST( 'e',	3,      828,     0 ), /*   827 unp               */
-  S_ST( 'e',	3,      430,     0 ), /*   828 unpe              */
-  S_ST( 'v',	3,      830,   819 ), /*   829                   */
-  S_ST( 'e',	3,      831,     0 ), /*   830 v                 */
-  S_ST( 'r',	3,      832,     0 ), /*   831 ve                */
-  S_ST( 's',	3,      833,     0 ), /*   832 ver               */
-  S_ST( 'i',	3,      834,     0 ), /*   833 vers              */
-  S_ST( 'o',	3,      431,     0 ), /*   834 versi             */
-  S_ST( 'w',	3,      842,   829 ), /*   835                   */
-  S_ST( 'a',	3,      837,     0 ), /*   836 w                 */
-  S_ST( 'n',	3,      838,     0 ), /*   837 wa                */
-  S_ST( 'd',	3,      839,     0 ), /*   838 wan               */
-  S_ST( 'e',	3,      445,     0 ), /*   839 wand              */
-  S_ST( 'e',	3,      841,   836 ), /*   840 w                 */
-  S_ST( 'e',	3,      433,     0 ), /*   841 we                */
-  S_ST( 'i',	3,      843,   840 ), /*   842 w                 */
-  S_ST( 'l',	3,      844,     0 ), /*   843 wi                */
-  S_ST( 'd',	3,      845,     0 ), /*   844 wil               */
-  S_ST( 'c',	3,      846,     0 ), /*   845 wild              */
-  S_ST( 'a',	3,      847,     0 ), /*   846 wildc             */
-  S_ST( 'r',	3,      434,     0 ), /*   847 wildca            */
-  S_ST( 'x',	3,      849,   835 ), /*   848                   */
-  S_ST( 'l',	3,      850,     0 ), /*   849 x                 */
-  S_ST( 'e',	3,      851,     0 ), /*   850 xl                */
-  S_ST( 'a',	3,      852,     0 ), /*   851 xle               */
-  S_ST( 'v',	3,      435,     0 ), /*   852 xlea              */
-  S_ST( 'y',	3,      854,   848 ), /*   853 [initial state]   */
-  S_ST( 'e',	3,      855,     0 ), /*   854 y                 */
-  S_ST( 'a',	3,      436,     0 )  /*   855 ye                */
+  S_ST( 'y',	0,        0,     0 ), /*   429 T_UEcrypto        */
+  S_ST( 'y',	0,        0,     0 ), /*   430 T_UEcryptonak     */
+  S_ST( 'y',	0,        0,     0 ), /*   431 T_UEdigest        */
+  S_ST( 'g',	1,        0,     0 ), /*   432 T_Unconfig        */
+  S_ST( 'r',	1,      832,     0 ), /*   433 T_Unpeer          */
+  S_ST( 'n',	0,        0,     0 ), /*   434 T_Version         */
+  S_ST( 's',	3,      440,   428 ), /*   435 li                */
+  S_ST( 'k',	0,        0,     0 ), /*   436 T_Week            */
+  S_ST( 'd',	0,        0,     0 ), /*   437 T_Wildcard        */
+  S_ST( 'e',	0,        0,     0 ), /*   438 T_Xleave          */
+  S_ST( 'r',	0,        0,     0 ), /*   439 T_Year            */
+  S_ST( 't',	3,      441,     0 ), /*   440 lis               */
+  S_ST( 'e',	3,      334,     0 ), /*   441 list              */
+  S_ST( 'e',	0,        0,     0 ), /*   442 T_Simulate        */
+  S_ST( 'y',	0,        0,     0 ), /*   443 T_Beep_Delay      */
+  S_ST( 'n',	0,        0,     0 ), /*   444 T_Sim_Duration    */
+  S_ST( 't',	0,        0,     0 ), /*   445 T_Server_Offset   */
+  S_ST( 'n',	0,        0,     0 ), /*   446 T_Duration        */
+  S_ST( 't',	0,        0,     0 ), /*   447 T_Freq_Offset     */
+  S_ST( 'r',	0,        0,     0 ), /*   448 T_Wander          */
+  S_ST( 'r',	0,        0,     0 ), /*   449 T_Jitter          */
+  S_ST( 'y',	0,        0,     0 ), /*   450 T_Prop_Delay      */
+  S_ST( 'y',	0,        0,     0 ), /*   451 T_Proc_Delay      */
+  S_ST( 'o',	3,      468,   287 ), /*   452 l                 */
+  S_ST( 'g',	3,      459,     0 ), /*   453 lo                */
+  S_ST( 'c',	3,      455,     0 ), /*   454 log               */
+  S_ST( 'o',	3,      456,     0 ), /*   455 logc              */
+  S_ST( 'n',	3,      457,     0 ), /*   456 logco             */
+  S_ST( 'f',	3,      458,     0 ), /*   457 logcon            */
+  S_ST( 'i',	3,      335,     0 ), /*   458 logconf           */
+  S_ST( 'f',	3,      460,   454 ), /*   459 log               */
+  S_ST( 'i',	3,      461,     0 ), /*   460 logf              */
+  S_ST( 'l',	3,      336,     0 ), /*   461 logfi             */
+  S_ST( 'o',	3,      463,   453 ), /*   462 lo                */
+  S_ST( 'p',	3,      464,     0 ), /*   463 loo               */
+  S_ST( 's',	3,      465,     0 ), /*   464 loop              */
+  S_ST( 't',	3,      466,     0 ), /*   465 loops             */
+  S_ST( 'a',	3,      467,     0 ), /*   466 loopst            */
+  S_ST( 't',	3,      337,     0 ), /*   467 loopsta           */
+  S_ST( 'w',	3,      469,   462 ), /*   468 lo                */
+  S_ST( 'p',	3,      470,     0 ), /*   469 low               */
+  S_ST( 'r',	3,      471,     0 ), /*   470 lowp              */
+  S_ST( 'i',	3,      472,     0 ), /*   471 lowpr             */
+  S_ST( 'o',	3,      473,     0 ), /*   472 lowpri            */
+  S_ST( 't',	3,      474,     0 ), /*   473 lowprio           */
+  S_ST( 'r',	3,      475,     0 ), /*   474 lowpriot          */
+  S_ST( 'a',	3,      338,     0 ), /*   475 lowpriotr         */
+  S_ST( 'm',	3,      557,   239 ), /*   476                   */
+  S_ST( 'a',	3,      495,     0 ), /*   477 m                 */
+  S_ST( 'n',	3,      479,     0 ), /*   478 ma                */
+  S_ST( 'y',	3,      480,     0 ), /*   479 man               */
+  S_ST( 'c',	3,      481,     0 ), /*   480 many              */
+  S_ST( 'a',	3,      482,     0 ), /*   481 manyc             */
+  S_ST( 's',	3,      483,     0 ), /*   482 manyca            */
+  S_ST( 't',	3,      489,     0 ), /*   483 manycas           */
+  S_ST( 'c',	3,      485,     0 ), /*   484 manycast          */
+  S_ST( 'l',	3,      486,     0 ), /*   485 manycastc         */
+  S_ST( 'i',	3,      487,     0 ), /*   486 manycastcl        */
+  S_ST( 'e',	3,      488,     0 ), /*   487 manycastcli       */
+  S_ST( 'n',	3,      339,     0 ), /*   488 manycastclie      */
+  S_ST( 's',	3,      490,   484 ), /*   489 manycast          */
+  S_ST( 'e',	3,      491,     0 ), /*   490 manycasts         */
+  S_ST( 'r',	3,      492,     0 ), /*   491 manycastse        */
+  S_ST( 'v',	3,      493,     0 ), /*   492 manycastser       */
+  S_ST( 'e',	3,      340,     0 ), /*   493 manycastserv      */
+  S_ST( 's',	3,      341,   478 ), /*   494 ma                */
+  S_ST( 'x',	3,      510,   494 ), /*   495 ma                */
+  S_ST( 'a',	3,      497,     0 ), /*   496 max               */
+  S_ST( 'g',	3,      342,     0 ), /*   497 maxa              */
+  S_ST( 'c',	3,      499,   496 ), /*   498 max               */
+  S_ST( 'l',	3,      500,     0 ), /*   499 maxc              */
+  S_ST( 'o',	3,      501,     0 ), /*   500 maxcl             */
+  S_ST( 'c',	3,      343,     0 ), /*   501 maxclo            */
+  S_ST( 'd',	3,      506,   498 ), /*   502 max               */
+  S_ST( 'e',	3,      504,     0 ), /*   503 maxd              */
+  S_ST( 'p',	3,      505,     0 ), /*   504 maxde             */
+  S_ST( 't',	3,      344,     0 ), /*   505 maxdep            */
+  S_ST( 'i',	3,      507,   503 ), /*   506 maxd              */
+  S_ST( 's',	3,      345,     0 ), /*   507 maxdi             */
+  S_ST( 'm',	3,      509,   502 ), /*   508 max               */
+  S_ST( 'e',	3,      346,     0 ), /*   509 maxm              */
+  S_ST( 'p',	3,      511,   508 ), /*   510 max               */
+  S_ST( 'o',	3,      512,     0 ), /*   511 maxp              */
+  S_ST( 'l',	3,      347,     0 ), /*   512 maxpo             */
+  S_ST( 'd',	3,      514,   477 ), /*   513 m                 */
+  S_ST( 'n',	3,      515,     0 ), /*   514 md                */
+  S_ST( 's',	3,      516,     0 ), /*   515 mdn               */
+  S_ST( 't',	3,      517,     0 ), /*   516 mdns              */
+  S_ST( 'r',	3,      518,     0 ), /*   517 mdnst             */
+  S_ST( 'i',	3,      519,     0 ), /*   518 mdnstr            */
+  S_ST( 'e',	3,      348,     0 ), /*   519 mdnstri           */
+  S_ST( 'e',	3,      349,   513 ), /*   520 m                 */
+  S_ST( 'l',	3,      522,     0 ), /*   521 mem               */
+  S_ST( 'o',	3,      523,     0 ), /*   522 meml              */
+  S_ST( 'c',	3,      350,     0 ), /*   523 memlo             */
+  S_ST( 'i',	3,      525,   520 ), /*   524 m                 */
+  S_ST( 'n',	3,      542,     0 ), /*   525 mi                */
+  S_ST( 'c',	3,      527,     0 ), /*   526 min               */
+  S_ST( 'l',	3,      528,     0 ), /*   527 minc              */
+  S_ST( 'o',	3,      529,     0 ), /*   528 mincl             */
+  S_ST( 'c',	3,      351,     0 ), /*   529 minclo            */
+  S_ST( 'd',	3,      534,   526 ), /*   530 min               */
+  S_ST( 'e',	3,      532,     0 ), /*   531 mind              */
+  S_ST( 'p',	3,      533,     0 ), /*   532 minde             */
+  S_ST( 't',	3,      352,     0 ), /*   533 mindep            */
+  S_ST( 'i',	3,      535,   531 ), /*   534 mind              */
+  S_ST( 's',	3,      353,     0 ), /*   535 mindi             */
+  S_ST( 'i',	3,      537,   530 ), /*   536 min               */
+  S_ST( 'm',	3,      538,     0 ), /*   537 mini              */
+  S_ST( 'u',	3,      354,     0 ), /*   538 minim             */
+  S_ST( 'p',	3,      540,   536 ), /*   539 min               */
+  S_ST( 'o',	3,      541,     0 ), /*   540 minp              */
+  S_ST( 'l',	3,      355,     0 ), /*   541 minpo             */
+  S_ST( 's',	3,      543,   539 ), /*   542 min               */
+  S_ST( 'a',	3,      544,     0 ), /*   543 mins              */
+  S_ST( 'n',	3,      356,     0 ), /*   544 minsa             */
+  S_ST( 'o',	3,      547,   524 ), /*   545 m                 */
+  S_ST( 'd',	3,      357,     0 ), /*   546 mo                */
+  S_ST( 'n',	3,      551,   546 ), /*   547 mo                */
+  S_ST( 'i',	3,      549,     0 ), /*   548 mon               */
+  S_ST( 't',	3,      550,     0 ), /*   549 moni              */
+  S_ST( 'o',	3,      359,     0 ), /*   550 monit             */
+  S_ST( 't',	3,      360,   548 ), /*   551 mon               */
+  S_ST( 'r',	3,      361,   545 ), /*   552 m                 */
+  S_ST( 's',	3,      554,   552 ), /*   553 m                 */
+  S_ST( 's',	3,      555,     0 ), /*   554 ms                */
+  S_ST( 'n',	3,      556,     0 ), /*   555 mss               */
+  S_ST( 't',	3,      329,     0 ), /*   556 mssn              */
+  S_ST( 'u',	3,      558,   553 ), /*   557 m                 */
+  S_ST( 'l',	3,      559,     0 ), /*   558 mu                */
+  S_ST( 't',	3,      560,     0 ), /*   559 mul               */
+  S_ST( 'i',	3,      561,     0 ), /*   560 mult              */
+  S_ST( 'c',	3,      562,     0 ), /*   561 multi             */
+  S_ST( 'a',	3,      563,     0 ), /*   562 multic            */
+  S_ST( 's',	3,      564,     0 ), /*   563 multica           */
+  S_ST( 't',	3,      565,     0 ), /*   564 multicas          */
+  S_ST( 'c',	3,      566,     0 ), /*   565 multicast         */
+  S_ST( 'l',	3,      567,     0 ), /*   566 multicastc        */
+  S_ST( 'i',	3,      568,     0 ), /*   567 multicastcl       */
+  S_ST( 'e',	3,      569,     0 ), /*   568 multicastcli      */
+  S_ST( 'n',	3,      362,     0 ), /*   569 multicastclie     */
+  S_ST( 'n',	3,      613,   476 ), /*   570                   */
+  S_ST( 'i',	3,      363,     0 ), /*   571 n                 */
+  S_ST( 'o',	3,      608,   571 ), /*   572 n                 */
+  S_ST( 'l',	3,      574,     0 ), /*   573 no                */
+  S_ST( 'i',	3,      575,     0 ), /*   574 nol               */
+  S_ST( 'n',	3,      364,     0 ), /*   575 noli              */
+  S_ST( 'm',	3,      581,   573 ), /*   576 no                */
+  S_ST( 'o',	3,      578,     0 ), /*   577 nom               */
+  S_ST( 'd',	3,      579,     0 ), /*   578 nomo              */
+  S_ST( 'i',	3,      580,     0 ), /*   579 nomod             */
+  S_ST( 'f',	3,      365,     0 ), /*   580 nomodi            */
+  S_ST( 'r',	3,      582,   577 ), /*   581 nom               */
+  S_ST( 'u',	3,      583,     0 ), /*   582 nomr              */
+  S_ST( 'l',	3,      584,     0 ), /*   583 nomru             */
+  S_ST( 'i',	3,      585,     0 ), /*   584 nomrul            */
+  S_ST( 's',	3,      366,     0 ), /*   585 nomruli           */
+  S_ST( 'n',	3,      587,   576 ), /*   586 no                */
+  S_ST( 'v',	3,      588,   367 ), /*   587 non               */
+  S_ST( 'o',	3,      589,     0 ), /*   588 nonv              */
+  S_ST( 'l',	3,      590,     0 ), /*   589 nonvo             */
+  S_ST( 'a',	3,      591,     0 ), /*   590 nonvol            */
+  S_ST( 't',	3,      592,     0 ), /*   591 nonvola           */
+  S_ST( 'i',	3,      593,     0 ), /*   592 nonvolat          */
+  S_ST( 'l',	3,      368,     0 ), /*   593 nonvolati         */
+  S_ST( 'p',	3,      595,   586 ), /*   594 no                */
+  S_ST( 'e',	3,      596,     0 ), /*   595 nop               */
+  S_ST( 'e',	3,      369,     0 ), /*   596 nope              */
+  S_ST( 'q',	3,      598,   594 ), /*   597 no                */
+  S_ST( 'u',	3,      599,     0 ), /*   598 noq               */
+  S_ST( 'e',	3,      600,     0 ), /*   599 noqu              */
+  S_ST( 'r',	3,      370,     0 ), /*   600 noque             */
+  S_ST( 's',	3,      602,   597 ), /*   601 no                */
+  S_ST( 'e',	3,      606,     0 ), /*   602 nos               */
+  S_ST( 'l',	3,      604,     0 ), /*   603 nose              */
+  S_ST( 'e',	3,      605,     0 ), /*   604 nosel             */
+  S_ST( 'c',	3,      371,     0 ), /*   605 nosele            */
+  S_ST( 'r',	3,      607,   603 ), /*   606 nose              */
+  S_ST( 'v',	3,      372,     0 ), /*   607 noser             */
+  S_ST( 't',	3,      609,   601 ), /*   608 no                */
+  S_ST( 'r',	3,      611,     0 ), /*   609 not               */
+  S_ST( 'a',	3,      373,     0 ), /*   610 notr              */
+  S_ST( 'u',	3,      612,   610 ), /*   611 notr              */
+  S_ST( 's',	3,      374,     0 ), /*   612 notru             */
+  S_ST( 't',	3,      375,   572 ), /*   613 n                 */
+  S_ST( 'p',	3,      615,     0 ), /*   614 ntp               */
+  S_ST( 'o',	3,      616,     0 ), /*   615 ntpp              */
+  S_ST( 'r',	3,      376,     0 ), /*   616 ntppo             */
+  S_ST( 's',	3,      618,   614 ), /*   617 ntp               */
+  S_ST( 'i',	3,      619,     0 ), /*   618 ntps              */
+  S_ST( 'g',	3,      620,     0 ), /*   619 ntpsi             */
+  S_ST( 'n',	3,      621,     0 ), /*   620 ntpsig            */
+  S_ST( 'd',	3,      622,     0 ), /*   621 ntpsign           */
+  S_ST( 's',	3,      623,     0 ), /*   622 ntpsignd          */
+  S_ST( 'o',	3,      624,     0 ), /*   623 ntpsignds         */
+  S_ST( 'c',	3,      625,     0 ), /*   624 ntpsigndso        */
+  S_ST( 'k',	3,      626,     0 ), /*   625 ntpsigndsoc       */
+  S_ST( 'e',	3,      377,     0 ), /*   626 ntpsigndsock      */
+  S_ST( 'o',	3,      628,   570 ), /*   627                   */
+  S_ST( 'r',	3,      629,     0 ), /*   628 o                 */
+  S_ST( 'p',	3,      630,     0 ), /*   629 or                */
+  S_ST( 'h',	3,      631,     0 ), /*   630 orp               */
+  S_ST( 'a',	3,      378,     0 ), /*   631 orph              */
+  S_ST( 'w',	3,      633,     0 ), /*   632 orphan            */
+  S_ST( 'a',	3,      634,     0 ), /*   633 orphanw           */
+  S_ST( 'i',	3,      379,     0 ), /*   634 orphanwa          */
+  S_ST( 'p',	3,      391,   627 ), /*   635                   */
+  S_ST( 'a',	3,      637,     0 ), /*   636 p                 */
+  S_ST( 'n',	3,      638,     0 ), /*   637 pa                */
+  S_ST( 'i',	3,      380,     0 ), /*   638 pan               */
+  S_ST( 'e',	3,      640,   636 ), /*   639 p                 */
+  S_ST( 'e',	3,      381,     0 ), /*   640 pe                */
+  S_ST( 's',	3,      642,     0 ), /*   641 peer              */
+  S_ST( 't',	3,      643,     0 ), /*   642 peers             */
+  S_ST( 'a',	3,      644,     0 ), /*   643 peerst            */
+  S_ST( 't',	3,      382,     0 ), /*   644 peersta           */
+  S_ST( 'h',	3,      646,   639 ), /*   645 p                 */
+  S_ST( 'o',	3,      647,     0 ), /*   646 ph                */
+  S_ST( 'n',	3,      383,     0 ), /*   647 pho               */
+  S_ST( 'i',	3,      384,   645 ), /*   648 p                 */
+  S_ST( 'f',	3,      650,     0 ), /*   649 pid               */
+  S_ST( 'i',	3,      651,     0 ), /*   650 pidf              */
+  S_ST( 'l',	3,      385,     0 ), /*   651 pidfi             */
+  S_ST( 'o',	3,      654,   648 ), /*   652 p                 */
+  S_ST( 'o',	3,      386,     0 ), /*   653 po                */
+  S_ST( 'r',	3,      387,   653 ), /*   654 po                */
+  S_ST( 'r',	3,      662,   652 ), /*   655 p                 */
+  S_ST( 'e',	3,      660,     0 ), /*   656 pr                */
+  S_ST( 'e',	3,      658,     0 ), /*   657 pre               */
+  S_ST( 'm',	3,      659,     0 ), /*   658 pree              */
+  S_ST( 'p',	3,      388,     0 ), /*   659 preem             */
+  S_ST( 'f',	3,      661,   657 ), /*   660 pre               */
+  S_ST( 'e',	3,      389,     0 ), /*   661 pref              */
+  S_ST( 'o',	3,      675,   656 ), /*   662 pr                */
+  S_ST( 'c',	3,      664,     0 ), /*   663 pro               */
+  S_ST( '_',	3,      665,     0 ), /*   664 proc              */
+  S_ST( 'd',	3,      666,     0 ), /*   665 proc_             */
+  S_ST( 'e',	3,      667,     0 ), /*   666 proc_d            */
+  S_ST( 'l',	3,      668,     0 ), /*   667 proc_de           */
+  S_ST( 'a',	3,      451,     0 ), /*   668 proc_del          */
+  S_ST( 'p',	3,      670,   663 ), /*   669 pro               */
+  S_ST( '_',	3,      671,     0 ), /*   670 prop              */
+  S_ST( 'd',	3,      672,     0 ), /*   671 prop_             */
+  S_ST( 'e',	3,      673,     0 ), /*   672 prop_d            */
+  S_ST( 'l',	3,      674,     0 ), /*   673 prop_de           */
+  S_ST( 'a',	3,      450,     0 ), /*   674 prop_del          */
+  S_ST( 't',	3,      676,   669 ), /*   675 pro               */
+  S_ST( 'o',	3,      677,     0 ), /*   676 prot              */
+  S_ST( 's',	3,      678,     0 ), /*   677 proto             */
+  S_ST( 't',	3,      679,     0 ), /*   678 protos            */
+  S_ST( 'a',	3,      680,     0 ), /*   679 protost           */
+  S_ST( 't',	3,      390,     0 ), /*   680 protosta          */
+  S_ST( 'r',	3,      712,   635 ), /*   681                   */
+  S_ST( 'a',	3,      688,     0 ), /*   682 r                 */
+  S_ST( 'n',	3,      684,     0 ), /*   683 ra                */
+  S_ST( 'd',	3,      685,     0 ), /*   684 ran               */
+  S_ST( 'f',	3,      686,     0 ), /*   685 rand              */
+  S_ST( 'i',	3,      687,     0 ), /*   686 randf             */
+  S_ST( 'l',	3,      392,     0 ), /*   687 randfi            */
+  S_ST( 'w',	3,      689,   683 ), /*   688 ra                */
+  S_ST( 's',	3,      690,     0 ), /*   689 raw               */
+  S_ST( 't',	3,      691,     0 ), /*   690 raws              */
+  S_ST( 'a',	3,      692,     0 ), /*   691 rawst             */
+  S_ST( 't',	3,      393,     0 ), /*   692 rawsta            */
+  S_ST( 'e',	3,      709,   682 ), /*   693 r                 */
+  S_ST( 'f',	3,      695,     0 ), /*   694 re                */
+  S_ST( 'i',	3,      394,     0 ), /*   695 ref               */
+  S_ST( 'q',	3,      697,   694 ), /*   696 re                */
+  S_ST( 'u',	3,      698,     0 ), /*   697 req               */
+  S_ST( 'e',	3,      699,     0 ), /*   698 requ              */
+  S_ST( 's',	3,      700,     0 ), /*   699 reque             */
+  S_ST( 't',	3,      701,     0 ), /*   700 reques            */
+  S_ST( 'k',	3,      702,     0 ), /*   701 request           */
+  S_ST( 'e',	3,      395,     0 ), /*   702 requestk          */
+  S_ST( 's',	3,      705,   696 ), /*   703 re                */
+  S_ST( 'e',	3,      396,     0 ), /*   704 res               */
+  S_ST( 't',	3,      706,   704 ), /*   705 res               */
+  S_ST( 'r',	3,      707,     0 ), /*   706 rest              */
+  S_ST( 'i',	3,      708,     0 ), /*   707 restr             */
+  S_ST( 'c',	3,      397,     0 ), /*   708 restri            */
+  S_ST( 'v',	3,      710,   703 ), /*   709 re                */
+  S_ST( 'o',	3,      711,     0 ), /*   710 rev               */
+  S_ST( 'k',	3,      398,     0 ), /*   711 revo              */
+  S_ST( 'l',	3,      713,   693 ), /*   712 r                 */
+  S_ST( 'i',	3,      714,     0 ), /*   713 rl                */
+  S_ST( 'm',	3,      715,     0 ), /*   714 rli               */
+  S_ST( 'i',	3,      399,     0 ), /*   715 rlim              */
+  S_ST( 's',	3,      789,   681 ), /*   716                   */
+  S_ST( 'a',	3,      718,     0 ), /*   717 s                 */
+  S_ST( 'v',	3,      719,     0 ), /*   718 sa                */
+  S_ST( 'e',	3,      720,     0 ), /*   719 sav               */
+  S_ST( 'c',	3,      721,     0 ), /*   720 save              */
+  S_ST( 'o',	3,      722,     0 ), /*   721 savec             */
+  S_ST( 'n',	3,      723,     0 ), /*   722 saveco            */
+  S_ST( 'f',	3,      724,     0 ), /*   723 savecon           */
+  S_ST( 'i',	3,      725,     0 ), /*   724 saveconf          */
+  S_ST( 'g',	3,      726,     0 ), /*   725 saveconfi         */
+  S_ST( 'd',	3,      727,     0 ), /*   726 saveconfig        */
+  S_ST( 'i',	3,      400,     0 ), /*   727 saveconfigd       */
+  S_ST( 'e',	3,      738,   717 ), /*   728 s                 */
+  S_ST( 'r',	3,      730,     0 ), /*   729 se                */
+  S_ST( 'v',	3,      731,     0 ), /*   730 ser               */
+  S_ST( 'e',	3,      401,     0 ), /*   731 serv              */
+  S_ST( '_',	3,      733,     0 ), /*   732 server            */
+  S_ST( 'o',	3,      734,     0 ), /*   733 server_           */
+  S_ST( 'f',	3,      735,     0 ), /*   734 server_o          */
+  S_ST( 'f',	3,      736,     0 ), /*   735 server_of         */
+  S_ST( 's',	3,      737,     0 ), /*   736 server_off        */
+  S_ST( 'e',	3,      445,     0 ), /*   737 server_offs       */
+  S_ST( 't',	3,      739,   729 ), /*   738 se                */
+  S_ST( 'v',	3,      740,     0 ), /*   739 set               */
+  S_ST( 'a',	3,      402,     0 ), /*   740 setv              */
+  S_ST( 'i',	3,      742,   728 ), /*   741 s                 */
+  S_ST( 'm',	3,      743,     0 ), /*   742 si                */
+  S_ST( 'u',	3,      744,     0 ), /*   743 sim               */
+  S_ST( 'l',	3,      745,     0 ), /*   744 simu              */
+  S_ST( 'a',	3,      746,     0 ), /*   745 simul             */
+  S_ST( 't',	3,      747,     0 ), /*   746 simula            */
+  S_ST( 'i',	3,      748,   442 ), /*   747 simulat           */
+  S_ST( 'o',	3,      749,     0 ), /*   748 simulati          */
+  S_ST( 'n',	3,      750,     0 ), /*   749 simulatio         */
+  S_ST( '_',	3,      751,     0 ), /*   750 simulation        */
+  S_ST( 'd',	3,      752,     0 ), /*   751 simulation_       */
+  S_ST( 'u',	3,      753,     0 ), /*   752 simulation_d      */
+  S_ST( 'r',	3,      754,     0 ), /*   753 simulation_du     */
+  S_ST( 'a',	3,      755,     0 ), /*   754 simulation_dur    */
+  S_ST( 't',	3,      756,     0 ), /*   755 simulation_dura   */
+  S_ST( 'i',	3,      757,     0 ), /*   756 simulation_durat  */
+  S_ST( 'o',	3,      444,     0 ), /*   757 simulation_durati */
+  S_ST( 'o',	3,      759,   741 ), /*   758 s                 */
+  S_ST( 'u',	3,      760,     0 ), /*   759 so                */
+  S_ST( 'r',	3,      761,     0 ), /*   760 sou               */
+  S_ST( 'c',	3,      403,     0 ), /*   761 sour              */
+  S_ST( 't',	3,      785,   758 ), /*   762 s                 */
+  S_ST( 'a',	3,      769,     0 ), /*   763 st                */
+  S_ST( 'c',	3,      765,     0 ), /*   764 sta               */
+  S_ST( 'k',	3,      766,     0 ), /*   765 stac              */
+  S_ST( 's',	3,      767,     0 ), /*   766 stack             */
+  S_ST( 'i',	3,      768,     0 ), /*   767 stacks            */
+  S_ST( 'z',	3,      404,     0 ), /*   768 stacksi           */
+  S_ST( 't',	3,      406,   764 ), /*   769 sta               */
+  S_ST( 'i',	3,      771,     0 ), /*   770 stat              */
+  S_ST( 's',	3,      772,     0 ), /*   771 stati             */
+  S_ST( 't',	3,      773,     0 ), /*   772 statis            */
+  S_ST( 'i',	3,      774,     0 ), /*   773 statist           */
+  S_ST( 'c',	3,      405,     0 ), /*   774 statisti          */
+  S_ST( 'd',	3,      776,     0 ), /*   775 stats             */
+  S_ST( 'i',	3,      407,     0 ), /*   776 statsd            */
+  S_ST( 'e',	3,      408,   763 ), /*   777 st                */
+  S_ST( 'b',	3,      779,     0 ), /*   778 step              */
+  S_ST( 'a',	3,      780,     0 ), /*   779 stepb             */
+  S_ST( 'c',	3,      409,     0 ), /*   780 stepba            */
+  S_ST( 'f',	3,      782,   778 ), /*   781 step              */
+  S_ST( 'w',	3,      410,     0 ), /*   782 stepf             */
+  S_ST( 'o',	3,      784,   781 ), /*   783 step              */
+  S_ST( 'u',	3,      411,     0 ), /*   784 stepo             */
+  S_ST( 'r',	3,      786,   777 ), /*   785 st                */
+  S_ST( 'a',	3,      787,     0 ), /*   786 str               */
+  S_ST( 't',	3,      788,     0 ), /*   787 stra              */
+  S_ST( 'u',	3,      412,     0 ), /*   788 strat             */
+  S_ST( 'y',	3,      414,   762 ), /*   789 s                 */
+  S_ST( 's',	3,      791,     0 ), /*   790 sys               */
+  S_ST( 't',	3,      792,     0 ), /*   791 syss              */
+  S_ST( 'a',	3,      793,     0 ), /*   792 sysst             */
+  S_ST( 't',	3,      415,     0 ), /*   793 syssta            */
+  S_ST( 't',	3,      820,   716 ), /*   794                   */
+  S_ST( 'i',	3,      806,     0 ), /*   795 t                 */
+  S_ST( 'c',	3,      416,     0 ), /*   796 ti                */
+  S_ST( 'm',	3,      799,   796 ), /*   797 ti                */
+  S_ST( 'e',	3,      419,     0 ), /*   798 tim               */
+  S_ST( 'i',	3,      800,   798 ), /*   799 tim               */
+  S_ST( 'n',	3,      801,     0 ), /*   800 timi              */
+  S_ST( 'g',	3,      802,     0 ), /*   801 timin             */
+  S_ST( 's',	3,      803,     0 ), /*   802 timing            */
+  S_ST( 't',	3,      804,     0 ), /*   803 timings           */
+  S_ST( 'a',	3,      805,     0 ), /*   804 timingst          */
+  S_ST( 't',	3,      420,     0 ), /*   805 timingsta         */
+  S_ST( 'n',	3,      807,   797 ), /*   806 ti                */
+  S_ST( 'k',	3,      808,     0 ), /*   807 tin               */
+  S_ST( 'e',	3,      421,     0 ), /*   808 tink              */
+  S_ST( 'o',	3,      422,   795 ), /*   809 t                 */
+  S_ST( 'r',	3,      812,   809 ), /*   810 t                 */
+  S_ST( 'a',	3,      423,     0 ), /*   811 tr                */
+  S_ST( 'u',	3,      813,   811 ), /*   812 tr                */
+  S_ST( 's',	3,      814,   424 ), /*   813 tru               */
+  S_ST( 't',	3,      815,     0 ), /*   814 trus              */
+  S_ST( 'e',	3,      816,     0 ), /*   815 trust             */
+  S_ST( 'd',	3,      817,     0 ), /*   816 truste            */
+  S_ST( 'k',	3,      818,     0 ), /*   817 trusted           */
+  S_ST( 'e',	3,      425,     0 ), /*   818 trustedk          */
+  S_ST( 't',	3,      426,   810 ), /*   819 t                 */
+  S_ST( 'y',	3,      821,   819 ), /*   820 t                 */
+  S_ST( 'p',	3,      427,     0 ), /*   821 ty                */
+  S_ST( 'u',	3,      823,   794 ), /*   822                   */
+  S_ST( 'n',	3,      829,     0 ), /*   823 u                 */
+  S_ST( 'c',	3,      825,     0 ), /*   824 un                */
+  S_ST( 'o',	3,      826,     0 ), /*   825 unc               */
+  S_ST( 'n',	3,      827,     0 ), /*   826 unco              */
+  S_ST( 'f',	3,      828,     0 ), /*   827 uncon             */
+  S_ST( 'i',	3,      432,     0 ), /*   828 unconf            */
+  S_ST( 'p',	3,      830,   824 ), /*   829 un                */
+  S_ST( 'e',	3,      831,     0 ), /*   830 unp               */
+  S_ST( 'e',	3,      433,     0 ), /*   831 unpe              */
+  S_ST( '_',	3,      852,     0 ), /*   832 unpeer            */
+  S_ST( 'c',	3,      834,     0 ), /*   833 unpeer_           */
+  S_ST( 'r',	3,      835,     0 ), /*   834 unpeer_c          */
+  S_ST( 'y',	3,      836,     0 ), /*   835 unpeer_cr         */
+  S_ST( 'p',	3,      837,     0 ), /*   836 unpeer_cry        */
+  S_ST( 't',	3,      838,     0 ), /*   837 unpeer_cryp       */
+  S_ST( 'o',	3,      839,     0 ), /*   838 unpeer_crypt      */
+  S_ST( '_',	3,      844,     0 ), /*   839 unpeer_crypto     */
+  S_ST( 'e',	3,      841,     0 ), /*   840 unpeer_crypto_    */
+  S_ST( 'a',	3,      842,     0 ), /*   841 unpeer_crypto_e   */
+  S_ST( 'r',	3,      843,     0 ), /*   842 unpeer_crypto_ea  */
+  S_ST( 'l',	3,      429,     0 ), /*   843 unpeer_crypto_ear */
+  S_ST( 'n',	3,      845,   840 ), /*   844 unpeer_crypto_    */
+  S_ST( 'a',	3,      846,     0 ), /*   845 unpeer_crypto_n   */
+  S_ST( 'k',	3,      847,     0 ), /*   846 unpeer_crypto_na  */
+  S_ST( '_',	3,      848,     0 ), /*   847 unpeer_crypto_nak */
+  S_ST( 'e',	3,      849,     0 ), /*   848 unpeer_crypto_nak_ */
+  S_ST( 'a',	3,      850,     0 ), /*   849 unpeer_crypto_nak_e */
+  S_ST( 'r',	3,      851,     0 ), /*   850 unpeer_crypto_nak_ea */
+  S_ST( 'l',	3,      430,     0 ), /*   851 unpeer_crypto_nak_ear */
+  S_ST( 'd',	3,      853,   833 ), /*   852 unpeer_           */
+  S_ST( 'i',	3,      854,     0 ), /*   853 unpeer_d          */
+  S_ST( 'g',	3,      855,     0 ), /*   854 unpeer_di         */
+  S_ST( 'e',	3,      856,     0 ), /*   855 unpeer_dig        */
+  S_ST( 's',	3,      857,     0 ), /*   856 unpeer_dige       */
+  S_ST( 't',	3,      858,     0 ), /*   857 unpeer_diges      */
+  S_ST( '_',	3,      859,     0 ), /*   858 unpeer_digest     */
+  S_ST( 'e',	3,      860,     0 ), /*   859 unpeer_digest_    */
+  S_ST( 'a',	3,      861,     0 ), /*   860 unpeer_digest_e   */
+  S_ST( 'r',	3,      862,     0 ), /*   861 unpeer_digest_ea  */
+  S_ST( 'l',	3,      431,     0 ), /*   862 unpeer_digest_ear */
+  S_ST( 'v',	3,      864,   822 ), /*   863                   */
+  S_ST( 'e',	3,      865,     0 ), /*   864 v                 */
+  S_ST( 'r',	3,      866,     0 ), /*   865 ve                */
+  S_ST( 's',	3,      867,     0 ), /*   866 ver               */
+  S_ST( 'i',	3,      868,     0 ), /*   867 vers              */
+  S_ST( 'o',	3,      434,     0 ), /*   868 versi             */
+  S_ST( 'w',	3,      876,   863 ), /*   869                   */
+  S_ST( 'a',	3,      871,     0 ), /*   870 w                 */
+  S_ST( 'n',	3,      872,     0 ), /*   871 wa                */
+  S_ST( 'd',	3,      873,     0 ), /*   872 wan               */
+  S_ST( 'e',	3,      448,     0 ), /*   873 wand              */
+  S_ST( 'e',	3,      875,   870 ), /*   874 w                 */
+  S_ST( 'e',	3,      436,     0 ), /*   875 we                */
+  S_ST( 'i',	3,      877,   874 ), /*   876 w                 */
+  S_ST( 'l',	3,      878,     0 ), /*   877 wi                */
+  S_ST( 'd',	3,      879,     0 ), /*   878 wil               */
+  S_ST( 'c',	3,      880,     0 ), /*   879 wild              */
+  S_ST( 'a',	3,      881,     0 ), /*   880 wildc             */
+  S_ST( 'r',	3,      437,     0 ), /*   881 wildca            */
+  S_ST( 'x',	3,      883,   869 ), /*   882                   */
+  S_ST( 'l',	3,      884,     0 ), /*   883 x                 */
+  S_ST( 'e',	3,      885,     0 ), /*   884 xl                */
+  S_ST( 'a',	3,      886,     0 ), /*   885 xle               */
+  S_ST( 'v',	3,      438,     0 ), /*   886 xlea              */
+  S_ST( 'y',	3,      888,   882 ), /*   887 [initial state]   */
+  S_ST( 'e',	3,      889,     0 ), /*   888 y                 */
+  S_ST( 'a',	3,      439,     0 )  /*   889 ye                */
 };
 
diff --git a/contrib/ntp/ntpd/ntp_parser.c b/contrib/ntp/ntpd/ntp_parser.c
index cc17950..3159669 100644
--- a/contrib/ntp/ntpd/ntp_parser.c
+++ b/contrib/ntp/ntpd/ntp_parser.c
@@ -1,19 +1,19 @@
-/* A Bison parser, made by GNU Bison 3.0.2.  */
+/* A Bison parser, made by GNU Bison 2.7.12-4996.  */
 
 /* Bison implementation for Yacc-like parsers in C
-
-   Copyright (C) 1984, 1989-1990, 2000-2013 Free Software Foundation, Inc.
-
+   
+      Copyright (C) 1984, 1989-1990, 2000-2013 Free Software Foundation, Inc.
+   
    This program is free software: you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation, either version 3 of the License, or
    (at your option) any later version.
-
+   
    This program is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU General Public License for more details.
-
+   
    You should have received a copy of the GNU General Public License
    along with this program.  If not, see <http://www.gnu.org/licenses/>.  */
 
@@ -26,7 +26,7 @@
    special exception, which will cause the skeleton and the resulting
    Bison output files to be licensed under the GNU General Public
    License without this special exception.
-
+   
    This special exception was added by the Free Software Foundation in
    version 2.2 of Bison.  */
 
@@ -44,7 +44,7 @@
 #define YYBISON 1
 
 /* Bison version.  */
-#define YYBISON_VERSION "3.0.2"
+#define YYBISON_VERSION "2.7.12-4996"
 
 /* Skeleton name.  */
 #define YYSKELETON_NAME "yacc.c"
@@ -62,7 +62,8 @@
 
 
 /* Copy the first part of user declarations.  */
-#line 11 "../../ntpd/ntp_parser.y" /* yacc.c:339  */
+/* Line 371 of yacc.c  */
+#line 11 "../../ntpd/ntp_parser.y"
 
   #ifdef HAVE_CONFIG_H
   # include <config.h>
@@ -96,13 +97,14 @@
   #  define ONLY_SIM(a)	NULL
   #endif
 
-#line 100 "../../ntpd/ntp_parser.c" /* yacc.c:339  */
+/* Line 371 of yacc.c  */
+#line 102 "ntp_parser.c"
 
-# ifndef YY_NULLPTR
+# ifndef YY_NULL
 #  if defined __cplusplus && 201103L <= __cplusplus
-#   define YY_NULLPTR nullptr
+#   define YY_NULL nullptr
 #  else
-#   define YY_NULLPTR 0
+#   define YY_NULL 0
 #  endif
 # endif
 
@@ -116,9 +118,9 @@
 
 /* In a future release of Bison, this section will be replaced
    by #include "y.tab.h".  */
-#ifndef YY_YY__NTPD_NTP_PARSER_H_INCLUDED
-# define YY_YY__NTPD_NTP_PARSER_H_INCLUDED
-/* Debug traces.  */
+#ifndef YY_YY_NTP_PARSER_H_INCLUDED
+# define YY_YY_NTP_PARSER_H_INCLUDED
+/* Enabling traces.  */
 #ifndef YYDEBUG
 # define YYDEBUG 1
 #endif
@@ -126,203 +128,207 @@
 extern int yydebug;
 #endif
 
-/* Token type.  */
+/* Tokens.  */
 #ifndef YYTOKENTYPE
 # define YYTOKENTYPE
-  enum yytokentype
-  {
-    T_Abbrev = 258,
-    T_Age = 259,
-    T_All = 260,
-    T_Allan = 261,
-    T_Allpeers = 262,
-    T_Auth = 263,
-    T_Autokey = 264,
-    T_Automax = 265,
-    T_Average = 266,
-    T_Bclient = 267,
-    T_Beacon = 268,
-    T_Broadcast = 269,
-    T_Broadcastclient = 270,
-    T_Broadcastdelay = 271,
-    T_Burst = 272,
-    T_Calibrate = 273,
-    T_Ceiling = 274,
-    T_Clockstats = 275,
-    T_Cohort = 276,
-    T_ControlKey = 277,
-    T_Crypto = 278,
-    T_Cryptostats = 279,
-    T_Ctl = 280,
-    T_Day = 281,
-    T_Default = 282,
-    T_Digest = 283,
-    T_Disable = 284,
-    T_Discard = 285,
-    T_Dispersion = 286,
-    T_Double = 287,
-    T_Driftfile = 288,
-    T_Drop = 289,
-    T_Dscp = 290,
-    T_Ellipsis = 291,
-    T_Enable = 292,
-    T_End = 293,
-    T_False = 294,
-    T_File = 295,
-    T_Filegen = 296,
-    T_Filenum = 297,
-    T_Flag1 = 298,
-    T_Flag2 = 299,
-    T_Flag3 = 300,
-    T_Flag4 = 301,
-    T_Flake = 302,
-    T_Floor = 303,
-    T_Freq = 304,
-    T_Fudge = 305,
-    T_Host = 306,
-    T_Huffpuff = 307,
-    T_Iburst = 308,
-    T_Ident = 309,
-    T_Ignore = 310,
-    T_Incalloc = 311,
-    T_Incmem = 312,
-    T_Initalloc = 313,
-    T_Initmem = 314,
-    T_Includefile = 315,
-    T_Integer = 316,
-    T_Interface = 317,
-    T_Intrange = 318,
-    T_Io = 319,
-    T_Ipv4 = 320,
-    T_Ipv4_flag = 321,
-    T_Ipv6 = 322,
-    T_Ipv6_flag = 323,
-    T_Kernel = 324,
-    T_Key = 325,
-    T_Keys = 326,
-    T_Keysdir = 327,
-    T_Kod = 328,
-    T_Mssntp = 329,
-    T_Leapfile = 330,
-    T_Leapsmearinterval = 331,
-    T_Limited = 332,
-    T_Link = 333,
-    T_Listen = 334,
-    T_Logconfig = 335,
-    T_Logfile = 336,
-    T_Loopstats = 337,
-    T_Lowpriotrap = 338,
-    T_Manycastclient = 339,
-    T_Manycastserver = 340,
-    T_Mask = 341,
-    T_Maxage = 342,
-    T_Maxclock = 343,
-    T_Maxdepth = 344,
-    T_Maxdist = 345,
-    T_Maxmem = 346,
-    T_Maxpoll = 347,
-    T_Mdnstries = 348,
-    T_Mem = 349,
-    T_Memlock = 350,
-    T_Minclock = 351,
-    T_Mindepth = 352,
-    T_Mindist = 353,
-    T_Minimum = 354,
-    T_Minpoll = 355,
-    T_Minsane = 356,
-    T_Mode = 357,
-    T_Mode7 = 358,
-    T_Monitor = 359,
-    T_Month = 360,
-    T_Mru = 361,
-    T_Multicastclient = 362,
-    T_Nic = 363,
-    T_Nolink = 364,
-    T_Nomodify = 365,
-    T_Nomrulist = 366,
-    T_None = 367,
-    T_Nonvolatile = 368,
-    T_Nopeer = 369,
-    T_Noquery = 370,
-    T_Noselect = 371,
-    T_Noserve = 372,
-    T_Notrap = 373,
-    T_Notrust = 374,
-    T_Ntp = 375,
-    T_Ntpport = 376,
-    T_NtpSignDsocket = 377,
-    T_Orphan = 378,
-    T_Orphanwait = 379,
-    T_Panic = 380,
-    T_Peer = 381,
-    T_Peerstats = 382,
-    T_Phone = 383,
-    T_Pid = 384,
-    T_Pidfile = 385,
-    T_Pool = 386,
-    T_Port = 387,
-    T_Preempt = 388,
-    T_Prefer = 389,
-    T_Protostats = 390,
-    T_Pw = 391,
-    T_Randfile = 392,
-    T_Rawstats = 393,
-    T_Refid = 394,
-    T_Requestkey = 395,
-    T_Reset = 396,
-    T_Restrict = 397,
-    T_Revoke = 398,
-    T_Rlimit = 399,
-    T_Saveconfigdir = 400,
-    T_Server = 401,
-    T_Setvar = 402,
-    T_Source = 403,
-    T_Stacksize = 404,
-    T_Statistics = 405,
-    T_Stats = 406,
-    T_Statsdir = 407,
-    T_Step = 408,
-    T_Stepback = 409,
-    T_Stepfwd = 410,
-    T_Stepout = 411,
-    T_Stratum = 412,
-    T_String = 413,
-    T_Sys = 414,
-    T_Sysstats = 415,
-    T_Tick = 416,
-    T_Time1 = 417,
-    T_Time2 = 418,
-    T_Timer = 419,
-    T_Timingstats = 420,
-    T_Tinker = 421,
-    T_Tos = 422,
-    T_Trap = 423,
-    T_True = 424,
-    T_Trustedkey = 425,
-    T_Ttl = 426,
-    T_Type = 427,
-    T_U_int = 428,
-    T_Unconfig = 429,
-    T_Unpeer = 430,
-    T_Version = 431,
-    T_WanderThreshold = 432,
-    T_Week = 433,
-    T_Wildcard = 434,
-    T_Xleave = 435,
-    T_Year = 436,
-    T_Flag = 437,
-    T_EOC = 438,
-    T_Simulate = 439,
-    T_Beep_Delay = 440,
-    T_Sim_Duration = 441,
-    T_Server_Offset = 442,
-    T_Duration = 443,
-    T_Freq_Offset = 444,
-    T_Wander = 445,
-    T_Jitter = 446,
-    T_Prop_Delay = 447,
-    T_Proc_Delay = 448
-  };
+   /* Put the tokens into the symbol table, so that GDB and other debuggers
+      know about them.  */
+   enum yytokentype {
+     T_Abbrev = 258,
+     T_Age = 259,
+     T_All = 260,
+     T_Allan = 261,
+     T_Allpeers = 262,
+     T_Auth = 263,
+     T_Autokey = 264,
+     T_Automax = 265,
+     T_Average = 266,
+     T_Bclient = 267,
+     T_Beacon = 268,
+     T_Broadcast = 269,
+     T_Broadcastclient = 270,
+     T_Broadcastdelay = 271,
+     T_Burst = 272,
+     T_Calibrate = 273,
+     T_Ceiling = 274,
+     T_Clockstats = 275,
+     T_Cohort = 276,
+     T_ControlKey = 277,
+     T_Crypto = 278,
+     T_Cryptostats = 279,
+     T_Ctl = 280,
+     T_Day = 281,
+     T_Default = 282,
+     T_Digest = 283,
+     T_Disable = 284,
+     T_Discard = 285,
+     T_Dispersion = 286,
+     T_Double = 287,
+     T_Driftfile = 288,
+     T_Drop = 289,
+     T_Dscp = 290,
+     T_Ellipsis = 291,
+     T_Enable = 292,
+     T_End = 293,
+     T_False = 294,
+     T_File = 295,
+     T_Filegen = 296,
+     T_Filenum = 297,
+     T_Flag1 = 298,
+     T_Flag2 = 299,
+     T_Flag3 = 300,
+     T_Flag4 = 301,
+     T_Flake = 302,
+     T_Floor = 303,
+     T_Freq = 304,
+     T_Fudge = 305,
+     T_Host = 306,
+     T_Huffpuff = 307,
+     T_Iburst = 308,
+     T_Ident = 309,
+     T_Ignore = 310,
+     T_Incalloc = 311,
+     T_Incmem = 312,
+     T_Initalloc = 313,
+     T_Initmem = 314,
+     T_Includefile = 315,
+     T_Integer = 316,
+     T_Interface = 317,
+     T_Intrange = 318,
+     T_Io = 319,
+     T_Ipv4 = 320,
+     T_Ipv4_flag = 321,
+     T_Ipv6 = 322,
+     T_Ipv6_flag = 323,
+     T_Kernel = 324,
+     T_Key = 325,
+     T_Keys = 326,
+     T_Keysdir = 327,
+     T_Kod = 328,
+     T_Mssntp = 329,
+     T_Leapfile = 330,
+     T_Leapsmearinterval = 331,
+     T_Limited = 332,
+     T_Link = 333,
+     T_Listen = 334,
+     T_Logconfig = 335,
+     T_Logfile = 336,
+     T_Loopstats = 337,
+     T_Lowpriotrap = 338,
+     T_Manycastclient = 339,
+     T_Manycastserver = 340,
+     T_Mask = 341,
+     T_Maxage = 342,
+     T_Maxclock = 343,
+     T_Maxdepth = 344,
+     T_Maxdist = 345,
+     T_Maxmem = 346,
+     T_Maxpoll = 347,
+     T_Mdnstries = 348,
+     T_Mem = 349,
+     T_Memlock = 350,
+     T_Minclock = 351,
+     T_Mindepth = 352,
+     T_Mindist = 353,
+     T_Minimum = 354,
+     T_Minpoll = 355,
+     T_Minsane = 356,
+     T_Mode = 357,
+     T_Mode7 = 358,
+     T_Monitor = 359,
+     T_Month = 360,
+     T_Mru = 361,
+     T_Multicastclient = 362,
+     T_Nic = 363,
+     T_Nolink = 364,
+     T_Nomodify = 365,
+     T_Nomrulist = 366,
+     T_None = 367,
+     T_Nonvolatile = 368,
+     T_Nopeer = 369,
+     T_Noquery = 370,
+     T_Noselect = 371,
+     T_Noserve = 372,
+     T_Notrap = 373,
+     T_Notrust = 374,
+     T_Ntp = 375,
+     T_Ntpport = 376,
+     T_NtpSignDsocket = 377,
+     T_Orphan = 378,
+     T_Orphanwait = 379,
+     T_Panic = 380,
+     T_Peer = 381,
+     T_Peerstats = 382,
+     T_Phone = 383,
+     T_Pid = 384,
+     T_Pidfile = 385,
+     T_Pool = 386,
+     T_Port = 387,
+     T_Preempt = 388,
+     T_Prefer = 389,
+     T_Protostats = 390,
+     T_Pw = 391,
+     T_Randfile = 392,
+     T_Rawstats = 393,
+     T_Refid = 394,
+     T_Requestkey = 395,
+     T_Reset = 396,
+     T_Restrict = 397,
+     T_Revoke = 398,
+     T_Rlimit = 399,
+     T_Saveconfigdir = 400,
+     T_Server = 401,
+     T_Setvar = 402,
+     T_Source = 403,
+     T_Stacksize = 404,
+     T_Statistics = 405,
+     T_Stats = 406,
+     T_Statsdir = 407,
+     T_Step = 408,
+     T_Stepback = 409,
+     T_Stepfwd = 410,
+     T_Stepout = 411,
+     T_Stratum = 412,
+     T_String = 413,
+     T_Sys = 414,
+     T_Sysstats = 415,
+     T_Tick = 416,
+     T_Time1 = 417,
+     T_Time2 = 418,
+     T_Timer = 419,
+     T_Timingstats = 420,
+     T_Tinker = 421,
+     T_Tos = 422,
+     T_Trap = 423,
+     T_True = 424,
+     T_Trustedkey = 425,
+     T_Ttl = 426,
+     T_Type = 427,
+     T_U_int = 428,
+     T_UEcrypto = 429,
+     T_UEcryptonak = 430,
+     T_UEdigest = 431,
+     T_Unconfig = 432,
+     T_Unpeer = 433,
+     T_Version = 434,
+     T_WanderThreshold = 435,
+     T_Week = 436,
+     T_Wildcard = 437,
+     T_Xleave = 438,
+     T_Year = 439,
+     T_Flag = 440,
+     T_EOC = 441,
+     T_Simulate = 442,
+     T_Beep_Delay = 443,
+     T_Sim_Duration = 444,
+     T_Server_Offset = 445,
+     T_Duration = 446,
+     T_Freq_Offset = 447,
+     T_Wander = 448,
+     T_Jitter = 449,
+     T_Prop_Delay = 450,
+     T_Proc_Delay = 451
+   };
 #endif
 /* Tokens.  */
 #define T_Abbrev 258
@@ -496,33 +502,37 @@ extern int yydebug;
 #define T_Ttl 426
 #define T_Type 427
 #define T_U_int 428
-#define T_Unconfig 429
-#define T_Unpeer 430
-#define T_Version 431
-#define T_WanderThreshold 432
-#define T_Week 433
-#define T_Wildcard 434
-#define T_Xleave 435
-#define T_Year 436
-#define T_Flag 437
-#define T_EOC 438
-#define T_Simulate 439
-#define T_Beep_Delay 440
-#define T_Sim_Duration 441
-#define T_Server_Offset 442
-#define T_Duration 443
-#define T_Freq_Offset 444
-#define T_Wander 445
-#define T_Jitter 446
-#define T_Prop_Delay 447
-#define T_Proc_Delay 448
-
-/* Value type.  */
+#define T_UEcrypto 429
+#define T_UEcryptonak 430
+#define T_UEdigest 431
+#define T_Unconfig 432
+#define T_Unpeer 433
+#define T_Version 434
+#define T_WanderThreshold 435
+#define T_Week 436
+#define T_Wildcard 437
+#define T_Xleave 438
+#define T_Year 439
+#define T_Flag 440
+#define T_EOC 441
+#define T_Simulate 442
+#define T_Beep_Delay 443
+#define T_Sim_Duration 444
+#define T_Server_Offset 445
+#define T_Duration 446
+#define T_Freq_Offset 447
+#define T_Wander 448
+#define T_Jitter 449
+#define T_Prop_Delay 450
+#define T_Proc_Delay 451
+
+
+
 #if ! defined YYSTYPE && ! defined YYSTYPE_IS_DECLARED
-typedef union YYSTYPE YYSTYPE;
-union YYSTYPE
+typedef union YYSTYPE
 {
-#line 51 "../../ntpd/ntp_parser.y" /* yacc.c:355  */
+/* Line 387 of yacc.c  */
+#line 51 "../../ntpd/ntp_parser.y"
 
 	char *			String;
 	double			Double;
@@ -541,22 +551,37 @@ union YYSTYPE
 	script_info *		Sim_script;
 	script_info_fifo *	Sim_script_fifo;
 
-#line 545 "../../ntpd/ntp_parser.c" /* yacc.c:355  */
-};
+
+/* Line 387 of yacc.c  */
+#line 557 "ntp_parser.c"
+} YYSTYPE;
 # define YYSTYPE_IS_TRIVIAL 1
+# define yystype YYSTYPE /* obsolescent; will be withdrawn */
 # define YYSTYPE_IS_DECLARED 1
 #endif
 
-
 extern YYSTYPE yylval;
 
+#ifdef YYPARSE_PARAM
+#if defined __STDC__ || defined __cplusplus
+int yyparse (void *YYPARSE_PARAM);
+#else
+int yyparse ();
+#endif
+#else /* ! YYPARSE_PARAM */
+#if defined __STDC__ || defined __cplusplus
 int yyparse (void);
+#else
+int yyparse ();
+#endif
+#endif /* ! YYPARSE_PARAM */
 
-#endif /* !YY_YY__NTPD_NTP_PARSER_H_INCLUDED  */
+#endif /* !YY_YY_NTP_PARSER_H_INCLUDED  */
 
 /* Copy the second part of user declarations.  */
 
-#line 560 "../../ntpd/ntp_parser.c" /* yacc.c:358  */
+/* Line 390 of yacc.c  */
+#line 585 "ntp_parser.c"
 
 #ifdef short
 # undef short
@@ -570,8 +595,11 @@ typedef unsigned char yytype_uint8;
 
 #ifdef YYTYPE_INT8
 typedef YYTYPE_INT8 yytype_int8;
-#else
+#elif (defined __STDC__ || defined __C99__FUNC__ \
+     || defined __cplusplus || defined _MSC_VER)
 typedef signed char yytype_int8;
+#else
+typedef short int yytype_int8;
 #endif
 
 #ifdef YYTYPE_UINT16
@@ -591,7 +619,8 @@ typedef short int yytype_int16;
 #  define YYSIZE_T __SIZE_TYPE__
 # elif defined size_t
 #  define YYSIZE_T size_t
-# elif ! defined YYSIZE_T
+# elif ! defined YYSIZE_T && (defined __STDC__ || defined __C99__FUNC__ \
+     || defined __cplusplus || defined _MSC_VER)
 #  include <stddef.h> /* INFRINGES ON USER NAME SPACE */
 #  define YYSIZE_T size_t
 # else
@@ -613,30 +642,11 @@ typedef short int yytype_int16;
 # endif
 #endif
 
-#ifndef YY_ATTRIBUTE
-# if (defined __GNUC__                                               \
-      && (2 < __GNUC__ || (__GNUC__ == 2 && 96 <= __GNUC_MINOR__)))  \
-     || defined __SUNPRO_C && 0x5110 <= __SUNPRO_C
-#  define YY_ATTRIBUTE(Spec) __attribute__(Spec)
-# else
-#  define YY_ATTRIBUTE(Spec) /* empty */
-# endif
-#endif
-
-#ifndef YY_ATTRIBUTE_PURE
-# define YY_ATTRIBUTE_PURE   YY_ATTRIBUTE ((__pure__))
-#endif
-
-#ifndef YY_ATTRIBUTE_UNUSED
-# define YY_ATTRIBUTE_UNUSED YY_ATTRIBUTE ((__unused__))
-#endif
-
-#if !defined _Noreturn \
-     && (!defined __STDC_VERSION__ || __STDC_VERSION__ < 201112)
-# if defined _MSC_VER && 1200 <= _MSC_VER
-#  define _Noreturn __declspec (noreturn)
-# else
-#  define _Noreturn YY_ATTRIBUTE ((__noreturn__))
+#ifndef __attribute__
+/* This feature is available in gcc versions 2.5 and later.  */
+# if (! defined __GNUC__ || __GNUC__ < 2 \
+      || (__GNUC__ == 2 && __GNUC_MINOR__ < 5))
+#  define __attribute__(Spec) /* empty */
 # endif
 #endif
 
@@ -647,26 +657,25 @@ typedef short int yytype_int16;
 # define YYUSE(E) /* empty */
 #endif
 
-#if defined __GNUC__ && 407 <= __GNUC__ * 100 + __GNUC_MINOR__
-/* Suppress an incorrect diagnostic about yylval being uninitialized.  */
-# define YY_IGNORE_MAYBE_UNINITIALIZED_BEGIN \
-    _Pragma ("GCC diagnostic push") \
-    _Pragma ("GCC diagnostic ignored \"-Wuninitialized\"")\
-    _Pragma ("GCC diagnostic ignored \"-Wmaybe-uninitialized\"")
-# define YY_IGNORE_MAYBE_UNINITIALIZED_END \
-    _Pragma ("GCC diagnostic pop")
+
+/* Identity function, used to suppress warnings about constant conditions.  */
+#ifndef lint
+# define YYID(N) (N)
 #else
-# define YY_INITIAL_VALUE(Value) Value
-#endif
-#ifndef YY_IGNORE_MAYBE_UNINITIALIZED_BEGIN
-# define YY_IGNORE_MAYBE_UNINITIALIZED_BEGIN
-# define YY_IGNORE_MAYBE_UNINITIALIZED_END
+#if (defined __STDC__ || defined __C99__FUNC__ \
+     || defined __cplusplus || defined _MSC_VER)
+static int
+YYID (int yyi)
+#else
+static int
+YYID (yyi)
+    int yyi;
 #endif
-#ifndef YY_INITIAL_VALUE
-# define YY_INITIAL_VALUE(Value) /* Nothing. */
+{
+  return yyi;
+}
 #endif
 
-
 #if ! defined yyoverflow || YYERROR_VERBOSE
 
 /* The parser invokes alloca or malloc; define the necessary symbols.  */
@@ -684,7 +693,8 @@ typedef short int yytype_int16;
 #    define alloca _alloca
 #   else
 #    define YYSTACK_ALLOC alloca
-#    if ! defined _ALLOCA_H && ! defined EXIT_SUCCESS
+#    if ! defined _ALLOCA_H && ! defined EXIT_SUCCESS && (defined __STDC__ || defined __C99__FUNC__ \
+     || defined __cplusplus || defined _MSC_VER)
 #     include <stdlib.h> /* INFRINGES ON USER NAME SPACE */
       /* Use EXIT_SUCCESS as a witness for stdlib.h.  */
 #     ifndef EXIT_SUCCESS
@@ -696,8 +706,8 @@ typedef short int yytype_int16;
 # endif
 
 # ifdef YYSTACK_ALLOC
-   /* Pacify GCC's 'empty if-body' warning.  */
-#  define YYSTACK_FREE(Ptr) do { /* empty */; } while (0)
+   /* Pacify GCC's `empty if-body' warning.  */
+#  define YYSTACK_FREE(Ptr) do { /* empty */; } while (YYID (0))
 #  ifndef YYSTACK_ALLOC_MAXIMUM
     /* The OS might guarantee only one guard page at the bottom of the stack,
        and a page size can be as small as 4096 bytes.  So we cannot safely
@@ -713,7 +723,7 @@ typedef short int yytype_int16;
 #  endif
 #  if (defined __cplusplus && ! defined EXIT_SUCCESS \
        && ! ((defined YYMALLOC || defined malloc) \
-             && (defined YYFREE || defined free)))
+	     && (defined YYFREE || defined free)))
 #   include <stdlib.h> /* INFRINGES ON USER NAME SPACE */
 #   ifndef EXIT_SUCCESS
 #    define EXIT_SUCCESS 0
@@ -721,13 +731,15 @@ typedef short int yytype_int16;
 #  endif
 #  ifndef YYMALLOC
 #   define YYMALLOC malloc
-#   if ! defined malloc && ! defined EXIT_SUCCESS
+#   if ! defined malloc && ! defined EXIT_SUCCESS && (defined __STDC__ || defined __C99__FUNC__ \
+     || defined __cplusplus || defined _MSC_VER)
 void *malloc (YYSIZE_T); /* INFRINGES ON USER NAME SPACE */
 #   endif
 #  endif
 #  ifndef YYFREE
 #   define YYFREE free
-#   if ! defined free && ! defined EXIT_SUCCESS
+#   if ! defined free && ! defined EXIT_SUCCESS && (defined __STDC__ || defined __C99__FUNC__ \
+     || defined __cplusplus || defined _MSC_VER)
 void free (void *); /* INFRINGES ON USER NAME SPACE */
 #   endif
 #  endif
@@ -737,7 +749,7 @@ void free (void *); /* INFRINGES ON USER NAME SPACE */
 
 #if (! defined yyoverflow \
      && (! defined __cplusplus \
-         || (defined YYSTYPE_IS_TRIVIAL && YYSTYPE_IS_TRIVIAL)))
+	 || (defined YYSTYPE_IS_TRIVIAL && YYSTYPE_IS_TRIVIAL)))
 
 /* A type that is properly aligned for any stack member.  */
 union yyalloc
@@ -762,16 +774,16 @@ union yyalloc
    elements in the stack, and YYPTR gives the new location of the
    stack.  Advance YYPTR to a properly aligned location for the next
    stack.  */
-# define YYSTACK_RELOCATE(Stack_alloc, Stack)                           \
-    do                                                                  \
-      {                                                                 \
-        YYSIZE_T yynewbytes;                                            \
-        YYCOPY (&yyptr->Stack_alloc, Stack, yysize);                    \
-        Stack = &yyptr->Stack_alloc;                                    \
-        yynewbytes = yystacksize * sizeof (*Stack) + YYSTACK_GAP_MAXIMUM; \
-        yyptr += yynewbytes / sizeof (*yyptr);                          \
-      }                                                                 \
-    while (0)
+# define YYSTACK_RELOCATE(Stack_alloc, Stack)				\
+    do									\
+      {									\
+	YYSIZE_T yynewbytes;						\
+	YYCOPY (&yyptr->Stack_alloc, Stack, yysize);			\
+	Stack = &yyptr->Stack_alloc;					\
+	yynewbytes = yystacksize * sizeof (*Stack) + YYSTACK_GAP_MAXIMUM; \
+	yyptr += yynewbytes / sizeof (*yyptr);				\
+      }									\
+    while (YYID (0))
 
 #endif
 
@@ -790,50 +802,48 @@ union yyalloc
           for (yyi = 0; yyi < (Count); yyi++)   \
             (Dst)[yyi] = (Src)[yyi];            \
         }                                       \
-      while (0)
+      while (YYID (0))
 #  endif
 # endif
 #endif /* !YYCOPY_NEEDED */
 
 /* YYFINAL -- State number of the termination state.  */
-#define YYFINAL  210
+#define YYFINAL  213
 /* YYLAST -- Last index in YYTABLE.  */
-#define YYLAST   647
+#define YYLAST   624
 
 /* YYNTOKENS -- Number of terminals.  */
-#define YYNTOKENS  199
+#define YYNTOKENS  202
 /* YYNNTS -- Number of nonterminals.  */
 #define YYNNTS  105
 /* YYNRULES -- Number of rules.  */
-#define YYNRULES  313
-/* YYNSTATES -- Number of states.  */
-#define YYNSTATES  419
+#define YYNRULES  316
+/* YYNRULES -- Number of states.  */
+#define YYNSTATES  422
 
-/* YYTRANSLATE[YYX] -- Symbol number corresponding to YYX as returned
-   by yylex, with out-of-bounds checking.  */
+/* YYTRANSLATE(YYLEX) -- Bison symbol number corresponding to YYLEX.  */
 #define YYUNDEFTOK  2
-#define YYMAXUTOK   448
+#define YYMAXUTOK   451
 
-#define YYTRANSLATE(YYX)                                                \
+#define YYTRANSLATE(YYX)						\
   ((unsigned int) (YYX) <= YYMAXUTOK ? yytranslate[YYX] : YYUNDEFTOK)
 
-/* YYTRANSLATE[TOKEN-NUM] -- Symbol number corresponding to TOKEN-NUM
-   as returned by yylex, without out-of-bounds checking.  */
+/* YYTRANSLATE[YYLEX] -- Bison symbol number corresponding to YYLEX.  */
 static const yytype_uint8 yytranslate[] =
 {
        0,     2,     2,     2,     2,     2,     2,     2,     2,     2,
        2,     2,     2,     2,     2,     2,     2,     2,     2,     2,
        2,     2,     2,     2,     2,     2,     2,     2,     2,     2,
        2,     2,     2,     2,     2,     2,     2,     2,     2,     2,
-     195,   196,     2,     2,     2,     2,     2,     2,     2,     2,
+     198,   199,     2,     2,     2,     2,     2,     2,     2,     2,
        2,     2,     2,     2,     2,     2,     2,     2,     2,     2,
-       2,   194,     2,     2,     2,     2,     2,     2,     2,     2,
+       2,   197,     2,     2,     2,     2,     2,     2,     2,     2,
        2,     2,     2,     2,     2,     2,     2,     2,     2,     2,
        2,     2,     2,     2,     2,     2,     2,     2,     2,     2,
        2,     2,     2,     2,     2,     2,     2,     2,     2,     2,
        2,     2,     2,     2,     2,     2,     2,     2,     2,     2,
        2,     2,     2,     2,     2,     2,     2,     2,     2,     2,
-       2,     2,     2,   197,     2,   198,     2,     2,     2,     2,
+       2,     2,     2,   200,     2,   201,     2,     2,     2,     2,
        2,     2,     2,     2,     2,     2,     2,     2,     2,     2,
        2,     2,     2,     2,     2,     2,     2,     2,     2,     2,
        2,     2,     2,     2,     2,     2,     2,     2,     2,     2,
@@ -865,45 +875,166 @@ static const yytype_uint8 yytranslate[] =
      155,   156,   157,   158,   159,   160,   161,   162,   163,   164,
      165,   166,   167,   168,   169,   170,   171,   172,   173,   174,
      175,   176,   177,   178,   179,   180,   181,   182,   183,   184,
-     185,   186,   187,   188,   189,   190,   191,   192,   193
+     185,   186,   187,   188,   189,   190,   191,   192,   193,   194,
+     195,   196
 };
 
 #if YYDEBUG
-  /* YYRLINE[YYN] -- Source line where rule number YYN was defined.  */
+/* YYPRHS[YYN] -- Index of the first RHS symbol of rule number YYN in
+   YYRHS.  */
+static const yytype_uint16 yyprhs[] =
+{
+       0,     0,     3,     5,     9,    12,    15,    16,    18,    20,
+      22,    24,    26,    28,    30,    32,    34,    36,    38,    40,
+      42,    46,    48,    50,    52,    54,    56,    58,    61,    63,
+      65,    67,    68,    71,    73,    75,    77,    79,    81,    83,
+      85,    87,    89,    91,    93,    95,    98,   101,   103,   105,
+     107,   109,   111,   113,   116,   118,   121,   123,   125,   127,
+     130,   133,   136,   139,   142,   145,   148,   151,   154,   157,
+     160,   163,   164,   167,   170,   173,   175,   177,   179,   181,
+     183,   186,   189,   191,   194,   197,   200,   202,   204,   206,
+     208,   210,   212,   214,   216,   218,   220,   223,   226,   230,
+     233,   235,   237,   239,   241,   243,   245,   247,   249,   251,
+     252,   255,   258,   261,   263,   265,   267,   269,   271,   273,
+     275,   277,   279,   281,   283,   285,   287,   290,   293,   297,
+     303,   307,   312,   317,   321,   322,   325,   327,   329,   331,
+     333,   335,   337,   339,   341,   343,   345,   347,   349,   351,
+     353,   355,   358,   360,   363,   365,   367,   369,   372,   374,
+     377,   379,   381,   383,   385,   387,   389,   391,   393,   397,
+     400,   402,   405,   408,   411,   414,   417,   419,   421,   423,
+     425,   427,   429,   432,   435,   437,   440,   442,   444,   446,
+     449,   452,   455,   457,   459,   461,   463,   465,   467,   469,
+     471,   473,   475,   477,   479,   481,   483,   486,   489,   491,
+     494,   496,   498,   500,   502,   504,   506,   508,   510,   512,
+     514,   516,   518,   521,   524,   527,   530,   534,   536,   539,
+     542,   545,   548,   552,   555,   557,   559,   561,   563,   565,
+     567,   569,   571,   573,   575,   577,   580,   581,   586,   588,
+     589,   590,   593,   596,   599,   602,   604,   606,   610,   614,
+     616,   618,   620,   622,   624,   626,   628,   630,   632,   635,
+     638,   640,   642,   644,   646,   648,   650,   652,   654,   657,
+     659,   662,   664,   666,   668,   674,   677,   679,   682,   684,
+     686,   688,   690,   692,   694,   700,   702,   706,   709,   713,
+     715,   717,   720,   722,   728,   733,   737,   740,   742,   749,
+     753,   756,   760,   762,   764,   766,   768
+};
+
+/* YYRHS -- A `-1'-separated list of the rules' RHS.  */
+static const yytype_int16 yyrhs[] =
+{
+     203,     0,    -1,   204,    -1,   204,   205,   186,    -1,   205,
+     186,    -1,     1,   186,    -1,    -1,   206,    -1,   219,    -1,
+     221,    -1,   222,    -1,   231,    -1,   239,    -1,   226,    -1,
+     248,    -1,   253,    -1,   257,    -1,   262,    -1,   266,    -1,
+     293,    -1,   207,   208,   211,    -1,   146,    -1,   131,    -1,
+     126,    -1,    14,    -1,    84,    -1,   209,    -1,   210,   158,
+      -1,   158,    -1,    66,    -1,    68,    -1,    -1,   211,   212,
+      -1,   213,    -1,   215,    -1,   217,    -1,   214,    -1,     9,
+      -1,    17,    -1,    53,    -1,   116,    -1,   133,    -1,   134,
+      -1,   169,    -1,   183,    -1,   216,    61,    -1,   216,   173,
+      -1,    70,    -1,   100,    -1,    92,    -1,   171,    -1,   102,
+      -1,   179,    -1,   218,   158,    -1,    54,    -1,   220,   208,
+      -1,   177,    -1,   178,    -1,    15,    -1,    85,   290,    -1,
+     107,   290,    -1,    93,    61,    -1,    10,    61,    -1,    22,
+      61,    -1,    23,   223,    -1,    71,   158,    -1,    72,   158,
+      -1,   140,    61,    -1,   143,    61,    -1,   170,   286,    -1,
+     122,   158,    -1,    -1,   223,   224,    -1,   225,   158,    -1,
+     143,    61,    -1,    51,    -1,    54,    -1,   136,    -1,   137,
+      -1,    28,    -1,   167,   227,    -1,   227,   228,    -1,   228,
+      -1,   229,    61,    -1,   230,   292,    -1,    21,   291,    -1,
+      19,    -1,    48,    -1,   123,    -1,   124,    -1,   101,    -1,
+      13,    -1,    98,    -1,    90,    -1,    96,    -1,    88,    -1,
+     150,   232,    -1,   152,   158,    -1,    41,   233,   234,    -1,
+     232,   233,    -1,   233,    -1,    20,    -1,    24,    -1,    82,
+      -1,   127,    -1,   138,    -1,   160,    -1,   165,    -1,   135,
+      -1,    -1,   234,   235,    -1,    40,   158,    -1,   172,   238,
+      -1,   236,    -1,   237,    -1,    78,    -1,   109,    -1,    37,
+      -1,    29,    -1,   112,    -1,   129,    -1,    26,    -1,   181,
+      -1,   105,    -1,   184,    -1,     4,    -1,    30,   242,    -1,
+     106,   245,    -1,   142,   208,   240,    -1,   142,   209,    86,
+     209,   240,    -1,   142,    27,   240,    -1,   142,    66,    27,
+     240,    -1,   142,    68,    27,   240,    -1,   142,   148,   240,
+      -1,    -1,   240,   241,    -1,    47,    -1,    55,    -1,    73,
+      -1,    74,    -1,    77,    -1,    83,    -1,   110,    -1,   111,
+      -1,   114,    -1,   115,    -1,   117,    -1,   118,    -1,   119,
+      -1,   121,    -1,   179,    -1,   242,   243,    -1,   243,    -1,
+     244,    61,    -1,    11,    -1,    99,    -1,   104,    -1,   245,
+     246,    -1,   246,    -1,   247,    61,    -1,    56,    -1,    57,
+      -1,    58,    -1,    59,    -1,    87,    -1,    89,    -1,    91,
+      -1,    97,    -1,    50,   208,   249,    -1,   249,   250,    -1,
+     250,    -1,   251,   292,    -1,   252,   291,    -1,   157,    61,
+      -1,     3,   158,    -1,   139,   158,    -1,   162,    -1,   163,
+      -1,    43,    -1,    44,    -1,    45,    -1,    46,    -1,   144,
+     254,    -1,   254,   255,    -1,   255,    -1,   256,    61,    -1,
+      95,    -1,   149,    -1,    42,    -1,    37,   258,    -1,    29,
+     258,    -1,   258,   259,    -1,   259,    -1,   260,    -1,   261,
+      -1,     8,    -1,    12,    -1,    18,    -1,    69,    -1,   104,
+      -1,   120,    -1,   103,    -1,   151,    -1,   174,    -1,   175,
+      -1,   176,    -1,   166,   263,    -1,   263,   264,    -1,   264,
+      -1,   265,   292,    -1,     6,    -1,    31,    -1,    49,    -1,
+      52,    -1,   125,    -1,   153,    -1,   154,    -1,   155,    -1,
+     156,    -1,   161,    -1,   278,    -1,   282,    -1,   267,   292,
+      -1,   268,    61,    -1,   269,   158,    -1,   270,   158,    -1,
+      60,   158,   205,    -1,    38,    -1,    33,   271,    -1,    80,
+     276,    -1,   128,   289,    -1,   147,   272,    -1,   168,   209,
+     274,    -1,   171,   285,    -1,    16,    -1,   113,    -1,   161,
+      -1,    35,    -1,    76,    -1,    54,    -1,    75,    -1,    81,
+      -1,   130,    -1,   145,    -1,   158,    -1,   158,    32,    -1,
+      -1,   158,   197,   158,   273,    -1,    27,    -1,    -1,    -1,
+     274,   275,    -1,   132,    61,    -1,    62,   209,    -1,   276,
+     277,    -1,   277,    -1,   158,    -1,   279,   281,   280,    -1,
+     279,   281,   158,    -1,    62,    -1,   108,    -1,     5,    -1,
+      65,    -1,    67,    -1,   182,    -1,    79,    -1,    55,    -1,
+      34,    -1,   141,   283,    -1,   283,   284,    -1,   284,    -1,
+       7,    -1,     8,    -1,    25,    -1,    64,    -1,    94,    -1,
+     159,    -1,   164,    -1,   285,    61,    -1,    61,    -1,   286,
+     287,    -1,   287,    -1,    61,    -1,   288,    -1,   198,    61,
+      36,    61,   199,    -1,   289,   158,    -1,   158,    -1,   290,
+     208,    -1,   208,    -1,    61,    -1,   169,    -1,    39,    -1,
+      61,    -1,    32,    -1,   294,   200,   295,   298,   201,    -1,
+     187,    -1,   295,   296,   186,    -1,   296,   186,    -1,   297,
+     197,   292,    -1,   188,    -1,   189,    -1,   298,   299,    -1,
+     299,    -1,   301,   200,   300,   302,   201,    -1,   190,   197,
+     292,   186,    -1,   146,   197,   208,    -1,   302,   303,    -1,
+     303,    -1,   191,   197,   292,   200,   304,   201,    -1,   304,
+     305,   186,    -1,   305,   186,    -1,   306,   197,   292,    -1,
+     192,    -1,   193,    -1,   194,    -1,   195,    -1,   196,    -1
+};
+
+/* YYRLINE[YYN] -- source line where rule number YYN was defined.  */
 static const yytype_uint16 yyrline[] =
 {
-       0,   366,   366,   370,   371,   372,   387,   388,   389,   390,
-     391,   392,   393,   394,   395,   396,   397,   398,   399,   400,
-     408,   418,   419,   420,   421,   422,   426,   427,   432,   437,
-     439,   445,   446,   454,   455,   456,   460,   465,   466,   467,
-     468,   469,   470,   471,   472,   476,   478,   483,   484,   485,
-     486,   487,   488,   492,   497,   506,   516,   517,   527,   529,
-     531,   533,   544,   551,   553,   558,   560,   562,   564,   566,
-     575,   581,   582,   590,   592,   604,   605,   606,   607,   608,
-     617,   622,   627,   635,   637,   639,   644,   645,   646,   647,
-     648,   649,   653,   654,   655,   656,   665,   667,   676,   686,
-     691,   699,   700,   701,   702,   703,   704,   705,   706,   711,
-     712,   720,   730,   739,   754,   759,   760,   764,   765,   769,
-     770,   771,   772,   773,   774,   775,   784,   788,   792,   800,
-     808,   816,   831,   846,   859,   860,   868,   869,   870,   871,
-     872,   873,   874,   875,   876,   877,   878,   879,   880,   881,
-     882,   886,   891,   899,   904,   905,   906,   910,   915,   923,
-     928,   929,   930,   931,   932,   933,   934,   935,   943,   953,
-     958,   966,   968,   970,   979,   981,   986,   987,   991,   992,
-     993,   994,  1002,  1007,  1012,  1020,  1025,  1026,  1027,  1036,
-    1038,  1043,  1048,  1056,  1058,  1075,  1076,  1077,  1078,  1079,
-    1080,  1084,  1085,  1093,  1098,  1103,  1111,  1116,  1117,  1118,
-    1119,  1120,  1121,  1122,  1123,  1124,  1125,  1134,  1135,  1136,
-    1143,  1150,  1157,  1173,  1192,  1194,  1196,  1198,  1200,  1202,
-    1209,  1214,  1215,  1216,  1220,  1224,  1233,  1234,  1238,  1239,
-    1240,  1244,  1255,  1269,  1281,  1286,  1288,  1293,  1294,  1302,
-    1304,  1312,  1317,  1325,  1350,  1357,  1367,  1368,  1372,  1373,
-    1374,  1375,  1379,  1380,  1381,  1385,  1390,  1395,  1403,  1404,
-    1405,  1406,  1407,  1408,  1409,  1419,  1424,  1432,  1437,  1445,
-    1447,  1451,  1456,  1461,  1469,  1474,  1482,  1491,  1492,  1496,
-    1497,  1506,  1524,  1528,  1533,  1541,  1546,  1547,  1551,  1556,
-    1564,  1569,  1574,  1579,  1584,  1592,  1597,  1602,  1610,  1615,
-    1616,  1617,  1618,  1619
+       0,   369,   369,   373,   374,   375,   390,   391,   392,   393,
+     394,   395,   396,   397,   398,   399,   400,   401,   402,   403,
+     411,   421,   422,   423,   424,   425,   429,   430,   435,   440,
+     442,   448,   449,   457,   458,   459,   463,   468,   469,   470,
+     471,   472,   473,   474,   475,   479,   481,   486,   487,   488,
+     489,   490,   491,   495,   500,   509,   519,   520,   530,   532,
+     534,   536,   547,   554,   556,   561,   563,   565,   567,   569,
+     578,   584,   585,   593,   595,   607,   608,   609,   610,   611,
+     620,   625,   630,   638,   640,   642,   647,   648,   649,   650,
+     651,   652,   656,   657,   658,   659,   668,   670,   679,   689,
+     694,   702,   703,   704,   705,   706,   707,   708,   709,   714,
+     715,   723,   733,   742,   757,   762,   763,   767,   768,   772,
+     773,   774,   775,   776,   777,   778,   787,   791,   795,   803,
+     811,   819,   834,   849,   862,   863,   871,   872,   873,   874,
+     875,   876,   877,   878,   879,   880,   881,   882,   883,   884,
+     885,   889,   894,   902,   907,   908,   909,   913,   918,   926,
+     931,   932,   933,   934,   935,   936,   937,   938,   946,   956,
+     961,   969,   971,   973,   982,   984,   989,   990,   994,   995,
+     996,   997,  1005,  1010,  1015,  1023,  1028,  1029,  1030,  1039,
+    1041,  1046,  1051,  1059,  1061,  1078,  1079,  1080,  1081,  1082,
+    1083,  1087,  1088,  1089,  1090,  1091,  1099,  1104,  1109,  1117,
+    1122,  1123,  1124,  1125,  1126,  1127,  1128,  1129,  1130,  1131,
+    1140,  1141,  1142,  1149,  1156,  1163,  1179,  1198,  1200,  1202,
+    1204,  1206,  1208,  1215,  1220,  1221,  1222,  1226,  1230,  1239,
+    1240,  1244,  1245,  1246,  1250,  1261,  1275,  1287,  1292,  1294,
+    1299,  1300,  1308,  1310,  1318,  1323,  1331,  1356,  1363,  1373,
+    1374,  1378,  1379,  1380,  1381,  1385,  1386,  1387,  1391,  1396,
+    1401,  1409,  1410,  1411,  1412,  1413,  1414,  1415,  1425,  1430,
+    1438,  1443,  1451,  1453,  1457,  1462,  1467,  1475,  1480,  1488,
+    1497,  1498,  1502,  1503,  1512,  1530,  1534,  1539,  1547,  1552,
+    1553,  1557,  1562,  1570,  1575,  1580,  1585,  1590,  1598,  1603,
+    1608,  1616,  1621,  1622,  1623,  1624,  1625
 };
 #endif
 
@@ -944,29 +1075,29 @@ static const char *const yytname[] =
   "T_Step", "T_Stepback", "T_Stepfwd", "T_Stepout", "T_Stratum",
   "T_String", "T_Sys", "T_Sysstats", "T_Tick", "T_Time1", "T_Time2",
   "T_Timer", "T_Timingstats", "T_Tinker", "T_Tos", "T_Trap", "T_True",
-  "T_Trustedkey", "T_Ttl", "T_Type", "T_U_int", "T_Unconfig", "T_Unpeer",
-  "T_Version", "T_WanderThreshold", "T_Week", "T_Wildcard", "T_Xleave",
-  "T_Year", "T_Flag", "T_EOC", "T_Simulate", "T_Beep_Delay",
-  "T_Sim_Duration", "T_Server_Offset", "T_Duration", "T_Freq_Offset",
-  "T_Wander", "T_Jitter", "T_Prop_Delay", "T_Proc_Delay", "'='", "'('",
-  "')'", "'{'", "'}'", "$accept", "configuration", "command_list",
-  "command", "server_command", "client_type", "address", "ip_address",
-  "address_fam", "option_list", "option", "option_flag",
-  "option_flag_keyword", "option_int", "option_int_keyword", "option_str",
-  "option_str_keyword", "unpeer_command", "unpeer_keyword",
-  "other_mode_command", "authentication_command", "crypto_command_list",
-  "crypto_command", "crypto_str_keyword", "orphan_mode_command",
-  "tos_option_list", "tos_option", "tos_option_int_keyword",
-  "tos_option_dbl_keyword", "monitoring_command", "stats_list", "stat",
-  "filegen_option_list", "filegen_option", "link_nolink", "enable_disable",
-  "filegen_type", "access_control_command", "ac_flag_list",
-  "access_control_flag", "discard_option_list", "discard_option",
-  "discard_option_keyword", "mru_option_list", "mru_option",
-  "mru_option_keyword", "fudge_command", "fudge_factor_list",
-  "fudge_factor", "fudge_factor_dbl_keyword", "fudge_factor_bool_keyword",
-  "rlimit_command", "rlimit_option_list", "rlimit_option",
-  "rlimit_option_keyword", "system_option_command", "system_option_list",
-  "system_option", "system_option_flag_keyword",
+  "T_Trustedkey", "T_Ttl", "T_Type", "T_U_int", "T_UEcrypto",
+  "T_UEcryptonak", "T_UEdigest", "T_Unconfig", "T_Unpeer", "T_Version",
+  "T_WanderThreshold", "T_Week", "T_Wildcard", "T_Xleave", "T_Year",
+  "T_Flag", "T_EOC", "T_Simulate", "T_Beep_Delay", "T_Sim_Duration",
+  "T_Server_Offset", "T_Duration", "T_Freq_Offset", "T_Wander", "T_Jitter",
+  "T_Prop_Delay", "T_Proc_Delay", "'='", "'('", "')'", "'{'", "'}'",
+  "$accept", "configuration", "command_list", "command", "server_command",
+  "client_type", "address", "ip_address", "address_fam", "option_list",
+  "option", "option_flag", "option_flag_keyword", "option_int",
+  "option_int_keyword", "option_str", "option_str_keyword",
+  "unpeer_command", "unpeer_keyword", "other_mode_command",
+  "authentication_command", "crypto_command_list", "crypto_command",
+  "crypto_str_keyword", "orphan_mode_command", "tos_option_list",
+  "tos_option", "tos_option_int_keyword", "tos_option_dbl_keyword",
+  "monitoring_command", "stats_list", "stat", "filegen_option_list",
+  "filegen_option", "link_nolink", "enable_disable", "filegen_type",
+  "access_control_command", "ac_flag_list", "access_control_flag",
+  "discard_option_list", "discard_option", "discard_option_keyword",
+  "mru_option_list", "mru_option", "mru_option_keyword", "fudge_command",
+  "fudge_factor_list", "fudge_factor", "fudge_factor_dbl_keyword",
+  "fudge_factor_bool_keyword", "rlimit_command", "rlimit_option_list",
+  "rlimit_option", "rlimit_option_keyword", "system_option_command",
+  "system_option_list", "system_option", "system_option_flag_keyword",
   "system_option_local_flag_keyword", "tinker_command",
   "tinker_option_list", "tinker_option", "tinker_option_keyword",
   "miscellaneous_command", "misc_cmd_dbl_keyword", "misc_cmd_int_keyword",
@@ -981,13 +1112,13 @@ static const char *const yytname[] =
   "sim_init_statement_list", "sim_init_statement", "sim_init_keyword",
   "sim_server_list", "sim_server", "sim_server_offset", "sim_server_name",
   "sim_act_list", "sim_act", "sim_act_stmt_list", "sim_act_stmt",
-  "sim_act_keyword", YY_NULLPTR
+  "sim_act_keyword", YY_NULL
 };
 #endif
 
 # ifdef YYPRINT
-/* YYTOKNUM[NUM] -- (External) token number corresponding to the
-   (internal) symbol number NUM (which must be that of a token).  */
+/* YYTOKNUM[YYLEX-NUM] -- Internal token number corresponding to
+   token YYLEX-NUM.  */
 static const yytype_uint16 yytoknum[] =
 {
        0,   256,   257,   258,   259,   260,   261,   262,   263,   264,
@@ -1009,292 +1140,363 @@ static const yytype_uint16 yytoknum[] =
      415,   416,   417,   418,   419,   420,   421,   422,   423,   424,
      425,   426,   427,   428,   429,   430,   431,   432,   433,   434,
      435,   436,   437,   438,   439,   440,   441,   442,   443,   444,
-     445,   446,   447,   448,    61,    40,    41,   123,   125
+     445,   446,   447,   448,   449,   450,   451,    61,    40,    41,
+     123,   125
 };
 # endif
 
-#define YYPACT_NINF -185
-
-#define yypact_value_is_default(Yystate) \
-  (!!((Yystate) == (-185)))
-
-#define YYTABLE_NINF -7
-
-#define yytable_value_is_error(Yytable_value) \
-  0
+/* YYR1[YYN] -- Symbol number of symbol that rule YYN derives.  */
+static const yytype_uint16 yyr1[] =
+{
+       0,   202,   203,   204,   204,   204,   205,   205,   205,   205,
+     205,   205,   205,   205,   205,   205,   205,   205,   205,   205,
+     206,   207,   207,   207,   207,   207,   208,   208,   209,   210,
+     210,   211,   211,   212,   212,   212,   213,   214,   214,   214,
+     214,   214,   214,   214,   214,   215,   215,   216,   216,   216,
+     216,   216,   216,   217,   218,   219,   220,   220,   221,   221,
+     221,   221,   222,   222,   222,   222,   222,   222,   222,   222,
+     222,   223,   223,   224,   224,   225,   225,   225,   225,   225,
+     226,   227,   227,   228,   228,   228,   229,   229,   229,   229,
+     229,   229,   230,   230,   230,   230,   231,   231,   231,   232,
+     232,   233,   233,   233,   233,   233,   233,   233,   233,   234,
+     234,   235,   235,   235,   235,   236,   236,   237,   237,   238,
+     238,   238,   238,   238,   238,   238,   239,   239,   239,   239,
+     239,   239,   239,   239,   240,   240,   241,   241,   241,   241,
+     241,   241,   241,   241,   241,   241,   241,   241,   241,   241,
+     241,   242,   242,   243,   244,   244,   244,   245,   245,   246,
+     247,   247,   247,   247,   247,   247,   247,   247,   248,   249,
+     249,   250,   250,   250,   250,   250,   251,   251,   252,   252,
+     252,   252,   253,   254,   254,   255,   256,   256,   256,   257,
+     257,   258,   258,   259,   259,   260,   260,   260,   260,   260,
+     260,   261,   261,   261,   261,   261,   262,   263,   263,   264,
+     265,   265,   265,   265,   265,   265,   265,   265,   265,   265,
+     266,   266,   266,   266,   266,   266,   266,   266,   266,   266,
+     266,   266,   266,   266,   267,   267,   267,   268,   268,   269,
+     269,   270,   270,   270,   271,   271,   271,   272,   273,   273,
+     274,   274,   275,   275,   276,   276,   277,   278,   278,   279,
+     279,   280,   280,   280,   280,   281,   281,   281,   282,   283,
+     283,   284,   284,   284,   284,   284,   284,   284,   285,   285,
+     286,   286,   287,   287,   288,   289,   289,   290,   290,   291,
+     291,   291,   292,   292,   293,   294,   295,   295,   296,   297,
+     297,   298,   298,   299,   300,   301,   302,   302,   303,   304,
+     304,   305,   306,   306,   306,   306,   306
+};
 
-  /* YYPACT[STATE-NUM] -- Index in YYTABLE of the portion describing
-     STATE-NUM.  */
-static const yytype_int16 yypact[] =
+/* YYR2[YYN] -- Number of symbols composing right hand side of rule YYN.  */
+static const yytype_uint8 yyr2[] =
 {
-      78,  -169,   -34,  -185,  -185,  -185,   -29,  -185,    17,    43,
-    -124,  -185,    17,  -185,    -5,   -27,  -185,  -121,  -185,  -112,
-    -110,  -185,  -185,  -100,  -185,  -185,   -27,     0,   116,   -27,
-    -185,  -185,   -91,  -185,   -89,  -185,  -185,    11,    35,    30,
-      13,    31,  -185,  -185,   -83,    -5,   -78,  -185,   186,   523,
-     -76,   -56,    15,  -185,  -185,  -185,    83,   244,   -99,  -185,
-     -27,  -185,   -27,  -185,  -185,  -185,  -185,  -185,  -185,  -185,
-    -185,  -185,  -185,   -12,    24,   -71,   -69,  -185,   -11,  -185,
-    -185,  -107,  -185,  -185,  -185,     8,  -185,  -185,  -185,  -185,
-    -185,  -185,  -185,  -185,    17,  -185,  -185,  -185,  -185,  -185,
-    -185,    43,  -185,    34,    59,  -185,    17,  -185,  -185,  -185,
-    -185,  -185,  -185,  -185,  -185,  -185,  -185,  -185,  -185,     7,
-    -185,   -61,   407,  -185,  -185,  -185,  -100,  -185,  -185,   -27,
-    -185,  -185,  -185,  -185,  -185,  -185,  -185,  -185,  -185,   116,
-    -185,    44,   -27,  -185,  -185,   -52,  -185,  -185,  -185,  -185,
-    -185,  -185,  -185,  -185,    35,  -185,  -185,    85,    96,  -185,
-    -185,    39,  -185,  -185,  -185,  -185,    31,  -185,    75,   -46,
-    -185,    -5,  -185,  -185,  -185,  -185,  -185,  -185,  -185,  -185,
-    -185,  -185,  -185,  -185,   186,  -185,   -12,  -185,  -185,   -35,
-    -185,  -185,  -185,  -185,  -185,  -185,  -185,  -185,   523,  -185,
-      82,   -12,  -185,  -185,    91,   -56,  -185,  -185,  -185,   100,
-    -185,   -26,  -185,  -185,  -185,  -185,  -185,  -185,  -185,  -185,
-    -185,  -185,  -185,  -185,    -2,  -130,  -185,  -185,  -185,  -185,
-    -185,   105,  -185,     9,  -185,  -185,  -185,  -185,    -7,    18,
-    -185,  -185,  -185,  -185,    25,   121,  -185,  -185,     7,  -185,
-     -12,   -35,  -185,  -185,  -185,  -185,  -185,  -185,  -185,  -185,
-     391,  -185,  -185,   391,   391,   -76,  -185,  -185,    29,  -185,
-    -185,  -185,  -185,  -185,  -185,  -185,  -185,  -185,  -185,   -51,
-     153,  -185,  -185,  -185,   464,  -185,  -185,  -185,  -185,  -185,
-    -185,  -185,  -185,   -82,    14,     1,  -185,  -185,  -185,  -185,
-      38,  -185,  -185,    12,  -185,  -185,  -185,  -185,  -185,  -185,
-    -185,  -185,  -185,  -185,  -185,  -185,  -185,  -185,  -185,  -185,
-    -185,  -185,  -185,  -185,  -185,  -185,  -185,  -185,  -185,   391,
-     391,  -185,   171,   -76,   140,  -185,   141,  -185,  -185,  -185,
-    -185,  -185,  -185,  -185,  -185,  -185,  -185,  -185,  -185,  -185,
-    -185,  -185,  -185,  -185,  -185,  -185,   -55,  -185,    53,    20,
-      33,  -128,  -185,    32,  -185,   -12,  -185,  -185,  -185,  -185,
-    -185,  -185,  -185,  -185,  -185,   391,  -185,  -185,  -185,  -185,
-      16,  -185,  -185,  -185,   -27,  -185,  -185,  -185,    46,  -185,
-    -185,  -185,    37,    48,   -12,    40,  -167,  -185,    54,   -12,
-    -185,  -185,  -185,    45,    79,  -185,  -185,  -185,  -185,  -185,
-      98,    57,    47,  -185,    60,  -185,   -12,  -185,  -185
+       0,     2,     1,     3,     2,     2,     0,     1,     1,     1,
+       1,     1,     1,     1,     1,     1,     1,     1,     1,     1,
+       3,     1,     1,     1,     1,     1,     1,     2,     1,     1,
+       1,     0,     2,     1,     1,     1,     1,     1,     1,     1,
+       1,     1,     1,     1,     1,     2,     2,     1,     1,     1,
+       1,     1,     1,     2,     1,     2,     1,     1,     1,     2,
+       2,     2,     2,     2,     2,     2,     2,     2,     2,     2,
+       2,     0,     2,     2,     2,     1,     1,     1,     1,     1,
+       2,     2,     1,     2,     2,     2,     1,     1,     1,     1,
+       1,     1,     1,     1,     1,     1,     2,     2,     3,     2,
+       1,     1,     1,     1,     1,     1,     1,     1,     1,     0,
+       2,     2,     2,     1,     1,     1,     1,     1,     1,     1,
+       1,     1,     1,     1,     1,     1,     2,     2,     3,     5,
+       3,     4,     4,     3,     0,     2,     1,     1,     1,     1,
+       1,     1,     1,     1,     1,     1,     1,     1,     1,     1,
+       1,     2,     1,     2,     1,     1,     1,     2,     1,     2,
+       1,     1,     1,     1,     1,     1,     1,     1,     3,     2,
+       1,     2,     2,     2,     2,     2,     1,     1,     1,     1,
+       1,     1,     2,     2,     1,     2,     1,     1,     1,     2,
+       2,     2,     1,     1,     1,     1,     1,     1,     1,     1,
+       1,     1,     1,     1,     1,     1,     2,     2,     1,     2,
+       1,     1,     1,     1,     1,     1,     1,     1,     1,     1,
+       1,     1,     2,     2,     2,     2,     3,     1,     2,     2,
+       2,     2,     3,     2,     1,     1,     1,     1,     1,     1,
+       1,     1,     1,     1,     1,     2,     0,     4,     1,     0,
+       0,     2,     2,     2,     2,     1,     1,     3,     3,     1,
+       1,     1,     1,     1,     1,     1,     1,     1,     2,     2,
+       1,     1,     1,     1,     1,     1,     1,     1,     2,     1,
+       2,     1,     1,     1,     5,     2,     1,     2,     1,     1,
+       1,     1,     1,     1,     5,     1,     3,     2,     3,     1,
+       1,     2,     1,     5,     4,     3,     2,     1,     6,     3,
+       2,     3,     1,     1,     1,     1,     1
 };
 
-  /* YYDEFACT[STATE-NUM] -- Default reduction number in state STATE-NUM.
-     Performed when YYTABLE does not specify something else to do.  Zero
-     means the default is an error.  */
+/* YYDEFACT[STATE-NAME] -- Default reduction number in state STATE-NUM.
+   Performed when YYTABLE doesn't specify something else to do.  Zero
+   means the default is an error.  */
 static const yytype_uint16 yydefact[] =
 {
-       0,     0,     0,    24,    58,   231,     0,    71,     0,     0,
-     243,   234,     0,   224,     0,     0,   236,     0,   256,     0,
-       0,   237,   235,     0,   238,    25,     0,     0,     0,     0,
-     257,   232,     0,    23,     0,   239,    22,     0,     0,     0,
-       0,     0,   240,    21,     0,     0,     0,   233,     0,     0,
-       0,     0,     0,    56,    57,   292,     0,     2,     0,     7,
+       0,     0,     0,    24,    58,   234,     0,    71,     0,     0,
+     246,   237,     0,   227,     0,     0,   239,     0,   259,     0,
+       0,   240,   238,     0,   241,    25,     0,     0,     0,     0,
+     260,   235,     0,    23,     0,   242,    22,     0,     0,     0,
+       0,     0,   243,    21,     0,     0,     0,   236,     0,     0,
+       0,     0,     0,    56,    57,   295,     0,     2,     0,     7,
        0,     8,     0,     9,    10,    13,    11,    12,    14,    15,
-      16,    17,    18,     0,     0,     0,     0,   217,     0,   218,
+      16,    17,    18,     0,     0,     0,     0,   220,     0,   221,
       19,     0,     5,    62,    63,    64,   195,   196,   197,   198,
-     201,   199,   200,   202,   190,   192,   193,   194,   154,   155,
-     156,   126,   152,     0,   241,   225,   189,   101,   102,   103,
-     104,   108,   105,   106,   107,   109,    29,    30,    28,     0,
-      26,     0,     6,    65,    66,   253,   226,   252,   285,    59,
-      61,   160,   161,   162,   163,   164,   165,   166,   167,   127,
-     158,     0,    60,    70,   283,   227,    67,   268,   269,   270,
-     271,   272,   273,   274,   265,   267,   134,    29,    30,   134,
-     134,    26,    68,   188,   186,   187,   182,   184,     0,     0,
-     228,    96,   100,    97,   207,   208,   209,   210,   211,   212,
-     213,   214,   215,   216,   203,   205,     0,    91,    86,     0,
-      87,    95,    93,    94,    92,    90,    88,    89,    80,    82,
-       0,     0,   247,   279,     0,    69,   278,   280,   276,   230,
-       1,     0,     4,    31,    55,   290,   289,   219,   220,   221,
-     222,   264,   263,   262,     0,     0,    79,    75,    76,    77,
-      78,     0,    72,     0,   191,   151,   153,   242,    98,     0,
-     178,   179,   180,   181,     0,     0,   176,   177,   168,   170,
-       0,     0,    27,   223,   251,   284,   157,   159,   282,   266,
-     130,   134,   134,   133,   128,     0,   183,   185,     0,    99,
-     204,   206,   288,   286,   287,    85,    81,    83,    84,   229,
-       0,   277,   275,     3,    20,   258,   259,   260,   255,   261,
-     254,   296,   297,     0,     0,     0,    74,    73,   118,   117,
-       0,   115,   116,     0,   110,   113,   114,   174,   175,   173,
-     169,   171,   172,   136,   137,   138,   139,   140,   141,   142,
-     143,   144,   145,   146,   147,   148,   149,   150,   135,   131,
-     132,   134,   246,     0,     0,   248,     0,    37,    38,    39,
-      54,    47,    49,    48,    51,    40,    41,    42,    43,    50,
-      52,    44,    32,    33,    36,    34,     0,    35,     0,     0,
-       0,     0,   299,     0,   294,     0,   111,   125,   121,   123,
-     119,   120,   122,   124,   112,   129,   245,   244,   250,   249,
-       0,    45,    46,    53,     0,   293,   291,   298,     0,   295,
-     281,   302,     0,     0,     0,     0,     0,   304,     0,     0,
-     300,   303,   301,     0,     0,   309,   310,   311,   312,   313,
-       0,     0,     0,   305,     0,   307,     0,   306,   308
+     201,   199,   200,   202,   203,   204,   205,   190,   192,   193,
+     194,   154,   155,   156,   126,   152,     0,   244,   228,   189,
+     101,   102,   103,   104,   108,   105,   106,   107,   109,    29,
+      30,    28,     0,    26,     0,     6,    65,    66,   256,   229,
+     255,   288,    59,    61,   160,   161,   162,   163,   164,   165,
+     166,   167,   127,   158,     0,    60,    70,   286,   230,    67,
+     271,   272,   273,   274,   275,   276,   277,   268,   270,   134,
+      29,    30,   134,   134,    26,    68,   188,   186,   187,   182,
+     184,     0,     0,   231,    96,   100,    97,   210,   211,   212,
+     213,   214,   215,   216,   217,   218,   219,   206,   208,     0,
+      91,    86,     0,    87,    95,    93,    94,    92,    90,    88,
+      89,    80,    82,     0,     0,   250,   282,     0,    69,   281,
+     283,   279,   233,     1,     0,     4,    31,    55,   293,   292,
+     222,   223,   224,   225,   267,   266,   265,     0,     0,    79,
+      75,    76,    77,    78,     0,    72,     0,   191,   151,   153,
+     245,    98,     0,   178,   179,   180,   181,     0,     0,   176,
+     177,   168,   170,     0,     0,    27,   226,   254,   287,   157,
+     159,   285,   269,   130,   134,   134,   133,   128,     0,   183,
+     185,     0,    99,   207,   209,   291,   289,   290,    85,    81,
+      83,    84,   232,     0,   280,   278,     3,    20,   261,   262,
+     263,   258,   264,   257,   299,   300,     0,     0,     0,    74,
+      73,   118,   117,     0,   115,   116,     0,   110,   113,   114,
+     174,   175,   173,   169,   171,   172,   136,   137,   138,   139,
+     140,   141,   142,   143,   144,   145,   146,   147,   148,   149,
+     150,   135,   131,   132,   134,   249,     0,     0,   251,     0,
+      37,    38,    39,    54,    47,    49,    48,    51,    40,    41,
+      42,    43,    50,    52,    44,    32,    33,    36,    34,     0,
+      35,     0,     0,     0,     0,   302,     0,   297,     0,   111,
+     125,   121,   123,   119,   120,   122,   124,   112,   129,   248,
+     247,   253,   252,     0,    45,    46,    53,     0,   296,   294,
+     301,     0,   298,   284,   305,     0,     0,     0,     0,     0,
+     307,     0,     0,   303,   306,   304,     0,     0,   312,   313,
+     314,   315,   316,     0,     0,     0,   308,     0,   310,     0,
+     309,   311
 };
 
-  /* YYPGOTO[NTERM-NUM].  */
-static const yytype_int16 yypgoto[] =
+/* YYDEFGOTO[NTERM-NUM].  */
+static const yytype_int16 yydefgoto[] =
 {
-    -185,  -185,  -185,   -44,  -185,  -185,   -15,   -38,  -185,  -185,
-    -185,  -185,  -185,  -185,  -185,  -185,  -185,  -185,  -185,  -185,
-    -185,  -185,  -185,  -185,  -185,  -185,    28,  -185,  -185,  -185,
-    -185,   -36,  -185,  -185,  -185,  -185,  -185,  -185,  -152,  -185,
-    -185,   146,  -185,  -185,   111,  -185,  -185,  -185,     3,  -185,
-    -185,  -185,  -185,    89,  -185,  -185,   245,   -66,  -185,  -185,
-    -185,  -185,    72,  -185,  -185,  -185,  -185,  -185,  -185,  -185,
-    -185,  -185,  -185,  -185,  -185,   137,  -185,  -185,  -185,  -185,
-    -185,  -185,   110,  -185,  -185,    70,  -185,  -185,   236,    27,
-    -184,  -185,  -185,  -185,   -17,  -185,  -185,   -81,  -185,  -185,
-    -185,  -113,  -185,  -126,  -185
+      -1,    56,    57,    58,    59,    60,   131,   123,   124,   287,
+     355,   356,   357,   358,   359,   360,   361,    61,    62,    63,
+      64,    85,   235,   236,    65,   201,   202,   203,   204,    66,
+     174,   118,   241,   307,   308,   309,   377,    67,   263,   331,
+     104,   105,   106,   142,   143,   144,    68,   251,   252,   253,
+     254,    69,   169,   170,   171,    70,    97,    98,    99,   100,
+      71,   187,   188,   189,    72,    73,    74,    75,    76,   108,
+     173,   380,   282,   338,   129,   130,    77,    78,   293,   227,
+      79,   157,   158,   212,   208,   209,   210,   148,   132,   278,
+     220,    80,    81,   296,   297,   298,   364,   365,   396,   366,
+     399,   400,   413,   414,   415
 };
 
-  /* YYDEFGOTO[NTERM-NUM].  */
-static const yytype_int16 yydefgoto[] =
+/* YYPACT[STATE-NUM] -- Index in YYTABLE of the portion describing
+   STATE-NUM.  */
+#define YYPACT_NINF -188
+static const yytype_int16 yypact[] =
 {
-      -1,    56,    57,    58,    59,    60,   128,   120,   121,   284,
-     352,   353,   354,   355,   356,   357,   358,    61,    62,    63,
-      64,    85,   232,   233,    65,   198,   199,   200,   201,    66,
-     171,   115,   238,   304,   305,   306,   374,    67,   260,   328,
-     101,   102,   103,   139,   140,   141,    68,   248,   249,   250,
-     251,    69,   166,   167,   168,    70,    94,    95,    96,    97,
-      71,   184,   185,   186,    72,    73,    74,    75,    76,   105,
-     170,   377,   279,   335,   126,   127,    77,    78,   290,   224,
-      79,   154,   155,   209,   205,   206,   207,   145,   129,   275,
-     217,    80,    81,   293,   294,   295,   361,   362,   393,   363,
-     396,   397,   410,   411,   412
+       5,  -160,   -28,  -188,  -188,  -188,   -24,  -188,    60,     0,
+    -119,  -188,    60,  -188,   118,     7,  -188,  -117,  -188,  -110,
+    -108,  -188,  -188,  -101,  -188,  -188,     7,    -1,   345,     7,
+    -188,  -188,   -96,  -188,   -95,  -188,  -188,    21,    -3,    73,
+      33,    11,  -188,  -188,   -94,   118,   -61,  -188,    43,   446,
+     -57,   -58,    41,  -188,  -188,  -188,   105,   179,   -79,  -188,
+       7,  -188,     7,  -188,  -188,  -188,  -188,  -188,  -188,  -188,
+    -188,  -188,  -188,    -7,    48,   -48,   -39,  -188,    24,  -188,
+    -188,   -86,  -188,  -188,  -188,    42,  -188,  -188,  -188,  -188,
+    -188,  -188,  -188,  -188,  -188,  -188,  -188,    60,  -188,  -188,
+    -188,  -188,  -188,  -188,     0,  -188,    59,    89,  -188,    60,
+    -188,  -188,  -188,  -188,  -188,  -188,  -188,  -188,  -188,  -188,
+    -188,  -188,    80,  -188,     9,   338,  -188,  -188,  -188,  -101,
+    -188,  -188,     7,  -188,  -188,  -188,  -188,  -188,  -188,  -188,
+    -188,  -188,   345,  -188,    67,     7,  -188,  -188,    12,  -188,
+    -188,  -188,  -188,  -188,  -188,  -188,  -188,    -3,  -188,  -188,
+     107,   116,  -188,  -188,    83,  -188,  -188,  -188,  -188,    11,
+    -188,   113,   -20,  -188,   118,  -188,  -188,  -188,  -188,  -188,
+    -188,  -188,  -188,  -188,  -188,  -188,  -188,    43,  -188,    -7,
+    -188,  -188,   -25,  -188,  -188,  -188,  -188,  -188,  -188,  -188,
+    -188,   446,  -188,   127,    -7,  -188,  -188,   129,   -58,  -188,
+    -188,  -188,   142,  -188,    19,  -188,  -188,  -188,  -188,  -188,
+    -188,  -188,  -188,  -188,  -188,  -188,  -188,     4,  -158,  -188,
+    -188,  -188,  -188,  -188,   145,  -188,    49,  -188,  -188,  -188,
+    -188,   233,    55,  -188,  -188,  -188,  -188,    64,   157,  -188,
+    -188,    80,  -188,    -7,   -25,  -188,  -188,  -188,  -188,  -188,
+    -188,  -188,  -188,   445,  -188,  -188,   445,   445,   -57,  -188,
+    -188,    82,  -188,  -188,  -188,  -188,  -188,  -188,  -188,  -188,
+    -188,  -188,   -44,   202,  -188,  -188,  -188,   324,  -188,  -188,
+    -188,  -188,  -188,  -188,  -188,  -188,   -30,    58,    50,  -188,
+    -188,  -188,  -188,    88,  -188,  -188,     3,  -188,  -188,  -188,
+    -188,  -188,  -188,  -188,  -188,  -188,  -188,  -188,  -188,  -188,
+    -188,  -188,  -188,  -188,  -188,  -188,  -188,  -188,  -188,  -188,
+    -188,  -188,   445,   445,  -188,   221,   -57,   188,  -188,   191,
+    -188,  -188,  -188,  -188,  -188,  -188,  -188,  -188,  -188,  -188,
+    -188,  -188,  -188,  -188,  -188,  -188,  -188,  -188,  -188,   -51,
+    -188,    99,    61,    75,  -114,  -188,    65,  -188,    -7,  -188,
+    -188,  -188,  -188,  -188,  -188,  -188,  -188,  -188,   445,  -188,
+    -188,  -188,  -188,    68,  -188,  -188,  -188,     7,  -188,  -188,
+    -188,    76,  -188,  -188,  -188,    71,    78,    -7,    74,  -178,
+    -188,    90,    -7,  -188,  -188,  -188,    77,    32,  -188,  -188,
+    -188,  -188,  -188,   101,    93,    84,  -188,    94,  -188,    -7,
+    -188,  -188
 };
 
-  /* YYTABLE[YYPACT[STATE-NUM]] -- What to do in state STATE-NUM.  If
-     positive, shift that token.  If negative, reduce the rule whose
-     number is the opposite.  If YYTABLE_NINF, syntax error.  */
+/* YYPGOTO[NTERM-NUM].  */
+static const yytype_int16 yypgoto[] =
+{
+    -188,  -188,  -188,   -41,  -188,  -188,   -15,   -38,  -188,  -188,
+    -188,  -188,  -188,  -188,  -188,  -188,  -188,  -188,  -188,  -188,
+    -188,  -188,  -188,  -188,  -188,  -188,    81,  -188,  -188,  -188,
+    -188,   -37,  -188,  -188,  -188,  -188,  -188,  -188,  -111,  -188,
+    -188,   170,  -188,  -188,   133,  -188,  -188,  -188,    37,  -188,
+    -188,  -188,  -188,   115,  -188,  -188,   277,   -53,  -188,  -188,
+    -188,  -188,   103,  -188,  -188,  -188,  -188,  -188,  -188,  -188,
+    -188,  -188,  -188,  -188,  -188,   162,  -188,  -188,  -188,  -188,
+    -188,  -188,   143,  -188,  -188,    91,  -188,  -188,   274,    52,
+    -187,  -188,  -188,  -188,     8,  -188,  -188,   -56,  -188,  -188,
+    -188,   -87,  -188,  -100,  -188
+};
+
+/* YYTABLE[YYPACT[STATE-NUM]].  What to do in state STATE-NUM.  If
+   positive, shift that token.  If negative, reduce the rule which
+   number is the opposite.  If YYTABLE_NINF, syntax error.  */
+#define YYTABLE_NINF -7
 static const yytype_int16 yytable[] =
 {
-     119,   161,   271,   285,   272,   203,   381,   263,   264,   172,
-     239,   333,   202,   211,    82,   107,   367,   278,   359,   108,
-     215,   395,   298,   221,   160,    86,   273,    83,   234,    87,
-     299,   400,    84,   300,   104,    88,   226,   122,   368,   116,
-     234,   117,   147,   148,   222,   213,   123,   214,   124,   216,
-     240,   241,   242,   243,    98,   291,   292,   156,   125,   227,
-     149,   130,   228,   286,   359,   287,   311,   143,   223,   144,
-     386,   301,   146,   163,   162,   169,   208,   109,   253,     1,
-     173,   334,   118,   210,   212,   218,    89,   219,     2,   220,
-     225,   237,     3,     4,     5,   236,   157,   252,   158,   150,
-       6,     7,   302,   291,   292,   257,   258,     8,     9,   329,
-     330,    10,   261,    11,   255,    12,    13,   369,   382,    14,
-      90,    91,   110,   262,   370,   265,   164,   255,    15,   151,
-     111,   118,    16,   112,   274,   269,   267,    92,    17,   204,
-      18,   371,    99,   277,   229,   230,   244,   100,   268,    19,
-      20,   231,   280,    21,    22,   113,   288,   283,    23,    24,
-     114,   282,    25,    26,   245,   303,   296,   297,    93,   246,
-     247,    27,   131,   132,   133,   134,   307,   289,   159,   375,
-     165,   389,   309,   308,    28,    29,    30,   332,   118,   336,
-     372,    31,   174,   373,   152,   365,   366,   364,   376,   153,
-      32,   379,   380,   135,    33,   136,    34,   137,    35,    36,
-     398,   383,   390,   138,   384,   403,   385,   175,    37,    38,
-      39,    40,    41,    42,    43,    44,   276,   331,    45,   388,
-      46,   394,   418,   392,   399,   176,   395,   402,   177,    47,
-     415,   416,   404,   417,    48,    49,    50,   235,    51,    52,
-     256,   310,    53,    54,     2,   266,   270,   106,     3,     4,
-       5,    -6,    55,   254,   259,   142,     6,     7,   405,   406,
-     407,   408,   409,     8,     9,   281,   360,    10,   312,    11,
-     387,    12,    13,   401,   414,    14,     0,   405,   406,   407,
-     408,   409,     0,     0,    15,   378,   413,     0,    16,     0,
-       0,     0,     0,     0,    17,     0,    18,     0,     0,     0,
-       0,   178,     0,     0,     0,    19,    20,     0,     0,    21,
-      22,     0,     0,     0,    23,    24,     0,     0,    25,    26,
-       0,     0,     0,     0,     0,     0,     0,    27,     0,   179,
-     180,   181,   182,     0,     0,     0,     0,   183,     0,     0,
-      28,    29,    30,     0,     0,     0,     0,    31,     0,     0,
-       0,     0,     0,     0,     0,     0,    32,     0,     0,   391,
-      33,     0,    34,     0,    35,    36,     0,     0,     0,     0,
-       0,     0,     0,     0,    37,    38,    39,    40,    41,    42,
-      43,    44,     0,     0,    45,     0,    46,     0,     0,     0,
-       0,     0,     0,     0,     0,    47,     0,     0,     0,     0,
-      48,    49,    50,     0,    51,    52,     0,     2,    53,    54,
-       0,     3,     4,     5,     0,     0,     0,    -6,    55,     6,
-       7,     0,     0,     0,     0,     0,     8,     9,   313,     0,
-      10,     0,    11,     0,    12,    13,   314,     0,    14,     0,
-       0,     0,     0,     0,     0,     0,     0,    15,     0,     0,
-       0,    16,     0,     0,   315,   316,     0,    17,   317,    18,
-       0,     0,     0,   337,   318,     0,     0,     0,    19,    20,
-       0,   338,    21,    22,     0,     0,     0,    23,    24,     0,
-       0,    25,    26,     0,     0,     0,     0,     0,     0,     0,
-      27,   319,   320,     0,     0,   321,   322,     0,   323,   324,
-     325,     0,   326,    28,    29,    30,     0,   339,   340,     0,
-      31,     0,     0,     0,     0,     0,     0,     0,     0,    32,
-       0,     0,     0,    33,   341,    34,   187,    35,    36,     0,
-       0,     0,   188,     0,   189,     0,     0,    37,    38,    39,
-      40,    41,    42,    43,    44,     0,   342,    45,     0,    46,
-       0,     0,     0,     0,   343,     0,   344,   327,    47,     0,
-       0,   190,     0,    48,    49,    50,     0,    51,    52,     0,
-     345,    53,    54,     0,     0,     0,     0,     0,     0,     0,
-       0,    55,     0,     0,     0,     0,     0,   346,   347,     0,
+     122,   164,   274,   206,   150,   151,     1,   370,   175,   288,
+     384,   101,   205,   398,   275,     2,   214,   281,   336,     3,
+       4,     5,   152,   403,   163,   218,    82,     6,     7,   371,
+     294,   295,   362,    83,     8,     9,   276,    84,    10,   107,
+      11,   125,    12,    13,   237,   216,    14,   217,   126,   177,
+     127,   266,   267,   166,   219,    15,   237,   128,   224,    16,
+     133,   153,   146,   147,   172,    17,   314,    18,    86,   289,
+     229,   290,    87,   119,   178,   120,    19,    20,    88,   225,
+      21,    22,   149,   242,   256,    23,    24,   389,   337,    25,
+      26,   154,   179,   230,   165,   180,   231,   176,    27,   102,
+     159,   121,   211,   226,   103,   213,   167,   215,   372,   221,
+     222,    28,    29,    30,   228,   373,   362,   258,    31,   223,
+     239,   240,   385,   243,   244,   245,   246,    32,   260,    89,
+     258,    33,   374,    34,   264,    35,    36,   272,   110,   160,
+     207,   161,   111,   265,   277,    37,    38,    39,    40,    41,
+      42,    43,    44,   332,   333,    45,   155,    46,   294,   295,
+     168,   156,   291,    90,    91,   121,    47,   255,   181,   268,
+     261,    48,    49,    50,   270,    51,    52,   271,   232,   233,
+      92,   392,    53,    54,   375,   234,   292,   376,   280,     2,
+     283,    -6,    55,     3,     4,     5,   182,   183,   184,   185,
+     112,     6,     7,   285,   186,   286,   299,   300,     8,     9,
+     401,    93,    10,   310,    11,   406,    12,    13,   312,   247,
+      14,   162,   311,   378,   408,   409,   410,   411,   412,    15,
+     334,   121,   421,    16,    94,    95,    96,   248,   339,    17,
+     335,    18,   249,   250,   367,   113,   369,   368,   379,   382,
+      19,    20,   383,   114,    21,    22,   115,   386,   387,    23,
+      24,   388,   301,    25,    26,   391,   395,   393,   397,   398,
+     302,   402,    27,   303,   238,   259,   405,   407,   116,   418,
+     420,   419,   279,   117,   269,    28,    29,    30,   313,   109,
+     273,   257,    31,   408,   409,   410,   411,   412,   381,   284,
+     262,    32,   416,   145,   363,    33,   315,    34,   390,    35,
+      36,   304,   404,   417,     0,     0,     0,     0,     0,    37,
+      38,    39,    40,    41,    42,    43,    44,     0,     0,    45,
+       0,    46,     0,   340,     0,     0,     0,     0,     0,     0,
+      47,   341,   305,     0,     0,    48,    49,    50,     2,    51,
+      52,     0,     3,     4,     5,     0,    53,    54,     0,     0,
+       6,     7,     0,     0,     0,    -6,    55,     8,     9,     0,
+       0,    10,   394,    11,     0,    12,    13,   342,   343,    14,
+       0,     0,     0,     0,     0,     0,     0,     0,    15,     0,
+       0,     0,    16,     0,   344,     0,     0,     0,    17,     0,
+      18,   134,   135,   136,   137,   306,     0,     0,     0,    19,
+      20,     0,     0,    21,    22,     0,   345,     0,    23,    24,
+       0,     0,    25,    26,   346,     0,   347,     0,     0,     0,
+       0,    27,   138,     0,   139,     0,   140,     0,     0,     0,
+     348,     0,   141,     0,    28,    29,    30,     0,     0,     0,
+       0,    31,     0,     0,     0,     0,     0,   349,   350,   190,
+      32,     0,     0,     0,    33,   191,    34,   192,    35,    36,
+       0,     0,     0,     0,     0,     0,     0,     0,    37,    38,
+      39,    40,    41,    42,    43,    44,     0,     0,    45,     0,
+      46,     0,   316,   351,   193,   352,     0,     0,     0,    47,
+     317,     0,     0,   353,    48,    49,    50,   354,    51,    52,
+       0,     0,     0,     0,     0,    53,    54,     0,   318,   319,
+       0,     0,   320,     0,     0,    55,     0,     0,   321,     0,
+       0,     0,     0,     0,   194,     0,   195,     0,     0,     0,
+       0,     0,   196,     0,   197,     0,     0,   198,     0,     0,
+       0,     0,     0,     0,     0,   322,   323,     0,     0,   324,
+     325,     0,   326,   327,   328,     0,   329,     0,     0,   199,
+     200,     0,     0,     0,     0,     0,     0,     0,     0,     0,
+       0,     0,     0,     0,     0,     0,     0,     0,     0,     0,
+       0,     0,     0,     0,     0,     0,     0,     0,     0,     0,
        0,     0,     0,     0,     0,     0,     0,     0,     0,     0,
-       0,   191,     0,   192,     0,     0,     0,     0,     0,   193,
-       0,   194,     0,     0,   195,     0,     0,     0,     0,     0,
-       0,     0,     0,   348,     0,   349,     0,     0,     0,     0,
-     350,     0,     0,     0,   351,     0,   196,   197
+       0,     0,     0,     0,     0,     0,     0,     0,     0,     0,
+       0,     0,     0,     0,   330
 };
 
+#define yypact_value_is_default(Yystate) \
+  (!!((Yystate) == (-188)))
+
+#define yytable_value_is_error(Yytable_value) \
+  YYID (0)
+
 static const yytype_int16 yycheck[] =
 {
-      15,    39,   186,     5,    39,    61,    61,   159,   160,    45,
-       3,    62,    50,    57,   183,    20,     4,   201,   146,    24,
-      32,   188,    29,    34,    39,     8,    61,    61,    94,    12,
-      37,   198,    61,    40,   158,    18,    28,   158,    26,    66,
-     106,    68,     7,     8,    55,    60,   158,    62,   158,    61,
-      43,    44,    45,    46,    11,   185,   186,    27,   158,    51,
-      25,    61,    54,    65,   146,    67,   250,   158,    79,   158,
-     198,    78,    61,    42,    61,   158,    61,    82,   122,     1,
-     158,   132,   158,     0,   183,    61,    69,   158,    10,   158,
-     197,    32,    14,    15,    16,    61,    66,   158,    68,    64,
-      22,    23,   109,   185,   186,    61,   158,    29,    30,   261,
-     262,    33,    27,    35,   129,    37,    38,   105,   173,    41,
-     103,   104,   127,    27,   112,    86,    95,   142,    50,    94,
-     135,   158,    54,   138,   169,   171,    61,   120,    60,   195,
-      62,   129,    99,    61,   136,   137,   139,   104,   194,    71,
-      72,   143,    61,    75,    76,   160,   158,   183,    80,    81,
-     165,    61,    84,    85,   157,   172,    61,   158,   151,   162,
-     163,    93,    56,    57,    58,    59,   158,   179,   148,   331,
-     149,   365,    61,   158,   106,   107,   108,   158,   158,    36,
-     178,   113,     6,   181,   159,   194,   158,   183,    27,   164,
-     122,    61,    61,    87,   126,    89,   128,    91,   130,   131,
-     394,   158,   196,    97,   194,   399,   183,    31,   140,   141,
-     142,   143,   144,   145,   146,   147,   198,   265,   150,   197,
-     152,   194,   416,   187,   194,    49,   188,   183,    52,   161,
-     183,   194,   197,   183,   166,   167,   168,   101,   170,   171,
-     139,   248,   174,   175,    10,   166,   184,    12,    14,    15,
-      16,   183,   184,   126,   154,    29,    22,    23,   189,   190,
-     191,   192,   193,    29,    30,   205,   293,    33,   251,    35,
-     361,    37,    38,   396,   410,    41,    -1,   189,   190,   191,
-     192,   193,    -1,    -1,    50,   333,   198,    -1,    54,    -1,
-      -1,    -1,    -1,    -1,    60,    -1,    62,    -1,    -1,    -1,
-      -1,   125,    -1,    -1,    -1,    71,    72,    -1,    -1,    75,
-      76,    -1,    -1,    -1,    80,    81,    -1,    -1,    84,    85,
-      -1,    -1,    -1,    -1,    -1,    -1,    -1,    93,    -1,   153,
-     154,   155,   156,    -1,    -1,    -1,    -1,   161,    -1,    -1,
-     106,   107,   108,    -1,    -1,    -1,    -1,   113,    -1,    -1,
-      -1,    -1,    -1,    -1,    -1,    -1,   122,    -1,    -1,   384,
-     126,    -1,   128,    -1,   130,   131,    -1,    -1,    -1,    -1,
-      -1,    -1,    -1,    -1,   140,   141,   142,   143,   144,   145,
-     146,   147,    -1,    -1,   150,    -1,   152,    -1,    -1,    -1,
-      -1,    -1,    -1,    -1,    -1,   161,    -1,    -1,    -1,    -1,
-     166,   167,   168,    -1,   170,   171,    -1,    10,   174,   175,
-      -1,    14,    15,    16,    -1,    -1,    -1,   183,   184,    22,
-      23,    -1,    -1,    -1,    -1,    -1,    29,    30,    47,    -1,
-      33,    -1,    35,    -1,    37,    38,    55,    -1,    41,    -1,
-      -1,    -1,    -1,    -1,    -1,    -1,    -1,    50,    -1,    -1,
-      -1,    54,    -1,    -1,    73,    74,    -1,    60,    77,    62,
-      -1,    -1,    -1,     9,    83,    -1,    -1,    -1,    71,    72,
-      -1,    17,    75,    76,    -1,    -1,    -1,    80,    81,    -1,
-      -1,    84,    85,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
-      93,   110,   111,    -1,    -1,   114,   115,    -1,   117,   118,
-     119,    -1,   121,   106,   107,   108,    -1,    53,    54,    -1,
-     113,    -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,   122,
-      -1,    -1,    -1,   126,    70,   128,    13,   130,   131,    -1,
-      -1,    -1,    19,    -1,    21,    -1,    -1,   140,   141,   142,
-     143,   144,   145,   146,   147,    -1,    92,   150,    -1,   152,
-      -1,    -1,    -1,    -1,   100,    -1,   102,   176,   161,    -1,
-      -1,    48,    -1,   166,   167,   168,    -1,   170,   171,    -1,
-     116,   174,   175,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
-      -1,   184,    -1,    -1,    -1,    -1,    -1,   133,   134,    -1,
+      15,    39,   189,    61,     7,     8,     1,     4,    45,     5,
+      61,    11,    50,   191,    39,    10,    57,   204,    62,    14,
+      15,    16,    25,   201,    39,    32,   186,    22,    23,    26,
+     188,   189,   146,    61,    29,    30,    61,    61,    33,   158,
+      35,   158,    37,    38,    97,    60,    41,    62,   158,     6,
+     158,   162,   163,    42,    61,    50,   109,   158,    34,    54,
+      61,    64,   158,   158,   158,    60,   253,    62,     8,    65,
+      28,    67,    12,    66,    31,    68,    71,    72,    18,    55,
+      75,    76,    61,     3,   125,    80,    81,   201,   132,    84,
+      85,    94,    49,    51,    61,    52,    54,   158,    93,    99,
+      27,   158,    61,    79,   104,     0,    95,   186,   105,    61,
+     158,   106,   107,   108,   200,   112,   146,   132,   113,   158,
+      61,    32,   173,    43,    44,    45,    46,   122,    61,    69,
+     145,   126,   129,   128,    27,   130,   131,   174,    20,    66,
+     198,    68,    24,    27,   169,   140,   141,   142,   143,   144,
+     145,   146,   147,   264,   265,   150,   159,   152,   188,   189,
+     149,   164,   158,   103,   104,   158,   161,   158,   125,    86,
+     158,   166,   167,   168,    61,   170,   171,   197,   136,   137,
+     120,   368,   177,   178,   181,   143,   182,   184,    61,    10,
+      61,   186,   187,    14,    15,    16,   153,   154,   155,   156,
+      82,    22,    23,    61,   161,   186,    61,   158,    29,    30,
+     397,   151,    33,   158,    35,   402,    37,    38,    61,   139,
+      41,   148,   158,   334,   192,   193,   194,   195,   196,    50,
+     268,   158,   419,    54,   174,   175,   176,   157,    36,    60,
+     158,    62,   162,   163,   186,   127,   158,   197,    27,    61,
+      71,    72,    61,   135,    75,    76,   138,   158,   197,    80,
+      81,   186,    29,    84,    85,   200,   190,   199,   197,   191,
+      37,   197,    93,    40,   104,   142,   186,   200,   160,   186,
+     186,   197,   201,   165,   169,   106,   107,   108,   251,    12,
+     187,   129,   113,   192,   193,   194,   195,   196,   336,   208,
+     157,   122,   201,    29,   296,   126,   254,   128,   364,   130,
+     131,    78,   399,   413,    -1,    -1,    -1,    -1,    -1,   140,
+     141,   142,   143,   144,   145,   146,   147,    -1,    -1,   150,
+      -1,   152,    -1,     9,    -1,    -1,    -1,    -1,    -1,    -1,
+     161,    17,   109,    -1,    -1,   166,   167,   168,    10,   170,
+     171,    -1,    14,    15,    16,    -1,   177,   178,    -1,    -1,
+      22,    23,    -1,    -1,    -1,   186,   187,    29,    30,    -1,
+      -1,    33,   387,    35,    -1,    37,    38,    53,    54,    41,
+      -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,    50,    -1,
+      -1,    -1,    54,    -1,    70,    -1,    -1,    -1,    60,    -1,
+      62,    56,    57,    58,    59,   172,    -1,    -1,    -1,    71,
+      72,    -1,    -1,    75,    76,    -1,    92,    -1,    80,    81,
+      -1,    -1,    84,    85,   100,    -1,   102,    -1,    -1,    -1,
+      -1,    93,    87,    -1,    89,    -1,    91,    -1,    -1,    -1,
+     116,    -1,    97,    -1,   106,   107,   108,    -1,    -1,    -1,
+      -1,   113,    -1,    -1,    -1,    -1,    -1,   133,   134,    13,
+     122,    -1,    -1,    -1,   126,    19,   128,    21,   130,   131,
+      -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,   140,   141,
+     142,   143,   144,   145,   146,   147,    -1,    -1,   150,    -1,
+     152,    -1,    47,   169,    48,   171,    -1,    -1,    -1,   161,
+      55,    -1,    -1,   179,   166,   167,   168,   183,   170,   171,
+      -1,    -1,    -1,    -1,    -1,   177,   178,    -1,    73,    74,
+      -1,    -1,    77,    -1,    -1,   187,    -1,    -1,    83,    -1,
+      -1,    -1,    -1,    -1,    88,    -1,    90,    -1,    -1,    -1,
+      -1,    -1,    96,    -1,    98,    -1,    -1,   101,    -1,    -1,
+      -1,    -1,    -1,    -1,    -1,   110,   111,    -1,    -1,   114,
+     115,    -1,   117,   118,   119,    -1,   121,    -1,    -1,   123,
+     124,    -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+      -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+      -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
       -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
-      -1,    88,    -1,    90,    -1,    -1,    -1,    -1,    -1,    96,
-      -1,    98,    -1,    -1,   101,    -1,    -1,    -1,    -1,    -1,
-      -1,    -1,    -1,   169,    -1,   171,    -1,    -1,    -1,    -1,
-     176,    -1,    -1,    -1,   180,    -1,   123,   124
+      -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,    -1,
+      -1,    -1,    -1,    -1,   179
 };
 
-  /* YYSTOS[STATE-NUM] -- The (internal number of the) accessing
-     symbol of state STATE-NUM.  */
+/* YYSTOS[STATE-NUM] -- The (internal number of the) accessing
+   symbol of state STATE-NUM.  */
 static const yytype_uint16 yystos[] =
 {
        0,     1,    10,    14,    15,    16,    22,    23,    29,    30,
@@ -1302,129 +1504,70 @@ static const yytype_uint16 yystos[] =
       72,    75,    76,    80,    81,    84,    85,    93,   106,   107,
      108,   113,   122,   126,   128,   130,   131,   140,   141,   142,
      143,   144,   145,   146,   147,   150,   152,   161,   166,   167,
-     168,   170,   171,   174,   175,   184,   200,   201,   202,   203,
-     204,   216,   217,   218,   219,   223,   228,   236,   245,   250,
-     254,   259,   263,   264,   265,   266,   267,   275,   276,   279,
-     290,   291,   183,    61,    61,   220,     8,    12,    18,    69,
-     103,   104,   120,   151,   255,   256,   257,   258,    11,    99,
-     104,   239,   240,   241,   158,   268,   255,    20,    24,    82,
-     127,   135,   138,   160,   165,   230,    66,    68,   158,   205,
-     206,   207,   158,   158,   158,   158,   273,   274,   205,   287,
-      61,    56,    57,    58,    59,    87,    89,    91,    97,   242,
-     243,   244,   287,   158,   158,   286,    61,     7,     8,    25,
-      64,    94,   159,   164,   280,   281,    27,    66,    68,   148,
-     205,   206,    61,    42,    95,   149,   251,   252,   253,   158,
-     269,   229,   230,   158,     6,    31,    49,    52,   125,   153,
-     154,   155,   156,   161,   260,   261,   262,    13,    19,    21,
-      48,    88,    90,    96,    98,   101,   123,   124,   224,   225,
-     226,   227,   206,    61,   195,   283,   284,   285,    61,   282,
-       0,   202,   183,   205,   205,    32,    61,   289,    61,   158,
-     158,    34,    55,    79,   278,   197,    28,    51,    54,   136,
-     137,   143,   221,   222,   256,   240,    61,    32,   231,     3,
-      43,    44,    45,    46,   139,   157,   162,   163,   246,   247,
-     248,   249,   158,   202,   274,   205,   243,    61,   158,   281,
-     237,    27,    27,   237,   237,    86,   252,    61,   194,   230,
-     261,   289,    39,    61,   169,   288,   225,    61,   289,   271,
-      61,   284,    61,   183,   208,     5,    65,    67,   158,   179,
-     277,   185,   186,   292,   293,   294,    61,   158,    29,    37,
-      40,    78,   109,   172,   232,   233,   234,   158,   158,    61,
-     247,   289,   288,    47,    55,    73,    74,    77,    83,   110,
-     111,   114,   115,   117,   118,   119,   121,   176,   238,   237,
-     237,   206,   158,    62,   132,   272,    36,     9,    17,    53,
-      54,    70,    92,   100,   102,   116,   133,   134,   169,   171,
-     176,   180,   209,   210,   211,   212,   213,   214,   215,   146,
-     293,   295,   296,   298,   183,   194,   158,     4,    26,   105,
-     112,   129,   178,   181,   235,   237,    27,   270,   206,    61,
-      61,    61,   173,   158,   194,   183,   198,   296,   197,   289,
-     196,   205,   187,   297,   194,   188,   299,   300,   289,   194,
-     198,   300,   183,   289,   197,   189,   190,   191,   192,   193,
-     301,   302,   303,   198,   302,   183,   194,   183,   289
-};
-
-  /* YYR1[YYN] -- Symbol number of symbol that rule YYN derives.  */
-static const yytype_uint16 yyr1[] =
-{
-       0,   199,   200,   201,   201,   201,   202,   202,   202,   202,
-     202,   202,   202,   202,   202,   202,   202,   202,   202,   202,
-     203,   204,   204,   204,   204,   204,   205,   205,   206,   207,
-     207,   208,   208,   209,   209,   209,   210,   211,   211,   211,
-     211,   211,   211,   211,   211,   212,   212,   213,   213,   213,
-     213,   213,   213,   214,   215,   216,   217,   217,   218,   218,
-     218,   218,   219,   219,   219,   219,   219,   219,   219,   219,
-     219,   220,   220,   221,   221,   222,   222,   222,   222,   222,
-     223,   224,   224,   225,   225,   225,   226,   226,   226,   226,
-     226,   226,   227,   227,   227,   227,   228,   228,   228,   229,
-     229,   230,   230,   230,   230,   230,   230,   230,   230,   231,
-     231,   232,   232,   232,   232,   233,   233,   234,   234,   235,
-     235,   235,   235,   235,   235,   235,   236,   236,   236,   236,
-     236,   236,   236,   236,   237,   237,   238,   238,   238,   238,
-     238,   238,   238,   238,   238,   238,   238,   238,   238,   238,
-     238,   239,   239,   240,   241,   241,   241,   242,   242,   243,
-     244,   244,   244,   244,   244,   244,   244,   244,   245,   246,
-     246,   247,   247,   247,   247,   247,   248,   248,   249,   249,
-     249,   249,   250,   251,   251,   252,   253,   253,   253,   254,
-     254,   255,   255,   256,   256,   257,   257,   257,   257,   257,
-     257,   258,   258,   259,   260,   260,   261,   262,   262,   262,
-     262,   262,   262,   262,   262,   262,   262,   263,   263,   263,
-     263,   263,   263,   263,   263,   263,   263,   263,   263,   263,
-     263,   264,   264,   264,   265,   265,   266,   266,   267,   267,
-     267,   268,   268,   268,   269,   270,   270,   271,   271,   272,
-     272,   273,   273,   274,   275,   275,   276,   276,   277,   277,
-     277,   277,   278,   278,   278,   279,   280,   280,   281,   281,
-     281,   281,   281,   281,   281,   282,   282,   283,   283,   284,
-     284,   285,   286,   286,   287,   287,   288,   288,   288,   289,
-     289,   290,   291,   292,   292,   293,   294,   294,   295,   295,
-     296,   297,   298,   299,   299,   300,   301,   301,   302,   303,
-     303,   303,   303,   303
-};
-
-  /* YYR2[YYN] -- Number of symbols on the right hand side of rule YYN.  */
-static const yytype_uint8 yyr2[] =
-{
-       0,     2,     1,     3,     2,     2,     0,     1,     1,     1,
-       1,     1,     1,     1,     1,     1,     1,     1,     1,     1,
-       3,     1,     1,     1,     1,     1,     1,     2,     1,     1,
-       1,     0,     2,     1,     1,     1,     1,     1,     1,     1,
-       1,     1,     1,     1,     1,     2,     2,     1,     1,     1,
-       1,     1,     1,     2,     1,     2,     1,     1,     1,     2,
-       2,     2,     2,     2,     2,     2,     2,     2,     2,     2,
-       2,     0,     2,     2,     2,     1,     1,     1,     1,     1,
-       2,     2,     1,     2,     2,     2,     1,     1,     1,     1,
-       1,     1,     1,     1,     1,     1,     2,     2,     3,     2,
-       1,     1,     1,     1,     1,     1,     1,     1,     1,     0,
-       2,     2,     2,     1,     1,     1,     1,     1,     1,     1,
-       1,     1,     1,     1,     1,     1,     2,     2,     3,     5,
-       3,     4,     4,     3,     0,     2,     1,     1,     1,     1,
-       1,     1,     1,     1,     1,     1,     1,     1,     1,     1,
-       1,     2,     1,     2,     1,     1,     1,     2,     1,     2,
-       1,     1,     1,     1,     1,     1,     1,     1,     3,     2,
-       1,     2,     2,     2,     2,     2,     1,     1,     1,     1,
-       1,     1,     2,     2,     1,     2,     1,     1,     1,     2,
-       2,     2,     1,     1,     1,     1,     1,     1,     1,     1,
-       1,     1,     1,     2,     2,     1,     2,     1,     1,     1,
-       1,     1,     1,     1,     1,     1,     1,     1,     1,     2,
-       2,     2,     2,     3,     1,     2,     2,     2,     2,     3,
-       2,     1,     1,     1,     1,     1,     1,     1,     1,     1,
-       1,     1,     2,     0,     4,     1,     0,     0,     2,     2,
-       2,     2,     1,     1,     3,     3,     1,     1,     1,     1,
-       1,     1,     1,     1,     1,     2,     2,     1,     1,     1,
-       1,     1,     1,     1,     1,     2,     1,     2,     1,     1,
-       1,     5,     2,     1,     2,     1,     1,     1,     1,     1,
-       1,     5,     1,     3,     2,     3,     1,     1,     2,     1,
-       5,     4,     3,     2,     1,     6,     3,     2,     3,     1,
-       1,     1,     1,     1
+     168,   170,   171,   177,   178,   187,   203,   204,   205,   206,
+     207,   219,   220,   221,   222,   226,   231,   239,   248,   253,
+     257,   262,   266,   267,   268,   269,   270,   278,   279,   282,
+     293,   294,   186,    61,    61,   223,     8,    12,    18,    69,
+     103,   104,   120,   151,   174,   175,   176,   258,   259,   260,
+     261,    11,    99,   104,   242,   243,   244,   158,   271,   258,
+      20,    24,    82,   127,   135,   138,   160,   165,   233,    66,
+      68,   158,   208,   209,   210,   158,   158,   158,   158,   276,
+     277,   208,   290,    61,    56,    57,    58,    59,    87,    89,
+      91,    97,   245,   246,   247,   290,   158,   158,   289,    61,
+       7,     8,    25,    64,    94,   159,   164,   283,   284,    27,
+      66,    68,   148,   208,   209,    61,    42,    95,   149,   254,
+     255,   256,   158,   272,   232,   233,   158,     6,    31,    49,
+      52,   125,   153,   154,   155,   156,   161,   263,   264,   265,
+      13,    19,    21,    48,    88,    90,    96,    98,   101,   123,
+     124,   227,   228,   229,   230,   209,    61,   198,   286,   287,
+     288,    61,   285,     0,   205,   186,   208,   208,    32,    61,
+     292,    61,   158,   158,    34,    55,    79,   281,   200,    28,
+      51,    54,   136,   137,   143,   224,   225,   259,   243,    61,
+      32,   234,     3,    43,    44,    45,    46,   139,   157,   162,
+     163,   249,   250,   251,   252,   158,   205,   277,   208,   246,
+      61,   158,   284,   240,    27,    27,   240,   240,    86,   255,
+      61,   197,   233,   264,   292,    39,    61,   169,   291,   228,
+      61,   292,   274,    61,   287,    61,   186,   211,     5,    65,
+      67,   158,   182,   280,   188,   189,   295,   296,   297,    61,
+     158,    29,    37,    40,    78,   109,   172,   235,   236,   237,
+     158,   158,    61,   250,   292,   291,    47,    55,    73,    74,
+      77,    83,   110,   111,   114,   115,   117,   118,   119,   121,
+     179,   241,   240,   240,   209,   158,    62,   132,   275,    36,
+       9,    17,    53,    54,    70,    92,   100,   102,   116,   133,
+     134,   169,   171,   179,   183,   212,   213,   214,   215,   216,
+     217,   218,   146,   296,   298,   299,   301,   186,   197,   158,
+       4,    26,   105,   112,   129,   181,   184,   238,   240,    27,
+     273,   209,    61,    61,    61,   173,   158,   197,   186,   201,
+     299,   200,   292,   199,   208,   190,   300,   197,   191,   302,
+     303,   292,   197,   201,   303,   186,   292,   200,   192,   193,
+     194,   195,   196,   304,   305,   306,   201,   305,   186,   197,
+     186,   292
 };
 
-
-#define yyerrok         (yyerrstatus = 0)
-#define yyclearin       (yychar = YYEMPTY)
-#define YYEMPTY         (-2)
-#define YYEOF           0
-
-#define YYACCEPT        goto yyacceptlab
-#define YYABORT         goto yyabortlab
-#define YYERROR         goto yyerrorlab
-
+#define yyerrok		(yyerrstatus = 0)
+#define yyclearin	(yychar = YYEMPTY)
+#define YYEMPTY		(-2)
+#define YYEOF		0
+
+#define YYACCEPT	goto yyacceptlab
+#define YYABORT		goto yyabortlab
+#define YYERROR		goto yyerrorlab
+
+
+/* Like YYERROR except do call yyerror.  This remains here temporarily
+   to ease the transition to the new meaning of YYERROR, for GCC.
+   Once GCC version 2 has supplanted version 1, this can go.  However,
+   YYFAIL appears to be in use.  Nevertheless, it is formally deprecated
+   in Bison 2.4.2's NEWS entry, where a plan to phase it out is
+   discussed.  */
+
+#define YYFAIL		goto yyerrlab
+#if defined YYFAIL
+  /* This is here to suppress warnings from the GCC cpp's
+     -Wunused-macros.  Normally we don't worry about that warning, but
+     some users do, and we want to make it easy for users to remove
+     YYFAIL uses, which will produce warnings from Bison 2.5.  */
+#endif
 
 #define YYRECOVERING()  (!!yyerrstatus)
 
@@ -1441,15 +1584,27 @@ do                                                              \
   else                                                          \
     {                                                           \
       yyerror (YY_("syntax error: cannot back up")); \
-      YYERROR;                                                  \
-    }                                                           \
-while (0)
+      YYERROR;							\
+    }								\
+while (YYID (0))
 
 /* Error token number */
-#define YYTERROR        1
-#define YYERRCODE       256
+#define YYTERROR	1
+#define YYERRCODE	256
 
 
+/* This macro is provided for backward compatibility. */
+#ifndef YY_LOCATION_PRINT
+# define YY_LOCATION_PRINT(File, Loc) ((void) 0)
+#endif
+
+
+/* YYLEX -- calling `yylex' with the right arguments.  */
+#ifdef YYLEX_PARAM
+# define YYLEX yylex (YYLEX_PARAM)
+#else
+# define YYLEX yylex ()
+#endif
 
 /* Enable debugging if requested.  */
 #if YYDEBUG
@@ -1459,36 +1614,40 @@ while (0)
 #  define YYFPRINTF fprintf
 # endif
 
-# define YYDPRINTF(Args)                        \
-do {                                            \
-  if (yydebug)                                  \
-    YYFPRINTF Args;                             \
-} while (0)
-
-/* This macro is provided for backward compatibility. */
-#ifndef YY_LOCATION_PRINT
-# define YY_LOCATION_PRINT(File, Loc) ((void) 0)
-#endif
+# define YYDPRINTF(Args)			\
+do {						\
+  if (yydebug)					\
+    YYFPRINTF Args;				\
+} while (YYID (0))
 
+# define YY_SYMBOL_PRINT(Title, Type, Value, Location)			  \
+do {									  \
+  if (yydebug)								  \
+    {									  \
+      YYFPRINTF (stderr, "%s ", Title);					  \
+      yy_symbol_print (stderr,						  \
+		  Type, Value); \
+      YYFPRINTF (stderr, "\n");						  \
+    }									  \
+} while (YYID (0))
 
-# define YY_SYMBOL_PRINT(Title, Type, Value, Location)                    \
-do {                                                                      \
-  if (yydebug)                                                            \
-    {                                                                     \
-      YYFPRINTF (stderr, "%s ", Title);                                   \
-      yy_symbol_print (stderr,                                            \
-                  Type, Value); \
-      YYFPRINTF (stderr, "\n");                                           \
-    }                                                                     \
-} while (0)
 
+/*--------------------------------.
+| Print this symbol on YYOUTPUT.  |
+`--------------------------------*/
 
-/*----------------------------------------.
-| Print this symbol's value on YYOUTPUT.  |
-`----------------------------------------*/
-
+/*ARGSUSED*/
+#if (defined __STDC__ || defined __C99__FUNC__ \
+     || defined __cplusplus || defined _MSC_VER)
 static void
 yy_symbol_value_print (FILE *yyoutput, int yytype, YYSTYPE const * const yyvaluep)
+#else
+static void
+yy_symbol_value_print (yyoutput, yytype, yyvaluep)
+    FILE *yyoutput;
+    int yytype;
+    YYSTYPE const * const yyvaluep;
+#endif
 {
   FILE *yyo = yyoutput;
   YYUSE (yyo);
@@ -1497,6 +1656,8 @@ yy_symbol_value_print (FILE *yyoutput, int yytype, YYSTYPE const * const yyvalue
 # ifdef YYPRINT
   if (yytype < YYNTOKENS)
     YYPRINT (yyoutput, yytoknum[yytype], *yyvaluep);
+# else
+  YYUSE (yyoutput);
 # endif
   YYUSE (yytype);
 }
@@ -1506,11 +1667,22 @@ yy_symbol_value_print (FILE *yyoutput, int yytype, YYSTYPE const * const yyvalue
 | Print this symbol on YYOUTPUT.  |
 `--------------------------------*/
 
+#if (defined __STDC__ || defined __C99__FUNC__ \
+     || defined __cplusplus || defined _MSC_VER)
 static void
 yy_symbol_print (FILE *yyoutput, int yytype, YYSTYPE const * const yyvaluep)
+#else
+static void
+yy_symbol_print (yyoutput, yytype, yyvaluep)
+    FILE *yyoutput;
+    int yytype;
+    YYSTYPE const * const yyvaluep;
+#endif
 {
-  YYFPRINTF (yyoutput, "%s %s (",
-             yytype < YYNTOKENS ? "token" : "nterm", yytname[yytype]);
+  if (yytype < YYNTOKENS)
+    YYFPRINTF (yyoutput, "token %s (", yytname[yytype]);
+  else
+    YYFPRINTF (yyoutput, "nterm %s (", yytname[yytype]);
 
   yy_symbol_value_print (yyoutput, yytype, yyvaluep);
   YYFPRINTF (yyoutput, ")");
@@ -1521,8 +1693,16 @@ yy_symbol_print (FILE *yyoutput, int yytype, YYSTYPE const * const yyvaluep)
 | TOP (included).                                                   |
 `------------------------------------------------------------------*/
 
+#if (defined __STDC__ || defined __C99__FUNC__ \
+     || defined __cplusplus || defined _MSC_VER)
 static void
 yy_stack_print (yytype_int16 *yybottom, yytype_int16 *yytop)
+#else
+static void
+yy_stack_print (yybottom, yytop)
+    yytype_int16 *yybottom;
+    yytype_int16 *yytop;
+#endif
 {
   YYFPRINTF (stderr, "Stack now");
   for (; yybottom <= yytop; yybottom++)
@@ -1533,42 +1713,49 @@ yy_stack_print (yytype_int16 *yybottom, yytype_int16 *yytop)
   YYFPRINTF (stderr, "\n");
 }
 
-# define YY_STACK_PRINT(Bottom, Top)                            \
-do {                                                            \
-  if (yydebug)                                                  \
-    yy_stack_print ((Bottom), (Top));                           \
-} while (0)
+# define YY_STACK_PRINT(Bottom, Top)				\
+do {								\
+  if (yydebug)							\
+    yy_stack_print ((Bottom), (Top));				\
+} while (YYID (0))
 
 
 /*------------------------------------------------.
 | Report that the YYRULE is going to be reduced.  |
 `------------------------------------------------*/
 
+#if (defined __STDC__ || defined __C99__FUNC__ \
+     || defined __cplusplus || defined _MSC_VER)
 static void
-yy_reduce_print (yytype_int16 *yyssp, YYSTYPE *yyvsp, int yyrule)
+yy_reduce_print (YYSTYPE *yyvsp, int yyrule)
+#else
+static void
+yy_reduce_print (yyvsp, yyrule)
+    YYSTYPE *yyvsp;
+    int yyrule;
+#endif
 {
-  unsigned long int yylno = yyrline[yyrule];
   int yynrhs = yyr2[yyrule];
   int yyi;
+  unsigned long int yylno = yyrline[yyrule];
   YYFPRINTF (stderr, "Reducing stack by rule %d (line %lu):\n",
-             yyrule - 1, yylno);
+	     yyrule - 1, yylno);
   /* The symbols being reduced.  */
   for (yyi = 0; yyi < yynrhs; yyi++)
     {
       YYFPRINTF (stderr, "   $%d = ", yyi + 1);
-      yy_symbol_print (stderr,
-                       yystos[yyssp[yyi + 1 - yynrhs]],
-                       &(yyvsp[(yyi + 1) - (yynrhs)])
-                                              );
+      yy_symbol_print (stderr, yyrhs[yyprhs[yyrule] + yyi],
+		       &(yyvsp[(yyi + 1) - (yynrhs)])
+		       		       );
       YYFPRINTF (stderr, "\n");
     }
 }
 
-# define YY_REDUCE_PRINT(Rule)          \
-do {                                    \
-  if (yydebug)                          \
-    yy_reduce_print (yyssp, yyvsp, Rule); \
-} while (0)
+# define YY_REDUCE_PRINT(Rule)		\
+do {					\
+  if (yydebug)				\
+    yy_reduce_print (yyvsp, Rule); \
+} while (YYID (0))
 
 /* Nonzero means print parse trace.  It is left uninitialized so that
    multiple parsers can coexist.  */
@@ -1582,7 +1769,7 @@ int yydebug;
 
 
 /* YYINITDEPTH -- initial size of the parser's stacks.  */
-#ifndef YYINITDEPTH
+#ifndef	YYINITDEPTH
 # define YYINITDEPTH 200
 #endif
 
@@ -1605,8 +1792,15 @@ int yydebug;
 #   define yystrlen strlen
 #  else
 /* Return the length of YYSTR.  */
+#if (defined __STDC__ || defined __C99__FUNC__ \
+     || defined __cplusplus || defined _MSC_VER)
 static YYSIZE_T
 yystrlen (const char *yystr)
+#else
+static YYSIZE_T
+yystrlen (yystr)
+    const char *yystr;
+#endif
 {
   YYSIZE_T yylen;
   for (yylen = 0; yystr[yylen]; yylen++)
@@ -1622,8 +1816,16 @@ yystrlen (const char *yystr)
 #  else
 /* Copy YYSRC to YYDEST, returning the address of the terminating '\0' in
    YYDEST.  */
+#if (defined __STDC__ || defined __C99__FUNC__ \
+     || defined __cplusplus || defined _MSC_VER)
 static char *
 yystpcpy (char *yydest, const char *yysrc)
+#else
+static char *
+yystpcpy (yydest, yysrc)
+    char *yydest;
+    const char *yysrc;
+#endif
 {
   char *yyd = yydest;
   const char *yys = yysrc;
@@ -1653,27 +1855,27 @@ yytnamerr (char *yyres, const char *yystr)
       char const *yyp = yystr;
 
       for (;;)
-        switch (*++yyp)
-          {
-          case '\'':
-          case ',':
-            goto do_not_strip_quotes;
-
-          case '\\':
-            if (*++yyp != '\\')
-              goto do_not_strip_quotes;
-            /* Fall through.  */
-          default:
-            if (yyres)
-              yyres[yyn] = *yyp;
-            yyn++;
-            break;
-
-          case '"':
-            if (yyres)
-              yyres[yyn] = '\0';
-            return yyn;
-          }
+	switch (*++yyp)
+	  {
+	  case '\'':
+	  case ',':
+	    goto do_not_strip_quotes;
+
+	  case '\\':
+	    if (*++yyp != '\\')
+	      goto do_not_strip_quotes;
+	    /* Fall through.  */
+	  default:
+	    if (yyres)
+	      yyres[yyn] = *yyp;
+	    yyn++;
+	    break;
+
+	  case '"':
+	    if (yyres)
+	      yyres[yyn] = '\0';
+	    return yyn;
+	  }
     do_not_strip_quotes: ;
     }
 
@@ -1696,11 +1898,11 @@ static int
 yysyntax_error (YYSIZE_T *yymsg_alloc, char **yymsg,
                 yytype_int16 *yyssp, int yytoken)
 {
-  YYSIZE_T yysize0 = yytnamerr (YY_NULLPTR, yytname[yytoken]);
+  YYSIZE_T yysize0 = yytnamerr (YY_NULL, yytname[yytoken]);
   YYSIZE_T yysize = yysize0;
   enum { YYERROR_VERBOSE_ARGS_MAXIMUM = 5 };
   /* Internationalized format string. */
-  const char *yyformat = YY_NULLPTR;
+  const char *yyformat = YY_NULL;
   /* Arguments of yyformat. */
   char const *yyarg[YYERROR_VERBOSE_ARGS_MAXIMUM];
   /* Number of reported tokens (one for the "unexpected", one per
@@ -1708,6 +1910,10 @@ yysyntax_error (YYSIZE_T *yymsg_alloc, char **yymsg,
   int yycount = 0;
 
   /* There are many possibilities here to consider:
+     - Assume YYFAIL is not used.  It's too flawed to consider.  See
+       <http://lists.gnu.org/archive/html/bison-patches/2009-12/msg00024.html>
+       for details.  YYERROR is fine as it does not invoke this
+       function.
      - If this state is a consistent state with a default action, then
        the only way this function was invoked is if the default action
        is an error action.  In that case, don't check for expected
@@ -1757,7 +1963,7 @@ yysyntax_error (YYSIZE_T *yymsg_alloc, char **yymsg,
                   }
                 yyarg[yycount++] = yytname[yyx];
                 {
-                  YYSIZE_T yysize1 = yysize + yytnamerr (YY_NULLPTR, yytname[yyx]);
+                  YYSIZE_T yysize1 = yysize + yytnamerr (YY_NULL, yytname[yyx]);
                   if (! (yysize <= yysize1
                          && yysize1 <= YYSTACK_ALLOC_MAXIMUM))
                     return 2;
@@ -1824,17 +2030,26 @@ yysyntax_error (YYSIZE_T *yymsg_alloc, char **yymsg,
 | Release the memory associated to this symbol.  |
 `-----------------------------------------------*/
 
+/*ARGSUSED*/
+#if (defined __STDC__ || defined __C99__FUNC__ \
+     || defined __cplusplus || defined _MSC_VER)
 static void
 yydestruct (const char *yymsg, int yytype, YYSTYPE *yyvaluep)
+#else
+static void
+yydestruct (yymsg, yytype, yyvaluep)
+    const char *yymsg;
+    int yytype;
+    YYSTYPE *yyvaluep;
+#endif
 {
   YYUSE (yyvaluep);
+
   if (!yymsg)
     yymsg = "Deleting";
   YY_SYMBOL_PRINT (yymsg, yytype, yyvaluep, yylocationp);
 
-  YY_IGNORE_MAYBE_UNINITIALIZED_BEGIN
   YYUSE (yytype);
-  YY_IGNORE_MAYBE_UNINITIALIZED_END
 }
 
 
@@ -1843,8 +2058,18 @@ yydestruct (const char *yymsg, int yytype, YYSTYPE *yyvaluep)
 /* The lookahead symbol.  */
 int yychar;
 
+
+#ifndef YY_IGNORE_MAYBE_UNINITIALIZED_BEGIN
+# define YY_IGNORE_MAYBE_UNINITIALIZED_BEGIN
+# define YY_IGNORE_MAYBE_UNINITIALIZED_END
+#endif
+#ifndef YY_INITIAL_VALUE
+# define YY_INITIAL_VALUE(Value) /* Nothing. */
+#endif
+
 /* The semantic value of the lookahead symbol.  */
-YYSTYPE yylval;
+YYSTYPE yylval YY_INITIAL_VALUE(yyval_default);
+
 /* Number of syntax errors so far.  */
 int yynerrs;
 
@@ -1853,16 +2078,35 @@ int yynerrs;
 | yyparse.  |
 `----------*/
 
+#ifdef YYPARSE_PARAM
+#if (defined __STDC__ || defined __C99__FUNC__ \
+     || defined __cplusplus || defined _MSC_VER)
+int
+yyparse (void *YYPARSE_PARAM)
+#else
+int
+yyparse (YYPARSE_PARAM)
+    void *YYPARSE_PARAM;
+#endif
+#else /* ! YYPARSE_PARAM */
+#if (defined __STDC__ || defined __C99__FUNC__ \
+     || defined __cplusplus || defined _MSC_VER)
 int
 yyparse (void)
+#else
+int
+yyparse ()
+
+#endif
+#endif
 {
     int yystate;
     /* Number of tokens to shift before error messages enabled.  */
     int yyerrstatus;
 
     /* The stacks and their tools:
-       'yyss': related to states.
-       'yyvs': related to semantic values.
+       `yyss': related to states.
+       `yyvs': related to semantic values.
 
        Refer to the stacks through separate pointers, to allow yyoverflow
        to reallocate them elsewhere.  */
@@ -1930,23 +2174,23 @@ yyparse (void)
 
 #ifdef yyoverflow
       {
-        /* Give user a chance to reallocate the stack.  Use copies of
-           these so that the &'s don't force the real ones into
-           memory.  */
-        YYSTYPE *yyvs1 = yyvs;
-        yytype_int16 *yyss1 = yyss;
-
-        /* Each stack pointer address is followed by the size of the
-           data in use in that stack, in bytes.  This used to be a
-           conditional around just the two extra args, but that might
-           be undefined if yyoverflow is a macro.  */
-        yyoverflow (YY_("memory exhausted"),
-                    &yyss1, yysize * sizeof (*yyssp),
-                    &yyvs1, yysize * sizeof (*yyvsp),
-                    &yystacksize);
-
-        yyss = yyss1;
-        yyvs = yyvs1;
+	/* Give user a chance to reallocate the stack.  Use copies of
+	   these so that the &'s don't force the real ones into
+	   memory.  */
+	YYSTYPE *yyvs1 = yyvs;
+	yytype_int16 *yyss1 = yyss;
+
+	/* Each stack pointer address is followed by the size of the
+	   data in use in that stack, in bytes.  This used to be a
+	   conditional around just the two extra args, but that might
+	   be undefined if yyoverflow is a macro.  */
+	yyoverflow (YY_("memory exhausted"),
+		    &yyss1, yysize * sizeof (*yyssp),
+		    &yyvs1, yysize * sizeof (*yyvsp),
+		    &yystacksize);
+
+	yyss = yyss1;
+	yyvs = yyvs1;
       }
 #else /* no yyoverflow */
 # ifndef YYSTACK_RELOCATE
@@ -1954,22 +2198,22 @@ yyparse (void)
 # else
       /* Extend the stack our own way.  */
       if (YYMAXDEPTH <= yystacksize)
-        goto yyexhaustedlab;
+	goto yyexhaustedlab;
       yystacksize *= 2;
       if (YYMAXDEPTH < yystacksize)
-        yystacksize = YYMAXDEPTH;
+	yystacksize = YYMAXDEPTH;
 
       {
-        yytype_int16 *yyss1 = yyss;
-        union yyalloc *yyptr =
-          (union yyalloc *) YYSTACK_ALLOC (YYSTACK_BYTES (yystacksize));
-        if (! yyptr)
-          goto yyexhaustedlab;
-        YYSTACK_RELOCATE (yyss_alloc, yyss);
-        YYSTACK_RELOCATE (yyvs_alloc, yyvs);
+	yytype_int16 *yyss1 = yyss;
+	union yyalloc *yyptr =
+	  (union yyalloc *) YYSTACK_ALLOC (YYSTACK_BYTES (yystacksize));
+	if (! yyptr)
+	  goto yyexhaustedlab;
+	YYSTACK_RELOCATE (yyss_alloc, yyss);
+	YYSTACK_RELOCATE (yyvs_alloc, yyvs);
 #  undef YYSTACK_RELOCATE
-        if (yyss1 != yyssa)
-          YYSTACK_FREE (yyss1);
+	if (yyss1 != yyssa)
+	  YYSTACK_FREE (yyss1);
       }
 # endif
 #endif /* no yyoverflow */
@@ -1978,10 +2222,10 @@ yyparse (void)
       yyvsp = yyvs + yysize - 1;
 
       YYDPRINTF ((stderr, "Stack size increased to %lu\n",
-                  (unsigned long int) yystacksize));
+		  (unsigned long int) yystacksize));
 
       if (yyss + yystacksize - 1 <= yyssp)
-        YYABORT;
+	YYABORT;
     }
 
   YYDPRINTF ((stderr, "Entering state %d\n", yystate));
@@ -2010,7 +2254,7 @@ yybackup:
   if (yychar == YYEMPTY)
     {
       YYDPRINTF ((stderr, "Reading a token: "));
-      yychar = yylex ();
+      yychar = YYLEX;
     }
 
   if (yychar <= YYEOF)
@@ -2075,7 +2319,7 @@ yyreduce:
   yylen = yyr2[yyn];
 
   /* If YYLEN is nonzero, implement the default value of the action:
-     '$$ = $1'.
+     `$$ = $1'.
 
      Otherwise, the following line sets YYVAL to garbage.
      This behavior is undocumented and Bison
@@ -2089,7 +2333,8 @@ yyreduce:
   switch (yyn)
     {
         case 5:
-#line 373 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+/* Line 1787 of yacc.c  */
+#line 376 "../../ntpd/ntp_parser.y"
     {
 			/* I will need to incorporate much more fine grained
 			 * error messages. The following should suffice for
@@ -2102,433 +2347,433 @@ yyreduce:
 				ip_ctx->errpos.nline,
 				ip_ctx->errpos.ncol);
 		}
-#line 2106 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
   case 20:
-#line 409 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+/* Line 1787 of yacc.c  */
+#line 412 "../../ntpd/ntp_parser.y"
     {
 			peer_node *my_node;
 
-			my_node = create_peer_node((yyvsp[-2].Integer), (yyvsp[-1].Address_node), (yyvsp[0].Attr_val_fifo));
+			my_node = create_peer_node((yyvsp[(1) - (3)].Integer), (yyvsp[(2) - (3)].Address_node), (yyvsp[(3) - (3)].Attr_val_fifo));
 			APPEND_G_FIFO(cfgt.peers, my_node);
 		}
-#line 2117 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
   case 27:
-#line 428 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
-    { (yyval.Address_node) = create_address_node((yyvsp[0].String), (yyvsp[-1].Integer)); }
-#line 2123 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
+/* Line 1787 of yacc.c  */
+#line 431 "../../ntpd/ntp_parser.y"
+    { (yyval.Address_node) = create_address_node((yyvsp[(2) - (2)].String), (yyvsp[(1) - (2)].Integer)); }
     break;
 
   case 28:
-#line 433 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
-    { (yyval.Address_node) = create_address_node((yyvsp[0].String), AF_UNSPEC); }
-#line 2129 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
+/* Line 1787 of yacc.c  */
+#line 436 "../../ntpd/ntp_parser.y"
+    { (yyval.Address_node) = create_address_node((yyvsp[(1) - (1)].String), AF_UNSPEC); }
     break;
 
   case 29:
-#line 438 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+/* Line 1787 of yacc.c  */
+#line 441 "../../ntpd/ntp_parser.y"
     { (yyval.Integer) = AF_INET; }
-#line 2135 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
   case 30:
-#line 440 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+/* Line 1787 of yacc.c  */
+#line 443 "../../ntpd/ntp_parser.y"
     { (yyval.Integer) = AF_INET6; }
-#line 2141 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
   case 31:
-#line 445 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+/* Line 1787 of yacc.c  */
+#line 448 "../../ntpd/ntp_parser.y"
     { (yyval.Attr_val_fifo) = NULL; }
-#line 2147 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
   case 32:
-#line 447 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+/* Line 1787 of yacc.c  */
+#line 450 "../../ntpd/ntp_parser.y"
     {
-			(yyval.Attr_val_fifo) = (yyvsp[-1].Attr_val_fifo);
-			APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[0].Attr_val));
+			(yyval.Attr_val_fifo) = (yyvsp[(1) - (2)].Attr_val_fifo);
+			APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[(2) - (2)].Attr_val));
 		}
-#line 2156 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
   case 36:
-#line 461 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
-    { (yyval.Attr_val) = create_attr_ival(T_Flag, (yyvsp[0].Integer)); }
-#line 2162 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
+/* Line 1787 of yacc.c  */
+#line 464 "../../ntpd/ntp_parser.y"
+    { (yyval.Attr_val) = create_attr_ival(T_Flag, (yyvsp[(1) - (1)].Integer)); }
     break;
 
   case 45:
-#line 477 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
-    { (yyval.Attr_val) = create_attr_ival((yyvsp[-1].Integer), (yyvsp[0].Integer)); }
-#line 2168 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
+/* Line 1787 of yacc.c  */
+#line 480 "../../ntpd/ntp_parser.y"
+    { (yyval.Attr_val) = create_attr_ival((yyvsp[(1) - (2)].Integer), (yyvsp[(2) - (2)].Integer)); }
     break;
 
   case 46:
-#line 479 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
-    { (yyval.Attr_val) = create_attr_uval((yyvsp[-1].Integer), (yyvsp[0].Integer)); }
-#line 2174 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
+/* Line 1787 of yacc.c  */
+#line 482 "../../ntpd/ntp_parser.y"
+    { (yyval.Attr_val) = create_attr_uval((yyvsp[(1) - (2)].Integer), (yyvsp[(2) - (2)].Integer)); }
     break;
 
   case 53:
-#line 493 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
-    { (yyval.Attr_val) = create_attr_sval((yyvsp[-1].Integer), (yyvsp[0].String)); }
-#line 2180 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
+/* Line 1787 of yacc.c  */
+#line 496 "../../ntpd/ntp_parser.y"
+    { (yyval.Attr_val) = create_attr_sval((yyvsp[(1) - (2)].Integer), (yyvsp[(2) - (2)].String)); }
     break;
 
   case 55:
-#line 507 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+/* Line 1787 of yacc.c  */
+#line 510 "../../ntpd/ntp_parser.y"
     {
 			unpeer_node *my_node;
 
-			my_node = create_unpeer_node((yyvsp[0].Address_node));
+			my_node = create_unpeer_node((yyvsp[(2) - (2)].Address_node));
 			if (my_node)
 				APPEND_G_FIFO(cfgt.unpeers, my_node);
 		}
-#line 2192 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
   case 58:
-#line 528 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+/* Line 1787 of yacc.c  */
+#line 531 "../../ntpd/ntp_parser.y"
     { cfgt.broadcastclient = 1; }
-#line 2198 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
   case 59:
-#line 530 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
-    { CONCAT_G_FIFOS(cfgt.manycastserver, (yyvsp[0].Address_fifo)); }
-#line 2204 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
+/* Line 1787 of yacc.c  */
+#line 533 "../../ntpd/ntp_parser.y"
+    { CONCAT_G_FIFOS(cfgt.manycastserver, (yyvsp[(2) - (2)].Address_fifo)); }
     break;
 
   case 60:
-#line 532 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
-    { CONCAT_G_FIFOS(cfgt.multicastclient, (yyvsp[0].Address_fifo)); }
-#line 2210 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
+/* Line 1787 of yacc.c  */
+#line 535 "../../ntpd/ntp_parser.y"
+    { CONCAT_G_FIFOS(cfgt.multicastclient, (yyvsp[(2) - (2)].Address_fifo)); }
     break;
 
   case 61:
-#line 534 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
-    { cfgt.mdnstries = (yyvsp[0].Integer); }
-#line 2216 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
+/* Line 1787 of yacc.c  */
+#line 537 "../../ntpd/ntp_parser.y"
+    { cfgt.mdnstries = (yyvsp[(2) - (2)].Integer); }
     break;
 
   case 62:
-#line 545 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+/* Line 1787 of yacc.c  */
+#line 548 "../../ntpd/ntp_parser.y"
     {
 			attr_val *atrv;
 
-			atrv = create_attr_ival((yyvsp[-1].Integer), (yyvsp[0].Integer));
+			atrv = create_attr_ival((yyvsp[(1) - (2)].Integer), (yyvsp[(2) - (2)].Integer));
 			APPEND_G_FIFO(cfgt.vars, atrv);
 		}
-#line 2227 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
   case 63:
-#line 552 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
-    { cfgt.auth.control_key = (yyvsp[0].Integer); }
-#line 2233 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
+/* Line 1787 of yacc.c  */
+#line 555 "../../ntpd/ntp_parser.y"
+    { cfgt.auth.control_key = (yyvsp[(2) - (2)].Integer); }
     break;
 
   case 64:
-#line 554 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+/* Line 1787 of yacc.c  */
+#line 557 "../../ntpd/ntp_parser.y"
     {
 			cfgt.auth.cryptosw++;
-			CONCAT_G_FIFOS(cfgt.auth.crypto_cmd_list, (yyvsp[0].Attr_val_fifo));
+			CONCAT_G_FIFOS(cfgt.auth.crypto_cmd_list, (yyvsp[(2) - (2)].Attr_val_fifo));
 		}
-#line 2242 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
   case 65:
-#line 559 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
-    { cfgt.auth.keys = (yyvsp[0].String); }
-#line 2248 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
+/* Line 1787 of yacc.c  */
+#line 562 "../../ntpd/ntp_parser.y"
+    { cfgt.auth.keys = (yyvsp[(2) - (2)].String); }
     break;
 
   case 66:
-#line 561 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
-    { cfgt.auth.keysdir = (yyvsp[0].String); }
-#line 2254 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
+/* Line 1787 of yacc.c  */
+#line 564 "../../ntpd/ntp_parser.y"
+    { cfgt.auth.keysdir = (yyvsp[(2) - (2)].String); }
     break;
 
   case 67:
-#line 563 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
-    { cfgt.auth.request_key = (yyvsp[0].Integer); }
-#line 2260 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
+/* Line 1787 of yacc.c  */
+#line 566 "../../ntpd/ntp_parser.y"
+    { cfgt.auth.request_key = (yyvsp[(2) - (2)].Integer); }
     break;
 
   case 68:
-#line 565 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
-    { cfgt.auth.revoke = (yyvsp[0].Integer); }
-#line 2266 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
+/* Line 1787 of yacc.c  */
+#line 568 "../../ntpd/ntp_parser.y"
+    { cfgt.auth.revoke = (yyvsp[(2) - (2)].Integer); }
     break;
 
   case 69:
-#line 567 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+/* Line 1787 of yacc.c  */
+#line 570 "../../ntpd/ntp_parser.y"
     {
-			cfgt.auth.trusted_key_list = (yyvsp[0].Attr_val_fifo);
+			cfgt.auth.trusted_key_list = (yyvsp[(2) - (2)].Attr_val_fifo);
 
 			// if (!cfgt.auth.trusted_key_list)
 			// 	cfgt.auth.trusted_key_list = $2;
 			// else
 			// 	LINK_SLIST(cfgt.auth.trusted_key_list, $2, link);
 		}
-#line 2279 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
   case 70:
-#line 576 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
-    { cfgt.auth.ntp_signd_socket = (yyvsp[0].String); }
-#line 2285 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
+/* Line 1787 of yacc.c  */
+#line 579 "../../ntpd/ntp_parser.y"
+    { cfgt.auth.ntp_signd_socket = (yyvsp[(2) - (2)].String); }
     break;
 
   case 71:
-#line 581 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+/* Line 1787 of yacc.c  */
+#line 584 "../../ntpd/ntp_parser.y"
     { (yyval.Attr_val_fifo) = NULL; }
-#line 2291 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
   case 72:
-#line 583 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+/* Line 1787 of yacc.c  */
+#line 586 "../../ntpd/ntp_parser.y"
     {
-			(yyval.Attr_val_fifo) = (yyvsp[-1].Attr_val_fifo);
-			APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[0].Attr_val));
+			(yyval.Attr_val_fifo) = (yyvsp[(1) - (2)].Attr_val_fifo);
+			APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[(2) - (2)].Attr_val));
 		}
-#line 2300 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
   case 73:
-#line 591 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
-    { (yyval.Attr_val) = create_attr_sval((yyvsp[-1].Integer), (yyvsp[0].String)); }
-#line 2306 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
+/* Line 1787 of yacc.c  */
+#line 594 "../../ntpd/ntp_parser.y"
+    { (yyval.Attr_val) = create_attr_sval((yyvsp[(1) - (2)].Integer), (yyvsp[(2) - (2)].String)); }
     break;
 
   case 74:
-#line 593 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+/* Line 1787 of yacc.c  */
+#line 596 "../../ntpd/ntp_parser.y"
     {
 			(yyval.Attr_val) = NULL;
-			cfgt.auth.revoke = (yyvsp[0].Integer);
+			cfgt.auth.revoke = (yyvsp[(2) - (2)].Integer);
 			msyslog(LOG_WARNING,
 				"'crypto revoke %d' is deprecated, "
 				"please use 'revoke %d' instead.",
 				cfgt.auth.revoke, cfgt.auth.revoke);
 		}
-#line 2319 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
   case 80:
-#line 618 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
-    { CONCAT_G_FIFOS(cfgt.orphan_cmds, (yyvsp[0].Attr_val_fifo)); }
-#line 2325 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
+/* Line 1787 of yacc.c  */
+#line 621 "../../ntpd/ntp_parser.y"
+    { CONCAT_G_FIFOS(cfgt.orphan_cmds, (yyvsp[(2) - (2)].Attr_val_fifo)); }
     break;
 
   case 81:
-#line 623 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+/* Line 1787 of yacc.c  */
+#line 626 "../../ntpd/ntp_parser.y"
     {
-			(yyval.Attr_val_fifo) = (yyvsp[-1].Attr_val_fifo);
-			APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[0].Attr_val));
+			(yyval.Attr_val_fifo) = (yyvsp[(1) - (2)].Attr_val_fifo);
+			APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[(2) - (2)].Attr_val));
 		}
-#line 2334 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
   case 82:
-#line 628 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+/* Line 1787 of yacc.c  */
+#line 631 "../../ntpd/ntp_parser.y"
     {
 			(yyval.Attr_val_fifo) = NULL;
-			APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[0].Attr_val));
+			APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[(1) - (1)].Attr_val));
 		}
-#line 2343 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
   case 83:
-#line 636 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
-    { (yyval.Attr_val) = create_attr_dval((yyvsp[-1].Integer), (double)(yyvsp[0].Integer)); }
-#line 2349 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
+/* Line 1787 of yacc.c  */
+#line 639 "../../ntpd/ntp_parser.y"
+    { (yyval.Attr_val) = create_attr_dval((yyvsp[(1) - (2)].Integer), (double)(yyvsp[(2) - (2)].Integer)); }
     break;
 
   case 84:
-#line 638 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
-    { (yyval.Attr_val) = create_attr_dval((yyvsp[-1].Integer), (yyvsp[0].Double)); }
-#line 2355 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
+/* Line 1787 of yacc.c  */
+#line 641 "../../ntpd/ntp_parser.y"
+    { (yyval.Attr_val) = create_attr_dval((yyvsp[(1) - (2)].Integer), (yyvsp[(2) - (2)].Double)); }
     break;
 
   case 85:
-#line 640 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
-    { (yyval.Attr_val) = create_attr_dval((yyvsp[-1].Integer), (double)(yyvsp[0].Integer)); }
-#line 2361 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
+/* Line 1787 of yacc.c  */
+#line 643 "../../ntpd/ntp_parser.y"
+    { (yyval.Attr_val) = create_attr_dval((yyvsp[(1) - (2)].Integer), (double)(yyvsp[(2) - (2)].Integer)); }
     break;
 
   case 96:
-#line 666 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
-    { CONCAT_G_FIFOS(cfgt.stats_list, (yyvsp[0].Int_fifo)); }
-#line 2367 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
+/* Line 1787 of yacc.c  */
+#line 669 "../../ntpd/ntp_parser.y"
+    { CONCAT_G_FIFOS(cfgt.stats_list, (yyvsp[(2) - (2)].Int_fifo)); }
     break;
 
   case 97:
-#line 668 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+/* Line 1787 of yacc.c  */
+#line 671 "../../ntpd/ntp_parser.y"
     {
 			if (lex_from_file()) {
-				cfgt.stats_dir = (yyvsp[0].String);
+				cfgt.stats_dir = (yyvsp[(2) - (2)].String);
 			} else {
-				YYFREE((yyvsp[0].String));
+				YYFREE((yyvsp[(2) - (2)].String));
 				yyerror("statsdir remote configuration ignored");
 			}
 		}
-#line 2380 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
   case 98:
-#line 677 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+/* Line 1787 of yacc.c  */
+#line 680 "../../ntpd/ntp_parser.y"
     {
 			filegen_node *fgn;
 
-			fgn = create_filegen_node((yyvsp[-1].Integer), (yyvsp[0].Attr_val_fifo));
+			fgn = create_filegen_node((yyvsp[(2) - (3)].Integer), (yyvsp[(3) - (3)].Attr_val_fifo));
 			APPEND_G_FIFO(cfgt.filegen_opts, fgn);
 		}
-#line 2391 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
   case 99:
-#line 687 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+/* Line 1787 of yacc.c  */
+#line 690 "../../ntpd/ntp_parser.y"
     {
-			(yyval.Int_fifo) = (yyvsp[-1].Int_fifo);
-			APPEND_G_FIFO((yyval.Int_fifo), create_int_node((yyvsp[0].Integer)));
+			(yyval.Int_fifo) = (yyvsp[(1) - (2)].Int_fifo);
+			APPEND_G_FIFO((yyval.Int_fifo), create_int_node((yyvsp[(2) - (2)].Integer)));
 		}
-#line 2400 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
   case 100:
-#line 692 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+/* Line 1787 of yacc.c  */
+#line 695 "../../ntpd/ntp_parser.y"
     {
 			(yyval.Int_fifo) = NULL;
-			APPEND_G_FIFO((yyval.Int_fifo), create_int_node((yyvsp[0].Integer)));
+			APPEND_G_FIFO((yyval.Int_fifo), create_int_node((yyvsp[(1) - (1)].Integer)));
 		}
-#line 2409 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
   case 109:
-#line 711 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+/* Line 1787 of yacc.c  */
+#line 714 "../../ntpd/ntp_parser.y"
     { (yyval.Attr_val_fifo) = NULL; }
-#line 2415 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
   case 110:
-#line 713 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+/* Line 1787 of yacc.c  */
+#line 716 "../../ntpd/ntp_parser.y"
     {
-			(yyval.Attr_val_fifo) = (yyvsp[-1].Attr_val_fifo);
-			APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[0].Attr_val));
+			(yyval.Attr_val_fifo) = (yyvsp[(1) - (2)].Attr_val_fifo);
+			APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[(2) - (2)].Attr_val));
 		}
-#line 2424 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
   case 111:
-#line 721 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+/* Line 1787 of yacc.c  */
+#line 724 "../../ntpd/ntp_parser.y"
     {
 			if (lex_from_file()) {
-				(yyval.Attr_val) = create_attr_sval((yyvsp[-1].Integer), (yyvsp[0].String));
+				(yyval.Attr_val) = create_attr_sval((yyvsp[(1) - (2)].Integer), (yyvsp[(2) - (2)].String));
 			} else {
 				(yyval.Attr_val) = NULL;
-				YYFREE((yyvsp[0].String));
+				YYFREE((yyvsp[(2) - (2)].String));
 				yyerror("filegen file remote config ignored");
 			}
 		}
-#line 2438 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
   case 112:
-#line 731 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+/* Line 1787 of yacc.c  */
+#line 734 "../../ntpd/ntp_parser.y"
     {
 			if (lex_from_file()) {
-				(yyval.Attr_val) = create_attr_ival((yyvsp[-1].Integer), (yyvsp[0].Integer));
+				(yyval.Attr_val) = create_attr_ival((yyvsp[(1) - (2)].Integer), (yyvsp[(2) - (2)].Integer));
 			} else {
 				(yyval.Attr_val) = NULL;
 				yyerror("filegen type remote config ignored");
 			}
 		}
-#line 2451 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
   case 113:
-#line 740 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+/* Line 1787 of yacc.c  */
+#line 743 "../../ntpd/ntp_parser.y"
     {
 			const char *err;
 
 			if (lex_from_file()) {
-				(yyval.Attr_val) = create_attr_ival(T_Flag, (yyvsp[0].Integer));
+				(yyval.Attr_val) = create_attr_ival(T_Flag, (yyvsp[(1) - (1)].Integer));
 			} else {
 				(yyval.Attr_val) = NULL;
-				if (T_Link == (yyvsp[0].Integer))
+				if (T_Link == (yyvsp[(1) - (1)].Integer))
 					err = "filegen link remote config ignored";
 				else
 					err = "filegen nolink remote config ignored";
 				yyerror(err);
 			}
 		}
-#line 2470 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
   case 114:
-#line 755 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
-    { (yyval.Attr_val) = create_attr_ival(T_Flag, (yyvsp[0].Integer)); }
-#line 2476 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
+/* Line 1787 of yacc.c  */
+#line 758 "../../ntpd/ntp_parser.y"
+    { (yyval.Attr_val) = create_attr_ival(T_Flag, (yyvsp[(1) - (1)].Integer)); }
     break;
 
   case 126:
-#line 785 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+/* Line 1787 of yacc.c  */
+#line 788 "../../ntpd/ntp_parser.y"
     {
-			CONCAT_G_FIFOS(cfgt.discard_opts, (yyvsp[0].Attr_val_fifo));
+			CONCAT_G_FIFOS(cfgt.discard_opts, (yyvsp[(2) - (2)].Attr_val_fifo));
 		}
-#line 2484 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
   case 127:
-#line 789 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+/* Line 1787 of yacc.c  */
+#line 792 "../../ntpd/ntp_parser.y"
     {
-			CONCAT_G_FIFOS(cfgt.mru_opts, (yyvsp[0].Attr_val_fifo));
+			CONCAT_G_FIFOS(cfgt.mru_opts, (yyvsp[(2) - (2)].Attr_val_fifo));
 		}
-#line 2492 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
   case 128:
-#line 793 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+/* Line 1787 of yacc.c  */
+#line 796 "../../ntpd/ntp_parser.y"
     {
 			restrict_node *rn;
 
-			rn = create_restrict_node((yyvsp[-1].Address_node), NULL, (yyvsp[0].Int_fifo),
+			rn = create_restrict_node((yyvsp[(2) - (3)].Address_node), NULL, (yyvsp[(3) - (3)].Int_fifo),
 						  lex_current()->curpos.nline);
 			APPEND_G_FIFO(cfgt.restrict_opts, rn);
 		}
-#line 2504 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
   case 129:
-#line 801 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+/* Line 1787 of yacc.c  */
+#line 804 "../../ntpd/ntp_parser.y"
     {
 			restrict_node *rn;
 
-			rn = create_restrict_node((yyvsp[-3].Address_node), (yyvsp[-1].Address_node), (yyvsp[0].Int_fifo),
+			rn = create_restrict_node((yyvsp[(2) - (5)].Address_node), (yyvsp[(4) - (5)].Address_node), (yyvsp[(5) - (5)].Int_fifo),
 						  lex_current()->curpos.nline);
 			APPEND_G_FIFO(cfgt.restrict_opts, rn);
 		}
-#line 2516 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
   case 130:
-#line 809 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+/* Line 1787 of yacc.c  */
+#line 812 "../../ntpd/ntp_parser.y"
     {
 			restrict_node *rn;
 
-			rn = create_restrict_node(NULL, NULL, (yyvsp[0].Int_fifo),
+			rn = create_restrict_node(NULL, NULL, (yyvsp[(3) - (3)].Int_fifo),
 						  lex_current()->curpos.nline);
 			APPEND_G_FIFO(cfgt.restrict_opts, rn);
 		}
-#line 2528 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
   case 131:
-#line 817 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+/* Line 1787 of yacc.c  */
+#line 820 "../../ntpd/ntp_parser.y"
     {
 			restrict_node *rn;
 
@@ -2539,15 +2784,15 @@ yyreduce:
 				create_address_node(
 					estrdup("0.0.0.0"),
 					AF_INET),
-				(yyvsp[0].Int_fifo),
+				(yyvsp[(4) - (4)].Int_fifo),
 				lex_current()->curpos.nline);
 			APPEND_G_FIFO(cfgt.restrict_opts, rn);
 		}
-#line 2547 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
   case 132:
-#line 832 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+/* Line 1787 of yacc.c  */
+#line 835 "../../ntpd/ntp_parser.y"
     {
 			restrict_node *rn;
 
@@ -2558,327 +2803,327 @@ yyreduce:
 				create_address_node(
 					estrdup("::"),
 					AF_INET6),
-				(yyvsp[0].Int_fifo),
+				(yyvsp[(4) - (4)].Int_fifo),
 				lex_current()->curpos.nline);
 			APPEND_G_FIFO(cfgt.restrict_opts, rn);
 		}
-#line 2566 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
   case 133:
-#line 847 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+/* Line 1787 of yacc.c  */
+#line 850 "../../ntpd/ntp_parser.y"
     {
 			restrict_node *	rn;
 
-			APPEND_G_FIFO((yyvsp[0].Int_fifo), create_int_node((yyvsp[-1].Integer)));
+			APPEND_G_FIFO((yyvsp[(3) - (3)].Int_fifo), create_int_node((yyvsp[(2) - (3)].Integer)));
 			rn = create_restrict_node(
-				NULL, NULL, (yyvsp[0].Int_fifo), lex_current()->curpos.nline);
+				NULL, NULL, (yyvsp[(3) - (3)].Int_fifo), lex_current()->curpos.nline);
 			APPEND_G_FIFO(cfgt.restrict_opts, rn);
 		}
-#line 2579 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
   case 134:
-#line 859 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+/* Line 1787 of yacc.c  */
+#line 862 "../../ntpd/ntp_parser.y"
     { (yyval.Int_fifo) = NULL; }
-#line 2585 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
   case 135:
-#line 861 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+/* Line 1787 of yacc.c  */
+#line 864 "../../ntpd/ntp_parser.y"
     {
-			(yyval.Int_fifo) = (yyvsp[-1].Int_fifo);
-			APPEND_G_FIFO((yyval.Int_fifo), create_int_node((yyvsp[0].Integer)));
+			(yyval.Int_fifo) = (yyvsp[(1) - (2)].Int_fifo);
+			APPEND_G_FIFO((yyval.Int_fifo), create_int_node((yyvsp[(2) - (2)].Integer)));
 		}
-#line 2594 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
   case 151:
-#line 887 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+/* Line 1787 of yacc.c  */
+#line 890 "../../ntpd/ntp_parser.y"
     {
-			(yyval.Attr_val_fifo) = (yyvsp[-1].Attr_val_fifo);
-			APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[0].Attr_val));
+			(yyval.Attr_val_fifo) = (yyvsp[(1) - (2)].Attr_val_fifo);
+			APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[(2) - (2)].Attr_val));
 		}
-#line 2603 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
   case 152:
-#line 892 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+/* Line 1787 of yacc.c  */
+#line 895 "../../ntpd/ntp_parser.y"
     {
 			(yyval.Attr_val_fifo) = NULL;
-			APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[0].Attr_val));
+			APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[(1) - (1)].Attr_val));
 		}
-#line 2612 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
   case 153:
-#line 900 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
-    { (yyval.Attr_val) = create_attr_ival((yyvsp[-1].Integer), (yyvsp[0].Integer)); }
-#line 2618 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
+/* Line 1787 of yacc.c  */
+#line 903 "../../ntpd/ntp_parser.y"
+    { (yyval.Attr_val) = create_attr_ival((yyvsp[(1) - (2)].Integer), (yyvsp[(2) - (2)].Integer)); }
     break;
 
   case 157:
-#line 911 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+/* Line 1787 of yacc.c  */
+#line 914 "../../ntpd/ntp_parser.y"
     {
-			(yyval.Attr_val_fifo) = (yyvsp[-1].Attr_val_fifo);
-			APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[0].Attr_val));
+			(yyval.Attr_val_fifo) = (yyvsp[(1) - (2)].Attr_val_fifo);
+			APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[(2) - (2)].Attr_val));
 		}
-#line 2627 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
   case 158:
-#line 916 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+/* Line 1787 of yacc.c  */
+#line 919 "../../ntpd/ntp_parser.y"
     {
 			(yyval.Attr_val_fifo) = NULL;
-			APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[0].Attr_val));
+			APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[(1) - (1)].Attr_val));
 		}
-#line 2636 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
   case 159:
-#line 924 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
-    { (yyval.Attr_val) = create_attr_ival((yyvsp[-1].Integer), (yyvsp[0].Integer)); }
-#line 2642 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
+/* Line 1787 of yacc.c  */
+#line 927 "../../ntpd/ntp_parser.y"
+    { (yyval.Attr_val) = create_attr_ival((yyvsp[(1) - (2)].Integer), (yyvsp[(2) - (2)].Integer)); }
     break;
 
   case 168:
-#line 944 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+/* Line 1787 of yacc.c  */
+#line 947 "../../ntpd/ntp_parser.y"
     {
 			addr_opts_node *aon;
 
-			aon = create_addr_opts_node((yyvsp[-1].Address_node), (yyvsp[0].Attr_val_fifo));
+			aon = create_addr_opts_node((yyvsp[(2) - (3)].Address_node), (yyvsp[(3) - (3)].Attr_val_fifo));
 			APPEND_G_FIFO(cfgt.fudge, aon);
 		}
-#line 2653 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
   case 169:
-#line 954 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+/* Line 1787 of yacc.c  */
+#line 957 "../../ntpd/ntp_parser.y"
     {
-			(yyval.Attr_val_fifo) = (yyvsp[-1].Attr_val_fifo);
-			APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[0].Attr_val));
+			(yyval.Attr_val_fifo) = (yyvsp[(1) - (2)].Attr_val_fifo);
+			APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[(2) - (2)].Attr_val));
 		}
-#line 2662 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
   case 170:
-#line 959 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+/* Line 1787 of yacc.c  */
+#line 962 "../../ntpd/ntp_parser.y"
     {
 			(yyval.Attr_val_fifo) = NULL;
-			APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[0].Attr_val));
+			APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[(1) - (1)].Attr_val));
 		}
-#line 2671 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
   case 171:
-#line 967 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
-    { (yyval.Attr_val) = create_attr_dval((yyvsp[-1].Integer), (yyvsp[0].Double)); }
-#line 2677 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
+/* Line 1787 of yacc.c  */
+#line 970 "../../ntpd/ntp_parser.y"
+    { (yyval.Attr_val) = create_attr_dval((yyvsp[(1) - (2)].Integer), (yyvsp[(2) - (2)].Double)); }
     break;
 
   case 172:
-#line 969 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
-    { (yyval.Attr_val) = create_attr_ival((yyvsp[-1].Integer), (yyvsp[0].Integer)); }
-#line 2683 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
+/* Line 1787 of yacc.c  */
+#line 972 "../../ntpd/ntp_parser.y"
+    { (yyval.Attr_val) = create_attr_ival((yyvsp[(1) - (2)].Integer), (yyvsp[(2) - (2)].Integer)); }
     break;
 
   case 173:
-#line 971 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+/* Line 1787 of yacc.c  */
+#line 974 "../../ntpd/ntp_parser.y"
     {
-			if ((yyvsp[0].Integer) >= 0 && (yyvsp[0].Integer) <= 16) {
-				(yyval.Attr_val) = create_attr_ival((yyvsp[-1].Integer), (yyvsp[0].Integer));
+			if ((yyvsp[(2) - (2)].Integer) >= 0 && (yyvsp[(2) - (2)].Integer) <= 16) {
+				(yyval.Attr_val) = create_attr_ival((yyvsp[(1) - (2)].Integer), (yyvsp[(2) - (2)].Integer));
 			} else {
 				(yyval.Attr_val) = NULL;
 				yyerror("fudge factor: stratum value not in [0..16], ignored");
 			}
 		}
-#line 2696 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
   case 174:
-#line 980 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
-    { (yyval.Attr_val) = create_attr_sval((yyvsp[-1].Integer), (yyvsp[0].String)); }
-#line 2702 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
+/* Line 1787 of yacc.c  */
+#line 983 "../../ntpd/ntp_parser.y"
+    { (yyval.Attr_val) = create_attr_sval((yyvsp[(1) - (2)].Integer), (yyvsp[(2) - (2)].String)); }
     break;
 
   case 175:
-#line 982 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
-    { (yyval.Attr_val) = create_attr_sval((yyvsp[-1].Integer), (yyvsp[0].String)); }
-#line 2708 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
+/* Line 1787 of yacc.c  */
+#line 985 "../../ntpd/ntp_parser.y"
+    { (yyval.Attr_val) = create_attr_sval((yyvsp[(1) - (2)].Integer), (yyvsp[(2) - (2)].String)); }
     break;
 
   case 182:
-#line 1003 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
-    { CONCAT_G_FIFOS(cfgt.rlimit, (yyvsp[0].Attr_val_fifo)); }
-#line 2714 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
+/* Line 1787 of yacc.c  */
+#line 1006 "../../ntpd/ntp_parser.y"
+    { CONCAT_G_FIFOS(cfgt.rlimit, (yyvsp[(2) - (2)].Attr_val_fifo)); }
     break;
 
   case 183:
-#line 1008 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+/* Line 1787 of yacc.c  */
+#line 1011 "../../ntpd/ntp_parser.y"
     {
-			(yyval.Attr_val_fifo) = (yyvsp[-1].Attr_val_fifo);
-			APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[0].Attr_val));
+			(yyval.Attr_val_fifo) = (yyvsp[(1) - (2)].Attr_val_fifo);
+			APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[(2) - (2)].Attr_val));
 		}
-#line 2723 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
   case 184:
-#line 1013 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+/* Line 1787 of yacc.c  */
+#line 1016 "../../ntpd/ntp_parser.y"
     {
 			(yyval.Attr_val_fifo) = NULL;
-			APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[0].Attr_val));
+			APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[(1) - (1)].Attr_val));
 		}
-#line 2732 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
   case 185:
-#line 1021 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
-    { (yyval.Attr_val) = create_attr_ival((yyvsp[-1].Integer), (yyvsp[0].Integer)); }
-#line 2738 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
+/* Line 1787 of yacc.c  */
+#line 1024 "../../ntpd/ntp_parser.y"
+    { (yyval.Attr_val) = create_attr_ival((yyvsp[(1) - (2)].Integer), (yyvsp[(2) - (2)].Integer)); }
     break;
 
   case 189:
-#line 1037 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
-    { CONCAT_G_FIFOS(cfgt.enable_opts, (yyvsp[0].Attr_val_fifo)); }
-#line 2744 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
+/* Line 1787 of yacc.c  */
+#line 1040 "../../ntpd/ntp_parser.y"
+    { CONCAT_G_FIFOS(cfgt.enable_opts, (yyvsp[(2) - (2)].Attr_val_fifo)); }
     break;
 
   case 190:
-#line 1039 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
-    { CONCAT_G_FIFOS(cfgt.disable_opts, (yyvsp[0].Attr_val_fifo)); }
-#line 2750 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
+/* Line 1787 of yacc.c  */
+#line 1042 "../../ntpd/ntp_parser.y"
+    { CONCAT_G_FIFOS(cfgt.disable_opts, (yyvsp[(2) - (2)].Attr_val_fifo)); }
     break;
 
   case 191:
-#line 1044 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+/* Line 1787 of yacc.c  */
+#line 1047 "../../ntpd/ntp_parser.y"
     {
-			(yyval.Attr_val_fifo) = (yyvsp[-1].Attr_val_fifo);
-			APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[0].Attr_val));
+			(yyval.Attr_val_fifo) = (yyvsp[(1) - (2)].Attr_val_fifo);
+			APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[(2) - (2)].Attr_val));
 		}
-#line 2759 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
   case 192:
-#line 1049 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+/* Line 1787 of yacc.c  */
+#line 1052 "../../ntpd/ntp_parser.y"
     {
 			(yyval.Attr_val_fifo) = NULL;
-			APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[0].Attr_val));
+			APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[(1) - (1)].Attr_val));
 		}
-#line 2768 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
   case 193:
-#line 1057 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
-    { (yyval.Attr_val) = create_attr_ival(T_Flag, (yyvsp[0].Integer)); }
-#line 2774 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
+/* Line 1787 of yacc.c  */
+#line 1060 "../../ntpd/ntp_parser.y"
+    { (yyval.Attr_val) = create_attr_ival(T_Flag, (yyvsp[(1) - (1)].Integer)); }
     break;
 
   case 194:
-#line 1059 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+/* Line 1787 of yacc.c  */
+#line 1062 "../../ntpd/ntp_parser.y"
     {
 			if (lex_from_file()) {
-				(yyval.Attr_val) = create_attr_ival(T_Flag, (yyvsp[0].Integer));
+				(yyval.Attr_val) = create_attr_ival(T_Flag, (yyvsp[(1) - (1)].Integer));
 			} else {
 				char err_str[128];
 
 				(yyval.Attr_val) = NULL;
 				snprintf(err_str, sizeof(err_str),
 					 "enable/disable %s remote configuration ignored",
-					 keyword((yyvsp[0].Integer)));
+					 keyword((yyvsp[(1) - (1)].Integer)));
 				yyerror(err_str);
 			}
 		}
-#line 2792 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
-  case 203:
-#line 1094 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
-    { CONCAT_G_FIFOS(cfgt.tinker, (yyvsp[0].Attr_val_fifo)); }
-#line 2798 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
+  case 206:
+/* Line 1787 of yacc.c  */
+#line 1100 "../../ntpd/ntp_parser.y"
+    { CONCAT_G_FIFOS(cfgt.tinker, (yyvsp[(2) - (2)].Attr_val_fifo)); }
     break;
 
-  case 204:
-#line 1099 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+  case 207:
+/* Line 1787 of yacc.c  */
+#line 1105 "../../ntpd/ntp_parser.y"
     {
-			(yyval.Attr_val_fifo) = (yyvsp[-1].Attr_val_fifo);
-			APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[0].Attr_val));
+			(yyval.Attr_val_fifo) = (yyvsp[(1) - (2)].Attr_val_fifo);
+			APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[(2) - (2)].Attr_val));
 		}
-#line 2807 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
-  case 205:
-#line 1104 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+  case 208:
+/* Line 1787 of yacc.c  */
+#line 1110 "../../ntpd/ntp_parser.y"
     {
 			(yyval.Attr_val_fifo) = NULL;
-			APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[0].Attr_val));
+			APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[(1) - (1)].Attr_val));
 		}
-#line 2816 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
-  case 206:
-#line 1112 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
-    { (yyval.Attr_val) = create_attr_dval((yyvsp[-1].Integer), (yyvsp[0].Double)); }
-#line 2822 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
+  case 209:
+/* Line 1787 of yacc.c  */
+#line 1118 "../../ntpd/ntp_parser.y"
+    { (yyval.Attr_val) = create_attr_dval((yyvsp[(1) - (2)].Integer), (yyvsp[(2) - (2)].Double)); }
     break;
 
-  case 219:
-#line 1137 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+  case 222:
+/* Line 1787 of yacc.c  */
+#line 1143 "../../ntpd/ntp_parser.y"
     {
 			attr_val *av;
 
-			av = create_attr_dval((yyvsp[-1].Integer), (yyvsp[0].Double));
+			av = create_attr_dval((yyvsp[(1) - (2)].Integer), (yyvsp[(2) - (2)].Double));
 			APPEND_G_FIFO(cfgt.vars, av);
 		}
-#line 2833 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
-  case 220:
-#line 1144 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+  case 223:
+/* Line 1787 of yacc.c  */
+#line 1150 "../../ntpd/ntp_parser.y"
     {
 			attr_val *av;
 
-			av = create_attr_ival((yyvsp[-1].Integer), (yyvsp[0].Integer));
+			av = create_attr_ival((yyvsp[(1) - (2)].Integer), (yyvsp[(2) - (2)].Integer));
 			APPEND_G_FIFO(cfgt.vars, av);
 		}
-#line 2844 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
-  case 221:
-#line 1151 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+  case 224:
+/* Line 1787 of yacc.c  */
+#line 1157 "../../ntpd/ntp_parser.y"
     {
 			attr_val *av;
 
-			av = create_attr_sval((yyvsp[-1].Integer), (yyvsp[0].String));
+			av = create_attr_sval((yyvsp[(1) - (2)].Integer), (yyvsp[(2) - (2)].String));
 			APPEND_G_FIFO(cfgt.vars, av);
 		}
-#line 2855 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
-  case 222:
-#line 1158 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+  case 225:
+/* Line 1787 of yacc.c  */
+#line 1164 "../../ntpd/ntp_parser.y"
     {
 			char error_text[64];
 			attr_val *av;
 
 			if (lex_from_file()) {
-				av = create_attr_sval((yyvsp[-1].Integer), (yyvsp[0].String));
+				av = create_attr_sval((yyvsp[(1) - (2)].Integer), (yyvsp[(2) - (2)].String));
 				APPEND_G_FIFO(cfgt.vars, av);
 			} else {
-				YYFREE((yyvsp[0].String));
+				YYFREE((yyvsp[(2) - (2)].String));
 				snprintf(error_text, sizeof(error_text),
 					 "%s remote config ignored",
-					 keyword((yyvsp[-1].Integer)));
+					 keyword((yyvsp[(1) - (2)].Integer)));
 				yyerror(error_text);
 			}
 		}
-#line 2875 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
-  case 223:
-#line 1174 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+  case 226:
+/* Line 1787 of yacc.c  */
+#line 1180 "../../ntpd/ntp_parser.y"
     {
 			if (!lex_from_file()) {
-				YYFREE((yyvsp[-1].String)); /* avoid leak */
+				YYFREE((yyvsp[(2) - (3)].String)); /* avoid leak */
 				yyerror("remote includefile ignored");
 				break;
 			}
@@ -2886,108 +3131,108 @@ yyreduce:
 				fprintf(stderr, "getconfig: Maximum include file level exceeded.\n");
 				msyslog(LOG_ERR, "getconfig: Maximum include file level exceeded.");
 			} else {
-				const char * path = FindConfig((yyvsp[-1].String)); /* might return $2! */
+				const char * path = FindConfig((yyvsp[(2) - (3)].String)); /* might return $2! */
 				if (!lex_push_file(path, "r")) {
 					fprintf(stderr, "getconfig: Couldn't open <%s>\n", path);
 					msyslog(LOG_ERR, "getconfig: Couldn't open <%s>", path);
 				}
 			}
-			YYFREE((yyvsp[-1].String)); /* avoid leak */
+			YYFREE((yyvsp[(2) - (3)].String)); /* avoid leak */
 		}
-#line 2898 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
-  case 224:
-#line 1193 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+  case 227:
+/* Line 1787 of yacc.c  */
+#line 1199 "../../ntpd/ntp_parser.y"
     { lex_flush_stack(); }
-#line 2904 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
-  case 225:
-#line 1195 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+  case 228:
+/* Line 1787 of yacc.c  */
+#line 1201 "../../ntpd/ntp_parser.y"
     { /* see drift_parm below for actions */ }
-#line 2910 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
-  case 226:
-#line 1197 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
-    { CONCAT_G_FIFOS(cfgt.logconfig, (yyvsp[0].Attr_val_fifo)); }
-#line 2916 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
+  case 229:
+/* Line 1787 of yacc.c  */
+#line 1203 "../../ntpd/ntp_parser.y"
+    { CONCAT_G_FIFOS(cfgt.logconfig, (yyvsp[(2) - (2)].Attr_val_fifo)); }
     break;
 
-  case 227:
-#line 1199 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
-    { CONCAT_G_FIFOS(cfgt.phone, (yyvsp[0].String_fifo)); }
-#line 2922 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
+  case 230:
+/* Line 1787 of yacc.c  */
+#line 1205 "../../ntpd/ntp_parser.y"
+    { CONCAT_G_FIFOS(cfgt.phone, (yyvsp[(2) - (2)].String_fifo)); }
     break;
 
-  case 228:
-#line 1201 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
-    { APPEND_G_FIFO(cfgt.setvar, (yyvsp[0].Set_var)); }
-#line 2928 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
+  case 231:
+/* Line 1787 of yacc.c  */
+#line 1207 "../../ntpd/ntp_parser.y"
+    { APPEND_G_FIFO(cfgt.setvar, (yyvsp[(2) - (2)].Set_var)); }
     break;
 
-  case 229:
-#line 1203 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+  case 232:
+/* Line 1787 of yacc.c  */
+#line 1209 "../../ntpd/ntp_parser.y"
     {
 			addr_opts_node *aon;
 
-			aon = create_addr_opts_node((yyvsp[-1].Address_node), (yyvsp[0].Attr_val_fifo));
+			aon = create_addr_opts_node((yyvsp[(2) - (3)].Address_node), (yyvsp[(3) - (3)].Attr_val_fifo));
 			APPEND_G_FIFO(cfgt.trap, aon);
 		}
-#line 2939 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
-  case 230:
-#line 1210 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
-    { CONCAT_G_FIFOS(cfgt.ttl, (yyvsp[0].Attr_val_fifo)); }
-#line 2945 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
+  case 233:
+/* Line 1787 of yacc.c  */
+#line 1216 "../../ntpd/ntp_parser.y"
+    { CONCAT_G_FIFOS(cfgt.ttl, (yyvsp[(2) - (2)].Attr_val_fifo)); }
     break;
 
-  case 235:
-#line 1225 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+  case 238:
+/* Line 1787 of yacc.c  */
+#line 1231 "../../ntpd/ntp_parser.y"
     {
 #ifndef LEAP_SMEAR
 			yyerror("Built without LEAP_SMEAR support.");
 #endif
 		}
-#line 2955 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
-  case 241:
-#line 1245 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+  case 244:
+/* Line 1787 of yacc.c  */
+#line 1251 "../../ntpd/ntp_parser.y"
     {
 			if (lex_from_file()) {
 				attr_val *av;
-				av = create_attr_sval(T_Driftfile, (yyvsp[0].String));
+				av = create_attr_sval(T_Driftfile, (yyvsp[(1) - (1)].String));
 				APPEND_G_FIFO(cfgt.vars, av);
 			} else {
-				YYFREE((yyvsp[0].String));
+				YYFREE((yyvsp[(1) - (1)].String));
 				yyerror("driftfile remote configuration ignored");
 			}
 		}
-#line 2970 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
-  case 242:
-#line 1256 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+  case 245:
+/* Line 1787 of yacc.c  */
+#line 1262 "../../ntpd/ntp_parser.y"
     {
 			if (lex_from_file()) {
 				attr_val *av;
-				av = create_attr_sval(T_Driftfile, (yyvsp[-1].String));
+				av = create_attr_sval(T_Driftfile, (yyvsp[(1) - (2)].String));
 				APPEND_G_FIFO(cfgt.vars, av);
-				av = create_attr_dval(T_WanderThreshold, (yyvsp[0].Double));
+				av = create_attr_dval(T_WanderThreshold, (yyvsp[(2) - (2)].Double));
 				APPEND_G_FIFO(cfgt.vars, av);
 			} else {
-				YYFREE((yyvsp[-1].String));
+				YYFREE((yyvsp[(1) - (2)].String));
 				yyerror("driftfile remote configuration ignored");
 			}
 		}
-#line 2987 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
-  case 243:
-#line 1269 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+  case 246:
+/* Line 1787 of yacc.c  */
+#line 1275 "../../ntpd/ntp_parser.y"
     {
 			if (lex_from_file()) {
 				attr_val *av;
@@ -2997,386 +3242,386 @@ yyreduce:
 				yyerror("driftfile remote configuration ignored");
 			}
 		}
-#line 3001 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
-  case 244:
-#line 1282 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
-    { (yyval.Set_var) = create_setvar_node((yyvsp[-3].String), (yyvsp[-1].String), (yyvsp[0].Integer)); }
-#line 3007 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
+  case 247:
+/* Line 1787 of yacc.c  */
+#line 1288 "../../ntpd/ntp_parser.y"
+    { (yyval.Set_var) = create_setvar_node((yyvsp[(1) - (4)].String), (yyvsp[(3) - (4)].String), (yyvsp[(4) - (4)].Integer)); }
     break;
 
-  case 246:
-#line 1288 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+  case 249:
+/* Line 1787 of yacc.c  */
+#line 1294 "../../ntpd/ntp_parser.y"
     { (yyval.Integer) = 0; }
-#line 3013 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
-  case 247:
-#line 1293 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+  case 250:
+/* Line 1787 of yacc.c  */
+#line 1299 "../../ntpd/ntp_parser.y"
     { (yyval.Attr_val_fifo) = NULL; }
-#line 3019 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
-  case 248:
-#line 1295 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+  case 251:
+/* Line 1787 of yacc.c  */
+#line 1301 "../../ntpd/ntp_parser.y"
     {
-			(yyval.Attr_val_fifo) = (yyvsp[-1].Attr_val_fifo);
-			APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[0].Attr_val));
+			(yyval.Attr_val_fifo) = (yyvsp[(1) - (2)].Attr_val_fifo);
+			APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[(2) - (2)].Attr_val));
 		}
-#line 3028 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
-  case 249:
-#line 1303 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
-    { (yyval.Attr_val) = create_attr_ival((yyvsp[-1].Integer), (yyvsp[0].Integer)); }
-#line 3034 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
+  case 252:
+/* Line 1787 of yacc.c  */
+#line 1309 "../../ntpd/ntp_parser.y"
+    { (yyval.Attr_val) = create_attr_ival((yyvsp[(1) - (2)].Integer), (yyvsp[(2) - (2)].Integer)); }
     break;
 
-  case 250:
-#line 1305 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+  case 253:
+/* Line 1787 of yacc.c  */
+#line 1311 "../../ntpd/ntp_parser.y"
     {
-			(yyval.Attr_val) = create_attr_sval((yyvsp[-1].Integer), estrdup((yyvsp[0].Address_node)->address));
-			destroy_address_node((yyvsp[0].Address_node));
+			(yyval.Attr_val) = create_attr_sval((yyvsp[(1) - (2)].Integer), estrdup((yyvsp[(2) - (2)].Address_node)->address));
+			destroy_address_node((yyvsp[(2) - (2)].Address_node));
 		}
-#line 3043 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
-  case 251:
-#line 1313 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+  case 254:
+/* Line 1787 of yacc.c  */
+#line 1319 "../../ntpd/ntp_parser.y"
     {
-			(yyval.Attr_val_fifo) = (yyvsp[-1].Attr_val_fifo);
-			APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[0].Attr_val));
+			(yyval.Attr_val_fifo) = (yyvsp[(1) - (2)].Attr_val_fifo);
+			APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[(2) - (2)].Attr_val));
 		}
-#line 3052 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
-  case 252:
-#line 1318 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+  case 255:
+/* Line 1787 of yacc.c  */
+#line 1324 "../../ntpd/ntp_parser.y"
     {
 			(yyval.Attr_val_fifo) = NULL;
-			APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[0].Attr_val));
+			APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[(1) - (1)].Attr_val));
 		}
-#line 3061 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
-  case 253:
-#line 1326 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+  case 256:
+/* Line 1787 of yacc.c  */
+#line 1332 "../../ntpd/ntp_parser.y"
     {
 			char	prefix;
 			char *	type;
 
-			switch ((yyvsp[0].String)[0]) {
+			switch ((yyvsp[(1) - (1)].String)[0]) {
 
 			case '+':
 			case '-':
 			case '=':
-				prefix = (yyvsp[0].String)[0];
-				type = (yyvsp[0].String) + 1;
+				prefix = (yyvsp[(1) - (1)].String)[0];
+				type = (yyvsp[(1) - (1)].String) + 1;
 				break;
 
 			default:
 				prefix = '=';
-				type = (yyvsp[0].String);
+				type = (yyvsp[(1) - (1)].String);
 			}
 
 			(yyval.Attr_val) = create_attr_sval(prefix, estrdup(type));
-			YYFREE((yyvsp[0].String));
+			YYFREE((yyvsp[(1) - (1)].String));
 		}
-#line 3087 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
-  case 254:
-#line 1351 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+  case 257:
+/* Line 1787 of yacc.c  */
+#line 1357 "../../ntpd/ntp_parser.y"
     {
 			nic_rule_node *nrn;
 
-			nrn = create_nic_rule_node((yyvsp[0].Integer), NULL, (yyvsp[-1].Integer));
+			nrn = create_nic_rule_node((yyvsp[(3) - (3)].Integer), NULL, (yyvsp[(2) - (3)].Integer));
 			APPEND_G_FIFO(cfgt.nic_rules, nrn);
 		}
-#line 3098 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
-  case 255:
-#line 1358 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+  case 258:
+/* Line 1787 of yacc.c  */
+#line 1364 "../../ntpd/ntp_parser.y"
     {
 			nic_rule_node *nrn;
 
-			nrn = create_nic_rule_node(0, (yyvsp[0].String), (yyvsp[-1].Integer));
+			nrn = create_nic_rule_node(0, (yyvsp[(3) - (3)].String), (yyvsp[(2) - (3)].Integer));
 			APPEND_G_FIFO(cfgt.nic_rules, nrn);
 		}
-#line 3109 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
-  case 265:
-#line 1386 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
-    { CONCAT_G_FIFOS(cfgt.reset_counters, (yyvsp[0].Int_fifo)); }
-#line 3115 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
+  case 268:
+/* Line 1787 of yacc.c  */
+#line 1392 "../../ntpd/ntp_parser.y"
+    { CONCAT_G_FIFOS(cfgt.reset_counters, (yyvsp[(2) - (2)].Int_fifo)); }
     break;
 
-  case 266:
-#line 1391 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+  case 269:
+/* Line 1787 of yacc.c  */
+#line 1397 "../../ntpd/ntp_parser.y"
     {
-			(yyval.Int_fifo) = (yyvsp[-1].Int_fifo);
-			APPEND_G_FIFO((yyval.Int_fifo), create_int_node((yyvsp[0].Integer)));
+			(yyval.Int_fifo) = (yyvsp[(1) - (2)].Int_fifo);
+			APPEND_G_FIFO((yyval.Int_fifo), create_int_node((yyvsp[(2) - (2)].Integer)));
 		}
-#line 3124 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
-  case 267:
-#line 1396 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+  case 270:
+/* Line 1787 of yacc.c  */
+#line 1402 "../../ntpd/ntp_parser.y"
     {
 			(yyval.Int_fifo) = NULL;
-			APPEND_G_FIFO((yyval.Int_fifo), create_int_node((yyvsp[0].Integer)));
+			APPEND_G_FIFO((yyval.Int_fifo), create_int_node((yyvsp[(1) - (1)].Integer)));
 		}
-#line 3133 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
-  case 275:
-#line 1420 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+  case 278:
+/* Line 1787 of yacc.c  */
+#line 1426 "../../ntpd/ntp_parser.y"
     {
-			(yyval.Attr_val_fifo) = (yyvsp[-1].Attr_val_fifo);
-			APPEND_G_FIFO((yyval.Attr_val_fifo), create_int_node((yyvsp[0].Integer)));
+			(yyval.Attr_val_fifo) = (yyvsp[(1) - (2)].Attr_val_fifo);
+			APPEND_G_FIFO((yyval.Attr_val_fifo), create_int_node((yyvsp[(2) - (2)].Integer)));
 		}
-#line 3142 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
-  case 276:
-#line 1425 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+  case 279:
+/* Line 1787 of yacc.c  */
+#line 1431 "../../ntpd/ntp_parser.y"
     {
 			(yyval.Attr_val_fifo) = NULL;
-			APPEND_G_FIFO((yyval.Attr_val_fifo), create_int_node((yyvsp[0].Integer)));
+			APPEND_G_FIFO((yyval.Attr_val_fifo), create_int_node((yyvsp[(1) - (1)].Integer)));
 		}
-#line 3151 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
-  case 277:
-#line 1433 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+  case 280:
+/* Line 1787 of yacc.c  */
+#line 1439 "../../ntpd/ntp_parser.y"
     {
-			(yyval.Attr_val_fifo) = (yyvsp[-1].Attr_val_fifo);
-			APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[0].Attr_val));
+			(yyval.Attr_val_fifo) = (yyvsp[(1) - (2)].Attr_val_fifo);
+			APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[(2) - (2)].Attr_val));
 		}
-#line 3160 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
-  case 278:
-#line 1438 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+  case 281:
+/* Line 1787 of yacc.c  */
+#line 1444 "../../ntpd/ntp_parser.y"
     {
 			(yyval.Attr_val_fifo) = NULL;
-			APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[0].Attr_val));
+			APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[(1) - (1)].Attr_val));
 		}
-#line 3169 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
-  case 279:
-#line 1446 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
-    { (yyval.Attr_val) = create_attr_ival('i', (yyvsp[0].Integer)); }
-#line 3175 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
+  case 282:
+/* Line 1787 of yacc.c  */
+#line 1452 "../../ntpd/ntp_parser.y"
+    { (yyval.Attr_val) = create_attr_ival('i', (yyvsp[(1) - (1)].Integer)); }
     break;
 
-  case 281:
-#line 1452 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
-    { (yyval.Attr_val) = create_attr_rangeval('-', (yyvsp[-3].Integer), (yyvsp[-1].Integer)); }
-#line 3181 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
+  case 284:
+/* Line 1787 of yacc.c  */
+#line 1458 "../../ntpd/ntp_parser.y"
+    { (yyval.Attr_val) = create_attr_rangeval('-', (yyvsp[(2) - (5)].Integer), (yyvsp[(4) - (5)].Integer)); }
     break;
 
-  case 282:
-#line 1457 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+  case 285:
+/* Line 1787 of yacc.c  */
+#line 1463 "../../ntpd/ntp_parser.y"
     {
-			(yyval.String_fifo) = (yyvsp[-1].String_fifo);
-			APPEND_G_FIFO((yyval.String_fifo), create_string_node((yyvsp[0].String)));
+			(yyval.String_fifo) = (yyvsp[(1) - (2)].String_fifo);
+			APPEND_G_FIFO((yyval.String_fifo), create_string_node((yyvsp[(2) - (2)].String)));
 		}
-#line 3190 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
-  case 283:
-#line 1462 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+  case 286:
+/* Line 1787 of yacc.c  */
+#line 1468 "../../ntpd/ntp_parser.y"
     {
 			(yyval.String_fifo) = NULL;
-			APPEND_G_FIFO((yyval.String_fifo), create_string_node((yyvsp[0].String)));
+			APPEND_G_FIFO((yyval.String_fifo), create_string_node((yyvsp[(1) - (1)].String)));
 		}
-#line 3199 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
-  case 284:
-#line 1470 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+  case 287:
+/* Line 1787 of yacc.c  */
+#line 1476 "../../ntpd/ntp_parser.y"
     {
-			(yyval.Address_fifo) = (yyvsp[-1].Address_fifo);
-			APPEND_G_FIFO((yyval.Address_fifo), (yyvsp[0].Address_node));
+			(yyval.Address_fifo) = (yyvsp[(1) - (2)].Address_fifo);
+			APPEND_G_FIFO((yyval.Address_fifo), (yyvsp[(2) - (2)].Address_node));
 		}
-#line 3208 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
-  case 285:
-#line 1475 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+  case 288:
+/* Line 1787 of yacc.c  */
+#line 1481 "../../ntpd/ntp_parser.y"
     {
 			(yyval.Address_fifo) = NULL;
-			APPEND_G_FIFO((yyval.Address_fifo), (yyvsp[0].Address_node));
+			APPEND_G_FIFO((yyval.Address_fifo), (yyvsp[(1) - (1)].Address_node));
 		}
-#line 3217 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
-  case 286:
-#line 1483 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+  case 289:
+/* Line 1787 of yacc.c  */
+#line 1489 "../../ntpd/ntp_parser.y"
     {
-			if ((yyvsp[0].Integer) != 0 && (yyvsp[0].Integer) != 1) {
+			if ((yyvsp[(1) - (1)].Integer) != 0 && (yyvsp[(1) - (1)].Integer) != 1) {
 				yyerror("Integer value is not boolean (0 or 1). Assuming 1");
 				(yyval.Integer) = 1;
 			} else {
-				(yyval.Integer) = (yyvsp[0].Integer);
+				(yyval.Integer) = (yyvsp[(1) - (1)].Integer);
 			}
 		}
-#line 3230 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
-  case 287:
-#line 1491 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+  case 290:
+/* Line 1787 of yacc.c  */
+#line 1497 "../../ntpd/ntp_parser.y"
     { (yyval.Integer) = 1; }
-#line 3236 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
-  case 288:
-#line 1492 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+  case 291:
+/* Line 1787 of yacc.c  */
+#line 1498 "../../ntpd/ntp_parser.y"
     { (yyval.Integer) = 0; }
-#line 3242 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
-  case 289:
-#line 1496 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
-    { (yyval.Double) = (double)(yyvsp[0].Integer); }
-#line 3248 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
+  case 292:
+/* Line 1787 of yacc.c  */
+#line 1502 "../../ntpd/ntp_parser.y"
+    { (yyval.Double) = (double)(yyvsp[(1) - (1)].Integer); }
     break;
 
-  case 291:
-#line 1507 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+  case 294:
+/* Line 1787 of yacc.c  */
+#line 1513 "../../ntpd/ntp_parser.y"
     {
 			sim_node *sn;
 
-			sn =  create_sim_node((yyvsp[-2].Attr_val_fifo), (yyvsp[-1].Sim_server_fifo));
+			sn =  create_sim_node((yyvsp[(3) - (5)].Attr_val_fifo), (yyvsp[(4) - (5)].Sim_server_fifo));
 			APPEND_G_FIFO(cfgt.sim_details, sn);
 
 			/* Revert from ; to \n for end-of-command */
 			old_config_style = 1;
 		}
-#line 3262 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
-  case 292:
-#line 1524 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+  case 295:
+/* Line 1787 of yacc.c  */
+#line 1530 "../../ntpd/ntp_parser.y"
     { old_config_style = 0; }
-#line 3268 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
-  case 293:
-#line 1529 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+  case 296:
+/* Line 1787 of yacc.c  */
+#line 1535 "../../ntpd/ntp_parser.y"
     {
-			(yyval.Attr_val_fifo) = (yyvsp[-2].Attr_val_fifo);
-			APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[-1].Attr_val));
+			(yyval.Attr_val_fifo) = (yyvsp[(1) - (3)].Attr_val_fifo);
+			APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[(2) - (3)].Attr_val));
 		}
-#line 3277 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
-  case 294:
-#line 1534 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+  case 297:
+/* Line 1787 of yacc.c  */
+#line 1540 "../../ntpd/ntp_parser.y"
     {
 			(yyval.Attr_val_fifo) = NULL;
-			APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[-1].Attr_val));
+			APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[(1) - (2)].Attr_val));
 		}
-#line 3286 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
-  case 295:
-#line 1542 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
-    { (yyval.Attr_val) = create_attr_dval((yyvsp[-2].Integer), (yyvsp[0].Double)); }
-#line 3292 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
+  case 298:
+/* Line 1787 of yacc.c  */
+#line 1548 "../../ntpd/ntp_parser.y"
+    { (yyval.Attr_val) = create_attr_dval((yyvsp[(1) - (3)].Integer), (yyvsp[(3) - (3)].Double)); }
     break;
 
-  case 298:
-#line 1552 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+  case 301:
+/* Line 1787 of yacc.c  */
+#line 1558 "../../ntpd/ntp_parser.y"
     {
-			(yyval.Sim_server_fifo) = (yyvsp[-1].Sim_server_fifo);
-			APPEND_G_FIFO((yyval.Sim_server_fifo), (yyvsp[0].Sim_server));
+			(yyval.Sim_server_fifo) = (yyvsp[(1) - (2)].Sim_server_fifo);
+			APPEND_G_FIFO((yyval.Sim_server_fifo), (yyvsp[(2) - (2)].Sim_server));
 		}
-#line 3301 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
-  case 299:
-#line 1557 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+  case 302:
+/* Line 1787 of yacc.c  */
+#line 1563 "../../ntpd/ntp_parser.y"
     {
 			(yyval.Sim_server_fifo) = NULL;
-			APPEND_G_FIFO((yyval.Sim_server_fifo), (yyvsp[0].Sim_server));
+			APPEND_G_FIFO((yyval.Sim_server_fifo), (yyvsp[(1) - (1)].Sim_server));
 		}
-#line 3310 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
-  case 300:
-#line 1565 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
-    { (yyval.Sim_server) = ONLY_SIM(create_sim_server((yyvsp[-4].Address_node), (yyvsp[-2].Double), (yyvsp[-1].Sim_script_fifo))); }
-#line 3316 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
+  case 303:
+/* Line 1787 of yacc.c  */
+#line 1571 "../../ntpd/ntp_parser.y"
+    { (yyval.Sim_server) = ONLY_SIM(create_sim_server((yyvsp[(1) - (5)].Address_node), (yyvsp[(3) - (5)].Double), (yyvsp[(4) - (5)].Sim_script_fifo))); }
     break;
 
-  case 301:
-#line 1570 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
-    { (yyval.Double) = (yyvsp[-1].Double); }
-#line 3322 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
+  case 304:
+/* Line 1787 of yacc.c  */
+#line 1576 "../../ntpd/ntp_parser.y"
+    { (yyval.Double) = (yyvsp[(3) - (4)].Double); }
     break;
 
-  case 302:
-#line 1575 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
-    { (yyval.Address_node) = (yyvsp[0].Address_node); }
-#line 3328 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
+  case 305:
+/* Line 1787 of yacc.c  */
+#line 1581 "../../ntpd/ntp_parser.y"
+    { (yyval.Address_node) = (yyvsp[(3) - (3)].Address_node); }
     break;
 
-  case 303:
-#line 1580 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+  case 306:
+/* Line 1787 of yacc.c  */
+#line 1586 "../../ntpd/ntp_parser.y"
     {
-			(yyval.Sim_script_fifo) = (yyvsp[-1].Sim_script_fifo);
-			APPEND_G_FIFO((yyval.Sim_script_fifo), (yyvsp[0].Sim_script));
+			(yyval.Sim_script_fifo) = (yyvsp[(1) - (2)].Sim_script_fifo);
+			APPEND_G_FIFO((yyval.Sim_script_fifo), (yyvsp[(2) - (2)].Sim_script));
 		}
-#line 3337 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
-  case 304:
-#line 1585 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+  case 307:
+/* Line 1787 of yacc.c  */
+#line 1591 "../../ntpd/ntp_parser.y"
     {
 			(yyval.Sim_script_fifo) = NULL;
-			APPEND_G_FIFO((yyval.Sim_script_fifo), (yyvsp[0].Sim_script));
+			APPEND_G_FIFO((yyval.Sim_script_fifo), (yyvsp[(1) - (1)].Sim_script));
 		}
-#line 3346 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
-  case 305:
-#line 1593 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
-    { (yyval.Sim_script) = ONLY_SIM(create_sim_script_info((yyvsp[-3].Double), (yyvsp[-1].Attr_val_fifo))); }
-#line 3352 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
+  case 308:
+/* Line 1787 of yacc.c  */
+#line 1599 "../../ntpd/ntp_parser.y"
+    { (yyval.Sim_script) = ONLY_SIM(create_sim_script_info((yyvsp[(3) - (6)].Double), (yyvsp[(5) - (6)].Attr_val_fifo))); }
     break;
 
-  case 306:
-#line 1598 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+  case 309:
+/* Line 1787 of yacc.c  */
+#line 1604 "../../ntpd/ntp_parser.y"
     {
-			(yyval.Attr_val_fifo) = (yyvsp[-2].Attr_val_fifo);
-			APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[-1].Attr_val));
+			(yyval.Attr_val_fifo) = (yyvsp[(1) - (3)].Attr_val_fifo);
+			APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[(2) - (3)].Attr_val));
 		}
-#line 3361 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
-  case 307:
-#line 1603 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
+  case 310:
+/* Line 1787 of yacc.c  */
+#line 1609 "../../ntpd/ntp_parser.y"
     {
 			(yyval.Attr_val_fifo) = NULL;
-			APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[-1].Attr_val));
+			APPEND_G_FIFO((yyval.Attr_val_fifo), (yyvsp[(1) - (2)].Attr_val));
 		}
-#line 3370 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
     break;
 
-  case 308:
-#line 1611 "../../ntpd/ntp_parser.y" /* yacc.c:1646  */
-    { (yyval.Attr_val) = create_attr_dval((yyvsp[-2].Integer), (yyvsp[0].Double)); }
-#line 3376 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
+  case 311:
+/* Line 1787 of yacc.c  */
+#line 1617 "../../ntpd/ntp_parser.y"
+    { (yyval.Attr_val) = create_attr_dval((yyvsp[(1) - (3)].Integer), (yyvsp[(3) - (3)].Double)); }
     break;
 
 
-#line 3380 "../../ntpd/ntp_parser.c" /* yacc.c:1646  */
+/* Line 1787 of yacc.c  */
+#line 3625 "ntp_parser.c"
       default: break;
     }
   /* User semantic actions sometimes alter yychar, and that requires
@@ -3398,7 +3643,7 @@ yyreduce:
 
   *++yyvsp = yyval;
 
-  /* Now 'shift' the result of the reduction.  Determine what state
+  /* Now `shift' the result of the reduction.  Determine what state
      that goes to, based on the state we popped back to and the rule
      number reduced by.  */
 
@@ -3413,9 +3658,9 @@ yyreduce:
   goto yynewstate;
 
 
-/*--------------------------------------.
-| yyerrlab -- here on detecting error.  |
-`--------------------------------------*/
+/*------------------------------------.
+| yyerrlab -- here on detecting error |
+`------------------------------------*/
 yyerrlab:
   /* Make sure we have latest lookahead translation.  See comments at
      user semantic actions for why this is necessary.  */
@@ -3466,20 +3711,20 @@ yyerrlab:
   if (yyerrstatus == 3)
     {
       /* If just tried and failed to reuse lookahead token after an
-         error, discard it.  */
+	 error, discard it.  */
 
       if (yychar <= YYEOF)
-        {
-          /* Return failure if at end of input.  */
-          if (yychar == YYEOF)
-            YYABORT;
-        }
+	{
+	  /* Return failure if at end of input.  */
+	  if (yychar == YYEOF)
+	    YYABORT;
+	}
       else
-        {
-          yydestruct ("Error: discarding",
-                      yytoken, &yylval);
-          yychar = YYEMPTY;
-        }
+	{
+	  yydestruct ("Error: discarding",
+		      yytoken, &yylval);
+	  yychar = YYEMPTY;
+	}
     }
 
   /* Else will try to reuse lookahead token after shifting the error
@@ -3498,7 +3743,7 @@ yyerrorlab:
   if (/*CONSTCOND*/ 0)
      goto yyerrorlab;
 
-  /* Do not reclaim the symbols of the rule whose action triggered
+  /* Do not reclaim the symbols of the rule which action triggered
      this YYERROR.  */
   YYPOPSTACK (yylen);
   yylen = 0;
@@ -3511,29 +3756,29 @@ yyerrorlab:
 | yyerrlab1 -- common code for both syntax error and YYERROR.  |
 `-------------------------------------------------------------*/
 yyerrlab1:
-  yyerrstatus = 3;      /* Each real token shifted decrements this.  */
+  yyerrstatus = 3;	/* Each real token shifted decrements this.  */
 
   for (;;)
     {
       yyn = yypact[yystate];
       if (!yypact_value_is_default (yyn))
-        {
-          yyn += YYTERROR;
-          if (0 <= yyn && yyn <= YYLAST && yycheck[yyn] == YYTERROR)
-            {
-              yyn = yytable[yyn];
-              if (0 < yyn)
-                break;
-            }
-        }
+	{
+	  yyn += YYTERROR;
+	  if (0 <= yyn && yyn <= YYLAST && yycheck[yyn] == YYTERROR)
+	    {
+	      yyn = yytable[yyn];
+	      if (0 < yyn)
+		break;
+	    }
+	}
 
       /* Pop the current state because it cannot handle the error token.  */
       if (yyssp == yyss)
-        YYABORT;
+	YYABORT;
 
 
       yydestruct ("Error: popping",
-                  yystos[yystate], yyvsp);
+		  yystos[yystate], yyvsp);
       YYPOPSTACK (1);
       yystate = *yyssp;
       YY_STACK_PRINT (yyss, yyssp);
@@ -3584,14 +3829,14 @@ yyreturn:
       yydestruct ("Cleanup: discarding lookahead",
                   yytoken, &yylval);
     }
-  /* Do not reclaim the symbols of the rule whose action triggered
+  /* Do not reclaim the symbols of the rule which action triggered
      this YYABORT or YYACCEPT.  */
   YYPOPSTACK (yylen);
   YY_STACK_PRINT (yyss, yyssp);
   while (yyssp != yyss)
     {
       yydestruct ("Cleanup: popping",
-                  yystos[*yyssp], yyvsp);
+		  yystos[*yyssp], yyvsp);
       YYPOPSTACK (1);
     }
 #ifndef yyoverflow
@@ -3602,9 +3847,13 @@ yyreturn:
   if (yymsg != yymsgbuf)
     YYSTACK_FREE (yymsg);
 #endif
-  return yyresult;
+  /* Make sure YYID is used.  */
+  return YYID (yyresult);
 }
-#line 1622 "../../ntpd/ntp_parser.y" /* yacc.c:1906  */
+
+
+/* Line 2050 of yacc.c  */
+#line 1628 "../../ntpd/ntp_parser.y"
 
 
 void
diff --git a/contrib/ntp/ntpd/ntp_parser.h b/contrib/ntp/ntpd/ntp_parser.h
index 1ec7f8c..ae729b5 100644
--- a/contrib/ntp/ntpd/ntp_parser.h
+++ b/contrib/ntp/ntpd/ntp_parser.h
@@ -1,19 +1,19 @@
-/* A Bison parser, made by GNU Bison 3.0.2.  */
+/* A Bison parser, made by GNU Bison 2.7.12-4996.  */
 
 /* Bison interface for Yacc-like parsers in C
-
-   Copyright (C) 1984, 1989-1990, 2000-2013 Free Software Foundation, Inc.
-
+   
+      Copyright (C) 1984, 1989-1990, 2000-2013 Free Software Foundation, Inc.
+   
    This program is free software: you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation, either version 3 of the License, or
    (at your option) any later version.
-
+   
    This program is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU General Public License for more details.
-
+   
    You should have received a copy of the GNU General Public License
    along with this program.  If not, see <http://www.gnu.org/licenses/>.  */
 
@@ -26,13 +26,13 @@
    special exception, which will cause the skeleton and the resulting
    Bison output files to be licensed under the GNU General Public
    License without this special exception.
-
+   
    This special exception was added by the Free Software Foundation in
    version 2.2 of Bison.  */
 
-#ifndef YY_YY__NTPD_NTP_PARSER_H_INCLUDED
-# define YY_YY__NTPD_NTP_PARSER_H_INCLUDED
-/* Debug traces.  */
+#ifndef YY_YY_NTP_PARSER_H_INCLUDED
+# define YY_YY_NTP_PARSER_H_INCLUDED
+/* Enabling traces.  */
 #ifndef YYDEBUG
 # define YYDEBUG 1
 #endif
@@ -40,203 +40,207 @@
 extern int yydebug;
 #endif
 
-/* Token type.  */
+/* Tokens.  */
 #ifndef YYTOKENTYPE
 # define YYTOKENTYPE
-  enum yytokentype
-  {
-    T_Abbrev = 258,
-    T_Age = 259,
-    T_All = 260,
-    T_Allan = 261,
-    T_Allpeers = 262,
-    T_Auth = 263,
-    T_Autokey = 264,
-    T_Automax = 265,
-    T_Average = 266,
-    T_Bclient = 267,
-    T_Beacon = 268,
-    T_Broadcast = 269,
-    T_Broadcastclient = 270,
-    T_Broadcastdelay = 271,
-    T_Burst = 272,
-    T_Calibrate = 273,
-    T_Ceiling = 274,
-    T_Clockstats = 275,
-    T_Cohort = 276,
-    T_ControlKey = 277,
-    T_Crypto = 278,
-    T_Cryptostats = 279,
-    T_Ctl = 280,
-    T_Day = 281,
-    T_Default = 282,
-    T_Digest = 283,
-    T_Disable = 284,
-    T_Discard = 285,
-    T_Dispersion = 286,
-    T_Double = 287,
-    T_Driftfile = 288,
-    T_Drop = 289,
-    T_Dscp = 290,
-    T_Ellipsis = 291,
-    T_Enable = 292,
-    T_End = 293,
-    T_False = 294,
-    T_File = 295,
-    T_Filegen = 296,
-    T_Filenum = 297,
-    T_Flag1 = 298,
-    T_Flag2 = 299,
-    T_Flag3 = 300,
-    T_Flag4 = 301,
-    T_Flake = 302,
-    T_Floor = 303,
-    T_Freq = 304,
-    T_Fudge = 305,
-    T_Host = 306,
-    T_Huffpuff = 307,
-    T_Iburst = 308,
-    T_Ident = 309,
-    T_Ignore = 310,
-    T_Incalloc = 311,
-    T_Incmem = 312,
-    T_Initalloc = 313,
-    T_Initmem = 314,
-    T_Includefile = 315,
-    T_Integer = 316,
-    T_Interface = 317,
-    T_Intrange = 318,
-    T_Io = 319,
-    T_Ipv4 = 320,
-    T_Ipv4_flag = 321,
-    T_Ipv6 = 322,
-    T_Ipv6_flag = 323,
-    T_Kernel = 324,
-    T_Key = 325,
-    T_Keys = 326,
-    T_Keysdir = 327,
-    T_Kod = 328,
-    T_Mssntp = 329,
-    T_Leapfile = 330,
-    T_Leapsmearinterval = 331,
-    T_Limited = 332,
-    T_Link = 333,
-    T_Listen = 334,
-    T_Logconfig = 335,
-    T_Logfile = 336,
-    T_Loopstats = 337,
-    T_Lowpriotrap = 338,
-    T_Manycastclient = 339,
-    T_Manycastserver = 340,
-    T_Mask = 341,
-    T_Maxage = 342,
-    T_Maxclock = 343,
-    T_Maxdepth = 344,
-    T_Maxdist = 345,
-    T_Maxmem = 346,
-    T_Maxpoll = 347,
-    T_Mdnstries = 348,
-    T_Mem = 349,
-    T_Memlock = 350,
-    T_Minclock = 351,
-    T_Mindepth = 352,
-    T_Mindist = 353,
-    T_Minimum = 354,
-    T_Minpoll = 355,
-    T_Minsane = 356,
-    T_Mode = 357,
-    T_Mode7 = 358,
-    T_Monitor = 359,
-    T_Month = 360,
-    T_Mru = 361,
-    T_Multicastclient = 362,
-    T_Nic = 363,
-    T_Nolink = 364,
-    T_Nomodify = 365,
-    T_Nomrulist = 366,
-    T_None = 367,
-    T_Nonvolatile = 368,
-    T_Nopeer = 369,
-    T_Noquery = 370,
-    T_Noselect = 371,
-    T_Noserve = 372,
-    T_Notrap = 373,
-    T_Notrust = 374,
-    T_Ntp = 375,
-    T_Ntpport = 376,
-    T_NtpSignDsocket = 377,
-    T_Orphan = 378,
-    T_Orphanwait = 379,
-    T_Panic = 380,
-    T_Peer = 381,
-    T_Peerstats = 382,
-    T_Phone = 383,
-    T_Pid = 384,
-    T_Pidfile = 385,
-    T_Pool = 386,
-    T_Port = 387,
-    T_Preempt = 388,
-    T_Prefer = 389,
-    T_Protostats = 390,
-    T_Pw = 391,
-    T_Randfile = 392,
-    T_Rawstats = 393,
-    T_Refid = 394,
-    T_Requestkey = 395,
-    T_Reset = 396,
-    T_Restrict = 397,
-    T_Revoke = 398,
-    T_Rlimit = 399,
-    T_Saveconfigdir = 400,
-    T_Server = 401,
-    T_Setvar = 402,
-    T_Source = 403,
-    T_Stacksize = 404,
-    T_Statistics = 405,
-    T_Stats = 406,
-    T_Statsdir = 407,
-    T_Step = 408,
-    T_Stepback = 409,
-    T_Stepfwd = 410,
-    T_Stepout = 411,
-    T_Stratum = 412,
-    T_String = 413,
-    T_Sys = 414,
-    T_Sysstats = 415,
-    T_Tick = 416,
-    T_Time1 = 417,
-    T_Time2 = 418,
-    T_Timer = 419,
-    T_Timingstats = 420,
-    T_Tinker = 421,
-    T_Tos = 422,
-    T_Trap = 423,
-    T_True = 424,
-    T_Trustedkey = 425,
-    T_Ttl = 426,
-    T_Type = 427,
-    T_U_int = 428,
-    T_Unconfig = 429,
-    T_Unpeer = 430,
-    T_Version = 431,
-    T_WanderThreshold = 432,
-    T_Week = 433,
-    T_Wildcard = 434,
-    T_Xleave = 435,
-    T_Year = 436,
-    T_Flag = 437,
-    T_EOC = 438,
-    T_Simulate = 439,
-    T_Beep_Delay = 440,
-    T_Sim_Duration = 441,
-    T_Server_Offset = 442,
-    T_Duration = 443,
-    T_Freq_Offset = 444,
-    T_Wander = 445,
-    T_Jitter = 446,
-    T_Prop_Delay = 447,
-    T_Proc_Delay = 448
-  };
+   /* Put the tokens into the symbol table, so that GDB and other debuggers
+      know about them.  */
+   enum yytokentype {
+     T_Abbrev = 258,
+     T_Age = 259,
+     T_All = 260,
+     T_Allan = 261,
+     T_Allpeers = 262,
+     T_Auth = 263,
+     T_Autokey = 264,
+     T_Automax = 265,
+     T_Average = 266,
+     T_Bclient = 267,
+     T_Beacon = 268,
+     T_Broadcast = 269,
+     T_Broadcastclient = 270,
+     T_Broadcastdelay = 271,
+     T_Burst = 272,
+     T_Calibrate = 273,
+     T_Ceiling = 274,
+     T_Clockstats = 275,
+     T_Cohort = 276,
+     T_ControlKey = 277,
+     T_Crypto = 278,
+     T_Cryptostats = 279,
+     T_Ctl = 280,
+     T_Day = 281,
+     T_Default = 282,
+     T_Digest = 283,
+     T_Disable = 284,
+     T_Discard = 285,
+     T_Dispersion = 286,
+     T_Double = 287,
+     T_Driftfile = 288,
+     T_Drop = 289,
+     T_Dscp = 290,
+     T_Ellipsis = 291,
+     T_Enable = 292,
+     T_End = 293,
+     T_False = 294,
+     T_File = 295,
+     T_Filegen = 296,
+     T_Filenum = 297,
+     T_Flag1 = 298,
+     T_Flag2 = 299,
+     T_Flag3 = 300,
+     T_Flag4 = 301,
+     T_Flake = 302,
+     T_Floor = 303,
+     T_Freq = 304,
+     T_Fudge = 305,
+     T_Host = 306,
+     T_Huffpuff = 307,
+     T_Iburst = 308,
+     T_Ident = 309,
+     T_Ignore = 310,
+     T_Incalloc = 311,
+     T_Incmem = 312,
+     T_Initalloc = 313,
+     T_Initmem = 314,
+     T_Includefile = 315,
+     T_Integer = 316,
+     T_Interface = 317,
+     T_Intrange = 318,
+     T_Io = 319,
+     T_Ipv4 = 320,
+     T_Ipv4_flag = 321,
+     T_Ipv6 = 322,
+     T_Ipv6_flag = 323,
+     T_Kernel = 324,
+     T_Key = 325,
+     T_Keys = 326,
+     T_Keysdir = 327,
+     T_Kod = 328,
+     T_Mssntp = 329,
+     T_Leapfile = 330,
+     T_Leapsmearinterval = 331,
+     T_Limited = 332,
+     T_Link = 333,
+     T_Listen = 334,
+     T_Logconfig = 335,
+     T_Logfile = 336,
+     T_Loopstats = 337,
+     T_Lowpriotrap = 338,
+     T_Manycastclient = 339,
+     T_Manycastserver = 340,
+     T_Mask = 341,
+     T_Maxage = 342,
+     T_Maxclock = 343,
+     T_Maxdepth = 344,
+     T_Maxdist = 345,
+     T_Maxmem = 346,
+     T_Maxpoll = 347,
+     T_Mdnstries = 348,
+     T_Mem = 349,
+     T_Memlock = 350,
+     T_Minclock = 351,
+     T_Mindepth = 352,
+     T_Mindist = 353,
+     T_Minimum = 354,
+     T_Minpoll = 355,
+     T_Minsane = 356,
+     T_Mode = 357,
+     T_Mode7 = 358,
+     T_Monitor = 359,
+     T_Month = 360,
+     T_Mru = 361,
+     T_Multicastclient = 362,
+     T_Nic = 363,
+     T_Nolink = 364,
+     T_Nomodify = 365,
+     T_Nomrulist = 366,
+     T_None = 367,
+     T_Nonvolatile = 368,
+     T_Nopeer = 369,
+     T_Noquery = 370,
+     T_Noselect = 371,
+     T_Noserve = 372,
+     T_Notrap = 373,
+     T_Notrust = 374,
+     T_Ntp = 375,
+     T_Ntpport = 376,
+     T_NtpSignDsocket = 377,
+     T_Orphan = 378,
+     T_Orphanwait = 379,
+     T_Panic = 380,
+     T_Peer = 381,
+     T_Peerstats = 382,
+     T_Phone = 383,
+     T_Pid = 384,
+     T_Pidfile = 385,
+     T_Pool = 386,
+     T_Port = 387,
+     T_Preempt = 388,
+     T_Prefer = 389,
+     T_Protostats = 390,
+     T_Pw = 391,
+     T_Randfile = 392,
+     T_Rawstats = 393,
+     T_Refid = 394,
+     T_Requestkey = 395,
+     T_Reset = 396,
+     T_Restrict = 397,
+     T_Revoke = 398,
+     T_Rlimit = 399,
+     T_Saveconfigdir = 400,
+     T_Server = 401,
+     T_Setvar = 402,
+     T_Source = 403,
+     T_Stacksize = 404,
+     T_Statistics = 405,
+     T_Stats = 406,
+     T_Statsdir = 407,
+     T_Step = 408,
+     T_Stepback = 409,
+     T_Stepfwd = 410,
+     T_Stepout = 411,
+     T_Stratum = 412,
+     T_String = 413,
+     T_Sys = 414,
+     T_Sysstats = 415,
+     T_Tick = 416,
+     T_Time1 = 417,
+     T_Time2 = 418,
+     T_Timer = 419,
+     T_Timingstats = 420,
+     T_Tinker = 421,
+     T_Tos = 422,
+     T_Trap = 423,
+     T_True = 424,
+     T_Trustedkey = 425,
+     T_Ttl = 426,
+     T_Type = 427,
+     T_U_int = 428,
+     T_UEcrypto = 429,
+     T_UEcryptonak = 430,
+     T_UEdigest = 431,
+     T_Unconfig = 432,
+     T_Unpeer = 433,
+     T_Version = 434,
+     T_WanderThreshold = 435,
+     T_Week = 436,
+     T_Wildcard = 437,
+     T_Xleave = 438,
+     T_Year = 439,
+     T_Flag = 440,
+     T_EOC = 441,
+     T_Simulate = 442,
+     T_Beep_Delay = 443,
+     T_Sim_Duration = 444,
+     T_Server_Offset = 445,
+     T_Duration = 446,
+     T_Freq_Offset = 447,
+     T_Wander = 448,
+     T_Jitter = 449,
+     T_Prop_Delay = 450,
+     T_Proc_Delay = 451
+   };
 #endif
 /* Tokens.  */
 #define T_Abbrev 258
@@ -410,33 +414,37 @@ extern int yydebug;
 #define T_Ttl 426
 #define T_Type 427
 #define T_U_int 428
-#define T_Unconfig 429
-#define T_Unpeer 430
-#define T_Version 431
-#define T_WanderThreshold 432
-#define T_Week 433
-#define T_Wildcard 434
-#define T_Xleave 435
-#define T_Year 436
-#define T_Flag 437
-#define T_EOC 438
-#define T_Simulate 439
-#define T_Beep_Delay 440
-#define T_Sim_Duration 441
-#define T_Server_Offset 442
-#define T_Duration 443
-#define T_Freq_Offset 444
-#define T_Wander 445
-#define T_Jitter 446
-#define T_Prop_Delay 447
-#define T_Proc_Delay 448
+#define T_UEcrypto 429
+#define T_UEcryptonak 430
+#define T_UEdigest 431
+#define T_Unconfig 432
+#define T_Unpeer 433
+#define T_Version 434
+#define T_WanderThreshold 435
+#define T_Week 436
+#define T_Wildcard 437
+#define T_Xleave 438
+#define T_Year 439
+#define T_Flag 440
+#define T_EOC 441
+#define T_Simulate 442
+#define T_Beep_Delay 443
+#define T_Sim_Duration 444
+#define T_Server_Offset 445
+#define T_Duration 446
+#define T_Freq_Offset 447
+#define T_Wander 448
+#define T_Jitter 449
+#define T_Prop_Delay 450
+#define T_Proc_Delay 451
+
+
 
-/* Value type.  */
 #if ! defined YYSTYPE && ! defined YYSTYPE_IS_DECLARED
-typedef union YYSTYPE YYSTYPE;
-union YYSTYPE
+typedef union YYSTYPE
 {
-#line 51 "../../ntpd/ntp_parser.y" /* yacc.c:1909  */
+/* Line 2053 of yacc.c  */
+#line 51 "../../ntpd/ntp_parser.y"
 
 	char *			String;
 	double			Double;
@@ -455,15 +463,29 @@ union YYSTYPE
 	script_info *		Sim_script;
 	script_info_fifo *	Sim_script_fifo;
 
-#line 459 "../../ntpd/ntp_parser.h" /* yacc.c:1909  */
-};
+
+/* Line 2053 of yacc.c  */
+#line 469 "ntp_parser.h"
+} YYSTYPE;
 # define YYSTYPE_IS_TRIVIAL 1
+# define yystype YYSTYPE /* obsolescent; will be withdrawn */
 # define YYSTYPE_IS_DECLARED 1
 #endif
 
-
 extern YYSTYPE yylval;
 
+#ifdef YYPARSE_PARAM
+#if defined __STDC__ || defined __cplusplus
+int yyparse (void *YYPARSE_PARAM);
+#else
+int yyparse ();
+#endif
+#else /* ! YYPARSE_PARAM */
+#if defined __STDC__ || defined __cplusplus
 int yyparse (void);
+#else
+int yyparse ();
+#endif
+#endif /* ! YYPARSE_PARAM */
 
-#endif /* !YY_YY__NTPD_NTP_PARSER_H_INCLUDED  */
+#endif /* !YY_YY_NTP_PARSER_H_INCLUDED  */
diff --git a/contrib/ntp/ntpd/ntp_proto.c b/contrib/ntp/ntpd/ntp_proto.c
index f770472..ad45409 100644
--- a/contrib/ntp/ntpd/ntp_proto.c
+++ b/contrib/ntp/ntpd/ntp_proto.c
@@ -153,6 +153,19 @@ u_long	sys_declined;		/* declined */
 u_long	sys_limitrejected;	/* rate exceeded */
 u_long	sys_kodsent;		/* KoD sent */
 
+/*
+ * Mechanism knobs: how soon do we unpeer()?
+ *
+ * The default way is "on-receipt".  If this was a packet from a
+ * well-behaved source, on-receipt will offer the fastest recovery.
+ * If this was from a DoS attack, the default way makes it easier
+ * for a bad-guy to DoS us.  So look and see what bites you harder
+ * and choose according to your environment.
+ */
+int unpeer_crypto_early		= 1;	/* bad crypto (TEST9) */
+int unpeer_crypto_nak_early	= 1;	/* crypto_NAK (TEST5) */
+int unpeer_digest_early		= 1;	/* bad digest (TEST5) */
+
 static int kiss_code_check(u_char hisleap, u_char hisstratum, u_char hismode, u_int32 refid);
 static	double	root_distance	(struct peer *);
 static	void	clock_combine	(peer_select *, int, int);
@@ -1157,6 +1170,7 @@ receive(
 
 			} else {
 				peer->delay = sys_bdelay;
+				peer->bxmt = p_xmt;
 			}
 			break;
 		}
@@ -1177,6 +1191,7 @@ receive(
 			sys_restricted++;
 			return;			/* ignore duplicate */
 		}
+		peer->bxmt = p_xmt;
 #ifdef AUTOKEY
 		if (skeyid > NTP_MAXKEY)
 			crypto_recv(peer, rbufp);
@@ -1286,6 +1301,73 @@ receive(
 			return;
 		}
 #endif /* AUTOKEY */
+
+		if (MODE_BROADCAST == hismode) {
+			u_char poll;
+			int bail = 0;
+			l_fp tdiff;
+
+			DPRINTF(2, ("receive: PROCPKT/BROADCAST: prev pkt %ld seconds ago, ppoll: %d, %d secs\n",
+				    (current_time - peer->timelastrec),
+				    peer->ppoll, (1 << peer->ppoll)
+				    ));
+			/* Things we can check:
+			 *
+			 * Did the poll interval change?
+			 * Is the poll interval in the packet in-range?
+			 * Did this packet arrive too soon?
+			 * Is the timestamp in this packet monotonic
+			 *  with respect to the previous packet?
+			 */
+
+			/* This is noteworthy, not error-worthy */
+			if (pkt->ppoll != peer->ppoll) {
+				msyslog(LOG_INFO, "receive: broadcast poll from %s changed from %ud to %ud",
+					stoa(&rbufp->recv_srcadr),
+					peer->ppoll, pkt->ppoll);
+			}
+
+			poll = min(peer->maxpoll,
+				   max(peer->minpoll, pkt->ppoll));
+
+			/* This is error-worthy */
+			if (pkt->ppoll != poll) {
+				msyslog(LOG_INFO, "receive: broadcast poll of %ud from %s is out-of-range (%d to %d)!",
+					pkt->ppoll, stoa(&rbufp->recv_srcadr),
+					peer->minpoll, peer->maxpoll);
+				++bail;
+			}
+
+			if (  (current_time - peer->timelastrec)
+			    < (1 << pkt->ppoll)) {
+				msyslog(LOG_INFO, "receive: broadcast packet from %s arrived after %ld, not %d seconds!",
+					stoa(&rbufp->recv_srcadr),
+					(current_time - peer->timelastrec),
+					(1 << pkt->ppoll)
+					);
+				++bail;
+			}
+
+			tdiff = p_xmt;
+			L_SUB(&tdiff, &peer->bxmt);
+			if (tdiff.l_i < 0) {
+				msyslog(LOG_INFO, "receive: broadcast packet from %s contains non-monotonic timestamp: %#010x.%08x -> %#010x.%08x",
+					stoa(&rbufp->recv_srcadr),
+					peer->bxmt.l_ui, peer->bxmt.l_uf,
+					p_xmt.l_ui, p_xmt.l_uf
+					);
+				++bail;
+			}
+
+			peer->bxmt = p_xmt;
+
+			if (bail) {
+				peer->timelastrec = current_time;
+				sys_declined++;
+				return;
+			}
+		}
+
 		break;
 
 	/*
@@ -1362,7 +1444,12 @@ receive(
 	/*
 	 * Basic mode checks:
 	 *
-	 * If there is no origin timestamp, it's an initial packet.
+	 * If there is no origin timestamp, it's either an initial packet
+	 * or we've already received a response to our query.  Of course,
+	 * should 'aorg' be all-zero because this really was the original
+	 * transmit timestamp, we'll drop the reply.  There is a window of
+	 * one nanosecond once every 136 years' time where this is possible.
+	 * We currently ignore this situation.
 	 *
 	 * Otherwise, check for bogus packet in basic mode.
 	 * If it is bogus, switch to interleaved mode and resynchronize,
@@ -1375,7 +1462,8 @@ receive(
 	} else if (peer->flip == 0) {
 		if (0 < hisstratum && L_ISZERO(&p_org)) {
 			L_CLR(&peer->aorg);
-		} else if (!L_ISEQU(&p_org, &peer->aorg)) {
+		} else if (    L_ISZERO(&peer->aorg)
+			   || !L_ISEQU(&p_org, &peer->aorg)) {
 			peer->bogusorg++;
 			peer->flash |= TEST2;	/* bogus */
 			msyslog(LOG_INFO,
@@ -1424,7 +1512,9 @@ receive(
 		peer->flash |= TEST5;		/* bad auth */
 		peer->badauth++;
 		if (peer->flags & FLAG_PREEMPT) {
-			unpeer(peer);
+			if (unpeer_crypto_nak_early) {
+				unpeer(peer);
+			}
 			return;
 		}
 #ifdef AUTOKEY
@@ -1450,7 +1540,9 @@ receive(
 		    && (hismode == MODE_ACTIVE || hismode == MODE_PASSIVE))
 			fast_xmit(rbufp, MODE_ACTIVE, 0, restrict_mask);
 		if (peer->flags & FLAG_PREEMPT) {
-			unpeer(peer);
+			if (unpeer_digest_early) {
+				unpeer(peer);
+			}
 			return;
 		}
 #ifdef AUTOKEY
@@ -1505,12 +1597,47 @@ receive(
 		return;		/* Drop any other kiss code packets */
 	}
 
+	/*
+	 * If:
+	 *	- this is a *cast (uni-, broad-, or m-) server packet
+	 *	- and it's authenticated
+	 * then see if the sender's IP is trusted for this keyid.
+	 * If it is, great - nothing special to do here.
+	 * Otherwise, we should report and bail.
+	 */
+
+	switch (hismode) {
+	    case MODE_SERVER:		/* server mode */
+	    case MODE_BROADCAST:	/* broadcast mode */
+	    case MODE_ACTIVE:		/* symmetric active mode */
+		if (   is_authentic == AUTH_OK
+		    && !authistrustedip(skeyid, &peer->srcadr)) {
+			report_event(PEVNT_AUTH, peer, "authIP");
+			peer->badauth++;
+			return;
+		}
+	    	break;
+
+	    case MODE_UNSPEC:		/* unspecified (old version) */
+	    case MODE_PASSIVE:		/* symmetric passive mode */
+	    case MODE_CLIENT:		/* client mode */
+#if 0		/* At this point, MODE_CONTROL is overloaded by MODE_BCLIENT */
+	    case MODE_CONTROL:		/* control mode */
+#endif
+	    case MODE_PRIVATE:		/* private mode */
+	    case MODE_BCLIENT:		/* broadcast client mode */
+	    	break;
+	    default:
+	    	break;
+	}
+
 
 	/*
 	 * That was hard and I am sweaty, but the packet is squeaky
 	 * clean. Get on with real work.
 	 */
 	peer->timereceived = current_time;
+	peer->timelastrec = current_time;
 	if (is_authentic == AUTH_OK)
 		peer->flags |= FLAG_AUTHENTIC;
 	else
@@ -1560,8 +1687,11 @@ receive(
 				    "crypto error");
 				peer_clear(peer, "CRYP");
 				peer->flash |= TEST9;	/* bad crypt */
-				if (peer->flags & FLAG_PREEMPT)
-					unpeer(peer);
+				if (peer->flags & FLAG_PREEMPT) {
+					if (unpeer_crypto_early) {
+						unpeer(peer);
+					}
+				}
 			}
 			return;
 		}
@@ -4358,6 +4488,22 @@ proto_config(
 			io_multicast_del(svalue);
 		break;
 
+	/*
+	 * Unpeer Early policy choices
+	 */
+
+	case PROTO_UECRYPTO:	/* Crypto */
+		unpeer_crypto_early = value;
+		break;
+
+	case PROTO_UECRYPTONAK:	/* Crypto_NAK */
+		unpeer_crypto_nak_early = value;
+		break;
+
+	case PROTO_UEDIGEST:	/* Digest */
+		unpeer_digest_early = value;
+		break;
+
 	default:
 		msyslog(LOG_NOTICE,
 		    "proto: unsupported option %d", item);
diff --git a/contrib/ntp/ntpd/ntp_request.c b/contrib/ntp/ntpd/ntp_request.c
index fa78ce1..ba968e2 100644
--- a/contrib/ntp/ntpd/ntp_request.c
+++ b/contrib/ntp/ntpd/ntp_request.c
@@ -81,8 +81,8 @@ static	void	do_unconf	(sockaddr_u *, endpt *, struct req_pkt *);
 static	void	set_sys_flag	(sockaddr_u *, endpt *, struct req_pkt *);
 static	void	clr_sys_flag	(sockaddr_u *, endpt *, struct req_pkt *);
 static	void	setclr_flags	(sockaddr_u *, endpt *, struct req_pkt *, u_long);
-static	void	list_restrict4	(restrict_u *, struct info_restrict **);
-static	void	list_restrict6	(restrict_u *, struct info_restrict **);
+static	void	list_restrict4	(const restrict_u *, struct info_restrict **);
+static	void	list_restrict6	(const restrict_u *, struct info_restrict **);
 static	void	list_restrict	(sockaddr_u *, endpt *, struct req_pkt *);
 static	void	do_resaddflags	(sockaddr_u *, endpt *, struct req_pkt *);
 static	void	do_ressubflags	(sockaddr_u *, endpt *, struct req_pkt *);
@@ -667,43 +667,35 @@ list_peers(
 	struct req_pkt *inpkt
 	)
 {
-	struct info_peer_list *ip;
-	struct peer *pp;
-	int skip = 0;
+	struct info_peer_list *	ip;
+	const struct peer *	pp;
 
 	ip = (struct info_peer_list *)prepare_pkt(srcadr, inter, inpkt,
 	    v6sizeof(struct info_peer_list));
 	for (pp = peer_list; pp != NULL && ip != NULL; pp = pp->p_link) {
 		if (IS_IPV6(&pp->srcadr)) {
-			if (client_v6_capable) {
-				ip->addr6 = SOCK_ADDR6(&pp->srcadr);
-				ip->v6_flag = 1;
-				skip = 0;
-			} else {
-				skip = 1;
-				break;
-			}
+			if (!client_v6_capable)
+				continue;			
+			ip->addr6 = SOCK_ADDR6(&pp->srcadr);
+			ip->v6_flag = 1;
 		} else {
 			ip->addr = NSRCADR(&pp->srcadr);
 			if (client_v6_capable)
 				ip->v6_flag = 0;
-			skip = 0;
 		}
 
-		if (!skip) {
-			ip->port = NSRCPORT(&pp->srcadr);
-			ip->hmode = pp->hmode;
-			ip->flags = 0;
-			if (pp->flags & FLAG_CONFIG)
-				ip->flags |= INFO_FLAG_CONFIG;
-			if (pp == sys_peer)
-				ip->flags |= INFO_FLAG_SYSPEER;
-			if (pp->status == CTL_PST_SEL_SYNCCAND)
-				ip->flags |= INFO_FLAG_SEL_CANDIDATE;
-			if (pp->status >= CTL_PST_SEL_SYSPEER)
-				ip->flags |= INFO_FLAG_SHORTLIST;
-			ip = (struct info_peer_list *)more_pkt();
-		}
+		ip->port = NSRCPORT(&pp->srcadr);
+		ip->hmode = pp->hmode;
+		ip->flags = 0;
+		if (pp->flags & FLAG_CONFIG)
+			ip->flags |= INFO_FLAG_CONFIG;
+		if (pp == sys_peer)
+			ip->flags |= INFO_FLAG_SYSPEER;
+		if (pp->status == CTL_PST_SEL_SYNCCAND)
+			ip->flags |= INFO_FLAG_SEL_CANDIDATE;
+		if (pp->status >= CTL_PST_SEL_SYSPEER)
+			ip->flags |= INFO_FLAG_SHORTLIST;
+		ip = (struct info_peer_list *)more_pkt();
 	}	/* for pp */
 
 	flush_pkt();
@@ -720,10 +712,9 @@ list_peers_sum(
 	struct req_pkt *inpkt
 	)
 {
-	register struct info_peer_summary *ips;
-	register struct peer *pp;
-	l_fp ltmp;
-	register int skip;
+	struct info_peer_summary *	ips;
+	const struct peer *		pp;
+	l_fp 				ltmp;
 
 	DPRINTF(3, ("wants peer list summary\n"));
 
@@ -736,18 +727,14 @@ list_peers_sum(
 		 * want only v4.
 		 */
 		if (IS_IPV6(&pp->srcadr)) {
-			if (client_v6_capable) {
-				ips->srcadr6 = SOCK_ADDR6(&pp->srcadr);
-				ips->v6_flag = 1;
-				if (pp->dstadr)
-					ips->dstadr6 = SOCK_ADDR6(&pp->dstadr->sin);
-				else
-					ZERO(ips->dstadr6);
-				skip = 0;
-			} else {
-				skip = 1;
-				break;
-			}
+			if (!client_v6_capable)
+				continue;
+			ips->srcadr6 = SOCK_ADDR6(&pp->srcadr);
+			ips->v6_flag = 1;
+			if (pp->dstadr)
+				ips->dstadr6 = SOCK_ADDR6(&pp->dstadr->sin);
+			else
+				ZERO(ips->dstadr6);
 		} else {
 			ips->srcadr = NSRCADR(&pp->srcadr);
 			if (client_v6_capable)
@@ -765,39 +752,37 @@ list_peers_sum(
 							ips->dstadr = NSRCADR(&pp->dstadr->bcast);
 					}
 				}
-			} else
+			} else {
 				ips->dstadr = 0;
-
-			skip = 0;
+			}
 		}
 		
-		if (!skip) { 
-			ips->srcport = NSRCPORT(&pp->srcadr);
-			ips->stratum = pp->stratum;
-			ips->hpoll = pp->hpoll;
-			ips->ppoll = pp->ppoll;
-			ips->reach = pp->reach;
-			ips->flags = 0;
-			if (pp == sys_peer)
-				ips->flags |= INFO_FLAG_SYSPEER;
-			if (pp->flags & FLAG_CONFIG)
-				ips->flags |= INFO_FLAG_CONFIG;
-			if (pp->flags & FLAG_REFCLOCK)
-				ips->flags |= INFO_FLAG_REFCLOCK;
-			if (pp->flags & FLAG_PREFER)
-				ips->flags |= INFO_FLAG_PREFER;
-			if (pp->flags & FLAG_BURST)
-				ips->flags |= INFO_FLAG_BURST;
-			if (pp->status == CTL_PST_SEL_SYNCCAND)
-				ips->flags |= INFO_FLAG_SEL_CANDIDATE;
-			if (pp->status >= CTL_PST_SEL_SYSPEER)
-				ips->flags |= INFO_FLAG_SHORTLIST;
-			ips->hmode = pp->hmode;
-			ips->delay = HTONS_FP(DTOFP(pp->delay));
-			DTOLFP(pp->offset, &ltmp);
-			HTONL_FP(&ltmp, &ips->offset);
-			ips->dispersion = HTONS_FP(DTOUFP(SQRT(pp->disp)));
-		}	
+		ips->srcport = NSRCPORT(&pp->srcadr);
+		ips->stratum = pp->stratum;
+		ips->hpoll = pp->hpoll;
+		ips->ppoll = pp->ppoll;
+		ips->reach = pp->reach;
+		ips->flags = 0;
+		if (pp == sys_peer)
+			ips->flags |= INFO_FLAG_SYSPEER;
+		if (pp->flags & FLAG_CONFIG)
+			ips->flags |= INFO_FLAG_CONFIG;
+		if (pp->flags & FLAG_REFCLOCK)
+			ips->flags |= INFO_FLAG_REFCLOCK;
+		if (pp->flags & FLAG_PREFER)
+			ips->flags |= INFO_FLAG_PREFER;
+		if (pp->flags & FLAG_BURST)
+			ips->flags |= INFO_FLAG_BURST;
+		if (pp->status == CTL_PST_SEL_SYNCCAND)
+			ips->flags |= INFO_FLAG_SEL_CANDIDATE;
+		if (pp->status >= CTL_PST_SEL_SYSPEER)
+			ips->flags |= INFO_FLAG_SHORTLIST;
+		ips->hmode = pp->hmode;
+		ips->delay = HTONS_FP(DTOFP(pp->delay));
+		DTOLFP(pp->offset, &ltmp);
+		HTONL_FP(&ltmp, &ips->offset);
+		ips->dispersion = HTONS_FP(DTOUFP(SQRT(pp->disp)));
+
 		ips = (struct info_peer_summary *)more_pkt();
 	}	/* for pp */
 
@@ -1197,7 +1182,7 @@ mem_stats(
 		ms->hashcount[i] = (u_char)
 		    max((u_int)peer_hash_count[i], UCHAR_MAX);
 
-	more_pkt();
+	(void) more_pkt();
 	flush_pkt();
 }
 
@@ -1285,7 +1270,7 @@ loop_info(
 	li->compliance = htonl((u_int32)(tc_counter));
 	li->watchdog_timer = htonl((u_int32)(current_time - sys_epoch));
 
-	more_pkt();
+	(void) more_pkt();
 	flush_pkt();
 }
 
@@ -1571,56 +1556,143 @@ setclr_flags(
 	req_ack(srcadr, inter, inpkt, INFO_OKAY);
 }
 
+/* There have been some issues with the restrict list processing,
+ * ranging from problems with deep recursion (resulting in stack
+ * overflows) and overfull reply buffers.
+ *
+ * To avoid this trouble the list reversal is done iteratively using a
+ * scratch pad.
+ */
+typedef struct RestrictStack RestrictStackT;
+struct RestrictStack {
+	RestrictStackT   *link;
+	size_t            fcnt;
+	const restrict_u *pres[63];
+};
+
+static size_t
+getStackSheetSize(
+	RestrictStackT *sp
+	)
+{
+	if (sp)
+		return sizeof(sp->pres)/sizeof(sp->pres[0]);
+	return 0u;
+}
+
+static int/*BOOL*/
+pushRestriction(
+	RestrictStackT  **spp,
+	const restrict_u *ptr
+	)
+{
+	RestrictStackT *sp;
+
+	if (NULL == (sp = *spp) || 0 == sp->fcnt) {
+		/* need another sheet in the scratch pad */
+		sp = emalloc(sizeof(*sp));
+		sp->link = *spp;
+		sp->fcnt = getStackSheetSize(sp);
+		*spp = sp;
+	}
+	sp->pres[--sp->fcnt] = ptr;
+	return TRUE;
+}
+
+static int/*BOOL*/
+popRestriction(
+	RestrictStackT   **spp,
+	const restrict_u **opp
+	)
+{
+	RestrictStackT *sp;
+
+	if (NULL == (sp = *spp) || sp->fcnt >= getStackSheetSize(sp))
+		return FALSE;
+	
+	*opp = sp->pres[sp->fcnt++];
+	if (sp->fcnt >= getStackSheetSize(sp)) {
+		/* discard sheet from scratch pad */
+		*spp = sp->link;
+		free(sp);
+	}
+	return TRUE;
+}
+
+static void
+flushRestrictionStack(
+	RestrictStackT **spp
+	)
+{
+	RestrictStackT *sp;
+
+	while (NULL != (sp = *spp)) {
+		*spp = sp->link;
+		free(sp);
+	}
+}
+
 /*
- * list_restrict4 - recursive helper for list_restrict dumps IPv4
+ * list_restrict4 - iterative helper for list_restrict dumps IPv4
  *		    restriction list in reverse order.
  */
 static void
 list_restrict4(
-	restrict_u *		res,
+	const restrict_u *	res,
 	struct info_restrict **	ppir
 	)
 {
+	RestrictStackT *	rpad;
 	struct info_restrict *	pir;
 
-	if (res->link != NULL)
-		list_restrict4(res->link, ppir);
-
 	pir = *ppir;
-	pir->addr = htonl(res->u.v4.addr);
-	if (client_v6_capable) 
-		pir->v6_flag = 0;
-	pir->mask = htonl(res->u.v4.mask);
-	pir->count = htonl(res->count);
-	pir->flags = htons(res->flags);
-	pir->mflags = htons(res->mflags);
-	*ppir = (struct info_restrict *)more_pkt();
+	for (rpad = NULL; res; res = res->link)
+		if (!pushRestriction(&rpad, res))
+			break;
+	
+	while (pir && popRestriction(&rpad, &res)) {
+		pir->addr = htonl(res->u.v4.addr);
+		if (client_v6_capable) 
+			pir->v6_flag = 0;
+		pir->mask = htonl(res->u.v4.mask);
+		pir->count = htonl(res->count);
+		pir->flags = htons(res->flags);
+		pir->mflags = htons(res->mflags);
+		pir = (struct info_restrict *)more_pkt();
+	}
+	flushRestrictionStack(&rpad);
+	*ppir = pir;
 }
 
-
 /*
- * list_restrict6 - recursive helper for list_restrict dumps IPv6
+ * list_restrict6 - iterative helper for list_restrict dumps IPv6
  *		    restriction list in reverse order.
  */
 static void
 list_restrict6(
-	restrict_u *		res,
+	const restrict_u *	res,
 	struct info_restrict **	ppir
 	)
 {
+	RestrictStackT *	rpad;
 	struct info_restrict *	pir;
 
-	if (res->link != NULL)
-		list_restrict6(res->link, ppir);
-
 	pir = *ppir;
-	pir->addr6 = res->u.v6.addr; 
-	pir->mask6 = res->u.v6.mask;
-	pir->v6_flag = 1;
-	pir->count = htonl(res->count);
-	pir->flags = htons(res->flags);
-	pir->mflags = htons(res->mflags);
-	*ppir = (struct info_restrict *)more_pkt();
+	for (rpad = NULL; res; res = res->link)
+		if (!pushRestriction(&rpad, res))
+			break;
+
+	while (pir && popRestriction(&rpad, &res)) {
+		pir->addr6 = res->u.v6.addr; 
+		pir->mask6 = res->u.v6.mask;
+		pir->v6_flag = 1;
+		pir->count = htonl(res->count);
+		pir->flags = htons(res->flags);
+		pir->mflags = htons(res->mflags);
+		pir = (struct info_restrict *)more_pkt();
+	}
+	flushRestrictionStack(&rpad);
+	*ppir = pir;
 }
 
 
@@ -1644,8 +1716,7 @@ list_restrict(
 	/*
 	 * The restriction lists are kept sorted in the reverse order
 	 * than they were originally.  To preserve the output semantics,
-	 * dump each list in reverse order.  A recursive helper function
-	 * achieves that.
+	 * dump each list in reverse order. The workers take care of that.
 	 */
 	list_restrict4(restrictlist4, &ir);
 	if (client_v6_capable)
@@ -2010,7 +2081,7 @@ do_trustkey(
 	register int items;
 
 	items = INFO_NITEMS(inpkt->err_nitems);
-	kp = (uint32_t*)&inpkt->u;
+	kp = (uint32_t *)&inpkt->u;
 	while (items-- > 0) {
 		authtrust(*kp, trust);
 		kp++;
@@ -2089,7 +2160,7 @@ req_get_traps(
 	it = (struct info_trap *)prepare_pkt(srcadr, inter, inpkt,
 	    v6sizeof(struct info_trap));
 
-	for (i = 0, tr = ctl_traps; i < COUNTOF(ctl_traps); i++, tr++) {
+	for (i = 0, tr = ctl_traps; it && i < COUNTOF(ctl_traps); i++, tr++) {
 		if (tr->tr_flags & TRAP_INUSE) {
 			if (IS_IPV4(&tr->tr_addr)) {
 				if (tr->tr_localaddr == any_interface)
@@ -2405,7 +2476,7 @@ get_clock_info(
 	ic = (struct info_clock *)prepare_pkt(srcadr, inter, inpkt,
 					      sizeof(struct info_clock));
 
-	while (items-- > 0) {
+	while (items-- > 0 && ic) {
 		NSRCADR(&addr) = *clkaddr++;
 		if (!ISREFCLOCKADR(&addr) || NULL ==
 		    findexistingpeer(&addr, NULL, NULL, -1, 0)) {
@@ -2544,7 +2615,7 @@ get_clkbug_info(
 	ic = (struct info_clkbug *)prepare_pkt(srcadr, inter, inpkt,
 					       sizeof(struct info_clkbug));
 
-	while (items-- > 0) {
+	while (items-- > 0 && ic) {
 		NSRCADR(&addr) = *clkaddr++;
 		if (!ISREFCLOCKADR(&addr) || NULL ==
 		    findexistingpeer(&addr, NULL, NULL, -1, 0)) {
@@ -2592,13 +2663,15 @@ fill_info_if_stats(void *data, interface_info_t *interface_info)
 	struct info_if_stats **ifsp = (struct info_if_stats **)data;
 	struct info_if_stats *ifs = *ifsp;
 	endpt *ep = interface_info->ep;
+
+	if (NULL == ifs)
+		return;
 	
 	ZERO(*ifs);
 	
 	if (IS_IPV6(&ep->sin)) {
-		if (!client_v6_capable) {
+		if (!client_v6_capable)
 			return;
-		}
 		ifs->v6_flag = 1;
 		ifs->unaddr.addr6 = SOCK_ADDR6(&ep->sin);
 		ifs->unbcast.addr6 = SOCK_ADDR6(&ep->bcast);
diff --git a/contrib/ntp/ntpd/ntp_scanner.c b/contrib/ntp/ntpd/ntp_scanner.c
index 49adf6b..631c218 100644
--- a/contrib/ntp/ntpd/ntp_scanner.c
+++ b/contrib/ntp/ntpd/ntp_scanner.c
@@ -669,7 +669,7 @@ int
 yylex(void)
 {
 	static follby	followedby = FOLLBY_TOKEN;
-	int		i;
+	size_t		i;
 	int		instring;
 	int		yylval_was_set;
 	int		converted;
diff --git a/contrib/ntp/ntpd/ntp_timer.c b/contrib/ntp/ntpd/ntp_timer.c
index 03084a3..78c81b6 100644
--- a/contrib/ntp/ntpd/ntp_timer.c
+++ b/contrib/ntp/ntpd/ntp_timer.c
@@ -549,14 +549,16 @@ check_leapsec(
 #ifdef LEAP_SMEAR
 	leap_smear.enabled = leap_smear_intv != 0;
 #endif
-	if (reset)	{
+	if (reset) {
 		lsprox = LSPROX_NOWARN;
 		leapsec_reset_frame();
 		memset(&lsdata, 0, sizeof(lsdata));
 	} else {
-	  int fired = leapsec_query(&lsdata, now, tpiv);
+	  int fired;
 
-	  DPRINTF(1, ("*** leapsec_query: fired %i, now %u (0x%08X), tai_diff %i, ddist %u\n",
+	  fired = leapsec_query(&lsdata, now, tpiv);
+
+	  DPRINTF(3, ("*** leapsec_query: fired %i, now %u (0x%08X), tai_diff %i, ddist %u\n",
 		  fired, now, now, lsdata.tai_diff, lsdata.ddist));
 
 #ifdef LEAP_SMEAR
@@ -572,8 +574,7 @@ check_leapsec(
 				DPRINTF(1, ("*** leapsec_query: setting leap_smear interval %li, begin %.0f, end %.0f\n",
 					leap_smear.interval, leap_smear.intv_start, leap_smear.intv_end));
 			}
-		}
-		else {
+		} else {
 			if (leap_smear.interval)
 				DPRINTF(1, ("*** leapsec_query: clearing leap_smear interval\n"));
 			leap_smear.interval = 0;
@@ -655,10 +656,10 @@ check_leapsec(
 		sys_tai = lsdata.tai_offs;
 	  } else {
 #ifdef AUTOKEY
-		update_autokey = (sys_tai != lsdata.tai_offs);
+		  update_autokey = (sys_tai != (u_int)lsdata.tai_offs);
 #endif
-		lsprox  = lsdata.proximity;
-		sys_tai = lsdata.tai_offs;
+		  lsprox  = lsdata.proximity;
+		  sys_tai = lsdata.tai_offs;
 	  }
 	}
 
diff --git a/contrib/ntp/ntpd/ntpd-opts.c b/contrib/ntp/ntpd/ntpd-opts.c
index 660884b..f435a31 100644
--- a/contrib/ntp/ntpd/ntpd-opts.c
+++ b/contrib/ntp/ntpd/ntpd-opts.c
@@ -1,7 +1,7 @@
 /*
  *  EDIT THIS FILE WITH CAUTION  (ntpd-opts.c)
  *
- *  It has been AutoGen-ed  January  7, 2016 at 11:28:29 PM by AutoGen 5.18.5
+ *  It has been AutoGen-ed  January 20, 2016 at 04:15:45 AM by AutoGen 5.18.5
  *  From the definitions    ntpd-opts.def
  *  and the template file   options
  *
@@ -18,7 +18,7 @@
  * The ntpd program is copyrighted and licensed
  * under the following terms:
  *
- *  Copyright (C) 1992-2015 The University of Delaware and Network Time Foundation, all rights reserved.
+ *  Copyright (C) 1992-2016 The University of Delaware and Network Time Foundation, all rights reserved.
  *  This is free software. It is licensed for use, modification and
  *  redistribution under the terms of the NTP License, copies of which
  *  can be seen at:
@@ -75,8 +75,8 @@ extern FILE * option_usage_fp;
  *  static const strings for ntpd options
  */
 static char const ntpd_opt_strs[3129] =
-/*     0 */ "ntpd 4.2.8p5\n"
-            "Copyright (C) 1992-2015 The University of Delaware and Network Time Foundation, all rights reserved.\n"
+/*     0 */ "ntpd 4.2.8p6\n"
+            "Copyright (C) 1992-2016 The University of Delaware and Network Time Foundation, all rights reserved.\n"
             "This is free software. It is licensed for use, modification and\n"
             "redistribution under the terms of the NTP License, copies of which\n"
             "can be seen at:\n"
@@ -205,12 +205,12 @@ static char const ntpd_opt_strs[3129] =
 /*  2900 */ "output version information and exit\0"
 /*  2936 */ "version\0"
 /*  2944 */ "NTPD\0"
-/*  2949 */ "ntpd - NTP daemon program - Ver. 4.2.8p5\n"
+/*  2949 */ "ntpd - NTP daemon program - Ver. 4.2.8p6\n"
             "Usage:  %s [ -<flag> [<val>] | --<name>[{=| }<val>] ]... \\\n"
             "\t\t[ <server1> ... <serverN> ]\n\0"
 /*  3080 */ "http://bugs.ntp.org, bugs@ntp.org\0"
 /*  3114 */ "\n\0"
-/*  3116 */ "ntpd 4.2.8p5";
+/*  3116 */ "ntpd 4.2.8p6";
 
 /**
  *  ipv4 option description with
@@ -1529,8 +1529,8 @@ static void bogus_function(void) {
      translate option names.
    */
   /* referenced via ntpdOptions.pzCopyright */
-  puts(_("ntpd 4.2.8p5\n\
-Copyright (C) 1992-2015 The University of Delaware and Network Time Foundation, all rights reserved.\n\
+  puts(_("ntpd 4.2.8p6\n\
+Copyright (C) 1992-2016 The University of Delaware and Network Time Foundation, all rights reserved.\n\
 This is free software. It is licensed for use, modification and\n\
 redistribution under the terms of the NTP License, copies of which\n\
 can be seen at:\n"));
@@ -1670,7 +1670,7 @@ implied warranty.\n"));
   puts(_("output version information and exit"));
 
   /* referenced via ntpdOptions.pzUsageTitle */
-  puts(_("ntpd - NTP daemon program - Ver. 4.2.8p5\n\
+  puts(_("ntpd - NTP daemon program - Ver. 4.2.8p6\n\
 Usage:  %s [ -<flag> [<val>] | --<name>[{=| }<val>] ]... \\\n\
 \t\t[ <server1> ... <serverN> ]\n"));
 
@@ -1678,7 +1678,7 @@ Usage:  %s [ -<flag> [<val>] | --<name>[{=| }<val>] ]... \\\n\
   puts(_("\n"));
 
   /* referenced via ntpdOptions.pzFullVersion */
-  puts(_("ntpd 4.2.8p5"));
+  puts(_("ntpd 4.2.8p6"));
 
   /* referenced via ntpdOptions.pzFullUsage */
   puts(_("<<<NOT-FOUND>>>"));
diff --git a/contrib/ntp/ntpd/ntpd-opts.h b/contrib/ntp/ntpd/ntpd-opts.h
index 571fd34..9427cac 100644
--- a/contrib/ntp/ntpd/ntpd-opts.h
+++ b/contrib/ntp/ntpd/ntpd-opts.h
@@ -1,7 +1,7 @@
 /*
  *  EDIT THIS FILE WITH CAUTION  (ntpd-opts.h)
  *
- *  It has been AutoGen-ed  January  7, 2016 at 11:28:28 PM by AutoGen 5.18.5
+ *  It has been AutoGen-ed  January 20, 2016 at 04:15:43 AM by AutoGen 5.18.5
  *  From the definitions    ntpd-opts.def
  *  and the template file   options
  *
@@ -18,7 +18,7 @@
  * The ntpd program is copyrighted and licensed
  * under the following terms:
  *
- *  Copyright (C) 1992-2015 The University of Delaware and Network Time Foundation, all rights reserved.
+ *  Copyright (C) 1992-2016 The University of Delaware and Network Time Foundation, all rights reserved.
  *  This is free software. It is licensed for use, modification and
  *  redistribution under the terms of the NTP License, copies of which
  *  can be seen at:
@@ -106,9 +106,9 @@ typedef enum {
 /** count of all options for ntpd */
 #define OPTION_CT    38
 /** ntpd version */
-#define NTPD_VERSION       "4.2.8p5"
+#define NTPD_VERSION       "4.2.8p6"
 /** Full ntpd version text */
-#define NTPD_FULL_VERSION  "ntpd 4.2.8p5"
+#define NTPD_FULL_VERSION  "ntpd 4.2.8p6"
 
 /**
  *  Interface defines for all options.  Replace "n" with the UPPER_CASED
diff --git a/contrib/ntp/ntpd/ntpd.1ntpdman b/contrib/ntp/ntpd/ntpd.1ntpdman
index 42d0caf..322d0bc4 100644
--- a/contrib/ntp/ntpd/ntpd.1ntpdman
+++ b/contrib/ntp/ntpd/ntpd.1ntpdman
@@ -10,11 +10,11 @@
 .ds B-Font B
 .ds I-Font I
 .ds R-Font R
-.TH ntpd 1ntpdman "07 Jan 2016" "4.2.8p5" "User Commands"
+.TH ntpd 1ntpdman "20 Jan 2016" "4.2.8p6" "User Commands"
 .\"
-.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-KDaWJq/ag-WDaOIq)
+.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-9JaiRS/ag-jKaaQS)
 .\"
-.\" It has been AutoGen-ed January 7, 2016 at 11:30:44 PM by AutoGen 5.18.5
+.\" It has been AutoGen-ed January 20, 2016 at 04:17:54 AM by AutoGen 5.18.5
 .\" From the definitions ntpd-opts.def
 .\" and the template file agman-cmd.tpl
 .SH NAME
@@ -979,7 +979,7 @@ RFC5908
 .SH "AUTHORS"
 The University of Delaware and Network Time Foundation
 .SH "COPYRIGHT"
-Copyright (C) 1992-2015 The University of Delaware and Network Time Foundation all rights reserved.
+Copyright (C) 1992-2016 The University of Delaware and Network Time Foundation all rights reserved.
 This program is released under the terms of the NTP license, <http://ntp.org/license>.
 .SH BUGS
 The
diff --git a/contrib/ntp/ntpd/ntpd.1ntpdmdoc b/contrib/ntp/ntpd/ntpd.1ntpdmdoc
index dc06f58..301d983 100644
--- a/contrib/ntp/ntpd/ntpd.1ntpdmdoc
+++ b/contrib/ntp/ntpd/ntpd.1ntpdmdoc
@@ -1,9 +1,9 @@
-.Dd January 7 2016
+.Dd January 20 2016
 .Dt NTPD 1ntpdmdoc User Commands
 .Os
 .\"  EDIT THIS FILE WITH CAUTION  (ntpd-opts.mdoc)
 .\"
-.\"  It has been AutoGen-ed  January  7, 2016 at 11:31:02 PM by AutoGen 5.18.5
+.\"  It has been AutoGen-ed  January 20, 2016 at 04:18:12 AM by AutoGen 5.18.5
 .\"  From the definitions    ntpd-opts.def
 .\"  and the template file   agmdoc-cmd.tpl
 .Sh NAME
@@ -886,7 +886,7 @@ A snapshot of this documentation is available in HTML format in
 .Sh "AUTHORS"
 The University of Delaware and Network Time Foundation
 .Sh "COPYRIGHT"
-Copyright (C) 1992\-2015 The University of Delaware and Network Time Foundation all rights reserved.
+Copyright (C) 1992\-2016 The University of Delaware and Network Time Foundation all rights reserved.
 This program is released under the terms of the NTP license, <http://ntp.org/license>.
 .Sh BUGS
 The
diff --git a/contrib/ntp/ntpd/ntpd.c b/contrib/ntp/ntpd/ntpd.c
index 7630aee..2c7f02e 100644
--- a/contrib/ntp/ntpd/ntpd.c
+++ b/contrib/ntp/ntpd/ntpd.c
@@ -209,6 +209,11 @@ extern int syscall	(int, ...);
 
 
 #if !defined(SIM) && defined(SIGDIE1)
+static volatile int signalled	= 0;
+static volatile int signo	= 0;
+
+/* In an ideal world, 'finish_safe()' would declared as noreturn... */
+static	void		finish_safe	(int);
 static	RETSIGTYPE	finish		(int);
 #endif
 
@@ -298,11 +303,28 @@ my_pthread_warmup_worker(
 static void
 my_pthread_warmup(void)
 {
-	pthread_t thread;
-	int       rc;
+	pthread_t 	thread;
+	pthread_attr_t	thr_attr;
+	int       	rc;
+	
+	pthread_attr_init(&thr_attr);
+#if defined(HAVE_PTHREAD_ATTR_GETSTACKSIZE) && \
+    defined(HAVE_PTHREAD_ATTR_SETSTACKSIZE) && \
+    defined(PTHREAD_STACK_MIN)
+	rc = pthread_attr_setstacksize(&thr_attr, PTHREAD_STACK_MIN);
+	if (0 != rc)
+		msyslog(LOG_ERR,
+			"my_pthread_warmup: pthread_attr_setstacksize() -> %s",
+			strerror(rc));
+#endif
 	rc = pthread_create(
-		&thread, NULL, my_pthread_warmup_worker, NULL);
-	if (0 == rc) {
+		&thread, &thr_attr, my_pthread_warmup_worker, NULL);
+	pthread_attr_destroy(&thr_attr);
+	if (0 != rc) {
+		msyslog(LOG_ERR,
+			"my_pthread_warmup: pthread_create() -> %s",
+			strerror(rc));
+	} else {
 		pthread_cancel(thread);
 		pthread_join(thread, NULL);
 	}
@@ -1204,6 +1226,10 @@ int scmp_sc[] = {
 # ifdef HAVE_IO_COMPLETION_PORT
 
 	for (;;) {
+#if !defined(SIM) && defined(SIGDIE1)
+		if (signalled)
+			finish_safe(signo);
+#endif
 		GetReceivedBuffers();
 # else /* normal I/O */
 
@@ -1211,11 +1237,19 @@ int scmp_sc[] = {
 	was_alarmed = FALSE;
 
 	for (;;) {
+#if !defined(SIM) && defined(SIGDIE1)
+		if (signalled)
+			finish_safe(signo);
+#endif		
 		if (alarm_flag) {	/* alarmed? */
 			was_alarmed = TRUE;
 			alarm_flag = FALSE;
 		}
 
+		/* collect async name/addr results */
+		if (!was_alarmed)
+		    harvest_blocking_responses();
+		
 		if (!was_alarmed && !has_full_recv_buffer()) {
 			/*
 			 * Nothing to do.  Wait for something.
@@ -1330,9 +1364,9 @@ int scmp_sc[] = {
 /*
  * finish - exit gracefully
  */
-static RETSIGTYPE
-finish(
-	int sig
+static void
+finish_safe(
+	int	sig
 	)
 {
 	const char *sig_desc;
@@ -1353,6 +1387,16 @@ finish(
 	peer_cleanup();
 	exit(0);
 }
+
+static RETSIGTYPE
+finish(
+	int	sig
+	)
+{
+	signalled = 1;
+	signo = sig;
+}
+
 #endif	/* !SIM && SIGDIE1 */
 
 
diff --git a/contrib/ntp/ntpd/ntpd.html b/contrib/ntp/ntpd/ntpd.html
index ae3e17c..bdf58a1 100644
--- a/contrib/ntp/ntpd/ntpd.html
+++ b/contrib/ntp/ntpd/ntpd.html
@@ -39,7 +39,7 @@ The program can operate in any of several modes, including client/server,
 symmetric and broadcast modes, and with both symmetric-key and public-key
 cryptography.
 
-  <p>This document applies to version 4.2.8p5 of <code>ntpd</code>.
+  <p>This document applies to version 4.2.8p6 of <code>ntpd</code>.
 
 <ul class="menu">
 <li><a accesskey="1" href="#ntpd-Description">ntpd Description</a>:             Description
@@ -220,7 +220,7 @@ the usage text by passing it through a pager program.
 used to select the program, defaulting to <span class="file">more</span>.  Both will exit
 with a status code of 0.
 
-<pre class="example">ntpd - NTP daemon program - Ver. 4.2.8p4
+<pre class="example">ntpd - NTP daemon program - Ver. 4.2.8p5
 Usage:  ntpd [ -&lt;flag&gt; [&lt;val&gt;] | --&lt;name&gt;[{=| }&lt;val&gt;] ]... \
                 [ &lt;server1&gt; ... &lt;serverN&gt; ]
   Flg Arg Option-Name    Description
diff --git a/contrib/ntp/ntpd/ntpd.man.in b/contrib/ntp/ntpd/ntpd.man.in
index 222f0b3..4abcc57 100644
--- a/contrib/ntp/ntpd/ntpd.man.in
+++ b/contrib/ntp/ntpd/ntpd.man.in
@@ -10,11 +10,11 @@
 .ds B-Font B
 .ds I-Font I
 .ds R-Font R
-.TH ntpd @NTPD_MS@ "07 Jan 2016" "4.2.8p5" "User Commands"
+.TH ntpd @NTPD_MS@ "20 Jan 2016" "4.2.8p6" "User Commands"
 .\"
-.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-KDaWJq/ag-WDaOIq)
+.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-9JaiRS/ag-jKaaQS)
 .\"
-.\" It has been AutoGen-ed January 7, 2016 at 11:30:44 PM by AutoGen 5.18.5
+.\" It has been AutoGen-ed January 20, 2016 at 04:17:54 AM by AutoGen 5.18.5
 .\" From the definitions ntpd-opts.def
 .\" and the template file agman-cmd.tpl
 .SH NAME
@@ -979,7 +979,7 @@ RFC5908
 .SH "AUTHORS"
 The University of Delaware and Network Time Foundation
 .SH "COPYRIGHT"
-Copyright (C) 1992-2015 The University of Delaware and Network Time Foundation all rights reserved.
+Copyright (C) 1992-2016 The University of Delaware and Network Time Foundation all rights reserved.
 This program is released under the terms of the NTP license, <http://ntp.org/license>.
 .SH BUGS
 The
diff --git a/contrib/ntp/ntpd/ntpd.mdoc.in b/contrib/ntp/ntpd/ntpd.mdoc.in
index e5be1ee..fcd5fc1 100644
--- a/contrib/ntp/ntpd/ntpd.mdoc.in
+++ b/contrib/ntp/ntpd/ntpd.mdoc.in
@@ -1,9 +1,9 @@
-.Dd January 7 2016
+.Dd January 20 2016
 .Dt NTPD @NTPD_MS@ User Commands
 .Os
 .\"  EDIT THIS FILE WITH CAUTION  (ntpd-opts.mdoc)
 .\"
-.\"  It has been AutoGen-ed  January  7, 2016 at 11:31:02 PM by AutoGen 5.18.5
+.\"  It has been AutoGen-ed  January 20, 2016 at 04:18:12 AM by AutoGen 5.18.5
 .\"  From the definitions    ntpd-opts.def
 .\"  and the template file   agmdoc-cmd.tpl
 .Sh NAME
@@ -886,7 +886,7 @@ A snapshot of this documentation is available in HTML format in
 .Sh "AUTHORS"
 The University of Delaware and Network Time Foundation
 .Sh "COPYRIGHT"
-Copyright (C) 1992\-2015 The University of Delaware and Network Time Foundation all rights reserved.
+Copyright (C) 1992\-2016 The University of Delaware and Network Time Foundation all rights reserved.
 This program is released under the terms of the NTP license, <http://ntp.org/license>.
 .Sh BUGS
 The
diff --git a/contrib/ntp/ntpd/refclock_chu.c b/contrib/ntp/ntpd/refclock_chu.c
index 1f02a1c..d745c81 100644
--- a/contrib/ntp/ntpd/refclock_chu.c
+++ b/contrib/ntp/ntpd/refclock_chu.c
@@ -1264,7 +1264,7 @@ chu_a(
 			offset = up->charstamp;
 		else if (k > 0)
 			i = 1;
-		for (; i < nchar && i < k + 10; i++) {
+		for (; i < nchar && (i - 10) < k; i++) {
 			up->tstamp[up->ntstamp] = up->cstamp[i];
 			L_SUB(&up->tstamp[up->ntstamp], &offset);
 			L_ADD(&offset, &up->charstamp);
diff --git a/contrib/ntp/ntpd/refclock_gpsdjson.c b/contrib/ntp/ntpd/refclock_gpsdjson.c
index c2bf09a..24a15e7 100644
--- a/contrib/ntp/ntpd/refclock_gpsdjson.c
+++ b/contrib/ntp/ntpd/refclock_gpsdjson.c
@@ -377,17 +377,6 @@ static int16_t clamped_precision(int rawprec);
  * local / static stuff
  */
 
-/* The logon string is actually the ?WATCH command of GPSD, using JSON
- * data and selecting the GPS device name we created from our unit
- * number. We have an old a newer version that request PPS (and TOFF)
- * transmission.
- * Note: These are actually format strings!
- */
-static const char * const s_req_watch[2] = {
-	"?WATCH={\"device\":\"%s\",\"enable\":true,\"json\":true};\r\n",
-	"?WATCH={\"device\":\"%s\",\"enable\":true,\"json\":true,\"pps\":true};\r\n"
-};
-
 static const char * const s_req_version =
     "?VERSION;\r\n";
 
@@ -1147,7 +1136,7 @@ json_token_skip(
 	const json_ctx * ctx,
 	tok_ref          tid)
 {
-	if (tid >= 0 && tid < ctx->ntok) {
+	if (tid >= 0 && (u_int)tid < ctx->ntok) {
 		int len = ctx->tok[tid].size;
 		/* For arrays and objects, the size is the number of
 		 * ITEMS in the compound. Thats the number of objects in
@@ -1172,7 +1161,10 @@ json_token_skip(
 			++tid;
 			break;
 		}
-		if (tid > ctx->ntok) /* Impossible? Paranoia rulez. */
+		/* The next condition should never be true, but paranoia
+		 * prevails...
+		 */
+		if (tid < 0 || (u_int)tid > ctx->ntok)
 			tid = ctx->ntok;
 	}
 	return tid;
@@ -1200,7 +1192,7 @@ json_object_lookup(
 			tid = json_token_skip(ctx, tid); /* skip val */
 		} else if (strcmp(key, ctx->buf + ctx->tok[tid].start)) {
 			tid = json_token_skip(ctx, tid+1); /* skip key+val */
-		} else if (what < 0 || what == ctx->tok[tid+1].type) {
+		} else if (what < 0 || (u_int)what == ctx->tok[tid+1].type) {
 			return tid + 1;
 		} else {
 			break;
@@ -1513,8 +1505,14 @@ process_version(
 	if (up->fl_watch)
 		return;
 
+	/* The logon string is actually the ?WATCH command of GPSD,
+	 * using JSON data and selecting the GPS device name we created
+	 * from our unit number. We have an old a newer version that
+	 * request PPS (and TOFF) transmission.
+	 */
 	snprintf(up->buffer, sizeof(up->buffer),
-		 s_req_watch[up->pf_toff != 0], up->device);
+		 "?WATCH={\"device\":\"%s\",\"enable\":true,\"json\":true%s};\r\n",
+		 up->device, (up->pf_toff ? ",\"pps\":true" : ""));
 	buf = up->buffer;
 	len = strlen(buf);
 	log_data(peer, "send", buf, len);
diff --git a/contrib/ntp/ntpd/refclock_jjy.c b/contrib/ntp/ntpd/refclock_jjy.c
index fef829c..fc51fd9 100644
--- a/contrib/ntp/ntpd/refclock_jjy.c
+++ b/contrib/ntp/ntpd/refclock_jjy.c
@@ -149,8 +149,8 @@
  */
 
 struct jjyRawDataBreak {
-	char	*pString ;
-	int 	iLength ;
+	const char *	pString ;
+	int 		iLength ;
 } ;
 
 #define	MAX_TIMESTAMP	6
@@ -627,7 +627,7 @@ jjy_receive ( struct recvbuf *rbufp )
 #ifdef DEBUG
 	printf( "\nrefclock_jjy.c : %s : Len=%d  ", sFunctionName, pp->lencode ) ;
 	for ( i = 0 ; i < pp->lencode ; i ++ ) {
-		if ( iscntrl( pp->a_lastcode[i] & 0x7F ) ) {
+		if ( iscntrl( (u_char)(pp->a_lastcode[i] & 0x7F) ) ) {
 			printf( "<x%02X>", pp->a_lastcode[i] & 0xFF ) ;
 		} else {
 			printf( "%c", pp->a_lastcode[i] ) ;
@@ -702,7 +702,7 @@ jjy_receive ( struct recvbuf *rbufp )
 				up->iLineBufLen ++ ;
 
 				/* Copy printable characters */
-				if ( ! iscntrl( up->sRawBuf[i] ) ) {
+				if ( ! iscntrl( (u_char)up->sRawBuf[i] ) ) {
 					up->sTextBuf[up->iTextBufLen] = up->sRawBuf[i] ;
 					up->iTextBufLen ++ ;
 				}
@@ -1154,12 +1154,13 @@ jjy_receive_tristate_jjy01 ( struct recvbuf *rbufp )
 	struct refclockproc *pp ;
 	struct peer	    *peer;
 
-	char	*pBuf, sLog [ 100 ] ;
-	int 	iLen ;
-	int 	rc ;
+	char *		pBuf ;
+	char		sLog [ 100 ] ;
+	int 		iLen ;
+	int 		rc ;
 
-	const char *pCmd ;
-	int 	iCmdLen ;
+	const char *	pCmd ;
+	int 		iCmdLen ;
 
 	/* Initialize pointers  */
 
@@ -1359,8 +1360,8 @@ jjy_poll_tristate_jjy01  ( int unit, struct peer *peer )
 	struct refclockproc *pp ;
 	struct jjyunit	    *up ;
 
-	const char *pCmd ;
-	int 	iCmdLen ;
+	const char *	pCmd ;
+	int 		iCmdLen ;
 
 	pp = peer->procptr;
 	up = pp->unitptr ;
@@ -2010,12 +2011,13 @@ jjy_receive_tristate_gpsclock01 ( struct recvbuf *rbufp )
 	struct refclockproc *pp ;
 	struct peer	    *peer;
 
-	char	*pBuf, sLog [ 100 ] ;
-	int 	iLen ;
-	int 	rc ;
+	char *		pBuf ;
+	char		sLog [ 100 ] ;
+	int 		iLen ;
+	int 		rc ;
 
-	const char	*pCmd ;
-	int 	iCmdLen ;
+	const char *	pCmd ;
+	int 		iCmdLen ;
 
 	/* Initialize pointers */
 
@@ -2239,8 +2241,8 @@ jjy_poll_tristate_gpsclock01 ( int unit, struct peer *peer )
 	struct refclockproc *pp ;
 	struct jjyunit	    *up ;
 
-	const char	*pCmd ;
-	int 	iCmdLen ;
+	const char *	pCmd ;
+	int		iCmdLen ;
 
 	pp = peer->procptr ;
 	up = pp->unitptr ;
@@ -2576,7 +2578,7 @@ static	int 	teljjy_bye_ignore	( struct peer *peer, struct refclockproc *, struct
 static	int 	teljjy_bye_disc 	( struct peer *peer, struct refclockproc *, struct jjyunit * ) ;
 static	int 	teljjy_bye_modem	( struct peer *peer, struct refclockproc *, struct jjyunit * ) ;
 
-static int ( *pTeljjyHandler [ ] [ 5 ] ) ( ) =
+static int ( *pTeljjyHandler [ ] [ 5 ] ) ( struct peer *, struct refclockproc *, struct jjyunit *) =
 {               	/*STATE_IDLE           STATE_DAILOUT       STATE_LOGIN           STATE_CONNECT       STATE_BYE        */
 /* NULL       */	{ teljjy_idle_ignore , teljjy_dial_ignore, teljjy_login_ignore, teljjy_conn_ignore, teljjy_bye_ignore },
 /* START      */	{ teljjy_idle_dialout, teljjy_dial_ignore, teljjy_login_ignore, teljjy_conn_ignore, teljjy_bye_ignore },
@@ -2715,12 +2717,12 @@ jjy_start_telephone ( int unit, struct peer *peer, struct jjyunit *up )
 
 	iNumberOfDigitsOfPhoneNumber = iCommaCount = iCommaPosition = iFirstThreeDigitsCount = 0 ;
 	for ( i = 0 ; i < strlen( sys_phone[0] ) ; i ++ ) {
-		if ( isdigit( *(sys_phone[0]+i) ) ) {
+		if ( isdigit( (u_char)sys_phone[0][i] ) ) {
 			if ( iFirstThreeDigitsCount < sizeof(sFirstThreeDigits)-1 ) {
-				sFirstThreeDigits[iFirstThreeDigitsCount++] = *(sys_phone[0]+i) ;
+				sFirstThreeDigits[iFirstThreeDigitsCount++] = sys_phone[0][i] ;
 			}
 			iNumberOfDigitsOfPhoneNumber ++ ;
-		} else if ( *(sys_phone[0]+i) == ',' ) {
+		} else if ( sys_phone[0][i] == ',' ) {
 			iCommaCount ++ ;
 			if ( iCommaCount > 1 ) {
 				msyslog( LOG_ERR, "refclock_jjy.c : jjy_start_telephone : phone in the ntpd.conf should be zero or one comma." ) ;
@@ -2729,7 +2731,7 @@ jjy_start_telephone ( int unit, struct peer *peer, struct jjyunit *up )
 			}
 			iFirstThreeDigitsCount = 0 ;
 			iCommaPosition = i ;
-		} else if ( *(sys_phone[0]+i) != '-' ) {
+		} else if ( sys_phone[0][i] != '-' ) {
 			msyslog( LOG_ERR, "refclock_jjy.c : jjy_start_telephone : phone in the ntpd.conf should be a number or a hyphen." ) ;
 			up->bInitError = TRUE ;
 			return 1 ;
@@ -3213,8 +3215,8 @@ static int
 teljjy_login_login ( struct peer *peer, struct refclockproc *pp, struct jjyunit *up )
 {
 
-	char	*pCmd ;
-	int	iCmdLen ;
+	const char *	pCmd ;
+	int		iCmdLen ;
 
 	DEBUG_TELJJY_PRINTF( "teljjy_login_login" ) ;
 
@@ -3290,8 +3292,8 @@ static int
 teljjy_conn_send ( struct peer *peer, struct refclockproc *pp, struct jjyunit *up )
 {
 
-	const char	*pCmd ;
-	int	i, iLen, iNextClockState ;
+	const char *	pCmd ;
+	int		i, iLen, iNextClockState ;
 
 	DEBUG_TELJJY_PRINTF( "teljjy_conn_send" ) ;
 
@@ -3527,7 +3529,7 @@ static int
 teljjy_conn_silent ( struct peer *peer, struct refclockproc *pp, struct jjyunit *up )
 {
 
-	const char	*pCmd ;
+	const char *	pCmd ;
 
 	DEBUG_TELJJY_PRINTF( "teljjy_conn_silent" ) ;
 
@@ -3665,7 +3667,7 @@ static	int 	modem_esc_data  	( struct peer *, struct refclockproc *, struct jjyu
 static	int 	modem_esc_silent	( struct peer *, struct refclockproc *, struct jjyunit * ) ;
 static	int 	modem_esc_disc  	( struct peer *, struct refclockproc *, struct jjyunit * ) ;
 
-static int ( *pModemHandler [ ] [ 5 ] ) ( ) =
+static int ( *pModemHandler [ ] [ 5 ] ) ( struct peer *, struct refclockproc *, struct jjyunit * ) =
 {                         	/*STATE_DISCONNECT   STATE_INITIALIZE   STATE_DAILING       STATE_CONNECT      STATE_ESCAPE     */
 /* NULL                 */	{ modem_disc_ignore, modem_init_ignore, modem_dial_ignore , modem_conn_ignore, modem_esc_ignore },
 /* INITIALIZE           */	{ modem_disc_init  , modem_init_start , modem_dial_ignore , modem_conn_ignore, modem_esc_ignore },
@@ -3993,10 +3995,11 @@ static int
 modem_init_resp00 ( struct peer *peer, struct refclockproc *pp, struct jjyunit *up )
 {
 
-	char	*pCmd, cBuf [ 46 ] ;
-	int	iCmdLen ;
-	int	iErrorCorrection, iSpeakerSwitch, iSpeakerVolume ;
-	int	iNextModemState = STAY_MODEM_STATE ;
+	const char *	pCmd ;
+	char		cBuf [ 46 ] ;
+	int		iCmdLen ;
+	int		iErrorCorrection, iSpeakerSwitch, iSpeakerVolume ;
+	int		iNextModemState = STAY_MODEM_STATE ;
 
 	DEBUG_MODEM_PRINTF( "modem_init_resp00" ) ;
 
@@ -4031,7 +4034,7 @@ modem_init_resp00 ( struct peer *peer, struct refclockproc *pp, struct jjyunit *
 		}
 
 		pCmd = cBuf ;
-		snprintf( pCmd, sizeof(cBuf), "ATM%dL%d\r\n", iSpeakerSwitch, iSpeakerVolume ) ;
+		snprintf( cBuf, sizeof(cBuf), "ATM%dL%d\r\n", iSpeakerSwitch, iSpeakerVolume ) ;
 		break ;
 
 	case 3 :
@@ -4060,7 +4063,7 @@ modem_init_resp00 ( struct peer *peer, struct refclockproc *pp, struct jjyunit *
 		}
 
 		pCmd = cBuf ;
-		snprintf( pCmd, sizeof(cBuf), "AT\\N%d\r\n", iErrorCorrection ) ;
+		snprintf( cBuf, sizeof(cBuf), "AT\\N%d\r\n", iErrorCorrection ) ;
 		break ;
 
 	case 7 :
@@ -4251,8 +4254,8 @@ static int
 modem_esc_escape ( struct peer *peer, struct refclockproc *pp, struct jjyunit *up )
 {
 
-	char	*pCmd ;
-	int	iCmdLen ;
+	const char *	pCmd ;
+	int		iCmdLen ;
 
 	DEBUG_MODEM_PRINTF( "modem_esc_escape" ) ;
 
@@ -4317,8 +4320,8 @@ static int
 modem_esc_disc ( struct peer *peer, struct refclockproc *pp, struct jjyunit *up )
 {
 
-	char	*pCmd ;
-	int	iCmdLen ;
+	const char *	pCmd ;
+	int		iCmdLen ;
 
 	DEBUG_MODEM_PRINTF( "modem_esc_disc" ) ;
 
@@ -4349,9 +4352,9 @@ static void
 jjy_write_clockstats ( struct peer *peer, int iMark, const char *pData )
 {
 
-	char	sLog [ 100 ] ;
-	char	*pMark ;
-	int 	iMarkLen, iDataLen ;
+	char		sLog [ 100 ] ;
+	const char *	pMark ;
+	int 		iMarkLen, iDataLen ;
 
 	switch ( iMark ) {
 	case JJY_CLOCKSTATS_MARK_JJY :
diff --git a/contrib/ntp/ntpd/refclock_shm.c b/contrib/ntp/ntpd/refclock_shm.c
index f3e7f51..f031a39 100644
--- a/contrib/ntp/ntpd/refclock_shm.c
+++ b/contrib/ntp/ntpd/refclock_shm.c
@@ -600,7 +600,7 @@ shm_timer(
 		     cd.year, cd.month, cd.monthday,
 		     cd.hour, cd.minute, cd.second,
 		     (long)shm_stat.tvt.tv_nsec);
-	pp->lencode = (c < sizeof(pp->a_lastcode)) ? c : 0;
+	pp->lencode = (c > 0 && (size_t)c < sizeof(pp->a_lastcode)) ? c : 0;
 
 	/* check 1: age control of local time stamp */
 	tt = shm_stat.tvc.tv_sec - shm_stat.tvr.tv_sec;
diff --git a/contrib/ntp/ntpdc/invoke-ntpdc.texi b/contrib/ntp/ntpdc/invoke-ntpdc.texi
index f8283de..a2f440a 100644
--- a/contrib/ntp/ntpdc/invoke-ntpdc.texi
+++ b/contrib/ntp/ntpdc/invoke-ntpdc.texi
@@ -6,7 +6,7 @@
 #
 # EDIT THIS FILE WITH CAUTION  (invoke-ntpdc.texi)
 #
-# It has been AutoGen-ed  January  7, 2016 at 11:31:26 PM by AutoGen 5.18.5
+# It has been AutoGen-ed  January 20, 2016 at 04:18:37 AM by AutoGen 5.18.5
 # From the definitions    ntpdc-opts.def
 # and the template file   agtexi-cmd.tpl
 @end ignore
@@ -76,7 +76,7 @@ with a status code of 0.
 
 @exampleindent 0
 @example
-ntpdc - vendor-specific NTPD control program - Ver. 4.2.8p5
+ntpdc - vendor-specific NTPD control program - Ver. 4.2.8p6
 Usage:  ntpdc [ -<flag> [<val>] | --<name>[@{=| @}<val>] ]... [ host ...]
   Flg Arg Option-Name    Description
    -4 no  ipv4           Force IPv4 DNS name resolution
diff --git a/contrib/ntp/ntpdc/ntpdc-opts.c b/contrib/ntp/ntpdc/ntpdc-opts.c
index da89ee2..568a97a 100644
--- a/contrib/ntp/ntpdc/ntpdc-opts.c
+++ b/contrib/ntp/ntpdc/ntpdc-opts.c
@@ -1,7 +1,7 @@
 /*
  *  EDIT THIS FILE WITH CAUTION  (ntpdc-opts.c)
  *
- *  It has been AutoGen-ed  January  7, 2016 at 11:31:12 PM by AutoGen 5.18.5
+ *  It has been AutoGen-ed  January 20, 2016 at 04:18:22 AM by AutoGen 5.18.5
  *  From the definitions    ntpdc-opts.def
  *  and the template file   options
  *
@@ -18,7 +18,7 @@
  * The ntpdc program is copyrighted and licensed
  * under the following terms:
  *
- *  Copyright (C) 1992-2015 The University of Delaware and Network Time Foundation, all rights reserved.
+ *  Copyright (C) 1992-2016 The University of Delaware and Network Time Foundation, all rights reserved.
  *  This is free software. It is licensed for use, modification and
  *  redistribution under the terms of the NTP License, copies of which
  *  can be seen at:
@@ -69,8 +69,8 @@ extern FILE * option_usage_fp;
  *  static const strings for ntpdc options
  */
 static char const ntpdc_opt_strs[1911] =
-/*     0 */ "ntpdc 4.2.8p5\n"
-            "Copyright (C) 1992-2015 The University of Delaware and Network Time Foundation, all rights reserved.\n"
+/*     0 */ "ntpdc 4.2.8p6\n"
+            "Copyright (C) 1992-2016 The University of Delaware and Network Time Foundation, all rights reserved.\n"
             "This is free software. It is licensed for use, modification and\n"
             "redistribution under the terms of the NTP License, copies of which\n"
             "can be seen at:\n"
@@ -128,14 +128,14 @@ static char const ntpdc_opt_strs[1911] =
 /*  1694 */ "no-load-opts\0"
 /*  1707 */ "no\0"
 /*  1710 */ "NTPDC\0"
-/*  1716 */ "ntpdc - vendor-specific NTPD control program - Ver. 4.2.8p5\n"
+/*  1716 */ "ntpdc - vendor-specific NTPD control program - Ver. 4.2.8p6\n"
             "Usage:  %s [ -<flag> [<val>] | --<name>[{=| }<val>] ]... [ host ...]\n\0"
 /*  1846 */ "$HOME\0"
 /*  1852 */ ".\0"
 /*  1854 */ ".ntprc\0"
 /*  1861 */ "http://bugs.ntp.org, bugs@ntp.org\0"
 /*  1895 */ "\n\0"
-/*  1897 */ "ntpdc 4.2.8p5";
+/*  1897 */ "ntpdc 4.2.8p6";
 
 /**
  *  ipv4 option description with
@@ -796,8 +796,8 @@ static void bogus_function(void) {
      translate option names.
    */
   /* referenced via ntpdcOptions.pzCopyright */
-  puts(_("ntpdc 4.2.8p5\n\
-Copyright (C) 1992-2015 The University of Delaware and Network Time Foundation, all rights reserved.\n\
+  puts(_("ntpdc 4.2.8p6\n\
+Copyright (C) 1992-2016 The University of Delaware and Network Time Foundation, all rights reserved.\n\
 This is free software. It is licensed for use, modification and\n\
 redistribution under the terms of the NTP License, copies of which\n\
 can be seen at:\n"));
@@ -862,14 +862,14 @@ implied warranty.\n"));
   puts(_("load options from a config file"));
 
   /* referenced via ntpdcOptions.pzUsageTitle */
-  puts(_("ntpdc - vendor-specific NTPD control program - Ver. 4.2.8p5\n\
+  puts(_("ntpdc - vendor-specific NTPD control program - Ver. 4.2.8p6\n\
 Usage:  %s [ -<flag> [<val>] | --<name>[{=| }<val>] ]... [ host ...]\n"));
 
   /* referenced via ntpdcOptions.pzExplain */
   puts(_("\n"));
 
   /* referenced via ntpdcOptions.pzFullVersion */
-  puts(_("ntpdc 4.2.8p5"));
+  puts(_("ntpdc 4.2.8p6"));
 
   /* referenced via ntpdcOptions.pzFullUsage */
   puts(_("<<<NOT-FOUND>>>"));
diff --git a/contrib/ntp/ntpdc/ntpdc-opts.h b/contrib/ntp/ntpdc/ntpdc-opts.h
index d3326a7..a022a72 100644
--- a/contrib/ntp/ntpdc/ntpdc-opts.h
+++ b/contrib/ntp/ntpdc/ntpdc-opts.h
@@ -1,7 +1,7 @@
 /*
  *  EDIT THIS FILE WITH CAUTION  (ntpdc-opts.h)
  *
- *  It has been AutoGen-ed  January  7, 2016 at 11:31:11 PM by AutoGen 5.18.5
+ *  It has been AutoGen-ed  January 20, 2016 at 04:18:21 AM by AutoGen 5.18.5
  *  From the definitions    ntpdc-opts.def
  *  and the template file   options
  *
@@ -18,7 +18,7 @@
  * The ntpdc program is copyrighted and licensed
  * under the following terms:
  *
- *  Copyright (C) 1992-2015 The University of Delaware and Network Time Foundation, all rights reserved.
+ *  Copyright (C) 1992-2016 The University of Delaware and Network Time Foundation, all rights reserved.
  *  This is free software. It is licensed for use, modification and
  *  redistribution under the terms of the NTP License, copies of which
  *  can be seen at:
@@ -83,9 +83,9 @@ typedef enum {
 /** count of all options for ntpdc */
 #define OPTION_CT    15
 /** ntpdc version */
-#define NTPDC_VERSION       "4.2.8p5"
+#define NTPDC_VERSION       "4.2.8p6"
 /** Full ntpdc version text */
-#define NTPDC_FULL_VERSION  "ntpdc 4.2.8p5"
+#define NTPDC_FULL_VERSION  "ntpdc 4.2.8p6"
 
 /**
  *  Interface defines for all options.  Replace "n" with the UPPER_CASED
diff --git a/contrib/ntp/ntpdc/ntpdc.1ntpdcman b/contrib/ntp/ntpdc/ntpdc.1ntpdcman
index 3e78896..e764a11 100644
--- a/contrib/ntp/ntpdc/ntpdc.1ntpdcman
+++ b/contrib/ntp/ntpdc/ntpdc.1ntpdcman
@@ -10,11 +10,11 @@
 .ds B-Font B
 .ds I-Font I
 .ds R-Font R
-.TH ntpdc 1ntpdcman "07 Jan 2016" "4.2.8p5" "User Commands"
+.TH ntpdc 1ntpdcman "20 Jan 2016" "4.2.8p6" "User Commands"
 .\"
-.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-EXaGzs/ag-QXayys)
+.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-n4aaHU/ag-A4a4FU)
 .\"
-.\" It has been AutoGen-ed January 7, 2016 at 11:31:22 PM by AutoGen 5.18.5
+.\" It has been AutoGen-ed January 20, 2016 at 04:18:33 AM by AutoGen 5.18.5
 .\" From the definitions ntpdc-opts.def
 .\" and the template file agman-cmd.tpl
 .SH NAME
@@ -848,7 +848,7 @@ RFC1305
 .SH AUTHORS
 The formatting directives in this document came from FreeBSD.
 .SH "COPYRIGHT"
-Copyright (C) 1992-2015 The University of Delaware and Network Time Foundation all rights reserved.
+Copyright (C) 1992-2016 The University of Delaware and Network Time Foundation all rights reserved.
 This program is released under the terms of the NTP license, <http://ntp.org/license>.
 .SH BUGS
 The
diff --git a/contrib/ntp/ntpdc/ntpdc.1ntpdcmdoc b/contrib/ntp/ntpdc/ntpdc.1ntpdcmdoc
index df53d89..b3e5895 100644
--- a/contrib/ntp/ntpdc/ntpdc.1ntpdcmdoc
+++ b/contrib/ntp/ntpdc/ntpdc.1ntpdcmdoc
@@ -1,9 +1,9 @@
-.Dd January 7 2016
+.Dd January 20 2016
 .Dt NTPDC 1ntpdcmdoc User Commands
 .Os
 .\"  EDIT THIS FILE WITH CAUTION  (ntpdc-opts.mdoc)
 .\"
-.\"  It has been AutoGen-ed  January  7, 2016 at 11:31:29 PM by AutoGen 5.18.5
+.\"  It has been AutoGen-ed  January 20, 2016 at 04:18:39 AM by AutoGen 5.18.5
 .\"  From the definitions    ntpdc-opts.def
 .\"  and the template file   agmdoc-cmd.tpl
 .Sh NAME
@@ -787,7 +787,7 @@ it to autogen\-users@lists.sourceforge.net.  Thank you.
 .Sh AUTHORS
 The formatting directives in this document came from FreeBSD.
 .Sh "COPYRIGHT"
-Copyright (C) 1992\-2015 The University of Delaware and Network Time Foundation all rights reserved.
+Copyright (C) 1992\-2016 The University of Delaware and Network Time Foundation all rights reserved.
 This program is released under the terms of the NTP license, <http://ntp.org/license>.
 .Sh BUGS
 The
diff --git a/contrib/ntp/ntpdc/ntpdc.c b/contrib/ntp/ntpdc/ntpdc.c
index bef9ca3..8a79d0b 100644
--- a/contrib/ntp/ntpdc/ntpdc.c
+++ b/contrib/ntp/ntpdc/ntpdc.c
@@ -605,7 +605,11 @@ getresponse(
 	int seq;
 	fd_set fds;
 	ssize_t n;
-	size_t pad;
+	int pad;
+	/* absolute timeout checks. Not 'time_t' by intention! */
+	uint32_t tobase;	/* base value for timeout */
+	uint32_t tospan;	/* timeout span (max delay) */
+	uint32_t todiff;	/* current delay */
 
 	/*
 	 * This is pretty tricky.  We may get between 1 and many packets
@@ -622,12 +626,14 @@ getresponse(
 	lastseq = 999;	/* too big to be a sequence number */
 	ZERO(haveseq);
 	FD_ZERO(&fds);
+	tobase = (uint32_t)time(NULL);
 
     again:
 	if (firstpkt)
 		tvo = tvout;
 	else
 		tvo = tvsout;
+	tospan = (uint32_t)tvo.tv_sec + (tvo.tv_usec != 0);
 	
 	FD_SET(sockfd, &fds);
 	n = select(sockfd+1, &fds, NULL, NULL, &tvo);
@@ -635,6 +641,17 @@ getresponse(
 		warning("select fails");
 		return -1;
 	}
+	
+	/*
+	 * Check if this is already too late. Trash the data and fake a
+	 * timeout if this is so.
+	 */
+	todiff = (((uint32_t)time(NULL)) - tobase) & 0x7FFFFFFFu;
+	if ((n > 0) && (todiff > tospan)) {
+		n = recv(sockfd, (char *)&rpkt, sizeof(rpkt), 0);
+		n = 0; /* faked timeout return from 'select()'*/
+	}
+	
 	if (n == 0) {
 		/*
 		 * Timed out.  Return what we have
@@ -780,8 +797,10 @@ getresponse(
 	}
 
 	/*
-	 * So far, so good.  Copy this data into the output array.
+	 * So far, so good.  Copy this data into the output array. Bump
+	 * the timeout base, in case we expect more data.
 	 */
+	tobase = (uint32_t)time(NULL);
 	if ((datap + datasize + (pad * items)) > (pktdata + pktdatasize)) {
 		size_t offset = datap - pktdata;
 		growpktdata();
diff --git a/contrib/ntp/ntpdc/ntpdc.html b/contrib/ntp/ntpdc/ntpdc.html
index 107af9b..ce73039 100644
--- a/contrib/ntp/ntpdc/ntpdc.html
+++ b/contrib/ntp/ntpdc/ntpdc.html
@@ -36,7 +36,7 @@ display the time offset of the system clock relative to the server
 clock.  Run as root, it can correct the system clock to this offset as
 well.  It can be run as an interactive command or from a cron job.
 
-  <p>This document applies to version 4.2.8p5 of <code>ntpdc</code>.
+  <p>This document applies to version 4.2.8p6 of <code>ntpdc</code>.
 
   <p>The program implements the SNTP protocol as defined by RFC 5905, the NTPv4
 IETF specification.
@@ -152,7 +152,7 @@ the usage text by passing it through a pager program.
 used to select the program, defaulting to <span class="file">more</span>.  Both will exit
 with a status code of 0.
 
-<pre class="example">ntpdc - vendor-specific NTPD control program - Ver. 4.2.8p5
+<pre class="example">ntpdc - vendor-specific NTPD control program - Ver. 4.2.8p6
 Usage:  ntpdc [ -&lt;flag&gt; [&lt;val&gt;] | --&lt;name&gt;[{=| }&lt;val&gt;] ]... [ host ...]
   Flg Arg Option-Name    Description
    -4 no  ipv4           Force IPv4 DNS name resolution
diff --git a/contrib/ntp/ntpdc/ntpdc.man.in b/contrib/ntp/ntpdc/ntpdc.man.in
index 6662438..d7e25fa 100644
--- a/contrib/ntp/ntpdc/ntpdc.man.in
+++ b/contrib/ntp/ntpdc/ntpdc.man.in
@@ -10,11 +10,11 @@
 .ds B-Font B
 .ds I-Font I
 .ds R-Font R
-.TH ntpdc @NTPDC_MS@ "07 Jan 2016" "4.2.8p5" "User Commands"
+.TH ntpdc @NTPDC_MS@ "20 Jan 2016" "4.2.8p6" "User Commands"
 .\"
-.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-EXaGzs/ag-QXayys)
+.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-n4aaHU/ag-A4a4FU)
 .\"
-.\" It has been AutoGen-ed January 7, 2016 at 11:31:22 PM by AutoGen 5.18.5
+.\" It has been AutoGen-ed January 20, 2016 at 04:18:33 AM by AutoGen 5.18.5
 .\" From the definitions ntpdc-opts.def
 .\" and the template file agman-cmd.tpl
 .SH NAME
@@ -848,7 +848,7 @@ RFC1305
 .SH AUTHORS
 The formatting directives in this document came from FreeBSD.
 .SH "COPYRIGHT"
-Copyright (C) 1992-2015 The University of Delaware and Network Time Foundation all rights reserved.
+Copyright (C) 1992-2016 The University of Delaware and Network Time Foundation all rights reserved.
 This program is released under the terms of the NTP license, <http://ntp.org/license>.
 .SH BUGS
 The
diff --git a/contrib/ntp/ntpdc/ntpdc.mdoc.in b/contrib/ntp/ntpdc/ntpdc.mdoc.in
index 2e2fd31..4dd9e15 100644
--- a/contrib/ntp/ntpdc/ntpdc.mdoc.in
+++ b/contrib/ntp/ntpdc/ntpdc.mdoc.in
@@ -1,9 +1,9 @@
-.Dd January 7 2016
+.Dd January 20 2016
 .Dt NTPDC @NTPDC_MS@ User Commands
 .Os
 .\"  EDIT THIS FILE WITH CAUTION  (ntpdc-opts.mdoc)
 .\"
-.\"  It has been AutoGen-ed  January  7, 2016 at 11:31:29 PM by AutoGen 5.18.5
+.\"  It has been AutoGen-ed  January 20, 2016 at 04:18:39 AM by AutoGen 5.18.5
 .\"  From the definitions    ntpdc-opts.def
 .\"  and the template file   agmdoc-cmd.tpl
 .Sh NAME
@@ -787,7 +787,7 @@ it to autogen\-users@lists.sourceforge.net.  Thank you.
 .Sh AUTHORS
 The formatting directives in this document came from FreeBSD.
 .Sh "COPYRIGHT"
-Copyright (C) 1992\-2015 The University of Delaware and Network Time Foundation all rights reserved.
+Copyright (C) 1992\-2016 The University of Delaware and Network Time Foundation all rights reserved.
 This program is released under the terms of the NTP license, <http://ntp.org/license>.
 .Sh BUGS
 The
diff --git a/contrib/ntp/ntpq/invoke-ntpq.texi b/contrib/ntp/ntpq/invoke-ntpq.texi
index b01127c..bcd1df4 100644
--- a/contrib/ntp/ntpq/invoke-ntpq.texi
+++ b/contrib/ntp/ntpq/invoke-ntpq.texi
@@ -6,7 +6,7 @@
 #
 # EDIT THIS FILE WITH CAUTION  (invoke-ntpq.texi)
 #
-# It has been AutoGen-ed  January  7, 2016 at 11:32:00 PM by AutoGen 5.18.5
+# It has been AutoGen-ed  January 20, 2016 at 04:19:10 AM by AutoGen 5.18.5
 # From the definitions    ntpq-opts.def
 # and the template file   agtexi-cmd.tpl
 @end ignore
@@ -847,7 +847,7 @@ with a status code of 0.
 
 @exampleindent 0
 @example
-ntpq - standard NTP query program - Ver. 4.2.8p5
+ntpq - standard NTP query program - Ver. 4.2.8p6
 Usage:  ntpq [ -<flag> [<val>] | --<name>[@{=| @}<val>] ]... [ host ...]
   Flg Arg Option-Name    Description
    -4 no  ipv4           Force IPv4 DNS name resolution
diff --git a/contrib/ntp/ntpq/ntpq-opts.c b/contrib/ntp/ntpq/ntpq-opts.c
index 69f4881..42131a3 100644
--- a/contrib/ntp/ntpq/ntpq-opts.c
+++ b/contrib/ntp/ntpq/ntpq-opts.c
@@ -1,7 +1,7 @@
 /*
  *  EDIT THIS FILE WITH CAUTION  (ntpq-opts.c)
  *
- *  It has been AutoGen-ed  January  7, 2016 at 11:31:32 PM by AutoGen 5.18.5
+ *  It has been AutoGen-ed  January 20, 2016 at 04:18:42 AM by AutoGen 5.18.5
  *  From the definitions    ntpq-opts.def
  *  and the template file   options
  *
@@ -18,7 +18,7 @@
  * The ntpq program is copyrighted and licensed
  * under the following terms:
  *
- *  Copyright (C) 1992-2015 The University of Delaware and Network Time Foundation, all rights reserved.
+ *  Copyright (C) 1992-2016 The University of Delaware and Network Time Foundation, all rights reserved.
  *  This is free software. It is licensed for use, modification and
  *  redistribution under the terms of the NTP License, copies of which
  *  can be seen at:
@@ -69,8 +69,8 @@ extern FILE * option_usage_fp;
  *  static const strings for ntpq options
  */
 static char const ntpq_opt_strs[1925] =
-/*     0 */ "ntpq 4.2.8p5\n"
-            "Copyright (C) 1992-2015 The University of Delaware and Network Time Foundation, all rights reserved.\n"
+/*     0 */ "ntpq 4.2.8p6\n"
+            "Copyright (C) 1992-2016 The University of Delaware and Network Time Foundation, all rights reserved.\n"
             "This is free software. It is licensed for use, modification and\n"
             "redistribution under the terms of the NTP License, copies of which\n"
             "can be seen at:\n"
@@ -129,13 +129,13 @@ static char const ntpq_opt_strs[1925] =
 /*  1723 */ "no-load-opts\0"
 /*  1736 */ "no\0"
 /*  1739 */ "NTPQ\0"
-/*  1744 */ "ntpq - standard NTP query program - Ver. 4.2.8p5\n"
+/*  1744 */ "ntpq - standard NTP query program - Ver. 4.2.8p6\n"
             "Usage:  %s [ -<flag> [<val>] | --<name>[{=| }<val>] ]... [ host ...]\n\0"
 /*  1863 */ "$HOME\0"
 /*  1869 */ ".\0"
 /*  1871 */ ".ntprc\0"
 /*  1878 */ "http://bugs.ntp.org, bugs@ntp.org\0"
-/*  1912 */ "ntpq 4.2.8p5";
+/*  1912 */ "ntpq 4.2.8p6";
 
 /**
  *  ipv4 option description with
@@ -786,8 +786,8 @@ static void bogus_function(void) {
      translate option names.
    */
   /* referenced via ntpqOptions.pzCopyright */
-  puts(_("ntpq 4.2.8p5\n\
-Copyright (C) 1992-2015 The University of Delaware and Network Time Foundation, all rights reserved.\n\
+  puts(_("ntpq 4.2.8p6\n\
+Copyright (C) 1992-2016 The University of Delaware and Network Time Foundation, all rights reserved.\n\
 This is free software. It is licensed for use, modification and\n\
 redistribution under the terms of the NTP License, copies of which\n\
 can be seen at:\n"));
@@ -852,11 +852,11 @@ implied warranty.\n"));
   puts(_("load options from a config file"));
 
   /* referenced via ntpqOptions.pzUsageTitle */
-  puts(_("ntpq - standard NTP query program - Ver. 4.2.8p5\n\
+  puts(_("ntpq - standard NTP query program - Ver. 4.2.8p6\n\
 Usage:  %s [ -<flag> [<val>] | --<name>[{=| }<val>] ]... [ host ...]\n"));
 
   /* referenced via ntpqOptions.pzFullVersion */
-  puts(_("ntpq 4.2.8p5"));
+  puts(_("ntpq 4.2.8p6"));
 
   /* referenced via ntpqOptions.pzFullUsage */
   puts(_("<<<NOT-FOUND>>>"));
diff --git a/contrib/ntp/ntpq/ntpq-opts.h b/contrib/ntp/ntpq/ntpq-opts.h
index 758817f..af7a4c2 100644
--- a/contrib/ntp/ntpq/ntpq-opts.h
+++ b/contrib/ntp/ntpq/ntpq-opts.h
@@ -1,7 +1,7 @@
 /*
  *  EDIT THIS FILE WITH CAUTION  (ntpq-opts.h)
  *
- *  It has been AutoGen-ed  January  7, 2016 at 11:31:32 PM by AutoGen 5.18.5
+ *  It has been AutoGen-ed  January 20, 2016 at 04:18:42 AM by AutoGen 5.18.5
  *  From the definitions    ntpq-opts.def
  *  and the template file   options
  *
@@ -18,7 +18,7 @@
  * The ntpq program is copyrighted and licensed
  * under the following terms:
  *
- *  Copyright (C) 1992-2015 The University of Delaware and Network Time Foundation, all rights reserved.
+ *  Copyright (C) 1992-2016 The University of Delaware and Network Time Foundation, all rights reserved.
  *  This is free software. It is licensed for use, modification and
  *  redistribution under the terms of the NTP License, copies of which
  *  can be seen at:
@@ -83,9 +83,9 @@ typedef enum {
 /** count of all options for ntpq */
 #define OPTION_CT    15
 /** ntpq version */
-#define NTPQ_VERSION       "4.2.8p5"
+#define NTPQ_VERSION       "4.2.8p6"
 /** Full ntpq version text */
-#define NTPQ_FULL_VERSION  "ntpq 4.2.8p5"
+#define NTPQ_FULL_VERSION  "ntpq 4.2.8p6"
 
 /**
  *  Interface defines for all options.  Replace "n" with the UPPER_CASED
diff --git a/contrib/ntp/ntpq/ntpq-subs.c b/contrib/ntp/ntpq/ntpq-subs.c
index 438c7ca..8e70477 100644
--- a/contrib/ntp/ntpq/ntpq-subs.c
+++ b/contrib/ntp/ntpq/ntpq-subs.c
@@ -2861,7 +2861,7 @@ collect_mru_list(
 				 ri, sptoa(&recent->addr), ri,
 				 recent->last.l_ui, recent->last.l_uf);
 			chars = strlen(buf);
-			if (REQ_ROOM <= chars)
+			if ((size_t)REQ_ROOM <= chars)
 				break;
 			memcpy(req, buf, chars + 1);
 			req += chars;
@@ -3173,6 +3173,7 @@ mrulist(
 		qsort(sorted, mru_count, sizeof(sorted[0]),
 		      mru_qcmp_table[order]);
 
+	mrulist_interrupted = FALSE;
 	printf(	"lstint avgint rstr r m v  count rport remote address\n"
 		"==============================================================================\n");
 		/* '=' x 78 */
@@ -3199,6 +3200,11 @@ mrulist(
 			nntohost(&recent->addr));
 		if (showhostnames)
 			fflush(fp);
+		if (mrulist_interrupted) {
+			fputs("\n --interrupted--\n", fp);
+			fflush(fp);
+			break;
+		}
 	}
 	fflush(fp);
 	if (debug) {
diff --git a/contrib/ntp/ntpq/ntpq.1ntpqman b/contrib/ntp/ntpq/ntpq.1ntpqman
index 1c26076..b96d106 100644
--- a/contrib/ntp/ntpq/ntpq.1ntpqman
+++ b/contrib/ntp/ntpq/ntpq.1ntpqman
@@ -10,11 +10,11 @@
 .ds B-Font B
 .ds I-Font I
 .ds R-Font R
-.TH ntpq 1ntpqman "07 Jan 2016" "4.2.8p5" "User Commands"
+.TH ntpq 1ntpqman "20 Jan 2016" "4.2.8p6" "User Commands"
 .\"
-.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-4VaaKt/ag-eWa4It)
+.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-Z7aWRV/ag-_7aOQV)
 .\"
-.\" It has been AutoGen-ed January 7, 2016 at 11:31:55 PM by AutoGen 5.18.5
+.\" It has been AutoGen-ed January 20, 2016 at 04:19:06 AM by AutoGen 5.18.5
 .\" From the definitions ntpq-opts.def
 .\" and the template file agman-cmd.tpl
 .SH NAME
@@ -1412,7 +1412,7 @@ it to autogen-users@lists.sourceforge.net.  Thank you.
 .SH "AUTHORS"
 The University of Delaware and Network Time Foundation
 .SH "COPYRIGHT"
-Copyright (C) 1992-2015 The University of Delaware and Network Time Foundation all rights reserved.
+Copyright (C) 1992-2016 The University of Delaware and Network Time Foundation all rights reserved.
 This program is released under the terms of the NTP license, <http://ntp.org/license>.
 .SH "BUGS"
 Please send bug reports to: http://bugs.ntp.org, bugs@ntp.org
diff --git a/contrib/ntp/ntpq/ntpq.1ntpqmdoc b/contrib/ntp/ntpq/ntpq.1ntpqmdoc
index bf8d101..d4da8d7 100644
--- a/contrib/ntp/ntpq/ntpq.1ntpqmdoc
+++ b/contrib/ntp/ntpq/ntpq.1ntpqmdoc
@@ -1,9 +1,9 @@
-.Dd January 7 2016
+.Dd January 20 2016
 .Dt NTPQ 1ntpqmdoc User Commands
 .Os
 .\"  EDIT THIS FILE WITH CAUTION  (ntpq-opts.mdoc)
 .\"
-.\"  It has been AutoGen-ed  January  7, 2016 at 11:32:02 PM by AutoGen 5.18.5
+.\"  It has been AutoGen-ed  January 20, 2016 at 04:19:12 AM by AutoGen 5.18.5
 .\"  From the definitions    ntpq-opts.def
 .\"  and the template file   agmdoc-cmd.tpl
 .Sh NAME
@@ -955,7 +955,7 @@ it to autogen\-users@lists.sourceforge.net.  Thank you.
 .Sh "AUTHORS"
 The University of Delaware and Network Time Foundation
 .Sh "COPYRIGHT"
-Copyright (C) 1992\-2015 The University of Delaware and Network Time Foundation all rights reserved.
+Copyright (C) 1992\-2016 The University of Delaware and Network Time Foundation all rights reserved.
 This program is released under the terms of the NTP license, <http://ntp.org/license>.
 .Sh "BUGS"
 Please send bug reports to: http://bugs.ntp.org, bugs@ntp.org
diff --git a/contrib/ntp/ntpq/ntpq.c b/contrib/ntp/ntpq/ntpq.c
index 5b3c9cb..1dcaeb7 100644
--- a/contrib/ntp/ntpq/ntpq.c
+++ b/contrib/ntp/ntpq/ntpq.c
@@ -218,7 +218,7 @@ static	void	outputarr	(FILE *, char *, int, l_fp *);
 static	int	assoccmp	(const void *, const void *);
 static	void	on_ctrlc	(void);
 	u_short	varfmt		(const char *);
-
+static	int	my_easprintf	(char**, const char *, ...) NTP_PRINTF(2, 3);
 void	ntpq_custom_opt_handler	(tOptions *, tOptDesc *);
 
 #ifdef OPENSSL
@@ -472,7 +472,7 @@ ntpqmain(
 
 	{
 	    char *list;
-	    char *msg, *fmt;
+	    char *msg;
 
 	    list = list_digest_names();
 	    for (icmd = 0; icmd < sizeof(builtins)/sizeof(builtins[0]); icmd++) {
@@ -486,13 +486,15 @@ ntpqmain(
 
 #ifdef OPENSSL
 	    builtins[icmd].desc[0] = "digest-name";
-	    fmt = "set key type to use for authenticated requests, one of:%s";
+	    my_easprintf(&msg,
+			 "set key type to use for authenticated requests, one of:%s",
+			 list);
 #else
 	    builtins[icmd].desc[0] = "md5";
-	    fmt = "set key type to use for authenticated requests (%s)";
+	    my_easprintf(&msg,
+			 "set key type to use for authenticated requests (%s)",
+			 list);
 #endif
-	    msg = emalloc(strlen(fmt) + strlen(list) - strlen("%s") +1);
-	    sprintf(msg, fmt, list);
 	    builtins[icmd].comment = msg;
 	    free(list);
 	}
@@ -844,6 +846,10 @@ getresponse(
 	fd_set fds;
 	int n;
 	int errcode;
+	/* absolute timeout checks. Not 'time_t' by intention! */
+	uint32_t tobase;	/* base value for timeout */
+	uint32_t tospan;	/* timeout span (max delay) */
+	uint32_t todiff;	/* current delay */
 
 	/*
 	 * This is pretty tricky.  We may get between 1 and MAXFRAG packets
@@ -860,6 +866,8 @@ getresponse(
 	numfrags = 0;
 	seenlastfrag = 0;
 
+	tobase = (uint32_t)time(NULL);
+	
 	FD_ZERO(&fds);
 
 	/*
@@ -872,13 +880,40 @@ getresponse(
 			tvo = tvout;
 		else
 			tvo = tvsout;
+		tospan = (uint32_t)tvo.tv_sec + (tvo.tv_usec != 0);
 
 		FD_SET(sockfd, &fds);
 		n = select(sockfd+1, &fds, NULL, NULL, &tvo);
 		if (n == -1) {
+#if !defined(SYS_WINNT) && defined(EINTR)
+			/* Windows does not know about EINTR (until very
+			 * recently) and the handling of console events
+			 * is *very* different from POSIX/UNIX signal
+			 * handling anyway.
+			 *
+			 * Under non-windows targets we map EINTR as
+			 * 'last packet was received' and try to exit
+			 * the receive sequence.
+			 */
+			if (errno == EINTR) {
+				seenlastfrag = 1;
+				goto maybe_final;
+			}
+#endif
 			warning("select fails");
 			return -1;
 		}
+
+		/*
+		 * Check if this is already too late. Trash the data and
+		 * fake a timeout if this is so.
+		 */
+		todiff = (((uint32_t)time(NULL)) - tobase) & 0x7FFFFFFFu;
+		if ((n > 0) && (todiff > tospan)) {
+			n = recv(sockfd, (char *)&rpkt, sizeof(rpkt), 0);
+			n = 0; /* faked timeout return from 'select()'*/
+		}
+		
 		if (n == 0) {
 			/*
 			 * Timed out.  Return what we have
@@ -1141,14 +1176,17 @@ getresponse(
 		}
 
 		/*
-		 * Copy the data into the data buffer.
+		 * Copy the data into the data buffer, and bump the
+		 * timout base in case we need more.
 		 */
 		memcpy((char *)pktdata + offset, &rpkt.u, count);
-
+		tobase = (uint32_t)time(NULL);
+		
 		/*
 		 * If we've seen the last fragment, look for holes in the sequence.
 		 * If there aren't any, we're done.
 		 */
+	  maybe_final:
 		if (seenlastfrag && offsets[0] == 0) {
 			for (f = 1; f < numfrags; f++)
 				if (offsets[f-1] + counts[f-1] !=
@@ -2954,6 +2992,8 @@ nextvar(
 	len = srclen;
 	while (len > 0 && isspace((unsigned char)cp[len - 1]))
 		len--;
+	if (len >= sizeof(name))
+	    return 0;
 	if (len > 0)
 		memcpy(name, cp, len);
 	name[len] = '\0';
@@ -3615,3 +3655,41 @@ on_ctrlc(void)
 		if ((*ctrlc_stack[--size])())
 			break;
 }
+
+static int
+my_easprintf(
+	char ** 	ppinto,
+	const char *	fmt   ,
+	...
+	)
+{
+	va_list	va;
+	int	prc;
+	size_t	len = 128;
+	char *	buf = emalloc(len);
+
+  again:
+	/* Note: we expect the memory allocation to fail long before the
+	 * increment in buffer size actually overflows.
+	 */
+	buf = (buf) ? erealloc(buf, len) : emalloc(len);
+
+	va_start(va, fmt);
+	prc = vsnprintf(buf, len, fmt, va);
+	va_end(va);
+
+	if (prc < 0) {
+		/* might be very old vsnprintf. Or actually MSVC... */
+		len += len >> 1;
+		goto again;
+	}
+	if ((size_t)prc >= len) {
+		/* at least we have the proper size now... */
+		len = (size_t)prc + 1;
+		goto again;
+	}
+	if ((size_t)prc < (len - 32))
+		buf = erealloc(buf, (size_t)prc + 1);
+	*ppinto = buf;
+	return prc;
+}
diff --git a/contrib/ntp/ntpq/ntpq.html b/contrib/ntp/ntpq/ntpq.html
index 16f2597..96df83d 100644
--- a/contrib/ntp/ntpq/ntpq.html
+++ b/contrib/ntp/ntpq/ntpq.html
@@ -44,7 +44,7 @@ monitor the operational status
 and determine the performance of
 <code>ntpd</code>, the NTP daemon.
 
-  <p>This document applies to version 4.2.8p5 of <code>ntpq</code>.
+  <p>This document applies to version 4.2.8p6 of <code>ntpq</code>.
 
 <ul class="menu">
 <li><a accesskey="1" href="#ntpq-Description">ntpq Description</a>
@@ -769,7 +769,7 @@ the usage text by passing it through a pager program.
 used to select the program, defaulting to <span class="file">more</span>.  Both will exit
 with a status code of 0.
 
-<pre class="example">ntpq - standard NTP query program - Ver. 4.2.8p4
+<pre class="example">ntpq - standard NTP query program - Ver. 4.2.8p5
 Usage:  ntpq [ -&lt;flag&gt; [&lt;val&gt;] | --&lt;name&gt;[{=| }&lt;val&gt;] ]... [ host ...]
   Flg Arg Option-Name    Description
    -4 no  ipv4           Force IPv4 DNS name resolution
diff --git a/contrib/ntp/ntpq/ntpq.man.in b/contrib/ntp/ntpq/ntpq.man.in
index 17ccb1c..abe2608 100644
--- a/contrib/ntp/ntpq/ntpq.man.in
+++ b/contrib/ntp/ntpq/ntpq.man.in
@@ -10,11 +10,11 @@
 .ds B-Font B
 .ds I-Font I
 .ds R-Font R
-.TH ntpq @NTPQ_MS@ "07 Jan 2016" "4.2.8p5" "User Commands"
+.TH ntpq @NTPQ_MS@ "20 Jan 2016" "4.2.8p6" "User Commands"
 .\"
-.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-4VaaKt/ag-eWa4It)
+.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-Z7aWRV/ag-_7aOQV)
 .\"
-.\" It has been AutoGen-ed January 7, 2016 at 11:31:55 PM by AutoGen 5.18.5
+.\" It has been AutoGen-ed January 20, 2016 at 04:19:06 AM by AutoGen 5.18.5
 .\" From the definitions ntpq-opts.def
 .\" and the template file agman-cmd.tpl
 .SH NAME
@@ -1412,7 +1412,7 @@ it to autogen-users@lists.sourceforge.net.  Thank you.
 .SH "AUTHORS"
 The University of Delaware and Network Time Foundation
 .SH "COPYRIGHT"
-Copyright (C) 1992-2015 The University of Delaware and Network Time Foundation all rights reserved.
+Copyright (C) 1992-2016 The University of Delaware and Network Time Foundation all rights reserved.
 This program is released under the terms of the NTP license, <http://ntp.org/license>.
 .SH "BUGS"
 Please send bug reports to: http://bugs.ntp.org, bugs@ntp.org
diff --git a/contrib/ntp/ntpq/ntpq.mdoc.in b/contrib/ntp/ntpq/ntpq.mdoc.in
index 9214a66..d71c508 100644
--- a/contrib/ntp/ntpq/ntpq.mdoc.in
+++ b/contrib/ntp/ntpq/ntpq.mdoc.in
@@ -1,9 +1,9 @@
-.Dd January 7 2016
+.Dd January 20 2016
 .Dt NTPQ @NTPQ_MS@ User Commands
 .Os
 .\"  EDIT THIS FILE WITH CAUTION  (ntpq-opts.mdoc)
 .\"
-.\"  It has been AutoGen-ed  January  7, 2016 at 11:32:02 PM by AutoGen 5.18.5
+.\"  It has been AutoGen-ed  January 20, 2016 at 04:19:12 AM by AutoGen 5.18.5
 .\"  From the definitions    ntpq-opts.def
 .\"  and the template file   agmdoc-cmd.tpl
 .Sh NAME
@@ -955,7 +955,7 @@ it to autogen\-users@lists.sourceforge.net.  Thank you.
 .Sh "AUTHORS"
 The University of Delaware and Network Time Foundation
 .Sh "COPYRIGHT"
-Copyright (C) 1992\-2015 The University of Delaware and Network Time Foundation all rights reserved.
+Copyright (C) 1992\-2016 The University of Delaware and Network Time Foundation all rights reserved.
 This program is released under the terms of the NTP license, <http://ntp.org/license>.
 .Sh "BUGS"
 Please send bug reports to: http://bugs.ntp.org, bugs@ntp.org
diff --git a/contrib/ntp/ntpsnmpd/invoke-ntpsnmpd.texi b/contrib/ntp/ntpsnmpd/invoke-ntpsnmpd.texi
index 1185316..fcbc23e 100644
--- a/contrib/ntp/ntpsnmpd/invoke-ntpsnmpd.texi
+++ b/contrib/ntp/ntpsnmpd/invoke-ntpsnmpd.texi
@@ -6,7 +6,7 @@
 #
 # EDIT THIS FILE WITH CAUTION  (invoke-ntpsnmpd.texi)
 #
-# It has been AutoGen-ed  January  7, 2016 at 11:32:15 PM by AutoGen 5.18.5
+# It has been AutoGen-ed  January 20, 2016 at 04:19:26 AM by AutoGen 5.18.5
 # From the definitions    ntpsnmpd-opts.def
 # and the template file   agtexi-cmd.tpl
 @end ignore
@@ -47,7 +47,7 @@ with a status code of 0.
 
 @exampleindent 0
 @example
-ntpsnmpd - NTP SNMP MIB agent - Ver. 4.2.8p5
+ntpsnmpd - NTP SNMP MIB agent - Ver. 4.2.8p6
 Usage:  ntpsnmpd [ -<flag> [<val>] | --<name>[@{=| @}<val>] ]...
   Flg Arg Option-Name    Description
    -n no  nofork         Do not fork
diff --git a/contrib/ntp/ntpsnmpd/ntpsnmpd-opts.c b/contrib/ntp/ntpsnmpd/ntpsnmpd-opts.c
index cb48b16..772f364 100644
--- a/contrib/ntp/ntpsnmpd/ntpsnmpd-opts.c
+++ b/contrib/ntp/ntpsnmpd/ntpsnmpd-opts.c
@@ -1,7 +1,7 @@
 /*
  *  EDIT THIS FILE WITH CAUTION  (ntpsnmpd-opts.c)
  *
- *  It has been AutoGen-ed  January  7, 2016 at 11:32:05 PM by AutoGen 5.18.5
+ *  It has been AutoGen-ed  January 20, 2016 at 04:19:15 AM by AutoGen 5.18.5
  *  From the definitions    ntpsnmpd-opts.def
  *  and the template file   options
  *
@@ -18,7 +18,7 @@
  * The ntpsnmpd program is copyrighted and licensed
  * under the following terms:
  *
- *  Copyright (C) 1992-2015 The University of Delaware and Network Time Foundation, all rights reserved.
+ *  Copyright (C) 1992-2016 The University of Delaware and Network Time Foundation, all rights reserved.
  *  This is free software. It is licensed for use, modification and
  *  redistribution under the terms of the NTP License, copies of which
  *  can be seen at:
@@ -61,8 +61,8 @@ extern FILE * option_usage_fp;
  *  static const strings for ntpsnmpd options
  */
 static char const ntpsnmpd_opt_strs[1610] =
-/*     0 */ "ntpsnmpd 4.2.8p5\n"
-            "Copyright (C) 1992-2015 The University of Delaware and Network Time Foundation, all rights reserved.\n"
+/*     0 */ "ntpsnmpd 4.2.8p6\n"
+            "Copyright (C) 1992-2016 The University of Delaware and Network Time Foundation, all rights reserved.\n"
             "This is free software. It is licensed for use, modification and\n"
             "redistribution under the terms of the NTP License, copies of which\n"
             "can be seen at:\n"
@@ -101,14 +101,14 @@ static char const ntpsnmpd_opt_strs[1610] =
 /*  1414 */ "no-load-opts\0"
 /*  1427 */ "no\0"
 /*  1430 */ "NTPSNMPD\0"
-/*  1439 */ "ntpsnmpd - NTP SNMP MIB agent - Ver. 4.2.8p5\n"
+/*  1439 */ "ntpsnmpd - NTP SNMP MIB agent - Ver. 4.2.8p6\n"
             "Usage:  %s [ -<flag> [<val>] | --<name>[{=| }<val>] ]...\n\0"
 /*  1542 */ "$HOME\0"
 /*  1548 */ ".\0"
 /*  1550 */ ".ntprc\0"
 /*  1557 */ "http://bugs.ntp.org, bugs@ntp.org\0"
 /*  1591 */ "\n\0"
-/*  1593 */ "ntpsnmpd 4.2.8p5";
+/*  1593 */ "ntpsnmpd 4.2.8p6";
 
 /**
  *  nofork option description:
@@ -554,8 +554,8 @@ static void bogus_function(void) {
      translate option names.
    */
   /* referenced via ntpsnmpdOptions.pzCopyright */
-  puts(_("ntpsnmpd 4.2.8p5\n\
-Copyright (C) 1992-2015 The University of Delaware and Network Time Foundation, all rights reserved.\n\
+  puts(_("ntpsnmpd 4.2.8p6\n\
+Copyright (C) 1992-2016 The University of Delaware and Network Time Foundation, all rights reserved.\n\
 This is free software. It is licensed for use, modification and\n\
 redistribution under the terms of the NTP License, copies of which\n\
 can be seen at:\n"));
@@ -599,14 +599,14 @@ implied warranty.\n"));
   puts(_("load options from a config file"));
 
   /* referenced via ntpsnmpdOptions.pzUsageTitle */
-  puts(_("ntpsnmpd - NTP SNMP MIB agent - Ver. 4.2.8p5\n\
+  puts(_("ntpsnmpd - NTP SNMP MIB agent - Ver. 4.2.8p6\n\
 Usage:  %s [ -<flag> [<val>] | --<name>[{=| }<val>] ]...\n"));
 
   /* referenced via ntpsnmpdOptions.pzExplain */
   puts(_("\n"));
 
   /* referenced via ntpsnmpdOptions.pzFullVersion */
-  puts(_("ntpsnmpd 4.2.8p5"));
+  puts(_("ntpsnmpd 4.2.8p6"));
 
   /* referenced via ntpsnmpdOptions.pzFullUsage */
   puts(_("<<<NOT-FOUND>>>"));
diff --git a/contrib/ntp/ntpsnmpd/ntpsnmpd-opts.h b/contrib/ntp/ntpsnmpd/ntpsnmpd-opts.h
index 8146eb9..de27f4b 100644
--- a/contrib/ntp/ntpsnmpd/ntpsnmpd-opts.h
+++ b/contrib/ntp/ntpsnmpd/ntpsnmpd-opts.h
@@ -1,7 +1,7 @@
 /*
  *  EDIT THIS FILE WITH CAUTION  (ntpsnmpd-opts.h)
  *
- *  It has been AutoGen-ed  January  7, 2016 at 11:32:04 PM by AutoGen 5.18.5
+ *  It has been AutoGen-ed  January 20, 2016 at 04:19:14 AM by AutoGen 5.18.5
  *  From the definitions    ntpsnmpd-opts.def
  *  and the template file   options
  *
@@ -18,7 +18,7 @@
  * The ntpsnmpd program is copyrighted and licensed
  * under the following terms:
  *
- *  Copyright (C) 1992-2015 The University of Delaware and Network Time Foundation, all rights reserved.
+ *  Copyright (C) 1992-2016 The University of Delaware and Network Time Foundation, all rights reserved.
  *  This is free software. It is licensed for use, modification and
  *  redistribution under the terms of the NTP License, copies of which
  *  can be seen at:
@@ -76,9 +76,9 @@ typedef enum {
 /** count of all options for ntpsnmpd */
 #define OPTION_CT    8
 /** ntpsnmpd version */
-#define NTPSNMPD_VERSION       "4.2.8p5"
+#define NTPSNMPD_VERSION       "4.2.8p6"
 /** Full ntpsnmpd version text */
-#define NTPSNMPD_FULL_VERSION  "ntpsnmpd 4.2.8p5"
+#define NTPSNMPD_FULL_VERSION  "ntpsnmpd 4.2.8p6"
 
 /**
  *  Interface defines for all options.  Replace "n" with the UPPER_CASED
diff --git a/contrib/ntp/ntpsnmpd/ntpsnmpd.1ntpsnmpdman b/contrib/ntp/ntpsnmpd/ntpsnmpd.1ntpsnmpdman
index e7fc2eb..d36ca07 100644
--- a/contrib/ntp/ntpsnmpd/ntpsnmpd.1ntpsnmpdman
+++ b/contrib/ntp/ntpsnmpd/ntpsnmpd.1ntpsnmpdman
@@ -10,11 +10,11 @@
 .ds B-Font B
 .ds I-Font I
 .ds R-Font R
-.TH ntpsnmpd 1ntpsnmpdman "07 Jan 2016" "4.2.8p5" "User Commands"
+.TH ntpsnmpd 1ntpsnmpdman "20 Jan 2016" "4.2.8p6" "User Commands"
 .\"
-.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-dZaaSu/ag-qZa4Qu)
+.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-FaaWZW/ag-SaaOYW)
 .\"
-.\" It has been AutoGen-ed January 7, 2016 at 11:32:12 PM by AutoGen 5.18.5
+.\" It has been AutoGen-ed January 20, 2016 at 04:19:22 AM by AutoGen 5.18.5
 .\" From the definitions ntpsnmpd-opts.def
 .\" and the template file agman-cmd.tpl
 .SH NAME
@@ -138,7 +138,7 @@ it to autogen-users@lists.sourceforge.net.  Thank you.
 .NOP  "Heiko Gerstung" 
 .br
 .SH "COPYRIGHT"
-Copyright (C) 1992-2015 The University of Delaware and Network Time Foundation all rights reserved.
+Copyright (C) 1992-2016 The University of Delaware and Network Time Foundation all rights reserved.
 This program is released under the terms of the NTP license, <http://ntp.org/license>.
 .SH "BUGS"
 Please send bug reports to: http://bugs.ntp.org, bugs@ntp.org
diff --git a/contrib/ntp/ntpsnmpd/ntpsnmpd.1ntpsnmpdmdoc b/contrib/ntp/ntpsnmpd/ntpsnmpd.1ntpsnmpdmdoc
index ba8d82a..6b513dc 100644
--- a/contrib/ntp/ntpsnmpd/ntpsnmpd.1ntpsnmpdmdoc
+++ b/contrib/ntp/ntpsnmpd/ntpsnmpd.1ntpsnmpdmdoc
@@ -1,9 +1,9 @@
-.Dd January 7 2016
+.Dd January 20 2016
 .Dt NTPSNMPD 1ntpsnmpdmdoc User Commands
 .Os
 .\"  EDIT THIS FILE WITH CAUTION  (ntpsnmpd-opts.mdoc)
 .\"
-.\"  It has been AutoGen-ed  January  7, 2016 at 11:32:18 PM by AutoGen 5.18.5
+.\"  It has been AutoGen-ed  January 20, 2016 at 04:19:28 AM by AutoGen 5.18.5
 .\"  From the definitions    ntpsnmpd-opts.def
 .\"  and the template file   agmdoc-cmd.tpl
 .Sh NAME
@@ -110,7 +110,7 @@ it to autogen\-users@lists.sourceforge.net.  Thank you.
 .Sh AUTHORS
 .An "Heiko Gerstung"
 .Sh "COPYRIGHT"
-Copyright (C) 1992\-2015 The University of Delaware and Network Time Foundation all rights reserved.
+Copyright (C) 1992\-2016 The University of Delaware and Network Time Foundation all rights reserved.
 This program is released under the terms of the NTP license, <http://ntp.org/license>.
 .Sh "BUGS"
 Please send bug reports to: http://bugs.ntp.org, bugs@ntp.org
diff --git a/contrib/ntp/ntpsnmpd/ntpsnmpd.html b/contrib/ntp/ntpsnmpd/ntpsnmpd.html
index 94df056..9bd75b9 100644
--- a/contrib/ntp/ntpsnmpd/ntpsnmpd.html
+++ b/contrib/ntp/ntpsnmpd/ntpsnmpd.html
@@ -42,7 +42,7 @@ Up:&nbsp;<a rel="up" accesskey="u" href="#dir">(dir)</a>
 <p>The <code>ntpsnmpd</code> utility program is used to monitor NTP daemon <code>ntpd</code>
 operations and determine performance.  It uses the standard NTP mode 6 control
 
-  <p>This document applies to version 4.2.8p5 of <code>ntpsnmpd</code>.
+  <p>This document applies to version 4.2.8p6 of <code>ntpsnmpd</code>.
 
 <ul class="menu">
 <li><a accesskey="1" href="#ntpsnmpd-Description">ntpsnmpd Description</a>:             Description
diff --git a/contrib/ntp/ntpsnmpd/ntpsnmpd.man.in b/contrib/ntp/ntpsnmpd/ntpsnmpd.man.in
index b5fe93d..3dbade2 100644
--- a/contrib/ntp/ntpsnmpd/ntpsnmpd.man.in
+++ b/contrib/ntp/ntpsnmpd/ntpsnmpd.man.in
@@ -10,11 +10,11 @@
 .ds B-Font B
 .ds I-Font I
 .ds R-Font R
-.TH ntpsnmpd @NTPSNMPD_MS@ "07 Jan 2016" "4.2.8p5" "User Commands"
+.TH ntpsnmpd @NTPSNMPD_MS@ "20 Jan 2016" "4.2.8p6" "User Commands"
 .\"
-.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-dZaaSu/ag-qZa4Qu)
+.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-FaaWZW/ag-SaaOYW)
 .\"
-.\" It has been AutoGen-ed January 7, 2016 at 11:32:12 PM by AutoGen 5.18.5
+.\" It has been AutoGen-ed January 20, 2016 at 04:19:22 AM by AutoGen 5.18.5
 .\" From the definitions ntpsnmpd-opts.def
 .\" and the template file agman-cmd.tpl
 .SH NAME
@@ -138,7 +138,7 @@ it to autogen-users@lists.sourceforge.net.  Thank you.
 .NOP  "Heiko Gerstung" 
 .br
 .SH "COPYRIGHT"
-Copyright (C) 1992-2015 The University of Delaware and Network Time Foundation all rights reserved.
+Copyright (C) 1992-2016 The University of Delaware and Network Time Foundation all rights reserved.
 This program is released under the terms of the NTP license, <http://ntp.org/license>.
 .SH "BUGS"
 Please send bug reports to: http://bugs.ntp.org, bugs@ntp.org
diff --git a/contrib/ntp/ntpsnmpd/ntpsnmpd.mdoc.in b/contrib/ntp/ntpsnmpd/ntpsnmpd.mdoc.in
index 9349c2f..11ab184 100644
--- a/contrib/ntp/ntpsnmpd/ntpsnmpd.mdoc.in
+++ b/contrib/ntp/ntpsnmpd/ntpsnmpd.mdoc.in
@@ -1,9 +1,9 @@
-.Dd January 7 2016
+.Dd January 20 2016
 .Dt NTPSNMPD @NTPSNMPD_MS@ User Commands
 .Os
 .\"  EDIT THIS FILE WITH CAUTION  (ntpsnmpd-opts.mdoc)
 .\"
-.\"  It has been AutoGen-ed  January  7, 2016 at 11:32:18 PM by AutoGen 5.18.5
+.\"  It has been AutoGen-ed  January 20, 2016 at 04:19:28 AM by AutoGen 5.18.5
 .\"  From the definitions    ntpsnmpd-opts.def
 .\"  and the template file   agmdoc-cmd.tpl
 .Sh NAME
@@ -110,7 +110,7 @@ it to autogen\-users@lists.sourceforge.net.  Thank you.
 .Sh AUTHORS
 .An "Heiko Gerstung"
 .Sh "COPYRIGHT"
-Copyright (C) 1992\-2015 The University of Delaware and Network Time Foundation all rights reserved.
+Copyright (C) 1992\-2016 The University of Delaware and Network Time Foundation all rights reserved.
 This program is released under the terms of the NTP license, <http://ntp.org/license>.
 .Sh "BUGS"
 Please send bug reports to: http://bugs.ntp.org, bugs@ntp.org
diff --git a/contrib/ntp/packageinfo.sh b/contrib/ntp/packageinfo.sh
index 9b94198..1835576 100644
--- a/contrib/ntp/packageinfo.sh
+++ b/contrib/ntp/packageinfo.sh
@@ -83,7 +83,7 @@ CLTAG=NTP_4_2_0
 # - Numeric values increment
 # - empty 'increments' to 1
 # - NEW 'increments' to empty
-point=5
+point=6
 
 ### betapoint is normally modified by script.
 # ntp-stable Beta number (betapoint)
diff --git a/contrib/ntp/scripts/calc_tickadj/calc_tickadj.1calc_tickadjman b/contrib/ntp/scripts/calc_tickadj/calc_tickadj.1calc_tickadjman
index cfeca4d..8ec5024 100644
--- a/contrib/ntp/scripts/calc_tickadj/calc_tickadj.1calc_tickadjman
+++ b/contrib/ntp/scripts/calc_tickadj/calc_tickadj.1calc_tickadjman
@@ -10,11 +10,11 @@
 .ds B-Font B
 .ds I-Font I
 .ds R-Font R
-.TH calc_tickadj 1calc_tickadjman "07 Jan 2016" "ntp (4.2.8p5)" "User Commands"
+.TH calc_tickadj 1calc_tickadjman "20 Jan 2016" "ntp (4.2.8p6)" "User Commands"
 .\"
-.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-nyaOMf/ag-AyaWLf)
+.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-lWayEG/ag-yWaGDG)
 .\"
-.\" It has been AutoGen-ed January 7, 2016 at 11:26:26 PM by AutoGen 5.18.5
+.\" It has been AutoGen-ed January 20, 2016 at 04:09:44 AM by AutoGen 5.18.5
 .\" From the definitions calc_tickadj-opts.def
 .\" and the template file agman-cmd.tpl
 .SH NAME
diff --git a/contrib/ntp/scripts/calc_tickadj/calc_tickadj.1calc_tickadjmdoc b/contrib/ntp/scripts/calc_tickadj/calc_tickadj.1calc_tickadjmdoc
index 8aed38f..aef4ada 100644
--- a/contrib/ntp/scripts/calc_tickadj/calc_tickadj.1calc_tickadjmdoc
+++ b/contrib/ntp/scripts/calc_tickadj/calc_tickadj.1calc_tickadjmdoc
@@ -1,9 +1,9 @@
-.Dd January 7 2016
+.Dd January 20 2016
 .Dt CALC_TICKADJ 1calc_tickadjmdoc User Commands
 .Os
 .\"  EDIT THIS FILE WITH CAUTION  (calc_tickadj-opts.mdoc)
 .\"
-.\"  It has been AutoGen-ed  January  7, 2016 at 11:26:28 PM by AutoGen 5.18.5
+.\"  It has been AutoGen-ed  January 20, 2016 at 04:09:46 AM by AutoGen 5.18.5
 .\"  From the definitions    calc_tickadj-opts.def
 .\"  and the template file   agmdoc-cmd.tpl
 .Sh NAME
diff --git a/contrib/ntp/scripts/calc_tickadj/calc_tickadj.html b/contrib/ntp/scripts/calc_tickadj/calc_tickadj.html
index 484e112..4869e66 100644
--- a/contrib/ntp/scripts/calc_tickadj/calc_tickadj.html
+++ b/contrib/ntp/scripts/calc_tickadj/calc_tickadj.html
@@ -31,7 +31,7 @@ Up:&nbsp;<a rel="up" accesskey="u" href="#dir">(dir)</a>
 <h2 class="unnumbered">calc_tickadj User's Manual</h2>
 
 <p>This document describes the use of the NTP Project's <code>calc_tickadj</code> program. 
-This document applies to version 4.2.8p5 of <code>calc_tickadj</code>.
+This document applies to version 4.2.8p6 of <code>calc_tickadj</code>.
 
   <div class="shortcontents">
 <h2>Short Contents</h2>
diff --git a/contrib/ntp/scripts/calc_tickadj/calc_tickadj.man.in b/contrib/ntp/scripts/calc_tickadj/calc_tickadj.man.in
index cfeca4d..8ec5024 100644
--- a/contrib/ntp/scripts/calc_tickadj/calc_tickadj.man.in
+++ b/contrib/ntp/scripts/calc_tickadj/calc_tickadj.man.in
@@ -10,11 +10,11 @@
 .ds B-Font B
 .ds I-Font I
 .ds R-Font R
-.TH calc_tickadj 1calc_tickadjman "07 Jan 2016" "ntp (4.2.8p5)" "User Commands"
+.TH calc_tickadj 1calc_tickadjman "20 Jan 2016" "ntp (4.2.8p6)" "User Commands"
 .\"
-.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-nyaOMf/ag-AyaWLf)
+.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-lWayEG/ag-yWaGDG)
 .\"
-.\" It has been AutoGen-ed January 7, 2016 at 11:26:26 PM by AutoGen 5.18.5
+.\" It has been AutoGen-ed January 20, 2016 at 04:09:44 AM by AutoGen 5.18.5
 .\" From the definitions calc_tickadj-opts.def
 .\" and the template file agman-cmd.tpl
 .SH NAME
diff --git a/contrib/ntp/scripts/calc_tickadj/calc_tickadj.mdoc.in b/contrib/ntp/scripts/calc_tickadj/calc_tickadj.mdoc.in
index 8aed38f..aef4ada 100644
--- a/contrib/ntp/scripts/calc_tickadj/calc_tickadj.mdoc.in
+++ b/contrib/ntp/scripts/calc_tickadj/calc_tickadj.mdoc.in
@@ -1,9 +1,9 @@
-.Dd January 7 2016
+.Dd January 20 2016
 .Dt CALC_TICKADJ 1calc_tickadjmdoc User Commands
 .Os
 .\"  EDIT THIS FILE WITH CAUTION  (calc_tickadj-opts.mdoc)
 .\"
-.\"  It has been AutoGen-ed  January  7, 2016 at 11:26:28 PM by AutoGen 5.18.5
+.\"  It has been AutoGen-ed  January 20, 2016 at 04:09:46 AM by AutoGen 5.18.5
 .\"  From the definitions    calc_tickadj-opts.def
 .\"  and the template file   agmdoc-cmd.tpl
 .Sh NAME
diff --git a/contrib/ntp/scripts/calc_tickadj/invoke-calc_tickadj.texi b/contrib/ntp/scripts/calc_tickadj/invoke-calc_tickadj.texi
index c78d53d..418562f 100644
--- a/contrib/ntp/scripts/calc_tickadj/invoke-calc_tickadj.texi
+++ b/contrib/ntp/scripts/calc_tickadj/invoke-calc_tickadj.texi
@@ -6,7 +6,7 @@
 #
 # EDIT THIS FILE WITH CAUTION  (invoke-calc_tickadj.texi)
 #
-# It has been AutoGen-ed  January  7, 2016 at 11:26:30 PM by AutoGen 5.18.5
+# It has been AutoGen-ed  January 20, 2016 at 04:09:47 AM by AutoGen 5.18.5
 # From the definitions    calc_tickadj-opts.def
 # and the template file   agtexi-cmd.tpl
 @end ignore
diff --git a/contrib/ntp/scripts/invoke-plot_summary.texi b/contrib/ntp/scripts/invoke-plot_summary.texi
index 93cc07a..96b5714 100644
--- a/contrib/ntp/scripts/invoke-plot_summary.texi
+++ b/contrib/ntp/scripts/invoke-plot_summary.texi
@@ -6,7 +6,7 @@
 #
 # EDIT THIS FILE WITH CAUTION  (invoke-plot_summary.texi)
 #
-# It has been AutoGen-ed  January  7, 2016 at 11:27:16 PM by AutoGen 5.18.5
+# It has been AutoGen-ed  January 20, 2016 at 04:10:34 AM by AutoGen 5.18.5
 # From the definitions    plot_summary-opts.def
 # and the template file   agtexi-cmd.tpl
 @end ignore
@@ -41,7 +41,7 @@ with a status code of 0.
 
 @exampleindent 0
 @example
-plot_summary - plot statistics generated by summary script - Ver. 4.2.8p5
+plot_summary - plot statistics generated by summary script - Ver. 4.2.8p6
 USAGE: plot_summary [ -<flag> [<val>] | --<name>[@{=| @}<val>] ]... 
 
         --directory=str          Where the summary files are
diff --git a/contrib/ntp/scripts/invoke-summary.texi b/contrib/ntp/scripts/invoke-summary.texi
index 521a7ff..9a05d51 100644
--- a/contrib/ntp/scripts/invoke-summary.texi
+++ b/contrib/ntp/scripts/invoke-summary.texi
@@ -6,7 +6,7 @@
 #
 # EDIT THIS FILE WITH CAUTION  (invoke-summary.texi)
 #
-# It has been AutoGen-ed  January  7, 2016 at 11:27:22 PM by AutoGen 5.18.5
+# It has been AutoGen-ed  January 20, 2016 at 04:10:40 AM by AutoGen 5.18.5
 # From the definitions    summary-opts.def
 # and the template file   agtexi-cmd.tpl
 @end ignore
@@ -42,7 +42,7 @@ with a status code of 0.
 
 @exampleindent 0
 @example
-summary - compute various stastics from NTP stat files - Ver. 4.2.8p5
+summary - compute various stastics from NTP stat files - Ver. 4.2.8p6
 USAGE: summary [ -<flag> [<val>] | --<name>[@{=| @}<val>] ]... 
 
         --directory=str          Directory containing stat files
diff --git a/contrib/ntp/scripts/ntp-wait/invoke-ntp-wait.texi b/contrib/ntp/scripts/ntp-wait/invoke-ntp-wait.texi
index f2de360..d2e964c 100644
--- a/contrib/ntp/scripts/ntp-wait/invoke-ntp-wait.texi
+++ b/contrib/ntp/scripts/ntp-wait/invoke-ntp-wait.texi
@@ -6,7 +6,7 @@
 #
 # EDIT THIS FILE WITH CAUTION  (invoke-ntp-wait.texi)
 #
-# It has been AutoGen-ed  January  7, 2016 at 11:26:39 PM by AutoGen 5.18.5
+# It has been AutoGen-ed  January 20, 2016 at 04:09:57 AM by AutoGen 5.18.5
 # From the definitions    ntp-wait-opts.def
 # and the template file   agtexi-cmd.tpl
 @end ignore
@@ -61,7 +61,7 @@ with a status code of 0.
 
 @exampleindent 0
 @example
-ntp-wait - Wait for ntpd to stabilize the system clock - Ver. 4.2.8p5
+ntp-wait - Wait for ntpd to stabilize the system clock - Ver. 4.2.8p6
 USAGE: ntp-wait [ -<flag> [<val>] | --<name>[@{=| @}<val>] ]... 
 
     -n, --tries=num              Number of times to check ntpd
diff --git a/contrib/ntp/scripts/ntp-wait/ntp-wait-opts b/contrib/ntp/scripts/ntp-wait/ntp-wait-opts
index 24db0a3..1c6a815 100644
--- a/contrib/ntp/scripts/ntp-wait/ntp-wait-opts
+++ b/contrib/ntp/scripts/ntp-wait/ntp-wait-opts
@@ -1,6 +1,6 @@
 # EDIT THIS FILE WITH CAUTION  (ntp-wait-opts)
 #
-# It has been AutoGen-ed  January  7, 2016 at 11:26:33 PM by AutoGen 5.18.5
+# It has been AutoGen-ed  January 20, 2016 at 04:09:51 AM by AutoGen 5.18.5
 # From the definitions    ntp-wait-opts.def
 # and the template file   perlopt
 
@@ -40,7 +40,7 @@ sub processOptions {
         'help|?', 'more-help'));
 
     $usage = <<'USAGE';
-ntp-wait - Wait for ntpd to stabilize the system clock - Ver. 4.2.8p5
+ntp-wait - Wait for ntpd to stabilize the system clock - Ver. 4.2.8p6
 USAGE: ntp-wait [ -<flag> [<val>] | --<name>[{=| }<val>] ]... 
 
     -n, --tries=num              Number of times to check ntpd
diff --git a/contrib/ntp/scripts/ntp-wait/ntp-wait.1ntp-waitman b/contrib/ntp/scripts/ntp-wait/ntp-wait.1ntp-waitman
index b49cd94..44b0d00 100644
--- a/contrib/ntp/scripts/ntp-wait/ntp-wait.1ntp-waitman
+++ b/contrib/ntp/scripts/ntp-wait/ntp-wait.1ntp-waitman
@@ -10,11 +10,11 @@
 .ds B-Font B
 .ds I-Font I
 .ds R-Font R
-.TH ntp-wait 1ntp-waitman "07 Jan 2016" "ntp (4.2.8p5)" "User Commands"
+.TH ntp-wait 1ntp-waitman "20 Jan 2016" "ntp (4.2.8p6)" "User Commands"
 .\"
-.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-7OaOah/ag-iPaW_g)
+.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-4fay4H/ag-fgaG3H)
 .\"
-.\" It has been AutoGen-ed January 7, 2016 at 11:26:35 PM by AutoGen 5.18.5
+.\" It has been AutoGen-ed January 20, 2016 at 04:09:53 AM by AutoGen 5.18.5
 .\" From the definitions ntp-wait-opts.def
 .\" and the template file agman-cmd.tpl
 .SH NAME
diff --git a/contrib/ntp/scripts/ntp-wait/ntp-wait.1ntp-waitmdoc b/contrib/ntp/scripts/ntp-wait/ntp-wait.1ntp-waitmdoc
index 293bb0e..b052fcc 100644
--- a/contrib/ntp/scripts/ntp-wait/ntp-wait.1ntp-waitmdoc
+++ b/contrib/ntp/scripts/ntp-wait/ntp-wait.1ntp-waitmdoc
@@ -1,9 +1,9 @@
-.Dd January 7 2016
+.Dd January 20 2016
 .Dt NTP_WAIT 1ntp-waitmdoc User Commands
 .Os
 .\"  EDIT THIS FILE WITH CAUTION  (ntp-wait-opts.mdoc)
 .\"
-.\"  It has been AutoGen-ed  January  7, 2016 at 11:26:41 PM by AutoGen 5.18.5
+.\"  It has been AutoGen-ed  January 20, 2016 at 04:09:59 AM by AutoGen 5.18.5
 .\"  From the definitions    ntp-wait-opts.def
 .\"  and the template file   agmdoc-cmd.tpl
 .Sh NAME
diff --git a/contrib/ntp/scripts/ntp-wait/ntp-wait.html b/contrib/ntp/scripts/ntp-wait/ntp-wait.html
index e8f08d4..53accf6 100644
--- a/contrib/ntp/scripts/ntp-wait/ntp-wait.html
+++ b/contrib/ntp/scripts/ntp-wait/ntp-wait.html
@@ -39,7 +39,7 @@ until the system's time has stabilized and synchronized,
 and only then start any applicaitons (like database servers) that require
 accurate and stable time.
 
-  <p>This document applies to version 4.2.8p5 of <code>ntp-wait</code>.
+  <p>This document applies to version 4.2.8p6 of <code>ntp-wait</code>.
 
 <div class="shortcontents">
 <h2>Short Contents</h2>
@@ -114,7 +114,7 @@ the usage text by passing it through a pager program.
 used to select the program, defaulting to <span class="file">more</span>.  Both will exit
 with a status code of 0.
 
-<pre class="example">ntp-wait - Wait for ntpd to stabilize the system clock - Ver. 4.2.8p5
+<pre class="example">ntp-wait - Wait for ntpd to stabilize the system clock - Ver. 4.2.8p6
 USAGE: ntp-wait [ -&lt;flag&gt; [&lt;val&gt;] | --&lt;name&gt;[{=| }&lt;val&gt;] ]...
 
     -n, --tries=num              Number of times to check ntpd
diff --git a/contrib/ntp/scripts/ntp-wait/ntp-wait.man.in b/contrib/ntp/scripts/ntp-wait/ntp-wait.man.in
index f7326de..693cea7 100644
--- a/contrib/ntp/scripts/ntp-wait/ntp-wait.man.in
+++ b/contrib/ntp/scripts/ntp-wait/ntp-wait.man.in
@@ -10,11 +10,11 @@
 .ds B-Font B
 .ds I-Font I
 .ds R-Font R
-.TH ntp-wait @NTP_WAIT_MS@ "07 Jan 2016" "ntp (4.2.8p5)" "User Commands"
+.TH ntp-wait @NTP_WAIT_MS@ "20 Jan 2016" "ntp (4.2.8p6)" "User Commands"
 .\"
-.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-7OaOah/ag-iPaW_g)
+.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-4fay4H/ag-fgaG3H)
 .\"
-.\" It has been AutoGen-ed January 7, 2016 at 11:26:35 PM by AutoGen 5.18.5
+.\" It has been AutoGen-ed January 20, 2016 at 04:09:53 AM by AutoGen 5.18.5
 .\" From the definitions ntp-wait-opts.def
 .\" and the template file agman-cmd.tpl
 .SH NAME
diff --git a/contrib/ntp/scripts/ntp-wait/ntp-wait.mdoc.in b/contrib/ntp/scripts/ntp-wait/ntp-wait.mdoc.in
index d3562ba..faa7361 100644
--- a/contrib/ntp/scripts/ntp-wait/ntp-wait.mdoc.in
+++ b/contrib/ntp/scripts/ntp-wait/ntp-wait.mdoc.in
@@ -1,9 +1,9 @@
-.Dd January 7 2016
+.Dd January 20 2016
 .Dt NTP_WAIT @NTP_WAIT_MS@ User Commands
 .Os
 .\"  EDIT THIS FILE WITH CAUTION  (ntp-wait-opts.mdoc)
 .\"
-.\"  It has been AutoGen-ed  January  7, 2016 at 11:26:41 PM by AutoGen 5.18.5
+.\"  It has been AutoGen-ed  January 20, 2016 at 04:09:59 AM by AutoGen 5.18.5
 .\"  From the definitions    ntp-wait-opts.def
 .\"  and the template file   agmdoc-cmd.tpl
 .Sh NAME
diff --git a/contrib/ntp/scripts/ntpsweep/invoke-ntpsweep.texi b/contrib/ntp/scripts/ntpsweep/invoke-ntpsweep.texi
index 0556da8..5e90637 100644
--- a/contrib/ntp/scripts/ntpsweep/invoke-ntpsweep.texi
+++ b/contrib/ntp/scripts/ntpsweep/invoke-ntpsweep.texi
@@ -6,7 +6,7 @@
 #
 # EDIT THIS FILE WITH CAUTION  (invoke-ntpsweep.texi)
 #
-# It has been AutoGen-ed  January  7, 2016 at 11:26:45 PM by AutoGen 5.18.5
+# It has been AutoGen-ed  January 20, 2016 at 04:10:03 AM by AutoGen 5.18.5
 # From the definitions    ntpsweep-opts.def
 # and the template file   agtexi-cmd.tpl
 @end ignore
@@ -45,7 +45,7 @@ with a status code of 0.
 
 @exampleindent 0
 @example
-ntpsweep - Print various informations about given ntp servers - Ver. 4.2.8p5
+ntpsweep - Print various informations about given ntp servers - Ver. 4.2.8p6
 USAGE: ntpsweep [ -<flag> [<val>] | --<name>[@{=| @}<val>] ]... [hostfile]
 
     -l, --host-list=str          Host to execute actions on
diff --git a/contrib/ntp/scripts/ntpsweep/ntpsweep-opts b/contrib/ntp/scripts/ntpsweep/ntpsweep-opts
index 2629d29..7cd1e3d 100644
--- a/contrib/ntp/scripts/ntpsweep/ntpsweep-opts
+++ b/contrib/ntp/scripts/ntpsweep/ntpsweep-opts
@@ -1,6 +1,6 @@
 # EDIT THIS FILE WITH CAUTION  (ntpsweep-opts)
 #
-# It has been AutoGen-ed  January  7, 2016 at 11:26:43 PM by AutoGen 5.18.5
+# It has been AutoGen-ed  January 20, 2016 at 04:10:01 AM by AutoGen 5.18.5
 # From the definitions    ntpsweep-opts.def
 # and the template file   perlopt
 
@@ -43,7 +43,7 @@ sub processOptions {
         'help|?', 'more-help'));
 
     $usage = <<'USAGE';
-ntpsweep - Print various informations about given ntp servers - Ver. 4.2.8p5
+ntpsweep - Print various informations about given ntp servers - Ver. 4.2.8p6
 USAGE: ntpsweep [ -<flag> [<val>] | --<name>[{=| }<val>] ]... [hostfile]
 
     -l, --host-list=str          Host to execute actions on
diff --git a/contrib/ntp/scripts/ntpsweep/ntpsweep.1ntpsweepman b/contrib/ntp/scripts/ntpsweep/ntpsweep.1ntpsweepman
index 0f61f64..0419a17 100644
--- a/contrib/ntp/scripts/ntpsweep/ntpsweep.1ntpsweepman
+++ b/contrib/ntp/scripts/ntpsweep/ntpsweep.1ntpsweepman
@@ -10,11 +10,11 @@
 .ds B-Font B
 .ds I-Font I
 .ds R-Font R
-.TH ntpsweep 1ntpsweepman "07 Jan 2016" "ntp (4.2.8p5)" "User Commands"
+.TH ntpsweep 1ntpsweepman "20 Jan 2016" "ntp (4.2.8p6)" "User Commands"
 .\"
-.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-eHaGCi/ag-rHaOBi)
+.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-3aaGuJ/ag-ebaOtJ)
 .\"
-.\" It has been AutoGen-ed January 7, 2016 at 11:26:47 PM by AutoGen 5.18.5
+.\" It has been AutoGen-ed January 20, 2016 at 04:10:05 AM by AutoGen 5.18.5
 .\" From the definitions ntpsweep-opts.def
 .\" and the template file agman-cmd.tpl
 .SH NAME
diff --git a/contrib/ntp/scripts/ntpsweep/ntpsweep.1ntpsweepmdoc b/contrib/ntp/scripts/ntpsweep/ntpsweep.1ntpsweepmdoc
index 6d0c357..8b1af98 100644
--- a/contrib/ntp/scripts/ntpsweep/ntpsweep.1ntpsweepmdoc
+++ b/contrib/ntp/scripts/ntpsweep/ntpsweep.1ntpsweepmdoc
@@ -1,9 +1,9 @@
-.Dd January 7 2016
+.Dd January 20 2016
 .Dt NTPSWEEP 1ntpsweepmdoc User Commands
 .Os
 .\"  EDIT THIS FILE WITH CAUTION  (ntpsweep-opts.mdoc)
 .\"
-.\"  It has been AutoGen-ed  January  7, 2016 at 11:26:50 PM by AutoGen 5.18.5
+.\"  It has been AutoGen-ed  January 20, 2016 at 04:10:09 AM by AutoGen 5.18.5
 .\"  From the definitions    ntpsweep-opts.def
 .\"  and the template file   agmdoc-cmd.tpl
 .Sh NAME
diff --git a/contrib/ntp/scripts/ntpsweep/ntpsweep.html b/contrib/ntp/scripts/ntpsweep/ntpsweep.html
index aba6b5f..b5dac39 100644
--- a/contrib/ntp/scripts/ntpsweep/ntpsweep.html
+++ b/contrib/ntp/scripts/ntpsweep/ntpsweep.html
@@ -30,7 +30,7 @@ Up:&nbsp;<a rel="up" accesskey="u" href="#dir">(dir)</a>
 
   <p>This document describes the use of the NTP Project's <code>ntpsweep</code> program.
 
-  <p>This document applies to version 4.2.8p5 of <code>ntpsweep</code>.
+  <p>This document applies to version 4.2.8p6 of <code>ntpsweep</code>.
 
   <div class="shortcontents">
 <h2>Short Contents</h2>
@@ -90,7 +90,7 @@ the usage text by passing it through a pager program.
 used to select the program, defaulting to <span class="file">more</span>.  Both will exit
 with a status code of 0.
 
-<pre class="example">ntpsweep - Print various informations about given ntp servers - Ver. 4.2.8p5
+<pre class="example">ntpsweep - Print various informations about given ntp servers - Ver. 4.2.8p6
 USAGE: ntpsweep [ -&lt;flag&gt; [&lt;val&gt;] | --&lt;name&gt;[{=| }&lt;val&gt;] ]... [hostfile]
 
     -l, --host-list=str          Host to execute actions on
diff --git a/contrib/ntp/scripts/ntpsweep/ntpsweep.man.in b/contrib/ntp/scripts/ntpsweep/ntpsweep.man.in
index 0f61f64..0419a17 100644
--- a/contrib/ntp/scripts/ntpsweep/ntpsweep.man.in
+++ b/contrib/ntp/scripts/ntpsweep/ntpsweep.man.in
@@ -10,11 +10,11 @@
 .ds B-Font B
 .ds I-Font I
 .ds R-Font R
-.TH ntpsweep 1ntpsweepman "07 Jan 2016" "ntp (4.2.8p5)" "User Commands"
+.TH ntpsweep 1ntpsweepman "20 Jan 2016" "ntp (4.2.8p6)" "User Commands"
 .\"
-.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-eHaGCi/ag-rHaOBi)
+.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-3aaGuJ/ag-ebaOtJ)
 .\"
-.\" It has been AutoGen-ed January 7, 2016 at 11:26:47 PM by AutoGen 5.18.5
+.\" It has been AutoGen-ed January 20, 2016 at 04:10:05 AM by AutoGen 5.18.5
 .\" From the definitions ntpsweep-opts.def
 .\" and the template file agman-cmd.tpl
 .SH NAME
diff --git a/contrib/ntp/scripts/ntpsweep/ntpsweep.mdoc.in b/contrib/ntp/scripts/ntpsweep/ntpsweep.mdoc.in
index 6d0c357..8b1af98 100644
--- a/contrib/ntp/scripts/ntpsweep/ntpsweep.mdoc.in
+++ b/contrib/ntp/scripts/ntpsweep/ntpsweep.mdoc.in
@@ -1,9 +1,9 @@
-.Dd January 7 2016
+.Dd January 20 2016
 .Dt NTPSWEEP 1ntpsweepmdoc User Commands
 .Os
 .\"  EDIT THIS FILE WITH CAUTION  (ntpsweep-opts.mdoc)
 .\"
-.\"  It has been AutoGen-ed  January  7, 2016 at 11:26:50 PM by AutoGen 5.18.5
+.\"  It has been AutoGen-ed  January 20, 2016 at 04:10:09 AM by AutoGen 5.18.5
 .\"  From the definitions    ntpsweep-opts.def
 .\"  and the template file   agmdoc-cmd.tpl
 .Sh NAME
diff --git a/contrib/ntp/scripts/ntptrace/invoke-ntptrace.texi b/contrib/ntp/scripts/ntptrace/invoke-ntptrace.texi
index 29f48f4..0545b4a 100644
--- a/contrib/ntp/scripts/ntptrace/invoke-ntptrace.texi
+++ b/contrib/ntp/scripts/ntptrace/invoke-ntptrace.texi
@@ -6,7 +6,7 @@
 #
 # EDIT THIS FILE WITH CAUTION  (invoke-ntptrace.texi)
 #
-# It has been AutoGen-ed  January  7, 2016 at 11:26:58 PM by AutoGen 5.18.5
+# It has been AutoGen-ed  January 20, 2016 at 04:10:16 AM by AutoGen 5.18.5
 # From the definitions    ntptrace-opts.def
 # and the template file   agtexi-cmd.tpl
 @end ignore
@@ -62,7 +62,7 @@ with a status code of 0.
 
 @exampleindent 0
 @example
-ntptrace - Trace peers of an NTP server - Ver. 4.2.8p5
+ntptrace - Trace peers of an NTP server - Ver. 4.2.8p6
 USAGE: ntptrace [ -<flag> [<val>] | --<name>[@{=| @}<val>] ]... [host]
 
     -n, --numeric                Print IP addresses instead of hostnames
diff --git a/contrib/ntp/scripts/ntptrace/ntptrace-opts b/contrib/ntp/scripts/ntptrace/ntptrace-opts
index d1cecf8..9744414 100644
--- a/contrib/ntp/scripts/ntptrace/ntptrace-opts
+++ b/contrib/ntp/scripts/ntptrace/ntptrace-opts
@@ -1,6 +1,6 @@
 # EDIT THIS FILE WITH CAUTION  (ntptrace-opts)
 #
-# It has been AutoGen-ed  January  7, 2016 at 11:26:52 PM by AutoGen 5.18.5
+# It has been AutoGen-ed  January 20, 2016 at 04:10:10 AM by AutoGen 5.18.5
 # From the definitions    ntptrace-opts.def
 # and the template file   perlopt
 
@@ -40,7 +40,7 @@ sub processOptions {
         'help|?', 'more-help'));
 
     $usage = <<'USAGE';
-ntptrace - Trace peers of an NTP server - Ver. 4.2.8p5
+ntptrace - Trace peers of an NTP server - Ver. 4.2.8p6
 USAGE: ntptrace [ -<flag> [<val>] | --<name>[{=| }<val>] ]... [host]
 
     -n, --numeric                Print IP addresses instead of hostnames
diff --git a/contrib/ntp/scripts/ntptrace/ntptrace.1ntptraceman b/contrib/ntp/scripts/ntptrace/ntptrace.1ntptraceman
index 33854e6..870d184 100644
--- a/contrib/ntp/scripts/ntptrace/ntptrace.1ntptraceman
+++ b/contrib/ntp/scripts/ntptrace/ntptrace.1ntptraceman
@@ -10,11 +10,11 @@
 .ds B-Font B
 .ds I-Font I
 .ds R-Font R
-.TH ntptrace 1ntptraceman "07 Jan 2016" "ntp (4.2.8p5)" "User Commands"
+.TH ntptrace 1ntptraceman "20 Jan 2016" "ntp (4.2.8p6)" "User Commands"
 .\"
-.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-tqaWUj/ag-Gqa4Tj)
+.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-s0aOMK/ag-G0aWLK)
 .\"
-.\" It has been AutoGen-ed January 7, 2016 at 11:26:54 PM by AutoGen 5.18.5
+.\" It has been AutoGen-ed January 20, 2016 at 04:10:13 AM by AutoGen 5.18.5
 .\" From the definitions ntptrace-opts.def
 .\" and the template file agman-cmd.tpl
 .SH NAME
diff --git a/contrib/ntp/scripts/ntptrace/ntptrace.1ntptracemdoc b/contrib/ntp/scripts/ntptrace/ntptrace.1ntptracemdoc
index eea1d62..0a8a83a 100644
--- a/contrib/ntp/scripts/ntptrace/ntptrace.1ntptracemdoc
+++ b/contrib/ntp/scripts/ntptrace/ntptrace.1ntptracemdoc
@@ -1,9 +1,9 @@
-.Dd January 7 2016
+.Dd January 20 2016
 .Dt NTPTRACE 1ntptracemdoc User Commands
 .Os
 .\"  EDIT THIS FILE WITH CAUTION  (ntptrace-opts.mdoc)
 .\"
-.\"  It has been AutoGen-ed  January  7, 2016 at 11:27:00 PM by AutoGen 5.18.5
+.\"  It has been AutoGen-ed  January 20, 2016 at 04:10:18 AM by AutoGen 5.18.5
 .\"  From the definitions    ntptrace-opts.def
 .\"  and the template file   agmdoc-cmd.tpl
 .Sh NAME
diff --git a/contrib/ntp/scripts/ntptrace/ntptrace.html b/contrib/ntp/scripts/ntptrace/ntptrace.html
index fb96e71..2da3424 100644
--- a/contrib/ntp/scripts/ntptrace/ntptrace.html
+++ b/contrib/ntp/scripts/ntptrace/ntptrace.html
@@ -31,7 +31,7 @@ Up:&nbsp;<a rel="up" accesskey="u" href="#dir">(dir)</a>
 <h2 class="unnumbered">Simple Network Time Protocol User Manual</h2>
 
 <p>This document describes the use of the NTP Project's <code>ntptrace</code> program. 
-This document applies to version 4.2.8p5 of <code>ntptrace</code>.
+This document applies to version 4.2.8p6 of <code>ntptrace</code>.
 
   <div class="shortcontents">
 <h2>Short Contents</h2>
@@ -107,7 +107,7 @@ the usage text by passing it through a pager program.
 used to select the program, defaulting to <span class="file">more</span>.  Both will exit
 with a status code of 0.
 
-<pre class="example">ntptrace - Trace peers of an NTP server - Ver. 4.2.8p5
+<pre class="example">ntptrace - Trace peers of an NTP server - Ver. 4.2.8p6
 USAGE: ntptrace [ -&lt;flag&gt; [&lt;val&gt;] | --&lt;name&gt;[{=| }&lt;val&gt;] ]... [host]
 
     -n, --numeric                Print IP addresses instead of hostnames
diff --git a/contrib/ntp/scripts/ntptrace/ntptrace.man.in b/contrib/ntp/scripts/ntptrace/ntptrace.man.in
index 04c8c91..d602938 100644
--- a/contrib/ntp/scripts/ntptrace/ntptrace.man.in
+++ b/contrib/ntp/scripts/ntptrace/ntptrace.man.in
@@ -10,11 +10,11 @@
 .ds B-Font B
 .ds I-Font I
 .ds R-Font R
-.TH ntptrace @NTPTRACE_MS@ "07 Jan 2016" "ntp (4.2.8p5)" "User Commands"
+.TH ntptrace @NTPTRACE_MS@ "20 Jan 2016" "ntp (4.2.8p6)" "User Commands"
 .\"
-.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-tqaWUj/ag-Gqa4Tj)
+.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-s0aOMK/ag-G0aWLK)
 .\"
-.\" It has been AutoGen-ed January 7, 2016 at 11:26:54 PM by AutoGen 5.18.5
+.\" It has been AutoGen-ed January 20, 2016 at 04:10:13 AM by AutoGen 5.18.5
 .\" From the definitions ntptrace-opts.def
 .\" and the template file agman-cmd.tpl
 .SH NAME
diff --git a/contrib/ntp/scripts/ntptrace/ntptrace.mdoc.in b/contrib/ntp/scripts/ntptrace/ntptrace.mdoc.in
index 6e8b389..b7be946 100644
--- a/contrib/ntp/scripts/ntptrace/ntptrace.mdoc.in
+++ b/contrib/ntp/scripts/ntptrace/ntptrace.mdoc.in
@@ -1,9 +1,9 @@
-.Dd January 7 2016
+.Dd January 20 2016
 .Dt NTPTRACE @NTPTRACE_MS@ User Commands
 .Os
 .\"  EDIT THIS FILE WITH CAUTION  (ntptrace-opts.mdoc)
 .\"
-.\"  It has been AutoGen-ed  January  7, 2016 at 11:27:00 PM by AutoGen 5.18.5
+.\"  It has been AutoGen-ed  January 20, 2016 at 04:10:18 AM by AutoGen 5.18.5
 .\"  From the definitions    ntptrace-opts.def
 .\"  and the template file   agmdoc-cmd.tpl
 .Sh NAME
diff --git a/contrib/ntp/scripts/plot_summary-opts b/contrib/ntp/scripts/plot_summary-opts
index 28ea583..03c0dbb 100644
--- a/contrib/ntp/scripts/plot_summary-opts
+++ b/contrib/ntp/scripts/plot_summary-opts
@@ -1,6 +1,6 @@
 # EDIT THIS FILE WITH CAUTION  (plot_summary-opts)
 #
-# It has been AutoGen-ed  January  7, 2016 at 11:27:12 PM by AutoGen 5.18.5
+# It has been AutoGen-ed  January 20, 2016 at 04:10:30 AM by AutoGen 5.18.5
 # From the definitions    plot_summary-opts.def
 # and the template file   perlopt
 
@@ -46,7 +46,7 @@ sub processOptions {
         'help|?', 'more-help'));
 
     $usage = <<'USAGE';
-plot_summary - plot statistics generated by summary script - Ver. 4.2.8p5
+plot_summary - plot statistics generated by summary script - Ver. 4.2.8p6
 USAGE: plot_summary [ -<flag> [<val>] | --<name>[{=| }<val>] ]... 
 
         --directory=str          Where the summary files are
diff --git a/contrib/ntp/scripts/plot_summary.1plot_summaryman b/contrib/ntp/scripts/plot_summary.1plot_summaryman
index 9094f8e..1aec5a7 100644
--- a/contrib/ntp/scripts/plot_summary.1plot_summaryman
+++ b/contrib/ntp/scripts/plot_summary.1plot_summaryman
@@ -10,11 +10,11 @@
 .ds B-Font B
 .ds I-Font I
 .ds R-Font R
-.TH plot_summary 1plot_summaryman "07 Jan 2016" "ntp (4.2.8p5)" "User Commands"
+.TH plot_summary 1plot_summaryman "20 Jan 2016" "ntp (4.2.8p6)" "User Commands"
 .\"
-.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-xiaqKm/ag-KiayJm)
+.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-CNaiCN/ag-PNaqBN)
 .\"
-.\" It has been AutoGen-ed January 7, 2016 at 11:27:18 PM by AutoGen 5.18.5
+.\" It has been AutoGen-ed January 20, 2016 at 04:10:36 AM by AutoGen 5.18.5
 .\" From the definitions plot_summary-opts.def
 .\" and the template file agman-cmd.tpl
 .SH NAME
diff --git a/contrib/ntp/scripts/plot_summary.1plot_summarymdoc b/contrib/ntp/scripts/plot_summary.1plot_summarymdoc
index 99c5d8c..e816434 100644
--- a/contrib/ntp/scripts/plot_summary.1plot_summarymdoc
+++ b/contrib/ntp/scripts/plot_summary.1plot_summarymdoc
@@ -1,9 +1,9 @@
-.Dd January 7 2016
+.Dd January 20 2016
 .Dt PLOT_SUMMARY 1plot_summarymdoc User Commands
 .Os
 .\"  EDIT THIS FILE WITH CAUTION  (plot_summary-opts.mdoc)
 .\"
-.\"  It has been AutoGen-ed  January  7, 2016 at 11:27:20 PM by AutoGen 5.18.5
+.\"  It has been AutoGen-ed  January 20, 2016 at 04:10:38 AM by AutoGen 5.18.5
 .\"  From the definitions    plot_summary-opts.def
 .\"  and the template file   agmdoc-cmd.tpl
 .Sh NAME
diff --git a/contrib/ntp/scripts/plot_summary.html b/contrib/ntp/scripts/plot_summary.html
index 3cb2ed4..6d8e5a4 100644
--- a/contrib/ntp/scripts/plot_summary.html
+++ b/contrib/ntp/scripts/plot_summary.html
@@ -31,7 +31,7 @@ Up:&nbsp;<a rel="up" accesskey="u" href="#dir">(dir)</a>
 <h2 class="unnumbered">Plot_summary User Manual</h2>
 
 <p>This document describes the use of the NTP Project's <code>plot_summary</code> program. 
-This document applies to version 4.2.8p5 of <code>plot_summary</code>.
+This document applies to version 4.2.8p6 of <code>plot_summary</code>.
 
   <div class="shortcontents">
 <h2>Short Contents</h2>
@@ -89,7 +89,7 @@ the usage text by passing it through a pager program.
 used to select the program, defaulting to <span class="file">more</span>.  Both will exit
 with a status code of 0.
 
-<pre class="example">plot_summary - plot statistics generated by summary script - Ver. 4.2.8p5
+<pre class="example">plot_summary - plot statistics generated by summary script - Ver. 4.2.8p6
 USAGE: plot_summary [ -&lt;flag&gt; [&lt;val&gt;] | --&lt;name&gt;[{=| }&lt;val&gt;] ]...
 
         --directory=str          Where the summary files are
diff --git a/contrib/ntp/scripts/plot_summary.man.in b/contrib/ntp/scripts/plot_summary.man.in
index 9094f8e..1aec5a7 100644
--- a/contrib/ntp/scripts/plot_summary.man.in
+++ b/contrib/ntp/scripts/plot_summary.man.in
@@ -10,11 +10,11 @@
 .ds B-Font B
 .ds I-Font I
 .ds R-Font R
-.TH plot_summary 1plot_summaryman "07 Jan 2016" "ntp (4.2.8p5)" "User Commands"
+.TH plot_summary 1plot_summaryman "20 Jan 2016" "ntp (4.2.8p6)" "User Commands"
 .\"
-.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-xiaqKm/ag-KiayJm)
+.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-CNaiCN/ag-PNaqBN)
 .\"
-.\" It has been AutoGen-ed January 7, 2016 at 11:27:18 PM by AutoGen 5.18.5
+.\" It has been AutoGen-ed January 20, 2016 at 04:10:36 AM by AutoGen 5.18.5
 .\" From the definitions plot_summary-opts.def
 .\" and the template file agman-cmd.tpl
 .SH NAME
diff --git a/contrib/ntp/scripts/plot_summary.mdoc.in b/contrib/ntp/scripts/plot_summary.mdoc.in
index 99c5d8c..e816434 100644
--- a/contrib/ntp/scripts/plot_summary.mdoc.in
+++ b/contrib/ntp/scripts/plot_summary.mdoc.in
@@ -1,9 +1,9 @@
-.Dd January 7 2016
+.Dd January 20 2016
 .Dt PLOT_SUMMARY 1plot_summarymdoc User Commands
 .Os
 .\"  EDIT THIS FILE WITH CAUTION  (plot_summary-opts.mdoc)
 .\"
-.\"  It has been AutoGen-ed  January  7, 2016 at 11:27:20 PM by AutoGen 5.18.5
+.\"  It has been AutoGen-ed  January 20, 2016 at 04:10:38 AM by AutoGen 5.18.5
 .\"  From the definitions    plot_summary-opts.def
 .\"  and the template file   agmdoc-cmd.tpl
 .Sh NAME
diff --git a/contrib/ntp/scripts/summary-opts b/contrib/ntp/scripts/summary-opts
index 47661ee..2fa6a7d 100644
--- a/contrib/ntp/scripts/summary-opts
+++ b/contrib/ntp/scripts/summary-opts
@@ -1,6 +1,6 @@
 # EDIT THIS FILE WITH CAUTION  (summary-opts)
 #
-# It has been AutoGen-ed  January  7, 2016 at 11:27:14 PM by AutoGen 5.18.5
+# It has been AutoGen-ed  January 20, 2016 at 04:10:32 AM by AutoGen 5.18.5
 # From the definitions    summary-opts.def
 # and the template file   perlopt
 
@@ -44,7 +44,7 @@ sub processOptions {
         'help|?', 'more-help'));
 
     $usage = <<'USAGE';
-summary - compute various stastics from NTP stat files - Ver. 4.2.8p5
+summary - compute various stastics from NTP stat files - Ver. 4.2.8p6
 USAGE: summary [ -<flag> [<val>] | --<name>[{=| }<val>] ]... 
 
         --directory=str          Directory containing stat files
diff --git a/contrib/ntp/scripts/summary.1summaryman b/contrib/ntp/scripts/summary.1summaryman
index 0573b11..fd5d8d2 100644
--- a/contrib/ntp/scripts/summary.1summaryman
+++ b/contrib/ntp/scripts/summary.1summaryman
@@ -10,11 +10,11 @@
 .ds B-Font B
 .ds I-Font I
 .ds R-Font R
-.TH summary 1summaryman "07 Jan 2016" "ntp (4.2.8p5)" "User Commands"
+.TH summary 1summaryman "20 Jan 2016" "ntp (4.2.8p6)" "User Commands"
 .\"
-.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-.Ca4Xm/ag-lDaaXm)
+.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-z8aWPN/ag-M8a4ON)
 .\"
-.\" It has been AutoGen-ed January 7, 2016 at 11:27:24 PM by AutoGen 5.18.5
+.\" It has been AutoGen-ed January 20, 2016 at 04:10:42 AM by AutoGen 5.18.5
 .\" From the definitions summary-opts.def
 .\" and the template file agman-cmd.tpl
 .SH NAME
diff --git a/contrib/ntp/scripts/summary.1summarymdoc b/contrib/ntp/scripts/summary.1summarymdoc
index 5e28a57..f6fd0c1 100644
--- a/contrib/ntp/scripts/summary.1summarymdoc
+++ b/contrib/ntp/scripts/summary.1summarymdoc
@@ -1,9 +1,9 @@
-.Dd January 7 2016
+.Dd January 20 2016
 .Dt SUMMARY 1summarymdoc User Commands
 .Os
 .\"  EDIT THIS FILE WITH CAUTION  (summary-opts.mdoc)
 .\"
-.\"  It has been AutoGen-ed  January  7, 2016 at 11:27:25 PM by AutoGen 5.18.5
+.\"  It has been AutoGen-ed  January 20, 2016 at 04:10:44 AM by AutoGen 5.18.5
 .\"  From the definitions    summary-opts.def
 .\"  and the template file   agmdoc-cmd.tpl
 .Sh NAME
diff --git a/contrib/ntp/scripts/summary.html b/contrib/ntp/scripts/summary.html
index 566531e..d9c57e9 100644
--- a/contrib/ntp/scripts/summary.html
+++ b/contrib/ntp/scripts/summary.html
@@ -31,7 +31,7 @@ Up:&nbsp;<a rel="up" accesskey="u" href="#dir">(dir)</a>
 <h2 class="unnumbered">Summary User Manual</h2>
 
 <p>This document describes the use of the NTP Project's <code>summary</code> program. 
-This document applies to version 4.2.8p5 of <code>summary</code>.
+This document applies to version 4.2.8p6 of <code>summary</code>.
 
   <div class="shortcontents">
 <h2>Short Contents</h2>
@@ -88,7 +88,7 @@ the usage text by passing it through a pager program.
 used to select the program, defaulting to <span class="file">more</span>.  Both will exit
 with a status code of 0.
 
-<pre class="example">summary - compute various stastics from NTP stat files - Ver. 4.2.8p5
+<pre class="example">summary - compute various stastics from NTP stat files - Ver. 4.2.8p6
 USAGE: summary [ -&lt;flag&gt; [&lt;val&gt;] | --&lt;name&gt;[{=| }&lt;val&gt;] ]...
 
         --directory=str          Directory containing stat files
diff --git a/contrib/ntp/scripts/summary.man.in b/contrib/ntp/scripts/summary.man.in
index 0573b11..fd5d8d2 100644
--- a/contrib/ntp/scripts/summary.man.in
+++ b/contrib/ntp/scripts/summary.man.in
@@ -10,11 +10,11 @@
 .ds B-Font B
 .ds I-Font I
 .ds R-Font R
-.TH summary 1summaryman "07 Jan 2016" "ntp (4.2.8p5)" "User Commands"
+.TH summary 1summaryman "20 Jan 2016" "ntp (4.2.8p6)" "User Commands"
 .\"
-.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-.Ca4Xm/ag-lDaaXm)
+.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-z8aWPN/ag-M8a4ON)
 .\"
-.\" It has been AutoGen-ed January 7, 2016 at 11:27:24 PM by AutoGen 5.18.5
+.\" It has been AutoGen-ed January 20, 2016 at 04:10:42 AM by AutoGen 5.18.5
 .\" From the definitions summary-opts.def
 .\" and the template file agman-cmd.tpl
 .SH NAME
diff --git a/contrib/ntp/scripts/summary.mdoc.in b/contrib/ntp/scripts/summary.mdoc.in
index 5e28a57..f6fd0c1 100644
--- a/contrib/ntp/scripts/summary.mdoc.in
+++ b/contrib/ntp/scripts/summary.mdoc.in
@@ -1,9 +1,9 @@
-.Dd January 7 2016
+.Dd January 20 2016
 .Dt SUMMARY 1summarymdoc User Commands
 .Os
 .\"  EDIT THIS FILE WITH CAUTION  (summary-opts.mdoc)
 .\"
-.\"  It has been AutoGen-ed  January  7, 2016 at 11:27:25 PM by AutoGen 5.18.5
+.\"  It has been AutoGen-ed  January 20, 2016 at 04:10:44 AM by AutoGen 5.18.5
 .\"  From the definitions    summary-opts.def
 .\"  and the template file   agmdoc-cmd.tpl
 .Sh NAME
diff --git a/contrib/ntp/scripts/update-leap/invoke-update-leap.texi b/contrib/ntp/scripts/update-leap/invoke-update-leap.texi
index 4231979..a3aa6b4 100644
--- a/contrib/ntp/scripts/update-leap/invoke-update-leap.texi
+++ b/contrib/ntp/scripts/update-leap/invoke-update-leap.texi
@@ -6,7 +6,7 @@
 #
 # EDIT THIS FILE WITH CAUTION  (invoke-update-leap.texi)
 #
-# It has been AutoGen-ed  January  7, 2016 at 11:27:05 PM by AutoGen 5.18.5
+# It has been AutoGen-ed  January 20, 2016 at 04:10:24 AM by AutoGen 5.18.5
 # From the definitions    update-leap-opts.def
 # and the template file   agtexi-cmd.tpl
 @end ignore
diff --git a/contrib/ntp/scripts/update-leap/update-leap-opts b/contrib/ntp/scripts/update-leap/update-leap-opts
index 506a746..8b9827e 100644
--- a/contrib/ntp/scripts/update-leap/update-leap-opts
+++ b/contrib/ntp/scripts/update-leap/update-leap-opts
@@ -1,6 +1,6 @@
 # EDIT THIS FILE WITH CAUTION  (update-leap-opts)
 #
-# It has been AutoGen-ed  January  7, 2016 at 11:27:11 PM by AutoGen 5.18.5
+# It has been AutoGen-ed  January 20, 2016 at 04:10:30 AM by AutoGen 5.18.5
 # From the definitions    update-leap-opts.def
 # and the template file   perlopt
 
@@ -46,7 +46,7 @@ sub processOptions {
         'help|?', 'more-help'));
 
     $usage = <<'USAGE';
-update-leap - leap-seconds file manager/updater - Ver. 4.2.8p5
+update-leap - leap-seconds file manager/updater - Ver. 4.2.8p6
 USAGE: update-leap [ -<flag> [<val>] | --<name>[{=| }<val>] ]... 
 
     -s, --source-url=str         The URL of the master copy of the leapseconds file
diff --git a/contrib/ntp/scripts/update-leap/update-leap.1update-leapman b/contrib/ntp/scripts/update-leap/update-leap.1update-leapman
index 4fdf467..891a2ab 100644
--- a/contrib/ntp/scripts/update-leap/update-leap.1update-leapman
+++ b/contrib/ntp/scripts/update-leap/update-leap.1update-leapman
@@ -10,11 +10,11 @@
 .ds B-Font B
 .ds I-Font I
 .ds R-Font R
-.TH update-leap 1update-leapman "07 Jan 2016" "ntp (4.2.8p5)" "User Commands"
+.TH update-leap 1update-leapman "20 Jan 2016" "ntp (4.2.8p6)" "User Commands"
 .\"
-.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-9hayKk/ag-kiaGJk)
+.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-iOaqCL/ag-uOayBL)
 .\"
-.\" It has been AutoGen-ed January 7, 2016 at 11:27:02 PM by AutoGen 5.18.5
+.\" It has been AutoGen-ed January 20, 2016 at 04:10:20 AM by AutoGen 5.18.5
 .\" From the definitions update-leap-opts.def
 .\" and the template file agman-cmd.tpl
 .SH NAME
diff --git a/contrib/ntp/scripts/update-leap/update-leap.1update-leapmdoc b/contrib/ntp/scripts/update-leap/update-leap.1update-leapmdoc
index 8827df7..1212586 100644
--- a/contrib/ntp/scripts/update-leap/update-leap.1update-leapmdoc
+++ b/contrib/ntp/scripts/update-leap/update-leap.1update-leapmdoc
@@ -1,9 +1,9 @@
-.Dd January 7 2016
+.Dd January 20 2016
 .Dt UPDATE_LEAP 1update-leapmdoc User Commands
 .Os
 .\"  EDIT THIS FILE WITH CAUTION  (update-leap-opts.mdoc)
 .\"
-.\"  It has been AutoGen-ed  January  7, 2016 at 11:27:10 PM by AutoGen 5.18.5
+.\"  It has been AutoGen-ed  January 20, 2016 at 04:10:28 AM by AutoGen 5.18.5
 .\"  From the definitions    update-leap-opts.def
 .\"  and the template file   agmdoc-cmd.tpl
 .Sh NAME
diff --git a/contrib/ntp/scripts/update-leap/update-leap.html b/contrib/ntp/scripts/update-leap/update-leap.html
index a7d2a70..6013b1e 100644
--- a/contrib/ntp/scripts/update-leap/update-leap.html
+++ b/contrib/ntp/scripts/update-leap/update-leap.html
@@ -30,7 +30,7 @@ Up:&nbsp;<a rel="up" accesskey="u" href="#dir">(dir)</a>
 
   <p>This document describes the use of the NTP Project's <code>update-leap</code> program.
 
-  <p>This document applies to version 4.2.8p5 of <code>update-leap</code>.
+  <p>This document applies to version 4.2.8p6 of <code>update-leap</code>.
 
 <div class="shortcontents">
 <h2>Short Contents</h2>
diff --git a/contrib/ntp/scripts/update-leap/update-leap.man.in b/contrib/ntp/scripts/update-leap/update-leap.man.in
index 4fdf467..891a2ab 100644
--- a/contrib/ntp/scripts/update-leap/update-leap.man.in
+++ b/contrib/ntp/scripts/update-leap/update-leap.man.in
@@ -10,11 +10,11 @@
 .ds B-Font B
 .ds I-Font I
 .ds R-Font R
-.TH update-leap 1update-leapman "07 Jan 2016" "ntp (4.2.8p5)" "User Commands"
+.TH update-leap 1update-leapman "20 Jan 2016" "ntp (4.2.8p6)" "User Commands"
 .\"
-.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-9hayKk/ag-kiaGJk)
+.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-iOaqCL/ag-uOayBL)
 .\"
-.\" It has been AutoGen-ed January 7, 2016 at 11:27:02 PM by AutoGen 5.18.5
+.\" It has been AutoGen-ed January 20, 2016 at 04:10:20 AM by AutoGen 5.18.5
 .\" From the definitions update-leap-opts.def
 .\" and the template file agman-cmd.tpl
 .SH NAME
diff --git a/contrib/ntp/scripts/update-leap/update-leap.mdoc.in b/contrib/ntp/scripts/update-leap/update-leap.mdoc.in
index 8827df7..1212586 100644
--- a/contrib/ntp/scripts/update-leap/update-leap.mdoc.in
+++ b/contrib/ntp/scripts/update-leap/update-leap.mdoc.in
@@ -1,9 +1,9 @@
-.Dd January 7 2016
+.Dd January 20 2016
 .Dt UPDATE_LEAP 1update-leapmdoc User Commands
 .Os
 .\"  EDIT THIS FILE WITH CAUTION  (update-leap-opts.mdoc)
 .\"
-.\"  It has been AutoGen-ed  January  7, 2016 at 11:27:10 PM by AutoGen 5.18.5
+.\"  It has been AutoGen-ed  January 20, 2016 at 04:10:28 AM by AutoGen 5.18.5
 .\"  From the definitions    update-leap-opts.def
 .\"  and the template file   agmdoc-cmd.tpl
 .Sh NAME
diff --git a/contrib/ntp/sntp/configure b/contrib/ntp/sntp/configure
index ce397ef..b4ce6de 100755
--- a/contrib/ntp/sntp/configure
+++ b/contrib/ntp/sntp/configure
@@ -1,6 +1,6 @@
 #! /bin/sh
 # Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.69 for sntp 4.2.8p5.
+# Generated by GNU Autoconf 2.69 for sntp 4.2.8p6.
 #
 # Report bugs to <http://bugs.ntp.org./>.
 #
@@ -590,8 +590,8 @@ MAKEFLAGS=
 # Identity of this package.
 PACKAGE_NAME='sntp'
 PACKAGE_TARNAME='sntp'
-PACKAGE_VERSION='4.2.8p5'
-PACKAGE_STRING='sntp 4.2.8p5'
+PACKAGE_VERSION='4.2.8p6'
+PACKAGE_STRING='sntp 4.2.8p6'
 PACKAGE_BUGREPORT='http://bugs.ntp.org./'
 PACKAGE_URL='http://www.ntp.org./'
 
@@ -1491,7 +1491,7 @@ if test "$ac_init_help" = "long"; then
   # Omit some internal or obsolete options to make the list less imposing.
   # This message is too long to be a string in the A/UX 3.1 sh.
   cat <<_ACEOF
-\`configure' configures sntp 4.2.8p5 to adapt to many kinds of systems.
+\`configure' configures sntp 4.2.8p6 to adapt to many kinds of systems.
 
 Usage: $0 [OPTION]... [VAR=VALUE]...
 
@@ -1561,7 +1561,7 @@ fi
 
 if test -n "$ac_init_help"; then
   case $ac_init_help in
-     short | recursive ) echo "Configuration of sntp 4.2.8p5:";;
+     short | recursive ) echo "Configuration of sntp 4.2.8p6:";;
    esac
   cat <<\_ACEOF
 
@@ -1706,7 +1706,7 @@ fi
 test -n "$ac_init_help" && exit $ac_status
 if $ac_init_version; then
   cat <<\_ACEOF
-sntp configure 4.2.8p5
+sntp configure 4.2.8p6
 generated by GNU Autoconf 2.69
 
 Copyright (C) 2012 Free Software Foundation, Inc.
@@ -2536,7 +2536,7 @@ cat >config.log <<_ACEOF
 This file contains any messages produced by compilers while
 running configure, to aid debugging if configure makes a mistake.
 
-It was created by sntp $as_me 4.2.8p5, which was
+It was created by sntp $as_me 4.2.8p6, which was
 generated by GNU Autoconf 2.69.  Invocation command line was
 
   $ $0 $@
@@ -3533,7 +3533,7 @@ fi
 
 # Define the identity of the package.
  PACKAGE='sntp'
- VERSION='4.2.8p5'
+ VERSION='4.2.8p6'
 
 
 cat >>confdefs.h <<_ACEOF
@@ -31110,7 +31110,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
 # report actual input values of CONFIG_FILES etc. instead of their
 # values after options handling.
 ac_log="
-This file was extended by sntp $as_me 4.2.8p5, which was
+This file was extended by sntp $as_me 4.2.8p6, which was
 generated by GNU Autoconf 2.69.  Invocation command line was
 
   CONFIG_FILES    = $CONFIG_FILES
@@ -31177,7 +31177,7 @@ _ACEOF
 cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
 ac_cs_version="\\
-sntp config.status 4.2.8p5
+sntp config.status 4.2.8p6
 configured by $0, generated by GNU Autoconf 2.69,
   with options \\"\$ac_cs_config\\"
 
diff --git a/contrib/ntp/sntp/crypto.c b/contrib/ntp/sntp/crypto.c
index b178f8c..234e137 100644
--- a/contrib/ntp/sntp/crypto.c
+++ b/contrib/ntp/sntp/crypto.c
@@ -7,11 +7,11 @@ size_t key_cnt = 0;
 
 int
 make_mac(
-	char *pkt_data,
+	const void *pkt_data,
 	int pkt_size,
 	int mac_size,
-	struct key *cmp_key,
-	char * digest
+	const struct key *cmp_key,
+	void * digest
 	)
 {
 	u_int		len = mac_size;
@@ -26,39 +26,40 @@ make_mac(
 	INIT_SSL();
 	key_type = keytype_from_text(cmp_key->type, NULL);
 	EVP_DigestInit(&ctx, EVP_get_digestbynid(key_type));
-	EVP_DigestUpdate(&ctx, (u_char *)cmp_key->key_seq, (u_int)cmp_key->key_len);
-	EVP_DigestUpdate(&ctx, (u_char *)pkt_data, (u_int)pkt_size);
-	EVP_DigestFinal(&ctx, (u_char *)digest, &len);
+	EVP_DigestUpdate(&ctx, (const u_char *)cmp_key->key_seq, (u_int)cmp_key->key_len);
+	EVP_DigestUpdate(&ctx, pkt_data, (u_int)pkt_size);
+	EVP_DigestFinal(&ctx, digest, &len);
 
 	return (int)len;
 }
 
 
-/* Generates a md5 digest of the key specified in keyid concatinated with the 
+/* Generates a md5 digest of the key specified in keyid concatenated with the 
  * ntp packet (exluding the MAC) and compares this digest to the digest in
  * the packet's MAC. If they're equal this function returns 1 (packet is 
  * authentic) or else 0 (not authentic).
  */
 int
 auth_md5(
-	char *pkt_data,
+	const void *pkt_data,
 	int pkt_size,
 	int mac_size,
-	struct key *cmp_key
+	const struct key *cmp_key
 	)
 {
 	int  hash_len;
 	int  authentic;
 	char digest[20];
-
+	const u_char *pkt_ptr; 
 	if (mac_size > (int)sizeof(digest))
 		return 0;
-	hash_len = make_mac(pkt_data, pkt_size, sizeof(digest), cmp_key,
+	pkt_ptr = pkt_data;
+	hash_len = make_mac(pkt_ptr, pkt_size, sizeof(digest), cmp_key,
 			    digest);
 	if (!hash_len)
 		authentic = FALSE;
 	else
-		authentic = !memcmp(digest, pkt_data + pkt_size + 4,
+		authentic = !memcmp(digest, pkt_ptr + pkt_size + 4,
 				    hash_len);
 	return authentic;
 }
diff --git a/contrib/ntp/sntp/crypto.h b/contrib/ntp/sntp/crypto.h
index 39e0e6b..19cdbc4 100644
--- a/contrib/ntp/sntp/crypto.h
+++ b/contrib/ntp/sntp/crypto.h
@@ -17,16 +17,18 @@
 /* #include "sntp-opts.h" */
 
 struct key {
-	struct key *next;
-	int key_id;
-	int key_len;
-	char type[10];
-	char key_seq[64];
+	struct key *	next;
+	int		key_id;
+	int		key_len;
+	char		type[10];
+	char		key_seq[64];
 };
 
-int auth_init(const char *keyfile, struct key **keys);
-void get_key(int key_id, struct key **d_key);
-int make_mac(char *pkt_data, int pkt_size, int mac_size, struct key *cmp_key, char *digest);
-int auth_md5(char *pkt_data, int pkt_size, int mac_size, struct key *cmp_key);
+extern	int	auth_init(const char *keyfile, struct key **keys);
+extern	void	get_key(int key_id, struct key **d_key);
+extern	int	make_mac(const void *pkt_data, int pkt_size, int mac_size,
+			 const struct key *cmp_key, void *digest);
+extern	int	auth_md5(const void *pkt_data, int pkt_size, int mac_size,
+			 const struct key *cmp_key);
 
 #endif
diff --git a/contrib/ntp/sntp/include/copyright.def b/contrib/ntp/sntp/include/copyright.def
index 1cc7ad2..4fb4461 100644
--- a/contrib/ntp/sntp/include/copyright.def
+++ b/contrib/ntp/sntp/include/copyright.def
@@ -1,7 +1,7 @@
 /* -*- Mode: Text -*- */
 
 copyright = {
-    date  = "1992-2015";
+    date  = "1992-2016";
     owner = "The University of Delaware and Network Time Foundation";
     eaddr = "http://bugs.ntp.org, bugs@ntp.org";
     type  = ntp;
diff --git a/contrib/ntp/sntp/include/version.def b/contrib/ntp/sntp/include/version.def
index ddc02d4..5a08174 100644
--- a/contrib/ntp/sntp/include/version.def
+++ b/contrib/ntp/sntp/include/version.def
@@ -1 +1 @@
-version = '4.2.8p5';
+version = '4.2.8p6';
diff --git a/contrib/ntp/sntp/include/version.texi b/contrib/ntp/sntp/include/version.texi
index 28b9357..fa9aeb3 100644
--- a/contrib/ntp/sntp/include/version.texi
+++ b/contrib/ntp/sntp/include/version.texi
@@ -1,3 +1,3 @@
-@set UPDATED 07 January 2016
-@set EDITION 4.2.8p5
-@set VERSION 4.2.8p5
+@set UPDATED 20 January 2016
+@set EDITION 4.2.8p6
+@set VERSION 4.2.8p6
diff --git a/contrib/ntp/sntp/invoke-sntp.texi b/contrib/ntp/sntp/invoke-sntp.texi
index 6ca3b06..695c9eb 100644
--- a/contrib/ntp/sntp/invoke-sntp.texi
+++ b/contrib/ntp/sntp/invoke-sntp.texi
@@ -6,7 +6,7 @@
 #
 # EDIT THIS FILE WITH CAUTION  (invoke-sntp.texi)
 #
-# It has been AutoGen-ed  January  7, 2016 at 11:23:24 PM by AutoGen 5.18.5
+# It has been AutoGen-ed  January 20, 2016 at 04:06:42 AM by AutoGen 5.18.5
 # From the definitions    sntp-opts.def
 # and the template file   agtexi-cmd.tpl
 @end ignore
@@ -101,7 +101,7 @@ with a status code of 0.
 
 @exampleindent 0
 @example
-sntp - standard Simple Network Time Protocol client program - Ver. 4.2.8p5
+sntp - standard Simple Network Time Protocol client program - Ver. 4.2.8p6
 Usage:  sntp [ -<flag> [<val>] | --<name>[@{=| @}<val>] ]... \
                 [ hostname-or-IP ...]
   Flg Arg Option-Name    Description
diff --git a/contrib/ntp/sntp/libopts/configfile.c b/contrib/ntp/sntp/libopts/configfile.c
index 03156ca..8244371e 100644
--- a/contrib/ntp/sntp/libopts/configfile.c
+++ b/contrib/ntp/sntp/libopts/configfile.c
@@ -182,9 +182,9 @@ optionFindValue(const tOptDesc * odesc, char const * name, char const * val)
     }
 
     else do {
-        tArgList * argl  = odesc->optCookie;
-        int        argct = argl->useCt;
-        void **    poptv = (void **)(argl->apzArgs);
+        tArgList *    argl  = odesc->optCookie;
+        int           argct = argl->useCt;
+        const void ** poptv = VOIDP(argl->apzArgs);
 
         if (argct == 0) {
             errno = ENOENT;
@@ -192,7 +192,7 @@ optionFindValue(const tOptDesc * odesc, char const * name, char const * val)
         }
 
         if (name == NULL) {
-            res = (tOptionValue *)*poptv;
+            res = (const tOptionValue *)*poptv;
             break;
         }
 
@@ -249,7 +249,7 @@ optionFindNextValue(const tOptDesc * odesc, const tOptionValue * pPrevVal,
                     char const * pzName, char const * pzVal)
 {
     bool old_found = false;
-    tOptionValue * res = NULL;
+    const tOptionValue * res = NULL;
 
     (void)pzName;
     (void)pzVal;
@@ -264,12 +264,12 @@ optionFindNextValue(const tOptDesc * odesc, const tOptionValue * pPrevVal,
     }
 
     else do {
-        tArgList * argl = odesc->optCookie;
-        int        ct   = argl->useCt;
-        void **   poptv = (void **)argl->apzArgs;
+        tArgList *    argl  = odesc->optCookie;
+        int           ct    = argl->useCt;
+        const void ** poptv = VOIDP(argl->apzArgs);
 
         while (--ct >= 0) {
-            tOptionValue * pOV = *(poptv++);
+            const tOptionValue * pOV = *(poptv++);
             if (old_found) {
                 res = pOV;
                 break;
@@ -315,8 +315,8 @@ optionFindNextValue(const tOptDesc * odesc, const tOptionValue * pPrevVal,
 tOptionValue const *
 optionGetValue(tOptionValue const * oov, char const * vname)
 {
-    tArgList *     arg_list;
-    tOptionValue * res = NULL;
+    tArgList *           arg_list;
+    const tOptionValue * res = NULL;
 
     if ((oov == NULL) || (oov->valType != OPARG_TYPE_HIERARCHY)) {
         errno = EINVAL;
@@ -325,14 +325,14 @@ optionGetValue(tOptionValue const * oov, char const * vname)
     arg_list = oov->v.nestVal;
 
     if (arg_list->useCt > 0) {
-        int     ct     = arg_list->useCt;
-        void ** ovlist = (void **)(arg_list->apzArgs);
+        int           ct     = arg_list->useCt;
+        const void ** ovlist = VOIDP(arg_list->apzArgs);
 
         if (vname == NULL) {
-            res = (tOptionValue *)*ovlist;
+            res = (const tOptionValue *)*ovlist;
 
         } else do {
-            tOptionValue * opt_val = *(ovlist++);
+            const tOptionValue * opt_val = *(ovlist++);
             if (strcmp(opt_val->pzName, vname) == 0) {
                 res = opt_val;
                 break;
@@ -374,9 +374,9 @@ optionGetValue(tOptionValue const * oov, char const * vname)
 tOptionValue const *
 optionNextValue(tOptionValue const * ov_list,tOptionValue const * oov )
 {
-    tArgList *     arg_list;
-    tOptionValue * res = NULL;
-    int            err = EINVAL;
+    tArgList *           arg_list;
+    const tOptionValue * res = NULL;
+    int                  err = EINVAL;
 
     if ((ov_list == NULL) || (ov_list->valType != OPARG_TYPE_HIERARCHY)) {
         errno = EINVAL;
@@ -384,18 +384,18 @@ optionNextValue(tOptionValue const * ov_list,tOptionValue const * oov )
     }
     arg_list = ov_list->v.nestVal;
     {
-        int     ct    = arg_list->useCt;
-        void ** o_list = (void **)(arg_list->apzArgs);
+        int           ct     = arg_list->useCt;
+        const void ** o_list = VOIDP(arg_list->apzArgs);
 
         while (ct-- > 0) {
-            tOptionValue * nov = *(o_list++);
+            const tOptionValue * nov = *(o_list++);
             if (nov == oov) {
                 if (ct == 0) {
                     err = ENOENT;
 
                 } else {
                     err = 0;
-                    res = (tOptionValue *)*o_list;
+                    res = (const tOptionValue *)*o_list;
                 }
                 break;
             }
diff --git a/contrib/ntp/sntp/libopts/enum.c b/contrib/ntp/sntp/libopts/enum.c
index 3345558..e9bba83 100644
--- a/contrib/ntp/sntp/libopts/enum.c
+++ b/contrib/ntp/sntp/libopts/enum.c
@@ -189,12 +189,12 @@ find_name(char const * name, tOptions * pOpts, tOptDesc * pOD,
      *  The result gets stashed in a char * pointer.
      */
     uintptr_t   res = name_ct;
-    size_t      len = strlen((char *)name);
+    size_t      len = strlen(name);
     uintptr_t   idx;
 
     if (IS_DEC_DIGIT_CHAR(*name)) {
-        char * pz = VOIDP(name);
-        unsigned long val = strtoul(pz, &pz, 0);
+        char * pz;
+        unsigned long val = strtoul(name, &pz, 0);
         if ((*pz == NUL) && (val < name_ct))
             return (uintptr_t)val;
         pz_enum_err_fmt = znum_too_large;
@@ -215,7 +215,7 @@ find_name(char const * name, tOptions * pOpts, tOptDesc * pOD,
      *  Multiple partial matches means we have an ambiguous match.
      */
     for (idx = 0; idx < name_ct; idx++) {
-        if (strncmp((char *)paz_names[idx], (char *)name, len) == 0) {
+        if (strncmp(paz_names[idx], name, len) == 0) {
             if (paz_names[idx][len] == NUL)
                 return idx;  /* full match */
 
@@ -500,7 +500,7 @@ find_member_bit(tOptions * opts, tOptDesc * od, char const * pz, int len,
         if (shift_ct >= nm_ct)
             return 0UL;
 
-        return 1UL << shift_ct;
+        return (uintptr_t)1U << shift_ct;
     }
 }
 
diff --git a/contrib/ntp/sntp/libopts/find.c b/contrib/ntp/sntp/libopts/find.c
index 90591cc..97a24df 100644
--- a/contrib/ntp/sntp/libopts/find.c
+++ b/contrib/ntp/sntp/libopts/find.c
@@ -80,7 +80,7 @@ parse_opt(char const ** nm_pp, char ** arg_pp, char * buf, size_t bufsz)
 
             buf[res] = NUL;
             *nm_pp   = buf;
-            *arg_pp  = (char *)p;
+            *arg_pp  = VOIDP(p);
             return res;
 
         default:
diff --git a/contrib/ntp/sntp/libopts/init.c b/contrib/ntp/sntp/libopts/init.c
index e02e1e1..81d4eee 100644
--- a/contrib/ntp/sntp/libopts/init.c
+++ b/contrib/ntp/sntp/libopts/init.c
@@ -97,15 +97,14 @@ validate_struct(tOptions * opts, char const * pname)
      */
     if (opts->pzProgName == NULL) {
         char const *  pz = strrchr(pname, DIRCH);
-        char const ** pp =
-            (char const **)(void **)&(opts->pzProgName);
+        char const ** pp = VOIDP(&(opts->pzProgName));
 
         if (pz != NULL)
             *pp = pz+1;
         else
             *pp = pname;
 
-        pz = pathfind(getenv("PATH"), (char *)pname, "rx");
+        pz = pathfind(getenv("PATH"), pname, "rx");
         if (pz != NULL)
             pname = VOIDP(pz);
 
diff --git a/contrib/ntp/sntp/libopts/load.c b/contrib/ntp/sntp/libopts/load.c
index b5230af..ccda5b4 100644
--- a/contrib/ntp/sntp/libopts/load.c
+++ b/contrib/ntp/sntp/libopts/load.c
@@ -225,7 +225,7 @@ add_prog_path(char * buf, int b_sz, char const * fname, char const * prg_path)
     if (strchr(prg_path, DIRCH) != NULL)
         path = prg_path;
     else {
-        path = pathfind(getenv("PATH"), (char *)prg_path, "rx");
+        path = pathfind(getenv("PATH"), prg_path, "rx");
 
         if (path == NULL)
             return false;
diff --git a/contrib/ntp/sntp/libopts/makeshell.c b/contrib/ntp/sntp/libopts/makeshell.c
index a61df42..fbe8e17 100644
--- a/contrib/ntp/sntp/libopts/makeshell.c
+++ b/contrib/ntp/sntp/libopts/makeshell.c
@@ -401,7 +401,7 @@ emit_usage(tOptions * opts)
 
         /* Copy the program name into the time/name buffer */
         for (;;) {
-            if ((*pzPN++ = (char)tolower(*pz++)) == NUL)
+            if ((*pzPN++ = (char)tolower((unsigned char)*pz++)) == NUL)
                 break;
         }
 
@@ -671,8 +671,8 @@ emit_match_expr(char const * name, tOptDesc * cod, tOptions * opts)
                 continue;
 
             match_ct = 0;
-            while (  toupper(od->pz_DisableName[match_ct])
-                  == toupper(name[match_ct]))
+            while (  toupper((unsigned char)od->pz_DisableName[match_ct])
+                  == toupper((unsigned char)name[match_ct]))
                 match_ct++;
             if (match_ct > min_match_ct)
                 min_match_ct = match_ct;
diff --git a/contrib/ntp/sntp/libopts/nested.c b/contrib/ntp/sntp/libopts/nested.c
index f4fb226..aaf089f 100644
--- a/contrib/ntp/sntp/libopts/nested.c
+++ b/contrib/ntp/sntp/libopts/nested.c
@@ -859,6 +859,7 @@ LOCAL int
 get_special_char(char const ** ppz, int * ct)
 {
     char const * pz = *ppz;
+    char *       rz;
 
     if (*ct < 3)
         return '&';
@@ -872,7 +873,8 @@ get_special_char(char const ** ppz, int * ct)
             base = 16;
             pz++;
         }
-        retch = (int)strtoul(pz, (char **)&pz, base);
+        retch = (int)strtoul(pz, &rz, base);
+        pz = rz;
         if (*pz != ';')
             return '&';
         base = (int)(++pz - *ppz);
diff --git a/contrib/ntp/sntp/libopts/parse-duration.c b/contrib/ntp/sntp/libopts/parse-duration.c
index e072b7d..11e3d828 100644
--- a/contrib/ntp/sntp/libopts/parse-duration.c
+++ b/contrib/ntp/sntp/libopts/parse-duration.c
@@ -60,14 +60,20 @@ typedef enum {
 static unsigned long
 str_const_to_ul (cch_t * str, cch_t ** ppz, int base)
 {
-  return strtoul (str, (char **)ppz, base);
+  char * pz;
+  int rv = strtoul (str, &pz, base);
+  *ppz = pz;
+  return rv;
 }
 
 /* Wrapper around strtol that does not require a cast.  */
 static long
 str_const_to_l (cch_t * str, cch_t ** ppz, int base)
 {
-  return strtol (str, (char **)ppz, base);
+  char * pz;
+  int rv = strtol (str, &pz, base);
+  *ppz = pz;
+  return rv;
 }
 
 /* Returns BASE + VAL * SCALE, interpreting BASE = BAD_TIME
diff --git a/contrib/ntp/sntp/libopts/reset.c b/contrib/ntp/sntp/libopts/reset.c
index 6ca2c05..97ecb52 100644
--- a/contrib/ntp/sntp/libopts/reset.c
+++ b/contrib/ntp/sntp/libopts/reset.c
@@ -113,7 +113,7 @@ optionResetOpt(tOptions * pOpts, tOptDesc * pOD)
             assert(0 == 1);
         }
     } else {
-        succ = opt_find_long(pOpts, (char *)pzArg, &opt_state);
+        succ = opt_find_long(pOpts, pzArg, &opt_state);
         if (! SUCCESSFUL(succ)) {
             fprintf(stderr, zIllOptStr, pOpts->pzProgPath, pzArg);
             pOpts->pUsageProc(pOpts, EXIT_FAILURE);
diff --git a/contrib/ntp/sntp/libopts/save.c b/contrib/ntp/sntp/libopts/save.c
index f462ced..cdab05f 100644
--- a/contrib/ntp/sntp/libopts/save.c
+++ b/contrib/ntp/sntp/libopts/save.c
@@ -453,7 +453,7 @@ prt_val_list(FILE * fp, char const * name, tArgList * al)
     if (al == NULL)
         return;
     opt_ct   = al->useCt;
-    opt_list = (void **)al->apzArgs;
+    opt_list = VOIDP(al->apzArgs);
 
     if (opt_ct <= 0) {
         fprintf(fp, OPEN_CLOSE_FMT, name);
@@ -488,7 +488,7 @@ prt_nested(FILE * fp, tOptDesc * p)
         return;
 
     opt_ct   = al->useCt;
-    opt_list = (void **)al->apzArgs;
+    opt_list = VOIDP(al->apzArgs);
 
     if (opt_ct <= 0)
         return;
diff --git a/contrib/ntp/sntp/libopts/tokenize.c b/contrib/ntp/sntp/libopts/tokenize.c
index cbff7fb..25550ea 100644
--- a/contrib/ntp/sntp/libopts/tokenize.c
+++ b/contrib/ntp/sntp/libopts/tokenize.c
@@ -57,7 +57,7 @@ copy_cooked(ch_t ** ppDest, char const ** ppSrc)
         case NUL:   *ppSrc = NULL; return;
         case '"':   goto done;
         case '\\':
-            pSrc += ao_string_cook_escape_char((char *)pSrc, (char *)&ch, 0x7F);
+            pSrc += ao_string_cook_escape_char((const char *)pSrc, (char *)&ch, 0x7F);
             if (ch == 0x7F)
                 break;
             /* FALLTHROUGH */
diff --git a/contrib/ntp/sntp/m4/version.m4 b/contrib/ntp/sntp/m4/version.m4
index b8f98b5..236cc18 100644
--- a/contrib/ntp/sntp/m4/version.m4
+++ b/contrib/ntp/sntp/m4/version.m4
@@ -1 +1 @@
-m4_define([VERSION_NUMBER],[4.2.8p5])
+m4_define([VERSION_NUMBER],[4.2.8p6])
diff --git a/contrib/ntp/sntp/main.c b/contrib/ntp/sntp/main.c
index 870db93..78ed7c2 100644
--- a/contrib/ntp/sntp/main.c
+++ b/contrib/ntp/sntp/main.c
@@ -1135,7 +1135,7 @@ generate_pkt (
 	if (pkt_key != NULL) {
 		x_pkt->exten[0] = htonl(key_id);
 		mac_size = 20; /* max room for MAC */
-		mac_size = make_mac((char *)x_pkt, pkt_len, mac_size,
+		mac_size = make_mac(x_pkt, pkt_len, mac_size,
 				    pkt_key, (char *)&x_pkt->exten[1]);
 		if (mac_size > 0)
 			pkt_len += mac_size + 4;
diff --git a/contrib/ntp/sntp/networking.c b/contrib/ntp/sntp/networking.c
index 6a176c5..21cf09a 100644
--- a/contrib/ntp/sntp/networking.c
+++ b/contrib/ntp/sntp/networking.c
@@ -184,7 +184,7 @@ process_pkt (
 		** keyfile and compare those md5sums.
 		*/
 		mac_size = exten_len << 2;
-		if (!auth_md5((char *)rpkt, pkt_len - mac_size,
+		if (!auth_md5(rpkt, pkt_len - mac_size,
 			      mac_size - 4, pkt_key)) {
 			is_authentic = FALSE;
 			break;
diff --git a/contrib/ntp/sntp/sntp-opts.c b/contrib/ntp/sntp/sntp-opts.c
index 69fb786..d11f0b2 100644
--- a/contrib/ntp/sntp/sntp-opts.c
+++ b/contrib/ntp/sntp/sntp-opts.c
@@ -1,7 +1,7 @@
 /*
  *  EDIT THIS FILE WITH CAUTION  (sntp-opts.c)
  *
- *  It has been AutoGen-ed  January  7, 2016 at 11:22:49 PM by AutoGen 5.18.5
+ *  It has been AutoGen-ed  January 20, 2016 at 04:06:07 AM by AutoGen 5.18.5
  *  From the definitions    sntp-opts.def
  *  and the template file   options
  *
@@ -18,7 +18,7 @@
  * The sntp program is copyrighted and licensed
  * under the following terms:
  *
- *  Copyright (C) 1992-2015 The University of Delaware and Network Time Foundation, all rights reserved.
+ *  Copyright (C) 1992-2016 The University of Delaware and Network Time Foundation, all rights reserved.
  *  This is free software. It is licensed for use, modification and
  *  redistribution under the terms of the NTP License, copies of which
  *  can be seen at:
@@ -70,8 +70,8 @@ extern FILE * option_usage_fp;
  *  static const strings for sntp options
  */
 static char const sntp_opt_strs[2549] =
-/*     0 */ "sntp 4.2.8p5\n"
-            "Copyright (C) 1992-2015 The University of Delaware and Network Time Foundation, all rights reserved.\n"
+/*     0 */ "sntp 4.2.8p6\n"
+            "Copyright (C) 1992-2016 The University of Delaware and Network Time Foundation, all rights reserved.\n"
             "This is free software. It is licensed for use, modification and\n"
             "redistribution under the terms of the NTP License, copies of which\n"
             "can be seen at:\n"
@@ -155,7 +155,7 @@ static char const sntp_opt_strs[2549] =
 /*  2298 */ "LOAD_OPTS\0"
 /*  2308 */ "no-load-opts\0"
 /*  2321 */ "SNTP\0"
-/*  2326 */ "sntp - standard Simple Network Time Protocol client program - Ver. 4.2.8p5\n"
+/*  2326 */ "sntp - standard Simple Network Time Protocol client program - Ver. 4.2.8p6\n"
             "Usage:  %s [ -<flag> [<val>] | --<name>[{=| }<val>] ]... \\\n"
             "\t\t[ hostname-or-IP ...]\n\0"
 /*  2485 */ "$HOME\0"
@@ -163,7 +163,7 @@ static char const sntp_opt_strs[2549] =
 /*  2493 */ ".ntprc\0"
 /*  2500 */ "http://bugs.ntp.org, bugs@ntp.org\0"
 /*  2534 */ "\n\0"
-/*  2536 */ "sntp 4.2.8p5";
+/*  2536 */ "sntp 4.2.8p6";
 
 /**
  *  ipv4 option description with
@@ -1173,8 +1173,8 @@ static void bogus_function(void) {
      translate option names.
    */
   /* referenced via sntpOptions.pzCopyright */
-  puts(_("sntp 4.2.8p5\n\
-Copyright (C) 1992-2015 The University of Delaware and Network Time Foundation, all rights reserved.\n\
+  puts(_("sntp 4.2.8p6\n\
+Copyright (C) 1992-2016 The University of Delaware and Network Time Foundation, all rights reserved.\n\
 This is free software. It is licensed for use, modification and\n\
 redistribution under the terms of the NTP License, copies of which\n\
 can be seen at:\n"));
@@ -1263,7 +1263,7 @@ implied warranty.\n"));
   puts(_("load options from a config file"));
 
   /* referenced via sntpOptions.pzUsageTitle */
-  puts(_("sntp - standard Simple Network Time Protocol client program - Ver. 4.2.8p5\n\
+  puts(_("sntp - standard Simple Network Time Protocol client program - Ver. 4.2.8p6\n\
 Usage:  %s [ -<flag> [<val>] | --<name>[{=| }<val>] ]... \\\n\
 \t\t[ hostname-or-IP ...]\n"));
 
@@ -1271,7 +1271,7 @@ Usage:  %s [ -<flag> [<val>] | --<name>[{=| }<val>] ]... \\\n\
   puts(_("\n"));
 
   /* referenced via sntpOptions.pzFullVersion */
-  puts(_("sntp 4.2.8p5"));
+  puts(_("sntp 4.2.8p6"));
 
   /* referenced via sntpOptions.pzFullUsage */
   puts(_("<<<NOT-FOUND>>>"));
diff --git a/contrib/ntp/sntp/sntp-opts.h b/contrib/ntp/sntp/sntp-opts.h
index 78951ab..ab741c7 100644
--- a/contrib/ntp/sntp/sntp-opts.h
+++ b/contrib/ntp/sntp/sntp-opts.h
@@ -1,7 +1,7 @@
 /*
  *  EDIT THIS FILE WITH CAUTION  (sntp-opts.h)
  *
- *  It has been AutoGen-ed  January  7, 2016 at 11:22:48 PM by AutoGen 5.18.5
+ *  It has been AutoGen-ed  January 20, 2016 at 04:06:06 AM by AutoGen 5.18.5
  *  From the definitions    sntp-opts.def
  *  and the template file   options
  *
@@ -18,7 +18,7 @@
  * The sntp program is copyrighted and licensed
  * under the following terms:
  *
- *  Copyright (C) 1992-2015 The University of Delaware and Network Time Foundation, all rights reserved.
+ *  Copyright (C) 1992-2016 The University of Delaware and Network Time Foundation, all rights reserved.
  *  This is free software. It is licensed for use, modification and
  *  redistribution under the terms of the NTP License, copies of which
  *  can be seen at:
@@ -91,9 +91,9 @@ typedef enum {
 /** count of all options for sntp */
 #define OPTION_CT    23
 /** sntp version */
-#define SNTP_VERSION       "4.2.8p5"
+#define SNTP_VERSION       "4.2.8p6"
 /** Full sntp version text */
-#define SNTP_FULL_VERSION  "sntp 4.2.8p5"
+#define SNTP_FULL_VERSION  "sntp 4.2.8p6"
 
 /**
  *  Interface defines for all options.  Replace "n" with the UPPER_CASED
diff --git a/contrib/ntp/sntp/sntp.1sntpman b/contrib/ntp/sntp/sntp.1sntpman
index 792fc52..0a83bd3 100644
--- a/contrib/ntp/sntp/sntp.1sntpman
+++ b/contrib/ntp/sntp/sntp.1sntpman
@@ -10,11 +10,11 @@
 .ds B-Font B
 .ds I-Font I
 .ds R-Font R
-.TH sntp 1sntpman "07 Jan 2016" "4.2.8p5" "User Commands"
+.TH sntp 1sntpman "20 Jan 2016" "4.2.8p6" "User Commands"
 .\"
-.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-e.aO3S/ag-r.aG2S)
+.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-vxaitn/ag-Ixaasn)
 .\"
-.\" It has been AutoGen-ed January 7, 2016 at 11:23:20 PM by AutoGen 5.18.5
+.\" It has been AutoGen-ed January 20, 2016 at 04:06:38 AM by AutoGen 5.18.5
 .\" From the definitions sntp-opts.def
 .\" and the template file agman-cmd.tpl
 .SH NAME
@@ -348,7 +348,7 @@ it to autogen-users@lists.sourceforge.net.  Thank you.
 .NOP  "Dave Hart" 
 .br
 .SH "COPYRIGHT"
-Copyright (C) 1992-2015 The University of Delaware and Network Time Foundation all rights reserved.
+Copyright (C) 1992-2016 The University of Delaware and Network Time Foundation all rights reserved.
 This program is released under the terms of the NTP license, <http://ntp.org/license>.
 .SH "BUGS"
 Please send bug reports to: http://bugs.ntp.org, bugs@ntp.org
diff --git a/contrib/ntp/sntp/sntp.1sntpmdoc b/contrib/ntp/sntp/sntp.1sntpmdoc
index 8005e9a..86b72ad 100644
--- a/contrib/ntp/sntp/sntp.1sntpmdoc
+++ b/contrib/ntp/sntp/sntp.1sntpmdoc
@@ -1,9 +1,9 @@
-.Dd January 7 2016
+.Dd January 20 2016
 .Dt SNTP 1sntpmdoc User Commands
 .Os
 .\"  EDIT THIS FILE WITH CAUTION  (sntp-opts.mdoc)
 .\"
-.\"  It has been AutoGen-ed  January  7, 2016 at 11:23:27 PM by AutoGen 5.18.5
+.\"  It has been AutoGen-ed  January 20, 2016 at 04:06:45 AM by AutoGen 5.18.5
 .\"  From the definitions    sntp-opts.def
 .\"  and the template file   agmdoc-cmd.tpl
 .Sh NAME
@@ -303,7 +303,7 @@ it to autogen\-users@lists.sourceforge.net.  Thank you.
 .An "Harlan Stenn"
 .An "Dave Hart"
 .Sh "COPYRIGHT"
-Copyright (C) 1992\-2015 The University of Delaware and Network Time Foundation all rights reserved.
+Copyright (C) 1992\-2016 The University of Delaware and Network Time Foundation all rights reserved.
 This program is released under the terms of the NTP license, <http://ntp.org/license>.
 .Sh "BUGS"
 Please send bug reports to: http://bugs.ntp.org, bugs@ntp.org
diff --git a/contrib/ntp/sntp/sntp.html b/contrib/ntp/sntp/sntp.html
index 6aa66fb..61efd50 100644
--- a/contrib/ntp/sntp/sntp.html
+++ b/contrib/ntp/sntp/sntp.html
@@ -36,7 +36,7 @@ display the time offset of the system clock relative to the server
 clock.  Run as root, it can correct the system clock to this offset as
 well.  It can be run as an interactive command or from a cron job.
 
-  <p>This document applies to version 4.2.8p5 of <code>sntp</code>.
+  <p>This document applies to version 4.2.8p6 of <code>sntp</code>.
 
   <p>The program implements the SNTP protocol as defined by RFC 5905, the NTPv4
 IETF specification.
@@ -176,7 +176,7 @@ the usage text by passing it through a pager program.
 used to select the program, defaulting to <span class="file">more</span>.  Both will exit
 with a status code of 0.
 
-<pre class="example">sntp - standard Simple Network Time Protocol client program - Ver. 4.2.8p5
+<pre class="example">sntp - standard Simple Network Time Protocol client program - Ver. 4.2.8p6
 Usage:  sntp [ -&lt;flag&gt; [&lt;val&gt;] | --&lt;name&gt;[{=| }&lt;val&gt;] ]... \
                 [ hostname-or-IP ...]
   Flg Arg Option-Name    Description
diff --git a/contrib/ntp/sntp/sntp.man.in b/contrib/ntp/sntp/sntp.man.in
index 1d5e571..c223eb5 100644
--- a/contrib/ntp/sntp/sntp.man.in
+++ b/contrib/ntp/sntp/sntp.man.in
@@ -10,11 +10,11 @@
 .ds B-Font B
 .ds I-Font I
 .ds R-Font R
-.TH sntp @SNTP_MS@ "07 Jan 2016" "4.2.8p5" "User Commands"
+.TH sntp @SNTP_MS@ "20 Jan 2016" "4.2.8p6" "User Commands"
 .\"
-.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-e.aO3S/ag-r.aG2S)
+.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-vxaitn/ag-Ixaasn)
 .\"
-.\" It has been AutoGen-ed January 7, 2016 at 11:23:20 PM by AutoGen 5.18.5
+.\" It has been AutoGen-ed January 20, 2016 at 04:06:38 AM by AutoGen 5.18.5
 .\" From the definitions sntp-opts.def
 .\" and the template file agman-cmd.tpl
 .SH NAME
@@ -348,7 +348,7 @@ it to autogen-users@lists.sourceforge.net.  Thank you.
 .NOP  "Dave Hart" 
 .br
 .SH "COPYRIGHT"
-Copyright (C) 1992-2015 The University of Delaware and Network Time Foundation all rights reserved.
+Copyright (C) 1992-2016 The University of Delaware and Network Time Foundation all rights reserved.
 This program is released under the terms of the NTP license, <http://ntp.org/license>.
 .SH "BUGS"
 Please send bug reports to: http://bugs.ntp.org, bugs@ntp.org
diff --git a/contrib/ntp/sntp/sntp.mdoc.in b/contrib/ntp/sntp/sntp.mdoc.in
index 5168a99..2e15332 100644
--- a/contrib/ntp/sntp/sntp.mdoc.in
+++ b/contrib/ntp/sntp/sntp.mdoc.in
@@ -1,9 +1,9 @@
-.Dd January 7 2016
+.Dd January 20 2016
 .Dt SNTP @SNTP_MS@ User Commands
 .Os
 .\"  EDIT THIS FILE WITH CAUTION  (sntp-opts.mdoc)
 .\"
-.\"  It has been AutoGen-ed  January  7, 2016 at 11:23:27 PM by AutoGen 5.18.5
+.\"  It has been AutoGen-ed  January 20, 2016 at 04:06:45 AM by AutoGen 5.18.5
 .\"  From the definitions    sntp-opts.def
 .\"  and the template file   agmdoc-cmd.tpl
 .Sh NAME
@@ -303,7 +303,7 @@ it to autogen\-users@lists.sourceforge.net.  Thank you.
 .An "Harlan Stenn"
 .An "Dave Hart"
 .Sh "COPYRIGHT"
-Copyright (C) 1992\-2015 The University of Delaware and Network Time Foundation all rights reserved.
+Copyright (C) 1992\-2016 The University of Delaware and Network Time Foundation all rights reserved.
 This program is released under the terms of the NTP license, <http://ntp.org/license>.
 .Sh "BUGS"
 Please send bug reports to: http://bugs.ntp.org, bugs@ntp.org
diff --git a/contrib/ntp/sntp/tests/crypto.c b/contrib/ntp/sntp/tests/crypto.c
index 82d2859..fb2dc62 100644
--- a/contrib/ntp/sntp/tests/crypto.c
+++ b/contrib/ntp/sntp/tests/crypto.c
@@ -18,8 +18,8 @@ void test_PacketSizeNotMultipleOfFourBytes(void);
 
 
 void
-test_MakeMd5Mac(void) {
-
+test_MakeMd5Mac(void)
+{
 	const char* PKT_DATA = "abcdefgh0123";
 	const int PKT_LEN = strlen(PKT_DATA);
 	const char* EXPECTED_DIGEST =
@@ -34,15 +34,17 @@ test_MakeMd5Mac(void) {
 	memcpy(&md5.type, "MD5", 4);
 
 	TEST_ASSERT_EQUAL(MD5_LENGTH,
-			  make_mac((char*)PKT_DATA, PKT_LEN, MD5_LENGTH, &md5, actual));
+			  make_mac(PKT_DATA, PKT_LEN, MD5_LENGTH, &md5, actual));
 
 	TEST_ASSERT_TRUE(memcmp(EXPECTED_DIGEST, actual, MD5_LENGTH) == 0);
 }
 
 
 void
-test_MakeSHA1Mac(void) {
+test_MakeSHA1Mac(void)
+{
 #ifdef OPENSSL
+
 	const char* PKT_DATA = "abcdefgh0123";
 	const int PKT_LEN = strlen(PKT_DATA);
 	const char* EXPECTED_DIGEST =
@@ -58,22 +60,26 @@ test_MakeSHA1Mac(void) {
 	memcpy(&sha1.type, "SHA1", 5);
 
 	TEST_ASSERT_EQUAL(SHA1_LENGTH,
-			  make_mac((char*)PKT_DATA, PKT_LEN, SHA1_LENGTH, &sha1, actual));
+			  make_mac(PKT_DATA, PKT_LEN, SHA1_LENGTH, &sha1, actual));
 
 	TEST_ASSERT_EQUAL_MEMORY(EXPECTED_DIGEST, actual, SHA1_LENGTH);
+	
 #else
+	
 	TEST_IGNORE_MESSAGE("OpenSSL not found, skipping...");
+	
 #endif	/* OPENSSL */
 }
 
 
 void
-test_VerifyCorrectMD5(void) {
+test_VerifyCorrectMD5(void)
+{
 	const char* PKT_DATA =
-		"sometestdata"		// Data
-		"\0\0\0\0"			// Key-ID (unused)
-		"\xc7\x58\x99\xdd\x99\x32\x0f\x71" // MAC
-		"\x2b\x7b\xfe\x4f\xa2\x32\xcf\xac";
+	    "sometestdata"			/* Data */
+	    "\0\0\0\0"				/* Key-ID (unused) */
+	    "\xc7\x58\x99\xdd\x99\x32\x0f\x71"	/* MAC */
+	    "\x2b\x7b\xfe\x4f\xa2\x32\xcf\xac";
 	const int PKT_LEN = 12;
 
 	struct key md5;
@@ -83,18 +89,20 @@ test_VerifyCorrectMD5(void) {
 	memcpy(&md5.key_seq, "md5key", md5.key_len);
 	memcpy(&md5.type, "MD5", 4);
 
-	TEST_ASSERT_TRUE(auth_md5((char*)PKT_DATA, PKT_LEN, MD5_LENGTH, &md5));
+	TEST_ASSERT_TRUE(auth_md5(PKT_DATA, PKT_LEN, MD5_LENGTH, &md5));
 }
 
 
 void
-test_VerifySHA1(void) {
+test_VerifySHA1(void)
+{
 #ifdef OPENSSL
+
 	const char* PKT_DATA =
-		"sometestdata"		// Data
-		"\0\0\0\0"			// Key-ID (unused)
-		"\xad\x07\xde\x36\x39\xa6\x77\xfa\x5b\xce" // MAC
-		"\x2d\x8a\x7d\x06\x96\xe6\x0c\xbc\xed\xe1";
+	    "sometestdata"				/* Data */
+	    "\0\0\0\0"					/* Key-ID (unused) */
+	    "\xad\x07\xde\x36\x39\xa6\x77\xfa\x5b\xce"	/* MAC */
+	    "\x2d\x8a\x7d\x06\x96\xe6\x0c\xbc\xed\xe1";
 	const int PKT_LEN = 12;
 
 	struct key sha1;
@@ -104,21 +112,26 @@ test_VerifySHA1(void) {
 	memcpy(&sha1.key_seq, "sha1key", sha1.key_len);
 	memcpy(&sha1.type, "SHA1", 5);
 
-	TEST_ASSERT_TRUE(auth_md5((char*)PKT_DATA, PKT_LEN, SHA1_LENGTH, &sha1));
+	TEST_ASSERT_TRUE(auth_md5(PKT_DATA, PKT_LEN, SHA1_LENGTH, &sha1));
+	
 #else
+	
 	TEST_IGNORE_MESSAGE("OpenSSL not found, skipping...");
+	
 #endif	/* OPENSSL */
 }
 
 void
-test_VerifyFailure(void) {
-	/* We use a copy of the MD5 verification code, but modify
-	 * the last bit to make sure verification fails. */
+test_VerifyFailure(void)
+{
+	/* We use a copy of the MD5 verification code, but modify the
+	 * last bit to make sure verification fails.
+	 */
 	const char* PKT_DATA =
-		"sometestdata"		// Data
-		"\0\0\0\0"			// Key-ID (unused)
-		"\xc7\x58\x99\xdd\x99\x32\x0f\x71"	// MAC
-		"\x2b\x7b\xfe\x4f\xa2\x32\xcf\x00"; // Last byte is wrong!
+	    "sometestdata"			/* Data */
+	    "\0\0\0\0"				/* Key-ID (unused) */
+	    "\xc7\x58\x99\xdd\x99\x32\x0f\x71"	/* MAC */
+	    "\x2b\x7b\xfe\x4f\xa2\x32\xcf\x00"; /* Last byte is wrong! */
 	const int PKT_LEN = 12;
 
 	struct key md5;
@@ -128,12 +141,13 @@ test_VerifyFailure(void) {
 	memcpy(&md5.key_seq, "md5key", md5.key_len);
 	memcpy(&md5.type, "MD5", 4);
 
-	TEST_ASSERT_FALSE(auth_md5((char*)PKT_DATA, PKT_LEN, MD5_LENGTH, &md5));
+	TEST_ASSERT_FALSE(auth_md5(PKT_DATA, PKT_LEN, MD5_LENGTH, &md5));
 }
 
 
 void
-test_PacketSizeNotMultipleOfFourBytes(void) {
+test_PacketSizeNotMultipleOfFourBytes(void)
+{
 	const char* PKT_DATA = "123456";
 	const int PKT_LEN = 6;
 	char actual[MD5_LENGTH];
@@ -145,5 +159,5 @@ test_PacketSizeNotMultipleOfFourBytes(void) {
 	memcpy(&md5.key_seq, "md5seq", md5.key_len);
 	memcpy(&md5.type, "MD5", 4);
 
-	TEST_ASSERT_EQUAL(0, make_mac((char*)PKT_DATA, PKT_LEN, MD5_LENGTH, &md5, actual));
+	TEST_ASSERT_EQUAL(0, make_mac(PKT_DATA, PKT_LEN, MD5_LENGTH, &md5, actual));
 }
diff --git a/contrib/ntp/sntp/tests/fileHandlingTest.c b/contrib/ntp/sntp/tests/fileHandlingTest.c
index ce3f0de..8acad54 100644
--- a/contrib/ntp/sntp/tests/fileHandlingTest.c
+++ b/contrib/ntp/sntp/tests/fileHandlingTest.c
@@ -3,35 +3,52 @@
 #include "stdlib.h"
 #include "sntptest.h"
 
-#include "fileHandlingTest.h" //required because of the h.in thingy
+#include "fileHandlingTest.h" /* required because of the h.in thingy */
 
 #include <string.h>
 #include <unistd.h>
 
-/*
-enum DirectoryType {
-	INPUT_DIR = 0,
-	OUTPUT_DIR = 1
-};
-*/
-//extern const char srcdir[];
-
 const char *
-CreatePath(const char* filename, enum DirectoryType argument) {
-	const char srcdir[] = SRCDIR_DEF;//"@abs_srcdir@/data/";
-	char * path = emalloc (sizeof (char) * (strlen(srcdir) + 256));
-
-	//char cwd[1024];
+CreatePath(
+	const char *		filename,
+	enum DirectoryType 	argument
+	)
+{
+	const char 	srcdir[] = SRCDIR_DEF;//"@abs_srcdir@/data/";
+	size_t		plen = sizeof(srcdir) + strlen(filename) + 1;
+	char * 		path = emalloc(plen);
+	ssize_t		retc;
+
+	UNUSED_ARG(argument);
+
+	retc = snprintf(path, plen, "%s%s", srcdir, filename);
+	if (retc <= 0 || (size_t)retc >= plen)
+		exit(1);
+	return path;
+}
 
-	strcpy(path, srcdir);
-	strcat(path, filename);
 
-	return path;
+void
+DestroyPath(
+	const char *	pathname
+	)
+{
+	/* use a union to get terminally rid of the 'const' attribute */
+	union {
+		const char *ccp;
+		void       *vp;
+	} any;
+
+	any.ccp = pathname;
+	free(any.vp);
 }
 
 
 int
-GetFileSize(FILE *file) {
+GetFileSize(
+	FILE *	file
+	)
+{
 	fseek(file, 0L, SEEK_END);
 	int length = ftell(file);
 	fseek(file, 0L, SEEK_SET);
@@ -41,7 +58,11 @@ GetFileSize(FILE *file) {
 
 
 bool
-CompareFileContent(FILE* expected, FILE* actual) {
+CompareFileContent(
+	FILE *	expected,
+	FILE *	actual
+	)
+{
 	int currentLine = 1;
 
 	char actualLine[1024];
@@ -67,8 +88,10 @@ CompareFileContent(FILE* expected, FILE* actual) {
 
 
 void
-ClearFile(const char * filename) {
+ClearFile(
+	const char * filename
+	)
+{
 	if (!truncate(filename, 0))
 		exit(1);
 }
-
diff --git a/contrib/ntp/sntp/tests/fileHandlingTest.h.in b/contrib/ntp/sntp/tests/fileHandlingTest.h.in
index e7d99ee..b93ed9e 100644
--- a/contrib/ntp/sntp/tests/fileHandlingTest.h.in
+++ b/contrib/ntp/sntp/tests/fileHandlingTest.h.in
@@ -15,21 +15,12 @@ enum DirectoryType {
 };
 
 #define SRCDIR_DEF "@abs_srcdir@/data/";
-//const char srcdir[] = "@abs_srcdir@/data/";
-
-const char *
-CreatePath(const char* filename, enum DirectoryType argument);
-
-
-int
-GetFileSize(FILE *file);
-
-
-bool
-CompareFileContent(FILE* expected, FILE* actual);
-
-void
-ClearFile(const char * filename) ;
 
+extern	const char * 	CreatePath(const char* filename,
+				   enum DirectoryType argument);
+extern	void		DestroyPath(const char* pathname);
+extern	int		GetFileSize(FILE *file);
+extern	bool		CompareFileContent(FILE* expected, FILE* actual);
+extern	void		ClearFile(const char * filename) ;
 
 #endif // FILE_HANDLING_TEST_H
diff --git a/contrib/ntp/sntp/tests/keyFile.c b/contrib/ntp/sntp/tests/keyFile.c
index 883658a..395ca0d 100644
--- a/contrib/ntp/sntp/tests/keyFile.c
+++ b/contrib/ntp/sntp/tests/keyFile.c
@@ -17,24 +17,28 @@ void test_ReadKeyFileWithInvalidHex(void);
 
 
 bool
-CompareKeys(struct key expected, struct key actual) {
-	if (expected.key_id != actual.key_id){
-		printf("Expected key_id: %d", expected.key_id);
-		printf(" but was: %d\n", actual.key_id);
+CompareKeys(
+	struct key	expected,
+	struct key	actual
+	)
+{
+	if (expected.key_id != actual.key_id) {
+		printf("Expected key_id: %d but was: %d\n",
+		       expected.key_id, actual.key_id);
 		return FALSE;
 	}
-	if (expected.key_len != actual.key_len){
-		printf("Expected key_len: %d", expected.key_len);
-		printf(" but was: %d\n", actual.key_len);
+	if (expected.key_len != actual.key_len) {
+		printf("Expected key_len: %d but was: %d\n",
+		       expected.key_len, actual.key_len);
 		return FALSE;
 	}
-	if (strcmp(expected.type, actual.type) != 0){
-		printf("Expected key_type: %s", expected.type);
-		printf(" but was: %s\n", actual.type);
+	if (strcmp(expected.type, actual.type) != 0) {
+		printf("Expected key_type: %s but was: %s\n",
+		       expected.type, actual.type);
 		return FALSE;
 
 	}
-	if (memcmp(expected.key_seq, actual.key_seq, expected.key_len) != 0){
+	if (memcmp(expected.key_seq, actual.key_seq, expected.key_len) != 0) {
 		printf("Key mismatch!\n");
 		return FALSE;		
 	}
@@ -43,12 +47,15 @@ CompareKeys(struct key expected, struct key actual) {
 
 
 bool
-CompareKeysAlternative(int key_id,
-	       int key_len,
-	       const char* type,
-	       const char* key_seq,
-	       struct key actual) {
-	struct key temp;
+CompareKeysAlternative(
+	int		key_id,
+	int		key_len,
+	const char *	type,
+	const char *	key_seq,
+	struct key	actual
+	)
+{
+	struct key	temp;
 
 	temp.key_id = key_id;
 	temp.key_len = key_len;
@@ -60,30 +67,32 @@ CompareKeysAlternative(int key_id,
 
 
 void
-test_ReadEmptyKeyFile(void) {
-	struct key* keys = NULL;
-	const char *path = CreatePath("key-test-empty", INPUT_DIR);
+test_ReadEmptyKeyFile(void)
+{
+	struct key *	keys = NULL;
+	const char *	path = CreatePath("key-test-empty", INPUT_DIR);
 
 	TEST_ASSERT_NOT_NULL(path);
 	TEST_ASSERT_EQUAL(0, auth_init(path, &keys));
 	TEST_ASSERT_NULL(keys);
 
-	free((void *)path);
+	DestroyPath(path);
 }
 
 
 void
-test_ReadASCIIKeys(void) {
-	struct key* keys = NULL;
-	const char *path = CreatePath("key-test-ascii", INPUT_DIR);
+test_ReadASCIIKeys(void)
+{
+	struct key *	keys = NULL;
+	struct key *	result = NULL;
+	const char *	path = CreatePath("key-test-ascii", INPUT_DIR);
 
 	TEST_ASSERT_NOT_NULL(path);
 	TEST_ASSERT_EQUAL(2, auth_init(path, &keys));
 	TEST_ASSERT_NOT_NULL(keys);
 
-	free((void *)path);
+	DestroyPath(path);
 
-	struct key* result = NULL;
 	get_key(40, &result);
 	TEST_ASSERT_NOT_NULL(result);
 	TEST_ASSERT_TRUE(CompareKeysAlternative(40, 11, "MD5", "asciikeyTwo", *result));
@@ -96,16 +105,19 @@ test_ReadASCIIKeys(void) {
 
 
 void
-test_ReadHexKeys(void) {
-	struct key* keys = NULL;
-	const char *path = CreatePath("key-test-hex", INPUT_DIR);
+test_ReadHexKeys(void)
+{
+	struct key *	keys = NULL;
+	struct key *	result = NULL;
+	const char *	path = CreatePath("key-test-hex", INPUT_DIR);
+	char 		data1[15];
+	char 		data2[13];
 
 	TEST_ASSERT_NOT_NULL(path);
 	TEST_ASSERT_EQUAL(3, auth_init(path, &keys));
 	TEST_ASSERT_NOT_NULL(keys);
-	free((void *)path);
+	DestroyPath(path);
 
-	struct key* result = NULL;
 	get_key(10, &result);
 	TEST_ASSERT_NOT_NULL(result);
 	TEST_ASSERT_TRUE(CompareKeysAlternative(10, 13, "MD5",
@@ -114,31 +126,36 @@ test_ReadHexKeys(void) {
 	result = NULL;
 	get_key(20, &result);
 	TEST_ASSERT_NOT_NULL(result);
-	char data1[15]; memset(data1, 0x11, 15);
+
+	memset(data1, 0x11, 15);
 	TEST_ASSERT_TRUE(CompareKeysAlternative(20, 15, "MD5", data1, *result));
 
 	result = NULL;
 	get_key(30, &result);
 	TEST_ASSERT_NOT_NULL(result);
-	char data2[13]; memset(data2, 0x01, 13);
+
+	memset(data2, 0x01, 13);
 	TEST_ASSERT_TRUE(CompareKeysAlternative(30, 13, "MD5", data2, *result));
 }
 
 
 void
-test_ReadKeyFileWithComments(void) {
-	struct key* keys = NULL;
-	const char *path = CreatePath("key-test-comments", INPUT_DIR);
+test_ReadKeyFileWithComments(void)
+{
+	struct key *	keys = NULL;
+	struct key *	result = NULL;
+	const char *	path = CreatePath("key-test-comments", INPUT_DIR);
+	char 		data[15];
 
 	TEST_ASSERT_NOT_NULL(path);
 	TEST_ASSERT_EQUAL(2, auth_init(path, &keys));
 	TEST_ASSERT_NOT_NULL(keys);
-	free((void *)path);
+	DestroyPath(path);
 
-	struct key* result = NULL;
 	get_key(10, &result);
 	TEST_ASSERT_NOT_NULL(result);
-	char data[15]; memset(data, 0x01, 15);
+
+	memset(data, 0x01, 15);
 	TEST_ASSERT_TRUE(CompareKeysAlternative(10, 15, "MD5", data, *result));
 
 	result = NULL;
@@ -149,22 +166,25 @@ test_ReadKeyFileWithComments(void) {
 
 
 void
-test_ReadKeyFileWithInvalidHex(void) {
-	struct key* keys = NULL;
-	const char *path = CreatePath("key-test-invalid-hex", INPUT_DIR);
+test_ReadKeyFileWithInvalidHex(void)
+{
+	struct key *	keys = NULL;
+	struct key *	result = NULL;
+	const char *	path = CreatePath("key-test-invalid-hex", INPUT_DIR);
+	char 		data[15];
 
 	TEST_ASSERT_NOT_NULL(path);
 	TEST_ASSERT_EQUAL(1, auth_init(path, &keys));
 	TEST_ASSERT_NOT_NULL(keys);
-	free((void *)path);
+	DestroyPath(path);
 
-	struct key* result = NULL;
 	get_key(10, &result);
 	TEST_ASSERT_NOT_NULL(result);
-	char data[15]; memset(data, 0x01, 15);
+
+	memset(data, 0x01, 15);
 	TEST_ASSERT_TRUE(CompareKeysAlternative(10, 15, "MD5", data, *result));
 
 	result = NULL;
-	get_key(30, &result); // Should not exist, and result should remain NULL.
+	get_key(30, &result); /* Should not exist, and result should remain NULL. */
 	TEST_ASSERT_NULL(result);
 }
diff --git a/contrib/ntp/sntp/tests/packetHandling.c b/contrib/ntp/sntp/tests/packetHandling.c
index 1036fc3..595efa3 100644
--- a/contrib/ntp/sntp/tests/packetHandling.c
+++ b/contrib/ntp/sntp/tests/packetHandling.c
@@ -27,25 +27,29 @@ void test_HandleCorrectPacket(void);
 
 
 void
-setUp(void) { 
+setUp(void)
+{ 
 	init_lib(); 
 }
 
 
 int
-LfpEquality(const l_fp expected, const l_fp actual) {
-	if (L_ISEQU(&expected, &actual))
-		return TRUE; 
-	else
-		return FALSE;
+LfpEquality(
+	const l_fp	expected,
+	const l_fp 	actual
+	)
+{
+	return !!(L_ISEQU(&expected, &actual));
 }
 
 
 void
-test_GenerateUnauthenticatedPacket(void) {
-	struct pkt testpkt;
+test_GenerateUnauthenticatedPacket(void)
+{
+	struct pkt	testpkt;
+	struct timeval	xmt;
+	l_fp		expected_xmt, actual_xmt;
 
-	struct timeval xmt;
 	GETTIMEOFDAY(&xmt, NULL);
 	xmt.tv_sec += JAN_1970;
 
@@ -59,7 +63,6 @@ test_GenerateUnauthenticatedPacket(void) {
 	TEST_ASSERT_EQUAL(STRATUM_UNSPEC, PKT_TO_STRATUM(testpkt.stratum));
 	TEST_ASSERT_EQUAL(8, testpkt.ppoll);
 
-	l_fp expected_xmt, actual_xmt;
 	TVTOTS(&xmt, &expected_xmt);
 	NTOHL_FP(&testpkt.xmt, &actual_xmt);
 	TEST_ASSERT_TRUE(LfpEquality(expected_xmt, actual_xmt));
@@ -67,22 +70,25 @@ test_GenerateUnauthenticatedPacket(void) {
 
 
 void
-test_GenerateAuthenticatedPacket(void) {
-	struct key testkey;
+test_GenerateAuthenticatedPacket(void)
+{
+	static const int EXPECTED_PKTLEN = LEN_PKT_NOMAC + MAX_MD5_LEN;
+	
+	struct key	testkey;
+	struct pkt	testpkt;
+	struct timeval	xmt;
+	l_fp		expected_xmt, actual_xmt;
+	char 		expected_mac[MAX_MD5_LEN];
+	
 	testkey.next = NULL;
 	testkey.key_id = 30;
 	testkey.key_len = 9;
 	memcpy(testkey.key_seq, "123456789", testkey.key_len);
 	memcpy(testkey.type, "MD5", 3);
 
-	struct pkt testpkt;
-
-	struct timeval xmt;
 	GETTIMEOFDAY(&xmt, NULL);
 	xmt.tv_sec += JAN_1970;
 
-	const int EXPECTED_PKTLEN = LEN_PKT_NOMAC + MAX_MD5_LEN;
-
 	TEST_ASSERT_EQUAL(EXPECTED_PKTLEN,
 			  generate_pkt(&testpkt, &xmt, testkey.key_id, &testkey));
 
@@ -93,103 +99,102 @@ test_GenerateAuthenticatedPacket(void) {
 	TEST_ASSERT_EQUAL(STRATUM_UNSPEC, PKT_TO_STRATUM(testpkt.stratum));
 	TEST_ASSERT_EQUAL(8, testpkt.ppoll);
 
-	l_fp expected_xmt, actual_xmt;
 	TVTOTS(&xmt, &expected_xmt);
 	NTOHL_FP(&testpkt.xmt, &actual_xmt);
 	TEST_ASSERT_TRUE(LfpEquality(expected_xmt, actual_xmt));
 
 	TEST_ASSERT_EQUAL(testkey.key_id, ntohl(testpkt.exten[0]));
 	
-	char expected_mac[MAX_MD5_LEN];
-	TEST_ASSERT_EQUAL(MAX_MD5_LEN - 4, // Remove the key_id, only keep the mac.
-			  make_mac((char*)&testpkt, LEN_PKT_NOMAC, MAX_MD5_LEN, &testkey, expected_mac));
+	TEST_ASSERT_EQUAL(MAX_MD5_LEN - 4, /* Remove the key_id, only keep the mac. */
+			  make_mac(&testpkt, LEN_PKT_NOMAC, MAX_MD5_LEN, &testkey, expected_mac));
 	TEST_ASSERT_EQUAL_MEMORY(expected_mac, (char*)&testpkt.exten[1], MAX_MD5_LEN -4);
 }
 
 
 void
-test_OffsetCalculationPositiveOffset(void) {
-	struct pkt rpkt;
-
-	rpkt.precision = -16; // 0,000015259
+test_OffsetCalculationPositiveOffset(void)
+{
+	struct pkt	rpkt;
+	l_fp		reftime, tmp;
+	struct timeval	dst;
+	double		offset, precision, synch_distance;
+
+	rpkt.precision = -16; /* 0,000015259 */
 	rpkt.rootdelay = HTONS_FP(DTOUFP(0.125));
 	rpkt.rootdisp = HTONS_FP(DTOUFP(0.25));
-	// Synch Distance: (0.125+0.25)/2.0 == 0.1875
-	l_fp reftime;
+
+	/* Synch Distance: (0.125+0.25)/2.0 == 0.1875 */
 	get_systime(&reftime);
 	HTONL_FP(&reftime, &rpkt.reftime);
 
-	l_fp tmp;
-
-	// T1 - Originate timestamp
+	/* T1 - Originate timestamp */
 	tmp.l_ui = 1000000000UL;
 	tmp.l_uf = 0UL;
 	HTONL_FP(&tmp, &rpkt.org);
 
-	// T2 - Receive timestamp
+	/* T2 - Receive timestamp */
 	tmp.l_ui = 1000000001UL;
 	tmp.l_uf = 2147483648UL;
 	HTONL_FP(&tmp, &rpkt.rec);
 
-	// T3 - Transmit timestamp
+	/* T3 - Transmit timestamp */
 	tmp.l_ui = 1000000002UL;
 	tmp.l_uf = 0UL;
 	HTONL_FP(&tmp, &rpkt.xmt);
 
-	// T4 - Destination timestamp as standard timeval
+	/* T4 - Destination timestamp as standard timeval */
 	tmp.l_ui = 1000000001UL;
 	tmp.l_uf = 0UL;
-	struct timeval dst;
 	TSTOTV(&tmp, &dst);
 	dst.tv_sec -= JAN_1970;
 
-	double offset, precision, synch_distance;
 	offset_calculation(&rpkt, LEN_PKT_NOMAC, &dst, &offset, &precision, &synch_distance);
 
 	TEST_ASSERT_EQUAL_DOUBLE(1.25, offset);
 	TEST_ASSERT_EQUAL_DOUBLE(1. / ULOGTOD(16), precision);
-	// 1.1250150000000001 ?
+	/* 1.1250150000000001 ? */
 	TEST_ASSERT_EQUAL_DOUBLE(1.125015, synch_distance);
 }
 
 
 void
-test_OffsetCalculationNegativeOffset(void) {
-	struct pkt rpkt;
+test_OffsetCalculationNegativeOffset(void)
+{
+	struct pkt	rpkt;
+	l_fp		reftime, tmp;
+	struct timeval	dst;
+	double		offset, precision, synch_distance;
 
 	rpkt.precision = -1;
 	rpkt.rootdelay = HTONS_FP(DTOUFP(0.5));
 	rpkt.rootdisp = HTONS_FP(DTOUFP(0.5));
-	// Synch Distance is (0.5+0.5)/2.0, or 0.5
-	l_fp reftime;
+	
+	/* Synch Distance is (0.5+0.5)/2.0, or 0.5 */
 	get_systime(&reftime);
 	HTONL_FP(&reftime, &rpkt.reftime);
 
-	l_fp tmp;
-
-	// T1 - Originate timestamp
+	/* T1 - Originate timestamp */
 	tmp.l_ui = 1000000001UL;
 	tmp.l_uf = 0UL;
 	HTONL_FP(&tmp, &rpkt.org);
 
-	// T2 - Receive timestamp
+	/* T2 - Receive timestamp */
 	tmp.l_ui = 1000000000UL;
 	tmp.l_uf = 2147483648UL;
 	HTONL_FP(&tmp, &rpkt.rec);
 
-	// T3 - Transmit timestamp
+	/*/ T3 - Transmit timestamp */
 	tmp.l_ui = 1000000001UL;
 	tmp.l_uf = 2147483648UL;
 	HTONL_FP(&tmp, &rpkt.xmt);
 
-	// T4 - Destination timestamp as standard timeval
+	/* T4 - Destination timestamp as standard timeval */
 	tmp.l_ui = 1000000003UL;
 	tmp.l_uf = 0UL;
-	struct timeval dst;
+
 	TSTOTV(&tmp, &dst);
 	dst.tv_sec -= JAN_1970;
 
-	double offset, precision, synch_distance;
 	offset_calculation(&rpkt, LEN_PKT_NOMAC, &dst, &offset, &precision, &synch_distance);
 
 	TEST_ASSERT_EQUAL_DOUBLE(-1, offset);
@@ -199,8 +204,9 @@ test_OffsetCalculationNegativeOffset(void) {
 
 
 void
-test_HandleUnusableServer(void) {
-	struct pkt		rpkt;
+test_HandleUnusableServer(void)
+{
+	struct pkt	rpkt;
 	sockaddr_u	host;
 	int		rpktl;
 
@@ -212,8 +218,9 @@ test_HandleUnusableServer(void) {
 
 
 void
-test_HandleUnusablePacket(void) {
-	struct pkt		rpkt;
+test_HandleUnusablePacket(void)
+{
+	struct pkt	rpkt;
 	sockaddr_u	host;
 	int		rpktl;
 
@@ -225,8 +232,9 @@ test_HandleUnusablePacket(void) {
 
 
 void
-test_HandleServerAuthenticationFailure(void) {
-	struct pkt		rpkt;
+test_HandleServerAuthenticationFailure(void)
+{
+	struct pkt	rpkt;
 	sockaddr_u	host;
 	int		rpktl;
 
@@ -238,12 +246,13 @@ test_HandleServerAuthenticationFailure(void) {
 
 
 void
-test_HandleKodDemobilize(void) {
-	const char *	HOSTNAME = "192.0.2.1";
-	const char *	REASON = "DENY";
+test_HandleKodDemobilize(void)
+{
+	static const char *	HOSTNAME = "192.0.2.1";
+	static const char *	REASON = "DENY";
 	struct pkt		rpkt;
-	sockaddr_u	host;
-	int		rpktl;
+	sockaddr_u		host;
+	int			rpktl;
 	struct kod_entry *	entry;
 
 	rpktl = KOD_DEMOBILIZE;
@@ -253,7 +262,7 @@ test_HandleKodDemobilize(void) {
 	host.sa4.sin_family = AF_INET;
 	host.sa4.sin_addr.s_addr = inet_addr(HOSTNAME);
 
-	// Test that the KOD-entry is added to the database.
+	/* Test that the KOD-entry is added to the database. */
 	kod_init_kod_db("/dev/null", TRUE);
 
 	TEST_ASSERT_EQUAL(1, handle_pkt(rpktl, &rpkt, &host, HOSTNAME));
@@ -264,8 +273,9 @@ test_HandleKodDemobilize(void) {
 
 
 void
-test_HandleKodRate(void) {
-	struct 	pkt		rpkt;
+test_HandleKodRate(void)
+{
+	struct 	pkt	rpkt;
 	sockaddr_u	host;
 	int		rpktl;
 
@@ -277,13 +287,14 @@ test_HandleKodRate(void) {
 
 
 void
-test_HandleCorrectPacket(void) {
-	struct pkt		rpkt;
+test_HandleCorrectPacket(void)
+{
+	struct pkt	rpkt;
 	sockaddr_u	host;
 	int		rpktl;
 	l_fp		now;
 
-	// We don't want our testing code to actually change the system clock.
+	/* We don't want our testing code to actually change the system clock. */
 	TEST_ASSERT_FALSE(ENABLED_OPT(STEP));
 	TEST_ASSERT_FALSE(ENABLED_OPT(SLEW));
 
diff --git a/contrib/ntp/sntp/tests/packetProcessing.c b/contrib/ntp/sntp/tests/packetProcessing.c
index 1fd649e..88e61cc 100644
--- a/contrib/ntp/sntp/tests/packetProcessing.c
+++ b/contrib/ntp/sntp/tests/packetProcessing.c
@@ -1,4 +1,10 @@
 #include "config.h"
+
+/* need autokey for some of the tests, or the will create buffer overruns. */
+#ifndef AUTOKEY
+# define AUTOKEY 1
+#endif
+
 #include "sntptest.h"
 #include "networking.h"
 #include "ntp_stdlib.h"
@@ -43,10 +49,13 @@ bool restoreKeyDb;
 
 
 void
-PrepareAuthenticationTest(int key_id,
-							   int key_len,
-							   const char* type,
-							   const void* key_seq) {
+PrepareAuthenticationTest(
+	int		key_id,
+	int		key_len,
+	const char *	type,
+	const void *	key_seq
+	)
+{
 	char str[25];
 	snprintf(str, 25, "%d", key_id);
 	ActivateOption("-a", str);
@@ -66,28 +75,34 @@ PrepareAuthenticationTest(int key_id,
 
 
 void
-PrepareAuthenticationTestMD5(int key_id,
-							   int key_len,
-							   const void* key_seq) {
+PrepareAuthenticationTestMD5(
+	int 		key_id,
+	int 		key_len,
+	const void *	key_seq
+	)
+{
 	PrepareAuthenticationTest(key_id, key_len, "MD5", key_seq);
 }
 
 
 void
-setUp(void) {
+setUp(void)
+{
 
 	sntptest();
 	restoreKeyDb = false;
 
 	/* Initialize the test packet and socket,
-	 * so they contain at least some valid data. */
+	 * so they contain at least some valid data.
+	 */
 	testpkt.li_vn_mode = PKT_LI_VN_MODE(LEAP_NOWARNING, NTP_VERSION,
 										MODE_SERVER);
 	testpkt.stratum = STRATUM_REFCLOCK;
 	memcpy(&testpkt.refid, "GPS\0", 4);
 
 	/* Set the origin timestamp of the received packet to the
-	 * same value as the transmit timestamp of the sent packet. */
+	 * same value as the transmit timestamp of the sent packet.
+	 */
 	l_fp tmp;
 	tmp.l_ui = 1000UL;
 	tmp.l_uf = 0UL;
@@ -98,189 +113,202 @@ setUp(void) {
 
 
 void
-tearDown(void) {
-	
+tearDown(void)
+{	
 	if (restoreKeyDb) {
 		key_cnt = 0;
 		free(key_ptr);
 		key_ptr = NULL;
 	}
 
-	sntptest_destroy(); //only on the final test!! if counter == 0 etc...
+	sntptest_destroy(); /* only on the final test!! if counter == 0 etc... */
 }
 
 
-
 void
-test_TooShortLength(void) {
+test_TooShortLength(void)
+{
 	TEST_ASSERT_EQUAL(PACKET_UNUSEABLE,
 			  process_pkt(&testpkt, &testsock, LEN_PKT_NOMAC - 1,
-						  MODE_SERVER, &testspkt, "UnitTest"));
+				      MODE_SERVER, &testspkt, "UnitTest"));
 	TEST_ASSERT_EQUAL(PACKET_UNUSEABLE,
 			  process_pkt(&testpkt, &testsock, LEN_PKT_NOMAC - 1,
-						  MODE_BROADCAST, &testspkt, "UnitTest"));
+				      MODE_BROADCAST, &testspkt, "UnitTest"));
 }
 
 
 void
-test_LengthNotMultipleOfFour(void) {
+test_LengthNotMultipleOfFour(void)
+{
 	TEST_ASSERT_EQUAL(PACKET_UNUSEABLE,
 			  process_pkt(&testpkt, &testsock, LEN_PKT_NOMAC + 6,
-						  MODE_SERVER, &testspkt, "UnitTest"));
+				      MODE_SERVER, &testspkt, "UnitTest"));
 	TEST_ASSERT_EQUAL(PACKET_UNUSEABLE,
 			  process_pkt(&testpkt, &testsock, LEN_PKT_NOMAC + 3,
-						  MODE_BROADCAST, &testspkt, "UnitTest"));
+				      MODE_BROADCAST, &testspkt, "UnitTest"));
 }
 
 
 void
-test_TooShortExtensionFieldLength(void) {
+test_TooShortExtensionFieldLength(void)
+{
 	/* The lower 16-bits are the length of the extension field.
 	 * This lengths must be multiples of 4 bytes, which gives
-	 * a minimum of 4 byte extension field length. */
-	testpkt.exten[7] = htonl(3); // 3 bytes is too short.
+	 * a minimum of 4 byte extension field length.
+	 */
+	testpkt.exten[7] = htonl(3); /* 3 bytes is too short. */
 
 	/* We send in a pkt_len of header size + 4 byte extension
 	 * header + 24 byte MAC, this prevents the length error to
-	 * be caught at an earlier stage */
+	 * be caught at an earlier stage
+	 */
 	int pkt_len = LEN_PKT_NOMAC + 4 + 24;
 
 	TEST_ASSERT_EQUAL(PACKET_UNUSEABLE,
 			  process_pkt(&testpkt, &testsock, pkt_len,
-						  MODE_SERVER, &testspkt, "UnitTest"));
+				      MODE_SERVER, &testspkt, "UnitTest"));
 }
 
 
 void
-test_UnauthenticatedPacketReject(void) {
-	//sntptest();
-	// Activate authentication option
+test_UnauthenticatedPacketReject(void)
+{
+	/* Activate authentication option */
 	ActivateOption("-a", "123");
 	TEST_ASSERT_TRUE(ENABLED_OPT(AUTHENTICATION));
 
 	int pkt_len = LEN_PKT_NOMAC;
 
-	// We demand authentication, but no MAC header is present.
+	/* We demand authentication, but no MAC header is present. */
 	TEST_ASSERT_EQUAL(SERVER_AUTH_FAIL,
 			  process_pkt(&testpkt, &testsock, pkt_len,
-						  MODE_SERVER, &testspkt, "UnitTest"));
+				      MODE_SERVER, &testspkt, "UnitTest"));
 }
 
 
 void
-test_CryptoNAKPacketReject(void) {
-	// Activate authentication option
+test_CryptoNAKPacketReject(void)
+{
+	/* Activate authentication option */
 	ActivateOption("-a", "123");
 	TEST_ASSERT_TRUE(ENABLED_OPT(AUTHENTICATION));
 
-	int pkt_len = LEN_PKT_NOMAC + 4; // + 4 byte MAC = Crypto-NAK
+	int pkt_len = LEN_PKT_NOMAC + 4; /* + 4 byte MAC = Crypto-NAK */
 
 	TEST_ASSERT_EQUAL(SERVER_AUTH_FAIL,
 			  process_pkt(&testpkt, &testsock, pkt_len,
-						  MODE_SERVER, &testspkt, "UnitTest"));
+				      MODE_SERVER, &testspkt, "UnitTest"));
 }
 
 
 void
-test_AuthenticatedPacketInvalid(void) {
-	// Activate authentication option
+test_AuthenticatedPacketInvalid(void)
+{
+	/* Activate authentication option */
 	PrepareAuthenticationTestMD5(50, 9, "123456789");
 	TEST_ASSERT_TRUE(ENABLED_OPT(AUTHENTICATION));
 	
-	// Prepare the packet.
+	/* Prepare the packet. */
 	int pkt_len = LEN_PKT_NOMAC;
 
 	testpkt.exten[0] = htonl(50);
-	int mac_len = make_mac((char*)&testpkt, pkt_len,
-						   MAX_MD5_LEN, key_ptr,
-						   (char*)&testpkt.exten[1]);
+	int mac_len = make_mac(&testpkt, pkt_len,
+			       MAX_MD5_LEN, key_ptr,
+			       &testpkt.exten[1]);
 
 	pkt_len += 4 + mac_len;
 
-	// Now, alter the MAC so it becomes invalid.
+	/* Now, alter the MAC so it becomes invalid. */
 	testpkt.exten[1] += 1;
 
 	TEST_ASSERT_EQUAL(SERVER_AUTH_FAIL,
 			  process_pkt(&testpkt, &testsock, pkt_len,
-						  MODE_SERVER, &testspkt, "UnitTest"));
+				      MODE_SERVER, &testspkt, "UnitTest"));
 }
 
 
 void
-test_AuthenticatedPacketUnknownKey(void) {
-	// Activate authentication option
+test_AuthenticatedPacketUnknownKey(void)
+{
+	/* Activate authentication option */
 	PrepareAuthenticationTestMD5(30, 9, "123456789");
 	TEST_ASSERT_TRUE(ENABLED_OPT(AUTHENTICATION));
 	
-	// Prepare the packet. Observe that the Key-ID expected is 30,
-	// but the packet has a key id of 50.
+	/* Prepare the packet. Note that the Key-ID expected is 30, but
+	 * the packet has a key id of 50.
+	 */
 	int pkt_len = LEN_PKT_NOMAC;
 
 	testpkt.exten[0] = htonl(50);
-	int mac_len = make_mac((char*)&testpkt, pkt_len,
-						   MAX_MD5_LEN, key_ptr,
-						   (char*)&testpkt.exten[1]);
+	int mac_len = make_mac(&testpkt, pkt_len,
+			       MAX_MD5_LEN, key_ptr,
+			       &testpkt.exten[1]);
 	pkt_len += 4 + mac_len;
 
 	TEST_ASSERT_EQUAL(SERVER_AUTH_FAIL,
 			  process_pkt(&testpkt, &testsock, pkt_len,
-						  MODE_SERVER, &testspkt, "UnitTest"));
+				      MODE_SERVER, &testspkt, "UnitTest"));
 }
 
 
 void
-test_ServerVersionTooOld(void) {
+test_ServerVersionTooOld(void)
+{
 	TEST_ASSERT_FALSE(ENABLED_OPT(AUTHENTICATION));
 
 	testpkt.li_vn_mode = PKT_LI_VN_MODE(LEAP_NOWARNING,
-										NTP_OLDVERSION - 1,
-										MODE_CLIENT);
+					    NTP_OLDVERSION - 1,
+					    MODE_CLIENT);
 	TEST_ASSERT_TRUE(PKT_VERSION(testpkt.li_vn_mode) < NTP_OLDVERSION);
 
 	int pkt_len = LEN_PKT_NOMAC;
 	
 	TEST_ASSERT_EQUAL(SERVER_UNUSEABLE,
 			  process_pkt(&testpkt, &testsock, pkt_len,
-						  MODE_SERVER, &testspkt, "UnitTest"));
+				      MODE_SERVER, &testspkt, "UnitTest"));
 }
 
 
 void
-test_ServerVersionTooNew(void) {
+test_ServerVersionTooNew(void)
+{
 	TEST_ASSERT_FALSE(ENABLED_OPT(AUTHENTICATION));
 
 	testpkt.li_vn_mode = PKT_LI_VN_MODE(LEAP_NOWARNING,
-										NTP_VERSION + 1,
-										MODE_CLIENT);
+					    NTP_VERSION + 1,
+					    MODE_CLIENT);
 	TEST_ASSERT_TRUE(PKT_VERSION(testpkt.li_vn_mode) > NTP_VERSION);
 
 	int pkt_len = LEN_PKT_NOMAC;
 
 	TEST_ASSERT_EQUAL(SERVER_UNUSEABLE,
 			  process_pkt(&testpkt, &testsock, pkt_len,
-						  MODE_SERVER, &testspkt, "UnitTest"));
+				      MODE_SERVER, &testspkt, "UnitTest"));
 }
 
 
 void
-test_NonWantedMode(void) {
+test_NonWantedMode(void)
+{
 	TEST_ASSERT_FALSE(ENABLED_OPT(AUTHENTICATION));
 
 	testpkt.li_vn_mode = PKT_LI_VN_MODE(LEAP_NOWARNING,
-										NTP_VERSION,
-										MODE_CLIENT);
-
-	// The packet has a mode of MODE_CLIENT, but process_pkt expects MODE_SERVER
+					    NTP_VERSION,
+					    MODE_CLIENT);
 
+	/* The packet has a mode of MODE_CLIENT, but process_pkt expects
+	 * MODE_SERVER
+	 */
 	TEST_ASSERT_EQUAL(SERVER_UNUSEABLE,
 			  process_pkt(&testpkt, &testsock, LEN_PKT_NOMAC,
-						  MODE_SERVER, &testspkt, "UnitTest"));
+				      MODE_SERVER, &testspkt, "UnitTest"));
 }
 
 
 /* Tests bug 1597 */
 void
-test_KoDRate(void) {
+test_KoDRate(void)
+{
 	TEST_ASSERT_FALSE(ENABLED_OPT(AUTHENTICATION));
 
 	testpkt.stratum = STRATUM_PKT_UNSPEC;
@@ -288,12 +316,13 @@ test_KoDRate(void) {
 
 	TEST_ASSERT_EQUAL(KOD_RATE,
 			  process_pkt(&testpkt, &testsock, LEN_PKT_NOMAC,
-						  MODE_SERVER, &testspkt, "UnitTest"));
+				      MODE_SERVER, &testspkt, "UnitTest"));
 }
 
 
 void
-test_KoDDeny(void) {
+test_KoDDeny(void)
+{
 	TEST_ASSERT_FALSE(ENABLED_OPT(AUTHENTICATION));
 
 	testpkt.stratum = STRATUM_PKT_UNSPEC;
@@ -301,26 +330,28 @@ test_KoDDeny(void) {
 
 	TEST_ASSERT_EQUAL(KOD_DEMOBILIZE,
 			  process_pkt(&testpkt, &testsock, LEN_PKT_NOMAC,
-						  MODE_SERVER, &testspkt, "UnitTest"));
+				      MODE_SERVER, &testspkt, "UnitTest"));
 }
 
 
 void
-test_RejectUnsyncedServer(void) {
+test_RejectUnsyncedServer(void)
+{
 	TEST_ASSERT_FALSE(ENABLED_OPT(AUTHENTICATION));
 
 	testpkt.li_vn_mode = PKT_LI_VN_MODE(LEAP_NOTINSYNC,
-										NTP_VERSION,
-										MODE_SERVER);
+					    NTP_VERSION,
+					    MODE_SERVER);
 
 	TEST_ASSERT_EQUAL(SERVER_UNUSEABLE,
 			  process_pkt(&testpkt, &testsock, LEN_PKT_NOMAC,
-						  MODE_SERVER, &testspkt, "UnitTest"));
+				      MODE_SERVER, &testspkt, "UnitTest"));
 }
 
 
 void
-test_RejectWrongResponseServerMode(void) {
+test_RejectWrongResponseServerMode(void)
+{
 	TEST_ASSERT_FALSE(ENABLED_OPT(AUTHENTICATION));
 
 	l_fp tmp;
@@ -334,12 +365,13 @@ test_RejectWrongResponseServerMode(void) {
 
 	TEST_ASSERT_EQUAL(PACKET_UNUSEABLE,
 			  process_pkt(&testpkt, &testsock, LEN_PKT_NOMAC,
-						  MODE_SERVER, &testspkt, "UnitTest"));
+				      MODE_SERVER, &testspkt, "UnitTest"));
 }
 
 
 void
-test_AcceptNoSentPacketBroadcastMode(void) {
+test_AcceptNoSentPacketBroadcastMode(void)
+{
 	TEST_ASSERT_FALSE(ENABLED_OPT(AUTHENTICATION));
 
 	testpkt.li_vn_mode = PKT_LI_VN_MODE(LEAP_NOWARNING,
@@ -353,53 +385,55 @@ test_AcceptNoSentPacketBroadcastMode(void) {
 
 
 void
-test_CorrectUnauthenticatedPacket(void) {
+test_CorrectUnauthenticatedPacket(void)
+{
 	TEST_ASSERT_FALSE(ENABLED_OPT(AUTHENTICATION));
 
 	TEST_ASSERT_EQUAL(LEN_PKT_NOMAC,
 			  process_pkt(&testpkt, &testsock, LEN_PKT_NOMAC,
-						  MODE_SERVER, &testspkt, "UnitTest"));
+				      MODE_SERVER, &testspkt, "UnitTest"));
 }
 
 
 void
-test_CorrectAuthenticatedPacketMD5(void) {
+test_CorrectAuthenticatedPacketMD5(void)
+{
 	PrepareAuthenticationTestMD5(10, 15, "123456789abcdef");
 	TEST_ASSERT_TRUE(ENABLED_OPT(AUTHENTICATION));
 
 	int pkt_len = LEN_PKT_NOMAC;
 
-	// Prepare the packet.
+	/* Prepare the packet. */
 	testpkt.exten[0] = htonl(10);
-	int mac_len = make_mac((char*)&testpkt, pkt_len,
-						   MAX_MD5_LEN, key_ptr,
-						   (char*)&testpkt.exten[1]);
+	int mac_len = make_mac(&testpkt, pkt_len,
+			       MAX_MD5_LEN, key_ptr,
+			       &testpkt.exten[1]);
 
 	pkt_len += 4 + mac_len;
 
 	TEST_ASSERT_EQUAL(pkt_len,
 			  process_pkt(&testpkt, &testsock, pkt_len,
-						  MODE_SERVER, &testspkt, "UnitTest"));
-
+				      MODE_SERVER, &testspkt, "UnitTest"));
 }
 
 
 void
-test_CorrectAuthenticatedPacketSHA1(void) {
+test_CorrectAuthenticatedPacketSHA1(void)
+{
 	PrepareAuthenticationTest(20, 15, "SHA1", "abcdefghijklmno");
 	TEST_ASSERT_TRUE(ENABLED_OPT(AUTHENTICATION));
 
 	int pkt_len = LEN_PKT_NOMAC;
 
-	// Prepare the packet.
+	/* Prepare the packet. */
 	testpkt.exten[0] = htonl(20);
-	int mac_len = make_mac((char*)&testpkt, pkt_len,
-						   MAX_MAC_LEN, key_ptr,
-						   (char*)&testpkt.exten[1]);
+	int mac_len = make_mac(&testpkt, pkt_len,
+			       MAX_MAC_LEN, key_ptr,
+			       &testpkt.exten[1]);
 
 	pkt_len += 4 + mac_len;
 
 	TEST_ASSERT_EQUAL(pkt_len,
 			  process_pkt(&testpkt, &testsock, pkt_len,
-						  MODE_SERVER, &testspkt, "UnitTest"));
+				      MODE_SERVER, &testspkt, "UnitTest"));
 }
diff --git a/contrib/ntp/sntp/tests/run-packetProcessing.c b/contrib/ntp/sntp/tests/run-packetProcessing.c
index bf3a63e..ad02b7a 100644
--- a/contrib/ntp/sntp/tests/run-packetProcessing.c
+++ b/contrib/ntp/sntp/tests/run-packetProcessing.c
@@ -66,24 +66,24 @@ int main(int argc, char *argv[])
 {
   progname = argv[0];
   UnityBegin("packetProcessing.c");
-  RUN_TEST(test_TooShortLength, 19);
-  RUN_TEST(test_LengthNotMultipleOfFour, 20);
-  RUN_TEST(test_TooShortExtensionFieldLength, 21);
-  RUN_TEST(test_UnauthenticatedPacketReject, 22);
-  RUN_TEST(test_CryptoNAKPacketReject, 23);
-  RUN_TEST(test_AuthenticatedPacketInvalid, 24);
-  RUN_TEST(test_AuthenticatedPacketUnknownKey, 25);
-  RUN_TEST(test_ServerVersionTooOld, 26);
-  RUN_TEST(test_ServerVersionTooNew, 27);
-  RUN_TEST(test_NonWantedMode, 28);
-  RUN_TEST(test_KoDRate, 29);
-  RUN_TEST(test_KoDDeny, 30);
-  RUN_TEST(test_RejectUnsyncedServer, 31);
-  RUN_TEST(test_RejectWrongResponseServerMode, 32);
-  RUN_TEST(test_AcceptNoSentPacketBroadcastMode, 33);
-  RUN_TEST(test_CorrectUnauthenticatedPacket, 34);
-  RUN_TEST(test_CorrectAuthenticatedPacketMD5, 35);
-  RUN_TEST(test_CorrectAuthenticatedPacketSHA1, 36);
+  RUN_TEST(test_TooShortLength, 25);
+  RUN_TEST(test_LengthNotMultipleOfFour, 26);
+  RUN_TEST(test_TooShortExtensionFieldLength, 27);
+  RUN_TEST(test_UnauthenticatedPacketReject, 28);
+  RUN_TEST(test_CryptoNAKPacketReject, 29);
+  RUN_TEST(test_AuthenticatedPacketInvalid, 30);
+  RUN_TEST(test_AuthenticatedPacketUnknownKey, 31);
+  RUN_TEST(test_ServerVersionTooOld, 32);
+  RUN_TEST(test_ServerVersionTooNew, 33);
+  RUN_TEST(test_NonWantedMode, 34);
+  RUN_TEST(test_KoDRate, 35);
+  RUN_TEST(test_KoDDeny, 36);
+  RUN_TEST(test_RejectUnsyncedServer, 37);
+  RUN_TEST(test_RejectWrongResponseServerMode, 38);
+  RUN_TEST(test_AcceptNoSentPacketBroadcastMode, 39);
+  RUN_TEST(test_CorrectUnauthenticatedPacket, 40);
+  RUN_TEST(test_CorrectAuthenticatedPacketMD5, 41);
+  RUN_TEST(test_CorrectAuthenticatedPacketSHA1, 42);
 
   return (UnityEnd());
 }
diff --git a/contrib/ntp/sntp/unity/unity_internals.h b/contrib/ntp/sntp/unity/unity_internals.h
index bf1bf3d..f1cc400 100644
--- a/contrib/ntp/sntp/unity/unity_internals.h
+++ b/contrib/ntp/sntp/unity/unity_internals.h
@@ -614,7 +614,7 @@ extern const char UnityStrErr64[];
 
 #define UNITY_TEST_ASSERT_EQUAL_PTR(expected, actual, line, message)                             UnityAssertEqualNumber((_U_SINT)(_UP)(expected), (_U_SINT)(_UP)(actual), (message), (UNITY_LINE_TYPE)line, UNITY_DISPLAY_STYLE_POINTER)
 #define UNITY_TEST_ASSERT_EQUAL_STRING(expected, actual, line, message)                          UnityAssertEqualString((const char*)(expected), (const char*)(actual), (message), (UNITY_LINE_TYPE)line)
-#define UNITY_TEST_ASSERT_EQUAL_MEMORY(expected, actual, len, line, message)                     UnityAssertEqualMemory((UNITY_PTR_ATTRIBUTE void*)(expected), (UNITY_PTR_ATTRIBUTE void*)(actual), (_UU32)(len), 1, (message), (UNITY_LINE_TYPE)line)
+#define UNITY_TEST_ASSERT_EQUAL_MEMORY(expected, actual, len, line, message)                     UnityAssertEqualMemory((UNITY_PTR_ATTRIBUTE const void*)(expected), (UNITY_PTR_ATTRIBUTE const void*)(actual), (_UU32)(len), 1, (message), (UNITY_LINE_TYPE)line)
 
 #define UNITY_TEST_ASSERT_EQUAL_INT_ARRAY(expected, actual, num_elements, line, message)         UnityAssertEqualIntArray((UNITY_PTR_ATTRIBUTE const void*)(expected), (UNITY_PTR_ATTRIBUTE const void*)(actual), (_UU32)(num_elements), (message), (UNITY_LINE_TYPE)line, UNITY_DISPLAY_STYLE_INT)
 #define UNITY_TEST_ASSERT_EQUAL_INT8_ARRAY(expected, actual, num_elements, line, message)        UnityAssertEqualIntArray((UNITY_PTR_ATTRIBUTE const void*)(expected), (UNITY_PTR_ATTRIBUTE const void*)(actual), (_UU32)(num_elements), (message), (UNITY_LINE_TYPE)line, UNITY_DISPLAY_STYLE_INT8)
diff --git a/contrib/ntp/sntp/version.c b/contrib/ntp/sntp/version.c
index eb0e92b..762eeb7 100644
--- a/contrib/ntp/sntp/version.c
+++ b/contrib/ntp/sntp/version.c
@@ -2,4 +2,4 @@
  * version file for sntp
  */
 #include <config.h>
-const char * Version = "sntp 4.2.8p4@1.3265-o Thu Jan  7 23:23:18 UTC 2016 (26)";
+const char * Version = "sntp 4.2.8p5@1.3265-o Wed Jan 20 09:06:36 UTC 2016 (27)";
diff --git a/contrib/ntp/tests/libntp/authkeys.c b/contrib/ntp/tests/libntp/authkeys.c
index 2ddbce5..fd11ef6 100644
--- a/contrib/ntp/tests/libntp/authkeys.c
+++ b/contrib/ntp/tests/libntp/authkeys.c
@@ -13,6 +13,7 @@
 # include "openssl/rand.h"
 # include "openssl/evp.h"
 #endif
+#include <limits.h>
 
 u_long current_time = 4;
 int counter = 0;
@@ -27,6 +28,7 @@ void test_HaveKeyCorrect(void);
 void test_HaveKeyIncorrect(void);
 void test_AddWithAuthUseKey(void);
 void test_EmptyKey(void);
+void test_auth_log2(void);
 
 
 void
@@ -70,7 +72,7 @@ AddTrustedKey(keyid_t keyno)
 	 * We need to add a MD5-key in addition to setting the
 	 * trust, because authhavekey() requires type != 0.
 	 */
-	MD5auth_setkey(keyno, KEYTYPE, NULL, 0);
+	MD5auth_setkey(keyno, KEYTYPE, NULL, 0, NULL);
 
 	authtrust(keyno, TRUE);
 
@@ -158,3 +160,39 @@ test_EmptyKey(void)
 
 	return;
 }
+
+/* test the implementation of 'auth_log2' -- use a local copy of the code */
+
+static u_short
+auth_log2(
+	size_t x)
+{
+	int	s;
+	int	r = 0;
+	size_t  m = ~(size_t)0;
+
+	for (s = sizeof(size_t) / 2 * CHAR_BIT; s != 0; s >>= 1) {
+		m <<= s;
+		if (x & m)
+			r += s;
+		else
+			x <<= s;
+	}
+	return (u_short)r;
+}
+
+void
+test_auth_log2(void)
+{
+	int	l2;
+	size_t	tv;
+	
+	TEST_ASSERT_EQUAL_INT(0, auth_log2(0));
+	TEST_ASSERT_EQUAL_INT(0, auth_log2(1));
+	for (l2 = 1; l2 < sizeof(size_t)*CHAR_BIT; ++l2) {
+		tv = (size_t)1 << l2;
+		TEST_ASSERT_EQUAL_INT(l2, auth_log2(   tv   ));
+		TEST_ASSERT_EQUAL_INT(l2, auth_log2( tv + 1 ));
+		TEST_ASSERT_EQUAL_INT(l2, auth_log2(2*tv - 1));
+	}
+}
diff --git a/contrib/ntp/tests/libntp/decodenetnum.c b/contrib/ntp/tests/libntp/decodenetnum.c
index 0d2b0b5..64980fc 100644
--- a/contrib/ntp/tests/libntp/decodenetnum.c
+++ b/contrib/ntp/tests/libntp/decodenetnum.c
@@ -7,25 +7,30 @@
 void setUp(void);
 extern void test_IPv4AddressOnly(void);
 extern void test_IPv4AddressWithPort(void);
-//#ifdef ISC_PLATFORM_HAVEIPV6
 extern void test_IPv6AddressOnly(void);
 extern void test_IPv6AddressWithPort(void);
-//#endif /* ISC_PLATFORM_HAVEIPV6 */
 extern void test_IllegalAddress(void);
 extern void test_IllegalCharInPort(void);
 
-
+/*
+ * NOTE: The IPv6 specific tests are reduced to stubs when IPv6 is
+ * disabled.
+ *
+ * ISC_PLATFORM_HAVEIPV6 checks if system has IPV6 capabilies. WANTIPV6
+ * ISC_PLATFORM_WANTIPV6 can be changed with build --disable-ipv6.
+ *
+ * If we want IPv6 but don't have it, the tests should fail, I think.
+ */
 void
 setUp(void)
 {
 	init_lib();
-
-	return;
 }
 
 
 void
-test_IPv4AddressOnly(void) {
+test_IPv4AddressOnly(void)
+{
 	const char *str = "192.0.2.1";
 	sockaddr_u actual;
 
@@ -39,7 +44,8 @@ test_IPv4AddressOnly(void) {
 }
 
 void
-test_IPv4AddressWithPort(void) {
+test_IPv4AddressWithPort(void)
+{
 	const char *str = "192.0.2.2:2000";
 	sockaddr_u actual;
 
@@ -54,15 +60,15 @@ test_IPv4AddressWithPort(void) {
 
 
 void
-test_IPv6AddressOnly(void) {
-
-//#ifdef ISC_PLATFORM_HAVEIPV6 //looks like HAVEIPV6 checks if system has IPV6 capabilies. WANTIPV6 can be changed with build --disable-ipv6
+test_IPv6AddressOnly(void)
+{
 #ifdef ISC_PLATFORM_WANTIPV6
+
 	const struct in6_addr address = {
 		0x20, 0x01, 0x0d, 0xb8,
-        0x85, 0xa3, 0x08, 0xd3,
-        0x13, 0x19, 0x8a, 0x2e,
-        0x03, 0x70, 0x73, 0x34
+		0x85, 0xa3, 0x08, 0xd3,
+		0x13, 0x19, 0x8a, 0x2e,
+		0x03, 0x70, 0x73, 0x34
 	};
 
 	const char *str = "2001:0db8:85a3:08d3:1319:8a2e:0370:7334";
@@ -77,24 +83,23 @@ test_IPv6AddressOnly(void) {
 	TEST_ASSERT_TRUE(IsEqual(expected, actual));
 
 #else
+	
 	TEST_IGNORE_MESSAGE("IPV6 disabled in build, skipping.");
+	
 #endif /* ISC_PLATFORM_HAVEIPV6 */
-
-
 }
 
 
-
 void
-test_IPv6AddressWithPort(void) {
-
+test_IPv6AddressWithPort(void)
+{
 #ifdef ISC_PLATFORM_WANTIPV6
 
 	const struct in6_addr address = {
 		0x20, 0x01, 0x0d, 0xb8,
-        0x85, 0xa3, 0x08, 0xd3,
-        0x13, 0x19, 0x8a, 0x2e,
-        0x03, 0x70, 0x73, 0x34
+		0x85, 0xa3, 0x08, 0xd3,
+		0x13, 0x19, 0x8a, 0x2e,
+		0x03, 0x70, 0x73, 0x34
 	};
 
 	const char *str = "[2001:0db8:85a3:08d3:1319:8a2e:0370:7334]:3000";
@@ -109,21 +114,26 @@ test_IPv6AddressWithPort(void) {
 	TEST_ASSERT_TRUE(IsEqual(expected, actual));
 
 #else
+	
 	TEST_IGNORE_MESSAGE("IPV6 disabled in build, skipping.");
+	
 #endif /* ISC_PLATFORM_HAVEIPV6 */
 }
 
 
 void
-test_IllegalAddress(void) {
+test_IllegalAddress(void)
+{
 	const char *str = "192.0.2.270:2000";
 	sockaddr_u actual;
 
 	TEST_ASSERT_FALSE(decodenetnum(str, &actual));
 }
 
+
 void
-test_IllegalCharInPort(void) {
+test_IllegalCharInPort(void)
+{
 	/* An illegal port does not make the decodenetnum fail, but instead
 	 * makes it use the standard port.
 	 */
diff --git a/contrib/ntp/tests/libntp/run-authkeys.c b/contrib/ntp/tests/libntp/run-authkeys.c
index 6a2b670..cc91876 100644
--- a/contrib/ntp/tests/libntp/run-authkeys.c
+++ b/contrib/ntp/tests/libntp/run-authkeys.c
@@ -26,6 +26,7 @@
 #include "ntp.h"
 #include "ntp_stdlib.h"
 #include "ntp_calendar.h"
+#include <limits.h>
 
 //=======External Functions This Runner Calls=====
 extern void setUp(void);
@@ -36,6 +37,7 @@ extern void test_HaveKeyCorrect(void);
 extern void test_HaveKeyIncorrect(void);
 extern void test_AddWithAuthUseKey(void);
 extern void test_EmptyKey(void);
+extern void test_auth_log2(void);
 
 
 //=======Test Reset Option=====
@@ -54,12 +56,13 @@ int main(int argc, char *argv[])
 {
   progname = argv[0];
   UnityBegin("authkeys.c");
-  RUN_TEST(test_AddTrustedKeys, 24);
-  RUN_TEST(test_AddUntrustedKey, 25);
-  RUN_TEST(test_HaveKeyCorrect, 26);
-  RUN_TEST(test_HaveKeyIncorrect, 27);
-  RUN_TEST(test_AddWithAuthUseKey, 28);
-  RUN_TEST(test_EmptyKey, 29);
+  RUN_TEST(test_AddTrustedKeys, 25);
+  RUN_TEST(test_AddUntrustedKey, 26);
+  RUN_TEST(test_HaveKeyCorrect, 27);
+  RUN_TEST(test_HaveKeyIncorrect, 28);
+  RUN_TEST(test_AddWithAuthUseKey, 29);
+  RUN_TEST(test_EmptyKey, 30);
+  RUN_TEST(test_auth_log2, 31);
 
   return (UnityEnd());
 }
diff --git a/contrib/ntp/tests/libntp/run-decodenetnum.c b/contrib/ntp/tests/libntp/run-decodenetnum.c
index 57b955c..d41f93e 100644
--- a/contrib/ntp/tests/libntp/run-decodenetnum.c
+++ b/contrib/ntp/tests/libntp/run-decodenetnum.c
@@ -55,10 +55,10 @@ int main(int argc, char *argv[])
   UnityBegin("decodenetnum.c");
   RUN_TEST(test_IPv4AddressOnly, 8);
   RUN_TEST(test_IPv4AddressWithPort, 9);
-  RUN_TEST(test_IPv6AddressOnly, 11);
-  RUN_TEST(test_IPv6AddressWithPort, 12);
-  RUN_TEST(test_IllegalAddress, 14);
-  RUN_TEST(test_IllegalCharInPort, 15);
+  RUN_TEST(test_IPv6AddressOnly, 10);
+  RUN_TEST(test_IPv6AddressWithPort, 11);
+  RUN_TEST(test_IllegalAddress, 12);
+  RUN_TEST(test_IllegalCharInPort, 13);
 
   return (UnityEnd());
 }
diff --git a/contrib/ntp/tests/libntp/run-socktoa.c b/contrib/ntp/tests/libntp/run-socktoa.c
index df6ec9c..bde07ed 100644
--- a/contrib/ntp/tests/libntp/run-socktoa.c
+++ b/contrib/ntp/tests/libntp/run-socktoa.c
@@ -55,11 +55,11 @@ int main(int argc, char *argv[])
   progname = argv[0];
   UnityBegin("socktoa.c");
   RUN_TEST(test_IPv4AddressWithPort, 11);
-  RUN_TEST(test_IPv6AddressWithPort, 13);
-  RUN_TEST(test_IgnoreIPv6Fields, 14);
-  RUN_TEST(test_ScopedIPv6AddressWithPort, 16);
-  RUN_TEST(test_HashEqual, 17);
-  RUN_TEST(test_HashNotEqual, 18);
+  RUN_TEST(test_IPv6AddressWithPort, 12);
+  RUN_TEST(test_IgnoreIPv6Fields, 13);
+  RUN_TEST(test_ScopedIPv6AddressWithPort, 14);
+  RUN_TEST(test_HashEqual, 15);
+  RUN_TEST(test_HashNotEqual, 16);
 
   return (UnityEnd());
 }
diff --git a/contrib/ntp/tests/libntp/socktoa.c b/contrib/ntp/tests/libntp/socktoa.c
index 8423106..e9be182 100644
--- a/contrib/ntp/tests/libntp/socktoa.c
+++ b/contrib/ntp/tests/libntp/socktoa.c
@@ -9,10 +9,8 @@
 
 void setUp(void);
 void test_IPv4AddressWithPort(void);
-//#ifdef ISC_PLATFORM_HAVEIPV6
 void test_IPv6AddressWithPort(void);
 void test_IgnoreIPv6Fields(void);
-//#endif /* ISC_PLATFORM_HAVEIPV6 */
 void test_ScopedIPv6AddressWithPort(void);
 void test_HashEqual(void);
 void test_HashNotEqual(void);
@@ -22,13 +20,12 @@ void
 setUp(void)
 {
 	init_lib();
-
-	return;
 }
 
 
 void 
-test_IPv4AddressWithPort(void) {
+test_IPv4AddressWithPort(void)
+{
 	sockaddr_u input = CreateSockaddr4("192.0.2.10", 123);
 
 	TEST_ASSERT_EQUAL_STRING("192.0.2.10", socktoa(&input));
@@ -37,8 +34,8 @@ test_IPv4AddressWithPort(void) {
 
 
 void 
-test_IPv6AddressWithPort(void) {
-
+test_IPv6AddressWithPort(void)
+{
 #ifdef ISC_PLATFORM_WANTIPV6
 
 	const struct in6_addr address = {
@@ -63,16 +60,18 @@ test_IPv6AddressWithPort(void) {
 	TEST_ASSERT_EQUAL_STRING(expected_port, sockporttoa(&input));
 
 #else
+
 	TEST_IGNORE_MESSAGE("IPV6 disabled in build, skipping.");
 
 #endif /* ISC_PLATFORM_HAVEIPV6 */
-
 }
 
 
 void 
-test_ScopedIPv6AddressWithPort(void) {
+test_ScopedIPv6AddressWithPort(void)
+{
 #ifdef ISC_PLATFORM_HAVESCOPEID
+    
 	const struct in6_addr address = { { {
 		0xfe, 0x80, 0x00, 0x00,
 		0x00, 0x00, 0x00, 0x00,
@@ -95,12 +94,16 @@ test_ScopedIPv6AddressWithPort(void) {
 	TEST_ASSERT_EQUAL_STRING(expected, socktoa(&input));
 	TEST_ASSERT_EQUAL_STRING(expected_port, sockporttoa(&input));
 #else
+	
 	TEST_IGNORE_MESSAGE("Skipping because ISC_PLATFORM does not have Scope ID");
+	
 #endif
 }
 
+
 void 
-test_HashEqual(void) {
+test_HashEqual(void)
+{
 	sockaddr_u input1 = CreateSockaddr4("192.00.2.2", 123);
 	sockaddr_u input2 = CreateSockaddr4("192.0.2.2", 123);
 
@@ -108,8 +111,10 @@ test_HashEqual(void) {
 	TEST_ASSERT_EQUAL(sock_hash(&input1), sock_hash(&input2));
 }
 
+
 void 
-test_HashNotEqual(void) {
+test_HashNotEqual(void)
+{
 	/* These two addresses should not generate the same hash. */
 	sockaddr_u input1 = CreateSockaddr4("192.0.2.1", 123);
 	sockaddr_u input2 = CreateSockaddr4("192.0.2.2", 123);
@@ -120,15 +125,15 @@ test_HashNotEqual(void) {
 
 
 void 
-test_IgnoreIPv6Fields(void) {
-
+test_IgnoreIPv6Fields(void)
+{
 #ifdef ISC_PLATFORM_WANTIPV6
 
 	const struct in6_addr address = {
 		0x20, 0x01, 0x0d, 0xb8,
-        0x85, 0xa3, 0x08, 0xd3, 
-        0x13, 0x19, 0x8a, 0x2e,
-        0x03, 0x70, 0x73, 0x34
+		0x85, 0xa3, 0x08, 0xd3, 
+		0x13, 0x19, 0x8a, 0x2e,
+		0x03, 0x70, 0x73, 0x34
 	};
 
 	sockaddr_u input1, input2;
@@ -146,7 +151,8 @@ test_IgnoreIPv6Fields(void) {
 	TEST_ASSERT_EQUAL(sock_hash(&input1), sock_hash(&input2));
 
 #else
+
 	TEST_IGNORE_MESSAGE("IPV6 disabled in build, skipping.");
+
 #endif /* ISC_PLATFORM_HAVEIPV6 */
 }
-
diff --git a/contrib/ntp/tests/ntpd/t-ntp_signd.c b/contrib/ntp/tests/ntpd/t-ntp_signd.c
index 534c940..40e7ac0 100644
--- a/contrib/ntp/tests/ntpd/t-ntp_signd.c
+++ b/contrib/ntp/tests/ntpd/t-ntp_signd.c
@@ -139,6 +139,7 @@ test_send_packet(void)
 void
 test_recv_packet(void)
 {
+#if 0
 	int fd = ux_socket_connect("/socket");
 
 	TEST_ASSERT_TRUE(isGE(fd, 0));
@@ -152,6 +153,9 @@ test_recv_packet(void)
 	TEST_ASSERT_EQUAL(0,temp); //0 because nobody sent us anything (yet!)
 
 	(void)close(fd);
+#else
+	TEST_IGNORE_MESSAGE("test_recv_packet() needs work");
+#endif
 	return;
 }
 
diff --git a/contrib/ntp/util/invoke-ntp-keygen.texi b/contrib/ntp/util/invoke-ntp-keygen.texi
index 36a1a42..f152453 100644
--- a/contrib/ntp/util/invoke-ntp-keygen.texi
+++ b/contrib/ntp/util/invoke-ntp-keygen.texi
@@ -6,7 +6,7 @@
 #
 # EDIT THIS FILE WITH CAUTION  (invoke-ntp-keygen.texi)
 #
-# It has been AutoGen-ed  January  7, 2016 at 11:32:40 PM by AutoGen 5.18.5
+# It has been AutoGen-ed  January 20, 2016 at 04:19:48 AM by AutoGen 5.18.5
 # From the definitions    ntp-keygen-opts.def
 # and the template file   agtexi-cmd.tpl
 @end ignore
@@ -886,7 +886,7 @@ with a status code of 0.
 
 @exampleindent 0
 @example
-ntp-keygen (ntp) - Create a NTP host key - Ver. 4.2.8p5
+ntp-keygen (ntp) - Create a NTP host key - Ver. 4.2.8p6
 Usage:  ntp-keygen [ -<flag> [<val>] | --<name>[@{=| @}<val>] ]...
   Flg Arg Option-Name    Description
    -b Num imbits         identity modulus bits
diff --git a/contrib/ntp/util/ntp-keygen-opts.c b/contrib/ntp/util/ntp-keygen-opts.c
index f41bff4..ee4f440 100644
--- a/contrib/ntp/util/ntp-keygen-opts.c
+++ b/contrib/ntp/util/ntp-keygen-opts.c
@@ -1,7 +1,7 @@
 /*
  *  EDIT THIS FILE WITH CAUTION  (ntp-keygen-opts.c)
  *
- *  It has been AutoGen-ed  January  7, 2016 at 11:32:25 PM by AutoGen 5.18.5
+ *  It has been AutoGen-ed  January 20, 2016 at 04:19:33 AM by AutoGen 5.18.5
  *  From the definitions    ntp-keygen-opts.def
  *  and the template file   options
  *
@@ -18,7 +18,7 @@
  * The ntp-keygen program is copyrighted and licensed
  * under the following terms:
  *
- *  Copyright (C) 1992-2015 The University of Delaware and Network Time Foundation, all rights reserved.
+ *  Copyright (C) 1992-2016 The University of Delaware and Network Time Foundation, all rights reserved.
  *  This is free software. It is licensed for use, modification and
  *  redistribution under the terms of the NTP License, copies of which
  *  can be seen at:
@@ -72,8 +72,8 @@ extern FILE * option_usage_fp;
  *  static const strings for ntp-keygen options
  */
 static char const ntp_keygen_opt_strs[2419] =
-/*     0 */ "ntp-keygen (ntp) 4.2.8p5\n"
-            "Copyright (C) 1992-2015 The University of Delaware and Network Time Foundation, all rights reserved.\n"
+/*     0 */ "ntp-keygen (ntp) 4.2.8p6\n"
+            "Copyright (C) 1992-2016 The University of Delaware and Network Time Foundation, all rights reserved.\n"
             "This is free software. It is licensed for use, modification and\n"
             "redistribution under the terms of the NTP License, copies of which\n"
             "can be seen at:\n"
@@ -164,14 +164,14 @@ static char const ntp_keygen_opt_strs[2419] =
 /*  2202 */ "no-load-opts\0"
 /*  2215 */ "no\0"
 /*  2218 */ "NTP_KEYGEN\0"
-/*  2229 */ "ntp-keygen (ntp) - Create a NTP host key - Ver. 4.2.8p5\n"
+/*  2229 */ "ntp-keygen (ntp) - Create a NTP host key - Ver. 4.2.8p6\n"
             "Usage:  %s [ -<flag> [<val>] | --<name>[{=| }<val>] ]...\n\0"
 /*  2343 */ "$HOME\0"
 /*  2349 */ ".\0"
 /*  2351 */ ".ntprc\0"
 /*  2358 */ "http://bugs.ntp.org, bugs@ntp.org\0"
 /*  2392 */ "\n\0"
-/*  2394 */ "ntp-keygen (ntp) 4.2.8p5";
+/*  2394 */ "ntp-keygen (ntp) 4.2.8p6";
 
 /**
  *  imbits option description:
@@ -1309,8 +1309,8 @@ static void bogus_function(void) {
      translate option names.
    */
   /* referenced via ntp_keygenOptions.pzCopyright */
-  puts(_("ntp-keygen (ntp) 4.2.8p5\n\
-Copyright (C) 1992-2015 The University of Delaware and Network Time Foundation, all rights reserved.\n\
+  puts(_("ntp-keygen (ntp) 4.2.8p6\n\
+Copyright (C) 1992-2016 The University of Delaware and Network Time Foundation, all rights reserved.\n\
 This is free software. It is licensed for use, modification and\n\
 redistribution under the terms of the NTP License, copies of which\n\
 can be seen at:\n"));
@@ -1408,14 +1408,14 @@ implied warranty.\n"));
   puts(_("load options from a config file"));
 
   /* referenced via ntp_keygenOptions.pzUsageTitle */
-  puts(_("ntp-keygen (ntp) - Create a NTP host key - Ver. 4.2.8p5\n\
+  puts(_("ntp-keygen (ntp) - Create a NTP host key - Ver. 4.2.8p6\n\
 Usage:  %s [ -<flag> [<val>] | --<name>[{=| }<val>] ]...\n"));
 
   /* referenced via ntp_keygenOptions.pzExplain */
   puts(_("\n"));
 
   /* referenced via ntp_keygenOptions.pzFullVersion */
-  puts(_("ntp-keygen (ntp) 4.2.8p5"));
+  puts(_("ntp-keygen (ntp) 4.2.8p6"));
 
   /* referenced via ntp_keygenOptions.pzFullUsage */
   puts(_("<<<NOT-FOUND>>>"));
diff --git a/contrib/ntp/util/ntp-keygen-opts.h b/contrib/ntp/util/ntp-keygen-opts.h
index 1205494..35e507f 100644
--- a/contrib/ntp/util/ntp-keygen-opts.h
+++ b/contrib/ntp/util/ntp-keygen-opts.h
@@ -1,7 +1,7 @@
 /*
  *  EDIT THIS FILE WITH CAUTION  (ntp-keygen-opts.h)
  *
- *  It has been AutoGen-ed  January  7, 2016 at 11:32:24 PM by AutoGen 5.18.5
+ *  It has been AutoGen-ed  January 20, 2016 at 04:19:32 AM by AutoGen 5.18.5
  *  From the definitions    ntp-keygen-opts.def
  *  and the template file   options
  *
@@ -18,7 +18,7 @@
  * The ntp-keygen program is copyrighted and licensed
  * under the following terms:
  *
- *  Copyright (C) 1992-2015 The University of Delaware and Network Time Foundation, all rights reserved.
+ *  Copyright (C) 1992-2016 The University of Delaware and Network Time Foundation, all rights reserved.
  *  This is free software. It is licensed for use, modification and
  *  redistribution under the terms of the NTP License, copies of which
  *  can be seen at:
@@ -94,9 +94,9 @@ typedef enum {
 /** count of all options for ntp-keygen */
 #define OPTION_CT    26
 /** ntp-keygen version */
-#define NTP_KEYGEN_VERSION       "4.2.8p5"
+#define NTP_KEYGEN_VERSION       "4.2.8p6"
 /** Full ntp-keygen version text */
-#define NTP_KEYGEN_FULL_VERSION  "ntp-keygen (ntp) 4.2.8p5"
+#define NTP_KEYGEN_FULL_VERSION  "ntp-keygen (ntp) 4.2.8p6"
 
 /**
  *  Interface defines for all options.  Replace "n" with the UPPER_CASED
diff --git a/contrib/ntp/util/ntp-keygen.1ntp-keygenman b/contrib/ntp/util/ntp-keygen.1ntp-keygenman
index 195e3d2..7bd53bc 100644
--- a/contrib/ntp/util/ntp-keygen.1ntp-keygenman
+++ b/contrib/ntp/util/ntp-keygen.1ntp-keygenman
@@ -10,11 +10,11 @@
 .ds B-Font B
 .ds I-Font I
 .ds R-Font R
-.TH ntp-keygen 1ntp-keygenman "07 Jan 2016" "ntp (4.2.8p5)" "User Commands"
+.TH ntp-keygen 1ntp-keygenman "20 Jan 2016" "ntp (4.2.8p6)" "User Commands"
 .\"
-.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-LNaiiw/ag-XNaahw)
+.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-Dua4pY/ag-PuaWoY)
 .\"
-.\" It has been AutoGen-ed January 7, 2016 at 11:32:36 PM by AutoGen 5.18.5
+.\" It has been AutoGen-ed January 20, 2016 at 04:19:44 AM by AutoGen 5.18.5
 .\" From the definitions ntp-keygen-opts.def
 .\" and the template file agman-cmd.tpl
 .SH NAME
@@ -1197,7 +1197,7 @@ it to autogen-users@lists.sourceforge.net.  Thank you.
 .SH "AUTHORS"
 The University of Delaware and Network Time Foundation
 .SH "COPYRIGHT"
-Copyright (C) 1992-2015 The University of Delaware and Network Time Foundation all rights reserved.
+Copyright (C) 1992-2016 The University of Delaware and Network Time Foundation all rights reserved.
 This program is released under the terms of the NTP license, <http://ntp.org/license>.
 .SH BUGS
 It can take quite a while to generate some cryptographic values,
diff --git a/contrib/ntp/util/ntp-keygen.1ntp-keygenmdoc b/contrib/ntp/util/ntp-keygen.1ntp-keygenmdoc
index 18c38fb..1c69520 100644
--- a/contrib/ntp/util/ntp-keygen.1ntp-keygenmdoc
+++ b/contrib/ntp/util/ntp-keygen.1ntp-keygenmdoc
@@ -1,9 +1,9 @@
-.Dd January 7 2016
+.Dd January 20 2016
 .Dt NTP_KEYGEN 1ntp-keygenmdoc User Commands
 .Os
 .\"  EDIT THIS FILE WITH CAUTION  (ntp-keygen-opts.mdoc)
 .\"
-.\"  It has been AutoGen-ed  January  7, 2016 at 11:32:43 PM by AutoGen 5.18.5
+.\"  It has been AutoGen-ed  January 20, 2016 at 04:19:51 AM by AutoGen 5.18.5
 .\"  From the definitions    ntp-keygen-opts.def
 .\"  and the template file   agmdoc-cmd.tpl
 .Sh NAME
@@ -1053,7 +1053,7 @@ it to autogen\-users@lists.sourceforge.net.  Thank you.
 .Sh "AUTHORS"
 The University of Delaware and Network Time Foundation
 .Sh "COPYRIGHT"
-Copyright (C) 1992\-2015 The University of Delaware and Network Time Foundation all rights reserved.
+Copyright (C) 1992\-2016 The University of Delaware and Network Time Foundation all rights reserved.
 This program is released under the terms of the NTP license, <http://ntp.org/license>.
 .Sh BUGS
 It can take quite a while to generate some cryptographic values,
diff --git a/contrib/ntp/util/ntp-keygen.html b/contrib/ntp/util/ntp-keygen.html
index f7a6073..76a7c09 100644
--- a/contrib/ntp/util/ntp-keygen.html
+++ b/contrib/ntp/util/ntp-keygen.html
@@ -70,7 +70,7 @@ All other files are in PEM-encoded
 printable ASCII format so they can be embedded as MIME attachments in
 mail to other sites.
 
-  <p>This document applies to version 4.2.8p5 of <code>ntp-keygen</code>.
+  <p>This document applies to version 4.2.8p6 of <code>ntp-keygen</code>.
 
 <div class="node">
 <p><hr>
@@ -1085,7 +1085,7 @@ the usage text by passing it through a pager program.
 used to select the program, defaulting to <span class="file">more</span>.  Both will exit
 with a status code of 0.
 
-<pre class="example">ntp-keygen (ntp) - Create a NTP host key - Ver. 4.2.8p4
+<pre class="example">ntp-keygen (ntp) - Create a NTP host key - Ver. 4.2.8p5
 Usage:  ntp-keygen [ -&lt;flag&gt; [&lt;val&gt;] | --&lt;name&gt;[{=| }&lt;val&gt;] ]...
   Flg Arg Option-Name    Description
    -b Num imbits         identity modulus bits
diff --git a/contrib/ntp/util/ntp-keygen.man.in b/contrib/ntp/util/ntp-keygen.man.in
index c76c4df..b5a741d 100644
--- a/contrib/ntp/util/ntp-keygen.man.in
+++ b/contrib/ntp/util/ntp-keygen.man.in
@@ -10,11 +10,11 @@
 .ds B-Font B
 .ds I-Font I
 .ds R-Font R
-.TH ntp-keygen @NTP_KEYGEN_MS@ "07 Jan 2016" "ntp (4.2.8p5)" "User Commands"
+.TH ntp-keygen @NTP_KEYGEN_MS@ "20 Jan 2016" "ntp (4.2.8p6)" "User Commands"
 .\"
-.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-LNaiiw/ag-XNaahw)
+.\" EDIT THIS FILE WITH CAUTION (/tmp/.ag-Dua4pY/ag-PuaWoY)
 .\"
-.\" It has been AutoGen-ed January 7, 2016 at 11:32:36 PM by AutoGen 5.18.5
+.\" It has been AutoGen-ed January 20, 2016 at 04:19:44 AM by AutoGen 5.18.5
 .\" From the definitions ntp-keygen-opts.def
 .\" and the template file agman-cmd.tpl
 .SH NAME
@@ -1197,7 +1197,7 @@ it to autogen-users@lists.sourceforge.net.  Thank you.
 .SH "AUTHORS"
 The University of Delaware and Network Time Foundation
 .SH "COPYRIGHT"
-Copyright (C) 1992-2015 The University of Delaware and Network Time Foundation all rights reserved.
+Copyright (C) 1992-2016 The University of Delaware and Network Time Foundation all rights reserved.
 This program is released under the terms of the NTP license, <http://ntp.org/license>.
 .SH BUGS
 It can take quite a while to generate some cryptographic values,
diff --git a/contrib/ntp/util/ntp-keygen.mdoc.in b/contrib/ntp/util/ntp-keygen.mdoc.in
index 9e6675b..37ecafb 100644
--- a/contrib/ntp/util/ntp-keygen.mdoc.in
+++ b/contrib/ntp/util/ntp-keygen.mdoc.in
@@ -1,9 +1,9 @@
-.Dd January 7 2016
+.Dd January 20 2016
 .Dt NTP_KEYGEN @NTP_KEYGEN_MS@ User Commands
 .Os
 .\"  EDIT THIS FILE WITH CAUTION  (ntp-keygen-opts.mdoc)
 .\"
-.\"  It has been AutoGen-ed  January  7, 2016 at 11:32:43 PM by AutoGen 5.18.5
+.\"  It has been AutoGen-ed  January 20, 2016 at 04:19:51 AM by AutoGen 5.18.5
 .\"  From the definitions    ntp-keygen-opts.def
 .\"  and the template file   agmdoc-cmd.tpl
 .Sh NAME
@@ -1053,7 +1053,7 @@ it to autogen\-users@lists.sourceforge.net.  Thank you.
 .Sh "AUTHORS"
 The University of Delaware and Network Time Foundation
 .Sh "COPYRIGHT"
-Copyright (C) 1992\-2015 The University of Delaware and Network Time Foundation all rights reserved.
+Copyright (C) 1992\-2016 The University of Delaware and Network Time Foundation all rights reserved.
 This program is released under the terms of the NTP license, <http://ntp.org/license>.
 .Sh BUGS
 It can take quite a while to generate some cryptographic values,
diff --git a/crypto/openssh/ChangeLog b/crypto/openssh/ChangeLog
index c63681f..35a1a76 100644
--- a/crypto/openssh/ChangeLog
+++ b/crypto/openssh/ChangeLog
@@ -1,3 +1,776 @@
+commit c88ac102f0eb89f2eaa314cb2e2e0ca3c890c443
+Author: Damien Miller <djm@mindrot.org>
+Date:   Thu Jan 14 11:08:19 2016 +1100
+
+    bump version numbers
+
+commit 302bc21e6fadacb04b665868cd69b625ef69df90
+Author: Damien Miller <djm@mindrot.org>
+Date:   Thu Jan 14 11:04:04 2016 +1100
+
+    openssh-7.1p2
+
+commit 6b33763242c063e4e0593877e835eeb1fd1b60aa
+Author: Damien Miller <djm@mindrot.org>
+Date:   Thu Jan 14 11:02:58 2016 +1100
+
+    forcibly disable roaming support in the client
+
+commit 34d364f0d2e1e30a444009f0e04299bb7c94ba13
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon Oct 5 17:11:21 2015 +0000
+
+    upstream commit
+    
+    some more bzero->explicit_bzero, from Michael McConville
+    
+    Upstream-ID: 17f19545685c33327db2efdc357c1c9225ff00d0
+
+commit 8f5b93026797b9f7fba90d0c717570421ccebbd3
+Author: guenther@openbsd.org <guenther@openbsd.org>
+Date:   Fri Sep 11 08:50:04 2015 +0000
+
+    upstream commit
+    
+    Use explicit_bzero() when zeroing before free()
+    
+    from Michael McConville (mmcconv1 (at) sccs.swarthmore.edu)
+    ok millert@ djm@
+    
+    Upstream-ID: 2e3337db046c3fe70c7369ee31515ac73ec00f50
+
+commit d77148e3a3ef6c29b26ec74331455394581aa257
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sun Nov 8 21:59:11 2015 +0000
+
+    upstream commit
+    
+    fix OOB read in packet code caused by missing return
+     statement found by Ben Hawkes; ok markus@ deraadt@
+    
+    Upstream-ID: a3e3a85434ebfa0690d4879091959591f30efc62
+
+commit 076d849e17ab12603627f87b301e2dca71bae518
+Author: Damien Miller <djm@mindrot.org>
+Date:   Sat Nov 14 18:44:49 2015 +1100
+
+    read back from libcrypto RAND when privdropping
+    
+    makes certain libcrypto implementations cache a /dev/urandom fd
+    in preparation of sandboxing. Based on patch by Greg Hartman.
+
+commit f72adc0150011a28f177617a8456e1f83733099d
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sun Dec 13 22:42:23 2015 +0000
+
+    upstream commit
+    
+    unbreak connections with peers that set
+     first_kex_follows; fix from Matt Johnston va bz#2515
+    
+    Upstream-ID: decc88ec4fc7515594fdb42b04aa03189a44184b
+
+commit 04bd8d019ccd906cac1a2b362517b8505f3759e6
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Tue Jan 12 23:42:54 2016 +0000
+
+    upstream commit
+    
+    use explicit_bzero() more liberally in the buffer code; ok
+     deraadt
+    
+    Upstream-ID: 0ece37069fd66bc6e4f55eb1321f93df372b65bf
+
+commit e91346dc2bbf460246df2ab591b7613908c1b0ad
+Author: Damien Miller <djm@mindrot.org>
+Date:   Fri Aug 21 14:49:03 2015 +1000
+
+    we don't use Github for issues/pull-requests
+
+commit a4f5b507c708cc3dc2c8dd2d02e4416d7514dc23
+Author: Damien Miller <djm@mindrot.org>
+Date:   Fri Aug 21 14:43:55 2015 +1000
+
+    fix URL for connect.c
+
+commit d026a8d3da0f8186598442997c7d0a28e7275414
+Author: Damien Miller <djm@mindrot.org>
+Date:   Fri Aug 21 13:47:10 2015 +1000
+
+    update version numbers for 7.1
+
+commit 78f8f589f0ca1c9f41e5a9bae3cda5ce8a6b42ed
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Aug 21 03:45:26 2015 +0000
+
+    upstream commit
+    
+    openssh-7.1
+    
+    Upstream-ID: ff7b1ef4b06caddfb45e08ba998128c88be3d73f
+
+commit 32a181980c62fce94f7f9ffaf6a79d90f0c309cf
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Aug 21 03:42:19 2015 +0000
+
+    upstream commit
+    
+    fix inverted logic that broke PermitRootLogin; reported
+     by Mantas Mikulenas; ok markus@
+    
+    Upstream-ID: 260dd6a904c1bb7e43267e394b1c9cf70bdd5ea5
+
+commit ce445b0ed927e45bd5bdce8f836eb353998dd65c
+Author: deraadt@openbsd.org <deraadt@openbsd.org>
+Date:   Thu Aug 20 22:32:42 2015 +0000
+
+    upstream commit
+    
+    Do not cast result of malloc/calloc/realloc* if stdlib.h
+     is in scope ok krw millert
+    
+    Upstream-ID: 5e50ded78cadf3841556649a16cc4b1cb6c58667
+
+commit 05291e5288704d1a98bacda269eb5a0153599146
+Author: naddy@openbsd.org <naddy@openbsd.org>
+Date:   Thu Aug 20 19:20:06 2015 +0000
+
+    upstream commit
+    
+    In the certificates section, be consistent about using
+     "host_key" and "user_key" for the respective key types.  ok sthen@ deraadt@
+    
+    Upstream-ID: 9e037ea3b15577b238604c5533e082a3947f13cb
+
+commit 8543d4ef6f2e9f98c3e6b77c894ceec30c5e4ae4
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Aug 19 23:21:42 2015 +0000
+
+    upstream commit
+    
+    Better compat matching for WinSCP, add compat matching
+     for FuTTY (fork of PuTTY); ok markus@ deraadt@
+    
+    Upstream-ID: 24001d1ac115fa3260fbdc329a4b9aeb283c5389
+
+commit ec6eda16ebab771aa3dfc90629b41953b999cb1e
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Aug 19 23:19:01 2015 +0000
+
+    upstream commit
+    
+    fix double-free() in error path of DSA key generation
+     reported by Mateusz Kocielski; ok markus@
+    
+    Upstream-ID: 4735d8f888b10599a935fa1b374787089116713c
+
+commit 45b0eb752c94954a6de046bfaaf129e518ad4b5b
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Aug 19 23:18:26 2015 +0000
+
+    upstream commit
+    
+    fix free() of uninitialised pointer reported by Mateusz
+     Kocielski; ok markus@
+    
+    Upstream-ID: 519552b050618501a06b7b023de5cb104e2c5663
+
+commit c837643b93509a3ef538cb6624b678c5fe32ff79
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Aug 19 23:17:51 2015 +0000
+
+    upstream commit
+    
+    fixed unlink([uninitialised memory]) reported by Mateusz
+     Kocielski; ok markus@
+    
+    Upstream-ID: 14a0c4e7d891f5a8dabc4b89d4f6b7c0d5a20109
+
+commit 1f8d3d629cd553031021068eb9c646a5f1e50994
+Author: jmc@openbsd.org <jmc@openbsd.org>
+Date:   Fri Aug 14 15:32:41 2015 +0000
+
+    upstream commit
+    
+    match myproposal.h order; from brian conway (i snuck in a
+     tweak while here)
+    
+    ok dtucker
+    
+    Upstream-ID: 35174a19b5237ea36aa3798f042bf5933b772c67
+
+commit 1dc8d93ce69d6565747eb44446ed117187621b26
+Author: deraadt@openbsd.org <deraadt@openbsd.org>
+Date:   Thu Aug 6 14:53:21 2015 +0000
+
+    upstream commit
+    
+    add prohibit-password as a synonymn for without-password,
+     since the without-password is causing too many questions.  Harden it to ban
+     all but pubkey, hostbased, and GSSAPI auth (when the latter is enabled) from
+     djm, ok markus
+    
+    Upstream-ID: d53317d7b28942153e6236d3fd6e12ceb482db7a
+
+commit 90a95a4745a531b62b81ce3b025e892bdc434de5
+Author: Damien Miller <djm@mindrot.org>
+Date:   Tue Aug 11 13:53:41 2015 +1000
+
+    update version in README
+
+commit 318c37743534b58124f1bab37a8a0087a3a9bd2f
+Author: Damien Miller <djm@mindrot.org>
+Date:   Tue Aug 11 13:53:09 2015 +1000
+
+    update versions in *.spec
+
+commit 5e75f5198769056089fb06c4d738ab0e5abc66f7
+Author: Damien Miller <djm@mindrot.org>
+Date:   Tue Aug 11 13:34:12 2015 +1000
+
+    set sshpam_ctxt to NULL after free
+    
+    Avoids use-after-free in monitor when privsep child is compromised.
+    Reported by Moritz Jodeit; ok dtucker@
+
+commit d4697fe9a28dab7255c60433e4dd23cf7fce8a8b
+Author: Damien Miller <djm@mindrot.org>
+Date:   Tue Aug 11 13:33:24 2015 +1000
+
+    Don't resend username to PAM; it already has it.
+    
+    Pointed out by Moritz Jodeit; ok dtucker@
+
+commit 88763a6c893bf3dfe951ba9271bf09715e8d91ca
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Mon Jul 27 12:14:25 2015 +1000
+
+    Import updated moduli file from OpenBSD.
+
+commit 55b263fb7cfeacb81aaf1c2036e0394c881637da
+Author: Damien Miller <djm@mindrot.org>
+Date:   Mon Aug 10 11:13:44 2015 +1000
+
+    let principals-command.sh work for noexec /var/run
+
+commit 2651e34cd11b1aac3a0fe23b86d8c2ff35c07897
+Author: Damien Miller <djm@mindrot.org>
+Date:   Thu Aug 6 11:43:42 2015 +1000
+
+    work around echo -n / sed behaviour in tests
+
+commit d85dad81778c1aa8106acd46930b25fdf0d15b2a
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Aug 5 05:27:33 2015 +0000
+
+    upstream commit
+    
+    adjust for RSA minimum modulus switch; ok deraadt@
+    
+    Upstream-Regress-ID: 5a72c83431b96224d583c573ca281cd3a3ebfdae
+
+commit 57e8e229bad5fe6056b5f1199665f5f7008192c6
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Tue Aug 4 05:23:06 2015 +0000
+
+    upstream commit
+    
+    backout SSH_RSA_MINIMUM_MODULUS_SIZE increase for this
+     release; problems spotted by sthen@ ok deraadt@ markus@
+    
+    Upstream-ID: d0bd60dde9e8c3cd7030007680371894c1499822
+
+commit f097d0ea1e0889ca0fa2e53a00214e43ab7fa22a
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sun Aug 2 09:56:42 2015 +0000
+
+    upstream commit
+    
+    openssh 7.0; ok deraadt@
+    
+    Upstream-ID: c63afdef537f57f28ae84145c5a8e29e9250221f
+
+commit 3d5728a0f6874ce4efb16913a12963595070f3a9
+Author: chris@openbsd.org <chris@openbsd.org>
+Date:   Fri Jul 31 15:38:09 2015 +0000
+
+    upstream commit
+    
+    Allow PermitRootLogin to be overridden by config
+    
+    ok markus@ deeradt@
+    
+    Upstream-ID: 5cf3e26ed702888de84e2dc9d0054ccf4d9125b4
+
+commit 6f941396b6835ad18018845f515b0c4fe20be21a
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Thu Jul 30 23:09:15 2015 +0000
+
+    upstream commit
+    
+    fix pty permissions; patch from Nikolay Edigaryev; ok
+     deraadt
+    
+    Upstream-ID: 40ff076d2878b916fbfd8e4f45dbe5bec019e550
+
+commit f4373ed1e8fbc7c8ce3fc4ea97d0ba2e0c1d7ef0
+Author: deraadt@openbsd.org <deraadt@openbsd.org>
+Date:   Thu Jul 30 19:23:02 2015 +0000
+
+    upstream commit
+    
+    change default: PermitRootLogin without-password matching
+     install script changes coming as well ok djm markus
+    
+    Upstream-ID: 0e2a6c4441daf5498b47a61767382bead5eb8ea6
+
+commit 0c30ba91f87fcda7e975e6ff8a057f624e87ea1c
+Author: Damien Miller <djm@mindrot.org>
+Date:   Thu Jul 30 12:31:39 2015 +1000
+
+    downgrade OOM adjustment logging: verbose -> debug
+
+commit f9eca249d4961f28ae4b09186d7dc91de74b5895
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Thu Jul 30 00:01:34 2015 +0000
+
+    upstream commit
+    
+    Allow ssh_config and sshd_config kex parameters options be
+     prefixed by a '+' to indicate that the specified items be appended to the
+     default rather than replacing it.
+    
+    approach suggested by dtucker@, feedback dlg@, ok markus@
+    
+    Upstream-ID: 0f901137298fc17095d5756ff1561a7028e8882a
+
+commit 5cefe769105a2a2e3ca7479d28d9a325d5ef0163
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Jul 29 08:34:54 2015 +0000
+
+    upstream commit
+    
+    fix bug in previous; was printing incorrect string for
+     failed host key algorithms negotiation
+    
+    Upstream-ID: 22c0dc6bc61930513065d92e11f0753adc4c6e6e
+
+commit f319912b0d0e1675b8bb051ed8213792c788bcb2
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Jul 29 04:43:06 2015 +0000
+
+    upstream commit
+    
+    include the peer's offer when logging a failure to
+     negotiate a mutual set of algorithms (kex, pubkey, ciphers, etc.) ok markus@
+    
+    Upstream-ID: bbb8caabf5c01790bb845f5ce135565248d7c796
+
+commit b6ea0e573042eb85d84defb19227c89eb74cf05a
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Tue Jul 28 23:20:42 2015 +0000
+
+    upstream commit
+    
+    add Cisco to the list of clients that choke on the
+     hostkeys update extension. Pointed out by Howard Kash
+    
+    Upstream-ID: c9eadde28ecec056c73d09ee10ba4570dfba7e84
+
+commit 3f628c7b537291c1019ce86af90756fb4e66d0fd
+Author: guenther@openbsd.org <guenther@openbsd.org>
+Date:   Mon Jul 27 16:29:23 2015 +0000
+
+    upstream commit
+    
+    Permit kbind(2) use in the sandbox now, to ease testing
+     of ld.so work using it
+    
+    reminded by miod@, ok deraadt@
+    
+    Upstream-ID: 523922e4d1ba7a091e3824e77a8a3c818ee97413
+
+commit ebe27ebe520098bbc0fe58945a87ce8490121edb
+Author: millert@openbsd.org <millert@openbsd.org>
+Date:   Mon Jul 20 18:44:12 2015 +0000
+
+    upstream commit
+    
+    Move .Pp before .Bl, not after to quiet mandoc -Tlint.
+     Noticed by jmc@
+    
+    Upstream-ID: 59fadbf8407cec4e6931e50c53cfa0214a848e23
+
+commit d5d91d0da819611167782c66ab629159169d94d4
+Author: millert@openbsd.org <millert@openbsd.org>
+Date:   Mon Jul 20 18:42:35 2015 +0000
+
+    upstream commit
+    
+    Sync usage with SYNOPSIS
+    
+    Upstream-ID: 7a321a170181a54f6450deabaccb6ef60cf3f0b7
+
+commit 79ec2142fbc68dd2ed9688608da355fc0b1ed743
+Author: millert@openbsd.org <millert@openbsd.org>
+Date:   Mon Jul 20 15:39:52 2015 +0000
+
+    upstream commit
+    
+    Better desciption of Unix domain socket forwarding.
+     bz#2423; ok jmc@
+    
+    Upstream-ID: 85e28874726897e3f26ae50dfa2e8d2de683805d
+
+commit d56fd1828074a4031b18b8faa0bf949669eb18a0
+Author: Damien Miller <djm@mindrot.org>
+Date:   Mon Jul 20 11:19:51 2015 +1000
+
+    make realpath.c compile -Wsign-compare clean
+
+commit c63c9a691dca26bb7648827f5a13668832948929
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon Jul 20 00:30:01 2015 +0000
+
+    upstream commit
+    
+    mention that the default of UseDNS=no implies that
+     hostnames cannot be used for host matching in sshd_config and
+     authorized_keys; bz#2045, ok dtucker@
+    
+    Upstream-ID: 0812705d5f2dfa59aab01f2764ee800b1741c4e1
+
+commit 63ebcd0005e9894fcd6871b7b80aeea1fec0ff76
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sat Jul 18 08:02:17 2015 +0000
+
+    upstream commit
+    
+    don't ignore PKCS#11 hosted keys that return empty
+     CKA_ID; patch by Jakub Jelen via bz#2429; ok markus
+    
+    Upstream-ID: 2f7c94744eb0342f8ee8bf97b2351d4e00116485
+
+commit b15fd989c8c62074397160147a8d5bc34b3f3c63
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sat Jul 18 08:00:21 2015 +0000
+
+    upstream commit
+    
+    skip uninitialised PKCS#11 slots; patch from Jakub Jelen
+     in bz#2427 ok markus@
+    
+    Upstream-ID: 744c1e7796e237ad32992d0d02148e8a18f27d29
+
+commit 5b64f85bb811246c59ebab70aed331f26ba37b18
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Sat Jul 18 07:57:14 2015 +0000
+
+    upstream commit
+    
+    only query each keyboard-interactive device once per
+     authentication request regardless of how many times it is listed; ok markus@
+    
+    Upstream-ID: d73fafba6e86030436ff673656ec1f33d9ffeda1
+
+commit cd7324d0667794eb5c236d8a4e0f236251babc2d
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Jul 17 03:34:27 2015 +0000
+
+    upstream commit
+    
+    remove -u flag to diff (only used for error output) to make
+     things easier for -portable
+    
+    Upstream-Regress-ID: a5d6777d2909540d87afec3039d9bb2414ade548
+
+commit deb8d99ecba70b67f4af7880b11ca8768df9ec3a
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Jul 17 03:09:19 2015 +0000
+
+    upstream commit
+    
+    direct-streamlocal@openssh.com Unix domain foward
+     messages do not contain a "reserved for future use" field and in fact,
+     serverloop.c checks that there isn't one. Remove erroneous mention from
+     PROTOCOL description. bz#2421 from Daniel Black
+    
+    Upstream-ID: 3d51a19e64f72f764682f1b08f35a8aa810a43ac
+
+commit 356b61f365405b5257f5b2ab446e5d7bd33a7b52
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Jul 17 03:04:27 2015 +0000
+
+    upstream commit
+    
+    describe magic for setting up Unix domain socket fowards
+     via the mux channel; bz#2422 patch from Daniel Black
+    
+    Upstream-ID: 943080fe3864715c423bdeb7c920bb30c4eee861
+
+commit d3e2aee41487d55b8d7d40f538b84ff1db7989bc
+Author: Darren Tucker <dtucker@zip.com.au>
+Date:   Fri Jul 17 12:52:34 2015 +1000
+
+    Check if realpath works on nonexistent files.
+    
+    On some platforms the native realpath doesn't work with non-existent
+    files (this is actually specified in some versions of POSIX), however
+    the sftp spec says its realpath with "canonicalize any given path name".
+    On those platforms, use realpath from the compat library.
+    
+    In addition, when compiling with -DFORTIFY_SOURCE, glibc redefines
+    the realpath symbol to the checked version, so redefine ours to
+    something else so we pick up the compat version we want.
+    
+    bz#2428, ok djm@
+
+commit 25b14610dab655646a109db5ef8cb4c4bf2a48a0
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Jul 17 02:47:45 2015 +0000
+
+    upstream commit
+    
+    fix incorrect test for SSH1 keys when compiled without SSH1
+     support
+    
+    Upstream-ID: 6004d720345b8e481c405e8ad05ce2271726e451
+
+commit df56a8035d429b2184ee94aaa7e580c1ff67f73a
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Jul 15 08:00:11 2015 +0000
+
+    upstream commit
+    
+    fix NULL-deref when SSH1 reenabled
+    
+    Upstream-ID: f22fd805288c92b3e9646782d15b48894b2d5295
+
+commit 41e38c4d49dd60908484e6703316651333f16b93
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Jul 15 07:19:50 2015 +0000
+
+    upstream commit
+    
+    regen RSA1 test keys; the last batch was missing their
+     private parts
+    
+    Upstream-Regress-ID: 7ccf437305dd63ff0b48dd50c5fd0f4d4230c10a
+
+commit 5bf0933184cb622ca3f96d224bf3299fd2285acc
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Fri Jul 10 06:23:25 2015 +0000
+
+    upstream commit
+    
+    Adapt tests, now that DSA if off by default; use
+     PubkeyAcceptedKeyTypes and PubkeyAcceptedKeyTypes to test DSA.
+    
+    Upstream-Regress-ID: 0ff2a3ff5ac1ce5f92321d27aa07b98656efcc5c
+
+commit 7a6e3fd7b41dbd3756b6bf9acd67954c0b1564cc
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Tue Jul 7 14:54:16 2015 +0000
+
+    upstream commit
+    
+    regen test data after mktestdata.sh changes
+    
+    Upstream-Regress-ID: 3495ecb082b9a7c048a2d7c5c845d3bf181d25a4
+
+commit 7c8c174c69f681d4910fa41c37646763692b28e2
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Tue Jul 7 14:53:30 2015 +0000
+
+    upstream commit
+    
+    adapt tests to new minimum RSA size and default FP format
+    
+    Upstream-Regress-ID: a4b30afd174ce82b96df14eb49fb0b81398ffd0e
+
+commit 6a977a4b68747ade189e43d302f33403fd4a47ac
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Jul 3 04:39:23 2015 +0000
+
+    upstream commit
+    
+    legacy v00 certificates are gone; adapt and don't try to
+     test them; "sure" markus@ dtucker@
+    
+    Upstream-Regress-ID: c57321e69b3cd4a3b3396dfcc43f0803d047da12
+
+commit 0c4123ad5e93fb90fee9c6635b13a6cdabaac385
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Jul 1 23:11:18 2015 +0000
+
+    upstream commit
+    
+    don't expect SSH v.1 in unittests
+    
+    Upstream-Regress-ID: f8812b16668ba78e6a698646b2a652b90b653397
+
+commit 3c099845798a817cdde513c39074ec2063781f18
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Mon Jun 15 06:38:50 2015 +0000
+
+    upstream commit
+    
+    turn SSH1 back on to match src/usr.bin/ssh being tested
+    
+    Upstream-Regress-ID: 6c4f763a2f0cc6893bf33983919e9030ae638333
+
+commit b1dc2b33689668c75e95f873a42d5aea1f4af1db
+Author: dtucker@openbsd.org <dtucker@openbsd.org>
+Date:   Mon Jul 13 04:57:14 2015 +0000
+
+    upstream commit
+    
+    Add "PuTTY_Local:" to the clients to which we do not
+     offer DH-GEX. This was the string that was used for development versions
+     prior to September 2014 and they don't do RFC4419 DH-GEX, but unfortunately
+     there are some extant products based on those versions.  bx2424 from Jay
+     Rouman, ok markus@ djm@
+    
+    Upstream-ID: be34d41e18b966832fe09ca243d275b81882e1d5
+
+commit 3a1638dda19bbc73d0ae02b4c251ce08e564b4b9
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Fri Jul 10 06:21:53 2015 +0000
+
+    upstream commit
+    
+    Turn off DSA by default; add HostKeyAlgorithms to the
+     server and PubkeyAcceptedKeyTypes to the client side, so it still can be
+     tested or turned back on; feedback and ok djm@
+    
+    Upstream-ID: 8450a9e6d83f80c9bfed864ff061dfc9323cec21
+
+commit 16db0a7ee9a87945cc594d13863cfcb86038db59
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Thu Jul 9 09:49:46 2015 +0000
+
+    upstream commit
+    
+    re-enable ed25519-certs if compiled w/o openssl; ok djm
+    
+    Upstream-ID: e10c90808b001fd2c7a93778418e9b318f5c4c49
+
+commit c355bf306ac33de6545ce9dac22b84a194601e2f
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Wed Jul 8 20:24:02 2015 +0000
+
+    upstream commit
+    
+    no need to include the old buffer/key API
+    
+    Upstream-ID: fb13c9f7c0bba2545f3eb0a0e69cb0030819f52b
+
+commit a3cc48cdf9853f1e832d78cb29bedfab7adce1ee
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Wed Jul 8 19:09:25 2015 +0000
+
+    upstream commit
+    
+    typedefs for Cipher&CipherContext are unused
+    
+    Upstream-ID: 50e6a18ee92221d23ad173a96d5b6c42207cf9a7
+
+commit a635bd06b5c427a57c3ae760d3a2730bb2c863c0
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Wed Jul 8 19:04:21 2015 +0000
+
+    upstream commit
+    
+    xmalloc.h is unused
+    
+    Upstream-ID: afb532355b7fa7135a60d944ca1e644d1d63cb58
+
+commit 2521cf0e36c7f3f6b19f206da0af134f535e4a31
+Author: markus@openbsd.org <markus@openbsd.org>
+Date:   Wed Jul 8 19:01:15 2015 +0000
+
+    upstream commit
+    
+    compress.c is gone
+    
+    Upstream-ID: 174fa7faa9b9643cba06164b5e498591356fbced
+
+commit c65a7aa6c43aa7a308ee1ab8a96f216169ae9615
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Jul 3 04:05:54 2015 +0000
+
+    upstream commit
+    
+    another SSH_RSA_MINIMUM_MODULUS_SIZE that needed
+     cranking
+    
+    Upstream-ID: 9d8826cafe96aab4ae8e2f6fd22800874b7ffef1
+
+commit b1f383da5cd3cb921fc7776f17a14f44b8a31757
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Jul 3 03:56:25 2015 +0000
+
+    upstream commit
+    
+    add an XXX reminder for getting correct key paths from
+     sshd_config
+    
+    Upstream-ID: feae52b209d7782ad742df04a4260e9fe41741db
+
+commit 933935ce8d093996c34d7efa4d59113163080680
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Jul 3 03:49:45 2015 +0000
+
+    upstream commit
+    
+    refuse to generate or accept RSA keys smaller than 1024
+     bits; feedback and ok dtucker@
+    
+    Upstream-ID: 7ea3d31271366ba264f06e34a3539bf1ac30f0ba
+
+commit bdfd29f60b74f3e678297269dc6247a5699583c1
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Jul 3 03:47:00 2015 +0000
+
+    upstream commit
+    
+    turn off 1024 bit diffie-hellman-group1-sha1 key
+     exchange method (already off in server, this turns it off in the client by
+     default too) ok dtucker@
+    
+    Upstream-ID: f59b88f449210ab7acf7d9d88f20f1daee97a4fa
+
+commit c28fc62d789d860c75e23a9fa9fb250eb2beca57
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Fri Jul 3 03:43:18 2015 +0000
+
+    upstream commit
+    
+    delete support for legacy v00 certificates; "sure"
+     markus@ dtucker@
+    
+    Upstream-ID: b5b9bb5f9202d09e88f912989d74928601b6636f
+
+commit 564d63e1b4a9637a209d42a9d49646781fc9caef
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Jul 1 23:10:47 2015 +0000
+
+    upstream commit
+    
+    Compile-time disable SSH v.1 again
+    
+    Upstream-ID: 1d4b513a3a06232f02650b73bad25100d1b800af
+
+commit 868109b650504dd9bcccdb1f51d0906f967c20ff
+Author: djm@openbsd.org <djm@openbsd.org>
+Date:   Wed Jul 1 02:39:06 2015 +0000
+
+    upstream commit
+    
+    twiddle PermitRootLogin back
+    
+    Upstream-ID: 2bd23976305d0512e9f84d054e1fc23cd70b89f2
+
 commit 7de4b03a6e4071d454b72927ffaf52949fa34545
 Author: djm@openbsd.org <djm@openbsd.org>
 Date:   Wed Jul 1 02:32:17 2015 +0000
@@ -6840,2096 +7613,3 @@ Date:   Thu Jan 16 18:42:10 2014 +1100
          [sftp-client.c]
          needless and incorrect cast to size_t can break resumption of
          large download; patch from tobias@
-
-commit 91b580e4bec55118bf96ab3cdbe5a50839e75d0a
-Author: Damien Miller <djm@mindrot.org>
-Date:   Sun Jan 12 19:21:22 2014 +1100
-
-       - djm@cvs.openbsd.org 2014/01/12 08:13:13
-         [bufaux.c buffer.h kex.c kex.h kexc25519.c kexc25519c.c kexc25519s.c]
-         [kexdhc.c kexdhs.c kexecdhc.c kexecdhs.c kexgexc.c kexgexs.c]
-         avoid use of OpenSSL BIGNUM type and functions for KEX with
-         Curve25519 by adding a buffer_put_bignum2_from_string() that stores
-         a string using the bignum encoding rules. Will make it easier to
-         build a reduced-feature OpenSSH without OpenSSL in the future;
-         ok markus@
-
-commit af5d4481f4c7c8c3c746e68b961bb85ef907800e
-Author: Damien Miller <djm@mindrot.org>
-Date:   Sun Jan 12 19:20:47 2014 +1100
-
-       - djm@cvs.openbsd.org 2014/01/10 05:59:19
-         [sshd_config]
-         the /etc/ssh/ssh_host_ed25519_key is loaded by default too
-
-commit 58cd63bc63038acddfb4051ed14e11179d8f4941
-Author: Damien Miller <djm@mindrot.org>
-Date:   Fri Jan 10 10:59:24 2014 +1100
-
-       - djm@cvs.openbsd.org 2014/01/09 23:26:48
-         [sshconnect.c sshd.c]
-         ban clients/servers that suffer from SSH_BUG_DERIVEKEY, they are ancient,
-         deranged and might make some attacks on KEX easier; ok markus@
-
-commit b3051d01e505c9c2dc00faab472a0d06fa6b0e65
-Author: Damien Miller <djm@mindrot.org>
-Date:   Fri Jan 10 10:58:53 2014 +1100
-
-       - djm@cvs.openbsd.org 2014/01/09 23:20:00
-         [digest.c digest.h hostfile.c kex.c kex.h kexc25519.c kexc25519c.c]
-         [kexc25519s.c kexdh.c kexecdh.c kexecdhc.c kexecdhs.c kexgex.c kexgexc.c]
-         [kexgexs.c key.c key.h roaming_client.c roaming_common.c schnorr.c]
-         [schnorr.h ssh-dss.c ssh-ecdsa.c ssh-rsa.c sshconnect2.c]
-         Introduce digest API and use it to perform all hashing operations
-         rather than calling OpenSSL EVP_Digest* directly. Will make it easier
-         to build a reduced-feature OpenSSH without OpenSSL in future;
-         feedback, ok markus@
-
-commit e00e413dd16eb747fb2c15a099971d91c13cf70f
-Author: Damien Miller <djm@mindrot.org>
-Date:   Fri Jan 10 10:40:45 2014 +1100
-
-       - guenther@cvs.openbsd.org 2014/01/09 03:26:00
-         [sftp-common.c]
-         When formating the time for "ls -l"-style output, show dates in the future
-         with the year, and rearrange a comparison to avoid a potentional signed
-         arithmetic overflow that would give the wrong result.
-    
-         ok djm@
-
-commit 3e49853650448883685cfa32fa382d0ba6d51d48
-Author: Damien Miller <djm@mindrot.org>
-Date:   Fri Jan 10 10:37:05 2014 +1100
-
-       - tedu@cvs.openbsd.org 2014/01/04 17:50:55
-         [mac.c monitor_mm.c monitor_mm.h xmalloc.c]
-         use standard types and formats for size_t like variables. ok dtucker
-
-commit a9c1e500ef609795cbc662848edb1a1dca279c81
-Author: Damien Miller <djm@mindrot.org>
-Date:   Wed Jan 8 16:13:12 2014 +1100
-
-     - (djm) [regress/.cvsignore] Ignore regress test droppings; ok dtucker@
-
-commit 324541e5264e1489ca0babfaf2b39612eb80dfb3
-Author: Damien Miller <djm@mindrot.org>
-Date:   Tue Dec 31 12:25:40 2013 +1100
-
-       - djm@cvs.openbsd.org 2013/12/30 23:52:28
-         [auth2-hostbased.c auth2-pubkey.c compat.c compat.h ssh-rsa.c]
-         [sshconnect.c sshconnect2.c sshd.c]
-         refuse RSA keys from old proprietary clients/servers that use the
-         obsolete RSA+MD5 signature scheme. it will still be possible to connect
-         with these clients/servers but only DSA keys will be accepted, and we'll
-         deprecate them entirely in a future release. ok markus@
-
-commit 9f4c8e797ea002a883307ca906f1f1f815010e78
-Author: Damien Miller <djm@mindrot.org>
-Date:   Sun Dec 29 17:57:46 2013 +1100
-
-     - (djm) [regress/Makefile] Add some generated files for cleaning
-
-commit 106bf1ca3c7a5fdc34f9fd7a1fe651ca53085bc5
-Author: Damien Miller <djm@mindrot.org>
-Date:   Sun Dec 29 17:54:03 2013 +1100
-
-       - djm@cvs.openbsd.org 2013/12/29 05:57:02
-         [sshconnect.c]
-         when showing other hostkeys, don't forget Ed25519 keys
-
-commit 0fa47cfb32c239117632cab41e4db7d3e6de5e91
-Author: Damien Miller <djm@mindrot.org>
-Date:   Sun Dec 29 17:53:39 2013 +1100
-
-       - djm@cvs.openbsd.org 2013/12/29 05:42:16
-         [ssh.c]
-         don't forget to load Ed25519 certs too
-
-commit b9a95490daa04cc307589897f95bfaff324ad2c9
-Author: Damien Miller <djm@mindrot.org>
-Date:   Sun Dec 29 17:50:15 2013 +1100
-
-       - djm@cvs.openbsd.org 2013/12/29 04:35:50
-         [authfile.c]
-         don't refuse to load Ed25519 certificates
-
-commit f72cdde6e6fabc51d2a62f4e75b8b926d9d7ee89
-Author: Damien Miller <djm@mindrot.org>
-Date:   Sun Dec 29 17:49:55 2013 +1100
-
-       - djm@cvs.openbsd.org 2013/12/29 04:29:25
-         [authfd.c]
-         allow deletion of ed25519 keys from the agent
-
-commit 29ace1cb68cc378a464c72c0fd67aa5f9acd6b5b
-Author: Damien Miller <djm@mindrot.org>
-Date:   Sun Dec 29 17:49:31 2013 +1100
-
-       - djm@cvs.openbsd.org 2013/12/29 04:20:04
-         [key.c]
-         to make sure we don't omit any key types as valid CA keys again,
-         factor the valid key type check into a key_type_is_valid_ca()
-         function
-
-commit 9de4fcdc5a9cff48d49a3e2f6194d3fb2d7ae34d
-Author: Damien Miller <djm@mindrot.org>
-Date:   Sun Dec 29 17:49:13 2013 +1100
-
-       - djm@cvs.openbsd.org 2013/12/29 02:49:52
-         [key.c]
-         correct comment for key_drop_cert()
-
-commit 5baeacf8a80f054af40731c6f92435f9164b8e02
-Author: Damien Miller <djm@mindrot.org>
-Date:   Sun Dec 29 17:48:55 2013 +1100
-
-       - djm@cvs.openbsd.org 2013/12/29 02:37:04
-         [key.c]
-         correct comment for key_to_certified()
-
-commit 83f2fe26cb19330712c952eddbd3c0b621674adc
-Author: Damien Miller <djm@mindrot.org>
-Date:   Sun Dec 29 17:48:38 2013 +1100
-
-       - djm@cvs.openbsd.org 2013/12/29 02:28:10
-         [key.c]
-         allow ed25519 keys to appear as certificate authorities
-
-commit 06122e9a74bb488b0fe0a8f64e1135de870f9cc0
-Author: Damien Miller <djm@mindrot.org>
-Date:   Sun Dec 29 17:48:15 2013 +1100
-
-       - djm@cvs.openbsd.org 2013/12/27 22:37:18
-         [ssh-rsa.c]
-         correct comment
-
-commit 3e19295c3a253c8dc8660cf45baad7f45fccb969
-Author: Damien Miller <djm@mindrot.org>
-Date:   Sun Dec 29 17:47:50 2013 +1100
-
-       - djm@cvs.openbsd.org 2013/12/27 22:30:17
-         [ssh-dss.c ssh-ecdsa.c ssh-rsa.c]
-         make the original RSA and DSA signing/verification code look more like
-         the ECDSA/Ed25519 ones: use key_type_plain() when checking the key type
-         rather than tediously listing all variants, use __func__ for debug/
-         error messages
-
-commit 137977180be6254639e2c90245763e6965f8d815
-Author: Damien Miller <djm@mindrot.org>
-Date:   Sun Dec 29 17:47:14 2013 +1100
-
-       - tedu@cvs.openbsd.org 2013/12/21 07:10:47
-         [ssh-keygen.1]
-         small typo
-
-commit 339a48fe7ffb3186d22bbaa9efbbc3a053e602fd
-Author: Damien Miller <djm@mindrot.org>
-Date:   Sun Dec 29 17:46:49 2013 +1100
-
-       - djm@cvs.openbsd.org 2013/12/19 22:57:13
-         [poly1305.c poly1305.h]
-         use full name for author, with his permission
-
-commit 0b36c83148976c7c8268f4f41497359e2fb26251
-Author: Damien Miller <djm@mindrot.org>
-Date:   Sun Dec 29 17:45:51 2013 +1100
-
-       - djm@cvs.openbsd.org 2013/12/19 01:19:41
-         [ssh-agent.c]
-         bz#2186: don't crash (NULL deref) when deleting PKCS#11 keys from an agent
-         that has a mix of normal and PKCS#11 keys; fix from jay AT slushpupie.com;
-         ok dtucker
-
-commit 4def184e9b6c36be6d965a9705632fc4c0c2a8af
-Author: Damien Miller <djm@mindrot.org>
-Date:   Sun Dec 29 17:45:26 2013 +1100
-
-       - djm@cvs.openbsd.org 2013/12/19 01:04:36
-         [channels.c]
-         bz#2147: fix multiple remote forwardings with dynamically assigned
-         listen ports. In the s->c message to open the channel we were sending
-         zero (the magic number to request a dynamic port) instead of the actual
-         listen port. The client therefore had no way of discriminating between
-         them.
-    
-         Diagnosis and fix by ronf AT timeheart.net
-
-commit bf25d114e23a803f8feca8926281b1aaedb6191b
-Author: Damien Miller <djm@mindrot.org>
-Date:   Sun Dec 29 17:44:56 2013 +1100
-
-       - djm@cvs.openbsd.org 2013/12/19 00:27:57
-         [auth-options.c]
-         simplify freeing of source-address certificate restriction
-
-commit bb3dafe7024a5b4e851252e65ee35d45b965e4a8
-Author: Damien Miller <djm@mindrot.org>
-Date:   Sun Dec 29 17:44:29 2013 +1100
-
-       - dtucker@cvs.openbsd.org 2013/12/19 00:19:12
-         [serverloop.c]
-         Cast client_alive_interval to u_int64_t before assinging to
-         max_time_milliseconds to avoid potential integer overflow in the timeout.
-         bz#2170, patch from Loganaden Velvindron, ok djm@
-
-commit ef275ead3dcadde4db1efe7a0aa02b5e618ed40c
-Author: Damien Miller <djm@mindrot.org>
-Date:   Sun Dec 29 17:44:07 2013 +1100
-
-       - djm@cvs.openbsd.org 2013/12/19 00:10:30
-         [ssh-add.c]
-         skip requesting smartcard PIN when removing keys from agent; bz#2187
-         patch from jay AT slushpupie.com; ok dtucker
-
-commit 7d97fd9a1cae778c3eacf16e09f5da3689d616c6
-Author: Damien Miller <djm@mindrot.org>
-Date:   Sun Dec 29 17:40:18 2013 +1100
-
-     - (djm) [loginrec.c] Check for username truncation when looking up lastlog
-       entries
-
-commit 77244afe3b6d013b485e0952eaab89b9db83380f
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Sat Dec 21 17:02:39 2013 +1100
-
-    20131221
-     - (dtucker) [regress/keytype.sh] Actually test ecdsa key types.
-
-commit 53f8e784dc431a82d31c9b0e95b144507f9330e9
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Thu Dec 19 11:31:44 2013 +1100
-
-     - (dtucker) [auth-pam.c] bz#2163: check return value from pam_get_item().
-       Patch from Loganaden Velvindron.
-
-commit 1fcec9d4f265e38af248c4c845986ca8c174bd68
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Thu Dec 19 11:00:12 2013 +1100
-
-     - (dtucker) [configure.ac] bz#2178: Don't try to use BSM on Solaris versions
-       greater than 11 either rather than just 11.  Patch from Tomas Kuthan.
-
-commit 6674eb9683afd1ea4eb35670b5e66815543a759e
-Author: Damien Miller <djm@mindrot.org>
-Date:   Wed Dec 18 17:50:39 2013 +1100
-
-       - markus@cvs.openbsd.org 2013/12/17 10:36:38
-         [crypto_api.h]
-         I've assempled the header file by cut&pasting from generated headers
-         and the source files.
-
-commit d58a5964426ee014384d67d775d16712e93057f3
-Author: Damien Miller <djm@mindrot.org>
-Date:   Wed Dec 18 17:50:13 2013 +1100
-
-       - djm@cvs.openbsd.org 2013/12/15 21:42:35
-         [cipher-chachapoly.c]
-         add some comments and constify a constant
-
-commit 059321d19af24d87420de3193f79dfab23556078
-Author: Damien Miller <djm@mindrot.org>
-Date:   Wed Dec 18 17:49:48 2013 +1100
-
-       - pascal@cvs.openbsd.org 2013/12/15 18:17:26
-         [ssh-add.c]
-         Make ssh-add also add .ssh/id_ed25519; fixes lie in manual page.
-         ok markus@
-
-commit 155b5a5bf158767f989215479ded2a57f331e1c6
-Author: Damien Miller <djm@mindrot.org>
-Date:   Wed Dec 18 17:48:32 2013 +1100
-
-       - markus@cvs.openbsd.org 2013/12/09 11:08:17
-         [crypto_api.h]
-         remove unused defines
-
-commit 8a56dc2b6b48b05590810e7f4c3567508410000c
-Author: Damien Miller <djm@mindrot.org>
-Date:   Wed Dec 18 17:48:11 2013 +1100
-
-       - markus@cvs.openbsd.org 2013/12/09 11:03:45
-         [blocks.c ed25519.c fe25519.c fe25519.h ge25519.c ge25519.h]
-         [ge25519_base.data hash.c sc25519.c sc25519.h verify.c]
-         Add Authors for the public domain ed25519/nacl code.
-         see also http://nacl.cr.yp.to/features.html
-            All of the NaCl software is in the public domain.
-         and http://ed25519.cr.yp.to/software.html
-            The Ed25519 software is in the public domain.
-
-commit 6575c3acf31fca117352f31f37b16ae46e664837
-Author: Damien Miller <djm@mindrot.org>
-Date:   Wed Dec 18 17:47:02 2013 +1100
-
-       - dtucker@cvs.openbsd.org 2013/12/08 09:53:27
-         [sshd_config.5]
-         Use a literal for the default value of KEXAlgorithms.  ok deraadt jmc
-
-commit 8ba0ead6985ea14999265136b14ffd5aeec516f9
-Author: Damien Miller <djm@mindrot.org>
-Date:   Wed Dec 18 17:46:27 2013 +1100
-
-       - naddy@cvs.openbsd.org 2013/12/07 11:58:46
-         [ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh-keyscan.1 ssh-keysign.8 ssh.1]
-         [ssh_config.5 sshd.8 sshd_config.5]
-         add missing mentions of ed25519; ok djm@
-
-commit 4f752cf71cf44bf4bc777541156c2bf56daf9ce9
-Author: Damien Miller <djm@mindrot.org>
-Date:   Wed Dec 18 17:45:35 2013 +1100
-
-       - djm@cvs.openbsd.org 2013/12/07 08:08:26
-         [ssh-keygen.1]
-         document -a and -o wrt new key format
-
-commit 6d6fcd14e23a9053198342bb379815b15e504084
-Author: Damien Miller <djm@mindrot.org>
-Date:   Sun Dec 8 15:53:28 2013 +1100
-
-     - (djm) [Makefile.in regress/Makefile regress/agent-ptrace.sh]
-       [regress/setuid-allowed.c] Check that ssh-agent is not on a no-setuid
-       filesystem before running agent-ptrace.sh; ok dtucker
-
-commit 7e6e42fb532c7dafd7078ef5e9e2d3e47fcf6752
-Author: Damien Miller <djm@mindrot.org>
-Date:   Sun Dec 8 08:23:08 2013 +1100
-
-     - (djm) [openbsd-compat/bsd-setres_id.c] Missing header; from Corinna
-        Vinschen
-
-commit da3ca351b49d52ae85db2e3998265dc3c6617068
-Author: Damien Miller <djm@mindrot.org>
-Date:   Sat Dec 7 21:43:46 2013 +1100
-
-     - (djm) [Makefile.in] PATHSUBS and keygen bits for Ed25519; from
-        Loganaden Velvindron @ AfriNIC in bz#2179
-
-commit eb401585bb8336cbf81fe4fc58eb9f7cac3ab874
-Author: Damien Miller <djm@mindrot.org>
-Date:   Sat Dec 7 17:07:15 2013 +1100
-
-     - (djm) [regress/cert-hostkey.sh] Fix merge botch
-
-commit f54542af3ad07532188b10136ae302314ec69ed6
-Author: Damien Miller <djm@mindrot.org>
-Date:   Sat Dec 7 16:32:44 2013 +1100
-
-       - markus@cvs.openbsd.org 2013/12/06 13:52:46
-         [regress/Makefile regress/agent.sh regress/cert-hostkey.sh]
-         [regress/cert-userkey.sh regress/keytype.sh]
-         test ed25519 support; from djm@
-
-commit f104da263de995f66b6861b4f3368264ee483d7f
-Author: Damien Miller <djm@mindrot.org>
-Date:   Sat Dec 7 12:37:53 2013 +1100
-
-     - (djm) [ed25519.c ssh-ed25519.c openbsd-compat/Makefile.in]
-        [openbsd-compat/bcrypt_pbkdf.c] Make ed25519/new key format compile on
-           Linux
-
-commit 1ff130dac9b7aea0628f4ad30683431fe35e0020
-Author: Damien Miller <djm@mindrot.org>
-Date:   Sat Dec 7 11:51:51 2013 +1100
-
-     - [configure.ac openbsd-compat/Makefile.in openbsd-compat/bcrypt_pbkdf.c]
-       [openbsd-compat/blf.h openbsd-compat/blowfish.c]
-       [openbsd-compat/openbsd-compat.h] Start at supporting bcrypt_pbkdf in
-       portable.
-
-commit 4260828a2958ebe8c96f66d8301dac53f4cde556
-Author: Damien Miller <djm@mindrot.org>
-Date:   Sat Dec 7 11:38:03 2013 +1100
-
-     - [authfile.c] Conditionalise inclusion of util.h
-
-commit a913442bac8a26fd296a3add51293f8f6f9b3b4c
-Author: Damien Miller <djm@mindrot.org>
-Date:   Sat Dec 7 11:35:36 2013 +1100
-
-     - [Makefile.in] Add ed25519 sources
-
-commit ca570a519cb846da61d002c7f46fa92e39c83e45
-Author: Damien Miller <djm@mindrot.org>
-Date:   Sat Dec 7 11:29:09 2013 +1100
-
-       - djm@cvs.openbsd.org 2013/12/07 00:19:15
-         [key.c]
-         set k->cert = NULL after freeing it
-
-commit 3cccc0e155229a2f2d86b6df40bd4559b4f960ff
-Author: Damien Miller <djm@mindrot.org>
-Date:   Sat Dec 7 11:27:47 2013 +1100
-
-     - [blocks.c ed25519.c fe25519.c fe25519.h ge25519.c ge25519.h]
-       [ge25519_base.data hash.c sc25519.c sc25519.h verify.c] Fix RCS idents
-
-commit a7827c11b3f0380b7e593664bd62013ff9c131db
-Author: Damien Miller <djm@mindrot.org>
-Date:   Sat Dec 7 11:24:30 2013 +1100
-
-       - jmc@cvs.openbsd.org 2013/12/06 15:29:07
-         [sshd.8]
-         missing comma;
-
-commit 5be9d9e3cbd9c66f24745d25bf2e809c1d158ee0
-Author: Damien Miller <djm@mindrot.org>
-Date:   Sat Dec 7 11:24:01 2013 +1100
-
-       - markus@cvs.openbsd.org 2013/12/06 13:39:49
-         [authfd.c authfile.c key.c key.h myproposal.h pathnames.h readconf.c]
-         [servconf.c ssh-agent.c ssh-keygen.c ssh-keyscan.1 ssh-keyscan.c]
-         [ssh-keysign.c ssh.c ssh_config.5 sshd.8 sshd.c verify.c ssh-ed25519.c]
-         [sc25519.h sc25519.c hash.c ge25519_base.data ge25519.h ge25519.c]
-         [fe25519.h fe25519.c ed25519.c crypto_api.h blocks.c]
-         support ed25519 keys (hostkeys and user identities) using the public
-         domain ed25519 reference code from SUPERCOP, see
-         http://ed25519.cr.yp.to/software.html
-         feedback, help & ok djm@
-
-commit bcd00abd8451f36142ae2ee10cc657202149201e
-Author: Damien Miller <djm@mindrot.org>
-Date:   Sat Dec 7 10:41:55 2013 +1100
-
-       - markus@cvs.openbsd.org 2013/12/06 13:34:54
-         [authfile.c authfile.h cipher.c cipher.h key.c packet.c ssh-agent.c]
-         [ssh-keygen.c PROTOCOL.key] new private key format, bcrypt as KDF by
-         default; details in PROTOCOL.key; feedback and lots help from djm;
-         ok djm@
-
-commit f0e9060d236c0e38bec2fa1c6579fb0a2ea6458d
-Author: Damien Miller <djm@mindrot.org>
-Date:   Sat Dec 7 10:40:26 2013 +1100
-
-       - markus@cvs.openbsd.org 2013/12/06 13:30:08
-         [authfd.c key.c key.h ssh-agent.c]
-         move private key (de)serialization to key.c; ok djm
-
-commit 0f8536da23a6ef26e6495177c0d8a4242b710289
-Author: Damien Miller <djm@mindrot.org>
-Date:   Sat Dec 7 10:31:37 2013 +1100
-
-       - djm@cvs.openbsd.org 2013/12/06 03:40:51
-         [ssh-keygen.c]
-         remove duplicated character ('g') in getopt() string;
-         document the (few) remaining option characters so we don't have to
-         rummage next time.
-
-commit 393920745fd328d3fe07f739a3cf7e1e6db45b60
-Author: Damien Miller <djm@mindrot.org>
-Date:   Sat Dec 7 10:31:08 2013 +1100
-
-       - djm@cvs.openbsd.org 2013/12/05 22:59:45
-         [sftp-client.c]
-         fix memory leak in error path in do_readdir(); pointed out by
-         Loganaden Velvindron @ AfriNIC in bz#2163
-
-commit 534b2ccadea5e5e9a8b27226e6faac3ed5552e97
-Author: Damien Miller <djm@mindrot.org>
-Date:   Thu Dec 5 14:07:27 2013 +1100
-
-       - djm@cvs.openbsd.org 2013/12/05 01:16:41
-         [servconf.c servconf.h]
-         bz#2161 - fix AuthorizedKeysCommand inside a Match block and
-         rearrange things so the same error is harder to make next time;
-         with and ok dtucker@
-
-commit 8369c8e61a3408ec6bb75755fad4ffce29b5fdbe
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Thu Dec 5 11:00:16 2013 +1100
-
-     - (dtucker) [configure.ac] bz#2173: use pkg-config --libs to include correct
-       -L location for libedit.  Patch from Serge van den Boom.
-
-commit 9275df3e0a2a3bc3897f7d664ea86a425c8a092d
-Author: Damien Miller <djm@mindrot.org>
-Date:   Thu Dec 5 10:26:32 2013 +1100
-
-       - djm@cvs.openbsd.org 2013/12/04 04:20:01
-         [sftp-client.c]
-         bz#2171: don't leak local_fd on error; from Loganaden Velvindron @
-         AfriNIC
-
-commit 960f6a2b5254e4da082d8aa3700302ed12dc769a
-Author: Damien Miller <djm@mindrot.org>
-Date:   Thu Dec 5 10:26:14 2013 +1100
-
-       - djm@cvs.openbsd.org 2013/12/02 03:13:14
-         [cipher.c]
-         correct bzero of chacha20+poly1305 key context. bz#2177 from
-         Loganaden Velvindron @ AfriNIC
-    
-         Also make it a memset for consistency with the rest of cipher.c
-
-commit f7e8a8796d661c9d6692ab837e1effd4f5ada1c2
-Author: Damien Miller <djm@mindrot.org>
-Date:   Thu Dec 5 10:25:51 2013 +1100
-
-       - djm@cvs.openbsd.org 2013/12/02 03:09:22
-         [key.c]
-         make key_to_blob() return a NULL blob on failure; part of
-         bz#2175 from Loganaden Velvindron @ AfriNIC
-
-commit f1e44ea9d9a6d4c1a95a0024132e603bd1778c9c
-Author: Damien Miller <djm@mindrot.org>
-Date:   Thu Dec 5 10:23:21 2013 +1100
-
-       - djm@cvs.openbsd.org 2013/12/02 02:56:17
-         [ssh-pkcs11-helper.c]
-         use-after-free; bz#2175 patch from Loganaden Velvindron @ AfriNIC
-
-commit 114e540b15d57618f9ebf624264298f80bbd8c77
-Author: Damien Miller <djm@mindrot.org>
-Date:   Thu Dec 5 10:22:57 2013 +1100
-
-       - djm@cvs.openbsd.org 2013/12/02 02:50:27
-         [PROTOCOL.chacha20poly1305]
-         typo; from Jon Cave
-
-commit e4870c090629e32f2cb649dc16d575eeb693f4a8
-Author: Damien Miller <djm@mindrot.org>
-Date:   Thu Dec 5 10:22:39 2013 +1100
-
-       - djm@cvs.openbsd.org 2013/12/01 23:19:05
-         [PROTOCOL]
-         mention curve25519-sha256@libssh.org key exchange algorithm
-
-commit 1d2f8804a6d33a4e908b876b2e1266b8260ec76b
-Author: Damien Miller <djm@mindrot.org>
-Date:   Thu Dec 5 10:22:03 2013 +1100
-
-       - deraadt@cvs.openbsd.org 2013/11/26 19:15:09
-         [pkcs11.h]
-         cleanup 1 << 31 idioms.  Resurrection of this issue pointed out by
-         Eitan Adler ok markus for ssh, implies same change in kerberosV
-
-commit bdb352a54f82df94a548e3874b22f2d6ae90328d
-Author: Damien Miller <djm@mindrot.org>
-Date:   Thu Dec 5 10:20:52 2013 +1100
-
-       - jmc@cvs.openbsd.org 2013/11/26 12:14:54
-         [ssh.1 ssh.c]
-         - put -Q in the right place
-         - Ar was a poor choice for the arguments to -Q. i've chosen an
-           admittedly equally poor Cm, at least consistent with the rest
-           of the docs. also no need for multiple instances
-         - zap a now redundant Nm
-         - usage() sync
-
-commit d937dc084a087090f1cf5395822c3ac958d33759
-Author: Damien Miller <djm@mindrot.org>
-Date:   Thu Dec 5 10:19:54 2013 +1100
-
-       - deraadt@cvs.openbsd.org 2013/11/25 18:04:21
-         [ssh.1 ssh.c]
-         improve -Q usage and such.  One usage change is that the option is now
-         case-sensitive
-         ok dtucker markus djm
-
-commit dec0393f7ee8aabc7d9d0fc2c5fddb4bc649112e
-Author: Damien Miller <djm@mindrot.org>
-Date:   Thu Dec 5 10:18:43 2013 +1100
-
-       - jmc@cvs.openbsd.org 2013/11/21 08:05:09
-         [ssh_config.5 sshd_config.5]
-         no need for .Pp before displays;
-
-commit 8a073cf57940aabf85e49799f89f5d5e9b072c1b
-Author: Damien Miller <djm@mindrot.org>
-Date:   Thu Nov 21 14:26:18 2013 +1100
-
-       - djm@cvs.openbsd.org 2013/11/21 03:18:51
-         [regress/cipher-speed.sh regress/integrity.sh regress/rekey.sh]
-         [regress/try-ciphers.sh]
-         use new "ssh -Q cipher-auth" query to obtain lists of authenticated
-         encryption ciphers instead of specifying them manually; ensures that
-         the new chacha20poly1305@openssh.com mode is tested;
-    
-         ok markus@ and naddy@ as part of the diff to add
-         chacha20poly1305@openssh.com
-
-commit ea61b2179f63d48968dd2c9617621002bb658bfe
-Author: Damien Miller <djm@mindrot.org>
-Date:   Thu Nov 21 14:25:15 2013 +1100
-
-       - djm@cvs.openbsd.org 2013/11/21 03:16:47
-         [regress/modpipe.c]
-         use unsigned long long instead of u_int64_t here to avoid warnings
-         on some systems portable OpenSSH is built on.
-
-commit 36aba25b0409d2db6afc84d54bc47a2532d38424
-Author: Damien Miller <djm@mindrot.org>
-Date:   Thu Nov 21 14:24:42 2013 +1100
-
-       - djm@cvs.openbsd.org 2013/11/21 03:15:46
-         [regress/krl.sh]
-         add some reminders for additional tests that I'd like to implement
-
-commit fa7a20bc289f09b334808d988746bc260a2f60c9
-Author: Damien Miller <djm@mindrot.org>
-Date:   Thu Nov 21 14:24:08 2013 +1100
-
-       - naddy@cvs.openbsd.org 2013/11/18 05:09:32
-         [regress/forward-control.sh]
-         bump timeout to 10 seconds to allow slow machines (e.g. Alpha PC164)
-         to successfully run this; ok djm@
-         (ID sync only; our timeouts are already longer)
-
-commit 0fde8acdad78a4d20cadae974376cc0165f645ee
-Author: Damien Miller <djm@mindrot.org>
-Date:   Thu Nov 21 14:12:23 2013 +1100
-
-       - djm@cvs.openbsd.org 2013/11/21 00:45:44
-         [Makefile.in PROTOCOL PROTOCOL.chacha20poly1305 authfile.c chacha.c]
-         [chacha.h cipher-chachapoly.c cipher-chachapoly.h cipher.c cipher.h]
-         [dh.c myproposal.h packet.c poly1305.c poly1305.h servconf.c ssh.1]
-         [ssh.c ssh_config.5 sshd_config.5] Add a new protocol 2 transport
-         cipher "chacha20-poly1305@openssh.com" that combines Daniel
-         Bernstein's ChaCha20 stream cipher and Poly1305 MAC to build an
-         authenticated encryption mode.
-    
-         Inspired by and similar to Adam Langley's proposal for TLS:
-         http://tools.ietf.org/html/draft-agl-tls-chacha20poly1305-03
-         but differs in layout used for the MAC calculation and the use of a
-         second ChaCha20 instance to separately encrypt packet lengths.
-         Details are in the PROTOCOL.chacha20poly1305 file.
-    
-         Feedback markus@, naddy@; manpage bits Loganden Velvindron @ AfriNIC
-         ok markus@ naddy@
-
-commit fdb2306acdc3eb2bc46b6dfdaaf6005c650af22a
-Author: Damien Miller <djm@mindrot.org>
-Date:   Thu Nov 21 13:57:15 2013 +1100
-
-       - deraadt@cvs.openbsd.org 2013/11/20 20:54:10
-         [canohost.c clientloop.c match.c readconf.c sftp.c]
-         unsigned casts for ctype macros where neccessary
-         ok guenther millert markus
-
-commit e00167307e4d3692695441e9bd712f25950cb894
-Author: Damien Miller <djm@mindrot.org>
-Date:   Thu Nov 21 13:56:49 2013 +1100
-
-       - deraadt@cvs.openbsd.org 2013/11/20 20:53:10
-         [scp.c]
-         unsigned casts for ctype macros where neccessary
-         ok guenther millert markus
-
-commit 23e00aa6ba9eee0e0c218f2026bf405ad4625832
-Author: Damien Miller <djm@mindrot.org>
-Date:   Thu Nov 21 13:56:28 2013 +1100
-
-       - djm@cvs.openbsd.org 2013/11/20 02:19:01
-         [sshd.c]
-         delay closure of in/out fds until after "Bad protocol version
-         identification..." message, as get_remote_ipaddr/get_remote_port
-         require them open.
-
-commit 867e6934be6521f87f04a5ab86702e2d1b314245
-Author: Damien Miller <djm@mindrot.org>
-Date:   Thu Nov 21 13:56:06 2013 +1100
-
-       - markus@cvs.openbsd.org 2013/11/13 13:48:20
-         [ssh-pkcs11.c]
-         add missing braces found by pedro
-
-commit 0600c7020f4fe68a780bd7cf21ff541a8d4b568a
-Author: Damien Miller <djm@mindrot.org>
-Date:   Thu Nov 21 13:55:43 2013 +1100
-
-       - dtucker@cvs.openbsd.org 2013/11/08 11:15:19
-         [bufaux.c bufbn.c buffer.c sftp-client.c sftp-common.c sftp-glob.c]
-         [uidswap.c] Include stdlib.h for free() as per the man page.
-
-commit b6a75b0b93b8faa6f79c3a395ab6c71f3f880b80
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Sun Nov 10 20:25:22 2013 +1100
-
-     - (dtucker) [regress/keytype.sh] Populate ECDSA key types to be tested by
-       querying the ones that are compiled in.
-
-commit 2c89430119367eb1bc96ea5ee55de83357e4c926
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Sun Nov 10 12:38:42 2013 +1100
-
-     - (dtucker) [key.c] Check for the correct defines for NID_secp521r1.
-
-commit dd5264db5f641dbd03186f9e5e83e4b14b3d0003
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Sat Nov 9 22:32:51 2013 +1100
-
-     - (dtucker) [configure.ac] Add missing "test".
-
-commit 95cb2d4eb08117be061f3ff076adef3e9a5372c3
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Sat Nov 9 22:02:31 2013 +1100
-
-     - (dtucker) [configure.ac] Fix brackets in NID_secp521r1 test.
-
-commit 37bcef51b3d9d496caecea6394814d2f49a1357f
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Sat Nov 9 18:39:25 2013 +1100
-
-     - (dtucker) [configure.ac kex.c key.c myproposal.h] Test for the presence of
-       NID_X9_62_prime256v1, NID_secp384r1 and NID_secp521r1 and test that the
-       latter actually works before using it.  Fedora (at least) has NID_secp521r1
-       that doesn't work (see https://bugzilla.redhat.com/show_bug.cgi?id=1021897).
-
-commit 6e2fe81f926d995bae4be4a6b5b3c88c1c525187
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Sat Nov 9 16:55:03 2013 +1100
-
-       - dtucker@cvs.openbsd.org 2013/11/09 05:41:34
-         [regress/test-exec.sh regress/rekey.sh]
-         Use smaller test data files to speed up tests.  Grow test datafiles
-         where necessary for a specific test.
-
-commit aff7ef1bb8b7c1eeb1f4812129091c5adbf51848
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Sat Nov 9 00:19:22 2013 +1100
-
-     - (dtucker) [contrib/cygwin/ssh-host-config] Simplify host key generation:
-       rather than testing and generating each key, call ssh-keygen -A.
-       Patch from vinschen at redhat.com.
-
-commit 882abfd3fb3c98cfe70b4fc79224770468b570a5
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Sat Nov 9 00:17:41 2013 +1100
-
-     - (dtucker) [Makefile.in configure.ac] Set MALLOC_OPTIONS per platform
-       and pass in TEST_ENV.  Unknown options cause stderr to get polluted
-       and the stderr-data test to fail.
-
-commit 8c333ec23bdf7da917aa20ac6803a2cdd79182c5
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Fri Nov 8 21:12:58 2013 +1100
-
-     - (dtucker) [openbsd-compat/bsd-poll.c] Add headers to prevent compile
-       warnings.
-
-commit d94240b2f6b376b6e9de187e4a0cd4b89dfc48cb
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Fri Nov 8 21:10:04 2013 +1100
-
-     - (dtucker) [myproposal.h] Conditionally enable CURVE25519_SHA256.
-
-commit 1c8ce34909886288a3932dce770deec5449f7bb5
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Fri Nov 8 19:50:32 2013 +1100
-
-     - (dtucker) [kex.c] Only enable CURVE25519_SHA256 if we actually have
-       EVP_sha256.
-
-commit ccdb9bec46bcc88549b26a94aa0bae2b9f51031c
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Fri Nov 8 18:54:38 2013 +1100
-
-     - (dtucker) [openbsd-compat/openbsd-compat.h] Add null implementation of
-       arc4random_stir for platforms that have arc4random but don't have
-       arc4random_stir (right now this is only OpenBSD -current).
-
-commit 3420a50169b52cc8d2775d51316f9f866c73398f
-Author: Damien Miller <djm@mindrot.org>
-Date:   Fri Nov 8 16:48:13 2013 +1100
-
-     - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
-       [contrib/suse/openssh.spec] Update version numbers following release.
-
-commit 3ac4a234df842fd8c94d9cb0ad198e1fe84b895b
-Author: Damien Miller <djm@mindrot.org>
-Date:   Fri Nov 8 12:39:49 2013 +1100
-
-       - djm@cvs.openbsd.org 2013/11/08 01:38:11
-         [version.h]
-         openssh-6.4
-
-commit 6c81fee693038de7d4a5559043350391db2a2761
-Author: Damien Miller <djm@mindrot.org>
-Date:   Fri Nov 8 12:19:55 2013 +1100
-
-       - djm@cvs.openbsd.org 2013/11/08 00:39:15
-         [auth-options.c auth2-chall.c authfd.c channels.c cipher-3des1.c]
-         [clientloop.c gss-genr.c monitor_mm.c packet.c schnorr.c umac.c]
-         [sftp-client.c sftp-glob.c]
-         use calloc for all structure allocations; from markus@
-
-commit 690d989008e18af3603a5e03f1276c9bad090370
-Author: Damien Miller <djm@mindrot.org>
-Date:   Fri Nov 8 12:16:49 2013 +1100
-
-       - dtucker@cvs.openbsd.org 2013/11/07 11:58:27
-         [cipher.c cipher.h kex.c kex.h mac.c mac.h servconf.c ssh.c]
-         Output the effective values of Ciphers, MACs and KexAlgorithms when
-         the default has not been overridden.  ok markus@
-
-commit 08998c5fb9c7c1d248caa73b76e02ca0482e6d85
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Fri Nov 8 12:11:46 2013 +1100
-
-        - dtucker@cvs.openbsd.org 2013/11/08 01:06:14
-          [regress/rekey.sh]
-          Rekey less frequently during tests to speed them up
-
-commit 4bf7e50e533aa956366df7402c132f202e841a48
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Thu Nov 7 22:33:48 2013 +1100
-
-     - (dtucker) [Makefile.in configure.ac] Remove TEST_SSH_SHA256 environment
-       variable.  It's no longer used now that we get the supported MACs from
-       ssh -Q.
-
-commit 6e9d6f411288374d1dee4b7debbfa90bc7e73035
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Thu Nov 7 15:32:37 2013 +1100
-
-       - dtucker@cvs.openbsd.org 2013/11/07 04:26:56
-         [regress/kextype.sh]
-         trailing space
-
-commit 74cbc22529f3e5de756e1b7677b7624efb28f62c
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Thu Nov 7 15:26:12 2013 +1100
-
-       - dtucker@cvs.openbsd.org 2013/11/07 03:55:41
-         [regress/kextype.sh]
-         Use ssh -Q to get kex types instead of a static list.
-
-commit a955041c930e63405159ff7d25ef14272f36eab3
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Thu Nov 7 15:21:19 2013 +1100
-
-       - dtucker@cvs.openbsd.org 2013/11/07 02:48:38
-         [regress/integrity.sh regress/cipher-speed.sh regress/try-ciphers.sh]
-         Use ssh -Q instead of hardcoding lists of ciphers or MACs.
-
-commit 06595d639577577bc15d359e037a31eb83563269
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Thu Nov 7 15:08:02 2013 +1100
-
-       - dtucker@cvs.openbsd.org 2013/11/07 01:12:51
-         [regress/rekey.sh]
-         Factor out the data transfer rekey tests
-
-commit 651dc8b2592202dac6b16ee3b82ce5b331be7da3
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Thu Nov 7 15:04:44 2013 +1100
-
-       - dtucker@cvs.openbsd.org 2013/11/07 00:12:05
-         [regress/rekey.sh]
-         Test rekeying for every Cipher, MAC and KEX, plus test every KEX with
-         the GCM ciphers.
-
-commit 234557762ba1096a867ca6ebdec07efebddb5153
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Thu Nov 7 15:00:51 2013 +1100
-
-       - dtucker@cvs.openbsd.org 2013/11/04 12:27:42
-         [regress/rekey.sh]
-         Test rekeying with all KexAlgorithms.
-
-commit bbfb9b0f386aab0c3e19d11f136199ef1b9ad0ef
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Thu Nov 7 14:56:43 2013 +1100
-
-       - markus@cvs.openbsd.org 2013/11/02 22:39:53
-         [regress/kextype.sh]
-         add curve25519-sha256@libssh.org
-
-commit aa19548a98c0f89283ebd7354abd746ca6bc4fdf
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Thu Nov 7 14:50:09 2013 +1100
-
-       - djm@cvs.openbsd.org 2013/10/09 23:44:14
-         [regress/Makefile] (ID sync only)
-         regression test for sftp request white/blacklisting and readonly mode.
-
-commit c8908aabff252f5da772d4e679479c2b7d18cac1
-Author: Damien Miller <djm@mindrot.org>
-Date:   Thu Nov 7 13:38:35 2013 +1100
-
-       - djm@cvs.openbsd.org 2013/11/06 23:05:59
-         [ssh-pkcs11.c]
-         from portable: s/true/true_val/ to avoid name collisions on dump platforms
-         RCSID sync only
-
-commit 49c145c5e89b9d7d48e84328d6347d5ad640b567
-Author: Damien Miller <djm@mindrot.org>
-Date:   Thu Nov 7 13:35:39 2013 +1100
-
-       - markus@cvs.openbsd.org 2013/11/06 16:52:11
-         [monitor_wrap.c]
-         fix rekeying for AES-GCM modes; ok deraadt
-
-commit 67a8800f290b39fd60e379988c700656ae3f2539
-Author: Damien Miller <djm@mindrot.org>
-Date:   Thu Nov 7 13:32:51 2013 +1100
-
-       - markus@cvs.openbsd.org 2013/11/04 11:51:16
-         [monitor.c]
-         fix rekeying for KEX_C25519_SHA256; noted by dtucker@
-         RCSID sync only; I thought this was a merge botch and fixed it already
-
-commit df8b030b15fcec7baf38ec7944f309f9ca8cc9a7
-Author: Damien Miller <djm@mindrot.org>
-Date:   Thu Nov 7 13:28:16 2013 +1100
-
-     - (djm) [configure.ac defines.h] Skip arc4random_stir() calls on platforms
-       that lack it but have arc4random_uniform()
-
-commit a6fd1d3c38a562709374a70fa76423859160aa90
-Author: Damien Miller <djm@mindrot.org>
-Date:   Thu Nov 7 12:03:26 2013 +1100
-
-     - (djm) [regress/modpipe.c regress/rekey.sh] Never intended to commit these
-
-commit c98319750b0bbdd0d1794420ec97d65dd9244613
-Author: Damien Miller <djm@mindrot.org>
-Date:   Thu Nov 7 12:00:23 2013 +1100
-
-     - (djm) [Makefile.in monitor.c] Missed chunks of curve25519 KEX diff
-
-commit 61c5c2319e84a58210810d39b062c8b8e3321160
-Author: Damien Miller <djm@mindrot.org>
-Date:   Thu Nov 7 11:34:14 2013 +1100
-
-     - (djm) [ssh-pkcs11.c] Bring back "non-constant initialiser" fix (rev 1.5)
-       that got lost in recent merge.
-
-commit 094003f5454a9f5a607674b2739824a7e91835f4
-Author: Damien Miller <djm@mindrot.org>
-Date:   Mon Nov 4 22:59:27 2013 +1100
-
-     - (djm) [kexc25519.c kexc25519c.c kexc25519s.c] Import missed files from
-       KEX/curve25519 change
-
-commit ca67a7eaf8766499ba67801d0be8cdaa550b9a50
-Author: Damien Miller <djm@mindrot.org>
-Date:   Mon Nov 4 09:05:17 2013 +1100
-
-       - djm@cvs.openbsd.org 2013/11/03 10:37:19
-         [roaming_common.c]
-         fix a couple of function definitions foo() -> foo(void)
-         (-Wold-style-definition)
-
-commit 0bd8f1519d51af8d4229be81e8f2f4903a1d440b
-Author: Damien Miller <djm@mindrot.org>
-Date:   Mon Nov 4 08:55:43 2013 +1100
-
-       - markus@cvs.openbsd.org 2013/11/02 22:39:19
-         [ssh_config.5 sshd_config.5]
-         the default kex is now curve25519-sha256@libssh.org
-
-commit 4c3ba0767fbe4a8a2a748df4035aaf86651f6b30
-Author: Damien Miller <djm@mindrot.org>
-Date:   Mon Nov 4 08:40:13 2013 +1100
-
-       - markus@cvs.openbsd.org 2013/11/02 22:34:01
-         [auth-options.c]
-         no need to include monitor_wrap.h and ssh-gss.h
-
-commit 660621b2106b987b874c2f120218bec249d0f6ba
-Author: Damien Miller <djm@mindrot.org>
-Date:   Mon Nov 4 08:37:51 2013 +1100
-
-       - markus@cvs.openbsd.org 2013/11/02 22:24:24
-         [kexdhs.c kexecdhs.c]
-         no need to include ssh-gss.h
-
-commit abdca986decfbbc008c895195b85e879ed460ada
-Author: Damien Miller <djm@mindrot.org>
-Date:   Mon Nov 4 08:30:05 2013 +1100
-
-       - markus@cvs.openbsd.org 2013/11/02 22:10:15
-         [kexdhs.c kexecdhs.c]
-         no need to include monitor_wrap.h
-
-commit 1e1242604eb0fd510fe93f81245c529237ffc513
-Author: Damien Miller <djm@mindrot.org>
-Date:   Mon Nov 4 08:26:52 2013 +1100
-
-       - markus@cvs.openbsd.org 2013/11/02 21:59:15
-         [kex.c kex.h myproposal.h ssh-keyscan.c sshconnect2.c sshd.c]
-         use curve25519 for default key exchange (curve25519-sha256@libssh.org);
-         initial patch from Aris Adamantiadis; ok djm@
-
-commit d2252c79191d069372ed6effce7c7a2de93448cd
-Author: Damien Miller <djm@mindrot.org>
-Date:   Mon Nov 4 07:41:48 2013 +1100
-
-       - markus@cvs.openbsd.org 2013/11/02 20:03:54
-         [ssh-pkcs11.c]
-         support pkcs#11 tokes that only provide x509 zerts instead of raw pubkeys;
-         fixes bz#1908; based on patch from Laurent Barbe; ok djm
-
-commit 007e3b357e880caa974d5adf9669298ba0751c78
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Sun Nov 3 18:43:55 2013 +1100
-
-     - (dtucker) [configure.ac defines.h] Add typedefs for intmax_t and uintmax_t
-       for platforms that don't have them.
-
-commit 710f3747352fb93a63e5b69b12379da37f5b3fa9
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Sun Nov 3 17:20:34 2013 +1100
-
-     - (dtucker) [openbsd-compat/setproctitle.c] Handle error case form the 2nd
-       vsnprintf.  From eric at openbsd via chl@.
-
-commit d52770452308e5c2e99f4da6edaaa77ef078b610
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Sun Nov 3 16:30:46 2013 +1100
-
-     - (dtucker) [openbsd-compat/bsd-misc.c] Include time.h for nanosleep.
-       From OpenSMTPD where it prevents "implicit declaration" warnings (it's
-       a no-op in OpenSSH).  From chl at openbsd.
-
-commit 63857c9340d3482746a5622ffdacc756751f6448
-Author: Damien Miller <djm@mindrot.org>
-Date:   Wed Oct 30 22:31:06 2013 +1100
-
-       - jmc@cvs.openbsd.org 2013/10/29 18:49:32
-         [sshd_config.5]
-         pty(4), not pty(7);
-
-commit 5ff30c6b68adeee767dd29bf2369763c6a13c0b3
-Author: Damien Miller <djm@mindrot.org>
-Date:   Wed Oct 30 22:21:50 2013 +1100
-
-       - djm@cvs.openbsd.org 2013/10/29 09:48:02
-         [servconf.c servconf.h session.c sshd_config sshd_config.5]
-         shd_config PermitTTY to disallow TTY allocation, mirroring the
-         longstanding no-pty authorized_keys option;
-         bz#2070, patch from Teran McKinney; ok markus@
-
-commit 4a3a9d4bbf8048473f5cc202cd8db7164d5e6b8d
-Author: Damien Miller <djm@mindrot.org>
-Date:   Wed Oct 30 22:19:47 2013 +1100
-
-       - djm@cvs.openbsd.org 2013/10/29 09:42:11
-         [key.c key.h]
-         fix potential stack exhaustion caused by nested certificates;
-         report by Mateusz Kocielski; ok dtucker@ markus@
-
-commit 28631ceaa7acd9bc500f924614431542893c6a21
-Author: Damien Miller <djm@mindrot.org>
-Date:   Sat Oct 26 10:07:56 2013 +1100
-
-       - djm@cvs.openbsd.org 2013/10/25 23:04:51
-         [ssh.c]
-         fix crash when using ProxyCommand caused by previous commit - was calling
-         freeaddrinfo(NULL); spotted by sthen@ and Tim Ruehsen, patch by sthen@
-
-commit 26506ad29350c5681815745cc90b3952a84cf118
-Author: Damien Miller <djm@mindrot.org>
-Date:   Sat Oct 26 10:05:46 2013 +1100
-
-     - (djm) [ssh-keygen.c ssh-keysign.c sshconnect1.c sshd.c] Remove
-       unnecessary arc4random_stir() calls. The only ones left are to ensure
-       that the PRNG gets a different state after fork() for platforms that
-       have broken the API.
-
-commit bd43e8872325e9bbb3319c89da593614709f317c
-Author: Tim Rice <tim@multitalents.net>
-Date:   Thu Oct 24 12:22:49 2013 -0700
-
-     - (tim) [regress/sftp-perm.sh] We need a shell that understands "! somecmd"
-
-commit a90c0338083ee0e4064c4bdf61f497293a699be0
-Author: Damien Miller <djm@mindrot.org>
-Date:   Thu Oct 24 21:03:17 2013 +1100
-
-       - djm@cvs.openbsd.org 2013/10/24 08:19:36
-         [ssh.c]
-         fix bug introduced in hostname canonicalisation commit: don't try to
-         resolve hostnames when a ProxyCommand is set unless the user has forced
-         canonicalisation; spotted by Iain Morgan
-
-commit cf31f3863425453ffcda540fbefa9df80088c8d1
-Author: Damien Miller <djm@mindrot.org>
-Date:   Thu Oct 24 21:02:56 2013 +1100
-
-       - dtucker@cvs.openbsd.org 2013/10/24 00:51:48
-         [readconf.c servconf.c ssh_config.5 sshd_config.5]
-         Disallow empty Match statements and add "Match all" which matches
-         everything.  ok djm, man page help jmc@
-
-commit 4bedd4032a09ce87322ae5ea80f193f109e5c607
-Author: Damien Miller <djm@mindrot.org>
-Date:   Thu Oct 24 21:02:26 2013 +1100
-
-       - dtucker@cvs.openbsd.org 2013/10/24 00:49:49
-         [moduli.c]
-         Periodically print progress and, if possible, expected time to completion
-         when screening moduli for DH groups.  ok deraadt djm
-
-commit 5ecb41629860687b145be63b8877fabb6bae5eda
-Author: Damien Miller <djm@mindrot.org>
-Date:   Thu Oct 24 21:02:02 2013 +1100
-
-       - djm@cvs.openbsd.org 2013/10/23 23:35:32
-         [sshd.c]
-         include local address and port in "Connection from ..." message (only
-         shown at loglevel>=verbose)
-
-commit 03bf2e61ad6ac59a362a1f11b105586cb755c147
-Author: Damien Miller <djm@mindrot.org>
-Date:   Thu Oct 24 21:01:26 2013 +1100
-
-       - dtucker@cvs.openbsd.org 2013/10/23 05:40:58
-         [servconf.c]
-         fix comment
-
-commit 8f1873191478847773906af961c8984d02a49dd6
-Author: Damien Miller <djm@mindrot.org>
-Date:   Thu Oct 24 10:53:02 2013 +1100
-
-     - (djm) [auth-krb5.c] bz#2032 - use local username in krb5_kuserok check
-       rather than full client name which may be of form user@REALM;
-       patch from Miguel Sanders; ok dtucker@
-
-commit 5b01b0dcb417eb615df77e7ce1b59319bf04342c
-Author: Damien Miller <djm@mindrot.org>
-Date:   Wed Oct 23 16:31:31 2013 +1100
-
-       - djm@cvs.openbsd.org 2013/10/23 04:16:22
-         [ssh-keygen.c]
-         Make code match documentation: relative-specified certificate expiry time
-         should be relative to current time and not the validity start time.
-         Reported by Petr Lautrbach; ok deraadt@
-
-commit eff5cada589f25793dbe63a76aba9da39837a148
-Author: Damien Miller <djm@mindrot.org>
-Date:   Wed Oct 23 16:31:10 2013 +1100
-
-       - djm@cvs.openbsd.org 2013/10/23 03:05:19
-         [readconf.c ssh.c]
-         comment
-
-commit 084bcd24e9fe874020e4df4e073e7408e1b17fb7
-Author: Damien Miller <djm@mindrot.org>
-Date:   Wed Oct 23 16:30:51 2013 +1100
-
-       - djm@cvs.openbsd.org 2013/10/23 03:03:07
-         [readconf.c]
-         Hostname may have %h sequences that should be expanded prior to Match
-         evaluation; spotted by Iain Morgan
-
-commit 8e5a67f46916def40b2758bb7755350dd2eee843
-Author: Damien Miller <djm@mindrot.org>
-Date:   Wed Oct 23 16:30:25 2013 +1100
-
-       - jmc@cvs.openbsd.org 2013/10/20 18:00:13
-         [ssh_config.5]
-         tweak the "exec" description, as worded by djm;
-
-commit c0049bd0bca02890cd792babc594771c563f91f2
-Author: Damien Miller <djm@mindrot.org>
-Date:   Wed Oct 23 16:29:59 2013 +1100
-
-       - djm@cvs.openbsd.org 2013/10/20 09:51:26
-         [scp.1 sftp.1]
-         add canonicalisation options to -o lists
-
-commit 8a04be795fc28514a09e55a54b2e67968f2e1b3a
-Author: Damien Miller <djm@mindrot.org>
-Date:   Wed Oct 23 16:29:40 2013 +1100
-
-       - djm@cvs.openbsd.org 2013/10/20 06:19:28
-         [readconf.c ssh_config.5]
-         rename "command" subclause of the recently-added "Match" keyword to
-         "exec"; it's shorter, clearer in intent and we might want to add the
-         ability to match against the command being executed at the remote end in
-         the future.
-
-commit 5c86ebdf83b636b6741db4b03569ef4a53b89a58
-Author: Damien Miller <djm@mindrot.org>
-Date:   Wed Oct 23 16:29:12 2013 +1100
-
-       - djm@cvs.openbsd.org 2013/10/20 04:39:28
-         [ssh_config.5]
-         document % expansions performed by "Match command ..."
-
-commit 4502f88774edc56194707167443f94026d3c7cfa
-Author: Damien Miller <djm@mindrot.org>
-Date:   Fri Oct 18 10:17:36 2013 +1100
-
-       - djm@cvs.openbsd.org 2013/10/17 22:08:04
-         [sshd.c]
-         include remote port in bad banner message; bz#2162
-
-commit 1edcbf65ebd2febeaf10a836468f35e519eed7ca
-Author: Damien Miller <djm@mindrot.org>
-Date:   Fri Oct 18 10:17:17 2013 +1100
-
-       - jmc@cvs.openbsd.org 2013/10/17 07:35:48
-         [sftp.1 sftp.c]
-         tweak previous;
-
-commit a176e1823013dd8533a20235b3a5131f0626f46b
-Author: Damien Miller <djm@mindrot.org>
-Date:   Fri Oct 18 09:05:41 2013 +1100
-
-       - djm@cvs.openbsd.org 2013/10/09 23:44:14
-         [regress/Makefile regress/sftp-perm.sh]
-         regression test for sftp request white/blacklisting and readonly mode.
-
-commit e3ea09494dcfe7ba76536e95765c8328ecfc18fb
-Author: Damien Miller <djm@mindrot.org>
-Date:   Thu Oct 17 11:57:23 2013 +1100
-
-       - djm@cvs.openbsd.org 2013/10/17 00:46:49
-         [ssh.c]
-         rearrange check to reduce diff against -portable
-         (Id sync only)
-
-commit f29238e67471a7f1088a99c3c3dbafce76b790cf
-Author: Damien Miller <djm@mindrot.org>
-Date:   Thu Oct 17 11:48:52 2013 +1100
-
-       - djm@cvs.openbsd.org 2013/10/17 00:30:13
-         [PROTOCOL sftp-client.c sftp-client.h sftp-server.c sftp.1 sftp.c]
-         fsync@openssh.com protocol extension for sftp-server
-         client support to allow calling fsync() faster successful transfer
-         patch mostly by imorgan AT nas.nasa.gov; bz#1798
-         "fine" markus@ "grumble OK" deraadt@ "doesn't sound bad to me" millert@
-
-commit 51682faa599550a69d8120e5e2bdbdc0625ef4be
-Author: Damien Miller <djm@mindrot.org>
-Date:   Thu Oct 17 11:48:31 2013 +1100
-
-       - djm@cvs.openbsd.org 2013/10/16 22:58:01
-         [ssh.c ssh_config.5]
-         one I missed in previous: s/isation/ization/
-
-commit 3850559be93f1a442ae9ed370e8c389889dd5f72
-Author: Damien Miller <djm@mindrot.org>
-Date:   Thu Oct 17 11:48:13 2013 +1100
-
-       - djm@cvs.openbsd.org 2013/10/16 22:49:39
-         [readconf.c readconf.h ssh.1 ssh.c ssh_config.5]
-         s/canonicalise/canonicalize/ for consistency with existing spelling,
-         e.g. authorized_keys; pointed out by naddy@
-
-commit 607af3434b75acc7199a5d99d5a9c11068c01f27
-Author: Damien Miller <djm@mindrot.org>
-Date:   Thu Oct 17 11:47:51 2013 +1100
-
-       - jmc@cvs.openbsd.org 2013/10/16 06:42:25
-         [ssh_config.5]
-         tweak previous;
-
-commit 0faf747e2f77f0f7083bcd59cbed30c4b5448444
-Author: Damien Miller <djm@mindrot.org>
-Date:   Thu Oct 17 11:47:23 2013 +1100
-
-       - djm@cvs.openbsd.org 2013/10/16 02:31:47
-         [readconf.c readconf.h roaming_client.c ssh.1 ssh.c ssh_config.5]
-         [sshconnect.c sshconnect.h]
-         Implement client-side hostname canonicalisation to allow an explicit
-         search path of domain suffixes to use to convert unqualified host names
-         to fully-qualified ones for host key matching.
-         This is particularly useful for host certificates, which would otherwise
-         need to list unqualified names alongside fully-qualified ones (and this
-         causes a number of problems).
-         "looks fine" markus@
-
-commit d77b81f856e078714ec6b0f86f61c20249b7ead4
-Author: Damien Miller <djm@mindrot.org>
-Date:   Thu Oct 17 11:39:00 2013 +1100
-
-       - jmc@cvs.openbsd.org 2013/10/15 14:10:25
-         [ssh.1 ssh_config.5]
-         tweak previous;
-
-commit dcd39f29ce3308dc74a0ff27a9056205a932ce05
-Author: Damien Miller <djm@mindrot.org>
-Date:   Thu Oct 17 11:31:40 2013 +1100
-
-     - [ssh.c] g/c unused variable.
-
-commit 5359a628ce3763408da25d83271a8eddec597a0c
-Author: Damien Miller <djm@mindrot.org>
-Date:   Tue Oct 15 12:20:37 2013 +1100
-
-     - [ssh.c] g/c unused variable.
-
-commit 386feab0c4736b054585ee8ee372865d5cde8d69
-Author: Damien Miller <djm@mindrot.org>
-Date:   Tue Oct 15 12:14:49 2013 +1100
-
-       - djm@cvs.openbsd.org 2013/10/14 23:31:01
-         [ssh.c]
-         whitespace at EOL; pointed out by markus@
-
-commit e9fc72edd6c313b670558cd5219601c38a949b67
-Author: Damien Miller <djm@mindrot.org>
-Date:   Tue Oct 15 12:14:12 2013 +1100
-
-       - djm@cvs.openbsd.org 2013/10/14 23:28:23
-         [canohost.c misc.c misc.h readconf.c sftp-server.c ssh.c]
-         refactor client config code a little:
-         add multistate option partsing to readconf.c, similar to servconf.c's
-         existing code.
-         move checking of options that accept "none" as an argument to readconf.c
-         add a lowercase() function and use it instead of explicit tolower() in
-         loops
-         part of a larger diff that was ok markus@
-
-commit 194fd904d8597a274b93e075b2047afdf5a175d4
-Author: Damien Miller <djm@mindrot.org>
-Date:   Tue Oct 15 12:13:05 2013 +1100
-
-       - djm@cvs.openbsd.org 2013/10/14 22:22:05
-         [readconf.c readconf.h ssh-keysign.c ssh.c ssh_config.5]
-         add a "Match" keyword to ssh_config that allows matching on hostname,
-         user and result of arbitrary commands. "nice work" markus@
-
-commit 71df752de2a04f423b1cd18d961a79f4fbccbcee
-Author: Damien Miller <djm@mindrot.org>
-Date:   Tue Oct 15 12:12:02 2013 +1100
-
-       - djm@cvs.openbsd.org 2013/10/14 21:20:52
-         [session.c session.h]
-         Add logging of session starts in a useful format; ok markus@ feedback and
-         ok dtucker@
-
-commit 6efab27109b82820e8d32a5d811adb7bfc354f65
-Author: Damien Miller <djm@mindrot.org>
-Date:   Tue Oct 15 12:07:05 2013 +1100
-
-       - jmc@cvs.openbsd.org 2013/10/14 14:18:56
-         [sftp-server.8 sftp-server.c]
-         tweak previous;
-         ok djm
-
-commit 61c7de8a94156f6d7e9718ded9be8c65bb902b66
-Author: Damien Miller <djm@mindrot.org>
-Date:   Tue Oct 15 12:06:45 2013 +1100
-
-       - djm@cvs.openbsd.org 2013/10/11 02:53:45
-         [sftp-client.h]
-         obsolete comment
-
-commit 2f93d0556e4892208c9b072624caa8cc5ddd839d
-Author: Damien Miller <djm@mindrot.org>
-Date:   Tue Oct 15 12:06:27 2013 +1100
-
-       - djm@cvs.openbsd.org 2013/10/11 02:52:23
-         [sftp-client.c]
-         missed one arg reorder
-
-commit bda5c8445713ae592d969a5105ed1a65da22bc96
-Author: Damien Miller <djm@mindrot.org>
-Date:   Tue Oct 15 12:05:58 2013 +1100
-
-       - djm@cvs.openbsd.org 2013/10/11 02:45:36
-         [sftp-client.c]
-         rename flag arguments to be more clear and consistent.
-         reorder some internal function arguments to make adding additional flags
-         easier.
-         no functional change
-
-commit 61ee4d68ca0fcc793a826fc7ec70f3b8ffd12ab6
-Author: Damien Miller <djm@mindrot.org>
-Date:   Tue Oct 15 11:56:47 2013 +1100
-
-       - djm@cvs.openbsd.org 2013/10/10 01:43:03
-         [sshd.c]
-         bz#2139: fix re-exec fallback by ensuring that startup_pipe is correctly
-         updated; ok dtucker@
-
-commit 73600e51af9ee734a19767e0c084bbbc5eb5b8da
-Author: Damien Miller <djm@mindrot.org>
-Date:   Tue Oct 15 11:56:25 2013 +1100
-
-       - djm@cvs.openbsd.org 2013/10/10 00:53:25
-         [sftp-server.c]
-         add -Q, -P and -p to usage() before jmc@ catches me
-
-commit 6eaeebf27d92f39a38c772aa3f20c2250af2dd29
-Author: Damien Miller <djm@mindrot.org>
-Date:   Tue Oct 15 11:55:57 2013 +1100
-
-       - djm@cvs.openbsd.org 2013/10/09 23:42:17
-         [sftp-server.8 sftp-server.c]
-         Add ability to whitelist and/or blacklist sftp protocol requests by name.
-         Refactor dispatch loop and consolidate read-only mode checks.
-         Make global variables static, since sftp-server is linked into sshd(8).
-         ok dtucker@
-
-commit df62d71e64d29d1054e7a53d1a801075ef70335f
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Thu Oct 10 10:32:39 2013 +1100
-
-       - dtucker@cvs.openbsd.org 2013/10/08 11:42:13
-         [dh.c dh.h]
-         Increase the size of the Diffie-Hellman groups requested for a each
-         symmetric key size.  New values from NIST Special Publication 800-57 with
-         the upper limit specified by RFC4419.  Pointed out by Peter Backes, ok
-         djm@.
-
-commit e6e52f8c5dc89a6767702e65bb595aaf7bc8991c
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Thu Oct 10 10:28:07 2013 +1100
-
-       - djm@cvs.openbsd.org 2013/09/19 01:26:29
-         [sshconnect.c]
-         bz#1211: make BindAddress work with UsePrivilegedPort=yes; patch from
-         swp AT swp.pp.ru; ok dtucker@
-
-commit 71152bc9911bc34a98810b2398dac20df3fe8de3
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Thu Oct 10 10:27:21 2013 +1100
-
-       - djm@cvs.openbsd.org 2013/09/19 01:24:46
-         [channels.c]
-         bz#1297 - tell the client (via packet_send_debug) when their preferred
-         listen address has been overridden by the server's GatewayPorts;
-         ok dtucker@
-
-commit b59aaf3c4f3f449a4b86d8528668bd979be9aa5f
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Thu Oct 10 10:26:21 2013 +1100
-
-       - djm@cvs.openbsd.org 2013/09/19 00:49:12
-         [sftp-client.c]
-         fix swapped pflag and printflag in sftp upload_dir; from Iain Morgan
-
-commit 5d80e4522d6238bdefe9d0c634f0e6d35a241e41
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Thu Oct 10 10:25:09 2013 +1100
-
-       - djm@cvs.openbsd.org 2013/09/19 00:24:52
-         [progressmeter.c]
-         store the initial file offset so the progress meter doesn't freak out
-         when resuming sftp transfers. bz#2137; patch from Iain Morgan; ok dtucker@
-
-commit ad92df7e5ed26fea85adfb3f95352d6cd8e86344
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Thu Oct 10 10:24:11 2013 +1100
-
-       - sthen@cvs.openbsd.org 2013/09/16 11:35:43
-         [ssh_config]
-         Remove gssapi config parts from ssh_config, as was already done for
-         sshd_config.  Req by/ok ajacoutot@
-         ID SYNC ONLY for portable; kerberos/gssapi is still pretty popular
-
-commit 720711960b130d36dfdd3d50eb25ef482bdd000e
-Author: Damien Miller <djm@mindrot.org>
-Date:   Wed Oct 9 10:44:47 2013 +1100
-
-     - (djm) [openbsd-compat/Makefile.in openbsd-compat/arc4random.c]
-       [openbsd-compat/bsd-arc4random.c] Replace old RC4-based arc4random
-       implementation with recent OpenBSD's ChaCha-based PRNG. ok dtucker@,
-       tested tim@
-
-commit 9159310087a218e28940a592896808b8eb76a039
-Author: Damien Miller <djm@mindrot.org>
-Date:   Wed Oct 9 10:42:32 2013 +1100
-
-     - (djm) [openbsd-compat/arc4random.c openbsd-compat/chacha_private.h] Pull
-       in OpenBSD implementation of arc4random, shortly to replace the existing
-       bsd-arc4random.c
-
-commit 67f1d557a68d6fa8966a327d7b6dee3408cf0e72
-Author: Damien Miller <djm@mindrot.org>
-Date:   Wed Oct 9 09:33:08 2013 +1100
-
-    correct incorrect years in datestamps; from des
-
-commit f2bf36c3eb4d969f85ec8aa342e9aecb61cc8bb1
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Sun Sep 22 19:02:40 2013 +1000
-
-     - (dtucker) [platform.c platform.h sshd.c] bz#2156: restore Linux oom_adj
-       setting when handling SIGHUP to maintain behaviour over retart.  Patch
-       from Matthew Ife.
-
-commit e90a06ae570fd259a2f5ced873c7f17390f535a5
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Wed Sep 18 15:09:38 2013 +1000
-
-     - (dtucker) [sshd_config] Trailing whitespace; from jstjohn at purdue edu.
-
-commit 13840e0103946982cee2a05c40697be7e57dca41
-Author: Damien Miller <djm@mindrot.org>
-Date:   Sat Sep 14 09:49:43 2013 +1000
-
-       - djm@cvs.openbsd.org 2013/09/13 06:54:34
-         [channels.c]
-         avoid unaligned access in code that reused a buffer to send a
-         struct in_addr in a reply; simpler just use use buffer_put_int();
-         from portable; spotted by and ok dtucker@
-
-commit 70182522a47d283513a010338cd028cb80dac2ab
-Author: Damien Miller <djm@mindrot.org>
-Date:   Sat Sep 14 09:49:19 2013 +1000
-
-       - djm@cvs.openbsd.org 2013/09/12 01:41:12
-         [clientloop.c]
-         fix connection crash when sending break (~B) on ControlPersist'd session;
-         ok dtucker@
-
-commit ff9d6c2a4171ee32e8fe28fc3b86eb33bd5c845b
-Author: Damien Miller <djm@mindrot.org>
-Date:   Sat Sep 14 09:48:55 2013 +1000
-
-       - sthen@cvs.openbsd.org 2013/09/07 13:53:11
-         [sshd_config]
-         Remove commented-out kerberos/gssapi config options from sample config,
-         kerberos support is currently not enabled in ssh in OpenBSD. Discussed with
-         various people; ok deraadt@
-         ID SYNC ONLY for portable; kerberos/gssapi is still pretty popular
-
-commit 8bab5e7b5ff6721d926b5ebf05a3a24489889c58
-Author: Damien Miller <djm@mindrot.org>
-Date:   Sat Sep 14 09:47:00 2013 +1000
-
-       - deraadt@cvs.openbsd.org 2013/09/02 22:00:34
-         [ssh-keygen.c sshconnect1.c sshd.c]
-         All the instances of arc4random_stir() are bogus, since arc4random()
-         does this itself, inside itself, and has for a very long time..  Actually,
-         this was probably reducing the entropy available.
-         ok djm
-         ID SYNC ONLY for portable; we don't trust other arc4random implementations
-         to do this right.
-
-commit 61353b3208d548fab863e0e0ac5d2400ee5bb340
-Author: Damien Miller <djm@mindrot.org>
-Date:   Sat Sep 14 09:45:32 2013 +1000
-
-       - djm@cvs.openbsd.org 2013/08/31 00:13:54
-         [sftp.c]
-         make ^w match ksh behaviour (delete previous word instead of entire line)
-
-commit 660854859cad31d234edb9353fb7ca2780df8128
-Author: Damien Miller <djm@mindrot.org>
-Date:   Sat Sep 14 09:45:03 2013 +1000
-
-       - mikeb@cvs.openbsd.org 2013/08/28 12:34:27
-         [ssh-keygen.c]
-         improve batch processing a bit by making use of the quite flag a bit
-         more often and exit with a non zero code if asked to find a hostname
-         in a known_hosts file and it wasn't there;
-         originally from reyk@,  ok djm
-
-commit 045bda5cb8acf0eb9d71c275ee1247e3154fc9e5
-Author: Damien Miller <djm@mindrot.org>
-Date:   Sat Sep 14 09:44:37 2013 +1000
-
-       - djm@cvs.openbsd.org 2013/08/22 19:02:21
-         [sshd.c]
-         Stir PRNG after post-accept fork. The child gets a different PRNG state
-         anyway via rexec and explicit privsep reseeds, but it's good to be sure.
-         ok markus@
-
-commit ed4af412da60a084891b20412433a27966613fb8
-Author: Damien Miller <djm@mindrot.org>
-Date:   Sat Sep 14 09:40:51 2013 +1000
-
-    add marker for 6.3p1 release at the point of the last included change
-
-commit 43968a8e66a0aa1afefb11665bf96f86b113f5d9
-Author: Damien Miller <djm@mindrot.org>
-Date:   Wed Aug 28 14:00:54 2013 +1000
-
-     - (djm) [openbsd-compat/bsd-snprintf.c] #ifdef noytet for intmax_t bits
-       until we have configure support.
-
-commit 04be8b9e53f8388c94b531ebc5d1bd6e10e930d1
-Author: Damien Miller <djm@mindrot.org>
-Date:   Wed Aug 28 12:49:43 2013 +1000
-
-     - (djm) [openbsd-compat/bsd-snprintf.c] teach our local snprintf code the
-       'j' (intmax_t/uintmax_t) and 'z' (size_t/ssize_t) conversions in case we
-       start to use them in the future.
-
-commit f2f6c315a920a256937e1b6a3702757f3195a592
-Author: Damien Miller <djm@mindrot.org>
-Date:   Wed Aug 21 02:44:58 2013 +1000
-
-       - jmc@cvs.openbsd.org 2013/08/20 06:56:07
-         [ssh.1 ssh_config.5]
-         some proxyusefdpass tweaks;
-
-commit 1262b6638f7d01ab110fd373dd90d915c882fe1a
-Author: Damien Miller <djm@mindrot.org>
-Date:   Wed Aug 21 02:44:24 2013 +1000
-
-       - djm@cvs.openbsd.org 2013/08/20 00:11:38
-         [readconf.c readconf.h ssh_config.5 sshconnect.c]
-         Add a ssh_config ProxyUseFDPass option that supports the use of
-         ProxyCommands that establish a connection and then pass a connected
-         file descriptor back to ssh(1). This allows the ProxyCommand to exit
-         rather than have to shuffle data back and forth and enables ssh to use
-         getpeername, etc. to obtain address information just like it does with
-         regular directly-connected sockets. ok markus@
-
-commit b7727df37efde4dbe4f5a33b19cbf42022aabf66
-Author: Damien Miller <djm@mindrot.org>
-Date:   Wed Aug 21 02:43:49 2013 +1000
-
-       - jmc@cvs.openbsd.org 2013/08/14 08:39:27
-         [scp.1 ssh.1]
-         some Bx/Ox conversion;
-         From: Jan Stary
-
-commit d5d9d7b1fdacf0551de4c747728bd159be40590a
-Author: Damien Miller <djm@mindrot.org>
-Date:   Wed Aug 21 02:43:27 2013 +1000
-
-       - djm@cvs.openbsd.org 2013/08/13 18:33:08
-         [ssh-keygen.c]
-         another of the same typo
-
-commit d234afb0b3a8de1be78cbeafed5fc86912594c3c
-Author: Damien Miller <djm@mindrot.org>
-Date:   Wed Aug 21 02:42:58 2013 +1000
-
-       - djm@cvs.openbsd.org 2013/08/13 18:32:08
-         [ssh-keygen.c]
-         typo in error message; from Stephan Rickauer
-
-commit e0ee727b8281a7c2ae20630ce83f6b200b404059
-Author: Damien Miller <djm@mindrot.org>
-Date:   Wed Aug 21 02:42:35 2013 +1000
-
-       - djm@cvs.openbsd.org 2013/08/09 03:56:42
-         [sftp.c]
-         enable ctrl-left-arrow and ctrl-right-arrow to move forward/back a word;
-         matching ksh's relatively recent change.
-
-commit fec029f1dc2c338f3fae3fa82aabc988dc07868c
-Author: Damien Miller <djm@mindrot.org>
-Date:   Wed Aug 21 02:42:12 2013 +1000
-
-       - djm@cvs.openbsd.org 2013/08/09 03:39:13
-         [sftp-client.c]
-         two problems found by a to-be-committed regress test: 1) msg_id was not
-         being initialised so was starting at a random value from the heap
-         (harmless, but confusing). 2) some error conditions were not being
-         propagated back to the caller
-
-commit 036d30743fc914089f9849ca52d615891d47e616
-Author: Damien Miller <djm@mindrot.org>
-Date:   Wed Aug 21 02:41:46 2013 +1000
-
-       - djm@cvs.openbsd.org 2013/08/09 03:37:25
-         [sftp.c]
-         do getopt parsing for all sftp commands (with an empty optstring for
-         commands without arguments) to ensure consistent behaviour
-
-commit c7dba12bf95eb1d69711881a153cc286c1987663
-Author: Damien Miller <djm@mindrot.org>
-Date:   Wed Aug 21 02:41:15 2013 +1000
-
-       - djm@cvs.openbsd.org 2013/08/08 05:04:03
-         [sftp-client.c sftp-client.h sftp.c]
-         add a "-l" flag for the rename command to force it to use the silly
-         standard SSH_FXP_RENAME command instead of the POSIX-rename- like
-         posix-rename@openssh.com extension.
-    
-         intended for use in regress tests, so no documentation.
-
-commit 034f27a0c09e69fe3589045b41f03f6e345b63f5
-Author: Damien Miller <djm@mindrot.org>
-Date:   Wed Aug 21 02:40:44 2013 +1000
-
-       - djm@cvs.openbsd.org 2013/08/08 04:52:04
-         [sftp.c]
-         fix two year old regression: symlinking a file would incorrectly
-         canonicalise the target path. bz#2129 report from delphij AT freebsd.org
-
-commit c6895c5c67492144dd28589e5788f783be9152ed
-Author: Damien Miller <djm@mindrot.org>
-Date:   Wed Aug 21 02:40:21 2013 +1000
-
-       - jmc@cvs.openbsd.org 2013/08/07 06:24:51
-         [sftp.1 sftp.c]
-         sort -a;
-
-commit a6d6c1f38ac9b4a5e1bd4df889e1020a8370ed55
-Author: Damien Miller <djm@mindrot.org>
-Date:   Wed Aug 21 02:40:01 2013 +1000
-
-       - djm@cvs.openbsd.org 2013/08/06 23:06:01
-         [servconf.c]
-         add cast to avoid format warning; from portable
-
-commit eec840673bce3f69ad269672fba7ed8ff05f154f
-Author: Damien Miller <djm@mindrot.org>
-Date:   Wed Aug 21 02:39:39 2013 +1000
-
-       - djm@cvs.openbsd.org 2013/08/06 23:05:01
-         [sftp.1]
-         document top-level -a option (the -a option to 'get' was already
-         documented)
-
-commit 02e878070d0eddad4e11f2c82644b275418eb112
-Author: Damien Miller <djm@mindrot.org>
-Date:   Wed Aug 21 02:38:51 2013 +1000
-
-       - djm@cvs.openbsd.org 2013/08/06 23:03:49
-         [sftp.c]
-         fix some whitespace at EOL
-         make list of commands an enum rather than a long list of defines
-         add -a to usage()
-
-commit acd2060f750c16d48b87b92a10b5a833227baf9d
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Thu Aug 8 17:02:12 2013 +1000
-
-     - (dtucker) [regress/Makefile regress/test-exec.sh] Roll back the -nt
-       removal.  The "make clean" removes modpipe which is built by the top-level
-       directory before running the tests.  Spotted by tim@
-
-commit 9542de4547beebf707f3640082d471f1a85534c9
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Thu Aug 8 12:50:06 2013 +1000
-
-     - (dtucker) [misc.c] Remove define added for fallback testing that was
-       mistakenly included in the previous commit.
-
-commit 94396b7f06f512a0acb230640d7f703fb802a9ee
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Thu Aug 8 11:52:37 2013 +1000
-
-     - (dtucker) [misc.c] Fall back to time(2) at runtime if clock_gettime(
-       CLOCK_MONOTONIC...) fails.  Some older versions of RHEL have the
-       CLOCK_MONOTONIC define but don't actually support it.  Found and tested
-       by Kevin Brott, ok djm.
-
-commit a5a3cbfa0fb8ef011d3e7b38910a13f6ebbb8818
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Thu Aug 8 10:58:49 2013 +1000
-
-     - (dtucker) [regress/Makefile regress/test-exec.sh] Don't try to use test -nt
-       since some platforms (eg really old FreeBSD) don't have it.  Instead,
-       run "make clean" before a complete regress run.  ok djm.
-
-commit f3ab2c5f9cf4aed44971eded3ac9eeb1344b2be5
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Sun Aug 4 21:48:41 2013 +1000
-
-     - (dtucker) [auth-krb5.c configure.ac openbsd-compat/bsd-misc.h] Add support
-       for building with older Heimdal versions.  ok djm.
-
-commit ab3575c055adfbce70fa7405345cf0f80b07c827
-Author: Damien Miller <djm@mindrot.org>
-Date:   Thu Aug 1 14:34:16 2013 +1000
-
-     - (djm) [sshlogin.h] Fix prototype merge botch from 2006; bz#2134
-
-commit c192a4c4f6da907dc0e67a3ca61d806f9a92c931
-Author: Damien Miller <djm@mindrot.org>
-Date:   Thu Aug 1 14:29:20 2013 +1000
-
-     - (djm) [channels.c channels.h] bz#2135: On Solaris, isatty() on a non-
-       blocking connecting socket will clear any stored errno that might
-       otherwise have been retrievable via getsockopt(). A hack to limit writes
-       to TTYs on AIX was triggering this. Since only AIX needs the hack, wrap
-       it in an #ifdef. Diagnosis and patch from Ivo Raisr.
-
-commit 81f7cf1ec5bc2fd202eda05abc2e5361c54633c5
-Author: Tim Rice <tim@multitalents.net>
-Date:   Thu Jul 25 18:41:40 2013 -0700
-
-    more correct comment for last commit
-
-commit 0553ad76ffdff35fb31b9e6df935a71a1cc6daa2
-Author: Tim Rice <tim@multitalents.net>
-Date:   Thu Jul 25 16:03:16 2013 -0700
-
-     - (tim) [regress/forwarding.sh] Fix for building outside read only source tree.
-
-commit ed899eb597a8901ff7322cba809660515ec0d601
-Author: Tim Rice <tim@multitalents.net>
-Date:   Thu Jul 25 15:40:00 2013 -0700
-
-     - (tim) [sftp-client.c] Use of a gcc extension trips up native compilers on
-       Solaris and UnixWare. Feedback and OK djm@
-
-commit e9e936d33b4b1d77ffbaace9438cb2f1469c1dc7
-Author: Damien Miller <djm@mindrot.org>
-Date:   Thu Jul 25 12:34:00 2013 +1000
-
-     - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
-        [contrib/suse/openssh.spec] Update version numbers
-
-commit d1e26cf391de31128b4edde118bff5fed98a90ea
-Author: Damien Miller <djm@mindrot.org>
-Date:   Thu Jul 25 12:11:18 2013 +1000
-
-       - djm@cvs.openbsd.org 2013/06/21 02:26:26
-         [regress/sftp-cmds.sh regress/test-exec.sh]
-         unbreak sftp-cmds for renamed test data (s/ls/data/)
-
-commit 78d47b7c5b182e44552913de2b4b7e0363c8e3cc
-Author: Damien Miller <djm@mindrot.org>
-Date:   Thu Jul 25 12:08:46 2013 +1000
-
-       - dtucker@cvs.openbsd.org 2013/06/10 21:56:43
-         [regress/forwarding.sh]
-         Add test for forward config parsing
-
-commit fea440639e04cea9f2605375a41d654390369402
-Author: Damien Miller <djm@mindrot.org>
-Date:   Thu Jul 25 12:08:07 2013 +1000
-
-       - dtucker@cvs.openbsd.org 2013/05/30 20:12:32
-         [regress/test-exec.sh]
-         use ssh and sshd as testdata since it needs to be >256k for the rekey test
-
-commit 53435b2d8773a5d7c78359e9f7bf9df2d93b9ef5
-Author: Damien Miller <djm@mindrot.org>
-Date:   Thu Jul 25 11:57:15 2013 +1000
-
-       - djm@cvs.openbsd.org 2013/07/25 00:57:37
-         [version.h]
-         openssh-6.3 for release
-
-commit 0d032419ee6e1968fc1cb187af63bf3b77b506ea
-Author: Damien Miller <djm@mindrot.org>
-Date:   Thu Jul 25 11:56:52 2013 +1000
-
-       - djm@cvs.openbsd.org 2013/07/25 00:56:52
-         [sftp-client.c sftp-client.h sftp.1 sftp.c]
-         sftp support for resuming partial downloads; patch mostly by Loganaden
-         Velvindron/AfriNIC with some tweaks by me; feedback and ok dtucker@
-
-commit 98e27dcf581647b5bbe9780e8f59685d942d8ea3
-Author: Damien Miller <djm@mindrot.org>
-Date:   Thu Jul 25 11:55:52 2013 +1000
-
-       - djm@cvs.openbsd.org 2013/07/25 00:29:10
-         [ssh.c]
-         daemonise backgrounded (ControlPersist'ed) multiplexing master to ensure
-         it is fully detached from its controlling terminal. based on debugging
-
-commit 94c9cd34d1590ea1d4bf76919a15b5688fa90ed1
-Author: Damien Miller <djm@mindrot.org>
-Date:   Thu Jul 25 11:55:39 2013 +1000
-
-       - djm@cvs.openbsd.org 2013/07/22 12:20:02
-         [umac.h]
-         oops, forgot to commit corresponding header change;
-         spotted by jsg and jasper
-
-commit c331dbd22297ab9bf351abee659893d139c9f28a
-Author: Damien Miller <djm@mindrot.org>
-Date:   Thu Jul 25 11:55:20 2013 +1000
-
-       - djm@cvs.openbsd.org 2013/07/22 05:00:17
-         [umac.c]
-         make MAC key, data to be hashed and nonce for final hash const;
-         checked with -Wcast-qual
-
-commit c8669a8cd24952b3f16a44eac63d2b6ce8a6343a
-Author: Damien Miller <djm@mindrot.org>
-Date:   Thu Jul 25 11:52:48 2013 +1000
-
-       - djm@cvs.openbsd.org 2013/07/20 22:20:42
-         [krl.c]
-         fix verification error in (as-yet usused) KRL signature checking path
-
-commit 63ddc899d28cf60045b560891894b9fbf6f822e9
-Author: Damien Miller <djm@mindrot.org>
-Date:   Sat Jul 20 13:35:45 2013 +1000
-
-       - djm@cvs.openbsd.org 2013/07/20 01:55:13
-         [auth-krb5.c gss-serv-krb5.c gss-serv.c]
-         fix kerberos/GSSAPI deprecation warnings and linking; "looks okay" millert@
-
-commit 1f0e86f23fcebb026371c0888402a981df2a61c4
-Author: Damien Miller <djm@mindrot.org>
-Date:   Sat Jul 20 13:22:49 2013 +1000
-
-       - djm@cvs.openbsd.org 2013/07/20 01:50:20
-         [ssh-agent.c]
-         call cleanup_handler on SIGINT when in debug mode to ensure sockets
-         are cleaned up on manual exit; bz#2120
-
-commit 3009d3cbb89316b1294fb5cedb54770b5d114d04
-Author: Damien Miller <djm@mindrot.org>
-Date:   Sat Jul 20 13:22:31 2013 +1000
-
-       - djm@cvs.openbsd.org 2013/07/20 01:44:37
-         [ssh-keygen.c ssh.c]
-         More useful error message on missing current user in /etc/passwd
-
-commit 32ecfa0f7920db31471ca8c1f4adc20ae38ed9d6
-Author: Damien Miller <djm@mindrot.org>
-Date:   Sat Jul 20 13:22:13 2013 +1000
-
-       - djm@cvs.openbsd.org 2013/07/20 01:43:46
-         [umac.c]
-         use a union to ensure correct alignment; ok deraadt
-
-commit 85b45e09188e7a7fc8f0a900a4c6a0f04a5720a7
-Author: Damien Miller <djm@mindrot.org>
-Date:   Sat Jul 20 13:21:52 2013 +1000
-
-       - markus@cvs.openbsd.org 2013/07/19 07:37:48
-         [auth.h kex.h kexdhs.c kexecdhs.c kexgexs.c monitor.c servconf.c]
-         [servconf.h session.c sshd.c sshd_config.5]
-         add ssh-agent(1) support to sshd(8); allows encrypted hostkeys,
-         or hostkeys on smartcards; most of the work by Zev Weiss; bz #1974
-         ok djm@
-
-commit d93340cbb6bc0fc0dbd4427e0cec6d994a494dd9
-Author: Damien Miller <djm@mindrot.org>
-Date:   Thu Jul 18 16:14:34 2013 +1000
-
-       - djm@cvs.openbsd.org 2013/07/18 01:12:26
-         [ssh.1]
-         be more exact wrt perms for ~/.ssh/config; bz#2078
-
-commit bf836e535dc3a8050c1756423539bac127ee5098
-Author: Damien Miller <djm@mindrot.org>
-Date:   Thu Jul 18 16:14:13 2013 +1000
-
-       - schwarze@cvs.openbsd.org 2013/07/16 00:07:52
-         [scp.1 sftp-server.8 ssh-keyscan.1 ssh-keysign.8 ssh-pkcs11-helper.8]
-         use .Mt for email addresses; from Jan Stary <hans at stare dot cz>; ok jmc@
-
-commit 649fe025a409d0ce88c60a068f3f211193c35873
-Author: Damien Miller <djm@mindrot.org>
-Date:   Thu Jul 18 16:13:55 2013 +1000
-
-       - djm@cvs.openbsd.org 2013/07/12 05:48:55
-         [ssh.c]
-         set TCP nodelay for connections started with -N; bz#2124 ok dtucker@
-
-commit 5bb8833e809d827496dffca0dc2c223052c93931
-Author: Damien Miller <djm@mindrot.org>
-Date:   Thu Jul 18 16:13:37 2013 +1000
-
-       - djm@cvs.openbsd.org 2013/07/12 05:42:03
-         [ssh-keygen.c]
-         do_print_resource_record() can never be called with a NULL filename, so
-         don't attempt (and bungle) asking for one if it has not been specified
-         bz#2127 ok dtucker@
-
-commit 7313fc9222785d0c54a7ffcaf2067f4db02c8d72
-Author: Damien Miller <djm@mindrot.org>
-Date:   Thu Jul 18 16:13:19 2013 +1000
-
-       - djm@cvs.openbsd.org 2013/07/12 00:43:50
-         [misc.c]
-         in ssh_gai_strerror() don't fallback to strerror for EAI_SYSTEM when
-         errno == 0. Avoids confusing error message in some broken resolver
-         cases. bz#2122 patch from plautrba AT redhat.com; ok dtucker
-
-commit 746d1a6c524d2e90ebe98cc29e42573a3e1c3c1b
-Author: Damien Miller <djm@mindrot.org>
-Date:   Thu Jul 18 16:13:02 2013 +1000
-
-       - djm@cvs.openbsd.org 2013/07/12 00:20:00
-         [sftp.c ssh-keygen.c ssh-pkcs11.c]
-         fix pointer-signedness warnings from clang/llvm-3.3; "seems nice" deraadt@
-
-commit ce98654674648fb7d58f73edf6aa398656a2dba4
-Author: Damien Miller <djm@mindrot.org>
-Date:   Thu Jul 18 16:12:44 2013 +1000
-
-       - djm@cvs.openbsd.org 2013/07/12 00:19:59
-         [auth-options.c auth-rsa.c bufaux.c buffer.h channels.c hostfile.c]
-         [hostfile.h mux.c packet.c packet.h roaming_common.c serverloop.c]
-         fix pointer-signedness warnings from clang/llvm-3.3; "seems nice" deraadt@
-
-commit 0d02c3e10e1ed16d6396748375a133d348127a2a
-Author: Damien Miller <djm@mindrot.org>
-Date:   Thu Jul 18 16:12:06 2013 +1000
-
-       - markus@cvs.openbsd.org 2013/07/02 12:31:43
-         [dh.c]
-         remove extra whitespace
-
-commit fecfd118d6c90df4fcd3cec7b14e4d3ce69a41d5
-Author: Damien Miller <djm@mindrot.org>
-Date:   Thu Jul 18 16:11:50 2013 +1000
-
-       - jmc@cvs.openbsd.org 2013/06/27 14:05:37
-         [ssh-keygen.1 ssh.1 ssh_config.5 sshd.8 sshd_config.5]
-         do not use Sx for sections outwith the man page - ingo informs me that
-         stuff like html will render with broken links;
-    
-         issue reported by Eric S. Raymond, via djm
-
-commit bc35d92e78fd53c3f32cbdbdf89d8b1919788c50
-Author: Damien Miller <djm@mindrot.org>
-Date:   Thu Jul 18 16:11:25 2013 +1000
-
-       - djm@cvs.openbsd.org 2013/06/22 06:31:57
-         [scp.c]
-         improved time_t overflow check suggested by guenther@
-
-commit 8158441d01ab84f33a7e70e27f87c02cbf67e709
-Author: Damien Miller <djm@mindrot.org>
-Date:   Thu Jul 18 16:11:07 2013 +1000
-
-       - djm@cvs.openbsd.org 2013/06/21 05:43:10
-         [scp.c]
-         make this -Wsign-compare clean after time_t conversion
-
-commit bbeb1dac550bad8e6aff9bd27113c6bd5ebb7413
-Author: Damien Miller <djm@mindrot.org>
-Date:   Thu Jul 18 16:10:49 2013 +1000
-
-       - djm@cvs.openbsd.org 2013/06/21 05:42:32
-         [dh.c]
-         sprinkle in some error() to explain moduli(5) parse failures
-
-commit 7f2b438ca0b7c3b9684a03d7bf3eaf379da16de9
-Author: Damien Miller <djm@mindrot.org>
-Date:   Thu Jul 18 16:10:29 2013 +1000
-
-       - djm@cvs.openbsd.org 2013/06/21 00:37:49
-         [ssh_config.5]
-         explicitly mention that IdentitiesOnly can be used with IdentityFile
-         to control which keys are offered from an agent.
-
-commit 20bdcd72365e8b3d51261993928cc47c5f0d7c8a
-Author: Damien Miller <djm@mindrot.org>
-Date:   Thu Jul 18 16:10:09 2013 +1000
-
-       - djm@cvs.openbsd.org 2013/06/21 00:34:49
-         [auth-rsa.c auth.h auth2-hostbased.c auth2-pubkey.c monitor.c]
-         for hostbased authentication, print the client host and user on
-         the auth success/failure line; bz#2064, ok dtucker@
-
-commit 3071070b39e6d1722151c754cdc2b26640eaf45e
-Author: Damien Miller <djm@mindrot.org>
-Date:   Thu Jul 18 16:09:44 2013 +1000
-
-       - markus@cvs.openbsd.org 2013/06/20 19:15:06
-         [krl.c]
-         don't leak the rdata blob on errors; ok djm@
-
-commit 044bd2a7ddb0b6f6b716c87e57261572e2b89028
-Author: Damien Miller <djm@mindrot.org>
-Date:   Thu Jul 18 16:09:25 2013 +1000
-
-       - guenther@cvs.openbsd.org 2013/06/17 04:48:42
-         [scp.c]
-         Handle time_t values as long long's when formatting them and when
-         parsing them from remote servers.
-         Improve error checking in parsing of 'T' lines.
-    
-         ok dtucker@ deraadt@
-
-commit 9a6615542108118582f64b7161ca0e12176e3712
-Author: Damien Miller <djm@mindrot.org>
-Date:   Thu Jul 18 16:09:04 2013 +1000
-
-       - dtucker@cvs.openbsd.org 2013/06/10 19:19:44
-         [readconf.c]
-         revert 1.203 while we investigate crashes reported by okan@
-
-commit b7482cff46e7e76bfb3cda86c365a08f58d4fca0
-Author: Darren Tucker <dtucker@zip.com.au>
-Date:   Tue Jul 2 20:06:46 2013 +1000
-
-     - (dtucker) [contrib/cygwin/README contrib/cygwin/ssh-host-config
-       contrib/cygwin/ssh-user-config] Modernizes and improve readability of
-       the Cygwin README file (which hasn't been updated for ages), drop
-       unsupported OSes from the ssh-host-config help text, and drop an
-       unneeded option from ssh-user-config.  Patch from vinschen at redhat com.
diff --git a/crypto/openssh/FREEBSD-upgrade b/crypto/openssh/FREEBSD-upgrade
index 11f9bda..8116235 100644
--- a/crypto/openssh/FREEBSD-upgrade
+++ b/crypto/openssh/FREEBSD-upgrade
@@ -1,5 +1,4 @@
 
-
 	    FreeBSD maintainer's guide to OpenSSH-portable
 	    ==============================================
 
@@ -34,10 +33,11 @@
 07) Tag:
 
     $ svn copy -m "Tag OpenSSH X.YpZ." \
-        svn+ssh://svn.freebsd.org/base/vendor-crypto/openssh/dist \
-        svn+ssh://svn.freebsd.org/base/vendor-crypto/openssh/X.YpZ
+	svn+ssh://svn.freebsd.org/base/vendor-crypto/openssh/dist \
+	svn+ssh://svn.freebsd.org/base/vendor-crypto/openssh/X.YpZ
 
-08) Check out head and run the pre-merge script:
+08) Check out head and run the pre-merge script, which strips our RCS
+    tags from files that have them:
 
     $ svn co svn+ssh://svn.freebsd.org/base/head
     $ cd head/crypto/openssh
@@ -53,14 +53,16 @@
 
 0B) Diff against the vendor branch:
 
-    $ svn diff \^/vendor-crypto/openssh/dist .
+    $ svn diff --no-diff-deleted --no-diff-added \
+	--ignore-properties \^/vendor-crypto/openssh/X.YpZ .
 
     Files that have modifications relative to the vendor code, and
     only those files, must have the svn:keywords property set to
     FreeBSD=%H and be listed in the 'keywords' file created by the
     pre-merge script.
 
-0C) Run the post-merge script:
+0C) Run the post-merge script, which re-adds RCS tags to files that
+    need them:
 
     $ sh freebsd-post-merge.sh
 
@@ -68,7 +70,7 @@
 
     $ sh freebsd-configure.sh
 
-0E) Check config.h very carefully.
+0E) Review changes to config.h very carefully.
 
 0F) If source files have been added or removed, update the appropriate
     makefiles to reflect changes in the vendor's Makefile.in.
@@ -92,8 +94,6 @@
 	  An overview of FreeBSD changes to OpenSSH-portable
 	  ==================================================
 
-XXX This section is out of date
-
 0) VersionAddendum
 
    The SSH protocol allows for a human-readable version string of up
@@ -103,26 +103,28 @@ XXX This section is out of date
    is vulnerable when an OpenSSH advisory goes out.  Some people,
    however, dislike advertising their patch level in the protocol
    handshake, so we've added a VersionAddendum configuration variable
-   to allow them to change or disable it.
+   to allow them to change or disable it.  Upstream added support for
+   VersionAddendum on the server side, but we also support it on the
+   client side.
 
 1) Modified server-side defaults
 
    We've modified some configuration defaults in sshd:
 
-      - PasswordAuthentication defaults to "no".
-
-      - LoginGraceTime defaults to 120 seconds instead of 600.
-
+      - UsePAM defaults to "yes".
       - PermitRootLogin defaults to "no".
-
-      - X11Forwarding defaults to "yes" (it's a threat to the client,
-        not to the server.)
+      - X11Forwarding defaults to "yes".
+      - PasswordAuthentication defaults to "no".
+      - VersionAddendum defaults to "FreeBSD-YYYYMMDD".
+      - PrivilegeSeparation defaults to "sandbox".
 
 2) Modified client-side defaults
 
    We've modified some configuration defaults in ssh:
 
       - CheckHostIP defaults to "no".
+      - VerifyHostKeyDNS defaults to "yes" if built with LDNS.
+      - VersionAddendum defaults to "FreeBSD-YYYYMMDD".
 
 3) Canonic host names
 
@@ -135,6 +137,34 @@ XXX This section is out of date
    Our setusercontext(3) can set environment variables, which we must
    take care to transfer to the child's environment.
 
+5) TCP wrappers
+
+   Support for TCP wrappers was removed in upstream 6.7p1.  We've
+   added it back by porting the 6.6p1 code forward.
+
+6) DSA keys
+
+   DSA keys were disabled by default in upstream 6.9p1.  We've added
+   them back.
+
+7) Agent client reference counting
+
+   We've added code to ssh-agent.c to implement client reference
+   counting; the agent will automatically exit when the last client
+   disconnects.
+
+8) Class-based login restrictions
+
+   We've added code to auth2.c to enforce the host.allow, host.deny,
+   times.allow and times.deny login class capabilities.
+
+9) HPN
+
+   We no longer have the HPN patches (adaptive buffer size for
+   increased throughput on high-BxD links), but we recognize and
+   ignore HPN-related configuration options to avoid breaking existing
+   configurations.
+
 
 
 This port was brought to you by (in no particular order) DARPA, NAI
diff --git a/crypto/openssh/OVERVIEW b/crypto/openssh/OVERVIEW
index 2e1cc0b..fde72c8 100644
--- a/crypto/openssh/OVERVIEW
+++ b/crypto/openssh/OVERVIEW
@@ -65,8 +65,8 @@ these programs.
       packets.  CRC code comes from crc32.c.
 
     - The code in packet.c calls the buffer manipulation routines
-      (buffer.c, bufaux.c), compression routines (compress.c, zlib),
-      and the encryption routines.
+      (buffer.c, bufaux.c), compression routines (zlib), and the
+      encryption routines.
 
   X11, TCP/IP, and Agent forwarding
 
@@ -165,4 +165,4 @@ these programs.
 	uidswap.c    uid-swapping
 	xmalloc.c    "safe" malloc routines
 
-$OpenBSD: OVERVIEW,v 1.11 2006/08/03 03:34:41 deraadt Exp $
+$OpenBSD: OVERVIEW,v 1.12 2015/07/08 19:01:15 markus Exp $
diff --git a/crypto/openssh/PROTOCOL b/crypto/openssh/PROTOCOL
index 85641e6..131adfe 100644
--- a/crypto/openssh/PROTOCOL
+++ b/crypto/openssh/PROTOCOL
@@ -247,7 +247,6 @@ to request that the server make a connection to a Unix domain socket.
 	uint32		initial window size
 	uint32		maximum packet size
 	string		socket path
-	string		reserved for future use
 
 Similar to forwarded-tcpip, forwarded-streamlocal is sent by the
 server when the client has previously send the server a streamlocal-forward
@@ -453,4 +452,4 @@ respond with a SSH_FXP_STATUS message.
 This extension is advertised in the SSH_FXP_VERSION hello with version
 "1".
 
-$OpenBSD: PROTOCOL,v 1.28 2015/05/08 03:56:51 djm Exp $
+$OpenBSD: PROTOCOL,v 1.29 2015/07/17 03:09:19 djm Exp $
diff --git a/crypto/openssh/PROTOCOL.mux b/crypto/openssh/PROTOCOL.mux
index b583256..f042961 100644
--- a/crypto/openssh/PROTOCOL.mux
+++ b/crypto/openssh/PROTOCOL.mux
@@ -116,6 +116,12 @@ A client may request the master to establish a port forward:
 
 forwarding type may be MUX_FWD_LOCAL, MUX_FWD_REMOTE, MUX_FWD_DYNAMIC.
 
+If listen port is (unsigned int) -2, then the listen host is treated as
+a unix socket path name.
+
+If connect port is (unsigned int) -2, then the connect host is treated
+as a unix socket path name.
+
 A server may reply with a MUX_S_OK, a MUX_S_REMOTE_PORT, a
 MUX_S_PERMISSION_DENIED or a MUX_S_FAILURE.
 
@@ -219,4 +225,4 @@ XXX inject packet (what about replies)
 XXX server->client error/warning notifications
 XXX send signals via mux
 
-$OpenBSD: PROTOCOL.mux,v 1.9 2012/06/01 00:49:35 djm Exp $
+$OpenBSD: PROTOCOL.mux,v 1.10 2015/07/17 03:04:27 djm Exp $
diff --git a/crypto/openssh/README b/crypto/openssh/README
index 0401d85..ea6e228 100644
--- a/crypto/openssh/README
+++ b/crypto/openssh/README
@@ -1,4 +1,8 @@
-See http://www.openssh.com/txt/release-6.9 for the release notes.
+See http://www.openssh.com/txt/release-7.1p2 for the release notes.
+
+Please read http://www.openssh.com/report.html for bug reporting
+instructions and note that we do not use Github for bug reporting or
+patch/pull-request management.
 
 - A Japanese translation of this document and of the OpenSSH FAQ is
 - available at http://www.unixuser.org/~haruyama/security/openssh/index.html
diff --git a/crypto/openssh/addrmatch.c b/crypto/openssh/addrmatch.c
index c443146..70b050e 100644
--- a/crypto/openssh/addrmatch.c
+++ b/crypto/openssh/addrmatch.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: addrmatch.c,v 1.9 2014/01/19 11:21:51 dtucker Exp $ */
+/*	$OpenBSD: addrmatch.c,v 1.10 2015/07/08 19:04:21 markus Exp $ */
 
 /*
  * Copyright (c) 2004-2008 Damien Miller <djm@mindrot.org>
@@ -31,7 +31,6 @@
 
 #include "match.h"
 #include "log.h"
-#include "xmalloc.h"
 
 struct xaddr {
 	sa_family_t	af;
diff --git a/crypto/openssh/auth-options.c b/crypto/openssh/auth-options.c
index facfc02..e387697 100644
--- a/crypto/openssh/auth-options.c
+++ b/crypto/openssh/auth-options.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth-options.c,v 1.67 2015/05/01 03:20:54 djm Exp $ */
+/* $OpenBSD: auth-options.c,v 1.68 2015/07/03 03:43:18 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -588,35 +588,21 @@ auth_cert_options(struct sshkey *k, struct passwd *pw)
 	char *cert_forced_command = NULL;
 	int cert_source_address_done = 0;
 
-	if (sshkey_cert_is_legacy(k)) {
-		/* All options are in the one field for v00 certs */
-		if (parse_option_list(k->cert->critical, pw,
-		    OPTIONS_CRITICAL|OPTIONS_EXTENSIONS, 1,
-		    &cert_no_port_forwarding_flag,
-		    &cert_no_agent_forwarding_flag,
-		    &cert_no_x11_forwarding_flag,
-		    &cert_no_pty_flag,
-		    &cert_no_user_rc,
-		    &cert_forced_command,
-		    &cert_source_address_done) == -1)
-			return -1;
-	} else {
-		/* Separate options and extensions for v01 certs */
-		if (parse_option_list(k->cert->critical, pw,
-		    OPTIONS_CRITICAL, 1, NULL, NULL, NULL, NULL, NULL,
-		    &cert_forced_command,
-		    &cert_source_address_done) == -1)
-			return -1;
-		if (parse_option_list(k->cert->extensions, pw,
-		    OPTIONS_EXTENSIONS, 0,
-		    &cert_no_port_forwarding_flag,
-		    &cert_no_agent_forwarding_flag,
-		    &cert_no_x11_forwarding_flag,
-		    &cert_no_pty_flag,
-		    &cert_no_user_rc,
-		    NULL, NULL) == -1)
-			return -1;
-	}
+	/* Separate options and extensions for v01 certs */
+	if (parse_option_list(k->cert->critical, pw,
+	    OPTIONS_CRITICAL, 1, NULL, NULL, NULL, NULL, NULL,
+	    &cert_forced_command,
+	    &cert_source_address_done) == -1)
+		return -1;
+	if (parse_option_list(k->cert->extensions, pw,
+	    OPTIONS_EXTENSIONS, 0,
+	    &cert_no_port_forwarding_flag,
+	    &cert_no_agent_forwarding_flag,
+	    &cert_no_x11_forwarding_flag,
+	    &cert_no_pty_flag,
+	    &cert_no_user_rc,
+	    NULL, NULL) == -1)
+		return -1;
 
 	no_port_forwarding_flag |= cert_no_port_forwarding_flag;
 	no_agent_forwarding_flag |= cert_no_agent_forwarding_flag;
diff --git a/crypto/openssh/auth.c b/crypto/openssh/auth.c
index 5f72416..ba908801 100644
--- a/crypto/openssh/auth.c
+++ b/crypto/openssh/auth.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth.c,v 1.111 2015/05/01 04:17:51 djm Exp $ */
+/* $OpenBSD: auth.c,v 1.113 2015/08/21 03:42:19 djm Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  *
@@ -353,7 +353,9 @@ auth_root_allowed(const char *method)
 	case PERMIT_YES:
 		return 1;
 	case PERMIT_NO_PASSWD:
-		if (strcmp(method, "password") != 0)
+		if (strcmp(method, "publickey") == 0 ||
+		    strcmp(method, "hostbased") == 0 ||
+		    strcmp(method, "gssapi-with-mic") == 0)
 			return 1;
 		break;
 	case PERMIT_FORCED_ONLY:
diff --git a/crypto/openssh/auth2-chall.c b/crypto/openssh/auth2-chall.c
index e4d4a17..4aff09d 100644
--- a/crypto/openssh/auth2-chall.c
+++ b/crypto/openssh/auth2-chall.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth2-chall.c,v 1.42 2015/01/19 20:07:45 markus Exp $ */
+/* $OpenBSD: auth2-chall.c,v 1.43 2015/07/18 07:57:14 djm Exp $ */
 /*
  * Copyright (c) 2001 Markus Friedl.  All rights reserved.
  * Copyright (c) 2001 Per Allansson.  All rights reserved.
diff --git a/crypto/openssh/authfd.c b/crypto/openssh/authfd.c
index 82915a4..eaa1426 100644
--- a/crypto/openssh/authfd.c
+++ b/crypto/openssh/authfd.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: authfd.c,v 1.97 2015/03/26 19:32:19 markus Exp $ */
+/* $OpenBSD: authfd.c,v 1.98 2015/07/03 03:43:18 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -560,10 +560,8 @@ ssh_add_identity_constrained(int sock, struct sshkey *key, const char *comment,
 #ifdef WITH_OPENSSL
 	case KEY_RSA:
 	case KEY_RSA_CERT:
-	case KEY_RSA_CERT_V00:
 	case KEY_DSA:
 	case KEY_DSA_CERT:
-	case KEY_DSA_CERT_V00:
 	case KEY_ECDSA:
 	case KEY_ECDSA_CERT:
 #endif
diff --git a/crypto/openssh/authfile.c b/crypto/openssh/authfile.c
index 728b136..58f589a 100644
--- a/crypto/openssh/authfile.c
+++ b/crypto/openssh/authfile.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: authfile.c,v 1.114 2015/04/17 13:32:09 djm Exp $ */
+/* $OpenBSD: authfile.c,v 1.116 2015/07/09 09:49:46 markus Exp $ */
 /*
  * Copyright (c) 2000, 2013 Markus Friedl.  All rights reserved.
  *
@@ -39,13 +39,13 @@
 #include <limits.h>
 
 #include "cipher.h"
-#include "key.h"
 #include "ssh.h"
 #include "log.h"
 #include "authfile.h"
 #include "rsa.h"
 #include "misc.h"
 #include "atomicio.h"
+#include "sshkey.h"
 #include "sshbuf.h"
 #include "ssherr.h"
 #include "krl.h"
@@ -448,8 +448,8 @@ sshkey_load_private_cert(int type, const char *filename, const char *passphrase,
 	case KEY_RSA:
 	case KEY_DSA:
 	case KEY_ECDSA:
-	case KEY_ED25519:
 #endif /* WITH_OPENSSL */
+	case KEY_ED25519:
 	case KEY_UNSPEC:
 		break;
 	default:
@@ -467,7 +467,7 @@ sshkey_load_private_cert(int type, const char *filename, const char *passphrase,
 		goto out;
 	}
 
-	if ((r = sshkey_to_certified(key, sshkey_cert_is_legacy(cert))) != 0 ||
+	if ((r = sshkey_to_certified(key)) != 0 ||
 	    (r = sshkey_cert_copy(cert, key)) != 0)
 		goto out;
 	r = 0;
diff --git a/crypto/openssh/bitmap.c b/crypto/openssh/bitmap.c
index 19cd2e8..f950322 100644
--- a/crypto/openssh/bitmap.c
+++ b/crypto/openssh/bitmap.c
@@ -53,7 +53,7 @@ void
 bitmap_free(struct bitmap *b)
 {
 	if (b != NULL && b->d != NULL) {
-		memset(b->d, 0, b->len);
+		explicit_bzero(b->d, b->len);
 		free(b->d);
 	}
 	free(b);
diff --git a/crypto/openssh/buffer.c b/crypto/openssh/buffer.c
index fcf2901..c5f708a 100644
--- a/crypto/openssh/buffer.c
+++ b/crypto/openssh/buffer.c
@@ -19,7 +19,6 @@
 /* Emulation wrappers for legacy OpenSSH buffer API atop sshbuf */
 
 #include "includes.h"
-__RCSID("$FreeBSD$");
 
 #include <sys/types.h>
 
diff --git a/crypto/openssh/buffer.h b/crypto/openssh/buffer.h
index 28a9c98..df1aebc 100644
--- a/crypto/openssh/buffer.h
+++ b/crypto/openssh/buffer.h
@@ -1,5 +1,4 @@
 /* $OpenBSD: buffer.h,v 1.25 2014/04/30 05:29:56 djm Exp $ */
-/* $FreeBSD$ */
 
 /*
  * Copyright (c) 2012 Damien Miller <djm@mindrot.org>
diff --git a/crypto/openssh/channels.c b/crypto/openssh/channels.c
index 39bb775..a84b487 100644
--- a/crypto/openssh/channels.c
+++ b/crypto/openssh/channels.c
@@ -40,7 +40,6 @@
  */
 
 #include "includes.h"
-__RCSID("$FreeBSD$");
 
 #include <sys/types.h>
 #include <sys/param.h>	/* MIN MAX */
diff --git a/crypto/openssh/channels.h b/crypto/openssh/channels.h
index 5301342..9d76c9d 100644
--- a/crypto/openssh/channels.h
+++ b/crypto/openssh/channels.h
@@ -1,5 +1,4 @@
 /* $OpenBSD: channels.h,v 1.118 2015/07/01 02:26:31 djm Exp $ */
-/* $FreeBSD$ */
 
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
diff --git a/crypto/openssh/cipher.h b/crypto/openssh/cipher.h
index 62a88b4..06d4be4 100644
--- a/crypto/openssh/cipher.h
+++ b/crypto/openssh/cipher.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: cipher.h,v 1.47 2015/01/14 10:24:42 markus Exp $ */
+/* $OpenBSD: cipher.h,v 1.48 2015/07/08 19:09:25 markus Exp $ */
 
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -72,9 +72,6 @@ struct sshcipher_ctx {
 	const struct sshcipher *cipher;
 };
 
-typedef struct sshcipher Cipher;
-typedef struct sshcipher_ctx CipherContext;
-
 u_int	 cipher_mask_ssh1(int);
 const struct sshcipher *cipher_by_name(const char *);
 const struct sshcipher *cipher_by_number(int);
diff --git a/crypto/openssh/clientloop.c b/crypto/openssh/clientloop.c
index e6da12a..87ceb3d 100644
--- a/crypto/openssh/clientloop.c
+++ b/crypto/openssh/clientloop.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: clientloop.c,v 1.274 2015/07/01 02:26:31 djm Exp $ */
+/* $OpenBSD: clientloop.c,v 1.275 2015/07/10 06:21:53 markus Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -60,7 +60,6 @@
  */
 
 #include "includes.h"
-__RCSID("$FreeBSD$");
 
 #include <sys/param.h>	/* MIN MAX */
 #include <sys/types.h>
@@ -101,6 +100,7 @@ __RCSID("$FreeBSD$");
 #include "key.h"
 #include "cipher.h"
 #include "kex.h"
+#include "myproposal.h"
 #include "log.h"
 #include "misc.h"
 #include "readconf.h"
@@ -2363,10 +2363,11 @@ client_input_hostkeys(void)
 		debug3("%s: received %s key %s", __func__,
 		    sshkey_type(key), fp);
 		free(fp);
+
 		/* Check that the key is accepted in HostkeyAlgorithms */
-		if (options.hostkeyalgorithms != NULL &&
-		    match_pattern_list(sshkey_ssh_name(key),
-		    options.hostkeyalgorithms, 0) != 1) {
+		if (match_pattern_list(sshkey_ssh_name(key),
+		    options.hostkeyalgorithms ? options.hostkeyalgorithms :
+		    KEX_DEFAULT_PK_ALG, 0) != 1) {
 			debug3("%s: %s key not permitted by HostkeyAlgorithms",
 			    __func__, sshkey_ssh_name(key));
 			continue;
diff --git a/crypto/openssh/compat.c b/crypto/openssh/compat.c
index 2d70de2..5583804 100644
--- a/crypto/openssh/compat.c
+++ b/crypto/openssh/compat.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: compat.c,v 1.94 2015/05/26 23:23:40 dtucker Exp $ */
+/* $OpenBSD: compat.c,v 1.97 2015/08/19 23:21:42 djm Exp $ */
 /*
  * Copyright (c) 1999, 2000, 2001, 2002 Markus Friedl.  All rights reserved.
  *
@@ -24,7 +24,6 @@
  */
 
 #include "includes.h"
-__RCSID("$FreeBSD$");
 
 #include <sys/types.h>
 
@@ -153,7 +152,8 @@ compat_datafellows(const char *version)
 		  "1.2.22*",		SSH_BUG_IGNOREMSG },
 		{ "1.3.2*",		/* F-Secure */
 					SSH_BUG_IGNOREMSG },
-		{ "Cisco-1.*",		SSH_BUG_DHGEX_LARGE },
+		{ "Cisco-1.*",		SSH_BUG_DHGEX_LARGE|
+					SSH_BUG_HOSTKEYS },
 		{ "*SSH Compatible Server*",			/* Netscreen */
 					SSH_BUG_PASSWORDPAD },
 		{ "*OSU_0*,"
@@ -167,7 +167,8 @@ compat_datafellows(const char *version)
 		  "OSU_1.5alpha3*",	SSH_BUG_PASSWORDPAD },
 		{ "*SSH_Version_Mapper*",
 					SSH_BUG_SCANNER },
-		{ "PuTTY-Release-0.5*," /* 0.50-0.57, DH-GEX in >=0.52 */
+		{ "PuTTY_Local:*,"	/* dev versions < Sep 2014 */
+		  "PuTTY-Release-0.5*," /* 0.50-0.57, DH-GEX in >=0.52 */
 		  "PuTTY_Release_0.5*,"	/* 0.58-0.59 */
 		  "PuTTY_Release_0.60*,"
 		  "PuTTY_Release_0.61*,"
@@ -175,6 +176,7 @@ compat_datafellows(const char *version)
 		  "PuTTY_Release_0.63*,"
 		  "PuTTY_Release_0.64*",
 					SSH_OLD_DHGEX },
+		{ "FuTTY*",		SSH_OLD_DHGEX }, /* Putty Fork */
 		{ "Probe-*",
 					SSH_BUG_PROBE },
 		{ "TeraTerm SSH*,"
@@ -188,7 +190,17 @@ compat_datafellows(const char *version)
 		  "TTSSH/2.70*,"
 		  "TTSSH/2.71*,"
 		  "TTSSH/2.72*",	SSH_BUG_HOSTKEYS },
-		{ "WinSCP*",		SSH_OLD_DHGEX },
+		{ "WinSCP_release_4*,"
+		  "WinSCP_release_5.0*,"
+		  "WinSCP_release_5.1*,"
+		  "WinSCP_release_5.5*,"
+		  "WinSCP_release_5.6*,"
+		  "WinSCP_release_5.7,"
+		  "WinSCP_release_5.7.1,"
+		  "WinSCP_release_5.7.2,"
+		  "WinSCP_release_5.7.3,"
+		  "WinSCP_release_5.7.4",
+					SSH_OLD_DHGEX },
 		{ NULL,			0 }
 	};
 
diff --git a/crypto/openssh/compat.h b/crypto/openssh/compat.h
index 724538b..2be290a 100644
--- a/crypto/openssh/compat.h
+++ b/crypto/openssh/compat.h
@@ -1,5 +1,4 @@
 /* $OpenBSD: compat.h,v 1.48 2015/05/26 23:23:40 dtucker Exp $ */
-/* $FreeBSD$ */
 
 /*
  * Copyright (c) 1999, 2000, 2001 Markus Friedl.  All rights reserved.
diff --git a/crypto/openssh/config.h b/crypto/openssh/config.h
index 68c5fc1..f8f9444 100644
--- a/crypto/openssh/config.h
+++ b/crypto/openssh/config.h
@@ -52,8 +52,8 @@
    against it */
 /* #undef BROKEN_READ_COMPARISON */
 
-/* Define if you have a broken realpath. */
-/* #undef BROKEN_REALPATH */
+/* realpath does not work with nonexistent files */
+#define BROKEN_REALPATH 1
 
 /* Needed for NeXT */
 /* #undef BROKEN_SAVED_UIDS */
diff --git a/crypto/openssh/config.h.in b/crypto/openssh/config.h.in
deleted file mode 100644
index 9f02954..0000000
--- a/crypto/openssh/config.h.in
+++ /dev/null
@@ -1,1729 +0,0 @@
-/* config.h.in.  Generated from configure.ac by autoheader.  */
-
-/* Define if building universal (internal helper macro) */
-#undef AC_APPLE_UNIVERSAL_BUILD
-
-/* Define if you have a getaddrinfo that fails for the all-zeros IPv6 address
-   */
-#undef AIX_GETNAMEINFO_HACK
-
-/* Define if your AIX loginfailed() function takes 4 arguments (AIX >= 5.2) */
-#undef AIX_LOGINFAILED_4ARG
-
-/* System only supports IPv4 audit records */
-#undef AU_IPv4
-
-/* Define if your resolver libs need this for getrrsetbyname */
-#undef BIND_8_COMPAT
-
-/* The system has incomplete BSM API */
-#undef BROKEN_BSM_API
-
-/* Define if cmsg_type is not passed correctly */
-#undef BROKEN_CMSG_TYPE
-
-/* getaddrinfo is broken (if present) */
-#undef BROKEN_GETADDRINFO
-
-/* getgroups(0,NULL) will return -1 */
-#undef BROKEN_GETGROUPS
-
-/* FreeBSD glob does not do what we need */
-#undef BROKEN_GLOB
-
-/* Define if you system's inet_ntoa is busted (e.g. Irix gcc issue) */
-#undef BROKEN_INET_NTOA
-
-/* ia_uinfo routines not supported by OS yet */
-#undef BROKEN_LIBIAF
-
-/* Ultrix mmap can't map files */
-#undef BROKEN_MMAP
-
-/* Define if your struct dirent expects you to allocate extra space for d_name
-   */
-#undef BROKEN_ONE_BYTE_DIRENT_D_NAME
-
-/* Can't do comparisons on readv */
-#undef BROKEN_READV_COMPARISON
-
-/* NetBSD read function is sometimes redirected, breaking atomicio comparisons
-   against it */
-#undef BROKEN_READ_COMPARISON
-
-/* Define if you have a broken realpath. */
-#undef BROKEN_REALPATH
-
-/* Needed for NeXT */
-#undef BROKEN_SAVED_UIDS
-
-/* Define if your setregid() is broken */
-#undef BROKEN_SETREGID
-
-/* Define if your setresgid() is broken */
-#undef BROKEN_SETRESGID
-
-/* Define if your setresuid() is broken */
-#undef BROKEN_SETRESUID
-
-/* Define if your setreuid() is broken */
-#undef BROKEN_SETREUID
-
-/* LynxOS has broken setvbuf() implementation */
-#undef BROKEN_SETVBUF
-
-/* QNX shadow support is broken */
-#undef BROKEN_SHADOW_EXPIRE
-
-/* Define if your snprintf is busted */
-#undef BROKEN_SNPRINTF
-
-/* FreeBSD strnvis argument order is swapped compared to OpenBSD */
-#undef BROKEN_STRNVIS
-
-/* tcgetattr with ICANON may hang */
-#undef BROKEN_TCGETATTR_ICANON
-
-/* updwtmpx is broken (if present) */
-#undef BROKEN_UPDWTMPX
-
-/* Define if you have BSD auth support */
-#undef BSD_AUTH
-
-/* Define if you want to specify the path to your lastlog file */
-#undef CONF_LASTLOG_FILE
-
-/* Define if you want to specify the path to your utmp file */
-#undef CONF_UTMP_FILE
-
-/* Define if you want to specify the path to your wtmpx file */
-#undef CONF_WTMPX_FILE
-
-/* Define if you want to specify the path to your wtmp file */
-#undef CONF_WTMP_FILE
-
-/* Define if your platform needs to skip post auth file descriptor passing */
-#undef DISABLE_FD_PASSING
-
-/* Define if you don't want to use lastlog */
-#undef DISABLE_LASTLOG
-
-/* Define if you don't want to use your system's login() call */
-#undef DISABLE_LOGIN
-
-/* Define if you don't want to use pututline() etc. to write [uw]tmp */
-#undef DISABLE_PUTUTLINE
-
-/* Define if you don't want to use pututxline() etc. to write [uw]tmpx */
-#undef DISABLE_PUTUTXLINE
-
-/* Define if you want to disable shadow passwords */
-#undef DISABLE_SHADOW
-
-/* Define if you don't want to use utmp */
-#undef DISABLE_UTMP
-
-/* Define if you don't want to use utmpx */
-#undef DISABLE_UTMPX
-
-/* Define if you don't want to use wtmp */
-#undef DISABLE_WTMP
-
-/* Define if you don't want to use wtmpx */
-#undef DISABLE_WTMPX
-
-/* Enable for PKCS#11 support */
-#undef ENABLE_PKCS11
-
-/* File names may not contain backslash characters */
-#undef FILESYSTEM_NO_BACKSLASH
-
-/* fsid_t has member val */
-#undef FSID_HAS_VAL
-
-/* fsid_t has member __val */
-#undef FSID_HAS___VAL
-
-/* Define to 1 if the `getpgrp' function requires zero arguments. */
-#undef GETPGRP_VOID
-
-/* Conflicting defs for getspnam */
-#undef GETSPNAM_CONFLICTING_DEFS
-
-/* Define if your system glob() function has the GLOB_ALTDIRFUNC extension */
-#undef GLOB_HAS_ALTDIRFUNC
-
-/* Define if your system glob() function has gl_matchc options in glob_t */
-#undef GLOB_HAS_GL_MATCHC
-
-/* Define if your system glob() function has gl_statv options in glob_t */
-#undef GLOB_HAS_GL_STATV
-
-/* Define this if you want GSSAPI support in the version 2 protocol */
-#undef GSSAPI
-
-/* Define if you want to use shadow password expire field */
-#undef HAS_SHADOW_EXPIRE
-
-/* Define if your system uses access rights style file descriptor passing */
-#undef HAVE_ACCRIGHTS_IN_MSGHDR
-
-/* Define if you have ut_addr in utmp.h */
-#undef HAVE_ADDR_IN_UTMP
-
-/* Define if you have ut_addr in utmpx.h */
-#undef HAVE_ADDR_IN_UTMPX
-
-/* Define if you have ut_addr_v6 in utmp.h */
-#undef HAVE_ADDR_V6_IN_UTMP
-
-/* Define if you have ut_addr_v6 in utmpx.h */
-#undef HAVE_ADDR_V6_IN_UTMPX
-
-/* Define to 1 if you have the `arc4random' function. */
-#undef HAVE_ARC4RANDOM
-
-/* Define to 1 if you have the `arc4random_buf' function. */
-#undef HAVE_ARC4RANDOM_BUF
-
-/* Define to 1 if you have the `arc4random_stir' function. */
-#undef HAVE_ARC4RANDOM_STIR
-
-/* Define to 1 if you have the `arc4random_uniform' function. */
-#undef HAVE_ARC4RANDOM_UNIFORM
-
-/* Define to 1 if you have the `asprintf' function. */
-#undef HAVE_ASPRINTF
-
-/* OpenBSD's gcc has bounded */
-#undef HAVE_ATTRIBUTE__BOUNDED__
-
-/* Have attribute nonnull */
-#undef HAVE_ATTRIBUTE__NONNULL__
-
-/* OpenBSD's gcc has sentinel */
-#undef HAVE_ATTRIBUTE__SENTINEL__
-
-/* Define to 1 if you have the `aug_get_machine' function. */
-#undef HAVE_AUG_GET_MACHINE
-
-/* Define to 1 if you have the `b64_ntop' function. */
-#undef HAVE_B64_NTOP
-
-/* Define to 1 if you have the `b64_pton' function. */
-#undef HAVE_B64_PTON
-
-/* Define if you have the basename function. */
-#undef HAVE_BASENAME
-
-/* Define to 1 if you have the `bcopy' function. */
-#undef HAVE_BCOPY
-
-/* Define to 1 if you have the `bcrypt_pbkdf' function. */
-#undef HAVE_BCRYPT_PBKDF
-
-/* Define to 1 if you have the `bindresvport_sa' function. */
-#undef HAVE_BINDRESVPORT_SA
-
-/* Define to 1 if you have the `blf_enc' function. */
-#undef HAVE_BLF_ENC
-
-/* Define to 1 if you have the <blf.h> header file. */
-#undef HAVE_BLF_H
-
-/* Define to 1 if you have the `Blowfish_expand0state' function. */
-#undef HAVE_BLOWFISH_EXPAND0STATE
-
-/* Define to 1 if you have the `Blowfish_expandstate' function. */
-#undef HAVE_BLOWFISH_EXPANDSTATE
-
-/* Define to 1 if you have the `Blowfish_initstate' function. */
-#undef HAVE_BLOWFISH_INITSTATE
-
-/* Define to 1 if you have the `Blowfish_stream2word' function. */
-#undef HAVE_BLOWFISH_STREAM2WORD
-
-/* Define to 1 if you have the `BN_is_prime_ex' function. */
-#undef HAVE_BN_IS_PRIME_EX
-
-/* Define to 1 if you have the <bsd/libutil.h> header file. */
-#undef HAVE_BSD_LIBUTIL_H
-
-/* Define to 1 if you have the <bsm/audit.h> header file. */
-#undef HAVE_BSM_AUDIT_H
-
-/* Define to 1 if you have the <bstring.h> header file. */
-#undef HAVE_BSTRING_H
-
-/* Define to 1 if you have the `cap_rights_limit' function. */
-#undef HAVE_CAP_RIGHTS_LIMIT
-
-/* Define to 1 if you have the `clock' function. */
-#undef HAVE_CLOCK
-
-/* Have clock_gettime */
-#undef HAVE_CLOCK_GETTIME
-
-/* define if you have clock_t data type */
-#undef HAVE_CLOCK_T
-
-/* Define to 1 if you have the `closefrom' function. */
-#undef HAVE_CLOSEFROM
-
-/* Define if gai_strerror() returns const char * */
-#undef HAVE_CONST_GAI_STRERROR_PROTO
-
-/* Define if your system uses ancillary data style file descriptor passing */
-#undef HAVE_CONTROL_IN_MSGHDR
-
-/* Define to 1 if you have the `crypt' function. */
-#undef HAVE_CRYPT
-
-/* Define to 1 if you have the <crypto/sha2.h> header file. */
-#undef HAVE_CRYPTO_SHA2_H
-
-/* Define to 1 if you have the <crypt.h> header file. */
-#undef HAVE_CRYPT_H
-
-/* Define if you are on Cygwin */
-#undef HAVE_CYGWIN
-
-/* Define if your libraries define daemon() */
-#undef HAVE_DAEMON
-
-/* Define to 1 if you have the declaration of `AI_NUMERICSERV', and to 0 if
-   you don't. */
-#undef HAVE_DECL_AI_NUMERICSERV
-
-/* Define to 1 if you have the declaration of `authenticate', and to 0 if you
-   don't. */
-#undef HAVE_DECL_AUTHENTICATE
-
-/* Define to 1 if you have the declaration of `GLOB_NOMATCH', and to 0 if you
-   don't. */
-#undef HAVE_DECL_GLOB_NOMATCH
-
-/* Define to 1 if you have the declaration of `GSS_C_NT_HOSTBASED_SERVICE',
-   and to 0 if you don't. */
-#undef HAVE_DECL_GSS_C_NT_HOSTBASED_SERVICE
-
-/* Define to 1 if you have the declaration of `howmany', and to 0 if you
-   don't. */
-#undef HAVE_DECL_HOWMANY
-
-/* Define to 1 if you have the declaration of `h_errno', and to 0 if you
-   don't. */
-#undef HAVE_DECL_H_ERRNO
-
-/* Define to 1 if you have the declaration of `loginfailed', and to 0 if you
-   don't. */
-#undef HAVE_DECL_LOGINFAILED
-
-/* Define to 1 if you have the declaration of `loginrestrictions', and to 0 if
-   you don't. */
-#undef HAVE_DECL_LOGINRESTRICTIONS
-
-/* Define to 1 if you have the declaration of `loginsuccess', and to 0 if you
-   don't. */
-#undef HAVE_DECL_LOGINSUCCESS
-
-/* Define to 1 if you have the declaration of `MAXSYMLINKS', and to 0 if you
-   don't. */
-#undef HAVE_DECL_MAXSYMLINKS
-
-/* Define to 1 if you have the declaration of `NFDBITS', and to 0 if you
-   don't. */
-#undef HAVE_DECL_NFDBITS
-
-/* Define to 1 if you have the declaration of `offsetof', and to 0 if you
-   don't. */
-#undef HAVE_DECL_OFFSETOF
-
-/* Define to 1 if you have the declaration of `O_NONBLOCK', and to 0 if you
-   don't. */
-#undef HAVE_DECL_O_NONBLOCK
-
-/* Define to 1 if you have the declaration of `passwdexpired', and to 0 if you
-   don't. */
-#undef HAVE_DECL_PASSWDEXPIRED
-
-/* Define to 1 if you have the declaration of `setauthdb', and to 0 if you
-   don't. */
-#undef HAVE_DECL_SETAUTHDB
-
-/* Define to 1 if you have the declaration of `SHUT_RD', and to 0 if you
-   don't. */
-#undef HAVE_DECL_SHUT_RD
-
-/* Define to 1 if you have the declaration of `writev', and to 0 if you don't.
-   */
-#undef HAVE_DECL_WRITEV
-
-/* Define to 1 if you have the declaration of `_getlong', and to 0 if you
-   don't. */
-#undef HAVE_DECL__GETLONG
-
-/* Define to 1 if you have the declaration of `_getshort', and to 0 if you
-   don't. */
-#undef HAVE_DECL__GETSHORT
-
-/* Define to 1 if you have the `DES_crypt' function. */
-#undef HAVE_DES_CRYPT
-
-/* Define if you have /dev/ptmx */
-#undef HAVE_DEV_PTMX
-
-/* Define if you have /dev/ptc */
-#undef HAVE_DEV_PTS_AND_PTC
-
-/* Define to 1 if you have the <dirent.h> header file. */
-#undef HAVE_DIRENT_H
-
-/* Define to 1 if you have the `dirfd' function. */
-#undef HAVE_DIRFD
-
-/* Define to 1 if you have the `dirname' function. */
-#undef HAVE_DIRNAME
-
-/* Define to 1 if you have the `DSA_generate_parameters_ex' function. */
-#undef HAVE_DSA_GENERATE_PARAMETERS_EX
-
-/* Define to 1 if you have the <elf.h> header file. */
-#undef HAVE_ELF_H
-
-/* Define to 1 if you have the `endgrent' function. */
-#undef HAVE_ENDGRENT
-
-/* Define to 1 if you have the <endian.h> header file. */
-#undef HAVE_ENDIAN_H
-
-/* Define to 1 if you have the `endutent' function. */
-#undef HAVE_ENDUTENT
-
-/* Define to 1 if you have the `endutxent' function. */
-#undef HAVE_ENDUTXENT
-
-/* Define if your system has /etc/default/login */
-#undef HAVE_ETC_DEFAULT_LOGIN
-
-/* Define if libcrypto has EVP_CIPHER_CTX_ctrl */
-#undef HAVE_EVP_CIPHER_CTX_CTRL
-
-/* Define to 1 if you have the `EVP_DigestFinal_ex' function. */
-#undef HAVE_EVP_DIGESTFINAL_EX
-
-/* Define to 1 if you have the `EVP_DigestInit_ex' function. */
-#undef HAVE_EVP_DIGESTINIT_EX
-
-/* Define to 1 if you have the `EVP_MD_CTX_cleanup' function. */
-#undef HAVE_EVP_MD_CTX_CLEANUP
-
-/* Define to 1 if you have the `EVP_MD_CTX_copy_ex' function. */
-#undef HAVE_EVP_MD_CTX_COPY_EX
-
-/* Define to 1 if you have the `EVP_MD_CTX_init' function. */
-#undef HAVE_EVP_MD_CTX_INIT
-
-/* Define to 1 if you have the `EVP_ripemd160' function. */
-#undef HAVE_EVP_RIPEMD160
-
-/* Define to 1 if you have the `EVP_sha256' function. */
-#undef HAVE_EVP_SHA256
-
-/* Define if you have ut_exit in utmp.h */
-#undef HAVE_EXIT_IN_UTMP
-
-/* Define to 1 if you have the `explicit_bzero' function. */
-#undef HAVE_EXPLICIT_BZERO
-
-/* Define to 1 if you have the `fchmod' function. */
-#undef HAVE_FCHMOD
-
-/* Define to 1 if you have the `fchown' function. */
-#undef HAVE_FCHOWN
-
-/* Use F_CLOSEM fcntl for closefrom */
-#undef HAVE_FCNTL_CLOSEM
-
-/* Define to 1 if you have the <fcntl.h> header file. */
-#undef HAVE_FCNTL_H
-
-/* Define to 1 if the system has the type `fd_mask'. */
-#undef HAVE_FD_MASK
-
-/* Define to 1 if you have the <features.h> header file. */
-#undef HAVE_FEATURES_H
-
-/* Define to 1 if you have the <floatingpoint.h> header file. */
-#undef HAVE_FLOATINGPOINT_H
-
-/* Define to 1 if you have the `fmt_scaled' function. */
-#undef HAVE_FMT_SCALED
-
-/* Define to 1 if you have the `freeaddrinfo' function. */
-#undef HAVE_FREEADDRINFO
-
-/* Define to 1 if the system has the type `fsblkcnt_t'. */
-#undef HAVE_FSBLKCNT_T
-
-/* Define to 1 if the system has the type `fsfilcnt_t'. */
-#undef HAVE_FSFILCNT_T
-
-/* Define to 1 if you have the `fstatfs' function. */
-#undef HAVE_FSTATFS
-
-/* Define to 1 if you have the `fstatvfs' function. */
-#undef HAVE_FSTATVFS
-
-/* Define to 1 if you have the `futimes' function. */
-#undef HAVE_FUTIMES
-
-/* Define to 1 if you have the `gai_strerror' function. */
-#undef HAVE_GAI_STRERROR
-
-/* Define to 1 if you have the `getaddrinfo' function. */
-#undef HAVE_GETADDRINFO
-
-/* Define to 1 if you have the `getaudit' function. */
-#undef HAVE_GETAUDIT
-
-/* Define to 1 if you have the `getaudit_addr' function. */
-#undef HAVE_GETAUDIT_ADDR
-
-/* Define to 1 if you have the `getcwd' function. */
-#undef HAVE_GETCWD
-
-/* Define to 1 if you have the `getgrouplist' function. */
-#undef HAVE_GETGROUPLIST
-
-/* Define to 1 if you have the `getgrset' function. */
-#undef HAVE_GETGRSET
-
-/* Define to 1 if you have the `getlastlogxbyname' function. */
-#undef HAVE_GETLASTLOGXBYNAME
-
-/* Define to 1 if you have the `getluid' function. */
-#undef HAVE_GETLUID
-
-/* Define to 1 if you have the `getnameinfo' function. */
-#undef HAVE_GETNAMEINFO
-
-/* Define to 1 if you have the `getopt' function. */
-#undef HAVE_GETOPT
-
-/* Define to 1 if you have the <getopt.h> header file. */
-#undef HAVE_GETOPT_H
-
-/* Define if your getopt(3) defines and uses optreset */
-#undef HAVE_GETOPT_OPTRESET
-
-/* Define if your libraries define getpagesize() */
-#undef HAVE_GETPAGESIZE
-
-/* Define to 1 if you have the `getpeereid' function. */
-#undef HAVE_GETPEEREID
-
-/* Define to 1 if you have the `getpeerucred' function. */
-#undef HAVE_GETPEERUCRED
-
-/* Define to 1 if you have the `getpgid' function. */
-#undef HAVE_GETPGID
-
-/* Define to 1 if you have the `getpgrp' function. */
-#undef HAVE_GETPGRP
-
-/* Define to 1 if you have the `getpwanam' function. */
-#undef HAVE_GETPWANAM
-
-/* Define to 1 if you have the `getrlimit' function. */
-#undef HAVE_GETRLIMIT
-
-/* Define if getrrsetbyname() exists */
-#undef HAVE_GETRRSETBYNAME
-
-/* Define to 1 if you have the `getrusage' function. */
-#undef HAVE_GETRUSAGE
-
-/* Define to 1 if you have the `getseuserbyname' function. */
-#undef HAVE_GETSEUSERBYNAME
-
-/* Define to 1 if you have the `gettimeofday' function. */
-#undef HAVE_GETTIMEOFDAY
-
-/* Define to 1 if you have the `getttyent' function. */
-#undef HAVE_GETTTYENT
-
-/* Define to 1 if you have the `getutent' function. */
-#undef HAVE_GETUTENT
-
-/* Define to 1 if you have the `getutid' function. */
-#undef HAVE_GETUTID
-
-/* Define to 1 if you have the `getutline' function. */
-#undef HAVE_GETUTLINE
-
-/* Define to 1 if you have the `getutxent' function. */
-#undef HAVE_GETUTXENT
-
-/* Define to 1 if you have the `getutxid' function. */
-#undef HAVE_GETUTXID
-
-/* Define to 1 if you have the `getutxline' function. */
-#undef HAVE_GETUTXLINE
-
-/* Define to 1 if you have the `getutxuser' function. */
-#undef HAVE_GETUTXUSER
-
-/* Define to 1 if you have the `get_default_context_with_level' function. */
-#undef HAVE_GET_DEFAULT_CONTEXT_WITH_LEVEL
-
-/* Define to 1 if you have the `glob' function. */
-#undef HAVE_GLOB
-
-/* Define to 1 if you have the <glob.h> header file. */
-#undef HAVE_GLOB_H
-
-/* Define to 1 if you have the `group_from_gid' function. */
-#undef HAVE_GROUP_FROM_GID
-
-/* Define to 1 if you have the <gssapi_generic.h> header file. */
-#undef HAVE_GSSAPI_GENERIC_H
-
-/* Define to 1 if you have the <gssapi/gssapi_generic.h> header file. */
-#undef HAVE_GSSAPI_GSSAPI_GENERIC_H
-
-/* Define to 1 if you have the <gssapi/gssapi.h> header file. */
-#undef HAVE_GSSAPI_GSSAPI_H
-
-/* Define to 1 if you have the <gssapi/gssapi_krb5.h> header file. */
-#undef HAVE_GSSAPI_GSSAPI_KRB5_H
-
-/* Define to 1 if you have the <gssapi.h> header file. */
-#undef HAVE_GSSAPI_H
-
-/* Define to 1 if you have the <gssapi_krb5.h> header file. */
-#undef HAVE_GSSAPI_KRB5_H
-
-/* Define if HEADER.ad exists in arpa/nameser.h */
-#undef HAVE_HEADER_AD
-
-/* Define to 1 if you have the `HMAC_CTX_init' function. */
-#undef HAVE_HMAC_CTX_INIT
-
-/* Define if you have ut_host in utmp.h */
-#undef HAVE_HOST_IN_UTMP
-
-/* Define if you have ut_host in utmpx.h */
-#undef HAVE_HOST_IN_UTMPX
-
-/* Define to 1 if you have the <iaf.h> header file. */
-#undef HAVE_IAF_H
-
-/* Define to 1 if you have the <ia.h> header file. */
-#undef HAVE_IA_H
-
-/* Define if you have ut_id in utmp.h */
-#undef HAVE_ID_IN_UTMP
-
-/* Define if you have ut_id in utmpx.h */
-#undef HAVE_ID_IN_UTMPX
-
-/* Define to 1 if you have the `inet_aton' function. */
-#undef HAVE_INET_ATON
-
-/* Define to 1 if you have the `inet_ntoa' function. */
-#undef HAVE_INET_NTOA
-
-/* Define to 1 if you have the `inet_ntop' function. */
-#undef HAVE_INET_NTOP
-
-/* Define to 1 if you have the `innetgr' function. */
-#undef HAVE_INNETGR
-
-/* define if you have int64_t data type */
-#undef HAVE_INT64_T
-
-/* Define to 1 if the system has the type `intmax_t'. */
-#undef HAVE_INTMAX_T
-
-/* Define to 1 if you have the <inttypes.h> header file. */
-#undef HAVE_INTTYPES_H
-
-/* define if you have intxx_t data type */
-#undef HAVE_INTXX_T
-
-/* Define to 1 if the system has the type `in_addr_t'. */
-#undef HAVE_IN_ADDR_T
-
-/* Define to 1 if the system has the type `in_port_t'. */
-#undef HAVE_IN_PORT_T
-
-/* Define if you have isblank(3C). */
-#undef HAVE_ISBLANK
-
-/* Define to 1 if you have the `krb5_cc_new_unique' function. */
-#undef HAVE_KRB5_CC_NEW_UNIQUE
-
-/* Define to 1 if you have the `krb5_free_error_message' function. */
-#undef HAVE_KRB5_FREE_ERROR_MESSAGE
-
-/* Define to 1 if you have the `krb5_get_error_message' function. */
-#undef HAVE_KRB5_GET_ERROR_MESSAGE
-
-/* Define to 1 if you have the <lastlog.h> header file. */
-#undef HAVE_LASTLOG_H
-
-/* Define if you want ldns support */
-#undef HAVE_LDNS
-
-/* Define to 1 if you have the <libaudit.h> header file. */
-#undef HAVE_LIBAUDIT_H
-
-/* Define to 1 if you have the `bsm' library (-lbsm). */
-#undef HAVE_LIBBSM
-
-/* Define to 1 if you have the `crypt' library (-lcrypt). */
-#undef HAVE_LIBCRYPT
-
-/* Define to 1 if you have the `dl' library (-ldl). */
-#undef HAVE_LIBDL
-
-/* Define to 1 if you have the <libgen.h> header file. */
-#undef HAVE_LIBGEN_H
-
-/* Define if system has libiaf that supports set_id */
-#undef HAVE_LIBIAF
-
-/* Define to 1 if you have the `network' library (-lnetwork). */
-#undef HAVE_LIBNETWORK
-
-/* Define to 1 if you have the `nsl' library (-lnsl). */
-#undef HAVE_LIBNSL
-
-/* Define to 1 if you have the `pam' library (-lpam). */
-#undef HAVE_LIBPAM
-
-/* Define to 1 if you have the `socket' library (-lsocket). */
-#undef HAVE_LIBSOCKET
-
-/* Define to 1 if you have the <libutil.h> header file. */
-#undef HAVE_LIBUTIL_H
-
-/* Define to 1 if you have the `xnet' library (-lxnet). */
-#undef HAVE_LIBXNET
-
-/* Define to 1 if you have the `z' library (-lz). */
-#undef HAVE_LIBZ
-
-/* Define to 1 if you have the <limits.h> header file. */
-#undef HAVE_LIMITS_H
-
-/* Define to 1 if you have the <linux/audit.h> header file. */
-#undef HAVE_LINUX_AUDIT_H
-
-/* Define to 1 if you have the <linux/filter.h> header file. */
-#undef HAVE_LINUX_FILTER_H
-
-/* Define to 1 if you have the <linux/if_tun.h> header file. */
-#undef HAVE_LINUX_IF_TUN_H
-
-/* Define to 1 if you have the <linux/seccomp.h> header file. */
-#undef HAVE_LINUX_SECCOMP_H
-
-/* Define to 1 if you have the <locale.h> header file. */
-#undef HAVE_LOCALE_H
-
-/* Define to 1 if you have the `login' function. */
-#undef HAVE_LOGIN
-
-/* Define to 1 if you have the <login_cap.h> header file. */
-#undef HAVE_LOGIN_CAP_H
-
-/* Define to 1 if you have the `login_getcapbool' function. */
-#undef HAVE_LOGIN_GETCAPBOOL
-
-/* Define to 1 if you have the <login.h> header file. */
-#undef HAVE_LOGIN_H
-
-/* Define to 1 if you have the `logout' function. */
-#undef HAVE_LOGOUT
-
-/* Define to 1 if you have the `logwtmp' function. */
-#undef HAVE_LOGWTMP
-
-/* Define to 1 if the system has the type `long double'. */
-#undef HAVE_LONG_DOUBLE
-
-/* Define to 1 if the system has the type `long long'. */
-#undef HAVE_LONG_LONG
-
-/* Define to 1 if you have the <maillock.h> header file. */
-#undef HAVE_MAILLOCK_H
-
-/* Define to 1 if you have the `mblen' function. */
-#undef HAVE_MBLEN
-
-/* Define to 1 if you have the `md5_crypt' function. */
-#undef HAVE_MD5_CRYPT
-
-/* Define if you want to allow MD5 passwords */
-#undef HAVE_MD5_PASSWORDS
-
-/* Define to 1 if you have the `memmove' function. */
-#undef HAVE_MEMMOVE
-
-/* Define to 1 if you have the <memory.h> header file. */
-#undef HAVE_MEMORY_H
-
-/* Define to 1 if you have the `memset_s' function. */
-#undef HAVE_MEMSET_S
-
-/* Define to 1 if you have the `mkdtemp' function. */
-#undef HAVE_MKDTEMP
-
-/* Define to 1 if you have the `mmap' function. */
-#undef HAVE_MMAP
-
-/* define if you have mode_t data type */
-#undef HAVE_MODE_T
-
-/* Some systems put nanosleep outside of libc */
-#undef HAVE_NANOSLEEP
-
-/* Define to 1 if you have the <ndir.h> header file. */
-#undef HAVE_NDIR_H
-
-/* Define to 1 if you have the <netdb.h> header file. */
-#undef HAVE_NETDB_H
-
-/* Define to 1 if you have the <netgroup.h> header file. */
-#undef HAVE_NETGROUP_H
-
-/* Define to 1 if you have the <net/if_tun.h> header file. */
-#undef HAVE_NET_IF_TUN_H
-
-/* Define if you are on NeXT */
-#undef HAVE_NEXT
-
-/* Define to 1 if you have the `ngetaddrinfo' function. */
-#undef HAVE_NGETADDRINFO
-
-/* Define to 1 if you have the `nsleep' function. */
-#undef HAVE_NSLEEP
-
-/* Define to 1 if you have the `ogetaddrinfo' function. */
-#undef HAVE_OGETADDRINFO
-
-/* Define if you have an old version of PAM which takes only one argument to
-   pam_strerror */
-#undef HAVE_OLD_PAM
-
-/* Define to 1 if you have the `openlog_r' function. */
-#undef HAVE_OPENLOG_R
-
-/* Define to 1 if you have the `openpty' function. */
-#undef HAVE_OPENPTY
-
-/* Define if your ssl headers are included with #include <openssl/header.h> */
-#undef HAVE_OPENSSL
-
-/* Define if you have Digital Unix Security Integration Architecture */
-#undef HAVE_OSF_SIA
-
-/* Define to 1 if you have the `pam_getenvlist' function. */
-#undef HAVE_PAM_GETENVLIST
-
-/* Define to 1 if you have the <pam/pam_appl.h> header file. */
-#undef HAVE_PAM_PAM_APPL_H
-
-/* Define to 1 if you have the `pam_putenv' function. */
-#undef HAVE_PAM_PUTENV
-
-/* Define to 1 if you have the <paths.h> header file. */
-#undef HAVE_PATHS_H
-
-/* Define if you have ut_pid in utmp.h */
-#undef HAVE_PID_IN_UTMP
-
-/* define if you have pid_t data type */
-#undef HAVE_PID_T
-
-/* Define to 1 if you have the `poll' function. */
-#undef HAVE_POLL
-
-/* Define to 1 if you have the <poll.h> header file. */
-#undef HAVE_POLL_H
-
-/* Define to 1 if you have the `prctl' function. */
-#undef HAVE_PRCTL
-
-/* Define if you have /proc/$pid/fd */
-#undef HAVE_PROC_PID
-
-/* Define to 1 if you have the `pstat' function. */
-#undef HAVE_PSTAT
-
-/* Define to 1 if you have the <pty.h> header file. */
-#undef HAVE_PTY_H
-
-/* Define to 1 if you have the `pututline' function. */
-#undef HAVE_PUTUTLINE
-
-/* Define to 1 if you have the `pututxline' function. */
-#undef HAVE_PUTUTXLINE
-
-/* Define to 1 if you have the `readpassphrase' function. */
-#undef HAVE_READPASSPHRASE
-
-/* Define to 1 if you have the <readpassphrase.h> header file. */
-#undef HAVE_READPASSPHRASE_H
-
-/* Define to 1 if you have the `reallocarray' function. */
-#undef HAVE_REALLOCARRAY
-
-/* Define to 1 if you have the `realpath' function. */
-#undef HAVE_REALPATH
-
-/* Define to 1 if you have the `recvmsg' function. */
-#undef HAVE_RECVMSG
-
-/* sys/resource.h has RLIMIT_NPROC */
-#undef HAVE_RLIMIT_NPROC
-
-/* Define to 1 if you have the <rpc/types.h> header file. */
-#undef HAVE_RPC_TYPES_H
-
-/* Define to 1 if you have the `rresvport_af' function. */
-#undef HAVE_RRESVPORT_AF
-
-/* Define to 1 if you have the `RSA_generate_key_ex' function. */
-#undef HAVE_RSA_GENERATE_KEY_EX
-
-/* Define to 1 if you have the `RSA_get_default_method' function. */
-#undef HAVE_RSA_GET_DEFAULT_METHOD
-
-/* Define to 1 if you have the <sandbox.h> header file. */
-#undef HAVE_SANDBOX_H
-
-/* Define to 1 if you have the `sandbox_init' function. */
-#undef HAVE_SANDBOX_INIT
-
-/* define if you have sa_family_t data type */
-#undef HAVE_SA_FAMILY_T
-
-/* Define to 1 if you have the `scan_scaled' function. */
-#undef HAVE_SCAN_SCALED
-
-/* Define if you have SecureWare-based protected password database */
-#undef HAVE_SECUREWARE
-
-/* Define to 1 if you have the <security/pam_appl.h> header file. */
-#undef HAVE_SECURITY_PAM_APPL_H
-
-/* Define to 1 if you have the `sendmsg' function. */
-#undef HAVE_SENDMSG
-
-/* Define to 1 if you have the `setauthdb' function. */
-#undef HAVE_SETAUTHDB
-
-/* Define to 1 if you have the `setdtablesize' function. */
-#undef HAVE_SETDTABLESIZE
-
-/* Define to 1 if you have the `setegid' function. */
-#undef HAVE_SETEGID
-
-/* Define to 1 if you have the `setenv' function. */
-#undef HAVE_SETENV
-
-/* Define to 1 if you have the `seteuid' function. */
-#undef HAVE_SETEUID
-
-/* Define to 1 if you have the `setgroupent' function. */
-#undef HAVE_SETGROUPENT
-
-/* Define to 1 if you have the `setgroups' function. */
-#undef HAVE_SETGROUPS
-
-/* Define to 1 if you have the `setlinebuf' function. */
-#undef HAVE_SETLINEBUF
-
-/* Define to 1 if you have the `setlogin' function. */
-#undef HAVE_SETLOGIN
-
-/* Define to 1 if you have the `setluid' function. */
-#undef HAVE_SETLUID
-
-/* Define to 1 if you have the `setpassent' function. */
-#undef HAVE_SETPASSENT
-
-/* Define to 1 if you have the `setpcred' function. */
-#undef HAVE_SETPCRED
-
-/* Define to 1 if you have the `setproctitle' function. */
-#undef HAVE_SETPROCTITLE
-
-/* Define to 1 if you have the `setregid' function. */
-#undef HAVE_SETREGID
-
-/* Define to 1 if you have the `setresgid' function. */
-#undef HAVE_SETRESGID
-
-/* Define to 1 if you have the `setresuid' function. */
-#undef HAVE_SETRESUID
-
-/* Define to 1 if you have the `setreuid' function. */
-#undef HAVE_SETREUID
-
-/* Define to 1 if you have the `setrlimit' function. */
-#undef HAVE_SETRLIMIT
-
-/* Define to 1 if you have the `setsid' function. */
-#undef HAVE_SETSID
-
-/* Define to 1 if you have the `setutent' function. */
-#undef HAVE_SETUTENT
-
-/* Define to 1 if you have the `setutxdb' function. */
-#undef HAVE_SETUTXDB
-
-/* Define to 1 if you have the `setutxent' function. */
-#undef HAVE_SETUTXENT
-
-/* Define to 1 if you have the `setvbuf' function. */
-#undef HAVE_SETVBUF
-
-/* Define to 1 if you have the `set_id' function. */
-#undef HAVE_SET_ID
-
-/* Define to 1 if you have the `SHA256_Update' function. */
-#undef HAVE_SHA256_UPDATE
-
-/* Define to 1 if you have the <sha2.h> header file. */
-#undef HAVE_SHA2_H
-
-/* Define to 1 if you have the <shadow.h> header file. */
-#undef HAVE_SHADOW_H
-
-/* Define to 1 if you have the `sigaction' function. */
-#undef HAVE_SIGACTION
-
-/* Define to 1 if you have the `sigvec' function. */
-#undef HAVE_SIGVEC
-
-/* Define to 1 if the system has the type `sig_atomic_t'. */
-#undef HAVE_SIG_ATOMIC_T
-
-/* define if you have size_t data type */
-#undef HAVE_SIZE_T
-
-/* Define to 1 if you have the `snprintf' function. */
-#undef HAVE_SNPRINTF
-
-/* Define to 1 if you have the `socketpair' function. */
-#undef HAVE_SOCKETPAIR
-
-/* Have PEERCRED socket option */
-#undef HAVE_SO_PEERCRED
-
-/* define if you have ssize_t data type */
-#undef HAVE_SSIZE_T
-
-/* Fields in struct sockaddr_storage */
-#undef HAVE_SS_FAMILY_IN_SS
-
-/* Define to 1 if you have the `statfs' function. */
-#undef HAVE_STATFS
-
-/* Define to 1 if you have the `statvfs' function. */
-#undef HAVE_STATVFS
-
-/* Define to 1 if you have the <stddef.h> header file. */
-#undef HAVE_STDDEF_H
-
-/* Define to 1 if you have the <stdint.h> header file. */
-#undef HAVE_STDINT_H
-
-/* Define to 1 if you have the <stdlib.h> header file. */
-#undef HAVE_STDLIB_H
-
-/* Define to 1 if you have the `strdup' function. */
-#undef HAVE_STRDUP
-
-/* Define to 1 if you have the `strerror' function. */
-#undef HAVE_STRERROR
-
-/* Define to 1 if you have the `strftime' function. */
-#undef HAVE_STRFTIME
-
-/* Silly mkstemp() */
-#undef HAVE_STRICT_MKSTEMP
-
-/* Define to 1 if you have the <strings.h> header file. */
-#undef HAVE_STRINGS_H
-
-/* Define to 1 if you have the <string.h> header file. */
-#undef HAVE_STRING_H
-
-/* Define to 1 if you have the `strlcat' function. */
-#undef HAVE_STRLCAT
-
-/* Define to 1 if you have the `strlcpy' function. */
-#undef HAVE_STRLCPY
-
-/* Define to 1 if you have the `strmode' function. */
-#undef HAVE_STRMODE
-
-/* Define to 1 if you have the `strnlen' function. */
-#undef HAVE_STRNLEN
-
-/* Define to 1 if you have the `strnvis' function. */
-#undef HAVE_STRNVIS
-
-/* Define to 1 if you have the `strptime' function. */
-#undef HAVE_STRPTIME
-
-/* Define to 1 if you have the `strsep' function. */
-#undef HAVE_STRSEP
-
-/* Define to 1 if you have the `strtoll' function. */
-#undef HAVE_STRTOLL
-
-/* Define to 1 if you have the `strtonum' function. */
-#undef HAVE_STRTONUM
-
-/* Define to 1 if you have the `strtoul' function. */
-#undef HAVE_STRTOUL
-
-/* Define to 1 if you have the `strtoull' function. */
-#undef HAVE_STRTOULL
-
-/* define if you have struct addrinfo data type */
-#undef HAVE_STRUCT_ADDRINFO
-
-/* define if you have struct in6_addr data type */
-#undef HAVE_STRUCT_IN6_ADDR
-
-/* Define to 1 if `pw_change' is a member of `struct passwd'. */
-#undef HAVE_STRUCT_PASSWD_PW_CHANGE
-
-/* Define to 1 if `pw_class' is a member of `struct passwd'. */
-#undef HAVE_STRUCT_PASSWD_PW_CLASS
-
-/* Define to 1 if `pw_expire' is a member of `struct passwd'. */
-#undef HAVE_STRUCT_PASSWD_PW_EXPIRE
-
-/* Define to 1 if `pw_gecos' is a member of `struct passwd'. */
-#undef HAVE_STRUCT_PASSWD_PW_GECOS
-
-/* define if you have struct sockaddr_in6 data type */
-#undef HAVE_STRUCT_SOCKADDR_IN6
-
-/* Define to 1 if `sin6_scope_id' is a member of `struct sockaddr_in6'. */
-#undef HAVE_STRUCT_SOCKADDR_IN6_SIN6_SCOPE_ID
-
-/* define if you have struct sockaddr_storage data type */
-#undef HAVE_STRUCT_SOCKADDR_STORAGE
-
-/* Define to 1 if `st_blksize' is a member of `struct stat'. */
-#undef HAVE_STRUCT_STAT_ST_BLKSIZE
-
-/* Define to 1 if the system has the type `struct timespec'. */
-#undef HAVE_STRUCT_TIMESPEC
-
-/* define if you have struct timeval */
-#undef HAVE_STRUCT_TIMEVAL
-
-/* Define to 1 if you have the `swap32' function. */
-#undef HAVE_SWAP32
-
-/* Define to 1 if you have the `sysconf' function. */
-#undef HAVE_SYSCONF
-
-/* Define if you have syslen in utmpx.h */
-#undef HAVE_SYSLEN_IN_UTMPX
-
-/* Define to 1 if you have the <sys/audit.h> header file. */
-#undef HAVE_SYS_AUDIT_H
-
-/* Define to 1 if you have the <sys/bitypes.h> header file. */
-#undef HAVE_SYS_BITYPES_H
-
-/* Define to 1 if you have the <sys/bsdtty.h> header file. */
-#undef HAVE_SYS_BSDTTY_H
-
-/* Define to 1 if you have the <sys/capsicum.h> header file. */
-#undef HAVE_SYS_CAPSICUM_H
-
-/* Define to 1 if you have the <sys/cdefs.h> header file. */
-#undef HAVE_SYS_CDEFS_H
-
-/* Define to 1 if you have the <sys/dir.h> header file. */
-#undef HAVE_SYS_DIR_H
-
-/* Define if your system defines sys_errlist[] */
-#undef HAVE_SYS_ERRLIST
-
-/* Define to 1 if you have the <sys/mman.h> header file. */
-#undef HAVE_SYS_MMAN_H
-
-/* Define to 1 if you have the <sys/mount.h> header file. */
-#undef HAVE_SYS_MOUNT_H
-
-/* Define to 1 if you have the <sys/ndir.h> header file. */
-#undef HAVE_SYS_NDIR_H
-
-/* Define if your system defines sys_nerr */
-#undef HAVE_SYS_NERR
-
-/* Define to 1 if you have the <sys/poll.h> header file. */
-#undef HAVE_SYS_POLL_H
-
-/* Define to 1 if you have the <sys/prctl.h> header file. */
-#undef HAVE_SYS_PRCTL_H
-
-/* Define to 1 if you have the <sys/pstat.h> header file. */
-#undef HAVE_SYS_PSTAT_H
-
-/* Define to 1 if you have the <sys/ptms.h> header file. */
-#undef HAVE_SYS_PTMS_H
-
-/* Define to 1 if you have the <sys/select.h> header file. */
-#undef HAVE_SYS_SELECT_H
-
-/* Define to 1 if you have the <sys/statvfs.h> header file. */
-#undef HAVE_SYS_STATVFS_H
-
-/* Define to 1 if you have the <sys/stat.h> header file. */
-#undef HAVE_SYS_STAT_H
-
-/* Define to 1 if you have the <sys/stream.h> header file. */
-#undef HAVE_SYS_STREAM_H
-
-/* Define to 1 if you have the <sys/stropts.h> header file. */
-#undef HAVE_SYS_STROPTS_H
-
-/* Define to 1 if you have the <sys/strtio.h> header file. */
-#undef HAVE_SYS_STRTIO_H
-
-/* Force use of sys/syslog.h on Ultrix */
-#undef HAVE_SYS_SYSLOG_H
-
-/* Define to 1 if you have the <sys/sysmacros.h> header file. */
-#undef HAVE_SYS_SYSMACROS_H
-
-/* Define to 1 if you have the <sys/timers.h> header file. */
-#undef HAVE_SYS_TIMERS_H
-
-/* Define to 1 if you have the <sys/time.h> header file. */
-#undef HAVE_SYS_TIME_H
-
-/* Define to 1 if you have the <sys/types.h> header file. */
-#undef HAVE_SYS_TYPES_H
-
-/* Define to 1 if you have the <sys/un.h> header file. */
-#undef HAVE_SYS_UN_H
-
-/* Define to 1 if you have the `tcgetpgrp' function. */
-#undef HAVE_TCGETPGRP
-
-/* Define to 1 if you have the `tcsendbreak' function. */
-#undef HAVE_TCSENDBREAK
-
-/* Define to 1 if you have the `time' function. */
-#undef HAVE_TIME
-
-/* Define to 1 if you have the <time.h> header file. */
-#undef HAVE_TIME_H
-
-/* Define if you have ut_time in utmp.h */
-#undef HAVE_TIME_IN_UTMP
-
-/* Define if you have ut_time in utmpx.h */
-#undef HAVE_TIME_IN_UTMPX
-
-/* Define to 1 if you have the `timingsafe_bcmp' function. */
-#undef HAVE_TIMINGSAFE_BCMP
-
-/* Define to 1 if you have the <tmpdir.h> header file. */
-#undef HAVE_TMPDIR_H
-
-/* Define to 1 if you have the `truncate' function. */
-#undef HAVE_TRUNCATE
-
-/* Define to 1 if you have the <ttyent.h> header file. */
-#undef HAVE_TTYENT_H
-
-/* Define if you have ut_tv in utmp.h */
-#undef HAVE_TV_IN_UTMP
-
-/* Define if you have ut_tv in utmpx.h */
-#undef HAVE_TV_IN_UTMPX
-
-/* Define if you have ut_type in utmp.h */
-#undef HAVE_TYPE_IN_UTMP
-
-/* Define if you have ut_type in utmpx.h */
-#undef HAVE_TYPE_IN_UTMPX
-
-/* Define to 1 if you have the <ucred.h> header file. */
-#undef HAVE_UCRED_H
-
-/* Define to 1 if the system has the type `uintmax_t'. */
-#undef HAVE_UINTMAX_T
-
-/* define if you have uintxx_t data type */
-#undef HAVE_UINTXX_T
-
-/* Define to 1 if you have the <unistd.h> header file. */
-#undef HAVE_UNISTD_H
-
-/* Define to 1 if you have the `unsetenv' function. */
-#undef HAVE_UNSETENV
-
-/* Define to 1 if the system has the type `unsigned long long'. */
-#undef HAVE_UNSIGNED_LONG_LONG
-
-/* Define to 1 if you have the `updwtmp' function. */
-#undef HAVE_UPDWTMP
-
-/* Define to 1 if you have the `updwtmpx' function. */
-#undef HAVE_UPDWTMPX
-
-/* Define to 1 if you have the <usersec.h> header file. */
-#undef HAVE_USERSEC_H
-
-/* Define to 1 if you have the `user_from_uid' function. */
-#undef HAVE_USER_FROM_UID
-
-/* Define to 1 if you have the `usleep' function. */
-#undef HAVE_USLEEP
-
-/* Define to 1 if you have the <util.h> header file. */
-#undef HAVE_UTIL_H
-
-/* Define to 1 if you have the `utimes' function. */
-#undef HAVE_UTIMES
-
-/* Define to 1 if you have the <utime.h> header file. */
-#undef HAVE_UTIME_H
-
-/* Define to 1 if you have the `utmpname' function. */
-#undef HAVE_UTMPNAME
-
-/* Define to 1 if you have the `utmpxname' function. */
-#undef HAVE_UTMPXNAME
-
-/* Define to 1 if you have the <utmpx.h> header file. */
-#undef HAVE_UTMPX_H
-
-/* Define to 1 if you have the <utmp.h> header file. */
-#undef HAVE_UTMP_H
-
-/* define if you have u_char data type */
-#undef HAVE_U_CHAR
-
-/* define if you have u_int data type */
-#undef HAVE_U_INT
-
-/* define if you have u_int64_t data type */
-#undef HAVE_U_INT64_T
-
-/* define if you have u_intxx_t data type */
-#undef HAVE_U_INTXX_T
-
-/* Define to 1 if you have the `vasprintf' function. */
-#undef HAVE_VASPRINTF
-
-/* Define if va_copy exists */
-#undef HAVE_VA_COPY
-
-/* Define to 1 if you have the <vis.h> header file. */
-#undef HAVE_VIS_H
-
-/* Define to 1 if you have the `vsnprintf' function. */
-#undef HAVE_VSNPRINTF
-
-/* Define to 1 if you have the `waitpid' function. */
-#undef HAVE_WAITPID
-
-/* Define to 1 if you have the `_getlong' function. */
-#undef HAVE__GETLONG
-
-/* Define to 1 if you have the `_getpty' function. */
-#undef HAVE__GETPTY
-
-/* Define to 1 if you have the `_getshort' function. */
-#undef HAVE__GETSHORT
-
-/* Define if you have struct __res_state _res as an extern */
-#undef HAVE__RES_EXTERN
-
-/* Define to 1 if you have the `__b64_ntop' function. */
-#undef HAVE___B64_NTOP
-
-/* Define to 1 if you have the `__b64_pton' function. */
-#undef HAVE___B64_PTON
-
-/* Define if compiler implements __FUNCTION__ */
-#undef HAVE___FUNCTION__
-
-/* Define if libc defines __progname */
-#undef HAVE___PROGNAME
-
-/* Fields in struct sockaddr_storage */
-#undef HAVE___SS_FAMILY_IN_SS
-
-/* Define if __va_copy exists */
-#undef HAVE___VA_COPY
-
-/* Define if compiler implements __func__ */
-#undef HAVE___func__
-
-/* Define this if you are using the Heimdal version of Kerberos V5 */
-#undef HEIMDAL
-
-/* Define if you need to use IP address instead of hostname in $DISPLAY */
-#undef IPADDR_IN_DISPLAY
-
-/* Detect IPv4 in IPv6 mapped addresses and treat as IPv4 */
-#undef IPV4_IN_IPV6
-
-/* Define if your system choked on IP TOS setting */
-#undef IP_TOS_IS_BROKEN
-
-/* Define if you want Kerberos 5 support */
-#undef KRB5
-
-/* Define if pututxline updates lastlog too */
-#undef LASTLOG_WRITE_PUTUTXLINE
-
-/* Define if you want TCP Wrappers support */
-#undef LIBWRAP
-
-/* Define to whatever link() returns for "not supported" if it doesn't return
-   EOPNOTSUPP. */
-#undef LINK_OPNOTSUPP_ERRNO
-
-/* Adjust Linux out-of-memory killer */
-#undef LINUX_OOM_ADJUST
-
-/* max value of long long calculated by configure */
-#undef LLONG_MAX
-
-/* min value of long long calculated by configure */
-#undef LLONG_MIN
-
-/* Account locked with pw(1) */
-#undef LOCKED_PASSWD_PREFIX
-
-/* String used in /etc/passwd to denote locked account */
-#undef LOCKED_PASSWD_STRING
-
-/* String used in /etc/passwd to denote locked account */
-#undef LOCKED_PASSWD_SUBSTR
-
-/* Some versions of /bin/login need the TERM supplied on the commandline */
-#undef LOGIN_NEEDS_TERM
-
-/* Some systems need a utmpx entry for /bin/login to work */
-#undef LOGIN_NEEDS_UTMPX
-
-/* Define if your login program cannot handle end of options ("--") */
-#undef LOGIN_NO_ENDOPT
-
-/* If your header files don't define LOGIN_PROGRAM, then use this (detected)
-   from environment and PATH */
-#undef LOGIN_PROGRAM_FALLBACK
-
-/* Set this to your mail directory if you do not have _PATH_MAILDIR */
-#undef MAIL_DIRECTORY
-
-/* Need setpgrp to acquire controlling tty */
-#undef NEED_SETPGRP
-
-/* compiler does not accept __attribute__ on return types */
-#undef NO_ATTRIBUTE_ON_RETURN_TYPE
-
-/* Define if the concept of ports only accessible to superusers isn't known */
-#undef NO_IPPORT_RESERVED_CONCEPT
-
-/* Define if you don't want to use lastlog in session.c */
-#undef NO_SSH_LASTLOG
-
-/* Define if X11 doesn't support AF_UNIX sockets on that system */
-#undef NO_X11_UNIX_SOCKETS
-
-/* Define if EVP_DigestUpdate returns void */
-#undef OPENSSL_EVP_DIGESTUPDATE_VOID
-
-/* OpenSSL has ECC */
-#undef OPENSSL_HAS_ECC
-
-/* libcrypto has NID_X9_62_prime256v1 */
-#undef OPENSSL_HAS_NISTP256
-
-/* libcrypto has NID_secp384r1 */
-#undef OPENSSL_HAS_NISTP384
-
-/* libcrypto has NID_secp521r1 */
-#undef OPENSSL_HAS_NISTP521
-
-/* libcrypto has EVP AES CTR */
-#undef OPENSSL_HAVE_EVPCTR
-
-/* libcrypto has EVP AES GCM */
-#undef OPENSSL_HAVE_EVPGCM
-
-/* libcrypto is missing AES 192 and 256 bit functions */
-#undef OPENSSL_LOBOTOMISED_AES
-
-/* Define if you want the OpenSSL internally seeded PRNG only */
-#undef OPENSSL_PRNG_ONLY
-
-/* Define to the address where bug reports for this package should be sent. */
-#undef PACKAGE_BUGREPORT
-
-/* Define to the full name of this package. */
-#undef PACKAGE_NAME
-
-/* Define to the full name and version of this package. */
-#undef PACKAGE_STRING
-
-/* Define to the one symbol short name of this package. */
-#undef PACKAGE_TARNAME
-
-/* Define to the home page for this package. */
-#undef PACKAGE_URL
-
-/* Define to the version of this package. */
-#undef PACKAGE_VERSION
-
-/* Define if you are using Solaris-derived PAM which passes pam_messages to
-   the conversation function with an extra level of indirection */
-#undef PAM_SUN_CODEBASE
-
-/* Work around problematic Linux PAM modules handling of PAM_TTY */
-#undef PAM_TTY_KLUDGE
-
-/* must supply username to passwd */
-#undef PASSWD_NEEDS_USERNAME
-
-/* System dirs owned by bin (uid 2) */
-#undef PLATFORM_SYS_DIR_UID
-
-/* Port number of PRNGD/EGD random number socket */
-#undef PRNGD_PORT
-
-/* Location of PRNGD/EGD random number socket */
-#undef PRNGD_SOCKET
-
-/* read(1) can return 0 for a non-closed fd */
-#undef PTY_ZEROREAD
-
-/* Sandbox using capsicum */
-#undef SANDBOX_CAPSICUM
-
-/* Sandbox using Darwin sandbox_init(3) */
-#undef SANDBOX_DARWIN
-
-/* no privsep sandboxing */
-#undef SANDBOX_NULL
-
-/* Sandbox using setrlimit(2) */
-#undef SANDBOX_RLIMIT
-
-/* Sandbox using seccomp filter */
-#undef SANDBOX_SECCOMP_FILTER
-
-/* setrlimit RLIMIT_FSIZE works */
-#undef SANDBOX_SKIP_RLIMIT_FSIZE
-
-/* define if setrlimit RLIMIT_NOFILE breaks things */
-#undef SANDBOX_SKIP_RLIMIT_NOFILE
-
-/* Sandbox using systrace(4) */
-#undef SANDBOX_SYSTRACE
-
-/* Specify the system call convention in use */
-#undef SECCOMP_AUDIT_ARCH
-
-/* Define if your platform breaks doing a seteuid before a setuid */
-#undef SETEUID_BREAKS_SETUID
-
-/* The size of `int', as computed by sizeof. */
-#undef SIZEOF_INT
-
-/* The size of `long int', as computed by sizeof. */
-#undef SIZEOF_LONG_INT
-
-/* The size of `long long int', as computed by sizeof. */
-#undef SIZEOF_LONG_LONG_INT
-
-/* The size of `short int', as computed by sizeof. */
-#undef SIZEOF_SHORT_INT
-
-/* Define if you want S/Key support */
-#undef SKEY
-
-/* Define if your skeychallenge() function takes 4 arguments (NetBSD) */
-#undef SKEYCHALLENGE_4ARG
-
-/* Define as const if snprintf() can declare const char *fmt */
-#undef SNPRINTF_CONST
-
-/* Define to a Set Process Title type if your system is supported by
-   bsd-setproctitle.c */
-#undef SPT_TYPE
-
-/* Define if sshd somehow reacquires a controlling TTY after setsid() */
-#undef SSHD_ACQUIRES_CTTY
-
-/* Define if pam_chauthtok wants real uid set to the unpriv'ed user */
-#undef SSHPAM_CHAUTHTOK_NEEDS_RUID
-
-/* Use audit debugging module */
-#undef SSH_AUDIT_EVENTS
-
-/* Windows is sensitive to read buffer size */
-#undef SSH_IOBUFSZ
-
-/* non-privileged user for privilege separation */
-#undef SSH_PRIVSEP_USER
-
-/* Use tunnel device compatibility to OpenBSD */
-#undef SSH_TUN_COMPAT_AF
-
-/* Open tunnel devices the FreeBSD way */
-#undef SSH_TUN_FREEBSD
-
-/* Open tunnel devices the Linux tun/tap way */
-#undef SSH_TUN_LINUX
-
-/* No layer 2 tunnel support */
-#undef SSH_TUN_NO_L2
-
-/* Open tunnel devices the OpenBSD way */
-#undef SSH_TUN_OPENBSD
-
-/* Prepend the address family to IP tunnel traffic */
-#undef SSH_TUN_PREPEND_AF
-
-/* Define to 1 if you have the ANSI C header files. */
-#undef STDC_HEADERS
-
-/* Define if you want a different $PATH for the superuser */
-#undef SUPERUSER_PATH
-
-/* syslog_r function is safe to use in in a signal handler */
-#undef SYSLOG_R_SAFE_IN_SIGHAND
-
-/* Support passwords > 8 chars */
-#undef UNIXWARE_LONG_PASSWORDS
-
-/* Specify default $PATH */
-#undef USER_PATH
-
-/* Define this if you want to use libkafs' AFS support */
-#undef USE_AFS
-
-/* Use BSM audit module */
-#undef USE_BSM_AUDIT
-
-/* Use btmp to log bad logins */
-#undef USE_BTMP
-
-/* Use libedit for sftp */
-#undef USE_LIBEDIT
-
-/* Use Linux audit module */
-#undef USE_LINUX_AUDIT
-
-/* Enable OpenSSL engine support */
-#undef USE_OPENSSL_ENGINE
-
-/* Define if you want to enable PAM support */
-#undef USE_PAM
-
-/* Use PIPES instead of a socketpair() */
-#undef USE_PIPES
-
-/* Define if you have Solaris process contracts */
-#undef USE_SOLARIS_PROCESS_CONTRACTS
-
-/* Define if you have Solaris projects */
-#undef USE_SOLARIS_PROJECTS
-
-/* Define if you shouldn't strip 'tty' from your ttyname in [uw]tmp */
-#undef WITH_ABBREV_NO_TTY
-
-/* Define if you want to enable AIX4's authenticate function */
-#undef WITH_AIXAUTHENTICATE
-
-/* Define if you have/want arrays (cluster-wide session managment, not C
-   arrays) */
-#undef WITH_IRIX_ARRAY
-
-/* Define if you want IRIX audit trails */
-#undef WITH_IRIX_AUDIT
-
-/* Define if you want IRIX kernel jobs */
-#undef WITH_IRIX_JOBS
-
-/* Define if you want IRIX project management */
-#undef WITH_IRIX_PROJECT
-
-/* use libcrypto for cryptography */
-#undef WITH_OPENSSL
-
-/* Define if you want SELinux support. */
-#undef WITH_SELINUX
-
-/* include SSH protocol version 1 support */
-#undef WITH_SSH1
-
-/* Define WORDS_BIGENDIAN to 1 if your processor stores words with the most
-   significant byte first (like Motorola and SPARC, unlike Intel). */
-#if defined AC_APPLE_UNIVERSAL_BUILD
-# if defined __BIG_ENDIAN__
-#  define WORDS_BIGENDIAN 1
-# endif
-#else
-# ifndef WORDS_BIGENDIAN
-#  undef WORDS_BIGENDIAN
-# endif
-#endif
-
-/* Define if xauth is found in your path */
-#undef XAUTH_PATH
-
-/* Enable large inode numbers on Mac OS X 10.5.  */
-#ifndef _DARWIN_USE_64_BIT_INODE
-# define _DARWIN_USE_64_BIT_INODE 1
-#endif
-
-/* Number of bits in a file offset, on hosts where this is settable. */
-#undef _FILE_OFFSET_BITS
-
-/* Define for large files, on AIX-style hosts. */
-#undef _LARGE_FILES
-
-/* log for bad login attempts */
-#undef _PATH_BTMP
-
-/* Full path of your "passwd" program */
-#undef _PATH_PASSWD_PROG
-
-/* Specify location of ssh.pid */
-#undef _PATH_SSH_PIDDIR
-
-/* Define if we don't have struct __res_state in resolv.h */
-#undef __res_state
-
-/* Define to `__inline__' or `__inline' if that's what the C compiler
-   calls it, or to nothing if 'inline' is not supported under any name.  */
-#ifndef __cplusplus
-#undef inline
-#endif
-
-/* type to use in place of socklen_t if not defined */
-#undef socklen_t
diff --git a/crypto/openssh/configure b/crypto/openssh/configure
deleted file mode 100755
index e33c33f..0000000
--- a/crypto/openssh/configure
+++ /dev/null
@@ -1,20057 +0,0 @@
-#! /bin/sh
-# From configure.ac Revision: 1.583 .
-# Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.69 for OpenSSH Portable.
-#
-# Report bugs to <openssh-unix-dev@mindrot.org>.
-#
-#
-# Copyright (C) 1992-1996, 1998-2012 Free Software Foundation, Inc.
-#
-#
-# This configure script is free software; the Free Software Foundation
-# gives unlimited permission to copy, distribute and modify it.
-## -------------------- ##
-## M4sh Initialization. ##
-## -------------------- ##
-
-# Be more Bourne compatible
-DUALCASE=1; export DUALCASE # for MKS sh
-if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then :
-  emulate sh
-  NULLCMD=:
-  # Pre-4.2 versions of Zsh do word splitting on ${1+"$@"}, which
-  # is contrary to our usage.  Disable this feature.
-  alias -g '${1+"$@"}'='"$@"'
-  setopt NO_GLOB_SUBST
-else
-  case `(set -o) 2>/dev/null` in #(
-  *posix*) :
-    set -o posix ;; #(
-  *) :
-     ;;
-esac
-fi
-
-
-as_nl='
-'
-export as_nl
-# Printing a long string crashes Solaris 7 /usr/bin/printf.
-as_echo='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\'
-as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo
-as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo$as_echo
-# Prefer a ksh shell builtin over an external printf program on Solaris,
-# but without wasting forks for bash or zsh.
-if test -z "$BASH_VERSION$ZSH_VERSION" \
-    && (test "X`print -r -- $as_echo`" = "X$as_echo") 2>/dev/null; then
-  as_echo='print -r --'
-  as_echo_n='print -rn --'
-elif (test "X`printf %s $as_echo`" = "X$as_echo") 2>/dev/null; then
-  as_echo='printf %s\n'
-  as_echo_n='printf %s'
-else
-  if test "X`(/usr/ucb/echo -n -n $as_echo) 2>/dev/null`" = "X-n $as_echo"; then
-    as_echo_body='eval /usr/ucb/echo -n "$1$as_nl"'
-    as_echo_n='/usr/ucb/echo -n'
-  else
-    as_echo_body='eval expr "X$1" : "X\\(.*\\)"'
-    as_echo_n_body='eval
-      arg=$1;
-      case $arg in #(
-      *"$as_nl"*)
-	expr "X$arg" : "X\\(.*\\)$as_nl";
-	arg=`expr "X$arg" : ".*$as_nl\\(.*\\)"`;;
-      esac;
-      expr "X$arg" : "X\\(.*\\)" | tr -d "$as_nl"
-    '
-    export as_echo_n_body
-    as_echo_n='sh -c $as_echo_n_body as_echo'
-  fi
-  export as_echo_body
-  as_echo='sh -c $as_echo_body as_echo'
-fi
-
-# The user is always right.
-if test "${PATH_SEPARATOR+set}" != set; then
-  PATH_SEPARATOR=:
-  (PATH='/bin;/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 && {
-    (PATH='/bin:/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 ||
-      PATH_SEPARATOR=';'
-  }
-fi
-
-
-# IFS
-# We need space, tab and new line, in precisely that order.  Quoting is
-# there to prevent editors from complaining about space-tab.
-# (If _AS_PATH_WALK were called with IFS unset, it would disable word
-# splitting by setting IFS to empty value.)
-IFS=" ""	$as_nl"
-
-# Find who we are.  Look in the path if we contain no directory separator.
-as_myself=
-case $0 in #((
-  *[\\/]* ) as_myself=$0 ;;
-  *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH
-do
-  IFS=$as_save_IFS
-  test -z "$as_dir" && as_dir=.
-    test -r "$as_dir/$0" && as_myself=$as_dir/$0 && break
-  done
-IFS=$as_save_IFS
-
-     ;;
-esac
-# We did not find ourselves, most probably we were run as `sh COMMAND'
-# in which case we are not to be found in the path.
-if test "x$as_myself" = x; then
-  as_myself=$0
-fi
-if test ! -f "$as_myself"; then
-  $as_echo "$as_myself: error: cannot find myself; rerun with an absolute file name" >&2
-  exit 1
-fi
-
-# Unset variables that we do not need and which cause bugs (e.g. in
-# pre-3.0 UWIN ksh).  But do not cause bugs in bash 2.01; the "|| exit 1"
-# suppresses any "Segmentation fault" message there.  '((' could
-# trigger a bug in pdksh 5.2.14.
-for as_var in BASH_ENV ENV MAIL MAILPATH
-do eval test x\${$as_var+set} = xset \
-  && ( (unset $as_var) || exit 1) >/dev/null 2>&1 && unset $as_var || :
-done
-PS1='$ '
-PS2='> '
-PS4='+ '
-
-# NLS nuisances.
-LC_ALL=C
-export LC_ALL
-LANGUAGE=C
-export LANGUAGE
-
-# CDPATH.
-(unset CDPATH) >/dev/null 2>&1 && unset CDPATH
-
-# Use a proper internal environment variable to ensure we don't fall
-  # into an infinite loop, continuously re-executing ourselves.
-  if test x"${_as_can_reexec}" != xno && test "x$CONFIG_SHELL" != x; then
-    _as_can_reexec=no; export _as_can_reexec;
-    # We cannot yet assume a decent shell, so we have to provide a
-# neutralization value for shells without unset; and this also
-# works around shells that cannot unset nonexistent variables.
-# Preserve -v and -x to the replacement shell.
-BASH_ENV=/dev/null
-ENV=/dev/null
-(unset BASH_ENV) >/dev/null 2>&1 && unset BASH_ENV ENV
-case $- in # ((((
-  *v*x* | *x*v* ) as_opts=-vx ;;
-  *v* ) as_opts=-v ;;
-  *x* ) as_opts=-x ;;
-  * ) as_opts= ;;
-esac
-exec $CONFIG_SHELL $as_opts "$as_myself" ${1+"$@"}
-# Admittedly, this is quite paranoid, since all the known shells bail
-# out after a failed `exec'.
-$as_echo "$0: could not re-execute with $CONFIG_SHELL" >&2
-as_fn_exit 255
-  fi
-  # We don't want this to propagate to other subprocesses.
-          { _as_can_reexec=; unset _as_can_reexec;}
-if test "x$CONFIG_SHELL" = x; then
-  as_bourne_compatible="if test -n \"\${ZSH_VERSION+set}\" && (emulate sh) >/dev/null 2>&1; then :
-  emulate sh
-  NULLCMD=:
-  # Pre-4.2 versions of Zsh do word splitting on \${1+\"\$@\"}, which
-  # is contrary to our usage.  Disable this feature.
-  alias -g '\${1+\"\$@\"}'='\"\$@\"'
-  setopt NO_GLOB_SUBST
-else
-  case \`(set -o) 2>/dev/null\` in #(
-  *posix*) :
-    set -o posix ;; #(
-  *) :
-     ;;
-esac
-fi
-"
-  as_required="as_fn_return () { (exit \$1); }
-as_fn_success () { as_fn_return 0; }
-as_fn_failure () { as_fn_return 1; }
-as_fn_ret_success () { return 0; }
-as_fn_ret_failure () { return 1; }
-
-exitcode=0
-as_fn_success || { exitcode=1; echo as_fn_success failed.; }
-as_fn_failure && { exitcode=1; echo as_fn_failure succeeded.; }
-as_fn_ret_success || { exitcode=1; echo as_fn_ret_success failed.; }
-as_fn_ret_failure && { exitcode=1; echo as_fn_ret_failure succeeded.; }
-if ( set x; as_fn_ret_success y && test x = \"\$1\" ); then :
-
-else
-  exitcode=1; echo positional parameters were not saved.
-fi
-test x\$exitcode = x0 || exit 1
-test -x / || exit 1"
-  as_suggested="  as_lineno_1=";as_suggested=$as_suggested$LINENO;as_suggested=$as_suggested" as_lineno_1a=\$LINENO
-  as_lineno_2=";as_suggested=$as_suggested$LINENO;as_suggested=$as_suggested" as_lineno_2a=\$LINENO
-  eval 'test \"x\$as_lineno_1'\$as_run'\" != \"x\$as_lineno_2'\$as_run'\" &&
-  test \"x\`expr \$as_lineno_1'\$as_run' + 1\`\" = \"x\$as_lineno_2'\$as_run'\"' || exit 1
-test \$(( 1 + 1 )) = 2 || exit 1"
-  if (eval "$as_required") 2>/dev/null; then :
-  as_have_required=yes
-else
-  as_have_required=no
-fi
-  if test x$as_have_required = xyes && (eval "$as_suggested") 2>/dev/null; then :
-
-else
-  as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-as_found=false
-for as_dir in /bin$PATH_SEPARATOR/usr/bin$PATH_SEPARATOR$PATH
-do
-  IFS=$as_save_IFS
-  test -z "$as_dir" && as_dir=.
-  as_found=:
-  case $as_dir in #(
-	 /*)
-	   for as_base in sh bash ksh sh5; do
-	     # Try only shells that exist, to save several forks.
-	     as_shell=$as_dir/$as_base
-	     if { test -f "$as_shell" || test -f "$as_shell.exe"; } &&
-		    { $as_echo "$as_bourne_compatible""$as_required" | as_run=a "$as_shell"; } 2>/dev/null; then :
-  CONFIG_SHELL=$as_shell as_have_required=yes
-		   if { $as_echo "$as_bourne_compatible""$as_suggested" | as_run=a "$as_shell"; } 2>/dev/null; then :
-  break 2
-fi
-fi
-	   done;;
-       esac
-  as_found=false
-done
-$as_found || { if { test -f "$SHELL" || test -f "$SHELL.exe"; } &&
-	      { $as_echo "$as_bourne_compatible""$as_required" | as_run=a "$SHELL"; } 2>/dev/null; then :
-  CONFIG_SHELL=$SHELL as_have_required=yes
-fi; }
-IFS=$as_save_IFS
-
-
-      if test "x$CONFIG_SHELL" != x; then :
-  export CONFIG_SHELL
-             # We cannot yet assume a decent shell, so we have to provide a
-# neutralization value for shells without unset; and this also
-# works around shells that cannot unset nonexistent variables.
-# Preserve -v and -x to the replacement shell.
-BASH_ENV=/dev/null
-ENV=/dev/null
-(unset BASH_ENV) >/dev/null 2>&1 && unset BASH_ENV ENV
-case $- in # ((((
-  *v*x* | *x*v* ) as_opts=-vx ;;
-  *v* ) as_opts=-v ;;
-  *x* ) as_opts=-x ;;
-  * ) as_opts= ;;
-esac
-exec $CONFIG_SHELL $as_opts "$as_myself" ${1+"$@"}
-# Admittedly, this is quite paranoid, since all the known shells bail
-# out after a failed `exec'.
-$as_echo "$0: could not re-execute with $CONFIG_SHELL" >&2
-exit 255
-fi
-
-    if test x$as_have_required = xno; then :
-  $as_echo "$0: This script requires a shell more modern than all"
-  $as_echo "$0: the shells that I found on your system."
-  if test x${ZSH_VERSION+set} = xset ; then
-    $as_echo "$0: In particular, zsh $ZSH_VERSION has bugs and should"
-    $as_echo "$0: be upgraded to zsh 4.3.4 or later."
-  else
-    $as_echo "$0: Please tell bug-autoconf@gnu.org and
-$0: openssh-unix-dev@mindrot.org about your system,
-$0: including any error possibly output before this
-$0: message. Then install a modern shell, or manually run
-$0: the script under such a shell if you do have one."
-  fi
-  exit 1
-fi
-fi
-fi
-SHELL=${CONFIG_SHELL-/bin/sh}
-export SHELL
-# Unset more variables known to interfere with behavior of common tools.
-CLICOLOR_FORCE= GREP_OPTIONS=
-unset CLICOLOR_FORCE GREP_OPTIONS
-
-## --------------------- ##
-## M4sh Shell Functions. ##
-## --------------------- ##
-# as_fn_unset VAR
-# ---------------
-# Portably unset VAR.
-as_fn_unset ()
-{
-  { eval $1=; unset $1;}
-}
-as_unset=as_fn_unset
-
-# as_fn_set_status STATUS
-# -----------------------
-# Set $? to STATUS, without forking.
-as_fn_set_status ()
-{
-  return $1
-} # as_fn_set_status
-
-# as_fn_exit STATUS
-# -----------------
-# Exit the shell with STATUS, even in a "trap 0" or "set -e" context.
-as_fn_exit ()
-{
-  set +e
-  as_fn_set_status $1
-  exit $1
-} # as_fn_exit
-
-# as_fn_mkdir_p
-# -------------
-# Create "$as_dir" as a directory, including parents if necessary.
-as_fn_mkdir_p ()
-{
-
-  case $as_dir in #(
-  -*) as_dir=./$as_dir;;
-  esac
-  test -d "$as_dir" || eval $as_mkdir_p || {
-    as_dirs=
-    while :; do
-      case $as_dir in #(
-      *\'*) as_qdir=`$as_echo "$as_dir" | sed "s/'/'\\\\\\\\''/g"`;; #'(
-      *) as_qdir=$as_dir;;
-      esac
-      as_dirs="'$as_qdir' $as_dirs"
-      as_dir=`$as_dirname -- "$as_dir" ||
-$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
-	 X"$as_dir" : 'X\(//\)[^/]' \| \
-	 X"$as_dir" : 'X\(//\)$' \| \
-	 X"$as_dir" : 'X\(/\)' \| . 2>/dev/null ||
-$as_echo X"$as_dir" |
-    sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{
-	    s//\1/
-	    q
-	  }
-	  /^X\(\/\/\)[^/].*/{
-	    s//\1/
-	    q
-	  }
-	  /^X\(\/\/\)$/{
-	    s//\1/
-	    q
-	  }
-	  /^X\(\/\).*/{
-	    s//\1/
-	    q
-	  }
-	  s/.*/./; q'`
-      test -d "$as_dir" && break
-    done
-    test -z "$as_dirs" || eval "mkdir $as_dirs"
-  } || test -d "$as_dir" || as_fn_error $? "cannot create directory $as_dir"
-
-
-} # as_fn_mkdir_p
-
-# as_fn_executable_p FILE
-# -----------------------
-# Test if FILE is an executable regular file.
-as_fn_executable_p ()
-{
-  test -f "$1" && test -x "$1"
-} # as_fn_executable_p
-# as_fn_append VAR VALUE
-# ----------------------
-# Append the text in VALUE to the end of the definition contained in VAR. Take
-# advantage of any shell optimizations that allow amortized linear growth over
-# repeated appends, instead of the typical quadratic growth present in naive
-# implementations.
-if (eval "as_var=1; as_var+=2; test x\$as_var = x12") 2>/dev/null; then :
-  eval 'as_fn_append ()
-  {
-    eval $1+=\$2
-  }'
-else
-  as_fn_append ()
-  {
-    eval $1=\$$1\$2
-  }
-fi # as_fn_append
-
-# as_fn_arith ARG...
-# ------------------
-# Perform arithmetic evaluation on the ARGs, and store the result in the
-# global $as_val. Take advantage of shells that can avoid forks. The arguments
-# must be portable across $(()) and expr.
-if (eval "test \$(( 1 + 1 )) = 2") 2>/dev/null; then :
-  eval 'as_fn_arith ()
-  {
-    as_val=$(( $* ))
-  }'
-else
-  as_fn_arith ()
-  {
-    as_val=`expr "$@" || test $? -eq 1`
-  }
-fi # as_fn_arith
-
-
-# as_fn_error STATUS ERROR [LINENO LOG_FD]
-# ----------------------------------------
-# Output "`basename $0`: error: ERROR" to stderr. If LINENO and LOG_FD are
-# provided, also output the error to LOG_FD, referencing LINENO. Then exit the
-# script with STATUS, using 1 if that was 0.
-as_fn_error ()
-{
-  as_status=$1; test $as_status -eq 0 && as_status=1
-  if test "$4"; then
-    as_lineno=${as_lineno-"$3"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
-    $as_echo "$as_me:${as_lineno-$LINENO}: error: $2" >&$4
-  fi
-  $as_echo "$as_me: error: $2" >&2
-  as_fn_exit $as_status
-} # as_fn_error
-
-if expr a : '\(a\)' >/dev/null 2>&1 &&
-   test "X`expr 00001 : '.*\(...\)'`" = X001; then
-  as_expr=expr
-else
-  as_expr=false
-fi
-
-if (basename -- /) >/dev/null 2>&1 && test "X`basename -- / 2>&1`" = "X/"; then
-  as_basename=basename
-else
-  as_basename=false
-fi
-
-if (as_dir=`dirname -- /` && test "X$as_dir" = X/) >/dev/null 2>&1; then
-  as_dirname=dirname
-else
-  as_dirname=false
-fi
-
-as_me=`$as_basename -- "$0" ||
-$as_expr X/"$0" : '.*/\([^/][^/]*\)/*$' \| \
-	 X"$0" : 'X\(//\)$' \| \
-	 X"$0" : 'X\(/\)' \| . 2>/dev/null ||
-$as_echo X/"$0" |
-    sed '/^.*\/\([^/][^/]*\)\/*$/{
-	    s//\1/
-	    q
-	  }
-	  /^X\/\(\/\/\)$/{
-	    s//\1/
-	    q
-	  }
-	  /^X\/\(\/\).*/{
-	    s//\1/
-	    q
-	  }
-	  s/.*/./; q'`
-
-# Avoid depending upon Character Ranges.
-as_cr_letters='abcdefghijklmnopqrstuvwxyz'
-as_cr_LETTERS='ABCDEFGHIJKLMNOPQRSTUVWXYZ'
-as_cr_Letters=$as_cr_letters$as_cr_LETTERS
-as_cr_digits='0123456789'
-as_cr_alnum=$as_cr_Letters$as_cr_digits
-
-
-  as_lineno_1=$LINENO as_lineno_1a=$LINENO
-  as_lineno_2=$LINENO as_lineno_2a=$LINENO
-  eval 'test "x$as_lineno_1'$as_run'" != "x$as_lineno_2'$as_run'" &&
-  test "x`expr $as_lineno_1'$as_run' + 1`" = "x$as_lineno_2'$as_run'"' || {
-  # Blame Lee E. McMahon (1931-1989) for sed's syntax.  :-)
-  sed -n '
-    p
-    /[$]LINENO/=
-  ' <$as_myself |
-    sed '
-      s/[$]LINENO.*/&-/
-      t lineno
-      b
-      :lineno
-      N
-      :loop
-      s/[$]LINENO\([^'$as_cr_alnum'_].*\n\)\(.*\)/\2\1\2/
-      t loop
-      s/-\n.*//
-    ' >$as_me.lineno &&
-  chmod +x "$as_me.lineno" ||
-    { $as_echo "$as_me: error: cannot create $as_me.lineno; rerun with a POSIX shell" >&2; as_fn_exit 1; }
-
-  # If we had to re-execute with $CONFIG_SHELL, we're ensured to have
-  # already done that, so ensure we don't try to do so again and fall
-  # in an infinite loop.  This has already happened in practice.
-  _as_can_reexec=no; export _as_can_reexec
-  # Don't try to exec as it changes $[0], causing all sort of problems
-  # (the dirname of $[0] is not the place where we might find the
-  # original and so on.  Autoconf is especially sensitive to this).
-  . "./$as_me.lineno"
-  # Exit status is that of the last command.
-  exit
-}
-
-ECHO_C= ECHO_N= ECHO_T=
-case `echo -n x` in #(((((
--n*)
-  case `echo 'xy\c'` in
-  *c*) ECHO_T='	';;	# ECHO_T is single tab character.
-  xy)  ECHO_C='\c';;
-  *)   echo `echo ksh88 bug on AIX 6.1` > /dev/null
-       ECHO_T='	';;
-  esac;;
-*)
-  ECHO_N='-n';;
-esac
-
-rm -f conf$$ conf$$.exe conf$$.file
-if test -d conf$$.dir; then
-  rm -f conf$$.dir/conf$$.file
-else
-  rm -f conf$$.dir
-  mkdir conf$$.dir 2>/dev/null
-fi
-if (echo >conf$$.file) 2>/dev/null; then
-  if ln -s conf$$.file conf$$ 2>/dev/null; then
-    as_ln_s='ln -s'
-    # ... but there are two gotchas:
-    # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail.
-    # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable.
-    # In both cases, we have to default to `cp -pR'.
-    ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe ||
-      as_ln_s='cp -pR'
-  elif ln conf$$.file conf$$ 2>/dev/null; then
-    as_ln_s=ln
-  else
-    as_ln_s='cp -pR'
-  fi
-else
-  as_ln_s='cp -pR'
-fi
-rm -f conf$$ conf$$.exe conf$$.dir/conf$$.file conf$$.file
-rmdir conf$$.dir 2>/dev/null
-
-if mkdir -p . 2>/dev/null; then
-  as_mkdir_p='mkdir -p "$as_dir"'
-else
-  test -d ./-p && rmdir ./-p
-  as_mkdir_p=false
-fi
-
-as_test_x='test -x'
-as_executable_p=as_fn_executable_p
-
-# Sed expression to map a string onto a valid CPP name.
-as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'"
-
-# Sed expression to map a string onto a valid variable name.
-as_tr_sh="eval sed 'y%*+%pp%;s%[^_$as_cr_alnum]%_%g'"
-
-
-test -n "$DJDIR" || exec 7<&0 </dev/null
-exec 6>&1
-
-# Name of the host.
-# hostname on some systems (SVR3.2, old GNU/Linux) returns a bogus exit status,
-# so uname gets run too.
-ac_hostname=`(hostname || uname -n) 2>/dev/null | sed 1q`
-
-#
-# Initializations.
-#
-ac_default_prefix=/usr/local
-ac_clean_files=
-ac_config_libobj_dir=.
-LIBOBJS=
-cross_compiling=no
-subdirs=
-MFLAGS=
-MAKEFLAGS=
-
-# Identity of this package.
-PACKAGE_NAME='OpenSSH'
-PACKAGE_TARNAME='openssh'
-PACKAGE_VERSION='Portable'
-PACKAGE_STRING='OpenSSH Portable'
-PACKAGE_BUGREPORT='openssh-unix-dev@mindrot.org'
-PACKAGE_URL=''
-
-ac_unique_file="ssh.c"
-# Factoring default headers for most tests.
-ac_includes_default="\
-#include <stdio.h>
-#ifdef HAVE_SYS_TYPES_H
-# include <sys/types.h>
-#endif
-#ifdef HAVE_SYS_STAT_H
-# include <sys/stat.h>
-#endif
-#ifdef STDC_HEADERS
-# include <stdlib.h>
-# include <stddef.h>
-#else
-# ifdef HAVE_STDLIB_H
-#  include <stdlib.h>
-# endif
-#endif
-#ifdef HAVE_STRING_H
-# if !defined STDC_HEADERS && defined HAVE_MEMORY_H
-#  include <memory.h>
-# endif
-# include <string.h>
-#endif
-#ifdef HAVE_STRINGS_H
-# include <strings.h>
-#endif
-#ifdef HAVE_INTTYPES_H
-# include <inttypes.h>
-#endif
-#ifdef HAVE_STDINT_H
-# include <stdint.h>
-#endif
-#ifdef HAVE_UNISTD_H
-# include <unistd.h>
-#endif"
-
-ac_subst_vars='LTLIBOBJS
-LIBOBJS
-UNSUPPORTED_ALGORITHMS
-TEST_MALLOC_OPTIONS
-TEST_SSH_IPV6
-piddir
-user_path
-mansubdir
-MANTYPE
-XAUTH_PATH
-STRIP_OPT
-xauth_path
-PRIVSEP_PATH
-K5LIBS
-GSSLIBS
-KRB5CONF
-SSHDLIBS
-SSHLIBS
-SSH_PRIVSEP_USER
-COMMENT_OUT_ECC
-TEST_SSH_ECC
-LIBEDIT
-PKGCONFIG
-LD
-PATH_PASSWD_PROG
-LOGIN_PROGRAM_FALLBACK
-STARTUP_SCRIPT_SHELL
-MAKE_PACKAGE_SUPPORTED
-PATH_USERADD_PROG
-PATH_GROUPADD_PROG
-MANFMT
-TEST_SHELL
-MANDOC
-NROFF
-GROFF
-SH
-TEST_MINUS_S_SH
-ENT
-SED
-PERL
-KILL
-CAT
-ac_ct_AR
-AR
-INSTALL_DATA
-INSTALL_SCRIPT
-INSTALL_PROGRAM
-RANLIB
-AWK
-EGREP
-GREP
-CPP
-host_os
-host_vendor
-host_cpu
-host
-build_os
-build_vendor
-build_cpu
-build
-OBJEXT
-EXEEXT
-ac_ct_CC
-CPPFLAGS
-LDFLAGS
-CFLAGS
-CC
-target_alias
-host_alias
-build_alias
-LIBS
-ECHO_T
-ECHO_N
-ECHO_C
-DEFS
-mandir
-localedir
-libdir
-psdir
-pdfdir
-dvidir
-htmldir
-infodir
-docdir
-oldincludedir
-includedir
-localstatedir
-sharedstatedir
-sysconfdir
-datadir
-datarootdir
-libexecdir
-sbindir
-bindir
-program_transform_name
-prefix
-exec_prefix
-PACKAGE_URL
-PACKAGE_BUGREPORT
-PACKAGE_STRING
-PACKAGE_VERSION
-PACKAGE_TARNAME
-PACKAGE_NAME
-PATH_SEPARATOR
-SHELL'
-ac_subst_files=''
-ac_user_opts='
-enable_option_checking
-enable_largefile
-with_openssl
-with_ssh1
-with_stackprotect
-with_hardening
-with_rpath
-with_cflags
-with_cppflags
-with_ldflags
-with_libs
-with_Werror
-with_solaris_contracts
-with_solaris_projects
-with_osfsia
-with_zlib
-with_zlib_version_check
-with_skey
-with_tcp_wrappers
-with_ldns
-with_libedit
-with_audit
-with_pie
-with_ssl_dir
-with_openssl_header_check
-with_ssl_engine
-with_prngd_port
-with_prngd_socket
-with_pam
-with_privsep_user
-with_sandbox
-with_selinux
-with_kerberos5
-with_privsep_path
-with_xauth
-enable_strip
-with_maildir
-with_mantype
-with_md5_passwords
-with_shadow
-with_ipaddr_display
-enable_etc_default_login
-with_default_path
-with_superuser_path
-with_4in6
-with_bsd_auth
-with_pid_dir
-enable_lastlog
-enable_utmp
-enable_utmpx
-enable_wtmp
-enable_wtmpx
-enable_libutil
-enable_pututline
-enable_pututxline
-with_lastlog
-'
-      ac_precious_vars='build_alias
-host_alias
-target_alias
-CC
-CFLAGS
-LDFLAGS
-LIBS
-CPPFLAGS
-CPP'
-
-
-# Initialize some variables set by options.
-ac_init_help=
-ac_init_version=false
-ac_unrecognized_opts=
-ac_unrecognized_sep=
-# The variables have the same names as the options, with
-# dashes changed to underlines.
-cache_file=/dev/null
-exec_prefix=NONE
-no_create=
-no_recursion=
-prefix=NONE
-program_prefix=NONE
-program_suffix=NONE
-program_transform_name=s,x,x,
-silent=
-site=
-srcdir=
-verbose=
-x_includes=NONE
-x_libraries=NONE
-
-# Installation directory options.
-# These are left unexpanded so users can "make install exec_prefix=/foo"
-# and all the variables that are supposed to be based on exec_prefix
-# by default will actually change.
-# Use braces instead of parens because sh, perl, etc. also accept them.
-# (The list follows the same order as the GNU Coding Standards.)
-bindir='${exec_prefix}/bin'
-sbindir='${exec_prefix}/sbin'
-libexecdir='${exec_prefix}/libexec'
-datarootdir='${prefix}/share'
-datadir='${datarootdir}'
-sysconfdir='${prefix}/etc'
-sharedstatedir='${prefix}/com'
-localstatedir='${prefix}/var'
-includedir='${prefix}/include'
-oldincludedir='/usr/include'
-docdir='${datarootdir}/doc/${PACKAGE_TARNAME}'
-infodir='${datarootdir}/info'
-htmldir='${docdir}'
-dvidir='${docdir}'
-pdfdir='${docdir}'
-psdir='${docdir}'
-libdir='${exec_prefix}/lib'
-localedir='${datarootdir}/locale'
-mandir='${datarootdir}/man'
-
-ac_prev=
-ac_dashdash=
-for ac_option
-do
-  # If the previous option needs an argument, assign it.
-  if test -n "$ac_prev"; then
-    eval $ac_prev=\$ac_option
-    ac_prev=
-    continue
-  fi
-
-  case $ac_option in
-  *=?*) ac_optarg=`expr "X$ac_option" : '[^=]*=\(.*\)'` ;;
-  *=)   ac_optarg= ;;
-  *)    ac_optarg=yes ;;
-  esac
-
-  # Accept the important Cygnus configure options, so we can diagnose typos.
-
-  case $ac_dashdash$ac_option in
-  --)
-    ac_dashdash=yes ;;
-
-  -bindir | --bindir | --bindi | --bind | --bin | --bi)
-    ac_prev=bindir ;;
-  -bindir=* | --bindir=* | --bindi=* | --bind=* | --bin=* | --bi=*)
-    bindir=$ac_optarg ;;
-
-  -build | --build | --buil | --bui | --bu)
-    ac_prev=build_alias ;;
-  -build=* | --build=* | --buil=* | --bui=* | --bu=*)
-    build_alias=$ac_optarg ;;
-
-  -cache-file | --cache-file | --cache-fil | --cache-fi \
-  | --cache-f | --cache- | --cache | --cach | --cac | --ca | --c)
-    ac_prev=cache_file ;;
-  -cache-file=* | --cache-file=* | --cache-fil=* | --cache-fi=* \
-  | --cache-f=* | --cache-=* | --cache=* | --cach=* | --cac=* | --ca=* | --c=*)
-    cache_file=$ac_optarg ;;
-
-  --config-cache | -C)
-    cache_file=config.cache ;;
-
-  -datadir | --datadir | --datadi | --datad)
-    ac_prev=datadir ;;
-  -datadir=* | --datadir=* | --datadi=* | --datad=*)
-    datadir=$ac_optarg ;;
-
-  -datarootdir | --datarootdir | --datarootdi | --datarootd | --dataroot \
-  | --dataroo | --dataro | --datar)
-    ac_prev=datarootdir ;;
-  -datarootdir=* | --datarootdir=* | --datarootdi=* | --datarootd=* \
-  | --dataroot=* | --dataroo=* | --dataro=* | --datar=*)
-    datarootdir=$ac_optarg ;;
-
-  -disable-* | --disable-*)
-    ac_useropt=`expr "x$ac_option" : 'x-*disable-\(.*\)'`
-    # Reject names that are not valid shell variable names.
-    expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null &&
-      as_fn_error $? "invalid feature name: $ac_useropt"
-    ac_useropt_orig=$ac_useropt
-    ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'`
-    case $ac_user_opts in
-      *"
-"enable_$ac_useropt"
-"*) ;;
-      *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--disable-$ac_useropt_orig"
-	 ac_unrecognized_sep=', ';;
-    esac
-    eval enable_$ac_useropt=no ;;
-
-  -docdir | --docdir | --docdi | --doc | --do)
-    ac_prev=docdir ;;
-  -docdir=* | --docdir=* | --docdi=* | --doc=* | --do=*)
-    docdir=$ac_optarg ;;
-
-  -dvidir | --dvidir | --dvidi | --dvid | --dvi | --dv)
-    ac_prev=dvidir ;;
-  -dvidir=* | --dvidir=* | --dvidi=* | --dvid=* | --dvi=* | --dv=*)
-    dvidir=$ac_optarg ;;
-
-  -enable-* | --enable-*)
-    ac_useropt=`expr "x$ac_option" : 'x-*enable-\([^=]*\)'`
-    # Reject names that are not valid shell variable names.
-    expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null &&
-      as_fn_error $? "invalid feature name: $ac_useropt"
-    ac_useropt_orig=$ac_useropt
-    ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'`
-    case $ac_user_opts in
-      *"
-"enable_$ac_useropt"
-"*) ;;
-      *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--enable-$ac_useropt_orig"
-	 ac_unrecognized_sep=', ';;
-    esac
-    eval enable_$ac_useropt=\$ac_optarg ;;
-
-  -exec-prefix | --exec_prefix | --exec-prefix | --exec-prefi \
-  | --exec-pref | --exec-pre | --exec-pr | --exec-p | --exec- \
-  | --exec | --exe | --ex)
-    ac_prev=exec_prefix ;;
-  -exec-prefix=* | --exec_prefix=* | --exec-prefix=* | --exec-prefi=* \
-  | --exec-pref=* | --exec-pre=* | --exec-pr=* | --exec-p=* | --exec-=* \
-  | --exec=* | --exe=* | --ex=*)
-    exec_prefix=$ac_optarg ;;
-
-  -gas | --gas | --ga | --g)
-    # Obsolete; use --with-gas.
-    with_gas=yes ;;
-
-  -help | --help | --hel | --he | -h)
-    ac_init_help=long ;;
-  -help=r* | --help=r* | --hel=r* | --he=r* | -hr*)
-    ac_init_help=recursive ;;
-  -help=s* | --help=s* | --hel=s* | --he=s* | -hs*)
-    ac_init_help=short ;;
-
-  -host | --host | --hos | --ho)
-    ac_prev=host_alias ;;
-  -host=* | --host=* | --hos=* | --ho=*)
-    host_alias=$ac_optarg ;;
-
-  -htmldir | --htmldir | --htmldi | --htmld | --html | --htm | --ht)
-    ac_prev=htmldir ;;
-  -htmldir=* | --htmldir=* | --htmldi=* | --htmld=* | --html=* | --htm=* \
-  | --ht=*)
-    htmldir=$ac_optarg ;;
-
-  -includedir | --includedir | --includedi | --included | --include \
-  | --includ | --inclu | --incl | --inc)
-    ac_prev=includedir ;;
-  -includedir=* | --includedir=* | --includedi=* | --included=* | --include=* \
-  | --includ=* | --inclu=* | --incl=* | --inc=*)
-    includedir=$ac_optarg ;;
-
-  -infodir | --infodir | --infodi | --infod | --info | --inf)
-    ac_prev=infodir ;;
-  -infodir=* | --infodir=* | --infodi=* | --infod=* | --info=* | --inf=*)
-    infodir=$ac_optarg ;;
-
-  -libdir | --libdir | --libdi | --libd)
-    ac_prev=libdir ;;
-  -libdir=* | --libdir=* | --libdi=* | --libd=*)
-    libdir=$ac_optarg ;;
-
-  -libexecdir | --libexecdir | --libexecdi | --libexecd | --libexec \
-  | --libexe | --libex | --libe)
-    ac_prev=libexecdir ;;
-  -libexecdir=* | --libexecdir=* | --libexecdi=* | --libexecd=* | --libexec=* \
-  | --libexe=* | --libex=* | --libe=*)
-    libexecdir=$ac_optarg ;;
-
-  -localedir | --localedir | --localedi | --localed | --locale)
-    ac_prev=localedir ;;
-  -localedir=* | --localedir=* | --localedi=* | --localed=* | --locale=*)
-    localedir=$ac_optarg ;;
-
-  -localstatedir | --localstatedir | --localstatedi | --localstated \
-  | --localstate | --localstat | --localsta | --localst | --locals)
-    ac_prev=localstatedir ;;
-  -localstatedir=* | --localstatedir=* | --localstatedi=* | --localstated=* \
-  | --localstate=* | --localstat=* | --localsta=* | --localst=* | --locals=*)
-    localstatedir=$ac_optarg ;;
-
-  -mandir | --mandir | --mandi | --mand | --man | --ma | --m)
-    ac_prev=mandir ;;
-  -mandir=* | --mandir=* | --mandi=* | --mand=* | --man=* | --ma=* | --m=*)
-    mandir=$ac_optarg ;;
-
-  -nfp | --nfp | --nf)
-    # Obsolete; use --without-fp.
-    with_fp=no ;;
-
-  -no-create | --no-create | --no-creat | --no-crea | --no-cre \
-  | --no-cr | --no-c | -n)
-    no_create=yes ;;
-
-  -no-recursion | --no-recursion | --no-recursio | --no-recursi \
-  | --no-recurs | --no-recur | --no-recu | --no-rec | --no-re | --no-r)
-    no_recursion=yes ;;
-
-  -oldincludedir | --oldincludedir | --oldincludedi | --oldincluded \
-  | --oldinclude | --oldinclud | --oldinclu | --oldincl | --oldinc \
-  | --oldin | --oldi | --old | --ol | --o)
-    ac_prev=oldincludedir ;;
-  -oldincludedir=* | --oldincludedir=* | --oldincludedi=* | --oldincluded=* \
-  | --oldinclude=* | --oldinclud=* | --oldinclu=* | --oldincl=* | --oldinc=* \
-  | --oldin=* | --oldi=* | --old=* | --ol=* | --o=*)
-    oldincludedir=$ac_optarg ;;
-
-  -prefix | --prefix | --prefi | --pref | --pre | --pr | --p)
-    ac_prev=prefix ;;
-  -prefix=* | --prefix=* | --prefi=* | --pref=* | --pre=* | --pr=* | --p=*)
-    prefix=$ac_optarg ;;
-
-  -program-prefix | --program-prefix | --program-prefi | --program-pref \
-  | --program-pre | --program-pr | --program-p)
-    ac_prev=program_prefix ;;
-  -program-prefix=* | --program-prefix=* | --program-prefi=* \
-  | --program-pref=* | --program-pre=* | --program-pr=* | --program-p=*)
-    program_prefix=$ac_optarg ;;
-
-  -program-suffix | --program-suffix | --program-suffi | --program-suff \
-  | --program-suf | --program-su | --program-s)
-    ac_prev=program_suffix ;;
-  -program-suffix=* | --program-suffix=* | --program-suffi=* \
-  | --program-suff=* | --program-suf=* | --program-su=* | --program-s=*)
-    program_suffix=$ac_optarg ;;
-
-  -program-transform-name | --program-transform-name \
-  | --program-transform-nam | --program-transform-na \
-  | --program-transform-n | --program-transform- \
-  | --program-transform | --program-transfor \
-  | --program-transfo | --program-transf \
-  | --program-trans | --program-tran \
-  | --progr-tra | --program-tr | --program-t)
-    ac_prev=program_transform_name ;;
-  -program-transform-name=* | --program-transform-name=* \
-  | --program-transform-nam=* | --program-transform-na=* \
-  | --program-transform-n=* | --program-transform-=* \
-  | --program-transform=* | --program-transfor=* \
-  | --program-transfo=* | --program-transf=* \
-  | --program-trans=* | --program-tran=* \
-  | --progr-tra=* | --program-tr=* | --program-t=*)
-    program_transform_name=$ac_optarg ;;
-
-  -pdfdir | --pdfdir | --pdfdi | --pdfd | --pdf | --pd)
-    ac_prev=pdfdir ;;
-  -pdfdir=* | --pdfdir=* | --pdfdi=* | --pdfd=* | --pdf=* | --pd=*)
-    pdfdir=$ac_optarg ;;
-
-  -psdir | --psdir | --psdi | --psd | --ps)
-    ac_prev=psdir ;;
-  -psdir=* | --psdir=* | --psdi=* | --psd=* | --ps=*)
-    psdir=$ac_optarg ;;
-
-  -q | -quiet | --quiet | --quie | --qui | --qu | --q \
-  | -silent | --silent | --silen | --sile | --sil)
-    silent=yes ;;
-
-  -sbindir | --sbindir | --sbindi | --sbind | --sbin | --sbi | --sb)
-    ac_prev=sbindir ;;
-  -sbindir=* | --sbindir=* | --sbindi=* | --sbind=* | --sbin=* \
-  | --sbi=* | --sb=*)
-    sbindir=$ac_optarg ;;
-
-  -sharedstatedir | --sharedstatedir | --sharedstatedi \
-  | --sharedstated | --sharedstate | --sharedstat | --sharedsta \
-  | --sharedst | --shareds | --shared | --share | --shar \
-  | --sha | --sh)
-    ac_prev=sharedstatedir ;;
-  -sharedstatedir=* | --sharedstatedir=* | --sharedstatedi=* \
-  | --sharedstated=* | --sharedstate=* | --sharedstat=* | --sharedsta=* \
-  | --sharedst=* | --shareds=* | --shared=* | --share=* | --shar=* \
-  | --sha=* | --sh=*)
-    sharedstatedir=$ac_optarg ;;
-
-  -site | --site | --sit)
-    ac_prev=site ;;
-  -site=* | --site=* | --sit=*)
-    site=$ac_optarg ;;
-
-  -srcdir | --srcdir | --srcdi | --srcd | --src | --sr)
-    ac_prev=srcdir ;;
-  -srcdir=* | --srcdir=* | --srcdi=* | --srcd=* | --src=* | --sr=*)
-    srcdir=$ac_optarg ;;
-
-  -sysconfdir | --sysconfdir | --sysconfdi | --sysconfd | --sysconf \
-  | --syscon | --sysco | --sysc | --sys | --sy)
-    ac_prev=sysconfdir ;;
-  -sysconfdir=* | --sysconfdir=* | --sysconfdi=* | --sysconfd=* | --sysconf=* \
-  | --syscon=* | --sysco=* | --sysc=* | --sys=* | --sy=*)
-    sysconfdir=$ac_optarg ;;
-
-  -target | --target | --targe | --targ | --tar | --ta | --t)
-    ac_prev=target_alias ;;
-  -target=* | --target=* | --targe=* | --targ=* | --tar=* | --ta=* | --t=*)
-    target_alias=$ac_optarg ;;
-
-  -v | -verbose | --verbose | --verbos | --verbo | --verb)
-    verbose=yes ;;
-
-  -version | --version | --versio | --versi | --vers | -V)
-    ac_init_version=: ;;
-
-  -with-* | --with-*)
-    ac_useropt=`expr "x$ac_option" : 'x-*with-\([^=]*\)'`
-    # Reject names that are not valid shell variable names.
-    expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null &&
-      as_fn_error $? "invalid package name: $ac_useropt"
-    ac_useropt_orig=$ac_useropt
-    ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'`
-    case $ac_user_opts in
-      *"
-"with_$ac_useropt"
-"*) ;;
-      *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--with-$ac_useropt_orig"
-	 ac_unrecognized_sep=', ';;
-    esac
-    eval with_$ac_useropt=\$ac_optarg ;;
-
-  -without-* | --without-*)
-    ac_useropt=`expr "x$ac_option" : 'x-*without-\(.*\)'`
-    # Reject names that are not valid shell variable names.
-    expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null &&
-      as_fn_error $? "invalid package name: $ac_useropt"
-    ac_useropt_orig=$ac_useropt
-    ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'`
-    case $ac_user_opts in
-      *"
-"with_$ac_useropt"
-"*) ;;
-      *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--without-$ac_useropt_orig"
-	 ac_unrecognized_sep=', ';;
-    esac
-    eval with_$ac_useropt=no ;;
-
-  --x)
-    # Obsolete; use --with-x.
-    with_x=yes ;;
-
-  -x-includes | --x-includes | --x-include | --x-includ | --x-inclu \
-  | --x-incl | --x-inc | --x-in | --x-i)
-    ac_prev=x_includes ;;
-  -x-includes=* | --x-includes=* | --x-include=* | --x-includ=* | --x-inclu=* \
-  | --x-incl=* | --x-inc=* | --x-in=* | --x-i=*)
-    x_includes=$ac_optarg ;;
-
-  -x-libraries | --x-libraries | --x-librarie | --x-librari \
-  | --x-librar | --x-libra | --x-libr | --x-lib | --x-li | --x-l)
-    ac_prev=x_libraries ;;
-  -x-libraries=* | --x-libraries=* | --x-librarie=* | --x-librari=* \
-  | --x-librar=* | --x-libra=* | --x-libr=* | --x-lib=* | --x-li=* | --x-l=*)
-    x_libraries=$ac_optarg ;;
-
-  -*) as_fn_error $? "unrecognized option: \`$ac_option'
-Try \`$0 --help' for more information"
-    ;;
-
-  *=*)
-    ac_envvar=`expr "x$ac_option" : 'x\([^=]*\)='`
-    # Reject names that are not valid shell variable names.
-    case $ac_envvar in #(
-      '' | [0-9]* | *[!_$as_cr_alnum]* )
-      as_fn_error $? "invalid variable name: \`$ac_envvar'" ;;
-    esac
-    eval $ac_envvar=\$ac_optarg
-    export $ac_envvar ;;
-
-  *)
-    # FIXME: should be removed in autoconf 3.0.
-    $as_echo "$as_me: WARNING: you should use --build, --host, --target" >&2
-    expr "x$ac_option" : ".*[^-._$as_cr_alnum]" >/dev/null &&
-      $as_echo "$as_me: WARNING: invalid host type: $ac_option" >&2
-    : "${build_alias=$ac_option} ${host_alias=$ac_option} ${target_alias=$ac_option}"
-    ;;
-
-  esac
-done
-
-if test -n "$ac_prev"; then
-  ac_option=--`echo $ac_prev | sed 's/_/-/g'`
-  as_fn_error $? "missing argument to $ac_option"
-fi
-
-if test -n "$ac_unrecognized_opts"; then
-  case $enable_option_checking in
-    no) ;;
-    fatal) as_fn_error $? "unrecognized options: $ac_unrecognized_opts" ;;
-    *)     $as_echo "$as_me: WARNING: unrecognized options: $ac_unrecognized_opts" >&2 ;;
-  esac
-fi
-
-# Check all directory arguments for consistency.
-for ac_var in	exec_prefix prefix bindir sbindir libexecdir datarootdir \
-		datadir sysconfdir sharedstatedir localstatedir includedir \
-		oldincludedir docdir infodir htmldir dvidir pdfdir psdir \
-		libdir localedir mandir
-do
-  eval ac_val=\$$ac_var
-  # Remove trailing slashes.
-  case $ac_val in
-    */ )
-      ac_val=`expr "X$ac_val" : 'X\(.*[^/]\)' \| "X$ac_val" : 'X\(.*\)'`
-      eval $ac_var=\$ac_val;;
-  esac
-  # Be sure to have absolute directory names.
-  case $ac_val in
-    [\\/$]* | ?:[\\/]* )  continue;;
-    NONE | '' ) case $ac_var in *prefix ) continue;; esac;;
-  esac
-  as_fn_error $? "expected an absolute directory name for --$ac_var: $ac_val"
-done
-
-# There might be people who depend on the old broken behavior: `$host'
-# used to hold the argument of --host etc.
-# FIXME: To remove some day.
-build=$build_alias
-host=$host_alias
-target=$target_alias
-
-# FIXME: To remove some day.
-if test "x$host_alias" != x; then
-  if test "x$build_alias" = x; then
-    cross_compiling=maybe
-  elif test "x$build_alias" != "x$host_alias"; then
-    cross_compiling=yes
-  fi
-fi
-
-ac_tool_prefix=
-test -n "$host_alias" && ac_tool_prefix=$host_alias-
-
-test "$silent" = yes && exec 6>/dev/null
-
-
-ac_pwd=`pwd` && test -n "$ac_pwd" &&
-ac_ls_di=`ls -di .` &&
-ac_pwd_ls_di=`cd "$ac_pwd" && ls -di .` ||
-  as_fn_error $? "working directory cannot be determined"
-test "X$ac_ls_di" = "X$ac_pwd_ls_di" ||
-  as_fn_error $? "pwd does not report name of working directory"
-
-
-# Find the source files, if location was not specified.
-if test -z "$srcdir"; then
-  ac_srcdir_defaulted=yes
-  # Try the directory containing this script, then the parent directory.
-  ac_confdir=`$as_dirname -- "$as_myself" ||
-$as_expr X"$as_myself" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
-	 X"$as_myself" : 'X\(//\)[^/]' \| \
-	 X"$as_myself" : 'X\(//\)$' \| \
-	 X"$as_myself" : 'X\(/\)' \| . 2>/dev/null ||
-$as_echo X"$as_myself" |
-    sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{
-	    s//\1/
-	    q
-	  }
-	  /^X\(\/\/\)[^/].*/{
-	    s//\1/
-	    q
-	  }
-	  /^X\(\/\/\)$/{
-	    s//\1/
-	    q
-	  }
-	  /^X\(\/\).*/{
-	    s//\1/
-	    q
-	  }
-	  s/.*/./; q'`
-  srcdir=$ac_confdir
-  if test ! -r "$srcdir/$ac_unique_file"; then
-    srcdir=..
-  fi
-else
-  ac_srcdir_defaulted=no
-fi
-if test ! -r "$srcdir/$ac_unique_file"; then
-  test "$ac_srcdir_defaulted" = yes && srcdir="$ac_confdir or .."
-  as_fn_error $? "cannot find sources ($ac_unique_file) in $srcdir"
-fi
-ac_msg="sources are in $srcdir, but \`cd $srcdir' does not work"
-ac_abs_confdir=`(
-	cd "$srcdir" && test -r "./$ac_unique_file" || as_fn_error $? "$ac_msg"
-	pwd)`
-# When building in place, set srcdir=.
-if test "$ac_abs_confdir" = "$ac_pwd"; then
-  srcdir=.
-fi
-# Remove unnecessary trailing slashes from srcdir.
-# Double slashes in file names in object file debugging info
-# mess up M-x gdb in Emacs.
-case $srcdir in
-*/) srcdir=`expr "X$srcdir" : 'X\(.*[^/]\)' \| "X$srcdir" : 'X\(.*\)'`;;
-esac
-for ac_var in $ac_precious_vars; do
-  eval ac_env_${ac_var}_set=\${${ac_var}+set}
-  eval ac_env_${ac_var}_value=\$${ac_var}
-  eval ac_cv_env_${ac_var}_set=\${${ac_var}+set}
-  eval ac_cv_env_${ac_var}_value=\$${ac_var}
-done
-
-#
-# Report the --help message.
-#
-if test "$ac_init_help" = "long"; then
-  # Omit some internal or obsolete options to make the list less imposing.
-  # This message is too long to be a string in the A/UX 3.1 sh.
-  cat <<_ACEOF
-\`configure' configures OpenSSH Portable to adapt to many kinds of systems.
-
-Usage: $0 [OPTION]... [VAR=VALUE]...
-
-To assign environment variables (e.g., CC, CFLAGS...), specify them as
-VAR=VALUE.  See below for descriptions of some of the useful variables.
-
-Defaults for the options are specified in brackets.
-
-Configuration:
-  -h, --help              display this help and exit
-      --help=short        display options specific to this package
-      --help=recursive    display the short help of all the included packages
-  -V, --version           display version information and exit
-  -q, --quiet, --silent   do not print \`checking ...' messages
-      --cache-file=FILE   cache test results in FILE [disabled]
-  -C, --config-cache      alias for \`--cache-file=config.cache'
-  -n, --no-create         do not create output files
-      --srcdir=DIR        find the sources in DIR [configure dir or \`..']
-
-Installation directories:
-  --prefix=PREFIX         install architecture-independent files in PREFIX
-                          [$ac_default_prefix]
-  --exec-prefix=EPREFIX   install architecture-dependent files in EPREFIX
-                          [PREFIX]
-
-By default, \`make install' will install all the files in
-\`$ac_default_prefix/bin', \`$ac_default_prefix/lib' etc.  You can specify
-an installation prefix other than \`$ac_default_prefix' using \`--prefix',
-for instance \`--prefix=\$HOME'.
-
-For better control, use the options below.
-
-Fine tuning of the installation directories:
-  --bindir=DIR            user executables [EPREFIX/bin]
-  --sbindir=DIR           system admin executables [EPREFIX/sbin]
-  --libexecdir=DIR        program executables [EPREFIX/libexec]
-  --sysconfdir=DIR        read-only single-machine data [PREFIX/etc]
-  --sharedstatedir=DIR    modifiable architecture-independent data [PREFIX/com]
-  --localstatedir=DIR     modifiable single-machine data [PREFIX/var]
-  --libdir=DIR            object code libraries [EPREFIX/lib]
-  --includedir=DIR        C header files [PREFIX/include]
-  --oldincludedir=DIR     C header files for non-gcc [/usr/include]
-  --datarootdir=DIR       read-only arch.-independent data root [PREFIX/share]
-  --datadir=DIR           read-only architecture-independent data [DATAROOTDIR]
-  --infodir=DIR           info documentation [DATAROOTDIR/info]
-  --localedir=DIR         locale-dependent data [DATAROOTDIR/locale]
-  --mandir=DIR            man documentation [DATAROOTDIR/man]
-  --docdir=DIR            documentation root [DATAROOTDIR/doc/openssh]
-  --htmldir=DIR           html documentation [DOCDIR]
-  --dvidir=DIR            dvi documentation [DOCDIR]
-  --pdfdir=DIR            pdf documentation [DOCDIR]
-  --psdir=DIR             ps documentation [DOCDIR]
-_ACEOF
-
-  cat <<\_ACEOF
-
-System types:
-  --build=BUILD     configure for building on BUILD [guessed]
-  --host=HOST       cross-compile to build programs to run on HOST [BUILD]
-_ACEOF
-fi
-
-if test -n "$ac_init_help"; then
-  case $ac_init_help in
-     short | recursive ) echo "Configuration of OpenSSH Portable:";;
-   esac
-  cat <<\_ACEOF
-
-Optional Features:
-  --disable-option-checking  ignore unrecognized --enable/--with options
-  --disable-FEATURE       do not include FEATURE (same as --enable-FEATURE=no)
-  --enable-FEATURE[=ARG]  include FEATURE [ARG=yes]
-  --disable-largefile     omit support for large files
-  --disable-strip         Disable calling strip(1) on install
-  --disable-etc-default-login Disable using PATH from /etc/default/login no
-  --disable-lastlog       disable use of lastlog even if detected no
-  --disable-utmp          disable use of utmp even if detected no
-  --disable-utmpx         disable use of utmpx even if detected no
-  --disable-wtmp          disable use of wtmp even if detected no
-  --disable-wtmpx         disable use of wtmpx even if detected no
-  --disable-libutil       disable use of libutil (login() etc.) no
-  --disable-pututline     disable use of pututline() etc. (uwtmp) no
-  --disable-pututxline    disable use of pututxline() etc. (uwtmpx) no
-
-Optional Packages:
-  --with-PACKAGE[=ARG]    use PACKAGE [ARG=yes]
-  --without-PACKAGE       do not use PACKAGE (same as --with-PACKAGE=no)
-  --without-openssl       Disable use of OpenSSL; use only limited internal crypto **EXPERIMENTAL**
-  --without-ssh1          Enable support for SSH protocol 1
-  --without-stackprotect  Don't use compiler's stack protection
-  --without-hardening     Don't use toolchain hardening flags
-  --without-rpath         Disable auto-added -R linker paths
-  --with-cflags           Specify additional flags to pass to compiler
-  --with-cppflags         Specify additional flags to pass to preprocessor
-  --with-ldflags          Specify additional flags to pass to linker
-  --with-libs             Specify additional libraries to link with
-  --with-Werror           Build main code with -Werror
-  --with-solaris-contracts Enable Solaris process contracts (experimental)
-  --with-solaris-projects Enable Solaris projects (experimental)
-  --with-osfsia           Enable Digital Unix SIA
-  --with-zlib=PATH        Use zlib in PATH
-  --without-zlib-version-check Disable zlib version check
-  --with-skey[=PATH]      Enable S/Key support (optionally in PATH)
-  --with-tcp-wrappers[=PATH] Enable tcpwrappers support (optionally in PATH)
-  --with-ldns[=PATH]      Use ldns for DNSSEC support (optionally in PATH)
-  --with-libedit[=PATH]   Enable libedit support for sftp
-  --with-audit=module     Enable audit support (modules=debug,bsm,linux)
-  --with-pie              Build Position Independent Executables if possible
-  --with-ssl-dir=PATH     Specify path to OpenSSL installation
-  --without-openssl-header-check Disable OpenSSL version consistency check
-  --with-ssl-engine       Enable OpenSSL (hardware) ENGINE support
-  --with-prngd-port=PORT  read entropy from PRNGD/EGD TCP localhost:PORT
-  --with-prngd-socket=FILE read entropy from PRNGD/EGD socket FILE (default=/var/run/egd-pool)
-  --with-pam              Enable PAM support
-  --with-privsep-user=user Specify non-privileged user for privilege separation
-  --with-sandbox=style    Specify privilege separation sandbox (no, darwin, rlimit, systrace, seccomp_filter, capsicum)
-  --with-selinux          Enable SELinux support
-  --with-kerberos5=PATH   Enable Kerberos 5 support
-  --with-privsep-path=xxx Path for privilege separation chroot (default=/var/empty)
-  --with-xauth=PATH       Specify path to xauth program
-  --with-maildir=/path/to/mail    Specify your system mail directory
-  --with-mantype=man|cat|doc  Set man page type
-  --with-md5-passwords    Enable use of MD5 passwords
-  --without-shadow        Disable shadow password support
-  --with-ipaddr-display   Use ip address instead of hostname in $DISPLAY
-  --with-default-path=    Specify default $PATH environment for server
-  --with-superuser-path=  Specify different path for super-user
-  --with-4in6             Check for and convert IPv4 in IPv6 mapped addresses
-  --with-bsd-auth         Enable BSD auth support
-  --with-pid-dir=PATH     Specify location of ssh.pid file
-  --with-lastlog=FILE|DIR specify lastlog location common locations
-
-Some influential environment variables:
-  CC          C compiler command
-  CFLAGS      C compiler flags
-  LDFLAGS     linker flags, e.g. -L<lib dir> if you have libraries in a
-              nonstandard directory <lib dir>
-  LIBS        libraries to pass to the linker, e.g. -l<library>
-  CPPFLAGS    (Objective) C/C++ preprocessor flags, e.g. -I<include dir> if
-              you have headers in a nonstandard directory <include dir>
-  CPP         C preprocessor
-
-Use these variables to override the choices made by `configure' or to help
-it to find libraries and programs with nonstandard names/locations.
-
-Report bugs to <openssh-unix-dev@mindrot.org>.
-_ACEOF
-ac_status=$?
-fi
-
-if test "$ac_init_help" = "recursive"; then
-  # If there are subdirs, report their specific --help.
-  for ac_dir in : $ac_subdirs_all; do test "x$ac_dir" = x: && continue
-    test -d "$ac_dir" ||
-      { cd "$srcdir" && ac_pwd=`pwd` && srcdir=. && test -d "$ac_dir"; } ||
-      continue
-    ac_builddir=.
-
-case "$ac_dir" in
-.) ac_dir_suffix= ac_top_builddir_sub=. ac_top_build_prefix= ;;
-*)
-  ac_dir_suffix=/`$as_echo "$ac_dir" | sed 's|^\.[\\/]||'`
-  # A ".." for each directory in $ac_dir_suffix.
-  ac_top_builddir_sub=`$as_echo "$ac_dir_suffix" | sed 's|/[^\\/]*|/..|g;s|/||'`
-  case $ac_top_builddir_sub in
-  "") ac_top_builddir_sub=. ac_top_build_prefix= ;;
-  *)  ac_top_build_prefix=$ac_top_builddir_sub/ ;;
-  esac ;;
-esac
-ac_abs_top_builddir=$ac_pwd
-ac_abs_builddir=$ac_pwd$ac_dir_suffix
-# for backward compatibility:
-ac_top_builddir=$ac_top_build_prefix
-
-case $srcdir in
-  .)  # We are building in place.
-    ac_srcdir=.
-    ac_top_srcdir=$ac_top_builddir_sub
-    ac_abs_top_srcdir=$ac_pwd ;;
-  [\\/]* | ?:[\\/]* )  # Absolute name.
-    ac_srcdir=$srcdir$ac_dir_suffix;
-    ac_top_srcdir=$srcdir
-    ac_abs_top_srcdir=$srcdir ;;
-  *) # Relative name.
-    ac_srcdir=$ac_top_build_prefix$srcdir$ac_dir_suffix
-    ac_top_srcdir=$ac_top_build_prefix$srcdir
-    ac_abs_top_srcdir=$ac_pwd/$srcdir ;;
-esac
-ac_abs_srcdir=$ac_abs_top_srcdir$ac_dir_suffix
-
-    cd "$ac_dir" || { ac_status=$?; continue; }
-    # Check for guested configure.
-    if test -f "$ac_srcdir/configure.gnu"; then
-      echo &&
-      $SHELL "$ac_srcdir/configure.gnu" --help=recursive
-    elif test -f "$ac_srcdir/configure"; then
-      echo &&
-      $SHELL "$ac_srcdir/configure" --help=recursive
-    else
-      $as_echo "$as_me: WARNING: no configuration information is in $ac_dir" >&2
-    fi || ac_status=$?
-    cd "$ac_pwd" || { ac_status=$?; break; }
-  done
-fi
-
-test -n "$ac_init_help" && exit $ac_status
-if $ac_init_version; then
-  cat <<\_ACEOF
-OpenSSH configure Portable
-generated by GNU Autoconf 2.69
-
-Copyright (C) 2012 Free Software Foundation, Inc.
-This configure script is free software; the Free Software Foundation
-gives unlimited permission to copy, distribute and modify it.
-_ACEOF
-  exit
-fi
-
-## ------------------------ ##
-## Autoconf initialization. ##
-## ------------------------ ##
-
-# ac_fn_c_try_compile LINENO
-# --------------------------
-# Try to compile conftest.$ac_ext, and return whether this succeeded.
-ac_fn_c_try_compile ()
-{
-  as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
-  rm -f conftest.$ac_objext
-  if { { ac_try="$ac_compile"
-case "(($ac_try" in
-  *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
-  *) ac_try_echo=$ac_try;;
-esac
-eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
-$as_echo "$ac_try_echo"; } >&5
-  (eval "$ac_compile") 2>conftest.err
-  ac_status=$?
-  if test -s conftest.err; then
-    grep -v '^ *+' conftest.err >conftest.er1
-    cat conftest.er1 >&5
-    mv -f conftest.er1 conftest.err
-  fi
-  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
-  test $ac_status = 0; } && {
-	 test -z "$ac_c_werror_flag" ||
-	 test ! -s conftest.err
-       } && test -s conftest.$ac_objext; then :
-  ac_retval=0
-else
-  $as_echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
-	ac_retval=1
-fi
-  eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
-  as_fn_set_status $ac_retval
-
-} # ac_fn_c_try_compile
-
-# ac_fn_c_try_run LINENO
-# ----------------------
-# Try to link conftest.$ac_ext, and return whether this succeeded. Assumes
-# that executables *can* be run.
-ac_fn_c_try_run ()
-{
-  as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
-  if { { ac_try="$ac_link"
-case "(($ac_try" in
-  *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
-  *) ac_try_echo=$ac_try;;
-esac
-eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
-$as_echo "$ac_try_echo"; } >&5
-  (eval "$ac_link") 2>&5
-  ac_status=$?
-  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
-  test $ac_status = 0; } && { ac_try='./conftest$ac_exeext'
-  { { case "(($ac_try" in
-  *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
-  *) ac_try_echo=$ac_try;;
-esac
-eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
-$as_echo "$ac_try_echo"; } >&5
-  (eval "$ac_try") 2>&5
-  ac_status=$?
-  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
-  test $ac_status = 0; }; }; then :
-  ac_retval=0
-else
-  $as_echo "$as_me: program exited with status $ac_status" >&5
-       $as_echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
-       ac_retval=$ac_status
-fi
-  rm -rf conftest.dSYM conftest_ipa8_conftest.oo
-  eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
-  as_fn_set_status $ac_retval
-
-} # ac_fn_c_try_run
-
-# ac_fn_c_try_cpp LINENO
-# ----------------------
-# Try to preprocess conftest.$ac_ext, and return whether this succeeded.
-ac_fn_c_try_cpp ()
-{
-  as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
-  if { { ac_try="$ac_cpp conftest.$ac_ext"
-case "(($ac_try" in
-  *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
-  *) ac_try_echo=$ac_try;;
-esac
-eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
-$as_echo "$ac_try_echo"; } >&5
-  (eval "$ac_cpp conftest.$ac_ext") 2>conftest.err
-  ac_status=$?
-  if test -s conftest.err; then
-    grep -v '^ *+' conftest.err >conftest.er1
-    cat conftest.er1 >&5
-    mv -f conftest.er1 conftest.err
-  fi
-  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
-  test $ac_status = 0; } > conftest.i && {
-	 test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" ||
-	 test ! -s conftest.err
-       }; then :
-  ac_retval=0
-else
-  $as_echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
-    ac_retval=1
-fi
-  eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
-  as_fn_set_status $ac_retval
-
-} # ac_fn_c_try_cpp
-
-# ac_fn_c_check_header_compile LINENO HEADER VAR INCLUDES
-# -------------------------------------------------------
-# Tests whether HEADER exists and can be compiled using the include files in
-# INCLUDES, setting the cache variable VAR accordingly.
-ac_fn_c_check_header_compile ()
-{
-  as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
-  { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5
-$as_echo_n "checking for $2... " >&6; }
-if eval \${$3+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-$4
-#include <$2>
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-  eval "$3=yes"
-else
-  eval "$3=no"
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-fi
-eval ac_res=\$$3
-	       { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
-$as_echo "$ac_res" >&6; }
-  eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
-
-} # ac_fn_c_check_header_compile
-
-# ac_fn_c_check_decl LINENO SYMBOL VAR INCLUDES
-# ---------------------------------------------
-# Tests whether SYMBOL is declared in INCLUDES, setting cache variable VAR
-# accordingly.
-ac_fn_c_check_decl ()
-{
-  as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
-  as_decl_name=`echo $2|sed 's/ *(.*//'`
-  as_decl_use=`echo $2|sed -e 's/(/((/' -e 's/)/) 0&/' -e 's/,/) 0& (/g'`
-  { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $as_decl_name is declared" >&5
-$as_echo_n "checking whether $as_decl_name is declared... " >&6; }
-if eval \${$3+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-$4
-int
-main ()
-{
-#ifndef $as_decl_name
-#ifdef __cplusplus
-  (void) $as_decl_use;
-#else
-  (void) $as_decl_name;
-#endif
-#endif
-
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-  eval "$3=yes"
-else
-  eval "$3=no"
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-fi
-eval ac_res=\$$3
-	       { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
-$as_echo "$ac_res" >&6; }
-  eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
-
-} # ac_fn_c_check_decl
-
-# ac_fn_c_try_link LINENO
-# -----------------------
-# Try to link conftest.$ac_ext, and return whether this succeeded.
-ac_fn_c_try_link ()
-{
-  as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
-  rm -f conftest.$ac_objext conftest$ac_exeext
-  if { { ac_try="$ac_link"
-case "(($ac_try" in
-  *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
-  *) ac_try_echo=$ac_try;;
-esac
-eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
-$as_echo "$ac_try_echo"; } >&5
-  (eval "$ac_link") 2>conftest.err
-  ac_status=$?
-  if test -s conftest.err; then
-    grep -v '^ *+' conftest.err >conftest.er1
-    cat conftest.er1 >&5
-    mv -f conftest.er1 conftest.err
-  fi
-  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
-  test $ac_status = 0; } && {
-	 test -z "$ac_c_werror_flag" ||
-	 test ! -s conftest.err
-       } && test -s conftest$ac_exeext && {
-	 test "$cross_compiling" = yes ||
-	 test -x conftest$ac_exeext
-       }; then :
-  ac_retval=0
-else
-  $as_echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
-	ac_retval=1
-fi
-  # Delete the IPA/IPO (Inter Procedural Analysis/Optimization) information
-  # created by the PGI compiler (conftest_ipa8_conftest.oo), as it would
-  # interfere with the next link command; also delete a directory that is
-  # left behind by Apple's compiler.  We do this before executing the actions.
-  rm -rf conftest.dSYM conftest_ipa8_conftest.oo
-  eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
-  as_fn_set_status $ac_retval
-
-} # ac_fn_c_try_link
-
-# ac_fn_c_check_header_mongrel LINENO HEADER VAR INCLUDES
-# -------------------------------------------------------
-# Tests whether HEADER exists, giving a warning if it cannot be compiled using
-# the include files in INCLUDES and setting the cache variable VAR
-# accordingly.
-ac_fn_c_check_header_mongrel ()
-{
-  as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
-  if eval \${$3+:} false; then :
-  { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5
-$as_echo_n "checking for $2... " >&6; }
-if eval \${$3+:} false; then :
-  $as_echo_n "(cached) " >&6
-fi
-eval ac_res=\$$3
-	       { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
-$as_echo "$ac_res" >&6; }
-else
-  # Is the header compilable?
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking $2 usability" >&5
-$as_echo_n "checking $2 usability... " >&6; }
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-$4
-#include <$2>
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-  ac_header_compiler=yes
-else
-  ac_header_compiler=no
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_header_compiler" >&5
-$as_echo "$ac_header_compiler" >&6; }
-
-# Is the header present?
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking $2 presence" >&5
-$as_echo_n "checking $2 presence... " >&6; }
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-#include <$2>
-_ACEOF
-if ac_fn_c_try_cpp "$LINENO"; then :
-  ac_header_preproc=yes
-else
-  ac_header_preproc=no
-fi
-rm -f conftest.err conftest.i conftest.$ac_ext
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_header_preproc" >&5
-$as_echo "$ac_header_preproc" >&6; }
-
-# So?  What about this header?
-case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in #((
-  yes:no: )
-    { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: accepted by the compiler, rejected by the preprocessor!" >&5
-$as_echo "$as_me: WARNING: $2: accepted by the compiler, rejected by the preprocessor!" >&2;}
-    { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: proceeding with the compiler's result" >&5
-$as_echo "$as_me: WARNING: $2: proceeding with the compiler's result" >&2;}
-    ;;
-  no:yes:* )
-    { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: present but cannot be compiled" >&5
-$as_echo "$as_me: WARNING: $2: present but cannot be compiled" >&2;}
-    { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2:     check for missing prerequisite headers?" >&5
-$as_echo "$as_me: WARNING: $2:     check for missing prerequisite headers?" >&2;}
-    { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: see the Autoconf documentation" >&5
-$as_echo "$as_me: WARNING: $2: see the Autoconf documentation" >&2;}
-    { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2:     section \"Present But Cannot Be Compiled\"" >&5
-$as_echo "$as_me: WARNING: $2:     section \"Present But Cannot Be Compiled\"" >&2;}
-    { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: proceeding with the compiler's result" >&5
-$as_echo "$as_me: WARNING: $2: proceeding with the compiler's result" >&2;}
-( $as_echo "## ------------------------------------------- ##
-## Report this to openssh-unix-dev@mindrot.org ##
-## ------------------------------------------- ##"
-     ) | sed "s/^/$as_me: WARNING:     /" >&2
-    ;;
-esac
-  { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5
-$as_echo_n "checking for $2... " >&6; }
-if eval \${$3+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  eval "$3=\$ac_header_compiler"
-fi
-eval ac_res=\$$3
-	       { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
-$as_echo "$ac_res" >&6; }
-fi
-  eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
-
-} # ac_fn_c_check_header_mongrel
-
-# ac_fn_c_check_func LINENO FUNC VAR
-# ----------------------------------
-# Tests whether FUNC exists, setting the cache variable VAR accordingly
-ac_fn_c_check_func ()
-{
-  as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
-  { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5
-$as_echo_n "checking for $2... " >&6; }
-if eval \${$3+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-/* Define $2 to an innocuous variant, in case <limits.h> declares $2.
-   For example, HP-UX 11i <limits.h> declares gettimeofday.  */
-#define $2 innocuous_$2
-
-/* System header to define __stub macros and hopefully few prototypes,
-    which can conflict with char $2 (); below.
-    Prefer <limits.h> to <assert.h> if __STDC__ is defined, since
-    <limits.h> exists even on freestanding compilers.  */
-
-#ifdef __STDC__
-# include <limits.h>
-#else
-# include <assert.h>
-#endif
-
-#undef $2
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char $2 ();
-/* The GNU C library defines this for functions which it implements
-    to always fail with ENOSYS.  Some functions are actually named
-    something starting with __ and the normal name is an alias.  */
-#if defined __stub_$2 || defined __stub___$2
-choke me
-#endif
-
-int
-main ()
-{
-return $2 ();
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
-  eval "$3=yes"
-else
-  eval "$3=no"
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext conftest.$ac_ext
-fi
-eval ac_res=\$$3
-	       { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
-$as_echo "$ac_res" >&6; }
-  eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
-
-} # ac_fn_c_check_func
-
-# ac_fn_c_check_type LINENO TYPE VAR INCLUDES
-# -------------------------------------------
-# Tests whether TYPE exists after having included INCLUDES, setting cache
-# variable VAR accordingly.
-ac_fn_c_check_type ()
-{
-  as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
-  { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5
-$as_echo_n "checking for $2... " >&6; }
-if eval \${$3+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  eval "$3=no"
-  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-$4
-int
-main ()
-{
-if (sizeof ($2))
-	 return 0;
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-$4
-int
-main ()
-{
-if (sizeof (($2)))
-	    return 0;
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-
-else
-  eval "$3=yes"
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-fi
-eval ac_res=\$$3
-	       { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
-$as_echo "$ac_res" >&6; }
-  eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
-
-} # ac_fn_c_check_type
-
-# ac_fn_c_compute_int LINENO EXPR VAR INCLUDES
-# --------------------------------------------
-# Tries to find the compile-time value of EXPR in a program that includes
-# INCLUDES, setting VAR accordingly. Returns whether the value could be
-# computed
-ac_fn_c_compute_int ()
-{
-  as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
-  if test "$cross_compiling" = yes; then
-    # Depending upon the size, compute the lo and hi bounds.
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-$4
-int
-main ()
-{
-static int test_array [1 - 2 * !(($2) >= 0)];
-test_array [0] = 0;
-return test_array [0];
-
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-  ac_lo=0 ac_mid=0
-  while :; do
-    cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-$4
-int
-main ()
-{
-static int test_array [1 - 2 * !(($2) <= $ac_mid)];
-test_array [0] = 0;
-return test_array [0];
-
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-  ac_hi=$ac_mid; break
-else
-  as_fn_arith $ac_mid + 1 && ac_lo=$as_val
-			if test $ac_lo -le $ac_mid; then
-			  ac_lo= ac_hi=
-			  break
-			fi
-			as_fn_arith 2 '*' $ac_mid + 1 && ac_mid=$as_val
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-  done
-else
-  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-$4
-int
-main ()
-{
-static int test_array [1 - 2 * !(($2) < 0)];
-test_array [0] = 0;
-return test_array [0];
-
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-  ac_hi=-1 ac_mid=-1
-  while :; do
-    cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-$4
-int
-main ()
-{
-static int test_array [1 - 2 * !(($2) >= $ac_mid)];
-test_array [0] = 0;
-return test_array [0];
-
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-  ac_lo=$ac_mid; break
-else
-  as_fn_arith '(' $ac_mid ')' - 1 && ac_hi=$as_val
-			if test $ac_mid -le $ac_hi; then
-			  ac_lo= ac_hi=
-			  break
-			fi
-			as_fn_arith 2 '*' $ac_mid && ac_mid=$as_val
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-  done
-else
-  ac_lo= ac_hi=
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-# Binary search between lo and hi bounds.
-while test "x$ac_lo" != "x$ac_hi"; do
-  as_fn_arith '(' $ac_hi - $ac_lo ')' / 2 + $ac_lo && ac_mid=$as_val
-  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-$4
-int
-main ()
-{
-static int test_array [1 - 2 * !(($2) <= $ac_mid)];
-test_array [0] = 0;
-return test_array [0];
-
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-  ac_hi=$ac_mid
-else
-  as_fn_arith '(' $ac_mid ')' + 1 && ac_lo=$as_val
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-done
-case $ac_lo in #((
-?*) eval "$3=\$ac_lo"; ac_retval=0 ;;
-'') ac_retval=1 ;;
-esac
-  else
-    cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-$4
-static long int longval () { return $2; }
-static unsigned long int ulongval () { return $2; }
-#include <stdio.h>
-#include <stdlib.h>
-int
-main ()
-{
-
-  FILE *f = fopen ("conftest.val", "w");
-  if (! f)
-    return 1;
-  if (($2) < 0)
-    {
-      long int i = longval ();
-      if (i != ($2))
-	return 1;
-      fprintf (f, "%ld", i);
-    }
-  else
-    {
-      unsigned long int i = ulongval ();
-      if (i != ($2))
-	return 1;
-      fprintf (f, "%lu", i);
-    }
-  /* Do not output a trailing newline, as this causes \r\n confusion
-     on some platforms.  */
-  return ferror (f) || fclose (f) != 0;
-
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_run "$LINENO"; then :
-  echo >>conftest.val; read $3 <conftest.val; ac_retval=0
-else
-  ac_retval=1
-fi
-rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \
-  conftest.$ac_objext conftest.beam conftest.$ac_ext
-rm -f conftest.val
-
-  fi
-  eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
-  as_fn_set_status $ac_retval
-
-} # ac_fn_c_compute_int
-
-# ac_fn_c_check_member LINENO AGGR MEMBER VAR INCLUDES
-# ----------------------------------------------------
-# Tries to find if the field MEMBER exists in type AGGR, after including
-# INCLUDES, setting cache variable VAR accordingly.
-ac_fn_c_check_member ()
-{
-  as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
-  { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2.$3" >&5
-$as_echo_n "checking for $2.$3... " >&6; }
-if eval \${$4+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-$5
-int
-main ()
-{
-static $2 ac_aggr;
-if (ac_aggr.$3)
-return 0;
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-  eval "$4=yes"
-else
-  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-$5
-int
-main ()
-{
-static $2 ac_aggr;
-if (sizeof ac_aggr.$3)
-return 0;
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-  eval "$4=yes"
-else
-  eval "$4=no"
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-fi
-eval ac_res=\$$4
-	       { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
-$as_echo "$ac_res" >&6; }
-  eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
-
-} # ac_fn_c_check_member
-cat >config.log <<_ACEOF
-This file contains any messages produced by compilers while
-running configure, to aid debugging if configure makes a mistake.
-
-It was created by OpenSSH $as_me Portable, which was
-generated by GNU Autoconf 2.69.  Invocation command line was
-
-  $ $0 $@
-
-_ACEOF
-exec 5>>config.log
-{
-cat <<_ASUNAME
-## --------- ##
-## Platform. ##
-## --------- ##
-
-hostname = `(hostname || uname -n) 2>/dev/null | sed 1q`
-uname -m = `(uname -m) 2>/dev/null || echo unknown`
-uname -r = `(uname -r) 2>/dev/null || echo unknown`
-uname -s = `(uname -s) 2>/dev/null || echo unknown`
-uname -v = `(uname -v) 2>/dev/null || echo unknown`
-
-/usr/bin/uname -p = `(/usr/bin/uname -p) 2>/dev/null || echo unknown`
-/bin/uname -X     = `(/bin/uname -X) 2>/dev/null     || echo unknown`
-
-/bin/arch              = `(/bin/arch) 2>/dev/null              || echo unknown`
-/usr/bin/arch -k       = `(/usr/bin/arch -k) 2>/dev/null       || echo unknown`
-/usr/convex/getsysinfo = `(/usr/convex/getsysinfo) 2>/dev/null || echo unknown`
-/usr/bin/hostinfo      = `(/usr/bin/hostinfo) 2>/dev/null      || echo unknown`
-/bin/machine           = `(/bin/machine) 2>/dev/null           || echo unknown`
-/usr/bin/oslevel       = `(/usr/bin/oslevel) 2>/dev/null       || echo unknown`
-/bin/universe          = `(/bin/universe) 2>/dev/null          || echo unknown`
-
-_ASUNAME
-
-as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH
-do
-  IFS=$as_save_IFS
-  test -z "$as_dir" && as_dir=.
-    $as_echo "PATH: $as_dir"
-  done
-IFS=$as_save_IFS
-
-} >&5
-
-cat >&5 <<_ACEOF
-
-
-## ----------- ##
-## Core tests. ##
-## ----------- ##
-
-_ACEOF
-
-
-# Keep a trace of the command line.
-# Strip out --no-create and --no-recursion so they do not pile up.
-# Strip out --silent because we don't want to record it for future runs.
-# Also quote any args containing shell meta-characters.
-# Make two passes to allow for proper duplicate-argument suppression.
-ac_configure_args=
-ac_configure_args0=
-ac_configure_args1=
-ac_must_keep_next=false
-for ac_pass in 1 2
-do
-  for ac_arg
-  do
-    case $ac_arg in
-    -no-create | --no-c* | -n | -no-recursion | --no-r*) continue ;;
-    -q | -quiet | --quiet | --quie | --qui | --qu | --q \
-    | -silent | --silent | --silen | --sile | --sil)
-      continue ;;
-    *\'*)
-      ac_arg=`$as_echo "$ac_arg" | sed "s/'/'\\\\\\\\''/g"` ;;
-    esac
-    case $ac_pass in
-    1) as_fn_append ac_configure_args0 " '$ac_arg'" ;;
-    2)
-      as_fn_append ac_configure_args1 " '$ac_arg'"
-      if test $ac_must_keep_next = true; then
-	ac_must_keep_next=false # Got value, back to normal.
-      else
-	case $ac_arg in
-	  *=* | --config-cache | -C | -disable-* | --disable-* \
-	  | -enable-* | --enable-* | -gas | --g* | -nfp | --nf* \
-	  | -q | -quiet | --q* | -silent | --sil* | -v | -verb* \
-	  | -with-* | --with-* | -without-* | --without-* | --x)
-	    case "$ac_configure_args0 " in
-	      "$ac_configure_args1"*" '$ac_arg' "* ) continue ;;
-	    esac
-	    ;;
-	  -* ) ac_must_keep_next=true ;;
-	esac
-      fi
-      as_fn_append ac_configure_args " '$ac_arg'"
-      ;;
-    esac
-  done
-done
-{ ac_configure_args0=; unset ac_configure_args0;}
-{ ac_configure_args1=; unset ac_configure_args1;}
-
-# When interrupted or exit'd, cleanup temporary files, and complete
-# config.log.  We remove comments because anyway the quotes in there
-# would cause problems or look ugly.
-# WARNING: Use '\'' to represent an apostrophe within the trap.
-# WARNING: Do not start the trap code with a newline, due to a FreeBSD 4.0 bug.
-trap 'exit_status=$?
-  # Save into config.log some information that might help in debugging.
-  {
-    echo
-
-    $as_echo "## ---------------- ##
-## Cache variables. ##
-## ---------------- ##"
-    echo
-    # The following way of writing the cache mishandles newlines in values,
-(
-  for ac_var in `(set) 2>&1 | sed -n '\''s/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'\''`; do
-    eval ac_val=\$$ac_var
-    case $ac_val in #(
-    *${as_nl}*)
-      case $ac_var in #(
-      *_cv_*) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cache variable $ac_var contains a newline" >&5
-$as_echo "$as_me: WARNING: cache variable $ac_var contains a newline" >&2;} ;;
-      esac
-      case $ac_var in #(
-      _ | IFS | as_nl) ;; #(
-      BASH_ARGV | BASH_SOURCE) eval $ac_var= ;; #(
-      *) { eval $ac_var=; unset $ac_var;} ;;
-      esac ;;
-    esac
-  done
-  (set) 2>&1 |
-    case $as_nl`(ac_space='\'' '\''; set) 2>&1` in #(
-    *${as_nl}ac_space=\ *)
-      sed -n \
-	"s/'\''/'\''\\\\'\'''\''/g;
-	  s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1='\''\\2'\''/p"
-      ;; #(
-    *)
-      sed -n "/^[_$as_cr_alnum]*_cv_[_$as_cr_alnum]*=/p"
-      ;;
-    esac |
-    sort
-)
-    echo
-
-    $as_echo "## ----------------- ##
-## Output variables. ##
-## ----------------- ##"
-    echo
-    for ac_var in $ac_subst_vars
-    do
-      eval ac_val=\$$ac_var
-      case $ac_val in
-      *\'\''*) ac_val=`$as_echo "$ac_val" | sed "s/'\''/'\''\\\\\\\\'\'''\''/g"`;;
-      esac
-      $as_echo "$ac_var='\''$ac_val'\''"
-    done | sort
-    echo
-
-    if test -n "$ac_subst_files"; then
-      $as_echo "## ------------------- ##
-## File substitutions. ##
-## ------------------- ##"
-      echo
-      for ac_var in $ac_subst_files
-      do
-	eval ac_val=\$$ac_var
-	case $ac_val in
-	*\'\''*) ac_val=`$as_echo "$ac_val" | sed "s/'\''/'\''\\\\\\\\'\'''\''/g"`;;
-	esac
-	$as_echo "$ac_var='\''$ac_val'\''"
-      done | sort
-      echo
-    fi
-
-    if test -s confdefs.h; then
-      $as_echo "## ----------- ##
-## confdefs.h. ##
-## ----------- ##"
-      echo
-      cat confdefs.h
-      echo
-    fi
-    test "$ac_signal" != 0 &&
-      $as_echo "$as_me: caught signal $ac_signal"
-    $as_echo "$as_me: exit $exit_status"
-  } >&5
-  rm -f core *.core core.conftest.* &&
-    rm -f -r conftest* confdefs* conf$$* $ac_clean_files &&
-    exit $exit_status
-' 0
-for ac_signal in 1 2 13 15; do
-  trap 'ac_signal='$ac_signal'; as_fn_exit 1' $ac_signal
-done
-ac_signal=0
-
-# confdefs.h avoids OS command line length limits that DEFS can exceed.
-rm -f -r conftest* confdefs.h
-
-$as_echo "/* confdefs.h */" > confdefs.h
-
-# Predefined preprocessor variables.
-
-cat >>confdefs.h <<_ACEOF
-#define PACKAGE_NAME "$PACKAGE_NAME"
-_ACEOF
-
-cat >>confdefs.h <<_ACEOF
-#define PACKAGE_TARNAME "$PACKAGE_TARNAME"
-_ACEOF
-
-cat >>confdefs.h <<_ACEOF
-#define PACKAGE_VERSION "$PACKAGE_VERSION"
-_ACEOF
-
-cat >>confdefs.h <<_ACEOF
-#define PACKAGE_STRING "$PACKAGE_STRING"
-_ACEOF
-
-cat >>confdefs.h <<_ACEOF
-#define PACKAGE_BUGREPORT "$PACKAGE_BUGREPORT"
-_ACEOF
-
-cat >>confdefs.h <<_ACEOF
-#define PACKAGE_URL "$PACKAGE_URL"
-_ACEOF
-
-
-# Let the site file select an alternate cache file if it wants to.
-# Prefer an explicitly selected file to automatically selected ones.
-ac_site_file1=NONE
-ac_site_file2=NONE
-if test -n "$CONFIG_SITE"; then
-  # We do not want a PATH search for config.site.
-  case $CONFIG_SITE in #((
-    -*)  ac_site_file1=./$CONFIG_SITE;;
-    */*) ac_site_file1=$CONFIG_SITE;;
-    *)   ac_site_file1=./$CONFIG_SITE;;
-  esac
-elif test "x$prefix" != xNONE; then
-  ac_site_file1=$prefix/share/config.site
-  ac_site_file2=$prefix/etc/config.site
-else
-  ac_site_file1=$ac_default_prefix/share/config.site
-  ac_site_file2=$ac_default_prefix/etc/config.site
-fi
-for ac_site_file in "$ac_site_file1" "$ac_site_file2"
-do
-  test "x$ac_site_file" = xNONE && continue
-  if test /dev/null != "$ac_site_file" && test -r "$ac_site_file"; then
-    { $as_echo "$as_me:${as_lineno-$LINENO}: loading site script $ac_site_file" >&5
-$as_echo "$as_me: loading site script $ac_site_file" >&6;}
-    sed 's/^/| /' "$ac_site_file" >&5
-    . "$ac_site_file" \
-      || { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
-$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
-as_fn_error $? "failed to load site script $ac_site_file
-See \`config.log' for more details" "$LINENO" 5; }
-  fi
-done
-
-if test -r "$cache_file"; then
-  # Some versions of bash will fail to source /dev/null (special files
-  # actually), so we avoid doing that.  DJGPP emulates it as a regular file.
-  if test /dev/null != "$cache_file" && test -f "$cache_file"; then
-    { $as_echo "$as_me:${as_lineno-$LINENO}: loading cache $cache_file" >&5
-$as_echo "$as_me: loading cache $cache_file" >&6;}
-    case $cache_file in
-      [\\/]* | ?:[\\/]* ) . "$cache_file";;
-      *)                      . "./$cache_file";;
-    esac
-  fi
-else
-  { $as_echo "$as_me:${as_lineno-$LINENO}: creating cache $cache_file" >&5
-$as_echo "$as_me: creating cache $cache_file" >&6;}
-  >$cache_file
-fi
-
-# Check that the precious variables saved in the cache have kept the same
-# value.
-ac_cache_corrupted=false
-for ac_var in $ac_precious_vars; do
-  eval ac_old_set=\$ac_cv_env_${ac_var}_set
-  eval ac_new_set=\$ac_env_${ac_var}_set
-  eval ac_old_val=\$ac_cv_env_${ac_var}_value
-  eval ac_new_val=\$ac_env_${ac_var}_value
-  case $ac_old_set,$ac_new_set in
-    set,)
-      { $as_echo "$as_me:${as_lineno-$LINENO}: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&5
-$as_echo "$as_me: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&2;}
-      ac_cache_corrupted=: ;;
-    ,set)
-      { $as_echo "$as_me:${as_lineno-$LINENO}: error: \`$ac_var' was not set in the previous run" >&5
-$as_echo "$as_me: error: \`$ac_var' was not set in the previous run" >&2;}
-      ac_cache_corrupted=: ;;
-    ,);;
-    *)
-      if test "x$ac_old_val" != "x$ac_new_val"; then
-	# differences in whitespace do not lead to failure.
-	ac_old_val_w=`echo x $ac_old_val`
-	ac_new_val_w=`echo x $ac_new_val`
-	if test "$ac_old_val_w" != "$ac_new_val_w"; then
-	  { $as_echo "$as_me:${as_lineno-$LINENO}: error: \`$ac_var' has changed since the previous run:" >&5
-$as_echo "$as_me: error: \`$ac_var' has changed since the previous run:" >&2;}
-	  ac_cache_corrupted=:
-	else
-	  { $as_echo "$as_me:${as_lineno-$LINENO}: warning: ignoring whitespace changes in \`$ac_var' since the previous run:" >&5
-$as_echo "$as_me: warning: ignoring whitespace changes in \`$ac_var' since the previous run:" >&2;}
-	  eval $ac_var=\$ac_old_val
-	fi
-	{ $as_echo "$as_me:${as_lineno-$LINENO}:   former value:  \`$ac_old_val'" >&5
-$as_echo "$as_me:   former value:  \`$ac_old_val'" >&2;}
-	{ $as_echo "$as_me:${as_lineno-$LINENO}:   current value: \`$ac_new_val'" >&5
-$as_echo "$as_me:   current value: \`$ac_new_val'" >&2;}
-      fi;;
-  esac
-  # Pass precious variables to config.status.
-  if test "$ac_new_set" = set; then
-    case $ac_new_val in
-    *\'*) ac_arg=$ac_var=`$as_echo "$ac_new_val" | sed "s/'/'\\\\\\\\''/g"` ;;
-    *) ac_arg=$ac_var=$ac_new_val ;;
-    esac
-    case " $ac_configure_args " in
-      *" '$ac_arg' "*) ;; # Avoid dups.  Use of quotes ensures accuracy.
-      *) as_fn_append ac_configure_args " '$ac_arg'" ;;
-    esac
-  fi
-done
-if $ac_cache_corrupted; then
-  { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
-$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
-  { $as_echo "$as_me:${as_lineno-$LINENO}: error: changes in the environment can compromise the build" >&5
-$as_echo "$as_me: error: changes in the environment can compromise the build" >&2;}
-  as_fn_error $? "run \`make distclean' and/or \`rm $cache_file' and start over" "$LINENO" 5
-fi
-## -------------------- ##
-## Main body of script. ##
-## -------------------- ##
-
-ac_ext=c
-ac_cpp='$CPP $CPPFLAGS'
-ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
-ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
-ac_compiler_gnu=$ac_cv_c_compiler_gnu
-
-
-
-
-ac_ext=c
-ac_cpp='$CPP $CPPFLAGS'
-ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
-ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
-ac_compiler_gnu=$ac_cv_c_compiler_gnu
-
-
-ac_config_headers="$ac_config_headers config.h"
-
-ac_ext=c
-ac_cpp='$CPP $CPPFLAGS'
-ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
-ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
-ac_compiler_gnu=$ac_cv_c_compiler_gnu
-if test -n "$ac_tool_prefix"; then
-  # Extract the first word of "${ac_tool_prefix}gcc", so it can be a program name with args.
-set dummy ${ac_tool_prefix}gcc; ac_word=$2
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
-$as_echo_n "checking for $ac_word... " >&6; }
-if ${ac_cv_prog_CC+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  if test -n "$CC"; then
-  ac_cv_prog_CC="$CC" # Let the user override the test.
-else
-as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH
-do
-  IFS=$as_save_IFS
-  test -z "$as_dir" && as_dir=.
-    for ac_exec_ext in '' $ac_executable_extensions; do
-  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
-    ac_cv_prog_CC="${ac_tool_prefix}gcc"
-    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
-    break 2
-  fi
-done
-  done
-IFS=$as_save_IFS
-
-fi
-fi
-CC=$ac_cv_prog_CC
-if test -n "$CC"; then
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5
-$as_echo "$CC" >&6; }
-else
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-fi
-
-
-fi
-if test -z "$ac_cv_prog_CC"; then
-  ac_ct_CC=$CC
-  # Extract the first word of "gcc", so it can be a program name with args.
-set dummy gcc; ac_word=$2
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
-$as_echo_n "checking for $ac_word... " >&6; }
-if ${ac_cv_prog_ac_ct_CC+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  if test -n "$ac_ct_CC"; then
-  ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test.
-else
-as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH
-do
-  IFS=$as_save_IFS
-  test -z "$as_dir" && as_dir=.
-    for ac_exec_ext in '' $ac_executable_extensions; do
-  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
-    ac_cv_prog_ac_ct_CC="gcc"
-    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
-    break 2
-  fi
-done
-  done
-IFS=$as_save_IFS
-
-fi
-fi
-ac_ct_CC=$ac_cv_prog_ac_ct_CC
-if test -n "$ac_ct_CC"; then
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_CC" >&5
-$as_echo "$ac_ct_CC" >&6; }
-else
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-fi
-
-  if test "x$ac_ct_CC" = x; then
-    CC=""
-  else
-    case $cross_compiling:$ac_tool_warned in
-yes:)
-{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5
-$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;}
-ac_tool_warned=yes ;;
-esac
-    CC=$ac_ct_CC
-  fi
-else
-  CC="$ac_cv_prog_CC"
-fi
-
-if test -z "$CC"; then
-          if test -n "$ac_tool_prefix"; then
-    # Extract the first word of "${ac_tool_prefix}cc", so it can be a program name with args.
-set dummy ${ac_tool_prefix}cc; ac_word=$2
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
-$as_echo_n "checking for $ac_word... " >&6; }
-if ${ac_cv_prog_CC+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  if test -n "$CC"; then
-  ac_cv_prog_CC="$CC" # Let the user override the test.
-else
-as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH
-do
-  IFS=$as_save_IFS
-  test -z "$as_dir" && as_dir=.
-    for ac_exec_ext in '' $ac_executable_extensions; do
-  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
-    ac_cv_prog_CC="${ac_tool_prefix}cc"
-    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
-    break 2
-  fi
-done
-  done
-IFS=$as_save_IFS
-
-fi
-fi
-CC=$ac_cv_prog_CC
-if test -n "$CC"; then
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5
-$as_echo "$CC" >&6; }
-else
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-fi
-
-
-  fi
-fi
-if test -z "$CC"; then
-  # Extract the first word of "cc", so it can be a program name with args.
-set dummy cc; ac_word=$2
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
-$as_echo_n "checking for $ac_word... " >&6; }
-if ${ac_cv_prog_CC+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  if test -n "$CC"; then
-  ac_cv_prog_CC="$CC" # Let the user override the test.
-else
-  ac_prog_rejected=no
-as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH
-do
-  IFS=$as_save_IFS
-  test -z "$as_dir" && as_dir=.
-    for ac_exec_ext in '' $ac_executable_extensions; do
-  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
-    if test "$as_dir/$ac_word$ac_exec_ext" = "/usr/ucb/cc"; then
-       ac_prog_rejected=yes
-       continue
-     fi
-    ac_cv_prog_CC="cc"
-    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
-    break 2
-  fi
-done
-  done
-IFS=$as_save_IFS
-
-if test $ac_prog_rejected = yes; then
-  # We found a bogon in the path, so make sure we never use it.
-  set dummy $ac_cv_prog_CC
-  shift
-  if test $# != 0; then
-    # We chose a different compiler from the bogus one.
-    # However, it has the same basename, so the bogon will be chosen
-    # first if we set CC to just the basename; use the full file name.
-    shift
-    ac_cv_prog_CC="$as_dir/$ac_word${1+' '}$@"
-  fi
-fi
-fi
-fi
-CC=$ac_cv_prog_CC
-if test -n "$CC"; then
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5
-$as_echo "$CC" >&6; }
-else
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-fi
-
-
-fi
-if test -z "$CC"; then
-  if test -n "$ac_tool_prefix"; then
-  for ac_prog in cl.exe
-  do
-    # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args.
-set dummy $ac_tool_prefix$ac_prog; ac_word=$2
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
-$as_echo_n "checking for $ac_word... " >&6; }
-if ${ac_cv_prog_CC+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  if test -n "$CC"; then
-  ac_cv_prog_CC="$CC" # Let the user override the test.
-else
-as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH
-do
-  IFS=$as_save_IFS
-  test -z "$as_dir" && as_dir=.
-    for ac_exec_ext in '' $ac_executable_extensions; do
-  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
-    ac_cv_prog_CC="$ac_tool_prefix$ac_prog"
-    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
-    break 2
-  fi
-done
-  done
-IFS=$as_save_IFS
-
-fi
-fi
-CC=$ac_cv_prog_CC
-if test -n "$CC"; then
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5
-$as_echo "$CC" >&6; }
-else
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-fi
-
-
-    test -n "$CC" && break
-  done
-fi
-if test -z "$CC"; then
-  ac_ct_CC=$CC
-  for ac_prog in cl.exe
-do
-  # Extract the first word of "$ac_prog", so it can be a program name with args.
-set dummy $ac_prog; ac_word=$2
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
-$as_echo_n "checking for $ac_word... " >&6; }
-if ${ac_cv_prog_ac_ct_CC+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  if test -n "$ac_ct_CC"; then
-  ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test.
-else
-as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH
-do
-  IFS=$as_save_IFS
-  test -z "$as_dir" && as_dir=.
-    for ac_exec_ext in '' $ac_executable_extensions; do
-  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
-    ac_cv_prog_ac_ct_CC="$ac_prog"
-    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
-    break 2
-  fi
-done
-  done
-IFS=$as_save_IFS
-
-fi
-fi
-ac_ct_CC=$ac_cv_prog_ac_ct_CC
-if test -n "$ac_ct_CC"; then
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_CC" >&5
-$as_echo "$ac_ct_CC" >&6; }
-else
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-fi
-
-
-  test -n "$ac_ct_CC" && break
-done
-
-  if test "x$ac_ct_CC" = x; then
-    CC=""
-  else
-    case $cross_compiling:$ac_tool_warned in
-yes:)
-{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5
-$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;}
-ac_tool_warned=yes ;;
-esac
-    CC=$ac_ct_CC
-  fi
-fi
-
-fi
-
-
-test -z "$CC" && { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
-$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
-as_fn_error $? "no acceptable C compiler found in \$PATH
-See \`config.log' for more details" "$LINENO" 5; }
-
-# Provide some information about the compiler.
-$as_echo "$as_me:${as_lineno-$LINENO}: checking for C compiler version" >&5
-set X $ac_compile
-ac_compiler=$2
-for ac_option in --version -v -V -qversion; do
-  { { ac_try="$ac_compiler $ac_option >&5"
-case "(($ac_try" in
-  *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
-  *) ac_try_echo=$ac_try;;
-esac
-eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
-$as_echo "$ac_try_echo"; } >&5
-  (eval "$ac_compiler $ac_option >&5") 2>conftest.err
-  ac_status=$?
-  if test -s conftest.err; then
-    sed '10a\
-... rest of stderr output deleted ...
-         10q' conftest.err >conftest.er1
-    cat conftest.er1 >&5
-  fi
-  rm -f conftest.er1 conftest.err
-  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
-  test $ac_status = 0; }
-done
-
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-int
-main ()
-{
-
-  ;
-  return 0;
-}
-_ACEOF
-ac_clean_files_save=$ac_clean_files
-ac_clean_files="$ac_clean_files a.out a.out.dSYM a.exe b.out"
-# Try to create an executable without -o first, disregard a.out.
-# It will help us diagnose broken compilers, and finding out an intuition
-# of exeext.
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the C compiler works" >&5
-$as_echo_n "checking whether the C compiler works... " >&6; }
-ac_link_default=`$as_echo "$ac_link" | sed 's/ -o *conftest[^ ]*//'`
-
-# The possible output files:
-ac_files="a.out conftest.exe conftest a.exe a_out.exe b.out conftest.*"
-
-ac_rmfiles=
-for ac_file in $ac_files
-do
-  case $ac_file in
-    *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM | *.o | *.obj ) ;;
-    * ) ac_rmfiles="$ac_rmfiles $ac_file";;
-  esac
-done
-rm -f $ac_rmfiles
-
-if { { ac_try="$ac_link_default"
-case "(($ac_try" in
-  *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
-  *) ac_try_echo=$ac_try;;
-esac
-eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
-$as_echo "$ac_try_echo"; } >&5
-  (eval "$ac_link_default") 2>&5
-  ac_status=$?
-  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
-  test $ac_status = 0; }; then :
-  # Autoconf-2.13 could set the ac_cv_exeext variable to `no'.
-# So ignore a value of `no', otherwise this would lead to `EXEEXT = no'
-# in a Makefile.  We should not override ac_cv_exeext if it was cached,
-# so that the user can short-circuit this test for compilers unknown to
-# Autoconf.
-for ac_file in $ac_files ''
-do
-  test -f "$ac_file" || continue
-  case $ac_file in
-    *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM | *.o | *.obj )
-	;;
-    [ab].out )
-	# We found the default executable, but exeext='' is most
-	# certainly right.
-	break;;
-    *.* )
-	if test "${ac_cv_exeext+set}" = set && test "$ac_cv_exeext" != no;
-	then :; else
-	   ac_cv_exeext=`expr "$ac_file" : '[^.]*\(\..*\)'`
-	fi
-	# We set ac_cv_exeext here because the later test for it is not
-	# safe: cross compilers may not add the suffix if given an `-o'
-	# argument, so we may need to know it at that point already.
-	# Even if this section looks crufty: it has the advantage of
-	# actually working.
-	break;;
-    * )
-	break;;
-  esac
-done
-test "$ac_cv_exeext" = no && ac_cv_exeext=
-
-else
-  ac_file=''
-fi
-if test -z "$ac_file"; then :
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-$as_echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
-{ { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
-$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
-as_fn_error 77 "C compiler cannot create executables
-See \`config.log' for more details" "$LINENO" 5; }
-else
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for C compiler default output file name" >&5
-$as_echo_n "checking for C compiler default output file name... " >&6; }
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_file" >&5
-$as_echo "$ac_file" >&6; }
-ac_exeext=$ac_cv_exeext
-
-rm -f -r a.out a.out.dSYM a.exe conftest$ac_cv_exeext b.out
-ac_clean_files=$ac_clean_files_save
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for suffix of executables" >&5
-$as_echo_n "checking for suffix of executables... " >&6; }
-if { { ac_try="$ac_link"
-case "(($ac_try" in
-  *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
-  *) ac_try_echo=$ac_try;;
-esac
-eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
-$as_echo "$ac_try_echo"; } >&5
-  (eval "$ac_link") 2>&5
-  ac_status=$?
-  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
-  test $ac_status = 0; }; then :
-  # If both `conftest.exe' and `conftest' are `present' (well, observable)
-# catch `conftest.exe'.  For instance with Cygwin, `ls conftest' will
-# work properly (i.e., refer to `conftest.exe'), while it won't with
-# `rm'.
-for ac_file in conftest.exe conftest conftest.*; do
-  test -f "$ac_file" || continue
-  case $ac_file in
-    *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM | *.o | *.obj ) ;;
-    *.* ) ac_cv_exeext=`expr "$ac_file" : '[^.]*\(\..*\)'`
-	  break;;
-    * ) break;;
-  esac
-done
-else
-  { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
-$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
-as_fn_error $? "cannot compute suffix of executables: cannot compile and link
-See \`config.log' for more details" "$LINENO" 5; }
-fi
-rm -f conftest conftest$ac_cv_exeext
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_exeext" >&5
-$as_echo "$ac_cv_exeext" >&6; }
-
-rm -f conftest.$ac_ext
-EXEEXT=$ac_cv_exeext
-ac_exeext=$EXEEXT
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-#include <stdio.h>
-int
-main ()
-{
-FILE *f = fopen ("conftest.out", "w");
- return ferror (f) || fclose (f) != 0;
-
-  ;
-  return 0;
-}
-_ACEOF
-ac_clean_files="$ac_clean_files conftest.out"
-# Check that the compiler produces executables we can run.  If not, either
-# the compiler is broken, or we cross compile.
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether we are cross compiling" >&5
-$as_echo_n "checking whether we are cross compiling... " >&6; }
-if test "$cross_compiling" != yes; then
-  { { ac_try="$ac_link"
-case "(($ac_try" in
-  *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
-  *) ac_try_echo=$ac_try;;
-esac
-eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
-$as_echo "$ac_try_echo"; } >&5
-  (eval "$ac_link") 2>&5
-  ac_status=$?
-  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
-  test $ac_status = 0; }
-  if { ac_try='./conftest$ac_cv_exeext'
-  { { case "(($ac_try" in
-  *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
-  *) ac_try_echo=$ac_try;;
-esac
-eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
-$as_echo "$ac_try_echo"; } >&5
-  (eval "$ac_try") 2>&5
-  ac_status=$?
-  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
-  test $ac_status = 0; }; }; then
-    cross_compiling=no
-  else
-    if test "$cross_compiling" = maybe; then
-	cross_compiling=yes
-    else
-	{ { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
-$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
-as_fn_error $? "cannot run C compiled programs.
-If you meant to cross compile, use \`--host'.
-See \`config.log' for more details" "$LINENO" 5; }
-    fi
-  fi
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $cross_compiling" >&5
-$as_echo "$cross_compiling" >&6; }
-
-rm -f conftest.$ac_ext conftest$ac_cv_exeext conftest.out
-ac_clean_files=$ac_clean_files_save
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for suffix of object files" >&5
-$as_echo_n "checking for suffix of object files... " >&6; }
-if ${ac_cv_objext+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-int
-main ()
-{
-
-  ;
-  return 0;
-}
-_ACEOF
-rm -f conftest.o conftest.obj
-if { { ac_try="$ac_compile"
-case "(($ac_try" in
-  *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
-  *) ac_try_echo=$ac_try;;
-esac
-eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
-$as_echo "$ac_try_echo"; } >&5
-  (eval "$ac_compile") 2>&5
-  ac_status=$?
-  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
-  test $ac_status = 0; }; then :
-  for ac_file in conftest.o conftest.obj conftest.*; do
-  test -f "$ac_file" || continue;
-  case $ac_file in
-    *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM ) ;;
-    *) ac_cv_objext=`expr "$ac_file" : '.*\.\(.*\)'`
-       break;;
-  esac
-done
-else
-  $as_echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
-{ { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
-$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
-as_fn_error $? "cannot compute suffix of object files: cannot compile
-See \`config.log' for more details" "$LINENO" 5; }
-fi
-rm -f conftest.$ac_cv_objext conftest.$ac_ext
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_objext" >&5
-$as_echo "$ac_cv_objext" >&6; }
-OBJEXT=$ac_cv_objext
-ac_objext=$OBJEXT
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether we are using the GNU C compiler" >&5
-$as_echo_n "checking whether we are using the GNU C compiler... " >&6; }
-if ${ac_cv_c_compiler_gnu+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-int
-main ()
-{
-#ifndef __GNUC__
-       choke me
-#endif
-
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-  ac_compiler_gnu=yes
-else
-  ac_compiler_gnu=no
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-ac_cv_c_compiler_gnu=$ac_compiler_gnu
-
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_c_compiler_gnu" >&5
-$as_echo "$ac_cv_c_compiler_gnu" >&6; }
-if test $ac_compiler_gnu = yes; then
-  GCC=yes
-else
-  GCC=
-fi
-ac_test_CFLAGS=${CFLAGS+set}
-ac_save_CFLAGS=$CFLAGS
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $CC accepts -g" >&5
-$as_echo_n "checking whether $CC accepts -g... " >&6; }
-if ${ac_cv_prog_cc_g+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_save_c_werror_flag=$ac_c_werror_flag
-   ac_c_werror_flag=yes
-   ac_cv_prog_cc_g=no
-   CFLAGS="-g"
-   cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-int
-main ()
-{
-
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-  ac_cv_prog_cc_g=yes
-else
-  CFLAGS=""
-      cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-int
-main ()
-{
-
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-
-else
-  ac_c_werror_flag=$ac_save_c_werror_flag
-	 CFLAGS="-g"
-	 cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-int
-main ()
-{
-
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-  ac_cv_prog_cc_g=yes
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-   ac_c_werror_flag=$ac_save_c_werror_flag
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_g" >&5
-$as_echo "$ac_cv_prog_cc_g" >&6; }
-if test "$ac_test_CFLAGS" = set; then
-  CFLAGS=$ac_save_CFLAGS
-elif test $ac_cv_prog_cc_g = yes; then
-  if test "$GCC" = yes; then
-    CFLAGS="-g -O2"
-  else
-    CFLAGS="-g"
-  fi
-else
-  if test "$GCC" = yes; then
-    CFLAGS="-O2"
-  else
-    CFLAGS=
-  fi
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $CC option to accept ISO C89" >&5
-$as_echo_n "checking for $CC option to accept ISO C89... " >&6; }
-if ${ac_cv_prog_cc_c89+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_cv_prog_cc_c89=no
-ac_save_CC=$CC
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-#include <stdarg.h>
-#include <stdio.h>
-struct stat;
-/* Most of the following tests are stolen from RCS 5.7's src/conf.sh.  */
-struct buf { int x; };
-FILE * (*rcsopen) (struct buf *, struct stat *, int);
-static char *e (p, i)
-     char **p;
-     int i;
-{
-  return p[i];
-}
-static char *f (char * (*g) (char **, int), char **p, ...)
-{
-  char *s;
-  va_list v;
-  va_start (v,p);
-  s = g (p, va_arg (v,int));
-  va_end (v);
-  return s;
-}
-
-/* OSF 4.0 Compaq cc is some sort of almost-ANSI by default.  It has
-   function prototypes and stuff, but not '\xHH' hex character constants.
-   These don't provoke an error unfortunately, instead are silently treated
-   as 'x'.  The following induces an error, until -std is added to get
-   proper ANSI mode.  Curiously '\x00'!='x' always comes out true, for an
-   array size at least.  It's necessary to write '\x00'==0 to get something
-   that's true only with -std.  */
-int osf4_cc_array ['\x00' == 0 ? 1 : -1];
-
-/* IBM C 6 for AIX is almost-ANSI by default, but it replaces macro parameters
-   inside strings and character constants.  */
-#define FOO(x) 'x'
-int xlc6_cc_array[FOO(a) == 'x' ? 1 : -1];
-
-int test (int i, double x);
-struct s1 {int (*f) (int a);};
-struct s2 {int (*f) (double a);};
-int pairnames (int, char **, FILE *(*)(struct buf *, struct stat *, int), int, int);
-int argc;
-char **argv;
-int
-main ()
-{
-return f (e, argv, 0) != argv[0]  ||  f (e, argv, 1) != argv[1];
-  ;
-  return 0;
-}
-_ACEOF
-for ac_arg in '' -qlanglvl=extc89 -qlanglvl=ansi -std \
-	-Ae "-Aa -D_HPUX_SOURCE" "-Xc -D__EXTENSIONS__"
-do
-  CC="$ac_save_CC $ac_arg"
-  if ac_fn_c_try_compile "$LINENO"; then :
-  ac_cv_prog_cc_c89=$ac_arg
-fi
-rm -f core conftest.err conftest.$ac_objext
-  test "x$ac_cv_prog_cc_c89" != "xno" && break
-done
-rm -f conftest.$ac_ext
-CC=$ac_save_CC
-
-fi
-# AC_CACHE_VAL
-case "x$ac_cv_prog_cc_c89" in
-  x)
-    { $as_echo "$as_me:${as_lineno-$LINENO}: result: none needed" >&5
-$as_echo "none needed" >&6; } ;;
-  xno)
-    { $as_echo "$as_me:${as_lineno-$LINENO}: result: unsupported" >&5
-$as_echo "unsupported" >&6; } ;;
-  *)
-    CC="$CC $ac_cv_prog_cc_c89"
-    { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_c89" >&5
-$as_echo "$ac_cv_prog_cc_c89" >&6; } ;;
-esac
-if test "x$ac_cv_prog_cc_c89" != xno; then :
-
-fi
-
-ac_ext=c
-ac_cpp='$CPP $CPPFLAGS'
-ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
-ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
-ac_compiler_gnu=$ac_cv_c_compiler_gnu
-
-ac_aux_dir=
-for ac_dir in "$srcdir" "$srcdir/.." "$srcdir/../.."; do
-  if test -f "$ac_dir/install-sh"; then
-    ac_aux_dir=$ac_dir
-    ac_install_sh="$ac_aux_dir/install-sh -c"
-    break
-  elif test -f "$ac_dir/install.sh"; then
-    ac_aux_dir=$ac_dir
-    ac_install_sh="$ac_aux_dir/install.sh -c"
-    break
-  elif test -f "$ac_dir/shtool"; then
-    ac_aux_dir=$ac_dir
-    ac_install_sh="$ac_aux_dir/shtool install -c"
-    break
-  fi
-done
-if test -z "$ac_aux_dir"; then
-  as_fn_error $? "cannot find install-sh, install.sh, or shtool in \"$srcdir\" \"$srcdir/..\" \"$srcdir/../..\"" "$LINENO" 5
-fi
-
-# These three variables are undocumented and unsupported,
-# and are intended to be withdrawn in a future Autoconf release.
-# They can cause serious problems if a builder's source tree is in a directory
-# whose full name contains unusual characters.
-ac_config_guess="$SHELL $ac_aux_dir/config.guess"  # Please don't use this var.
-ac_config_sub="$SHELL $ac_aux_dir/config.sub"  # Please don't use this var.
-ac_configure="$SHELL $ac_aux_dir/configure"  # Please don't use this var.
-
-
-# Make sure we can run config.sub.
-$SHELL "$ac_aux_dir/config.sub" sun4 >/dev/null 2>&1 ||
-  as_fn_error $? "cannot run $SHELL $ac_aux_dir/config.sub" "$LINENO" 5
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking build system type" >&5
-$as_echo_n "checking build system type... " >&6; }
-if ${ac_cv_build+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_build_alias=$build_alias
-test "x$ac_build_alias" = x &&
-  ac_build_alias=`$SHELL "$ac_aux_dir/config.guess"`
-test "x$ac_build_alias" = x &&
-  as_fn_error $? "cannot guess build type; you must specify one" "$LINENO" 5
-ac_cv_build=`$SHELL "$ac_aux_dir/config.sub" $ac_build_alias` ||
-  as_fn_error $? "$SHELL $ac_aux_dir/config.sub $ac_build_alias failed" "$LINENO" 5
-
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_build" >&5
-$as_echo "$ac_cv_build" >&6; }
-case $ac_cv_build in
-*-*-*) ;;
-*) as_fn_error $? "invalid value of canonical build" "$LINENO" 5;;
-esac
-build=$ac_cv_build
-ac_save_IFS=$IFS; IFS='-'
-set x $ac_cv_build
-shift
-build_cpu=$1
-build_vendor=$2
-shift; shift
-# Remember, the first character of IFS is used to create $*,
-# except with old shells:
-build_os=$*
-IFS=$ac_save_IFS
-case $build_os in *\ *) build_os=`echo "$build_os" | sed 's/ /-/g'`;; esac
-
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking host system type" >&5
-$as_echo_n "checking host system type... " >&6; }
-if ${ac_cv_host+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  if test "x$host_alias" = x; then
-  ac_cv_host=$ac_cv_build
-else
-  ac_cv_host=`$SHELL "$ac_aux_dir/config.sub" $host_alias` ||
-    as_fn_error $? "$SHELL $ac_aux_dir/config.sub $host_alias failed" "$LINENO" 5
-fi
-
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_host" >&5
-$as_echo "$ac_cv_host" >&6; }
-case $ac_cv_host in
-*-*-*) ;;
-*) as_fn_error $? "invalid value of canonical host" "$LINENO" 5;;
-esac
-host=$ac_cv_host
-ac_save_IFS=$IFS; IFS='-'
-set x $ac_cv_host
-shift
-host_cpu=$1
-host_vendor=$2
-shift; shift
-# Remember, the first character of IFS is used to create $*,
-# except with old shells:
-host_os=$*
-IFS=$ac_save_IFS
-case $host_os in *\ *) host_os=`echo "$host_os" | sed 's/ /-/g'`;; esac
-
-
-
-ac_ext=c
-ac_cpp='$CPP $CPPFLAGS'
-ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
-ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
-ac_compiler_gnu=$ac_cv_c_compiler_gnu
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking how to run the C preprocessor" >&5
-$as_echo_n "checking how to run the C preprocessor... " >&6; }
-# On Suns, sometimes $CPP names a directory.
-if test -n "$CPP" && test -d "$CPP"; then
-  CPP=
-fi
-if test -z "$CPP"; then
-  if ${ac_cv_prog_CPP+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-      # Double quotes because CPP needs to be expanded
-    for CPP in "$CC -E" "$CC -E -traditional-cpp" "/lib/cpp"
-    do
-      ac_preproc_ok=false
-for ac_c_preproc_warn_flag in '' yes
-do
-  # Use a header file that comes with gcc, so configuring glibc
-  # with a fresh cross-compiler works.
-  # Prefer <limits.h> to <assert.h> if __STDC__ is defined, since
-  # <limits.h> exists even on freestanding compilers.
-  # On the NeXT, cc -E runs the code through the compiler's parser,
-  # not just through cpp. "Syntax error" is here to catch this case.
-  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-#ifdef __STDC__
-# include <limits.h>
-#else
-# include <assert.h>
-#endif
-		     Syntax error
-_ACEOF
-if ac_fn_c_try_cpp "$LINENO"; then :
-
-else
-  # Broken: fails on valid input.
-continue
-fi
-rm -f conftest.err conftest.i conftest.$ac_ext
-
-  # OK, works on sane cases.  Now check whether nonexistent headers
-  # can be detected and how.
-  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-#include <ac_nonexistent.h>
-_ACEOF
-if ac_fn_c_try_cpp "$LINENO"; then :
-  # Broken: success on invalid input.
-continue
-else
-  # Passes both tests.
-ac_preproc_ok=:
-break
-fi
-rm -f conftest.err conftest.i conftest.$ac_ext
-
-done
-# Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped.
-rm -f conftest.i conftest.err conftest.$ac_ext
-if $ac_preproc_ok; then :
-  break
-fi
-
-    done
-    ac_cv_prog_CPP=$CPP
-
-fi
-  CPP=$ac_cv_prog_CPP
-else
-  ac_cv_prog_CPP=$CPP
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $CPP" >&5
-$as_echo "$CPP" >&6; }
-ac_preproc_ok=false
-for ac_c_preproc_warn_flag in '' yes
-do
-  # Use a header file that comes with gcc, so configuring glibc
-  # with a fresh cross-compiler works.
-  # Prefer <limits.h> to <assert.h> if __STDC__ is defined, since
-  # <limits.h> exists even on freestanding compilers.
-  # On the NeXT, cc -E runs the code through the compiler's parser,
-  # not just through cpp. "Syntax error" is here to catch this case.
-  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-#ifdef __STDC__
-# include <limits.h>
-#else
-# include <assert.h>
-#endif
-		     Syntax error
-_ACEOF
-if ac_fn_c_try_cpp "$LINENO"; then :
-
-else
-  # Broken: fails on valid input.
-continue
-fi
-rm -f conftest.err conftest.i conftest.$ac_ext
-
-  # OK, works on sane cases.  Now check whether nonexistent headers
-  # can be detected and how.
-  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-#include <ac_nonexistent.h>
-_ACEOF
-if ac_fn_c_try_cpp "$LINENO"; then :
-  # Broken: success on invalid input.
-continue
-else
-  # Passes both tests.
-ac_preproc_ok=:
-break
-fi
-rm -f conftest.err conftest.i conftest.$ac_ext
-
-done
-# Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped.
-rm -f conftest.i conftest.err conftest.$ac_ext
-if $ac_preproc_ok; then :
-
-else
-  { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
-$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
-as_fn_error $? "C preprocessor \"$CPP\" fails sanity check
-See \`config.log' for more details" "$LINENO" 5; }
-fi
-
-ac_ext=c
-ac_cpp='$CPP $CPPFLAGS'
-ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
-ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
-ac_compiler_gnu=$ac_cv_c_compiler_gnu
-
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for grep that handles long lines and -e" >&5
-$as_echo_n "checking for grep that handles long lines and -e... " >&6; }
-if ${ac_cv_path_GREP+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  if test -z "$GREP"; then
-  ac_path_GREP_found=false
-  # Loop through the user's path and test for each of PROGNAME-LIST
-  as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH$PATH_SEPARATOR/usr/xpg4/bin
-do
-  IFS=$as_save_IFS
-  test -z "$as_dir" && as_dir=.
-    for ac_prog in grep ggrep; do
-    for ac_exec_ext in '' $ac_executable_extensions; do
-      ac_path_GREP="$as_dir/$ac_prog$ac_exec_ext"
-      as_fn_executable_p "$ac_path_GREP" || continue
-# Check for GNU ac_path_GREP and select it if it is found.
-  # Check for GNU $ac_path_GREP
-case `"$ac_path_GREP" --version 2>&1` in
-*GNU*)
-  ac_cv_path_GREP="$ac_path_GREP" ac_path_GREP_found=:;;
-*)
-  ac_count=0
-  $as_echo_n 0123456789 >"conftest.in"
-  while :
-  do
-    cat "conftest.in" "conftest.in" >"conftest.tmp"
-    mv "conftest.tmp" "conftest.in"
-    cp "conftest.in" "conftest.nl"
-    $as_echo 'GREP' >> "conftest.nl"
-    "$ac_path_GREP" -e 'GREP$' -e '-(cannot match)-' < "conftest.nl" >"conftest.out" 2>/dev/null || break
-    diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break
-    as_fn_arith $ac_count + 1 && ac_count=$as_val
-    if test $ac_count -gt ${ac_path_GREP_max-0}; then
-      # Best one so far, save it but keep looking for a better one
-      ac_cv_path_GREP="$ac_path_GREP"
-      ac_path_GREP_max=$ac_count
-    fi
-    # 10*(2^10) chars as input seems more than enough
-    test $ac_count -gt 10 && break
-  done
-  rm -f conftest.in conftest.tmp conftest.nl conftest.out;;
-esac
-
-      $ac_path_GREP_found && break 3
-    done
-  done
-  done
-IFS=$as_save_IFS
-  if test -z "$ac_cv_path_GREP"; then
-    as_fn_error $? "no acceptable grep could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" "$LINENO" 5
-  fi
-else
-  ac_cv_path_GREP=$GREP
-fi
-
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_path_GREP" >&5
-$as_echo "$ac_cv_path_GREP" >&6; }
- GREP="$ac_cv_path_GREP"
-
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for egrep" >&5
-$as_echo_n "checking for egrep... " >&6; }
-if ${ac_cv_path_EGREP+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  if echo a | $GREP -E '(a|b)' >/dev/null 2>&1
-   then ac_cv_path_EGREP="$GREP -E"
-   else
-     if test -z "$EGREP"; then
-  ac_path_EGREP_found=false
-  # Loop through the user's path and test for each of PROGNAME-LIST
-  as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH$PATH_SEPARATOR/usr/xpg4/bin
-do
-  IFS=$as_save_IFS
-  test -z "$as_dir" && as_dir=.
-    for ac_prog in egrep; do
-    for ac_exec_ext in '' $ac_executable_extensions; do
-      ac_path_EGREP="$as_dir/$ac_prog$ac_exec_ext"
-      as_fn_executable_p "$ac_path_EGREP" || continue
-# Check for GNU ac_path_EGREP and select it if it is found.
-  # Check for GNU $ac_path_EGREP
-case `"$ac_path_EGREP" --version 2>&1` in
-*GNU*)
-  ac_cv_path_EGREP="$ac_path_EGREP" ac_path_EGREP_found=:;;
-*)
-  ac_count=0
-  $as_echo_n 0123456789 >"conftest.in"
-  while :
-  do
-    cat "conftest.in" "conftest.in" >"conftest.tmp"
-    mv "conftest.tmp" "conftest.in"
-    cp "conftest.in" "conftest.nl"
-    $as_echo 'EGREP' >> "conftest.nl"
-    "$ac_path_EGREP" 'EGREP$' < "conftest.nl" >"conftest.out" 2>/dev/null || break
-    diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break
-    as_fn_arith $ac_count + 1 && ac_count=$as_val
-    if test $ac_count -gt ${ac_path_EGREP_max-0}; then
-      # Best one so far, save it but keep looking for a better one
-      ac_cv_path_EGREP="$ac_path_EGREP"
-      ac_path_EGREP_max=$ac_count
-    fi
-    # 10*(2^10) chars as input seems more than enough
-    test $ac_count -gt 10 && break
-  done
-  rm -f conftest.in conftest.tmp conftest.nl conftest.out;;
-esac
-
-      $ac_path_EGREP_found && break 3
-    done
-  done
-  done
-IFS=$as_save_IFS
-  if test -z "$ac_cv_path_EGREP"; then
-    as_fn_error $? "no acceptable egrep could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" "$LINENO" 5
-  fi
-else
-  ac_cv_path_EGREP=$EGREP
-fi
-
-   fi
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_path_EGREP" >&5
-$as_echo "$ac_cv_path_EGREP" >&6; }
- EGREP="$ac_cv_path_EGREP"
-
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for ANSI C header files" >&5
-$as_echo_n "checking for ANSI C header files... " >&6; }
-if ${ac_cv_header_stdc+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-#include <stdlib.h>
-#include <stdarg.h>
-#include <string.h>
-#include <float.h>
-
-int
-main ()
-{
-
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-  ac_cv_header_stdc=yes
-else
-  ac_cv_header_stdc=no
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-
-if test $ac_cv_header_stdc = yes; then
-  # SunOS 4.x string.h does not declare mem*, contrary to ANSI.
-  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-#include <string.h>
-
-_ACEOF
-if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
-  $EGREP "memchr" >/dev/null 2>&1; then :
-
-else
-  ac_cv_header_stdc=no
-fi
-rm -f conftest*
-
-fi
-
-if test $ac_cv_header_stdc = yes; then
-  # ISC 2.0.2 stdlib.h does not declare free, contrary to ANSI.
-  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-#include <stdlib.h>
-
-_ACEOF
-if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
-  $EGREP "free" >/dev/null 2>&1; then :
-
-else
-  ac_cv_header_stdc=no
-fi
-rm -f conftest*
-
-fi
-
-if test $ac_cv_header_stdc = yes; then
-  # /bin/cc in Irix-4.0.5 gets non-ANSI ctype macros unless using -ansi.
-  if test "$cross_compiling" = yes; then :
-  :
-else
-  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-#include <ctype.h>
-#include <stdlib.h>
-#if ((' ' & 0x0FF) == 0x020)
-# define ISLOWER(c) ('a' <= (c) && (c) <= 'z')
-# define TOUPPER(c) (ISLOWER(c) ? 'A' + ((c) - 'a') : (c))
-#else
-# define ISLOWER(c) \
-		   (('a' <= (c) && (c) <= 'i') \
-		     || ('j' <= (c) && (c) <= 'r') \
-		     || ('s' <= (c) && (c) <= 'z'))
-# define TOUPPER(c) (ISLOWER(c) ? ((c) | 0x40) : (c))
-#endif
-
-#define XOR(e, f) (((e) && !(f)) || (!(e) && (f)))
-int
-main ()
-{
-  int i;
-  for (i = 0; i < 256; i++)
-    if (XOR (islower (i), ISLOWER (i))
-	|| toupper (i) != TOUPPER (i))
-      return 2;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_run "$LINENO"; then :
-
-else
-  ac_cv_header_stdc=no
-fi
-rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \
-  conftest.$ac_objext conftest.beam conftest.$ac_ext
-fi
-
-fi
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_header_stdc" >&5
-$as_echo "$ac_cv_header_stdc" >&6; }
-if test $ac_cv_header_stdc = yes; then
-
-$as_echo "#define STDC_HEADERS 1" >>confdefs.h
-
-fi
-
-# On IRIX 5.3, sys/types and inttypes.h are conflicting.
-for ac_header in sys/types.h sys/stat.h stdlib.h string.h memory.h strings.h \
-		  inttypes.h stdint.h unistd.h
-do :
-  as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh`
-ac_fn_c_check_header_compile "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default
-"
-if eval test \"x\$"$as_ac_Header"\" = x"yes"; then :
-  cat >>confdefs.h <<_ACEOF
-#define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1
-_ACEOF
-
-fi
-
-done
-
-
- { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether byte ordering is bigendian" >&5
-$as_echo_n "checking whether byte ordering is bigendian... " >&6; }
-if ${ac_cv_c_bigendian+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_cv_c_bigendian=unknown
-    # See if we're dealing with a universal compiler.
-    cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-#ifndef __APPLE_CC__
-	       not a universal capable compiler
-	     #endif
-	     typedef int dummy;
-
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-
-	# Check for potential -arch flags.  It is not universal unless
-	# there are at least two -arch flags with different values.
-	ac_arch=
-	ac_prev=
-	for ac_word in $CC $CFLAGS $CPPFLAGS $LDFLAGS; do
-	 if test -n "$ac_prev"; then
-	   case $ac_word in
-	     i?86 | x86_64 | ppc | ppc64)
-	       if test -z "$ac_arch" || test "$ac_arch" = "$ac_word"; then
-		 ac_arch=$ac_word
-	       else
-		 ac_cv_c_bigendian=universal
-		 break
-	       fi
-	       ;;
-	   esac
-	   ac_prev=
-	 elif test "x$ac_word" = "x-arch"; then
-	   ac_prev=arch
-	 fi
-       done
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-    if test $ac_cv_c_bigendian = unknown; then
-      # See if sys/param.h defines the BYTE_ORDER macro.
-      cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-#include <sys/types.h>
-	     #include <sys/param.h>
-
-int
-main ()
-{
-#if ! (defined BYTE_ORDER && defined BIG_ENDIAN \
-		     && defined LITTLE_ENDIAN && BYTE_ORDER && BIG_ENDIAN \
-		     && LITTLE_ENDIAN)
-	      bogus endian macros
-	     #endif
-
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-  # It does; now see whether it defined to BIG_ENDIAN or not.
-	 cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-#include <sys/types.h>
-		#include <sys/param.h>
-
-int
-main ()
-{
-#if BYTE_ORDER != BIG_ENDIAN
-		 not big endian
-		#endif
-
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-  ac_cv_c_bigendian=yes
-else
-  ac_cv_c_bigendian=no
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-    fi
-    if test $ac_cv_c_bigendian = unknown; then
-      # See if <limits.h> defines _LITTLE_ENDIAN or _BIG_ENDIAN (e.g., Solaris).
-      cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-#include <limits.h>
-
-int
-main ()
-{
-#if ! (defined _LITTLE_ENDIAN || defined _BIG_ENDIAN)
-	      bogus endian macros
-	     #endif
-
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-  # It does; now see whether it defined to _BIG_ENDIAN or not.
-	 cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-#include <limits.h>
-
-int
-main ()
-{
-#ifndef _BIG_ENDIAN
-		 not big endian
-		#endif
-
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-  ac_cv_c_bigendian=yes
-else
-  ac_cv_c_bigendian=no
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-    fi
-    if test $ac_cv_c_bigendian = unknown; then
-      # Compile a test program.
-      if test "$cross_compiling" = yes; then :
-  # Try to guess by grepping values from an object file.
-	 cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-short int ascii_mm[] =
-		  { 0x4249, 0x4765, 0x6E44, 0x6961, 0x6E53, 0x7953, 0 };
-		short int ascii_ii[] =
-		  { 0x694C, 0x5454, 0x656C, 0x6E45, 0x6944, 0x6E61, 0 };
-		int use_ascii (int i) {
-		  return ascii_mm[i] + ascii_ii[i];
-		}
-		short int ebcdic_ii[] =
-		  { 0x89D3, 0xE3E3, 0x8593, 0x95C5, 0x89C4, 0x9581, 0 };
-		short int ebcdic_mm[] =
-		  { 0xC2C9, 0xC785, 0x95C4, 0x8981, 0x95E2, 0xA8E2, 0 };
-		int use_ebcdic (int i) {
-		  return ebcdic_mm[i] + ebcdic_ii[i];
-		}
-		extern int foo;
-
-int
-main ()
-{
-return use_ascii (foo) == use_ebcdic (foo);
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-  if grep BIGenDianSyS conftest.$ac_objext >/dev/null; then
-	      ac_cv_c_bigendian=yes
-	    fi
-	    if grep LiTTleEnDian conftest.$ac_objext >/dev/null ; then
-	      if test "$ac_cv_c_bigendian" = unknown; then
-		ac_cv_c_bigendian=no
-	      else
-		# finding both strings is unlikely to happen, but who knows?
-		ac_cv_c_bigendian=unknown
-	      fi
-	    fi
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-else
-  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-$ac_includes_default
-int
-main ()
-{
-
-	     /* Are we little or big endian?  From Harbison&Steele.  */
-	     union
-	     {
-	       long int l;
-	       char c[sizeof (long int)];
-	     } u;
-	     u.l = 1;
-	     return u.c[sizeof (long int) - 1] == 1;
-
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_run "$LINENO"; then :
-  ac_cv_c_bigendian=no
-else
-  ac_cv_c_bigendian=yes
-fi
-rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \
-  conftest.$ac_objext conftest.beam conftest.$ac_ext
-fi
-
-    fi
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_c_bigendian" >&5
-$as_echo "$ac_cv_c_bigendian" >&6; }
- case $ac_cv_c_bigendian in #(
-   yes)
-     $as_echo "#define WORDS_BIGENDIAN 1" >>confdefs.h
-;; #(
-   no)
-      ;; #(
-   universal)
-
-$as_echo "#define AC_APPLE_UNIVERSAL_BUILD 1" >>confdefs.h
-
-     ;; #(
-   *)
-     as_fn_error $? "unknown endianness
- presetting ac_cv_c_bigendian=no (or yes) will help" "$LINENO" 5 ;;
- esac
-
-
-# Checks for programs.
-for ac_prog in gawk mawk nawk awk
-do
-  # Extract the first word of "$ac_prog", so it can be a program name with args.
-set dummy $ac_prog; ac_word=$2
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
-$as_echo_n "checking for $ac_word... " >&6; }
-if ${ac_cv_prog_AWK+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  if test -n "$AWK"; then
-  ac_cv_prog_AWK="$AWK" # Let the user override the test.
-else
-as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH
-do
-  IFS=$as_save_IFS
-  test -z "$as_dir" && as_dir=.
-    for ac_exec_ext in '' $ac_executable_extensions; do
-  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
-    ac_cv_prog_AWK="$ac_prog"
-    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
-    break 2
-  fi
-done
-  done
-IFS=$as_save_IFS
-
-fi
-fi
-AWK=$ac_cv_prog_AWK
-if test -n "$AWK"; then
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $AWK" >&5
-$as_echo "$AWK" >&6; }
-else
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-fi
-
-
-  test -n "$AWK" && break
-done
-
-ac_ext=c
-ac_cpp='$CPP $CPPFLAGS'
-ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
-ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
-ac_compiler_gnu=$ac_cv_c_compiler_gnu
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking how to run the C preprocessor" >&5
-$as_echo_n "checking how to run the C preprocessor... " >&6; }
-# On Suns, sometimes $CPP names a directory.
-if test -n "$CPP" && test -d "$CPP"; then
-  CPP=
-fi
-if test -z "$CPP"; then
-  if ${ac_cv_prog_CPP+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-      # Double quotes because CPP needs to be expanded
-    for CPP in "$CC -E" "$CC -E -traditional-cpp" "/lib/cpp"
-    do
-      ac_preproc_ok=false
-for ac_c_preproc_warn_flag in '' yes
-do
-  # Use a header file that comes with gcc, so configuring glibc
-  # with a fresh cross-compiler works.
-  # Prefer <limits.h> to <assert.h> if __STDC__ is defined, since
-  # <limits.h> exists even on freestanding compilers.
-  # On the NeXT, cc -E runs the code through the compiler's parser,
-  # not just through cpp. "Syntax error" is here to catch this case.
-  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-#ifdef __STDC__
-# include <limits.h>
-#else
-# include <assert.h>
-#endif
-		     Syntax error
-_ACEOF
-if ac_fn_c_try_cpp "$LINENO"; then :
-
-else
-  # Broken: fails on valid input.
-continue
-fi
-rm -f conftest.err conftest.i conftest.$ac_ext
-
-  # OK, works on sane cases.  Now check whether nonexistent headers
-  # can be detected and how.
-  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-#include <ac_nonexistent.h>
-_ACEOF
-if ac_fn_c_try_cpp "$LINENO"; then :
-  # Broken: success on invalid input.
-continue
-else
-  # Passes both tests.
-ac_preproc_ok=:
-break
-fi
-rm -f conftest.err conftest.i conftest.$ac_ext
-
-done
-# Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped.
-rm -f conftest.i conftest.err conftest.$ac_ext
-if $ac_preproc_ok; then :
-  break
-fi
-
-    done
-    ac_cv_prog_CPP=$CPP
-
-fi
-  CPP=$ac_cv_prog_CPP
-else
-  ac_cv_prog_CPP=$CPP
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $CPP" >&5
-$as_echo "$CPP" >&6; }
-ac_preproc_ok=false
-for ac_c_preproc_warn_flag in '' yes
-do
-  # Use a header file that comes with gcc, so configuring glibc
-  # with a fresh cross-compiler works.
-  # Prefer <limits.h> to <assert.h> if __STDC__ is defined, since
-  # <limits.h> exists even on freestanding compilers.
-  # On the NeXT, cc -E runs the code through the compiler's parser,
-  # not just through cpp. "Syntax error" is here to catch this case.
-  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-#ifdef __STDC__
-# include <limits.h>
-#else
-# include <assert.h>
-#endif
-		     Syntax error
-_ACEOF
-if ac_fn_c_try_cpp "$LINENO"; then :
-
-else
-  # Broken: fails on valid input.
-continue
-fi
-rm -f conftest.err conftest.i conftest.$ac_ext
-
-  # OK, works on sane cases.  Now check whether nonexistent headers
-  # can be detected and how.
-  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-#include <ac_nonexistent.h>
-_ACEOF
-if ac_fn_c_try_cpp "$LINENO"; then :
-  # Broken: success on invalid input.
-continue
-else
-  # Passes both tests.
-ac_preproc_ok=:
-break
-fi
-rm -f conftest.err conftest.i conftest.$ac_ext
-
-done
-# Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped.
-rm -f conftest.i conftest.err conftest.$ac_ext
-if $ac_preproc_ok; then :
-
-else
-  { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
-$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
-as_fn_error $? "C preprocessor \"$CPP\" fails sanity check
-See \`config.log' for more details" "$LINENO" 5; }
-fi
-
-ac_ext=c
-ac_cpp='$CPP $CPPFLAGS'
-ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
-ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
-ac_compiler_gnu=$ac_cv_c_compiler_gnu
-
-if test -n "$ac_tool_prefix"; then
-  # Extract the first word of "${ac_tool_prefix}ranlib", so it can be a program name with args.
-set dummy ${ac_tool_prefix}ranlib; ac_word=$2
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
-$as_echo_n "checking for $ac_word... " >&6; }
-if ${ac_cv_prog_RANLIB+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  if test -n "$RANLIB"; then
-  ac_cv_prog_RANLIB="$RANLIB" # Let the user override the test.
-else
-as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH
-do
-  IFS=$as_save_IFS
-  test -z "$as_dir" && as_dir=.
-    for ac_exec_ext in '' $ac_executable_extensions; do
-  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
-    ac_cv_prog_RANLIB="${ac_tool_prefix}ranlib"
-    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
-    break 2
-  fi
-done
-  done
-IFS=$as_save_IFS
-
-fi
-fi
-RANLIB=$ac_cv_prog_RANLIB
-if test -n "$RANLIB"; then
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $RANLIB" >&5
-$as_echo "$RANLIB" >&6; }
-else
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-fi
-
-
-fi
-if test -z "$ac_cv_prog_RANLIB"; then
-  ac_ct_RANLIB=$RANLIB
-  # Extract the first word of "ranlib", so it can be a program name with args.
-set dummy ranlib; ac_word=$2
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
-$as_echo_n "checking for $ac_word... " >&6; }
-if ${ac_cv_prog_ac_ct_RANLIB+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  if test -n "$ac_ct_RANLIB"; then
-  ac_cv_prog_ac_ct_RANLIB="$ac_ct_RANLIB" # Let the user override the test.
-else
-as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH
-do
-  IFS=$as_save_IFS
-  test -z "$as_dir" && as_dir=.
-    for ac_exec_ext in '' $ac_executable_extensions; do
-  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
-    ac_cv_prog_ac_ct_RANLIB="ranlib"
-    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
-    break 2
-  fi
-done
-  done
-IFS=$as_save_IFS
-
-fi
-fi
-ac_ct_RANLIB=$ac_cv_prog_ac_ct_RANLIB
-if test -n "$ac_ct_RANLIB"; then
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_RANLIB" >&5
-$as_echo "$ac_ct_RANLIB" >&6; }
-else
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-fi
-
-  if test "x$ac_ct_RANLIB" = x; then
-    RANLIB=":"
-  else
-    case $cross_compiling:$ac_tool_warned in
-yes:)
-{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5
-$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;}
-ac_tool_warned=yes ;;
-esac
-    RANLIB=$ac_ct_RANLIB
-  fi
-else
-  RANLIB="$ac_cv_prog_RANLIB"
-fi
-
-# Find a good install program.  We prefer a C program (faster),
-# so one script is as good as another.  But avoid the broken or
-# incompatible versions:
-# SysV /etc/install, /usr/sbin/install
-# SunOS /usr/etc/install
-# IRIX /sbin/install
-# AIX /bin/install
-# AmigaOS /C/install, which installs bootblocks on floppy discs
-# AIX 4 /usr/bin/installbsd, which doesn't work without a -g flag
-# AFS /usr/afsws/bin/install, which mishandles nonexistent args
-# SVR4 /usr/ucb/install, which tries to use the nonexistent group "staff"
-# OS/2's system install, which has a completely different semantic
-# ./install, which can be erroneously created by make from ./install.sh.
-# Reject install programs that cannot install multiple files.
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for a BSD-compatible install" >&5
-$as_echo_n "checking for a BSD-compatible install... " >&6; }
-if test -z "$INSTALL"; then
-if ${ac_cv_path_install+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH
-do
-  IFS=$as_save_IFS
-  test -z "$as_dir" && as_dir=.
-    # Account for people who put trailing slashes in PATH elements.
-case $as_dir/ in #((
-  ./ | .// | /[cC]/* | \
-  /etc/* | /usr/sbin/* | /usr/etc/* | /sbin/* | /usr/afsws/bin/* | \
-  ?:[\\/]os2[\\/]install[\\/]* | ?:[\\/]OS2[\\/]INSTALL[\\/]* | \
-  /usr/ucb/* ) ;;
-  *)
-    # OSF1 and SCO ODT 3.0 have their own names for install.
-    # Don't use installbsd from OSF since it installs stuff as root
-    # by default.
-    for ac_prog in ginstall scoinst install; do
-      for ac_exec_ext in '' $ac_executable_extensions; do
-	if as_fn_executable_p "$as_dir/$ac_prog$ac_exec_ext"; then
-	  if test $ac_prog = install &&
-	    grep dspmsg "$as_dir/$ac_prog$ac_exec_ext" >/dev/null 2>&1; then
-	    # AIX install.  It has an incompatible calling convention.
-	    :
-	  elif test $ac_prog = install &&
-	    grep pwplus "$as_dir/$ac_prog$ac_exec_ext" >/dev/null 2>&1; then
-	    # program-specific install script used by HP pwplus--don't use.
-	    :
-	  else
-	    rm -rf conftest.one conftest.two conftest.dir
-	    echo one > conftest.one
-	    echo two > conftest.two
-	    mkdir conftest.dir
-	    if "$as_dir/$ac_prog$ac_exec_ext" -c conftest.one conftest.two "`pwd`/conftest.dir" &&
-	      test -s conftest.one && test -s conftest.two &&
-	      test -s conftest.dir/conftest.one &&
-	      test -s conftest.dir/conftest.two
-	    then
-	      ac_cv_path_install="$as_dir/$ac_prog$ac_exec_ext -c"
-	      break 3
-	    fi
-	  fi
-	fi
-      done
-    done
-    ;;
-esac
-
-  done
-IFS=$as_save_IFS
-
-rm -rf conftest.one conftest.two conftest.dir
-
-fi
-  if test "${ac_cv_path_install+set}" = set; then
-    INSTALL=$ac_cv_path_install
-  else
-    # As a last resort, use the slow shell script.  Don't cache a
-    # value for INSTALL within a source directory, because that will
-    # break other packages using the cache if that directory is
-    # removed, or if the value is a relative name.
-    INSTALL=$ac_install_sh
-  fi
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $INSTALL" >&5
-$as_echo "$INSTALL" >&6; }
-
-# Use test -z because SunOS4 sh mishandles braces in ${var-val}.
-# It thinks the first close brace ends the variable substitution.
-test -z "$INSTALL_PROGRAM" && INSTALL_PROGRAM='${INSTALL}'
-
-test -z "$INSTALL_SCRIPT" && INSTALL_SCRIPT='${INSTALL}'
-
-test -z "$INSTALL_DATA" && INSTALL_DATA='${INSTALL} -m 644'
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for egrep" >&5
-$as_echo_n "checking for egrep... " >&6; }
-if ${ac_cv_path_EGREP+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  if echo a | $GREP -E '(a|b)' >/dev/null 2>&1
-   then ac_cv_path_EGREP="$GREP -E"
-   else
-     if test -z "$EGREP"; then
-  ac_path_EGREP_found=false
-  # Loop through the user's path and test for each of PROGNAME-LIST
-  as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH$PATH_SEPARATOR/usr/xpg4/bin
-do
-  IFS=$as_save_IFS
-  test -z "$as_dir" && as_dir=.
-    for ac_prog in egrep; do
-    for ac_exec_ext in '' $ac_executable_extensions; do
-      ac_path_EGREP="$as_dir/$ac_prog$ac_exec_ext"
-      as_fn_executable_p "$ac_path_EGREP" || continue
-# Check for GNU ac_path_EGREP and select it if it is found.
-  # Check for GNU $ac_path_EGREP
-case `"$ac_path_EGREP" --version 2>&1` in
-*GNU*)
-  ac_cv_path_EGREP="$ac_path_EGREP" ac_path_EGREP_found=:;;
-*)
-  ac_count=0
-  $as_echo_n 0123456789 >"conftest.in"
-  while :
-  do
-    cat "conftest.in" "conftest.in" >"conftest.tmp"
-    mv "conftest.tmp" "conftest.in"
-    cp "conftest.in" "conftest.nl"
-    $as_echo 'EGREP' >> "conftest.nl"
-    "$ac_path_EGREP" 'EGREP$' < "conftest.nl" >"conftest.out" 2>/dev/null || break
-    diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break
-    as_fn_arith $ac_count + 1 && ac_count=$as_val
-    if test $ac_count -gt ${ac_path_EGREP_max-0}; then
-      # Best one so far, save it but keep looking for a better one
-      ac_cv_path_EGREP="$ac_path_EGREP"
-      ac_path_EGREP_max=$ac_count
-    fi
-    # 10*(2^10) chars as input seems more than enough
-    test $ac_count -gt 10 && break
-  done
-  rm -f conftest.in conftest.tmp conftest.nl conftest.out;;
-esac
-
-      $ac_path_EGREP_found && break 3
-    done
-  done
-  done
-IFS=$as_save_IFS
-  if test -z "$ac_cv_path_EGREP"; then
-    as_fn_error $? "no acceptable egrep could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" "$LINENO" 5
-  fi
-else
-  ac_cv_path_EGREP=$EGREP
-fi
-
-   fi
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_path_EGREP" >&5
-$as_echo "$ac_cv_path_EGREP" >&6; }
- EGREP="$ac_cv_path_EGREP"
-
-
-if test -n "$ac_tool_prefix"; then
-  for ac_prog in ar
-  do
-    # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args.
-set dummy $ac_tool_prefix$ac_prog; ac_word=$2
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
-$as_echo_n "checking for $ac_word... " >&6; }
-if ${ac_cv_prog_AR+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  if test -n "$AR"; then
-  ac_cv_prog_AR="$AR" # Let the user override the test.
-else
-as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH
-do
-  IFS=$as_save_IFS
-  test -z "$as_dir" && as_dir=.
-    for ac_exec_ext in '' $ac_executable_extensions; do
-  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
-    ac_cv_prog_AR="$ac_tool_prefix$ac_prog"
-    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
-    break 2
-  fi
-done
-  done
-IFS=$as_save_IFS
-
-fi
-fi
-AR=$ac_cv_prog_AR
-if test -n "$AR"; then
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $AR" >&5
-$as_echo "$AR" >&6; }
-else
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-fi
-
-
-    test -n "$AR" && break
-  done
-fi
-if test -z "$AR"; then
-  ac_ct_AR=$AR
-  for ac_prog in ar
-do
-  # Extract the first word of "$ac_prog", so it can be a program name with args.
-set dummy $ac_prog; ac_word=$2
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
-$as_echo_n "checking for $ac_word... " >&6; }
-if ${ac_cv_prog_ac_ct_AR+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  if test -n "$ac_ct_AR"; then
-  ac_cv_prog_ac_ct_AR="$ac_ct_AR" # Let the user override the test.
-else
-as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH
-do
-  IFS=$as_save_IFS
-  test -z "$as_dir" && as_dir=.
-    for ac_exec_ext in '' $ac_executable_extensions; do
-  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
-    ac_cv_prog_ac_ct_AR="$ac_prog"
-    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
-    break 2
-  fi
-done
-  done
-IFS=$as_save_IFS
-
-fi
-fi
-ac_ct_AR=$ac_cv_prog_ac_ct_AR
-if test -n "$ac_ct_AR"; then
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_AR" >&5
-$as_echo "$ac_ct_AR" >&6; }
-else
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-fi
-
-
-  test -n "$ac_ct_AR" && break
-done
-
-  if test "x$ac_ct_AR" = x; then
-    AR=""
-  else
-    case $cross_compiling:$ac_tool_warned in
-yes:)
-{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5
-$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;}
-ac_tool_warned=yes ;;
-esac
-    AR=$ac_ct_AR
-  fi
-fi
-
-# Extract the first word of "cat", so it can be a program name with args.
-set dummy cat; ac_word=$2
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
-$as_echo_n "checking for $ac_word... " >&6; }
-if ${ac_cv_path_CAT+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  case $CAT in
-  [\\/]* | ?:[\\/]*)
-  ac_cv_path_CAT="$CAT" # Let the user override the test with a path.
-  ;;
-  *)
-  as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH
-do
-  IFS=$as_save_IFS
-  test -z "$as_dir" && as_dir=.
-    for ac_exec_ext in '' $ac_executable_extensions; do
-  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
-    ac_cv_path_CAT="$as_dir/$ac_word$ac_exec_ext"
-    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
-    break 2
-  fi
-done
-  done
-IFS=$as_save_IFS
-
-  ;;
-esac
-fi
-CAT=$ac_cv_path_CAT
-if test -n "$CAT"; then
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CAT" >&5
-$as_echo "$CAT" >&6; }
-else
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-fi
-
-
-# Extract the first word of "kill", so it can be a program name with args.
-set dummy kill; ac_word=$2
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
-$as_echo_n "checking for $ac_word... " >&6; }
-if ${ac_cv_path_KILL+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  case $KILL in
-  [\\/]* | ?:[\\/]*)
-  ac_cv_path_KILL="$KILL" # Let the user override the test with a path.
-  ;;
-  *)
-  as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH
-do
-  IFS=$as_save_IFS
-  test -z "$as_dir" && as_dir=.
-    for ac_exec_ext in '' $ac_executable_extensions; do
-  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
-    ac_cv_path_KILL="$as_dir/$ac_word$ac_exec_ext"
-    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
-    break 2
-  fi
-done
-  done
-IFS=$as_save_IFS
-
-  ;;
-esac
-fi
-KILL=$ac_cv_path_KILL
-if test -n "$KILL"; then
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $KILL" >&5
-$as_echo "$KILL" >&6; }
-else
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-fi
-
-
-for ac_prog in perl5 perl
-do
-  # Extract the first word of "$ac_prog", so it can be a program name with args.
-set dummy $ac_prog; ac_word=$2
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
-$as_echo_n "checking for $ac_word... " >&6; }
-if ${ac_cv_path_PERL+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  case $PERL in
-  [\\/]* | ?:[\\/]*)
-  ac_cv_path_PERL="$PERL" # Let the user override the test with a path.
-  ;;
-  *)
-  as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH
-do
-  IFS=$as_save_IFS
-  test -z "$as_dir" && as_dir=.
-    for ac_exec_ext in '' $ac_executable_extensions; do
-  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
-    ac_cv_path_PERL="$as_dir/$ac_word$ac_exec_ext"
-    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
-    break 2
-  fi
-done
-  done
-IFS=$as_save_IFS
-
-  ;;
-esac
-fi
-PERL=$ac_cv_path_PERL
-if test -n "$PERL"; then
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $PERL" >&5
-$as_echo "$PERL" >&6; }
-else
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-fi
-
-
-  test -n "$PERL" && break
-done
-
-# Extract the first word of "sed", so it can be a program name with args.
-set dummy sed; ac_word=$2
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
-$as_echo_n "checking for $ac_word... " >&6; }
-if ${ac_cv_path_SED+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  case $SED in
-  [\\/]* | ?:[\\/]*)
-  ac_cv_path_SED="$SED" # Let the user override the test with a path.
-  ;;
-  *)
-  as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH
-do
-  IFS=$as_save_IFS
-  test -z "$as_dir" && as_dir=.
-    for ac_exec_ext in '' $ac_executable_extensions; do
-  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
-    ac_cv_path_SED="$as_dir/$ac_word$ac_exec_ext"
-    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
-    break 2
-  fi
-done
-  done
-IFS=$as_save_IFS
-
-  ;;
-esac
-fi
-SED=$ac_cv_path_SED
-if test -n "$SED"; then
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $SED" >&5
-$as_echo "$SED" >&6; }
-else
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-fi
-
-
-
-# Extract the first word of "ent", so it can be a program name with args.
-set dummy ent; ac_word=$2
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
-$as_echo_n "checking for $ac_word... " >&6; }
-if ${ac_cv_path_ENT+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  case $ENT in
-  [\\/]* | ?:[\\/]*)
-  ac_cv_path_ENT="$ENT" # Let the user override the test with a path.
-  ;;
-  *)
-  as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH
-do
-  IFS=$as_save_IFS
-  test -z "$as_dir" && as_dir=.
-    for ac_exec_ext in '' $ac_executable_extensions; do
-  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
-    ac_cv_path_ENT="$as_dir/$ac_word$ac_exec_ext"
-    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
-    break 2
-  fi
-done
-  done
-IFS=$as_save_IFS
-
-  ;;
-esac
-fi
-ENT=$ac_cv_path_ENT
-if test -n "$ENT"; then
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ENT" >&5
-$as_echo "$ENT" >&6; }
-else
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-fi
-
-
-
-# Extract the first word of "bash", so it can be a program name with args.
-set dummy bash; ac_word=$2
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
-$as_echo_n "checking for $ac_word... " >&6; }
-if ${ac_cv_path_TEST_MINUS_S_SH+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  case $TEST_MINUS_S_SH in
-  [\\/]* | ?:[\\/]*)
-  ac_cv_path_TEST_MINUS_S_SH="$TEST_MINUS_S_SH" # Let the user override the test with a path.
-  ;;
-  *)
-  as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH
-do
-  IFS=$as_save_IFS
-  test -z "$as_dir" && as_dir=.
-    for ac_exec_ext in '' $ac_executable_extensions; do
-  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
-    ac_cv_path_TEST_MINUS_S_SH="$as_dir/$ac_word$ac_exec_ext"
-    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
-    break 2
-  fi
-done
-  done
-IFS=$as_save_IFS
-
-  ;;
-esac
-fi
-TEST_MINUS_S_SH=$ac_cv_path_TEST_MINUS_S_SH
-if test -n "$TEST_MINUS_S_SH"; then
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $TEST_MINUS_S_SH" >&5
-$as_echo "$TEST_MINUS_S_SH" >&6; }
-else
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-fi
-
-
-# Extract the first word of "ksh", so it can be a program name with args.
-set dummy ksh; ac_word=$2
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
-$as_echo_n "checking for $ac_word... " >&6; }
-if ${ac_cv_path_TEST_MINUS_S_SH+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  case $TEST_MINUS_S_SH in
-  [\\/]* | ?:[\\/]*)
-  ac_cv_path_TEST_MINUS_S_SH="$TEST_MINUS_S_SH" # Let the user override the test with a path.
-  ;;
-  *)
-  as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH
-do
-  IFS=$as_save_IFS
-  test -z "$as_dir" && as_dir=.
-    for ac_exec_ext in '' $ac_executable_extensions; do
-  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
-    ac_cv_path_TEST_MINUS_S_SH="$as_dir/$ac_word$ac_exec_ext"
-    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
-    break 2
-  fi
-done
-  done
-IFS=$as_save_IFS
-
-  ;;
-esac
-fi
-TEST_MINUS_S_SH=$ac_cv_path_TEST_MINUS_S_SH
-if test -n "$TEST_MINUS_S_SH"; then
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $TEST_MINUS_S_SH" >&5
-$as_echo "$TEST_MINUS_S_SH" >&6; }
-else
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-fi
-
-
-# Extract the first word of "sh", so it can be a program name with args.
-set dummy sh; ac_word=$2
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
-$as_echo_n "checking for $ac_word... " >&6; }
-if ${ac_cv_path_TEST_MINUS_S_SH+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  case $TEST_MINUS_S_SH in
-  [\\/]* | ?:[\\/]*)
-  ac_cv_path_TEST_MINUS_S_SH="$TEST_MINUS_S_SH" # Let the user override the test with a path.
-  ;;
-  *)
-  as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH
-do
-  IFS=$as_save_IFS
-  test -z "$as_dir" && as_dir=.
-    for ac_exec_ext in '' $ac_executable_extensions; do
-  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
-    ac_cv_path_TEST_MINUS_S_SH="$as_dir/$ac_word$ac_exec_ext"
-    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
-    break 2
-  fi
-done
-  done
-IFS=$as_save_IFS
-
-  ;;
-esac
-fi
-TEST_MINUS_S_SH=$ac_cv_path_TEST_MINUS_S_SH
-if test -n "$TEST_MINUS_S_SH"; then
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $TEST_MINUS_S_SH" >&5
-$as_echo "$TEST_MINUS_S_SH" >&6; }
-else
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-fi
-
-
-# Extract the first word of "sh", so it can be a program name with args.
-set dummy sh; ac_word=$2
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
-$as_echo_n "checking for $ac_word... " >&6; }
-if ${ac_cv_path_SH+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  case $SH in
-  [\\/]* | ?:[\\/]*)
-  ac_cv_path_SH="$SH" # Let the user override the test with a path.
-  ;;
-  *)
-  as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH
-do
-  IFS=$as_save_IFS
-  test -z "$as_dir" && as_dir=.
-    for ac_exec_ext in '' $ac_executable_extensions; do
-  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
-    ac_cv_path_SH="$as_dir/$ac_word$ac_exec_ext"
-    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
-    break 2
-  fi
-done
-  done
-IFS=$as_save_IFS
-
-  ;;
-esac
-fi
-SH=$ac_cv_path_SH
-if test -n "$SH"; then
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $SH" >&5
-$as_echo "$SH" >&6; }
-else
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-fi
-
-
-# Extract the first word of "groff", so it can be a program name with args.
-set dummy groff; ac_word=$2
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
-$as_echo_n "checking for $ac_word... " >&6; }
-if ${ac_cv_path_GROFF+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  case $GROFF in
-  [\\/]* | ?:[\\/]*)
-  ac_cv_path_GROFF="$GROFF" # Let the user override the test with a path.
-  ;;
-  *)
-  as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH
-do
-  IFS=$as_save_IFS
-  test -z "$as_dir" && as_dir=.
-    for ac_exec_ext in '' $ac_executable_extensions; do
-  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
-    ac_cv_path_GROFF="$as_dir/$ac_word$ac_exec_ext"
-    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
-    break 2
-  fi
-done
-  done
-IFS=$as_save_IFS
-
-  ;;
-esac
-fi
-GROFF=$ac_cv_path_GROFF
-if test -n "$GROFF"; then
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $GROFF" >&5
-$as_echo "$GROFF" >&6; }
-else
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-fi
-
-
-# Extract the first word of "nroff", so it can be a program name with args.
-set dummy nroff; ac_word=$2
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
-$as_echo_n "checking for $ac_word... " >&6; }
-if ${ac_cv_path_NROFF+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  case $NROFF in
-  [\\/]* | ?:[\\/]*)
-  ac_cv_path_NROFF="$NROFF" # Let the user override the test with a path.
-  ;;
-  *)
-  as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH
-do
-  IFS=$as_save_IFS
-  test -z "$as_dir" && as_dir=.
-    for ac_exec_ext in '' $ac_executable_extensions; do
-  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
-    ac_cv_path_NROFF="$as_dir/$ac_word$ac_exec_ext"
-    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
-    break 2
-  fi
-done
-  done
-IFS=$as_save_IFS
-
-  ;;
-esac
-fi
-NROFF=$ac_cv_path_NROFF
-if test -n "$NROFF"; then
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $NROFF" >&5
-$as_echo "$NROFF" >&6; }
-else
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-fi
-
-
-# Extract the first word of "mandoc", so it can be a program name with args.
-set dummy mandoc; ac_word=$2
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
-$as_echo_n "checking for $ac_word... " >&6; }
-if ${ac_cv_path_MANDOC+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  case $MANDOC in
-  [\\/]* | ?:[\\/]*)
-  ac_cv_path_MANDOC="$MANDOC" # Let the user override the test with a path.
-  ;;
-  *)
-  as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH
-do
-  IFS=$as_save_IFS
-  test -z "$as_dir" && as_dir=.
-    for ac_exec_ext in '' $ac_executable_extensions; do
-  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
-    ac_cv_path_MANDOC="$as_dir/$ac_word$ac_exec_ext"
-    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
-    break 2
-  fi
-done
-  done
-IFS=$as_save_IFS
-
-  ;;
-esac
-fi
-MANDOC=$ac_cv_path_MANDOC
-if test -n "$MANDOC"; then
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $MANDOC" >&5
-$as_echo "$MANDOC" >&6; }
-else
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-fi
-
-
-TEST_SHELL=sh
-
-
-if test "x$MANDOC" != "x" ; then
-	MANFMT="$MANDOC"
-elif test "x$NROFF" != "x" ; then
-	MANFMT="$NROFF -mandoc"
-elif test "x$GROFF" != "x" ; then
-	MANFMT="$GROFF -mandoc -Tascii"
-else
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: no manpage formatted found" >&5
-$as_echo "$as_me: WARNING: no manpage formatted found" >&2;}
-	MANFMT="false"
-fi
-
-
-# Extract the first word of "groupadd", so it can be a program name with args.
-set dummy groupadd; ac_word=$2
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
-$as_echo_n "checking for $ac_word... " >&6; }
-if ${ac_cv_path_PATH_GROUPADD_PROG+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  case $PATH_GROUPADD_PROG in
-  [\\/]* | ?:[\\/]*)
-  ac_cv_path_PATH_GROUPADD_PROG="$PATH_GROUPADD_PROG" # Let the user override the test with a path.
-  ;;
-  *)
-  as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in /usr/sbin${PATH_SEPARATOR}/etc
-do
-  IFS=$as_save_IFS
-  test -z "$as_dir" && as_dir=.
-    for ac_exec_ext in '' $ac_executable_extensions; do
-  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
-    ac_cv_path_PATH_GROUPADD_PROG="$as_dir/$ac_word$ac_exec_ext"
-    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
-    break 2
-  fi
-done
-  done
-IFS=$as_save_IFS
-
-  test -z "$ac_cv_path_PATH_GROUPADD_PROG" && ac_cv_path_PATH_GROUPADD_PROG="groupadd"
-  ;;
-esac
-fi
-PATH_GROUPADD_PROG=$ac_cv_path_PATH_GROUPADD_PROG
-if test -n "$PATH_GROUPADD_PROG"; then
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $PATH_GROUPADD_PROG" >&5
-$as_echo "$PATH_GROUPADD_PROG" >&6; }
-else
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-fi
-
-
-# Extract the first word of "useradd", so it can be a program name with args.
-set dummy useradd; ac_word=$2
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
-$as_echo_n "checking for $ac_word... " >&6; }
-if ${ac_cv_path_PATH_USERADD_PROG+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  case $PATH_USERADD_PROG in
-  [\\/]* | ?:[\\/]*)
-  ac_cv_path_PATH_USERADD_PROG="$PATH_USERADD_PROG" # Let the user override the test with a path.
-  ;;
-  *)
-  as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in /usr/sbin${PATH_SEPARATOR}/etc
-do
-  IFS=$as_save_IFS
-  test -z "$as_dir" && as_dir=.
-    for ac_exec_ext in '' $ac_executable_extensions; do
-  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
-    ac_cv_path_PATH_USERADD_PROG="$as_dir/$ac_word$ac_exec_ext"
-    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
-    break 2
-  fi
-done
-  done
-IFS=$as_save_IFS
-
-  test -z "$ac_cv_path_PATH_USERADD_PROG" && ac_cv_path_PATH_USERADD_PROG="useradd"
-  ;;
-esac
-fi
-PATH_USERADD_PROG=$ac_cv_path_PATH_USERADD_PROG
-if test -n "$PATH_USERADD_PROG"; then
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $PATH_USERADD_PROG" >&5
-$as_echo "$PATH_USERADD_PROG" >&6; }
-else
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-fi
-
-
-# Extract the first word of "pkgmk", so it can be a program name with args.
-set dummy pkgmk; ac_word=$2
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
-$as_echo_n "checking for $ac_word... " >&6; }
-if ${ac_cv_prog_MAKE_PACKAGE_SUPPORTED+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  if test -n "$MAKE_PACKAGE_SUPPORTED"; then
-  ac_cv_prog_MAKE_PACKAGE_SUPPORTED="$MAKE_PACKAGE_SUPPORTED" # Let the user override the test.
-else
-as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH
-do
-  IFS=$as_save_IFS
-  test -z "$as_dir" && as_dir=.
-    for ac_exec_ext in '' $ac_executable_extensions; do
-  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
-    ac_cv_prog_MAKE_PACKAGE_SUPPORTED="yes"
-    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
-    break 2
-  fi
-done
-  done
-IFS=$as_save_IFS
-
-  test -z "$ac_cv_prog_MAKE_PACKAGE_SUPPORTED" && ac_cv_prog_MAKE_PACKAGE_SUPPORTED="no"
-fi
-fi
-MAKE_PACKAGE_SUPPORTED=$ac_cv_prog_MAKE_PACKAGE_SUPPORTED
-if test -n "$MAKE_PACKAGE_SUPPORTED"; then
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $MAKE_PACKAGE_SUPPORTED" >&5
-$as_echo "$MAKE_PACKAGE_SUPPORTED" >&6; }
-else
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-fi
-
-
-if test -x /sbin/sh; then
-	STARTUP_SCRIPT_SHELL=/sbin/sh
-
-else
-	STARTUP_SCRIPT_SHELL=/bin/sh
-
-fi
-
-# System features
-# Check whether --enable-largefile was given.
-if test "${enable_largefile+set}" = set; then :
-  enableval=$enable_largefile;
-fi
-
-if test "$enable_largefile" != no; then
-
-  { $as_echo "$as_me:${as_lineno-$LINENO}: checking for special C compiler options needed for large files" >&5
-$as_echo_n "checking for special C compiler options needed for large files... " >&6; }
-if ${ac_cv_sys_largefile_CC+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_cv_sys_largefile_CC=no
-     if test "$GCC" != yes; then
-       ac_save_CC=$CC
-       while :; do
-	 # IRIX 6.2 and later do not support large files by default,
-	 # so use the C compiler's -n32 option if that helps.
-	 cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-#include <sys/types.h>
- /* Check that off_t can represent 2**63 - 1 correctly.
-    We can't simply define LARGE_OFF_T to be 9223372036854775807,
-    since some C++ compilers masquerading as C compilers
-    incorrectly reject 9223372036854775807.  */
-#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62))
-  int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721
-		       && LARGE_OFF_T % 2147483647 == 1)
-		      ? 1 : -1];
-int
-main ()
-{
-
-  ;
-  return 0;
-}
-_ACEOF
-	 if ac_fn_c_try_compile "$LINENO"; then :
-  break
-fi
-rm -f core conftest.err conftest.$ac_objext
-	 CC="$CC -n32"
-	 if ac_fn_c_try_compile "$LINENO"; then :
-  ac_cv_sys_largefile_CC=' -n32'; break
-fi
-rm -f core conftest.err conftest.$ac_objext
-	 break
-       done
-       CC=$ac_save_CC
-       rm -f conftest.$ac_ext
-    fi
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_sys_largefile_CC" >&5
-$as_echo "$ac_cv_sys_largefile_CC" >&6; }
-  if test "$ac_cv_sys_largefile_CC" != no; then
-    CC=$CC$ac_cv_sys_largefile_CC
-  fi
-
-  { $as_echo "$as_me:${as_lineno-$LINENO}: checking for _FILE_OFFSET_BITS value needed for large files" >&5
-$as_echo_n "checking for _FILE_OFFSET_BITS value needed for large files... " >&6; }
-if ${ac_cv_sys_file_offset_bits+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  while :; do
-  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-#include <sys/types.h>
- /* Check that off_t can represent 2**63 - 1 correctly.
-    We can't simply define LARGE_OFF_T to be 9223372036854775807,
-    since some C++ compilers masquerading as C compilers
-    incorrectly reject 9223372036854775807.  */
-#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62))
-  int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721
-		       && LARGE_OFF_T % 2147483647 == 1)
-		      ? 1 : -1];
-int
-main ()
-{
-
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-  ac_cv_sys_file_offset_bits=no; break
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-#define _FILE_OFFSET_BITS 64
-#include <sys/types.h>
- /* Check that off_t can represent 2**63 - 1 correctly.
-    We can't simply define LARGE_OFF_T to be 9223372036854775807,
-    since some C++ compilers masquerading as C compilers
-    incorrectly reject 9223372036854775807.  */
-#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62))
-  int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721
-		       && LARGE_OFF_T % 2147483647 == 1)
-		      ? 1 : -1];
-int
-main ()
-{
-
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-  ac_cv_sys_file_offset_bits=64; break
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-  ac_cv_sys_file_offset_bits=unknown
-  break
-done
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_sys_file_offset_bits" >&5
-$as_echo "$ac_cv_sys_file_offset_bits" >&6; }
-case $ac_cv_sys_file_offset_bits in #(
-  no | unknown) ;;
-  *)
-cat >>confdefs.h <<_ACEOF
-#define _FILE_OFFSET_BITS $ac_cv_sys_file_offset_bits
-_ACEOF
-;;
-esac
-rm -rf conftest*
-  if test $ac_cv_sys_file_offset_bits = unknown; then
-    { $as_echo "$as_me:${as_lineno-$LINENO}: checking for _LARGE_FILES value needed for large files" >&5
-$as_echo_n "checking for _LARGE_FILES value needed for large files... " >&6; }
-if ${ac_cv_sys_large_files+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  while :; do
-  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-#include <sys/types.h>
- /* Check that off_t can represent 2**63 - 1 correctly.
-    We can't simply define LARGE_OFF_T to be 9223372036854775807,
-    since some C++ compilers masquerading as C compilers
-    incorrectly reject 9223372036854775807.  */
-#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62))
-  int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721
-		       && LARGE_OFF_T % 2147483647 == 1)
-		      ? 1 : -1];
-int
-main ()
-{
-
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-  ac_cv_sys_large_files=no; break
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-#define _LARGE_FILES 1
-#include <sys/types.h>
- /* Check that off_t can represent 2**63 - 1 correctly.
-    We can't simply define LARGE_OFF_T to be 9223372036854775807,
-    since some C++ compilers masquerading as C compilers
-    incorrectly reject 9223372036854775807.  */
-#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62))
-  int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721
-		       && LARGE_OFF_T % 2147483647 == 1)
-		      ? 1 : -1];
-int
-main ()
-{
-
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-  ac_cv_sys_large_files=1; break
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-  ac_cv_sys_large_files=unknown
-  break
-done
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_sys_large_files" >&5
-$as_echo "$ac_cv_sys_large_files" >&6; }
-case $ac_cv_sys_large_files in #(
-  no | unknown) ;;
-  *)
-cat >>confdefs.h <<_ACEOF
-#define _LARGE_FILES $ac_cv_sys_large_files
-_ACEOF
-;;
-esac
-rm -rf conftest*
-  fi
-
-
-fi
-
-
-if test -z "$AR" ; then
-	as_fn_error $? "*** 'ar' missing, please install or fix your \$PATH ***" "$LINENO" 5
-fi
-
-# Use LOGIN_PROGRAM from environment if possible
-if test ! -z "$LOGIN_PROGRAM" ; then
-
-cat >>confdefs.h <<_ACEOF
-#define LOGIN_PROGRAM_FALLBACK "$LOGIN_PROGRAM"
-_ACEOF
-
-else
-	# Search for login
-	# Extract the first word of "login", so it can be a program name with args.
-set dummy login; ac_word=$2
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
-$as_echo_n "checking for $ac_word... " >&6; }
-if ${ac_cv_path_LOGIN_PROGRAM_FALLBACK+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  case $LOGIN_PROGRAM_FALLBACK in
-  [\\/]* | ?:[\\/]*)
-  ac_cv_path_LOGIN_PROGRAM_FALLBACK="$LOGIN_PROGRAM_FALLBACK" # Let the user override the test with a path.
-  ;;
-  *)
-  as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH
-do
-  IFS=$as_save_IFS
-  test -z "$as_dir" && as_dir=.
-    for ac_exec_ext in '' $ac_executable_extensions; do
-  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
-    ac_cv_path_LOGIN_PROGRAM_FALLBACK="$as_dir/$ac_word$ac_exec_ext"
-    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
-    break 2
-  fi
-done
-  done
-IFS=$as_save_IFS
-
-  ;;
-esac
-fi
-LOGIN_PROGRAM_FALLBACK=$ac_cv_path_LOGIN_PROGRAM_FALLBACK
-if test -n "$LOGIN_PROGRAM_FALLBACK"; then
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $LOGIN_PROGRAM_FALLBACK" >&5
-$as_echo "$LOGIN_PROGRAM_FALLBACK" >&6; }
-else
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-fi
-
-
-	if test ! -z "$LOGIN_PROGRAM_FALLBACK" ; then
-		cat >>confdefs.h <<_ACEOF
-#define LOGIN_PROGRAM_FALLBACK "$LOGIN_PROGRAM_FALLBACK"
-_ACEOF
-
-	fi
-fi
-
-# Extract the first word of "passwd", so it can be a program name with args.
-set dummy passwd; ac_word=$2
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
-$as_echo_n "checking for $ac_word... " >&6; }
-if ${ac_cv_path_PATH_PASSWD_PROG+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  case $PATH_PASSWD_PROG in
-  [\\/]* | ?:[\\/]*)
-  ac_cv_path_PATH_PASSWD_PROG="$PATH_PASSWD_PROG" # Let the user override the test with a path.
-  ;;
-  *)
-  as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH
-do
-  IFS=$as_save_IFS
-  test -z "$as_dir" && as_dir=.
-    for ac_exec_ext in '' $ac_executable_extensions; do
-  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
-    ac_cv_path_PATH_PASSWD_PROG="$as_dir/$ac_word$ac_exec_ext"
-    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
-    break 2
-  fi
-done
-  done
-IFS=$as_save_IFS
-
-  ;;
-esac
-fi
-PATH_PASSWD_PROG=$ac_cv_path_PATH_PASSWD_PROG
-if test -n "$PATH_PASSWD_PROG"; then
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $PATH_PASSWD_PROG" >&5
-$as_echo "$PATH_PASSWD_PROG" >&6; }
-else
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-fi
-
-
-if test ! -z "$PATH_PASSWD_PROG" ; then
-
-cat >>confdefs.h <<_ACEOF
-#define _PATH_PASSWD_PROG "$PATH_PASSWD_PROG"
-_ACEOF
-
-fi
-
-if test -z "$LD" ; then
-	LD=$CC
-fi
-
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for inline" >&5
-$as_echo_n "checking for inline... " >&6; }
-if ${ac_cv_c_inline+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_cv_c_inline=no
-for ac_kw in inline __inline__ __inline; do
-  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-#ifndef __cplusplus
-typedef int foo_t;
-static $ac_kw foo_t static_foo () {return 0; }
-$ac_kw foo_t foo () {return 0; }
-#endif
-
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-  ac_cv_c_inline=$ac_kw
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-  test "$ac_cv_c_inline" != no && break
-done
-
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_c_inline" >&5
-$as_echo "$ac_cv_c_inline" >&6; }
-
-case $ac_cv_c_inline in
-  inline | yes) ;;
-  *)
-    case $ac_cv_c_inline in
-      no) ac_val=;;
-      *) ac_val=$ac_cv_c_inline;;
-    esac
-    cat >>confdefs.h <<_ACEOF
-#ifndef __cplusplus
-#define inline $ac_val
-#endif
-_ACEOF
-    ;;
-esac
-
-
-ac_fn_c_check_decl "$LINENO" "LLONG_MAX" "ac_cv_have_decl_LLONG_MAX" "#include <limits.h>
-"
-if test "x$ac_cv_have_decl_LLONG_MAX" = xyes; then :
-  have_llong_max=1
-fi
-
-ac_fn_c_check_decl "$LINENO" "SYSTR_POLICY_KILL" "ac_cv_have_decl_SYSTR_POLICY_KILL" "
-	#include <sys/types.h>
-	#include <sys/param.h>
-	#include <dev/systrace.h>
-
-"
-if test "x$ac_cv_have_decl_SYSTR_POLICY_KILL" = xyes; then :
-  have_systr_policy_kill=1
-fi
-
-ac_fn_c_check_decl "$LINENO" "RLIMIT_NPROC" "ac_cv_have_decl_RLIMIT_NPROC" "
-	#include <sys/types.h>
-	#include <sys/resource.h>
-
-"
-if test "x$ac_cv_have_decl_RLIMIT_NPROC" = xyes; then :
-
-$as_echo "#define HAVE_RLIMIT_NPROC /**/" >>confdefs.h
-
-fi
-
-ac_fn_c_check_decl "$LINENO" "PR_SET_NO_NEW_PRIVS" "ac_cv_have_decl_PR_SET_NO_NEW_PRIVS" "
-	#include <sys/types.h>
-	#include <linux/prctl.h>
-
-"
-if test "x$ac_cv_have_decl_PR_SET_NO_NEW_PRIVS" = xyes; then :
-  have_linux_no_new_privs=1
-fi
-
-
-openssl=yes
-ssh1=yes
-
-# Check whether --with-openssl was given.
-if test "${with_openssl+set}" = set; then :
-  withval=$with_openssl;   if test "x$withval" = "xno" ; then
-		openssl=no
-		ssh1=no
-	   fi
-
-
-fi
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether OpenSSL will be used for cryptography" >&5
-$as_echo_n "checking whether OpenSSL will be used for cryptography... " >&6; }
-if test "x$openssl" = "xyes" ; then
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-
-cat >>confdefs.h <<_ACEOF
-#define WITH_OPENSSL 1
-_ACEOF
-
-else
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-fi
-
-
-# Check whether --with-ssh1 was given.
-if test "${with_ssh1+set}" = set; then :
-  withval=$with_ssh1;
-		if test "x$withval" = "xyes" ; then
-			if test "x$openssl" = "xno" ; then
-				as_fn_error $? "Cannot enable SSH protocol 1 with OpenSSL disabled" "$LINENO" 5
-			fi
-			ssh1=yes
-		elif test "x$withval" = "xno" ; then
-			ssh1=no
-		else
-			as_fn_error $? "unknown --with-ssh1 argument" "$LINENO" 5
-		fi
-
-
-fi
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether SSH protocol 1 support is enabled" >&5
-$as_echo_n "checking whether SSH protocol 1 support is enabled... " >&6; }
-if test "x$ssh1" = "xyes" ; then
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-
-cat >>confdefs.h <<_ACEOF
-#define WITH_SSH1 1
-_ACEOF
-
-else
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-fi
-
-use_stack_protector=1
-use_toolchain_hardening=1
-
-# Check whether --with-stackprotect was given.
-if test "${with_stackprotect+set}" = set; then :
-  withval=$with_stackprotect;
-    if test "x$withval" = "xno"; then
-	use_stack_protector=0
-    fi
-fi
-
-
-# Check whether --with-hardening was given.
-if test "${with_hardening+set}" = set; then :
-  withval=$with_hardening;
-    if test "x$withval" = "xno"; then
-	use_toolchain_hardening=0
-    fi
-fi
-
-
-# We use -Werror for the tests only so that we catch warnings like "this is
-# on by default" for things like -fPIE.
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if $CC supports -Werror" >&5
-$as_echo_n "checking if $CC supports -Werror... " >&6; }
-saved_CFLAGS="$CFLAGS"
-CFLAGS="$CFLAGS -Werror"
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-int main(void) { return 0; }
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-   { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-	  WERROR="-Werror"
-else
-   { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-	  WERROR=""
-
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-CFLAGS="$saved_CFLAGS"
-
-if test "$GCC" = "yes" || test "$GCC" = "egcs"; then
-	{
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if $CC supports compile flag -Qunused-arguments" >&5
-$as_echo_n "checking if $CC supports compile flag -Qunused-arguments... " >&6; }
-	saved_CFLAGS="$CFLAGS"
-	CFLAGS="$CFLAGS $WERROR -Qunused-arguments"
-	_define_flag=""
-	test "x$_define_flag" = "x" && _define_flag="-Qunused-arguments"
-	cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-#include <stdlib.h>
-#include <stdio.h>
-int main(int argc, char **argv) {
-	/* Some math to catch -ftrapv problems in the toolchain */
-	int i = 123 * argc, j = 456 + argc, k = 789 - argc;
-	float l = i * 2.1;
-	double m = l / 0.5;
-	long long int n = argc * 12345LL, o = 12345LL * (long long int)argc;
-	printf("%d %d %d %f %f %lld %lld\n", i, j, k, l, m, n, o);
-	exit(0);
-}
-
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-
-if `grep -i "unrecognized option" conftest.err >/dev/null`
-then
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-		CFLAGS="$saved_CFLAGS"
-else
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-		 CFLAGS="$saved_CFLAGS $_define_flag"
-fi
-else
-   { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-		  CFLAGS="$saved_CFLAGS"
-
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-}
-	{
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if $CC supports compile flag -Wunknown-warning-option" >&5
-$as_echo_n "checking if $CC supports compile flag -Wunknown-warning-option... " >&6; }
-	saved_CFLAGS="$CFLAGS"
-	CFLAGS="$CFLAGS $WERROR -Wunknown-warning-option"
-	_define_flag=""
-	test "x$_define_flag" = "x" && _define_flag="-Wunknown-warning-option"
-	cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-#include <stdlib.h>
-#include <stdio.h>
-int main(int argc, char **argv) {
-	/* Some math to catch -ftrapv problems in the toolchain */
-	int i = 123 * argc, j = 456 + argc, k = 789 - argc;
-	float l = i * 2.1;
-	double m = l / 0.5;
-	long long int n = argc * 12345LL, o = 12345LL * (long long int)argc;
-	printf("%d %d %d %f %f %lld %lld\n", i, j, k, l, m, n, o);
-	exit(0);
-}
-
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-
-if `grep -i "unrecognized option" conftest.err >/dev/null`
-then
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-		CFLAGS="$saved_CFLAGS"
-else
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-		 CFLAGS="$saved_CFLAGS $_define_flag"
-fi
-else
-   { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-		  CFLAGS="$saved_CFLAGS"
-
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-}
-	{
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if $CC supports compile flag -Wall" >&5
-$as_echo_n "checking if $CC supports compile flag -Wall... " >&6; }
-	saved_CFLAGS="$CFLAGS"
-	CFLAGS="$CFLAGS $WERROR -Wall"
-	_define_flag=""
-	test "x$_define_flag" = "x" && _define_flag="-Wall"
-	cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-#include <stdlib.h>
-#include <stdio.h>
-int main(int argc, char **argv) {
-	/* Some math to catch -ftrapv problems in the toolchain */
-	int i = 123 * argc, j = 456 + argc, k = 789 - argc;
-	float l = i * 2.1;
-	double m = l / 0.5;
-	long long int n = argc * 12345LL, o = 12345LL * (long long int)argc;
-	printf("%d %d %d %f %f %lld %lld\n", i, j, k, l, m, n, o);
-	exit(0);
-}
-
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-
-if `grep -i "unrecognized option" conftest.err >/dev/null`
-then
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-		CFLAGS="$saved_CFLAGS"
-else
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-		 CFLAGS="$saved_CFLAGS $_define_flag"
-fi
-else
-   { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-		  CFLAGS="$saved_CFLAGS"
-
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-}
-	{
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if $CC supports compile flag -Wpointer-arith" >&5
-$as_echo_n "checking if $CC supports compile flag -Wpointer-arith... " >&6; }
-	saved_CFLAGS="$CFLAGS"
-	CFLAGS="$CFLAGS $WERROR -Wpointer-arith"
-	_define_flag=""
-	test "x$_define_flag" = "x" && _define_flag="-Wpointer-arith"
-	cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-#include <stdlib.h>
-#include <stdio.h>
-int main(int argc, char **argv) {
-	/* Some math to catch -ftrapv problems in the toolchain */
-	int i = 123 * argc, j = 456 + argc, k = 789 - argc;
-	float l = i * 2.1;
-	double m = l / 0.5;
-	long long int n = argc * 12345LL, o = 12345LL * (long long int)argc;
-	printf("%d %d %d %f %f %lld %lld\n", i, j, k, l, m, n, o);
-	exit(0);
-}
-
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-
-if `grep -i "unrecognized option" conftest.err >/dev/null`
-then
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-		CFLAGS="$saved_CFLAGS"
-else
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-		 CFLAGS="$saved_CFLAGS $_define_flag"
-fi
-else
-   { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-		  CFLAGS="$saved_CFLAGS"
-
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-}
-	{
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if $CC supports compile flag -Wuninitialized" >&5
-$as_echo_n "checking if $CC supports compile flag -Wuninitialized... " >&6; }
-	saved_CFLAGS="$CFLAGS"
-	CFLAGS="$CFLAGS $WERROR -Wuninitialized"
-	_define_flag=""
-	test "x$_define_flag" = "x" && _define_flag="-Wuninitialized"
-	cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-#include <stdlib.h>
-#include <stdio.h>
-int main(int argc, char **argv) {
-	/* Some math to catch -ftrapv problems in the toolchain */
-	int i = 123 * argc, j = 456 + argc, k = 789 - argc;
-	float l = i * 2.1;
-	double m = l / 0.5;
-	long long int n = argc * 12345LL, o = 12345LL * (long long int)argc;
-	printf("%d %d %d %f %f %lld %lld\n", i, j, k, l, m, n, o);
-	exit(0);
-}
-
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-
-if `grep -i "unrecognized option" conftest.err >/dev/null`
-then
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-		CFLAGS="$saved_CFLAGS"
-else
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-		 CFLAGS="$saved_CFLAGS $_define_flag"
-fi
-else
-   { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-		  CFLAGS="$saved_CFLAGS"
-
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-}
-	{
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if $CC supports compile flag -Wsign-compare" >&5
-$as_echo_n "checking if $CC supports compile flag -Wsign-compare... " >&6; }
-	saved_CFLAGS="$CFLAGS"
-	CFLAGS="$CFLAGS $WERROR -Wsign-compare"
-	_define_flag=""
-	test "x$_define_flag" = "x" && _define_flag="-Wsign-compare"
-	cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-#include <stdlib.h>
-#include <stdio.h>
-int main(int argc, char **argv) {
-	/* Some math to catch -ftrapv problems in the toolchain */
-	int i = 123 * argc, j = 456 + argc, k = 789 - argc;
-	float l = i * 2.1;
-	double m = l / 0.5;
-	long long int n = argc * 12345LL, o = 12345LL * (long long int)argc;
-	printf("%d %d %d %f %f %lld %lld\n", i, j, k, l, m, n, o);
-	exit(0);
-}
-
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-
-if `grep -i "unrecognized option" conftest.err >/dev/null`
-then
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-		CFLAGS="$saved_CFLAGS"
-else
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-		 CFLAGS="$saved_CFLAGS $_define_flag"
-fi
-else
-   { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-		  CFLAGS="$saved_CFLAGS"
-
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-}
-	{
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if $CC supports compile flag -Wformat-security" >&5
-$as_echo_n "checking if $CC supports compile flag -Wformat-security... " >&6; }
-	saved_CFLAGS="$CFLAGS"
-	CFLAGS="$CFLAGS $WERROR -Wformat-security"
-	_define_flag=""
-	test "x$_define_flag" = "x" && _define_flag="-Wformat-security"
-	cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-#include <stdlib.h>
-#include <stdio.h>
-int main(int argc, char **argv) {
-	/* Some math to catch -ftrapv problems in the toolchain */
-	int i = 123 * argc, j = 456 + argc, k = 789 - argc;
-	float l = i * 2.1;
-	double m = l / 0.5;
-	long long int n = argc * 12345LL, o = 12345LL * (long long int)argc;
-	printf("%d %d %d %f %f %lld %lld\n", i, j, k, l, m, n, o);
-	exit(0);
-}
-
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-
-if `grep -i "unrecognized option" conftest.err >/dev/null`
-then
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-		CFLAGS="$saved_CFLAGS"
-else
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-		 CFLAGS="$saved_CFLAGS $_define_flag"
-fi
-else
-   { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-		  CFLAGS="$saved_CFLAGS"
-
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-}
-	{
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if $CC supports compile flag -Wsizeof-pointer-memaccess" >&5
-$as_echo_n "checking if $CC supports compile flag -Wsizeof-pointer-memaccess... " >&6; }
-	saved_CFLAGS="$CFLAGS"
-	CFLAGS="$CFLAGS $WERROR -Wsizeof-pointer-memaccess"
-	_define_flag=""
-	test "x$_define_flag" = "x" && _define_flag="-Wsizeof-pointer-memaccess"
-	cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-#include <stdlib.h>
-#include <stdio.h>
-int main(int argc, char **argv) {
-	/* Some math to catch -ftrapv problems in the toolchain */
-	int i = 123 * argc, j = 456 + argc, k = 789 - argc;
-	float l = i * 2.1;
-	double m = l / 0.5;
-	long long int n = argc * 12345LL, o = 12345LL * (long long int)argc;
-	printf("%d %d %d %f %f %lld %lld\n", i, j, k, l, m, n, o);
-	exit(0);
-}
-
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-
-if `grep -i "unrecognized option" conftest.err >/dev/null`
-then
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-		CFLAGS="$saved_CFLAGS"
-else
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-		 CFLAGS="$saved_CFLAGS $_define_flag"
-fi
-else
-   { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-		  CFLAGS="$saved_CFLAGS"
-
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-}
-	{
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if $CC supports compile flag -Wpointer-sign" >&5
-$as_echo_n "checking if $CC supports compile flag -Wpointer-sign... " >&6; }
-	saved_CFLAGS="$CFLAGS"
-	CFLAGS="$CFLAGS $WERROR -Wpointer-sign"
-	_define_flag="-Wno-pointer-sign"
-	test "x$_define_flag" = "x" && _define_flag="-Wpointer-sign"
-	cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-#include <stdlib.h>
-#include <stdio.h>
-int main(int argc, char **argv) {
-	/* Some math to catch -ftrapv problems in the toolchain */
-	int i = 123 * argc, j = 456 + argc, k = 789 - argc;
-	float l = i * 2.1;
-	double m = l / 0.5;
-	long long int n = argc * 12345LL, o = 12345LL * (long long int)argc;
-	printf("%d %d %d %f %f %lld %lld\n", i, j, k, l, m, n, o);
-	exit(0);
-}
-
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-
-if `grep -i "unrecognized option" conftest.err >/dev/null`
-then
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-		CFLAGS="$saved_CFLAGS"
-else
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-		 CFLAGS="$saved_CFLAGS $_define_flag"
-fi
-else
-   { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-		  CFLAGS="$saved_CFLAGS"
-
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-}
-	{
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if $CC supports compile flag -Wunused-result" >&5
-$as_echo_n "checking if $CC supports compile flag -Wunused-result... " >&6; }
-	saved_CFLAGS="$CFLAGS"
-	CFLAGS="$CFLAGS $WERROR -Wunused-result"
-	_define_flag="-Wno-unused-result"
-	test "x$_define_flag" = "x" && _define_flag="-Wunused-result"
-	cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-#include <stdlib.h>
-#include <stdio.h>
-int main(int argc, char **argv) {
-	/* Some math to catch -ftrapv problems in the toolchain */
-	int i = 123 * argc, j = 456 + argc, k = 789 - argc;
-	float l = i * 2.1;
-	double m = l / 0.5;
-	long long int n = argc * 12345LL, o = 12345LL * (long long int)argc;
-	printf("%d %d %d %f %f %lld %lld\n", i, j, k, l, m, n, o);
-	exit(0);
-}
-
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-
-if `grep -i "unrecognized option" conftest.err >/dev/null`
-then
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-		CFLAGS="$saved_CFLAGS"
-else
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-		 CFLAGS="$saved_CFLAGS $_define_flag"
-fi
-else
-   { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-		  CFLAGS="$saved_CFLAGS"
-
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-}
-	{
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if $CC supports compile flag -fno-strict-aliasing" >&5
-$as_echo_n "checking if $CC supports compile flag -fno-strict-aliasing... " >&6; }
-	saved_CFLAGS="$CFLAGS"
-	CFLAGS="$CFLAGS $WERROR -fno-strict-aliasing"
-	_define_flag=""
-	test "x$_define_flag" = "x" && _define_flag="-fno-strict-aliasing"
-	cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-#include <stdlib.h>
-#include <stdio.h>
-int main(int argc, char **argv) {
-	/* Some math to catch -ftrapv problems in the toolchain */
-	int i = 123 * argc, j = 456 + argc, k = 789 - argc;
-	float l = i * 2.1;
-	double m = l / 0.5;
-	long long int n = argc * 12345LL, o = 12345LL * (long long int)argc;
-	printf("%d %d %d %f %f %lld %lld\n", i, j, k, l, m, n, o);
-	exit(0);
-}
-
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-
-if `grep -i "unrecognized option" conftest.err >/dev/null`
-then
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-		CFLAGS="$saved_CFLAGS"
-else
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-		 CFLAGS="$saved_CFLAGS $_define_flag"
-fi
-else
-   { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-		  CFLAGS="$saved_CFLAGS"
-
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-}
-	{
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if $CC supports compile flag -D_FORTIFY_SOURCE=2" >&5
-$as_echo_n "checking if $CC supports compile flag -D_FORTIFY_SOURCE=2... " >&6; }
-	saved_CFLAGS="$CFLAGS"
-	CFLAGS="$CFLAGS $WERROR -D_FORTIFY_SOURCE=2"
-	_define_flag=""
-	test "x$_define_flag" = "x" && _define_flag="-D_FORTIFY_SOURCE=2"
-	cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-#include <stdlib.h>
-#include <stdio.h>
-int main(int argc, char **argv) {
-	/* Some math to catch -ftrapv problems in the toolchain */
-	int i = 123 * argc, j = 456 + argc, k = 789 - argc;
-	float l = i * 2.1;
-	double m = l / 0.5;
-	long long int n = argc * 12345LL, o = 12345LL * (long long int)argc;
-	printf("%d %d %d %f %f %lld %lld\n", i, j, k, l, m, n, o);
-	exit(0);
-}
-
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-
-if `grep -i "unrecognized option" conftest.err >/dev/null`
-then
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-		CFLAGS="$saved_CFLAGS"
-else
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-		 CFLAGS="$saved_CFLAGS $_define_flag"
-fi
-else
-   { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-		  CFLAGS="$saved_CFLAGS"
-
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-}
-    if test "x$use_toolchain_hardening" = "x1"; then
-	{
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if $LD supports link flag -Wl,-z,relro" >&5
-$as_echo_n "checking if $LD supports link flag -Wl,-z,relro... " >&6; }
-	saved_LDFLAGS="$LDFLAGS"
-	LDFLAGS="$LDFLAGS $WERROR -Wl,-z,relro"
-	_define_flag=""
-	test "x$_define_flag" = "x" && _define_flag="-Wl,-z,relro"
-	cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-#include <stdlib.h>
-#include <stdio.h>
-int main(int argc, char **argv) {
-	/* Some math to catch -ftrapv problems in the toolchain */
-	int i = 123 * argc, j = 456 + argc, k = 789 - argc;
-	float l = i * 2.1;
-	double m = l / 0.5;
-	long long int n = argc * 12345LL, o = 12345LL * (long long int)argc;
-	printf("%d %d %d %f %f %lld %lld\n", i, j, k, l, m, n, o);
-	exit(0);
-}
-
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
-   { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-		  LDFLAGS="$saved_LDFLAGS $_define_flag"
-else
-   { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-		  LDFLAGS="$saved_LDFLAGS"
-
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext conftest.$ac_ext
-}
-	{
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if $LD supports link flag -Wl,-z,now" >&5
-$as_echo_n "checking if $LD supports link flag -Wl,-z,now... " >&6; }
-	saved_LDFLAGS="$LDFLAGS"
-	LDFLAGS="$LDFLAGS $WERROR -Wl,-z,now"
-	_define_flag=""
-	test "x$_define_flag" = "x" && _define_flag="-Wl,-z,now"
-	cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-#include <stdlib.h>
-#include <stdio.h>
-int main(int argc, char **argv) {
-	/* Some math to catch -ftrapv problems in the toolchain */
-	int i = 123 * argc, j = 456 + argc, k = 789 - argc;
-	float l = i * 2.1;
-	double m = l / 0.5;
-	long long int n = argc * 12345LL, o = 12345LL * (long long int)argc;
-	printf("%d %d %d %f %f %lld %lld\n", i, j, k, l, m, n, o);
-	exit(0);
-}
-
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
-   { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-		  LDFLAGS="$saved_LDFLAGS $_define_flag"
-else
-   { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-		  LDFLAGS="$saved_LDFLAGS"
-
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext conftest.$ac_ext
-}
-	{
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if $LD supports link flag -Wl,-z,noexecstack" >&5
-$as_echo_n "checking if $LD supports link flag -Wl,-z,noexecstack... " >&6; }
-	saved_LDFLAGS="$LDFLAGS"
-	LDFLAGS="$LDFLAGS $WERROR -Wl,-z,noexecstack"
-	_define_flag=""
-	test "x$_define_flag" = "x" && _define_flag="-Wl,-z,noexecstack"
-	cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-#include <stdlib.h>
-#include <stdio.h>
-int main(int argc, char **argv) {
-	/* Some math to catch -ftrapv problems in the toolchain */
-	int i = 123 * argc, j = 456 + argc, k = 789 - argc;
-	float l = i * 2.1;
-	double m = l / 0.5;
-	long long int n = argc * 12345LL, o = 12345LL * (long long int)argc;
-	printf("%d %d %d %f %f %lld %lld\n", i, j, k, l, m, n, o);
-	exit(0);
-}
-
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
-   { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-		  LDFLAGS="$saved_LDFLAGS $_define_flag"
-else
-   { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-		  LDFLAGS="$saved_LDFLAGS"
-
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext conftest.$ac_ext
-}
-	# NB. -ftrapv expects certain support functions to be present in
-	# the compiler library (libgcc or similar) to detect integer operations
-	# that can overflow. We must check that the result of enabling it
-	# actually links. The test program compiled/linked includes a number
-	# of integer operations that should exercise this.
-	{
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if $CC supports compile flag -ftrapv and linking succeeds" >&5
-$as_echo_n "checking if $CC supports compile flag -ftrapv and linking succeeds... " >&6; }
-	saved_CFLAGS="$CFLAGS"
-	CFLAGS="$CFLAGS $WERROR -ftrapv"
-	_define_flag=""
-	test "x$_define_flag" = "x" && _define_flag="-ftrapv"
-	cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-#include <stdlib.h>
-#include <stdio.h>
-int main(int argc, char **argv) {
-	/* Some math to catch -ftrapv problems in the toolchain */
-	int i = 123 * argc, j = 456 + argc, k = 789 - argc;
-	float l = i * 2.1;
-	double m = l / 0.5;
-	long long int n = argc * 12345LL, o = 12345LL * (long long int)argc;
-	printf("%d %d %d %f %f %lld %lld\n", i, j, k, l, m, n, o);
-	exit(0);
-}
-
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
-
-if `grep -i "unrecognized option" conftest.err >/dev/null`
-then
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-		CFLAGS="$saved_CFLAGS"
-else
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-		 CFLAGS="$saved_CFLAGS $_define_flag"
-fi
-else
-   { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-		  CFLAGS="$saved_CFLAGS"
-
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext conftest.$ac_ext
-}
-    fi
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking gcc version" >&5
-$as_echo_n "checking gcc version... " >&6; }
-	GCC_VER=`$CC -v 2>&1 | $AWK '/gcc version /{print $3}'`
-	case $GCC_VER in
-		1.*) no_attrib_nonnull=1 ;;
-		2.8* | 2.9*)
-		     no_attrib_nonnull=1
-		     ;;
-		2.*) no_attrib_nonnull=1 ;;
-		*) ;;
-	esac
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $GCC_VER" >&5
-$as_echo "$GCC_VER" >&6; }
-
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if $CC accepts -fno-builtin-memset" >&5
-$as_echo_n "checking if $CC accepts -fno-builtin-memset... " >&6; }
-	saved_CFLAGS="$CFLAGS"
-	CFLAGS="$CFLAGS -fno-builtin-memset"
-	cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
- #include <string.h>
-int
-main ()
-{
- char b[10]; memset(b, 0, sizeof(b));
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
-   { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-else
-   { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-		  CFLAGS="$saved_CFLAGS"
-
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext conftest.$ac_ext
-
-	# -fstack-protector-all doesn't always work for some GCC versions
-	# and/or platforms, so we test if we can.  If it's not supported
-	# on a given platform gcc will emit a warning so we use -Werror.
-	if test "x$use_stack_protector" = "x1"; then
-	    for t in -fstack-protector-strong -fstack-protector-all \
-		    -fstack-protector; do
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if $CC supports $t" >&5
-$as_echo_n "checking if $CC supports $t... " >&6; }
-		saved_CFLAGS="$CFLAGS"
-		saved_LDFLAGS="$LDFLAGS"
-		CFLAGS="$CFLAGS $t -Werror"
-		LDFLAGS="$LDFLAGS $t -Werror"
-		cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
- #include <stdio.h>
-int
-main ()
-{
-
-	char x[256];
-	snprintf(x, sizeof(x), "XXX");
-
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
-   { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-		      CFLAGS="$saved_CFLAGS $t"
-		      LDFLAGS="$saved_LDFLAGS $t"
-		      { $as_echo "$as_me:${as_lineno-$LINENO}: checking if $t works" >&5
-$as_echo_n "checking if $t works... " >&6; }
-		      if test "$cross_compiling" = yes; then :
-   { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cross compiling: cannot test" >&5
-$as_echo "$as_me: WARNING: cross compiling: cannot test" >&2;}
-			  break
-
-else
-  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
- #include <stdio.h>
-int
-main ()
-{
-
-	char x[256];
-	snprintf(x, sizeof(x), "XXX");
-
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_run "$LINENO"; then :
-   { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-			  break
-else
-   { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-fi
-rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \
-  conftest.$ac_objext conftest.beam conftest.$ac_ext
-fi
-
-
-else
-   { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext conftest.$ac_ext
-		CFLAGS="$saved_CFLAGS"
-		LDFLAGS="$saved_LDFLAGS"
-	    done
-	fi
-
-	if test -z "$have_llong_max"; then
-		# retry LLONG_MAX with -std=gnu99, needed on some Linuxes
-		unset ac_cv_have_decl_LLONG_MAX
-		saved_CFLAGS="$CFLAGS"
-		CFLAGS="$CFLAGS -std=gnu99"
-		ac_fn_c_check_decl "$LINENO" "LLONG_MAX" "ac_cv_have_decl_LLONG_MAX" "#include <limits.h>
-
-"
-if test "x$ac_cv_have_decl_LLONG_MAX" = xyes; then :
-  have_llong_max=1
-else
-  CFLAGS="$saved_CFLAGS"
-fi
-
-	fi
-fi
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if compiler allows __attribute__ on return types" >&5
-$as_echo_n "checking if compiler allows __attribute__ on return types... " >&6; }
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-#include <stdlib.h>
-__attribute__((__unused__)) static void foo(void){return;}
-int
-main ()
-{
- exit(0);
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-   { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-else
-   { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-
-$as_echo "#define NO_ATTRIBUTE_ON_RETURN_TYPE 1" >>confdefs.h
-
-
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-
-if test "x$no_attrib_nonnull" != "x1" ; then
-
-$as_echo "#define HAVE_ATTRIBUTE__NONNULL__ 1" >>confdefs.h
-
-fi
-
-
-# Check whether --with-rpath was given.
-if test "${with_rpath+set}" = set; then :
-  withval=$with_rpath;
-		if test "x$withval" = "xno" ; then
-			need_dash_r=""
-		fi
-		if test "x$withval" = "xyes" ; then
-			need_dash_r=1
-		fi
-
-
-fi
-
-
-# Allow user to specify flags
-
-# Check whether --with-cflags was given.
-if test "${with_cflags+set}" = set; then :
-  withval=$with_cflags;
-		if test -n "$withval"  &&  test "x$withval" != "xno"  &&  \
-		    test "x${withval}" != "xyes"; then
-			CFLAGS="$CFLAGS $withval"
-		fi
-
-
-fi
-
-
-# Check whether --with-cppflags was given.
-if test "${with_cppflags+set}" = set; then :
-  withval=$with_cppflags;
-		if test -n "$withval"  &&  test "x$withval" != "xno"  &&  \
-		    test "x${withval}" != "xyes"; then
-			CPPFLAGS="$CPPFLAGS $withval"
-		fi
-
-
-fi
-
-
-# Check whether --with-ldflags was given.
-if test "${with_ldflags+set}" = set; then :
-  withval=$with_ldflags;
-		if test -n "$withval"  &&  test "x$withval" != "xno"  &&  \
-		    test "x${withval}" != "xyes"; then
-			LDFLAGS="$LDFLAGS $withval"
-		fi
-
-
-fi
-
-
-# Check whether --with-libs was given.
-if test "${with_libs+set}" = set; then :
-  withval=$with_libs;
-		if test -n "$withval"  &&  test "x$withval" != "xno"  &&  \
-		    test "x${withval}" != "xyes"; then
-			LIBS="$LIBS $withval"
-		fi
-
-
-fi
-
-
-# Check whether --with-Werror was given.
-if test "${with_Werror+set}" = set; then :
-  withval=$with_Werror;
-		if test -n "$withval"  &&  test "x$withval" != "xno"; then
-			werror_flags="-Werror"
-			if test "x${withval}" != "xyes"; then
-				werror_flags="$withval"
-			fi
-		fi
-
-
-fi
-
-
-for ac_header in  \
-	blf.h \
-	bstring.h \
-	crypt.h \
-	crypto/sha2.h \
-	dirent.h \
-	endian.h \
-	elf.h \
-	features.h \
-	fcntl.h \
-	floatingpoint.h \
-	getopt.h \
-	glob.h \
-	ia.h \
-	iaf.h \
-	inttypes.h \
-	limits.h \
-	locale.h \
-	login.h \
-	maillock.h \
-	ndir.h \
-	net/if_tun.h \
-	netdb.h \
-	netgroup.h \
-	pam/pam_appl.h \
-	paths.h \
-	poll.h \
-	pty.h \
-	readpassphrase.h \
-	rpc/types.h \
-	security/pam_appl.h \
-	sha2.h \
-	shadow.h \
-	stddef.h \
-	stdint.h \
-	string.h \
-	strings.h \
-	sys/audit.h \
-	sys/bitypes.h \
-	sys/bsdtty.h \
-	sys/cdefs.h \
-	sys/dir.h \
-	sys/mman.h \
-	sys/ndir.h \
-	sys/poll.h \
-	sys/prctl.h \
-	sys/pstat.h \
-	sys/select.h \
-	sys/stat.h \
-	sys/stream.h \
-	sys/stropts.h \
-	sys/strtio.h \
-	sys/statvfs.h \
-	sys/sysmacros.h \
-	sys/time.h \
-	sys/timers.h \
-	time.h \
-	tmpdir.h \
-	ttyent.h \
-	ucred.h \
-	unistd.h \
-	usersec.h \
-	util.h \
-	utime.h \
-	utmp.h \
-	utmpx.h \
-	vis.h \
-
-do :
-  as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh`
-ac_fn_c_check_header_mongrel "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default"
-if eval test \"x\$"$as_ac_Header"\" = x"yes"; then :
-  cat >>confdefs.h <<_ACEOF
-#define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1
-_ACEOF
-
-fi
-
-done
-
-
-# sys/capsicum.h requires sys/types.h
-for ac_header in sys/capsicum.h
-do :
-  ac_fn_c_check_header_compile "$LINENO" "sys/capsicum.h" "ac_cv_header_sys_capsicum_h" "
-#ifdef HAVE_SYS_TYPES_H
-# include <sys/types.h>
-#endif
-
-"
-if test "x$ac_cv_header_sys_capsicum_h" = xyes; then :
-  cat >>confdefs.h <<_ACEOF
-#define HAVE_SYS_CAPSICUM_H 1
-_ACEOF
-
-fi
-
-done
-
-
-# lastlog.h requires sys/time.h to be included first on Solaris
-for ac_header in lastlog.h
-do :
-  ac_fn_c_check_header_compile "$LINENO" "lastlog.h" "ac_cv_header_lastlog_h" "
-#ifdef HAVE_SYS_TIME_H
-# include <sys/time.h>
-#endif
-
-"
-if test "x$ac_cv_header_lastlog_h" = xyes; then :
-  cat >>confdefs.h <<_ACEOF
-#define HAVE_LASTLOG_H 1
-_ACEOF
-
-fi
-
-done
-
-
-# sys/ptms.h requires sys/stream.h to be included first on Solaris
-for ac_header in sys/ptms.h
-do :
-  ac_fn_c_check_header_compile "$LINENO" "sys/ptms.h" "ac_cv_header_sys_ptms_h" "
-#ifdef HAVE_SYS_STREAM_H
-# include <sys/stream.h>
-#endif
-
-"
-if test "x$ac_cv_header_sys_ptms_h" = xyes; then :
-  cat >>confdefs.h <<_ACEOF
-#define HAVE_SYS_PTMS_H 1
-_ACEOF
-
-fi
-
-done
-
-
-# login_cap.h requires sys/types.h on NetBSD
-for ac_header in login_cap.h
-do :
-  ac_fn_c_check_header_compile "$LINENO" "login_cap.h" "ac_cv_header_login_cap_h" "
-#include <sys/types.h>
-
-"
-if test "x$ac_cv_header_login_cap_h" = xyes; then :
-  cat >>confdefs.h <<_ACEOF
-#define HAVE_LOGIN_CAP_H 1
-_ACEOF
-
-fi
-
-done
-
-
-# older BSDs need sys/param.h before sys/mount.h
-for ac_header in sys/mount.h
-do :
-  ac_fn_c_check_header_compile "$LINENO" "sys/mount.h" "ac_cv_header_sys_mount_h" "
-#include <sys/param.h>
-
-"
-if test "x$ac_cv_header_sys_mount_h" = xyes; then :
-  cat >>confdefs.h <<_ACEOF
-#define HAVE_SYS_MOUNT_H 1
-_ACEOF
-
-fi
-
-done
-
-
-# Android requires sys/socket.h to be included before sys/un.h
-for ac_header in sys/un.h
-do :
-  ac_fn_c_check_header_compile "$LINENO" "sys/un.h" "ac_cv_header_sys_un_h" "
-#include <sys/types.h>
-#include <sys/socket.h>
-
-"
-if test "x$ac_cv_header_sys_un_h" = xyes; then :
-  cat >>confdefs.h <<_ACEOF
-#define HAVE_SYS_UN_H 1
-_ACEOF
-
-fi
-
-done
-
-
-# Messages for features tested for in target-specific section
-SIA_MSG="no"
-SPC_MSG="no"
-SP_MSG="no"
-
-# Check for some target-specific stuff
-case "$host" in
-*-*-aix*)
-	# Some versions of VAC won't allow macro redefinitions at
-	# -qlanglevel=ansi, and autoconf 2.60 sometimes insists on using that
-	# particularly with older versions of vac or xlc.
-	# It also throws errors about null macro argments, but these are
-	# not fatal.
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if compiler allows macro redefinitions" >&5
-$as_echo_n "checking if compiler allows macro redefinitions... " >&6; }
-	cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-#define testmacro foo
-#define testmacro bar
-int
-main ()
-{
- exit(0);
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-   { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-else
-   { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-	      CC="`echo $CC | sed 's/-qlanglvl\=ansi//g'`"
-	      LD="`echo $LD | sed 's/-qlanglvl\=ansi//g'`"
-	      CFLAGS="`echo $CFLAGS | sed 's/-qlanglvl\=ansi//g'`"
-	      CPPFLAGS="`echo $CPPFLAGS | sed 's/-qlanglvl\=ansi//g'`"
-
-
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking how to specify blibpath for linker ($LD)" >&5
-$as_echo_n "checking how to specify blibpath for linker ($LD)... " >&6; }
-	if (test -z "$blibpath"); then
-		blibpath="/usr/lib:/lib"
-	fi
-	saved_LDFLAGS="$LDFLAGS"
-	if test "$GCC" = "yes"; then
-		flags="-Wl,-blibpath: -Wl,-rpath, -blibpath:"
-	else
-		flags="-blibpath: -Wl,-blibpath: -Wl,-rpath,"
-	fi
-	for tryflags in $flags ;do
-		if (test -z "$blibflags"); then
-			LDFLAGS="$saved_LDFLAGS $tryflags$blibpath"
-			cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-int
-main ()
-{
-
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
-  blibflags=$tryflags
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext conftest.$ac_ext
-		fi
-	done
-	if (test -z "$blibflags"); then
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: not found" >&5
-$as_echo "not found" >&6; }
-		as_fn_error $? "*** must be able to specify blibpath on AIX - check config.log" "$LINENO" 5
-	else
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $blibflags" >&5
-$as_echo "$blibflags" >&6; }
-	fi
-	LDFLAGS="$saved_LDFLAGS"
-		ac_fn_c_check_func "$LINENO" "authenticate" "ac_cv_func_authenticate"
-if test "x$ac_cv_func_authenticate" = xyes; then :
-
-$as_echo "#define WITH_AIXAUTHENTICATE 1" >>confdefs.h
-
-else
-  { $as_echo "$as_me:${as_lineno-$LINENO}: checking for authenticate in -ls" >&5
-$as_echo_n "checking for authenticate in -ls... " >&6; }
-if ${ac_cv_lib_s_authenticate+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_check_lib_save_LIBS=$LIBS
-LIBS="-ls  $LIBS"
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char authenticate ();
-int
-main ()
-{
-return authenticate ();
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
-  ac_cv_lib_s_authenticate=yes
-else
-  ac_cv_lib_s_authenticate=no
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext conftest.$ac_ext
-LIBS=$ac_check_lib_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_s_authenticate" >&5
-$as_echo "$ac_cv_lib_s_authenticate" >&6; }
-if test "x$ac_cv_lib_s_authenticate" = xyes; then :
-   $as_echo "#define WITH_AIXAUTHENTICATE 1" >>confdefs.h
-
-				LIBS="$LIBS -ls"
-
-fi
-
-
-fi
-
-		ac_fn_c_check_decl "$LINENO" "authenticate" "ac_cv_have_decl_authenticate" "#include <usersec.h>
-"
-if test "x$ac_cv_have_decl_authenticate" = xyes; then :
-  ac_have_decl=1
-else
-  ac_have_decl=0
-fi
-
-cat >>confdefs.h <<_ACEOF
-#define HAVE_DECL_AUTHENTICATE $ac_have_decl
-_ACEOF
-ac_fn_c_check_decl "$LINENO" "loginrestrictions" "ac_cv_have_decl_loginrestrictions" "#include <usersec.h>
-"
-if test "x$ac_cv_have_decl_loginrestrictions" = xyes; then :
-  ac_have_decl=1
-else
-  ac_have_decl=0
-fi
-
-cat >>confdefs.h <<_ACEOF
-#define HAVE_DECL_LOGINRESTRICTIONS $ac_have_decl
-_ACEOF
-ac_fn_c_check_decl "$LINENO" "loginsuccess" "ac_cv_have_decl_loginsuccess" "#include <usersec.h>
-"
-if test "x$ac_cv_have_decl_loginsuccess" = xyes; then :
-  ac_have_decl=1
-else
-  ac_have_decl=0
-fi
-
-cat >>confdefs.h <<_ACEOF
-#define HAVE_DECL_LOGINSUCCESS $ac_have_decl
-_ACEOF
-ac_fn_c_check_decl "$LINENO" "passwdexpired" "ac_cv_have_decl_passwdexpired" "#include <usersec.h>
-"
-if test "x$ac_cv_have_decl_passwdexpired" = xyes; then :
-  ac_have_decl=1
-else
-  ac_have_decl=0
-fi
-
-cat >>confdefs.h <<_ACEOF
-#define HAVE_DECL_PASSWDEXPIRED $ac_have_decl
-_ACEOF
-ac_fn_c_check_decl "$LINENO" "setauthdb" "ac_cv_have_decl_setauthdb" "#include <usersec.h>
-"
-if test "x$ac_cv_have_decl_setauthdb" = xyes; then :
-  ac_have_decl=1
-else
-  ac_have_decl=0
-fi
-
-cat >>confdefs.h <<_ACEOF
-#define HAVE_DECL_SETAUTHDB $ac_have_decl
-_ACEOF
-
-		ac_fn_c_check_decl "$LINENO" "loginfailed" "ac_cv_have_decl_loginfailed" "#include <usersec.h>
-
-"
-if test "x$ac_cv_have_decl_loginfailed" = xyes; then :
-  ac_have_decl=1
-else
-  ac_have_decl=0
-fi
-
-cat >>confdefs.h <<_ACEOF
-#define HAVE_DECL_LOGINFAILED $ac_have_decl
-_ACEOF
-if test $ac_have_decl = 1; then :
-  { $as_echo "$as_me:${as_lineno-$LINENO}: checking if loginfailed takes 4 arguments" >&5
-$as_echo_n "checking if loginfailed takes 4 arguments... " >&6; }
-	    cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
- #include <usersec.h>
-int
-main ()
-{
- (void)loginfailed("user","host","tty",0);
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-
-$as_echo "#define AIX_LOGINFAILED_4ARG 1" >>confdefs.h
-
-else
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-fi
-
-	for ac_func in getgrset setauthdb
-do :
-  as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh`
-ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var"
-if eval test \"x\$"$as_ac_var"\" = x"yes"; then :
-  cat >>confdefs.h <<_ACEOF
-#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1
-_ACEOF
-
-fi
-done
-
-	ac_fn_c_check_decl "$LINENO" "F_CLOSEM" "ac_cv_have_decl_F_CLOSEM" " #include <limits.h>
-	      #include <fcntl.h>
-
-"
-if test "x$ac_cv_have_decl_F_CLOSEM" = xyes; then :
-
-$as_echo "#define HAVE_FCNTL_CLOSEM 1" >>confdefs.h
-
-fi
-
-	check_for_aix_broken_getaddrinfo=1
-
-$as_echo "#define BROKEN_REALPATH 1" >>confdefs.h
-
-
-$as_echo "#define SETEUID_BREAKS_SETUID 1" >>confdefs.h
-
-
-$as_echo "#define BROKEN_SETREUID 1" >>confdefs.h
-
-
-$as_echo "#define BROKEN_SETREGID 1" >>confdefs.h
-
-
-$as_echo "#define DISABLE_LASTLOG 1" >>confdefs.h
-
-
-$as_echo "#define LOGIN_NEEDS_UTMPX 1" >>confdefs.h
-
-
-$as_echo "#define SPT_TYPE SPT_REUSEARGV" >>confdefs.h
-
-
-$as_echo "#define SSHPAM_CHAUTHTOK_NEEDS_RUID 1" >>confdefs.h
-
-
-$as_echo "#define PTY_ZEROREAD 1" >>confdefs.h
-
-
-$as_echo "#define PLATFORM_SYS_DIR_UID 2" >>confdefs.h
-
-	;;
-*-*-android*)
-
-$as_echo "#define DISABLE_UTMP 1" >>confdefs.h
-
-
-$as_echo "#define DISABLE_WTMP 1" >>confdefs.h
-
-	;;
-*-*-cygwin*)
-	check_for_libcrypt_later=1
-	LIBS="$LIBS /usr/lib/textreadmode.o"
-
-$as_echo "#define HAVE_CYGWIN 1" >>confdefs.h
-
-
-$as_echo "#define USE_PIPES 1" >>confdefs.h
-
-
-$as_echo "#define DISABLE_SHADOW 1" >>confdefs.h
-
-
-$as_echo "#define NO_X11_UNIX_SOCKETS 1" >>confdefs.h
-
-
-$as_echo "#define NO_IPPORT_RESERVED_CONCEPT 1" >>confdefs.h
-
-
-$as_echo "#define DISABLE_FD_PASSING 1" >>confdefs.h
-
-
-$as_echo "#define SSH_IOBUFSZ 65535" >>confdefs.h
-
-
-$as_echo "#define FILESYSTEM_NO_BACKSLASH 1" >>confdefs.h
-
-	# Cygwin defines optargs, optargs as declspec(dllimport) for historical
-	# reasons which cause compile warnings, so we disable those warnings.
-	{
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if $CC supports compile flag -Wno-attributes" >&5
-$as_echo_n "checking if $CC supports compile flag -Wno-attributes... " >&6; }
-	saved_CFLAGS="$CFLAGS"
-	CFLAGS="$CFLAGS $WERROR -Wno-attributes"
-	_define_flag=""
-	test "x$_define_flag" = "x" && _define_flag="-Wno-attributes"
-	cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-#include <stdlib.h>
-#include <stdio.h>
-int main(int argc, char **argv) {
-	/* Some math to catch -ftrapv problems in the toolchain */
-	int i = 123 * argc, j = 456 + argc, k = 789 - argc;
-	float l = i * 2.1;
-	double m = l / 0.5;
-	long long int n = argc * 12345LL, o = 12345LL * (long long int)argc;
-	printf("%d %d %d %f %f %lld %lld\n", i, j, k, l, m, n, o);
-	exit(0);
-}
-
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-
-if `grep -i "unrecognized option" conftest.err >/dev/null`
-then
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-		CFLAGS="$saved_CFLAGS"
-else
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-		 CFLAGS="$saved_CFLAGS $_define_flag"
-fi
-else
-   { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-		  CFLAGS="$saved_CFLAGS"
-
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-}
-	;;
-*-*-dgux*)
-
-$as_echo "#define IP_TOS_IS_BROKEN 1" >>confdefs.h
-
-	$as_echo "#define SETEUID_BREAKS_SETUID 1" >>confdefs.h
-
-	$as_echo "#define BROKEN_SETREUID 1" >>confdefs.h
-
-	$as_echo "#define BROKEN_SETREGID 1" >>confdefs.h
-
-	;;
-*-*-darwin*)
-	use_pie=auto
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if we have working getaddrinfo" >&5
-$as_echo_n "checking if we have working getaddrinfo... " >&6; }
-	if test "$cross_compiling" = yes; then :
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: assume it is working" >&5
-$as_echo "assume it is working" >&6; }
-else
-  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
- #include <mach-o/dyld.h>
-main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16))
-		exit(0);
-	else
-		exit(1);
-}
-
-_ACEOF
-if ac_fn_c_try_run "$LINENO"; then :
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: working" >&5
-$as_echo "working" >&6; }
-else
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: buggy" >&5
-$as_echo "buggy" >&6; }
-
-$as_echo "#define BROKEN_GETADDRINFO 1" >>confdefs.h
-
-
-fi
-rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \
-  conftest.$ac_objext conftest.beam conftest.$ac_ext
-fi
-
-	$as_echo "#define SETEUID_BREAKS_SETUID 1" >>confdefs.h
-
-	$as_echo "#define BROKEN_SETREUID 1" >>confdefs.h
-
-	$as_echo "#define BROKEN_SETREGID 1" >>confdefs.h
-
-
-$as_echo "#define BROKEN_GLOB 1" >>confdefs.h
-
-
-cat >>confdefs.h <<_ACEOF
-#define BIND_8_COMPAT 1
-_ACEOF
-
-
-$as_echo "#define SSH_TUN_FREEBSD 1" >>confdefs.h
-
-
-$as_echo "#define SSH_TUN_COMPAT_AF 1" >>confdefs.h
-
-
-$as_echo "#define SSH_TUN_PREPEND_AF 1" >>confdefs.h
-
-
-	ac_fn_c_check_decl "$LINENO" "AU_IPv4" "ac_cv_have_decl_AU_IPv4" "$ac_includes_default"
-if test "x$ac_cv_have_decl_AU_IPv4" = xyes; then :
-
-else
-
-$as_echo "#define AU_IPv4 0" >>confdefs.h
-
-	    #include <bsm/audit.h>
-
-$as_echo "#define LASTLOG_WRITE_PUTUTXLINE 1" >>confdefs.h
-
-
-fi
-
-
-$as_echo "#define SPT_TYPE SPT_REUSEARGV" >>confdefs.h
-
-	for ac_func in sandbox_init
-do :
-  ac_fn_c_check_func "$LINENO" "sandbox_init" "ac_cv_func_sandbox_init"
-if test "x$ac_cv_func_sandbox_init" = xyes; then :
-  cat >>confdefs.h <<_ACEOF
-#define HAVE_SANDBOX_INIT 1
-_ACEOF
-
-fi
-done
-
-	for ac_header in sandbox.h
-do :
-  ac_fn_c_check_header_mongrel "$LINENO" "sandbox.h" "ac_cv_header_sandbox_h" "$ac_includes_default"
-if test "x$ac_cv_header_sandbox_h" = xyes; then :
-  cat >>confdefs.h <<_ACEOF
-#define HAVE_SANDBOX_H 1
-_ACEOF
-
-fi
-
-done
-
-	;;
-*-*-dragonfly*)
-	SSHDLIBS="$SSHDLIBS -lcrypt"
-	TEST_MALLOC_OPTIONS="AFGJPRX"
-	;;
-*-*-haiku*)
-    LIBS="$LIBS -lbsd "
-    { $as_echo "$as_me:${as_lineno-$LINENO}: checking for socket in -lnetwork" >&5
-$as_echo_n "checking for socket in -lnetwork... " >&6; }
-if ${ac_cv_lib_network_socket+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_check_lib_save_LIBS=$LIBS
-LIBS="-lnetwork  $LIBS"
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char socket ();
-int
-main ()
-{
-return socket ();
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
-  ac_cv_lib_network_socket=yes
-else
-  ac_cv_lib_network_socket=no
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext conftest.$ac_ext
-LIBS=$ac_check_lib_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_network_socket" >&5
-$as_echo "$ac_cv_lib_network_socket" >&6; }
-if test "x$ac_cv_lib_network_socket" = xyes; then :
-  cat >>confdefs.h <<_ACEOF
-#define HAVE_LIBNETWORK 1
-_ACEOF
-
-  LIBS="-lnetwork $LIBS"
-
-fi
-
-    $as_echo "#define HAVE_U_INT64_T 1" >>confdefs.h
-
-    MANTYPE=man
-    ;;
-*-*-hpux*)
-	# first we define all of the options common to all HP-UX releases
-	CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1"
-	IPADDR_IN_DISPLAY=yes
-	$as_echo "#define USE_PIPES 1" >>confdefs.h
-
-
-$as_echo "#define LOGIN_NO_ENDOPT 1" >>confdefs.h
-
-	$as_echo "#define LOGIN_NEEDS_UTMPX 1" >>confdefs.h
-
-
-$as_echo "#define LOCKED_PASSWD_STRING \"*\"" >>confdefs.h
-
-	$as_echo "#define SPT_TYPE SPT_PSTAT" >>confdefs.h
-
-
-$as_echo "#define PLATFORM_SYS_DIR_UID 2" >>confdefs.h
-
-	maildir="/var/mail"
-	LIBS="$LIBS -lsec"
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for t_error in -lxnet" >&5
-$as_echo_n "checking for t_error in -lxnet... " >&6; }
-if ${ac_cv_lib_xnet_t_error+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_check_lib_save_LIBS=$LIBS
-LIBS="-lxnet  $LIBS"
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char t_error ();
-int
-main ()
-{
-return t_error ();
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
-  ac_cv_lib_xnet_t_error=yes
-else
-  ac_cv_lib_xnet_t_error=no
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext conftest.$ac_ext
-LIBS=$ac_check_lib_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_xnet_t_error" >&5
-$as_echo "$ac_cv_lib_xnet_t_error" >&6; }
-if test "x$ac_cv_lib_xnet_t_error" = xyes; then :
-  cat >>confdefs.h <<_ACEOF
-#define HAVE_LIBXNET 1
-_ACEOF
-
-  LIBS="-lxnet $LIBS"
-
-else
-  as_fn_error $? "*** -lxnet needed on HP-UX - check config.log ***" "$LINENO" 5
-fi
-
-
-	# next, we define all of the options specific to major releases
-	case "$host" in
-	*-*-hpux10*)
-		if test -z "$GCC"; then
-			CFLAGS="$CFLAGS -Ae"
-		fi
-		;;
-	*-*-hpux11*)
-
-$as_echo "#define PAM_SUN_CODEBASE 1" >>confdefs.h
-
-
-$as_echo "#define DISABLE_UTMP 1" >>confdefs.h
-
-
-$as_echo "#define USE_BTMP 1" >>confdefs.h
-
-		check_for_hpux_broken_getaddrinfo=1
-		check_for_conflicting_getspnam=1
-		;;
-	esac
-
-	# lastly, we define options specific to minor releases
-	case "$host" in
-	*-*-hpux10.26)
-
-$as_echo "#define HAVE_SECUREWARE 1" >>confdefs.h
-
-		disable_ptmx_check=yes
-		LIBS="$LIBS -lsecpw"
-		;;
-	esac
-	;;
-*-*-irix5*)
-	PATH="$PATH:/usr/etc"
-
-$as_echo "#define BROKEN_INET_NTOA 1" >>confdefs.h
-
-	$as_echo "#define SETEUID_BREAKS_SETUID 1" >>confdefs.h
-
-	$as_echo "#define BROKEN_SETREUID 1" >>confdefs.h
-
-	$as_echo "#define BROKEN_SETREGID 1" >>confdefs.h
-
-
-$as_echo "#define WITH_ABBREV_NO_TTY 1" >>confdefs.h
-
-	$as_echo "#define LOCKED_PASSWD_STRING \"*LK*\"" >>confdefs.h
-
-	;;
-*-*-irix6*)
-	PATH="$PATH:/usr/etc"
-
-$as_echo "#define WITH_IRIX_ARRAY 1" >>confdefs.h
-
-
-$as_echo "#define WITH_IRIX_PROJECT 1" >>confdefs.h
-
-
-$as_echo "#define WITH_IRIX_AUDIT 1" >>confdefs.h
-
-	ac_fn_c_check_func "$LINENO" "jlimit_startjob" "ac_cv_func_jlimit_startjob"
-if test "x$ac_cv_func_jlimit_startjob" = xyes; then :
-
-$as_echo "#define WITH_IRIX_JOBS 1" >>confdefs.h
-
-fi
-
-	$as_echo "#define BROKEN_INET_NTOA 1" >>confdefs.h
-
-	$as_echo "#define SETEUID_BREAKS_SETUID 1" >>confdefs.h
-
-	$as_echo "#define BROKEN_SETREUID 1" >>confdefs.h
-
-	$as_echo "#define BROKEN_SETREGID 1" >>confdefs.h
-
-
-$as_echo "#define BROKEN_UPDWTMPX 1" >>confdefs.h
-
-	$as_echo "#define WITH_ABBREV_NO_TTY 1" >>confdefs.h
-
-	$as_echo "#define LOCKED_PASSWD_STRING \"*LK*\"" >>confdefs.h
-
-	;;
-*-*-k*bsd*-gnu | *-*-kopensolaris*-gnu)
-	check_for_libcrypt_later=1
-	$as_echo "#define PAM_TTY_KLUDGE 1" >>confdefs.h
-
-	$as_echo "#define LOCKED_PASSWD_PREFIX \"!\"" >>confdefs.h
-
-	$as_echo "#define SPT_TYPE SPT_REUSEARGV" >>confdefs.h
-
-
-$as_echo "#define _PATH_BTMP \"/var/log/btmp\"" >>confdefs.h
-
-
-$as_echo "#define USE_BTMP 1" >>confdefs.h
-
-	;;
-*-*-linux*)
-	no_dev_ptmx=1
-	use_pie=auto
-	check_for_libcrypt_later=1
-	check_for_openpty_ctty_bug=1
-
-$as_echo "#define PAM_TTY_KLUDGE 1" >>confdefs.h
-
-
-$as_echo "#define LOCKED_PASSWD_PREFIX \"!\"" >>confdefs.h
-
-	$as_echo "#define SPT_TYPE SPT_REUSEARGV" >>confdefs.h
-
-
-$as_echo "#define LINK_OPNOTSUPP_ERRNO EPERM" >>confdefs.h
-
-
-$as_echo "#define _PATH_BTMP \"/var/log/btmp\"" >>confdefs.h
-
-	$as_echo "#define USE_BTMP 1" >>confdefs.h
-
-
-$as_echo "#define LINUX_OOM_ADJUST 1" >>confdefs.h
-
-	inet6_default_4in6=yes
-	case `uname -r` in
-	1.*|2.0.*)
-
-$as_echo "#define BROKEN_CMSG_TYPE 1" >>confdefs.h
-
-		;;
-	esac
-	# tun(4) forwarding compat code
-	for ac_header in linux/if_tun.h
-do :
-  ac_fn_c_check_header_mongrel "$LINENO" "linux/if_tun.h" "ac_cv_header_linux_if_tun_h" "$ac_includes_default"
-if test "x$ac_cv_header_linux_if_tun_h" = xyes; then :
-  cat >>confdefs.h <<_ACEOF
-#define HAVE_LINUX_IF_TUN_H 1
-_ACEOF
-
-fi
-
-done
-
-	if test "x$ac_cv_header_linux_if_tun_h" = "xyes" ; then
-
-$as_echo "#define SSH_TUN_LINUX 1" >>confdefs.h
-
-
-$as_echo "#define SSH_TUN_COMPAT_AF 1" >>confdefs.h
-
-
-$as_echo "#define SSH_TUN_PREPEND_AF 1" >>confdefs.h
-
-	fi
-	for ac_header in linux/seccomp.h linux/filter.h linux/audit.h
-do :
-  as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh`
-ac_fn_c_check_header_compile "$LINENO" "$ac_header" "$as_ac_Header" "#include <linux/types.h>
-"
-if eval test \"x\$"$as_ac_Header"\" = x"yes"; then :
-  cat >>confdefs.h <<_ACEOF
-#define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1
-_ACEOF
-
-fi
-
-done
-
-	for ac_func in prctl
-do :
-  ac_fn_c_check_func "$LINENO" "prctl" "ac_cv_func_prctl"
-if test "x$ac_cv_func_prctl" = xyes; then :
-  cat >>confdefs.h <<_ACEOF
-#define HAVE_PRCTL 1
-_ACEOF
-
-fi
-done
-
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for seccomp architecture" >&5
-$as_echo_n "checking for seccomp architecture... " >&6; }
-	seccomp_audit_arch=
-	case "$host" in
-	x86_64-*)
-		seccomp_audit_arch=AUDIT_ARCH_X86_64
-		;;
-	i*86-*)
-		seccomp_audit_arch=AUDIT_ARCH_I386
-		;;
-	arm*-*)
-		seccomp_audit_arch=AUDIT_ARCH_ARM
-		;;
-	aarch64*-*)
-		seccomp_audit_arch=AUDIT_ARCH_AARCH64
-		;;
-	esac
-	if test "x$seccomp_audit_arch" != "x" ; then
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: \"$seccomp_audit_arch\"" >&5
-$as_echo "\"$seccomp_audit_arch\"" >&6; }
-
-cat >>confdefs.h <<_ACEOF
-#define SECCOMP_AUDIT_ARCH $seccomp_audit_arch
-_ACEOF
-
-	else
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: architecture not supported" >&5
-$as_echo "architecture not supported" >&6; }
-	fi
-	;;
-mips-sony-bsd|mips-sony-newsos4)
-
-$as_echo "#define NEED_SETPGRP 1" >>confdefs.h
-
-	SONY=1
-	;;
-*-*-netbsd*)
-	check_for_libcrypt_before=1
-	if test "x$withval" != "xno" ; then
-		need_dash_r=1
-	fi
-
-$as_echo "#define SSH_TUN_FREEBSD 1" >>confdefs.h
-
-	ac_fn_c_check_header_mongrel "$LINENO" "net/if_tap.h" "ac_cv_header_net_if_tap_h" "$ac_includes_default"
-if test "x$ac_cv_header_net_if_tap_h" = xyes; then :
-
-else
-
-$as_echo "#define SSH_TUN_NO_L2 1" >>confdefs.h
-
-fi
-
-
-
-$as_echo "#define SSH_TUN_PREPEND_AF 1" >>confdefs.h
-
-	TEST_MALLOC_OPTIONS="AJRX"
-
-$as_echo "#define BROKEN_STRNVIS 1" >>confdefs.h
-
-
-$as_echo "#define BROKEN_READ_COMPARISON 1" >>confdefs.h
-
-	;;
-*-*-freebsd*)
-	check_for_libcrypt_later=1
-
-$as_echo "#define LOCKED_PASSWD_PREFIX \"*LOCKED*\"" >>confdefs.h
-
-
-$as_echo "#define SSH_TUN_FREEBSD 1" >>confdefs.h
-
-	ac_fn_c_check_header_mongrel "$LINENO" "net/if_tap.h" "ac_cv_header_net_if_tap_h" "$ac_includes_default"
-if test "x$ac_cv_header_net_if_tap_h" = xyes; then :
-
-else
-
-$as_echo "#define SSH_TUN_NO_L2 1" >>confdefs.h
-
-fi
-
-
-
-$as_echo "#define BROKEN_GLOB 1" >>confdefs.h
-
-
-$as_echo "#define BROKEN_STRNVIS 1" >>confdefs.h
-
-	TEST_MALLOC_OPTIONS="AJRX"
-	# Preauth crypto occasionally uses file descriptors for crypto offload
-	# and will crash if they cannot be opened.
-
-$as_echo "#define SANDBOX_SKIP_RLIMIT_NOFILE 1" >>confdefs.h
-
-	;;
-*-*-bsdi*)
-	$as_echo "#define SETEUID_BREAKS_SETUID 1" >>confdefs.h
-
-	$as_echo "#define BROKEN_SETREUID 1" >>confdefs.h
-
-	$as_echo "#define BROKEN_SETREGID 1" >>confdefs.h
-
-	;;
-*-next-*)
-	conf_lastlog_location="/usr/adm/lastlog"
-	conf_utmp_location=/etc/utmp
-	conf_wtmp_location=/usr/adm/wtmp
-	maildir=/usr/spool/mail
-
-$as_echo "#define HAVE_NEXT 1" >>confdefs.h
-
-	$as_echo "#define BROKEN_REALPATH 1" >>confdefs.h
-
-	$as_echo "#define USE_PIPES 1" >>confdefs.h
-
-
-$as_echo "#define BROKEN_SAVED_UIDS 1" >>confdefs.h
-
-	;;
-*-*-openbsd*)
-	use_pie=auto
-
-$as_echo "#define HAVE_ATTRIBUTE__SENTINEL__ 1" >>confdefs.h
-
-
-$as_echo "#define HAVE_ATTRIBUTE__BOUNDED__ 1" >>confdefs.h
-
-
-$as_echo "#define SSH_TUN_OPENBSD 1" >>confdefs.h
-
-
-$as_echo "#define SYSLOG_R_SAFE_IN_SIGHAND 1" >>confdefs.h
-
-	TEST_MALLOC_OPTIONS="AFGJPRX"
-	;;
-*-*-solaris*)
-	if test "x$withval" != "xno" ; then
-		need_dash_r=1
-	fi
-	$as_echo "#define PAM_SUN_CODEBASE 1" >>confdefs.h
-
-	$as_echo "#define LOGIN_NEEDS_UTMPX 1" >>confdefs.h
-
-
-$as_echo "#define LOGIN_NEEDS_TERM 1" >>confdefs.h
-
-	$as_echo "#define PAM_TTY_KLUDGE 1" >>confdefs.h
-
-
-$as_echo "#define SSHPAM_CHAUTHTOK_NEEDS_RUID 1" >>confdefs.h
-
-	$as_echo "#define LOCKED_PASSWD_STRING \"*LK*\"" >>confdefs.h
-
-	# Pushing STREAMS modules will cause sshd to acquire a controlling tty.
-
-$as_echo "#define SSHD_ACQUIRES_CTTY 1" >>confdefs.h
-
-
-$as_echo "#define PASSWD_NEEDS_USERNAME 1" >>confdefs.h
-
-
-$as_echo "#define BROKEN_TCGETATTR_ICANON 1" >>confdefs.h
-
-	external_path_file=/etc/default/login
-	# hardwire lastlog location (can't detect it on some versions)
-	conf_lastlog_location="/var/adm/lastlog"
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for obsolete utmp and wtmp in solaris2.x" >&5
-$as_echo_n "checking for obsolete utmp and wtmp in solaris2.x... " >&6; }
-	sol2ver=`echo "$host"| sed -e 's/.*[0-9]\.//'`
-	if test "$sol2ver" -ge 8; then
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-		$as_echo "#define DISABLE_UTMP 1" >>confdefs.h
-
-
-$as_echo "#define DISABLE_WTMP 1" >>confdefs.h
-
-	else
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-	fi
-
-# Check whether --with-solaris-contracts was given.
-if test "${with_solaris_contracts+set}" = set; then :
-  withval=$with_solaris_contracts;
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for ct_tmpl_activate in -lcontract" >&5
-$as_echo_n "checking for ct_tmpl_activate in -lcontract... " >&6; }
-if ${ac_cv_lib_contract_ct_tmpl_activate+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_check_lib_save_LIBS=$LIBS
-LIBS="-lcontract  $LIBS"
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char ct_tmpl_activate ();
-int
-main ()
-{
-return ct_tmpl_activate ();
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
-  ac_cv_lib_contract_ct_tmpl_activate=yes
-else
-  ac_cv_lib_contract_ct_tmpl_activate=no
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext conftest.$ac_ext
-LIBS=$ac_check_lib_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_contract_ct_tmpl_activate" >&5
-$as_echo "$ac_cv_lib_contract_ct_tmpl_activate" >&6; }
-if test "x$ac_cv_lib_contract_ct_tmpl_activate" = xyes; then :
-
-$as_echo "#define USE_SOLARIS_PROCESS_CONTRACTS 1" >>confdefs.h
-
-			  SSHDLIBS="$SSHDLIBS -lcontract"
-			  SPC_MSG="yes"
-fi
-
-
-fi
-
-
-# Check whether --with-solaris-projects was given.
-if test "${with_solaris_projects+set}" = set; then :
-  withval=$with_solaris_projects;
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for setproject in -lproject" >&5
-$as_echo_n "checking for setproject in -lproject... " >&6; }
-if ${ac_cv_lib_project_setproject+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_check_lib_save_LIBS=$LIBS
-LIBS="-lproject  $LIBS"
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char setproject ();
-int
-main ()
-{
-return setproject ();
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
-  ac_cv_lib_project_setproject=yes
-else
-  ac_cv_lib_project_setproject=no
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext conftest.$ac_ext
-LIBS=$ac_check_lib_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_project_setproject" >&5
-$as_echo "$ac_cv_lib_project_setproject" >&6; }
-if test "x$ac_cv_lib_project_setproject" = xyes; then :
-
-$as_echo "#define USE_SOLARIS_PROJECTS 1" >>confdefs.h
-
-			SSHDLIBS="$SSHDLIBS -lproject"
-			SP_MSG="yes"
-fi
-
-
-fi
-
-	TEST_SHELL=$SHELL	# let configure find us a capable shell
-	;;
-*-*-sunos4*)
-	CPPFLAGS="$CPPFLAGS -DSUNOS4"
-	for ac_func in getpwanam
-do :
-  ac_fn_c_check_func "$LINENO" "getpwanam" "ac_cv_func_getpwanam"
-if test "x$ac_cv_func_getpwanam" = xyes; then :
-  cat >>confdefs.h <<_ACEOF
-#define HAVE_GETPWANAM 1
-_ACEOF
-
-fi
-done
-
-	$as_echo "#define PAM_SUN_CODEBASE 1" >>confdefs.h
-
-	conf_utmp_location=/etc/utmp
-	conf_wtmp_location=/var/adm/wtmp
-	conf_lastlog_location=/var/adm/lastlog
-	$as_echo "#define USE_PIPES 1" >>confdefs.h
-
-	;;
-*-ncr-sysv*)
-	LIBS="$LIBS -lc89"
-	$as_echo "#define USE_PIPES 1" >>confdefs.h
-
-	$as_echo "#define SSHD_ACQUIRES_CTTY 1" >>confdefs.h
-
-	$as_echo "#define SETEUID_BREAKS_SETUID 1" >>confdefs.h
-
-	$as_echo "#define BROKEN_SETREUID 1" >>confdefs.h
-
-	$as_echo "#define BROKEN_SETREGID 1" >>confdefs.h
-
-	;;
-*-sni-sysv*)
-	# /usr/ucblib MUST NOT be searched on ReliantUNIX
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for dlsym in -ldl" >&5
-$as_echo_n "checking for dlsym in -ldl... " >&6; }
-if ${ac_cv_lib_dl_dlsym+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_check_lib_save_LIBS=$LIBS
-LIBS="-ldl  $LIBS"
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char dlsym ();
-int
-main ()
-{
-return dlsym ();
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
-  ac_cv_lib_dl_dlsym=yes
-else
-  ac_cv_lib_dl_dlsym=no
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext conftest.$ac_ext
-LIBS=$ac_check_lib_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_dl_dlsym" >&5
-$as_echo "$ac_cv_lib_dl_dlsym" >&6; }
-if test "x$ac_cv_lib_dl_dlsym" = xyes; then :
-  cat >>confdefs.h <<_ACEOF
-#define HAVE_LIBDL 1
-_ACEOF
-
-  LIBS="-ldl $LIBS"
-
-fi
-
-	# -lresolv needs to be at the end of LIBS or DNS lookups break
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for res_query in -lresolv" >&5
-$as_echo_n "checking for res_query in -lresolv... " >&6; }
-if ${ac_cv_lib_resolv_res_query+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_check_lib_save_LIBS=$LIBS
-LIBS="-lresolv  $LIBS"
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char res_query ();
-int
-main ()
-{
-return res_query ();
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
-  ac_cv_lib_resolv_res_query=yes
-else
-  ac_cv_lib_resolv_res_query=no
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext conftest.$ac_ext
-LIBS=$ac_check_lib_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_resolv_res_query" >&5
-$as_echo "$ac_cv_lib_resolv_res_query" >&6; }
-if test "x$ac_cv_lib_resolv_res_query" = xyes; then :
-   LIBS="$LIBS -lresolv"
-fi
-
-	IPADDR_IN_DISPLAY=yes
-	$as_echo "#define USE_PIPES 1" >>confdefs.h
-
-	$as_echo "#define IP_TOS_IS_BROKEN 1" >>confdefs.h
-
-	$as_echo "#define SETEUID_BREAKS_SETUID 1" >>confdefs.h
-
-	$as_echo "#define BROKEN_SETREUID 1" >>confdefs.h
-
-	$as_echo "#define BROKEN_SETREGID 1" >>confdefs.h
-
-	$as_echo "#define SSHD_ACQUIRES_CTTY 1" >>confdefs.h
-
-	external_path_file=/etc/default/login
-	# /usr/ucblib/libucb.a no longer needed on ReliantUNIX
-	# Attention: always take care to bind libsocket and libnsl before libc,
-	# otherwise you will find lots of "SIOCGPGRP errno 22" on syslog
-	;;
-# UnixWare 1.x, UnixWare 2.x, and others based on code from Univel.
-*-*-sysv4.2*)
-	$as_echo "#define USE_PIPES 1" >>confdefs.h
-
-	$as_echo "#define SETEUID_BREAKS_SETUID 1" >>confdefs.h
-
-	$as_echo "#define BROKEN_SETREUID 1" >>confdefs.h
-
-	$as_echo "#define BROKEN_SETREGID 1" >>confdefs.h
-
-
-$as_echo "#define PASSWD_NEEDS_USERNAME 1" >>confdefs.h
-
-	$as_echo "#define LOCKED_PASSWD_STRING \"*LK*\"" >>confdefs.h
-
-	TEST_SHELL=$SHELL	# let configure find us a capable shell
-	;;
-# UnixWare 7.x, OpenUNIX 8
-*-*-sysv5*)
-	CPPFLAGS="$CPPFLAGS -Dvsnprintf=_xvsnprintf -Dsnprintf=_xsnprintf"
-
-$as_echo "#define UNIXWARE_LONG_PASSWORDS 1" >>confdefs.h
-
-	$as_echo "#define USE_PIPES 1" >>confdefs.h
-
-	$as_echo "#define SETEUID_BREAKS_SETUID 1" >>confdefs.h
-
-	$as_echo "#define BROKEN_GETADDRINFO 1" >>confdefs.h
-
-	$as_echo "#define BROKEN_SETREUID 1" >>confdefs.h
-
-	$as_echo "#define BROKEN_SETREGID 1" >>confdefs.h
-
-	$as_echo "#define PASSWD_NEEDS_USERNAME 1" >>confdefs.h
-
-	TEST_SHELL=$SHELL	# let configure find us a capable shell
-	case "$host" in
-	*-*-sysv5SCO_SV*)	# SCO OpenServer 6.x
-		maildir=/var/spool/mail
-
-$as_echo "#define BROKEN_LIBIAF 1" >>confdefs.h
-
-		$as_echo "#define BROKEN_UPDWTMPX 1" >>confdefs.h
-
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for getluid in -lprot" >&5
-$as_echo_n "checking for getluid in -lprot... " >&6; }
-if ${ac_cv_lib_prot_getluid+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_check_lib_save_LIBS=$LIBS
-LIBS="-lprot  $LIBS"
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char getluid ();
-int
-main ()
-{
-return getluid ();
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
-  ac_cv_lib_prot_getluid=yes
-else
-  ac_cv_lib_prot_getluid=no
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext conftest.$ac_ext
-LIBS=$ac_check_lib_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_prot_getluid" >&5
-$as_echo "$ac_cv_lib_prot_getluid" >&6; }
-if test "x$ac_cv_lib_prot_getluid" = xyes; then :
-   LIBS="$LIBS -lprot"
-			for ac_func in getluid setluid
-do :
-  as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh`
-ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var"
-if eval test \"x\$"$as_ac_var"\" = x"yes"; then :
-  cat >>confdefs.h <<_ACEOF
-#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1
-_ACEOF
-
-fi
-done
-
-			$as_echo "#define HAVE_SECUREWARE 1" >>confdefs.h
-
-			$as_echo "#define DISABLE_SHADOW 1" >>confdefs.h
-
-
-fi
-
-		;;
-	*)	$as_echo "#define LOCKED_PASSWD_STRING \"*LK*\"" >>confdefs.h
-
-		check_for_libcrypt_later=1
-		;;
-	esac
-	;;
-*-*-sysv*)
-	;;
-# SCO UNIX and OEM versions of SCO UNIX
-*-*-sco3.2v4*)
-	as_fn_error $? "\"This Platform is no longer supported.\"" "$LINENO" 5
-	;;
-# SCO OpenServer 5.x
-*-*-sco3.2v5*)
-	if test -z "$GCC"; then
-		CFLAGS="$CFLAGS -belf"
-	fi
-	LIBS="$LIBS -lprot -lx -ltinfo -lm"
-	no_dev_ptmx=1
-	$as_echo "#define USE_PIPES 1" >>confdefs.h
-
-	$as_echo "#define HAVE_SECUREWARE 1" >>confdefs.h
-
-	$as_echo "#define DISABLE_SHADOW 1" >>confdefs.h
-
-	$as_echo "#define DISABLE_FD_PASSING 1" >>confdefs.h
-
-	$as_echo "#define SETEUID_BREAKS_SETUID 1" >>confdefs.h
-
-	$as_echo "#define BROKEN_GETADDRINFO 1" >>confdefs.h
-
-	$as_echo "#define BROKEN_SETREUID 1" >>confdefs.h
-
-	$as_echo "#define BROKEN_SETREGID 1" >>confdefs.h
-
-	$as_echo "#define WITH_ABBREV_NO_TTY 1" >>confdefs.h
-
-	$as_echo "#define BROKEN_UPDWTMPX 1" >>confdefs.h
-
-	$as_echo "#define PASSWD_NEEDS_USERNAME 1" >>confdefs.h
-
-	for ac_func in getluid setluid
-do :
-  as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh`
-ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var"
-if eval test \"x\$"$as_ac_var"\" = x"yes"; then :
-  cat >>confdefs.h <<_ACEOF
-#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1
-_ACEOF
-
-fi
-done
-
-	MANTYPE=man
-	TEST_SHELL=$SHELL	# let configure find us a capable shell
-	SKIP_DISABLE_LASTLOG_DEFINE=yes
-	;;
-*-*-unicosmk*)
-
-$as_echo "#define NO_SSH_LASTLOG 1" >>confdefs.h
-
-	$as_echo "#define SETEUID_BREAKS_SETUID 1" >>confdefs.h
-
-	$as_echo "#define BROKEN_SETREUID 1" >>confdefs.h
-
-	$as_echo "#define BROKEN_SETREGID 1" >>confdefs.h
-
-	$as_echo "#define USE_PIPES 1" >>confdefs.h
-
-	$as_echo "#define DISABLE_FD_PASSING 1" >>confdefs.h
-
-	LDFLAGS="$LDFLAGS"
-	LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
-	MANTYPE=cat
-	;;
-*-*-unicosmp*)
-	$as_echo "#define SETEUID_BREAKS_SETUID 1" >>confdefs.h
-
-	$as_echo "#define BROKEN_SETREUID 1" >>confdefs.h
-
-	$as_echo "#define BROKEN_SETREGID 1" >>confdefs.h
-
-	$as_echo "#define WITH_ABBREV_NO_TTY 1" >>confdefs.h
-
-	$as_echo "#define USE_PIPES 1" >>confdefs.h
-
-	$as_echo "#define DISABLE_FD_PASSING 1" >>confdefs.h
-
-	LDFLAGS="$LDFLAGS"
-	LIBS="$LIBS -lgen -lacid -ldb"
-	MANTYPE=cat
-	;;
-*-*-unicos*)
-	$as_echo "#define SETEUID_BREAKS_SETUID 1" >>confdefs.h
-
-	$as_echo "#define BROKEN_SETREUID 1" >>confdefs.h
-
-	$as_echo "#define BROKEN_SETREGID 1" >>confdefs.h
-
-	$as_echo "#define USE_PIPES 1" >>confdefs.h
-
-	$as_echo "#define DISABLE_FD_PASSING 1" >>confdefs.h
-
-	$as_echo "#define NO_SSH_LASTLOG 1" >>confdefs.h
-
-	LDFLAGS="$LDFLAGS -Wl,-Dmsglevel=334:fatal"
-	LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
-	MANTYPE=cat
-	;;
-*-dec-osf*)
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for Digital Unix SIA" >&5
-$as_echo_n "checking for Digital Unix SIA... " >&6; }
-	no_osfsia=""
-
-# Check whether --with-osfsia was given.
-if test "${with_osfsia+set}" = set; then :
-  withval=$with_osfsia;
-			if test "x$withval" = "xno" ; then
-				{ $as_echo "$as_me:${as_lineno-$LINENO}: result: disabled" >&5
-$as_echo "disabled" >&6; }
-				no_osfsia=1
-			fi
-
-fi
-
-	if test -z "$no_osfsia" ; then
-		if test -f /etc/sia/matrix.conf; then
-			{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-
-$as_echo "#define HAVE_OSF_SIA 1" >>confdefs.h
-
-
-$as_echo "#define DISABLE_LOGIN 1" >>confdefs.h
-
-			$as_echo "#define DISABLE_FD_PASSING 1" >>confdefs.h
-
-			LIBS="$LIBS -lsecurity -ldb -lm -laud"
-			SIA_MSG="yes"
-		else
-			{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-
-$as_echo "#define LOCKED_PASSWD_SUBSTR \"Nologin\"" >>confdefs.h
-
-		fi
-	fi
-	$as_echo "#define BROKEN_GETADDRINFO 1" >>confdefs.h
-
-	$as_echo "#define SETEUID_BREAKS_SETUID 1" >>confdefs.h
-
-	$as_echo "#define BROKEN_SETREUID 1" >>confdefs.h
-
-	$as_echo "#define BROKEN_SETREGID 1" >>confdefs.h
-
-
-$as_echo "#define BROKEN_READV_COMPARISON 1" >>confdefs.h
-
-	;;
-
-*-*-nto-qnx*)
-	$as_echo "#define USE_PIPES 1" >>confdefs.h
-
-	$as_echo "#define NO_X11_UNIX_SOCKETS 1" >>confdefs.h
-
-	$as_echo "#define DISABLE_LASTLOG 1" >>confdefs.h
-
-	$as_echo "#define SSHD_ACQUIRES_CTTY 1" >>confdefs.h
-
-
-$as_echo "#define BROKEN_SHADOW_EXPIRE 1" >>confdefs.h
-
-	enable_etc_default_login=no	# has incompatible /etc/default/login
-	case "$host" in
-	*-*-nto-qnx6*)
-		$as_echo "#define DISABLE_FD_PASSING 1" >>confdefs.h
-
-		;;
-	esac
-	;;
-
-*-*-ultrix*)
-
-$as_echo "#define BROKEN_GETGROUPS 1" >>confdefs.h
-
-
-$as_echo "#define BROKEN_MMAP 1" >>confdefs.h
-
-	$as_echo "#define NEED_SETPGRP 1" >>confdefs.h
-
-
-$as_echo "#define HAVE_SYS_SYSLOG_H 1" >>confdefs.h
-
-	;;
-
-*-*-lynxos)
-        CFLAGS="$CFLAGS -D__NO_INCLUDE_WARN__"
-
-$as_echo "#define BROKEN_SETVBUF 1" >>confdefs.h
-
-        ;;
-esac
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking compiler and flags for sanity" >&5
-$as_echo_n "checking compiler and flags for sanity... " >&6; }
-if test "$cross_compiling" = yes; then :
-  	{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cross compiling: not checking compiler sanity" >&5
-$as_echo "$as_me: WARNING: cross compiling: not checking compiler sanity" >&2;}
-
-else
-  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
- #include <stdio.h>
-int
-main ()
-{
- exit(0);
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_run "$LINENO"; then :
-  	{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-else
-
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-		as_fn_error $? "*** compiler cannot create working executables, check config.log ***" "$LINENO" 5
-
-fi
-rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \
-  conftest.$ac_objext conftest.beam conftest.$ac_ext
-fi
-
-
-# Checks for libraries.
-ac_fn_c_check_func "$LINENO" "yp_match" "ac_cv_func_yp_match"
-if test "x$ac_cv_func_yp_match" = xyes; then :
-
-else
-  { $as_echo "$as_me:${as_lineno-$LINENO}: checking for yp_match in -lnsl" >&5
-$as_echo_n "checking for yp_match in -lnsl... " >&6; }
-if ${ac_cv_lib_nsl_yp_match+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_check_lib_save_LIBS=$LIBS
-LIBS="-lnsl  $LIBS"
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char yp_match ();
-int
-main ()
-{
-return yp_match ();
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
-  ac_cv_lib_nsl_yp_match=yes
-else
-  ac_cv_lib_nsl_yp_match=no
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext conftest.$ac_ext
-LIBS=$ac_check_lib_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_nsl_yp_match" >&5
-$as_echo "$ac_cv_lib_nsl_yp_match" >&6; }
-if test "x$ac_cv_lib_nsl_yp_match" = xyes; then :
-  cat >>confdefs.h <<_ACEOF
-#define HAVE_LIBNSL 1
-_ACEOF
-
-  LIBS="-lnsl $LIBS"
-
-fi
-
-fi
-
-ac_fn_c_check_func "$LINENO" "setsockopt" "ac_cv_func_setsockopt"
-if test "x$ac_cv_func_setsockopt" = xyes; then :
-
-else
-  { $as_echo "$as_me:${as_lineno-$LINENO}: checking for setsockopt in -lsocket" >&5
-$as_echo_n "checking for setsockopt in -lsocket... " >&6; }
-if ${ac_cv_lib_socket_setsockopt+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_check_lib_save_LIBS=$LIBS
-LIBS="-lsocket  $LIBS"
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char setsockopt ();
-int
-main ()
-{
-return setsockopt ();
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
-  ac_cv_lib_socket_setsockopt=yes
-else
-  ac_cv_lib_socket_setsockopt=no
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext conftest.$ac_ext
-LIBS=$ac_check_lib_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_socket_setsockopt" >&5
-$as_echo "$ac_cv_lib_socket_setsockopt" >&6; }
-if test "x$ac_cv_lib_socket_setsockopt" = xyes; then :
-  cat >>confdefs.h <<_ACEOF
-#define HAVE_LIBSOCKET 1
-_ACEOF
-
-  LIBS="-lsocket $LIBS"
-
-fi
-
-fi
-
-
-for ac_func in dirname
-do :
-  ac_fn_c_check_func "$LINENO" "dirname" "ac_cv_func_dirname"
-if test "x$ac_cv_func_dirname" = xyes; then :
-  cat >>confdefs.h <<_ACEOF
-#define HAVE_DIRNAME 1
-_ACEOF
- for ac_header in libgen.h
-do :
-  ac_fn_c_check_header_mongrel "$LINENO" "libgen.h" "ac_cv_header_libgen_h" "$ac_includes_default"
-if test "x$ac_cv_header_libgen_h" = xyes; then :
-  cat >>confdefs.h <<_ACEOF
-#define HAVE_LIBGEN_H 1
-_ACEOF
-
-fi
-
-done
-
-else
-
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for dirname in -lgen" >&5
-$as_echo_n "checking for dirname in -lgen... " >&6; }
-if ${ac_cv_lib_gen_dirname+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_check_lib_save_LIBS=$LIBS
-LIBS="-lgen  $LIBS"
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char dirname ();
-int
-main ()
-{
-return dirname ();
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
-  ac_cv_lib_gen_dirname=yes
-else
-  ac_cv_lib_gen_dirname=no
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext conftest.$ac_ext
-LIBS=$ac_check_lib_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_gen_dirname" >&5
-$as_echo "$ac_cv_lib_gen_dirname" >&6; }
-if test "x$ac_cv_lib_gen_dirname" = xyes; then :
-
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for broken dirname" >&5
-$as_echo_n "checking for broken dirname... " >&6; }
-if ${ac_cv_have_broken_dirname+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-
-			save_LIBS="$LIBS"
-			LIBS="$LIBS -lgen"
-			if test "$cross_compiling" = yes; then :
-   ac_cv_have_broken_dirname="no"
-else
-  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-#include <libgen.h>
-#include <string.h>
-
-int main(int argc, char **argv) {
-    char *s, buf[32];
-
-    strncpy(buf,"/etc", 32);
-    s = dirname(buf);
-    if (!s || strncmp(s, "/", 32) != 0) {
-	exit(1);
-    } else {
-	exit(0);
-    }
-}
-
-_ACEOF
-if ac_fn_c_try_run "$LINENO"; then :
-   ac_cv_have_broken_dirname="no"
-else
-   ac_cv_have_broken_dirname="yes"
-fi
-rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \
-  conftest.$ac_objext conftest.beam conftest.$ac_ext
-fi
-
-			LIBS="$save_LIBS"
-
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_have_broken_dirname" >&5
-$as_echo "$ac_cv_have_broken_dirname" >&6; }
-		if test "x$ac_cv_have_broken_dirname" = "xno" ; then
-			LIBS="$LIBS -lgen"
-			$as_echo "#define HAVE_DIRNAME 1" >>confdefs.h
-
-			for ac_header in libgen.h
-do :
-  ac_fn_c_check_header_mongrel "$LINENO" "libgen.h" "ac_cv_header_libgen_h" "$ac_includes_default"
-if test "x$ac_cv_header_libgen_h" = xyes; then :
-  cat >>confdefs.h <<_ACEOF
-#define HAVE_LIBGEN_H 1
-_ACEOF
-
-fi
-
-done
-
-		fi
-
-fi
-
-
-fi
-done
-
-
-ac_fn_c_check_func "$LINENO" "getspnam" "ac_cv_func_getspnam"
-if test "x$ac_cv_func_getspnam" = xyes; then :
-
-else
-  { $as_echo "$as_me:${as_lineno-$LINENO}: checking for getspnam in -lgen" >&5
-$as_echo_n "checking for getspnam in -lgen... " >&6; }
-if ${ac_cv_lib_gen_getspnam+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_check_lib_save_LIBS=$LIBS
-LIBS="-lgen  $LIBS"
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char getspnam ();
-int
-main ()
-{
-return getspnam ();
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
-  ac_cv_lib_gen_getspnam=yes
-else
-  ac_cv_lib_gen_getspnam=no
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext conftest.$ac_ext
-LIBS=$ac_check_lib_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_gen_getspnam" >&5
-$as_echo "$ac_cv_lib_gen_getspnam" >&6; }
-if test "x$ac_cv_lib_gen_getspnam" = xyes; then :
-  LIBS="$LIBS -lgen"
-fi
-
-fi
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing basename" >&5
-$as_echo_n "checking for library containing basename... " >&6; }
-if ${ac_cv_search_basename+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_func_search_save_LIBS=$LIBS
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char basename ();
-int
-main ()
-{
-return basename ();
-  ;
-  return 0;
-}
-_ACEOF
-for ac_lib in '' gen; do
-  if test -z "$ac_lib"; then
-    ac_res="none required"
-  else
-    ac_res=-l$ac_lib
-    LIBS="-l$ac_lib  $ac_func_search_save_LIBS"
-  fi
-  if ac_fn_c_try_link "$LINENO"; then :
-  ac_cv_search_basename=$ac_res
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext
-  if ${ac_cv_search_basename+:} false; then :
-  break
-fi
-done
-if ${ac_cv_search_basename+:} false; then :
-
-else
-  ac_cv_search_basename=no
-fi
-rm conftest.$ac_ext
-LIBS=$ac_func_search_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_basename" >&5
-$as_echo "$ac_cv_search_basename" >&6; }
-ac_res=$ac_cv_search_basename
-if test "$ac_res" != no; then :
-  test "$ac_res" = "none required" || LIBS="$ac_res $LIBS"
-
-$as_echo "#define HAVE_BASENAME 1" >>confdefs.h
-
-fi
-
-
-
-# Check whether --with-zlib was given.
-if test "${with_zlib+set}" = set; then :
-  withval=$with_zlib;  if test "x$withval" = "xno" ; then
-		as_fn_error $? "*** zlib is required ***" "$LINENO" 5
-	  elif test "x$withval" != "xyes"; then
-		if test -d "$withval/lib"; then
-			if test -n "${need_dash_r}"; then
-				LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
-			else
-				LDFLAGS="-L${withval}/lib ${LDFLAGS}"
-			fi
-		else
-			if test -n "${need_dash_r}"; then
-				LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
-			else
-				LDFLAGS="-L${withval} ${LDFLAGS}"
-			fi
-		fi
-		if test -d "$withval/include"; then
-			CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
-		else
-			CPPFLAGS="-I${withval} ${CPPFLAGS}"
-		fi
-	fi
-
-fi
-
-
-ac_fn_c_check_header_mongrel "$LINENO" "zlib.h" "ac_cv_header_zlib_h" "$ac_includes_default"
-if test "x$ac_cv_header_zlib_h" = xyes; then :
-
-else
-  as_fn_error $? "*** zlib.h missing - please install first or check config.log ***" "$LINENO" 5
-fi
-
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for deflate in -lz" >&5
-$as_echo_n "checking for deflate in -lz... " >&6; }
-if ${ac_cv_lib_z_deflate+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_check_lib_save_LIBS=$LIBS
-LIBS="-lz  $LIBS"
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char deflate ();
-int
-main ()
-{
-return deflate ();
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
-  ac_cv_lib_z_deflate=yes
-else
-  ac_cv_lib_z_deflate=no
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext conftest.$ac_ext
-LIBS=$ac_check_lib_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_z_deflate" >&5
-$as_echo "$ac_cv_lib_z_deflate" >&6; }
-if test "x$ac_cv_lib_z_deflate" = xyes; then :
-  cat >>confdefs.h <<_ACEOF
-#define HAVE_LIBZ 1
-_ACEOF
-
-  LIBS="-lz $LIBS"
-
-else
-
-		saved_CPPFLAGS="$CPPFLAGS"
-		saved_LDFLAGS="$LDFLAGS"
-		save_LIBS="$LIBS"
-				if test -n "${need_dash_r}"; then
-			LDFLAGS="-L/usr/local/lib -R/usr/local/lib ${saved_LDFLAGS}"
-		else
-			LDFLAGS="-L/usr/local/lib ${saved_LDFLAGS}"
-		fi
-		CPPFLAGS="-I/usr/local/include ${saved_CPPFLAGS}"
-		LIBS="$LIBS -lz"
-		cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char deflate ();
-int
-main ()
-{
-return deflate ();
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
-  $as_echo "#define HAVE_LIBZ 1" >>confdefs.h
-
-else
-
-				as_fn_error $? "*** zlib missing - please install first or check config.log ***" "$LINENO" 5
-
-
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext conftest.$ac_ext
-
-
-fi
-
-
-
-# Check whether --with-zlib-version-check was given.
-if test "${with_zlib_version_check+set}" = set; then :
-  withval=$with_zlib_version_check;   if test "x$withval" = "xno" ; then
-		zlib_check_nonfatal=1
-	   fi
-
-
-fi
-
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for possibly buggy zlib" >&5
-$as_echo_n "checking for possibly buggy zlib... " >&6; }
-if test "$cross_compiling" = yes; then :
-  	{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cross compiling: not checking zlib version" >&5
-$as_echo "$as_me: WARNING: cross compiling: not checking zlib version" >&2;}
-
-else
-  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <zlib.h>
-
-int
-main ()
-{
-
-	int a=0, b=0, c=0, d=0, n, v;
-	n = sscanf(ZLIB_VERSION, "%d.%d.%d.%d", &a, &b, &c, &d);
-	if (n != 3 && n != 4)
-		exit(1);
-	v = a*1000000 + b*10000 + c*100 + d;
-	fprintf(stderr, "found zlib version %s (%d)\n", ZLIB_VERSION, v);
-
-	/* 1.1.4 is OK */
-	if (a == 1 && b == 1 && c >= 4)
-		exit(0);
-
-	/* 1.2.3 and up are OK */
-	if (v >= 1020300)
-		exit(0);
-
-	exit(2);
-
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_run "$LINENO"; then :
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-else
-   { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-	  if test -z "$zlib_check_nonfatal" ; then
-		as_fn_error $? "*** zlib too old - check config.log ***
-Your reported zlib version has known security problems.  It's possible your
-vendor has fixed these problems without changing the version number.  If you
-are sure this is the case, you can disable the check by running
-\"./configure --without-zlib-version-check\".
-If you are in doubt, upgrade zlib to version 1.2.3 or greater.
-See http://www.gzip.org/zlib/ for details." "$LINENO" 5
-	  else
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: zlib version may have security problems" >&5
-$as_echo "$as_me: WARNING: zlib version may have security problems" >&2;}
-	  fi
-
-fi
-rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \
-  conftest.$ac_objext conftest.beam conftest.$ac_ext
-fi
-
-
-ac_fn_c_check_func "$LINENO" "strcasecmp" "ac_cv_func_strcasecmp"
-if test "x$ac_cv_func_strcasecmp" = xyes; then :
-
-else
-   { $as_echo "$as_me:${as_lineno-$LINENO}: checking for strcasecmp in -lresolv" >&5
-$as_echo_n "checking for strcasecmp in -lresolv... " >&6; }
-if ${ac_cv_lib_resolv_strcasecmp+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_check_lib_save_LIBS=$LIBS
-LIBS="-lresolv  $LIBS"
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char strcasecmp ();
-int
-main ()
-{
-return strcasecmp ();
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
-  ac_cv_lib_resolv_strcasecmp=yes
-else
-  ac_cv_lib_resolv_strcasecmp=no
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext conftest.$ac_ext
-LIBS=$ac_check_lib_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_resolv_strcasecmp" >&5
-$as_echo "$ac_cv_lib_resolv_strcasecmp" >&6; }
-if test "x$ac_cv_lib_resolv_strcasecmp" = xyes; then :
-  LIBS="$LIBS -lresolv"
-fi
-
-
-fi
-
-for ac_func in utimes
-do :
-  ac_fn_c_check_func "$LINENO" "utimes" "ac_cv_func_utimes"
-if test "x$ac_cv_func_utimes" = xyes; then :
-  cat >>confdefs.h <<_ACEOF
-#define HAVE_UTIMES 1
-_ACEOF
-
-else
-   { $as_echo "$as_me:${as_lineno-$LINENO}: checking for utimes in -lc89" >&5
-$as_echo_n "checking for utimes in -lc89... " >&6; }
-if ${ac_cv_lib_c89_utimes+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_check_lib_save_LIBS=$LIBS
-LIBS="-lc89  $LIBS"
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char utimes ();
-int
-main ()
-{
-return utimes ();
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
-  ac_cv_lib_c89_utimes=yes
-else
-  ac_cv_lib_c89_utimes=no
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext conftest.$ac_ext
-LIBS=$ac_check_lib_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_c89_utimes" >&5
-$as_echo "$ac_cv_lib_c89_utimes" >&6; }
-if test "x$ac_cv_lib_c89_utimes" = xyes; then :
-  $as_echo "#define HAVE_UTIMES 1" >>confdefs.h
-
-					LIBS="$LIBS -lc89"
-fi
-
-
-fi
-done
-
-
-for ac_header in bsd/libutil.h libutil.h
-do :
-  as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh`
-ac_fn_c_check_header_mongrel "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default"
-if eval test \"x\$"$as_ac_Header"\" = x"yes"; then :
-  cat >>confdefs.h <<_ACEOF
-#define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1
-_ACEOF
-
-fi
-
-done
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing fmt_scaled" >&5
-$as_echo_n "checking for library containing fmt_scaled... " >&6; }
-if ${ac_cv_search_fmt_scaled+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_func_search_save_LIBS=$LIBS
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char fmt_scaled ();
-int
-main ()
-{
-return fmt_scaled ();
-  ;
-  return 0;
-}
-_ACEOF
-for ac_lib in '' util bsd; do
-  if test -z "$ac_lib"; then
-    ac_res="none required"
-  else
-    ac_res=-l$ac_lib
-    LIBS="-l$ac_lib  $ac_func_search_save_LIBS"
-  fi
-  if ac_fn_c_try_link "$LINENO"; then :
-  ac_cv_search_fmt_scaled=$ac_res
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext
-  if ${ac_cv_search_fmt_scaled+:} false; then :
-  break
-fi
-done
-if ${ac_cv_search_fmt_scaled+:} false; then :
-
-else
-  ac_cv_search_fmt_scaled=no
-fi
-rm conftest.$ac_ext
-LIBS=$ac_func_search_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_fmt_scaled" >&5
-$as_echo "$ac_cv_search_fmt_scaled" >&6; }
-ac_res=$ac_cv_search_fmt_scaled
-if test "$ac_res" != no; then :
-  test "$ac_res" = "none required" || LIBS="$ac_res $LIBS"
-
-fi
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing scan_scaled" >&5
-$as_echo_n "checking for library containing scan_scaled... " >&6; }
-if ${ac_cv_search_scan_scaled+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_func_search_save_LIBS=$LIBS
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char scan_scaled ();
-int
-main ()
-{
-return scan_scaled ();
-  ;
-  return 0;
-}
-_ACEOF
-for ac_lib in '' util bsd; do
-  if test -z "$ac_lib"; then
-    ac_res="none required"
-  else
-    ac_res=-l$ac_lib
-    LIBS="-l$ac_lib  $ac_func_search_save_LIBS"
-  fi
-  if ac_fn_c_try_link "$LINENO"; then :
-  ac_cv_search_scan_scaled=$ac_res
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext
-  if ${ac_cv_search_scan_scaled+:} false; then :
-  break
-fi
-done
-if ${ac_cv_search_scan_scaled+:} false; then :
-
-else
-  ac_cv_search_scan_scaled=no
-fi
-rm conftest.$ac_ext
-LIBS=$ac_func_search_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_scan_scaled" >&5
-$as_echo "$ac_cv_search_scan_scaled" >&6; }
-ac_res=$ac_cv_search_scan_scaled
-if test "$ac_res" != no; then :
-  test "$ac_res" = "none required" || LIBS="$ac_res $LIBS"
-
-fi
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing login" >&5
-$as_echo_n "checking for library containing login... " >&6; }
-if ${ac_cv_search_login+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_func_search_save_LIBS=$LIBS
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char login ();
-int
-main ()
-{
-return login ();
-  ;
-  return 0;
-}
-_ACEOF
-for ac_lib in '' util bsd; do
-  if test -z "$ac_lib"; then
-    ac_res="none required"
-  else
-    ac_res=-l$ac_lib
-    LIBS="-l$ac_lib  $ac_func_search_save_LIBS"
-  fi
-  if ac_fn_c_try_link "$LINENO"; then :
-  ac_cv_search_login=$ac_res
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext
-  if ${ac_cv_search_login+:} false; then :
-  break
-fi
-done
-if ${ac_cv_search_login+:} false; then :
-
-else
-  ac_cv_search_login=no
-fi
-rm conftest.$ac_ext
-LIBS=$ac_func_search_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_login" >&5
-$as_echo "$ac_cv_search_login" >&6; }
-ac_res=$ac_cv_search_login
-if test "$ac_res" != no; then :
-  test "$ac_res" = "none required" || LIBS="$ac_res $LIBS"
-
-fi
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing logout" >&5
-$as_echo_n "checking for library containing logout... " >&6; }
-if ${ac_cv_search_logout+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_func_search_save_LIBS=$LIBS
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char logout ();
-int
-main ()
-{
-return logout ();
-  ;
-  return 0;
-}
-_ACEOF
-for ac_lib in '' util bsd; do
-  if test -z "$ac_lib"; then
-    ac_res="none required"
-  else
-    ac_res=-l$ac_lib
-    LIBS="-l$ac_lib  $ac_func_search_save_LIBS"
-  fi
-  if ac_fn_c_try_link "$LINENO"; then :
-  ac_cv_search_logout=$ac_res
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext
-  if ${ac_cv_search_logout+:} false; then :
-  break
-fi
-done
-if ${ac_cv_search_logout+:} false; then :
-
-else
-  ac_cv_search_logout=no
-fi
-rm conftest.$ac_ext
-LIBS=$ac_func_search_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_logout" >&5
-$as_echo "$ac_cv_search_logout" >&6; }
-ac_res=$ac_cv_search_logout
-if test "$ac_res" != no; then :
-  test "$ac_res" = "none required" || LIBS="$ac_res $LIBS"
-
-fi
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing logwtmp" >&5
-$as_echo_n "checking for library containing logwtmp... " >&6; }
-if ${ac_cv_search_logwtmp+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_func_search_save_LIBS=$LIBS
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char logwtmp ();
-int
-main ()
-{
-return logwtmp ();
-  ;
-  return 0;
-}
-_ACEOF
-for ac_lib in '' util bsd; do
-  if test -z "$ac_lib"; then
-    ac_res="none required"
-  else
-    ac_res=-l$ac_lib
-    LIBS="-l$ac_lib  $ac_func_search_save_LIBS"
-  fi
-  if ac_fn_c_try_link "$LINENO"; then :
-  ac_cv_search_logwtmp=$ac_res
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext
-  if ${ac_cv_search_logwtmp+:} false; then :
-  break
-fi
-done
-if ${ac_cv_search_logwtmp+:} false; then :
-
-else
-  ac_cv_search_logwtmp=no
-fi
-rm conftest.$ac_ext
-LIBS=$ac_func_search_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_logwtmp" >&5
-$as_echo "$ac_cv_search_logwtmp" >&6; }
-ac_res=$ac_cv_search_logwtmp
-if test "$ac_res" != no; then :
-  test "$ac_res" = "none required" || LIBS="$ac_res $LIBS"
-
-fi
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing openpty" >&5
-$as_echo_n "checking for library containing openpty... " >&6; }
-if ${ac_cv_search_openpty+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_func_search_save_LIBS=$LIBS
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char openpty ();
-int
-main ()
-{
-return openpty ();
-  ;
-  return 0;
-}
-_ACEOF
-for ac_lib in '' util bsd; do
-  if test -z "$ac_lib"; then
-    ac_res="none required"
-  else
-    ac_res=-l$ac_lib
-    LIBS="-l$ac_lib  $ac_func_search_save_LIBS"
-  fi
-  if ac_fn_c_try_link "$LINENO"; then :
-  ac_cv_search_openpty=$ac_res
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext
-  if ${ac_cv_search_openpty+:} false; then :
-  break
-fi
-done
-if ${ac_cv_search_openpty+:} false; then :
-
-else
-  ac_cv_search_openpty=no
-fi
-rm conftest.$ac_ext
-LIBS=$ac_func_search_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_openpty" >&5
-$as_echo "$ac_cv_search_openpty" >&6; }
-ac_res=$ac_cv_search_openpty
-if test "$ac_res" != no; then :
-  test "$ac_res" = "none required" || LIBS="$ac_res $LIBS"
-
-fi
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing updwtmp" >&5
-$as_echo_n "checking for library containing updwtmp... " >&6; }
-if ${ac_cv_search_updwtmp+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_func_search_save_LIBS=$LIBS
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char updwtmp ();
-int
-main ()
-{
-return updwtmp ();
-  ;
-  return 0;
-}
-_ACEOF
-for ac_lib in '' util bsd; do
-  if test -z "$ac_lib"; then
-    ac_res="none required"
-  else
-    ac_res=-l$ac_lib
-    LIBS="-l$ac_lib  $ac_func_search_save_LIBS"
-  fi
-  if ac_fn_c_try_link "$LINENO"; then :
-  ac_cv_search_updwtmp=$ac_res
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext
-  if ${ac_cv_search_updwtmp+:} false; then :
-  break
-fi
-done
-if ${ac_cv_search_updwtmp+:} false; then :
-
-else
-  ac_cv_search_updwtmp=no
-fi
-rm conftest.$ac_ext
-LIBS=$ac_func_search_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_updwtmp" >&5
-$as_echo "$ac_cv_search_updwtmp" >&6; }
-ac_res=$ac_cv_search_updwtmp
-if test "$ac_res" != no; then :
-  test "$ac_res" = "none required" || LIBS="$ac_res $LIBS"
-
-fi
-
-for ac_func in fmt_scaled scan_scaled login logout openpty updwtmp logwtmp
-do :
-  as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh`
-ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var"
-if eval test \"x\$"$as_ac_var"\" = x"yes"; then :
-  cat >>confdefs.h <<_ACEOF
-#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1
-_ACEOF
-
-fi
-done
-
-
-# On some platforms, inet_ntop may be found in libresolv or libnsl.
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing inet_ntop" >&5
-$as_echo_n "checking for library containing inet_ntop... " >&6; }
-if ${ac_cv_search_inet_ntop+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_func_search_save_LIBS=$LIBS
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char inet_ntop ();
-int
-main ()
-{
-return inet_ntop ();
-  ;
-  return 0;
-}
-_ACEOF
-for ac_lib in '' resolv nsl; do
-  if test -z "$ac_lib"; then
-    ac_res="none required"
-  else
-    ac_res=-l$ac_lib
-    LIBS="-l$ac_lib  $ac_func_search_save_LIBS"
-  fi
-  if ac_fn_c_try_link "$LINENO"; then :
-  ac_cv_search_inet_ntop=$ac_res
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext
-  if ${ac_cv_search_inet_ntop+:} false; then :
-  break
-fi
-done
-if ${ac_cv_search_inet_ntop+:} false; then :
-
-else
-  ac_cv_search_inet_ntop=no
-fi
-rm conftest.$ac_ext
-LIBS=$ac_func_search_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_inet_ntop" >&5
-$as_echo "$ac_cv_search_inet_ntop" >&6; }
-ac_res=$ac_cv_search_inet_ntop
-if test "$ac_res" != no; then :
-  test "$ac_res" = "none required" || LIBS="$ac_res $LIBS"
-
-fi
-
-
-for ac_func in strftime
-do :
-  ac_fn_c_check_func "$LINENO" "strftime" "ac_cv_func_strftime"
-if test "x$ac_cv_func_strftime" = xyes; then :
-  cat >>confdefs.h <<_ACEOF
-#define HAVE_STRFTIME 1
-_ACEOF
-
-else
-  # strftime is in -lintl on SCO UNIX.
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for strftime in -lintl" >&5
-$as_echo_n "checking for strftime in -lintl... " >&6; }
-if ${ac_cv_lib_intl_strftime+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_check_lib_save_LIBS=$LIBS
-LIBS="-lintl  $LIBS"
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char strftime ();
-int
-main ()
-{
-return strftime ();
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
-  ac_cv_lib_intl_strftime=yes
-else
-  ac_cv_lib_intl_strftime=no
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext conftest.$ac_ext
-LIBS=$ac_check_lib_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_intl_strftime" >&5
-$as_echo "$ac_cv_lib_intl_strftime" >&6; }
-if test "x$ac_cv_lib_intl_strftime" = xyes; then :
-  $as_echo "#define HAVE_STRFTIME 1" >>confdefs.h
-
-LIBS="-lintl $LIBS"
-fi
-
-fi
-done
-
-
-# Check for ALTDIRFUNC glob() extension
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for GLOB_ALTDIRFUNC support" >&5
-$as_echo_n "checking for GLOB_ALTDIRFUNC support... " >&6; }
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-		#include <glob.h>
-		#ifdef GLOB_ALTDIRFUNC
-		FOUNDIT
-		#endif
-
-_ACEOF
-if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
-  $EGREP "FOUNDIT" >/dev/null 2>&1; then :
-
-
-$as_echo "#define GLOB_HAS_ALTDIRFUNC 1" >>confdefs.h
-
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-
-else
-
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-
-
-fi
-rm -f conftest*
-
-
-# Check for g.gl_matchc glob() extension
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for gl_matchc field in glob_t" >&5
-$as_echo_n "checking for gl_matchc field in glob_t... " >&6; }
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
- #include <glob.h>
-int
-main ()
-{
- glob_t g; g.gl_matchc = 1;
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-
-
-$as_echo "#define GLOB_HAS_GL_MATCHC 1" >>confdefs.h
-
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-
-else
-
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-
-# Check for g.gl_statv glob() extension
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for gl_statv and GLOB_KEEPSTAT extensions for glob" >&5
-$as_echo_n "checking for gl_statv and GLOB_KEEPSTAT extensions for glob... " >&6; }
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
- #include <glob.h>
-int
-main ()
-{
-
-#ifndef GLOB_KEEPSTAT
-#error "glob does not support GLOB_KEEPSTAT extension"
-#endif
-glob_t g;
-g.gl_statv = NULL;
-
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-
-
-$as_echo "#define GLOB_HAS_GL_STATV 1" >>confdefs.h
-
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-
-else
-
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-
-
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-
-ac_fn_c_check_decl "$LINENO" "GLOB_NOMATCH" "ac_cv_have_decl_GLOB_NOMATCH" "#include <glob.h>
-"
-if test "x$ac_cv_have_decl_GLOB_NOMATCH" = xyes; then :
-  ac_have_decl=1
-else
-  ac_have_decl=0
-fi
-
-cat >>confdefs.h <<_ACEOF
-#define HAVE_DECL_GLOB_NOMATCH $ac_have_decl
-_ACEOF
-
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether struct dirent allocates space for d_name" >&5
-$as_echo_n "checking whether struct dirent allocates space for d_name... " >&6; }
-if test "$cross_compiling" = yes; then :
-
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cross compiling: assuming BROKEN_ONE_BYTE_DIRENT_D_NAME" >&5
-$as_echo "$as_me: WARNING: cross compiling: assuming BROKEN_ONE_BYTE_DIRENT_D_NAME" >&2;}
-		$as_echo "#define BROKEN_ONE_BYTE_DIRENT_D_NAME 1" >>confdefs.h
-
-
-
-else
-  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-#include <sys/types.h>
-#include <dirent.h>
-int
-main ()
-{
-
-	struct dirent d;
-	exit(sizeof(d.d_name)<=sizeof(char));
-
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_run "$LINENO"; then :
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-else
-
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-
-$as_echo "#define BROKEN_ONE_BYTE_DIRENT_D_NAME 1" >>confdefs.h
-
-
-fi
-rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \
-  conftest.$ac_objext conftest.beam conftest.$ac_ext
-fi
-
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for /proc/pid/fd directory" >&5
-$as_echo_n "checking for /proc/pid/fd directory... " >&6; }
-if test -d "/proc/$$/fd" ; then
-
-$as_echo "#define HAVE_PROC_PID 1" >>confdefs.h
-
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-else
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-fi
-
-# Check whether user wants S/Key support
-SKEY_MSG="no"
-
-# Check whether --with-skey was given.
-if test "${with_skey+set}" = set; then :
-  withval=$with_skey;
-		if test "x$withval" != "xno" ; then
-
-			if test "x$withval" != "xyes" ; then
-				CPPFLAGS="$CPPFLAGS -I${withval}/include"
-				LDFLAGS="$LDFLAGS -L${withval}/lib"
-			fi
-
-
-$as_echo "#define SKEY 1" >>confdefs.h
-
-			LIBS="-lskey $LIBS"
-			SKEY_MSG="yes"
-
-			{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for s/key support" >&5
-$as_echo_n "checking for s/key support... " >&6; }
-			cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-#include <stdio.h>
-#include <skey.h>
-
-int
-main ()
-{
-
-	char *ff = skey_keyinfo(""); ff="";
-	exit(0);
-
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-else
-
-					{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-					as_fn_error $? "** Incomplete or missing s/key libraries." "$LINENO" 5
-
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext conftest.$ac_ext
-                 	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if skeychallenge takes 4 arguments" >&5
-$as_echo_n "checking if skeychallenge takes 4 arguments... " >&6; }
-			cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-#include <stdio.h>
-#include <skey.h>
-
-int
-main ()
-{
-
-	(void)skeychallenge(NULL,"name","",0);
-
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-
-				{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-
-$as_echo "#define SKEYCHALLENGE_4ARG 1" >>confdefs.h
-
-else
-
-				{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-		fi
-
-
-fi
-
-
-# Check whether user wants TCP wrappers support
-TCPW_MSG="no"
-
-# Check whether --with-tcp-wrappers was given.
-if test "${with_tcp_wrappers+set}" = set; then :
-  withval=$with_tcp_wrappers;
-		if test "x$withval" != "xno" ; then
-			saved_LIBS="$LIBS"
-			saved_LDFLAGS="$LDFLAGS"
-			saved_CPPFLAGS="$CPPFLAGS"
-			if test -n "${withval}" && \
-			    test "x${withval}" != "xyes"; then
-				if test -d "${withval}/lib"; then
-					if test -n "${need_dash_r}"; then
-						LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
-					else
-						LDFLAGS="-L${withval}/lib ${LDFLAGS}"
-					fi
-				else
-					if test -n "${need_dash_r}"; then
-						LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
-					else
-						LDFLAGS="-L${withval} ${LDFLAGS}"
-					fi
-				fi
-				if test -d "${withval}/include"; then
-					CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
-				else
-					CPPFLAGS="-I${withval} ${CPPFLAGS}"
-				fi
-			fi
-			LIBS="-lwrap $LIBS"
-			{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for libwrap" >&5
-$as_echo_n "checking for libwrap... " >&6; }
-			cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-#include <sys/types.h>
-#include <sys/socket.h>
-#include <netinet/in.h>
-#include <tcpd.h>
-int deny_severity = 0, allow_severity = 0;
-
-int
-main ()
-{
-
-	hosts_access(0);
-
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
-
-					{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-
-$as_echo "#define LIBWRAP 1" >>confdefs.h
-
-					SSHDLIBS="$SSHDLIBS -lwrap"
-					TCPW_MSG="yes"
-
-else
-
-					as_fn_error $? "*** libwrap missing" "$LINENO" 5
-
-
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext conftest.$ac_ext
-			LIBS="$saved_LIBS"
-		fi
-
-
-fi
-
-
-# Check whether user wants to use ldns
-LDNS_MSG="no"
-
-# Check whether --with-ldns was given.
-if test "${with_ldns+set}" = set; then :
-  withval=$with_ldns;
-        if test "x$withval" != "xno" ; then
-
-			if test "x$withval" != "xyes" ; then
-				CPPFLAGS="$CPPFLAGS -I${withval}/include"
-				LDFLAGS="$LDFLAGS -L${withval}/lib"
-			fi
-
-
-$as_echo "#define HAVE_LDNS 1" >>confdefs.h
-
-            LIBS="-lldns $LIBS"
-            LDNS_MSG="yes"
-
-            { $as_echo "$as_me:${as_lineno-$LINENO}: checking for ldns support" >&5
-$as_echo_n "checking for ldns support... " >&6; }
-            cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <stdint.h>
-#include <ldns/ldns.h>
-int main() { ldns_status status = ldns_verify_trusted(NULL, NULL, NULL, NULL); status=LDNS_STATUS_OK; exit(0); }
-
-
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-else
-
-					{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-					as_fn_error $? "** Incomplete or missing ldns libraries." "$LINENO" 5
-
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext conftest.$ac_ext
-        fi
-
-
-fi
-
-
-# Check whether user wants libedit support
-LIBEDIT_MSG="no"
-
-# Check whether --with-libedit was given.
-if test "${with_libedit+set}" = set; then :
-  withval=$with_libedit;  if test "x$withval" != "xno" ; then
-		if test "x$withval" = "xyes" ; then
-			if test -n "$ac_tool_prefix"; then
-  # Extract the first word of "${ac_tool_prefix}pkg-config", so it can be a program name with args.
-set dummy ${ac_tool_prefix}pkg-config; ac_word=$2
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
-$as_echo_n "checking for $ac_word... " >&6; }
-if ${ac_cv_path_PKGCONFIG+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  case $PKGCONFIG in
-  [\\/]* | ?:[\\/]*)
-  ac_cv_path_PKGCONFIG="$PKGCONFIG" # Let the user override the test with a path.
-  ;;
-  *)
-  as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH
-do
-  IFS=$as_save_IFS
-  test -z "$as_dir" && as_dir=.
-    for ac_exec_ext in '' $ac_executable_extensions; do
-  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
-    ac_cv_path_PKGCONFIG="$as_dir/$ac_word$ac_exec_ext"
-    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
-    break 2
-  fi
-done
-  done
-IFS=$as_save_IFS
-
-  ;;
-esac
-fi
-PKGCONFIG=$ac_cv_path_PKGCONFIG
-if test -n "$PKGCONFIG"; then
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $PKGCONFIG" >&5
-$as_echo "$PKGCONFIG" >&6; }
-else
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-fi
-
-
-fi
-if test -z "$ac_cv_path_PKGCONFIG"; then
-  ac_pt_PKGCONFIG=$PKGCONFIG
-  # Extract the first word of "pkg-config", so it can be a program name with args.
-set dummy pkg-config; ac_word=$2
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
-$as_echo_n "checking for $ac_word... " >&6; }
-if ${ac_cv_path_ac_pt_PKGCONFIG+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  case $ac_pt_PKGCONFIG in
-  [\\/]* | ?:[\\/]*)
-  ac_cv_path_ac_pt_PKGCONFIG="$ac_pt_PKGCONFIG" # Let the user override the test with a path.
-  ;;
-  *)
-  as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH
-do
-  IFS=$as_save_IFS
-  test -z "$as_dir" && as_dir=.
-    for ac_exec_ext in '' $ac_executable_extensions; do
-  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
-    ac_cv_path_ac_pt_PKGCONFIG="$as_dir/$ac_word$ac_exec_ext"
-    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
-    break 2
-  fi
-done
-  done
-IFS=$as_save_IFS
-
-  ;;
-esac
-fi
-ac_pt_PKGCONFIG=$ac_cv_path_ac_pt_PKGCONFIG
-if test -n "$ac_pt_PKGCONFIG"; then
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_pt_PKGCONFIG" >&5
-$as_echo "$ac_pt_PKGCONFIG" >&6; }
-else
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-fi
-
-  if test "x$ac_pt_PKGCONFIG" = x; then
-    PKGCONFIG="no"
-  else
-    case $cross_compiling:$ac_tool_warned in
-yes:)
-{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5
-$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;}
-ac_tool_warned=yes ;;
-esac
-    PKGCONFIG=$ac_pt_PKGCONFIG
-  fi
-else
-  PKGCONFIG="$ac_cv_path_PKGCONFIG"
-fi
-
-			if test "x$PKGCONFIG" != "xno"; then
-				{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if $PKGCONFIG knows about libedit" >&5
-$as_echo_n "checking if $PKGCONFIG knows about libedit... " >&6; }
-			 	if "$PKGCONFIG" libedit; then
-					{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-					use_pkgconfig_for_libedit=yes
-				else
-					{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-				fi
-			fi
-		else
-			CPPFLAGS="$CPPFLAGS -I${withval}/include"
-			if test -n "${need_dash_r}"; then
-				LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
-			else
-				LDFLAGS="-L${withval}/lib ${LDFLAGS}"
-			fi
-		fi
-		if test "x$use_pkgconfig_for_libedit" = "xyes"; then
-			LIBEDIT=`$PKGCONFIG --libs libedit`
-			CPPFLAGS="$CPPFLAGS `$PKGCONFIG --cflags libedit`"
-		else
-			LIBEDIT="-ledit -lcurses"
-		fi
-		OTHERLIBS=`echo $LIBEDIT | sed 's/-ledit//'`
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for el_init in -ledit" >&5
-$as_echo_n "checking for el_init in -ledit... " >&6; }
-if ${ac_cv_lib_edit_el_init+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_check_lib_save_LIBS=$LIBS
-LIBS="-ledit  $OTHERLIBS
-		 $LIBS"
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char el_init ();
-int
-main ()
-{
-return el_init ();
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
-  ac_cv_lib_edit_el_init=yes
-else
-  ac_cv_lib_edit_el_init=no
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext conftest.$ac_ext
-LIBS=$ac_check_lib_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_edit_el_init" >&5
-$as_echo "$ac_cv_lib_edit_el_init" >&6; }
-if test "x$ac_cv_lib_edit_el_init" = xyes; then :
-
-$as_echo "#define USE_LIBEDIT 1" >>confdefs.h
-
-			  LIBEDIT_MSG="yes"
-
-
-else
-   as_fn_error $? "libedit not found" "$LINENO" 5
-fi
-
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if libedit version is compatible" >&5
-$as_echo_n "checking if libedit version is compatible... " >&6; }
-		cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
- #include <histedit.h>
-int
-main ()
-{
-
-	int i = H_SETSIZE;
-	el_init("", NULL, NULL, NULL);
-	exit(0);
-
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-   { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-else
-   { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-		      as_fn_error $? "libedit version is not compatible" "$LINENO" 5
-
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-	fi
-
-fi
-
-
-AUDIT_MODULE=none
-
-# Check whether --with-audit was given.
-if test "${with_audit+set}" = set; then :
-  withval=$with_audit;
-	  { $as_echo "$as_me:${as_lineno-$LINENO}: checking for supported audit module" >&5
-$as_echo_n "checking for supported audit module... " >&6; }
-	  case "$withval" in
-	  bsm)
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: bsm" >&5
-$as_echo "bsm" >&6; }
-		AUDIT_MODULE=bsm
-				for ac_header in bsm/audit.h
-do :
-  ac_fn_c_check_header_compile "$LINENO" "bsm/audit.h" "ac_cv_header_bsm_audit_h" "
-#ifdef HAVE_TIME_H
-# include <time.h>
-#endif
-
-
-"
-if test "x$ac_cv_header_bsm_audit_h" = xyes; then :
-  cat >>confdefs.h <<_ACEOF
-#define HAVE_BSM_AUDIT_H 1
-_ACEOF
-
-else
-  as_fn_error $? "BSM enabled and bsm/audit.h not found" "$LINENO" 5
-fi
-
-done
-
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for getaudit in -lbsm" >&5
-$as_echo_n "checking for getaudit in -lbsm... " >&6; }
-if ${ac_cv_lib_bsm_getaudit+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_check_lib_save_LIBS=$LIBS
-LIBS="-lbsm  $LIBS"
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char getaudit ();
-int
-main ()
-{
-return getaudit ();
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
-  ac_cv_lib_bsm_getaudit=yes
-else
-  ac_cv_lib_bsm_getaudit=no
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext conftest.$ac_ext
-LIBS=$ac_check_lib_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_bsm_getaudit" >&5
-$as_echo "$ac_cv_lib_bsm_getaudit" >&6; }
-if test "x$ac_cv_lib_bsm_getaudit" = xyes; then :
-  cat >>confdefs.h <<_ACEOF
-#define HAVE_LIBBSM 1
-_ACEOF
-
-  LIBS="-lbsm $LIBS"
-
-else
-  as_fn_error $? "BSM enabled and required library not found" "$LINENO" 5
-fi
-
-		for ac_func in getaudit
-do :
-  ac_fn_c_check_func "$LINENO" "getaudit" "ac_cv_func_getaudit"
-if test "x$ac_cv_func_getaudit" = xyes; then :
-  cat >>confdefs.h <<_ACEOF
-#define HAVE_GETAUDIT 1
-_ACEOF
-
-else
-  as_fn_error $? "BSM enabled and required function not found" "$LINENO" 5
-fi
-done
-
-		# These are optional
-		for ac_func in getaudit_addr aug_get_machine
-do :
-  as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh`
-ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var"
-if eval test \"x\$"$as_ac_var"\" = x"yes"; then :
-  cat >>confdefs.h <<_ACEOF
-#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1
-_ACEOF
-
-fi
-done
-
-
-$as_echo "#define USE_BSM_AUDIT 1" >>confdefs.h
-
-		if test "$sol2ver" -ge 11; then
-		   	SSHDLIBS="$SSHDLIBS -lscf"
-
-$as_echo "#define BROKEN_BSM_API 1" >>confdefs.h
-
-		fi
-		;;
-	  linux)
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: linux" >&5
-$as_echo "linux" >&6; }
-		AUDIT_MODULE=linux
-				for ac_header in libaudit.h
-do :
-  ac_fn_c_check_header_mongrel "$LINENO" "libaudit.h" "ac_cv_header_libaudit_h" "$ac_includes_default"
-if test "x$ac_cv_header_libaudit_h" = xyes; then :
-  cat >>confdefs.h <<_ACEOF
-#define HAVE_LIBAUDIT_H 1
-_ACEOF
-
-fi
-
-done
-
-		SSHDLIBS="$SSHDLIBS -laudit"
-
-$as_echo "#define USE_LINUX_AUDIT 1" >>confdefs.h
-
-		;;
-	  debug)
-		AUDIT_MODULE=debug
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: debug" >&5
-$as_echo "debug" >&6; }
-
-$as_echo "#define SSH_AUDIT_EVENTS 1" >>confdefs.h
-
-		;;
-	  no)
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-		;;
-	  *)
-		as_fn_error $? "Unknown audit module $withval" "$LINENO" 5
-		;;
-	esac
-
-fi
-
-
-
-# Check whether --with-pie was given.
-if test "${with_pie+set}" = set; then :
-  withval=$with_pie;
-	if test "x$withval" = "xno"; then
-		use_pie=no
-	fi
-	if test "x$withval" = "xyes"; then
-		use_pie=yes
-	fi
-
-
-fi
-
-if test "x$use_pie" = "x"; then
-	use_pie=no
-fi
-if test "x$use_toolchain_hardening" != "x1" && test "x$use_pie" = "xauto"; then
-	# Turn off automatic PIE when toolchain hardening is off.
-	use_pie=no
-fi
-if test "x$use_pie" = "xauto"; then
-	# Automatic PIE requires gcc >= 4.x
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for gcc >= 4.x" >&5
-$as_echo_n "checking for gcc >= 4.x... " >&6; }
-	cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-#if !defined(__GNUC__) || __GNUC__ < 4
-#error gcc is too old
-#endif
-
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-   { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-else
-   { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-	  use_pie=no
-
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-fi
-if test "x$use_pie" != "xno"; then
-	SAVED_CFLAGS="$CFLAGS"
-	SAVED_LDFLAGS="$LDFLAGS"
-	{
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if $CC supports compile flag -fPIE" >&5
-$as_echo_n "checking if $CC supports compile flag -fPIE... " >&6; }
-	saved_CFLAGS="$CFLAGS"
-	CFLAGS="$CFLAGS $WERROR -fPIE"
-	_define_flag=""
-	test "x$_define_flag" = "x" && _define_flag="-fPIE"
-	cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-#include <stdlib.h>
-#include <stdio.h>
-int main(int argc, char **argv) {
-	/* Some math to catch -ftrapv problems in the toolchain */
-	int i = 123 * argc, j = 456 + argc, k = 789 - argc;
-	float l = i * 2.1;
-	double m = l / 0.5;
-	long long int n = argc * 12345LL, o = 12345LL * (long long int)argc;
-	printf("%d %d %d %f %f %lld %lld\n", i, j, k, l, m, n, o);
-	exit(0);
-}
-
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-
-if `grep -i "unrecognized option" conftest.err >/dev/null`
-then
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-		CFLAGS="$saved_CFLAGS"
-else
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-		 CFLAGS="$saved_CFLAGS $_define_flag"
-fi
-else
-   { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-		  CFLAGS="$saved_CFLAGS"
-
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-}
-	{
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if $LD supports link flag -pie" >&5
-$as_echo_n "checking if $LD supports link flag -pie... " >&6; }
-	saved_LDFLAGS="$LDFLAGS"
-	LDFLAGS="$LDFLAGS $WERROR -pie"
-	_define_flag=""
-	test "x$_define_flag" = "x" && _define_flag="-pie"
-	cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-#include <stdlib.h>
-#include <stdio.h>
-int main(int argc, char **argv) {
-	/* Some math to catch -ftrapv problems in the toolchain */
-	int i = 123 * argc, j = 456 + argc, k = 789 - argc;
-	float l = i * 2.1;
-	double m = l / 0.5;
-	long long int n = argc * 12345LL, o = 12345LL * (long long int)argc;
-	printf("%d %d %d %f %f %lld %lld\n", i, j, k, l, m, n, o);
-	exit(0);
-}
-
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
-   { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-		  LDFLAGS="$saved_LDFLAGS $_define_flag"
-else
-   { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-		  LDFLAGS="$saved_LDFLAGS"
-
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext conftest.$ac_ext
-}
-	# We use both -fPIE and -pie or neither.
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether both -fPIE and -pie are supported" >&5
-$as_echo_n "checking whether both -fPIE and -pie are supported... " >&6; }
-	if echo "x $CFLAGS"  | grep ' -fPIE' >/dev/null 2>&1 && \
-	   echo "x $LDFLAGS" | grep ' -pie'  >/dev/null 2>&1 ; then
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-	else
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-		CFLAGS="$SAVED_CFLAGS"
-		LDFLAGS="$SAVED_LDFLAGS"
-	fi
-fi
-
-for ac_func in  \
-	Blowfish_initstate \
-	Blowfish_expandstate \
-	Blowfish_expand0state \
-	Blowfish_stream2word \
-	asprintf \
-	b64_ntop \
-	__b64_ntop \
-	b64_pton \
-	__b64_pton \
-	bcopy \
-	bcrypt_pbkdf \
-	bindresvport_sa \
-	blf_enc \
-	cap_rights_limit \
-	clock \
-	closefrom \
-	dirfd \
-	endgrent \
-	explicit_bzero \
-	fchmod \
-	fchown \
-	freeaddrinfo \
-	fstatfs \
-	fstatvfs \
-	futimes \
-	getaddrinfo \
-	getcwd \
-	getgrouplist \
-	getnameinfo \
-	getopt \
-	getpeereid \
-	getpeerucred \
-	getpgid \
-	getpgrp \
-	_getpty \
-	getrlimit \
-	getttyent \
-	glob \
-	group_from_gid \
-	inet_aton \
-	inet_ntoa \
-	inet_ntop \
-	innetgr \
-	login_getcapbool \
-	mblen \
-	md5_crypt \
-	memmove \
-	memset_s \
-	mkdtemp \
-	mmap \
-	ngetaddrinfo \
-	nsleep \
-	ogetaddrinfo \
-	openlog_r \
-	poll \
-	prctl \
-	pstat \
-	readpassphrase \
-	reallocarray \
-	realpath \
-	recvmsg \
-	rresvport_af \
-	sendmsg \
-	setdtablesize \
-	setegid \
-	setenv \
-	seteuid \
-	setgroupent \
-	setgroups \
-	setlinebuf \
-	setlogin \
-	setpassent\
-	setpcred \
-	setproctitle \
-	setregid \
-	setreuid \
-	setrlimit \
-	setsid \
-	setvbuf \
-	sigaction \
-	sigvec \
-	snprintf \
-	socketpair \
-	statfs \
-	statvfs \
-	strdup \
-	strerror \
-	strlcat \
-	strlcpy \
-	strmode \
-	strnlen \
-	strnvis \
-	strptime \
-	strtonum \
-	strtoll \
-	strtoul \
-	strtoull \
-	swap32 \
-	sysconf \
-	tcgetpgrp \
-	timingsafe_bcmp \
-	truncate \
-	unsetenv \
-	updwtmpx \
-	user_from_uid \
-	usleep \
-	vasprintf \
-	vsnprintf \
-	waitpid \
-
-do :
-  as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh`
-ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var"
-if eval test \"x\$"$as_ac_var"\" = x"yes"; then :
-  cat >>confdefs.h <<_ACEOF
-#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1
-_ACEOF
-
-fi
-done
-
-
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
- #include <ctype.h>
-int
-main ()
-{
- return (isblank('a'));
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
-
-$as_echo "#define HAVE_ISBLANK 1" >>confdefs.h
-
-
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext conftest.$ac_ext
-
-# PKCS11 depends on OpenSSL.
-if test "x$openssl" = "xyes" ; then
-	# PKCS#11 support requires dlopen() and co
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing dlopen" >&5
-$as_echo_n "checking for library containing dlopen... " >&6; }
-if ${ac_cv_search_dlopen+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_func_search_save_LIBS=$LIBS
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char dlopen ();
-int
-main ()
-{
-return dlopen ();
-  ;
-  return 0;
-}
-_ACEOF
-for ac_lib in '' dl; do
-  if test -z "$ac_lib"; then
-    ac_res="none required"
-  else
-    ac_res=-l$ac_lib
-    LIBS="-l$ac_lib  $ac_func_search_save_LIBS"
-  fi
-  if ac_fn_c_try_link "$LINENO"; then :
-  ac_cv_search_dlopen=$ac_res
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext
-  if ${ac_cv_search_dlopen+:} false; then :
-  break
-fi
-done
-if ${ac_cv_search_dlopen+:} false; then :
-
-else
-  ac_cv_search_dlopen=no
-fi
-rm conftest.$ac_ext
-LIBS=$ac_func_search_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_dlopen" >&5
-$as_echo "$ac_cv_search_dlopen" >&6; }
-ac_res=$ac_cv_search_dlopen
-if test "$ac_res" != no; then :
-  test "$ac_res" = "none required" || LIBS="$ac_res $LIBS"
-
-$as_echo "#define ENABLE_PKCS11 /**/" >>confdefs.h
-
-
-fi
-
-fi
-
-# IRIX has a const char return value for gai_strerror()
-for ac_func in gai_strerror
-do :
-  ac_fn_c_check_func "$LINENO" "gai_strerror" "ac_cv_func_gai_strerror"
-if test "x$ac_cv_func_gai_strerror" = xyes; then :
-  cat >>confdefs.h <<_ACEOF
-#define HAVE_GAI_STRERROR 1
-_ACEOF
-
-	$as_echo "#define HAVE_GAI_STRERROR 1" >>confdefs.h
-
-	cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-#include <sys/types.h>
-#include <sys/socket.h>
-#include <netdb.h>
-
-const char *gai_strerror(int);
-
-int
-main ()
-{
-
-	char *str;
-	str = gai_strerror(0);
-
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-
-
-$as_echo "#define HAVE_CONST_GAI_STRERROR_PROTO 1" >>confdefs.h
-
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-fi
-done
-
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing nanosleep" >&5
-$as_echo_n "checking for library containing nanosleep... " >&6; }
-if ${ac_cv_search_nanosleep+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_func_search_save_LIBS=$LIBS
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char nanosleep ();
-int
-main ()
-{
-return nanosleep ();
-  ;
-  return 0;
-}
-_ACEOF
-for ac_lib in '' rt posix4; do
-  if test -z "$ac_lib"; then
-    ac_res="none required"
-  else
-    ac_res=-l$ac_lib
-    LIBS="-l$ac_lib  $ac_func_search_save_LIBS"
-  fi
-  if ac_fn_c_try_link "$LINENO"; then :
-  ac_cv_search_nanosleep=$ac_res
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext
-  if ${ac_cv_search_nanosleep+:} false; then :
-  break
-fi
-done
-if ${ac_cv_search_nanosleep+:} false; then :
-
-else
-  ac_cv_search_nanosleep=no
-fi
-rm conftest.$ac_ext
-LIBS=$ac_func_search_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_nanosleep" >&5
-$as_echo "$ac_cv_search_nanosleep" >&6; }
-ac_res=$ac_cv_search_nanosleep
-if test "$ac_res" != no; then :
-  test "$ac_res" = "none required" || LIBS="$ac_res $LIBS"
-
-$as_echo "#define HAVE_NANOSLEEP 1" >>confdefs.h
-
-fi
-
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing clock_gettime" >&5
-$as_echo_n "checking for library containing clock_gettime... " >&6; }
-if ${ac_cv_search_clock_gettime+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_func_search_save_LIBS=$LIBS
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char clock_gettime ();
-int
-main ()
-{
-return clock_gettime ();
-  ;
-  return 0;
-}
-_ACEOF
-for ac_lib in '' rt; do
-  if test -z "$ac_lib"; then
-    ac_res="none required"
-  else
-    ac_res=-l$ac_lib
-    LIBS="-l$ac_lib  $ac_func_search_save_LIBS"
-  fi
-  if ac_fn_c_try_link "$LINENO"; then :
-  ac_cv_search_clock_gettime=$ac_res
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext
-  if ${ac_cv_search_clock_gettime+:} false; then :
-  break
-fi
-done
-if ${ac_cv_search_clock_gettime+:} false; then :
-
-else
-  ac_cv_search_clock_gettime=no
-fi
-rm conftest.$ac_ext
-LIBS=$ac_func_search_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_clock_gettime" >&5
-$as_echo "$ac_cv_search_clock_gettime" >&6; }
-ac_res=$ac_cv_search_clock_gettime
-if test "$ac_res" != no; then :
-  test "$ac_res" = "none required" || LIBS="$ac_res $LIBS"
-
-$as_echo "#define HAVE_CLOCK_GETTIME 1" >>confdefs.h
-
-fi
-
-
-ac_fn_c_check_decl "$LINENO" "getrusage" "ac_cv_have_decl_getrusage" "$ac_includes_default"
-if test "x$ac_cv_have_decl_getrusage" = xyes; then :
-  for ac_func in getrusage
-do :
-  ac_fn_c_check_func "$LINENO" "getrusage" "ac_cv_func_getrusage"
-if test "x$ac_cv_func_getrusage" = xyes; then :
-  cat >>confdefs.h <<_ACEOF
-#define HAVE_GETRUSAGE 1
-_ACEOF
-
-fi
-done
-
-fi
-
-ac_fn_c_check_decl "$LINENO" "strsep" "ac_cv_have_decl_strsep" "
-#ifdef HAVE_STRING_H
-# include <string.h>
-#endif
-
-"
-if test "x$ac_cv_have_decl_strsep" = xyes; then :
-  for ac_func in strsep
-do :
-  ac_fn_c_check_func "$LINENO" "strsep" "ac_cv_func_strsep"
-if test "x$ac_cv_func_strsep" = xyes; then :
-  cat >>confdefs.h <<_ACEOF
-#define HAVE_STRSEP 1
-_ACEOF
-
-fi
-done
-
-fi
-
-
-ac_fn_c_check_decl "$LINENO" "tcsendbreak" "ac_cv_have_decl_tcsendbreak" "#include <termios.h>
-
-"
-if test "x$ac_cv_have_decl_tcsendbreak" = xyes; then :
-  $as_echo "#define HAVE_TCSENDBREAK 1" >>confdefs.h
-
-else
-  for ac_func in tcsendbreak
-do :
-  ac_fn_c_check_func "$LINENO" "tcsendbreak" "ac_cv_func_tcsendbreak"
-if test "x$ac_cv_func_tcsendbreak" = xyes; then :
-  cat >>confdefs.h <<_ACEOF
-#define HAVE_TCSENDBREAK 1
-_ACEOF
-
-fi
-done
-
-fi
-
-
-ac_fn_c_check_decl "$LINENO" "h_errno" "ac_cv_have_decl_h_errno" "#include <netdb.h>
-"
-if test "x$ac_cv_have_decl_h_errno" = xyes; then :
-  ac_have_decl=1
-else
-  ac_have_decl=0
-fi
-
-cat >>confdefs.h <<_ACEOF
-#define HAVE_DECL_H_ERRNO $ac_have_decl
-_ACEOF
-
-
-ac_fn_c_check_decl "$LINENO" "SHUT_RD" "ac_cv_have_decl_SHUT_RD" "
-#include <sys/types.h>
-#include <sys/socket.h>
-
-"
-if test "x$ac_cv_have_decl_SHUT_RD" = xyes; then :
-  ac_have_decl=1
-else
-  ac_have_decl=0
-fi
-
-cat >>confdefs.h <<_ACEOF
-#define HAVE_DECL_SHUT_RD $ac_have_decl
-_ACEOF
-
-
-ac_fn_c_check_decl "$LINENO" "O_NONBLOCK" "ac_cv_have_decl_O_NONBLOCK" "
-#include <sys/types.h>
-#ifdef HAVE_SYS_STAT_H
-# include <sys/stat.h>
-#endif
-#ifdef HAVE_FCNTL_H
-# include <fcntl.h>
-#endif
-
-"
-if test "x$ac_cv_have_decl_O_NONBLOCK" = xyes; then :
-  ac_have_decl=1
-else
-  ac_have_decl=0
-fi
-
-cat >>confdefs.h <<_ACEOF
-#define HAVE_DECL_O_NONBLOCK $ac_have_decl
-_ACEOF
-
-
-ac_fn_c_check_decl "$LINENO" "writev" "ac_cv_have_decl_writev" "
-#include <sys/types.h>
-#include <sys/uio.h>
-#include <unistd.h>
-
-"
-if test "x$ac_cv_have_decl_writev" = xyes; then :
-  ac_have_decl=1
-else
-  ac_have_decl=0
-fi
-
-cat >>confdefs.h <<_ACEOF
-#define HAVE_DECL_WRITEV $ac_have_decl
-_ACEOF
-
-
-ac_fn_c_check_decl "$LINENO" "MAXSYMLINKS" "ac_cv_have_decl_MAXSYMLINKS" "
-#include <sys/param.h>
-
-"
-if test "x$ac_cv_have_decl_MAXSYMLINKS" = xyes; then :
-  ac_have_decl=1
-else
-  ac_have_decl=0
-fi
-
-cat >>confdefs.h <<_ACEOF
-#define HAVE_DECL_MAXSYMLINKS $ac_have_decl
-_ACEOF
-
-
-ac_fn_c_check_decl "$LINENO" "offsetof" "ac_cv_have_decl_offsetof" "
-#include <stddef.h>
-
-"
-if test "x$ac_cv_have_decl_offsetof" = xyes; then :
-  ac_have_decl=1
-else
-  ac_have_decl=0
-fi
-
-cat >>confdefs.h <<_ACEOF
-#define HAVE_DECL_OFFSETOF $ac_have_decl
-_ACEOF
-
-
-# extra bits for select(2)
-ac_fn_c_check_decl "$LINENO" "howmany" "ac_cv_have_decl_howmany" "
-#include <sys/param.h>
-#include <sys/types.h>
-#ifdef HAVE_SYS_SYSMACROS_H
-#include <sys/sysmacros.h>
-#endif
-#ifdef HAVE_SYS_SELECT_H
-#include <sys/select.h>
-#endif
-#ifdef HAVE_SYS_TIME_H
-#include <sys/time.h>
-#endif
-#ifdef HAVE_UNISTD_H
-#include <unistd.h>
-#endif
-
-"
-if test "x$ac_cv_have_decl_howmany" = xyes; then :
-  ac_have_decl=1
-else
-  ac_have_decl=0
-fi
-
-cat >>confdefs.h <<_ACEOF
-#define HAVE_DECL_HOWMANY $ac_have_decl
-_ACEOF
-ac_fn_c_check_decl "$LINENO" "NFDBITS" "ac_cv_have_decl_NFDBITS" "
-#include <sys/param.h>
-#include <sys/types.h>
-#ifdef HAVE_SYS_SYSMACROS_H
-#include <sys/sysmacros.h>
-#endif
-#ifdef HAVE_SYS_SELECT_H
-#include <sys/select.h>
-#endif
-#ifdef HAVE_SYS_TIME_H
-#include <sys/time.h>
-#endif
-#ifdef HAVE_UNISTD_H
-#include <unistd.h>
-#endif
-
-"
-if test "x$ac_cv_have_decl_NFDBITS" = xyes; then :
-  ac_have_decl=1
-else
-  ac_have_decl=0
-fi
-
-cat >>confdefs.h <<_ACEOF
-#define HAVE_DECL_NFDBITS $ac_have_decl
-_ACEOF
-
-ac_fn_c_check_type "$LINENO" "fd_mask" "ac_cv_type_fd_mask" "
-#include <sys/param.h>
-#include <sys/types.h>
-#ifdef HAVE_SYS_SELECT_H
-#include <sys/select.h>
-#endif
-#ifdef HAVE_SYS_TIME_H
-#include <sys/time.h>
-#endif
-#ifdef HAVE_UNISTD_H
-#include <unistd.h>
-#endif
-
-"
-if test "x$ac_cv_type_fd_mask" = xyes; then :
-
-cat >>confdefs.h <<_ACEOF
-#define HAVE_FD_MASK 1
-_ACEOF
-
-
-fi
-
-
-for ac_func in setresuid
-do :
-  ac_fn_c_check_func "$LINENO" "setresuid" "ac_cv_func_setresuid"
-if test "x$ac_cv_func_setresuid" = xyes; then :
-  cat >>confdefs.h <<_ACEOF
-#define HAVE_SETRESUID 1
-_ACEOF
-
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if setresuid seems to work" >&5
-$as_echo_n "checking if setresuid seems to work... " >&6; }
-	if test "$cross_compiling" = yes; then :
-  { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cross compiling: not checking setresuid" >&5
-$as_echo "$as_me: WARNING: cross compiling: not checking setresuid" >&2;}
-
-else
-  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-#include <stdlib.h>
-#include <errno.h>
-
-int
-main ()
-{
-
-	errno=0;
-	setresuid(0,0,0);
-	if (errno==ENOSYS)
-		exit(1);
-	else
-		exit(0);
-
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_run "$LINENO"; then :
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-else
-
-$as_echo "#define BROKEN_SETRESUID 1" >>confdefs.h
-
-		 { $as_echo "$as_me:${as_lineno-$LINENO}: result: not implemented" >&5
-$as_echo "not implemented" >&6; }
-fi
-rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \
-  conftest.$ac_objext conftest.beam conftest.$ac_ext
-fi
-
-
-fi
-done
-
-
-for ac_func in setresgid
-do :
-  ac_fn_c_check_func "$LINENO" "setresgid" "ac_cv_func_setresgid"
-if test "x$ac_cv_func_setresgid" = xyes; then :
-  cat >>confdefs.h <<_ACEOF
-#define HAVE_SETRESGID 1
-_ACEOF
-
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if setresgid seems to work" >&5
-$as_echo_n "checking if setresgid seems to work... " >&6; }
-	if test "$cross_compiling" = yes; then :
-  { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cross compiling: not checking setresuid" >&5
-$as_echo "$as_me: WARNING: cross compiling: not checking setresuid" >&2;}
-
-else
-  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-#include <stdlib.h>
-#include <errno.h>
-
-int
-main ()
-{
-
-	errno=0;
-	setresgid(0,0,0);
-	if (errno==ENOSYS)
-		exit(1);
-	else
-		exit(0);
-
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_run "$LINENO"; then :
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-else
-
-$as_echo "#define BROKEN_SETRESGID 1" >>confdefs.h
-
-		 { $as_echo "$as_me:${as_lineno-$LINENO}: result: not implemented" >&5
-$as_echo "not implemented" >&6; }
-fi
-rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \
-  conftest.$ac_objext conftest.beam conftest.$ac_ext
-fi
-
-
-fi
-done
-
-
-for ac_func in gettimeofday time
-do :
-  as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh`
-ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var"
-if eval test \"x\$"$as_ac_var"\" = x"yes"; then :
-  cat >>confdefs.h <<_ACEOF
-#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1
-_ACEOF
-
-fi
-done
-
-for ac_func in endutent getutent getutid getutline pututline setutent
-do :
-  as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh`
-ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var"
-if eval test \"x\$"$as_ac_var"\" = x"yes"; then :
-  cat >>confdefs.h <<_ACEOF
-#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1
-_ACEOF
-
-fi
-done
-
-for ac_func in utmpname
-do :
-  ac_fn_c_check_func "$LINENO" "utmpname" "ac_cv_func_utmpname"
-if test "x$ac_cv_func_utmpname" = xyes; then :
-  cat >>confdefs.h <<_ACEOF
-#define HAVE_UTMPNAME 1
-_ACEOF
-
-fi
-done
-
-for ac_func in endutxent getutxent getutxid getutxline getutxuser pututxline
-do :
-  as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh`
-ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var"
-if eval test \"x\$"$as_ac_var"\" = x"yes"; then :
-  cat >>confdefs.h <<_ACEOF
-#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1
-_ACEOF
-
-fi
-done
-
-for ac_func in setutxdb setutxent utmpxname
-do :
-  as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh`
-ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var"
-if eval test \"x\$"$as_ac_var"\" = x"yes"; then :
-  cat >>confdefs.h <<_ACEOF
-#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1
-_ACEOF
-
-fi
-done
-
-for ac_func in getlastlogxbyname
-do :
-  ac_fn_c_check_func "$LINENO" "getlastlogxbyname" "ac_cv_func_getlastlogxbyname"
-if test "x$ac_cv_func_getlastlogxbyname" = xyes; then :
-  cat >>confdefs.h <<_ACEOF
-#define HAVE_GETLASTLOGXBYNAME 1
-_ACEOF
-
-fi
-done
-
-
-ac_fn_c_check_func "$LINENO" "daemon" "ac_cv_func_daemon"
-if test "x$ac_cv_func_daemon" = xyes; then :
-
-$as_echo "#define HAVE_DAEMON 1" >>confdefs.h
-
-else
-  { $as_echo "$as_me:${as_lineno-$LINENO}: checking for daemon in -lbsd" >&5
-$as_echo_n "checking for daemon in -lbsd... " >&6; }
-if ${ac_cv_lib_bsd_daemon+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_check_lib_save_LIBS=$LIBS
-LIBS="-lbsd  $LIBS"
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char daemon ();
-int
-main ()
-{
-return daemon ();
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
-  ac_cv_lib_bsd_daemon=yes
-else
-  ac_cv_lib_bsd_daemon=no
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext conftest.$ac_ext
-LIBS=$ac_check_lib_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_bsd_daemon" >&5
-$as_echo "$ac_cv_lib_bsd_daemon" >&6; }
-if test "x$ac_cv_lib_bsd_daemon" = xyes; then :
-  LIBS="$LIBS -lbsd"; $as_echo "#define HAVE_DAEMON 1" >>confdefs.h
-
-fi
-
-
-fi
-
-
-ac_fn_c_check_func "$LINENO" "getpagesize" "ac_cv_func_getpagesize"
-if test "x$ac_cv_func_getpagesize" = xyes; then :
-
-$as_echo "#define HAVE_GETPAGESIZE 1" >>confdefs.h
-
-else
-  { $as_echo "$as_me:${as_lineno-$LINENO}: checking for getpagesize in -lucb" >&5
-$as_echo_n "checking for getpagesize in -lucb... " >&6; }
-if ${ac_cv_lib_ucb_getpagesize+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_check_lib_save_LIBS=$LIBS
-LIBS="-lucb  $LIBS"
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char getpagesize ();
-int
-main ()
-{
-return getpagesize ();
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
-  ac_cv_lib_ucb_getpagesize=yes
-else
-  ac_cv_lib_ucb_getpagesize=no
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext conftest.$ac_ext
-LIBS=$ac_check_lib_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_ucb_getpagesize" >&5
-$as_echo "$ac_cv_lib_ucb_getpagesize" >&6; }
-if test "x$ac_cv_lib_ucb_getpagesize" = xyes; then :
-  LIBS="$LIBS -lucb"; $as_echo "#define HAVE_GETPAGESIZE 1" >>confdefs.h
-
-fi
-
-
-fi
-
-
-# Check for broken snprintf
-if test "x$ac_cv_func_snprintf" = "xyes" ; then
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether snprintf correctly terminates long strings" >&5
-$as_echo_n "checking whether snprintf correctly terminates long strings... " >&6; }
-	if test "$cross_compiling" = yes; then :
-   { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cross compiling: Assuming working snprintf()" >&5
-$as_echo "$as_me: WARNING: cross compiling: Assuming working snprintf()" >&2;}
-
-else
-  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
- #include <stdio.h>
-int
-main ()
-{
-
-	char b[5];
-	snprintf(b,5,"123456789");
-	exit(b[4]!='\0');
-
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_run "$LINENO"; then :
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-else
-
-			{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-
-$as_echo "#define BROKEN_SNPRINTF 1" >>confdefs.h
-
-			{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: ****** Your snprintf() function is broken, complain to your vendor" >&5
-$as_echo "$as_me: WARNING: ****** Your snprintf() function is broken, complain to your vendor" >&2;}
-
-fi
-rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \
-  conftest.$ac_objext conftest.beam conftest.$ac_ext
-fi
-
-fi
-
-# We depend on vsnprintf returning the right thing on overflow: the
-# number of characters it tried to create (as per SUSv3)
-if test "x$ac_cv_func_vsnprintf" = "xyes" ; then
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether vsnprintf returns correct values on overflow" >&5
-$as_echo_n "checking whether vsnprintf returns correct values on overflow... " >&6; }
-	if test "$cross_compiling" = yes; then :
-   { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cross compiling: Assuming working vsnprintf()" >&5
-$as_echo "$as_me: WARNING: cross compiling: Assuming working vsnprintf()" >&2;}
-
-else
-  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-#include <sys/types.h>
-#include <stdio.h>
-#include <stdarg.h>
-
-int x_snprintf(char *str, size_t count, const char *fmt, ...)
-{
-	size_t ret;
-	va_list ap;
-
-	va_start(ap, fmt);
-	ret = vsnprintf(str, count, fmt, ap);
-	va_end(ap);
-	return ret;
-}
-
-int
-main ()
-{
-
-char x[1];
-if (x_snprintf(x, 1, "%s %d", "hello", 12345) != 11)
-	return 1;
-if (x_snprintf(NULL, 0, "%s %d", "hello", 12345) != 11)
-	return 1;
-return 0;
-
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_run "$LINENO"; then :
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-else
-
-			{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-
-$as_echo "#define BROKEN_SNPRINTF 1" >>confdefs.h
-
-			{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: ****** Your vsnprintf() function is broken, complain to your vendor" >&5
-$as_echo "$as_me: WARNING: ****** Your vsnprintf() function is broken, complain to your vendor" >&2;}
-
-fi
-rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \
-  conftest.$ac_objext conftest.beam conftest.$ac_ext
-fi
-
-fi
-
-# On systems where [v]snprintf is broken, but is declared in stdio,
-# check that the fmt argument is const char * or just char *.
-# This is only useful for when BROKEN_SNPRINTF
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether snprintf can declare const char *fmt" >&5
-$as_echo_n "checking whether snprintf can declare const char *fmt... " >&6; }
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-#include <stdio.h>
-int snprintf(char *a, size_t b, const char *c, ...) { return 0; }
-
-int
-main ()
-{
-
-	snprintf(0, 0, 0);
-
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-
-$as_echo "#define SNPRINTF_CONST const" >>confdefs.h
-
-else
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-    $as_echo "#define SNPRINTF_CONST /* not const */" >>confdefs.h
-
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-
-# Check for missing getpeereid (or equiv) support
-NO_PEERCHECK=""
-if test "x$ac_cv_func_getpeereid" != "xyes" -a "x$ac_cv_func_getpeerucred" != "xyes"; then
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether system supports SO_PEERCRED getsockopt" >&5
-$as_echo_n "checking whether system supports SO_PEERCRED getsockopt... " >&6; }
-	cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-#include <sys/types.h>
-#include <sys/socket.h>
-int
-main ()
-{
-int i = SO_PEERCRED;
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-   { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-
-$as_echo "#define HAVE_SO_PEERCRED 1" >>confdefs.h
-
-
-else
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-		NO_PEERCHECK=1
-
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-fi
-
-if test "x$ac_cv_func_mkdtemp" = "xyes" ; then
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for (overly) strict mkstemp" >&5
-$as_echo_n "checking for (overly) strict mkstemp... " >&6; }
-if test "$cross_compiling" = yes; then :
-
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-		$as_echo "#define HAVE_STRICT_MKSTEMP 1" >>confdefs.h
-
-
-
-else
-  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-#include <stdlib.h>
-
-int
-main ()
-{
-
-	char template[]="conftest.mkstemp-test";
-	if (mkstemp(template) == -1)
-		exit(1);
-	unlink(template);
-	exit(0);
-
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_run "$LINENO"; then :
-
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-
-else
-
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-
-$as_echo "#define HAVE_STRICT_MKSTEMP 1" >>confdefs.h
-
-
-fi
-rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \
-  conftest.$ac_objext conftest.beam conftest.$ac_ext
-fi
-
-fi
-
-if test ! -z "$check_for_openpty_ctty_bug"; then
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if openpty correctly handles controlling tty" >&5
-$as_echo_n "checking if openpty correctly handles controlling tty... " >&6; }
-	if test "$cross_compiling" = yes; then :
-
-			{ $as_echo "$as_me:${as_lineno-$LINENO}: result: cross-compiling, assuming yes" >&5
-$as_echo "cross-compiling, assuming yes" >&6; }
-
-
-else
-  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-#include <stdio.h>
-#include <sys/fcntl.h>
-#include <sys/types.h>
-#include <sys/wait.h>
-
-int
-main ()
-{
-
-	pid_t pid;
-	int fd, ptyfd, ttyfd, status;
-
-	pid = fork();
-	if (pid < 0) {		/* failed */
-		exit(1);
-	} else if (pid > 0) {	/* parent */
-		waitpid(pid, &status, 0);
-		if (WIFEXITED(status))
-			exit(WEXITSTATUS(status));
-		else
-			exit(2);
-	} else {		/* child */
-		close(0); close(1); close(2);
-		setsid();
-		openpty(&ptyfd, &ttyfd, NULL, NULL, NULL);
-		fd = open("/dev/tty", O_RDWR | O_NOCTTY);
-		if (fd >= 0)
-			exit(3);	/* Acquired ctty: broken */
-		else
-			exit(0);	/* Did not acquire ctty: OK */
-	}
-
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_run "$LINENO"; then :
-
-			{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-
-else
-
-			{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-			$as_echo "#define SSHD_ACQUIRES_CTTY 1" >>confdefs.h
-
-
-fi
-rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \
-  conftest.$ac_objext conftest.beam conftest.$ac_ext
-fi
-
-fi
-
-if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
-    test "x$check_for_hpux_broken_getaddrinfo" = "x1"; then
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if getaddrinfo seems to work" >&5
-$as_echo_n "checking if getaddrinfo seems to work... " >&6; }
-	if test "$cross_compiling" = yes; then :
-
-			{ $as_echo "$as_me:${as_lineno-$LINENO}: result: cross-compiling, assuming yes" >&5
-$as_echo "cross-compiling, assuming yes" >&6; }
-
-
-else
-  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-#include <stdio.h>
-#include <sys/socket.h>
-#include <netdb.h>
-#include <errno.h>
-#include <netinet/in.h>
-
-#define TEST_PORT "2222"
-
-int
-main ()
-{
-
-	int err, sock;
-	struct addrinfo *gai_ai, *ai, hints;
-	char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
-
-	memset(&hints, 0, sizeof(hints));
-	hints.ai_family = PF_UNSPEC;
-	hints.ai_socktype = SOCK_STREAM;
-	hints.ai_flags = AI_PASSIVE;
-
-	err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
-	if (err != 0) {
-		fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
-		exit(1);
-	}
-
-	for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
-		if (ai->ai_family != AF_INET6)
-			continue;
-
-		err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
-		    sizeof(ntop), strport, sizeof(strport),
-		    NI_NUMERICHOST|NI_NUMERICSERV);
-
-		if (err != 0) {
-			if (err == EAI_SYSTEM)
-				perror("getnameinfo EAI_SYSTEM");
-			else
-				fprintf(stderr, "getnameinfo failed: %s\n",
-				    gai_strerror(err));
-			exit(2);
-		}
-
-		sock = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
-		if (sock < 0)
-			perror("socket");
-		if (bind(sock, ai->ai_addr, ai->ai_addrlen) < 0) {
-			if (errno == EBADF)
-				exit(3);
-		}
-	}
-	exit(0);
-
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_run "$LINENO"; then :
-
-			{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-
-else
-
-			{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-			$as_echo "#define BROKEN_GETADDRINFO 1" >>confdefs.h
-
-
-fi
-rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \
-  conftest.$ac_objext conftest.beam conftest.$ac_ext
-fi
-
-fi
-
-if test "x$ac_cv_func_getaddrinfo" = "xyes" && \
-    test "x$check_for_aix_broken_getaddrinfo" = "x1"; then
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if getaddrinfo seems to work" >&5
-$as_echo_n "checking if getaddrinfo seems to work... " >&6; }
-	if test "$cross_compiling" = yes; then :
-
-			{ $as_echo "$as_me:${as_lineno-$LINENO}: result: cross-compiling, assuming no" >&5
-$as_echo "cross-compiling, assuming no" >&6; }
-
-
-else
-  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-#include <stdio.h>
-#include <sys/socket.h>
-#include <netdb.h>
-#include <errno.h>
-#include <netinet/in.h>
-
-#define TEST_PORT "2222"
-
-int
-main ()
-{
-
-	int err, sock;
-	struct addrinfo *gai_ai, *ai, hints;
-	char ntop[NI_MAXHOST], strport[NI_MAXSERV], *name = NULL;
-
-	memset(&hints, 0, sizeof(hints));
-	hints.ai_family = PF_UNSPEC;
-	hints.ai_socktype = SOCK_STREAM;
-	hints.ai_flags = AI_PASSIVE;
-
-	err = getaddrinfo(name, TEST_PORT, &hints, &gai_ai);
-	if (err != 0) {
-		fprintf(stderr, "getaddrinfo failed (%s)", gai_strerror(err));
-		exit(1);
-	}
-
-	for (ai = gai_ai; ai != NULL; ai = ai->ai_next) {
-		if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6)
-			continue;
-
-		err = getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop,
-		    sizeof(ntop), strport, sizeof(strport),
-		    NI_NUMERICHOST|NI_NUMERICSERV);
-
-		if (ai->ai_family == AF_INET && err != 0) {
-			perror("getnameinfo");
-			exit(2);
-		}
-	}
-	exit(0);
-
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_run "$LINENO"; then :
-
-			{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-
-$as_echo "#define AIX_GETNAMEINFO_HACK 1" >>confdefs.h
-
-
-else
-
-			{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-			$as_echo "#define BROKEN_GETADDRINFO 1" >>confdefs.h
-
-
-fi
-rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \
-  conftest.$ac_objext conftest.beam conftest.$ac_ext
-fi
-
-fi
-
-if test "x$ac_cv_func_getaddrinfo" = "xyes"; then
-	ac_fn_c_check_decl "$LINENO" "AI_NUMERICSERV" "ac_cv_have_decl_AI_NUMERICSERV" "#include <sys/types.h>
-	     #include <sys/socket.h>
-	     #include <netdb.h>
-"
-if test "x$ac_cv_have_decl_AI_NUMERICSERV" = xyes; then :
-  ac_have_decl=1
-else
-  ac_have_decl=0
-fi
-
-cat >>confdefs.h <<_ACEOF
-#define HAVE_DECL_AI_NUMERICSERV $ac_have_decl
-_ACEOF
-
-fi
-
-if test "x$check_for_conflicting_getspnam" = "x1"; then
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for conflicting getspnam in shadow.h" >&5
-$as_echo_n "checking for conflicting getspnam in shadow.h... " >&6; }
-	cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
- #include <shadow.h>
-int
-main ()
-{
- exit(0);
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-
-			{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-
-else
-
-			{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-
-$as_echo "#define GETSPNAM_CONFLICTING_DEFS 1" >>confdefs.h
-
-
-
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-fi
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether getpgrp requires zero arguments" >&5
-$as_echo_n "checking whether getpgrp requires zero arguments... " >&6; }
-if ${ac_cv_func_getpgrp_void+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  # Use it with a single arg.
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-$ac_includes_default
-int
-main ()
-{
-getpgrp (0);
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-  ac_cv_func_getpgrp_void=no
-else
-  ac_cv_func_getpgrp_void=yes
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_func_getpgrp_void" >&5
-$as_echo "$ac_cv_func_getpgrp_void" >&6; }
-if test $ac_cv_func_getpgrp_void = yes; then
-
-$as_echo "#define GETPGRP_VOID 1" >>confdefs.h
-
-fi
-
-
-# Search for OpenSSL
-saved_CPPFLAGS="$CPPFLAGS"
-saved_LDFLAGS="$LDFLAGS"
-
-# Check whether --with-ssl-dir was given.
-if test "${with_ssl_dir+set}" = set; then :
-  withval=$with_ssl_dir;
-		if test "x$openssl" = "xno" ; then
-			as_fn_error $? "cannot use --with-ssl-dir when OpenSSL disabled" "$LINENO" 5
-		fi
-		if test "x$withval" != "xno" ; then
-			case "$withval" in
-				# Relative paths
-				./*|../*)	withval="`pwd`/$withval"
-			esac
-			if test -d "$withval/lib"; then
-				if test -n "${need_dash_r}"; then
-					LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}"
-				else
-					LDFLAGS="-L${withval}/lib ${LDFLAGS}"
-				fi
-			elif test -d "$withval/lib64"; then
-				if test -n "${need_dash_r}"; then
-					LDFLAGS="-L${withval}/lib64 -R${withval}/lib64 ${LDFLAGS}"
-				else
-					LDFLAGS="-L${withval}/lib64 ${LDFLAGS}"
-				fi
-			else
-				if test -n "${need_dash_r}"; then
-					LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
-				else
-					LDFLAGS="-L${withval} ${LDFLAGS}"
-				fi
-			fi
-			if test -d "$withval/include"; then
-				CPPFLAGS="-I${withval}/include ${CPPFLAGS}"
-			else
-				CPPFLAGS="-I${withval} ${CPPFLAGS}"
-			fi
-		fi
-
-
-fi
-
-
-
-# Check whether --with-openssl-header-check was given.
-if test "${with_openssl_header_check+set}" = set; then :
-  withval=$with_openssl_header_check;
-		if test "x$withval" = "xno" ; then
-			openssl_check_nonfatal=1
-		fi
-
-
-fi
-
-
-openssl_engine=no
-
-# Check whether --with-ssl-engine was given.
-if test "${with_ssl_engine+set}" = set; then :
-  withval=$with_ssl_engine;
-		if test "x$openssl" = "xno" ; then
-			as_fn_error $? "cannot use --with-ssl-engine when OpenSSL disabled" "$LINENO" 5
-		fi
-		if test "x$withval" != "xno" ; then
-			openssl_engine=yes
-		fi
-
-
-fi
-
-
-if test "x$openssl" = "xyes" ; then
-	LIBS="-lcrypto $LIBS"
-	cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char RAND_add ();
-int
-main ()
-{
-return RAND_add ();
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
-
-$as_echo "#define HAVE_OPENSSL 1" >>confdefs.h
-
-else
-
-						if test -n "${need_dash_r}"; then
-				LDFLAGS="-L/usr/local/ssl/lib -R/usr/local/ssl/lib ${saved_LDFLAGS}"
-			else
-				LDFLAGS="-L/usr/local/ssl/lib ${saved_LDFLAGS}"
-			fi
-			CPPFLAGS="-I/usr/local/ssl/include ${saved_CPPFLAGS}"
-			ac_fn_c_check_header_mongrel "$LINENO" "openssl/opensslv.h" "ac_cv_header_openssl_opensslv_h" "$ac_includes_default"
-if test "x$ac_cv_header_openssl_opensslv_h" = xyes; then :
-
-else
-  as_fn_error $? "*** OpenSSL headers missing - please install first or check config.log ***" "$LINENO" 5
-fi
-
-
-			cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char RAND_add ();
-int
-main ()
-{
-return RAND_add ();
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
-  $as_echo "#define HAVE_OPENSSL 1" >>confdefs.h
-
-else
-
-					as_fn_error $? "*** Can't find recent OpenSSL libcrypto (see config.log for details) ***" "$LINENO" 5
-
-
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext conftest.$ac_ext
-
-
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext conftest.$ac_ext
-
-	# Determine OpenSSL header version
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking OpenSSL header version" >&5
-$as_echo_n "checking OpenSSL header version... " >&6; }
-	if test "$cross_compiling" = yes; then :
-
-			{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cross compiling: not checking" >&5
-$as_echo "$as_me: WARNING: cross compiling: not checking" >&2;}
-
-
-else
-  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-	#include <stdio.h>
-	#include <string.h>
-	#include <openssl/opensslv.h>
-	#define DATA "conftest.sslincver"
-
-int
-main ()
-{
-
-		FILE *fd;
-		int rc;
-
-		fd = fopen(DATA,"w");
-		if(fd == NULL)
-			exit(1);
-
-		if ((rc = fprintf(fd ,"%08x (%s)\n", OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0)
-			exit(1);
-
-		exit(0);
-
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_run "$LINENO"; then :
-
-			ssl_header_ver=`cat conftest.sslincver`
-			{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ssl_header_ver" >&5
-$as_echo "$ssl_header_ver" >&6; }
-
-else
-
-			{ $as_echo "$as_me:${as_lineno-$LINENO}: result: not found" >&5
-$as_echo "not found" >&6; }
-			as_fn_error $? "OpenSSL version header not found." "$LINENO" 5
-
-fi
-rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \
-  conftest.$ac_objext conftest.beam conftest.$ac_ext
-fi
-
-
-	# Determine OpenSSL library version
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking OpenSSL library version" >&5
-$as_echo_n "checking OpenSSL library version... " >&6; }
-	if test "$cross_compiling" = yes; then :
-
-			{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cross compiling: not checking" >&5
-$as_echo "$as_me: WARNING: cross compiling: not checking" >&2;}
-
-
-else
-  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-	#include <stdio.h>
-	#include <string.h>
-	#include <openssl/opensslv.h>
-	#include <openssl/crypto.h>
-	#define DATA "conftest.ssllibver"
-
-int
-main ()
-{
-
-		FILE *fd;
-		int rc;
-
-		fd = fopen(DATA,"w");
-		if(fd == NULL)
-			exit(1);
-
-		if ((rc = fprintf(fd ,"%08x (%s)\n", SSLeay(),
-		    SSLeay_version(SSLEAY_VERSION))) <0)
-			exit(1);
-
-		exit(0);
-
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_run "$LINENO"; then :
-
-			ssl_library_ver=`cat conftest.ssllibver`
-			# Check version is supported.
-			case "$ssl_library_ver" in
-				0090[0-7]*|009080[0-5]*)
-					as_fn_error $? "OpenSSL >= 0.9.8f required (have \"$ssl_library_ver\")" "$LINENO" 5
-			                ;;
-			        *) ;;
-			esac
-			{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ssl_library_ver" >&5
-$as_echo "$ssl_library_ver" >&6; }
-
-else
-
-			{ $as_echo "$as_me:${as_lineno-$LINENO}: result: not found" >&5
-$as_echo "not found" >&6; }
-			as_fn_error $? "OpenSSL library not found." "$LINENO" 5
-
-fi
-rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \
-  conftest.$ac_objext conftest.beam conftest.$ac_ext
-fi
-
-
-	# Sanity check OpenSSL headers
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether OpenSSL's headers match the library" >&5
-$as_echo_n "checking whether OpenSSL's headers match the library... " >&6; }
-	if test "$cross_compiling" = yes; then :
-
-			{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cross compiling: not checking" >&5
-$as_echo "$as_me: WARNING: cross compiling: not checking" >&2;}
-
-
-else
-  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-	#include <string.h>
-	#include <openssl/opensslv.h>
-
-int
-main ()
-{
-
-		exit(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1);
-
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_run "$LINENO"; then :
-
-			{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-
-else
-
-			{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-			if test "x$openssl_check_nonfatal" = "x"; then
-				as_fn_error $? "Your OpenSSL headers do not match your
-	library. Check config.log for details.
-	If you are sure your installation is consistent, you can disable the check
-	by running \"./configure --without-openssl-header-check\".
-	Also see contrib/findssl.sh for help identifying header/library mismatches.
-	" "$LINENO" 5
-			else
-				{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: Your OpenSSL headers do not match your
-	library. Check config.log for details.
-	Also see contrib/findssl.sh for help identifying header/library mismatches." >&5
-$as_echo "$as_me: WARNING: Your OpenSSL headers do not match your
-	library. Check config.log for details.
-	Also see contrib/findssl.sh for help identifying header/library mismatches." >&2;}
-			fi
-
-fi
-rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \
-  conftest.$ac_objext conftest.beam conftest.$ac_ext
-fi
-
-
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if programs using OpenSSL functions will link" >&5
-$as_echo_n "checking if programs using OpenSSL functions will link... " >&6; }
-	cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
- #include <openssl/evp.h>
-int
-main ()
-{
- SSLeay_add_all_algorithms();
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
-
-			{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-
-else
-
-			{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-			saved_LIBS="$LIBS"
-			LIBS="$LIBS -ldl"
-			{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if programs using OpenSSL need -ldl" >&5
-$as_echo_n "checking if programs using OpenSSL need -ldl... " >&6; }
-			cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
- #include <openssl/evp.h>
-int
-main ()
-{
- SSLeay_add_all_algorithms();
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
-
-					{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-
-else
-
-					{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-					LIBS="$saved_LIBS"
-
-
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext conftest.$ac_ext
-
-
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext conftest.$ac_ext
-
-	for ac_func in  \
-		BN_is_prime_ex \
-		DSA_generate_parameters_ex \
-		EVP_DigestInit_ex \
-		EVP_DigestFinal_ex \
-		EVP_MD_CTX_init \
-		EVP_MD_CTX_cleanup \
-		EVP_MD_CTX_copy_ex \
-		HMAC_CTX_init \
-		RSA_generate_key_ex \
-		RSA_get_default_method \
-
-do :
-  as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh`
-ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var"
-if eval test \"x\$"$as_ac_var"\" = x"yes"; then :
-  cat >>confdefs.h <<_ACEOF
-#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1
-_ACEOF
-
-fi
-done
-
-
-	if test "x$openssl_engine" = "xyes" ; then
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for OpenSSL ENGINE support" >&5
-$as_echo_n "checking for OpenSSL ENGINE support... " >&6; }
-		cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-	#include <openssl/engine.h>
-
-int
-main ()
-{
-
-				ENGINE_load_builtin_engines();
-				ENGINE_register_all_complete();
-
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-   { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-
-$as_echo "#define USE_OPENSSL_ENGINE 1" >>confdefs.h
-
-
-else
-   as_fn_error $? "OpenSSL ENGINE support not found" "$LINENO" 5
-
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-	fi
-
-	# Check for OpenSSL without EVP_aes_{192,256}_cbc
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether OpenSSL has crippled AES support" >&5
-$as_echo_n "checking whether OpenSSL has crippled AES support... " >&6; }
-	cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-	#include <string.h>
-	#include <openssl/evp.h>
-
-int
-main ()
-{
-
-		exit(EVP_aes_192_cbc() == NULL || EVP_aes_256_cbc() == NULL);
-
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
-
-			{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-
-else
-
-			{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-
-$as_echo "#define OPENSSL_LOBOTOMISED_AES 1" >>confdefs.h
-
-
-
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext conftest.$ac_ext
-
-	# Check for OpenSSL with EVP_aes_*ctr
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether OpenSSL has AES CTR via EVP" >&5
-$as_echo_n "checking whether OpenSSL has AES CTR via EVP... " >&6; }
-	cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-	#include <string.h>
-	#include <openssl/evp.h>
-
-int
-main ()
-{
-
-		exit(EVP_aes_128_ctr() == NULL ||
-		    EVP_aes_192_cbc() == NULL ||
-		    EVP_aes_256_cbc() == NULL);
-
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
-
-			{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-
-$as_echo "#define OPENSSL_HAVE_EVPCTR 1" >>confdefs.h
-
-
-else
-
-			{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-
-
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext conftest.$ac_ext
-
-	# Check for OpenSSL with EVP_aes_*gcm
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether OpenSSL has AES GCM via EVP" >&5
-$as_echo_n "checking whether OpenSSL has AES GCM via EVP... " >&6; }
-	cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-	#include <string.h>
-	#include <openssl/evp.h>
-
-int
-main ()
-{
-
-		exit(EVP_aes_128_gcm() == NULL ||
-		    EVP_aes_256_gcm() == NULL ||
-		    EVP_CTRL_GCM_SET_IV_FIXED == 0 ||
-		    EVP_CTRL_GCM_IV_GEN == 0 ||
-		    EVP_CTRL_GCM_SET_TAG == 0 ||
-		    EVP_CTRL_GCM_GET_TAG == 0 ||
-		    EVP_CIPHER_CTX_ctrl(NULL, 0, 0, NULL) == 0);
-
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
-
-			{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-
-$as_echo "#define OPENSSL_HAVE_EVPGCM 1" >>confdefs.h
-
-
-else
-
-			{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-			unsupported_algorithms="$unsupported_cipers \
-			   aes128-gcm@openssh.com aes256-gcm@openssh.com"
-
-
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext conftest.$ac_ext
-
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing EVP_CIPHER_CTX_ctrl" >&5
-$as_echo_n "checking for library containing EVP_CIPHER_CTX_ctrl... " >&6; }
-if ${ac_cv_search_EVP_CIPHER_CTX_ctrl+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_func_search_save_LIBS=$LIBS
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char EVP_CIPHER_CTX_ctrl ();
-int
-main ()
-{
-return EVP_CIPHER_CTX_ctrl ();
-  ;
-  return 0;
-}
-_ACEOF
-for ac_lib in '' crypto; do
-  if test -z "$ac_lib"; then
-    ac_res="none required"
-  else
-    ac_res=-l$ac_lib
-    LIBS="-l$ac_lib  $ac_func_search_save_LIBS"
-  fi
-  if ac_fn_c_try_link "$LINENO"; then :
-  ac_cv_search_EVP_CIPHER_CTX_ctrl=$ac_res
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext
-  if ${ac_cv_search_EVP_CIPHER_CTX_ctrl+:} false; then :
-  break
-fi
-done
-if ${ac_cv_search_EVP_CIPHER_CTX_ctrl+:} false; then :
-
-else
-  ac_cv_search_EVP_CIPHER_CTX_ctrl=no
-fi
-rm conftest.$ac_ext
-LIBS=$ac_func_search_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_EVP_CIPHER_CTX_ctrl" >&5
-$as_echo "$ac_cv_search_EVP_CIPHER_CTX_ctrl" >&6; }
-ac_res=$ac_cv_search_EVP_CIPHER_CTX_ctrl
-if test "$ac_res" != no; then :
-  test "$ac_res" = "none required" || LIBS="$ac_res $LIBS"
-
-$as_echo "#define HAVE_EVP_CIPHER_CTX_CTRL 1" >>confdefs.h
-
-fi
-
-
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if EVP_DigestUpdate returns an int" >&5
-$as_echo_n "checking if EVP_DigestUpdate returns an int... " >&6; }
-	cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-	#include <string.h>
-	#include <openssl/evp.h>
-
-int
-main ()
-{
-
-		if(EVP_DigestUpdate(NULL, NULL,0))
-			exit(0);
-
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
-
-			{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-
-else
-
-			{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-
-$as_echo "#define OPENSSL_EVP_DIGESTUPDATE_VOID 1" >>confdefs.h
-
-
-
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext conftest.$ac_ext
-
-	# Some systems want crypt() from libcrypt, *not* the version in OpenSSL,
-	# because the system crypt() is more featureful.
-	if test "x$check_for_libcrypt_before" = "x1"; then
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for crypt in -lcrypt" >&5
-$as_echo_n "checking for crypt in -lcrypt... " >&6; }
-if ${ac_cv_lib_crypt_crypt+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_check_lib_save_LIBS=$LIBS
-LIBS="-lcrypt  $LIBS"
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char crypt ();
-int
-main ()
-{
-return crypt ();
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
-  ac_cv_lib_crypt_crypt=yes
-else
-  ac_cv_lib_crypt_crypt=no
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext conftest.$ac_ext
-LIBS=$ac_check_lib_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_crypt_crypt" >&5
-$as_echo "$ac_cv_lib_crypt_crypt" >&6; }
-if test "x$ac_cv_lib_crypt_crypt" = xyes; then :
-  cat >>confdefs.h <<_ACEOF
-#define HAVE_LIBCRYPT 1
-_ACEOF
-
-  LIBS="-lcrypt $LIBS"
-
-fi
-
-	fi
-
-	# Some Linux systems (Slackware) need crypt() from libcrypt, *not* the
-	# version in OpenSSL.
-	if test "x$check_for_libcrypt_later" = "x1"; then
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for crypt in -lcrypt" >&5
-$as_echo_n "checking for crypt in -lcrypt... " >&6; }
-if ${ac_cv_lib_crypt_crypt+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_check_lib_save_LIBS=$LIBS
-LIBS="-lcrypt  $LIBS"
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char crypt ();
-int
-main ()
-{
-return crypt ();
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
-  ac_cv_lib_crypt_crypt=yes
-else
-  ac_cv_lib_crypt_crypt=no
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext conftest.$ac_ext
-LIBS=$ac_check_lib_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_crypt_crypt" >&5
-$as_echo "$ac_cv_lib_crypt_crypt" >&6; }
-if test "x$ac_cv_lib_crypt_crypt" = xyes; then :
-  LIBS="$LIBS -lcrypt"
-fi
-
-	fi
-	for ac_func in crypt DES_crypt
-do :
-  as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh`
-ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var"
-if eval test \"x\$"$as_ac_var"\" = x"yes"; then :
-  cat >>confdefs.h <<_ACEOF
-#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1
-_ACEOF
-
-fi
-done
-
-
-	# Search for SHA256 support in libc and/or OpenSSL
-	for ac_func in SHA256_Update EVP_sha256
-do :
-  as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh`
-ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var"
-if eval test \"x\$"$as_ac_var"\" = x"yes"; then :
-  cat >>confdefs.h <<_ACEOF
-#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1
-_ACEOF
-
-else
-  unsupported_algorithms="$unsupported_algorithms \
-		hmac-sha2-256 hmac-sha2-512 \
-		diffie-hellman-group-exchange-sha256 \
-		hmac-sha2-256-etm@openssh.com hmac-sha2-512-etm@openssh.com"
-
-
-fi
-done
-
-	# Search for RIPE-MD support in OpenSSL
-	for ac_func in EVP_ripemd160
-do :
-  ac_fn_c_check_func "$LINENO" "EVP_ripemd160" "ac_cv_func_EVP_ripemd160"
-if test "x$ac_cv_func_EVP_ripemd160" = xyes; then :
-  cat >>confdefs.h <<_ACEOF
-#define HAVE_EVP_RIPEMD160 1
-_ACEOF
-
-else
-  unsupported_algorithms="$unsupported_algorithms \
-		hmac-ripemd160
-		hmac-ripemd160@openssh.com
-		hmac-ripemd160-etm@openssh.com"
-
-
-fi
-done
-
-
-	# Check complete ECC support in OpenSSL
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether OpenSSL has NID_X9_62_prime256v1" >&5
-$as_echo_n "checking whether OpenSSL has NID_X9_62_prime256v1... " >&6; }
-	cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-	#include <openssl/ec.h>
-	#include <openssl/ecdh.h>
-	#include <openssl/ecdsa.h>
-	#include <openssl/evp.h>
-	#include <openssl/objects.h>
-	#include <openssl/opensslv.h>
-	#if OPENSSL_VERSION_NUMBER < 0x0090807f /* 0.9.8g */
-	# error "OpenSSL < 0.9.8g has unreliable ECC code"
-	#endif
-
-int
-main ()
-{
-
-		EC_KEY *e = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
-		const EVP_MD *m = EVP_sha256(); /* We need this too */
-
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
-   { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-		  enable_nistp256=1
-else
-   { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext conftest.$ac_ext
-
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether OpenSSL has NID_secp384r1" >&5
-$as_echo_n "checking whether OpenSSL has NID_secp384r1... " >&6; }
-	cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-	#include <openssl/ec.h>
-	#include <openssl/ecdh.h>
-	#include <openssl/ecdsa.h>
-	#include <openssl/evp.h>
-	#include <openssl/objects.h>
-	#include <openssl/opensslv.h>
-	#if OPENSSL_VERSION_NUMBER < 0x0090807f /* 0.9.8g */
-	# error "OpenSSL < 0.9.8g has unreliable ECC code"
-	#endif
-
-int
-main ()
-{
-
-		EC_KEY *e = EC_KEY_new_by_curve_name(NID_secp384r1);
-		const EVP_MD *m = EVP_sha384(); /* We need this too */
-
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
-   { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-		  enable_nistp384=1
-else
-   { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext conftest.$ac_ext
-
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether OpenSSL has NID_secp521r1" >&5
-$as_echo_n "checking whether OpenSSL has NID_secp521r1... " >&6; }
-	cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-	#include <openssl/ec.h>
-	#include <openssl/ecdh.h>
-	#include <openssl/ecdsa.h>
-	#include <openssl/evp.h>
-	#include <openssl/objects.h>
-	#include <openssl/opensslv.h>
-	#if OPENSSL_VERSION_NUMBER < 0x0090807f /* 0.9.8g */
-	# error "OpenSSL < 0.9.8g has unreliable ECC code"
-	#endif
-
-int
-main ()
-{
-
-		EC_KEY *e = EC_KEY_new_by_curve_name(NID_secp521r1);
-		const EVP_MD *m = EVP_sha512(); /* We need this too */
-
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
-   { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-		  { $as_echo "$as_me:${as_lineno-$LINENO}: checking if OpenSSL's NID_secp521r1 is functional" >&5
-$as_echo_n "checking if OpenSSL's NID_secp521r1 is functional... " >&6; }
-		  if test "$cross_compiling" = yes; then :
-   { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cross-compiling: assuming yes" >&5
-$as_echo "$as_me: WARNING: cross-compiling: assuming yes" >&2;}
-			  enable_nistp521=1
-
-else
-  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-	#include <openssl/ec.h>
-	#include <openssl/ecdh.h>
-	#include <openssl/ecdsa.h>
-	#include <openssl/evp.h>
-	#include <openssl/objects.h>
-	#include <openssl/opensslv.h>
-
-int
-main ()
-{
-
-			EC_KEY *e = EC_KEY_new_by_curve_name(NID_secp521r1);
-			const EVP_MD *m = EVP_sha512(); /* We need this too */
-			exit(e == NULL || m == NULL);
-
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_run "$LINENO"; then :
-   { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-			  enable_nistp521=1
-else
-   { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-fi
-rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \
-  conftest.$ac_objext conftest.beam conftest.$ac_ext
-fi
-
-else
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext conftest.$ac_ext
-
-	COMMENT_OUT_ECC="#no ecc#"
-	TEST_SSH_ECC=no
-
-	if test x$enable_nistp256 = x1 || test x$enable_nistp384 = x1 || \
-	    test x$enable_nistp521 = x1; then
-
-$as_echo "#define OPENSSL_HAS_ECC 1" >>confdefs.h
-
-	fi
-	if test x$enable_nistp256 = x1; then
-
-$as_echo "#define OPENSSL_HAS_NISTP256 1" >>confdefs.h
-
-		TEST_SSH_ECC=yes
-		COMMENT_OUT_ECC=""
-	else
-		unsupported_algorithms="$unsupported_algorithms ecdsa-sha2-nistp256 \
-		    ecdh-sha2-nistp256 ecdsa-sha2-nistp256-cert-v01@openssh.com"
-	fi
-	if test x$enable_nistp384 = x1; then
-
-$as_echo "#define OPENSSL_HAS_NISTP384 1" >>confdefs.h
-
-		TEST_SSH_ECC=yes
-		COMMENT_OUT_ECC=""
-	else
-		unsupported_algorithms="$unsupported_algorithms ecdsa-sha2-nistp384 \
-		    ecdh-sha2-nistp384 ecdsa-sha2-nistp384-cert-v01@openssh.com"
-	fi
-	if test x$enable_nistp521 = x1; then
-
-$as_echo "#define OPENSSL_HAS_NISTP521 1" >>confdefs.h
-
-		TEST_SSH_ECC=yes
-		COMMENT_OUT_ECC=""
-	else
-		unsupported_algorithms="$unsupported_algorithms ecdh-sha2-nistp521 \
-		    ecdsa-sha2-nistp521 ecdsa-sha2-nistp521-cert-v01@openssh.com"
-	fi
-
-
-
-else
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for crypt in -lcrypt" >&5
-$as_echo_n "checking for crypt in -lcrypt... " >&6; }
-if ${ac_cv_lib_crypt_crypt+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_check_lib_save_LIBS=$LIBS
-LIBS="-lcrypt  $LIBS"
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char crypt ();
-int
-main ()
-{
-return crypt ();
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
-  ac_cv_lib_crypt_crypt=yes
-else
-  ac_cv_lib_crypt_crypt=no
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext conftest.$ac_ext
-LIBS=$ac_check_lib_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_crypt_crypt" >&5
-$as_echo "$ac_cv_lib_crypt_crypt" >&6; }
-if test "x$ac_cv_lib_crypt_crypt" = xyes; then :
-  LIBS="$LIBS -lcrypt"
-fi
-
-	for ac_func in crypt
-do :
-  ac_fn_c_check_func "$LINENO" "crypt" "ac_cv_func_crypt"
-if test "x$ac_cv_func_crypt" = xyes; then :
-  cat >>confdefs.h <<_ACEOF
-#define HAVE_CRYPT 1
-_ACEOF
-
-fi
-done
-
-fi
-
-for ac_func in  \
-	arc4random \
-	arc4random_buf \
-	arc4random_stir \
-	arc4random_uniform \
-
-do :
-  as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh`
-ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var"
-if eval test \"x\$"$as_ac_var"\" = x"yes"; then :
-  cat >>confdefs.h <<_ACEOF
-#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1
-_ACEOF
-
-fi
-done
-
-
-saved_LIBS="$LIBS"
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for ia_openinfo in -liaf" >&5
-$as_echo_n "checking for ia_openinfo in -liaf... " >&6; }
-if ${ac_cv_lib_iaf_ia_openinfo+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_check_lib_save_LIBS=$LIBS
-LIBS="-liaf  $LIBS"
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char ia_openinfo ();
-int
-main ()
-{
-return ia_openinfo ();
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
-  ac_cv_lib_iaf_ia_openinfo=yes
-else
-  ac_cv_lib_iaf_ia_openinfo=no
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext conftest.$ac_ext
-LIBS=$ac_check_lib_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_iaf_ia_openinfo" >&5
-$as_echo "$ac_cv_lib_iaf_ia_openinfo" >&6; }
-if test "x$ac_cv_lib_iaf_ia_openinfo" = xyes; then :
-
-	LIBS="$LIBS -liaf"
-	for ac_func in set_id
-do :
-  ac_fn_c_check_func "$LINENO" "set_id" "ac_cv_func_set_id"
-if test "x$ac_cv_func_set_id" = xyes; then :
-  cat >>confdefs.h <<_ACEOF
-#define HAVE_SET_ID 1
-_ACEOF
- SSHDLIBS="$SSHDLIBS -liaf"
-
-$as_echo "#define HAVE_LIBIAF 1" >>confdefs.h
-
-
-fi
-done
-
-
-fi
-
-LIBS="$saved_LIBS"
-
-### Configure cryptographic random number support
-
-# Check wheter OpenSSL seeds itself
-if test "x$openssl" = "xyes" ; then
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether OpenSSL's PRNG is internally seeded" >&5
-$as_echo_n "checking whether OpenSSL's PRNG is internally seeded... " >&6; }
-	if test "$cross_compiling" = yes; then :
-
-			{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cross compiling: assuming yes" >&5
-$as_echo "$as_me: WARNING: cross compiling: assuming yes" >&2;}
-			# This is safe, since we will fatal() at runtime if
-			# OpenSSL is not seeded correctly.
-			OPENSSL_SEEDS_ITSELF=yes
-
-
-else
-  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-	#include <string.h>
-	#include <openssl/rand.h>
-
-int
-main ()
-{
-
-		exit(RAND_status() == 1 ? 0 : 1);
-
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_run "$LINENO"; then :
-
-			OPENSSL_SEEDS_ITSELF=yes
-			{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-
-else
-
-			{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-
-fi
-rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \
-  conftest.$ac_objext conftest.beam conftest.$ac_ext
-fi
-
-fi
-
-# PRNGD TCP socket
-
-# Check whether --with-prngd-port was given.
-if test "${with_prngd_port+set}" = set; then :
-  withval=$with_prngd_port;
-		case "$withval" in
-		no)
-			withval=""
-			;;
-		[0-9]*)
-			;;
-		*)
-			as_fn_error $? "You must specify a numeric port number for --with-prngd-port" "$LINENO" 5
-			;;
-		esac
-		if test ! -z "$withval" ; then
-			PRNGD_PORT="$withval"
-
-cat >>confdefs.h <<_ACEOF
-#define PRNGD_PORT $PRNGD_PORT
-_ACEOF
-
-		fi
-
-
-fi
-
-
-# PRNGD Unix domain socket
-
-# Check whether --with-prngd-socket was given.
-if test "${with_prngd_socket+set}" = set; then :
-  withval=$with_prngd_socket;
-		case "$withval" in
-		yes)
-			withval="/var/run/egd-pool"
-			;;
-		no)
-			withval=""
-			;;
-		/*)
-			;;
-		*)
-			as_fn_error $? "You must specify an absolute path to the entropy socket" "$LINENO" 5
-			;;
-		esac
-
-		if test ! -z "$withval" ; then
-			if test ! -z "$PRNGD_PORT" ; then
-				as_fn_error $? "You may not specify both a PRNGD/EGD port and socket" "$LINENO" 5
-			fi
-			if test ! -r "$withval" ; then
-				{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: Entropy socket is not readable" >&5
-$as_echo "$as_me: WARNING: Entropy socket is not readable" >&2;}
-			fi
-			PRNGD_SOCKET="$withval"
-
-cat >>confdefs.h <<_ACEOF
-#define PRNGD_SOCKET "$PRNGD_SOCKET"
-_ACEOF
-
-		fi
-
-else
-
-		# Check for existing socket only if we don't have a random device already
-		if test "x$OPENSSL_SEEDS_ITSELF" != "xyes" ; then
-			{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for PRNGD/EGD socket" >&5
-$as_echo_n "checking for PRNGD/EGD socket... " >&6; }
-			# Insert other locations here
-			for sock in /var/run/egd-pool /dev/egd-pool /etc/entropy; do
-				if test -r $sock && $TEST_MINUS_S_SH -c "test -S $sock -o -p $sock" ; then
-					PRNGD_SOCKET="$sock"
-					cat >>confdefs.h <<_ACEOF
-#define PRNGD_SOCKET "$PRNGD_SOCKET"
-_ACEOF
-
-					break;
-				fi
-			done
-			if test ! -z "$PRNGD_SOCKET" ; then
-				{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $PRNGD_SOCKET" >&5
-$as_echo "$PRNGD_SOCKET" >&6; }
-			else
-				{ $as_echo "$as_me:${as_lineno-$LINENO}: result: not found" >&5
-$as_echo "not found" >&6; }
-			fi
-		fi
-
-
-fi
-
-
-# Which randomness source do we use?
-if test ! -z "$PRNGD_PORT" ; then
-	RAND_MSG="PRNGd port $PRNGD_PORT"
-elif test ! -z "$PRNGD_SOCKET" ; then
-	RAND_MSG="PRNGd socket $PRNGD_SOCKET"
-elif test ! -z "$OPENSSL_SEEDS_ITSELF" ; then
-
-$as_echo "#define OPENSSL_PRNG_ONLY 1" >>confdefs.h
-
-	RAND_MSG="OpenSSL internal ONLY"
-elif test "x$openssl" = "xno" ; then
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: OpenSSH will use /dev/urandom as a source of random numbers. It will fail if this device is not supported or accessible" >&5
-$as_echo "$as_me: WARNING: OpenSSH will use /dev/urandom as a source of random numbers. It will fail if this device is not supported or accessible" >&2;}
-else
-	as_fn_error $? "OpenSSH has no source of random numbers. Please configure OpenSSL with an entropy source or re-run configure using one of the --with-prngd-port or --with-prngd-socket options" "$LINENO" 5
-fi
-
-# Check for PAM libs
-PAM_MSG="no"
-
-# Check whether --with-pam was given.
-if test "${with_pam+set}" = set; then :
-  withval=$with_pam;
-		if test "x$withval" != "xno" ; then
-			if test "x$ac_cv_header_security_pam_appl_h" != "xyes" && \
-			   test "x$ac_cv_header_pam_pam_appl_h" != "xyes" ; then
-				as_fn_error $? "PAM headers not found" "$LINENO" 5
-			fi
-
-			saved_LIBS="$LIBS"
-			{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for dlopen in -ldl" >&5
-$as_echo_n "checking for dlopen in -ldl... " >&6; }
-if ${ac_cv_lib_dl_dlopen+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_check_lib_save_LIBS=$LIBS
-LIBS="-ldl  $LIBS"
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char dlopen ();
-int
-main ()
-{
-return dlopen ();
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
-  ac_cv_lib_dl_dlopen=yes
-else
-  ac_cv_lib_dl_dlopen=no
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext conftest.$ac_ext
-LIBS=$ac_check_lib_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_dl_dlopen" >&5
-$as_echo "$ac_cv_lib_dl_dlopen" >&6; }
-if test "x$ac_cv_lib_dl_dlopen" = xyes; then :
-  cat >>confdefs.h <<_ACEOF
-#define HAVE_LIBDL 1
-_ACEOF
-
-  LIBS="-ldl $LIBS"
-
-fi
-
-			{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for pam_set_item in -lpam" >&5
-$as_echo_n "checking for pam_set_item in -lpam... " >&6; }
-if ${ac_cv_lib_pam_pam_set_item+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_check_lib_save_LIBS=$LIBS
-LIBS="-lpam  $LIBS"
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char pam_set_item ();
-int
-main ()
-{
-return pam_set_item ();
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
-  ac_cv_lib_pam_pam_set_item=yes
-else
-  ac_cv_lib_pam_pam_set_item=no
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext conftest.$ac_ext
-LIBS=$ac_check_lib_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_pam_pam_set_item" >&5
-$as_echo "$ac_cv_lib_pam_pam_set_item" >&6; }
-if test "x$ac_cv_lib_pam_pam_set_item" = xyes; then :
-  cat >>confdefs.h <<_ACEOF
-#define HAVE_LIBPAM 1
-_ACEOF
-
-  LIBS="-lpam $LIBS"
-
-else
-  as_fn_error $? "*** libpam missing" "$LINENO" 5
-fi
-
-			for ac_func in pam_getenvlist
-do :
-  ac_fn_c_check_func "$LINENO" "pam_getenvlist" "ac_cv_func_pam_getenvlist"
-if test "x$ac_cv_func_pam_getenvlist" = xyes; then :
-  cat >>confdefs.h <<_ACEOF
-#define HAVE_PAM_GETENVLIST 1
-_ACEOF
-
-fi
-done
-
-			for ac_func in pam_putenv
-do :
-  ac_fn_c_check_func "$LINENO" "pam_putenv" "ac_cv_func_pam_putenv"
-if test "x$ac_cv_func_pam_putenv" = xyes; then :
-  cat >>confdefs.h <<_ACEOF
-#define HAVE_PAM_PUTENV 1
-_ACEOF
-
-fi
-done
-
-			LIBS="$saved_LIBS"
-
-			PAM_MSG="yes"
-
-			SSHDLIBS="$SSHDLIBS -lpam"
-
-$as_echo "#define USE_PAM 1" >>confdefs.h
-
-
-			if test $ac_cv_lib_dl_dlopen = yes; then
-				case "$LIBS" in
-				*-ldl*)
-					# libdl already in LIBS
-					;;
-				*)
-					SSHDLIBS="$SSHDLIBS -ldl"
-					;;
-				esac
-			fi
-		fi
-
-
-fi
-
-
-# Check for older PAM
-if test "x$PAM_MSG" = "xyes" ; then
-	# Check PAM strerror arguments (old PAM)
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether pam_strerror takes only one argument" >&5
-$as_echo_n "checking whether pam_strerror takes only one argument... " >&6; }
-	cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-#include <stdlib.h>
-#if defined(HAVE_SECURITY_PAM_APPL_H)
-#include <security/pam_appl.h>
-#elif defined (HAVE_PAM_PAM_APPL_H)
-#include <pam/pam_appl.h>
-#endif
-
-int
-main ()
-{
-
-(void)pam_strerror((pam_handle_t *)NULL, -1);
-
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-else
-
-
-$as_echo "#define HAVE_OLD_PAM 1" >>confdefs.h
-
-			{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-			PAM_MSG="yes (old library)"
-
-
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-fi
-
-case "$host" in
-*-*-cygwin*)
-	SSH_PRIVSEP_USER=CYGWIN_SSH_PRIVSEP_USER
-	;;
-*)
-	SSH_PRIVSEP_USER=sshd
-	;;
-esac
-
-# Check whether --with-privsep-user was given.
-if test "${with_privsep_user+set}" = set; then :
-  withval=$with_privsep_user;
-		if test -n "$withval"  &&  test "x$withval" != "xno"  &&  \
-		    test "x${withval}" != "xyes"; then
-			SSH_PRIVSEP_USER=$withval
-		fi
-
-
-fi
-
-if test "x$SSH_PRIVSEP_USER" = "xCYGWIN_SSH_PRIVSEP_USER" ; then
-
-cat >>confdefs.h <<_ACEOF
-#define SSH_PRIVSEP_USER CYGWIN_SSH_PRIVSEP_USER
-_ACEOF
-
-else
-
-cat >>confdefs.h <<_ACEOF
-#define SSH_PRIVSEP_USER "$SSH_PRIVSEP_USER"
-_ACEOF
-
-fi
-
-
-if test "x$have_linux_no_new_privs" = "x1" ; then
-ac_fn_c_check_decl "$LINENO" "SECCOMP_MODE_FILTER" "ac_cv_have_decl_SECCOMP_MODE_FILTER" "
-	#include <sys/types.h>
-	#include <linux/seccomp.h>
-
-"
-if test "x$ac_cv_have_decl_SECCOMP_MODE_FILTER" = xyes; then :
-  have_seccomp_filter=1
-fi
-
-fi
-if test "x$have_seccomp_filter" = "x1" ; then
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking kernel for seccomp_filter support" >&5
-$as_echo_n "checking kernel for seccomp_filter support... " >&6; }
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-		#include <errno.h>
-		#include <elf.h>
-		#include <linux/audit.h>
-		#include <linux/seccomp.h>
-		#include <stdlib.h>
-		#include <sys/prctl.h>
-
-int
-main ()
-{
- int i = $seccomp_audit_arch;
-	   errno = 0;
-	   prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, NULL, 0, 0);
-	   exit(errno == EFAULT ? 0 : 1);
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
-   { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-else
-
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-		# Disable seccomp filter as a target
-		have_seccomp_filter=0
-
-
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext conftest.$ac_ext
-fi
-
-# Decide which sandbox style to use
-sandbox_arg=""
-
-# Check whether --with-sandbox was given.
-if test "${with_sandbox+set}" = set; then :
-  withval=$with_sandbox;
-		if test "x$withval" = "xyes" ; then
-			sandbox_arg=""
-		else
-			sandbox_arg="$withval"
-		fi
-
-
-fi
-
-
-# Some platforms (seems to be the ones that have a kernel poll(2)-type
-# function with which they implement select(2)) use an extra file descriptor
-# when calling select(2), which means we can't use the rlimit sandbox.
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if select works with descriptor rlimit" >&5
-$as_echo_n "checking if select works with descriptor rlimit... " >&6; }
-if test "$cross_compiling" = yes; then :
-  { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cross compiling: assuming yes" >&5
-$as_echo "$as_me: WARNING: cross compiling: assuming yes" >&2;}
-
-else
-  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-#include <sys/types.h>
-#ifdef HAVE_SYS_TIME_H
-# include <sys/time.h>
-#endif
-#include <sys/resource.h>
-#ifdef HAVE_SYS_SELECT_H
-# include <sys/select.h>
-#endif
-#include <errno.h>
-#include <fcntl.h>
-#include <stdlib.h>
-
-int
-main ()
-{
-
-	struct rlimit rl_zero;
-	int fd, r;
-	fd_set fds;
-	struct timeval tv;
-
-	fd = open("/dev/null", O_RDONLY);
-	FD_ZERO(&fds);
-	FD_SET(fd, &fds);
-	rl_zero.rlim_cur = rl_zero.rlim_max = 0;
-	setrlimit(RLIMIT_FSIZE, &rl_zero);
-	setrlimit(RLIMIT_NOFILE, &rl_zero);
-	tv.tv_sec = 1;
-	tv.tv_usec = 0;
-	r = select(fd+1, &fds, NULL, NULL, &tv);
-	exit (r == -1 ? 1 : 0);
-
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_run "$LINENO"; then :
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-	 select_works_with_rlimit=yes
-else
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-	 select_works_with_rlimit=no
-fi
-rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \
-  conftest.$ac_objext conftest.beam conftest.$ac_ext
-fi
-
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if setrlimit(RLIMIT_NOFILE,{0,0}) works" >&5
-$as_echo_n "checking if setrlimit(RLIMIT_NOFILE,{0,0}) works... " >&6; }
-if test "$cross_compiling" = yes; then :
-  { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cross compiling: assuming yes" >&5
-$as_echo "$as_me: WARNING: cross compiling: assuming yes" >&2;}
-
-else
-  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-#include <sys/types.h>
-#ifdef HAVE_SYS_TIME_H
-# include <sys/time.h>
-#endif
-#include <sys/resource.h>
-#include <errno.h>
-#include <stdlib.h>
-
-int
-main ()
-{
-
-	struct rlimit rl_zero;
-	int fd, r;
-	fd_set fds;
-
-	rl_zero.rlim_cur = rl_zero.rlim_max = 0;
-	r = setrlimit(RLIMIT_NOFILE, &rl_zero);
-	exit (r == -1 ? 1 : 0);
-
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_run "$LINENO"; then :
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-	 rlimit_nofile_zero_works=yes
-else
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-	 rlimit_nofile_zero_works=no
-fi
-rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \
-  conftest.$ac_objext conftest.beam conftest.$ac_ext
-fi
-
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if setrlimit RLIMIT_FSIZE works" >&5
-$as_echo_n "checking if setrlimit RLIMIT_FSIZE works... " >&6; }
-if test "$cross_compiling" = yes; then :
-  { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cross compiling: assuming yes" >&5
-$as_echo "$as_me: WARNING: cross compiling: assuming yes" >&2;}
-
-else
-  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-#include <sys/types.h>
-#include <sys/resource.h>
-#include <stdlib.h>
-
-int
-main ()
-{
-
-		struct rlimit rl_zero;
-
-		rl_zero.rlim_cur = rl_zero.rlim_max = 0;
-		exit(setrlimit(RLIMIT_FSIZE, &rl_zero) != 0);
-
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_run "$LINENO"; then :
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-else
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-
-$as_echo "#define SANDBOX_SKIP_RLIMIT_FSIZE 1" >>confdefs.h
-
-fi
-rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \
-  conftest.$ac_objext conftest.beam conftest.$ac_ext
-fi
-
-
-if test "x$sandbox_arg" = "xsystrace" || \
-   ( test -z "$sandbox_arg" && test "x$have_systr_policy_kill" = "x1" ) ; then
-	test "x$have_systr_policy_kill" != "x1" && \
-		as_fn_error $? "systrace sandbox requires systrace headers and SYSTR_POLICY_KILL support" "$LINENO" 5
-	SANDBOX_STYLE="systrace"
-
-$as_echo "#define SANDBOX_SYSTRACE 1" >>confdefs.h
-
-elif test "x$sandbox_arg" = "xdarwin" || \
-     ( test -z "$sandbox_arg" && test "x$ac_cv_func_sandbox_init" = "xyes" && \
-       test "x$ac_cv_header_sandbox_h" = "xyes") ; then
-	test "x$ac_cv_func_sandbox_init" != "xyes" -o \
-	     "x$ac_cv_header_sandbox_h" != "xyes" && \
-		as_fn_error $? "Darwin seatbelt sandbox requires sandbox.h and sandbox_init function" "$LINENO" 5
-	SANDBOX_STYLE="darwin"
-
-$as_echo "#define SANDBOX_DARWIN 1" >>confdefs.h
-
-elif test "x$sandbox_arg" = "xseccomp_filter" || \
-     ( test -z "$sandbox_arg" && \
-       test "x$have_seccomp_filter" = "x1" && \
-       test "x$ac_cv_header_elf_h" = "xyes" && \
-       test "x$ac_cv_header_linux_audit_h" = "xyes" && \
-       test "x$ac_cv_header_linux_filter_h" = "xyes" && \
-       test "x$seccomp_audit_arch" != "x" && \
-       test "x$have_linux_no_new_privs" = "x1" && \
-       test "x$ac_cv_func_prctl" = "xyes" ) ; then
-	test "x$seccomp_audit_arch" = "x" && \
-		as_fn_error $? "seccomp_filter sandbox not supported on $host" "$LINENO" 5
-	test "x$have_linux_no_new_privs" != "x1" && \
-		as_fn_error $? "seccomp_filter sandbox requires PR_SET_NO_NEW_PRIVS" "$LINENO" 5
-	test "x$have_seccomp_filter" != "x1" && \
-		as_fn_error $? "seccomp_filter sandbox requires seccomp headers" "$LINENO" 5
-	test "x$ac_cv_func_prctl" != "xyes" && \
-		as_fn_error $? "seccomp_filter sandbox requires prctl function" "$LINENO" 5
-	SANDBOX_STYLE="seccomp_filter"
-
-$as_echo "#define SANDBOX_SECCOMP_FILTER 1" >>confdefs.h
-
-elif test "x$sandbox_arg" = "xcapsicum" || \
-     ( test -z "$sandbox_arg" && \
-       test "x$ac_cv_header_sys_capsicum_h" = "xyes" && \
-       test "x$ac_cv_func_cap_rights_limit" = "xyes") ; then
-       test "x$ac_cv_header_sys_capsicum_h" != "xyes" && \
-		as_fn_error $? "capsicum sandbox requires sys/capsicum.h header" "$LINENO" 5
-       test "x$ac_cv_func_cap_rights_limit" != "xyes" && \
-		as_fn_error $? "capsicum sandbox requires cap_rights_limit function" "$LINENO" 5
-       SANDBOX_STYLE="capsicum"
-
-$as_echo "#define SANDBOX_CAPSICUM 1" >>confdefs.h
-
-elif test "x$sandbox_arg" = "xrlimit" || \
-     ( test -z "$sandbox_arg" && test "x$ac_cv_func_setrlimit" = "xyes" && \
-       test "x$select_works_with_rlimit" = "xyes" && \
-       test "x$rlimit_nofile_zero_works" = "xyes" ) ; then
-	test "x$ac_cv_func_setrlimit" != "xyes" && \
-		as_fn_error $? "rlimit sandbox requires setrlimit function" "$LINENO" 5
-	test "x$select_works_with_rlimit" != "xyes" && \
-		as_fn_error $? "rlimit sandbox requires select to work with rlimit" "$LINENO" 5
-	SANDBOX_STYLE="rlimit"
-
-$as_echo "#define SANDBOX_RLIMIT 1" >>confdefs.h
-
-elif test -z "$sandbox_arg" || test "x$sandbox_arg" = "xno" || \
-     test "x$sandbox_arg" = "xnone" || test "x$sandbox_arg" = "xnull" ; then
-	SANDBOX_STYLE="none"
-
-$as_echo "#define SANDBOX_NULL 1" >>confdefs.h
-
-else
-	as_fn_error $? "unsupported --with-sandbox" "$LINENO" 5
-fi
-
-# Cheap hack to ensure NEWS-OS libraries are arranged right.
-if test ! -z "$SONY" ; then
-  LIBS="$LIBS -liberty";
-fi
-
-# Check for  long long datatypes
-ac_fn_c_check_type "$LINENO" "long long" "ac_cv_type_long_long" "$ac_includes_default"
-if test "x$ac_cv_type_long_long" = xyes; then :
-
-cat >>confdefs.h <<_ACEOF
-#define HAVE_LONG_LONG 1
-_ACEOF
-
-
-fi
-ac_fn_c_check_type "$LINENO" "unsigned long long" "ac_cv_type_unsigned_long_long" "$ac_includes_default"
-if test "x$ac_cv_type_unsigned_long_long" = xyes; then :
-
-cat >>confdefs.h <<_ACEOF
-#define HAVE_UNSIGNED_LONG_LONG 1
-_ACEOF
-
-
-fi
-ac_fn_c_check_type "$LINENO" "long double" "ac_cv_type_long_double" "$ac_includes_default"
-if test "x$ac_cv_type_long_double" = xyes; then :
-
-cat >>confdefs.h <<_ACEOF
-#define HAVE_LONG_DOUBLE 1
-_ACEOF
-
-
-fi
-
-
-# Check datatype sizes
-# The cast to long int works around a bug in the HP C Compiler
-# version HP92453-01 B.11.11.23709.GP, which incorrectly rejects
-# declarations like `int a3[[(sizeof (unsigned char)) >= 0]];'.
-# This bug is HP SR number 8606223364.
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking size of short int" >&5
-$as_echo_n "checking size of short int... " >&6; }
-if ${ac_cv_sizeof_short_int+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  if ac_fn_c_compute_int "$LINENO" "(long int) (sizeof (short int))" "ac_cv_sizeof_short_int"        "$ac_includes_default"; then :
-
-else
-  if test "$ac_cv_type_short_int" = yes; then
-     { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
-$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
-as_fn_error 77 "cannot compute sizeof (short int)
-See \`config.log' for more details" "$LINENO" 5; }
-   else
-     ac_cv_sizeof_short_int=0
-   fi
-fi
-
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_sizeof_short_int" >&5
-$as_echo "$ac_cv_sizeof_short_int" >&6; }
-
-
-
-cat >>confdefs.h <<_ACEOF
-#define SIZEOF_SHORT_INT $ac_cv_sizeof_short_int
-_ACEOF
-
-
-# The cast to long int works around a bug in the HP C Compiler
-# version HP92453-01 B.11.11.23709.GP, which incorrectly rejects
-# declarations like `int a3[[(sizeof (unsigned char)) >= 0]];'.
-# This bug is HP SR number 8606223364.
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking size of int" >&5
-$as_echo_n "checking size of int... " >&6; }
-if ${ac_cv_sizeof_int+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  if ac_fn_c_compute_int "$LINENO" "(long int) (sizeof (int))" "ac_cv_sizeof_int"        "$ac_includes_default"; then :
-
-else
-  if test "$ac_cv_type_int" = yes; then
-     { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
-$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
-as_fn_error 77 "cannot compute sizeof (int)
-See \`config.log' for more details" "$LINENO" 5; }
-   else
-     ac_cv_sizeof_int=0
-   fi
-fi
-
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_sizeof_int" >&5
-$as_echo "$ac_cv_sizeof_int" >&6; }
-
-
-
-cat >>confdefs.h <<_ACEOF
-#define SIZEOF_INT $ac_cv_sizeof_int
-_ACEOF
-
-
-# The cast to long int works around a bug in the HP C Compiler
-# version HP92453-01 B.11.11.23709.GP, which incorrectly rejects
-# declarations like `int a3[[(sizeof (unsigned char)) >= 0]];'.
-# This bug is HP SR number 8606223364.
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking size of long int" >&5
-$as_echo_n "checking size of long int... " >&6; }
-if ${ac_cv_sizeof_long_int+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  if ac_fn_c_compute_int "$LINENO" "(long int) (sizeof (long int))" "ac_cv_sizeof_long_int"        "$ac_includes_default"; then :
-
-else
-  if test "$ac_cv_type_long_int" = yes; then
-     { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
-$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
-as_fn_error 77 "cannot compute sizeof (long int)
-See \`config.log' for more details" "$LINENO" 5; }
-   else
-     ac_cv_sizeof_long_int=0
-   fi
-fi
-
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_sizeof_long_int" >&5
-$as_echo "$ac_cv_sizeof_long_int" >&6; }
-
-
-
-cat >>confdefs.h <<_ACEOF
-#define SIZEOF_LONG_INT $ac_cv_sizeof_long_int
-_ACEOF
-
-
-# The cast to long int works around a bug in the HP C Compiler
-# version HP92453-01 B.11.11.23709.GP, which incorrectly rejects
-# declarations like `int a3[[(sizeof (unsigned char)) >= 0]];'.
-# This bug is HP SR number 8606223364.
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking size of long long int" >&5
-$as_echo_n "checking size of long long int... " >&6; }
-if ${ac_cv_sizeof_long_long_int+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  if ac_fn_c_compute_int "$LINENO" "(long int) (sizeof (long long int))" "ac_cv_sizeof_long_long_int"        "$ac_includes_default"; then :
-
-else
-  if test "$ac_cv_type_long_long_int" = yes; then
-     { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
-$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
-as_fn_error 77 "cannot compute sizeof (long long int)
-See \`config.log' for more details" "$LINENO" 5; }
-   else
-     ac_cv_sizeof_long_long_int=0
-   fi
-fi
-
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_sizeof_long_long_int" >&5
-$as_echo "$ac_cv_sizeof_long_long_int" >&6; }
-
-
-
-cat >>confdefs.h <<_ACEOF
-#define SIZEOF_LONG_LONG_INT $ac_cv_sizeof_long_long_int
-_ACEOF
-
-
-
-# Sanity check long long for some platforms (AIX)
-if test "x$ac_cv_sizeof_long_long_int" = "x4" ; then
-	ac_cv_sizeof_long_long_int=0
-fi
-
-# compute LLONG_MIN and LLONG_MAX if we don't know them.
-if test -z "$have_llong_max"; then
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for max value of long long" >&5
-$as_echo_n "checking for max value of long long... " >&6; }
-	if test "$cross_compiling" = yes; then :
-
-			{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cross compiling: not checking" >&5
-$as_echo "$as_me: WARNING: cross compiling: not checking" >&2;}
-
-
-else
-  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-#include <stdio.h>
-/* Why is this so damn hard? */
-#ifdef __GNUC__
-# undef __GNUC__
-#endif
-#define __USE_ISOC99
-#include <limits.h>
-#define DATA "conftest.llminmax"
-#define my_abs(a) ((a) < 0 ? ((a) * -1) : (a))
-
-/*
- * printf in libc on some platforms (eg old Tru64) does not understand %lld so
- * we do this the hard way.
- */
-static int
-fprint_ll(FILE *f, long long n)
-{
-	unsigned int i;
-	int l[sizeof(long long) * 8];
-
-	if (n < 0)
-		if (fprintf(f, "-") < 0)
-			return -1;
-	for (i = 0; n != 0; i++) {
-		l[i] = my_abs(n % 10);
-		n /= 10;
-	}
-	do {
-		if (fprintf(f, "%d", l[--i]) < 0)
-			return -1;
-	} while (i != 0);
-	if (fprintf(f, " ") < 0)
-		return -1;
-	return 0;
-}
-
-int
-main ()
-{
-
-	FILE *f;
-	long long i, llmin, llmax = 0;
-
-	if((f = fopen(DATA,"w")) == NULL)
-		exit(1);
-
-#if defined(LLONG_MIN) && defined(LLONG_MAX)
-	fprintf(stderr, "Using system header for LLONG_MIN and LLONG_MAX\n");
-	llmin = LLONG_MIN;
-	llmax = LLONG_MAX;
-#else
-	fprintf(stderr, "Calculating  LLONG_MIN and LLONG_MAX\n");
-	/* This will work on one's complement and two's complement */
-	for (i = 1; i > llmax; i <<= 1, i++)
-		llmax = i;
-	llmin = llmax + 1LL;	/* wrap */
-#endif
-
-	/* Sanity check */
-	if (llmin + 1 < llmin || llmin - 1 < llmin || llmax + 1 > llmax
-	    || llmax - 1 > llmax || llmin == llmax || llmin == 0
-	    || llmax == 0 || llmax < LONG_MAX || llmin > LONG_MIN) {
-		fprintf(f, "unknown unknown\n");
-		exit(2);
-	}
-
-	if (fprint_ll(f, llmin) < 0)
-		exit(3);
-	if (fprint_ll(f, llmax) < 0)
-		exit(4);
-	if (fclose(f) < 0)
-		exit(5);
-	exit(0);
-
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_run "$LINENO"; then :
-
-			llong_min=`$AWK '{print $1}' conftest.llminmax`
-			llong_max=`$AWK '{print $2}' conftest.llminmax`
-
-			{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $llong_max" >&5
-$as_echo "$llong_max" >&6; }
-
-cat >>confdefs.h <<_ACEOF
-#define LLONG_MAX ${llong_max}LL
-_ACEOF
-
-			{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for min value of long long" >&5
-$as_echo_n "checking for min value of long long... " >&6; }
-			{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $llong_min" >&5
-$as_echo "$llong_min" >&6; }
-
-cat >>confdefs.h <<_ACEOF
-#define LLONG_MIN ${llong_min}LL
-_ACEOF
-
-
-else
-
-			{ $as_echo "$as_me:${as_lineno-$LINENO}: result: not found" >&5
-$as_echo "not found" >&6; }
-
-fi
-rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \
-  conftest.$ac_objext conftest.beam conftest.$ac_ext
-fi
-
-fi
-
-
-# More checks for data types
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for u_int type" >&5
-$as_echo_n "checking for u_int type... " >&6; }
-if ${ac_cv_have_u_int+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-
-	cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
- #include <sys/types.h>
-int
-main ()
-{
- u_int a; a = 1;
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-   ac_cv_have_u_int="yes"
-else
-   ac_cv_have_u_int="no"
-
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_have_u_int" >&5
-$as_echo "$ac_cv_have_u_int" >&6; }
-if test "x$ac_cv_have_u_int" = "xyes" ; then
-
-$as_echo "#define HAVE_U_INT 1" >>confdefs.h
-
-	have_u_int=1
-fi
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for intXX_t types" >&5
-$as_echo_n "checking for intXX_t types... " >&6; }
-if ${ac_cv_have_intxx_t+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-
-	cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
- #include <sys/types.h>
-int
-main ()
-{
- int8_t a; int16_t b; int32_t c; a = b = c = 1;
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-   ac_cv_have_intxx_t="yes"
-else
-   ac_cv_have_intxx_t="no"
-
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_have_intxx_t" >&5
-$as_echo "$ac_cv_have_intxx_t" >&6; }
-if test "x$ac_cv_have_intxx_t" = "xyes" ; then
-
-$as_echo "#define HAVE_INTXX_T 1" >>confdefs.h
-
-	have_intxx_t=1
-fi
-
-if (test -z "$have_intxx_t" && \
-	   test "x$ac_cv_header_stdint_h" = "xyes")
-then
-    { $as_echo "$as_me:${as_lineno-$LINENO}: checking for intXX_t types in stdint.h" >&5
-$as_echo_n "checking for intXX_t types in stdint.h... " >&6; }
-	cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
- #include <stdint.h>
-int
-main ()
-{
- int8_t a; int16_t b; int32_t c; a = b = c = 1;
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-
-			$as_echo "#define HAVE_INTXX_T 1" >>confdefs.h
-
-			{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-
-else
-   { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-fi
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for int64_t type" >&5
-$as_echo_n "checking for int64_t type... " >&6; }
-if ${ac_cv_have_int64_t+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-
-	cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-#include <sys/types.h>
-#ifdef HAVE_STDINT_H
-# include <stdint.h>
-#endif
-#include <sys/socket.h>
-#ifdef HAVE_SYS_BITYPES_H
-# include <sys/bitypes.h>
-#endif
-
-int
-main ()
-{
-
-int64_t a; a = 1;
-
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-   ac_cv_have_int64_t="yes"
-else
-   ac_cv_have_int64_t="no"
-
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_have_int64_t" >&5
-$as_echo "$ac_cv_have_int64_t" >&6; }
-if test "x$ac_cv_have_int64_t" = "xyes" ; then
-
-$as_echo "#define HAVE_INT64_T 1" >>confdefs.h
-
-fi
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for u_intXX_t types" >&5
-$as_echo_n "checking for u_intXX_t types... " >&6; }
-if ${ac_cv_have_u_intxx_t+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-
-	cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
- #include <sys/types.h>
-int
-main ()
-{
- u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-   ac_cv_have_u_intxx_t="yes"
-else
-   ac_cv_have_u_intxx_t="no"
-
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_have_u_intxx_t" >&5
-$as_echo "$ac_cv_have_u_intxx_t" >&6; }
-if test "x$ac_cv_have_u_intxx_t" = "xyes" ; then
-
-$as_echo "#define HAVE_U_INTXX_T 1" >>confdefs.h
-
-	have_u_intxx_t=1
-fi
-
-if test -z "$have_u_intxx_t" ; then
-    { $as_echo "$as_me:${as_lineno-$LINENO}: checking for u_intXX_t types in sys/socket.h" >&5
-$as_echo_n "checking for u_intXX_t types in sys/socket.h... " >&6; }
-	cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
- #include <sys/socket.h>
-int
-main ()
-{
- u_int8_t a; u_int16_t b; u_int32_t c; a = b = c = 1;
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-
-			$as_echo "#define HAVE_U_INTXX_T 1" >>confdefs.h
-
-			{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-
-else
-   { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-fi
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for u_int64_t types" >&5
-$as_echo_n "checking for u_int64_t types... " >&6; }
-if ${ac_cv_have_u_int64_t+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-
-	cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
- #include <sys/types.h>
-int
-main ()
-{
- u_int64_t a; a = 1;
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-   ac_cv_have_u_int64_t="yes"
-else
-   ac_cv_have_u_int64_t="no"
-
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_have_u_int64_t" >&5
-$as_echo "$ac_cv_have_u_int64_t" >&6; }
-if test "x$ac_cv_have_u_int64_t" = "xyes" ; then
-
-$as_echo "#define HAVE_U_INT64_T 1" >>confdefs.h
-
-	have_u_int64_t=1
-fi
-
-if (test -z "$have_u_int64_t" && \
-	   test "x$ac_cv_header_sys_bitypes_h" = "xyes")
-then
-    { $as_echo "$as_me:${as_lineno-$LINENO}: checking for u_int64_t type in sys/bitypes.h" >&5
-$as_echo_n "checking for u_int64_t type in sys/bitypes.h... " >&6; }
-	cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
- #include <sys/bitypes.h>
-int
-main ()
-{
- u_int64_t a; a = 1
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-
-			$as_echo "#define HAVE_U_INT64_T 1" >>confdefs.h
-
-			{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-
-else
-   { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-fi
-
-if test -z "$have_u_intxx_t" ; then
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for uintXX_t types" >&5
-$as_echo_n "checking for uintXX_t types... " >&6; }
-if ${ac_cv_have_uintxx_t+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-
-		cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-#include <sys/types.h>
-
-int
-main ()
-{
-
-	uint8_t a;
-	uint16_t b;
-	uint32_t c;
-	a = b = c = 1;
-
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-   ac_cv_have_uintxx_t="yes"
-else
-   ac_cv_have_uintxx_t="no"
-
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_have_uintxx_t" >&5
-$as_echo "$ac_cv_have_uintxx_t" >&6; }
-	if test "x$ac_cv_have_uintxx_t" = "xyes" ; then
-
-$as_echo "#define HAVE_UINTXX_T 1" >>confdefs.h
-
-	fi
-fi
-
-if (test -z "$have_uintxx_t" && \
-	   test "x$ac_cv_header_stdint_h" = "xyes")
-then
-    { $as_echo "$as_me:${as_lineno-$LINENO}: checking for uintXX_t types in stdint.h" >&5
-$as_echo_n "checking for uintXX_t types in stdint.h... " >&6; }
-	cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
- #include <stdint.h>
-int
-main ()
-{
- uint8_t a; uint16_t b; uint32_t c; a = b = c = 1;
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-
-			$as_echo "#define HAVE_UINTXX_T 1" >>confdefs.h
-
-			{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-
-else
-   { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-fi
-
-if (test -z "$have_uintxx_t" && \
-	   test "x$ac_cv_header_inttypes_h" = "xyes")
-then
-    { $as_echo "$as_me:${as_lineno-$LINENO}: checking for uintXX_t types in inttypes.h" >&5
-$as_echo_n "checking for uintXX_t types in inttypes.h... " >&6; }
-	cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
- #include <inttypes.h>
-int
-main ()
-{
- uint8_t a; uint16_t b; uint32_t c; a = b = c = 1;
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-
-			$as_echo "#define HAVE_UINTXX_T 1" >>confdefs.h
-
-			{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-
-else
-   { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-fi
-
-if (test -z "$have_u_intxx_t" || test -z "$have_intxx_t" && \
-	   test "x$ac_cv_header_sys_bitypes_h" = "xyes")
-then
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for intXX_t and u_intXX_t types in sys/bitypes.h" >&5
-$as_echo_n "checking for intXX_t and u_intXX_t types in sys/bitypes.h... " >&6; }
-	cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-#include <sys/bitypes.h>
-
-int
-main ()
-{
-
-			int8_t a; int16_t b; int32_t c;
-			u_int8_t e; u_int16_t f; u_int32_t g;
-			a = b = c = e = f = g = 1;
-
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-
-			$as_echo "#define HAVE_U_INTXX_T 1" >>confdefs.h
-
-			$as_echo "#define HAVE_INTXX_T 1" >>confdefs.h
-
-			{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-
-else
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-fi
-
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for u_char" >&5
-$as_echo_n "checking for u_char... " >&6; }
-if ${ac_cv_have_u_char+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-
-	cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
- #include <sys/types.h>
-int
-main ()
-{
- u_char foo; foo = 125;
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-   ac_cv_have_u_char="yes"
-else
-   ac_cv_have_u_char="no"
-
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_have_u_char" >&5
-$as_echo "$ac_cv_have_u_char" >&6; }
-if test "x$ac_cv_have_u_char" = "xyes" ; then
-
-$as_echo "#define HAVE_U_CHAR 1" >>confdefs.h
-
-fi
-
-ac_fn_c_check_type "$LINENO" "intmax_t" "ac_cv_type_intmax_t" "
-#include <sys/types.h>
-#include <stdint.h>
-
-"
-if test "x$ac_cv_type_intmax_t" = xyes; then :
-
-cat >>confdefs.h <<_ACEOF
-#define HAVE_INTMAX_T 1
-_ACEOF
-
-
-fi
-ac_fn_c_check_type "$LINENO" "uintmax_t" "ac_cv_type_uintmax_t" "
-#include <sys/types.h>
-#include <stdint.h>
-
-"
-if test "x$ac_cv_type_uintmax_t" = xyes; then :
-
-cat >>confdefs.h <<_ACEOF
-#define HAVE_UINTMAX_T 1
-_ACEOF
-
-
-fi
-
-
-
-   ac_fn_c_check_type "$LINENO" "socklen_t" "ac_cv_type_socklen_t" "#include <sys/types.h>
-#include <sys/socket.h>
-"
-if test "x$ac_cv_type_socklen_t" = xyes; then :
-
-else
-
-      { $as_echo "$as_me:${as_lineno-$LINENO}: checking for socklen_t equivalent" >&5
-$as_echo_n "checking for socklen_t equivalent... " >&6; }
-      if ${curl_cv_socklen_t_equiv+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-
-	 # Systems have either "struct sockaddr *" or
-	 # "void *" as the second argument to getpeername
-	 curl_cv_socklen_t_equiv=
-	 for arg2 in "struct sockaddr" void; do
-	    for t in int size_t unsigned long "unsigned long"; do
-	       cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-		  #include <sys/types.h>
-		  #include <sys/socket.h>
-
-		  int getpeername (int, $arg2 *, $t *);
-
-int
-main ()
-{
-
-		  $t len;
-		  getpeername(0,0,&len);
-
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-
-		  curl_cv_socklen_t_equiv="$t"
-		  break
-
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-	    done
-	 done
-
-	 if test "x$curl_cv_socklen_t_equiv" = x; then
-	    as_fn_error $? "Cannot find a type to use in place of socklen_t" "$LINENO" 5
-	 fi
-
-fi
-
-      { $as_echo "$as_me:${as_lineno-$LINENO}: result: $curl_cv_socklen_t_equiv" >&5
-$as_echo "$curl_cv_socklen_t_equiv" >&6; }
-
-cat >>confdefs.h <<_ACEOF
-#define socklen_t $curl_cv_socklen_t_equiv
-_ACEOF
-
-fi
-
-
-
-ac_fn_c_check_type "$LINENO" "sig_atomic_t" "ac_cv_type_sig_atomic_t" "#include <signal.h>
-"
-if test "x$ac_cv_type_sig_atomic_t" = xyes; then :
-
-cat >>confdefs.h <<_ACEOF
-#define HAVE_SIG_ATOMIC_T 1
-_ACEOF
-
-
-fi
-
-ac_fn_c_check_type "$LINENO" "fsblkcnt_t" "ac_cv_type_fsblkcnt_t" "
-#include <sys/types.h>
-#ifdef HAVE_SYS_BITYPES_H
-#include <sys/bitypes.h>
-#endif
-#ifdef HAVE_SYS_STATFS_H
-#include <sys/statfs.h>
-#endif
-#ifdef HAVE_SYS_STATVFS_H
-#include <sys/statvfs.h>
-#endif
-
-"
-if test "x$ac_cv_type_fsblkcnt_t" = xyes; then :
-
-cat >>confdefs.h <<_ACEOF
-#define HAVE_FSBLKCNT_T 1
-_ACEOF
-
-
-fi
-ac_fn_c_check_type "$LINENO" "fsfilcnt_t" "ac_cv_type_fsfilcnt_t" "
-#include <sys/types.h>
-#ifdef HAVE_SYS_BITYPES_H
-#include <sys/bitypes.h>
-#endif
-#ifdef HAVE_SYS_STATFS_H
-#include <sys/statfs.h>
-#endif
-#ifdef HAVE_SYS_STATVFS_H
-#include <sys/statvfs.h>
-#endif
-
-"
-if test "x$ac_cv_type_fsfilcnt_t" = xyes; then :
-
-cat >>confdefs.h <<_ACEOF
-#define HAVE_FSFILCNT_T 1
-_ACEOF
-
-
-fi
-
-
-ac_fn_c_check_type "$LINENO" "in_addr_t" "ac_cv_type_in_addr_t" "#include <sys/types.h>
-#include <netinet/in.h>
-"
-if test "x$ac_cv_type_in_addr_t" = xyes; then :
-
-cat >>confdefs.h <<_ACEOF
-#define HAVE_IN_ADDR_T 1
-_ACEOF
-
-
-fi
-ac_fn_c_check_type "$LINENO" "in_port_t" "ac_cv_type_in_port_t" "#include <sys/types.h>
-#include <netinet/in.h>
-"
-if test "x$ac_cv_type_in_port_t" = xyes; then :
-
-cat >>confdefs.h <<_ACEOF
-#define HAVE_IN_PORT_T 1
-_ACEOF
-
-
-fi
-
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for size_t" >&5
-$as_echo_n "checking for size_t... " >&6; }
-if ${ac_cv_have_size_t+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-
-	cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
- #include <sys/types.h>
-int
-main ()
-{
- size_t foo; foo = 1235;
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-   ac_cv_have_size_t="yes"
-else
-   ac_cv_have_size_t="no"
-
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_have_size_t" >&5
-$as_echo "$ac_cv_have_size_t" >&6; }
-if test "x$ac_cv_have_size_t" = "xyes" ; then
-
-$as_echo "#define HAVE_SIZE_T 1" >>confdefs.h
-
-fi
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for ssize_t" >&5
-$as_echo_n "checking for ssize_t... " >&6; }
-if ${ac_cv_have_ssize_t+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-
-	cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
- #include <sys/types.h>
-int
-main ()
-{
- ssize_t foo; foo = 1235;
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-   ac_cv_have_ssize_t="yes"
-else
-   ac_cv_have_ssize_t="no"
-
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_have_ssize_t" >&5
-$as_echo "$ac_cv_have_ssize_t" >&6; }
-if test "x$ac_cv_have_ssize_t" = "xyes" ; then
-
-$as_echo "#define HAVE_SSIZE_T 1" >>confdefs.h
-
-fi
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for clock_t" >&5
-$as_echo_n "checking for clock_t... " >&6; }
-if ${ac_cv_have_clock_t+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-
-	cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
- #include <time.h>
-int
-main ()
-{
- clock_t foo; foo = 1235;
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-   ac_cv_have_clock_t="yes"
-else
-   ac_cv_have_clock_t="no"
-
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_have_clock_t" >&5
-$as_echo "$ac_cv_have_clock_t" >&6; }
-if test "x$ac_cv_have_clock_t" = "xyes" ; then
-
-$as_echo "#define HAVE_CLOCK_T 1" >>confdefs.h
-
-fi
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for sa_family_t" >&5
-$as_echo_n "checking for sa_family_t... " >&6; }
-if ${ac_cv_have_sa_family_t+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-
-	cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-#include <sys/types.h>
-#include <sys/socket.h>
-
-int
-main ()
-{
- sa_family_t foo; foo = 1235;
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-   ac_cv_have_sa_family_t="yes"
-else
-   cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-#include <sys/types.h>
-#include <sys/socket.h>
-#include <netinet/in.h>
-
-int
-main ()
-{
- sa_family_t foo; foo = 1235;
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-   ac_cv_have_sa_family_t="yes"
-else
-   ac_cv_have_sa_family_t="no"
-
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_have_sa_family_t" >&5
-$as_echo "$ac_cv_have_sa_family_t" >&6; }
-if test "x$ac_cv_have_sa_family_t" = "xyes" ; then
-
-$as_echo "#define HAVE_SA_FAMILY_T 1" >>confdefs.h
-
-fi
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for pid_t" >&5
-$as_echo_n "checking for pid_t... " >&6; }
-if ${ac_cv_have_pid_t+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-
-	cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
- #include <sys/types.h>
-int
-main ()
-{
- pid_t foo; foo = 1235;
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-   ac_cv_have_pid_t="yes"
-else
-   ac_cv_have_pid_t="no"
-
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_have_pid_t" >&5
-$as_echo "$ac_cv_have_pid_t" >&6; }
-if test "x$ac_cv_have_pid_t" = "xyes" ; then
-
-$as_echo "#define HAVE_PID_T 1" >>confdefs.h
-
-fi
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for mode_t" >&5
-$as_echo_n "checking for mode_t... " >&6; }
-if ${ac_cv_have_mode_t+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-
-	cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
- #include <sys/types.h>
-int
-main ()
-{
- mode_t foo; foo = 1235;
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-   ac_cv_have_mode_t="yes"
-else
-   ac_cv_have_mode_t="no"
-
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_have_mode_t" >&5
-$as_echo "$ac_cv_have_mode_t" >&6; }
-if test "x$ac_cv_have_mode_t" = "xyes" ; then
-
-$as_echo "#define HAVE_MODE_T 1" >>confdefs.h
-
-fi
-
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for struct sockaddr_storage" >&5
-$as_echo_n "checking for struct sockaddr_storage... " >&6; }
-if ${ac_cv_have_struct_sockaddr_storage+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-
-	cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-#include <sys/types.h>
-#include <sys/socket.h>
-
-int
-main ()
-{
- struct sockaddr_storage s;
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-   ac_cv_have_struct_sockaddr_storage="yes"
-else
-   ac_cv_have_struct_sockaddr_storage="no"
-
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_have_struct_sockaddr_storage" >&5
-$as_echo "$ac_cv_have_struct_sockaddr_storage" >&6; }
-if test "x$ac_cv_have_struct_sockaddr_storage" = "xyes" ; then
-
-$as_echo "#define HAVE_STRUCT_SOCKADDR_STORAGE 1" >>confdefs.h
-
-fi
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for struct sockaddr_in6" >&5
-$as_echo_n "checking for struct sockaddr_in6... " >&6; }
-if ${ac_cv_have_struct_sockaddr_in6+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-
-	cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-#include <sys/types.h>
-#include <netinet/in.h>
-
-int
-main ()
-{
- struct sockaddr_in6 s; s.sin6_family = 0;
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-   ac_cv_have_struct_sockaddr_in6="yes"
-else
-   ac_cv_have_struct_sockaddr_in6="no"
-
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_have_struct_sockaddr_in6" >&5
-$as_echo "$ac_cv_have_struct_sockaddr_in6" >&6; }
-if test "x$ac_cv_have_struct_sockaddr_in6" = "xyes" ; then
-
-$as_echo "#define HAVE_STRUCT_SOCKADDR_IN6 1" >>confdefs.h
-
-fi
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for struct in6_addr" >&5
-$as_echo_n "checking for struct in6_addr... " >&6; }
-if ${ac_cv_have_struct_in6_addr+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-
-	cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-#include <sys/types.h>
-#include <netinet/in.h>
-
-int
-main ()
-{
- struct in6_addr s; s.s6_addr[0] = 0;
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-   ac_cv_have_struct_in6_addr="yes"
-else
-   ac_cv_have_struct_in6_addr="no"
-
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_have_struct_in6_addr" >&5
-$as_echo "$ac_cv_have_struct_in6_addr" >&6; }
-if test "x$ac_cv_have_struct_in6_addr" = "xyes" ; then
-
-$as_echo "#define HAVE_STRUCT_IN6_ADDR 1" >>confdefs.h
-
-
-	ac_fn_c_check_member "$LINENO" "struct sockaddr_in6" "sin6_scope_id" "ac_cv_member_struct_sockaddr_in6_sin6_scope_id" "
-#ifdef HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-#include <netinet/in.h>
-
-"
-if test "x$ac_cv_member_struct_sockaddr_in6_sin6_scope_id" = xyes; then :
-
-cat >>confdefs.h <<_ACEOF
-#define HAVE_STRUCT_SOCKADDR_IN6_SIN6_SCOPE_ID 1
-_ACEOF
-
-
-fi
-
-fi
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for struct addrinfo" >&5
-$as_echo_n "checking for struct addrinfo... " >&6; }
-if ${ac_cv_have_struct_addrinfo+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-
-	cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-#include <sys/types.h>
-#include <sys/socket.h>
-#include <netdb.h>
-
-int
-main ()
-{
- struct addrinfo s; s.ai_flags = AI_PASSIVE;
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-   ac_cv_have_struct_addrinfo="yes"
-else
-   ac_cv_have_struct_addrinfo="no"
-
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_have_struct_addrinfo" >&5
-$as_echo "$ac_cv_have_struct_addrinfo" >&6; }
-if test "x$ac_cv_have_struct_addrinfo" = "xyes" ; then
-
-$as_echo "#define HAVE_STRUCT_ADDRINFO 1" >>confdefs.h
-
-fi
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for struct timeval" >&5
-$as_echo_n "checking for struct timeval... " >&6; }
-if ${ac_cv_have_struct_timeval+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-
-	cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
- #include <sys/time.h>
-int
-main ()
-{
- struct timeval tv; tv.tv_sec = 1;
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-   ac_cv_have_struct_timeval="yes"
-else
-   ac_cv_have_struct_timeval="no"
-
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_have_struct_timeval" >&5
-$as_echo "$ac_cv_have_struct_timeval" >&6; }
-if test "x$ac_cv_have_struct_timeval" = "xyes" ; then
-
-$as_echo "#define HAVE_STRUCT_TIMEVAL 1" >>confdefs.h
-
-	have_struct_timeval=1
-fi
-
-ac_fn_c_check_type "$LINENO" "struct timespec" "ac_cv_type_struct_timespec" "$ac_includes_default"
-if test "x$ac_cv_type_struct_timespec" = xyes; then :
-
-cat >>confdefs.h <<_ACEOF
-#define HAVE_STRUCT_TIMESPEC 1
-_ACEOF
-
-
-fi
-
-
-# We need int64_t or else certian parts of the compile will fail.
-if test "x$ac_cv_have_int64_t" = "xno" && \
-	test "x$ac_cv_sizeof_long_int" != "x8" && \
-	test "x$ac_cv_sizeof_long_long_int" = "x0" ; then
-	echo "OpenSSH requires int64_t support.  Contact your vendor or install"
-	echo "an alternative compiler (I.E., GCC) before continuing."
-	echo ""
-	exit 1;
-else
-	if test "$cross_compiling" = yes; then :
-  { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cross compiling: Assuming working snprintf()" >&5
-$as_echo "$as_me: WARNING: cross compiling: Assuming working snprintf()" >&2;}
-
-else
-  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-#include <stdio.h>
-#include <string.h>
-#ifdef HAVE_SNPRINTF
-main()
-{
-	char buf[50];
-	char expected_out[50];
-	int mazsize = 50 ;
-#if (SIZEOF_LONG_INT == 8)
-	long int num = 0x7fffffffffffffff;
-#else
-	long long num = 0x7fffffffffffffffll;
-#endif
-	strcpy(expected_out, "9223372036854775807");
-	snprintf(buf, mazsize, "%lld", num);
-	if(strcmp(buf, expected_out) != 0)
-		exit(1);
-	exit(0);
-}
-#else
-main() { exit(0); }
-#endif
-
-_ACEOF
-if ac_fn_c_try_run "$LINENO"; then :
-   true
-else
-   $as_echo "#define BROKEN_SNPRINTF 1" >>confdefs.h
-
-fi
-rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \
-  conftest.$ac_objext conftest.beam conftest.$ac_ext
-fi
-
-fi
-
-
-# look for field 'ut_host' in header 'utmp.h'
-		ossh_safe=`echo "utmp.h" | sed 'y%./+-%__p_%'`
-		ossh_varname="ossh_cv_$ossh_safe""_has_"ut_host
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for ut_host field in utmp.h" >&5
-$as_echo_n "checking for ut_host field in utmp.h... " >&6; }
-	if eval \${$ossh_varname+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-
-		cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-#include <utmp.h>
-
-_ACEOF
-if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
-  $EGREP "ut_host" >/dev/null 2>&1; then :
-   			eval "$ossh_varname=yes"
-else
-   			eval "$ossh_varname=no"
-fi
-rm -f conftest*
-
-fi
-
-	ossh_result=`eval 'echo $'"$ossh_varname"`
-	if test -n "`echo $ossh_varname`"; then
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ossh_result" >&5
-$as_echo "$ossh_result" >&6; }
-		if test "x$ossh_result" = "xyes"; then
-
-$as_echo "#define HAVE_HOST_IN_UTMP 1" >>confdefs.h
-
-		fi
-	else
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-	fi
-
-
-# look for field 'ut_host' in header 'utmpx.h'
-		ossh_safe=`echo "utmpx.h" | sed 'y%./+-%__p_%'`
-		ossh_varname="ossh_cv_$ossh_safe""_has_"ut_host
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for ut_host field in utmpx.h" >&5
-$as_echo_n "checking for ut_host field in utmpx.h... " >&6; }
-	if eval \${$ossh_varname+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-
-		cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-#include <utmpx.h>
-
-_ACEOF
-if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
-  $EGREP "ut_host" >/dev/null 2>&1; then :
-   			eval "$ossh_varname=yes"
-else
-   			eval "$ossh_varname=no"
-fi
-rm -f conftest*
-
-fi
-
-	ossh_result=`eval 'echo $'"$ossh_varname"`
-	if test -n "`echo $ossh_varname`"; then
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ossh_result" >&5
-$as_echo "$ossh_result" >&6; }
-		if test "x$ossh_result" = "xyes"; then
-
-$as_echo "#define HAVE_HOST_IN_UTMPX 1" >>confdefs.h
-
-		fi
-	else
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-	fi
-
-
-# look for field 'syslen' in header 'utmpx.h'
-		ossh_safe=`echo "utmpx.h" | sed 'y%./+-%__p_%'`
-		ossh_varname="ossh_cv_$ossh_safe""_has_"syslen
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for syslen field in utmpx.h" >&5
-$as_echo_n "checking for syslen field in utmpx.h... " >&6; }
-	if eval \${$ossh_varname+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-
-		cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-#include <utmpx.h>
-
-_ACEOF
-if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
-  $EGREP "syslen" >/dev/null 2>&1; then :
-   			eval "$ossh_varname=yes"
-else
-   			eval "$ossh_varname=no"
-fi
-rm -f conftest*
-
-fi
-
-	ossh_result=`eval 'echo $'"$ossh_varname"`
-	if test -n "`echo $ossh_varname`"; then
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ossh_result" >&5
-$as_echo "$ossh_result" >&6; }
-		if test "x$ossh_result" = "xyes"; then
-
-$as_echo "#define HAVE_SYSLEN_IN_UTMPX 1" >>confdefs.h
-
-		fi
-	else
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-	fi
-
-
-# look for field 'ut_pid' in header 'utmp.h'
-		ossh_safe=`echo "utmp.h" | sed 'y%./+-%__p_%'`
-		ossh_varname="ossh_cv_$ossh_safe""_has_"ut_pid
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for ut_pid field in utmp.h" >&5
-$as_echo_n "checking for ut_pid field in utmp.h... " >&6; }
-	if eval \${$ossh_varname+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-
-		cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-#include <utmp.h>
-
-_ACEOF
-if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
-  $EGREP "ut_pid" >/dev/null 2>&1; then :
-   			eval "$ossh_varname=yes"
-else
-   			eval "$ossh_varname=no"
-fi
-rm -f conftest*
-
-fi
-
-	ossh_result=`eval 'echo $'"$ossh_varname"`
-	if test -n "`echo $ossh_varname`"; then
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ossh_result" >&5
-$as_echo "$ossh_result" >&6; }
-		if test "x$ossh_result" = "xyes"; then
-
-$as_echo "#define HAVE_PID_IN_UTMP 1" >>confdefs.h
-
-		fi
-	else
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-	fi
-
-
-# look for field 'ut_type' in header 'utmp.h'
-		ossh_safe=`echo "utmp.h" | sed 'y%./+-%__p_%'`
-		ossh_varname="ossh_cv_$ossh_safe""_has_"ut_type
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for ut_type field in utmp.h" >&5
-$as_echo_n "checking for ut_type field in utmp.h... " >&6; }
-	if eval \${$ossh_varname+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-
-		cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-#include <utmp.h>
-
-_ACEOF
-if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
-  $EGREP "ut_type" >/dev/null 2>&1; then :
-   			eval "$ossh_varname=yes"
-else
-   			eval "$ossh_varname=no"
-fi
-rm -f conftest*
-
-fi
-
-	ossh_result=`eval 'echo $'"$ossh_varname"`
-	if test -n "`echo $ossh_varname`"; then
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ossh_result" >&5
-$as_echo "$ossh_result" >&6; }
-		if test "x$ossh_result" = "xyes"; then
-
-$as_echo "#define HAVE_TYPE_IN_UTMP 1" >>confdefs.h
-
-		fi
-	else
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-	fi
-
-
-# look for field 'ut_type' in header 'utmpx.h'
-		ossh_safe=`echo "utmpx.h" | sed 'y%./+-%__p_%'`
-		ossh_varname="ossh_cv_$ossh_safe""_has_"ut_type
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for ut_type field in utmpx.h" >&5
-$as_echo_n "checking for ut_type field in utmpx.h... " >&6; }
-	if eval \${$ossh_varname+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-
-		cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-#include <utmpx.h>
-
-_ACEOF
-if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
-  $EGREP "ut_type" >/dev/null 2>&1; then :
-   			eval "$ossh_varname=yes"
-else
-   			eval "$ossh_varname=no"
-fi
-rm -f conftest*
-
-fi
-
-	ossh_result=`eval 'echo $'"$ossh_varname"`
-	if test -n "`echo $ossh_varname`"; then
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ossh_result" >&5
-$as_echo "$ossh_result" >&6; }
-		if test "x$ossh_result" = "xyes"; then
-
-$as_echo "#define HAVE_TYPE_IN_UTMPX 1" >>confdefs.h
-
-		fi
-	else
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-	fi
-
-
-# look for field 'ut_tv' in header 'utmp.h'
-		ossh_safe=`echo "utmp.h" | sed 'y%./+-%__p_%'`
-		ossh_varname="ossh_cv_$ossh_safe""_has_"ut_tv
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for ut_tv field in utmp.h" >&5
-$as_echo_n "checking for ut_tv field in utmp.h... " >&6; }
-	if eval \${$ossh_varname+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-
-		cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-#include <utmp.h>
-
-_ACEOF
-if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
-  $EGREP "ut_tv" >/dev/null 2>&1; then :
-   			eval "$ossh_varname=yes"
-else
-   			eval "$ossh_varname=no"
-fi
-rm -f conftest*
-
-fi
-
-	ossh_result=`eval 'echo $'"$ossh_varname"`
-	if test -n "`echo $ossh_varname`"; then
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ossh_result" >&5
-$as_echo "$ossh_result" >&6; }
-		if test "x$ossh_result" = "xyes"; then
-
-$as_echo "#define HAVE_TV_IN_UTMP 1" >>confdefs.h
-
-		fi
-	else
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-	fi
-
-
-# look for field 'ut_id' in header 'utmp.h'
-		ossh_safe=`echo "utmp.h" | sed 'y%./+-%__p_%'`
-		ossh_varname="ossh_cv_$ossh_safe""_has_"ut_id
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for ut_id field in utmp.h" >&5
-$as_echo_n "checking for ut_id field in utmp.h... " >&6; }
-	if eval \${$ossh_varname+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-
-		cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-#include <utmp.h>
-
-_ACEOF
-if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
-  $EGREP "ut_id" >/dev/null 2>&1; then :
-   			eval "$ossh_varname=yes"
-else
-   			eval "$ossh_varname=no"
-fi
-rm -f conftest*
-
-fi
-
-	ossh_result=`eval 'echo $'"$ossh_varname"`
-	if test -n "`echo $ossh_varname`"; then
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ossh_result" >&5
-$as_echo "$ossh_result" >&6; }
-		if test "x$ossh_result" = "xyes"; then
-
-$as_echo "#define HAVE_ID_IN_UTMP 1" >>confdefs.h
-
-		fi
-	else
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-	fi
-
-
-# look for field 'ut_id' in header 'utmpx.h'
-		ossh_safe=`echo "utmpx.h" | sed 'y%./+-%__p_%'`
-		ossh_varname="ossh_cv_$ossh_safe""_has_"ut_id
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for ut_id field in utmpx.h" >&5
-$as_echo_n "checking for ut_id field in utmpx.h... " >&6; }
-	if eval \${$ossh_varname+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-
-		cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-#include <utmpx.h>
-
-_ACEOF
-if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
-  $EGREP "ut_id" >/dev/null 2>&1; then :
-   			eval "$ossh_varname=yes"
-else
-   			eval "$ossh_varname=no"
-fi
-rm -f conftest*
-
-fi
-
-	ossh_result=`eval 'echo $'"$ossh_varname"`
-	if test -n "`echo $ossh_varname`"; then
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ossh_result" >&5
-$as_echo "$ossh_result" >&6; }
-		if test "x$ossh_result" = "xyes"; then
-
-$as_echo "#define HAVE_ID_IN_UTMPX 1" >>confdefs.h
-
-		fi
-	else
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-	fi
-
-
-# look for field 'ut_addr' in header 'utmp.h'
-		ossh_safe=`echo "utmp.h" | sed 'y%./+-%__p_%'`
-		ossh_varname="ossh_cv_$ossh_safe""_has_"ut_addr
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for ut_addr field in utmp.h" >&5
-$as_echo_n "checking for ut_addr field in utmp.h... " >&6; }
-	if eval \${$ossh_varname+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-
-		cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-#include <utmp.h>
-
-_ACEOF
-if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
-  $EGREP "ut_addr" >/dev/null 2>&1; then :
-   			eval "$ossh_varname=yes"
-else
-   			eval "$ossh_varname=no"
-fi
-rm -f conftest*
-
-fi
-
-	ossh_result=`eval 'echo $'"$ossh_varname"`
-	if test -n "`echo $ossh_varname`"; then
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ossh_result" >&5
-$as_echo "$ossh_result" >&6; }
-		if test "x$ossh_result" = "xyes"; then
-
-$as_echo "#define HAVE_ADDR_IN_UTMP 1" >>confdefs.h
-
-		fi
-	else
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-	fi
-
-
-# look for field 'ut_addr' in header 'utmpx.h'
-		ossh_safe=`echo "utmpx.h" | sed 'y%./+-%__p_%'`
-		ossh_varname="ossh_cv_$ossh_safe""_has_"ut_addr
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for ut_addr field in utmpx.h" >&5
-$as_echo_n "checking for ut_addr field in utmpx.h... " >&6; }
-	if eval \${$ossh_varname+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-
-		cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-#include <utmpx.h>
-
-_ACEOF
-if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
-  $EGREP "ut_addr" >/dev/null 2>&1; then :
-   			eval "$ossh_varname=yes"
-else
-   			eval "$ossh_varname=no"
-fi
-rm -f conftest*
-
-fi
-
-	ossh_result=`eval 'echo $'"$ossh_varname"`
-	if test -n "`echo $ossh_varname`"; then
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ossh_result" >&5
-$as_echo "$ossh_result" >&6; }
-		if test "x$ossh_result" = "xyes"; then
-
-$as_echo "#define HAVE_ADDR_IN_UTMPX 1" >>confdefs.h
-
-		fi
-	else
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-	fi
-
-
-# look for field 'ut_addr_v6' in header 'utmp.h'
-		ossh_safe=`echo "utmp.h" | sed 'y%./+-%__p_%'`
-		ossh_varname="ossh_cv_$ossh_safe""_has_"ut_addr_v6
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for ut_addr_v6 field in utmp.h" >&5
-$as_echo_n "checking for ut_addr_v6 field in utmp.h... " >&6; }
-	if eval \${$ossh_varname+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-
-		cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-#include <utmp.h>
-
-_ACEOF
-if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
-  $EGREP "ut_addr_v6" >/dev/null 2>&1; then :
-   			eval "$ossh_varname=yes"
-else
-   			eval "$ossh_varname=no"
-fi
-rm -f conftest*
-
-fi
-
-	ossh_result=`eval 'echo $'"$ossh_varname"`
-	if test -n "`echo $ossh_varname`"; then
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ossh_result" >&5
-$as_echo "$ossh_result" >&6; }
-		if test "x$ossh_result" = "xyes"; then
-
-$as_echo "#define HAVE_ADDR_V6_IN_UTMP 1" >>confdefs.h
-
-		fi
-	else
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-	fi
-
-
-# look for field 'ut_addr_v6' in header 'utmpx.h'
-		ossh_safe=`echo "utmpx.h" | sed 'y%./+-%__p_%'`
-		ossh_varname="ossh_cv_$ossh_safe""_has_"ut_addr_v6
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for ut_addr_v6 field in utmpx.h" >&5
-$as_echo_n "checking for ut_addr_v6 field in utmpx.h... " >&6; }
-	if eval \${$ossh_varname+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-
-		cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-#include <utmpx.h>
-
-_ACEOF
-if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
-  $EGREP "ut_addr_v6" >/dev/null 2>&1; then :
-   			eval "$ossh_varname=yes"
-else
-   			eval "$ossh_varname=no"
-fi
-rm -f conftest*
-
-fi
-
-	ossh_result=`eval 'echo $'"$ossh_varname"`
-	if test -n "`echo $ossh_varname`"; then
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ossh_result" >&5
-$as_echo "$ossh_result" >&6; }
-		if test "x$ossh_result" = "xyes"; then
-
-$as_echo "#define HAVE_ADDR_V6_IN_UTMPX 1" >>confdefs.h
-
-		fi
-	else
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-	fi
-
-
-# look for field 'ut_exit' in header 'utmp.h'
-		ossh_safe=`echo "utmp.h" | sed 'y%./+-%__p_%'`
-		ossh_varname="ossh_cv_$ossh_safe""_has_"ut_exit
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for ut_exit field in utmp.h" >&5
-$as_echo_n "checking for ut_exit field in utmp.h... " >&6; }
-	if eval \${$ossh_varname+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-
-		cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-#include <utmp.h>
-
-_ACEOF
-if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
-  $EGREP "ut_exit" >/dev/null 2>&1; then :
-   			eval "$ossh_varname=yes"
-else
-   			eval "$ossh_varname=no"
-fi
-rm -f conftest*
-
-fi
-
-	ossh_result=`eval 'echo $'"$ossh_varname"`
-	if test -n "`echo $ossh_varname`"; then
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ossh_result" >&5
-$as_echo "$ossh_result" >&6; }
-		if test "x$ossh_result" = "xyes"; then
-
-$as_echo "#define HAVE_EXIT_IN_UTMP 1" >>confdefs.h
-
-		fi
-	else
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-	fi
-
-
-# look for field 'ut_time' in header 'utmp.h'
-		ossh_safe=`echo "utmp.h" | sed 'y%./+-%__p_%'`
-		ossh_varname="ossh_cv_$ossh_safe""_has_"ut_time
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for ut_time field in utmp.h" >&5
-$as_echo_n "checking for ut_time field in utmp.h... " >&6; }
-	if eval \${$ossh_varname+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-
-		cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-#include <utmp.h>
-
-_ACEOF
-if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
-  $EGREP "ut_time" >/dev/null 2>&1; then :
-   			eval "$ossh_varname=yes"
-else
-   			eval "$ossh_varname=no"
-fi
-rm -f conftest*
-
-fi
-
-	ossh_result=`eval 'echo $'"$ossh_varname"`
-	if test -n "`echo $ossh_varname`"; then
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ossh_result" >&5
-$as_echo "$ossh_result" >&6; }
-		if test "x$ossh_result" = "xyes"; then
-
-$as_echo "#define HAVE_TIME_IN_UTMP 1" >>confdefs.h
-
-		fi
-	else
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-	fi
-
-
-# look for field 'ut_time' in header 'utmpx.h'
-		ossh_safe=`echo "utmpx.h" | sed 'y%./+-%__p_%'`
-		ossh_varname="ossh_cv_$ossh_safe""_has_"ut_time
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for ut_time field in utmpx.h" >&5
-$as_echo_n "checking for ut_time field in utmpx.h... " >&6; }
-	if eval \${$ossh_varname+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-
-		cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-#include <utmpx.h>
-
-_ACEOF
-if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
-  $EGREP "ut_time" >/dev/null 2>&1; then :
-   			eval "$ossh_varname=yes"
-else
-   			eval "$ossh_varname=no"
-fi
-rm -f conftest*
-
-fi
-
-	ossh_result=`eval 'echo $'"$ossh_varname"`
-	if test -n "`echo $ossh_varname`"; then
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ossh_result" >&5
-$as_echo "$ossh_result" >&6; }
-		if test "x$ossh_result" = "xyes"; then
-
-$as_echo "#define HAVE_TIME_IN_UTMPX 1" >>confdefs.h
-
-		fi
-	else
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-	fi
-
-
-# look for field 'ut_tv' in header 'utmpx.h'
-		ossh_safe=`echo "utmpx.h" | sed 'y%./+-%__p_%'`
-		ossh_varname="ossh_cv_$ossh_safe""_has_"ut_tv
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for ut_tv field in utmpx.h" >&5
-$as_echo_n "checking for ut_tv field in utmpx.h... " >&6; }
-	if eval \${$ossh_varname+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-
-		cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-#include <utmpx.h>
-
-_ACEOF
-if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
-  $EGREP "ut_tv" >/dev/null 2>&1; then :
-   			eval "$ossh_varname=yes"
-else
-   			eval "$ossh_varname=no"
-fi
-rm -f conftest*
-
-fi
-
-	ossh_result=`eval 'echo $'"$ossh_varname"`
-	if test -n "`echo $ossh_varname`"; then
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ossh_result" >&5
-$as_echo "$ossh_result" >&6; }
-		if test "x$ossh_result" = "xyes"; then
-
-$as_echo "#define HAVE_TV_IN_UTMPX 1" >>confdefs.h
-
-		fi
-	else
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-	fi
-
-
-ac_fn_c_check_member "$LINENO" "struct stat" "st_blksize" "ac_cv_member_struct_stat_st_blksize" "$ac_includes_default"
-if test "x$ac_cv_member_struct_stat_st_blksize" = xyes; then :
-
-cat >>confdefs.h <<_ACEOF
-#define HAVE_STRUCT_STAT_ST_BLKSIZE 1
-_ACEOF
-
-
-fi
-
-ac_fn_c_check_member "$LINENO" "struct passwd" "pw_gecos" "ac_cv_member_struct_passwd_pw_gecos" "
-#include <sys/types.h>
-#include <pwd.h>
-
-"
-if test "x$ac_cv_member_struct_passwd_pw_gecos" = xyes; then :
-
-cat >>confdefs.h <<_ACEOF
-#define HAVE_STRUCT_PASSWD_PW_GECOS 1
-_ACEOF
-
-
-fi
-ac_fn_c_check_member "$LINENO" "struct passwd" "pw_class" "ac_cv_member_struct_passwd_pw_class" "
-#include <sys/types.h>
-#include <pwd.h>
-
-"
-if test "x$ac_cv_member_struct_passwd_pw_class" = xyes; then :
-
-cat >>confdefs.h <<_ACEOF
-#define HAVE_STRUCT_PASSWD_PW_CLASS 1
-_ACEOF
-
-
-fi
-ac_fn_c_check_member "$LINENO" "struct passwd" "pw_change" "ac_cv_member_struct_passwd_pw_change" "
-#include <sys/types.h>
-#include <pwd.h>
-
-"
-if test "x$ac_cv_member_struct_passwd_pw_change" = xyes; then :
-
-cat >>confdefs.h <<_ACEOF
-#define HAVE_STRUCT_PASSWD_PW_CHANGE 1
-_ACEOF
-
-
-fi
-ac_fn_c_check_member "$LINENO" "struct passwd" "pw_expire" "ac_cv_member_struct_passwd_pw_expire" "
-#include <sys/types.h>
-#include <pwd.h>
-
-"
-if test "x$ac_cv_member_struct_passwd_pw_expire" = xyes; then :
-
-cat >>confdefs.h <<_ACEOF
-#define HAVE_STRUCT_PASSWD_PW_EXPIRE 1
-_ACEOF
-
-
-fi
-
-
-ac_fn_c_check_member "$LINENO" "struct __res_state" "retrans" "ac_cv_member_struct___res_state_retrans" "
-#include <stdio.h>
-#if HAVE_SYS_TYPES_H
-# include <sys/types.h>
-#endif
-#include <netinet/in.h>
-#include <arpa/nameser.h>
-#include <resolv.h>
-
-"
-if test "x$ac_cv_member_struct___res_state_retrans" = xyes; then :
-
-else
-
-$as_echo "#define __res_state state" >>confdefs.h
-
-fi
-
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for ss_family field in struct sockaddr_storage" >&5
-$as_echo_n "checking for ss_family field in struct sockaddr_storage... " >&6; }
-if ${ac_cv_have_ss_family_in_struct_ss+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-
-	cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-#include <sys/types.h>
-#include <sys/socket.h>
-
-int
-main ()
-{
- struct sockaddr_storage s; s.ss_family = 1;
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-   ac_cv_have_ss_family_in_struct_ss="yes"
-else
-   ac_cv_have_ss_family_in_struct_ss="no"
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_have_ss_family_in_struct_ss" >&5
-$as_echo "$ac_cv_have_ss_family_in_struct_ss" >&6; }
-if test "x$ac_cv_have_ss_family_in_struct_ss" = "xyes" ; then
-
-$as_echo "#define HAVE_SS_FAMILY_IN_SS 1" >>confdefs.h
-
-fi
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for __ss_family field in struct sockaddr_storage" >&5
-$as_echo_n "checking for __ss_family field in struct sockaddr_storage... " >&6; }
-if ${ac_cv_have___ss_family_in_struct_ss+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-
-	cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-#include <sys/types.h>
-#include <sys/socket.h>
-
-int
-main ()
-{
- struct sockaddr_storage s; s.__ss_family = 1;
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-   ac_cv_have___ss_family_in_struct_ss="yes"
-else
-   ac_cv_have___ss_family_in_struct_ss="no"
-
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_have___ss_family_in_struct_ss" >&5
-$as_echo "$ac_cv_have___ss_family_in_struct_ss" >&6; }
-if test "x$ac_cv_have___ss_family_in_struct_ss" = "xyes" ; then
-
-$as_echo "#define HAVE___SS_FAMILY_IN_SS 1" >>confdefs.h
-
-fi
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for msg_accrights field in struct msghdr" >&5
-$as_echo_n "checking for msg_accrights field in struct msghdr... " >&6; }
-if ${ac_cv_have_accrights_in_msghdr+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-
-	cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-#include <sys/types.h>
-#include <sys/socket.h>
-#include <sys/uio.h>
-
-int
-main ()
-{
-
-#ifdef msg_accrights
-#error "msg_accrights is a macro"
-exit(1);
-#endif
-struct msghdr m;
-m.msg_accrights = 0;
-exit(0);
-
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-   ac_cv_have_accrights_in_msghdr="yes"
-else
-   ac_cv_have_accrights_in_msghdr="no"
-
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_have_accrights_in_msghdr" >&5
-$as_echo "$ac_cv_have_accrights_in_msghdr" >&6; }
-if test "x$ac_cv_have_accrights_in_msghdr" = "xyes" ; then
-
-$as_echo "#define HAVE_ACCRIGHTS_IN_MSGHDR 1" >>confdefs.h
-
-fi
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if struct statvfs.f_fsid is integral type" >&5
-$as_echo_n "checking if struct statvfs.f_fsid is integral type... " >&6; }
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-#include <sys/param.h>
-#include <sys/stat.h>
-#ifdef HAVE_SYS_TIME_H
-# include <sys/time.h>
-#endif
-#ifdef HAVE_SYS_MOUNT_H
-#include <sys/mount.h>
-#endif
-#ifdef HAVE_SYS_STATVFS_H
-#include <sys/statvfs.h>
-#endif
-
-int
-main ()
-{
- struct statvfs s; s.f_fsid = 0;
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-   { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-else
-   { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if fsid_t has member val" >&5
-$as_echo_n "checking if fsid_t has member val... " >&6; }
-	cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-#include <sys/types.h>
-#include <sys/statvfs.h>
-
-int
-main ()
-{
- fsid_t t; t.val[0] = 0;
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-   { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-
-$as_echo "#define FSID_HAS_VAL 1" >>confdefs.h
-
-else
-   { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if f_fsid has member __val" >&5
-$as_echo_n "checking if f_fsid has member __val... " >&6; }
-	cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-#include <sys/types.h>
-#include <sys/statvfs.h>
-
-int
-main ()
-{
- fsid_t t; t.__val[0] = 0;
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-   { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-
-$as_echo "#define FSID_HAS___VAL 1" >>confdefs.h
-
-else
-   { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for msg_control field in struct msghdr" >&5
-$as_echo_n "checking for msg_control field in struct msghdr... " >&6; }
-if ${ac_cv_have_control_in_msghdr+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-
-	cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-#include <sys/types.h>
-#include <sys/socket.h>
-#include <sys/uio.h>
-
-int
-main ()
-{
-
-#ifdef msg_control
-#error "msg_control is a macro"
-exit(1);
-#endif
-struct msghdr m;
-m.msg_control = 0;
-exit(0);
-
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-   ac_cv_have_control_in_msghdr="yes"
-else
-   ac_cv_have_control_in_msghdr="no"
-
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_have_control_in_msghdr" >&5
-$as_echo "$ac_cv_have_control_in_msghdr" >&6; }
-if test "x$ac_cv_have_control_in_msghdr" = "xyes" ; then
-
-$as_echo "#define HAVE_CONTROL_IN_MSGHDR 1" >>confdefs.h
-
-fi
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if libc defines __progname" >&5
-$as_echo_n "checking if libc defines __progname... " >&6; }
-if ${ac_cv_libc_defines___progname+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-
-	cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-int
-main ()
-{
- extern char *__progname; printf("%s", __progname);
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
-   ac_cv_libc_defines___progname="yes"
-else
-   ac_cv_libc_defines___progname="no"
-
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext conftest.$ac_ext
-
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_libc_defines___progname" >&5
-$as_echo "$ac_cv_libc_defines___progname" >&6; }
-if test "x$ac_cv_libc_defines___progname" = "xyes" ; then
-
-$as_echo "#define HAVE___PROGNAME 1" >>confdefs.h
-
-fi
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $CC implements __FUNCTION__" >&5
-$as_echo_n "checking whether $CC implements __FUNCTION__... " >&6; }
-if ${ac_cv_cc_implements___FUNCTION__+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-
-	cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
- #include <stdio.h>
-int
-main ()
-{
- printf("%s", __FUNCTION__);
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
-   ac_cv_cc_implements___FUNCTION__="yes"
-else
-   ac_cv_cc_implements___FUNCTION__="no"
-
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext conftest.$ac_ext
-
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_cc_implements___FUNCTION__" >&5
-$as_echo "$ac_cv_cc_implements___FUNCTION__" >&6; }
-if test "x$ac_cv_cc_implements___FUNCTION__" = "xyes" ; then
-
-$as_echo "#define HAVE___FUNCTION__ 1" >>confdefs.h
-
-fi
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $CC implements __func__" >&5
-$as_echo_n "checking whether $CC implements __func__... " >&6; }
-if ${ac_cv_cc_implements___func__+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-
-	cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
- #include <stdio.h>
-int
-main ()
-{
- printf("%s", __func__);
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
-   ac_cv_cc_implements___func__="yes"
-else
-   ac_cv_cc_implements___func__="no"
-
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext conftest.$ac_ext
-
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_cc_implements___func__" >&5
-$as_echo "$ac_cv_cc_implements___func__" >&6; }
-if test "x$ac_cv_cc_implements___func__" = "xyes" ; then
-
-$as_echo "#define HAVE___func__ 1" >>confdefs.h
-
-fi
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether va_copy exists" >&5
-$as_echo_n "checking whether va_copy exists... " >&6; }
-if ${ac_cv_have_va_copy+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-
-	cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-#include <stdarg.h>
-va_list x,y;
-
-int
-main ()
-{
- va_copy(x,y);
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
-   ac_cv_have_va_copy="yes"
-else
-   ac_cv_have_va_copy="no"
-
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext conftest.$ac_ext
-
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_have_va_copy" >&5
-$as_echo "$ac_cv_have_va_copy" >&6; }
-if test "x$ac_cv_have_va_copy" = "xyes" ; then
-
-$as_echo "#define HAVE_VA_COPY 1" >>confdefs.h
-
-fi
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether __va_copy exists" >&5
-$as_echo_n "checking whether __va_copy exists... " >&6; }
-if ${ac_cv_have___va_copy+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-
-	cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-#include <stdarg.h>
-va_list x,y;
-
-int
-main ()
-{
- __va_copy(x,y);
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
-   ac_cv_have___va_copy="yes"
-else
-   ac_cv_have___va_copy="no"
-
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext conftest.$ac_ext
-
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_have___va_copy" >&5
-$as_echo "$ac_cv_have___va_copy" >&6; }
-if test "x$ac_cv_have___va_copy" = "xyes" ; then
-
-$as_echo "#define HAVE___VA_COPY 1" >>confdefs.h
-
-fi
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether getopt has optreset support" >&5
-$as_echo_n "checking whether getopt has optreset support... " >&6; }
-if ${ac_cv_have_getopt_optreset+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-
-	cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
- #include <getopt.h>
-int
-main ()
-{
- extern int optreset; optreset = 0;
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
-   ac_cv_have_getopt_optreset="yes"
-else
-   ac_cv_have_getopt_optreset="no"
-
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext conftest.$ac_ext
-
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_have_getopt_optreset" >&5
-$as_echo "$ac_cv_have_getopt_optreset" >&6; }
-if test "x$ac_cv_have_getopt_optreset" = "xyes" ; then
-
-$as_echo "#define HAVE_GETOPT_OPTRESET 1" >>confdefs.h
-
-fi
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if libc defines sys_errlist" >&5
-$as_echo_n "checking if libc defines sys_errlist... " >&6; }
-if ${ac_cv_libc_defines_sys_errlist+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-
-	cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-int
-main ()
-{
- extern const char *const sys_errlist[]; printf("%s", sys_errlist[0]);
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
-   ac_cv_libc_defines_sys_errlist="yes"
-else
-   ac_cv_libc_defines_sys_errlist="no"
-
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext conftest.$ac_ext
-
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_libc_defines_sys_errlist" >&5
-$as_echo "$ac_cv_libc_defines_sys_errlist" >&6; }
-if test "x$ac_cv_libc_defines_sys_errlist" = "xyes" ; then
-
-$as_echo "#define HAVE_SYS_ERRLIST 1" >>confdefs.h
-
-fi
-
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if libc defines sys_nerr" >&5
-$as_echo_n "checking if libc defines sys_nerr... " >&6; }
-if ${ac_cv_libc_defines_sys_nerr+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-
-	cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-int
-main ()
-{
- extern int sys_nerr; printf("%i", sys_nerr);
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
-   ac_cv_libc_defines_sys_nerr="yes"
-else
-   ac_cv_libc_defines_sys_nerr="no"
-
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext conftest.$ac_ext
-
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_libc_defines_sys_nerr" >&5
-$as_echo "$ac_cv_libc_defines_sys_nerr" >&6; }
-if test "x$ac_cv_libc_defines_sys_nerr" = "xyes" ; then
-
-$as_echo "#define HAVE_SYS_NERR 1" >>confdefs.h
-
-fi
-
-# Check libraries needed by DNS fingerprint support
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing getrrsetbyname" >&5
-$as_echo_n "checking for library containing getrrsetbyname... " >&6; }
-if ${ac_cv_search_getrrsetbyname+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_func_search_save_LIBS=$LIBS
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char getrrsetbyname ();
-int
-main ()
-{
-return getrrsetbyname ();
-  ;
-  return 0;
-}
-_ACEOF
-for ac_lib in '' resolv; do
-  if test -z "$ac_lib"; then
-    ac_res="none required"
-  else
-    ac_res=-l$ac_lib
-    LIBS="-l$ac_lib  $ac_func_search_save_LIBS"
-  fi
-  if ac_fn_c_try_link "$LINENO"; then :
-  ac_cv_search_getrrsetbyname=$ac_res
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext
-  if ${ac_cv_search_getrrsetbyname+:} false; then :
-  break
-fi
-done
-if ${ac_cv_search_getrrsetbyname+:} false; then :
-
-else
-  ac_cv_search_getrrsetbyname=no
-fi
-rm conftest.$ac_ext
-LIBS=$ac_func_search_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_getrrsetbyname" >&5
-$as_echo "$ac_cv_search_getrrsetbyname" >&6; }
-ac_res=$ac_cv_search_getrrsetbyname
-if test "$ac_res" != no; then :
-  test "$ac_res" = "none required" || LIBS="$ac_res $LIBS"
-
-$as_echo "#define HAVE_GETRRSETBYNAME 1" >>confdefs.h
-
-else
-
-		# Needed by our getrrsetbyname()
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing res_query" >&5
-$as_echo_n "checking for library containing res_query... " >&6; }
-if ${ac_cv_search_res_query+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_func_search_save_LIBS=$LIBS
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char res_query ();
-int
-main ()
-{
-return res_query ();
-  ;
-  return 0;
-}
-_ACEOF
-for ac_lib in '' resolv; do
-  if test -z "$ac_lib"; then
-    ac_res="none required"
-  else
-    ac_res=-l$ac_lib
-    LIBS="-l$ac_lib  $ac_func_search_save_LIBS"
-  fi
-  if ac_fn_c_try_link "$LINENO"; then :
-  ac_cv_search_res_query=$ac_res
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext
-  if ${ac_cv_search_res_query+:} false; then :
-  break
-fi
-done
-if ${ac_cv_search_res_query+:} false; then :
-
-else
-  ac_cv_search_res_query=no
-fi
-rm conftest.$ac_ext
-LIBS=$ac_func_search_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_res_query" >&5
-$as_echo "$ac_cv_search_res_query" >&6; }
-ac_res=$ac_cv_search_res_query
-if test "$ac_res" != no; then :
-  test "$ac_res" = "none required" || LIBS="$ac_res $LIBS"
-
-fi
-
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing dn_expand" >&5
-$as_echo_n "checking for library containing dn_expand... " >&6; }
-if ${ac_cv_search_dn_expand+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_func_search_save_LIBS=$LIBS
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char dn_expand ();
-int
-main ()
-{
-return dn_expand ();
-  ;
-  return 0;
-}
-_ACEOF
-for ac_lib in '' resolv; do
-  if test -z "$ac_lib"; then
-    ac_res="none required"
-  else
-    ac_res=-l$ac_lib
-    LIBS="-l$ac_lib  $ac_func_search_save_LIBS"
-  fi
-  if ac_fn_c_try_link "$LINENO"; then :
-  ac_cv_search_dn_expand=$ac_res
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext
-  if ${ac_cv_search_dn_expand+:} false; then :
-  break
-fi
-done
-if ${ac_cv_search_dn_expand+:} false; then :
-
-else
-  ac_cv_search_dn_expand=no
-fi
-rm conftest.$ac_ext
-LIBS=$ac_func_search_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_dn_expand" >&5
-$as_echo "$ac_cv_search_dn_expand" >&6; }
-ac_res=$ac_cv_search_dn_expand
-if test "$ac_res" != no; then :
-  test "$ac_res" = "none required" || LIBS="$ac_res $LIBS"
-
-fi
-
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if res_query will link" >&5
-$as_echo_n "checking if res_query will link... " >&6; }
-		cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-#include <sys/types.h>
-#include <netinet/in.h>
-#include <arpa/nameser.h>
-#include <netdb.h>
-#include <resolv.h>
-
-int
-main ()
-{
-
-	res_query (0, 0, 0, 0, 0);
-
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-else
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-		    saved_LIBS="$LIBS"
-		    LIBS="$LIBS -lresolv"
-		    { $as_echo "$as_me:${as_lineno-$LINENO}: checking for res_query in -lresolv" >&5
-$as_echo_n "checking for res_query in -lresolv... " >&6; }
-		    cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-#include <sys/types.h>
-#include <netinet/in.h>
-#include <arpa/nameser.h>
-#include <netdb.h>
-#include <resolv.h>
-
-int
-main ()
-{
-
-	res_query (0, 0, 0, 0, 0);
-
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-else
-  LIBS="$saved_LIBS"
-			 { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext conftest.$ac_ext
-
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext conftest.$ac_ext
-		for ac_func in _getshort _getlong
-do :
-  as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh`
-ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var"
-if eval test \"x\$"$as_ac_var"\" = x"yes"; then :
-  cat >>confdefs.h <<_ACEOF
-#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1
-_ACEOF
-
-fi
-done
-
-		ac_fn_c_check_decl "$LINENO" "_getshort" "ac_cv_have_decl__getshort" "#include <sys/types.h>
-		    #include <arpa/nameser.h>
-"
-if test "x$ac_cv_have_decl__getshort" = xyes; then :
-  ac_have_decl=1
-else
-  ac_have_decl=0
-fi
-
-cat >>confdefs.h <<_ACEOF
-#define HAVE_DECL__GETSHORT $ac_have_decl
-_ACEOF
-ac_fn_c_check_decl "$LINENO" "_getlong" "ac_cv_have_decl__getlong" "#include <sys/types.h>
-		    #include <arpa/nameser.h>
-"
-if test "x$ac_cv_have_decl__getlong" = xyes; then :
-  ac_have_decl=1
-else
-  ac_have_decl=0
-fi
-
-cat >>confdefs.h <<_ACEOF
-#define HAVE_DECL__GETLONG $ac_have_decl
-_ACEOF
-
-		ac_fn_c_check_member "$LINENO" "HEADER" "ad" "ac_cv_member_HEADER_ad" "#include <arpa/nameser.h>
-"
-if test "x$ac_cv_member_HEADER_ad" = xyes; then :
-
-$as_echo "#define HAVE_HEADER_AD 1" >>confdefs.h
-
-fi
-
-
-fi
-
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if struct __res_state _res is an extern" >&5
-$as_echo_n "checking if struct __res_state _res is an extern... " >&6; }
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-#include <stdio.h>
-#if HAVE_SYS_TYPES_H
-# include <sys/types.h>
-#endif
-#include <netinet/in.h>
-#include <arpa/nameser.h>
-#include <resolv.h>
-extern struct __res_state _res;
-
-int
-main ()
-{
-
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-
-$as_echo "#define HAVE__RES_EXTERN 1" >>confdefs.h
-
-
-else
-   { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext conftest.$ac_ext
-
-# Check whether user wants SELinux support
-SELINUX_MSG="no"
-LIBSELINUX=""
-
-# Check whether --with-selinux was given.
-if test "${with_selinux+set}" = set; then :
-  withval=$with_selinux;  if test "x$withval" != "xno" ; then
-		save_LIBS="$LIBS"
-
-$as_echo "#define WITH_SELINUX 1" >>confdefs.h
-
-		SELINUX_MSG="yes"
-		ac_fn_c_check_header_mongrel "$LINENO" "selinux/selinux.h" "ac_cv_header_selinux_selinux_h" "$ac_includes_default"
-if test "x$ac_cv_header_selinux_selinux_h" = xyes; then :
-
-else
-  as_fn_error $? "SELinux support requires selinux.h header" "$LINENO" 5
-fi
-
-
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for setexeccon in -lselinux" >&5
-$as_echo_n "checking for setexeccon in -lselinux... " >&6; }
-if ${ac_cv_lib_selinux_setexeccon+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_check_lib_save_LIBS=$LIBS
-LIBS="-lselinux  $LIBS"
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char setexeccon ();
-int
-main ()
-{
-return setexeccon ();
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
-  ac_cv_lib_selinux_setexeccon=yes
-else
-  ac_cv_lib_selinux_setexeccon=no
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext conftest.$ac_ext
-LIBS=$ac_check_lib_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_selinux_setexeccon" >&5
-$as_echo "$ac_cv_lib_selinux_setexeccon" >&6; }
-if test "x$ac_cv_lib_selinux_setexeccon" = xyes; then :
-   LIBSELINUX="-lselinux"
-			  LIBS="$LIBS -lselinux"
-
-else
-  as_fn_error $? "SELinux support requires libselinux library" "$LINENO" 5
-fi
-
-		SSHLIBS="$SSHLIBS $LIBSELINUX"
-		SSHDLIBS="$SSHDLIBS $LIBSELINUX"
-		for ac_func in getseuserbyname get_default_context_with_level
-do :
-  as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh`
-ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var"
-if eval test \"x\$"$as_ac_var"\" = x"yes"; then :
-  cat >>confdefs.h <<_ACEOF
-#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1
-_ACEOF
-
-fi
-done
-
-		LIBS="$save_LIBS"
-	fi
-
-fi
-
-
-
-
-# Check whether user wants Kerberos 5 support
-KRB5_MSG="no"
-
-# Check whether --with-kerberos5 was given.
-if test "${with_kerberos5+set}" = set; then :
-  withval=$with_kerberos5;  if test "x$withval" != "xno" ; then
-		if test "x$withval" = "xyes" ; then
-			KRB5ROOT="/usr/local"
-		else
-			KRB5ROOT=${withval}
-		fi
-
-
-$as_echo "#define KRB5 1" >>confdefs.h
-
-		KRB5_MSG="yes"
-
-		# Extract the first word of "krb5-config", so it can be a program name with args.
-set dummy krb5-config; ac_word=$2
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
-$as_echo_n "checking for $ac_word... " >&6; }
-if ${ac_cv_path_KRB5CONF+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  case $KRB5CONF in
-  [\\/]* | ?:[\\/]*)
-  ac_cv_path_KRB5CONF="$KRB5CONF" # Let the user override the test with a path.
-  ;;
-  *)
-  as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-as_dummy="$KRB5ROOT/bin:$PATH"
-for as_dir in $as_dummy
-do
-  IFS=$as_save_IFS
-  test -z "$as_dir" && as_dir=.
-    for ac_exec_ext in '' $ac_executable_extensions; do
-  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
-    ac_cv_path_KRB5CONF="$as_dir/$ac_word$ac_exec_ext"
-    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
-    break 2
-  fi
-done
-  done
-IFS=$as_save_IFS
-
-  test -z "$ac_cv_path_KRB5CONF" && ac_cv_path_KRB5CONF="$KRB5ROOT/bin/krb5-config"
-  ;;
-esac
-fi
-KRB5CONF=$ac_cv_path_KRB5CONF
-if test -n "$KRB5CONF"; then
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $KRB5CONF" >&5
-$as_echo "$KRB5CONF" >&6; }
-else
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-fi
-
-
-		if test -x $KRB5CONF ; then
-			K5CFLAGS="`$KRB5CONF --cflags`"
-			K5LIBS="`$KRB5CONF --libs`"
-			CPPFLAGS="$CPPFLAGS $K5CFLAGS"
-
-			{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for gssapi support" >&5
-$as_echo_n "checking for gssapi support... " >&6; }
-			if $KRB5CONF | grep gssapi >/dev/null ; then
-				{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-
-$as_echo "#define GSSAPI 1" >>confdefs.h
-
-				GSSCFLAGS="`$KRB5CONF --cflags gssapi`"
-				GSSLIBS="`$KRB5CONF --libs gssapi`"
-				CPPFLAGS="$CPPFLAGS $GSSCFLAGS"
-			else
-				{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-			fi
-			{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether we are using Heimdal" >&5
-$as_echo_n "checking whether we are using Heimdal... " >&6; }
-			cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
- #include <krb5.h>
-
-int
-main ()
-{
- char *tmp = heimdal_version;
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-   { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-
-$as_echo "#define HEIMDAL 1" >>confdefs.h
-
-else
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-		else
-			CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include"
-			LDFLAGS="$LDFLAGS -L${KRB5ROOT}/lib"
-			{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether we are using Heimdal" >&5
-$as_echo_n "checking whether we are using Heimdal... " >&6; }
-			cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
- #include <krb5.h>
-
-int
-main ()
-{
- char *tmp = heimdal_version;
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-   { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-					 $as_echo "#define HEIMDAL 1" >>confdefs.h
-
-					 K5LIBS="-lkrb5"
-					 K5LIBS="$K5LIBS -lcom_err -lasn1"
-					 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for net_write in -lroken" >&5
-$as_echo_n "checking for net_write in -lroken... " >&6; }
-if ${ac_cv_lib_roken_net_write+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_check_lib_save_LIBS=$LIBS
-LIBS="-lroken  $LIBS"
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char net_write ();
-int
-main ()
-{
-return net_write ();
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
-  ac_cv_lib_roken_net_write=yes
-else
-  ac_cv_lib_roken_net_write=no
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext conftest.$ac_ext
-LIBS=$ac_check_lib_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_roken_net_write" >&5
-$as_echo "$ac_cv_lib_roken_net_write" >&6; }
-if test "x$ac_cv_lib_roken_net_write" = xyes; then :
-  K5LIBS="$K5LIBS -lroken"
-fi
-
-					 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for des_cbc_encrypt in -ldes" >&5
-$as_echo_n "checking for des_cbc_encrypt in -ldes... " >&6; }
-if ${ac_cv_lib_des_des_cbc_encrypt+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_check_lib_save_LIBS=$LIBS
-LIBS="-ldes  $LIBS"
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char des_cbc_encrypt ();
-int
-main ()
-{
-return des_cbc_encrypt ();
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
-  ac_cv_lib_des_des_cbc_encrypt=yes
-else
-  ac_cv_lib_des_des_cbc_encrypt=no
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext conftest.$ac_ext
-LIBS=$ac_check_lib_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_des_des_cbc_encrypt" >&5
-$as_echo "$ac_cv_lib_des_des_cbc_encrypt" >&6; }
-if test "x$ac_cv_lib_des_des_cbc_encrypt" = xyes; then :
-  K5LIBS="$K5LIBS -ldes"
-fi
-
-
-else
-   { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-					 K5LIBS="-lkrb5 -lk5crypto -lcom_err"
-
-
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-			{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing dn_expand" >&5
-$as_echo_n "checking for library containing dn_expand... " >&6; }
-if ${ac_cv_search_dn_expand+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_func_search_save_LIBS=$LIBS
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char dn_expand ();
-int
-main ()
-{
-return dn_expand ();
-  ;
-  return 0;
-}
-_ACEOF
-for ac_lib in '' resolv; do
-  if test -z "$ac_lib"; then
-    ac_res="none required"
-  else
-    ac_res=-l$ac_lib
-    LIBS="-l$ac_lib  $ac_func_search_save_LIBS"
-  fi
-  if ac_fn_c_try_link "$LINENO"; then :
-  ac_cv_search_dn_expand=$ac_res
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext
-  if ${ac_cv_search_dn_expand+:} false; then :
-  break
-fi
-done
-if ${ac_cv_search_dn_expand+:} false; then :
-
-else
-  ac_cv_search_dn_expand=no
-fi
-rm conftest.$ac_ext
-LIBS=$ac_func_search_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_dn_expand" >&5
-$as_echo "$ac_cv_search_dn_expand" >&6; }
-ac_res=$ac_cv_search_dn_expand
-if test "$ac_res" != no; then :
-  test "$ac_res" = "none required" || LIBS="$ac_res $LIBS"
-
-fi
-
-
-			{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for gss_init_sec_context in -lgssapi_krb5" >&5
-$as_echo_n "checking for gss_init_sec_context in -lgssapi_krb5... " >&6; }
-if ${ac_cv_lib_gssapi_krb5_gss_init_sec_context+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_check_lib_save_LIBS=$LIBS
-LIBS="-lgssapi_krb5  $LIBS"
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char gss_init_sec_context ();
-int
-main ()
-{
-return gss_init_sec_context ();
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
-  ac_cv_lib_gssapi_krb5_gss_init_sec_context=yes
-else
-  ac_cv_lib_gssapi_krb5_gss_init_sec_context=no
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext conftest.$ac_ext
-LIBS=$ac_check_lib_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_gssapi_krb5_gss_init_sec_context" >&5
-$as_echo "$ac_cv_lib_gssapi_krb5_gss_init_sec_context" >&6; }
-if test "x$ac_cv_lib_gssapi_krb5_gss_init_sec_context" = xyes; then :
-   $as_echo "#define GSSAPI 1" >>confdefs.h
-
-				  GSSLIBS="-lgssapi_krb5"
-else
-   { $as_echo "$as_me:${as_lineno-$LINENO}: checking for gss_init_sec_context in -lgssapi" >&5
-$as_echo_n "checking for gss_init_sec_context in -lgssapi... " >&6; }
-if ${ac_cv_lib_gssapi_gss_init_sec_context+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_check_lib_save_LIBS=$LIBS
-LIBS="-lgssapi  $LIBS"
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char gss_init_sec_context ();
-int
-main ()
-{
-return gss_init_sec_context ();
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
-  ac_cv_lib_gssapi_gss_init_sec_context=yes
-else
-  ac_cv_lib_gssapi_gss_init_sec_context=no
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext conftest.$ac_ext
-LIBS=$ac_check_lib_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_gssapi_gss_init_sec_context" >&5
-$as_echo "$ac_cv_lib_gssapi_gss_init_sec_context" >&6; }
-if test "x$ac_cv_lib_gssapi_gss_init_sec_context" = xyes; then :
-   $as_echo "#define GSSAPI 1" >>confdefs.h
-
-					  GSSLIBS="-lgssapi"
-else
-   { $as_echo "$as_me:${as_lineno-$LINENO}: checking for gss_init_sec_context in -lgss" >&5
-$as_echo_n "checking for gss_init_sec_context in -lgss... " >&6; }
-if ${ac_cv_lib_gss_gss_init_sec_context+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_check_lib_save_LIBS=$LIBS
-LIBS="-lgss  $LIBS"
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char gss_init_sec_context ();
-int
-main ()
-{
-return gss_init_sec_context ();
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
-  ac_cv_lib_gss_gss_init_sec_context=yes
-else
-  ac_cv_lib_gss_gss_init_sec_context=no
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext conftest.$ac_ext
-LIBS=$ac_check_lib_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_gss_gss_init_sec_context" >&5
-$as_echo "$ac_cv_lib_gss_gss_init_sec_context" >&6; }
-if test "x$ac_cv_lib_gss_gss_init_sec_context" = xyes; then :
-   $as_echo "#define GSSAPI 1" >>confdefs.h
-
-						  GSSLIBS="-lgss"
-else
-  { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: Cannot find any suitable gss-api library - build may fail" >&5
-$as_echo "$as_me: WARNING: Cannot find any suitable gss-api library - build may fail" >&2;}
-fi
-
-
-fi
-
-
-fi
-
-
-			ac_fn_c_check_header_mongrel "$LINENO" "gssapi.h" "ac_cv_header_gssapi_h" "$ac_includes_default"
-if test "x$ac_cv_header_gssapi_h" = xyes; then :
-
-else
-   unset ac_cv_header_gssapi_h
-				  CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
-				  for ac_header in gssapi.h
-do :
-  ac_fn_c_check_header_mongrel "$LINENO" "gssapi.h" "ac_cv_header_gssapi_h" "$ac_includes_default"
-if test "x$ac_cv_header_gssapi_h" = xyes; then :
-  cat >>confdefs.h <<_ACEOF
-#define HAVE_GSSAPI_H 1
-_ACEOF
-
-else
-  { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: Cannot find any suitable gss-api header - build may fail" >&5
-$as_echo "$as_me: WARNING: Cannot find any suitable gss-api header - build may fail" >&2;}
-
-fi
-
-done
-
-
-
-fi
-
-
-
-			oldCPP="$CPPFLAGS"
-			CPPFLAGS="$CPPFLAGS -I${KRB5ROOT}/include/gssapi"
-			ac_fn_c_check_header_mongrel "$LINENO" "gssapi_krb5.h" "ac_cv_header_gssapi_krb5_h" "$ac_includes_default"
-if test "x$ac_cv_header_gssapi_krb5_h" = xyes; then :
-
-else
-   CPPFLAGS="$oldCPP"
-fi
-
-
-
-		fi
-		if test ! -z "$need_dash_r" ; then
-			LDFLAGS="$LDFLAGS -R${KRB5ROOT}/lib"
-		fi
-		if test ! -z "$blibpath" ; then
-			blibpath="$blibpath:${KRB5ROOT}/lib"
-		fi
-
-		for ac_header in gssapi.h gssapi/gssapi.h
-do :
-  as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh`
-ac_fn_c_check_header_mongrel "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default"
-if eval test \"x\$"$as_ac_Header"\" = x"yes"; then :
-  cat >>confdefs.h <<_ACEOF
-#define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1
-_ACEOF
-
-fi
-
-done
-
-		for ac_header in gssapi_krb5.h gssapi/gssapi_krb5.h
-do :
-  as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh`
-ac_fn_c_check_header_mongrel "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default"
-if eval test \"x\$"$as_ac_Header"\" = x"yes"; then :
-  cat >>confdefs.h <<_ACEOF
-#define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1
-_ACEOF
-
-fi
-
-done
-
-		for ac_header in gssapi_generic.h gssapi/gssapi_generic.h
-do :
-  as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh`
-ac_fn_c_check_header_mongrel "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default"
-if eval test \"x\$"$as_ac_Header"\" = x"yes"; then :
-  cat >>confdefs.h <<_ACEOF
-#define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1
-_ACEOF
-
-fi
-
-done
-
-
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing k_hasafs" >&5
-$as_echo_n "checking for library containing k_hasafs... " >&6; }
-if ${ac_cv_search_k_hasafs+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  ac_func_search_save_LIBS=$LIBS
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* Override any GCC internal prototype to avoid an error.
-   Use char because int might match the return type of a GCC
-   builtin and then its argument prototype would still apply.  */
-#ifdef __cplusplus
-extern "C"
-#endif
-char k_hasafs ();
-int
-main ()
-{
-return k_hasafs ();
-  ;
-  return 0;
-}
-_ACEOF
-for ac_lib in '' kafs; do
-  if test -z "$ac_lib"; then
-    ac_res="none required"
-  else
-    ac_res=-l$ac_lib
-    LIBS="-l$ac_lib  $ac_func_search_save_LIBS"
-  fi
-  if ac_fn_c_try_link "$LINENO"; then :
-  ac_cv_search_k_hasafs=$ac_res
-fi
-rm -f core conftest.err conftest.$ac_objext \
-    conftest$ac_exeext
-  if ${ac_cv_search_k_hasafs+:} false; then :
-  break
-fi
-done
-if ${ac_cv_search_k_hasafs+:} false; then :
-
-else
-  ac_cv_search_k_hasafs=no
-fi
-rm conftest.$ac_ext
-LIBS=$ac_func_search_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_k_hasafs" >&5
-$as_echo "$ac_cv_search_k_hasafs" >&6; }
-ac_res=$ac_cv_search_k_hasafs
-if test "$ac_res" != no; then :
-  test "$ac_res" = "none required" || LIBS="$ac_res $LIBS"
-
-$as_echo "#define USE_AFS 1" >>confdefs.h
-
-fi
-
-
-		ac_fn_c_check_decl "$LINENO" "GSS_C_NT_HOSTBASED_SERVICE" "ac_cv_have_decl_GSS_C_NT_HOSTBASED_SERVICE" "
-#ifdef HAVE_GSSAPI_H
-# include <gssapi.h>
-#elif defined(HAVE_GSSAPI_GSSAPI_H)
-# include <gssapi/gssapi.h>
-#endif
-
-#ifdef HAVE_GSSAPI_GENERIC_H
-# include <gssapi_generic.h>
-#elif defined(HAVE_GSSAPI_GSSAPI_GENERIC_H)
-# include <gssapi/gssapi_generic.h>
-#endif
-
-"
-if test "x$ac_cv_have_decl_GSS_C_NT_HOSTBASED_SERVICE" = xyes; then :
-  ac_have_decl=1
-else
-  ac_have_decl=0
-fi
-
-cat >>confdefs.h <<_ACEOF
-#define HAVE_DECL_GSS_C_NT_HOSTBASED_SERVICE $ac_have_decl
-_ACEOF
-
-		saved_LIBS="$LIBS"
-		LIBS="$LIBS $K5LIBS"
-		for ac_func in krb5_cc_new_unique krb5_get_error_message krb5_free_error_message
-do :
-  as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh`
-ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var"
-if eval test \"x\$"$as_ac_var"\" = x"yes"; then :
-  cat >>confdefs.h <<_ACEOF
-#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1
-_ACEOF
-
-fi
-done
-
-		LIBS="$saved_LIBS"
-
-	fi
-
-
-fi
-
-
-
-
-# Looking for programs, paths and files
-
-PRIVSEP_PATH=/var/empty
-
-# Check whether --with-privsep-path was given.
-if test "${with_privsep_path+set}" = set; then :
-  withval=$with_privsep_path;
-		if test -n "$withval"  &&  test "x$withval" != "xno"  &&  \
-		    test "x${withval}" != "xyes"; then
-			PRIVSEP_PATH=$withval
-		fi
-
-
-fi
-
-
-
-
-# Check whether --with-xauth was given.
-if test "${with_xauth+set}" = set; then :
-  withval=$with_xauth;
-		if test -n "$withval"  &&  test "x$withval" != "xno"  &&  \
-		    test "x${withval}" != "xyes"; then
-			xauth_path=$withval
-		fi
-
-else
-
-		TestPath="$PATH"
-		TestPath="${TestPath}${PATH_SEPARATOR}/usr/X/bin"
-		TestPath="${TestPath}${PATH_SEPARATOR}/usr/bin/X11"
-		TestPath="${TestPath}${PATH_SEPARATOR}/usr/X11R6/bin"
-		TestPath="${TestPath}${PATH_SEPARATOR}/usr/openwin/bin"
-		# Extract the first word of "xauth", so it can be a program name with args.
-set dummy xauth; ac_word=$2
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
-$as_echo_n "checking for $ac_word... " >&6; }
-if ${ac_cv_path_xauth_path+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  case $xauth_path in
-  [\\/]* | ?:[\\/]*)
-  ac_cv_path_xauth_path="$xauth_path" # Let the user override the test with a path.
-  ;;
-  *)
-  as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $TestPath
-do
-  IFS=$as_save_IFS
-  test -z "$as_dir" && as_dir=.
-    for ac_exec_ext in '' $ac_executable_extensions; do
-  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
-    ac_cv_path_xauth_path="$as_dir/$ac_word$ac_exec_ext"
-    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
-    break 2
-  fi
-done
-  done
-IFS=$as_save_IFS
-
-  ;;
-esac
-fi
-xauth_path=$ac_cv_path_xauth_path
-if test -n "$xauth_path"; then
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $xauth_path" >&5
-$as_echo "$xauth_path" >&6; }
-else
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-fi
-
-
-		if (test ! -z "$xauth_path" && test -x "/usr/openwin/bin/xauth") ; then
-			xauth_path="/usr/openwin/bin/xauth"
-		fi
-
-
-fi
-
-
-STRIP_OPT=-s
-# Check whether --enable-strip was given.
-if test "${enable_strip+set}" = set; then :
-  enableval=$enable_strip;
-		if test "x$enableval" = "xno" ; then
-			STRIP_OPT=
-		fi
-
-
-fi
-
-
-
-if test -z "$xauth_path" ; then
-	XAUTH_PATH="undefined"
-
-else
-
-cat >>confdefs.h <<_ACEOF
-#define XAUTH_PATH "$xauth_path"
-_ACEOF
-
-	XAUTH_PATH=$xauth_path
-
-fi
-
-# Check for mail directory
-
-# Check whether --with-maildir was given.
-if test "${with_maildir+set}" = set; then :
-  withval=$with_maildir;
-	if test "X$withval" != X  &&  test "x$withval" != xno  &&  \
-	    test "x${withval}" != xyes; then
-
-cat >>confdefs.h <<_ACEOF
-#define MAIL_DIRECTORY "$withval"
-_ACEOF
-
-	    fi
-
-else
-
-	if test "X$maildir" != "X"; then
-	    cat >>confdefs.h <<_ACEOF
-#define MAIL_DIRECTORY "$maildir"
-_ACEOF
-
-	else
-	    { $as_echo "$as_me:${as_lineno-$LINENO}: checking Discovering system mail directory" >&5
-$as_echo_n "checking Discovering system mail directory... " >&6; }
-	    if test "$cross_compiling" = yes; then :
-
-			{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cross compiling: use --with-maildir=/path/to/mail" >&5
-$as_echo "$as_me: WARNING: cross compiling: use --with-maildir=/path/to/mail" >&2;}
-
-
-else
-  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-#include <stdio.h>
-#include <string.h>
-#ifdef HAVE_PATHS_H
-#include <paths.h>
-#endif
-#ifdef HAVE_MAILLOCK_H
-#include <maillock.h>
-#endif
-#define DATA "conftest.maildir"
-
-int
-main ()
-{
-
-	FILE *fd;
-	int rc;
-
-	fd = fopen(DATA,"w");
-	if(fd == NULL)
-		exit(1);
-
-#if defined (_PATH_MAILDIR)
-	if ((rc = fprintf(fd ,"_PATH_MAILDIR:%s\n", _PATH_MAILDIR)) <0)
-		exit(1);
-#elif defined (MAILDIR)
-	if ((rc = fprintf(fd ,"MAILDIR:%s\n", MAILDIR)) <0)
-		exit(1);
-#elif defined (_PATH_MAIL)
-	if ((rc = fprintf(fd ,"_PATH_MAIL:%s\n", _PATH_MAIL)) <0)
-		exit(1);
-#else
-	exit (2);
-#endif
-
-	exit(0);
-
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_run "$LINENO"; then :
-
-	 	    maildir_what=`awk -F: '{print $1}' conftest.maildir`
-		    maildir=`awk -F: '{print $2}' conftest.maildir \
-			| sed 's|/$||'`
-		    { $as_echo "$as_me:${as_lineno-$LINENO}: result: Using: $maildir from $maildir_what" >&5
-$as_echo "Using: $maildir from $maildir_what" >&6; }
-		    if test "x$maildir_what" != "x_PATH_MAILDIR"; then
-			cat >>confdefs.h <<_ACEOF
-#define MAIL_DIRECTORY "$maildir"
-_ACEOF
-
-		    fi
-
-else
-
-		    if test "X$ac_status" = "X2";then
-# our test program didn't find it. Default to /var/spool/mail
-			{ $as_echo "$as_me:${as_lineno-$LINENO}: result: Using: default value of /var/spool/mail" >&5
-$as_echo "Using: default value of /var/spool/mail" >&6; }
-			cat >>confdefs.h <<_ACEOF
-#define MAIL_DIRECTORY "/var/spool/mail"
-_ACEOF
-
-		     else
-			{ $as_echo "$as_me:${as_lineno-$LINENO}: result: *** not found ***" >&5
-$as_echo "*** not found ***" >&6; }
-		     fi
-
-fi
-rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \
-  conftest.$ac_objext conftest.beam conftest.$ac_ext
-fi
-
-	fi
-
-
-fi
- # maildir
-
-if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes"; then
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cross compiling: Disabling /dev/ptmx test" >&5
-$as_echo "$as_me: WARNING: cross compiling: Disabling /dev/ptmx test" >&2;}
-	disable_ptmx_check=yes
-fi
-if test -z "$no_dev_ptmx" ; then
-	if test "x$disable_ptmx_check" != "xyes" ; then
-		as_ac_File=`$as_echo "ac_cv_file_"/dev/ptmx"" | $as_tr_sh`
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for \"/dev/ptmx\"" >&5
-$as_echo_n "checking for \"/dev/ptmx\"... " >&6; }
-if eval \${$as_ac_File+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  test "$cross_compiling" = yes &&
-  as_fn_error $? "cannot check for file existence when cross compiling" "$LINENO" 5
-if test -r ""/dev/ptmx""; then
-  eval "$as_ac_File=yes"
-else
-  eval "$as_ac_File=no"
-fi
-fi
-eval ac_res=\$$as_ac_File
-	       { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
-$as_echo "$ac_res" >&6; }
-if eval test \"x\$"$as_ac_File"\" = x"yes"; then :
-
-
-cat >>confdefs.h <<_ACEOF
-#define HAVE_DEV_PTMX 1
-_ACEOF
-
-				have_dev_ptmx=1
-
-
-fi
-
-	fi
-fi
-
-if test ! -z "$cross_compiling" && test "x$cross_compiling" != "xyes"; then
-	as_ac_File=`$as_echo "ac_cv_file_"/dev/ptc"" | $as_tr_sh`
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for \"/dev/ptc\"" >&5
-$as_echo_n "checking for \"/dev/ptc\"... " >&6; }
-if eval \${$as_ac_File+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  test "$cross_compiling" = yes &&
-  as_fn_error $? "cannot check for file existence when cross compiling" "$LINENO" 5
-if test -r ""/dev/ptc""; then
-  eval "$as_ac_File=yes"
-else
-  eval "$as_ac_File=no"
-fi
-fi
-eval ac_res=\$$as_ac_File
-	       { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
-$as_echo "$ac_res" >&6; }
-if eval test \"x\$"$as_ac_File"\" = x"yes"; then :
-
-
-cat >>confdefs.h <<_ACEOF
-#define HAVE_DEV_PTS_AND_PTC 1
-_ACEOF
-
-			have_dev_ptc=1
-
-
-fi
-
-else
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cross compiling: Disabling /dev/ptc test" >&5
-$as_echo "$as_me: WARNING: cross compiling: Disabling /dev/ptc test" >&2;}
-fi
-
-# Options from here on. Some of these are preset by platform above
-
-# Check whether --with-mantype was given.
-if test "${with_mantype+set}" = set; then :
-  withval=$with_mantype;
-		case "$withval" in
-		man|cat|doc)
-			MANTYPE=$withval
-			;;
-		*)
-			as_fn_error $? "invalid man type: $withval" "$LINENO" 5
-			;;
-		esac
-
-
-fi
-
-if test -z "$MANTYPE"; then
-	TestPath="/usr/bin${PATH_SEPARATOR}/usr/ucb"
-	for ac_prog in nroff awf
-do
-  # Extract the first word of "$ac_prog", so it can be a program name with args.
-set dummy $ac_prog; ac_word=$2
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
-$as_echo_n "checking for $ac_word... " >&6; }
-if ${ac_cv_path_NROFF+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  case $NROFF in
-  [\\/]* | ?:[\\/]*)
-  ac_cv_path_NROFF="$NROFF" # Let the user override the test with a path.
-  ;;
-  *)
-  as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $TestPath
-do
-  IFS=$as_save_IFS
-  test -z "$as_dir" && as_dir=.
-    for ac_exec_ext in '' $ac_executable_extensions; do
-  if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
-    ac_cv_path_NROFF="$as_dir/$ac_word$ac_exec_ext"
-    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
-    break 2
-  fi
-done
-  done
-IFS=$as_save_IFS
-
-  ;;
-esac
-fi
-NROFF=$ac_cv_path_NROFF
-if test -n "$NROFF"; then
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $NROFF" >&5
-$as_echo "$NROFF" >&6; }
-else
-  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-fi
-
-
-  test -n "$NROFF" && break
-done
-test -n "$NROFF" || NROFF="/bin/false"
-
-	if ${NROFF} -mdoc ${srcdir}/ssh.1 >/dev/null 2>&1; then
-		MANTYPE=doc
-	elif ${NROFF} -man ${srcdir}/ssh.1 >/dev/null 2>&1; then
-		MANTYPE=man
-	else
-		MANTYPE=cat
-	fi
-fi
-
-if test "$MANTYPE" = "doc"; then
-	mansubdir=man;
-else
-	mansubdir=$MANTYPE;
-fi
-
-
-# Check whether to enable MD5 passwords
-MD5_MSG="no"
-
-# Check whether --with-md5-passwords was given.
-if test "${with_md5_passwords+set}" = set; then :
-  withval=$with_md5_passwords;
-		if test "x$withval" != "xno" ; then
-
-$as_echo "#define HAVE_MD5_PASSWORDS 1" >>confdefs.h
-
-			MD5_MSG="yes"
-		fi
-
-
-fi
-
-
-# Whether to disable shadow password support
-
-# Check whether --with-shadow was given.
-if test "${with_shadow+set}" = set; then :
-  withval=$with_shadow;
-		if test "x$withval" = "xno" ; then
-			$as_echo "#define DISABLE_SHADOW 1" >>confdefs.h
-
-			disable_shadow=yes
-		fi
-
-
-fi
-
-
-if test -z "$disable_shadow" ; then
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if the systems has expire shadow information" >&5
-$as_echo_n "checking if the systems has expire shadow information... " >&6; }
-	cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-#include <sys/types.h>
-#include <shadow.h>
-struct spwd sp;
-
-int
-main ()
-{
- sp.sp_expire = sp.sp_lstchg = sp.sp_inact = 0;
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-   sp_expire_available=yes
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-
-	if test "x$sp_expire_available" = "xyes" ; then
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-
-$as_echo "#define HAS_SHADOW_EXPIRE 1" >>confdefs.h
-
-	else
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-	fi
-fi
-
-# Use ip address instead of hostname in $DISPLAY
-if test ! -z "$IPADDR_IN_DISPLAY" ; then
-	DISPLAY_HACK_MSG="yes"
-
-$as_echo "#define IPADDR_IN_DISPLAY 1" >>confdefs.h
-
-else
-	DISPLAY_HACK_MSG="no"
-
-# Check whether --with-ipaddr-display was given.
-if test "${with_ipaddr_display+set}" = set; then :
-  withval=$with_ipaddr_display;
-			if test "x$withval" != "xno" ; then
-				$as_echo "#define IPADDR_IN_DISPLAY 1" >>confdefs.h
-
-				DISPLAY_HACK_MSG="yes"
-			fi
-
-
-fi
-
-fi
-
-# check for /etc/default/login and use it if present.
-# Check whether --enable-etc-default-login was given.
-if test "${enable_etc_default_login+set}" = set; then :
-  enableval=$enable_etc_default_login;  if test "x$enableval" = "xno"; then
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: /etc/default/login handling disabled" >&5
-$as_echo "$as_me: /etc/default/login handling disabled" >&6;}
-		etc_default_login=no
-	  else
-		etc_default_login=yes
-	  fi
-else
-   if test ! -z "$cross_compiling" && test "x$cross_compiling" = "xyes";
-	  then
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cross compiling: not checking /etc/default/login" >&5
-$as_echo "$as_me: WARNING: cross compiling: not checking /etc/default/login" >&2;}
-		etc_default_login=no
-	  else
-		etc_default_login=yes
-	  fi
-
-fi
-
-
-if test "x$etc_default_login" != "xno"; then
-	as_ac_File=`$as_echo "ac_cv_file_"/etc/default/login"" | $as_tr_sh`
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for \"/etc/default/login\"" >&5
-$as_echo_n "checking for \"/etc/default/login\"... " >&6; }
-if eval \${$as_ac_File+:} false; then :
-  $as_echo_n "(cached) " >&6
-else
-  test "$cross_compiling" = yes &&
-  as_fn_error $? "cannot check for file existence when cross compiling" "$LINENO" 5
-if test -r ""/etc/default/login""; then
-  eval "$as_ac_File=yes"
-else
-  eval "$as_ac_File=no"
-fi
-fi
-eval ac_res=\$$as_ac_File
-	       { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
-$as_echo "$ac_res" >&6; }
-if eval test \"x\$"$as_ac_File"\" = x"yes"; then :
-   external_path_file=/etc/default/login
-fi
-
-	if test "x$external_path_file" = "x/etc/default/login"; then
-
-$as_echo "#define HAVE_ETC_DEFAULT_LOGIN 1" >>confdefs.h
-
-	fi
-fi
-
-if test $ac_cv_func_login_getcapbool = "yes" && \
-	test $ac_cv_header_login_cap_h = "yes" ; then
-	external_path_file=/etc/login.conf
-fi
-
-# Whether to mess with the default path
-SERVER_PATH_MSG="(default)"
-
-# Check whether --with-default-path was given.
-if test "${with_default_path+set}" = set; then :
-  withval=$with_default_path;
-		if test "x$external_path_file" = "x/etc/login.conf" ; then
-			{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING:
---with-default-path=PATH has no effect on this system.
-Edit /etc/login.conf instead." >&5
-$as_echo "$as_me: WARNING:
---with-default-path=PATH has no effect on this system.
-Edit /etc/login.conf instead." >&2;}
-		elif test "x$withval" != "xno" ; then
-			if test ! -z "$external_path_file" ; then
-				{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING:
---with-default-path=PATH will only be used if PATH is not defined in
-$external_path_file ." >&5
-$as_echo "$as_me: WARNING:
---with-default-path=PATH will only be used if PATH is not defined in
-$external_path_file ." >&2;}
-			fi
-			user_path="$withval"
-			SERVER_PATH_MSG="$withval"
-		fi
-
-else
-   if test "x$external_path_file" = "x/etc/login.conf" ; then
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: Make sure the path to scp is in /etc/login.conf" >&5
-$as_echo "$as_me: WARNING: Make sure the path to scp is in /etc/login.conf" >&2;}
-	else
-		if test ! -z "$external_path_file" ; then
-			{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING:
-If PATH is defined in $external_path_file, ensure the path to scp is included,
-otherwise scp will not work." >&5
-$as_echo "$as_me: WARNING:
-If PATH is defined in $external_path_file, ensure the path to scp is included,
-otherwise scp will not work." >&2;}
-		fi
-		if test "$cross_compiling" = yes; then :
-   user_path="/usr/bin:/bin:/usr/sbin:/sbin"
-
-else
-  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-/* find out what STDPATH is */
-#include <stdio.h>
-#ifdef HAVE_PATHS_H
-# include <paths.h>
-#endif
-#ifndef _PATH_STDPATH
-# ifdef _PATH_USERPATH	/* Irix */
-#  define _PATH_STDPATH _PATH_USERPATH
-# else
-#  define _PATH_STDPATH "/usr/bin:/bin:/usr/sbin:/sbin"
-# endif
-#endif
-#include <sys/types.h>
-#include <sys/stat.h>
-#include <fcntl.h>
-#define DATA "conftest.stdpath"
-
-int
-main ()
-{
-
-	FILE *fd;
-	int rc;
-
-	fd = fopen(DATA,"w");
-	if(fd == NULL)
-		exit(1);
-
-	if ((rc = fprintf(fd,"%s", _PATH_STDPATH)) < 0)
-		exit(1);
-
-	exit(0);
-
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_run "$LINENO"; then :
-   user_path=`cat conftest.stdpath`
-else
-   user_path="/usr/bin:/bin:/usr/sbin:/sbin"
-fi
-rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \
-  conftest.$ac_objext conftest.beam conftest.$ac_ext
-fi
-
-# make sure $bindir is in USER_PATH so scp will work
-		t_bindir="${bindir}"
-		while echo "${t_bindir}" | egrep '\$\{|NONE/' >/dev/null 2>&1; do
-			t_bindir=`eval echo ${t_bindir}`
-			case $t_bindir in
-				NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$prefix~"` ;;
-			esac
-			case $t_bindir in
-				NONE/*) t_bindir=`echo $t_bindir | sed "s~NONE~$ac_default_prefix~"` ;;
-			esac
-		done
-		echo $user_path | grep ":$t_bindir"  > /dev/null 2>&1
-		if test $? -ne 0  ; then
-			echo $user_path | grep "^$t_bindir"  > /dev/null 2>&1
-			if test $? -ne 0  ; then
-				user_path=$user_path:$t_bindir
-				{ $as_echo "$as_me:${as_lineno-$LINENO}: result: Adding $t_bindir to USER_PATH so scp will work" >&5
-$as_echo "Adding $t_bindir to USER_PATH so scp will work" >&6; }
-			fi
-		fi
-	fi
-
-fi
-
-if test "x$external_path_file" != "x/etc/login.conf" ; then
-
-cat >>confdefs.h <<_ACEOF
-#define USER_PATH "$user_path"
-_ACEOF
-
-
-fi
-
-# Set superuser path separately to user path
-
-# Check whether --with-superuser-path was given.
-if test "${with_superuser_path+set}" = set; then :
-  withval=$with_superuser_path;
-		if test -n "$withval"  &&  test "x$withval" != "xno"  &&  \
-		    test "x${withval}" != "xyes"; then
-
-cat >>confdefs.h <<_ACEOF
-#define SUPERUSER_PATH "$withval"
-_ACEOF
-
-			superuser_path=$withval
-		fi
-
-
-fi
-
-
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if we need to convert IPv4 in IPv6-mapped addresses" >&5
-$as_echo_n "checking if we need to convert IPv4 in IPv6-mapped addresses... " >&6; }
-IPV4_IN6_HACK_MSG="no"
-
-# Check whether --with-4in6 was given.
-if test "${with_4in6+set}" = set; then :
-  withval=$with_4in6;
-		if test "x$withval" != "xno" ; then
-			{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-
-$as_echo "#define IPV4_IN_IPV6 1" >>confdefs.h
-
-			IPV4_IN6_HACK_MSG="yes"
-		else
-			{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-		fi
-
-else
-
-		if test "x$inet6_default_4in6" = "xyes"; then
-			{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes (default)" >&5
-$as_echo "yes (default)" >&6; }
-			$as_echo "#define IPV4_IN_IPV6 1" >>confdefs.h
-
-			IPV4_IN6_HACK_MSG="yes"
-		else
-			{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no (default)" >&5
-$as_echo "no (default)" >&6; }
-		fi
-
-
-fi
-
-
-# Whether to enable BSD auth support
-BSD_AUTH_MSG=no
-
-# Check whether --with-bsd-auth was given.
-if test "${with_bsd_auth+set}" = set; then :
-  withval=$with_bsd_auth;
-		if test "x$withval" != "xno" ; then
-
-$as_echo "#define BSD_AUTH 1" >>confdefs.h
-
-			BSD_AUTH_MSG=yes
-		fi
-
-
-fi
-
-
-# Where to place sshd.pid
-piddir=/var/run
-# make sure the directory exists
-if test ! -d $piddir ; then
-	piddir=`eval echo ${sysconfdir}`
-	case $piddir in
-		NONE/*) piddir=`echo $piddir | sed "s~NONE~$ac_default_prefix~"` ;;
-	esac
-fi
-
-
-# Check whether --with-pid-dir was given.
-if test "${with_pid_dir+set}" = set; then :
-  withval=$with_pid_dir;
-		if test -n "$withval"  &&  test "x$withval" != "xno"  &&  \
-		    test "x${withval}" != "xyes"; then
-			piddir=$withval
-			if test ! -d $piddir ; then
-			{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: ** no $piddir directory on this system **" >&5
-$as_echo "$as_me: WARNING: ** no $piddir directory on this system **" >&2;}
-			fi
-		fi
-
-
-fi
-
-
-
-cat >>confdefs.h <<_ACEOF
-#define _PATH_SSH_PIDDIR "$piddir"
-_ACEOF
-
-
-
-# Check whether --enable-lastlog was given.
-if test "${enable_lastlog+set}" = set; then :
-  enableval=$enable_lastlog;
-		if test "x$enableval" = "xno" ; then
-			$as_echo "#define DISABLE_LASTLOG 1" >>confdefs.h
-
-		fi
-
-
-fi
-
-# Check whether --enable-utmp was given.
-if test "${enable_utmp+set}" = set; then :
-  enableval=$enable_utmp;
-		if test "x$enableval" = "xno" ; then
-			$as_echo "#define DISABLE_UTMP 1" >>confdefs.h
-
-		fi
-
-
-fi
-
-# Check whether --enable-utmpx was given.
-if test "${enable_utmpx+set}" = set; then :
-  enableval=$enable_utmpx;
-		if test "x$enableval" = "xno" ; then
-
-$as_echo "#define DISABLE_UTMPX 1" >>confdefs.h
-
-		fi
-
-
-fi
-
-# Check whether --enable-wtmp was given.
-if test "${enable_wtmp+set}" = set; then :
-  enableval=$enable_wtmp;
-		if test "x$enableval" = "xno" ; then
-			$as_echo "#define DISABLE_WTMP 1" >>confdefs.h
-
-		fi
-
-
-fi
-
-# Check whether --enable-wtmpx was given.
-if test "${enable_wtmpx+set}" = set; then :
-  enableval=$enable_wtmpx;
-		if test "x$enableval" = "xno" ; then
-
-$as_echo "#define DISABLE_WTMPX 1" >>confdefs.h
-
-		fi
-
-
-fi
-
-# Check whether --enable-libutil was given.
-if test "${enable_libutil+set}" = set; then :
-  enableval=$enable_libutil;
-		if test "x$enableval" = "xno" ; then
-			$as_echo "#define DISABLE_LOGIN 1" >>confdefs.h
-
-		fi
-
-
-fi
-
-# Check whether --enable-pututline was given.
-if test "${enable_pututline+set}" = set; then :
-  enableval=$enable_pututline;
-		if test "x$enableval" = "xno" ; then
-
-$as_echo "#define DISABLE_PUTUTLINE 1" >>confdefs.h
-
-		fi
-
-
-fi
-
-# Check whether --enable-pututxline was given.
-if test "${enable_pututxline+set}" = set; then :
-  enableval=$enable_pututxline;
-		if test "x$enableval" = "xno" ; then
-
-$as_echo "#define DISABLE_PUTUTXLINE 1" >>confdefs.h
-
-		fi
-
-
-fi
-
-
-# Check whether --with-lastlog was given.
-if test "${with_lastlog+set}" = set; then :
-  withval=$with_lastlog;
-		if test "x$withval" = "xno" ; then
-			$as_echo "#define DISABLE_LASTLOG 1" >>confdefs.h
-
-		elif test -n "$withval"  &&  test "x${withval}" != "xyes"; then
-			conf_lastlog_location=$withval
-		fi
-
-
-fi
-
-
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if your system defines LASTLOG_FILE" >&5
-$as_echo_n "checking if your system defines LASTLOG_FILE... " >&6; }
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-#include <sys/types.h>
-#include <utmp.h>
-#ifdef HAVE_LASTLOG_H
-#  include <lastlog.h>
-#endif
-#ifdef HAVE_PATHS_H
-#  include <paths.h>
-#endif
-#ifdef HAVE_LOGIN_H
-# include <login.h>
-#endif
-
-int
-main ()
-{
- char *lastlog = LASTLOG_FILE;
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-   { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-else
-
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-		{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if your system defines _PATH_LASTLOG" >&5
-$as_echo_n "checking if your system defines _PATH_LASTLOG... " >&6; }
-		cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-#include <sys/types.h>
-#include <utmp.h>
-#ifdef HAVE_LASTLOG_H
-#  include <lastlog.h>
-#endif
-#ifdef HAVE_PATHS_H
-#  include <paths.h>
-#endif
-
-int
-main ()
-{
- char *lastlog = _PATH_LASTLOG;
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-   { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-else
-
-			{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-			system_lastlog_path=no
-
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-
-if test -z "$conf_lastlog_location"; then
-	if test x"$system_lastlog_path" = x"no" ; then
-		for f in /var/log/lastlog /usr/adm/lastlog /var/adm/lastlog /etc/security/lastlog ; do
-				if (test -d "$f" || test -f "$f") ; then
-					conf_lastlog_location=$f
-				fi
-		done
-		if test -z "$conf_lastlog_location"; then
-			{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: ** Cannot find lastlog **" >&5
-$as_echo "$as_me: WARNING: ** Cannot find lastlog **" >&2;}
-					fi
-	fi
-fi
-
-if test -n "$conf_lastlog_location"; then
-
-cat >>confdefs.h <<_ACEOF
-#define CONF_LASTLOG_FILE "$conf_lastlog_location"
-_ACEOF
-
-fi
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if your system defines UTMP_FILE" >&5
-$as_echo_n "checking if your system defines UTMP_FILE... " >&6; }
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-#include <sys/types.h>
-#include <utmp.h>
-#ifdef HAVE_PATHS_H
-#  include <paths.h>
-#endif
-
-int
-main ()
-{
- char *utmp = UTMP_FILE;
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-   { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-else
-   { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-	  system_utmp_path=no
-
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-if test -z "$conf_utmp_location"; then
-	if test x"$system_utmp_path" = x"no" ; then
-		for f in /etc/utmp /usr/adm/utmp /var/run/utmp; do
-			if test -f $f ; then
-				conf_utmp_location=$f
-			fi
-		done
-		if test -z "$conf_utmp_location"; then
-			$as_echo "#define DISABLE_UTMP 1" >>confdefs.h
-
-		fi
-	fi
-fi
-if test -n "$conf_utmp_location"; then
-
-cat >>confdefs.h <<_ACEOF
-#define CONF_UTMP_FILE "$conf_utmp_location"
-_ACEOF
-
-fi
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if your system defines WTMP_FILE" >&5
-$as_echo_n "checking if your system defines WTMP_FILE... " >&6; }
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-#include <sys/types.h>
-#include <utmp.h>
-#ifdef HAVE_PATHS_H
-#  include <paths.h>
-#endif
-
-int
-main ()
-{
- char *wtmp = WTMP_FILE;
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-   { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-else
-   { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-	  system_wtmp_path=no
-
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-if test -z "$conf_wtmp_location"; then
-	if test x"$system_wtmp_path" = x"no" ; then
-		for f in /usr/adm/wtmp /var/log/wtmp; do
-			if test -f $f ; then
-				conf_wtmp_location=$f
-			fi
-		done
-		if test -z "$conf_wtmp_location"; then
-			$as_echo "#define DISABLE_WTMP 1" >>confdefs.h
-
-		fi
-	fi
-fi
-if test -n "$conf_wtmp_location"; then
-
-cat >>confdefs.h <<_ACEOF
-#define CONF_WTMP_FILE "$conf_wtmp_location"
-_ACEOF
-
-fi
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if your system defines WTMPX_FILE" >&5
-$as_echo_n "checking if your system defines WTMPX_FILE... " >&6; }
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h.  */
-
-#include <sys/types.h>
-#include <utmp.h>
-#ifdef HAVE_UTMPX_H
-#include <utmpx.h>
-#endif
-#ifdef HAVE_PATHS_H
-#  include <paths.h>
-#endif
-
-int
-main ()
-{
- char *wtmpx = WTMPX_FILE;
-  ;
-  return 0;
-}
-_ACEOF
-if ac_fn_c_try_compile "$LINENO"; then :
-   { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-else
-   { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-	  system_wtmpx_path=no
-
-fi
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-if test -z "$conf_wtmpx_location"; then
-	if test x"$system_wtmpx_path" = x"no" ; then
-		$as_echo "#define DISABLE_WTMPX 1" >>confdefs.h
-
-	fi
-else
-
-cat >>confdefs.h <<_ACEOF
-#define CONF_WTMPX_FILE "$conf_wtmpx_location"
-_ACEOF
-
-fi
-
-
-if test ! -z "$blibpath" ; then
-	LDFLAGS="$LDFLAGS $blibflags$blibpath"
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: Please check and edit blibpath in LDFLAGS in Makefile" >&5
-$as_echo "$as_me: WARNING: Please check and edit blibpath in LDFLAGS in Makefile" >&2;}
-fi
-
-ac_fn_c_check_member "$LINENO" "struct lastlog" "ll_line" "ac_cv_member_struct_lastlog_ll_line" "
-#ifdef HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-#ifdef HAVE_UTMP_H
-#include <utmp.h>
-#endif
-#ifdef HAVE_UTMPX_H
-#include <utmpx.h>
-#endif
-#ifdef HAVE_LASTLOG_H
-#include <lastlog.h>
-#endif
-
-"
-if test "x$ac_cv_member_struct_lastlog_ll_line" = xyes; then :
-
-else
-
-    if test x$SKIP_DISABLE_LASTLOG_DEFINE != "xyes" ; then
-	$as_echo "#define DISABLE_LASTLOG 1" >>confdefs.h
-
-    fi
-
-fi
-
-
-ac_fn_c_check_member "$LINENO" "struct utmp" "ut_line" "ac_cv_member_struct_utmp_ut_line" "
-#ifdef HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-#ifdef HAVE_UTMP_H
-#include <utmp.h>
-#endif
-#ifdef HAVE_UTMPX_H
-#include <utmpx.h>
-#endif
-#ifdef HAVE_LASTLOG_H
-#include <lastlog.h>
-#endif
-
-"
-if test "x$ac_cv_member_struct_utmp_ut_line" = xyes; then :
-
-else
-
-	$as_echo "#define DISABLE_UTMP 1" >>confdefs.h
-
-	$as_echo "#define DISABLE_WTMP 1" >>confdefs.h
-
-
-fi
-
-
-CFLAGS="$CFLAGS $werror_flags"
-
-if test "x$ac_cv_func_getaddrinfo" != "xyes" ; then
-	TEST_SSH_IPV6=no
-else
-	TEST_SSH_IPV6=yes
-fi
-ac_fn_c_check_decl "$LINENO" "BROKEN_GETADDRINFO" "ac_cv_have_decl_BROKEN_GETADDRINFO" "$ac_includes_default"
-if test "x$ac_cv_have_decl_BROKEN_GETADDRINFO" = xyes; then :
-  TEST_SSH_IPV6=no
-fi
-
-TEST_SSH_IPV6=$TEST_SSH_IPV6
-
-TEST_MALLOC_OPTIONS=$TEST_MALLOC_OPTIONS
-
-UNSUPPORTED_ALGORITHMS=$unsupported_algorithms
-
-
-
-ac_config_files="$ac_config_files Makefile buildpkg.sh opensshd.init openssh.xml openbsd-compat/Makefile openbsd-compat/regress/Makefile survey.sh"
-
-cat >confcache <<\_ACEOF
-# This file is a shell script that caches the results of configure
-# tests run on this system so they can be shared between configure
-# scripts and configure runs, see configure's option --config-cache.
-# It is not useful on other systems.  If it contains results you don't
-# want to keep, you may remove or edit it.
-#
-# config.status only pays attention to the cache file if you give it
-# the --recheck option to rerun configure.
-#
-# `ac_cv_env_foo' variables (set or unset) will be overridden when
-# loading this file, other *unset* `ac_cv_foo' will be assigned the
-# following values.
-
-_ACEOF
-
-# The following way of writing the cache mishandles newlines in values,
-# but we know of no workaround that is simple, portable, and efficient.
-# So, we kill variables containing newlines.
-# Ultrix sh set writes to stderr and can't be redirected directly,
-# and sets the high bit in the cache file unless we assign to the vars.
-(
-  for ac_var in `(set) 2>&1 | sed -n 's/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'`; do
-    eval ac_val=\$$ac_var
-    case $ac_val in #(
-    *${as_nl}*)
-      case $ac_var in #(
-      *_cv_*) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cache variable $ac_var contains a newline" >&5
-$as_echo "$as_me: WARNING: cache variable $ac_var contains a newline" >&2;} ;;
-      esac
-      case $ac_var in #(
-      _ | IFS | as_nl) ;; #(
-      BASH_ARGV | BASH_SOURCE) eval $ac_var= ;; #(
-      *) { eval $ac_var=; unset $ac_var;} ;;
-      esac ;;
-    esac
-  done
-
-  (set) 2>&1 |
-    case $as_nl`(ac_space=' '; set) 2>&1` in #(
-    *${as_nl}ac_space=\ *)
-      # `set' does not quote correctly, so add quotes: double-quote
-      # substitution turns \\\\ into \\, and sed turns \\ into \.
-      sed -n \
-	"s/'/'\\\\''/g;
-	  s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1='\\2'/p"
-      ;; #(
-    *)
-      # `set' quotes correctly as required by POSIX, so do not add quotes.
-      sed -n "/^[_$as_cr_alnum]*_cv_[_$as_cr_alnum]*=/p"
-      ;;
-    esac |
-    sort
-) |
-  sed '
-     /^ac_cv_env_/b end
-     t clear
-     :clear
-     s/^\([^=]*\)=\(.*[{}].*\)$/test "${\1+set}" = set || &/
-     t end
-     s/^\([^=]*\)=\(.*\)$/\1=${\1=\2}/
-     :end' >>confcache
-if diff "$cache_file" confcache >/dev/null 2>&1; then :; else
-  if test -w "$cache_file"; then
-    if test "x$cache_file" != "x/dev/null"; then
-      { $as_echo "$as_me:${as_lineno-$LINENO}: updating cache $cache_file" >&5
-$as_echo "$as_me: updating cache $cache_file" >&6;}
-      if test ! -f "$cache_file" || test -h "$cache_file"; then
-	cat confcache >"$cache_file"
-      else
-        case $cache_file in #(
-        */* | ?:*)
-	  mv -f confcache "$cache_file"$$ &&
-	  mv -f "$cache_file"$$ "$cache_file" ;; #(
-        *)
-	  mv -f confcache "$cache_file" ;;
-	esac
-      fi
-    fi
-  else
-    { $as_echo "$as_me:${as_lineno-$LINENO}: not updating unwritable cache $cache_file" >&5
-$as_echo "$as_me: not updating unwritable cache $cache_file" >&6;}
-  fi
-fi
-rm -f confcache
-
-test "x$prefix" = xNONE && prefix=$ac_default_prefix
-# Let make expand exec_prefix.
-test "x$exec_prefix" = xNONE && exec_prefix='${prefix}'
-
-DEFS=-DHAVE_CONFIG_H
-
-ac_libobjs=
-ac_ltlibobjs=
-U=
-for ac_i in : $LIBOBJS; do test "x$ac_i" = x: && continue
-  # 1. Remove the extension, and $U if already installed.
-  ac_script='s/\$U\././;s/\.o$//;s/\.obj$//'
-  ac_i=`$as_echo "$ac_i" | sed "$ac_script"`
-  # 2. Prepend LIBOBJDIR.  When used with automake>=1.10 LIBOBJDIR
-  #    will be set to the directory where LIBOBJS objects are built.
-  as_fn_append ac_libobjs " \${LIBOBJDIR}$ac_i\$U.$ac_objext"
-  as_fn_append ac_ltlibobjs " \${LIBOBJDIR}$ac_i"'$U.lo'
-done
-LIBOBJS=$ac_libobjs
-
-LTLIBOBJS=$ac_ltlibobjs
-
-
-
-
-: "${CONFIG_STATUS=./config.status}"
-ac_write_fail=0
-ac_clean_files_save=$ac_clean_files
-ac_clean_files="$ac_clean_files $CONFIG_STATUS"
-{ $as_echo "$as_me:${as_lineno-$LINENO}: creating $CONFIG_STATUS" >&5
-$as_echo "$as_me: creating $CONFIG_STATUS" >&6;}
-as_write_fail=0
-cat >$CONFIG_STATUS <<_ASEOF || as_write_fail=1
-#! $SHELL
-# Generated by $as_me.
-# Run this file to recreate the current configuration.
-# Compiler output produced by configure, useful for debugging
-# configure, is in config.log if it exists.
-
-debug=false
-ac_cs_recheck=false
-ac_cs_silent=false
-
-SHELL=\${CONFIG_SHELL-$SHELL}
-export SHELL
-_ASEOF
-cat >>$CONFIG_STATUS <<\_ASEOF || as_write_fail=1
-## -------------------- ##
-## M4sh Initialization. ##
-## -------------------- ##
-
-# Be more Bourne compatible
-DUALCASE=1; export DUALCASE # for MKS sh
-if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then :
-  emulate sh
-  NULLCMD=:
-  # Pre-4.2 versions of Zsh do word splitting on ${1+"$@"}, which
-  # is contrary to our usage.  Disable this feature.
-  alias -g '${1+"$@"}'='"$@"'
-  setopt NO_GLOB_SUBST
-else
-  case `(set -o) 2>/dev/null` in #(
-  *posix*) :
-    set -o posix ;; #(
-  *) :
-     ;;
-esac
-fi
-
-
-as_nl='
-'
-export as_nl
-# Printing a long string crashes Solaris 7 /usr/bin/printf.
-as_echo='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\'
-as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo
-as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo$as_echo
-# Prefer a ksh shell builtin over an external printf program on Solaris,
-# but without wasting forks for bash or zsh.
-if test -z "$BASH_VERSION$ZSH_VERSION" \
-    && (test "X`print -r -- $as_echo`" = "X$as_echo") 2>/dev/null; then
-  as_echo='print -r --'
-  as_echo_n='print -rn --'
-elif (test "X`printf %s $as_echo`" = "X$as_echo") 2>/dev/null; then
-  as_echo='printf %s\n'
-  as_echo_n='printf %s'
-else
-  if test "X`(/usr/ucb/echo -n -n $as_echo) 2>/dev/null`" = "X-n $as_echo"; then
-    as_echo_body='eval /usr/ucb/echo -n "$1$as_nl"'
-    as_echo_n='/usr/ucb/echo -n'
-  else
-    as_echo_body='eval expr "X$1" : "X\\(.*\\)"'
-    as_echo_n_body='eval
-      arg=$1;
-      case $arg in #(
-      *"$as_nl"*)
-	expr "X$arg" : "X\\(.*\\)$as_nl";
-	arg=`expr "X$arg" : ".*$as_nl\\(.*\\)"`;;
-      esac;
-      expr "X$arg" : "X\\(.*\\)" | tr -d "$as_nl"
-    '
-    export as_echo_n_body
-    as_echo_n='sh -c $as_echo_n_body as_echo'
-  fi
-  export as_echo_body
-  as_echo='sh -c $as_echo_body as_echo'
-fi
-
-# The user is always right.
-if test "${PATH_SEPARATOR+set}" != set; then
-  PATH_SEPARATOR=:
-  (PATH='/bin;/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 && {
-    (PATH='/bin:/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 ||
-      PATH_SEPARATOR=';'
-  }
-fi
-
-
-# IFS
-# We need space, tab and new line, in precisely that order.  Quoting is
-# there to prevent editors from complaining about space-tab.
-# (If _AS_PATH_WALK were called with IFS unset, it would disable word
-# splitting by setting IFS to empty value.)
-IFS=" ""	$as_nl"
-
-# Find who we are.  Look in the path if we contain no directory separator.
-as_myself=
-case $0 in #((
-  *[\\/]* ) as_myself=$0 ;;
-  *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
-for as_dir in $PATH
-do
-  IFS=$as_save_IFS
-  test -z "$as_dir" && as_dir=.
-    test -r "$as_dir/$0" && as_myself=$as_dir/$0 && break
-  done
-IFS=$as_save_IFS
-
-     ;;
-esac
-# We did not find ourselves, most probably we were run as `sh COMMAND'
-# in which case we are not to be found in the path.
-if test "x$as_myself" = x; then
-  as_myself=$0
-fi
-if test ! -f "$as_myself"; then
-  $as_echo "$as_myself: error: cannot find myself; rerun with an absolute file name" >&2
-  exit 1
-fi
-
-# Unset variables that we do not need and which cause bugs (e.g. in
-# pre-3.0 UWIN ksh).  But do not cause bugs in bash 2.01; the "|| exit 1"
-# suppresses any "Segmentation fault" message there.  '((' could
-# trigger a bug in pdksh 5.2.14.
-for as_var in BASH_ENV ENV MAIL MAILPATH
-do eval test x\${$as_var+set} = xset \
-  && ( (unset $as_var) || exit 1) >/dev/null 2>&1 && unset $as_var || :
-done
-PS1='$ '
-PS2='> '
-PS4='+ '
-
-# NLS nuisances.
-LC_ALL=C
-export LC_ALL
-LANGUAGE=C
-export LANGUAGE
-
-# CDPATH.
-(unset CDPATH) >/dev/null 2>&1 && unset CDPATH
-
-
-# as_fn_error STATUS ERROR [LINENO LOG_FD]
-# ----------------------------------------
-# Output "`basename $0`: error: ERROR" to stderr. If LINENO and LOG_FD are
-# provided, also output the error to LOG_FD, referencing LINENO. Then exit the
-# script with STATUS, using 1 if that was 0.
-as_fn_error ()
-{
-  as_status=$1; test $as_status -eq 0 && as_status=1
-  if test "$4"; then
-    as_lineno=${as_lineno-"$3"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
-    $as_echo "$as_me:${as_lineno-$LINENO}: error: $2" >&$4
-  fi
-  $as_echo "$as_me: error: $2" >&2
-  as_fn_exit $as_status
-} # as_fn_error
-
-
-# as_fn_set_status STATUS
-# -----------------------
-# Set $? to STATUS, without forking.
-as_fn_set_status ()
-{
-  return $1
-} # as_fn_set_status
-
-# as_fn_exit STATUS
-# -----------------
-# Exit the shell with STATUS, even in a "trap 0" or "set -e" context.
-as_fn_exit ()
-{
-  set +e
-  as_fn_set_status $1
-  exit $1
-} # as_fn_exit
-
-# as_fn_unset VAR
-# ---------------
-# Portably unset VAR.
-as_fn_unset ()
-{
-  { eval $1=; unset $1;}
-}
-as_unset=as_fn_unset
-# as_fn_append VAR VALUE
-# ----------------------
-# Append the text in VALUE to the end of the definition contained in VAR. Take
-# advantage of any shell optimizations that allow amortized linear growth over
-# repeated appends, instead of the typical quadratic growth present in naive
-# implementations.
-if (eval "as_var=1; as_var+=2; test x\$as_var = x12") 2>/dev/null; then :
-  eval 'as_fn_append ()
-  {
-    eval $1+=\$2
-  }'
-else
-  as_fn_append ()
-  {
-    eval $1=\$$1\$2
-  }
-fi # as_fn_append
-
-# as_fn_arith ARG...
-# ------------------
-# Perform arithmetic evaluation on the ARGs, and store the result in the
-# global $as_val. Take advantage of shells that can avoid forks. The arguments
-# must be portable across $(()) and expr.
-if (eval "test \$(( 1 + 1 )) = 2") 2>/dev/null; then :
-  eval 'as_fn_arith ()
-  {
-    as_val=$(( $* ))
-  }'
-else
-  as_fn_arith ()
-  {
-    as_val=`expr "$@" || test $? -eq 1`
-  }
-fi # as_fn_arith
-
-
-if expr a : '\(a\)' >/dev/null 2>&1 &&
-   test "X`expr 00001 : '.*\(...\)'`" = X001; then
-  as_expr=expr
-else
-  as_expr=false
-fi
-
-if (basename -- /) >/dev/null 2>&1 && test "X`basename -- / 2>&1`" = "X/"; then
-  as_basename=basename
-else
-  as_basename=false
-fi
-
-if (as_dir=`dirname -- /` && test "X$as_dir" = X/) >/dev/null 2>&1; then
-  as_dirname=dirname
-else
-  as_dirname=false
-fi
-
-as_me=`$as_basename -- "$0" ||
-$as_expr X/"$0" : '.*/\([^/][^/]*\)/*$' \| \
-	 X"$0" : 'X\(//\)$' \| \
-	 X"$0" : 'X\(/\)' \| . 2>/dev/null ||
-$as_echo X/"$0" |
-    sed '/^.*\/\([^/][^/]*\)\/*$/{
-	    s//\1/
-	    q
-	  }
-	  /^X\/\(\/\/\)$/{
-	    s//\1/
-	    q
-	  }
-	  /^X\/\(\/\).*/{
-	    s//\1/
-	    q
-	  }
-	  s/.*/./; q'`
-
-# Avoid depending upon Character Ranges.
-as_cr_letters='abcdefghijklmnopqrstuvwxyz'
-as_cr_LETTERS='ABCDEFGHIJKLMNOPQRSTUVWXYZ'
-as_cr_Letters=$as_cr_letters$as_cr_LETTERS
-as_cr_digits='0123456789'
-as_cr_alnum=$as_cr_Letters$as_cr_digits
-
-ECHO_C= ECHO_N= ECHO_T=
-case `echo -n x` in #(((((
--n*)
-  case `echo 'xy\c'` in
-  *c*) ECHO_T='	';;	# ECHO_T is single tab character.
-  xy)  ECHO_C='\c';;
-  *)   echo `echo ksh88 bug on AIX 6.1` > /dev/null
-       ECHO_T='	';;
-  esac;;
-*)
-  ECHO_N='-n';;
-esac
-
-rm -f conf$$ conf$$.exe conf$$.file
-if test -d conf$$.dir; then
-  rm -f conf$$.dir/conf$$.file
-else
-  rm -f conf$$.dir
-  mkdir conf$$.dir 2>/dev/null
-fi
-if (echo >conf$$.file) 2>/dev/null; then
-  if ln -s conf$$.file conf$$ 2>/dev/null; then
-    as_ln_s='ln -s'
-    # ... but there are two gotchas:
-    # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail.
-    # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable.
-    # In both cases, we have to default to `cp -pR'.
-    ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe ||
-      as_ln_s='cp -pR'
-  elif ln conf$$.file conf$$ 2>/dev/null; then
-    as_ln_s=ln
-  else
-    as_ln_s='cp -pR'
-  fi
-else
-  as_ln_s='cp -pR'
-fi
-rm -f conf$$ conf$$.exe conf$$.dir/conf$$.file conf$$.file
-rmdir conf$$.dir 2>/dev/null
-
-
-# as_fn_mkdir_p
-# -------------
-# Create "$as_dir" as a directory, including parents if necessary.
-as_fn_mkdir_p ()
-{
-
-  case $as_dir in #(
-  -*) as_dir=./$as_dir;;
-  esac
-  test -d "$as_dir" || eval $as_mkdir_p || {
-    as_dirs=
-    while :; do
-      case $as_dir in #(
-      *\'*) as_qdir=`$as_echo "$as_dir" | sed "s/'/'\\\\\\\\''/g"`;; #'(
-      *) as_qdir=$as_dir;;
-      esac
-      as_dirs="'$as_qdir' $as_dirs"
-      as_dir=`$as_dirname -- "$as_dir" ||
-$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
-	 X"$as_dir" : 'X\(//\)[^/]' \| \
-	 X"$as_dir" : 'X\(//\)$' \| \
-	 X"$as_dir" : 'X\(/\)' \| . 2>/dev/null ||
-$as_echo X"$as_dir" |
-    sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{
-	    s//\1/
-	    q
-	  }
-	  /^X\(\/\/\)[^/].*/{
-	    s//\1/
-	    q
-	  }
-	  /^X\(\/\/\)$/{
-	    s//\1/
-	    q
-	  }
-	  /^X\(\/\).*/{
-	    s//\1/
-	    q
-	  }
-	  s/.*/./; q'`
-      test -d "$as_dir" && break
-    done
-    test -z "$as_dirs" || eval "mkdir $as_dirs"
-  } || test -d "$as_dir" || as_fn_error $? "cannot create directory $as_dir"
-
-
-} # as_fn_mkdir_p
-if mkdir -p . 2>/dev/null; then
-  as_mkdir_p='mkdir -p "$as_dir"'
-else
-  test -d ./-p && rmdir ./-p
-  as_mkdir_p=false
-fi
-
-
-# as_fn_executable_p FILE
-# -----------------------
-# Test if FILE is an executable regular file.
-as_fn_executable_p ()
-{
-  test -f "$1" && test -x "$1"
-} # as_fn_executable_p
-as_test_x='test -x'
-as_executable_p=as_fn_executable_p
-
-# Sed expression to map a string onto a valid CPP name.
-as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'"
-
-# Sed expression to map a string onto a valid variable name.
-as_tr_sh="eval sed 'y%*+%pp%;s%[^_$as_cr_alnum]%_%g'"
-
-
-exec 6>&1
-## ----------------------------------- ##
-## Main body of $CONFIG_STATUS script. ##
-## ----------------------------------- ##
-_ASEOF
-test $as_write_fail = 0 && chmod +x $CONFIG_STATUS || ac_write_fail=1
-
-cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
-# Save the log message, to keep $0 and so on meaningful, and to
-# report actual input values of CONFIG_FILES etc. instead of their
-# values after options handling.
-ac_log="
-This file was extended by OpenSSH $as_me Portable, which was
-generated by GNU Autoconf 2.69.  Invocation command line was
-
-  CONFIG_FILES    = $CONFIG_FILES
-  CONFIG_HEADERS  = $CONFIG_HEADERS
-  CONFIG_LINKS    = $CONFIG_LINKS
-  CONFIG_COMMANDS = $CONFIG_COMMANDS
-  $ $0 $@
-
-on `(hostname || uname -n) 2>/dev/null | sed 1q`
-"
-
-_ACEOF
-
-case $ac_config_files in *"
-"*) set x $ac_config_files; shift; ac_config_files=$*;;
-esac
-
-case $ac_config_headers in *"
-"*) set x $ac_config_headers; shift; ac_config_headers=$*;;
-esac
-
-
-cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
-# Files that config.status was made for.
-config_files="$ac_config_files"
-config_headers="$ac_config_headers"
-
-_ACEOF
-
-cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
-ac_cs_usage="\
-\`$as_me' instantiates files and other configuration actions
-from templates according to the current configuration.  Unless the files
-and actions are specified as TAGs, all are instantiated by default.
-
-Usage: $0 [OPTION]... [TAG]...
-
-  -h, --help       print this help, then exit
-  -V, --version    print version number and configuration settings, then exit
-      --config     print configuration, then exit
-  -q, --quiet, --silent
-                   do not print progress messages
-  -d, --debug      don't remove temporary files
-      --recheck    update $as_me by reconfiguring in the same conditions
-      --file=FILE[:TEMPLATE]
-                   instantiate the configuration file FILE
-      --header=FILE[:TEMPLATE]
-                   instantiate the configuration header FILE
-
-Configuration files:
-$config_files
-
-Configuration headers:
-$config_headers
-
-Report bugs to <openssh-unix-dev@mindrot.org>."
-
-_ACEOF
-cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
-ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
-ac_cs_version="\\
-OpenSSH config.status Portable
-configured by $0, generated by GNU Autoconf 2.69,
-  with options \\"\$ac_cs_config\\"
-
-Copyright (C) 2012 Free Software Foundation, Inc.
-This config.status script is free software; the Free Software Foundation
-gives unlimited permission to copy, distribute and modify it."
-
-ac_pwd='$ac_pwd'
-srcdir='$srcdir'
-INSTALL='$INSTALL'
-AWK='$AWK'
-test -n "\$AWK" || AWK=awk
-_ACEOF
-
-cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
-# The default lists apply if the user does not specify any file.
-ac_need_defaults=:
-while test $# != 0
-do
-  case $1 in
-  --*=?*)
-    ac_option=`expr "X$1" : 'X\([^=]*\)='`
-    ac_optarg=`expr "X$1" : 'X[^=]*=\(.*\)'`
-    ac_shift=:
-    ;;
-  --*=)
-    ac_option=`expr "X$1" : 'X\([^=]*\)='`
-    ac_optarg=
-    ac_shift=:
-    ;;
-  *)
-    ac_option=$1
-    ac_optarg=$2
-    ac_shift=shift
-    ;;
-  esac
-
-  case $ac_option in
-  # Handling of the options.
-  -recheck | --recheck | --rechec | --reche | --rech | --rec | --re | --r)
-    ac_cs_recheck=: ;;
-  --version | --versio | --versi | --vers | --ver | --ve | --v | -V )
-    $as_echo "$ac_cs_version"; exit ;;
-  --config | --confi | --conf | --con | --co | --c )
-    $as_echo "$ac_cs_config"; exit ;;
-  --debug | --debu | --deb | --de | --d | -d )
-    debug=: ;;
-  --file | --fil | --fi | --f )
-    $ac_shift
-    case $ac_optarg in
-    *\'*) ac_optarg=`$as_echo "$ac_optarg" | sed "s/'/'\\\\\\\\''/g"` ;;
-    '') as_fn_error $? "missing file argument" ;;
-    esac
-    as_fn_append CONFIG_FILES " '$ac_optarg'"
-    ac_need_defaults=false;;
-  --header | --heade | --head | --hea )
-    $ac_shift
-    case $ac_optarg in
-    *\'*) ac_optarg=`$as_echo "$ac_optarg" | sed "s/'/'\\\\\\\\''/g"` ;;
-    esac
-    as_fn_append CONFIG_HEADERS " '$ac_optarg'"
-    ac_need_defaults=false;;
-  --he | --h)
-    # Conflict between --help and --header
-    as_fn_error $? "ambiguous option: \`$1'
-Try \`$0 --help' for more information.";;
-  --help | --hel | -h )
-    $as_echo "$ac_cs_usage"; exit ;;
-  -q | -quiet | --quiet | --quie | --qui | --qu | --q \
-  | -silent | --silent | --silen | --sile | --sil | --si | --s)
-    ac_cs_silent=: ;;
-
-  # This is an error.
-  -*) as_fn_error $? "unrecognized option: \`$1'
-Try \`$0 --help' for more information." ;;
-
-  *) as_fn_append ac_config_targets " $1"
-     ac_need_defaults=false ;;
-
-  esac
-  shift
-done
-
-ac_configure_extra_args=
-
-if $ac_cs_silent; then
-  exec 6>/dev/null
-  ac_configure_extra_args="$ac_configure_extra_args --silent"
-fi
-
-_ACEOF
-cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
-if \$ac_cs_recheck; then
-  set X $SHELL '$0' $ac_configure_args \$ac_configure_extra_args --no-create --no-recursion
-  shift
-  \$as_echo "running CONFIG_SHELL=$SHELL \$*" >&6
-  CONFIG_SHELL='$SHELL'
-  export CONFIG_SHELL
-  exec "\$@"
-fi
-
-_ACEOF
-cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
-exec 5>>config.log
-{
-  echo
-  sed 'h;s/./-/g;s/^.../## /;s/...$/ ##/;p;x;p;x' <<_ASBOX
-## Running $as_me. ##
-_ASBOX
-  $as_echo "$ac_log"
-} >&5
-
-_ACEOF
-cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
-_ACEOF
-
-cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
-
-# Handling of arguments.
-for ac_config_target in $ac_config_targets
-do
-  case $ac_config_target in
-    "config.h") CONFIG_HEADERS="$CONFIG_HEADERS config.h" ;;
-    "Makefile") CONFIG_FILES="$CONFIG_FILES Makefile" ;;
-    "buildpkg.sh") CONFIG_FILES="$CONFIG_FILES buildpkg.sh" ;;
-    "opensshd.init") CONFIG_FILES="$CONFIG_FILES opensshd.init" ;;
-    "openssh.xml") CONFIG_FILES="$CONFIG_FILES openssh.xml" ;;
-    "openbsd-compat/Makefile") CONFIG_FILES="$CONFIG_FILES openbsd-compat/Makefile" ;;
-    "openbsd-compat/regress/Makefile") CONFIG_FILES="$CONFIG_FILES openbsd-compat/regress/Makefile" ;;
-    "survey.sh") CONFIG_FILES="$CONFIG_FILES survey.sh" ;;
-
-  *) as_fn_error $? "invalid argument: \`$ac_config_target'" "$LINENO" 5;;
-  esac
-done
-
-
-# If the user did not use the arguments to specify the items to instantiate,
-# then the envvar interface is used.  Set only those that are not.
-# We use the long form for the default assignment because of an extremely
-# bizarre bug on SunOS 4.1.3.
-if $ac_need_defaults; then
-  test "${CONFIG_FILES+set}" = set || CONFIG_FILES=$config_files
-  test "${CONFIG_HEADERS+set}" = set || CONFIG_HEADERS=$config_headers
-fi
-
-# Have a temporary directory for convenience.  Make it in the build tree
-# simply because there is no reason against having it here, and in addition,
-# creating and moving files from /tmp can sometimes cause problems.
-# Hook for its removal unless debugging.
-# Note that there is a small window in which the directory will not be cleaned:
-# after its creation but before its name has been assigned to `$tmp'.
-$debug ||
-{
-  tmp= ac_tmp=
-  trap 'exit_status=$?
-  : "${ac_tmp:=$tmp}"
-  { test ! -d "$ac_tmp" || rm -fr "$ac_tmp"; } && exit $exit_status
-' 0
-  trap 'as_fn_exit 1' 1 2 13 15
-}
-# Create a (secure) tmp directory for tmp files.
-
-{
-  tmp=`(umask 077 && mktemp -d "./confXXXXXX") 2>/dev/null` &&
-  test -d "$tmp"
-}  ||
-{
-  tmp=./conf$$-$RANDOM
-  (umask 077 && mkdir "$tmp")
-} || as_fn_error $? "cannot create a temporary directory in ." "$LINENO" 5
-ac_tmp=$tmp
-
-# Set up the scripts for CONFIG_FILES section.
-# No need to generate them if there are no CONFIG_FILES.
-# This happens for instance with `./config.status config.h'.
-if test -n "$CONFIG_FILES"; then
-
-
-ac_cr=`echo X | tr X '\015'`
-# On cygwin, bash can eat \r inside `` if the user requested igncr.
-# But we know of no other shell where ac_cr would be empty at this
-# point, so we can use a bashism as a fallback.
-if test "x$ac_cr" = x; then
-  eval ac_cr=\$\'\\r\'
-fi
-ac_cs_awk_cr=`$AWK 'BEGIN { print "a\rb" }' </dev/null 2>/dev/null`
-if test "$ac_cs_awk_cr" = "a${ac_cr}b"; then
-  ac_cs_awk_cr='\\r'
-else
-  ac_cs_awk_cr=$ac_cr
-fi
-
-echo 'BEGIN {' >"$ac_tmp/subs1.awk" &&
-_ACEOF
-
-
-{
-  echo "cat >conf$$subs.awk <<_ACEOF" &&
-  echo "$ac_subst_vars" | sed 's/.*/&!$&$ac_delim/' &&
-  echo "_ACEOF"
-} >conf$$subs.sh ||
-  as_fn_error $? "could not make $CONFIG_STATUS" "$LINENO" 5
-ac_delim_num=`echo "$ac_subst_vars" | grep -c '^'`
-ac_delim='%!_!# '
-for ac_last_try in false false false false false :; do
-  . ./conf$$subs.sh ||
-    as_fn_error $? "could not make $CONFIG_STATUS" "$LINENO" 5
-
-  ac_delim_n=`sed -n "s/.*$ac_delim\$/X/p" conf$$subs.awk | grep -c X`
-  if test $ac_delim_n = $ac_delim_num; then
-    break
-  elif $ac_last_try; then
-    as_fn_error $? "could not make $CONFIG_STATUS" "$LINENO" 5
-  else
-    ac_delim="$ac_delim!$ac_delim _$ac_delim!! "
-  fi
-done
-rm -f conf$$subs.sh
-
-cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
-cat >>"\$ac_tmp/subs1.awk" <<\\_ACAWK &&
-_ACEOF
-sed -n '
-h
-s/^/S["/; s/!.*/"]=/
-p
-g
-s/^[^!]*!//
-:repl
-t repl
-s/'"$ac_delim"'$//
-t delim
-:nl
-h
-s/\(.\{148\}\)..*/\1/
-t more1
-s/["\\]/\\&/g; s/^/"/; s/$/\\n"\\/
-p
-n
-b repl
-:more1
-s/["\\]/\\&/g; s/^/"/; s/$/"\\/
-p
-g
-s/.\{148\}//
-t nl
-:delim
-h
-s/\(.\{148\}\)..*/\1/
-t more2
-s/["\\]/\\&/g; s/^/"/; s/$/"/
-p
-b
-:more2
-s/["\\]/\\&/g; s/^/"/; s/$/"\\/
-p
-g
-s/.\{148\}//
-t delim
-' <conf$$subs.awk | sed '
-/^[^""]/{
-  N
-  s/\n//
-}
-' >>$CONFIG_STATUS || ac_write_fail=1
-rm -f conf$$subs.awk
-cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
-_ACAWK
-cat >>"\$ac_tmp/subs1.awk" <<_ACAWK &&
-  for (key in S) S_is_set[key] = 1
-  FS = ""
-
-}
-{
-  line = $ 0
-  nfields = split(line, field, "@")
-  substed = 0
-  len = length(field[1])
-  for (i = 2; i < nfields; i++) {
-    key = field[i]
-    keylen = length(key)
-    if (S_is_set[key]) {
-      value = S[key]
-      line = substr(line, 1, len) "" value "" substr(line, len + keylen + 3)
-      len += length(value) + length(field[++i])
-      substed = 1
-    } else
-      len += 1 + keylen
-  }
-
-  print line
-}
-
-_ACAWK
-_ACEOF
-cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
-if sed "s/$ac_cr//" < /dev/null > /dev/null 2>&1; then
-  sed "s/$ac_cr\$//; s/$ac_cr/$ac_cs_awk_cr/g"
-else
-  cat
-fi < "$ac_tmp/subs1.awk" > "$ac_tmp/subs.awk" \
-  || as_fn_error $? "could not setup config files machinery" "$LINENO" 5
-_ACEOF
-
-# VPATH may cause trouble with some makes, so we remove sole $(srcdir),
-# ${srcdir} and @srcdir@ entries from VPATH if srcdir is ".", strip leading and
-# trailing colons and then remove the whole line if VPATH becomes empty
-# (actually we leave an empty line to preserve line numbers).
-if test "x$srcdir" = x.; then
-  ac_vpsub='/^[	 ]*VPATH[	 ]*=[	 ]*/{
-h
-s///
-s/^/:/
-s/[	 ]*$/:/
-s/:\$(srcdir):/:/g
-s/:\${srcdir}:/:/g
-s/:@srcdir@:/:/g
-s/^:*//
-s/:*$//
-x
-s/\(=[	 ]*\).*/\1/
-G
-s/\n//
-s/^[^=]*=[	 ]*$//
-}'
-fi
-
-cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
-fi # test -n "$CONFIG_FILES"
-
-# Set up the scripts for CONFIG_HEADERS section.
-# No need to generate them if there are no CONFIG_HEADERS.
-# This happens for instance with `./config.status Makefile'.
-if test -n "$CONFIG_HEADERS"; then
-cat >"$ac_tmp/defines.awk" <<\_ACAWK ||
-BEGIN {
-_ACEOF
-
-# Transform confdefs.h into an awk script `defines.awk', embedded as
-# here-document in config.status, that substitutes the proper values into
-# config.h.in to produce config.h.
-
-# Create a delimiter string that does not exist in confdefs.h, to ease
-# handling of long lines.
-ac_delim='%!_!# '
-for ac_last_try in false false :; do
-  ac_tt=`sed -n "/$ac_delim/p" confdefs.h`
-  if test -z "$ac_tt"; then
-    break
-  elif $ac_last_try; then
-    as_fn_error $? "could not make $CONFIG_HEADERS" "$LINENO" 5
-  else
-    ac_delim="$ac_delim!$ac_delim _$ac_delim!! "
-  fi
-done
-
-# For the awk script, D is an array of macro values keyed by name,
-# likewise P contains macro parameters if any.  Preserve backslash
-# newline sequences.
-
-ac_word_re=[_$as_cr_Letters][_$as_cr_alnum]*
-sed -n '
-s/.\{148\}/&'"$ac_delim"'/g
-t rset
-:rset
-s/^[	 ]*#[	 ]*define[	 ][	 ]*/ /
-t def
-d
-:def
-s/\\$//
-t bsnl
-s/["\\]/\\&/g
-s/^ \('"$ac_word_re"'\)\(([^()]*)\)[	 ]*\(.*\)/P["\1"]="\2"\
-D["\1"]=" \3"/p
-s/^ \('"$ac_word_re"'\)[	 ]*\(.*\)/D["\1"]=" \2"/p
-d
-:bsnl
-s/["\\]/\\&/g
-s/^ \('"$ac_word_re"'\)\(([^()]*)\)[	 ]*\(.*\)/P["\1"]="\2"\
-D["\1"]=" \3\\\\\\n"\\/p
-t cont
-s/^ \('"$ac_word_re"'\)[	 ]*\(.*\)/D["\1"]=" \2\\\\\\n"\\/p
-t cont
-d
-:cont
-n
-s/.\{148\}/&'"$ac_delim"'/g
-t clear
-:clear
-s/\\$//
-t bsnlc
-s/["\\]/\\&/g; s/^/"/; s/$/"/p
-d
-:bsnlc
-s/["\\]/\\&/g; s/^/"/; s/$/\\\\\\n"\\/p
-b cont
-' <confdefs.h | sed '
-s/'"$ac_delim"'/"\\\
-"/g' >>$CONFIG_STATUS || ac_write_fail=1
-
-cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
-  for (key in D) D_is_set[key] = 1
-  FS = ""
-}
-/^[\t ]*#[\t ]*(define|undef)[\t ]+$ac_word_re([\t (]|\$)/ {
-  line = \$ 0
-  split(line, arg, " ")
-  if (arg[1] == "#") {
-    defundef = arg[2]
-    mac1 = arg[3]
-  } else {
-    defundef = substr(arg[1], 2)
-    mac1 = arg[2]
-  }
-  split(mac1, mac2, "(") #)
-  macro = mac2[1]
-  prefix = substr(line, 1, index(line, defundef) - 1)
-  if (D_is_set[macro]) {
-    # Preserve the white space surrounding the "#".
-    print prefix "define", macro P[macro] D[macro]
-    next
-  } else {
-    # Replace #undef with comments.  This is necessary, for example,
-    # in the case of _POSIX_SOURCE, which is predefined and required
-    # on some systems where configure will not decide to define it.
-    if (defundef == "undef") {
-      print "/*", prefix defundef, macro, "*/"
-      next
-    }
-  }
-}
-{ print }
-_ACAWK
-_ACEOF
-cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
-  as_fn_error $? "could not setup config headers machinery" "$LINENO" 5
-fi # test -n "$CONFIG_HEADERS"
-
-
-eval set X "  :F $CONFIG_FILES  :H $CONFIG_HEADERS    "
-shift
-for ac_tag
-do
-  case $ac_tag in
-  :[FHLC]) ac_mode=$ac_tag; continue;;
-  esac
-  case $ac_mode$ac_tag in
-  :[FHL]*:*);;
-  :L* | :C*:*) as_fn_error $? "invalid tag \`$ac_tag'" "$LINENO" 5;;
-  :[FH]-) ac_tag=-:-;;
-  :[FH]*) ac_tag=$ac_tag:$ac_tag.in;;
-  esac
-  ac_save_IFS=$IFS
-  IFS=:
-  set x $ac_tag
-  IFS=$ac_save_IFS
-  shift
-  ac_file=$1
-  shift
-
-  case $ac_mode in
-  :L) ac_source=$1;;
-  :[FH])
-    ac_file_inputs=
-    for ac_f
-    do
-      case $ac_f in
-      -) ac_f="$ac_tmp/stdin";;
-      *) # Look for the file first in the build tree, then in the source tree
-	 # (if the path is not absolute).  The absolute path cannot be DOS-style,
-	 # because $ac_f cannot contain `:'.
-	 test -f "$ac_f" ||
-	   case $ac_f in
-	   [\\/$]*) false;;
-	   *) test -f "$srcdir/$ac_f" && ac_f="$srcdir/$ac_f";;
-	   esac ||
-	   as_fn_error 1 "cannot find input file: \`$ac_f'" "$LINENO" 5;;
-      esac
-      case $ac_f in *\'*) ac_f=`$as_echo "$ac_f" | sed "s/'/'\\\\\\\\''/g"`;; esac
-      as_fn_append ac_file_inputs " '$ac_f'"
-    done
-
-    # Let's still pretend it is `configure' which instantiates (i.e., don't
-    # use $as_me), people would be surprised to read:
-    #    /* config.h.  Generated by config.status.  */
-    configure_input='Generated from '`
-	  $as_echo "$*" | sed 's|^[^:]*/||;s|:[^:]*/|, |g'
-	`' by configure.'
-    if test x"$ac_file" != x-; then
-      configure_input="$ac_file.  $configure_input"
-      { $as_echo "$as_me:${as_lineno-$LINENO}: creating $ac_file" >&5
-$as_echo "$as_me: creating $ac_file" >&6;}
-    fi
-    # Neutralize special characters interpreted by sed in replacement strings.
-    case $configure_input in #(
-    *\&* | *\|* | *\\* )
-       ac_sed_conf_input=`$as_echo "$configure_input" |
-       sed 's/[\\\\&|]/\\\\&/g'`;; #(
-    *) ac_sed_conf_input=$configure_input;;
-    esac
-
-    case $ac_tag in
-    *:-:* | *:-) cat >"$ac_tmp/stdin" \
-      || as_fn_error $? "could not create $ac_file" "$LINENO" 5 ;;
-    esac
-    ;;
-  esac
-
-  ac_dir=`$as_dirname -- "$ac_file" ||
-$as_expr X"$ac_file" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
-	 X"$ac_file" : 'X\(//\)[^/]' \| \
-	 X"$ac_file" : 'X\(//\)$' \| \
-	 X"$ac_file" : 'X\(/\)' \| . 2>/dev/null ||
-$as_echo X"$ac_file" |
-    sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{
-	    s//\1/
-	    q
-	  }
-	  /^X\(\/\/\)[^/].*/{
-	    s//\1/
-	    q
-	  }
-	  /^X\(\/\/\)$/{
-	    s//\1/
-	    q
-	  }
-	  /^X\(\/\).*/{
-	    s//\1/
-	    q
-	  }
-	  s/.*/./; q'`
-  as_dir="$ac_dir"; as_fn_mkdir_p
-  ac_builddir=.
-
-case "$ac_dir" in
-.) ac_dir_suffix= ac_top_builddir_sub=. ac_top_build_prefix= ;;
-*)
-  ac_dir_suffix=/`$as_echo "$ac_dir" | sed 's|^\.[\\/]||'`
-  # A ".." for each directory in $ac_dir_suffix.
-  ac_top_builddir_sub=`$as_echo "$ac_dir_suffix" | sed 's|/[^\\/]*|/..|g;s|/||'`
-  case $ac_top_builddir_sub in
-  "") ac_top_builddir_sub=. ac_top_build_prefix= ;;
-  *)  ac_top_build_prefix=$ac_top_builddir_sub/ ;;
-  esac ;;
-esac
-ac_abs_top_builddir=$ac_pwd
-ac_abs_builddir=$ac_pwd$ac_dir_suffix
-# for backward compatibility:
-ac_top_builddir=$ac_top_build_prefix
-
-case $srcdir in
-  .)  # We are building in place.
-    ac_srcdir=.
-    ac_top_srcdir=$ac_top_builddir_sub
-    ac_abs_top_srcdir=$ac_pwd ;;
-  [\\/]* | ?:[\\/]* )  # Absolute name.
-    ac_srcdir=$srcdir$ac_dir_suffix;
-    ac_top_srcdir=$srcdir
-    ac_abs_top_srcdir=$srcdir ;;
-  *) # Relative name.
-    ac_srcdir=$ac_top_build_prefix$srcdir$ac_dir_suffix
-    ac_top_srcdir=$ac_top_build_prefix$srcdir
-    ac_abs_top_srcdir=$ac_pwd/$srcdir ;;
-esac
-ac_abs_srcdir=$ac_abs_top_srcdir$ac_dir_suffix
-
-
-  case $ac_mode in
-  :F)
-  #
-  # CONFIG_FILE
-  #
-
-  case $INSTALL in
-  [\\/$]* | ?:[\\/]* ) ac_INSTALL=$INSTALL ;;
-  *) ac_INSTALL=$ac_top_build_prefix$INSTALL ;;
-  esac
-_ACEOF
-
-cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
-# If the template does not know about datarootdir, expand it.
-# FIXME: This hack should be removed a few years after 2.60.
-ac_datarootdir_hack=; ac_datarootdir_seen=
-ac_sed_dataroot='
-/datarootdir/ {
-  p
-  q
-}
-/@datadir@/p
-/@docdir@/p
-/@infodir@/p
-/@localedir@/p
-/@mandir@/p'
-case `eval "sed -n \"\$ac_sed_dataroot\" $ac_file_inputs"` in
-*datarootdir*) ac_datarootdir_seen=yes;;
-*@datadir@*|*@docdir@*|*@infodir@*|*@localedir@*|*@mandir@*)
-  { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $ac_file_inputs seems to ignore the --datarootdir setting" >&5
-$as_echo "$as_me: WARNING: $ac_file_inputs seems to ignore the --datarootdir setting" >&2;}
-_ACEOF
-cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
-  ac_datarootdir_hack='
-  s&@datadir@&$datadir&g
-  s&@docdir@&$docdir&g
-  s&@infodir@&$infodir&g
-  s&@localedir@&$localedir&g
-  s&@mandir@&$mandir&g
-  s&\\\${datarootdir}&$datarootdir&g' ;;
-esac
-_ACEOF
-
-# Neutralize VPATH when `$srcdir' = `.'.
-# Shell code in configure.ac might set extrasub.
-# FIXME: do we really want to maintain this feature?
-cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
-ac_sed_extra="$ac_vpsub
-$extrasub
-_ACEOF
-cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
-:t
-/@[a-zA-Z_][a-zA-Z_0-9]*@/!b
-s|@configure_input@|$ac_sed_conf_input|;t t
-s&@top_builddir@&$ac_top_builddir_sub&;t t
-s&@top_build_prefix@&$ac_top_build_prefix&;t t
-s&@srcdir@&$ac_srcdir&;t t
-s&@abs_srcdir@&$ac_abs_srcdir&;t t
-s&@top_srcdir@&$ac_top_srcdir&;t t
-s&@abs_top_srcdir@&$ac_abs_top_srcdir&;t t
-s&@builddir@&$ac_builddir&;t t
-s&@abs_builddir@&$ac_abs_builddir&;t t
-s&@abs_top_builddir@&$ac_abs_top_builddir&;t t
-s&@INSTALL@&$ac_INSTALL&;t t
-$ac_datarootdir_hack
-"
-eval sed \"\$ac_sed_extra\" "$ac_file_inputs" | $AWK -f "$ac_tmp/subs.awk" \
-  >$ac_tmp/out || as_fn_error $? "could not create $ac_file" "$LINENO" 5
-
-test -z "$ac_datarootdir_hack$ac_datarootdir_seen" &&
-  { ac_out=`sed -n '/\${datarootdir}/p' "$ac_tmp/out"`; test -n "$ac_out"; } &&
-  { ac_out=`sed -n '/^[	 ]*datarootdir[	 ]*:*=/p' \
-      "$ac_tmp/out"`; test -z "$ac_out"; } &&
-  { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $ac_file contains a reference to the variable \`datarootdir'
-which seems to be undefined.  Please make sure it is defined" >&5
-$as_echo "$as_me: WARNING: $ac_file contains a reference to the variable \`datarootdir'
-which seems to be undefined.  Please make sure it is defined" >&2;}
-
-  rm -f "$ac_tmp/stdin"
-  case $ac_file in
-  -) cat "$ac_tmp/out" && rm -f "$ac_tmp/out";;
-  *) rm -f "$ac_file" && mv "$ac_tmp/out" "$ac_file";;
-  esac \
-  || as_fn_error $? "could not create $ac_file" "$LINENO" 5
- ;;
-  :H)
-  #
-  # CONFIG_HEADER
-  #
-  if test x"$ac_file" != x-; then
-    {
-      $as_echo "/* $configure_input  */" \
-      && eval '$AWK -f "$ac_tmp/defines.awk"' "$ac_file_inputs"
-    } >"$ac_tmp/config.h" \
-      || as_fn_error $? "could not create $ac_file" "$LINENO" 5
-    if diff "$ac_file" "$ac_tmp/config.h" >/dev/null 2>&1; then
-      { $as_echo "$as_me:${as_lineno-$LINENO}: $ac_file is unchanged" >&5
-$as_echo "$as_me: $ac_file is unchanged" >&6;}
-    else
-      rm -f "$ac_file"
-      mv "$ac_tmp/config.h" "$ac_file" \
-	|| as_fn_error $? "could not create $ac_file" "$LINENO" 5
-    fi
-  else
-    $as_echo "/* $configure_input  */" \
-      && eval '$AWK -f "$ac_tmp/defines.awk"' "$ac_file_inputs" \
-      || as_fn_error $? "could not create -" "$LINENO" 5
-  fi
- ;;
-
-
-  esac
-
-done # for ac_tag
-
-
-as_fn_exit 0
-_ACEOF
-ac_clean_files=$ac_clean_files_save
-
-test $ac_write_fail = 0 ||
-  as_fn_error $? "write failure creating $CONFIG_STATUS" "$LINENO" 5
-
-
-# configure is writing to config.log, and then calls config.status.
-# config.status does its own redirection, appending to config.log.
-# Unfortunately, on DOS this fails, as config.log is still kept open
-# by configure, so config.status won't be able to write to it; its
-# output is simply discarded.  So we exec the FD to /dev/null,
-# effectively closing config.log, so it can be properly (re)opened and
-# appended to by config.status.  When coming back to configure, we
-# need to make the FD available again.
-if test "$no_create" != yes; then
-  ac_cs_success=:
-  ac_config_status_args=
-  test "$silent" = yes &&
-    ac_config_status_args="$ac_config_status_args --quiet"
-  exec 5>/dev/null
-  $SHELL $CONFIG_STATUS $ac_config_status_args || ac_cs_success=false
-  exec 5>>config.log
-  # Use ||, not &&, to avoid exiting from the if with $? = 1, which
-  # would make configure fail if this is the last instruction.
-  $ac_cs_success || as_fn_exit 1
-fi
-if test -n "$ac_unrecognized_opts" && test "$enable_option_checking" != no; then
-  { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: unrecognized options: $ac_unrecognized_opts" >&5
-$as_echo "$as_me: WARNING: unrecognized options: $ac_unrecognized_opts" >&2;}
-fi
-
-
-# Print summary of options
-
-# Someone please show me a better way :)
-A=`eval echo ${prefix}` ; A=`eval echo ${A}`
-B=`eval echo ${bindir}` ; B=`eval echo ${B}`
-C=`eval echo ${sbindir}` ; C=`eval echo ${C}`
-D=`eval echo ${sysconfdir}` ; D=`eval echo ${D}`
-E=`eval echo ${libexecdir}/ssh-askpass` ; E=`eval echo ${E}`
-F=`eval echo ${mandir}/${mansubdir}X` ; F=`eval echo ${F}`
-G=`eval echo ${piddir}` ; G=`eval echo ${G}`
-H=`eval echo ${PRIVSEP_PATH}` ; H=`eval echo ${H}`
-I=`eval echo ${user_path}` ; I=`eval echo ${I}`
-J=`eval echo ${superuser_path}` ; J=`eval echo ${J}`
-
-echo ""
-echo "OpenSSH has been configured with the following options:"
-echo "                     User binaries: $B"
-echo "                   System binaries: $C"
-echo "               Configuration files: $D"
-echo "                   Askpass program: $E"
-echo "                      Manual pages: $F"
-echo "                          PID file: $G"
-echo "  Privilege separation chroot path: $H"
-if test "x$external_path_file" = "x/etc/login.conf" ; then
-echo "   At runtime, sshd will use the path defined in $external_path_file"
-echo "   Make sure the path to scp is present, otherwise scp will not work"
-else
-echo "            sshd default user PATH: $I"
-	if test ! -z "$external_path_file"; then
-echo "   (If PATH is set in $external_path_file it will be used instead. If"
-echo "   used, ensure the path to scp is present, otherwise scp will not work.)"
-	fi
-fi
-if test ! -z "$superuser_path" ; then
-echo "          sshd superuser user PATH: $J"
-fi
-echo "                    Manpage format: $MANTYPE"
-echo "                       PAM support: $PAM_MSG"
-echo "                   OSF SIA support: $SIA_MSG"
-echo "                 KerberosV support: $KRB5_MSG"
-echo "                   SELinux support: $SELINUX_MSG"
-echo "                 Smartcard support: $SCARD_MSG"
-echo "                     S/KEY support: $SKEY_MSG"
-echo "              TCP Wrappers support: $TCPW_MSG"
-echo "              MD5 password support: $MD5_MSG"
-echo "                   libedit support: $LIBEDIT_MSG"
-echo "  Solaris process contract support: $SPC_MSG"
-echo "           Solaris project support: $SP_MSG"
-echo "       IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG"
-echo "           Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG"
-echo "                  BSD Auth support: $BSD_AUTH_MSG"
-echo "              Random number source: $RAND_MSG"
-echo "             Privsep sandbox style: $SANDBOX_STYLE"
-
-echo ""
-
-echo "              Host: ${host}"
-echo "          Compiler: ${CC}"
-echo "    Compiler flags: ${CFLAGS}"
-echo "Preprocessor flags: ${CPPFLAGS}"
-echo "      Linker flags: ${LDFLAGS}"
-echo "         Libraries: ${LIBS}"
-if test ! -z "${SSHDLIBS}"; then
-echo "         +for sshd: ${SSHDLIBS}"
-fi
-if test ! -z "${SSHLIBS}"; then
-echo "          +for ssh: ${SSHLIBS}"
-fi
-
-echo ""
-
-if test "x$MAKE_PACKAGE_SUPPORTED" = "xyes" ; then
-	echo "SVR4 style packages are supported with \"make package\""
-	echo ""
-fi
-
-if test "x$PAM_MSG" = "xyes" ; then
-	echo "PAM is enabled. You may need to install a PAM control file "
-	echo "for sshd, otherwise password authentication may fail. "
-	echo "Example PAM control files can be found in the contrib/ "
-	echo "subdirectory"
-	echo ""
-fi
-
-if test ! -z "$NO_PEERCHECK" ; then
-	echo "WARNING: the operating system that you are using does not"
-	echo "appear to support getpeereid(), getpeerucred() or the"
-	echo "SO_PEERCRED getsockopt() option. These facilities are used to"
-	echo "enforce security checks to prevent unauthorised connections to"
-	echo "ssh-agent. Their absence increases the risk that a malicious"
-	echo "user can connect to your agent."
-	echo ""
-fi
-
-if test "$AUDIT_MODULE" = "bsm" ; then
-	echo "WARNING: BSM audit support is currently considered EXPERIMENTAL."
-	echo "See the Solaris section in README.platform for details."
-fi
diff --git a/crypto/openssh/configure.ac b/crypto/openssh/configure.ac
index 5ab3670..ddc9a8a 100644
--- a/crypto/openssh/configure.ac
+++ b/crypto/openssh/configure.ac
@@ -1,4 +1,5 @@
 # $Id: configure.ac,v 1.583 2014/08/26 20:32:01 djm Exp $
+# $FreeBSD$
 #
 # Copyright (c) 1999-2004 Damien Miller
 #
@@ -1736,7 +1737,6 @@ AC_CHECK_FUNCS([ \
 	pstat \
 	readpassphrase \
 	reallocarray \
-	realpath \
 	recvmsg \
 	rresvport_af \
 	sendmsg \
@@ -1953,6 +1953,32 @@ AC_CHECK_FUNCS([setresgid], [
 	)
 ])
 
+AC_CHECK_FUNCS([realpath], [
+	dnl the sftp v3 spec says SSH_FXP_REALPATH will "canonicalize any given
+	dnl path name", however some implementations of realpath (and some
+	dnl versions of the POSIX spec) do not work on non-existent files,
+	dnl so we use the OpenBSD implementation on those platforms.
+	AC_MSG_CHECKING([if realpath works with non-existent files])
+	AC_RUN_IFELSE(
+		[AC_LANG_PROGRAM([[
+#include <limits.h>
+#include <stdlib.h>
+#include <errno.h>
+		]], [[
+		char buf[PATH_MAX];
+		if (realpath("/opensshnonexistentfilename1234", buf) == NULL)
+			if (errno == ENOENT)
+				exit(1);
+		exit(0);
+		]])],
+		[AC_MSG_RESULT([yes])],
+		[AC_DEFINE([BROKEN_REALPATH], [1],
+			[realpath does not work with nonexistent files])
+		 AC_MSG_RESULT([no])],
+		[AC_MSG_WARN([cross compiling: assuming working])]
+	)
+])
+
 dnl    Checks for time functions
 AC_CHECK_FUNCS([gettimeofday time])
 dnl    Checks for utmp functions
diff --git a/crypto/openssh/contrib/README b/crypto/openssh/contrib/README
index c002238..60e19ba 100644
--- a/crypto/openssh/contrib/README
+++ b/crypto/openssh/contrib/README
@@ -11,7 +11,7 @@ which allows the use of outbound SSH from behind a SOCKS4, SOCKS5 or
 https CONNECT style proxy server. His page for connect.c has extensive
 documentation on its use as well as compiled versions for Win32.
 
-http://www.taiyo.co.jp/~gotoh/ssh/connect.html
+https://bitbucket.org/gotoh/connect/wiki/Home
 
 
 X11 SSH Askpass:
diff --git a/crypto/openssh/contrib/redhat/openssh.spec b/crypto/openssh/contrib/redhat/openssh.spec
index b9aaca5..4c55227 100644
--- a/crypto/openssh/contrib/redhat/openssh.spec
+++ b/crypto/openssh/contrib/redhat/openssh.spec
@@ -1,4 +1,4 @@
-%define ver 6.9p1
+%define ver 7.1p2
 %define rel 1
 
 # OpenSSH privilege separation requires a user & group ID
diff --git a/crypto/openssh/contrib/suse/openssh.spec b/crypto/openssh/contrib/suse/openssh.spec
index c29c3f7..3ee5268 100644
--- a/crypto/openssh/contrib/suse/openssh.spec
+++ b/crypto/openssh/contrib/suse/openssh.spec
@@ -13,7 +13,7 @@
 
 Summary:	OpenSSH, a free Secure Shell (SSH) protocol implementation
 Name:		openssh
-Version:	6.9p1
+Version:	7.1p2
 URL:		http://www.openssh.com/
 Release:	1
 Source0:	openssh-%{version}.tar.gz
diff --git a/crypto/openssh/dns.c b/crypto/openssh/dns.c
index f201b60..e813afe 100644
--- a/crypto/openssh/dns.c
+++ b/crypto/openssh/dns.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: dns.c,v 1.34 2015/01/28 22:36:00 djm Exp $ */
+/* $OpenBSD: dns.c,v 1.35 2015/08/20 22:32:42 deraadt Exp $ */
 
 /*
  * Copyright (c) 2003 Wesley Griffin. All rights reserved.
@@ -154,7 +154,7 @@ dns_read_rdata(u_int8_t *algorithm, u_int8_t *digest_type,
 		*digest_len = rdata_len - 2;
 
 		if (*digest_len > 0) {
-			*digest = (u_char *) xmalloc(*digest_len);
+			*digest = xmalloc(*digest_len);
 			memcpy(*digest, rdata + 2, *digest_len);
 		} else {
 			*digest = (u_char *)xstrdup("");
diff --git a/crypto/openssh/freebsd-configure.sh b/crypto/openssh/freebsd-configure.sh
index dd336bd..0f37eb9 100755
--- a/crypto/openssh/freebsd-configure.sh
+++ b/crypto/openssh/freebsd-configure.sh
@@ -7,6 +7,7 @@ configure_args="
     --prefix=/usr
     --sysconfdir=/etc/ssh
     --with-pam
+    --with-ssl-dir=/usr
     --with-tcp-wrappers
     --with-libedit
     --with-ssl-engine
@@ -18,11 +19,16 @@ set -e
 # make sure configure uses the correct compiler
 export CC=$(echo ".include <bsd.lib.mk>" | make -f /dev/stdin -VCC)
 export CPP=$(echo ".include <bsd.lib.mk>" | make -f /dev/stdin -VCPP)
+unset CFLAGS CPPFLAGS LDFLAGS LIBS
 
 # regenerate configure and config.h.in
 autoheader
 autoconf
 
+# reset PATH to avoid picking up the wrong libraries
+export PATH=/bin:/sbin:/usr/bin:/usr/sbin
+unset LD_LIBRARY_PATH
+
 # generate config.h with krb5 and stash it
 sh configure $configure_args --with-kerberos5
 mv config.log config.log.orig
diff --git a/crypto/openssh/kex.c b/crypto/openssh/kex.c
index dbc55ef..b777b7d 100644
--- a/crypto/openssh/kex.c
+++ b/crypto/openssh/kex.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: kex.c,v 1.106 2015/04/17 13:25:52 djm Exp $ */
+/* $OpenBSD: kex.c,v 1.109 2015/07/30 00:01:34 djm Exp $ */
 /*
  * Copyright (c) 2000, 2001 Markus Friedl.  All rights reserved.
  *
@@ -155,6 +155,68 @@ kex_names_valid(const char *names)
 	return 1;
 }
 
+/*
+ * Concatenate algorithm names, avoiding duplicates in the process.
+ * Caller must free returned string.
+ */
+char *
+kex_names_cat(const char *a, const char *b)
+{
+	char *ret = NULL, *tmp = NULL, *cp, *p;
+	size_t len;
+
+	if (a == NULL || *a == '\0')
+		return NULL;
+	if (b == NULL || *b == '\0')
+		return strdup(a);
+	if (strlen(b) > 1024*1024)
+		return NULL;
+	len = strlen(a) + strlen(b) + 2;
+	if ((tmp = cp = strdup(b)) == NULL ||
+	    (ret = calloc(1, len)) == NULL) {
+		free(tmp);
+		return NULL;
+	}
+	strlcpy(ret, a, len);
+	for ((p = strsep(&cp, ",")); p && *p != '\0'; (p = strsep(&cp, ","))) {
+		if (match_list(ret, p, NULL) != NULL)
+			continue; /* Algorithm already present */
+		if (strlcat(ret, ",", len) >= len ||
+		    strlcat(ret, p, len) >= len) {
+			free(tmp);
+			free(ret);
+			return NULL; /* Shouldn't happen */
+		}
+	}
+	free(tmp);
+	return ret;
+}
+
+/*
+ * Assemble a list of algorithms from a default list and a string from a
+ * configuration file. The user-provided string may begin with '+' to
+ * indicate that it should be appended to the default.
+ */
+int
+kex_assemble_names(const char *def, char **list)
+{
+	char *ret;
+
+	if (list == NULL || *list == NULL || **list == '\0') {
+		*list = strdup(def);
+		return 0;
+	}
+	if (**list != '+') {
+		return 0;
+	}
+
+	if ((ret = kex_names_cat(def, *list + 1)) == NULL)
+		return SSH_ERR_ALLOC_FAIL;
+	free(*list);
+	*list = ret;
+	return 0;
+}
+
 /* put algorithm proposal into buffer */
 int
 kex_prop2buf(struct sshbuf *b, char *proposal[PROPOSAL_MAX])
@@ -208,13 +270,13 @@ kex_buf2prop(struct sshbuf *raw, int *first_kex_follows, char ***propp)
 		debug2("kex_parse_kexinit: %s", proposal[i]);
 	}
 	/* first kex follows / reserved */
-	if ((r = sshbuf_get_u8(b, &v)) != 0 ||
-	    (r = sshbuf_get_u32(b, &i)) != 0)
+	if ((r = sshbuf_get_u8(b, &v)) != 0 ||	/* first_kex_follows */
+	    (r = sshbuf_get_u32(b, &i)) != 0)	/* reserved */
 		goto out;
 	if (first_kex_follows != NULL)
-		*first_kex_follows = i;
-	debug2("kex_parse_kexinit: first_kex_follows %d ", v);
-	debug2("kex_parse_kexinit: reserved %u ", i);
+		*first_kex_follows = v;
+	debug2("first_kex_follows %d ", v);
+	debug2("reserved %u ", i);
 	r = 0;
 	*propp = proposal;
  out:
@@ -448,6 +510,7 @@ kex_free(struct kex *kex)
 	free(kex->session_id);
 	free(kex->client_version_string);
 	free(kex->server_version_string);
+	free(kex->failed_choice);
 	free(kex);
 }
 
@@ -626,17 +689,26 @@ kex_choose_conf(struct ssh *ssh)
 		nmac  = ctos ? PROPOSAL_MAC_ALGS_CTOS  : PROPOSAL_MAC_ALGS_STOC;
 		ncomp = ctos ? PROPOSAL_COMP_ALGS_CTOS : PROPOSAL_COMP_ALGS_STOC;
 		if ((r = choose_enc(&newkeys->enc, cprop[nenc],
-		    sprop[nenc])) != 0)
+		    sprop[nenc])) != 0) {
+			kex->failed_choice = peer[nenc];
+			peer[nenc] = NULL;
 			goto out;
+		}
 		authlen = cipher_authlen(newkeys->enc.cipher);
 		/* ignore mac for authenticated encryption */
 		if (authlen == 0 &&
 		    (r = choose_mac(ssh, &newkeys->mac, cprop[nmac],
-		    sprop[nmac])) != 0)
+		    sprop[nmac])) != 0) {
+			kex->failed_choice = peer[nmac];
+			peer[nmac] = NULL;
 			goto out;
+		}
 		if ((r = choose_comp(&newkeys->comp, cprop[ncomp],
-		    sprop[ncomp])) != 0)
+		    sprop[ncomp])) != 0) {
+			kex->failed_choice = peer[ncomp];
+			peer[ncomp] = NULL;
 			goto out;
+		}
 		debug("kex: %s %s %s %s",
 		    ctos ? "client->server" : "server->client",
 		    newkeys->enc.name,
@@ -644,10 +716,17 @@ kex_choose_conf(struct ssh *ssh)
 		    newkeys->comp.name);
 	}
 	if ((r = choose_kex(kex, cprop[PROPOSAL_KEX_ALGS],
-	    sprop[PROPOSAL_KEX_ALGS])) != 0 ||
-	    (r = choose_hostkeyalg(kex, cprop[PROPOSAL_SERVER_HOST_KEY_ALGS],
-	    sprop[PROPOSAL_SERVER_HOST_KEY_ALGS])) != 0)
+	    sprop[PROPOSAL_KEX_ALGS])) != 0) {
+		kex->failed_choice = peer[PROPOSAL_KEX_ALGS];
+		peer[PROPOSAL_KEX_ALGS] = NULL;
 		goto out;
+	}
+	if ((r = choose_hostkeyalg(kex, cprop[PROPOSAL_SERVER_HOST_KEY_ALGS],
+	    sprop[PROPOSAL_SERVER_HOST_KEY_ALGS])) != 0) {
+		kex->failed_choice = peer[PROPOSAL_SERVER_HOST_KEY_ALGS];
+		peer[PROPOSAL_SERVER_HOST_KEY_ALGS] = NULL;
+		goto out;
+	}
 	need = dh_need = 0;
 	for (mode = 0; mode < MODE_MAX; mode++) {
 		newkeys = kex->newkeys[mode];
diff --git a/crypto/openssh/kex.h b/crypto/openssh/kex.h
index f70b81f..d71b532 100644
--- a/crypto/openssh/kex.h
+++ b/crypto/openssh/kex.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: kex.h,v 1.71 2015/02/16 22:13:32 djm Exp $ */
+/* $OpenBSD: kex.h,v 1.73 2015/07/30 00:01:34 djm Exp $ */
 
 /*
  * Copyright (c) 2000, 2001 Markus Friedl.  All rights reserved.
@@ -141,6 +141,7 @@ struct kex {
 	int	ec_nid;
 	char	*client_version_string;
 	char	*server_version_string;
+	char	*failed_choice;
 	int	(*verify_host_key)(struct sshkey *, struct ssh *);
 	struct sshkey *(*load_host_public_key)(int, int, struct ssh *);
 	struct sshkey *(*load_host_private_key)(int, int, struct ssh *);
@@ -159,6 +160,8 @@ struct kex {
 
 int	 kex_names_valid(const char *);
 char	*kex_alg_list(char);
+char	*kex_names_cat(const char *, const char *);
+int	 kex_assemble_names(const char *, char **);
 
 int	 kex_new(struct ssh *, char *[PROPOSAL_MAX], struct kex **);
 int	 kex_setup(struct ssh *, char *[PROPOSAL_MAX]);
diff --git a/crypto/openssh/key.c b/crypto/openssh/key.c
index bbe027b..0ba98b6 100644
--- a/crypto/openssh/key.c
+++ b/crypto/openssh/key.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: key.c,v 1.127 2015/01/28 22:36:00 djm Exp $ */
+/* $OpenBSD: key.c,v 1.128 2015/07/03 03:43:18 djm Exp $ */
 /*
  * placed in the public domain
  */
@@ -184,11 +184,11 @@ key_demote(const Key *k)
 }
 
 int
-key_to_certified(Key *k, int legacy)
+key_to_certified(Key *k)
 {
 	int r;
 
-	if ((r = sshkey_to_certified(k, legacy)) != 0) {
+	if ((r = sshkey_to_certified(k)) != 0) {
 		fatal_on_fatal_errors(r, __func__, 0);
 		error("%s: %s", __func__, ssh_err(r));
 		return -1;
diff --git a/crypto/openssh/key.h b/crypto/openssh/key.h
index 89fd5cf..903bdf6 100644
--- a/crypto/openssh/key.h
+++ b/crypto/openssh/key.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: key.h,v 1.47 2015/01/28 22:36:00 djm Exp $ */
+/* $OpenBSD: key.h,v 1.48 2015/07/03 03:43:18 djm Exp $ */
 
 /*
  * Copyright (c) 2000, 2001 Markus Friedl.  All rights reserved.
@@ -51,7 +51,6 @@ typedef struct sshkey Key;
 #define key_ecdsa_key_to_nid	sshkey_ecdsa_key_to_nid
 #define key_is_cert		sshkey_is_cert
 #define key_type_plain		sshkey_type_plain
-#define key_cert_is_legacy	sshkey_cert_is_legacy
 #define key_curve_name_to_nid	sshkey_curve_name_to_nid
 #define key_curve_nid_to_bits	sshkey_curve_nid_to_bits
 #define key_curve_nid_to_name	sshkey_curve_nid_to_name
@@ -69,7 +68,7 @@ int	 key_read(Key *, char **);
 
 Key	*key_generate(int, u_int);
 Key	*key_from_private(const Key *);
-int	 key_to_certified(Key *, int);
+int	 key_to_certified(Key *);
 int	 key_drop_cert(Key *);
 int	 key_certify(Key *, Key *);
 void	 key_cert_copy(const Key *, Key *);
diff --git a/crypto/openssh/krl.c b/crypto/openssh/krl.c
index a98252e..4075df8 100644
--- a/crypto/openssh/krl.c
+++ b/crypto/openssh/krl.c
@@ -14,7 +14,7 @@
  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 
-/* $OpenBSD: krl.c,v 1.32 2015/06/24 23:47:23 djm Exp $ */
+/* $OpenBSD: krl.c,v 1.33 2015/07/03 03:43:18 djm Exp $ */
 
 #include "includes.h"
 
@@ -429,7 +429,7 @@ ssh_krl_revoke_key(struct ssh_krl *krl, const struct sshkey *key)
 	if (!sshkey_is_cert(key))
 		return ssh_krl_revoke_key_sha1(krl, key);
 
-	if (sshkey_cert_is_legacy(key) || key->cert->serial == 0) {
+	if (key->cert->serial == 0) {
 		return ssh_krl_revoke_cert_by_key_id(krl,
 		    key->cert->signature_key,
 		    key->cert->key_id);
@@ -1180,10 +1180,10 @@ is_cert_revoked(const struct sshkey *key, struct revoked_certs *rc)
 	}
 
 	/*
-	 * Legacy cert formats lack serial numbers. Zero serials numbers
-	 * are ignored (it's the default when the CA doesn't specify one).
+	 * Zero serials numbers are ignored (it's the default when the
+	 * CA doesn't specify one).
 	 */
-	if (sshkey_cert_is_legacy(key) || key->cert->serial == 0)
+	if (key->cert->serial == 0)
 		return 0;
 
 	memset(&rs, 0, sizeof(rs));
diff --git a/crypto/openssh/log.c b/crypto/openssh/log.c
index 32e1d2e..ad12930 100644
--- a/crypto/openssh/log.c
+++ b/crypto/openssh/log.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: log.c,v 1.45 2013/05/16 09:08:41 dtucker Exp $ */
+/* $OpenBSD: log.c,v 1.46 2015/07/08 19:04:21 markus Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -50,7 +50,6 @@
 # include <vis.h>
 #endif
 
-#include "xmalloc.h"
 #include "log.h"
 
 static LogLevel log_level = SYSLOG_LEVEL_INFO;
diff --git a/crypto/openssh/misc.c b/crypto/openssh/misc.c
index c873a7d..ddd2b2d 100644
--- a/crypto/openssh/misc.c
+++ b/crypto/openssh/misc.c
@@ -25,7 +25,6 @@
  */
 
 #include "includes.h"
-__RCSID("$FreeBSD$");
 
 #include <sys/types.h>
 #include <sys/ioctl.h>
diff --git a/crypto/openssh/misc.h b/crypto/openssh/misc.h
index 6f81976..374c33c 100644
--- a/crypto/openssh/misc.h
+++ b/crypto/openssh/misc.h
@@ -1,5 +1,4 @@
 /* $OpenBSD: misc.h,v 1.54 2014/07/15 15:54:14 millert Exp $ */
-/* $FreeBSD$ */
 
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
diff --git a/crypto/openssh/moduli b/crypto/openssh/moduli
index 6bb25c9..426a58f 100644
--- a/crypto/openssh/moduli
+++ b/crypto/openssh/moduli
@@ -1,247 +1,268 @@
-#    $OpenBSD: moduli,v 1.13 2015/05/28 00:03:06 dtucker Exp $
+#    $OpenBSD: moduli,v 1.14 2015/07/22 02:34:59 dtucker Exp $
 # Time Type Tests Tries Size Generator Modulus
-20150520234251 2 6 100 1535 2 F8F4A446A6C7196643612A6C5CC26A47E491FB737740D68BBEBF0130F7AAADC59075781FB1723B644C0ADCE548C02E726DE5233C484FB4481F3EF3ED0585A0D687B2E0A6987AD2BC910754FC1A1E06B87710CFF0BC2E9868BA15BA20C103D3DCA6B65D8D0182B277F7CAE61D83A785BDD0B3CE471B4B8FAB224438D7A6772130167110AFD1FF584861996117F67B41CF3D2D5FAB020F2EB7F53E299AACF98797AEB6BAC3F0BB892DB4E4F8CDDE28C112C73EB556D0C381C6B9CC78A740BE2123
-20150520234255 2 6 100 1535 5 F8F4A446A6C7196643612A6C5CC26A47E491FB737740D68BBEBF0130F7AAADC59075781FB1723B644C0ADCE548C02E726DE5233C484FB4481F3EF3ED0585A0D687B2E0A6987AD2BC910754FC1A1E06B87710CFF0BC2E9868BA15BA20C103D3DCA6B65D8D0182B277F7CAE61D83A785BDD0B3CE471B4B8FAB224438D7A6772130167110AFD1FF584861996117F67B41CF3D2D5FAB020F2EB7F53E299AACF98797AEB6BAC3F0BB892DB4E4F8CDDE28C112C73EB556D0C381C6B9CC78A740D85877
-20150520234257 2 6 100 1535 2 F8F4A446A6C7196643612A6C5CC26A47E491FB737740D68BBEBF0130F7AAADC59075781FB1723B644C0ADCE548C02E726DE5233C484FB4481F3EF3ED0585A0D687B2E0A6987AD2BC910754FC1A1E06B87710CFF0BC2E9868BA15BA20C103D3DCA6B65D8D0182B277F7CAE61D83A785BDD0B3CE471B4B8FAB224438D7A6772130167110AFD1FF584861996117F67B41CF3D2D5FAB020F2EB7F53E299AACF98797AEB6BAC3F0BB892DB4E4F8CDDE28C112C73EB556D0C381C6B9CC78A740E6494B
-20150520234301 2 6 100 1535 2 F8F4A446A6C7196643612A6C5CC26A47E491FB737740D68BBEBF0130F7AAADC59075781FB1723B644C0ADCE548C02E726DE5233C484FB4481F3EF3ED0585A0D687B2E0A6987AD2BC910754FC1A1E06B87710CFF0BC2E9868BA15BA20C103D3DCA6B65D8D0182B277F7CAE61D83A785BDD0B3CE471B4B8FAB224438D7A6772130167110AFD1FF584861996117F67B41CF3D2D5FAB020F2EB7F53E299AACF98797AEB6BAC3F0BB892DB4E4F8CDDE28C112C73EB556D0C381C6B9CC78A741120F9B
-20150520234303 2 6 100 1535 2 F8F4A446A6C7196643612A6C5CC26A47E491FB737740D68BBEBF0130F7AAADC59075781FB1723B644C0ADCE548C02E726DE5233C484FB4481F3EF3ED0585A0D687B2E0A6987AD2BC910754FC1A1E06B87710CFF0BC2E9868BA15BA20C103D3DCA6B65D8D0182B277F7CAE61D83A785BDD0B3CE471B4B8FAB224438D7A6772130167110AFD1FF584861996117F67B41CF3D2D5FAB020F2EB7F53E299AACF98797AEB6BAC3F0BB892DB4E4F8CDDE28C112C73EB556D0C381C6B9CC78A7411EAC5B
-20150520234304 2 6 100 1535 2 F8F4A446A6C7196643612A6C5CC26A47E491FB737740D68BBEBF0130F7AAADC59075781FB1723B644C0ADCE548C02E726DE5233C484FB4481F3EF3ED0585A0D687B2E0A6987AD2BC910754FC1A1E06B87710CFF0BC2E9868BA15BA20C103D3DCA6B65D8D0182B277F7CAE61D83A785BDD0B3CE471B4B8FAB224438D7A6772130167110AFD1FF584861996117F67B41CF3D2D5FAB020F2EB7F53E299AACF98797AEB6BAC3F0BB892DB4E4F8CDDE28C112C73EB556D0C381C6B9CC78A7412579DB
-20150520234311 2 6 100 1535 2 F8F4A446A6C7196643612A6C5CC26A47E491FB737740D68BBEBF0130F7AAADC59075781FB1723B644C0ADCE548C02E726DE5233C484FB4481F3EF3ED0585A0D687B2E0A6987AD2BC910754FC1A1E06B87710CFF0BC2E9868BA15BA20C103D3DCA6B65D8D0182B277F7CAE61D83A785BDD0B3CE471B4B8FAB224438D7A6772130167110AFD1FF584861996117F67B41CF3D2D5FAB020F2EB7F53E299AACF98797AEB6BAC3F0BB892DB4E4F8CDDE28C112C73EB556D0C381C6B9CC78A74167053B
-20150520234312 2 6 100 1535 2 F8F4A446A6C7196643612A6C5CC26A47E491FB737740D68BBEBF0130F7AAADC59075781FB1723B644C0ADCE548C02E726DE5233C484FB4481F3EF3ED0585A0D687B2E0A6987AD2BC910754FC1A1E06B87710CFF0BC2E9868BA15BA20C103D3DCA6B65D8D0182B277F7CAE61D83A785BDD0B3CE471B4B8FAB224438D7A6772130167110AFD1FF584861996117F67B41CF3D2D5FAB020F2EB7F53E299AACF98797AEB6BAC3F0BB892DB4E4F8CDDE28C112C73EB556D0C381C6B9CC78A74169B303
-20150520234318 2 6 100 1535 5 F8F4A446A6C7196643612A6C5CC26A47E491FB737740D68BBEBF0130F7AAADC59075781FB1723B644C0ADCE548C02E726DE5233C484FB4481F3EF3ED0585A0D687B2E0A6987AD2BC910754FC1A1E06B87710CFF0BC2E9868BA15BA20C103D3DCA6B65D8D0182B277F7CAE61D83A785BDD0B3CE471B4B8FAB224438D7A6772130167110AFD1FF584861996117F67B41CF3D2D5FAB020F2EB7F53E299AACF98797AEB6BAC3F0BB892DB4E4F8CDDE28C112C73EB556D0C381C6B9CC78A741A3D69F
-20150520234322 2 6 100 1535 2 F8F4A446A6C7196643612A6C5CC26A47E491FB737740D68BBEBF0130F7AAADC59075781FB1723B644C0ADCE548C02E726DE5233C484FB4481F3EF3ED0585A0D687B2E0A6987AD2BC910754FC1A1E06B87710CFF0BC2E9868BA15BA20C103D3DCA6B65D8D0182B277F7CAE61D83A785BDD0B3CE471B4B8FAB224438D7A6772130167110AFD1FF584861996117F67B41CF3D2D5FAB020F2EB7F53E299AACF98797AEB6BAC3F0BB892DB4E4F8CDDE28C112C73EB556D0C381C6B9CC78A741C07E23
-20150520234330 2 6 100 1535 2 F8F4A446A6C7196643612A6C5CC26A47E491FB737740D68BBEBF0130F7AAADC59075781FB1723B644C0ADCE548C02E726DE5233C484FB4481F3EF3ED0585A0D687B2E0A6987AD2BC910754FC1A1E06B87710CFF0BC2E9868BA15BA20C103D3DCA6B65D8D0182B277F7CAE61D83A785BDD0B3CE471B4B8FAB224438D7A6772130167110AFD1FF584861996117F67B41CF3D2D5FAB020F2EB7F53E299AACF98797AEB6BAC3F0BB892DB4E4F8CDDE28C112C73EB556D0C381C6B9CC78A7420B48E3
-20150520234331 2 6 100 1535 2 F8F4A446A6C7196643612A6C5CC26A47E491FB737740D68BBEBF0130F7AAADC59075781FB1723B644C0ADCE548C02E726DE5233C484FB4481F3EF3ED0585A0D687B2E0A6987AD2BC910754FC1A1E06B87710CFF0BC2E9868BA15BA20C103D3DCA6B65D8D0182B277F7CAE61D83A785BDD0B3CE471B4B8FAB224438D7A6772130167110AFD1FF584861996117F67B41CF3D2D5FAB020F2EB7F53E299AACF98797AEB6BAC3F0BB892DB4E4F8CDDE28C112C73EB556D0C381C6B9CC78A74215059B
-20150520234336 2 6 100 1535 2 F8F4A446A6C7196643612A6C5CC26A47E491FB737740D68BBEBF0130F7AAADC59075781FB1723B644C0ADCE548C02E726DE5233C484FB4481F3EF3ED0585A0D687B2E0A6987AD2BC910754FC1A1E06B87710CFF0BC2E9868BA15BA20C103D3DCA6B65D8D0182B277F7CAE61D83A785BDD0B3CE471B4B8FAB224438D7A6772130167110AFD1FF584861996117F67B41CF3D2D5FAB020F2EB7F53E299AACF98797AEB6BAC3F0BB892DB4E4F8CDDE28C112C73EB556D0C381C6B9CC78A74240BD03
-20150520234338 2 6 100 1535 2 F8F4A446A6C7196643612A6C5CC26A47E491FB737740D68BBEBF0130F7AAADC59075781FB1723B644C0ADCE548C02E726DE5233C484FB4481F3EF3ED0585A0D687B2E0A6987AD2BC910754FC1A1E06B87710CFF0BC2E9868BA15BA20C103D3DCA6B65D8D0182B277F7CAE61D83A785BDD0B3CE471B4B8FAB224438D7A6772130167110AFD1FF584861996117F67B41CF3D2D5FAB020F2EB7F53E299AACF98797AEB6BAC3F0BB892DB4E4F8CDDE28C112C73EB556D0C381C6B9CC78A7424D70BB
-20150520234341 2 6 100 1535 2 F8F4A446A6C7196643612A6C5CC26A47E491FB737740D68BBEBF0130F7AAADC59075781FB1723B644C0ADCE548C02E726DE5233C484FB4481F3EF3ED0585A0D687B2E0A6987AD2BC910754FC1A1E06B87710CFF0BC2E9868BA15BA20C103D3DCA6B65D8D0182B277F7CAE61D83A785BDD0B3CE471B4B8FAB224438D7A6772130167110AFD1FF584861996117F67B41CF3D2D5FAB020F2EB7F53E299AACF98797AEB6BAC3F0BB892DB4E4F8CDDE28C112C73EB556D0C381C6B9CC78A7425C6CE3
-20150520234342 2 6 100 1535 2 F8F4A446A6C7196643612A6C5CC26A47E491FB737740D68BBEBF0130F7AAADC59075781FB1723B644C0ADCE548C02E726DE5233C484FB4481F3EF3ED0585A0D687B2E0A6987AD2BC910754FC1A1E06B87710CFF0BC2E9868BA15BA20C103D3DCA6B65D8D0182B277F7CAE61D83A785BDD0B3CE471B4B8FAB224438D7A6772130167110AFD1FF584861996117F67B41CF3D2D5FAB020F2EB7F53E299AACF98797AEB6BAC3F0BB892DB4E4F8CDDE28C112C73EB556D0C381C6B9CC78A74264FA9B
-20150520234343 2 6 100 1535 2 F8F4A446A6C7196643612A6C5CC26A47E491FB737740D68BBEBF0130F7AAADC59075781FB1723B644C0ADCE548C02E726DE5233C484FB4481F3EF3ED0585A0D687B2E0A6987AD2BC910754FC1A1E06B87710CFF0BC2E9868BA15BA20C103D3DCA6B65D8D0182B277F7CAE61D83A785BDD0B3CE471B4B8FAB224438D7A6772130167110AFD1FF584861996117F67B41CF3D2D5FAB020F2EB7F53E299AACF98797AEB6BAC3F0BB892DB4E4F8CDDE28C112C73EB556D0C381C6B9CC78A7426BB34B
-20150520234346 2 6 100 1535 2 F8F4A446A6C7196643612A6C5CC26A47E491FB737740D68BBEBF0130F7AAADC59075781FB1723B644C0ADCE548C02E726DE5233C484FB4481F3EF3ED0585A0D687B2E0A6987AD2BC910754FC1A1E06B87710CFF0BC2E9868BA15BA20C103D3DCA6B65D8D0182B277F7CAE61D83A785BDD0B3CE471B4B8FAB224438D7A6772130167110AFD1FF584861996117F67B41CF3D2D5FAB020F2EB7F53E299AACF98797AEB6BAC3F0BB892DB4E4F8CDDE28C112C73EB556D0C381C6B9CC78A74285D9E3
-20150520234347 2 6 100 1535 2 F8F4A446A6C7196643612A6C5CC26A47E491FB737740D68BBEBF0130F7AAADC59075781FB1723B644C0ADCE548C02E726DE5233C484FB4481F3EF3ED0585A0D687B2E0A6987AD2BC910754FC1A1E06B87710CFF0BC2E9868BA15BA20C103D3DCA6B65D8D0182B277F7CAE61D83A785BDD0B3CE471B4B8FAB224438D7A6772130167110AFD1FF584861996117F67B41CF3D2D5FAB020F2EB7F53E299AACF98797AEB6BAC3F0BB892DB4E4F8CDDE28C112C73EB556D0C381C6B9CC78A742878293
-20150520234348 2 6 100 1535 2 F8F4A446A6C7196643612A6C5CC26A47E491FB737740D68BBEBF0130F7AAADC59075781FB1723B644C0ADCE548C02E726DE5233C484FB4481F3EF3ED0585A0D687B2E0A6987AD2BC910754FC1A1E06B87710CFF0BC2E9868BA15BA20C103D3DCA6B65D8D0182B277F7CAE61D83A785BDD0B3CE471B4B8FAB224438D7A6772130167110AFD1FF584861996117F67B41CF3D2D5FAB020F2EB7F53E299AACF98797AEB6BAC3F0BB892DB4E4F8CDDE28C112C73EB556D0C381C6B9CC78A74288D143
-20150520234356 2 6 100 1535 2 F8F4A446A6C7196643612A6C5CC26A47E491FB737740D68BBEBF0130F7AAADC59075781FB1723B644C0ADCE548C02E726DE5233C484FB4481F3EF3ED0585A0D687B2E0A6987AD2BC910754FC1A1E06B87710CFF0BC2E9868BA15BA20C103D3DCA6B65D8D0182B277F7CAE61D83A785BDD0B3CE471B4B8FAB224438D7A6772130167110AFD1FF584861996117F67B41CF3D2D5FAB020F2EB7F53E299AACF98797AEB6BAC3F0BB892DB4E4F8CDDE28C112C73EB556D0C381C6B9CC78A742D55BF3
-20150520234401 2 6 100 1535 5 F8F4A446A6C7196643612A6C5CC26A47E491FB737740D68BBEBF0130F7AAADC59075781FB1723B644C0ADCE548C02E726DE5233C484FB4481F3EF3ED0585A0D687B2E0A6987AD2BC910754FC1A1E06B87710CFF0BC2E9868BA15BA20C103D3DCA6B65D8D0182B277F7CAE61D83A785BDD0B3CE471B4B8FAB224438D7A6772130167110AFD1FF584861996117F67B41CF3D2D5FAB020F2EB7F53E299AACF98797AEB6BAC3F0BB892DB4E4F8CDDE28C112C73EB556D0C381C6B9CC78A742FC8227
-20150520234410 2 6 100 1535 2 F8F4A446A6C7196643612A6C5CC26A47E491FB737740D68BBEBF0130F7AAADC59075781FB1723B644C0ADCE548C02E726DE5233C484FB4481F3EF3ED0585A0D687B2E0A6987AD2BC910754FC1A1E06B87710CFF0BC2E9868BA15BA20C103D3DCA6B65D8D0182B277F7CAE61D83A785BDD0B3CE471B4B8FAB224438D7A6772130167110AFD1FF584861996117F67B41CF3D2D5FAB020F2EB7F53E299AACF98797AEB6BAC3F0BB892DB4E4F8CDDE28C112C73EB556D0C381C6B9CC78A7436032EB
-20150520234411 2 6 100 1535 5 F8F4A446A6C7196643612A6C5CC26A47E491FB737740D68BBEBF0130F7AAADC59075781FB1723B644C0ADCE548C02E726DE5233C484FB4481F3EF3ED0585A0D687B2E0A6987AD2BC910754FC1A1E06B87710CFF0BC2E9868BA15BA20C103D3DCA6B65D8D0182B277F7CAE61D83A785BDD0B3CE471B4B8FAB224438D7A6772130167110AFD1FF584861996117F67B41CF3D2D5FAB020F2EB7F53E299AACF98797AEB6BAC3F0BB892DB4E4F8CDDE28C112C73EB556D0C381C6B9CC78A74361377F
-20150520234415 2 6 100 1535 2 F8F4A446A6C7196643612A6C5CC26A47E491FB737740D68BBEBF0130F7AAADC59075781FB1723B644C0ADCE548C02E726DE5233C484FB4481F3EF3ED0585A0D687B2E0A6987AD2BC910754FC1A1E06B87710CFF0BC2E9868BA15BA20C103D3DCA6B65D8D0182B277F7CAE61D83A785BDD0B3CE471B4B8FAB224438D7A6772130167110AFD1FF584861996117F67B41CF3D2D5FAB020F2EB7F53E299AACF98797AEB6BAC3F0BB892DB4E4F8CDDE28C112C73EB556D0C381C6B9CC78A7437CCCFB
-20150520234418 2 6 100 1535 5 F8F4A446A6C7196643612A6C5CC26A47E491FB737740D68BBEBF0130F7AAADC59075781FB1723B644C0ADCE548C02E726DE5233C484FB4481F3EF3ED0585A0D687B2E0A6987AD2BC910754FC1A1E06B87710CFF0BC2E9868BA15BA20C103D3DCA6B65D8D0182B277F7CAE61D83A785BDD0B3CE471B4B8FAB224438D7A6772130167110AFD1FF584861996117F67B41CF3D2D5FAB020F2EB7F53E299AACF98797AEB6BAC3F0BB892DB4E4F8CDDE28C112C73EB556D0C381C6B9CC78A743902C1F
-20150520234420 2 6 100 1535 2 F8F4A446A6C7196643612A6C5CC26A47E491FB737740D68BBEBF0130F7AAADC59075781FB1723B644C0ADCE548C02E726DE5233C484FB4481F3EF3ED0585A0D687B2E0A6987AD2BC910754FC1A1E06B87710CFF0BC2E9868BA15BA20C103D3DCA6B65D8D0182B277F7CAE61D83A785BDD0B3CE471B4B8FAB224438D7A6772130167110AFD1FF584861996117F67B41CF3D2D5FAB020F2EB7F53E299AACF98797AEB6BAC3F0BB892DB4E4F8CDDE28C112C73EB556D0C381C6B9CC78A7439EE5DB
-20150520234422 2 6 100 1535 5 F8F4A446A6C7196643612A6C5CC26A47E491FB737740D68BBEBF0130F7AAADC59075781FB1723B644C0ADCE548C02E726DE5233C484FB4481F3EF3ED0585A0D687B2E0A6987AD2BC910754FC1A1E06B87710CFF0BC2E9868BA15BA20C103D3DCA6B65D8D0182B277F7CAE61D83A785BDD0B3CE471B4B8FAB224438D7A6772130167110AFD1FF584861996117F67B41CF3D2D5FAB020F2EB7F53E299AACF98797AEB6BAC3F0BB892DB4E4F8CDDE28C112C73EB556D0C381C6B9CC78A743AE19BF
-20150520234430 2 6 100 1535 2 F8F4A446A6C7196643612A6C5CC26A47E491FB737740D68BBEBF0130F7AAADC59075781FB1723B644C0ADCE548C02E726DE5233C484FB4481F3EF3ED0585A0D687B2E0A6987AD2BC910754FC1A1E06B87710CFF0BC2E9868BA15BA20C103D3DCA6B65D8D0182B277F7CAE61D83A785BDD0B3CE471B4B8FAB224438D7A6772130167110AFD1FF584861996117F67B41CF3D2D5FAB020F2EB7F53E299AACF98797AEB6BAC3F0BB892DB4E4F8CDDE28C112C73EB556D0C381C6B9CC78A7440152AB
-20150520234432 2 6 100 1535 2 F8F4A446A6C7196643612A6C5CC26A47E491FB737740D68BBEBF0130F7AAADC59075781FB1723B644C0ADCE548C02E726DE5233C484FB4481F3EF3ED0585A0D687B2E0A6987AD2BC910754FC1A1E06B87710CFF0BC2E9868BA15BA20C103D3DCA6B65D8D0182B277F7CAE61D83A785BDD0B3CE471B4B8FAB224438D7A6772130167110AFD1FF584861996117F67B41CF3D2D5FAB020F2EB7F53E299AACF98797AEB6BAC3F0BB892DB4E4F8CDDE28C112C73EB556D0C381C6B9CC78A7440C2F63
-20150520234434 2 6 100 1535 2 F8F4A446A6C7196643612A6C5CC26A47E491FB737740D68BBEBF0130F7AAADC59075781FB1723B644C0ADCE548C02E726DE5233C484FB4481F3EF3ED0585A0D687B2E0A6987AD2BC910754FC1A1E06B87710CFF0BC2E9868BA15BA20C103D3DCA6B65D8D0182B277F7CAE61D83A785BDD0B3CE471B4B8FAB224438D7A6772130167110AFD1FF584861996117F67B41CF3D2D5FAB020F2EB7F53E299AACF98797AEB6BAC3F0BB892DB4E4F8CDDE28C112C73EB556D0C381C6B9CC78A7441FBDEB
-20150520234436 2 6 100 1535 5 F8F4A446A6C7196643612A6C5CC26A47E491FB737740D68BBEBF0130F7AAADC59075781FB1723B644C0ADCE548C02E726DE5233C484FB4481F3EF3ED0585A0D687B2E0A6987AD2BC910754FC1A1E06B87710CFF0BC2E9868BA15BA20C103D3DCA6B65D8D0182B277F7CAE61D83A785BDD0B3CE471B4B8FAB224438D7A6772130167110AFD1FF584861996117F67B41CF3D2D5FAB020F2EB7F53E299AACF98797AEB6BAC3F0BB892DB4E4F8CDDE28C112C73EB556D0C381C6B9CC78A7442C98DF
-20150520234437 2 6 100 1535 2 F8F4A446A6C7196643612A6C5CC26A47E491FB737740D68BBEBF0130F7AAADC59075781FB1723B644C0ADCE548C02E726DE5233C484FB4481F3EF3ED0585A0D687B2E0A6987AD2BC910754FC1A1E06B87710CFF0BC2E9868BA15BA20C103D3DCA6B65D8D0182B277F7CAE61D83A785BDD0B3CE471B4B8FAB224438D7A6772130167110AFD1FF584861996117F67B41CF3D2D5FAB020F2EB7F53E299AACF98797AEB6BAC3F0BB892DB4E4F8CDDE28C112C73EB556D0C381C6B9CC78A744319703
-20150520234438 2 6 100 1535 5 F8F4A446A6C7196643612A6C5CC26A47E491FB737740D68BBEBF0130F7AAADC59075781FB1723B644C0ADCE548C02E726DE5233C484FB4481F3EF3ED0585A0D687B2E0A6987AD2BC910754FC1A1E06B87710CFF0BC2E9868BA15BA20C103D3DCA6B65D8D0182B277F7CAE61D83A785BDD0B3CE471B4B8FAB224438D7A6772130167110AFD1FF584861996117F67B41CF3D2D5FAB020F2EB7F53E299AACF98797AEB6BAC3F0BB892DB4E4F8CDDE28C112C73EB556D0C381C6B9CC78A74433E927
-20150520234444 2 6 100 1535 5 F8F4A446A6C7196643612A6C5CC26A47E491FB737740D68BBEBF0130F7AAADC59075781FB1723B644C0ADCE548C02E726DE5233C484FB4481F3EF3ED0585A0D687B2E0A6987AD2BC910754FC1A1E06B87710CFF0BC2E9868BA15BA20C103D3DCA6B65D8D0182B277F7CAE61D83A785BDD0B3CE471B4B8FAB224438D7A6772130167110AFD1FF584861996117F67B41CF3D2D5FAB020F2EB7F53E299AACF98797AEB6BAC3F0BB892DB4E4F8CDDE28C112C73EB556D0C381C6B9CC78A7446DF46F
-20150520234450 2 6 100 1535 2 F8F4A446A6C7196643612A6C5CC26A47E491FB737740D68BBEBF0130F7AAADC59075781FB1723B644C0ADCE548C02E726DE5233C484FB4481F3EF3ED0585A0D687B2E0A6987AD2BC910754FC1A1E06B87710CFF0BC2E9868BA15BA20C103D3DCA6B65D8D0182B277F7CAE61D83A785BDD0B3CE471B4B8FAB224438D7A6772130167110AFD1FF584861996117F67B41CF3D2D5FAB020F2EB7F53E299AACF98797AEB6BAC3F0BB892DB4E4F8CDDE28C112C73EB556D0C381C6B9CC78A744A3488B
-20150520234455 2 6 100 1535 2 F8F4A446A6C7196643612A6C5CC26A47E491FB737740D68BBEBF0130F7AAADC59075781FB1723B644C0ADCE548C02E726DE5233C484FB4481F3EF3ED0585A0D687B2E0A6987AD2BC910754FC1A1E06B87710CFF0BC2E9868BA15BA20C103D3DCA6B65D8D0182B277F7CAE61D83A785BDD0B3CE471B4B8FAB224438D7A6772130167110AFD1FF584861996117F67B41CF3D2D5FAB020F2EB7F53E299AACF98797AEB6BAC3F0BB892DB4E4F8CDDE28C112C73EB556D0C381C6B9CC78A744CDAACB
-20150520234459 2 6 100 1535 5 F8F4A446A6C7196643612A6C5CC26A47E491FB737740D68BBEBF0130F7AAADC59075781FB1723B644C0ADCE548C02E726DE5233C484FB4481F3EF3ED0585A0D687B2E0A6987AD2BC910754FC1A1E06B87710CFF0BC2E9868BA15BA20C103D3DCA6B65D8D0182B277F7CAE61D83A785BDD0B3CE471B4B8FAB224438D7A6772130167110AFD1FF584861996117F67B41CF3D2D5FAB020F2EB7F53E299AACF98797AEB6BAC3F0BB892DB4E4F8CDDE28C112C73EB556D0C381C6B9CC78A744E9D8FF
-20150520234504 2 6 100 1535 5 F8F4A446A6C7196643612A6C5CC26A47E491FB737740D68BBEBF0130F7AAADC59075781FB1723B644C0ADCE548C02E726DE5233C484FB4481F3EF3ED0585A0D687B2E0A6987AD2BC910754FC1A1E06B87710CFF0BC2E9868BA15BA20C103D3DCA6B65D8D0182B277F7CAE61D83A785BDD0B3CE471B4B8FAB224438D7A6772130167110AFD1FF584861996117F67B41CF3D2D5FAB020F2EB7F53E299AACF98797AEB6BAC3F0BB892DB4E4F8CDDE28C112C73EB556D0C381C6B9CC78A745196237
-20150520235007 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031E9A9C5F7
-20150520235015 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031E9CBB21F
-20150520235039 2 6 100 2047 2 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EA2E9623
-20150520235043 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EA33E3DF
-20150520235057 2 6 100 2047 2 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EA68038B
-20150520235114 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EAAB0717
-20150520235122 2 6 100 2047 2 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EAC2A7FB
-20150520235125 2 6 100 2047 2 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EAC82DD3
-20150520235154 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EB40583F
-20150520235214 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EB94F247
-20150520235218 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EB9DF49F
-20150520235239 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EBF7BE27
-20150520235244 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EC0B4F4F
-20150520235250 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EC21070F
-20150520235256 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EC36541F
-20150520235307 2 6 100 2047 2 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EC5FE22B
-20150520235322 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031ECA1FB57
-20150520235331 2 6 100 2047 2 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031ECC3C823
-20150520235349 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031ED035187
-20150520235400 2 6 100 2047 2 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031ED2F07DB
-20150520235407 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031ED4620CF
-20150520235422 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031ED86D39F
-20150520235424 2 6 100 2047 2 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031ED86E683
-20150520235427 2 6 100 2047 2 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031ED8C3073
-20150520235443 2 6 100 2047 2 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EDCB1F63
-20150520235450 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EDE00B77
-20150520235452 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EDE42247
-20150520235458 2 6 100 2047 2 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EDF8F493
-20150520235503 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EE04D69F
-20150520235508 2 6 100 2047 2 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EE14B92B
-20150520235510 2 6 100 2047 2 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EE167933
-20150520235517 2 6 100 2047 2 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EE2DC63B
-20150520235527 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EE52259F
-20150520235539 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EE829247
-20150520235557 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EED044BF
-20150520235608 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EEFD34CF
-20150520235614 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EF0F709F
-20150520235616 2 6 100 2047 2 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EF12110B
-20150520235622 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EF25FE1F
-20150520235637 2 6 100 2047 2 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EF6BF4D3
-20150520235654 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EFAF28BF
-20150520235701 2 6 100 2047 2 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EFBFB8BB
-20150520235704 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EFC7A62F
-20150520235710 2 6 100 2047 2 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031EFD79323
-20150520235725 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031F0158F1F
-20150520235728 2 6 100 2047 2 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031F01A9E6B
-20150520235743 2 6 100 2047 2 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031F055798B
-20150520235752 2 6 100 2047 2 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031F0730BC3
-20150520235757 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031F08283FF
-20150520235825 2 6 100 2047 2 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031F0F451E3
-20150520235830 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031F0FDEFB7
-20150520235901 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031F1828ECF
-20150521000008 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031F185D7BF
-20150521000011 2 6 100 2047 2 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031F18C58FB
-20150521000014 2 6 100 2047 5 F7360753237CF1837003CDFE89D99C8149BE6C4B4CCD9D09D834FF137878C452FB4FAB5CA51BE6619BC6FEC4184FA9A96D21FDE83505B67262EEA4870FD709F4DD3A2EC36E5746ED80D762467E794FE524992EAC42D2F0F391A63E027F24411B231D25AEFE60C9329CE8FFB61A8A123C74F6755211C8CFD59915CE0DE28579B66CB426D111F90B19A5BD83AB8C2CAB09FB1F09509B029883BD154B82418B4F3A9EE4564E5F344D5B911C10829C1E975817EB2DFF49F34D95277897A7198C9C4921037B8AA091C380663A6D5260F98FA784565DE2D977C50A1079B485F4BE63B4E3D6A63FD8DD59704116A41CB1C7C2AAA449071BFBAFB0F867FCC031F191F757
-20150521000841 2 6 100 3071 2 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622CC7F06BB
-20150521001025 2 6 100 3071 2 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622CD1057AB
-20150521001131 2 6 100 3071 5 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622CD717D6F
-20150521001248 2 6 100 3071 5 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622CDDA85F7
-20150521001453 2 6 100 3071 5 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622CE8959BF
-20150521001510 2 6 100 3071 2 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622CE98227B
-20150521001623 2 6 100 3071 5 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622CEF967BF
-20150521001651 2 6 100 3071 2 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622CF18156B
-20150521001758 2 6 100 3071 5 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622CF717197
-20150521001924 2 6 100 3071 2 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622CFE1507B
-20150521002244 2 6 100 3071 5 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622D0F75427
-20150521002509 2 6 100 3071 2 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622D1BD2823
-20150521002808 2 6 100 3071 5 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622D2B4950F
-20150521002846 2 6 100 3071 5 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622D2E6D6D7
-20150521003203 2 6 100 3071 2 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622D3F5D0D3
-20150521003322 2 6 100 3071 2 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622D45851E3
-20150521003430 2 6 100 3071 5 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622D4AEE517
-20150521003629 2 6 100 3071 2 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622D5538E0B
-20150521003714 2 6 100 3071 5 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622D58BAFCF
-20150521003722 2 6 100 3071 5 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622D5916FC7
-20150521003739 2 6 100 3071 5 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622D5A378F7
-20150521004506 2 6 100 3071 2 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622D82B5113
-20150521004613 2 6 100 3071 2 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622D880CB43
-20150521004753 2 6 100 3071 2 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622D909305B
-20150521004802 2 6 100 3071 2 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622D90DBDC3
-20150521005025 2 6 100 3071 5 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622D9CBF44F
-20150521005051 2 6 100 3071 5 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622D9E89DA7
-20150521005252 2 6 100 3071 2 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622DA8BA403
-20150521005347 2 6 100 3071 2 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622DAD07F73
-20150521005825 2 6 100 3071 2 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622DC5CE5A3
-20150521005858 2 6 100 3071 5 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622DC84A597
-20150521010014 2 6 100 3071 5 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622DCE62957
-20150521010219 2 6 100 3071 5 E0C2D7F7B6E4C69A3B6632FC77BED88CAC663CE39D91DDF017816529795F33B591F80F445BE16F8FB51D11861682154B904AE2282FA0462EB6C508FD7B7AEC551A6C630FE9CC7E17E660377558E4F841CD77AABD81E6A0988823047B3A00C2E50C33035987D6EA42C65FD776051F5D43045848D4385FB37482DC9E5133D1B75E34CC81C2B87C9530F5229FF2154604A286C2E257D3A89CF330AEDBA16288E852277C5D7C6AA947B4510625312DF982A30A4D75679F707EB325CD4DF65C7A58154C6C05E28545DE69673B3EA9CCD41529A7CCEB49A3392D23E9AB083148DD956F8CA9B8CDD76496FF95B5782EE888C40EF1201EB3A52CAE1A635BBF82CD479B38DABD6DEE7A2844F8C614215B04CEBDD41039C2DC2D1CF00AFC78C0363E548FAE1DE8A7B535CC41CED767BE05F300F50C59307061ADE1CAA4614F8FEFAECE8F8C5DB3F425B348A206B0E95703EEA8785768CDB53972422C75B58A7AEA2AD9E2546EA991466E6AFE1FA157D75D3F6616DB715D10CCD6B71C73051FE622DD9517D7
-20150521011229 2 6 100 4095 2 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877F951FEB83
-20150521011834 2 6 100 4095 5 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877F960399B7
-20150521012438 2 6 100 4095 2 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877F96EE7973
-20150521014010 2 6 100 4095 2 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877F99453213
-20150521015607 2 6 100 4095 5 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877F9B549727
-20150521015640 2 6 100 4095 2 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877F9B600A7B
-20150521020946 2 6 100 4095 5 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877F9D5299DF
-20150521021536 2 6 100 4095 2 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877F9E2793D3
-20150521022706 2 6 100 4095 2 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877F9FE131CB
-20150521023922 2 6 100 4095 2 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877FA1BAC073
-20150521025234 2 6 100 4095 2 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877FA3BC9483
-20150521025424 2 6 100 4095 2 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877FA3FB3513
-20150521032445 2 6 100 4095 2 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877FA87E0FAB
-20150521032932 2 6 100 4095 5 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877FA929F00F
-20150521032947 2 6 100 4095 2 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877FA92B272B
-20150521033245 2 6 100 4095 2 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877FA9953D0B
-20150521034828 2 6 100 4095 5 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877FABDD4AEF
-20150521035044 2 6 100 4095 5 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877FAC298C7F
-20150521035111 2 6 100 4095 2 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877FAC31F17B
-20150521035749 2 6 100 4095 5 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877FAD250357
-20150521040009 2 6 100 4095 2 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877FAD788A73
-20150521040220 2 6 100 4095 2 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877FADC5F173
-20150521040316 2 6 100 4095 2 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877FADDFFC03
-20150521041042 2 6 100 4095 2 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877FAEEBDEB3
-20150521041443 2 6 100 4095 2 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877FAF7AD7BB
-20150521041831 2 6 100 4095 2 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877FB007D653
-20150521041928 2 6 100 4095 2 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877FB025C91B
-20150521042301 2 6 100 4095 2 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877FB0A4C143
-20150521042631 2 6 100 4095 5 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877FB12009F7
-20150521042740 2 6 100 4095 5 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877FB145360F
-20150521043358 2 6 100 4095 2 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877FB22FAE93
-20150521044013 2 6 100 4095 5 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877FB31527AF
-20150521044543 2 6 100 4095 5 C8BCE52E2AE7AE1EC20056B2D0764047C92392C9DF75C3A57EB8AF1062A809E6EA975D9910AA5C55833CC47D4DA76E92BF63FEBB289E5FE2ED729429DE9567D0A489FA27B41810066B96602B2E555B34628A37C4CE04984D15C36F1EAD09081D2CB2147D5F0B7E8BCF0774FFCF5F649E0CB797DD23D0801C153B6B8480828CF165C7ED3181F316F371C6EC0B6EF6B8CBE36E5A4E8C070854668AF07FE6C73C3EB817CD0E8C7F264546A1B0402AC0FCEBA5032EBA2323769CC401D262971F4B44FC1151EC4F6E761709FD6ABDC84D9C36046811F54DC86D293D16D235DC712BF7346CDAC005AE5C0DCD96480C9BD0CF7C4BD50026553E27F957B6640BA6A87C6642FF3D97A3E63DA468276E3A22C0C3F2A1CFFB4F190D5E23700BB468EA31FD3EB87B44B51BDABDB0667FCFB618CECFB2BC440A5F2E237E93A6DFF96AB3561AF5EE1BDA21720129FF2123F7038C70B4CADF1BC70B2EF5EBC264E1E3B2A4B3780D4A11507D03A498A556A923B0EFAF90D024341A47818F03D5ADD961086C2573DABF02C4E2F303817D323E1D8D88EFBE3F5E0D6688593C65254907745CA6176C8ED7D6B830875A0BA8FFEEB1882742A4553E4E55A93A7AD4F3224B7BFA03E29C77DB0FCCE0E37E6D3A64C5555ED9555FA1E2C34EC04DA3B6E0AAA7BF64879BC4724859FE806E7DC49A5394AD3D01492F05AE69CF10C67B18BDFF8E877FB3DDFBB7
-20150521004745 2 6 100 6143 2 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F52665F2B
-20150521003352 2 6 100 6143 5 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F57C7B577
-20150521005557 2 6 100 6143 5 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F591BBC57
-20150521014228 2 6 100 6143 5 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F5BDF5CE7
-20150521015455 2 6 100 6143 5 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F5C9CFD1F
-20150521001701 2 6 100 6143 2 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F5CF6FF9B
-20150521002558 2 6 100 6143 2 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F5D7C4FE3
-20150521003319 2 6 100 6143 2 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F5DE41DFB
-20150521003721 2 6 100 6143 5 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F5E1B5FAF
-20150521010943 2 6 100 6143 5 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F600B866F
-20150521014141 2 6 100 6143 2 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F61F01EC3
-20150521010312 2 6 100 6143 2 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F65EAB753
-20150521002914 2 6 100 6143 5 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F69FD9357
-20150521011058 2 6 100 6143 2 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F6C6B8513
-20150521013628 2 6 100 6143 5 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F6DE7D9EF
-20150521015040 2 6 100 6143 5 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F6EB0C897
-20150521001307 2 6 100 6143 2 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F6F15473B
-20150521012712 2 6 100 6143 2 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F7377044B
-20150521005218 2 6 100 6143 2 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F7767DEA3
-20150521003512 2 6 100 6143 5 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F7C5546F7
-20150521005420 2 6 100 6143 2 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F7D68EDC3
-20150521011347 2 6 100 6143 2 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F7E859CF3
-20150521002429 2 6 100 6143 5 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F819A93E7
-20150521004826 2 6 100 6143 5 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F88D91A57
-20150521010541 2 6 100 6143 5 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F89D29B9F
-20150521012418 2 6 100 6143 5 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F8ADC38F7
-20150521015506 2 6 100 6143 2 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F8C91980B
-20150521004000 2 6 100 6143 5 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F8E369B97
-20150521005659 2 6 100 6143 2 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F8F2B1BEB
-20150521010328 2 6 100 6143 2 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F8F7DD1D3
-20150521011152 2 6 100 6143 2 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F8FF052BB
-20150521001457 2 6 100 6143 2 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F92940463
-20150521011129 2 6 100 6143 2 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F95C47DCB
-20150521013515 2 6 100 6143 2 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F9710A103
-20150521013841 2 6 100 6143 5 D9F2DC4F4AB3E451AB7781730AE26AE5AB1927A8F93D05C7765C4F23947CBAD218690437DDE587137100CA657CB902597743E8B05CB9B821A48E081C451227F5E42404534A28EE1D0A52FA903FBB15B79139D130420B8C7BD2477CDF0C06CF4C9943DF76A74C3B503B2229A5628E13983B0426A10FD164A720488DE3A1639D004B694ADB5216C21F481519865529CE6E3C9C8B89AC00FBF2B4C1F0B0033AC2A5072A157B5D4346950917B055227557FF1EB5F0873D75E648BEE4B6F88D4B228CB89C7602E34F85BF86DDBD09CA39993C73FF59B0310754F0D24740316F7D8D21D67EC65C8715B7130EBC8E19EB712990BBB30D650ACB0B7864B632ABBC2AEE7221393A5C74B043568043480DB41821A0CE1E6D271456C2FDC243D39868FB0D7BDA3FAD5894F7DCBBC5751B77B3DF99F6E8A5BD7A5B82F594E3E0CA2BBF7DA74312227B323652E6856B597326206CAFF2380C23CF94B8CD3EAA56BE60F8C372887CD37A62FC6F5FD467ED96E7CD9C285E75C2C353E520DFB3F39FE7B8E35FFB485B1B043F52321675EDF4848266997D059810F71D21E9DB3E3AB1BCE3713DB67155F41B7C21939B285AB63DBF1770228E4EE36314310D89200F132E8ECF2968CDA0E57DBBCE589E4DDBAD009994A817032EFA52F0659A319FBD813901BF5847EC2D7979CBA5870F3DA25BE09673952628E1EA70C82EC0BE67B402E48DF85C5983516BBEEAB811D1ECAB02928D4087B826139D073501149D47B3339CDA763840E4492661FFEF96C81C816B862EEE820019CD83C93BF9DFF8EC8C59331780D5D86B164EC12BBE59F4C9E62FD7819A941D10AFE32179B2361A17618FA84864F58C09AECB817E67BC352371BB7D7F8209E4EB9002013A585092D4721B1CB464A8480CC76173989144EF51692E373E9CCEAC9807EF190D6BBDD3BB0D16CA87DC6A54890D6F074ABD83E3CF077F2F592C0745BE15D7D6871552BB6139E5CF70D684C6D1D0C4516733E0639BBEC847313BE3D1D923B6A5FAF43A5341DD8C0779881BEB92736BA4F18BD6CDC1FC922B3809ED244748101A6C7E30DDE0C232FA3F9733A497
-20150521041810 2 6 100 7679 5 D67DA234F46097F7EE3B230456E7C895BCA86395DF43D60D9D587C64EA4525FBCAD22442143068578CE8ECC8280B2D81F747B484AA668FFCDBEB067EB824B42E5FA1A40BC08EE8CC4A064298CB31C36340951EC7A006878C79C80068196180DA31E1DEF79A72B2D059203DDE461485D1B9783AF79E981CDAEF88589D8343E5B52D96FE90EA13194AFAF7459B17B80971720357ABD09CFE992966FFC1C239821C910F55D69E44277E5DE9841F4E5B2D25D6A265D321059B762F7D6AC5F0E260DEEB628D32940002B219B354486CC5BBF6390F19899EA5E145A28487029DF0517564A81FA10FA60AFA04CE77794775392829DB636E7F5EE00868D5027A6BA75CA922CEF3CA78683D14AB2E58439789033ACF441236F5E3C7849E3662B5123304F82D0061EA9C18EA1676A736FFD628AE982CCEAB8979568C43FB34207E0DEC7D8A6AA391846C910F77771ECF2D0531A234D3798BC1B1433091A895E23A77792F4BE403D526F1D260A3627F2E80E863A204A774F58D7DE2C5C4A7E463A46BC436F0B7AF07179EC334D31073BF035FD94454ECD54146473F786EA15A1CEBB3B9C0D282195AD612D33B31F5528DAB5231CB17A3DE9AB5C8BD7BF8F773C255845BC9B70A1E53A50E5AEA801FFE604A2B2C1FBE86A2A883632E7AE75ADA007FB6AB1AA529DE3151CAA8D1D07FA19EFF5679398340E720CF2CFC4E1AEDD73C44983CC8E610DD419AE2E88206573837D6E44018D9498B62F9C0B8EA7741450FC7DBFF7C546D3CBCBA5B9123577FD5531880A18F1275F9181A922803D8F03512C58B5FBBC41CE8095EDD920A3E36CEB6EDB56900E6CEC2928288909D61B3B426EBC54F0A69C261A848B358C3A8E332567B9FFC1A7A07E9414BB1F75DE0795CF87632F5D6A87A246FD4E98E70489F779FE99C5BC4DB24BFA860C3551888FC721CDBC6AB5783B02BEF893E0984B6FDB5142A1AFD3277FE8F36B87849BC00B3FB3ADAFE4EDAE4839B83894C27FEF93514D7E3FFB7A30E99C6875D96C582E81D45FB463DC37B8791FC28A759301FC2F9879960C82BC7C427382A41B9AEFAC0051A2C653E55A47B48860CDA32812A192C1508A6C012C7E4BBAB1619B7926549FD8CE27928618F035BE31D56CBC9586D88E00DA69341F6F01554E205344E49E8871CCF80F9FF5CB54479AFA66806DD02FAFEE7D43572B3AA22742635FE65BFC8004960DC679FC7F8C0E5B50B3CE1E446B7A5E189BB9AAFA06FEC472D6E67EA4905373A01A2B662F534131405FBAB9BBAE892F0C265439EA1ABC91B186B5AC1E53A0C786607B1069BC026359955CFD614D7F80DF416A08AB18991A0398A83DF3CF2D65D7BE934407F
-20150521070624 2 6 100 7679 5 D67DA234F46097F7EE3B230456E7C895BCA86395DF43D60D9D587C64EA4525FBCAD22442143068578CE8ECC8280B2D81F747B484AA668FFCDBEB067EB824B42E5FA1A40BC08EE8CC4A064298CB31C36340951EC7A006878C79C80068196180DA31E1DEF79A72B2D059203DDE461485D1B9783AF79E981CDAEF88589D8343E5B52D96FE90EA13194AFAF7459B17B80971720357ABD09CFE992966FFC1C239821C910F55D69E44277E5DE9841F4E5B2D25D6A265D321059B762F7D6AC5F0E260DEEB628D32940002B219B354486CC5BBF6390F19899EA5E145A28487029DF0517564A81FA10FA60AFA04CE77794775392829DB636E7F5EE00868D5027A6BA75CA922CEF3CA78683D14AB2E58439789033ACF441236F5E3C7849E3662B5123304F82D0061EA9C18EA1676A736FFD628AE982CCEAB8979568C43FB34207E0DEC7D8A6AA391846C910F77771ECF2D0531A234D3798BC1B1433091A895E23A77792F4BE403D526F1D260A3627F2E80E863A204A774F58D7DE2C5C4A7E463A46BC436F0B7AF07179EC334D31073BF035FD94454ECD54146473F786EA15A1CEBB3B9C0D282195AD612D33B31F5528DAB5231CB17A3DE9AB5C8BD7BF8F773C255845BC9B70A1E53A50E5AEA801FFE604A2B2C1FBE86A2A883632E7AE75ADA007FB6AB1AA529DE3151CAA8D1D07FA19EFF5679398340E720CF2CFC4E1AEDD73C44983CC8E610DD419AE2E88206573837D6E44018D9498B62F9C0B8EA7741450FC7DBFF7C546D3CBCBA5B9123577FD5531880A18F1275F9181A922803D8F03512C58B5FBBC41CE8095EDD920A3E36CEB6EDB56900E6CEC2928288909D61B3B426EBC54F0A69C261A848B358C3A8E332567B9FFC1A7A07E9414BB1F75DE0795CF87632F5D6A87A246FD4E98E70489F779FE99C5BC4DB24BFA860C3551888FC721CDBC6AB5783B02BEF893E0984B6FDB5142A1AFD3277FE8F36B87849BC00B3FB3ADAFE4EDAE4839B83894C27FEF93514D7E3FFB7A30E99C6875D96C582E81D45FB463DC37B8791FC28A759301FC2F9879960C82BC7C427382A41B9AEFAC0051A2C653E55A47B48860CDA32812A192C1508A6C012C7E4BBAB1619B7926549FD8CE27928618F035BE31D56CBC9586D88E00DA69341F6F01554E205344E49E8871CCF80F9FF5CB54479AFA66806DD02FAFEE7D43572B3AA22742635FE65BFC8004960DC679FC7F8C0E5B50B3CE1E446B7A5E189BB9AAFA06FEC472D6E67EA4905373A01A2B662F534131405FBAB9BBAE892F0C265439EA1ABC91B186B5AC1E53A0C786607B1069BC026359955CFD614D7F80DF416A08AB18991A0398A83DF3CF2D65D7BEEB1E407
-20150521051555 2 6 100 7679 2 D67DA234F46097F7EE3B230456E7C895BCA86395DF43D60D9D587C64EA4525FBCAD22442143068578CE8ECC8280B2D81F747B484AA668FFCDBEB067EB824B42E5FA1A40BC08EE8CC4A064298CB31C36340951EC7A006878C79C80068196180DA31E1DEF79A72B2D059203DDE461485D1B9783AF79E981CDAEF88589D8343E5B52D96FE90EA13194AFAF7459B17B80971720357ABD09CFE992966FFC1C239821C910F55D69E44277E5DE9841F4E5B2D25D6A265D321059B762F7D6AC5F0E260DEEB628D32940002B219B354486CC5BBF6390F19899EA5E145A28487029DF0517564A81FA10FA60AFA04CE77794775392829DB636E7F5EE00868D5027A6BA75CA922CEF3CA78683D14AB2E58439789033ACF441236F5E3C7849E3662B5123304F82D0061EA9C18EA1676A736FFD628AE982CCEAB8979568C43FB34207E0DEC7D8A6AA391846C910F77771ECF2D0531A234D3798BC1B1433091A895E23A77792F4BE403D526F1D260A3627F2E80E863A204A774F58D7DE2C5C4A7E463A46BC436F0B7AF07179EC334D31073BF035FD94454ECD54146473F786EA15A1CEBB3B9C0D282195AD612D33B31F5528DAB5231CB17A3DE9AB5C8BD7BF8F773C255845BC9B70A1E53A50E5AEA801FFE604A2B2C1FBE86A2A883632E7AE75ADA007FB6AB1AA529DE3151CAA8D1D07FA19EFF5679398340E720CF2CFC4E1AEDD73C44983CC8E610DD419AE2E88206573837D6E44018D9498B62F9C0B8EA7741450FC7DBFF7C546D3CBCBA5B9123577FD5531880A18F1275F9181A922803D8F03512C58B5FBBC41CE8095EDD920A3E36CEB6EDB56900E6CEC2928288909D61B3B426EBC54F0A69C261A848B358C3A8E332567B9FFC1A7A07E9414BB1F75DE0795CF87632F5D6A87A246FD4E98E70489F779FE99C5BC4DB24BFA860C3551888FC721CDBC6AB5783B02BEF893E0984B6FDB5142A1AFD3277FE8F36B87849BC00B3FB3ADAFE4EDAE4839B83894C27FEF93514D7E3FFB7A30E99C6875D96C582E81D45FB463DC37B8791FC28A759301FC2F9879960C82BC7C427382A41B9AEFAC0051A2C653E55A47B48860CDA32812A192C1508A6C012C7E4BBAB1619B7926549FD8CE27928618F035BE31D56CBC9586D88E00DA69341F6F01554E205344E49E8871CCF80F9FF5CB54479AFA66806DD02FAFEE7D43572B3AA22742635FE65BFC8004960DC679FC7F8C0E5B50B3CE1E446B7A5E189BB9AAFA06FEC472D6E67EA4905373A01A2B662F534131405FBAB9BBAE892F0C265439EA1ABC91B186B5AC1E53A0C786607B1069BC026359955CFD614D7F80DF416A08AB18991A0398A83DF3CF2D65D7BF50EEEC3
-20150521061258 2 6 100 7679 5 D67DA234F46097F7EE3B230456E7C895BCA86395DF43D60D9D587C64EA4525FBCAD22442143068578CE8ECC8280B2D81F747B484AA668FFCDBEB067EB824B42E5FA1A40BC08EE8CC4A064298CB31C36340951EC7A006878C79C80068196180DA31E1DEF79A72B2D059203DDE461485D1B9783AF79E981CDAEF88589D8343E5B52D96FE90EA13194AFAF7459B17B80971720357ABD09CFE992966FFC1C239821C910F55D69E44277E5DE9841F4E5B2D25D6A265D321059B762F7D6AC5F0E260DEEB628D32940002B219B354486CC5BBF6390F19899EA5E145A28487029DF0517564A81FA10FA60AFA04CE77794775392829DB636E7F5EE00868D5027A6BA75CA922CEF3CA78683D14AB2E58439789033ACF441236F5E3C7849E3662B5123304F82D0061EA9C18EA1676A736FFD628AE982CCEAB8979568C43FB34207E0DEC7D8A6AA391846C910F77771ECF2D0531A234D3798BC1B1433091A895E23A77792F4BE403D526F1D260A3627F2E80E863A204A774F58D7DE2C5C4A7E463A46BC436F0B7AF07179EC334D31073BF035FD94454ECD54146473F786EA15A1CEBB3B9C0D282195AD612D33B31F5528DAB5231CB17A3DE9AB5C8BD7BF8F773C255845BC9B70A1E53A50E5AEA801FFE604A2B2C1FBE86A2A883632E7AE75ADA007FB6AB1AA529DE3151CAA8D1D07FA19EFF5679398340E720CF2CFC4E1AEDD73C44983CC8E610DD419AE2E88206573837D6E44018D9498B62F9C0B8EA7741450FC7DBFF7C546D3CBCBA5B9123577FD5531880A18F1275F9181A922803D8F03512C58B5FBBC41CE8095EDD920A3E36CEB6EDB56900E6CEC2928288909D61B3B426EBC54F0A69C261A848B358C3A8E332567B9FFC1A7A07E9414BB1F75DE0795CF87632F5D6A87A246FD4E98E70489F779FE99C5BC4DB24BFA860C3551888FC721CDBC6AB5783B02BEF893E0984B6FDB5142A1AFD3277FE8F36B87849BC00B3FB3ADAFE4EDAE4839B83894C27FEF93514D7E3FFB7A30E99C6875D96C582E81D45FB463DC37B8791FC28A759301FC2F9879960C82BC7C427382A41B9AEFAC0051A2C653E55A47B48860CDA32812A192C1508A6C012C7E4BBAB1619B7926549FD8CE27928618F035BE31D56CBC9586D88E00DA69341F6F01554E205344E49E8871CCF80F9FF5CB54479AFA66806DD02FAFEE7D43572B3AA22742635FE65BFC8004960DC679FC7F8C0E5B50B3CE1E446B7A5E189BB9AAFA06FEC472D6E67EA4905373A01A2B662F534131405FBAB9BBAE892F0C265439EA1ABC91B186B5AC1E53A0C786607B1069BC026359955CFD614D7F80DF416A08AB18991A0398A83DF3CF2D65D7C00AF225F
-20150521034225 2 6 100 7679 2 D67DA234F46097F7EE3B230456E7C895BCA86395DF43D60D9D587C64EA4525FBCAD22442143068578CE8ECC8280B2D81F747B484AA668FFCDBEB067EB824B42E5FA1A40BC08EE8CC4A064298CB31C36340951EC7A006878C79C80068196180DA31E1DEF79A72B2D059203DDE461485D1B9783AF79E981CDAEF88589D8343E5B52D96FE90EA13194AFAF7459B17B80971720357ABD09CFE992966FFC1C239821C910F55D69E44277E5DE9841F4E5B2D25D6A265D321059B762F7D6AC5F0E260DEEB628D32940002B219B354486CC5BBF6390F19899EA5E145A28487029DF0517564A81FA10FA60AFA04CE77794775392829DB636E7F5EE00868D5027A6BA75CA922CEF3CA78683D14AB2E58439789033ACF441236F5E3C7849E3662B5123304F82D0061EA9C18EA1676A736FFD628AE982CCEAB8979568C43FB34207E0DEC7D8A6AA391846C910F77771ECF2D0531A234D3798BC1B1433091A895E23A77792F4BE403D526F1D260A3627F2E80E863A204A774F58D7DE2C5C4A7E463A46BC436F0B7AF07179EC334D31073BF035FD94454ECD54146473F786EA15A1CEBB3B9C0D282195AD612D33B31F5528DAB5231CB17A3DE9AB5C8BD7BF8F773C255845BC9B70A1E53A50E5AEA801FFE604A2B2C1FBE86A2A883632E7AE75ADA007FB6AB1AA529DE3151CAA8D1D07FA19EFF5679398340E720CF2CFC4E1AEDD73C44983CC8E610DD419AE2E88206573837D6E44018D9498B62F9C0B8EA7741450FC7DBFF7C546D3CBCBA5B9123577FD5531880A18F1275F9181A922803D8F03512C58B5FBBC41CE8095EDD920A3E36CEB6EDB56900E6CEC2928288909D61B3B426EBC54F0A69C261A848B358C3A8E332567B9FFC1A7A07E9414BB1F75DE0795CF87632F5D6A87A246FD4E98E70489F779FE99C5BC4DB24BFA860C3551888FC721CDBC6AB5783B02BEF893E0984B6FDB5142A1AFD3277FE8F36B87849BC00B3FB3ADAFE4EDAE4839B83894C27FEF93514D7E3FFB7A30E99C6875D96C582E81D45FB463DC37B8791FC28A759301FC2F9879960C82BC7C427382A41B9AEFAC0051A2C653E55A47B48860CDA32812A192C1508A6C012C7E4BBAB1619B7926549FD8CE27928618F035BE31D56CBC9586D88E00DA69341F6F01554E205344E49E8871CCF80F9FF5CB54479AFA66806DD02FAFEE7D43572B3AA22742635FE65BFC8004960DC679FC7F8C0E5B50B3CE1E446B7A5E189BB9AAFA06FEC472D6E67EA4905373A01A2B662F534131405FBAB9BBAE892F0C265439EA1ABC91B186B5AC1E53A0C786607B1069BC026359955CFD614D7F80DF416A08AB18991A0398A83DF3CF2D65D7C058D5963
-20150521035956 2 6 100 7679 5 D67DA234F46097F7EE3B230456E7C895BCA86395DF43D60D9D587C64EA4525FBCAD22442143068578CE8ECC8280B2D81F747B484AA668FFCDBEB067EB824B42E5FA1A40BC08EE8CC4A064298CB31C36340951EC7A006878C79C80068196180DA31E1DEF79A72B2D059203DDE461485D1B9783AF79E981CDAEF88589D8343E5B52D96FE90EA13194AFAF7459B17B80971720357ABD09CFE992966FFC1C239821C910F55D69E44277E5DE9841F4E5B2D25D6A265D321059B762F7D6AC5F0E260DEEB628D32940002B219B354486CC5BBF6390F19899EA5E145A28487029DF0517564A81FA10FA60AFA04CE77794775392829DB636E7F5EE00868D5027A6BA75CA922CEF3CA78683D14AB2E58439789033ACF441236F5E3C7849E3662B5123304F82D0061EA9C18EA1676A736FFD628AE982CCEAB8979568C43FB34207E0DEC7D8A6AA391846C910F77771ECF2D0531A234D3798BC1B1433091A895E23A77792F4BE403D526F1D260A3627F2E80E863A204A774F58D7DE2C5C4A7E463A46BC436F0B7AF07179EC334D31073BF035FD94454ECD54146473F786EA15A1CEBB3B9C0D282195AD612D33B31F5528DAB5231CB17A3DE9AB5C8BD7BF8F773C255845BC9B70A1E53A50E5AEA801FFE604A2B2C1FBE86A2A883632E7AE75ADA007FB6AB1AA529DE3151CAA8D1D07FA19EFF5679398340E720CF2CFC4E1AEDD73C44983CC8E610DD419AE2E88206573837D6E44018D9498B62F9C0B8EA7741450FC7DBFF7C546D3CBCBA5B9123577FD5531880A18F1275F9181A922803D8F03512C58B5FBBC41CE8095EDD920A3E36CEB6EDB56900E6CEC2928288909D61B3B426EBC54F0A69C261A848B358C3A8E332567B9FFC1A7A07E9414BB1F75DE0795CF87632F5D6A87A246FD4E98E70489F779FE99C5BC4DB24BFA860C3551888FC721CDBC6AB5783B02BEF893E0984B6FDB5142A1AFD3277FE8F36B87849BC00B3FB3ADAFE4EDAE4839B83894C27FEF93514D7E3FFB7A30E99C6875D96C582E81D45FB463DC37B8791FC28A759301FC2F9879960C82BC7C427382A41B9AEFAC0051A2C653E55A47B48860CDA32812A192C1508A6C012C7E4BBAB1619B7926549FD8CE27928618F035BE31D56CBC9586D88E00DA69341F6F01554E205344E49E8871CCF80F9FF5CB54479AFA66806DD02FAFEE7D43572B3AA22742635FE65BFC8004960DC679FC7F8C0E5B50B3CE1E446B7A5E189BB9AAFA06FEC472D6E67EA4905373A01A2B662F534131405FBAB9BBAE892F0C265439EA1ABC91B186B5AC1E53A0C786607B1069BC026359955CFD614D7F80DF416A08AB18991A0398A83DF3CF2D65D7C0616723F
-20150521054248 2 6 100 7679 5 D67DA234F46097F7EE3B230456E7C895BCA86395DF43D60D9D587C64EA4525FBCAD22442143068578CE8ECC8280B2D81F747B484AA668FFCDBEB067EB824B42E5FA1A40BC08EE8CC4A064298CB31C36340951EC7A006878C79C80068196180DA31E1DEF79A72B2D059203DDE461485D1B9783AF79E981CDAEF88589D8343E5B52D96FE90EA13194AFAF7459B17B80971720357ABD09CFE992966FFC1C239821C910F55D69E44277E5DE9841F4E5B2D25D6A265D321059B762F7D6AC5F0E260DEEB628D32940002B219B354486CC5BBF6390F19899EA5E145A28487029DF0517564A81FA10FA60AFA04CE77794775392829DB636E7F5EE00868D5027A6BA75CA922CEF3CA78683D14AB2E58439789033ACF441236F5E3C7849E3662B5123304F82D0061EA9C18EA1676A736FFD628AE982CCEAB8979568C43FB34207E0DEC7D8A6AA391846C910F77771ECF2D0531A234D3798BC1B1433091A895E23A77792F4BE403D526F1D260A3627F2E80E863A204A774F58D7DE2C5C4A7E463A46BC436F0B7AF07179EC334D31073BF035FD94454ECD54146473F786EA15A1CEBB3B9C0D282195AD612D33B31F5528DAB5231CB17A3DE9AB5C8BD7BF8F773C255845BC9B70A1E53A50E5AEA801FFE604A2B2C1FBE86A2A883632E7AE75ADA007FB6AB1AA529DE3151CAA8D1D07FA19EFF5679398340E720CF2CFC4E1AEDD73C44983CC8E610DD419AE2E88206573837D6E44018D9498B62F9C0B8EA7741450FC7DBFF7C546D3CBCBA5B9123577FD5531880A18F1275F9181A922803D8F03512C58B5FBBC41CE8095EDD920A3E36CEB6EDB56900E6CEC2928288909D61B3B426EBC54F0A69C261A848B358C3A8E332567B9FFC1A7A07E9414BB1F75DE0795CF87632F5D6A87A246FD4E98E70489F779FE99C5BC4DB24BFA860C3551888FC721CDBC6AB5783B02BEF893E0984B6FDB5142A1AFD3277FE8F36B87849BC00B3FB3ADAFE4EDAE4839B83894C27FEF93514D7E3FFB7A30E99C6875D96C582E81D45FB463DC37B8791FC28A759301FC2F9879960C82BC7C427382A41B9AEFAC0051A2C653E55A47B48860CDA32812A192C1508A6C012C7E4BBAB1619B7926549FD8CE27928618F035BE31D56CBC9586D88E00DA69341F6F01554E205344E49E8871CCF80F9FF5CB54479AFA66806DD02FAFEE7D43572B3AA22742635FE65BFC8004960DC679FC7F8C0E5B50B3CE1E446B7A5E189BB9AAFA06FEC472D6E67EA4905373A01A2B662F534131405FBAB9BBAE892F0C265439EA1ABC91B186B5AC1E53A0C786607B1069BC026359955CFD614D7F80DF416A08AB18991A0398A83DF3CF2D65D7C12F16C3F
-20150521060112 2 6 100 7679 2 D67DA234F46097F7EE3B230456E7C895BCA86395DF43D60D9D587C64EA4525FBCAD22442143068578CE8ECC8280B2D81F747B484AA668FFCDBEB067EB824B42E5FA1A40BC08EE8CC4A064298CB31C36340951EC7A006878C79C80068196180DA31E1DEF79A72B2D059203DDE461485D1B9783AF79E981CDAEF88589D8343E5B52D96FE90EA13194AFAF7459B17B80971720357ABD09CFE992966FFC1C239821C910F55D69E44277E5DE9841F4E5B2D25D6A265D321059B762F7D6AC5F0E260DEEB628D32940002B219B354486CC5BBF6390F19899EA5E145A28487029DF0517564A81FA10FA60AFA04CE77794775392829DB636E7F5EE00868D5027A6BA75CA922CEF3CA78683D14AB2E58439789033ACF441236F5E3C7849E3662B5123304F82D0061EA9C18EA1676A736FFD628AE982CCEAB8979568C43FB34207E0DEC7D8A6AA391846C910F77771ECF2D0531A234D3798BC1B1433091A895E23A77792F4BE403D526F1D260A3627F2E80E863A204A774F58D7DE2C5C4A7E463A46BC436F0B7AF07179EC334D31073BF035FD94454ECD54146473F786EA15A1CEBB3B9C0D282195AD612D33B31F5528DAB5231CB17A3DE9AB5C8BD7BF8F773C255845BC9B70A1E53A50E5AEA801FFE604A2B2C1FBE86A2A883632E7AE75ADA007FB6AB1AA529DE3151CAA8D1D07FA19EFF5679398340E720CF2CFC4E1AEDD73C44983CC8E610DD419AE2E88206573837D6E44018D9498B62F9C0B8EA7741450FC7DBFF7C546D3CBCBA5B9123577FD5531880A18F1275F9181A922803D8F03512C58B5FBBC41CE8095EDD920A3E36CEB6EDB56900E6CEC2928288909D61B3B426EBC54F0A69C261A848B358C3A8E332567B9FFC1A7A07E9414BB1F75DE0795CF87632F5D6A87A246FD4E98E70489F779FE99C5BC4DB24BFA860C3551888FC721CDBC6AB5783B02BEF893E0984B6FDB5142A1AFD3277FE8F36B87849BC00B3FB3ADAFE4EDAE4839B83894C27FEF93514D7E3FFB7A30E99C6875D96C582E81D45FB463DC37B8791FC28A759301FC2F9879960C82BC7C427382A41B9AEFAC0051A2C653E55A47B48860CDA32812A192C1508A6C012C7E4BBAB1619B7926549FD8CE27928618F035BE31D56CBC9586D88E00DA69341F6F01554E205344E49E8871CCF80F9FF5CB54479AFA66806DD02FAFEE7D43572B3AA22742635FE65BFC8004960DC679FC7F8C0E5B50B3CE1E446B7A5E189BB9AAFA06FEC472D6E67EA4905373A01A2B662F534131405FBAB9BBAE892F0C265439EA1ABC91B186B5AC1E53A0C786607B1069BC026359955CFD614D7F80DF416A08AB18991A0398A83DF3CF2D65D7C1379EA23
-20150521023340 2 6 100 7679 2 D67DA234F46097F7EE3B230456E7C895BCA86395DF43D60D9D587C64EA4525FBCAD22442143068578CE8ECC8280B2D81F747B484AA668FFCDBEB067EB824B42E5FA1A40BC08EE8CC4A064298CB31C36340951EC7A006878C79C80068196180DA31E1DEF79A72B2D059203DDE461485D1B9783AF79E981CDAEF88589D8343E5B52D96FE90EA13194AFAF7459B17B80971720357ABD09CFE992966FFC1C239821C910F55D69E44277E5DE9841F4E5B2D25D6A265D321059B762F7D6AC5F0E260DEEB628D32940002B219B354486CC5BBF6390F19899EA5E145A28487029DF0517564A81FA10FA60AFA04CE77794775392829DB636E7F5EE00868D5027A6BA75CA922CEF3CA78683D14AB2E58439789033ACF441236F5E3C7849E3662B5123304F82D0061EA9C18EA1676A736FFD628AE982CCEAB8979568C43FB34207E0DEC7D8A6AA391846C910F77771ECF2D0531A234D3798BC1B1433091A895E23A77792F4BE403D526F1D260A3627F2E80E863A204A774F58D7DE2C5C4A7E463A46BC436F0B7AF07179EC334D31073BF035FD94454ECD54146473F786EA15A1CEBB3B9C0D282195AD612D33B31F5528DAB5231CB17A3DE9AB5C8BD7BF8F773C255845BC9B70A1E53A50E5AEA801FFE604A2B2C1FBE86A2A883632E7AE75ADA007FB6AB1AA529DE3151CAA8D1D07FA19EFF5679398340E720CF2CFC4E1AEDD73C44983CC8E610DD419AE2E88206573837D6E44018D9498B62F9C0B8EA7741450FC7DBFF7C546D3CBCBA5B9123577FD5531880A18F1275F9181A922803D8F03512C58B5FBBC41CE8095EDD920A3E36CEB6EDB56900E6CEC2928288909D61B3B426EBC54F0A69C261A848B358C3A8E332567B9FFC1A7A07E9414BB1F75DE0795CF87632F5D6A87A246FD4E98E70489F779FE99C5BC4DB24BFA860C3551888FC721CDBC6AB5783B02BEF893E0984B6FDB5142A1AFD3277FE8F36B87849BC00B3FB3ADAFE4EDAE4839B83894C27FEF93514D7E3FFB7A30E99C6875D96C582E81D45FB463DC37B8791FC28A759301FC2F9879960C82BC7C427382A41B9AEFAC0051A2C653E55A47B48860CDA32812A192C1508A6C012C7E4BBAB1619B7926549FD8CE27928618F035BE31D56CBC9586D88E00DA69341F6F01554E205344E49E8871CCF80F9FF5CB54479AFA66806DD02FAFEE7D43572B3AA22742635FE65BFC8004960DC679FC7F8C0E5B50B3CE1E446B7A5E189BB9AAFA06FEC472D6E67EA4905373A01A2B662F534131405FBAB9BBAE892F0C265439EA1ABC91B186B5AC1E53A0C786607B1069BC026359955CFD614D7F80DF416A08AB18991A0398A83DF3CF2D65D7C165F2773
-20150521043505 2 6 100 7679 5 D67DA234F46097F7EE3B230456E7C895BCA86395DF43D60D9D587C64EA4525FBCAD22442143068578CE8ECC8280B2D81F747B484AA668FFCDBEB067EB824B42E5FA1A40BC08EE8CC4A064298CB31C36340951EC7A006878C79C80068196180DA31E1DEF79A72B2D059203DDE461485D1B9783AF79E981CDAEF88589D8343E5B52D96FE90EA13194AFAF7459B17B80971720357ABD09CFE992966FFC1C239821C910F55D69E44277E5DE9841F4E5B2D25D6A265D321059B762F7D6AC5F0E260DEEB628D32940002B219B354486CC5BBF6390F19899EA5E145A28487029DF0517564A81FA10FA60AFA04CE77794775392829DB636E7F5EE00868D5027A6BA75CA922CEF3CA78683D14AB2E58439789033ACF441236F5E3C7849E3662B5123304F82D0061EA9C18EA1676A736FFD628AE982CCEAB8979568C43FB34207E0DEC7D8A6AA391846C910F77771ECF2D0531A234D3798BC1B1433091A895E23A77792F4BE403D526F1D260A3627F2E80E863A204A774F58D7DE2C5C4A7E463A46BC436F0B7AF07179EC334D31073BF035FD94454ECD54146473F786EA15A1CEBB3B9C0D282195AD612D33B31F5528DAB5231CB17A3DE9AB5C8BD7BF8F773C255845BC9B70A1E53A50E5AEA801FFE604A2B2C1FBE86A2A883632E7AE75ADA007FB6AB1AA529DE3151CAA8D1D07FA19EFF5679398340E720CF2CFC4E1AEDD73C44983CC8E610DD419AE2E88206573837D6E44018D9498B62F9C0B8EA7741450FC7DBFF7C546D3CBCBA5B9123577FD5531880A18F1275F9181A922803D8F03512C58B5FBBC41CE8095EDD920A3E36CEB6EDB56900E6CEC2928288909D61B3B426EBC54F0A69C261A848B358C3A8E332567B9FFC1A7A07E9414BB1F75DE0795CF87632F5D6A87A246FD4E98E70489F779FE99C5BC4DB24BFA860C3551888FC721CDBC6AB5783B02BEF893E0984B6FDB5142A1AFD3277FE8F36B87849BC00B3FB3ADAFE4EDAE4839B83894C27FEF93514D7E3FFB7A30E99C6875D96C582E81D45FB463DC37B8791FC28A759301FC2F9879960C82BC7C427382A41B9AEFAC0051A2C653E55A47B48860CDA32812A192C1508A6C012C7E4BBAB1619B7926549FD8CE27928618F035BE31D56CBC9586D88E00DA69341F6F01554E205344E49E8871CCF80F9FF5CB54479AFA66806DD02FAFEE7D43572B3AA22742635FE65BFC8004960DC679FC7F8C0E5B50B3CE1E446B7A5E189BB9AAFA06FEC472D6E67EA4905373A01A2B662F534131405FBAB9BBAE892F0C265439EA1ABC91B186B5AC1E53A0C786607B1069BC026359955CFD614D7F80DF416A08AB18991A0398A83DF3CF2D65D7C1A3EC717
-20150521024626 2 6 100 7679 2 D67DA234F46097F7EE3B230456E7C895BCA86395DF43D60D9D587C64EA4525FBCAD22442143068578CE8ECC8280B2D81F747B484AA668FFCDBEB067EB824B42E5FA1A40BC08EE8CC4A064298CB31C36340951EC7A006878C79C80068196180DA31E1DEF79A72B2D059203DDE461485D1B9783AF79E981CDAEF88589D8343E5B52D96FE90EA13194AFAF7459B17B80971720357ABD09CFE992966FFC1C239821C910F55D69E44277E5DE9841F4E5B2D25D6A265D321059B762F7D6AC5F0E260DEEB628D32940002B219B354486CC5BBF6390F19899EA5E145A28487029DF0517564A81FA10FA60AFA04CE77794775392829DB636E7F5EE00868D5027A6BA75CA922CEF3CA78683D14AB2E58439789033ACF441236F5E3C7849E3662B5123304F82D0061EA9C18EA1676A736FFD628AE982CCEAB8979568C43FB34207E0DEC7D8A6AA391846C910F77771ECF2D0531A234D3798BC1B1433091A895E23A77792F4BE403D526F1D260A3627F2E80E863A204A774F58D7DE2C5C4A7E463A46BC436F0B7AF07179EC334D31073BF035FD94454ECD54146473F786EA15A1CEBB3B9C0D282195AD612D33B31F5528DAB5231CB17A3DE9AB5C8BD7BF8F773C255845BC9B70A1E53A50E5AEA801FFE604A2B2C1FBE86A2A883632E7AE75ADA007FB6AB1AA529DE3151CAA8D1D07FA19EFF5679398340E720CF2CFC4E1AEDD73C44983CC8E610DD419AE2E88206573837D6E44018D9498B62F9C0B8EA7741450FC7DBFF7C546D3CBCBA5B9123577FD5531880A18F1275F9181A922803D8F03512C58B5FBBC41CE8095EDD920A3E36CEB6EDB56900E6CEC2928288909D61B3B426EBC54F0A69C261A848B358C3A8E332567B9FFC1A7A07E9414BB1F75DE0795CF87632F5D6A87A246FD4E98E70489F779FE99C5BC4DB24BFA860C3551888FC721CDBC6AB5783B02BEF893E0984B6FDB5142A1AFD3277FE8F36B87849BC00B3FB3ADAFE4EDAE4839B83894C27FEF93514D7E3FFB7A30E99C6875D96C582E81D45FB463DC37B8791FC28A759301FC2F9879960C82BC7C427382A41B9AEFAC0051A2C653E55A47B48860CDA32812A192C1508A6C012C7E4BBAB1619B7926549FD8CE27928618F035BE31D56CBC9586D88E00DA69341F6F01554E205344E49E8871CCF80F9FF5CB54479AFA66806DD02FAFEE7D43572B3AA22742635FE65BFC8004960DC679FC7F8C0E5B50B3CE1E446B7A5E189BB9AAFA06FEC472D6E67EA4905373A01A2B662F534131405FBAB9BBAE892F0C265439EA1ABC91B186B5AC1E53A0C786607B1069BC026359955CFD614D7F80DF416A08AB18991A0398A83DF3CF2D65D7C202ABED3
-20150521064303 2 6 100 7679 5 D67DA234F46097F7EE3B230456E7C895BCA86395DF43D60D9D587C64EA4525FBCAD22442143068578CE8ECC8280B2D81F747B484AA668FFCDBEB067EB824B42E5FA1A40BC08EE8CC4A064298CB31C36340951EC7A006878C79C80068196180DA31E1DEF79A72B2D059203DDE461485D1B9783AF79E981CDAEF88589D8343E5B52D96FE90EA13194AFAF7459B17B80971720357ABD09CFE992966FFC1C239821C910F55D69E44277E5DE9841F4E5B2D25D6A265D321059B762F7D6AC5F0E260DEEB628D32940002B219B354486CC5BBF6390F19899EA5E145A28487029DF0517564A81FA10FA60AFA04CE77794775392829DB636E7F5EE00868D5027A6BA75CA922CEF3CA78683D14AB2E58439789033ACF441236F5E3C7849E3662B5123304F82D0061EA9C18EA1676A736FFD628AE982CCEAB8979568C43FB34207E0DEC7D8A6AA391846C910F77771ECF2D0531A234D3798BC1B1433091A895E23A77792F4BE403D526F1D260A3627F2E80E863A204A774F58D7DE2C5C4A7E463A46BC436F0B7AF07179EC334D31073BF035FD94454ECD54146473F786EA15A1CEBB3B9C0D282195AD612D33B31F5528DAB5231CB17A3DE9AB5C8BD7BF8F773C255845BC9B70A1E53A50E5AEA801FFE604A2B2C1FBE86A2A883632E7AE75ADA007FB6AB1AA529DE3151CAA8D1D07FA19EFF5679398340E720CF2CFC4E1AEDD73C44983CC8E610DD419AE2E88206573837D6E44018D9498B62F9C0B8EA7741450FC7DBFF7C546D3CBCBA5B9123577FD5531880A18F1275F9181A922803D8F03512C58B5FBBC41CE8095EDD920A3E36CEB6EDB56900E6CEC2928288909D61B3B426EBC54F0A69C261A848B358C3A8E332567B9FFC1A7A07E9414BB1F75DE0795CF87632F5D6A87A246FD4E98E70489F779FE99C5BC4DB24BFA860C3551888FC721CDBC6AB5783B02BEF893E0984B6FDB5142A1AFD3277FE8F36B87849BC00B3FB3ADAFE4EDAE4839B83894C27FEF93514D7E3FFB7A30E99C6875D96C582E81D45FB463DC37B8791FC28A759301FC2F9879960C82BC7C427382A41B9AEFAC0051A2C653E55A47B48860CDA32812A192C1508A6C012C7E4BBAB1619B7926549FD8CE27928618F035BE31D56CBC9586D88E00DA69341F6F01554E205344E49E8871CCF80F9FF5CB54479AFA66806DD02FAFEE7D43572B3AA22742635FE65BFC8004960DC679FC7F8C0E5B50B3CE1E446B7A5E189BB9AAFA06FEC472D6E67EA4905373A01A2B662F534131405FBAB9BBAE892F0C265439EA1ABC91B186B5AC1E53A0C786607B1069BC026359955CFD614D7F80DF416A08AB18991A0398A83DF3CF2D65D7C27790087
-20150521060604 2 6 100 7679 2 D67DA234F46097F7EE3B230456E7C895BCA86395DF43D60D9D587C64EA4525FBCAD22442143068578CE8ECC8280B2D81F747B484AA668FFCDBEB067EB824B42E5FA1A40BC08EE8CC4A064298CB31C36340951EC7A006878C79C80068196180DA31E1DEF79A72B2D059203DDE461485D1B9783AF79E981CDAEF88589D8343E5B52D96FE90EA13194AFAF7459B17B80971720357ABD09CFE992966FFC1C239821C910F55D69E44277E5DE9841F4E5B2D25D6A265D321059B762F7D6AC5F0E260DEEB628D32940002B219B354486CC5BBF6390F19899EA5E145A28487029DF0517564A81FA10FA60AFA04CE77794775392829DB636E7F5EE00868D5027A6BA75CA922CEF3CA78683D14AB2E58439789033ACF441236F5E3C7849E3662B5123304F82D0061EA9C18EA1676A736FFD628AE982CCEAB8979568C43FB34207E0DEC7D8A6AA391846C910F77771ECF2D0531A234D3798BC1B1433091A895E23A77792F4BE403D526F1D260A3627F2E80E863A204A774F58D7DE2C5C4A7E463A46BC436F0B7AF07179EC334D31073BF035FD94454ECD54146473F786EA15A1CEBB3B9C0D282195AD612D33B31F5528DAB5231CB17A3DE9AB5C8BD7BF8F773C255845BC9B70A1E53A50E5AEA801FFE604A2B2C1FBE86A2A883632E7AE75ADA007FB6AB1AA529DE3151CAA8D1D07FA19EFF5679398340E720CF2CFC4E1AEDD73C44983CC8E610DD419AE2E88206573837D6E44018D9498B62F9C0B8EA7741450FC7DBFF7C546D3CBCBA5B9123577FD5531880A18F1275F9181A922803D8F03512C58B5FBBC41CE8095EDD920A3E36CEB6EDB56900E6CEC2928288909D61B3B426EBC54F0A69C261A848B358C3A8E332567B9FFC1A7A07E9414BB1F75DE0795CF87632F5D6A87A246FD4E98E70489F779FE99C5BC4DB24BFA860C3551888FC721CDBC6AB5783B02BEF893E0984B6FDB5142A1AFD3277FE8F36B87849BC00B3FB3ADAFE4EDAE4839B83894C27FEF93514D7E3FFB7A30E99C6875D96C582E81D45FB463DC37B8791FC28A759301FC2F9879960C82BC7C427382A41B9AEFAC0051A2C653E55A47B48860CDA32812A192C1508A6C012C7E4BBAB1619B7926549FD8CE27928618F035BE31D56CBC9586D88E00DA69341F6F01554E205344E49E8871CCF80F9FF5CB54479AFA66806DD02FAFEE7D43572B3AA22742635FE65BFC8004960DC679FC7F8C0E5B50B3CE1E446B7A5E189BB9AAFA06FEC472D6E67EA4905373A01A2B662F534131405FBAB9BBAE892F0C265439EA1ABC91B186B5AC1E53A0C786607B1069BC026359955CFD614D7F80DF416A08AB18991A0398A83DF3CF2D65D7C2F9DF583
-20150521062143 2 6 100 7679 2 D67DA234F46097F7EE3B230456E7C895BCA86395DF43D60D9D587C64EA4525FBCAD22442143068578CE8ECC8280B2D81F747B484AA668FFCDBEB067EB824B42E5FA1A40BC08EE8CC4A064298CB31C36340951EC7A006878C79C80068196180DA31E1DEF79A72B2D059203DDE461485D1B9783AF79E981CDAEF88589D8343E5B52D96FE90EA13194AFAF7459B17B80971720357ABD09CFE992966FFC1C239821C910F55D69E44277E5DE9841F4E5B2D25D6A265D321059B762F7D6AC5F0E260DEEB628D32940002B219B354486CC5BBF6390F19899EA5E145A28487029DF0517564A81FA10FA60AFA04CE77794775392829DB636E7F5EE00868D5027A6BA75CA922CEF3CA78683D14AB2E58439789033ACF441236F5E3C7849E3662B5123304F82D0061EA9C18EA1676A736FFD628AE982CCEAB8979568C43FB34207E0DEC7D8A6AA391846C910F77771ECF2D0531A234D3798BC1B1433091A895E23A77792F4BE403D526F1D260A3627F2E80E863A204A774F58D7DE2C5C4A7E463A46BC436F0B7AF07179EC334D31073BF035FD94454ECD54146473F786EA15A1CEBB3B9C0D282195AD612D33B31F5528DAB5231CB17A3DE9AB5C8BD7BF8F773C255845BC9B70A1E53A50E5AEA801FFE604A2B2C1FBE86A2A883632E7AE75ADA007FB6AB1AA529DE3151CAA8D1D07FA19EFF5679398340E720CF2CFC4E1AEDD73C44983CC8E610DD419AE2E88206573837D6E44018D9498B62F9C0B8EA7741450FC7DBFF7C546D3CBCBA5B9123577FD5531880A18F1275F9181A922803D8F03512C58B5FBBC41CE8095EDD920A3E36CEB6EDB56900E6CEC2928288909D61B3B426EBC54F0A69C261A848B358C3A8E332567B9FFC1A7A07E9414BB1F75DE0795CF87632F5D6A87A246FD4E98E70489F779FE99C5BC4DB24BFA860C3551888FC721CDBC6AB5783B02BEF893E0984B6FDB5142A1AFD3277FE8F36B87849BC00B3FB3ADAFE4EDAE4839B83894C27FEF93514D7E3FFB7A30E99C6875D96C582E81D45FB463DC37B8791FC28A759301FC2F9879960C82BC7C427382A41B9AEFAC0051A2C653E55A47B48860CDA32812A192C1508A6C012C7E4BBAB1619B7926549FD8CE27928618F035BE31D56CBC9586D88E00DA69341F6F01554E205344E49E8871CCF80F9FF5CB54479AFA66806DD02FAFEE7D43572B3AA22742635FE65BFC8004960DC679FC7F8C0E5B50B3CE1E446B7A5E189BB9AAFA06FEC472D6E67EA4905373A01A2B662F534131405FBAB9BBAE892F0C265439EA1ABC91B186B5AC1E53A0C786607B1069BC026359955CFD614D7F80DF416A08AB18991A0398A83DF3CF2D65D7C3003EEAB
-20150521044311 2 6 100 7679 5 D67DA234F46097F7EE3B230456E7C895BCA86395DF43D60D9D587C64EA4525FBCAD22442143068578CE8ECC8280B2D81F747B484AA668FFCDBEB067EB824B42E5FA1A40BC08EE8CC4A064298CB31C36340951EC7A006878C79C80068196180DA31E1DEF79A72B2D059203DDE461485D1B9783AF79E981CDAEF88589D8343E5B52D96FE90EA13194AFAF7459B17B80971720357ABD09CFE992966FFC1C239821C910F55D69E44277E5DE9841F4E5B2D25D6A265D321059B762F7D6AC5F0E260DEEB628D32940002B219B354486CC5BBF6390F19899EA5E145A28487029DF0517564A81FA10FA60AFA04CE77794775392829DB636E7F5EE00868D5027A6BA75CA922CEF3CA78683D14AB2E58439789033ACF441236F5E3C7849E3662B5123304F82D0061EA9C18EA1676A736FFD628AE982CCEAB8979568C43FB34207E0DEC7D8A6AA391846C910F77771ECF2D0531A234D3798BC1B1433091A895E23A77792F4BE403D526F1D260A3627F2E80E863A204A774F58D7DE2C5C4A7E463A46BC436F0B7AF07179EC334D31073BF035FD94454ECD54146473F786EA15A1CEBB3B9C0D282195AD612D33B31F5528DAB5231CB17A3DE9AB5C8BD7BF8F773C255845BC9B70A1E53A50E5AEA801FFE604A2B2C1FBE86A2A883632E7AE75ADA007FB6AB1AA529DE3151CAA8D1D07FA19EFF5679398340E720CF2CFC4E1AEDD73C44983CC8E610DD419AE2E88206573837D6E44018D9498B62F9C0B8EA7741450FC7DBFF7C546D3CBCBA5B9123577FD5531880A18F1275F9181A922803D8F03512C58B5FBBC41CE8095EDD920A3E36CEB6EDB56900E6CEC2928288909D61B3B426EBC54F0A69C261A848B358C3A8E332567B9FFC1A7A07E9414BB1F75DE0795CF87632F5D6A87A246FD4E98E70489F779FE99C5BC4DB24BFA860C3551888FC721CDBC6AB5783B02BEF893E0984B6FDB5142A1AFD3277FE8F36B87849BC00B3FB3ADAFE4EDAE4839B83894C27FEF93514D7E3FFB7A30E99C6875D96C582E81D45FB463DC37B8791FC28A759301FC2F9879960C82BC7C427382A41B9AEFAC0051A2C653E55A47B48860CDA32812A192C1508A6C012C7E4BBAB1619B7926549FD8CE27928618F035BE31D56CBC9586D88E00DA69341F6F01554E205344E49E8871CCF80F9FF5CB54479AFA66806DD02FAFEE7D43572B3AA22742635FE65BFC8004960DC679FC7F8C0E5B50B3CE1E446B7A5E189BB9AAFA06FEC472D6E67EA4905373A01A2B662F534131405FBAB9BBAE892F0C265439EA1ABC91B186B5AC1E53A0C786607B1069BC026359955CFD614D7F80DF416A08AB18991A0398A83DF3CF2D65D7C363D0A77
-20150521053731 2 6 100 7679 5 D67DA234F46097F7EE3B230456E7C895BCA86395DF43D60D9D587C64EA4525FBCAD22442143068578CE8ECC8280B2D81F747B484AA668FFCDBEB067EB824B42E5FA1A40BC08EE8CC4A064298CB31C36340951EC7A006878C79C80068196180DA31E1DEF79A72B2D059203DDE461485D1B9783AF79E981CDAEF88589D8343E5B52D96FE90EA13194AFAF7459B17B80971720357ABD09CFE992966FFC1C239821C910F55D69E44277E5DE9841F4E5B2D25D6A265D321059B762F7D6AC5F0E260DEEB628D32940002B219B354486CC5BBF6390F19899EA5E145A28487029DF0517564A81FA10FA60AFA04CE77794775392829DB636E7F5EE00868D5027A6BA75CA922CEF3CA78683D14AB2E58439789033ACF441236F5E3C7849E3662B5123304F82D0061EA9C18EA1676A736FFD628AE982CCEAB8979568C43FB34207E0DEC7D8A6AA391846C910F77771ECF2D0531A234D3798BC1B1433091A895E23A77792F4BE403D526F1D260A3627F2E80E863A204A774F58D7DE2C5C4A7E463A46BC436F0B7AF07179EC334D31073BF035FD94454ECD54146473F786EA15A1CEBB3B9C0D282195AD612D33B31F5528DAB5231CB17A3DE9AB5C8BD7BF8F773C255845BC9B70A1E53A50E5AEA801FFE604A2B2C1FBE86A2A883632E7AE75ADA007FB6AB1AA529DE3151CAA8D1D07FA19EFF5679398340E720CF2CFC4E1AEDD73C44983CC8E610DD419AE2E88206573837D6E44018D9498B62F9C0B8EA7741450FC7DBFF7C546D3CBCBA5B9123577FD5531880A18F1275F9181A922803D8F03512C58B5FBBC41CE8095EDD920A3E36CEB6EDB56900E6CEC2928288909D61B3B426EBC54F0A69C261A848B358C3A8E332567B9FFC1A7A07E9414BB1F75DE0795CF87632F5D6A87A246FD4E98E70489F779FE99C5BC4DB24BFA860C3551888FC721CDBC6AB5783B02BEF893E0984B6FDB5142A1AFD3277FE8F36B87849BC00B3FB3ADAFE4EDAE4839B83894C27FEF93514D7E3FFB7A30E99C6875D96C582E81D45FB463DC37B8791FC28A759301FC2F9879960C82BC7C427382A41B9AEFAC0051A2C653E55A47B48860CDA32812A192C1508A6C012C7E4BBAB1619B7926549FD8CE27928618F035BE31D56CBC9586D88E00DA69341F6F01554E205344E49E8871CCF80F9FF5CB54479AFA66806DD02FAFEE7D43572B3AA22742635FE65BFC8004960DC679FC7F8C0E5B50B3CE1E446B7A5E189BB9AAFA06FEC472D6E67EA4905373A01A2B662F534131405FBAB9BBAE892F0C265439EA1ABC91B186B5AC1E53A0C786607B1069BC026359955CFD614D7F80DF416A08AB18991A0398A83DF3CF2D65D7C37D6EFCF
-20150521065640 2 6 100 7679 5 D67DA234F46097F7EE3B230456E7C895BCA86395DF43D60D9D587C64EA4525FBCAD22442143068578CE8ECC8280B2D81F747B484AA668FFCDBEB067EB824B42E5FA1A40BC08EE8CC4A064298CB31C36340951EC7A006878C79C80068196180DA31E1DEF79A72B2D059203DDE461485D1B9783AF79E981CDAEF88589D8343E5B52D96FE90EA13194AFAF7459B17B80971720357ABD09CFE992966FFC1C239821C910F55D69E44277E5DE9841F4E5B2D25D6A265D321059B762F7D6AC5F0E260DEEB628D32940002B219B354486CC5BBF6390F19899EA5E145A28487029DF0517564A81FA10FA60AFA04CE77794775392829DB636E7F5EE00868D5027A6BA75CA922CEF3CA78683D14AB2E58439789033ACF441236F5E3C7849E3662B5123304F82D0061EA9C18EA1676A736FFD628AE982CCEAB8979568C43FB34207E0DEC7D8A6AA391846C910F77771ECF2D0531A234D3798BC1B1433091A895E23A77792F4BE403D526F1D260A3627F2E80E863A204A774F58D7DE2C5C4A7E463A46BC436F0B7AF07179EC334D31073BF035FD94454ECD54146473F786EA15A1CEBB3B9C0D282195AD612D33B31F5528DAB5231CB17A3DE9AB5C8BD7BF8F773C255845BC9B70A1E53A50E5AEA801FFE604A2B2C1FBE86A2A883632E7AE75ADA007FB6AB1AA529DE3151CAA8D1D07FA19EFF5679398340E720CF2CFC4E1AEDD73C44983CC8E610DD419AE2E88206573837D6E44018D9498B62F9C0B8EA7741450FC7DBFF7C546D3CBCBA5B9123577FD5531880A18F1275F9181A922803D8F03512C58B5FBBC41CE8095EDD920A3E36CEB6EDB56900E6CEC2928288909D61B3B426EBC54F0A69C261A848B358C3A8E332567B9FFC1A7A07E9414BB1F75DE0795CF87632F5D6A87A246FD4E98E70489F779FE99C5BC4DB24BFA860C3551888FC721CDBC6AB5783B02BEF893E0984B6FDB5142A1AFD3277FE8F36B87849BC00B3FB3ADAFE4EDAE4839B83894C27FEF93514D7E3FFB7A30E99C6875D96C582E81D45FB463DC37B8791FC28A759301FC2F9879960C82BC7C427382A41B9AEFAC0051A2C653E55A47B48860CDA32812A192C1508A6C012C7E4BBAB1619B7926549FD8CE27928618F035BE31D56CBC9586D88E00DA69341F6F01554E205344E49E8871CCF80F9FF5CB54479AFA66806DD02FAFEE7D43572B3AA22742635FE65BFC8004960DC679FC7F8C0E5B50B3CE1E446B7A5E189BB9AAFA06FEC472D6E67EA4905373A01A2B662F534131405FBAB9BBAE892F0C265439EA1ABC91B186B5AC1E53A0C786607B1069BC026359955CFD614D7F80DF416A08AB18991A0398A83DF3CF2D65D7C3A20A2DF
-20150521044717 2 6 100 7679 2 D67DA234F46097F7EE3B230456E7C895BCA86395DF43D60D9D587C64EA4525FBCAD22442143068578CE8ECC8280B2D81F747B484AA668FFCDBEB067EB824B42E5FA1A40BC08EE8CC4A064298CB31C36340951EC7A006878C79C80068196180DA31E1DEF79A72B2D059203DDE461485D1B9783AF79E981CDAEF88589D8343E5B52D96FE90EA13194AFAF7459B17B80971720357ABD09CFE992966FFC1C239821C910F55D69E44277E5DE9841F4E5B2D25D6A265D321059B762F7D6AC5F0E260DEEB628D32940002B219B354486CC5BBF6390F19899EA5E145A28487029DF0517564A81FA10FA60AFA04CE77794775392829DB636E7F5EE00868D5027A6BA75CA922CEF3CA78683D14AB2E58439789033ACF441236F5E3C7849E3662B5123304F82D0061EA9C18EA1676A736FFD628AE982CCEAB8979568C43FB34207E0DEC7D8A6AA391846C910F77771ECF2D0531A234D3798BC1B1433091A895E23A77792F4BE403D526F1D260A3627F2E80E863A204A774F58D7DE2C5C4A7E463A46BC436F0B7AF07179EC334D31073BF035FD94454ECD54146473F786EA15A1CEBB3B9C0D282195AD612D33B31F5528DAB5231CB17A3DE9AB5C8BD7BF8F773C255845BC9B70A1E53A50E5AEA801FFE604A2B2C1FBE86A2A883632E7AE75ADA007FB6AB1AA529DE3151CAA8D1D07FA19EFF5679398340E720CF2CFC4E1AEDD73C44983CC8E610DD419AE2E88206573837D6E44018D9498B62F9C0B8EA7741450FC7DBFF7C546D3CBCBA5B9123577FD5531880A18F1275F9181A922803D8F03512C58B5FBBC41CE8095EDD920A3E36CEB6EDB56900E6CEC2928288909D61B3B426EBC54F0A69C261A848B358C3A8E332567B9FFC1A7A07E9414BB1F75DE0795CF87632F5D6A87A246FD4E98E70489F779FE99C5BC4DB24BFA860C3551888FC721CDBC6AB5783B02BEF893E0984B6FDB5142A1AFD3277FE8F36B87849BC00B3FB3ADAFE4EDAE4839B83894C27FEF93514D7E3FFB7A30E99C6875D96C582E81D45FB463DC37B8791FC28A759301FC2F9879960C82BC7C427382A41B9AEFAC0051A2C653E55A47B48860CDA32812A192C1508A6C012C7E4BBAB1619B7926549FD8CE27928618F035BE31D56CBC9586D88E00DA69341F6F01554E205344E49E8871CCF80F9FF5CB54479AFA66806DD02FAFEE7D43572B3AA22742635FE65BFC8004960DC679FC7F8C0E5B50B3CE1E446B7A5E189BB9AAFA06FEC472D6E67EA4905373A01A2B662F534131405FBAB9BBAE892F0C265439EA1ABC91B186B5AC1E53A0C786607B1069BC026359955CFD614D7F80DF416A08AB18991A0398A83DF3CF2D65D7C3F622E8B
-20150521065426 2 6 100 7679 2 D67DA234F46097F7EE3B230456E7C895BCA86395DF43D60D9D587C64EA4525FBCAD22442143068578CE8ECC8280B2D81F747B484AA668FFCDBEB067EB824B42E5FA1A40BC08EE8CC4A064298CB31C36340951EC7A006878C79C80068196180DA31E1DEF79A72B2D059203DDE461485D1B9783AF79E981CDAEF88589D8343E5B52D96FE90EA13194AFAF7459B17B80971720357ABD09CFE992966FFC1C239821C910F55D69E44277E5DE9841F4E5B2D25D6A265D321059B762F7D6AC5F0E260DEEB628D32940002B219B354486CC5BBF6390F19899EA5E145A28487029DF0517564A81FA10FA60AFA04CE77794775392829DB636E7F5EE00868D5027A6BA75CA922CEF3CA78683D14AB2E58439789033ACF441236F5E3C7849E3662B5123304F82D0061EA9C18EA1676A736FFD628AE982CCEAB8979568C43FB34207E0DEC7D8A6AA391846C910F77771ECF2D0531A234D3798BC1B1433091A895E23A77792F4BE403D526F1D260A3627F2E80E863A204A774F58D7DE2C5C4A7E463A46BC436F0B7AF07179EC334D31073BF035FD94454ECD54146473F786EA15A1CEBB3B9C0D282195AD612D33B31F5528DAB5231CB17A3DE9AB5C8BD7BF8F773C255845BC9B70A1E53A50E5AEA801FFE604A2B2C1FBE86A2A883632E7AE75ADA007FB6AB1AA529DE3151CAA8D1D07FA19EFF5679398340E720CF2CFC4E1AEDD73C44983CC8E610DD419AE2E88206573837D6E44018D9498B62F9C0B8EA7741450FC7DBFF7C546D3CBCBA5B9123577FD5531880A18F1275F9181A922803D8F03512C58B5FBBC41CE8095EDD920A3E36CEB6EDB56900E6CEC2928288909D61B3B426EBC54F0A69C261A848B358C3A8E332567B9FFC1A7A07E9414BB1F75DE0795CF87632F5D6A87A246FD4E98E70489F779FE99C5BC4DB24BFA860C3551888FC721CDBC6AB5783B02BEF893E0984B6FDB5142A1AFD3277FE8F36B87849BC00B3FB3ADAFE4EDAE4839B83894C27FEF93514D7E3FFB7A30E99C6875D96C582E81D45FB463DC37B8791FC28A759301FC2F9879960C82BC7C427382A41B9AEFAC0051A2C653E55A47B48860CDA32812A192C1508A6C012C7E4BBAB1619B7926549FD8CE27928618F035BE31D56CBC9586D88E00DA69341F6F01554E205344E49E8871CCF80F9FF5CB54479AFA66806DD02FAFEE7D43572B3AA22742635FE65BFC8004960DC679FC7F8C0E5B50B3CE1E446B7A5E189BB9AAFA06FEC472D6E67EA4905373A01A2B662F534131405FBAB9BBAE892F0C265439EA1ABC91B186B5AC1E53A0C786607B1069BC026359955CFD614D7F80DF416A08AB18991A0398A83DF3CF2D65D7C430ED7CB
-20150521023632 2 6 100 7679 2 D67DA234F46097F7EE3B230456E7C895BCA86395DF43D60D9D587C64EA4525FBCAD22442143068578CE8ECC8280B2D81F747B484AA668FFCDBEB067EB824B42E5FA1A40BC08EE8CC4A064298CB31C36340951EC7A006878C79C80068196180DA31E1DEF79A72B2D059203DDE461485D1B9783AF79E981CDAEF88589D8343E5B52D96FE90EA13194AFAF7459B17B80971720357ABD09CFE992966FFC1C239821C910F55D69E44277E5DE9841F4E5B2D25D6A265D321059B762F7D6AC5F0E260DEEB628D32940002B219B354486CC5BBF6390F19899EA5E145A28487029DF0517564A81FA10FA60AFA04CE77794775392829DB636E7F5EE00868D5027A6BA75CA922CEF3CA78683D14AB2E58439789033ACF441236F5E3C7849E3662B5123304F82D0061EA9C18EA1676A736FFD628AE982CCEAB8979568C43FB34207E0DEC7D8A6AA391846C910F77771ECF2D0531A234D3798BC1B1433091A895E23A77792F4BE403D526F1D260A3627F2E80E863A204A774F58D7DE2C5C4A7E463A46BC436F0B7AF07179EC334D31073BF035FD94454ECD54146473F786EA15A1CEBB3B9C0D282195AD612D33B31F5528DAB5231CB17A3DE9AB5C8BD7BF8F773C255845BC9B70A1E53A50E5AEA801FFE604A2B2C1FBE86A2A883632E7AE75ADA007FB6AB1AA529DE3151CAA8D1D07FA19EFF5679398340E720CF2CFC4E1AEDD73C44983CC8E610DD419AE2E88206573837D6E44018D9498B62F9C0B8EA7741450FC7DBFF7C546D3CBCBA5B9123577FD5531880A18F1275F9181A922803D8F03512C58B5FBBC41CE8095EDD920A3E36CEB6EDB56900E6CEC2928288909D61B3B426EBC54F0A69C261A848B358C3A8E332567B9FFC1A7A07E9414BB1F75DE0795CF87632F5D6A87A246FD4E98E70489F779FE99C5BC4DB24BFA860C3551888FC721CDBC6AB5783B02BEF893E0984B6FDB5142A1AFD3277FE8F36B87849BC00B3FB3ADAFE4EDAE4839B83894C27FEF93514D7E3FFB7A30E99C6875D96C582E81D45FB463DC37B8791FC28A759301FC2F9879960C82BC7C427382A41B9AEFAC0051A2C653E55A47B48860CDA32812A192C1508A6C012C7E4BBAB1619B7926549FD8CE27928618F035BE31D56CBC9586D88E00DA69341F6F01554E205344E49E8871CCF80F9FF5CB54479AFA66806DD02FAFEE7D43572B3AA22742635FE65BFC8004960DC679FC7F8C0E5B50B3CE1E446B7A5E189BB9AAFA06FEC472D6E67EA4905373A01A2B662F534131405FBAB9BBAE892F0C265439EA1ABC91B186B5AC1E53A0C786607B1069BC026359955CFD614D7F80DF416A08AB18991A0398A83DF3CF2D65D7C445E575B
-20150521032945 2 6 100 7679 2 D67DA234F46097F7EE3B230456E7C895BCA86395DF43D60D9D587C64EA4525FBCAD22442143068578CE8ECC8280B2D81F747B484AA668FFCDBEB067EB824B42E5FA1A40BC08EE8CC4A064298CB31C36340951EC7A006878C79C80068196180DA31E1DEF79A72B2D059203DDE461485D1B9783AF79E981CDAEF88589D8343E5B52D96FE90EA13194AFAF7459B17B80971720357ABD09CFE992966FFC1C239821C910F55D69E44277E5DE9841F4E5B2D25D6A265D321059B762F7D6AC5F0E260DEEB628D32940002B219B354486CC5BBF6390F19899EA5E145A28487029DF0517564A81FA10FA60AFA04CE77794775392829DB636E7F5EE00868D5027A6BA75CA922CEF3CA78683D14AB2E58439789033ACF441236F5E3C7849E3662B5123304F82D0061EA9C18EA1676A736FFD628AE982CCEAB8979568C43FB34207E0DEC7D8A6AA391846C910F77771ECF2D0531A234D3798BC1B1433091A895E23A77792F4BE403D526F1D260A3627F2E80E863A204A774F58D7DE2C5C4A7E463A46BC436F0B7AF07179EC334D31073BF035FD94454ECD54146473F786EA15A1CEBB3B9C0D282195AD612D33B31F5528DAB5231CB17A3DE9AB5C8BD7BF8F773C255845BC9B70A1E53A50E5AEA801FFE604A2B2C1FBE86A2A883632E7AE75ADA007FB6AB1AA529DE3151CAA8D1D07FA19EFF5679398340E720CF2CFC4E1AEDD73C44983CC8E610DD419AE2E88206573837D6E44018D9498B62F9C0B8EA7741450FC7DBFF7C546D3CBCBA5B9123577FD5531880A18F1275F9181A922803D8F03512C58B5FBBC41CE8095EDD920A3E36CEB6EDB56900E6CEC2928288909D61B3B426EBC54F0A69C261A848B358C3A8E332567B9FFC1A7A07E9414BB1F75DE0795CF87632F5D6A87A246FD4E98E70489F779FE99C5BC4DB24BFA860C3551888FC721CDBC6AB5783B02BEF893E0984B6FDB5142A1AFD3277FE8F36B87849BC00B3FB3ADAFE4EDAE4839B83894C27FEF93514D7E3FFB7A30E99C6875D96C582E81D45FB463DC37B8791FC28A759301FC2F9879960C82BC7C427382A41B9AEFAC0051A2C653E55A47B48860CDA32812A192C1508A6C012C7E4BBAB1619B7926549FD8CE27928618F035BE31D56CBC9586D88E00DA69341F6F01554E205344E49E8871CCF80F9FF5CB54479AFA66806DD02FAFEE7D43572B3AA22742635FE65BFC8004960DC679FC7F8C0E5B50B3CE1E446B7A5E189BB9AAFA06FEC472D6E67EA4905373A01A2B662F534131405FBAB9BBAE892F0C265439EA1ABC91B186B5AC1E53A0C786607B1069BC026359955CFD614D7F80DF416A08AB18991A0398A83DF3CF2D65D7C45EEE643
-20150521054538 2 6 100 7679 2 D67DA234F46097F7EE3B230456E7C895BCA86395DF43D60D9D587C64EA4525FBCAD22442143068578CE8ECC8280B2D81F747B484AA668FFCDBEB067EB824B42E5FA1A40BC08EE8CC4A064298CB31C36340951EC7A006878C79C80068196180DA31E1DEF79A72B2D059203DDE461485D1B9783AF79E981CDAEF88589D8343E5B52D96FE90EA13194AFAF7459B17B80971720357ABD09CFE992966FFC1C239821C910F55D69E44277E5DE9841F4E5B2D25D6A265D321059B762F7D6AC5F0E260DEEB628D32940002B219B354486CC5BBF6390F19899EA5E145A28487029DF0517564A81FA10FA60AFA04CE77794775392829DB636E7F5EE00868D5027A6BA75CA922CEF3CA78683D14AB2E58439789033ACF441236F5E3C7849E3662B5123304F82D0061EA9C18EA1676A736FFD628AE982CCEAB8979568C43FB34207E0DEC7D8A6AA391846C910F77771ECF2D0531A234D3798BC1B1433091A895E23A77792F4BE403D526F1D260A3627F2E80E863A204A774F58D7DE2C5C4A7E463A46BC436F0B7AF07179EC334D31073BF035FD94454ECD54146473F786EA15A1CEBB3B9C0D282195AD612D33B31F5528DAB5231CB17A3DE9AB5C8BD7BF8F773C255845BC9B70A1E53A50E5AEA801FFE604A2B2C1FBE86A2A883632E7AE75ADA007FB6AB1AA529DE3151CAA8D1D07FA19EFF5679398340E720CF2CFC4E1AEDD73C44983CC8E610DD419AE2E88206573837D6E44018D9498B62F9C0B8EA7741450FC7DBFF7C546D3CBCBA5B9123577FD5531880A18F1275F9181A922803D8F03512C58B5FBBC41CE8095EDD920A3E36CEB6EDB56900E6CEC2928288909D61B3B426EBC54F0A69C261A848B358C3A8E332567B9FFC1A7A07E9414BB1F75DE0795CF87632F5D6A87A246FD4E98E70489F779FE99C5BC4DB24BFA860C3551888FC721CDBC6AB5783B02BEF893E0984B6FDB5142A1AFD3277FE8F36B87849BC00B3FB3ADAFE4EDAE4839B83894C27FEF93514D7E3FFB7A30E99C6875D96C582E81D45FB463DC37B8791FC28A759301FC2F9879960C82BC7C427382A41B9AEFAC0051A2C653E55A47B48860CDA32812A192C1508A6C012C7E4BBAB1619B7926549FD8CE27928618F035BE31D56CBC9586D88E00DA69341F6F01554E205344E49E8871CCF80F9FF5CB54479AFA66806DD02FAFEE7D43572B3AA22742635FE65BFC8004960DC679FC7F8C0E5B50B3CE1E446B7A5E189BB9AAFA06FEC472D6E67EA4905373A01A2B662F534131405FBAB9BBAE892F0C265439EA1ABC91B186B5AC1E53A0C786607B1069BC026359955CFD614D7F80DF416A08AB18991A0398A83DF3CF2D65D7C49FB77CB
-20150521024620 2 6 100 7679 2 D67DA234F46097F7EE3B230456E7C895BCA86395DF43D60D9D587C64EA4525FBCAD22442143068578CE8ECC8280B2D81F747B484AA668FFCDBEB067EB824B42E5FA1A40BC08EE8CC4A064298CB31C36340951EC7A006878C79C80068196180DA31E1DEF79A72B2D059203DDE461485D1B9783AF79E981CDAEF88589D8343E5B52D96FE90EA13194AFAF7459B17B80971720357ABD09CFE992966FFC1C239821C910F55D69E44277E5DE9841F4E5B2D25D6A265D321059B762F7D6AC5F0E260DEEB628D32940002B219B354486CC5BBF6390F19899EA5E145A28487029DF0517564A81FA10FA60AFA04CE77794775392829DB636E7F5EE00868D5027A6BA75CA922CEF3CA78683D14AB2E58439789033ACF441236F5E3C7849E3662B5123304F82D0061EA9C18EA1676A736FFD628AE982CCEAB8979568C43FB34207E0DEC7D8A6AA391846C910F77771ECF2D0531A234D3798BC1B1433091A895E23A77792F4BE403D526F1D260A3627F2E80E863A204A774F58D7DE2C5C4A7E463A46BC436F0B7AF07179EC334D31073BF035FD94454ECD54146473F786EA15A1CEBB3B9C0D282195AD612D33B31F5528DAB5231CB17A3DE9AB5C8BD7BF8F773C255845BC9B70A1E53A50E5AEA801FFE604A2B2C1FBE86A2A883632E7AE75ADA007FB6AB1AA529DE3151CAA8D1D07FA19EFF5679398340E720CF2CFC4E1AEDD73C44983CC8E610DD419AE2E88206573837D6E44018D9498B62F9C0B8EA7741450FC7DBFF7C546D3CBCBA5B9123577FD5531880A18F1275F9181A922803D8F03512C58B5FBBC41CE8095EDD920A3E36CEB6EDB56900E6CEC2928288909D61B3B426EBC54F0A69C261A848B358C3A8E332567B9FFC1A7A07E9414BB1F75DE0795CF87632F5D6A87A246FD4E98E70489F779FE99C5BC4DB24BFA860C3551888FC721CDBC6AB5783B02BEF893E0984B6FDB5142A1AFD3277FE8F36B87849BC00B3FB3ADAFE4EDAE4839B83894C27FEF93514D7E3FFB7A30E99C6875D96C582E81D45FB463DC37B8791FC28A759301FC2F9879960C82BC7C427382A41B9AEFAC0051A2C653E55A47B48860CDA32812A192C1508A6C012C7E4BBAB1619B7926549FD8CE27928618F035BE31D56CBC9586D88E00DA69341F6F01554E205344E49E8871CCF80F9FF5CB54479AFA66806DD02FAFEE7D43572B3AA22742635FE65BFC8004960DC679FC7F8C0E5B50B3CE1E446B7A5E189BB9AAFA06FEC472D6E67EA4905373A01A2B662F534131405FBAB9BBAE892F0C265439EA1ABC91B186B5AC1E53A0C786607B1069BC026359955CFD614D7F80DF416A08AB18991A0398A83DF3CF2D65D7C4D86D0FB
-20150521042108 2 6 100 7679 2 D67DA234F46097F7EE3B230456E7C895BCA86395DF43D60D9D587C64EA4525FBCAD22442143068578CE8ECC8280B2D81F747B484AA668FFCDBEB067EB824B42E5FA1A40BC08EE8CC4A064298CB31C36340951EC7A006878C79C80068196180DA31E1DEF79A72B2D059203DDE461485D1B9783AF79E981CDAEF88589D8343E5B52D96FE90EA13194AFAF7459B17B80971720357ABD09CFE992966FFC1C239821C910F55D69E44277E5DE9841F4E5B2D25D6A265D321059B762F7D6AC5F0E260DEEB628D32940002B219B354486CC5BBF6390F19899EA5E145A28487029DF0517564A81FA10FA60AFA04CE77794775392829DB636E7F5EE00868D5027A6BA75CA922CEF3CA78683D14AB2E58439789033ACF441236F5E3C7849E3662B5123304F82D0061EA9C18EA1676A736FFD628AE982CCEAB8979568C43FB34207E0DEC7D8A6AA391846C910F77771ECF2D0531A234D3798BC1B1433091A895E23A77792F4BE403D526F1D260A3627F2E80E863A204A774F58D7DE2C5C4A7E463A46BC436F0B7AF07179EC334D31073BF035FD94454ECD54146473F786EA15A1CEBB3B9C0D282195AD612D33B31F5528DAB5231CB17A3DE9AB5C8BD7BF8F773C255845BC9B70A1E53A50E5AEA801FFE604A2B2C1FBE86A2A883632E7AE75ADA007FB6AB1AA529DE3151CAA8D1D07FA19EFF5679398340E720CF2CFC4E1AEDD73C44983CC8E610DD419AE2E88206573837D6E44018D9498B62F9C0B8EA7741450FC7DBFF7C546D3CBCBA5B9123577FD5531880A18F1275F9181A922803D8F03512C58B5FBBC41CE8095EDD920A3E36CEB6EDB56900E6CEC2928288909D61B3B426EBC54F0A69C261A848B358C3A8E332567B9FFC1A7A07E9414BB1F75DE0795CF87632F5D6A87A246FD4E98E70489F779FE99C5BC4DB24BFA860C3551888FC721CDBC6AB5783B02BEF893E0984B6FDB5142A1AFD3277FE8F36B87849BC00B3FB3ADAFE4EDAE4839B83894C27FEF93514D7E3FFB7A30E99C6875D96C582E81D45FB463DC37B8791FC28A759301FC2F9879960C82BC7C427382A41B9AEFAC0051A2C653E55A47B48860CDA32812A192C1508A6C012C7E4BBAB1619B7926549FD8CE27928618F035BE31D56CBC9586D88E00DA69341F6F01554E205344E49E8871CCF80F9FF5CB54479AFA66806DD02FAFEE7D43572B3AA22742635FE65BFC8004960DC679FC7F8C0E5B50B3CE1E446B7A5E189BB9AAFA06FEC472D6E67EA4905373A01A2B662F534131405FBAB9BBAE892F0C265439EA1ABC91B186B5AC1E53A0C786607B1069BC026359955CFD614D7F80DF416A08AB18991A0398A83DF3CF2D65D7C505E524B
-20150521041835 2 6 100 8191 5 D7182545CB6AFDA1CCF5BB87F606DDD1CD25D4BAF110D7CCCC0BC78929189C09DC69308FBF76A16338AB8351B974081AEFE6F68B9DD0B3F661ED84DAF8736BF328122D00A803AD05DDB334CF5C98B2670F0B2ED0E2FA602CE2F6157A2A8E649A546957CE4F723C84B6AC46D64C5B329304181F2B70F48D15181C38777F4E18BB0344F5DAE703CC3A46B670713A7B99E536D30F92D1E5E683F2C5540105F425E01234968D1A63E0220A02721183E30302F029E4D0E0664E30329B730D99D03E53D67793F31BBA6C4274FB2ACA9181655B766246C598E4CD402737B682232B8534BE43A790ED6C04EF8047E1796048099B65EF415375D87BC7A01CB6086C9E23B667D22F52F5F44D6960601C15515D14F7D6A6BF6D7F6B1D834866ADF9FCFA1CDE00EF04C05591B05D4752471F124406D034BC8E6D71E03880BD3E7A77FD22E7D90B90A491E528EDE2E4B6FCF7C638883A4CDE80AF2C839569A4FB641C7B8948200DB0F51CA9B2613966C51F026A007D0696D14A4E4897556C7BB0E60A407B7B8C57643F278A47CC8089E24D38BAC1350A0E6D19FE540A773B8E90A6312D4B038C643B03ADDC741BDD3012F7714863BB63688E6145D47A6F40D15D6485E5AC278E229EA800FE705FEBEB2183CEF7C55DB952B627D4890B45441B3D4CF03BF0D132A7042C24447518B14956C11703131981CD69D7B6BA2A9F8C62057FE3A4319D17739DE0BBDAC9600E4809CD856E5F41C580863D93C251F0A31BA1CBCCAA499FEB79184E165C436A3B2FA9791C4526B47B0D1F6FE3BDE2730421E5DCA10483D91AA873ABD1236674EBE3A0D134C685CCE9D632280AE11C0D9CF7275517C1F14BCB81F2B23860D86F5028B21DF85868972EDF70A0704B3853EB1B16970834C661BC65693D38368DDB0D6E781DD2F52AE279913304601F5709E1C4B1A12B0FFDA93369001186FE8716027667F4B816E927A9977D3030CE211F4BE8B6F48836EABF4D8457FC5CFE39DF5BE96146D3B8C5BA11C3D75D252B0C190DEA5757049DE6BA89249166D60163ADDD38EAE171B53D44E135973AA05293AA7407693AE5478F480A3BE97BACBD8C7DE6EDF39EFB8BDDF8B0A2169228FD98A863C450129C8BA561A1D0F29C4EC75060A27E028E1321BCF7ADCB34B2C2B037E2C6B705F74002E0C844092025A630CFB2105F04D40135794DDF30C7E19187AE2AB8E6296C9EACFF43279F0ABE6E1150ABC2C3C8A6C4B95A7AA18CFBF953BF7662C16A0FE26D9EE7CF62BA16AA87B06373082E7551F42B8BE57BE19A50B059DC652BA46157FB7CC29AC1BF2834E668443637F87B2B12FD338706D69935D2C6348CF72F568B89B66345BF42209AA6D898F4388A54B4CFFD735EAF987CD6B738B401A14FACDAC97F63529118ED56DFB7DAC4967FFA252D185DBC29652E3F62A45D6BF990FB354CD3703FA7
-20150521051726 2 6 100 8191 5 D7182545CB6AFDA1CCF5BB87F606DDD1CD25D4BAF110D7CCCC0BC78929189C09DC69308FBF76A16338AB8351B974081AEFE6F68B9DD0B3F661ED84DAF8736BF328122D00A803AD05DDB334CF5C98B2670F0B2ED0E2FA602CE2F6157A2A8E649A546957CE4F723C84B6AC46D64C5B329304181F2B70F48D15181C38777F4E18BB0344F5DAE703CC3A46B670713A7B99E536D30F92D1E5E683F2C5540105F425E01234968D1A63E0220A02721183E30302F029E4D0E0664E30329B730D99D03E53D67793F31BBA6C4274FB2ACA9181655B766246C598E4CD402737B682232B8534BE43A790ED6C04EF8047E1796048099B65EF415375D87BC7A01CB6086C9E23B667D22F52F5F44D6960601C15515D14F7D6A6BF6D7F6B1D834866ADF9FCFA1CDE00EF04C05591B05D4752471F124406D034BC8E6D71E03880BD3E7A77FD22E7D90B90A491E528EDE2E4B6FCF7C638883A4CDE80AF2C839569A4FB641C7B8948200DB0F51CA9B2613966C51F026A007D0696D14A4E4897556C7BB0E60A407B7B8C57643F278A47CC8089E24D38BAC1350A0E6D19FE540A773B8E90A6312D4B038C643B03ADDC741BDD3012F7714863BB63688E6145D47A6F40D15D6485E5AC278E229EA800FE705FEBEB2183CEF7C55DB952B627D4890B45441B3D4CF03BF0D132A7042C24447518B14956C11703131981CD69D7B6BA2A9F8C62057FE3A4319D17739DE0BBDAC9600E4809CD856E5F41C580863D93C251F0A31BA1CBCCAA499FEB79184E165C436A3B2FA9791C4526B47B0D1F6FE3BDE2730421E5DCA10483D91AA873ABD1236674EBE3A0D134C685CCE9D632280AE11C0D9CF7275517C1F14BCB81F2B23860D86F5028B21DF85868972EDF70A0704B3853EB1B16970834C661BC65693D38368DDB0D6E781DD2F52AE279913304601F5709E1C4B1A12B0FFDA93369001186FE8716027667F4B816E927A9977D3030CE211F4BE8B6F48836EABF4D8457FC5CFE39DF5BE96146D3B8C5BA11C3D75D252B0C190DEA5757049DE6BA89249166D60163ADDD38EAE171B53D44E135973AA05293AA7407693AE5478F480A3BE97BACBD8C7DE6EDF39EFB8BDDF8B0A2169228FD98A863C450129C8BA561A1D0F29C4EC75060A27E028E1321BCF7ADCB34B2C2B037E2C6B705F74002E0C844092025A630CFB2105F04D40135794DDF30C7E19187AE2AB8E6296C9EACFF43279F0ABE6E1150ABC2C3C8A6C4B95A7AA18CFBF953BF7662C16A0FE26D9EE7CF62BA16AA87B06373082E7551F42B8BE57BE19A50B059DC652BA46157FB7CC29AC1BF2834E668443637F87B2B12FD338706D69935D2C6348CF72F568B89B66345BF42209AA6D898F4388A54B4CFFD735EAF987CD6B738B401A14FACDAC97F63529118ED56DFB7DAC4967FFA252D185DBC29652E3F62A45D6BF990FB354CD4CEF96F
-20150521074626 2 6 100 8191 2 D7182545CB6AFDA1CCF5BB87F606DDD1CD25D4BAF110D7CCCC0BC78929189C09DC69308FBF76A16338AB8351B974081AEFE6F68B9DD0B3F661ED84DAF8736BF328122D00A803AD05DDB334CF5C98B2670F0B2ED0E2FA602CE2F6157A2A8E649A546957CE4F723C84B6AC46D64C5B329304181F2B70F48D15181C38777F4E18BB0344F5DAE703CC3A46B670713A7B99E536D30F92D1E5E683F2C5540105F425E01234968D1A63E0220A02721183E30302F029E4D0E0664E30329B730D99D03E53D67793F31BBA6C4274FB2ACA9181655B766246C598E4CD402737B682232B8534BE43A790ED6C04EF8047E1796048099B65EF415375D87BC7A01CB6086C9E23B667D22F52F5F44D6960601C15515D14F7D6A6BF6D7F6B1D834866ADF9FCFA1CDE00EF04C05591B05D4752471F124406D034BC8E6D71E03880BD3E7A77FD22E7D90B90A491E528EDE2E4B6FCF7C638883A4CDE80AF2C839569A4FB641C7B8948200DB0F51CA9B2613966C51F026A007D0696D14A4E4897556C7BB0E60A407B7B8C57643F278A47CC8089E24D38BAC1350A0E6D19FE540A773B8E90A6312D4B038C643B03ADDC741BDD3012F7714863BB63688E6145D47A6F40D15D6485E5AC278E229EA800FE705FEBEB2183CEF7C55DB952B627D4890B45441B3D4CF03BF0D132A7042C24447518B14956C11703131981CD69D7B6BA2A9F8C62057FE3A4319D17739DE0BBDAC9600E4809CD856E5F41C580863D93C251F0A31BA1CBCCAA499FEB79184E165C436A3B2FA9791C4526B47B0D1F6FE3BDE2730421E5DCA10483D91AA873ABD1236674EBE3A0D134C685CCE9D632280AE11C0D9CF7275517C1F14BCB81F2B23860D86F5028B21DF85868972EDF70A0704B3853EB1B16970834C661BC65693D38368DDB0D6E781DD2F52AE279913304601F5709E1C4B1A12B0FFDA93369001186FE8716027667F4B816E927A9977D3030CE211F4BE8B6F48836EABF4D8457FC5CFE39DF5BE96146D3B8C5BA11C3D75D252B0C190DEA5757049DE6BA89249166D60163ADDD38EAE171B53D44E135973AA05293AA7407693AE5478F480A3BE97BACBD8C7DE6EDF39EFB8BDDF8B0A2169228FD98A863C450129C8BA561A1D0F29C4EC75060A27E028E1321BCF7ADCB34B2C2B037E2C6B705F74002E0C844092025A630CFB2105F04D40135794DDF30C7E19187AE2AB8E6296C9EACFF43279F0ABE6E1150ABC2C3C8A6C4B95A7AA18CFBF953BF7662C16A0FE26D9EE7CF62BA16AA87B06373082E7551F42B8BE57BE19A50B059DC652BA46157FB7CC29AC1BF2834E668443637F87B2B12FD338706D69935D2C6348CF72F568B89B66345BF42209AA6D898F4388A54B4CFFD735EAF987CD6B738B401A14FACDAC97F63529118ED56DFB7DAC4967FFA252D185DBC29652E3F62A45D6BF990FB354CD86439C3
-20150521082439 2 6 100 8191 2 D7182545CB6AFDA1CCF5BB87F606DDD1CD25D4BAF110D7CCCC0BC78929189C09DC69308FBF76A16338AB8351B974081AEFE6F68B9DD0B3F661ED84DAF8736BF328122D00A803AD05DDB334CF5C98B2670F0B2ED0E2FA602CE2F6157A2A8E649A546957CE4F723C84B6AC46D64C5B329304181F2B70F48D15181C38777F4E18BB0344F5DAE703CC3A46B670713A7B99E536D30F92D1E5E683F2C5540105F425E01234968D1A63E0220A02721183E30302F029E4D0E0664E30329B730D99D03E53D67793F31BBA6C4274FB2ACA9181655B766246C598E4CD402737B682232B8534BE43A790ED6C04EF8047E1796048099B65EF415375D87BC7A01CB6086C9E23B667D22F52F5F44D6960601C15515D14F7D6A6BF6D7F6B1D834866ADF9FCFA1CDE00EF04C05591B05D4752471F124406D034BC8E6D71E03880BD3E7A77FD22E7D90B90A491E528EDE2E4B6FCF7C638883A4CDE80AF2C839569A4FB641C7B8948200DB0F51CA9B2613966C51F026A007D0696D14A4E4897556C7BB0E60A407B7B8C57643F278A47CC8089E24D38BAC1350A0E6D19FE540A773B8E90A6312D4B038C643B03ADDC741BDD3012F7714863BB63688E6145D47A6F40D15D6485E5AC278E229EA800FE705FEBEB2183CEF7C55DB952B627D4890B45441B3D4CF03BF0D132A7042C24447518B14956C11703131981CD69D7B6BA2A9F8C62057FE3A4319D17739DE0BBDAC9600E4809CD856E5F41C580863D93C251F0A31BA1CBCCAA499FEB79184E165C436A3B2FA9791C4526B47B0D1F6FE3BDE2730421E5DCA10483D91AA873ABD1236674EBE3A0D134C685CCE9D632280AE11C0D9CF7275517C1F14BCB81F2B23860D86F5028B21DF85868972EDF70A0704B3853EB1B16970834C661BC65693D38368DDB0D6E781DD2F52AE279913304601F5709E1C4B1A12B0FFDA93369001186FE8716027667F4B816E927A9977D3030CE211F4BE8B6F48836EABF4D8457FC5CFE39DF5BE96146D3B8C5BA11C3D75D252B0C190DEA5757049DE6BA89249166D60163ADDD38EAE171B53D44E135973AA05293AA7407693AE5478F480A3BE97BACBD8C7DE6EDF39EFB8BDDF8B0A2169228FD98A863C450129C8BA561A1D0F29C4EC75060A27E028E1321BCF7ADCB34B2C2B037E2C6B705F74002E0C844092025A630CFB2105F04D40135794DDF30C7E19187AE2AB8E6296C9EACFF43279F0ABE6E1150ABC2C3C8A6C4B95A7AA18CFBF953BF7662C16A0FE26D9EE7CF62BA16AA87B06373082E7551F42B8BE57BE19A50B059DC652BA46157FB7CC29AC1BF2834E668443637F87B2B12FD338706D69935D2C6348CF72F568B89B66345BF42209AA6D898F4388A54B4CFFD735EAF987CD6B738B401A14FACDAC97F63529118ED56DFB7DAC4967FFA252D185DBC29652E3F62A45D6BF990FB354CD947F7F3
-20150521012012 2 6 100 8191 2 D7182545CB6AFDA1CCF5BB87F606DDD1CD25D4BAF110D7CCCC0BC78929189C09DC69308FBF76A16338AB8351B974081AEFE6F68B9DD0B3F661ED84DAF8736BF328122D00A803AD05DDB334CF5C98B2670F0B2ED0E2FA602CE2F6157A2A8E649A546957CE4F723C84B6AC46D64C5B329304181F2B70F48D15181C38777F4E18BB0344F5DAE703CC3A46B670713A7B99E536D30F92D1E5E683F2C5540105F425E01234968D1A63E0220A02721183E30302F029E4D0E0664E30329B730D99D03E53D67793F31BBA6C4274FB2ACA9181655B766246C598E4CD402737B682232B8534BE43A790ED6C04EF8047E1796048099B65EF415375D87BC7A01CB6086C9E23B667D22F52F5F44D6960601C15515D14F7D6A6BF6D7F6B1D834866ADF9FCFA1CDE00EF04C05591B05D4752471F124406D034BC8E6D71E03880BD3E7A77FD22E7D90B90A491E528EDE2E4B6FCF7C638883A4CDE80AF2C839569A4FB641C7B8948200DB0F51CA9B2613966C51F026A007D0696D14A4E4897556C7BB0E60A407B7B8C57643F278A47CC8089E24D38BAC1350A0E6D19FE540A773B8E90A6312D4B038C643B03ADDC741BDD3012F7714863BB63688E6145D47A6F40D15D6485E5AC278E229EA800FE705FEBEB2183CEF7C55DB952B627D4890B45441B3D4CF03BF0D132A7042C24447518B14956C11703131981CD69D7B6BA2A9F8C62057FE3A4319D17739DE0BBDAC9600E4809CD856E5F41C580863D93C251F0A31BA1CBCCAA499FEB79184E165C436A3B2FA9791C4526B47B0D1F6FE3BDE2730421E5DCA10483D91AA873ABD1236674EBE3A0D134C685CCE9D632280AE11C0D9CF7275517C1F14BCB81F2B23860D86F5028B21DF85868972EDF70A0704B3853EB1B16970834C661BC65693D38368DDB0D6E781DD2F52AE279913304601F5709E1C4B1A12B0FFDA93369001186FE8716027667F4B816E927A9977D3030CE211F4BE8B6F48836EABF4D8457FC5CFE39DF5BE96146D3B8C5BA11C3D75D252B0C190DEA5757049DE6BA89249166D60163ADDD38EAE171B53D44E135973AA05293AA7407693AE5478F480A3BE97BACBD8C7DE6EDF39EFB8BDDF8B0A2169228FD98A863C450129C8BA561A1D0F29C4EC75060A27E028E1321BCF7ADCB34B2C2B037E2C6B705F74002E0C844092025A630CFB2105F04D40135794DDF30C7E19187AE2AB8E6296C9EACFF43279F0ABE6E1150ABC2C3C8A6C4B95A7AA18CFBF953BF7662C16A0FE26D9EE7CF62BA16AA87B06373082E7551F42B8BE57BE19A50B059DC652BA46157FB7CC29AC1BF2834E668443637F87B2B12FD338706D69935D2C6348CF72F568B89B66345BF42209AA6D898F4388A54B4CFFD735EAF987CD6B738B401A14FACDAC97F63529118ED56DFB7DAC4967FFA252D185DBC29652E3F62A45D6BF990FB354CE0694343
-20150521073153 2 6 100 8191 5 D7182545CB6AFDA1CCF5BB87F606DDD1CD25D4BAF110D7CCCC0BC78929189C09DC69308FBF76A16338AB8351B974081AEFE6F68B9DD0B3F661ED84DAF8736BF328122D00A803AD05DDB334CF5C98B2670F0B2ED0E2FA602CE2F6157A2A8E649A546957CE4F723C84B6AC46D64C5B329304181F2B70F48D15181C38777F4E18BB0344F5DAE703CC3A46B670713A7B99E536D30F92D1E5E683F2C5540105F425E01234968D1A63E0220A02721183E30302F029E4D0E0664E30329B730D99D03E53D67793F31BBA6C4274FB2ACA9181655B766246C598E4CD402737B682232B8534BE43A790ED6C04EF8047E1796048099B65EF415375D87BC7A01CB6086C9E23B667D22F52F5F44D6960601C15515D14F7D6A6BF6D7F6B1D834866ADF9FCFA1CDE00EF04C05591B05D4752471F124406D034BC8E6D71E03880BD3E7A77FD22E7D90B90A491E528EDE2E4B6FCF7C638883A4CDE80AF2C839569A4FB641C7B8948200DB0F51CA9B2613966C51F026A007D0696D14A4E4897556C7BB0E60A407B7B8C57643F278A47CC8089E24D38BAC1350A0E6D19FE540A773B8E90A6312D4B038C643B03ADDC741BDD3012F7714863BB63688E6145D47A6F40D15D6485E5AC278E229EA800FE705FEBEB2183CEF7C55DB952B627D4890B45441B3D4CF03BF0D132A7042C24447518B14956C11703131981CD69D7B6BA2A9F8C62057FE3A4319D17739DE0BBDAC9600E4809CD856E5F41C580863D93C251F0A31BA1CBCCAA499FEB79184E165C436A3B2FA9791C4526B47B0D1F6FE3BDE2730421E5DCA10483D91AA873ABD1236674EBE3A0D134C685CCE9D632280AE11C0D9CF7275517C1F14BCB81F2B23860D86F5028B21DF85868972EDF70A0704B3853EB1B16970834C661BC65693D38368DDB0D6E781DD2F52AE279913304601F5709E1C4B1A12B0FFDA93369001186FE8716027667F4B816E927A9977D3030CE211F4BE8B6F48836EABF4D8457FC5CFE39DF5BE96146D3B8C5BA11C3D75D252B0C190DEA5757049DE6BA89249166D60163ADDD38EAE171B53D44E135973AA05293AA7407693AE5478F480A3BE97BACBD8C7DE6EDF39EFB8BDDF8B0A2169228FD98A863C450129C8BA561A1D0F29C4EC75060A27E028E1321BCF7ADCB34B2C2B037E2C6B705F74002E0C844092025A630CFB2105F04D40135794DDF30C7E19187AE2AB8E6296C9EACFF43279F0ABE6E1150ABC2C3C8A6C4B95A7AA18CFBF953BF7662C16A0FE26D9EE7CF62BA16AA87B06373082E7551F42B8BE57BE19A50B059DC652BA46157FB7CC29AC1BF2834E668443637F87B2B12FD338706D69935D2C6348CF72F568B89B66345BF42209AA6D898F4388A54B4CFFD735EAF987CD6B738B401A14FACDAC97F63529118ED56DFB7DAC4967FFA252D185DBC29652E3F62A45D6BF990FB354CE93D436F
-20150521094433 2 6 100 8191 2 D7182545CB6AFDA1CCF5BB87F606DDD1CD25D4BAF110D7CCCC0BC78929189C09DC69308FBF76A16338AB8351B974081AEFE6F68B9DD0B3F661ED84DAF8736BF328122D00A803AD05DDB334CF5C98B2670F0B2ED0E2FA602CE2F6157A2A8E649A546957CE4F723C84B6AC46D64C5B329304181F2B70F48D15181C38777F4E18BB0344F5DAE703CC3A46B670713A7B99E536D30F92D1E5E683F2C5540105F425E01234968D1A63E0220A02721183E30302F029E4D0E0664E30329B730D99D03E53D67793F31BBA6C4274FB2ACA9181655B766246C598E4CD402737B682232B8534BE43A790ED6C04EF8047E1796048099B65EF415375D87BC7A01CB6086C9E23B667D22F52F5F44D6960601C15515D14F7D6A6BF6D7F6B1D834866ADF9FCFA1CDE00EF04C05591B05D4752471F124406D034BC8E6D71E03880BD3E7A77FD22E7D90B90A491E528EDE2E4B6FCF7C638883A4CDE80AF2C839569A4FB641C7B8948200DB0F51CA9B2613966C51F026A007D0696D14A4E4897556C7BB0E60A407B7B8C57643F278A47CC8089E24D38BAC1350A0E6D19FE540A773B8E90A6312D4B038C643B03ADDC741BDD3012F7714863BB63688E6145D47A6F40D15D6485E5AC278E229EA800FE705FEBEB2183CEF7C55DB952B627D4890B45441B3D4CF03BF0D132A7042C24447518B14956C11703131981CD69D7B6BA2A9F8C62057FE3A4319D17739DE0BBDAC9600E4809CD856E5F41C580863D93C251F0A31BA1CBCCAA499FEB79184E165C436A3B2FA9791C4526B47B0D1F6FE3BDE2730421E5DCA10483D91AA873ABD1236674EBE3A0D134C685CCE9D632280AE11C0D9CF7275517C1F14BCB81F2B23860D86F5028B21DF85868972EDF70A0704B3853EB1B16970834C661BC65693D38368DDB0D6E781DD2F52AE279913304601F5709E1C4B1A12B0FFDA93369001186FE8716027667F4B816E927A9977D3030CE211F4BE8B6F48836EABF4D8457FC5CFE39DF5BE96146D3B8C5BA11C3D75D252B0C190DEA5757049DE6BA89249166D60163ADDD38EAE171B53D44E135973AA05293AA7407693AE5478F480A3BE97BACBD8C7DE6EDF39EFB8BDDF8B0A2169228FD98A863C450129C8BA561A1D0F29C4EC75060A27E028E1321BCF7ADCB34B2C2B037E2C6B705F74002E0C844092025A630CFB2105F04D40135794DDF30C7E19187AE2AB8E6296C9EACFF43279F0ABE6E1150ABC2C3C8A6C4B95A7AA18CFBF953BF7662C16A0FE26D9EE7CF62BA16AA87B06373082E7551F42B8BE57BE19A50B059DC652BA46157FB7CC29AC1BF2834E668443637F87B2B12FD338706D69935D2C6348CF72F568B89B66345BF42209AA6D898F4388A54B4CFFD735EAF987CD6B738B401A14FACDAC97F63529118ED56DFB7DAC4967FFA252D185DBC29652E3F62A45D6BF990FB354CEC4EE993
-20150521074128 2 6 100 8191 2 D7182545CB6AFDA1CCF5BB87F606DDD1CD25D4BAF110D7CCCC0BC78929189C09DC69308FBF76A16338AB8351B974081AEFE6F68B9DD0B3F661ED84DAF8736BF328122D00A803AD05DDB334CF5C98B2670F0B2ED0E2FA602CE2F6157A2A8E649A546957CE4F723C84B6AC46D64C5B329304181F2B70F48D15181C38777F4E18BB0344F5DAE703CC3A46B670713A7B99E536D30F92D1E5E683F2C5540105F425E01234968D1A63E0220A02721183E30302F029E4D0E0664E30329B730D99D03E53D67793F31BBA6C4274FB2ACA9181655B766246C598E4CD402737B682232B8534BE43A790ED6C04EF8047E1796048099B65EF415375D87BC7A01CB6086C9E23B667D22F52F5F44D6960601C15515D14F7D6A6BF6D7F6B1D834866ADF9FCFA1CDE00EF04C05591B05D4752471F124406D034BC8E6D71E03880BD3E7A77FD22E7D90B90A491E528EDE2E4B6FCF7C638883A4CDE80AF2C839569A4FB641C7B8948200DB0F51CA9B2613966C51F026A007D0696D14A4E4897556C7BB0E60A407B7B8C57643F278A47CC8089E24D38BAC1350A0E6D19FE540A773B8E90A6312D4B038C643B03ADDC741BDD3012F7714863BB63688E6145D47A6F40D15D6485E5AC278E229EA800FE705FEBEB2183CEF7C55DB952B627D4890B45441B3D4CF03BF0D132A7042C24447518B14956C11703131981CD69D7B6BA2A9F8C62057FE3A4319D17739DE0BBDAC9600E4809CD856E5F41C580863D93C251F0A31BA1CBCCAA499FEB79184E165C436A3B2FA9791C4526B47B0D1F6FE3BDE2730421E5DCA10483D91AA873ABD1236674EBE3A0D134C685CCE9D632280AE11C0D9CF7275517C1F14BCB81F2B23860D86F5028B21DF85868972EDF70A0704B3853EB1B16970834C661BC65693D38368DDB0D6E781DD2F52AE279913304601F5709E1C4B1A12B0FFDA93369001186FE8716027667F4B816E927A9977D3030CE211F4BE8B6F48836EABF4D8457FC5CFE39DF5BE96146D3B8C5BA11C3D75D252B0C190DEA5757049DE6BA89249166D60163ADDD38EAE171B53D44E135973AA05293AA7407693AE5478F480A3BE97BACBD8C7DE6EDF39EFB8BDDF8B0A2169228FD98A863C450129C8BA561A1D0F29C4EC75060A27E028E1321BCF7ADCB34B2C2B037E2C6B705F74002E0C844092025A630CFB2105F04D40135794DDF30C7E19187AE2AB8E6296C9EACFF43279F0ABE6E1150ABC2C3C8A6C4B95A7AA18CFBF953BF7662C16A0FE26D9EE7CF62BA16AA87B06373082E7551F42B8BE57BE19A50B059DC652BA46157FB7CC29AC1BF2834E668443637F87B2B12FD338706D69935D2C6348CF72F568B89B66345BF42209AA6D898F4388A54B4CFFD735EAF987CD6B738B401A14FACDAC97F63529118ED56DFB7DAC4967FFA252D185DBC29652E3F62A45D6BF990FB354CFA190CE3
-20150521014004 2 6 100 8191 5 D7182545CB6AFDA1CCF5BB87F606DDD1CD25D4BAF110D7CCCC0BC78929189C09DC69308FBF76A16338AB8351B974081AEFE6F68B9DD0B3F661ED84DAF8736BF328122D00A803AD05DDB334CF5C98B2670F0B2ED0E2FA602CE2F6157A2A8E649A546957CE4F723C84B6AC46D64C5B329304181F2B70F48D15181C38777F4E18BB0344F5DAE703CC3A46B670713A7B99E536D30F92D1E5E683F2C5540105F425E01234968D1A63E0220A02721183E30302F029E4D0E0664E30329B730D99D03E53D67793F31BBA6C4274FB2ACA9181655B766246C598E4CD402737B682232B8534BE43A790ED6C04EF8047E1796048099B65EF415375D87BC7A01CB6086C9E23B667D22F52F5F44D6960601C15515D14F7D6A6BF6D7F6B1D834866ADF9FCFA1CDE00EF04C05591B05D4752471F124406D034BC8E6D71E03880BD3E7A77FD22E7D90B90A491E528EDE2E4B6FCF7C638883A4CDE80AF2C839569A4FB641C7B8948200DB0F51CA9B2613966C51F026A007D0696D14A4E4897556C7BB0E60A407B7B8C57643F278A47CC8089E24D38BAC1350A0E6D19FE540A773B8E90A6312D4B038C643B03ADDC741BDD3012F7714863BB63688E6145D47A6F40D15D6485E5AC278E229EA800FE705FEBEB2183CEF7C55DB952B627D4890B45441B3D4CF03BF0D132A7042C24447518B14956C11703131981CD69D7B6BA2A9F8C62057FE3A4319D17739DE0BBDAC9600E4809CD856E5F41C580863D93C251F0A31BA1CBCCAA499FEB79184E165C436A3B2FA9791C4526B47B0D1F6FE3BDE2730421E5DCA10483D91AA873ABD1236674EBE3A0D134C685CCE9D632280AE11C0D9CF7275517C1F14BCB81F2B23860D86F5028B21DF85868972EDF70A0704B3853EB1B16970834C661BC65693D38368DDB0D6E781DD2F52AE279913304601F5709E1C4B1A12B0FFDA93369001186FE8716027667F4B816E927A9977D3030CE211F4BE8B6F48836EABF4D8457FC5CFE39DF5BE96146D3B8C5BA11C3D75D252B0C190DEA5757049DE6BA89249166D60163ADDD38EAE171B53D44E135973AA05293AA7407693AE5478F480A3BE97BACBD8C7DE6EDF39EFB8BDDF8B0A2169228FD98A863C450129C8BA561A1D0F29C4EC75060A27E028E1321BCF7ADCB34B2C2B037E2C6B705F74002E0C844092025A630CFB2105F04D40135794DDF30C7E19187AE2AB8E6296C9EACFF43279F0ABE6E1150ABC2C3C8A6C4B95A7AA18CFBF953BF7662C16A0FE26D9EE7CF62BA16AA87B06373082E7551F42B8BE57BE19A50B059DC652BA46157FB7CC29AC1BF2834E668443637F87B2B12FD338706D69935D2C6348CF72F568B89B66345BF42209AA6D898F4388A54B4CFFD735EAF987CD6B738B401A14FACDAC97F63529118ED56DFB7DAC4967FFA252D185DBC29652E3F62A45D6BF990FB354D0235296F
-20150521014736 2 6 100 8191 2 D7182545CB6AFDA1CCF5BB87F606DDD1CD25D4BAF110D7CCCC0BC78929189C09DC69308FBF76A16338AB8351B974081AEFE6F68B9DD0B3F661ED84DAF8736BF328122D00A803AD05DDB334CF5C98B2670F0B2ED0E2FA602CE2F6157A2A8E649A546957CE4F723C84B6AC46D64C5B329304181F2B70F48D15181C38777F4E18BB0344F5DAE703CC3A46B670713A7B99E536D30F92D1E5E683F2C5540105F425E01234968D1A63E0220A02721183E30302F029E4D0E0664E30329B730D99D03E53D67793F31BBA6C4274FB2ACA9181655B766246C598E4CD402737B682232B8534BE43A790ED6C04EF8047E1796048099B65EF415375D87BC7A01CB6086C9E23B667D22F52F5F44D6960601C15515D14F7D6A6BF6D7F6B1D834866ADF9FCFA1CDE00EF04C05591B05D4752471F124406D034BC8E6D71E03880BD3E7A77FD22E7D90B90A491E528EDE2E4B6FCF7C638883A4CDE80AF2C839569A4FB641C7B8948200DB0F51CA9B2613966C51F026A007D0696D14A4E4897556C7BB0E60A407B7B8C57643F278A47CC8089E24D38BAC1350A0E6D19FE540A773B8E90A6312D4B038C643B03ADDC741BDD3012F7714863BB63688E6145D47A6F40D15D6485E5AC278E229EA800FE705FEBEB2183CEF7C55DB952B627D4890B45441B3D4CF03BF0D132A7042C24447518B14956C11703131981CD69D7B6BA2A9F8C62057FE3A4319D17739DE0BBDAC9600E4809CD856E5F41C580863D93C251F0A31BA1CBCCAA499FEB79184E165C436A3B2FA9791C4526B47B0D1F6FE3BDE2730421E5DCA10483D91AA873ABD1236674EBE3A0D134C685CCE9D632280AE11C0D9CF7275517C1F14BCB81F2B23860D86F5028B21DF85868972EDF70A0704B3853EB1B16970834C661BC65693D38368DDB0D6E781DD2F52AE279913304601F5709E1C4B1A12B0FFDA93369001186FE8716027667F4B816E927A9977D3030CE211F4BE8B6F48836EABF4D8457FC5CFE39DF5BE96146D3B8C5BA11C3D75D252B0C190DEA5757049DE6BA89249166D60163ADDD38EAE171B53D44E135973AA05293AA7407693AE5478F480A3BE97BACBD8C7DE6EDF39EFB8BDDF8B0A2169228FD98A863C450129C8BA561A1D0F29C4EC75060A27E028E1321BCF7ADCB34B2C2B037E2C6B705F74002E0C844092025A630CFB2105F04D40135794DDF30C7E19187AE2AB8E6296C9EACFF43279F0ABE6E1150ABC2C3C8A6C4B95A7AA18CFBF953BF7662C16A0FE26D9EE7CF62BA16AA87B06373082E7551F42B8BE57BE19A50B059DC652BA46157FB7CC29AC1BF2834E668443637F87B2B12FD338706D69935D2C6348CF72F568B89B66345BF42209AA6D898F4388A54B4CFFD735EAF987CD6B738B401A14FACDAC97F63529118ED56DFB7DAC4967FFA252D185DBC29652E3F62A45D6BF990FB354D025961EB
-20150521065737 2 6 100 8191 5 D7182545CB6AFDA1CCF5BB87F606DDD1CD25D4BAF110D7CCCC0BC78929189C09DC69308FBF76A16338AB8351B974081AEFE6F68B9DD0B3F661ED84DAF8736BF328122D00A803AD05DDB334CF5C98B2670F0B2ED0E2FA602CE2F6157A2A8E649A546957CE4F723C84B6AC46D64C5B329304181F2B70F48D15181C38777F4E18BB0344F5DAE703CC3A46B670713A7B99E536D30F92D1E5E683F2C5540105F425E01234968D1A63E0220A02721183E30302F029E4D0E0664E30329B730D99D03E53D67793F31BBA6C4274FB2ACA9181655B766246C598E4CD402737B682232B8534BE43A790ED6C04EF8047E1796048099B65EF415375D87BC7A01CB6086C9E23B667D22F52F5F44D6960601C15515D14F7D6A6BF6D7F6B1D834866ADF9FCFA1CDE00EF04C05591B05D4752471F124406D034BC8E6D71E03880BD3E7A77FD22E7D90B90A491E528EDE2E4B6FCF7C638883A4CDE80AF2C839569A4FB641C7B8948200DB0F51CA9B2613966C51F026A007D0696D14A4E4897556C7BB0E60A407B7B8C57643F278A47CC8089E24D38BAC1350A0E6D19FE540A773B8E90A6312D4B038C643B03ADDC741BDD3012F7714863BB63688E6145D47A6F40D15D6485E5AC278E229EA800FE705FEBEB2183CEF7C55DB952B627D4890B45441B3D4CF03BF0D132A7042C24447518B14956C11703131981CD69D7B6BA2A9F8C62057FE3A4319D17739DE0BBDAC9600E4809CD856E5F41C580863D93C251F0A31BA1CBCCAA499FEB79184E165C436A3B2FA9791C4526B47B0D1F6FE3BDE2730421E5DCA10483D91AA873ABD1236674EBE3A0D134C685CCE9D632280AE11C0D9CF7275517C1F14BCB81F2B23860D86F5028B21DF85868972EDF70A0704B3853EB1B16970834C661BC65693D38368DDB0D6E781DD2F52AE279913304601F5709E1C4B1A12B0FFDA93369001186FE8716027667F4B816E927A9977D3030CE211F4BE8B6F48836EABF4D8457FC5CFE39DF5BE96146D3B8C5BA11C3D75D252B0C190DEA5757049DE6BA89249166D60163ADDD38EAE171B53D44E135973AA05293AA7407693AE5478F480A3BE97BACBD8C7DE6EDF39EFB8BDDF8B0A2169228FD98A863C450129C8BA561A1D0F29C4EC75060A27E028E1321BCF7ADCB34B2C2B037E2C6B705F74002E0C844092025A630CFB2105F04D40135794DDF30C7E19187AE2AB8E6296C9EACFF43279F0ABE6E1150ABC2C3C8A6C4B95A7AA18CFBF953BF7662C16A0FE26D9EE7CF62BA16AA87B06373082E7551F42B8BE57BE19A50B059DC652BA46157FB7CC29AC1BF2834E668443637F87B2B12FD338706D69935D2C6348CF72F568B89B66345BF42209AA6D898F4388A54B4CFFD735EAF987CD6B738B401A14FACDAC97F63529118ED56DFB7DAC4967FFA252D185DBC29652E3F62A45D6BF990FB354D0961218F
-20150521043653 2 6 100 8191 5 D7182545CB6AFDA1CCF5BB87F606DDD1CD25D4BAF110D7CCCC0BC78929189C09DC69308FBF76A16338AB8351B974081AEFE6F68B9DD0B3F661ED84DAF8736BF328122D00A803AD05DDB334CF5C98B2670F0B2ED0E2FA602CE2F6157A2A8E649A546957CE4F723C84B6AC46D64C5B329304181F2B70F48D15181C38777F4E18BB0344F5DAE703CC3A46B670713A7B99E536D30F92D1E5E683F2C5540105F425E01234968D1A63E0220A02721183E30302F029E4D0E0664E30329B730D99D03E53D67793F31BBA6C4274FB2ACA9181655B766246C598E4CD402737B682232B8534BE43A790ED6C04EF8047E1796048099B65EF415375D87BC7A01CB6086C9E23B667D22F52F5F44D6960601C15515D14F7D6A6BF6D7F6B1D834866ADF9FCFA1CDE00EF04C05591B05D4752471F124406D034BC8E6D71E03880BD3E7A77FD22E7D90B90A491E528EDE2E4B6FCF7C638883A4CDE80AF2C839569A4FB641C7B8948200DB0F51CA9B2613966C51F026A007D0696D14A4E4897556C7BB0E60A407B7B8C57643F278A47CC8089E24D38BAC1350A0E6D19FE540A773B8E90A6312D4B038C643B03ADDC741BDD3012F7714863BB63688E6145D47A6F40D15D6485E5AC278E229EA800FE705FEBEB2183CEF7C55DB952B627D4890B45441B3D4CF03BF0D132A7042C24447518B14956C11703131981CD69D7B6BA2A9F8C62057FE3A4319D17739DE0BBDAC9600E4809CD856E5F41C580863D93C251F0A31BA1CBCCAA499FEB79184E165C436A3B2FA9791C4526B47B0D1F6FE3BDE2730421E5DCA10483D91AA873ABD1236674EBE3A0D134C685CCE9D632280AE11C0D9CF7275517C1F14BCB81F2B23860D86F5028B21DF85868972EDF70A0704B3853EB1B16970834C661BC65693D38368DDB0D6E781DD2F52AE279913304601F5709E1C4B1A12B0FFDA93369001186FE8716027667F4B816E927A9977D3030CE211F4BE8B6F48836EABF4D8457FC5CFE39DF5BE96146D3B8C5BA11C3D75D252B0C190DEA5757049DE6BA89249166D60163ADDD38EAE171B53D44E135973AA05293AA7407693AE5478F480A3BE97BACBD8C7DE6EDF39EFB8BDDF8B0A2169228FD98A863C450129C8BA561A1D0F29C4EC75060A27E028E1321BCF7ADCB34B2C2B037E2C6B705F74002E0C844092025A630CFB2105F04D40135794DDF30C7E19187AE2AB8E6296C9EACFF43279F0ABE6E1150ABC2C3C8A6C4B95A7AA18CFBF953BF7662C16A0FE26D9EE7CF62BA16AA87B06373082E7551F42B8BE57BE19A50B059DC652BA46157FB7CC29AC1BF2834E668443637F87B2B12FD338706D69935D2C6348CF72F568B89B66345BF42209AA6D898F4388A54B4CFFD735EAF987CD6B738B401A14FACDAC97F63529118ED56DFB7DAC4967FFA252D185DBC29652E3F62A45D6BF990FB354D163706C7
-20150521085322 2 6 100 8191 5 D7182545CB6AFDA1CCF5BB87F606DDD1CD25D4BAF110D7CCCC0BC78929189C09DC69308FBF76A16338AB8351B974081AEFE6F68B9DD0B3F661ED84DAF8736BF328122D00A803AD05DDB334CF5C98B2670F0B2ED0E2FA602CE2F6157A2A8E649A546957CE4F723C84B6AC46D64C5B329304181F2B70F48D15181C38777F4E18BB0344F5DAE703CC3A46B670713A7B99E536D30F92D1E5E683F2C5540105F425E01234968D1A63E0220A02721183E30302F029E4D0E0664E30329B730D99D03E53D67793F31BBA6C4274FB2ACA9181655B766246C598E4CD402737B682232B8534BE43A790ED6C04EF8047E1796048099B65EF415375D87BC7A01CB6086C9E23B667D22F52F5F44D6960601C15515D14F7D6A6BF6D7F6B1D834866ADF9FCFA1CDE00EF04C05591B05D4752471F124406D034BC8E6D71E03880BD3E7A77FD22E7D90B90A491E528EDE2E4B6FCF7C638883A4CDE80AF2C839569A4FB641C7B8948200DB0F51CA9B2613966C51F026A007D0696D14A4E4897556C7BB0E60A407B7B8C57643F278A47CC8089E24D38BAC1350A0E6D19FE540A773B8E90A6312D4B038C643B03ADDC741BDD3012F7714863BB63688E6145D47A6F40D15D6485E5AC278E229EA800FE705FEBEB2183CEF7C55DB952B627D4890B45441B3D4CF03BF0D132A7042C24447518B14956C11703131981CD69D7B6BA2A9F8C62057FE3A4319D17739DE0BBDAC9600E4809CD856E5F41C580863D93C251F0A31BA1CBCCAA499FEB79184E165C436A3B2FA9791C4526B47B0D1F6FE3BDE2730421E5DCA10483D91AA873ABD1236674EBE3A0D134C685CCE9D632280AE11C0D9CF7275517C1F14BCB81F2B23860D86F5028B21DF85868972EDF70A0704B3853EB1B16970834C661BC65693D38368DDB0D6E781DD2F52AE279913304601F5709E1C4B1A12B0FFDA93369001186FE8716027667F4B816E927A9977D3030CE211F4BE8B6F48836EABF4D8457FC5CFE39DF5BE96146D3B8C5BA11C3D75D252B0C190DEA5757049DE6BA89249166D60163ADDD38EAE171B53D44E135973AA05293AA7407693AE5478F480A3BE97BACBD8C7DE6EDF39EFB8BDDF8B0A2169228FD98A863C450129C8BA561A1D0F29C4EC75060A27E028E1321BCF7ADCB34B2C2B037E2C6B705F74002E0C844092025A630CFB2105F04D40135794DDF30C7E19187AE2AB8E6296C9EACFF43279F0ABE6E1150ABC2C3C8A6C4B95A7AA18CFBF953BF7662C16A0FE26D9EE7CF62BA16AA87B06373082E7551F42B8BE57BE19A50B059DC652BA46157FB7CC29AC1BF2834E668443637F87B2B12FD338706D69935D2C6348CF72F568B89B66345BF42209AA6D898F4388A54B4CFFD735EAF987CD6B738B401A14FACDAC97F63529118ED56DFB7DAC4967FFA252D185DBC29652E3F62A45D6BF990FB354D1BC6858F
-20150521093922 2 6 100 8191 2 D7182545CB6AFDA1CCF5BB87F606DDD1CD25D4BAF110D7CCCC0BC78929189C09DC69308FBF76A16338AB8351B974081AEFE6F68B9DD0B3F661ED84DAF8736BF328122D00A803AD05DDB334CF5C98B2670F0B2ED0E2FA602CE2F6157A2A8E649A546957CE4F723C84B6AC46D64C5B329304181F2B70F48D15181C38777F4E18BB0344F5DAE703CC3A46B670713A7B99E536D30F92D1E5E683F2C5540105F425E01234968D1A63E0220A02721183E30302F029E4D0E0664E30329B730D99D03E53D67793F31BBA6C4274FB2ACA9181655B766246C598E4CD402737B682232B8534BE43A790ED6C04EF8047E1796048099B65EF415375D87BC7A01CB6086C9E23B667D22F52F5F44D6960601C15515D14F7D6A6BF6D7F6B1D834866ADF9FCFA1CDE00EF04C05591B05D4752471F124406D034BC8E6D71E03880BD3E7A77FD22E7D90B90A491E528EDE2E4B6FCF7C638883A4CDE80AF2C839569A4FB641C7B8948200DB0F51CA9B2613966C51F026A007D0696D14A4E4897556C7BB0E60A407B7B8C57643F278A47CC8089E24D38BAC1350A0E6D19FE540A773B8E90A6312D4B038C643B03ADDC741BDD3012F7714863BB63688E6145D47A6F40D15D6485E5AC278E229EA800FE705FEBEB2183CEF7C55DB952B627D4890B45441B3D4CF03BF0D132A7042C24447518B14956C11703131981CD69D7B6BA2A9F8C62057FE3A4319D17739DE0BBDAC9600E4809CD856E5F41C580863D93C251F0A31BA1CBCCAA499FEB79184E165C436A3B2FA9791C4526B47B0D1F6FE3BDE2730421E5DCA10483D91AA873ABD1236674EBE3A0D134C685CCE9D632280AE11C0D9CF7275517C1F14BCB81F2B23860D86F5028B21DF85868972EDF70A0704B3853EB1B16970834C661BC65693D38368DDB0D6E781DD2F52AE279913304601F5709E1C4B1A12B0FFDA93369001186FE8716027667F4B816E927A9977D3030CE211F4BE8B6F48836EABF4D8457FC5CFE39DF5BE96146D3B8C5BA11C3D75D252B0C190DEA5757049DE6BA89249166D60163ADDD38EAE171B53D44E135973AA05293AA7407693AE5478F480A3BE97BACBD8C7DE6EDF39EFB8BDDF8B0A2169228FD98A863C450129C8BA561A1D0F29C4EC75060A27E028E1321BCF7ADCB34B2C2B037E2C6B705F74002E0C844092025A630CFB2105F04D40135794DDF30C7E19187AE2AB8E6296C9EACFF43279F0ABE6E1150ABC2C3C8A6C4B95A7AA18CFBF953BF7662C16A0FE26D9EE7CF62BA16AA87B06373082E7551F42B8BE57BE19A50B059DC652BA46157FB7CC29AC1BF2834E668443637F87B2B12FD338706D69935D2C6348CF72F568B89B66345BF42209AA6D898F4388A54B4CFFD735EAF987CD6B738B401A14FACDAC97F63529118ED56DFB7DAC4967FFA252D185DBC29652E3F62A45D6BF990FB354D1CC27FE3
-20150521120407 2 6 100 8191 5 D7182545CB6AFDA1CCF5BB87F606DDD1CD25D4BAF110D7CCCC0BC78929189C09DC69308FBF76A16338AB8351B974081AEFE6F68B9DD0B3F661ED84DAF8736BF328122D00A803AD05DDB334CF5C98B2670F0B2ED0E2FA602CE2F6157A2A8E649A546957CE4F723C84B6AC46D64C5B329304181F2B70F48D15181C38777F4E18BB0344F5DAE703CC3A46B670713A7B99E536D30F92D1E5E683F2C5540105F425E01234968D1A63E0220A02721183E30302F029E4D0E0664E30329B730D99D03E53D67793F31BBA6C4274FB2ACA9181655B766246C598E4CD402737B682232B8534BE43A790ED6C04EF8047E1796048099B65EF415375D87BC7A01CB6086C9E23B667D22F52F5F44D6960601C15515D14F7D6A6BF6D7F6B1D834866ADF9FCFA1CDE00EF04C05591B05D4752471F124406D034BC8E6D71E03880BD3E7A77FD22E7D90B90A491E528EDE2E4B6FCF7C638883A4CDE80AF2C839569A4FB641C7B8948200DB0F51CA9B2613966C51F026A007D0696D14A4E4897556C7BB0E60A407B7B8C57643F278A47CC8089E24D38BAC1350A0E6D19FE540A773B8E90A6312D4B038C643B03ADDC741BDD3012F7714863BB63688E6145D47A6F40D15D6485E5AC278E229EA800FE705FEBEB2183CEF7C55DB952B627D4890B45441B3D4CF03BF0D132A7042C24447518B14956C11703131981CD69D7B6BA2A9F8C62057FE3A4319D17739DE0BBDAC9600E4809CD856E5F41C580863D93C251F0A31BA1CBCCAA499FEB79184E165C436A3B2FA9791C4526B47B0D1F6FE3BDE2730421E5DCA10483D91AA873ABD1236674EBE3A0D134C685CCE9D632280AE11C0D9CF7275517C1F14BCB81F2B23860D86F5028B21DF85868972EDF70A0704B3853EB1B16970834C661BC65693D38368DDB0D6E781DD2F52AE279913304601F5709E1C4B1A12B0FFDA93369001186FE8716027667F4B816E927A9977D3030CE211F4BE8B6F48836EABF4D8457FC5CFE39DF5BE96146D3B8C5BA11C3D75D252B0C190DEA5757049DE6BA89249166D60163ADDD38EAE171B53D44E135973AA05293AA7407693AE5478F480A3BE97BACBD8C7DE6EDF39EFB8BDDF8B0A2169228FD98A863C450129C8BA561A1D0F29C4EC75060A27E028E1321BCF7ADCB34B2C2B037E2C6B705F74002E0C844092025A630CFB2105F04D40135794DDF30C7E19187AE2AB8E6296C9EACFF43279F0ABE6E1150ABC2C3C8A6C4B95A7AA18CFBF953BF7662C16A0FE26D9EE7CF62BA16AA87B06373082E7551F42B8BE57BE19A50B059DC652BA46157FB7CC29AC1BF2834E668443637F87B2B12FD338706D69935D2C6348CF72F568B89B66345BF42209AA6D898F4388A54B4CFFD735EAF987CD6B738B401A14FACDAC97F63529118ED56DFB7DAC4967FFA252D185DBC29652E3F62A45D6BF990FB354D1FE2874F
-20150521124157 2 6 100 8191 2 D7182545CB6AFDA1CCF5BB87F606DDD1CD25D4BAF110D7CCCC0BC78929189C09DC69308FBF76A16338AB8351B974081AEFE6F68B9DD0B3F661ED84DAF8736BF328122D00A803AD05DDB334CF5C98B2670F0B2ED0E2FA602CE2F6157A2A8E649A546957CE4F723C84B6AC46D64C5B329304181F2B70F48D15181C38777F4E18BB0344F5DAE703CC3A46B670713A7B99E536D30F92D1E5E683F2C5540105F425E01234968D1A63E0220A02721183E30302F029E4D0E0664E30329B730D99D03E53D67793F31BBA6C4274FB2ACA9181655B766246C598E4CD402737B682232B8534BE43A790ED6C04EF8047E1796048099B65EF415375D87BC7A01CB6086C9E23B667D22F52F5F44D6960601C15515D14F7D6A6BF6D7F6B1D834866ADF9FCFA1CDE00EF04C05591B05D4752471F124406D034BC8E6D71E03880BD3E7A77FD22E7D90B90A491E528EDE2E4B6FCF7C638883A4CDE80AF2C839569A4FB641C7B8948200DB0F51CA9B2613966C51F026A007D0696D14A4E4897556C7BB0E60A407B7B8C57643F278A47CC8089E24D38BAC1350A0E6D19FE540A773B8E90A6312D4B038C643B03ADDC741BDD3012F7714863BB63688E6145D47A6F40D15D6485E5AC278E229EA800FE705FEBEB2183CEF7C55DB952B627D4890B45441B3D4CF03BF0D132A7042C24447518B14956C11703131981CD69D7B6BA2A9F8C62057FE3A4319D17739DE0BBDAC9600E4809CD856E5F41C580863D93C251F0A31BA1CBCCAA499FEB79184E165C436A3B2FA9791C4526B47B0D1F6FE3BDE2730421E5DCA10483D91AA873ABD1236674EBE3A0D134C685CCE9D632280AE11C0D9CF7275517C1F14BCB81F2B23860D86F5028B21DF85868972EDF70A0704B3853EB1B16970834C661BC65693D38368DDB0D6E781DD2F52AE279913304601F5709E1C4B1A12B0FFDA93369001186FE8716027667F4B816E927A9977D3030CE211F4BE8B6F48836EABF4D8457FC5CFE39DF5BE96146D3B8C5BA11C3D75D252B0C190DEA5757049DE6BA89249166D60163ADDD38EAE171B53D44E135973AA05293AA7407693AE5478F480A3BE97BACBD8C7DE6EDF39EFB8BDDF8B0A2169228FD98A863C450129C8BA561A1D0F29C4EC75060A27E028E1321BCF7ADCB34B2C2B037E2C6B705F74002E0C844092025A630CFB2105F04D40135794DDF30C7E19187AE2AB8E6296C9EACFF43279F0ABE6E1150ABC2C3C8A6C4B95A7AA18CFBF953BF7662C16A0FE26D9EE7CF62BA16AA87B06373082E7551F42B8BE57BE19A50B059DC652BA46157FB7CC29AC1BF2834E668443637F87B2B12FD338706D69935D2C6348CF72F568B89B66345BF42209AA6D898F4388A54B4CFFD735EAF987CD6B738B401A14FACDAC97F63529118ED56DFB7DAC4967FFA252D185DBC29652E3F62A45D6BF990FB354D20A8A19B
-20150521035417 2 6 100 8191 2 D7182545CB6AFDA1CCF5BB87F606DDD1CD25D4BAF110D7CCCC0BC78929189C09DC69308FBF76A16338AB8351B974081AEFE6F68B9DD0B3F661ED84DAF8736BF328122D00A803AD05DDB334CF5C98B2670F0B2ED0E2FA602CE2F6157A2A8E649A546957CE4F723C84B6AC46D64C5B329304181F2B70F48D15181C38777F4E18BB0344F5DAE703CC3A46B670713A7B99E536D30F92D1E5E683F2C5540105F425E01234968D1A63E0220A02721183E30302F029E4D0E0664E30329B730D99D03E53D67793F31BBA6C4274FB2ACA9181655B766246C598E4CD402737B682232B8534BE43A790ED6C04EF8047E1796048099B65EF415375D87BC7A01CB6086C9E23B667D22F52F5F44D6960601C15515D14F7D6A6BF6D7F6B1D834866ADF9FCFA1CDE00EF04C05591B05D4752471F124406D034BC8E6D71E03880BD3E7A77FD22E7D90B90A491E528EDE2E4B6FCF7C638883A4CDE80AF2C839569A4FB641C7B8948200DB0F51CA9B2613966C51F026A007D0696D14A4E4897556C7BB0E60A407B7B8C57643F278A47CC8089E24D38BAC1350A0E6D19FE540A773B8E90A6312D4B038C643B03ADDC741BDD3012F7714863BB63688E6145D47A6F40D15D6485E5AC278E229EA800FE705FEBEB2183CEF7C55DB952B627D4890B45441B3D4CF03BF0D132A7042C24447518B14956C11703131981CD69D7B6BA2A9F8C62057FE3A4319D17739DE0BBDAC9600E4809CD856E5F41C580863D93C251F0A31BA1CBCCAA499FEB79184E165C436A3B2FA9791C4526B47B0D1F6FE3BDE2730421E5DCA10483D91AA873ABD1236674EBE3A0D134C685CCE9D632280AE11C0D9CF7275517C1F14BCB81F2B23860D86F5028B21DF85868972EDF70A0704B3853EB1B16970834C661BC65693D38368DDB0D6E781DD2F52AE279913304601F5709E1C4B1A12B0FFDA93369001186FE8716027667F4B816E927A9977D3030CE211F4BE8B6F48836EABF4D8457FC5CFE39DF5BE96146D3B8C5BA11C3D75D252B0C190DEA5757049DE6BA89249166D60163ADDD38EAE171B53D44E135973AA05293AA7407693AE5478F480A3BE97BACBD8C7DE6EDF39EFB8BDDF8B0A2169228FD98A863C450129C8BA561A1D0F29C4EC75060A27E028E1321BCF7ADCB34B2C2B037E2C6B705F74002E0C844092025A630CFB2105F04D40135794DDF30C7E19187AE2AB8E6296C9EACFF43279F0ABE6E1150ABC2C3C8A6C4B95A7AA18CFBF953BF7662C16A0FE26D9EE7CF62BA16AA87B06373082E7551F42B8BE57BE19A50B059DC652BA46157FB7CC29AC1BF2834E668443637F87B2B12FD338706D69935D2C6348CF72F568B89B66345BF42209AA6D898F4388A54B4CFFD735EAF987CD6B738B401A14FACDAC97F63529118ED56DFB7DAC4967FFA252D185DBC29652E3F62A45D6BF990FB354D24E0665B
-20150521062806 2 6 100 8191 2 D7182545CB6AFDA1CCF5BB87F606DDD1CD25D4BAF110D7CCCC0BC78929189C09DC69308FBF76A16338AB8351B974081AEFE6F68B9DD0B3F661ED84DAF8736BF328122D00A803AD05DDB334CF5C98B2670F0B2ED0E2FA602CE2F6157A2A8E649A546957CE4F723C84B6AC46D64C5B329304181F2B70F48D15181C38777F4E18BB0344F5DAE703CC3A46B670713A7B99E536D30F92D1E5E683F2C5540105F425E01234968D1A63E0220A02721183E30302F029E4D0E0664E30329B730D99D03E53D67793F31BBA6C4274FB2ACA9181655B766246C598E4CD402737B682232B8534BE43A790ED6C04EF8047E1796048099B65EF415375D87BC7A01CB6086C9E23B667D22F52F5F44D6960601C15515D14F7D6A6BF6D7F6B1D834866ADF9FCFA1CDE00EF04C05591B05D4752471F124406D034BC8E6D71E03880BD3E7A77FD22E7D90B90A491E528EDE2E4B6FCF7C638883A4CDE80AF2C839569A4FB641C7B8948200DB0F51CA9B2613966C51F026A007D0696D14A4E4897556C7BB0E60A407B7B8C57643F278A47CC8089E24D38BAC1350A0E6D19FE540A773B8E90A6312D4B038C643B03ADDC741BDD3012F7714863BB63688E6145D47A6F40D15D6485E5AC278E229EA800FE705FEBEB2183CEF7C55DB952B627D4890B45441B3D4CF03BF0D132A7042C24447518B14956C11703131981CD69D7B6BA2A9F8C62057FE3A4319D17739DE0BBDAC9600E4809CD856E5F41C580863D93C251F0A31BA1CBCCAA499FEB79184E165C436A3B2FA9791C4526B47B0D1F6FE3BDE2730421E5DCA10483D91AA873ABD1236674EBE3A0D134C685CCE9D632280AE11C0D9CF7275517C1F14BCB81F2B23860D86F5028B21DF85868972EDF70A0704B3853EB1B16970834C661BC65693D38368DDB0D6E781DD2F52AE279913304601F5709E1C4B1A12B0FFDA93369001186FE8716027667F4B816E927A9977D3030CE211F4BE8B6F48836EABF4D8457FC5CFE39DF5BE96146D3B8C5BA11C3D75D252B0C190DEA5757049DE6BA89249166D60163ADDD38EAE171B53D44E135973AA05293AA7407693AE5478F480A3BE97BACBD8C7DE6EDF39EFB8BDDF8B0A2169228FD98A863C450129C8BA561A1D0F29C4EC75060A27E028E1321BCF7ADCB34B2C2B037E2C6B705F74002E0C844092025A630CFB2105F04D40135794DDF30C7E19187AE2AB8E6296C9EACFF43279F0ABE6E1150ABC2C3C8A6C4B95A7AA18CFBF953BF7662C16A0FE26D9EE7CF62BA16AA87B06373082E7551F42B8BE57BE19A50B059DC652BA46157FB7CC29AC1BF2834E668443637F87B2B12FD338706D69935D2C6348CF72F568B89B66345BF42209AA6D898F4388A54B4CFFD735EAF987CD6B738B401A14FACDAC97F63529118ED56DFB7DAC4967FFA252D185DBC29652E3F62A45D6BF990FB354D2828F7AB
-20150521074218 2 6 100 8191 5 D7182545CB6AFDA1CCF5BB87F606DDD1CD25D4BAF110D7CCCC0BC78929189C09DC69308FBF76A16338AB8351B974081AEFE6F68B9DD0B3F661ED84DAF8736BF328122D00A803AD05DDB334CF5C98B2670F0B2ED0E2FA602CE2F6157A2A8E649A546957CE4F723C84B6AC46D64C5B329304181F2B70F48D15181C38777F4E18BB0344F5DAE703CC3A46B670713A7B99E536D30F92D1E5E683F2C5540105F425E01234968D1A63E0220A02721183E30302F029E4D0E0664E30329B730D99D03E53D67793F31BBA6C4274FB2ACA9181655B766246C598E4CD402737B682232B8534BE43A790ED6C04EF8047E1796048099B65EF415375D87BC7A01CB6086C9E23B667D22F52F5F44D6960601C15515D14F7D6A6BF6D7F6B1D834866ADF9FCFA1CDE00EF04C05591B05D4752471F124406D034BC8E6D71E03880BD3E7A77FD22E7D90B90A491E528EDE2E4B6FCF7C638883A4CDE80AF2C839569A4FB641C7B8948200DB0F51CA9B2613966C51F026A007D0696D14A4E4897556C7BB0E60A407B7B8C57643F278A47CC8089E24D38BAC1350A0E6D19FE540A773B8E90A6312D4B038C643B03ADDC741BDD3012F7714863BB63688E6145D47A6F40D15D6485E5AC278E229EA800FE705FEBEB2183CEF7C55DB952B627D4890B45441B3D4CF03BF0D132A7042C24447518B14956C11703131981CD69D7B6BA2A9F8C62057FE3A4319D17739DE0BBDAC9600E4809CD856E5F41C580863D93C251F0A31BA1CBCCAA499FEB79184E165C436A3B2FA9791C4526B47B0D1F6FE3BDE2730421E5DCA10483D91AA873ABD1236674EBE3A0D134C685CCE9D632280AE11C0D9CF7275517C1F14BCB81F2B23860D86F5028B21DF85868972EDF70A0704B3853EB1B16970834C661BC65693D38368DDB0D6E781DD2F52AE279913304601F5709E1C4B1A12B0FFDA93369001186FE8716027667F4B816E927A9977D3030CE211F4BE8B6F48836EABF4D8457FC5CFE39DF5BE96146D3B8C5BA11C3D75D252B0C190DEA5757049DE6BA89249166D60163ADDD38EAE171B53D44E135973AA05293AA7407693AE5478F480A3BE97BACBD8C7DE6EDF39EFB8BDDF8B0A2169228FD98A863C450129C8BA561A1D0F29C4EC75060A27E028E1321BCF7ADCB34B2C2B037E2C6B705F74002E0C844092025A630CFB2105F04D40135794DDF30C7E19187AE2AB8E6296C9EACFF43279F0ABE6E1150ABC2C3C8A6C4B95A7AA18CFBF953BF7662C16A0FE26D9EE7CF62BA16AA87B06373082E7551F42B8BE57BE19A50B059DC652BA46157FB7CC29AC1BF2834E668443637F87B2B12FD338706D69935D2C6348CF72F568B89B66345BF42209AA6D898F4388A54B4CFFD735EAF987CD6B738B401A14FACDAC97F63529118ED56DFB7DAC4967FFA252D185DBC29652E3F62A45D6BF990FB354D29B42017
-20150521114937 2 6 100 8191 5 D7182545CB6AFDA1CCF5BB87F606DDD1CD25D4BAF110D7CCCC0BC78929189C09DC69308FBF76A16338AB8351B974081AEFE6F68B9DD0B3F661ED84DAF8736BF328122D00A803AD05DDB334CF5C98B2670F0B2ED0E2FA602CE2F6157A2A8E649A546957CE4F723C84B6AC46D64C5B329304181F2B70F48D15181C38777F4E18BB0344F5DAE703CC3A46B670713A7B99E536D30F92D1E5E683F2C5540105F425E01234968D1A63E0220A02721183E30302F029E4D0E0664E30329B730D99D03E53D67793F31BBA6C4274FB2ACA9181655B766246C598E4CD402737B682232B8534BE43A790ED6C04EF8047E1796048099B65EF415375D87BC7A01CB6086C9E23B667D22F52F5F44D6960601C15515D14F7D6A6BF6D7F6B1D834866ADF9FCFA1CDE00EF04C05591B05D4752471F124406D034BC8E6D71E03880BD3E7A77FD22E7D90B90A491E528EDE2E4B6FCF7C638883A4CDE80AF2C839569A4FB641C7B8948200DB0F51CA9B2613966C51F026A007D0696D14A4E4897556C7BB0E60A407B7B8C57643F278A47CC8089E24D38BAC1350A0E6D19FE540A773B8E90A6312D4B038C643B03ADDC741BDD3012F7714863BB63688E6145D47A6F40D15D6485E5AC278E229EA800FE705FEBEB2183CEF7C55DB952B627D4890B45441B3D4CF03BF0D132A7042C24447518B14956C11703131981CD69D7B6BA2A9F8C62057FE3A4319D17739DE0BBDAC9600E4809CD856E5F41C580863D93C251F0A31BA1CBCCAA499FEB79184E165C436A3B2FA9791C4526B47B0D1F6FE3BDE2730421E5DCA10483D91AA873ABD1236674EBE3A0D134C685CCE9D632280AE11C0D9CF7275517C1F14BCB81F2B23860D86F5028B21DF85868972EDF70A0704B3853EB1B16970834C661BC65693D38368DDB0D6E781DD2F52AE279913304601F5709E1C4B1A12B0FFDA93369001186FE8716027667F4B816E927A9977D3030CE211F4BE8B6F48836EABF4D8457FC5CFE39DF5BE96146D3B8C5BA11C3D75D252B0C190DEA5757049DE6BA89249166D60163ADDD38EAE171B53D44E135973AA05293AA7407693AE5478F480A3BE97BACBD8C7DE6EDF39EFB8BDDF8B0A2169228FD98A863C450129C8BA561A1D0F29C4EC75060A27E028E1321BCF7ADCB34B2C2B037E2C6B705F74002E0C844092025A630CFB2105F04D40135794DDF30C7E19187AE2AB8E6296C9EACFF43279F0ABE6E1150ABC2C3C8A6C4B95A7AA18CFBF953BF7662C16A0FE26D9EE7CF62BA16AA87B06373082E7551F42B8BE57BE19A50B059DC652BA46157FB7CC29AC1BF2834E668443637F87B2B12FD338706D69935D2C6348CF72F568B89B66345BF42209AA6D898F4388A54B4CFFD735EAF987CD6B738B401A14FACDAC97F63529118ED56DFB7DAC4967FFA252D185DBC29652E3F62A45D6BF990FB354D2F027D3F
-20150521073847 2 6 100 8191 5 D7182545CB6AFDA1CCF5BB87F606DDD1CD25D4BAF110D7CCCC0BC78929189C09DC69308FBF76A16338AB8351B974081AEFE6F68B9DD0B3F661ED84DAF8736BF328122D00A803AD05DDB334CF5C98B2670F0B2ED0E2FA602CE2F6157A2A8E649A546957CE4F723C84B6AC46D64C5B329304181F2B70F48D15181C38777F4E18BB0344F5DAE703CC3A46B670713A7B99E536D30F92D1E5E683F2C5540105F425E01234968D1A63E0220A02721183E30302F029E4D0E0664E30329B730D99D03E53D67793F31BBA6C4274FB2ACA9181655B766246C598E4CD402737B682232B8534BE43A790ED6C04EF8047E1796048099B65EF415375D87BC7A01CB6086C9E23B667D22F52F5F44D6960601C15515D14F7D6A6BF6D7F6B1D834866ADF9FCFA1CDE00EF04C05591B05D4752471F124406D034BC8E6D71E03880BD3E7A77FD22E7D90B90A491E528EDE2E4B6FCF7C638883A4CDE80AF2C839569A4FB641C7B8948200DB0F51CA9B2613966C51F026A007D0696D14A4E4897556C7BB0E60A407B7B8C57643F278A47CC8089E24D38BAC1350A0E6D19FE540A773B8E90A6312D4B038C643B03ADDC741BDD3012F7714863BB63688E6145D47A6F40D15D6485E5AC278E229EA800FE705FEBEB2183CEF7C55DB952B627D4890B45441B3D4CF03BF0D132A7042C24447518B14956C11703131981CD69D7B6BA2A9F8C62057FE3A4319D17739DE0BBDAC9600E4809CD856E5F41C580863D93C251F0A31BA1CBCCAA499FEB79184E165C436A3B2FA9791C4526B47B0D1F6FE3BDE2730421E5DCA10483D91AA873ABD1236674EBE3A0D134C685CCE9D632280AE11C0D9CF7275517C1F14BCB81F2B23860D86F5028B21DF85868972EDF70A0704B3853EB1B16970834C661BC65693D38368DDB0D6E781DD2F52AE279913304601F5709E1C4B1A12B0FFDA93369001186FE8716027667F4B816E927A9977D3030CE211F4BE8B6F48836EABF4D8457FC5CFE39DF5BE96146D3B8C5BA11C3D75D252B0C190DEA5757049DE6BA89249166D60163ADDD38EAE171B53D44E135973AA05293AA7407693AE5478F480A3BE97BACBD8C7DE6EDF39EFB8BDDF8B0A2169228FD98A863C450129C8BA561A1D0F29C4EC75060A27E028E1321BCF7ADCB34B2C2B037E2C6B705F74002E0C844092025A630CFB2105F04D40135794DDF30C7E19187AE2AB8E6296C9EACFF43279F0ABE6E1150ABC2C3C8A6C4B95A7AA18CFBF953BF7662C16A0FE26D9EE7CF62BA16AA87B06373082E7551F42B8BE57BE19A50B059DC652BA46157FB7CC29AC1BF2834E668443637F87B2B12FD338706D69935D2C6348CF72F568B89B66345BF42209AA6D898F4388A54B4CFFD735EAF987CD6B738B401A14FACDAC97F63529118ED56DFB7DAC4967FFA252D185DBC29652E3F62A45D6BF990FB354D3905A9FF
-20150521024512 2 6 100 8191 2 D7182545CB6AFDA1CCF5BB87F606DDD1CD25D4BAF110D7CCCC0BC78929189C09DC69308FBF76A16338AB8351B974081AEFE6F68B9DD0B3F661ED84DAF8736BF328122D00A803AD05DDB334CF5C98B2670F0B2ED0E2FA602CE2F6157A2A8E649A546957CE4F723C84B6AC46D64C5B329304181F2B70F48D15181C38777F4E18BB0344F5DAE703CC3A46B670713A7B99E536D30F92D1E5E683F2C5540105F425E01234968D1A63E0220A02721183E30302F029E4D0E0664E30329B730D99D03E53D67793F31BBA6C4274FB2ACA9181655B766246C598E4CD402737B682232B8534BE43A790ED6C04EF8047E1796048099B65EF415375D87BC7A01CB6086C9E23B667D22F52F5F44D6960601C15515D14F7D6A6BF6D7F6B1D834866ADF9FCFA1CDE00EF04C05591B05D4752471F124406D034BC8E6D71E03880BD3E7A77FD22E7D90B90A491E528EDE2E4B6FCF7C638883A4CDE80AF2C839569A4FB641C7B8948200DB0F51CA9B2613966C51F026A007D0696D14A4E4897556C7BB0E60A407B7B8C57643F278A47CC8089E24D38BAC1350A0E6D19FE540A773B8E90A6312D4B038C643B03ADDC741BDD3012F7714863BB63688E6145D47A6F40D15D6485E5AC278E229EA800FE705FEBEB2183CEF7C55DB952B627D4890B45441B3D4CF03BF0D132A7042C24447518B14956C11703131981CD69D7B6BA2A9F8C62057FE3A4319D17739DE0BBDAC9600E4809CD856E5F41C580863D93C251F0A31BA1CBCCAA499FEB79184E165C436A3B2FA9791C4526B47B0D1F6FE3BDE2730421E5DCA10483D91AA873ABD1236674EBE3A0D134C685CCE9D632280AE11C0D9CF7275517C1F14BCB81F2B23860D86F5028B21DF85868972EDF70A0704B3853EB1B16970834C661BC65693D38368DDB0D6E781DD2F52AE279913304601F5709E1C4B1A12B0FFDA93369001186FE8716027667F4B816E927A9977D3030CE211F4BE8B6F48836EABF4D8457FC5CFE39DF5BE96146D3B8C5BA11C3D75D252B0C190DEA5757049DE6BA89249166D60163ADDD38EAE171B53D44E135973AA05293AA7407693AE5478F480A3BE97BACBD8C7DE6EDF39EFB8BDDF8B0A2169228FD98A863C450129C8BA561A1D0F29C4EC75060A27E028E1321BCF7ADCB34B2C2B037E2C6B705F74002E0C844092025A630CFB2105F04D40135794DDF30C7E19187AE2AB8E6296C9EACFF43279F0ABE6E1150ABC2C3C8A6C4B95A7AA18CFBF953BF7662C16A0FE26D9EE7CF62BA16AA87B06373082E7551F42B8BE57BE19A50B059DC652BA46157FB7CC29AC1BF2834E668443637F87B2B12FD338706D69935D2C6348CF72F568B89B66345BF42209AA6D898F4388A54B4CFFD735EAF987CD6B738B401A14FACDAC97F63529118ED56DFB7DAC4967FFA252D185DBC29652E3F62A45D6BF990FB354D41DB2FFB
-20150521024827 2 6 100 8191 5 D7182545CB6AFDA1CCF5BB87F606DDD1CD25D4BAF110D7CCCC0BC78929189C09DC69308FBF76A16338AB8351B974081AEFE6F68B9DD0B3F661ED84DAF8736BF328122D00A803AD05DDB334CF5C98B2670F0B2ED0E2FA602CE2F6157A2A8E649A546957CE4F723C84B6AC46D64C5B329304181F2B70F48D15181C38777F4E18BB0344F5DAE703CC3A46B670713A7B99E536D30F92D1E5E683F2C5540105F425E01234968D1A63E0220A02721183E30302F029E4D0E0664E30329B730D99D03E53D67793F31BBA6C4274FB2ACA9181655B766246C598E4CD402737B682232B8534BE43A790ED6C04EF8047E1796048099B65EF415375D87BC7A01CB6086C9E23B667D22F52F5F44D6960601C15515D14F7D6A6BF6D7F6B1D834866ADF9FCFA1CDE00EF04C05591B05D4752471F124406D034BC8E6D71E03880BD3E7A77FD22E7D90B90A491E528EDE2E4B6FCF7C638883A4CDE80AF2C839569A4FB641C7B8948200DB0F51CA9B2613966C51F026A007D0696D14A4E4897556C7BB0E60A407B7B8C57643F278A47CC8089E24D38BAC1350A0E6D19FE540A773B8E90A6312D4B038C643B03ADDC741BDD3012F7714863BB63688E6145D47A6F40D15D6485E5AC278E229EA800FE705FEBEB2183CEF7C55DB952B627D4890B45441B3D4CF03BF0D132A7042C24447518B14956C11703131981CD69D7B6BA2A9F8C62057FE3A4319D17739DE0BBDAC9600E4809CD856E5F41C580863D93C251F0A31BA1CBCCAA499FEB79184E165C436A3B2FA9791C4526B47B0D1F6FE3BDE2730421E5DCA10483D91AA873ABD1236674EBE3A0D134C685CCE9D632280AE11C0D9CF7275517C1F14BCB81F2B23860D86F5028B21DF85868972EDF70A0704B3853EB1B16970834C661BC65693D38368DDB0D6E781DD2F52AE279913304601F5709E1C4B1A12B0FFDA93369001186FE8716027667F4B816E927A9977D3030CE211F4BE8B6F48836EABF4D8457FC5CFE39DF5BE96146D3B8C5BA11C3D75D252B0C190DEA5757049DE6BA89249166D60163ADDD38EAE171B53D44E135973AA05293AA7407693AE5478F480A3BE97BACBD8C7DE6EDF39EFB8BDDF8B0A2169228FD98A863C450129C8BA561A1D0F29C4EC75060A27E028E1321BCF7ADCB34B2C2B037E2C6B705F74002E0C844092025A630CFB2105F04D40135794DDF30C7E19187AE2AB8E6296C9EACFF43279F0ABE6E1150ABC2C3C8A6C4B95A7AA18CFBF953BF7662C16A0FE26D9EE7CF62BA16AA87B06373082E7551F42B8BE57BE19A50B059DC652BA46157FB7CC29AC1BF2834E668443637F87B2B12FD338706D69935D2C6348CF72F568B89B66345BF42209AA6D898F4388A54B4CFFD735EAF987CD6B738B401A14FACDAC97F63529118ED56DFB7DAC4967FFA252D185DBC29652E3F62A45D6BF990FB354D41E2852F
-20150521042402 2 6 100 8191 2 D7182545CB6AFDA1CCF5BB87F606DDD1CD25D4BAF110D7CCCC0BC78929189C09DC69308FBF76A16338AB8351B974081AEFE6F68B9DD0B3F661ED84DAF8736BF328122D00A803AD05DDB334CF5C98B2670F0B2ED0E2FA602CE2F6157A2A8E649A546957CE4F723C84B6AC46D64C5B329304181F2B70F48D15181C38777F4E18BB0344F5DAE703CC3A46B670713A7B99E536D30F92D1E5E683F2C5540105F425E01234968D1A63E0220A02721183E30302F029E4D0E0664E30329B730D99D03E53D67793F31BBA6C4274FB2ACA9181655B766246C598E4CD402737B682232B8534BE43A790ED6C04EF8047E1796048099B65EF415375D87BC7A01CB6086C9E23B667D22F52F5F44D6960601C15515D14F7D6A6BF6D7F6B1D834866ADF9FCFA1CDE00EF04C05591B05D4752471F124406D034BC8E6D71E03880BD3E7A77FD22E7D90B90A491E528EDE2E4B6FCF7C638883A4CDE80AF2C839569A4FB641C7B8948200DB0F51CA9B2613966C51F026A007D0696D14A4E4897556C7BB0E60A407B7B8C57643F278A47CC8089E24D38BAC1350A0E6D19FE540A773B8E90A6312D4B038C643B03ADDC741BDD3012F7714863BB63688E6145D47A6F40D15D6485E5AC278E229EA800FE705FEBEB2183CEF7C55DB952B627D4890B45441B3D4CF03BF0D132A7042C24447518B14956C11703131981CD69D7B6BA2A9F8C62057FE3A4319D17739DE0BBDAC9600E4809CD856E5F41C580863D93C251F0A31BA1CBCCAA499FEB79184E165C436A3B2FA9791C4526B47B0D1F6FE3BDE2730421E5DCA10483D91AA873ABD1236674EBE3A0D134C685CCE9D632280AE11C0D9CF7275517C1F14BCB81F2B23860D86F5028B21DF85868972EDF70A0704B3853EB1B16970834C661BC65693D38368DDB0D6E781DD2F52AE279913304601F5709E1C4B1A12B0FFDA93369001186FE8716027667F4B816E927A9977D3030CE211F4BE8B6F48836EABF4D8457FC5CFE39DF5BE96146D3B8C5BA11C3D75D252B0C190DEA5757049DE6BA89249166D60163ADDD38EAE171B53D44E135973AA05293AA7407693AE5478F480A3BE97BACBD8C7DE6EDF39EFB8BDDF8B0A2169228FD98A863C450129C8BA561A1D0F29C4EC75060A27E028E1321BCF7ADCB34B2C2B037E2C6B705F74002E0C844092025A630CFB2105F04D40135794DDF30C7E19187AE2AB8E6296C9EACFF43279F0ABE6E1150ABC2C3C8A6C4B95A7AA18CFBF953BF7662C16A0FE26D9EE7CF62BA16AA87B06373082E7551F42B8BE57BE19A50B059DC652BA46157FB7CC29AC1BF2834E668443637F87B2B12FD338706D69935D2C6348CF72F568B89B66345BF42209AA6D898F4388A54B4CFFD735EAF987CD6B738B401A14FACDAC97F63529118ED56DFB7DAC4967FFA252D185DBC29652E3F62A45D6BF990FB354D43D9B0E3
-20150521083756 2 6 100 8191 5 D7182545CB6AFDA1CCF5BB87F606DDD1CD25D4BAF110D7CCCC0BC78929189C09DC69308FBF76A16338AB8351B974081AEFE6F68B9DD0B3F661ED84DAF8736BF328122D00A803AD05DDB334CF5C98B2670F0B2ED0E2FA602CE2F6157A2A8E649A546957CE4F723C84B6AC46D64C5B329304181F2B70F48D15181C38777F4E18BB0344F5DAE703CC3A46B670713A7B99E536D30F92D1E5E683F2C5540105F425E01234968D1A63E0220A02721183E30302F029E4D0E0664E30329B730D99D03E53D67793F31BBA6C4274FB2ACA9181655B766246C598E4CD402737B682232B8534BE43A790ED6C04EF8047E1796048099B65EF415375D87BC7A01CB6086C9E23B667D22F52F5F44D6960601C15515D14F7D6A6BF6D7F6B1D834866ADF9FCFA1CDE00EF04C05591B05D4752471F124406D034BC8E6D71E03880BD3E7A77FD22E7D90B90A491E528EDE2E4B6FCF7C638883A4CDE80AF2C839569A4FB641C7B8948200DB0F51CA9B2613966C51F026A007D0696D14A4E4897556C7BB0E60A407B7B8C57643F278A47CC8089E24D38BAC1350A0E6D19FE540A773B8E90A6312D4B038C643B03ADDC741BDD3012F7714863BB63688E6145D47A6F40D15D6485E5AC278E229EA800FE705FEBEB2183CEF7C55DB952B627D4890B45441B3D4CF03BF0D132A7042C24447518B14956C11703131981CD69D7B6BA2A9F8C62057FE3A4319D17739DE0BBDAC9600E4809CD856E5F41C580863D93C251F0A31BA1CBCCAA499FEB79184E165C436A3B2FA9791C4526B47B0D1F6FE3BDE2730421E5DCA10483D91AA873ABD1236674EBE3A0D134C685CCE9D632280AE11C0D9CF7275517C1F14BCB81F2B23860D86F5028B21DF85868972EDF70A0704B3853EB1B16970834C661BC65693D38368DDB0D6E781DD2F52AE279913304601F5709E1C4B1A12B0FFDA93369001186FE8716027667F4B816E927A9977D3030CE211F4BE8B6F48836EABF4D8457FC5CFE39DF5BE96146D3B8C5BA11C3D75D252B0C190DEA5757049DE6BA89249166D60163ADDD38EAE171B53D44E135973AA05293AA7407693AE5478F480A3BE97BACBD8C7DE6EDF39EFB8BDDF8B0A2169228FD98A863C450129C8BA561A1D0F29C4EC75060A27E028E1321BCF7ADCB34B2C2B037E2C6B705F74002E0C844092025A630CFB2105F04D40135794DDF30C7E19187AE2AB8E6296C9EACFF43279F0ABE6E1150ABC2C3C8A6C4B95A7AA18CFBF953BF7662C16A0FE26D9EE7CF62BA16AA87B06373082E7551F42B8BE57BE19A50B059DC652BA46157FB7CC29AC1BF2834E668443637F87B2B12FD338706D69935D2C6348CF72F568B89B66345BF42209AA6D898F4388A54B4CFFD735EAF987CD6B738B401A14FACDAC97F63529118ED56DFB7DAC4967FFA252D185DBC29652E3F62A45D6BF990FB354D491D852F
-20150521113241 2 6 100 8191 2 D7182545CB6AFDA1CCF5BB87F606DDD1CD25D4BAF110D7CCCC0BC78929189C09DC69308FBF76A16338AB8351B974081AEFE6F68B9DD0B3F661ED84DAF8736BF328122D00A803AD05DDB334CF5C98B2670F0B2ED0E2FA602CE2F6157A2A8E649A546957CE4F723C84B6AC46D64C5B329304181F2B70F48D15181C38777F4E18BB0344F5DAE703CC3A46B670713A7B99E536D30F92D1E5E683F2C5540105F425E01234968D1A63E0220A02721183E30302F029E4D0E0664E30329B730D99D03E53D67793F31BBA6C4274FB2ACA9181655B766246C598E4CD402737B682232B8534BE43A790ED6C04EF8047E1796048099B65EF415375D87BC7A01CB6086C9E23B667D22F52F5F44D6960601C15515D14F7D6A6BF6D7F6B1D834866ADF9FCFA1CDE00EF04C05591B05D4752471F124406D034BC8E6D71E03880BD3E7A77FD22E7D90B90A491E528EDE2E4B6FCF7C638883A4CDE80AF2C839569A4FB641C7B8948200DB0F51CA9B2613966C51F026A007D0696D14A4E4897556C7BB0E60A407B7B8C57643F278A47CC8089E24D38BAC1350A0E6D19FE540A773B8E90A6312D4B038C643B03ADDC741BDD3012F7714863BB63688E6145D47A6F40D15D6485E5AC278E229EA800FE705FEBEB2183CEF7C55DB952B627D4890B45441B3D4CF03BF0D132A7042C24447518B14956C11703131981CD69D7B6BA2A9F8C62057FE3A4319D17739DE0BBDAC9600E4809CD856E5F41C580863D93C251F0A31BA1CBCCAA499FEB79184E165C436A3B2FA9791C4526B47B0D1F6FE3BDE2730421E5DCA10483D91AA873ABD1236674EBE3A0D134C685CCE9D632280AE11C0D9CF7275517C1F14BCB81F2B23860D86F5028B21DF85868972EDF70A0704B3853EB1B16970834C661BC65693D38368DDB0D6E781DD2F52AE279913304601F5709E1C4B1A12B0FFDA93369001186FE8716027667F4B816E927A9977D3030CE211F4BE8B6F48836EABF4D8457FC5CFE39DF5BE96146D3B8C5BA11C3D75D252B0C190DEA5757049DE6BA89249166D60163ADDD38EAE171B53D44E135973AA05293AA7407693AE5478F480A3BE97BACBD8C7DE6EDF39EFB8BDDF8B0A2169228FD98A863C450129C8BA561A1D0F29C4EC75060A27E028E1321BCF7ADCB34B2C2B037E2C6B705F74002E0C844092025A630CFB2105F04D40135794DDF30C7E19187AE2AB8E6296C9EACFF43279F0ABE6E1150ABC2C3C8A6C4B95A7AA18CFBF953BF7662C16A0FE26D9EE7CF62BA16AA87B06373082E7551F42B8BE57BE19A50B059DC652BA46157FB7CC29AC1BF2834E668443637F87B2B12FD338706D69935D2C6348CF72F568B89B66345BF42209AA6D898F4388A54B4CFFD735EAF987CD6B738B401A14FACDAC97F63529118ED56DFB7DAC4967FFA252D185DBC29652E3F62A45D6BF990FB354D4CAD7D8B
+20150522025931 2 6 100 1535 5 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAD18DA1F
+20150522025936 2 6 100 1535 2 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAD3763B3
+20150522025942 2 6 100 1535 2 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAD702B8B
+20150522025943 2 6 100 1535 2 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAD77C283
+20150522025947 2 6 100 1535 2 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAD96C25B
+20150522025953 2 6 100 1535 2 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DADD9B3DB
+20150522025956 2 6 100 1535 5 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DADE84F07
+20150522025957 2 6 100 1535 2 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DADEC1DB3
+20150522030001 2 6 100 1535 5 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAE0E297F
+20150522030004 2 6 100 1535 2 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAE2A1E23
+20150522030005 2 6 100 1535 2 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAE2ADE53
+20150522030008 2 6 100 1535 5 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAE47B9F7
+20150522030009 2 6 100 1535 2 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAE4E1343
+20150522030014 2 6 100 1535 2 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAE715CBB
+20150522030016 2 6 100 1535 5 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAE7BC9EF
+20150522030018 2 6 100 1535 2 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAE84579B
+20150522030019 2 6 100 1535 2 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAE8A564B
+20150522030023 2 6 100 1535 5 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAEAF7AD7
+20150522030025 2 6 100 1535 2 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAEB9DC53
+20150522030027 2 6 100 1535 5 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAECD976F
+20150522030034 2 6 100 1535 2 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAF07F063
+20150522030034 2 6 100 1535 2 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAF08ACBB
+20150522030037 2 6 100 1535 5 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAF192C07
+20150522030039 2 6 100 1535 2 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAF241333
+20150522030040 2 6 100 1535 2 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAF255B3B
+20150522030044 2 6 100 1535 5 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAF3DEC37
+20150522030048 2 6 100 1535 2 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAF60F05B
+20150522030049 2 6 100 1535 5 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAF6255DF
+20150522030055 2 6 100 1535 5 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAF8EE01F
+20150522030059 2 6 100 1535 2 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAFAD237B
+20150522030104 2 6 100 1535 5 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAFD13587
+20150522030105 2 6 100 1535 5 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAFD2BE6F
+20150522030108 2 6 100 1535 5 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAFECF32F
+20150522030112 2 6 100 1535 5 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DAFFDEED7
+20150522030115 2 6 100 1535 2 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DB01CAA63
+20150522030116 2 6 100 1535 5 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DB01F3647
+20150522030119 2 6 100 1535 5 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DB034B30F
+20150522030122 2 6 100 1535 5 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DB04822EF
+20150522030124 2 6 100 1535 5 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DB0528867
+20150522030131 2 6 100 1535 2 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DB08D3CAB
+20150522030136 2 6 100 1535 5 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DB0B10C6F
+20150522030138 2 6 100 1535 5 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DB0C688A7
+20150522030140 2 6 100 1535 2 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DB0CCDF9B
+20150522030141 2 6 100 1535 2 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DB0CFD81B
+20150522030145 2 6 100 1535 2 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DB0F59763
+20150522030148 2 6 100 1535 2 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DB10339FB
+20150522030149 2 6 100 1535 2 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DB10E3ACB
+20150522030150 2 6 100 1535 2 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DB11127F3
+20150522030159 2 6 100 1535 2 F4EE15F22E5F49997A027769656DF0240598C9470C7D67A7D7DA2777883C1C243A6F3D04E1CFA6A0350B165ECABE89A684C11ABB7E5B93B54FD6EAC85BBA9F23C6306E485BB9AC5515ABC739CE9B1A79F7DEF6D00B643856DB903E23E7F985EDCAFF867FE15498E7EF6A91057DE337A9AAEDE941C934E65243AC7888A33C78FB2490BBA2BA06F18ECC51DE9AA54BADD061CC5BE1EA060CC3217CA11E26772BD088898D2882CB49A9FF40168E49AE6A90EE1F61132E1B6E4E7F99797DB15B8BDB
+20150522030634 2 6 100 2047 5 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8ADB54257
+20150522030715 2 6 100 2047 5 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8AE6EF847
+20150522030737 2 6 100 2047 2 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8AEC5D76B
+20150522030739 2 6 100 2047 5 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8AECB604F
+20150522030742 2 6 100 2047 2 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8AECF538B
+20150522030756 2 6 100 2047 2 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8AF04851B
+20150522030828 2 6 100 2047 2 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8AF867683
+20150522030905 2 6 100 2047 5 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B01F7E27
+20150522030909 2 6 100 2047 5 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B02AFB8F
+20150522030918 2 6 100 2047 5 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B048739F
+20150522030930 2 6 100 2047 2 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B07661CB
+20150522030938 2 6 100 2047 2 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B091EC43
+20150522030955 2 6 100 2047 5 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B0D50D0F
+20150522031007 2 6 100 2047 2 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B1023673
+20150522031015 2 6 100 2047 5 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B119500F
+20150522031036 2 6 100 2047 5 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B177EE9F
+20150522031056 2 6 100 2047 2 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B1D0030B
+20150522031103 2 6 100 2047 2 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B1ECC193
+20150522031125 2 6 100 2047 5 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B24C9CF7
+20150522031136 2 6 100 2047 2 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B2774773
+20150522031208 2 6 100 2047 5 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B2FC9617
+20150522031220 2 6 100 2047 5 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B32FE6CF
+20150522031228 2 6 100 2047 2 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B345AC93
+20150522031248 2 6 100 2047 5 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B392E18F
+20150522031256 2 6 100 2047 5 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B3B32FCF
+20150522031300 2 6 100 2047 2 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B3BF5B2B
+20150522031311 2 6 100 2047 2 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B3E840CB
+20150522031316 2 6 100 2047 5 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B3F5F9D7
+20150522031334 2 6 100 2047 2 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B439F28B
+20150522031337 2 6 100 2047 2 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B44025D3
+20150522031339 2 6 100 2047 2 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B442AC0B
+20150522031353 2 6 100 2047 2 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B4788613
+20150522031356 2 6 100 2047 2 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B47F8FDB
+20150522031401 2 6 100 2047 2 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B48EAEFB
+20150522031407 2 6 100 2047 2 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B4A1CE0B
+20150522031420 2 6 100 2047 2 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B4D73D93
+20150522031425 2 6 100 2047 5 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B4E9937F
+20150522031428 2 6 100 2047 5 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B4EFD4BF
+20150522031436 2 6 100 2047 2 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B507149B
+20150522031452 2 6 100 2047 2 DB36277B45EA5615C782C08BF6A290A3D61E6B9690E4A147042113FC1BFC0AEEC5FB0FF82FC1FEA86E273F667EC387FEF3421FFFC617A70C34B1987986C6B35C715713914AB75932A3D1942ECC0F324D81BF00D59916B3BFDC7BA432AF5C5DFCF30BF4A2C80B8CA52A9B80E989D3A852BD81A8BD3ADC97497F43C6F0A90882D9CFA165CF1F735C96428BF9BC32A58B71CF1D4FD48A6D2C616E91BB6E07C5CB0DF0C59DAF79D659C6E53007843497BBEE5B341D27DE2E2543B8DFEB4DDAE6328EAD441C3F36509C1FA689FE494B0426ADCAF9E567A1C5A3301689C5CCC55EC4002FAA5D254C2F3C0F8636BEA7019D1CD212B74EE4F273E0B9997720E8B54A3243
+20150522032348 2 6 100 3071 2 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF98368C951B
+20150522033023 2 6 100 3071 5 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF9838C4B4F7
+20150522033224 2 6 100 3071 5 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF9839729F67
+20150522033330 2 6 100 3071 2 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF9839CF938B
+20150522033506 2 6 100 3071 2 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF983A5AA27B
+20150522033539 2 6 100 3071 5 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF983A849987
+20150522033610 2 6 100 3071 5 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF983AAC8A5F
+20150522033839 2 6 100 3071 5 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF983B7F9067
+20150522033952 2 6 100 3071 5 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF983BE385D7
+20150522034001 2 6 100 3071 5 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF983BEA4367
+20150522034055 2 6 100 3071 2 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF983C305BC3
+20150522034123 2 6 100 3071 2 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF983C516EB3
+20150522034146 2 6 100 3071 5 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF983C6D1017
+20150522034241 2 6 100 3071 2 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF983CB6A553
+20150522034528 2 6 100 3071 5 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF983DA8F54F
+20150522034544 2 6 100 3071 2 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF983DB92AEB
+20150522034719 2 6 100 3071 2 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF983E32A87B
+20150522034748 2 6 100 3071 2 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF983E589F5B
+20150522035227 2 6 100 3071 2 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF983FE4EA2B
+20150522035328 2 6 100 3071 2 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF9840340683
+20150522035522 2 6 100 3071 2 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF9840D77183
+20150522035721 2 6 100 3071 5 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF98417632BF
+20150522035808 2 6 100 3071 2 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF9841B795AB
+20150522035847 2 6 100 3071 5 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF9841E9F357
+20150522040046 2 6 100 3071 2 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF9842863803
+20150522040057 2 6 100 3071 5 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF98428F98CF
+20150522040128 2 6 100 3071 2 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF9842B68EA3
+20150522040136 2 6 100 3071 2 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF9842BA209B
+20150522040232 2 6 100 3071 2 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF984303E883
+20150522040546 2 6 100 3071 2 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF9844117EF3
+20150522040607 2 6 100 3071 5 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF9844276407
+20150522040733 2 6 100 3071 2 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF984499981B
+20150522040850 2 6 100 3071 5 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF984502ECCF
+20150522041059 2 6 100 3071 5 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF9845BB3AD7
+20150522041141 2 6 100 3071 5 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF9845F34747
+20150522041538 2 6 100 3071 2 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF98473F522B
+20150522041645 2 6 100 3071 2 E409DD3E1471472B9A1A2C64FDDC0EB822C4485590288E209141916DF6C51125FCF17ED5F4226F63928FD7E9C60DEC3B0A82C6DF10C33E0CDA2E200004C3B89C7BD872CF9572374C7590F8960C97E1A995319ECABF60C00DAC39A8A4A4196638FB338F47445310F2424518C4ED9C789D17D591DF7B2CB11FC320AD7C84376EF838077C5C81BBEE2BDF38F8716E94F756919654AD5BC8FDF9CD644F0B1F604DFB7CF28B8AD55576458DB547348E74101FA39ADD0D5675E2BA2FA074C2BEC53DCA68A1F49E3F5EBBE9069C7BB20A0ED4217C8D8FE99DC3DDAC05172EB056C6173306F604B90079CEAD87AA170EA89E38C07128067C48695040F766131E9E8459FB71ED94BE176C9F827BBAB219E1BD7A4C7ED9FE7FF62E844B0915C9ACD5B17FDE866EC34C44C348C23CC303D6E7AFDC55AAAC007BF3C67280C13C9801D2D8E0739680257CE5CEBD5CA0CF24D2CA6A354D5D132A72D2ABB2E50D257B5A6DAA038683C1A433861204570824D0734402498259C171BB58DA074D22B1DF98479B35EB
+20150522043157 2 6 100 4095 2 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F379177A90103
+20150522044043 2 6 100 4095 2 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F379178F7604B
+20150522044434 2 6 100 4095 2 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F37917986809B
+20150522044641 2 6 100 4095 5 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F379179D34D9F
+20150522045152 2 6 100 4095 2 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F37917A93F48B
+20150522045648 2 6 100 4095 2 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F37917B4FEA03
+20150522051224 2 6 100 4095 2 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F37917DA8111B
+20150522051844 2 6 100 4095 2 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F37917E9226DB
+20150522052054 2 6 100 4095 2 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F37917EDC16FB
+20150522052204 2 6 100 4095 5 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F37917F0058A7
+20150522052248 2 6 100 4095 5 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F37917F16842F
+20150522052650 2 6 100 4095 5 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F37917FA2234F
+20150522052821 2 6 100 4095 2 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F37917FD2EA1B
+20150522054416 2 6 100 4095 5 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F3791823EE827
+20150522054652 2 6 100 4095 2 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F379182978693
+20150522054912 2 6 100 4095 2 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F379182E6E57B
+20150522054941 2 6 100 4095 2 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F379182F0448B
+20150522055008 2 6 100 4095 5 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F379182FA0E27
+20150522060835 2 6 100 4095 2 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F379185801F93
+20150522062202 2 6 100 4095 2 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F379187943813
+20150522062512 2 6 100 4095 5 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F3791880945B7
+20150522063933 2 6 100 4095 2 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F37918A32FF83
+20150522064222 2 6 100 4095 2 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F37918A910AB3
+20150522064452 2 6 100 4095 2 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F37918AE83E73
+20150522065035 2 6 100 4095 2 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F37918BBA1623
+20150522065634 2 6 100 4095 2 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F37918C920633
+20150522070134 2 6 100 4095 2 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F37918D471AAB
+20150522070306 2 6 100 4095 2 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F37918D7B1063
+20150522070332 2 6 100 4095 2 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F37918D838D0B
+20150522070807 2 6 100 4095 5 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F37918E2B8B67
+20150522071420 2 6 100 4095 2 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F37918F0C3653
+20150522071508 2 6 100 4095 2 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F37918F1EFFFB
+20150522071555 2 6 100 4095 5 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F37918F35E697
+20150522071903 2 6 100 4095 2 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F37918FA47DEB
+20150522074443 2 6 100 4095 2 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F37919363872B
+20150522075339 2 6 100 4095 2 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F379194BA4383
+20150522080128 2 6 100 4095 5 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F379195DB3C5F
+20150522080506 2 6 100 4095 5 DDE41D7021F9DF8240D0BD8E14CE1E374A4FFDD073767E84C8C347B6F832731277F9D333B8BC7CD96ED164DF5C6F26E46E4BAF0AA7C87B26CE3E11042C1BDDF76095E50D7772E5DC0C48EBA0E41EC92EAFA655DA1B6C614E1F0F9AD815BD7505AA9B8A265D13956B5A26141EE812404DE13B821C9B7BCA9982B8CF7D862F8E8A373FEFEE4AE46EC2122519A2AD896ED18CAECEF314D1B98C83358B6E9D2F3BC58C1688F162E3CF1FF58E57E7B9E14BB37C9C9E9692E57C42937141C226E84C35B42DED9055A7F366A61C3CB4899B499278ED4C729CC1DE54827E882290F9FC13F7F1488F897698EA62A99468D6F3ED0561816C39B8279154FC7A8E453CCC4EB1ABC777A397B694E1B9866C2495489F94721A3351B252D05FE6C7857929B34C19A8EB42ABED88FA370DABCA83A245DC35CFB399824D127507AD540054C647F61C6BD11CAFC3FE5277A1014DF6B538BC8BFE009315BCD60E020DAB840B8A4219EBA4E349680BC7CA3A9BC36164A3D36E325C530B178747814F575899126B307EB63F910DDE0F09E5056B2F9F7E230A42C11DDD34A9B23A64090C2FF9C7F3DD696E6828613E74A64CFC4046ECFA997BE84981430D8A7F8AEC63001E50AF9F556567A0065A9A013A66A2737CEEE468D6A15002358AC648D862B0618E6DD6A98BBBE9E68174D9C9FE4568BB2D12083CF6892B6B8D58307944955A987F3791965094C7
+20150522083733 2 6 100 6143 5 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C514C4F88F
+20150522093608 2 6 100 6143 5 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C517A26827
+20150522094040 2 6 100 6143 5 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C517D03757
+20150522095314 2 6 100 6143 2 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C518686A8B
+20150522101845 2 6 100 6143 2 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C519A641F3
+20150522103233 2 6 100 6143 5 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C51A4A87B7
+20150522111208 2 6 100 6143 2 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C51C3A7B9B
+20150522120305 2 6 100 6143 5 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C51EB16CF7
+20150522122813 2 6 100 6143 2 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C51FE5C353
+20150522132032 2 6 100 6143 2 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C5226F04CB
+20150522141054 2 6 100 6143 5 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C524EBC207
+20150522153656 2 6 100 6143 5 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C529553A9F
+20150522154114 2 6 100 6143 5 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C5298632F7
+20150522154826 2 6 100 6143 5 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C529DCC5D7
+20150522163842 2 6 100 6143 2 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C52C78C8C3
+20150522165625 2 6 100 6143 5 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C52D5A1C27
+20150522172408 2 6 100 6143 2 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C52EBD88E3
+20150522173745 2 6 100 6143 2 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C52F69630B
+20150522184340 2 6 100 6143 2 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C5327AFF1B
+20150522190348 2 6 100 6143 2 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C5336CDC63
+20150522200705 2 6 100 6143 5 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C5366C1207
+20150522201200 2 6 100 6143 2 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C5369D0A6B
+20150522202855 2 6 100 6143 5 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C5375B287F
+20150522204401 2 6 100 6143 2 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C5380EDB4B
+20150522205115 2 6 100 6143 2 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C5385D084B
+20150522210056 2 6 100 6143 2 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C538CEBB3B
+20150522212110 2 6 100 6143 2 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C539B27FE3
+20150522215602 2 6 100 6143 2 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C53B4E825B
+20150522222840 2 6 100 6143 2 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C53CD37713
+20150522224719 2 6 100 6143 5 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C53DAAAE07
+20150523005800 2 6 100 6143 2 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C543D2802B
+20150523110456 2 6 100 6143 5 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C549CAF02F
+20150523111755 2 6 100 6143 2 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C54A5BCB0B
+20150523135850 2 6 100 6143 5 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C551C0E2B7
+20150523140345 2 6 100 6143 2 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C551F4D6B3
+20150523153045 2 6 100 6143 2 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C5561141EB
+20150523170349 2 6 100 6143 5 E49C8871D7F1191BFDDF2C21369599F9E9F57F502A68C5AA4B87527B218B90EB8F33F3D6B4E379A17BA18BDDA81F2DE8B15EABBF424BDEF329D792093D88EB5536D5F165F767F08AD2220E0005162BB37BE7F45B2574F2BE5BFE4262623C8895A803F747E3BCB0DD396DED524EE1E9B9EEE82C741A1F8ACA2E6DB05CC1FE8C2A7DC50F1F019FD74FC6FFBF38ADA2D36A7CC8DB2C7961C154A74BF0086C173AC7A22B266BBE9974459A7EFDC2F0CDB2F9E288527FD356017FDE01AE17A954561197E18E4AADAF0643860328FC9A2D8A5073348DAD615ADF1AE4AD5BA1630437AB4F7948FCB3D33CD225AA6661DD2AAFFE774CA01F0BF8A2DB168D8FFF3A223E3A60B039E9ABAE8E4B6A37B7E8F77A3EC2D1714B79DEC2ED2BCFB39A4FAAB8913D421099623BCD1DE50B419173236D91E09CFCF544161EB4CA8A45295D812708E349D2118EFA3EDC0F86D3300A80C36D77CEE41441F84BBE663413378F2CAA58F6915B5B3CD799541AD5CCC74B76A59555EDC3B6ABD77318E0A9E6450277DF93A882C6F3D2E13E3BBE361BBB2813A2A269324D7FD2D9437AD065CF3CE698BE08857E5E22800CDBC0235AEB364301AF3170C24B8A68B7B038499F788040E86376DA7DB517751F4FC6D1D3E1C3FE8DDA27B69D1281A18D6D2DC92C2E471A4B577F789E5D397C68B738DBEA06FF55AC1D1C177E3A51D136055E379CF68C27DBB6D66771D9ADFD846CBFF9EFF5B0BDC9EA16A8817243451A93545D19DCFB3DE1E50936A62CD98379ED37C13BE8D71DE48E4115DD309E67F676B0CE88B60BDCD0CAB98878A17E67E20723DE50DB3599485E25687005AB55407632E12AD919498F562D2871A55FEDB76F113D1E92AD5E4D342B45611D9F844BED39B36E5225147D3F6BFEC6C6CA88C423ED62781E29EA9A9418500E7419922E51210FA767153619573EEB19609C77212D6A9724295FBF0A1915F33074D5225E9BD0C6105DA28F1B0E5F43EECBE67B18D5FE74FE60CF87800C623B13FD6152CA913F91ABC5113FF0CCFE362C30DF8F369E08DE8D57222DDF659AE2458C7B4225AE583E178328C55A59DCDF
+20150523191201 2 6 100 7679 2 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB470CDA3203
+20150523215157 2 6 100 7679 2 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB4711A72AAB
+20150523231527 2 6 100 7679 2 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB47141BE273
+20150523235422 2 6 100 7679 5 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB47153C4A8F
+20150524010823 2 6 100 7679 2 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB47174C4663
+20150524013736 2 6 100 7679 2 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB471810100B
+20150524040115 2 6 100 7679 2 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB471BEA9823
+20150524051719 2 6 100 7679 2 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB471DEF42C3
+20150524055417 2 6 100 7679 5 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB471EE81B27
+20150524104925 2 6 100 7679 2 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB4726B43323
+20150524105636 2 6 100 7679 5 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB4726DBBBDF
+20150524130121 2 6 100 7679 2 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB472A1294AB
+20150524163025 2 6 100 7679 2 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB472FBAE453
+20150524163715 2 6 100 7679 2 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB472FE1144B
+20150524173410 2 6 100 7679 5 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB47315B458F
+20150524181655 2 6 100 7679 2 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB473268D4BB
+20150524223625 2 6 100 7679 2 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB473917D17B
+20150525001303 2 6 100 7679 2 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB473B95BAC3
+20150525011252 2 6 100 7679 2 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB473D16F0B3
+20150525020522 2 6 100 7679 5 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB473E60DDB7
+20150525061910 2 6 100 7679 5 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB4744D20B9F
+20150525092924 2 6 100 7679 5 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB47499CAF77
+20150525124039 2 6 100 7679 2 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB474E6A2CEB
+20150525132602 2 6 100 7679 2 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB474F854D7B
+20150525170642 2 6 100 7679 2 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB4755495933
+20150525201019 2 6 100 7679 5 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB4759D07FB7
+20150525223942 2 6 100 7679 5 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB475D6E1C07
+20150525230547 2 6 100 7679 5 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB475E0B3487
+20150525234905 2 6 100 7679 2 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB475F115D93
+20150526002510 2 6 100 7679 2 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB475FE94D13
+20150526014857 2 6 100 7679 2 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB4761E82A83
+20150526045853 2 6 100 7679 5 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB47667CBC4F
+20150605090211 2 6 100 7679 5 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB476DA5F0B7
+20150605145212 2 6 100 7679 5 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB4776229827
+20150605174343 2 6 100 7679 2 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB477A770453
+20150605182015 2 6 100 7679 2 F829F98FA9F017F2B534A1ADF10BFE7F46E24D09A1EA89D3BB00CC679F6CDF5107A8AAF6F1AC8581E5D52174BA79E05DC2D61FE0B3F10B52520086FF4BE33841858D569DEFF006D6145E062E37CB2A225BAC5207DBC87BBCBE31A12678F8BD3E64FAFD7DA004CA67EED97A92C511BBDB5CAE7D563758EA45BD2280A91209C417093F079E901E48C80702D0B5420C21A571B133299B590EB3ADD67CB1538D85F03C2EBF2A0E1B64C3CCB55CAE257C3939E2A48DDB50B557BFCFFA891EA55D2CE29ADF58D94887170E2EF8EEA14D83117793B2EBEBAA5DAF26F118C53F3F50EF50ACF4BE634C4714F05F198D0A10C91C789C08F9CE84CE238FDFAA6368A1D971450D3A05B279DC0DB0BE57E7B36ED42FC2DE0989CBF4881F59E1C3EB80C8BFA7A9B4493246AB0977F26E368179D4269DF732C935A7901E34042CEBA93FA7B5F2BE7765D1568F83A82D0A556F973DEE714AE348EC6EE73D06E5746D7CA7A2172053350FF03E2B2483F6F5CC20CE2FD44CF81187EE3A28073C4360432BA958FC71C6B4609208610001B762042C20951BB46D484A4D018134E581BAD41EABE16721DB572B76921A6FDA278B4DBCD6E479D89D8F076A3DF39BBF6A81A1529BBDB06A75792E3CC2AE7047533465FB0C4BB6F0B16A2FB13B5812E5AFA8BC06184CB8620700602A9F3D1194EC7F98FF6858CFB26161FA3903301F7F54E8946C688B91631BF8B2452255F7EA8BC66FA9CB2D12BFE8437330956902B5D04469F45AEBEF0CC2F49791EE958B7FC791ACC0BC6A0DAAA8BFB2A5EB49628051F42A0CF1FA0EA33E9EFC8DED03407EA35D1D6E7F09D278793C9E446F99E3A9D6EB93A07FFFA8A16CA1417D776A3DC2D621F3D49A7DED7FC3274228EA72E2BECFBB071B8F1EEC99F04E62DBE9D6F781B3E4078EE28596222A387E87FC7213BB49AFDB79E549B5533877A8FAAD0A86F34AB36B26A48E544F5175EA498E57E6CC8B72924F2DC0B4C4A6364E667B11E49AEF39CE132086650954863BA4BB734A8A13945901802072BF924A6B38BC81E10E3EB74330411F10E259D58C9C4C5F1B4F40E85F11D12D0A5D4F896E24ABBD91E80EBCF0446B189705C133E113699D589068FD67D1993917B9349D380BAAAC594824051275D3AFA8BD3434AAB6C30CC9B6E687AD41A20DBDB890D36571726BCDA2B7051E1BC227480C83F2352A9DF08EBCDEF39936BC26553279246E536F26FFBB65176F4FE67B21658DF22C344A260B4AA8A09F354ECF50B8505F2F6AE4F99F6549CA139B730DC3618E6B5B70966A4276848266CBF23F0FEE469EAF298932EFBBA50E719BFF2259504A6D23938DAD104016FA91EB477B32F0B3
+20150526114135 2 6 100 8191 2 C64DCFC087E26CA2C02394329FAB07FECC446B77A6190D0FFB4326006E0F6D755C35C82228750F80F466E5E6C6FD70A6D4398BBF24C8B4D4B27A38125ADA4D087A7051B2FFCDF675AB1AD9A3A4EE3071B75A8DBEDD879C1B4D396FDF862B2C192B5EB832FA23EAA10DFE795435545882854A0F3BEB476B865E6ED98E43E49950F2FDB00A0E177FAAA3162AE6F513DAFC9A55676C0BC5B87A1C79F98C1A93035F3B39BB24C2C398DA1AADCC16EBB918407579D24ADB3826725E2B4BE73129F28181BD3A1CFCA78712592F8C58E8AF3BA7D7DFFB538AA2476467AC75BFD4C884949C58A0BC8D820E0AE5E0280E083401D239F63649845FEB53444126D137B3A80D4EBF5839263C302FFC3CA5F653B2D93C4AC474D489ADC4E1379BB7FD72950B57EF30FF579917AC9999B4136C030FDCB6121E6F7222227206EBA69DEA5E7DDC7F4718E24E3E4D6D17A81F18E0D376292ED3BB744C66B9ED4BC90F6A04E953B952F794F01372FA88558228C70C97C01D5350EDEE0BEBC99BBD696AE2EFAAB1A0767DCAB15C52821B3243388CE729957668B385A050651F38702C5301A92180A8B84FDF30A74A23E34D9690EEC35A4B644B97DD1558933D7D3DAFF826C942882E223C79EEAE9835F972C273139C396E519D124B6ABBE233548EE1B00B87F7791611DF2E47343368D333C071E231F82914AAE51CEAE790410A6D11D6B82067A9847C945E0BB32310F8370C81636FF68BE65137C3FA912E4C1147F49946C198E1E15E04B8FC7AFFC8465A182E81976C5ED5C2D07F3F6AA25ED27FAC527D6126213BCABC49E102D35AF81E2A694AF0EF83DF6A687E8F3DEEC076BE08A7CD1A3B81C4997136880DB4E7E37B56082F10702F0BB646C7C8A760E297E2A39129BC4A3D0EFB9C3FA2611F5E545F2DC52E013FC49353553F46DEBB59817E18B701689B7A755E609A1B521D72DAE5CBCCE7059E8DA977C97CC87ED8118A2A0011B5ECCCB53785EBDD8986B0A3B36538BBCF4C27DCA06A4B35A9F9920439A35445A0703B34269EB2652999D041912810C06C5742B2AC9B23522D6A2AA3F38A699170B90EAE64509BBD00306C6AFB78AF35EE0D0B504500D5A2AECC0170C2B97620B4796CF538B6D867297F8EC1B08B2F4AFD3534FD9775200BAC298A216AA2553964B7A259D738C84A4035A2BAD35F2AA67CA197D9BB0658ABAB4AF6261C74F18D3D98A5B22C24476FAA8DB9F4FF2621CA01F27C8AB6157F6A1E7F0900CB3F2EEE44D77AAEDC77F24B0E2288340E9A371ACB021407C3E089F61FF0F8469EC9FDFC53892B47CDD0E63748DFE8F814AF7755E6B08491B0CBF8A3A847A922798D28FC72CC9AF8F9299D7B59E1AD1054A98488DB158D471A2D66053FD017238A9B9114393CB4BFD48B8FAABF7E4139E62F533CCCFDD9189E2FFBBB8E488B25B13B17BBEDE95C238093
+20150526114600 2 6 100 8191 5 C64DCFC087E26CA2C02394329FAB07FECC446B77A6190D0FFB4326006E0F6D755C35C82228750F80F466E5E6C6FD70A6D4398BBF24C8B4D4B27A38125ADA4D087A7051B2FFCDF675AB1AD9A3A4EE3071B75A8DBEDD879C1B4D396FDF862B2C192B5EB832FA23EAA10DFE795435545882854A0F3BEB476B865E6ED98E43E49950F2FDB00A0E177FAAA3162AE6F513DAFC9A55676C0BC5B87A1C79F98C1A93035F3B39BB24C2C398DA1AADCC16EBB918407579D24ADB3826725E2B4BE73129F28181BD3A1CFCA78712592F8C58E8AF3BA7D7DFFB538AA2476467AC75BFD4C884949C58A0BC8D820E0AE5E0280E083401D239F63649845FEB53444126D137B3A80D4EBF5839263C302FFC3CA5F653B2D93C4AC474D489ADC4E1379BB7FD72950B57EF30FF579917AC9999B4136C030FDCB6121E6F7222227206EBA69DEA5E7DDC7F4718E24E3E4D6D17A81F18E0D376292ED3BB744C66B9ED4BC90F6A04E953B952F794F01372FA88558228C70C97C01D5350EDEE0BEBC99BBD696AE2EFAAB1A0767DCAB15C52821B3243388CE729957668B385A050651F38702C5301A92180A8B84FDF30A74A23E34D9690EEC35A4B644B97DD1558933D7D3DAFF826C942882E223C79EEAE9835F972C273139C396E519D124B6ABBE233548EE1B00B87F7791611DF2E47343368D333C071E231F82914AAE51CEAE790410A6D11D6B82067A9847C945E0BB32310F8370C81636FF68BE65137C3FA912E4C1147F49946C198E1E15E04B8FC7AFFC8465A182E81976C5ED5C2D07F3F6AA25ED27FAC527D6126213BCABC49E102D35AF81E2A694AF0EF83DF6A687E8F3DEEC076BE08A7CD1A3B81C4997136880DB4E7E37B56082F10702F0BB646C7C8A760E297E2A39129BC4A3D0EFB9C3FA2611F5E545F2DC52E013FC49353553F46DEBB59817E18B701689B7A755E609A1B521D72DAE5CBCCE7059E8DA977C97CC87ED8118A2A0011B5ECCCB53785EBDD8986B0A3B36538BBCF4C27DCA06A4B35A9F9920439A35445A0703B34269EB2652999D041912810C06C5742B2AC9B23522D6A2AA3F38A699170B90EAE64509BBD00306C6AFB78AF35EE0D0B504500D5A2AECC0170C2B97620B4796CF538B6D867297F8EC1B08B2F4AFD3534FD9775200BAC298A216AA2553964B7A259D738C84A4035A2BAD35F2AA67CA197D9BB0658ABAB4AF6261C74F18D3D98A5B22C24476FAA8DB9F4FF2621CA01F27C8AB6157F6A1E7F0900CB3F2EEE44D77AAEDC77F24B0E2288340E9A371ACB021407C3E089F61FF0F8469EC9FDFC53892B47CDD0E63748DFE8F814AF7755E6B08491B0CBF8A3A847A922798D28FC72CC9AF8F9299D7B59E1AD1054A98488DB158D471A2D66053FD017238A9B9114393CB4BFD48B8FAABF7E4139E62F533CCCFDD9189E2FFBBB8E488B25B13B17BBEDE95C32EEF7
+20150526134901 2 6 100 8191 2 C64DCFC087E26CA2C02394329FAB07FECC446B77A6190D0FFB4326006E0F6D755C35C82228750F80F466E5E6C6FD70A6D4398BBF24C8B4D4B27A38125ADA4D087A7051B2FFCDF675AB1AD9A3A4EE3071B75A8DBEDD879C1B4D396FDF862B2C192B5EB832FA23EAA10DFE795435545882854A0F3BEB476B865E6ED98E43E49950F2FDB00A0E177FAAA3162AE6F513DAFC9A55676C0BC5B87A1C79F98C1A93035F3B39BB24C2C398DA1AADCC16EBB918407579D24ADB3826725E2B4BE73129F28181BD3A1CFCA78712592F8C58E8AF3BA7D7DFFB538AA2476467AC75BFD4C884949C58A0BC8D820E0AE5E0280E083401D239F63649845FEB53444126D137B3A80D4EBF5839263C302FFC3CA5F653B2D93C4AC474D489ADC4E1379BB7FD72950B57EF30FF579917AC9999B4136C030FDCB6121E6F7222227206EBA69DEA5E7DDC7F4718E24E3E4D6D17A81F18E0D376292ED3BB744C66B9ED4BC90F6A04E953B952F794F01372FA88558228C70C97C01D5350EDEE0BEBC99BBD696AE2EFAAB1A0767DCAB15C52821B3243388CE729957668B385A050651F38702C5301A92180A8B84FDF30A74A23E34D9690EEC35A4B644B97DD1558933D7D3DAFF826C942882E223C79EEAE9835F972C273139C396E519D124B6ABBE233548EE1B00B87F7791611DF2E47343368D333C071E231F82914AAE51CEAE790410A6D11D6B82067A9847C945E0BB32310F8370C81636FF68BE65137C3FA912E4C1147F49946C198E1E15E04B8FC7AFFC8465A182E81976C5ED5C2D07F3F6AA25ED27FAC527D6126213BCABC49E102D35AF81E2A694AF0EF83DF6A687E8F3DEEC076BE08A7CD1A3B81C4997136880DB4E7E37B56082F10702F0BB646C7C8A760E297E2A39129BC4A3D0EFB9C3FA2611F5E545F2DC52E013FC49353553F46DEBB59817E18B701689B7A755E609A1B521D72DAE5CBCCE7059E8DA977C97CC87ED8118A2A0011B5ECCCB53785EBDD8986B0A3B36538BBCF4C27DCA06A4B35A9F9920439A35445A0703B34269EB2652999D041912810C06C5742B2AC9B23522D6A2AA3F38A699170B90EAE64509BBD00306C6AFB78AF35EE0D0B504500D5A2AECC0170C2B97620B4796CF538B6D867297F8EC1B08B2F4AFD3534FD9775200BAC298A216AA2553964B7A259D738C84A4035A2BAD35F2AA67CA197D9BB0658ABAB4AF6261C74F18D3D98A5B22C24476FAA8DB9F4FF2621CA01F27C8AB6157F6A1E7F0900CB3F2EEE44D77AAEDC77F24B0E2288340E9A371ACB021407C3E089F61FF0F8469EC9FDFC53892B47CDD0E63748DFE8F814AF7755E6B08491B0CBF8A3A847A922798D28FC72CC9AF8F9299D7B59E1AD1054A98488DB158D471A2D66053FD017238A9B9114393CB4BFD48B8FAABF7E4139E62F533CCCFDD9189E2FFBBB8E488B25B13B17BBEDE95F067BA3
+20150526153127 2 6 100 8191 2 C64DCFC087E26CA2C02394329FAB07FECC446B77A6190D0FFB4326006E0F6D755C35C82228750F80F466E5E6C6FD70A6D4398BBF24C8B4D4B27A38125ADA4D087A7051B2FFCDF675AB1AD9A3A4EE3071B75A8DBEDD879C1B4D396FDF862B2C192B5EB832FA23EAA10DFE795435545882854A0F3BEB476B865E6ED98E43E49950F2FDB00A0E177FAAA3162AE6F513DAFC9A55676C0BC5B87A1C79F98C1A93035F3B39BB24C2C398DA1AADCC16EBB918407579D24ADB3826725E2B4BE73129F28181BD3A1CFCA78712592F8C58E8AF3BA7D7DFFB538AA2476467AC75BFD4C884949C58A0BC8D820E0AE5E0280E083401D239F63649845FEB53444126D137B3A80D4EBF5839263C302FFC3CA5F653B2D93C4AC474D489ADC4E1379BB7FD72950B57EF30FF579917AC9999B4136C030FDCB6121E6F7222227206EBA69DEA5E7DDC7F4718E24E3E4D6D17A81F18E0D376292ED3BB744C66B9ED4BC90F6A04E953B952F794F01372FA88558228C70C97C01D5350EDEE0BEBC99BBD696AE2EFAAB1A0767DCAB15C52821B3243388CE729957668B385A050651F38702C5301A92180A8B84FDF30A74A23E34D9690EEC35A4B644B97DD1558933D7D3DAFF826C942882E223C79EEAE9835F972C273139C396E519D124B6ABBE233548EE1B00B87F7791611DF2E47343368D333C071E231F82914AAE51CEAE790410A6D11D6B82067A9847C945E0BB32310F8370C81636FF68BE65137C3FA912E4C1147F49946C198E1E15E04B8FC7AFFC8465A182E81976C5ED5C2D07F3F6AA25ED27FAC527D6126213BCABC49E102D35AF81E2A694AF0EF83DF6A687E8F3DEEC076BE08A7CD1A3B81C4997136880DB4E7E37B56082F10702F0BB646C7C8A760E297E2A39129BC4A3D0EFB9C3FA2611F5E545F2DC52E013FC49353553F46DEBB59817E18B701689B7A755E609A1B521D72DAE5CBCCE7059E8DA977C97CC87ED8118A2A0011B5ECCCB53785EBDD8986B0A3B36538BBCF4C27DCA06A4B35A9F9920439A35445A0703B34269EB2652999D041912810C06C5742B2AC9B23522D6A2AA3F38A699170B90EAE64509BBD00306C6AFB78AF35EE0D0B504500D5A2AECC0170C2B97620B4796CF538B6D867297F8EC1B08B2F4AFD3534FD9775200BAC298A216AA2553964B7A259D738C84A4035A2BAD35F2AA67CA197D9BB0658ABAB4AF6261C74F18D3D98A5B22C24476FAA8DB9F4FF2621CA01F27C8AB6157F6A1E7F0900CB3F2EEE44D77AAEDC77F24B0E2288340E9A371ACB021407C3E089F61FF0F8469EC9FDFC53892B47CDD0E63748DFE8F814AF7755E6B08491B0CBF8A3A847A922798D28FC72CC9AF8F9299D7B59E1AD1054A98488DB158D471A2D66053FD017238A9B9114393CB4BFD48B8FAABF7E4139E62F533CCCFDD9189E2FFBBB8E488B25B13B17BBEDE96179B9CB
+20150526164245 2 6 100 8191 5 C64DCFC087E26CA2C02394329FAB07FECC446B77A6190D0FFB4326006E0F6D755C35C82228750F80F466E5E6C6FD70A6D4398BBF24C8B4D4B27A38125ADA4D087A7051B2FFCDF675AB1AD9A3A4EE3071B75A8DBEDD879C1B4D396FDF862B2C192B5EB832FA23EAA10DFE795435545882854A0F3BEB476B865E6ED98E43E49950F2FDB00A0E177FAAA3162AE6F513DAFC9A55676C0BC5B87A1C79F98C1A93035F3B39BB24C2C398DA1AADCC16EBB918407579D24ADB3826725E2B4BE73129F28181BD3A1CFCA78712592F8C58E8AF3BA7D7DFFB538AA2476467AC75BFD4C884949C58A0BC8D820E0AE5E0280E083401D239F63649845FEB53444126D137B3A80D4EBF5839263C302FFC3CA5F653B2D93C4AC474D489ADC4E1379BB7FD72950B57EF30FF579917AC9999B4136C030FDCB6121E6F7222227206EBA69DEA5E7DDC7F4718E24E3E4D6D17A81F18E0D376292ED3BB744C66B9ED4BC90F6A04E953B952F794F01372FA88558228C70C97C01D5350EDEE0BEBC99BBD696AE2EFAAB1A0767DCAB15C52821B3243388CE729957668B385A050651F38702C5301A92180A8B84FDF30A74A23E34D9690EEC35A4B644B97DD1558933D7D3DAFF826C942882E223C79EEAE9835F972C273139C396E519D124B6ABBE233548EE1B00B87F7791611DF2E47343368D333C071E231F82914AAE51CEAE790410A6D11D6B82067A9847C945E0BB32310F8370C81636FF68BE65137C3FA912E4C1147F49946C198E1E15E04B8FC7AFFC8465A182E81976C5ED5C2D07F3F6AA25ED27FAC527D6126213BCABC49E102D35AF81E2A694AF0EF83DF6A687E8F3DEEC076BE08A7CD1A3B81C4997136880DB4E7E37B56082F10702F0BB646C7C8A760E297E2A39129BC4A3D0EFB9C3FA2611F5E545F2DC52E013FC49353553F46DEBB59817E18B701689B7A755E609A1B521D72DAE5CBCCE7059E8DA977C97CC87ED8118A2A0011B5ECCCB53785EBDD8986B0A3B36538BBCF4C27DCA06A4B35A9F9920439A35445A0703B34269EB2652999D041912810C06C5742B2AC9B23522D6A2AA3F38A699170B90EAE64509BBD00306C6AFB78AF35EE0D0B504500D5A2AECC0170C2B97620B4796CF538B6D867297F8EC1B08B2F4AFD3534FD9775200BAC298A216AA2553964B7A259D738C84A4035A2BAD35F2AA67CA197D9BB0658ABAB4AF6261C74F18D3D98A5B22C24476FAA8DB9F4FF2621CA01F27C8AB6157F6A1E7F0900CB3F2EEE44D77AAEDC77F24B0E2288340E9A371ACB021407C3E089F61FF0F8469EC9FDFC53892B47CDD0E63748DFE8F814AF7755E6B08491B0CBF8A3A847A922798D28FC72CC9AF8F9299D7B59E1AD1054A98488DB158D471A2D66053FD017238A9B9114393CB4BFD48B8FAABF7E4139E62F533CCCFDD9189E2FFBBB8E488B25B13B17BBEDE96332D5AF
+20150526174513 2 6 100 8191 2 C64DCFC087E26CA2C02394329FAB07FECC446B77A6190D0FFB4326006E0F6D755C35C82228750F80F466E5E6C6FD70A6D4398BBF24C8B4D4B27A38125ADA4D087A7051B2FFCDF675AB1AD9A3A4EE3071B75A8DBEDD879C1B4D396FDF862B2C192B5EB832FA23EAA10DFE795435545882854A0F3BEB476B865E6ED98E43E49950F2FDB00A0E177FAAA3162AE6F513DAFC9A55676C0BC5B87A1C79F98C1A93035F3B39BB24C2C398DA1AADCC16EBB918407579D24ADB3826725E2B4BE73129F28181BD3A1CFCA78712592F8C58E8AF3BA7D7DFFB538AA2476467AC75BFD4C884949C58A0BC8D820E0AE5E0280E083401D239F63649845FEB53444126D137B3A80D4EBF5839263C302FFC3CA5F653B2D93C4AC474D489ADC4E1379BB7FD72950B57EF30FF579917AC9999B4136C030FDCB6121E6F7222227206EBA69DEA5E7DDC7F4718E24E3E4D6D17A81F18E0D376292ED3BB744C66B9ED4BC90F6A04E953B952F794F01372FA88558228C70C97C01D5350EDEE0BEBC99BBD696AE2EFAAB1A0767DCAB15C52821B3243388CE729957668B385A050651F38702C5301A92180A8B84FDF30A74A23E34D9690EEC35A4B644B97DD1558933D7D3DAFF826C942882E223C79EEAE9835F972C273139C396E519D124B6ABBE233548EE1B00B87F7791611DF2E47343368D333C071E231F82914AAE51CEAE790410A6D11D6B82067A9847C945E0BB32310F8370C81636FF68BE65137C3FA912E4C1147F49946C198E1E15E04B8FC7AFFC8465A182E81976C5ED5C2D07F3F6AA25ED27FAC527D6126213BCABC49E102D35AF81E2A694AF0EF83DF6A687E8F3DEEC076BE08A7CD1A3B81C4997136880DB4E7E37B56082F10702F0BB646C7C8A760E297E2A39129BC4A3D0EFB9C3FA2611F5E545F2DC52E013FC49353553F46DEBB59817E18B701689B7A755E609A1B521D72DAE5CBCCE7059E8DA977C97CC87ED8118A2A0011B5ECCCB53785EBDD8986B0A3B36538BBCF4C27DCA06A4B35A9F9920439A35445A0703B34269EB2652999D041912810C06C5742B2AC9B23522D6A2AA3F38A699170B90EAE64509BBD00306C6AFB78AF35EE0D0B504500D5A2AECC0170C2B97620B4796CF538B6D867297F8EC1B08B2F4AFD3534FD9775200BAC298A216AA2553964B7A259D738C84A4035A2BAD35F2AA67CA197D9BB0658ABAB4AF6261C74F18D3D98A5B22C24476FAA8DB9F4FF2621CA01F27C8AB6157F6A1E7F0900CB3F2EEE44D77AAEDC77F24B0E2288340E9A371ACB021407C3E089F61FF0F8469EC9FDFC53892B47CDD0E63748DFE8F814AF7755E6B08491B0CBF8A3A847A922798D28FC72CC9AF8F9299D7B59E1AD1054A98488DB158D471A2D66053FD017238A9B9114393CB4BFD48B8FAABF7E4139E62F533CCCFDD9189E2FFBBB8E488B25B13B17BBEDE9649A719B
+20150527035812 2 6 100 8191 5 C64DCFC087E26CA2C02394329FAB07FECC446B77A6190D0FFB4326006E0F6D755C35C82228750F80F466E5E6C6FD70A6D4398BBF24C8B4D4B27A38125ADA4D087A7051B2FFCDF675AB1AD9A3A4EE3071B75A8DBEDD879C1B4D396FDF862B2C192B5EB832FA23EAA10DFE795435545882854A0F3BEB476B865E6ED98E43E49950F2FDB00A0E177FAAA3162AE6F513DAFC9A55676C0BC5B87A1C79F98C1A93035F3B39BB24C2C398DA1AADCC16EBB918407579D24ADB3826725E2B4BE73129F28181BD3A1CFCA78712592F8C58E8AF3BA7D7DFFB538AA2476467AC75BFD4C884949C58A0BC8D820E0AE5E0280E083401D239F63649845FEB53444126D137B3A80D4EBF5839263C302FFC3CA5F653B2D93C4AC474D489ADC4E1379BB7FD72950B57EF30FF579917AC9999B4136C030FDCB6121E6F7222227206EBA69DEA5E7DDC7F4718E24E3E4D6D17A81F18E0D376292ED3BB744C66B9ED4BC90F6A04E953B952F794F01372FA88558228C70C97C01D5350EDEE0BEBC99BBD696AE2EFAAB1A0767DCAB15C52821B3243388CE729957668B385A050651F38702C5301A92180A8B84FDF30A74A23E34D9690EEC35A4B644B97DD1558933D7D3DAFF826C942882E223C79EEAE9835F972C273139C396E519D124B6ABBE233548EE1B00B87F7791611DF2E47343368D333C071E231F82914AAE51CEAE790410A6D11D6B82067A9847C945E0BB32310F8370C81636FF68BE65137C3FA912E4C1147F49946C198E1E15E04B8FC7AFFC8465A182E81976C5ED5C2D07F3F6AA25ED27FAC527D6126213BCABC49E102D35AF81E2A694AF0EF83DF6A687E8F3DEEC076BE08A7CD1A3B81C4997136880DB4E7E37B56082F10702F0BB646C7C8A760E297E2A39129BC4A3D0EFB9C3FA2611F5E545F2DC52E013FC49353553F46DEBB59817E18B701689B7A755E609A1B521D72DAE5CBCCE7059E8DA977C97CC87ED8118A2A0011B5ECCCB53785EBDD8986B0A3B36538BBCF4C27DCA06A4B35A9F9920439A35445A0703B34269EB2652999D041912810C06C5742B2AC9B23522D6A2AA3F38A699170B90EAE64509BBD00306C6AFB78AF35EE0D0B504500D5A2AECC0170C2B97620B4796CF538B6D867297F8EC1B08B2F4AFD3534FD9775200BAC298A216AA2553964B7A259D738C84A4035A2BAD35F2AA67CA197D9BB0658ABAB4AF6261C74F18D3D98A5B22C24476FAA8DB9F4FF2621CA01F27C8AB6157F6A1E7F0900CB3F2EEE44D77AAEDC77F24B0E2288340E9A371ACB021407C3E089F61FF0F8469EC9FDFC53892B47CDD0E63748DFE8F814AF7755E6B08491B0CBF8A3A847A922798D28FC72CC9AF8F9299D7B59E1AD1054A98488DB158D471A2D66053FD017238A9B9114393CB4BFD48B8FAABF7E4139E62F533CCCFDD9189E2FFBBB8E488B25B13B17BBEDE97262B7F7
+20150527075726 2 6 100 8191 2 C64DCFC087E26CA2C02394329FAB07FECC446B77A6190D0FFB4326006E0F6D755C35C82228750F80F466E5E6C6FD70A6D4398BBF24C8B4D4B27A38125ADA4D087A7051B2FFCDF675AB1AD9A3A4EE3071B75A8DBEDD879C1B4D396FDF862B2C192B5EB832FA23EAA10DFE795435545882854A0F3BEB476B865E6ED98E43E49950F2FDB00A0E177FAAA3162AE6F513DAFC9A55676C0BC5B87A1C79F98C1A93035F3B39BB24C2C398DA1AADCC16EBB918407579D24ADB3826725E2B4BE73129F28181BD3A1CFCA78712592F8C58E8AF3BA7D7DFFB538AA2476467AC75BFD4C884949C58A0BC8D820E0AE5E0280E083401D239F63649845FEB53444126D137B3A80D4EBF5839263C302FFC3CA5F653B2D93C4AC474D489ADC4E1379BB7FD72950B57EF30FF579917AC9999B4136C030FDCB6121E6F7222227206EBA69DEA5E7DDC7F4718E24E3E4D6D17A81F18E0D376292ED3BB744C66B9ED4BC90F6A04E953B952F794F01372FA88558228C70C97C01D5350EDEE0BEBC99BBD696AE2EFAAB1A0767DCAB15C52821B3243388CE729957668B385A050651F38702C5301A92180A8B84FDF30A74A23E34D9690EEC35A4B644B97DD1558933D7D3DAFF826C942882E223C79EEAE9835F972C273139C396E519D124B6ABBE233548EE1B00B87F7791611DF2E47343368D333C071E231F82914AAE51CEAE790410A6D11D6B82067A9847C945E0BB32310F8370C81636FF68BE65137C3FA912E4C1147F49946C198E1E15E04B8FC7AFFC8465A182E81976C5ED5C2D07F3F6AA25ED27FAC527D6126213BCABC49E102D35AF81E2A694AF0EF83DF6A687E8F3DEEC076BE08A7CD1A3B81C4997136880DB4E7E37B56082F10702F0BB646C7C8A760E297E2A39129BC4A3D0EFB9C3FA2611F5E545F2DC52E013FC49353553F46DEBB59817E18B701689B7A755E609A1B521D72DAE5CBCCE7059E8DA977C97CC87ED8118A2A0011B5ECCCB53785EBDD8986B0A3B36538BBCF4C27DCA06A4B35A9F9920439A35445A0703B34269EB2652999D041912810C06C5742B2AC9B23522D6A2AA3F38A699170B90EAE64509BBD00306C6AFB78AF35EE0D0B504500D5A2AECC0170C2B97620B4796CF538B6D867297F8EC1B08B2F4AFD3534FD9775200BAC298A216AA2553964B7A259D738C84A4035A2BAD35F2AA67CA197D9BB0658ABAB4AF6261C74F18D3D98A5B22C24476FAA8DB9F4FF2621CA01F27C8AB6157F6A1E7F0900CB3F2EEE44D77AAEDC77F24B0E2288340E9A371ACB021407C3E089F61FF0F8469EC9FDFC53892B47CDD0E63748DFE8F814AF7755E6B08491B0CBF8A3A847A922798D28FC72CC9AF8F9299D7B59E1AD1054A98488DB158D471A2D66053FD017238A9B9114393CB4BFD48B8FAABF7E4139E62F533CCCFDD9189E2FFBBB8E488B25B13B17BBEDE977B43343
+20150527112120 2 6 100 8191 5 C64DCFC087E26CA2C02394329FAB07FECC446B77A6190D0FFB4326006E0F6D755C35C82228750F80F466E5E6C6FD70A6D4398BBF24C8B4D4B27A38125ADA4D087A7051B2FFCDF675AB1AD9A3A4EE3071B75A8DBEDD879C1B4D396FDF862B2C192B5EB832FA23EAA10DFE795435545882854A0F3BEB476B865E6ED98E43E49950F2FDB00A0E177FAAA3162AE6F513DAFC9A55676C0BC5B87A1C79F98C1A93035F3B39BB24C2C398DA1AADCC16EBB918407579D24ADB3826725E2B4BE73129F28181BD3A1CFCA78712592F8C58E8AF3BA7D7DFFB538AA2476467AC75BFD4C884949C58A0BC8D820E0AE5E0280E083401D239F63649845FEB53444126D137B3A80D4EBF5839263C302FFC3CA5F653B2D93C4AC474D489ADC4E1379BB7FD72950B57EF30FF579917AC9999B4136C030FDCB6121E6F7222227206EBA69DEA5E7DDC7F4718E24E3E4D6D17A81F18E0D376292ED3BB744C66B9ED4BC90F6A04E953B952F794F01372FA88558228C70C97C01D5350EDEE0BEBC99BBD696AE2EFAAB1A0767DCAB15C52821B3243388CE729957668B385A050651F38702C5301A92180A8B84FDF30A74A23E34D9690EEC35A4B644B97DD1558933D7D3DAFF826C942882E223C79EEAE9835F972C273139C396E519D124B6ABBE233548EE1B00B87F7791611DF2E47343368D333C071E231F82914AAE51CEAE790410A6D11D6B82067A9847C945E0BB32310F8370C81636FF68BE65137C3FA912E4C1147F49946C198E1E15E04B8FC7AFFC8465A182E81976C5ED5C2D07F3F6AA25ED27FAC527D6126213BCABC49E102D35AF81E2A694AF0EF83DF6A687E8F3DEEC076BE08A7CD1A3B81C4997136880DB4E7E37B56082F10702F0BB646C7C8A760E297E2A39129BC4A3D0EFB9C3FA2611F5E545F2DC52E013FC49353553F46DEBB59817E18B701689B7A755E609A1B521D72DAE5CBCCE7059E8DA977C97CC87ED8118A2A0011B5ECCCB53785EBDD8986B0A3B36538BBCF4C27DCA06A4B35A9F9920439A35445A0703B34269EB2652999D041912810C06C5742B2AC9B23522D6A2AA3F38A699170B90EAE64509BBD00306C6AFB78AF35EE0D0B504500D5A2AECC0170C2B97620B4796CF538B6D867297F8EC1B08B2F4AFD3534FD9775200BAC298A216AA2553964B7A259D738C84A4035A2BAD35F2AA67CA197D9BB0658ABAB4AF6261C74F18D3D98A5B22C24476FAA8DB9F4FF2621CA01F27C8AB6157F6A1E7F0900CB3F2EEE44D77AAEDC77F24B0E2288340E9A371ACB021407C3E089F61FF0F8469EC9FDFC53892B47CDD0E63748DFE8F814AF7755E6B08491B0CBF8A3A847A922798D28FC72CC9AF8F9299D7B59E1AD1054A98488DB158D471A2D66053FD017238A9B9114393CB4BFD48B8FAABF7E4139E62F533CCCFDD9189E2FFBBB8E488B25B13B17BBEDE97C1F6EA7
+20150528010450 2 6 100 8191 2 C64DCFC087E26CA2C02394329FAB07FECC446B77A6190D0FFB4326006E0F6D755C35C82228750F80F466E5E6C6FD70A6D4398BBF24C8B4D4B27A38125ADA4D087A7051B2FFCDF675AB1AD9A3A4EE3071B75A8DBEDD879C1B4D396FDF862B2C192B5EB832FA23EAA10DFE795435545882854A0F3BEB476B865E6ED98E43E49950F2FDB00A0E177FAAA3162AE6F513DAFC9A55676C0BC5B87A1C79F98C1A93035F3B39BB24C2C398DA1AADCC16EBB918407579D24ADB3826725E2B4BE73129F28181BD3A1CFCA78712592F8C58E8AF3BA7D7DFFB538AA2476467AC75BFD4C884949C58A0BC8D820E0AE5E0280E083401D239F63649845FEB53444126D137B3A80D4EBF5839263C302FFC3CA5F653B2D93C4AC474D489ADC4E1379BB7FD72950B57EF30FF579917AC9999B4136C030FDCB6121E6F7222227206EBA69DEA5E7DDC7F4718E24E3E4D6D17A81F18E0D376292ED3BB744C66B9ED4BC90F6A04E953B952F794F01372FA88558228C70C97C01D5350EDEE0BEBC99BBD696AE2EFAAB1A0767DCAB15C52821B3243388CE729957668B385A050651F38702C5301A92180A8B84FDF30A74A23E34D9690EEC35A4B644B97DD1558933D7D3DAFF826C942882E223C79EEAE9835F972C273139C396E519D124B6ABBE233548EE1B00B87F7791611DF2E47343368D333C071E231F82914AAE51CEAE790410A6D11D6B82067A9847C945E0BB32310F8370C81636FF68BE65137C3FA912E4C1147F49946C198E1E15E04B8FC7AFFC8465A182E81976C5ED5C2D07F3F6AA25ED27FAC527D6126213BCABC49E102D35AF81E2A694AF0EF83DF6A687E8F3DEEC076BE08A7CD1A3B81C4997136880DB4E7E37B56082F10702F0BB646C7C8A760E297E2A39129BC4A3D0EFB9C3FA2611F5E545F2DC52E013FC49353553F46DEBB59817E18B701689B7A755E609A1B521D72DAE5CBCCE7059E8DA977C97CC87ED8118A2A0011B5ECCCB53785EBDD8986B0A3B36538BBCF4C27DCA06A4B35A9F9920439A35445A0703B34269EB2652999D041912810C06C5742B2AC9B23522D6A2AA3F38A699170B90EAE64509BBD00306C6AFB78AF35EE0D0B504500D5A2AECC0170C2B97620B4796CF538B6D867297F8EC1B08B2F4AFD3534FD9775200BAC298A216AA2553964B7A259D738C84A4035A2BAD35F2AA67CA197D9BB0658ABAB4AF6261C74F18D3D98A5B22C24476FAA8DB9F4FF2621CA01F27C8AB6157F6A1E7F0900CB3F2EEE44D77AAEDC77F24B0E2288340E9A371ACB021407C3E089F61FF0F8469EC9FDFC53892B47CDD0E63748DFE8F814AF7755E6B08491B0CBF8A3A847A922798D28FC72CC9AF8F9299D7B59E1AD1054A98488DB158D471A2D66053FD017238A9B9114393CB4BFD48B8FAABF7E4139E62F533CCCFDD9189E2FFBBB8E488B25B13B17BBEDE98E4FBCCB
+20150528020450 2 6 100 8191 2 C64DCFC087E26CA2C02394329FAB07FECC446B77A6190D0FFB4326006E0F6D755C35C82228750F80F466E5E6C6FD70A6D4398BBF24C8B4D4B27A38125ADA4D087A7051B2FFCDF675AB1AD9A3A4EE3071B75A8DBEDD879C1B4D396FDF862B2C192B5EB832FA23EAA10DFE795435545882854A0F3BEB476B865E6ED98E43E49950F2FDB00A0E177FAAA3162AE6F513DAFC9A55676C0BC5B87A1C79F98C1A93035F3B39BB24C2C398DA1AADCC16EBB918407579D24ADB3826725E2B4BE73129F28181BD3A1CFCA78712592F8C58E8AF3BA7D7DFFB538AA2476467AC75BFD4C884949C58A0BC8D820E0AE5E0280E083401D239F63649845FEB53444126D137B3A80D4EBF5839263C302FFC3CA5F653B2D93C4AC474D489ADC4E1379BB7FD72950B57EF30FF579917AC9999B4136C030FDCB6121E6F7222227206EBA69DEA5E7DDC7F4718E24E3E4D6D17A81F18E0D376292ED3BB744C66B9ED4BC90F6A04E953B952F794F01372FA88558228C70C97C01D5350EDEE0BEBC99BBD696AE2EFAAB1A0767DCAB15C52821B3243388CE729957668B385A050651F38702C5301A92180A8B84FDF30A74A23E34D9690EEC35A4B644B97DD1558933D7D3DAFF826C942882E223C79EEAE9835F972C273139C396E519D124B6ABBE233548EE1B00B87F7791611DF2E47343368D333C071E231F82914AAE51CEAE790410A6D11D6B82067A9847C945E0BB32310F8370C81636FF68BE65137C3FA912E4C1147F49946C198E1E15E04B8FC7AFFC8465A182E81976C5ED5C2D07F3F6AA25ED27FAC527D6126213BCABC49E102D35AF81E2A694AF0EF83DF6A687E8F3DEEC076BE08A7CD1A3B81C4997136880DB4E7E37B56082F10702F0BB646C7C8A760E297E2A39129BC4A3D0EFB9C3FA2611F5E545F2DC52E013FC49353553F46DEBB59817E18B701689B7A755E609A1B521D72DAE5CBCCE7059E8DA977C97CC87ED8118A2A0011B5ECCCB53785EBDD8986B0A3B36538BBCF4C27DCA06A4B35A9F9920439A35445A0703B34269EB2652999D041912810C06C5742B2AC9B23522D6A2AA3F38A699170B90EAE64509BBD00306C6AFB78AF35EE0D0B504500D5A2AECC0170C2B97620B4796CF538B6D867297F8EC1B08B2F4AFD3534FD9775200BAC298A216AA2553964B7A259D738C84A4035A2BAD35F2AA67CA197D9BB0658ABAB4AF6261C74F18D3D98A5B22C24476FAA8DB9F4FF2621CA01F27C8AB6157F6A1E7F0900CB3F2EEE44D77AAEDC77F24B0E2288340E9A371ACB021407C3E089F61FF0F8469EC9FDFC53892B47CDD0E63748DFE8F814AF7755E6B08491B0CBF8A3A847A922798D28FC72CC9AF8F9299D7B59E1AD1054A98488DB158D471A2D66053FD017238A9B9114393CB4BFD48B8FAABF7E4139E62F533CCCFDD9189E2FFBBB8E488B25B13B17BBEDE98F884B93
+20150528024708 2 6 100 8191 5 C64DCFC087E26CA2C02394329FAB07FECC446B77A6190D0FFB4326006E0F6D755C35C82228750F80F466E5E6C6FD70A6D4398BBF24C8B4D4B27A38125ADA4D087A7051B2FFCDF675AB1AD9A3A4EE3071B75A8DBEDD879C1B4D396FDF862B2C192B5EB832FA23EAA10DFE795435545882854A0F3BEB476B865E6ED98E43E49950F2FDB00A0E177FAAA3162AE6F513DAFC9A55676C0BC5B87A1C79F98C1A93035F3B39BB24C2C398DA1AADCC16EBB918407579D24ADB3826725E2B4BE73129F28181BD3A1CFCA78712592F8C58E8AF3BA7D7DFFB538AA2476467AC75BFD4C884949C58A0BC8D820E0AE5E0280E083401D239F63649845FEB53444126D137B3A80D4EBF5839263C302FFC3CA5F653B2D93C4AC474D489ADC4E1379BB7FD72950B57EF30FF579917AC9999B4136C030FDCB6121E6F7222227206EBA69DEA5E7DDC7F4718E24E3E4D6D17A81F18E0D376292ED3BB744C66B9ED4BC90F6A04E953B952F794F01372FA88558228C70C97C01D5350EDEE0BEBC99BBD696AE2EFAAB1A0767DCAB15C52821B3243388CE729957668B385A050651F38702C5301A92180A8B84FDF30A74A23E34D9690EEC35A4B644B97DD1558933D7D3DAFF826C942882E223C79EEAE9835F972C273139C396E519D124B6ABBE233548EE1B00B87F7791611DF2E47343368D333C071E231F82914AAE51CEAE790410A6D11D6B82067A9847C945E0BB32310F8370C81636FF68BE65137C3FA912E4C1147F49946C198E1E15E04B8FC7AFFC8465A182E81976C5ED5C2D07F3F6AA25ED27FAC527D6126213BCABC49E102D35AF81E2A694AF0EF83DF6A687E8F3DEEC076BE08A7CD1A3B81C4997136880DB4E7E37B56082F10702F0BB646C7C8A760E297E2A39129BC4A3D0EFB9C3FA2611F5E545F2DC52E013FC49353553F46DEBB59817E18B701689B7A755E609A1B521D72DAE5CBCCE7059E8DA977C97CC87ED8118A2A0011B5ECCCB53785EBDD8986B0A3B36538BBCF4C27DCA06A4B35A9F9920439A35445A0703B34269EB2652999D041912810C06C5742B2AC9B23522D6A2AA3F38A699170B90EAE64509BBD00306C6AFB78AF35EE0D0B504500D5A2AECC0170C2B97620B4796CF538B6D867297F8EC1B08B2F4AFD3534FD9775200BAC298A216AA2553964B7A259D738C84A4035A2BAD35F2AA67CA197D9BB0658ABAB4AF6261C74F18D3D98A5B22C24476FAA8DB9F4FF2621CA01F27C8AB6157F6A1E7F0900CB3F2EEE44D77AAEDC77F24B0E2288340E9A371ACB021407C3E089F61FF0F8469EC9FDFC53892B47CDD0E63748DFE8F814AF7755E6B08491B0CBF8A3A847A922798D28FC72CC9AF8F9299D7B59E1AD1054A98488DB158D471A2D66053FD017238A9B9114393CB4BFD48B8FAABF7E4139E62F533CCCFDD9189E2FFBBB8E488B25B13B17BBEDE990692277
+20150605205801 2 6 100 8191 5 C64DCFC087E26CA2C02394329FAB07FECC446B77A6190D0FFB4326006E0F6D755C35C82228750F80F466E5E6C6FD70A6D4398BBF24C8B4D4B27A38125ADA4D087A7051B2FFCDF675AB1AD9A3A4EE3071B75A8DBEDD879C1B4D396FDF862B2C192B5EB832FA23EAA10DFE795435545882854A0F3BEB476B865E6ED98E43E49950F2FDB00A0E177FAAA3162AE6F513DAFC9A55676C0BC5B87A1C79F98C1A93035F3B39BB24C2C398DA1AADCC16EBB918407579D24ADB3826725E2B4BE73129F28181BD3A1CFCA78712592F8C58E8AF3BA7D7DFFB538AA2476467AC75BFD4C884949C58A0BC8D820E0AE5E0280E083401D239F63649845FEB53444126D137B3A80D4EBF5839263C302FFC3CA5F653B2D93C4AC474D489ADC4E1379BB7FD72950B57EF30FF579917AC9999B4136C030FDCB6121E6F7222227206EBA69DEA5E7DDC7F4718E24E3E4D6D17A81F18E0D376292ED3BB744C66B9ED4BC90F6A04E953B952F794F01372FA88558228C70C97C01D5350EDEE0BEBC99BBD696AE2EFAAB1A0767DCAB15C52821B3243388CE729957668B385A050651F38702C5301A92180A8B84FDF30A74A23E34D9690EEC35A4B644B97DD1558933D7D3DAFF826C942882E223C79EEAE9835F972C273139C396E519D124B6ABBE233548EE1B00B87F7791611DF2E47343368D333C071E231F82914AAE51CEAE790410A6D11D6B82067A9847C945E0BB32310F8370C81636FF68BE65137C3FA912E4C1147F49946C198E1E15E04B8FC7AFFC8465A182E81976C5ED5C2D07F3F6AA25ED27FAC527D6126213BCABC49E102D35AF81E2A694AF0EF83DF6A687E8F3DEEC076BE08A7CD1A3B81C4997136880DB4E7E37B56082F10702F0BB646C7C8A760E297E2A39129BC4A3D0EFB9C3FA2611F5E545F2DC52E013FC49353553F46DEBB59817E18B701689B7A755E609A1B521D72DAE5CBCCE7059E8DA977C97CC87ED8118A2A0011B5ECCCB53785EBDD8986B0A3B36538BBCF4C27DCA06A4B35A9F9920439A35445A0703B34269EB2652999D041912810C06C5742B2AC9B23522D6A2AA3F38A699170B90EAE64509BBD00306C6AFB78AF35EE0D0B504500D5A2AECC0170C2B97620B4796CF538B6D867297F8EC1B08B2F4AFD3534FD9775200BAC298A216AA2553964B7A259D738C84A4035A2BAD35F2AA67CA197D9BB0658ABAB4AF6261C74F18D3D98A5B22C24476FAA8DB9F4FF2621CA01F27C8AB6157F6A1E7F0900CB3F2EEE44D77AAEDC77F24B0E2288340E9A371ACB021407C3E089F61FF0F8469EC9FDFC53892B47CDD0E63748DFE8F814AF7755E6B08491B0CBF8A3A847A922798D28FC72CC9AF8F9299D7B59E1AD1054A98488DB158D471A2D66053FD017238A9B9114393CB4BFD48B8FAABF7E4139E62F533CCCFDD9189E2FFBBB8E488B25B13B17BBEDE994DC793F
+20150606012116 2 6 100 8191 2 C64DCFC087E26CA2C02394329FAB07FECC446B77A6190D0FFB4326006E0F6D755C35C82228750F80F466E5E6C6FD70A6D4398BBF24C8B4D4B27A38125ADA4D087A7051B2FFCDF675AB1AD9A3A4EE3071B75A8DBEDD879C1B4D396FDF862B2C192B5EB832FA23EAA10DFE795435545882854A0F3BEB476B865E6ED98E43E49950F2FDB00A0E177FAAA3162AE6F513DAFC9A55676C0BC5B87A1C79F98C1A93035F3B39BB24C2C398DA1AADCC16EBB918407579D24ADB3826725E2B4BE73129F28181BD3A1CFCA78712592F8C58E8AF3BA7D7DFFB538AA2476467AC75BFD4C884949C58A0BC8D820E0AE5E0280E083401D239F63649845FEB53444126D137B3A80D4EBF5839263C302FFC3CA5F653B2D93C4AC474D489ADC4E1379BB7FD72950B57EF30FF579917AC9999B4136C030FDCB6121E6F7222227206EBA69DEA5E7DDC7F4718E24E3E4D6D17A81F18E0D376292ED3BB744C66B9ED4BC90F6A04E953B952F794F01372FA88558228C70C97C01D5350EDEE0BEBC99BBD696AE2EFAAB1A0767DCAB15C52821B3243388CE729957668B385A050651F38702C5301A92180A8B84FDF30A74A23E34D9690EEC35A4B644B97DD1558933D7D3DAFF826C942882E223C79EEAE9835F972C273139C396E519D124B6ABBE233548EE1B00B87F7791611DF2E47343368D333C071E231F82914AAE51CEAE790410A6D11D6B82067A9847C945E0BB32310F8370C81636FF68BE65137C3FA912E4C1147F49946C198E1E15E04B8FC7AFFC8465A182E81976C5ED5C2D07F3F6AA25ED27FAC527D6126213BCABC49E102D35AF81E2A694AF0EF83DF6A687E8F3DEEC076BE08A7CD1A3B81C4997136880DB4E7E37B56082F10702F0BB646C7C8A760E297E2A39129BC4A3D0EFB9C3FA2611F5E545F2DC52E013FC49353553F46DEBB59817E18B701689B7A755E609A1B521D72DAE5CBCCE7059E8DA977C97CC87ED8118A2A0011B5ECCCB53785EBDD8986B0A3B36538BBCF4C27DCA06A4B35A9F9920439A35445A0703B34269EB2652999D041912810C06C5742B2AC9B23522D6A2AA3F38A699170B90EAE64509BBD00306C6AFB78AF35EE0D0B504500D5A2AECC0170C2B97620B4796CF538B6D867297F8EC1B08B2F4AFD3534FD9775200BAC298A216AA2553964B7A259D738C84A4035A2BAD35F2AA67CA197D9BB0658ABAB4AF6261C74F18D3D98A5B22C24476FAA8DB9F4FF2621CA01F27C8AB6157F6A1E7F0900CB3F2EEE44D77AAEDC77F24B0E2288340E9A371ACB021407C3E089F61FF0F8469EC9FDFC53892B47CDD0E63748DFE8F814AF7755E6B08491B0CBF8A3A847A922798D28FC72CC9AF8F9299D7B59E1AD1054A98488DB158D471A2D66053FD017238A9B9114393CB4BFD48B8FAABF7E4139E62F533CCCFDD9189E2FFBBB8E488B25B13B17BBEDE99A681C6B
+20150606055158 2 6 100 8191 5 C64DCFC087E26CA2C02394329FAB07FECC446B77A6190D0FFB4326006E0F6D755C35C82228750F80F466E5E6C6FD70A6D4398BBF24C8B4D4B27A38125ADA4D087A7051B2FFCDF675AB1AD9A3A4EE3071B75A8DBEDD879C1B4D396FDF862B2C192B5EB832FA23EAA10DFE795435545882854A0F3BEB476B865E6ED98E43E49950F2FDB00A0E177FAAA3162AE6F513DAFC9A55676C0BC5B87A1C79F98C1A93035F3B39BB24C2C398DA1AADCC16EBB918407579D24ADB3826725E2B4BE73129F28181BD3A1CFCA78712592F8C58E8AF3BA7D7DFFB538AA2476467AC75BFD4C884949C58A0BC8D820E0AE5E0280E083401D239F63649845FEB53444126D137B3A80D4EBF5839263C302FFC3CA5F653B2D93C4AC474D489ADC4E1379BB7FD72950B57EF30FF579917AC9999B4136C030FDCB6121E6F7222227206EBA69DEA5E7DDC7F4718E24E3E4D6D17A81F18E0D376292ED3BB744C66B9ED4BC90F6A04E953B952F794F01372FA88558228C70C97C01D5350EDEE0BEBC99BBD696AE2EFAAB1A0767DCAB15C52821B3243388CE729957668B385A050651F38702C5301A92180A8B84FDF30A74A23E34D9690EEC35A4B644B97DD1558933D7D3DAFF826C942882E223C79EEAE9835F972C273139C396E519D124B6ABBE233548EE1B00B87F7791611DF2E47343368D333C071E231F82914AAE51CEAE790410A6D11D6B82067A9847C945E0BB32310F8370C81636FF68BE65137C3FA912E4C1147F49946C198E1E15E04B8FC7AFFC8465A182E81976C5ED5C2D07F3F6AA25ED27FAC527D6126213BCABC49E102D35AF81E2A694AF0EF83DF6A687E8F3DEEC076BE08A7CD1A3B81C4997136880DB4E7E37B56082F10702F0BB646C7C8A760E297E2A39129BC4A3D0EFB9C3FA2611F5E545F2DC52E013FC49353553F46DEBB59817E18B701689B7A755E609A1B521D72DAE5CBCCE7059E8DA977C97CC87ED8118A2A0011B5ECCCB53785EBDD8986B0A3B36538BBCF4C27DCA06A4B35A9F9920439A35445A0703B34269EB2652999D041912810C06C5742B2AC9B23522D6A2AA3F38A699170B90EAE64509BBD00306C6AFB78AF35EE0D0B504500D5A2AECC0170C2B97620B4796CF538B6D867297F8EC1B08B2F4AFD3534FD9775200BAC298A216AA2553964B7A259D738C84A4035A2BAD35F2AA67CA197D9BB0658ABAB4AF6261C74F18D3D98A5B22C24476FAA8DB9F4FF2621CA01F27C8AB6157F6A1E7F0900CB3F2EEE44D77AAEDC77F24B0E2288340E9A371ACB021407C3E089F61FF0F8469EC9FDFC53892B47CDD0E63748DFE8F814AF7755E6B08491B0CBF8A3A847A922798D28FC72CC9AF8F9299D7B59E1AD1054A98488DB158D471A2D66053FD017238A9B9114393CB4BFD48B8FAABF7E4139E62F533CCCFDD9189E2FFBBB8E488B25B13B17BBEDE9A0264EE7
+20150606071549 2 6 100 8191 2 C64DCFC087E26CA2C02394329FAB07FECC446B77A6190D0FFB4326006E0F6D755C35C82228750F80F466E5E6C6FD70A6D4398BBF24C8B4D4B27A38125ADA4D087A7051B2FFCDF675AB1AD9A3A4EE3071B75A8DBEDD879C1B4D396FDF862B2C192B5EB832FA23EAA10DFE795435545882854A0F3BEB476B865E6ED98E43E49950F2FDB00A0E177FAAA3162AE6F513DAFC9A55676C0BC5B87A1C79F98C1A93035F3B39BB24C2C398DA1AADCC16EBB918407579D24ADB3826725E2B4BE73129F28181BD3A1CFCA78712592F8C58E8AF3BA7D7DFFB538AA2476467AC75BFD4C884949C58A0BC8D820E0AE5E0280E083401D239F63649845FEB53444126D137B3A80D4EBF5839263C302FFC3CA5F653B2D93C4AC474D489ADC4E1379BB7FD72950B57EF30FF579917AC9999B4136C030FDCB6121E6F7222227206EBA69DEA5E7DDC7F4718E24E3E4D6D17A81F18E0D376292ED3BB744C66B9ED4BC90F6A04E953B952F794F01372FA88558228C70C97C01D5350EDEE0BEBC99BBD696AE2EFAAB1A0767DCAB15C52821B3243388CE729957668B385A050651F38702C5301A92180A8B84FDF30A74A23E34D9690EEC35A4B644B97DD1558933D7D3DAFF826C942882E223C79EEAE9835F972C273139C396E519D124B6ABBE233548EE1B00B87F7791611DF2E47343368D333C071E231F82914AAE51CEAE790410A6D11D6B82067A9847C945E0BB32310F8370C81636FF68BE65137C3FA912E4C1147F49946C198E1E15E04B8FC7AFFC8465A182E81976C5ED5C2D07F3F6AA25ED27FAC527D6126213BCABC49E102D35AF81E2A694AF0EF83DF6A687E8F3DEEC076BE08A7CD1A3B81C4997136880DB4E7E37B56082F10702F0BB646C7C8A760E297E2A39129BC4A3D0EFB9C3FA2611F5E545F2DC52E013FC49353553F46DEBB59817E18B701689B7A755E609A1B521D72DAE5CBCCE7059E8DA977C97CC87ED8118A2A0011B5ECCCB53785EBDD8986B0A3B36538BBCF4C27DCA06A4B35A9F9920439A35445A0703B34269EB2652999D041912810C06C5742B2AC9B23522D6A2AA3F38A699170B90EAE64509BBD00306C6AFB78AF35EE0D0B504500D5A2AECC0170C2B97620B4796CF538B6D867297F8EC1B08B2F4AFD3534FD9775200BAC298A216AA2553964B7A259D738C84A4035A2BAD35F2AA67CA197D9BB0658ABAB4AF6261C74F18D3D98A5B22C24476FAA8DB9F4FF2621CA01F27C8AB6157F6A1E7F0900CB3F2EEE44D77AAEDC77F24B0E2288340E9A371ACB021407C3E089F61FF0F8469EC9FDFC53892B47CDD0E63748DFE8F814AF7755E6B08491B0CBF8A3A847A922798D28FC72CC9AF8F9299D7B59E1AD1054A98488DB158D471A2D66053FD017238A9B9114393CB4BFD48B8FAABF7E4139E62F533CCCFDD9189E2FFBBB8E488B25B13B17BBEDE9A1DB0223
+20150606132241 2 6 100 8191 2 C64DCFC087E26CA2C02394329FAB07FECC446B77A6190D0FFB4326006E0F6D755C35C82228750F80F466E5E6C6FD70A6D4398BBF24C8B4D4B27A38125ADA4D087A7051B2FFCDF675AB1AD9A3A4EE3071B75A8DBEDD879C1B4D396FDF862B2C192B5EB832FA23EAA10DFE795435545882854A0F3BEB476B865E6ED98E43E49950F2FDB00A0E177FAAA3162AE6F513DAFC9A55676C0BC5B87A1C79F98C1A93035F3B39BB24C2C398DA1AADCC16EBB918407579D24ADB3826725E2B4BE73129F28181BD3A1CFCA78712592F8C58E8AF3BA7D7DFFB538AA2476467AC75BFD4C884949C58A0BC8D820E0AE5E0280E083401D239F63649845FEB53444126D137B3A80D4EBF5839263C302FFC3CA5F653B2D93C4AC474D489ADC4E1379BB7FD72950B57EF30FF579917AC9999B4136C030FDCB6121E6F7222227206EBA69DEA5E7DDC7F4718E24E3E4D6D17A81F18E0D376292ED3BB744C66B9ED4BC90F6A04E953B952F794F01372FA88558228C70C97C01D5350EDEE0BEBC99BBD696AE2EFAAB1A0767DCAB15C52821B3243388CE729957668B385A050651F38702C5301A92180A8B84FDF30A74A23E34D9690EEC35A4B644B97DD1558933D7D3DAFF826C942882E223C79EEAE9835F972C273139C396E519D124B6ABBE233548EE1B00B87F7791611DF2E47343368D333C071E231F82914AAE51CEAE790410A6D11D6B82067A9847C945E0BB32310F8370C81636FF68BE65137C3FA912E4C1147F49946C198E1E15E04B8FC7AFFC8465A182E81976C5ED5C2D07F3F6AA25ED27FAC527D6126213BCABC49E102D35AF81E2A694AF0EF83DF6A687E8F3DEEC076BE08A7CD1A3B81C4997136880DB4E7E37B56082F10702F0BB646C7C8A760E297E2A39129BC4A3D0EFB9C3FA2611F5E545F2DC52E013FC49353553F46DEBB59817E18B701689B7A755E609A1B521D72DAE5CBCCE7059E8DA977C97CC87ED8118A2A0011B5ECCCB53785EBDD8986B0A3B36538BBCF4C27DCA06A4B35A9F9920439A35445A0703B34269EB2652999D041912810C06C5742B2AC9B23522D6A2AA3F38A699170B90EAE64509BBD00306C6AFB78AF35EE0D0B504500D5A2AECC0170C2B97620B4796CF538B6D867297F8EC1B08B2F4AFD3534FD9775200BAC298A216AA2553964B7A259D738C84A4035A2BAD35F2AA67CA197D9BB0658ABAB4AF6261C74F18D3D98A5B22C24476FAA8DB9F4FF2621CA01F27C8AB6157F6A1E7F0900CB3F2EEE44D77AAEDC77F24B0E2288340E9A371ACB021407C3E089F61FF0F8469EC9FDFC53892B47CDD0E63748DFE8F814AF7755E6B08491B0CBF8A3A847A922798D28FC72CC9AF8F9299D7B59E1AD1054A98488DB158D471A2D66053FD017238A9B9114393CB4BFD48B8FAABF7E4139E62F533CCCFDD9189E2FFBBB8E488B25B13B17BBEDE9A644DC6B
+20150606164856 2 6 100 8191 2 C64DCFC087E26CA2C02394329FAB07FECC446B77A6190D0FFB4326006E0F6D755C35C82228750F80F466E5E6C6FD70A6D4398BBF24C8B4D4B27A38125ADA4D087A7051B2FFCDF675AB1AD9A3A4EE3071B75A8DBEDD879C1B4D396FDF862B2C192B5EB832FA23EAA10DFE795435545882854A0F3BEB476B865E6ED98E43E49950F2FDB00A0E177FAAA3162AE6F513DAFC9A55676C0BC5B87A1C79F98C1A93035F3B39BB24C2C398DA1AADCC16EBB918407579D24ADB3826725E2B4BE73129F28181BD3A1CFCA78712592F8C58E8AF3BA7D7DFFB538AA2476467AC75BFD4C884949C58A0BC8D820E0AE5E0280E083401D239F63649845FEB53444126D137B3A80D4EBF5839263C302FFC3CA5F653B2D93C4AC474D489ADC4E1379BB7FD72950B57EF30FF579917AC9999B4136C030FDCB6121E6F7222227206EBA69DEA5E7DDC7F4718E24E3E4D6D17A81F18E0D376292ED3BB744C66B9ED4BC90F6A04E953B952F794F01372FA88558228C70C97C01D5350EDEE0BEBC99BBD696AE2EFAAB1A0767DCAB15C52821B3243388CE729957668B385A050651F38702C5301A92180A8B84FDF30A74A23E34D9690EEC35A4B644B97DD1558933D7D3DAFF826C942882E223C79EEAE9835F972C273139C396E519D124B6ABBE233548EE1B00B87F7791611DF2E47343368D333C071E231F82914AAE51CEAE790410A6D11D6B82067A9847C945E0BB32310F8370C81636FF68BE65137C3FA912E4C1147F49946C198E1E15E04B8FC7AFFC8465A182E81976C5ED5C2D07F3F6AA25ED27FAC527D6126213BCABC49E102D35AF81E2A694AF0EF83DF6A687E8F3DEEC076BE08A7CD1A3B81C4997136880DB4E7E37B56082F10702F0BB646C7C8A760E297E2A39129BC4A3D0EFB9C3FA2611F5E545F2DC52E013FC49353553F46DEBB59817E18B701689B7A755E609A1B521D72DAE5CBCCE7059E8DA977C97CC87ED8118A2A0011B5ECCCB53785EBDD8986B0A3B36538BBCF4C27DCA06A4B35A9F9920439A35445A0703B34269EB2652999D041912810C06C5742B2AC9B23522D6A2AA3F38A699170B90EAE64509BBD00306C6AFB78AF35EE0D0B504500D5A2AECC0170C2B97620B4796CF538B6D867297F8EC1B08B2F4AFD3534FD9775200BAC298A216AA2553964B7A259D738C84A4035A2BAD35F2AA67CA197D9BB0658ABAB4AF6261C74F18D3D98A5B22C24476FAA8DB9F4FF2621CA01F27C8AB6157F6A1E7F0900CB3F2EEE44D77AAEDC77F24B0E2288340E9A371ACB021407C3E089F61FF0F8469EC9FDFC53892B47CDD0E63748DFE8F814AF7755E6B08491B0CBF8A3A847A922798D28FC72CC9AF8F9299D7B59E1AD1054A98488DB158D471A2D66053FD017238A9B9114393CB4BFD48B8FAABF7E4139E62F533CCCFDD9189E2FFBBB8E488B25B13B17BBEDE9AAAAEE73
+20150606183208 2 6 100 8191 2 C64DCFC087E26CA2C02394329FAB07FECC446B77A6190D0FFB4326006E0F6D755C35C82228750F80F466E5E6C6FD70A6D4398BBF24C8B4D4B27A38125ADA4D087A7051B2FFCDF675AB1AD9A3A4EE3071B75A8DBEDD879C1B4D396FDF862B2C192B5EB832FA23EAA10DFE795435545882854A0F3BEB476B865E6ED98E43E49950F2FDB00A0E177FAAA3162AE6F513DAFC9A55676C0BC5B87A1C79F98C1A93035F3B39BB24C2C398DA1AADCC16EBB918407579D24ADB3826725E2B4BE73129F28181BD3A1CFCA78712592F8C58E8AF3BA7D7DFFB538AA2476467AC75BFD4C884949C58A0BC8D820E0AE5E0280E083401D239F63649845FEB53444126D137B3A80D4EBF5839263C302FFC3CA5F653B2D93C4AC474D489ADC4E1379BB7FD72950B57EF30FF579917AC9999B4136C030FDCB6121E6F7222227206EBA69DEA5E7DDC7F4718E24E3E4D6D17A81F18E0D376292ED3BB744C66B9ED4BC90F6A04E953B952F794F01372FA88558228C70C97C01D5350EDEE0BEBC99BBD696AE2EFAAB1A0767DCAB15C52821B3243388CE729957668B385A050651F38702C5301A92180A8B84FDF30A74A23E34D9690EEC35A4B644B97DD1558933D7D3DAFF826C942882E223C79EEAE9835F972C273139C396E519D124B6ABBE233548EE1B00B87F7791611DF2E47343368D333C071E231F82914AAE51CEAE790410A6D11D6B82067A9847C945E0BB32310F8370C81636FF68BE65137C3FA912E4C1147F49946C198E1E15E04B8FC7AFFC8465A182E81976C5ED5C2D07F3F6AA25ED27FAC527D6126213BCABC49E102D35AF81E2A694AF0EF83DF6A687E8F3DEEC076BE08A7CD1A3B81C4997136880DB4E7E37B56082F10702F0BB646C7C8A760E297E2A39129BC4A3D0EFB9C3FA2611F5E545F2DC52E013FC49353553F46DEBB59817E18B701689B7A755E609A1B521D72DAE5CBCCE7059E8DA977C97CC87ED8118A2A0011B5ECCCB53785EBDD8986B0A3B36538BBCF4C27DCA06A4B35A9F9920439A35445A0703B34269EB2652999D041912810C06C5742B2AC9B23522D6A2AA3F38A699170B90EAE64509BBD00306C6AFB78AF35EE0D0B504500D5A2AECC0170C2B97620B4796CF538B6D867297F8EC1B08B2F4AFD3534FD9775200BAC298A216AA2553964B7A259D738C84A4035A2BAD35F2AA67CA197D9BB0658ABAB4AF6261C74F18D3D98A5B22C24476FAA8DB9F4FF2621CA01F27C8AB6157F6A1E7F0900CB3F2EEE44D77AAEDC77F24B0E2288340E9A371ACB021407C3E089F61FF0F8469EC9FDFC53892B47CDD0E63748DFE8F814AF7755E6B08491B0CBF8A3A847A922798D28FC72CC9AF8F9299D7B59E1AD1054A98488DB158D471A2D66053FD017238A9B9114393CB4BFD48B8FAABF7E4139E62F533CCCFDD9189E2FFBBB8E488B25B13B17BBEDE9ACEEACDB
+20150607015742 2 6 100 8191 5 C64DCFC087E26CA2C02394329FAB07FECC446B77A6190D0FFB4326006E0F6D755C35C82228750F80F466E5E6C6FD70A6D4398BBF24C8B4D4B27A38125ADA4D087A7051B2FFCDF675AB1AD9A3A4EE3071B75A8DBEDD879C1B4D396FDF862B2C192B5EB832FA23EAA10DFE795435545882854A0F3BEB476B865E6ED98E43E49950F2FDB00A0E177FAAA3162AE6F513DAFC9A55676C0BC5B87A1C79F98C1A93035F3B39BB24C2C398DA1AADCC16EBB918407579D24ADB3826725E2B4BE73129F28181BD3A1CFCA78712592F8C58E8AF3BA7D7DFFB538AA2476467AC75BFD4C884949C58A0BC8D820E0AE5E0280E083401D239F63649845FEB53444126D137B3A80D4EBF5839263C302FFC3CA5F653B2D93C4AC474D489ADC4E1379BB7FD72950B57EF30FF579917AC9999B4136C030FDCB6121E6F7222227206EBA69DEA5E7DDC7F4718E24E3E4D6D17A81F18E0D376292ED3BB744C66B9ED4BC90F6A04E953B952F794F01372FA88558228C70C97C01D5350EDEE0BEBC99BBD696AE2EFAAB1A0767DCAB15C52821B3243388CE729957668B385A050651F38702C5301A92180A8B84FDF30A74A23E34D9690EEC35A4B644B97DD1558933D7D3DAFF826C942882E223C79EEAE9835F972C273139C396E519D124B6ABBE233548EE1B00B87F7791611DF2E47343368D333C071E231F82914AAE51CEAE790410A6D11D6B82067A9847C945E0BB32310F8370C81636FF68BE65137C3FA912E4C1147F49946C198E1E15E04B8FC7AFFC8465A182E81976C5ED5C2D07F3F6AA25ED27FAC527D6126213BCABC49E102D35AF81E2A694AF0EF83DF6A687E8F3DEEC076BE08A7CD1A3B81C4997136880DB4E7E37B56082F10702F0BB646C7C8A760E297E2A39129BC4A3D0EFB9C3FA2611F5E545F2DC52E013FC49353553F46DEBB59817E18B701689B7A755E609A1B521D72DAE5CBCCE7059E8DA977C97CC87ED8118A2A0011B5ECCCB53785EBDD8986B0A3B36538BBCF4C27DCA06A4B35A9F9920439A35445A0703B34269EB2652999D041912810C06C5742B2AC9B23522D6A2AA3F38A699170B90EAE64509BBD00306C6AFB78AF35EE0D0B504500D5A2AECC0170C2B97620B4796CF538B6D867297F8EC1B08B2F4AFD3534FD9775200BAC298A216AA2553964B7A259D738C84A4035A2BAD35F2AA67CA197D9BB0658ABAB4AF6261C74F18D3D98A5B22C24476FAA8DB9F4FF2621CA01F27C8AB6157F6A1E7F0900CB3F2EEE44D77AAEDC77F24B0E2288340E9A371ACB021407C3E089F61FF0F8469EC9FDFC53892B47CDD0E63748DFE8F814AF7755E6B08491B0CBF8A3A847A922798D28FC72CC9AF8F9299D7B59E1AD1054A98488DB158D471A2D66053FD017238A9B9114393CB4BFD48B8FAABF7E4139E62F533CCCFDD9189E2FFBBB8E488B25B13B17BBEDE9B6ADF38F
+20150607022317 2 6 100 8191 2 C64DCFC087E26CA2C02394329FAB07FECC446B77A6190D0FFB4326006E0F6D755C35C82228750F80F466E5E6C6FD70A6D4398BBF24C8B4D4B27A38125ADA4D087A7051B2FFCDF675AB1AD9A3A4EE3071B75A8DBEDD879C1B4D396FDF862B2C192B5EB832FA23EAA10DFE795435545882854A0F3BEB476B865E6ED98E43E49950F2FDB00A0E177FAAA3162AE6F513DAFC9A55676C0BC5B87A1C79F98C1A93035F3B39BB24C2C398DA1AADCC16EBB918407579D24ADB3826725E2B4BE73129F28181BD3A1CFCA78712592F8C58E8AF3BA7D7DFFB538AA2476467AC75BFD4C884949C58A0BC8D820E0AE5E0280E083401D239F63649845FEB53444126D137B3A80D4EBF5839263C302FFC3CA5F653B2D93C4AC474D489ADC4E1379BB7FD72950B57EF30FF579917AC9999B4136C030FDCB6121E6F7222227206EBA69DEA5E7DDC7F4718E24E3E4D6D17A81F18E0D376292ED3BB744C66B9ED4BC90F6A04E953B952F794F01372FA88558228C70C97C01D5350EDEE0BEBC99BBD696AE2EFAAB1A0767DCAB15C52821B3243388CE729957668B385A050651F38702C5301A92180A8B84FDF30A74A23E34D9690EEC35A4B644B97DD1558933D7D3DAFF826C942882E223C79EEAE9835F972C273139C396E519D124B6ABBE233548EE1B00B87F7791611DF2E47343368D333C071E231F82914AAE51CEAE790410A6D11D6B82067A9847C945E0BB32310F8370C81636FF68BE65137C3FA912E4C1147F49946C198E1E15E04B8FC7AFFC8465A182E81976C5ED5C2D07F3F6AA25ED27FAC527D6126213BCABC49E102D35AF81E2A694AF0EF83DF6A687E8F3DEEC076BE08A7CD1A3B81C4997136880DB4E7E37B56082F10702F0BB646C7C8A760E297E2A39129BC4A3D0EFB9C3FA2611F5E545F2DC52E013FC49353553F46DEBB59817E18B701689B7A755E609A1B521D72DAE5CBCCE7059E8DA977C97CC87ED8118A2A0011B5ECCCB53785EBDD8986B0A3B36538BBCF4C27DCA06A4B35A9F9920439A35445A0703B34269EB2652999D041912810C06C5742B2AC9B23522D6A2AA3F38A699170B90EAE64509BBD00306C6AFB78AF35EE0D0B504500D5A2AECC0170C2B97620B4796CF538B6D867297F8EC1B08B2F4AFD3534FD9775200BAC298A216AA2553964B7A259D738C84A4035A2BAD35F2AA67CA197D9BB0658ABAB4AF6261C74F18D3D98A5B22C24476FAA8DB9F4FF2621CA01F27C8AB6157F6A1E7F0900CB3F2EEE44D77AAEDC77F24B0E2288340E9A371ACB021407C3E089F61FF0F8469EC9FDFC53892B47CDD0E63748DFE8F814AF7755E6B08491B0CBF8A3A847A922798D28FC72CC9AF8F9299D7B59E1AD1054A98488DB158D471A2D66053FD017238A9B9114393CB4BFD48B8FAABF7E4139E62F533CCCFDD9189E2FFBBB8E488B25B13B17BBEDE9B733A2AB
+20150607051100 2 6 100 8191 5 C64DCFC087E26CA2C02394329FAB07FECC446B77A6190D0FFB4326006E0F6D755C35C82228750F80F466E5E6C6FD70A6D4398BBF24C8B4D4B27A38125ADA4D087A7051B2FFCDF675AB1AD9A3A4EE3071B75A8DBEDD879C1B4D396FDF862B2C192B5EB832FA23EAA10DFE795435545882854A0F3BEB476B865E6ED98E43E49950F2FDB00A0E177FAAA3162AE6F513DAFC9A55676C0BC5B87A1C79F98C1A93035F3B39BB24C2C398DA1AADCC16EBB918407579D24ADB3826725E2B4BE73129F28181BD3A1CFCA78712592F8C58E8AF3BA7D7DFFB538AA2476467AC75BFD4C884949C58A0BC8D820E0AE5E0280E083401D239F63649845FEB53444126D137B3A80D4EBF5839263C302FFC3CA5F653B2D93C4AC474D489ADC4E1379BB7FD72950B57EF30FF579917AC9999B4136C030FDCB6121E6F7222227206EBA69DEA5E7DDC7F4718E24E3E4D6D17A81F18E0D376292ED3BB744C66B9ED4BC90F6A04E953B952F794F01372FA88558228C70C97C01D5350EDEE0BEBC99BBD696AE2EFAAB1A0767DCAB15C52821B3243388CE729957668B385A050651F38702C5301A92180A8B84FDF30A74A23E34D9690EEC35A4B644B97DD1558933D7D3DAFF826C942882E223C79EEAE9835F972C273139C396E519D124B6ABBE233548EE1B00B87F7791611DF2E47343368D333C071E231F82914AAE51CEAE790410A6D11D6B82067A9847C945E0BB32310F8370C81636FF68BE65137C3FA912E4C1147F49946C198E1E15E04B8FC7AFFC8465A182E81976C5ED5C2D07F3F6AA25ED27FAC527D6126213BCABC49E102D35AF81E2A694AF0EF83DF6A687E8F3DEEC076BE08A7CD1A3B81C4997136880DB4E7E37B56082F10702F0BB646C7C8A760E297E2A39129BC4A3D0EFB9C3FA2611F5E545F2DC52E013FC49353553F46DEBB59817E18B701689B7A755E609A1B521D72DAE5CBCCE7059E8DA977C97CC87ED8118A2A0011B5ECCCB53785EBDD8986B0A3B36538BBCF4C27DCA06A4B35A9F9920439A35445A0703B34269EB2652999D041912810C06C5742B2AC9B23522D6A2AA3F38A699170B90EAE64509BBD00306C6AFB78AF35EE0D0B504500D5A2AECC0170C2B97620B4796CF538B6D867297F8EC1B08B2F4AFD3534FD9775200BAC298A216AA2553964B7A259D738C84A4035A2BAD35F2AA67CA197D9BB0658ABAB4AF6261C74F18D3D98A5B22C24476FAA8DB9F4FF2621CA01F27C8AB6157F6A1E7F0900CB3F2EEE44D77AAEDC77F24B0E2288340E9A371ACB021407C3E089F61FF0F8469EC9FDFC53892B47CDD0E63748DFE8F814AF7755E6B08491B0CBF8A3A847A922798D28FC72CC9AF8F9299D7B59E1AD1054A98488DB158D471A2D66053FD017238A9B9114393CB4BFD48B8FAABF7E4139E62F533CCCFDD9189E2FFBBB8E488B25B13B17BBEDE9BAB79D47
+20150607064815 2 6 100 8191 5 C64DCFC087E26CA2C02394329FAB07FECC446B77A6190D0FFB4326006E0F6D755C35C82228750F80F466E5E6C6FD70A6D4398BBF24C8B4D4B27A38125ADA4D087A7051B2FFCDF675AB1AD9A3A4EE3071B75A8DBEDD879C1B4D396FDF862B2C192B5EB832FA23EAA10DFE795435545882854A0F3BEB476B865E6ED98E43E49950F2FDB00A0E177FAAA3162AE6F513DAFC9A55676C0BC5B87A1C79F98C1A93035F3B39BB24C2C398DA1AADCC16EBB918407579D24ADB3826725E2B4BE73129F28181BD3A1CFCA78712592F8C58E8AF3BA7D7DFFB538AA2476467AC75BFD4C884949C58A0BC8D820E0AE5E0280E083401D239F63649845FEB53444126D137B3A80D4EBF5839263C302FFC3CA5F653B2D93C4AC474D489ADC4E1379BB7FD72950B57EF30FF579917AC9999B4136C030FDCB6121E6F7222227206EBA69DEA5E7DDC7F4718E24E3E4D6D17A81F18E0D376292ED3BB744C66B9ED4BC90F6A04E953B952F794F01372FA88558228C70C97C01D5350EDEE0BEBC99BBD696AE2EFAAB1A0767DCAB15C52821B3243388CE729957668B385A050651F38702C5301A92180A8B84FDF30A74A23E34D9690EEC35A4B644B97DD1558933D7D3DAFF826C942882E223C79EEAE9835F972C273139C396E519D124B6ABBE233548EE1B00B87F7791611DF2E47343368D333C071E231F82914AAE51CEAE790410A6D11D6B82067A9847C945E0BB32310F8370C81636FF68BE65137C3FA912E4C1147F49946C198E1E15E04B8FC7AFFC8465A182E81976C5ED5C2D07F3F6AA25ED27FAC527D6126213BCABC49E102D35AF81E2A694AF0EF83DF6A687E8F3DEEC076BE08A7CD1A3B81C4997136880DB4E7E37B56082F10702F0BB646C7C8A760E297E2A39129BC4A3D0EFB9C3FA2611F5E545F2DC52E013FC49353553F46DEBB59817E18B701689B7A755E609A1B521D72DAE5CBCCE7059E8DA977C97CC87ED8118A2A0011B5ECCCB53785EBDD8986B0A3B36538BBCF4C27DCA06A4B35A9F9920439A35445A0703B34269EB2652999D041912810C06C5742B2AC9B23522D6A2AA3F38A699170B90EAE64509BBD00306C6AFB78AF35EE0D0B504500D5A2AECC0170C2B97620B4796CF538B6D867297F8EC1B08B2F4AFD3534FD9775200BAC298A216AA2553964B7A259D738C84A4035A2BAD35F2AA67CA197D9BB0658ABAB4AF6261C74F18D3D98A5B22C24476FAA8DB9F4FF2621CA01F27C8AB6157F6A1E7F0900CB3F2EEE44D77AAEDC77F24B0E2288340E9A371ACB021407C3E089F61FF0F8469EC9FDFC53892B47CDD0E63748DFE8F814AF7755E6B08491B0CBF8A3A847A922798D28FC72CC9AF8F9299D7B59E1AD1054A98488DB158D471A2D66053FD017238A9B9114393CB4BFD48B8FAABF7E4139E62F533CCCFDD9189E2FFBBB8E488B25B13B17BBEDE9BCBC8A17
+20150607120629 2 6 100 8191 2 C64DCFC087E26CA2C02394329FAB07FECC446B77A6190D0FFB4326006E0F6D755C35C82228750F80F466E5E6C6FD70A6D4398BBF24C8B4D4B27A38125ADA4D087A7051B2FFCDF675AB1AD9A3A4EE3071B75A8DBEDD879C1B4D396FDF862B2C192B5EB832FA23EAA10DFE795435545882854A0F3BEB476B865E6ED98E43E49950F2FDB00A0E177FAAA3162AE6F513DAFC9A55676C0BC5B87A1C79F98C1A93035F3B39BB24C2C398DA1AADCC16EBB918407579D24ADB3826725E2B4BE73129F28181BD3A1CFCA78712592F8C58E8AF3BA7D7DFFB538AA2476467AC75BFD4C884949C58A0BC8D820E0AE5E0280E083401D239F63649845FEB53444126D137B3A80D4EBF5839263C302FFC3CA5F653B2D93C4AC474D489ADC4E1379BB7FD72950B57EF30FF579917AC9999B4136C030FDCB6121E6F7222227206EBA69DEA5E7DDC7F4718E24E3E4D6D17A81F18E0D376292ED3BB744C66B9ED4BC90F6A04E953B952F794F01372FA88558228C70C97C01D5350EDEE0BEBC99BBD696AE2EFAAB1A0767DCAB15C52821B3243388CE729957668B385A050651F38702C5301A92180A8B84FDF30A74A23E34D9690EEC35A4B644B97DD1558933D7D3DAFF826C942882E223C79EEAE9835F972C273139C396E519D124B6ABBE233548EE1B00B87F7791611DF2E47343368D333C071E231F82914AAE51CEAE790410A6D11D6B82067A9847C945E0BB32310F8370C81636FF68BE65137C3FA912E4C1147F49946C198E1E15E04B8FC7AFFC8465A182E81976C5ED5C2D07F3F6AA25ED27FAC527D6126213BCABC49E102D35AF81E2A694AF0EF83DF6A687E8F3DEEC076BE08A7CD1A3B81C4997136880DB4E7E37B56082F10702F0BB646C7C8A760E297E2A39129BC4A3D0EFB9C3FA2611F5E545F2DC52E013FC49353553F46DEBB59817E18B701689B7A755E609A1B521D72DAE5CBCCE7059E8DA977C97CC87ED8118A2A0011B5ECCCB53785EBDD8986B0A3B36538BBCF4C27DCA06A4B35A9F9920439A35445A0703B34269EB2652999D041912810C06C5742B2AC9B23522D6A2AA3F38A699170B90EAE64509BBD00306C6AFB78AF35EE0D0B504500D5A2AECC0170C2B97620B4796CF538B6D867297F8EC1B08B2F4AFD3534FD9775200BAC298A216AA2553964B7A259D738C84A4035A2BAD35F2AA67CA197D9BB0658ABAB4AF6261C74F18D3D98A5B22C24476FAA8DB9F4FF2621CA01F27C8AB6157F6A1E7F0900CB3F2EEE44D77AAEDC77F24B0E2288340E9A371ACB021407C3E089F61FF0F8469EC9FDFC53892B47CDD0E63748DFE8F814AF7755E6B08491B0CBF8A3A847A922798D28FC72CC9AF8F9299D7B59E1AD1054A98488DB158D471A2D66053FD017238A9B9114393CB4BFD48B8FAABF7E4139E62F533CCCFDD9189E2FFBBB8E488B25B13B17BBEDE9C355FA5B
+20150607121012 2 6 100 8191 2 C64DCFC087E26CA2C02394329FAB07FECC446B77A6190D0FFB4326006E0F6D755C35C82228750F80F466E5E6C6FD70A6D4398BBF24C8B4D4B27A38125ADA4D087A7051B2FFCDF675AB1AD9A3A4EE3071B75A8DBEDD879C1B4D396FDF862B2C192B5EB832FA23EAA10DFE795435545882854A0F3BEB476B865E6ED98E43E49950F2FDB00A0E177FAAA3162AE6F513DAFC9A55676C0BC5B87A1C79F98C1A93035F3B39BB24C2C398DA1AADCC16EBB918407579D24ADB3826725E2B4BE73129F28181BD3A1CFCA78712592F8C58E8AF3BA7D7DFFB538AA2476467AC75BFD4C884949C58A0BC8D820E0AE5E0280E083401D239F63649845FEB53444126D137B3A80D4EBF5839263C302FFC3CA5F653B2D93C4AC474D489ADC4E1379BB7FD72950B57EF30FF579917AC9999B4136C030FDCB6121E6F7222227206EBA69DEA5E7DDC7F4718E24E3E4D6D17A81F18E0D376292ED3BB744C66B9ED4BC90F6A04E953B952F794F01372FA88558228C70C97C01D5350EDEE0BEBC99BBD696AE2EFAAB1A0767DCAB15C52821B3243388CE729957668B385A050651F38702C5301A92180A8B84FDF30A74A23E34D9690EEC35A4B644B97DD1558933D7D3DAFF826C942882E223C79EEAE9835F972C273139C396E519D124B6ABBE233548EE1B00B87F7791611DF2E47343368D333C071E231F82914AAE51CEAE790410A6D11D6B82067A9847C945E0BB32310F8370C81636FF68BE65137C3FA912E4C1147F49946C198E1E15E04B8FC7AFFC8465A182E81976C5ED5C2D07F3F6AA25ED27FAC527D6126213BCABC49E102D35AF81E2A694AF0EF83DF6A687E8F3DEEC076BE08A7CD1A3B81C4997136880DB4E7E37B56082F10702F0BB646C7C8A760E297E2A39129BC4A3D0EFB9C3FA2611F5E545F2DC52E013FC49353553F46DEBB59817E18B701689B7A755E609A1B521D72DAE5CBCCE7059E8DA977C97CC87ED8118A2A0011B5ECCCB53785EBDD8986B0A3B36538BBCF4C27DCA06A4B35A9F9920439A35445A0703B34269EB2652999D041912810C06C5742B2AC9B23522D6A2AA3F38A699170B90EAE64509BBD00306C6AFB78AF35EE0D0B504500D5A2AECC0170C2B97620B4796CF538B6D867297F8EC1B08B2F4AFD3534FD9775200BAC298A216AA2553964B7A259D738C84A4035A2BAD35F2AA67CA197D9BB0658ABAB4AF6261C74F18D3D98A5B22C24476FAA8DB9F4FF2621CA01F27C8AB6157F6A1E7F0900CB3F2EEE44D77AAEDC77F24B0E2288340E9A371ACB021407C3E089F61FF0F8469EC9FDFC53892B47CDD0E63748DFE8F814AF7755E6B08491B0CBF8A3A847A922798D28FC72CC9AF8F9299D7B59E1AD1054A98488DB158D471A2D66053FD017238A9B9114393CB4BFD48B8FAABF7E4139E62F533CCCFDD9189E2FFBBB8E488B25B13B17BBEDE9C3600A83
+20150607123508 2 6 100 8191 2 C64DCFC087E26CA2C02394329FAB07FECC446B77A6190D0FFB4326006E0F6D755C35C82228750F80F466E5E6C6FD70A6D4398BBF24C8B4D4B27A38125ADA4D087A7051B2FFCDF675AB1AD9A3A4EE3071B75A8DBEDD879C1B4D396FDF862B2C192B5EB832FA23EAA10DFE795435545882854A0F3BEB476B865E6ED98E43E49950F2FDB00A0E177FAAA3162AE6F513DAFC9A55676C0BC5B87A1C79F98C1A93035F3B39BB24C2C398DA1AADCC16EBB918407579D24ADB3826725E2B4BE73129F28181BD3A1CFCA78712592F8C58E8AF3BA7D7DFFB538AA2476467AC75BFD4C884949C58A0BC8D820E0AE5E0280E083401D239F63649845FEB53444126D137B3A80D4EBF5839263C302FFC3CA5F653B2D93C4AC474D489ADC4E1379BB7FD72950B57EF30FF579917AC9999B4136C030FDCB6121E6F7222227206EBA69DEA5E7DDC7F4718E24E3E4D6D17A81F18E0D376292ED3BB744C66B9ED4BC90F6A04E953B952F794F01372FA88558228C70C97C01D5350EDEE0BEBC99BBD696AE2EFAAB1A0767DCAB15C52821B3243388CE729957668B385A050651F38702C5301A92180A8B84FDF30A74A23E34D9690EEC35A4B644B97DD1558933D7D3DAFF826C942882E223C79EEAE9835F972C273139C396E519D124B6ABBE233548EE1B00B87F7791611DF2E47343368D333C071E231F82914AAE51CEAE790410A6D11D6B82067A9847C945E0BB32310F8370C81636FF68BE65137C3FA912E4C1147F49946C198E1E15E04B8FC7AFFC8465A182E81976C5ED5C2D07F3F6AA25ED27FAC527D6126213BCABC49E102D35AF81E2A694AF0EF83DF6A687E8F3DEEC076BE08A7CD1A3B81C4997136880DB4E7E37B56082F10702F0BB646C7C8A760E297E2A39129BC4A3D0EFB9C3FA2611F5E545F2DC52E013FC49353553F46DEBB59817E18B701689B7A755E609A1B521D72DAE5CBCCE7059E8DA977C97CC87ED8118A2A0011B5ECCCB53785EBDD8986B0A3B36538BBCF4C27DCA06A4B35A9F9920439A35445A0703B34269EB2652999D041912810C06C5742B2AC9B23522D6A2AA3F38A699170B90EAE64509BBD00306C6AFB78AF35EE0D0B504500D5A2AECC0170C2B97620B4796CF538B6D867297F8EC1B08B2F4AFD3534FD9775200BAC298A216AA2553964B7A259D738C84A4035A2BAD35F2AA67CA197D9BB0658ABAB4AF6261C74F18D3D98A5B22C24476FAA8DB9F4FF2621CA01F27C8AB6157F6A1E7F0900CB3F2EEE44D77AAEDC77F24B0E2288340E9A371ACB021407C3E089F61FF0F8469EC9FDFC53892B47CDD0E63748DFE8F814AF7755E6B08491B0CBF8A3A847A922798D28FC72CC9AF8F9299D7B59E1AD1054A98488DB158D471A2D66053FD017238A9B9114393CB4BFD48B8FAABF7E4139E62F533CCCFDD9189E2FFBBB8E488B25B13B17BBEDE9C3DCB093
+20150607144400 2 6 100 8191 2 C64DCFC087E26CA2C02394329FAB07FECC446B77A6190D0FFB4326006E0F6D755C35C82228750F80F466E5E6C6FD70A6D4398BBF24C8B4D4B27A38125ADA4D087A7051B2FFCDF675AB1AD9A3A4EE3071B75A8DBEDD879C1B4D396FDF862B2C192B5EB832FA23EAA10DFE795435545882854A0F3BEB476B865E6ED98E43E49950F2FDB00A0E177FAAA3162AE6F513DAFC9A55676C0BC5B87A1C79F98C1A93035F3B39BB24C2C398DA1AADCC16EBB918407579D24ADB3826725E2B4BE73129F28181BD3A1CFCA78712592F8C58E8AF3BA7D7DFFB538AA2476467AC75BFD4C884949C58A0BC8D820E0AE5E0280E083401D239F63649845FEB53444126D137B3A80D4EBF5839263C302FFC3CA5F653B2D93C4AC474D489ADC4E1379BB7FD72950B57EF30FF579917AC9999B4136C030FDCB6121E6F7222227206EBA69DEA5E7DDC7F4718E24E3E4D6D17A81F18E0D376292ED3BB744C66B9ED4BC90F6A04E953B952F794F01372FA88558228C70C97C01D5350EDEE0BEBC99BBD696AE2EFAAB1A0767DCAB15C52821B3243388CE729957668B385A050651F38702C5301A92180A8B84FDF30A74A23E34D9690EEC35A4B644B97DD1558933D7D3DAFF826C942882E223C79EEAE9835F972C273139C396E519D124B6ABBE233548EE1B00B87F7791611DF2E47343368D333C071E231F82914AAE51CEAE790410A6D11D6B82067A9847C945E0BB32310F8370C81636FF68BE65137C3FA912E4C1147F49946C198E1E15E04B8FC7AFFC8465A182E81976C5ED5C2D07F3F6AA25ED27FAC527D6126213BCABC49E102D35AF81E2A694AF0EF83DF6A687E8F3DEEC076BE08A7CD1A3B81C4997136880DB4E7E37B56082F10702F0BB646C7C8A760E297E2A39129BC4A3D0EFB9C3FA2611F5E545F2DC52E013FC49353553F46DEBB59817E18B701689B7A755E609A1B521D72DAE5CBCCE7059E8DA977C97CC87ED8118A2A0011B5ECCCB53785EBDD8986B0A3B36538BBCF4C27DCA06A4B35A9F9920439A35445A0703B34269EB2652999D041912810C06C5742B2AC9B23522D6A2AA3F38A699170B90EAE64509BBD00306C6AFB78AF35EE0D0B504500D5A2AECC0170C2B97620B4796CF538B6D867297F8EC1B08B2F4AFD3534FD9775200BAC298A216AA2553964B7A259D738C84A4035A2BAD35F2AA67CA197D9BB0658ABAB4AF6261C74F18D3D98A5B22C24476FAA8DB9F4FF2621CA01F27C8AB6157F6A1E7F0900CB3F2EEE44D77AAEDC77F24B0E2288340E9A371ACB021407C3E089F61FF0F8469EC9FDFC53892B47CDD0E63748DFE8F814AF7755E6B08491B0CBF8A3A847A922798D28FC72CC9AF8F9299D7B59E1AD1054A98488DB158D471A2D66053FD017238A9B9114393CB4BFD48B8FAABF7E4139E62F533CCCFDD9189E2FFBBB8E488B25B13B17BBEDE9C680E5AB
+20150607145646 2 6 100 8191 2 C64DCFC087E26CA2C02394329FAB07FECC446B77A6190D0FFB4326006E0F6D755C35C82228750F80F466E5E6C6FD70A6D4398BBF24C8B4D4B27A38125ADA4D087A7051B2FFCDF675AB1AD9A3A4EE3071B75A8DBEDD879C1B4D396FDF862B2C192B5EB832FA23EAA10DFE795435545882854A0F3BEB476B865E6ED98E43E49950F2FDB00A0E177FAAA3162AE6F513DAFC9A55676C0BC5B87A1C79F98C1A93035F3B39BB24C2C398DA1AADCC16EBB918407579D24ADB3826725E2B4BE73129F28181BD3A1CFCA78712592F8C58E8AF3BA7D7DFFB538AA2476467AC75BFD4C884949C58A0BC8D820E0AE5E0280E083401D239F63649845FEB53444126D137B3A80D4EBF5839263C302FFC3CA5F653B2D93C4AC474D489ADC4E1379BB7FD72950B57EF30FF579917AC9999B4136C030FDCB6121E6F7222227206EBA69DEA5E7DDC7F4718E24E3E4D6D17A81F18E0D376292ED3BB744C66B9ED4BC90F6A04E953B952F794F01372FA88558228C70C97C01D5350EDEE0BEBC99BBD696AE2EFAAB1A0767DCAB15C52821B3243388CE729957668B385A050651F38702C5301A92180A8B84FDF30A74A23E34D9690EEC35A4B644B97DD1558933D7D3DAFF826C942882E223C79EEAE9835F972C273139C396E519D124B6ABBE233548EE1B00B87F7791611DF2E47343368D333C071E231F82914AAE51CEAE790410A6D11D6B82067A9847C945E0BB32310F8370C81636FF68BE65137C3FA912E4C1147F49946C198E1E15E04B8FC7AFFC8465A182E81976C5ED5C2D07F3F6AA25ED27FAC527D6126213BCABC49E102D35AF81E2A694AF0EF83DF6A687E8F3DEEC076BE08A7CD1A3B81C4997136880DB4E7E37B56082F10702F0BB646C7C8A760E297E2A39129BC4A3D0EFB9C3FA2611F5E545F2DC52E013FC49353553F46DEBB59817E18B701689B7A755E609A1B521D72DAE5CBCCE7059E8DA977C97CC87ED8118A2A0011B5ECCCB53785EBDD8986B0A3B36538BBCF4C27DCA06A4B35A9F9920439A35445A0703B34269EB2652999D041912810C06C5742B2AC9B23522D6A2AA3F38A699170B90EAE64509BBD00306C6AFB78AF35EE0D0B504500D5A2AECC0170C2B97620B4796CF538B6D867297F8EC1B08B2F4AFD3534FD9775200BAC298A216AA2553964B7A259D738C84A4035A2BAD35F2AA67CA197D9BB0658ABAB4AF6261C74F18D3D98A5B22C24476FAA8DB9F4FF2621CA01F27C8AB6157F6A1E7F0900CB3F2EEE44D77AAEDC77F24B0E2288340E9A371ACB021407C3E089F61FF0F8469EC9FDFC53892B47CDD0E63748DFE8F814AF7755E6B08491B0CBF8A3A847A922798D28FC72CC9AF8F9299D7B59E1AD1054A98488DB158D471A2D66053FD017238A9B9114393CB4BFD48B8FAABF7E4139E62F533CCCFDD9189E2FFBBB8E488B25B13B17BBEDE9C6BC5BC3
+20150607201140 2 6 100 8191 2 C64DCFC087E26CA2C02394329FAB07FECC446B77A6190D0FFB4326006E0F6D755C35C82228750F80F466E5E6C6FD70A6D4398BBF24C8B4D4B27A38125ADA4D087A7051B2FFCDF675AB1AD9A3A4EE3071B75A8DBEDD879C1B4D396FDF862B2C192B5EB832FA23EAA10DFE795435545882854A0F3BEB476B865E6ED98E43E49950F2FDB00A0E177FAAA3162AE6F513DAFC9A55676C0BC5B87A1C79F98C1A93035F3B39BB24C2C398DA1AADCC16EBB918407579D24ADB3826725E2B4BE73129F28181BD3A1CFCA78712592F8C58E8AF3BA7D7DFFB538AA2476467AC75BFD4C884949C58A0BC8D820E0AE5E0280E083401D239F63649845FEB53444126D137B3A80D4EBF5839263C302FFC3CA5F653B2D93C4AC474D489ADC4E1379BB7FD72950B57EF30FF579917AC9999B4136C030FDCB6121E6F7222227206EBA69DEA5E7DDC7F4718E24E3E4D6D17A81F18E0D376292ED3BB744C66B9ED4BC90F6A04E953B952F794F01372FA88558228C70C97C01D5350EDEE0BEBC99BBD696AE2EFAAB1A0767DCAB15C52821B3243388CE729957668B385A050651F38702C5301A92180A8B84FDF30A74A23E34D9690EEC35A4B644B97DD1558933D7D3DAFF826C942882E223C79EEAE9835F972C273139C396E519D124B6ABBE233548EE1B00B87F7791611DF2E47343368D333C071E231F82914AAE51CEAE790410A6D11D6B82067A9847C945E0BB32310F8370C81636FF68BE65137C3FA912E4C1147F49946C198E1E15E04B8FC7AFFC8465A182E81976C5ED5C2D07F3F6AA25ED27FAC527D6126213BCABC49E102D35AF81E2A694AF0EF83DF6A687E8F3DEEC076BE08A7CD1A3B81C4997136880DB4E7E37B56082F10702F0BB646C7C8A760E297E2A39129BC4A3D0EFB9C3FA2611F5E545F2DC52E013FC49353553F46DEBB59817E18B701689B7A755E609A1B521D72DAE5CBCCE7059E8DA977C97CC87ED8118A2A0011B5ECCCB53785EBDD8986B0A3B36538BBCF4C27DCA06A4B35A9F9920439A35445A0703B34269EB2652999D041912810C06C5742B2AC9B23522D6A2AA3F38A699170B90EAE64509BBD00306C6AFB78AF35EE0D0B504500D5A2AECC0170C2B97620B4796CF538B6D867297F8EC1B08B2F4AFD3534FD9775200BAC298A216AA2553964B7A259D738C84A4035A2BAD35F2AA67CA197D9BB0658ABAB4AF6261C74F18D3D98A5B22C24476FAA8DB9F4FF2621CA01F27C8AB6157F6A1E7F0900CB3F2EEE44D77AAEDC77F24B0E2288340E9A371ACB021407C3E089F61FF0F8469EC9FDFC53892B47CDD0E63748DFE8F814AF7755E6B08491B0CBF8A3A847A922798D28FC72CC9AF8F9299D7B59E1AD1054A98488DB158D471A2D66053FD017238A9B9114393CB4BFD48B8FAABF7E4139E62F533CCCFDD9189E2FFBBB8E488B25B13B17BBEDE9CD3C4A03
diff --git a/crypto/openssh/moduli.0 b/crypto/openssh/moduli.0
deleted file mode 100644
index 1c580d4..0000000
--- a/crypto/openssh/moduli.0
+++ /dev/null
@@ -1,74 +0,0 @@
-MODULI(5)                     File Formats Manual                    MODULI(5)
-
-NAME
-     moduli M-bM-^@M-^S Diffie-Hellman moduli
-
-DESCRIPTION
-     The /etc/moduli file contains prime numbers and generators for use by
-     sshd(8) in the Diffie-Hellman Group Exchange key exchange method.
-
-     New moduli may be generated with ssh-keygen(1) using a two-step process.
-     An initial candidate generation pass, using ssh-keygen -G, calculates
-     numbers that are likely to be useful.  A second primality testing pass,
-     using ssh-keygen -T, provides a high degree of assurance that the numbers
-     are prime and are safe for use in Diffie-Hellman operations by sshd(8).
-     This moduli format is used as the output from each pass.
-
-     The file consists of newline-separated records, one per modulus,
-     containing seven space-separated fields.  These fields are as follows:
-
-           timestamp    The time that the modulus was last processed as
-                        YYYYMMDDHHMMSS.
-
-           type         Decimal number specifying the internal structure of
-                        the prime modulus.  Supported types are:
-
-                        0     Unknown, not tested.
-                        2     "Safe" prime; (p-1)/2 is also prime.
-                        4     Sophie Germain; 2p+1 is also prime.
-
-                        Moduli candidates initially produced by ssh-keygen(1)
-                        are Sophie Germain primes (type 4).  Further primality
-                        testing with ssh-keygen(1) produces safe prime moduli
-                        (type 2) that are ready for use in sshd(8).  Other
-                        types are not used by OpenSSH.
-
-           tests        Decimal number indicating the type of primality tests
-                        that the number has been subjected to represented as a
-                        bitmask of the following values:
-
-                        0x00  Not tested.
-                        0x01  Composite number M-bM-^@M-^S not prime.
-                        0x02  Sieve of Eratosthenes.
-                        0x04  Probabilistic Miller-Rabin primality tests.
-
-                        The ssh-keygen(1) moduli candidate generation uses the
-                        Sieve of Eratosthenes (flag 0x02).  Subsequent
-                        ssh-keygen(1) primality tests are Miller-Rabin tests
-                        (flag 0x04).
-
-           trials       Decimal number indicating the number of primality
-                        trials that have been performed on the modulus.
-
-           size         Decimal number indicating the size of the prime in
-                        bits.
-
-           generator    The recommended generator for use with this modulus
-                        (hexadecimal).
-
-           modulus      The modulus itself in hexadecimal.
-
-     When performing Diffie-Hellman Group Exchange, sshd(8) first estimates
-     the size of the modulus required to produce enough Diffie-Hellman output
-     to sufficiently key the selected symmetric cipher.  sshd(8) then randomly
-     selects a modulus from /etc/moduli that best meets the size requirement.
-
-SEE ALSO
-     ssh-keygen(1), sshd(8)
-
-STANDARDS
-     M. Friedl, N. Provos, and W. Simpson, Diffie-Hellman Group Exchange for
-     the Secure Shell (SSH) Transport Layer Protocol, RFC 4419, March 2006,
-     2006.
-
-OpenBSD 5.7                   September 26, 2012                   OpenBSD 5.7
diff --git a/crypto/openssh/mux.c b/crypto/openssh/mux.c
index 8ae9cdf..1ab9339 100644
--- a/crypto/openssh/mux.c
+++ b/crypto/openssh/mux.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: mux.c,v 1.53 2015/05/01 04:03:20 djm Exp $ */
+/* $OpenBSD: mux.c,v 1.54 2015/08/19 23:18:26 djm Exp $ */
 /*
  * Copyright (c) 2002-2008 Damien Miller <djm@openbsd.org>
  *
@@ -666,6 +666,8 @@ process_mux_open_fwd(u_int rid, Channel *c, Buffer *m, Buffer *r)
 	u_int lport, cport;
 	int i, ret = 0, freefwd = 1;
 
+	memset(&fwd, 0, sizeof(fwd));
+
 	/* XXX - lport/cport check redundant */
 	if (buffer_get_int_ret(&ftype, m) != 0 ||
 	    (listen_addr = buffer_get_string_ret(m, NULL)) == NULL ||
@@ -833,6 +835,8 @@ process_mux_close_fwd(u_int rid, Channel *c, Buffer *m, Buffer *r)
 	int i, ret = 0;
 	u_int lport, cport;
 
+	memset(&fwd, 0, sizeof(fwd));
+
 	if (buffer_get_int_ret(&ftype, m) != 0 ||
 	    (listen_addr = buffer_get_string_ret(m, NULL)) == NULL ||
 	    buffer_get_int_ret(&lport, m) != 0 ||
diff --git a/crypto/openssh/myproposal.h b/crypto/openssh/myproposal.h
index 84b63bc..83fc943 100644
--- a/crypto/openssh/myproposal.h
+++ b/crypto/openssh/myproposal.h
@@ -1,4 +1,5 @@
-/* $OpenBSD: myproposal.h,v 1.44 2015/05/27 23:51:10 dtucker Exp $ */
+/* $OpenBSD: myproposal.h,v 1.47 2015/07/10 06:21:53 markus Exp $ */
+/* $FreeBSD$ */
 
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
@@ -93,16 +94,13 @@
 
 #define KEX_CLIENT_KEX KEX_COMMON_KEX \
 	"diffie-hellman-group-exchange-sha1," \
-	"diffie-hellman-group14-sha1," \
-	"diffie-hellman-group1-sha1"
+	"diffie-hellman-group14-sha1"
 
 #define	KEX_DEFAULT_PK_ALG	\
 	HOSTKEY_ECDSA_CERT_METHODS \
 	"ssh-ed25519-cert-v01@openssh.com," \
 	"ssh-rsa-cert-v01@openssh.com," \
 	"ssh-dss-cert-v01@openssh.com," \
-	"ssh-rsa-cert-v00@openssh.com," \
-	"ssh-dss-cert-v00@openssh.com," \
 	HOSTKEY_ECDSA_METHODS \
 	"ssh-ed25519," \
 	"ssh-rsa," \
diff --git a/crypto/openssh/openbsd-compat/blowfish.c b/crypto/openssh/openbsd-compat/blowfish.c
index 3f14131..e10f7e7 100644
--- a/crypto/openssh/openbsd-compat/blowfish.c
+++ b/crypto/openssh/openbsd-compat/blowfish.c
@@ -40,7 +40,6 @@
  */
 
 #include "includes.h"
-__RCSID("$FreeBSD$");
 
 #if !defined(HAVE_BCRYPT_PBKDF) && (!defined(HAVE_BLOWFISH_INITSTATE) || \
     !defined(HAVE_BLOWFISH_EXPAND0STATE) || !defined(HAVE_BLF_ENC))
diff --git a/crypto/openssh/openbsd-compat/openbsd-compat.h b/crypto/openssh/openbsd-compat/openbsd-compat.h
index cb59ccd..1ff7114 100644
--- a/crypto/openssh/openbsd-compat/openbsd-compat.h
+++ b/crypto/openssh/openbsd-compat/openbsd-compat.h
@@ -70,8 +70,16 @@ void *reallocarray(void *, size_t, size_t);
 #endif
 
 #if !defined(HAVE_REALPATH) || defined(BROKEN_REALPATH)
+/*
+ * glibc's FORTIFY_SOURCE can redefine this and prevent us picking up the
+ * compat version.
+ */
+# ifdef BROKEN_REALPATH
+#  define realpath(x, y) _ssh_compat_realpath(x, y)
+# endif
+
 char *realpath(const char *path, char *resolved);
-#endif 
+#endif
 
 #ifndef HAVE_RRESVPORT_AF
 int rresvport_af(int *alport, sa_family_t af);
diff --git a/crypto/openssh/openbsd-compat/port-linux.c b/crypto/openssh/openbsd-compat/port-linux.c
index 4637a7a3..f36999d 100644
--- a/crypto/openssh/openbsd-compat/port-linux.c
+++ b/crypto/openssh/openbsd-compat/port-linux.c
@@ -278,7 +278,7 @@ oom_adjust_setup(void)
 					verbose("error writing %s: %s",
 					   oom_adj_path, strerror(errno));
 				else
-					verbose("Set %s from %d to %d",
+					debug("Set %s from %d to %d",
 					   oom_adj_path, oom_adj_save, value);
 			}
 			fclose(fp);
@@ -302,7 +302,7 @@ oom_adjust_restore(void)
 	if (fprintf(fp, "%d\n", oom_adj_save) <= 0)
 		verbose("error writing %s: %s", oom_adj_path, strerror(errno));
 	else
-		verbose("Set %s to %d", oom_adj_path, oom_adj_save);
+		debug("Set %s to %d", oom_adj_path, oom_adj_save);
 
 	fclose(fp);
 	return;
diff --git a/crypto/openssh/openbsd-compat/realpath.c b/crypto/openssh/openbsd-compat/realpath.c
index b6120d0..ba4cea9 100644
--- a/crypto/openssh/openbsd-compat/realpath.c
+++ b/crypto/openssh/openbsd-compat/realpath.c
@@ -33,11 +33,13 @@
 
 #if !defined(HAVE_REALPATH) || defined(BROKEN_REALPATH)
 
+#include <sys/types.h>
 #include <sys/param.h>
 #include <sys/stat.h>
 
 #include <errno.h>
 #include <stdlib.h>
+#include <stddef.h>
 #include <string.h>
 #include <unistd.h>
 
@@ -90,7 +92,7 @@ realpath(const char *path, char resolved[PATH_MAX])
 		 */
 		p = strchr(left, '/');
 		s = p ? p : left + left_len;
-		if (s - left >= sizeof(next_token)) {
+		if (s - left >= (ptrdiff_t)sizeof(next_token)) {
 			errno = ENAMETOOLONG;
 			return (NULL);
 		}
@@ -169,7 +171,8 @@ realpath(const char *path, char resolved[PATH_MAX])
 			 */
 			if (p != NULL) {
 				if (symlink[slen - 1] != '/') {
-					if (slen + 1 >= sizeof(symlink)) {
+					if (slen + 1 >=
+					    (ptrdiff_t)sizeof(symlink)) {
 						errno = ENAMETOOLONG;
 						return (NULL);
 					}
diff --git a/crypto/openssh/packet.c b/crypto/openssh/packet.c
index aca06d7..8c1498c 100644
--- a/crypto/openssh/packet.c
+++ b/crypto/openssh/packet.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: packet.c,v 1.212 2015/05/01 07:10:01 djm Exp $ */
+/* $OpenBSD: packet.c,v 1.214 2015/08/20 22:32:42 deraadt Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -1273,7 +1273,7 @@ ssh_packet_read_seqnr(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p)
 
 	DBG(debug("packet_read()"));
 
-	setp = (fd_set *)calloc(howmany(state->connection_in + 1,
+	setp = calloc(howmany(state->connection_in + 1,
 	    NFDBITS), sizeof(fd_mask));
 	if (setp == NULL)
 		return SSH_ERR_ALLOC_FAIL;
@@ -1582,6 +1582,7 @@ ssh_packet_read_poll2(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p)
 			logit("Bad packet length %u.", state->packlen);
 			if ((r = sshpkt_disconnect(ssh, "Packet corrupt")) != 0)
 				return r;
+			return SSH_ERR_CONN_CORRUPT;
 		}
 		sshbuf_reset(state->incoming_packet);
 	} else if (state->packlen == 0) {
@@ -1934,6 +1935,17 @@ sshpkt_fatal(struct ssh *ssh, const char *tag, int r)
 			cleanup_exit(255);
 		}
 		/* FALLTHROUGH */
+	case SSH_ERR_NO_CIPHER_ALG_MATCH:
+	case SSH_ERR_NO_MAC_ALG_MATCH:
+	case SSH_ERR_NO_COMPRESS_ALG_MATCH:
+	case SSH_ERR_NO_KEX_ALG_MATCH:
+	case SSH_ERR_NO_HOSTKEY_ALG_MATCH:
+		if (ssh && ssh->kex && ssh->kex->failed_choice) {
+			fatal("Unable to negotiate with %.200s: %s. "
+			    "Their offer: %s", ssh_remote_ipaddr(ssh),
+			    ssh_err(r), ssh->kex->failed_choice);
+		}
+		/* FALLTHROUGH */
 	default:
 		fatal("%s%sConnection to %.200s: %s",
 		    tag != NULL ? tag : "", tag != NULL ? ": " : "",
@@ -2026,7 +2038,7 @@ ssh_packet_write_wait(struct ssh *ssh)
 	struct timeval start, timeout, *timeoutp = NULL;
 	struct session_state *state = ssh->state;
 
-	setp = (fd_set *)calloc(howmany(state->connection_out + 1,
+	setp = calloc(howmany(state->connection_out + 1,
 	    NFDBITS), sizeof(fd_mask));
 	if (setp == NULL)
 		return SSH_ERR_ALLOC_FAIL;
diff --git a/crypto/openssh/readconf.c b/crypto/openssh/readconf.c
index 1e22d5d..326a59c 100644
--- a/crypto/openssh/readconf.c
+++ b/crypto/openssh/readconf.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: readconf.c,v 1.237 2015/06/26 05:13:20 djm Exp $ */
+/* $OpenBSD: readconf.c,v 1.239 2015/07/30 00:01:34 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -132,6 +132,7 @@ __RCSID("$FreeBSD$");
 
 typedef enum {
 	oBadOption,
+	oVersionAddendum,
 	oHost, oMatch,
 	oForwardAgent, oForwardX11, oForwardX11Trusted, oForwardX11Timeout,
 	oGatewayPorts, oExitOnForwardFailure,
@@ -160,7 +161,7 @@ typedef enum {
 	oCanonicalizeFallbackLocal, oCanonicalizePermittedCNAMEs,
 	oStreamLocalBindMask, oStreamLocalBindUnlink, oRevokedHostKeys,
 	oFingerprintHash, oUpdateHostkeys, oHostbasedKeyTypes,
-	oVersionAddendum,
+	oPubkeyAcceptedKeyTypes,
 	oIgnoredUnknownOption, oDeprecated, oUnsupported
 } OpCodes;
 
@@ -279,11 +280,14 @@ static struct {
 	{ "fingerprinthash", oFingerprintHash },
 	{ "updatehostkeys", oUpdateHostkeys },
 	{ "hostbasedkeytypes", oHostbasedKeyTypes },
+	{ "pubkeyacceptedkeytypes", oPubkeyAcceptedKeyTypes },
 	{ "ignoreunknown", oIgnoreUnknown },
 	{ "hpndisabled", oDeprecated },
 	{ "hpnbuffersize", oDeprecated },
 	{ "tcprcvbufpoll", oDeprecated },
 	{ "tcprcvbuf", oDeprecated },
+	{ "noneenabled", oUnsupported },
+	{ "noneswitch", oUnsupported },
 	{ "versionaddendum", oVersionAddendum },
 
 	{ NULL, oBadOption }
@@ -1106,7 +1110,7 @@ parse_int:
 		arg = strdelim(&s);
 		if (!arg || *arg == '\0')
 			fatal("%.200s line %d: Missing argument.", filename, linenum);
-		if (!ciphers_valid(arg))
+		if (!ciphers_valid(*arg == '+' ? arg + 1 : arg))
 			fatal("%.200s line %d: Bad SSH2 cipher spec '%s'.",
 			    filename, linenum, arg ? arg : "<NONE>");
 		if (*activep && options->ciphers == NULL)
@@ -1117,7 +1121,7 @@ parse_int:
 		arg = strdelim(&s);
 		if (!arg || *arg == '\0')
 			fatal("%.200s line %d: Missing argument.", filename, linenum);
-		if (!mac_valid(arg))
+		if (!mac_valid(*arg == '+' ? arg + 1 : arg))
 			fatal("%.200s line %d: Bad SSH2 Mac spec '%s'.",
 			    filename, linenum, arg ? arg : "<NONE>");
 		if (*activep && options->macs == NULL)
@@ -1129,7 +1133,7 @@ parse_int:
 		if (!arg || *arg == '\0')
 			fatal("%.200s line %d: Missing argument.",
 			    filename, linenum);
-		if (!kex_names_valid(arg))
+		if (!kex_names_valid(*arg == '+' ? arg + 1 : arg))
 			fatal("%.200s line %d: Bad SSH2 KexAlgorithms '%s'.",
 			    filename, linenum, arg ? arg : "<NONE>");
 		if (*activep && options->kex_algorithms == NULL)
@@ -1137,14 +1141,17 @@ parse_int:
 		break;
 
 	case oHostKeyAlgorithms:
+		charptr = &options->hostkeyalgorithms;
+parse_keytypes:
 		arg = strdelim(&s);
 		if (!arg || *arg == '\0')
-			fatal("%.200s line %d: Missing argument.", filename, linenum);
-		if (!sshkey_names_valid2(arg, 1))
-			fatal("%.200s line %d: Bad protocol 2 host key algorithms '%s'.",
-			    filename, linenum, arg ? arg : "<NONE>");
-		if (*activep && options->hostkeyalgorithms == NULL)
-			options->hostkeyalgorithms = xstrdup(arg);
+			fatal("%.200s line %d: Missing argument.",
+			    filename, linenum);
+		if (!sshkey_names_valid2(*arg == '+' ? arg + 1 : arg, 1))
+			fatal("%s line %d: Bad key types '%s'.",
+				filename, linenum, arg ? arg : "<NONE>");
+		if (*activep && *charptr == NULL)
+			*charptr = xstrdup(arg);
 		break;
 
 	case oProtocol:
@@ -1523,16 +1530,11 @@ parse_int:
 
 	case oHostbasedKeyTypes:
 		charptr = &options->hostbased_key_types;
-		arg = strdelim(&s);
-		if (!arg || *arg == '\0')
-			fatal("%.200s line %d: Missing argument.",
-			    filename, linenum);
-		if (!sshkey_names_valid2(arg, 1))
-			fatal("%s line %d: Bad key types '%s'.",
-				filename, linenum, arg ? arg : "<NONE>");
-		if (*activep && *charptr == NULL)
-			*charptr = xstrdup(arg);
-		break;
+		goto parse_keytypes;
+
+	case oPubkeyAcceptedKeyTypes:
+		charptr = &options->pubkey_key_types;
+		goto parse_keytypes;
 
 	case oDeprecated:
 		debug("%s line %d: Deprecated option \"%s\"",
@@ -1625,6 +1627,7 @@ void
 initialize_options(Options * options)
 {
 	memset(options, 'X', sizeof(*options));
+	options->version_addendum = NULL;
 	options->forward_agent = -1;
 	options->forward_x11 = -1;
 	options->forward_x11_trusted = -1;
@@ -1714,7 +1717,7 @@ initialize_options(Options * options)
 	options->fingerprint_hash = -1;
 	options->update_hostkeys = -1;
 	options->hostbased_key_types = NULL;
-	options->version_addendum = NULL;
+	options->pubkey_key_types = NULL;
 }
 
 /*
@@ -1800,9 +1803,6 @@ fill_default_options(Options * options)
 	/* Selected in ssh_login(). */
 	if (options->cipher == -1)
 		options->cipher = SSH_CIPHER_NOT_SET;
-	/* options->ciphers, default set in myproposals.h */
-	/* options->macs, default set in myproposals.h */
-	/* options->kex_algorithms, default set in myproposals.h */
 	/* options->hostkeyalgorithms, default set in myproposals.h */
 	if (options->protocol == SSH_PROTO_UNKNOWN)
 		options->protocol = SSH_PROTO_2;
@@ -1901,8 +1901,14 @@ fill_default_options(Options * options)
 		options->fingerprint_hash = SSH_FP_HASH_DEFAULT;
 	if (options->update_hostkeys == -1)
 		options->update_hostkeys = 0;
-	if (options->hostbased_key_types == NULL)
-		options->hostbased_key_types = xstrdup("*");
+	if (kex_assemble_names(KEX_CLIENT_ENCRYPT, &options->ciphers) != 0 ||
+	    kex_assemble_names(KEX_CLIENT_MAC, &options->macs) != 0 ||
+	    kex_assemble_names(KEX_CLIENT_KEX, &options->kex_algorithms) != 0 ||
+	    kex_assemble_names(KEX_DEFAULT_PK_ALG,
+	    &options->hostbased_key_types) != 0 ||
+	    kex_assemble_names(KEX_DEFAULT_PK_ALG,
+	    &options->pubkey_key_types) != 0)
+		fatal("%s: kex_assemble_names failed", __func__);
 
 #define CLEAR_ON_NONE(v) \
 	do { \
diff --git a/crypto/openssh/readconf.h b/crypto/openssh/readconf.h
index a34aa7d..3360667 100644
--- a/crypto/openssh/readconf.h
+++ b/crypto/openssh/readconf.h
@@ -1,4 +1,5 @@
-/* $OpenBSD: readconf.h,v 1.109 2015/02/16 22:13:32 djm Exp $ */
+/* $OpenBSD: readconf.h,v 1.110 2015/07/10 06:21:53 markus Exp $ */
+/* $FreeBSD$ */
 
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -150,7 +151,8 @@ typedef struct {
 
 	int	 update_hostkeys; /* one of SSH_UPDATE_HOSTKEYS_* */
 
-	char	*hostbased_key_types;
+	char   *hostbased_key_types;
+	char   *pubkey_key_types;
 
 	char	*version_addendum; /* Appended to SSH banner */
 
diff --git a/crypto/openssh/regress/cert-hostkey.sh b/crypto/openssh/regress/cert-hostkey.sh
index 51685dc..3f53922 100755
--- a/crypto/openssh/regress/cert-hostkey.sh
+++ b/crypto/openssh/regress/cert-hostkey.sh
@@ -1,11 +1,32 @@
-#	$OpenBSD: cert-hostkey.sh,v 1.11 2015/01/19 06:01:32 djm Exp $
+#	$OpenBSD: cert-hostkey.sh,v 1.13 2015/07/10 06:23:25 markus Exp $
 #	Placed in the Public Domain.
 
 tid="certified host keys"
 
 rm -f $OBJ/known_hosts-cert* $OBJ/host_ca_key* $OBJ/host_revoked_*
 rm -f $OBJ/cert_host_key* $OBJ/host_krl_*
+
+# Allow all hostkey/pubkey types, prefer certs for the client
+types=""
+for i in `$SSH -Q key`; do
+	if [ -z "$types" ]; then
+		types="$i"
+		continue
+	fi
+	case "$i" in
+	*cert*)	types="$i,$types";;
+	*)	types="$types,$i";;
+	esac
+done
+(
+	echo "HostKeyAlgorithms ${types}"
+	echo "PubkeyAcceptedKeyTypes *"
+) >> $OBJ/ssh_proxy
 cp $OBJ/sshd_proxy $OBJ/sshd_proxy_bak
+(
+	echo "HostKeyAlgorithms *"
+	echo "PubkeyAcceptedKeyTypes *"
+) >> $OBJ/sshd_proxy_bak
 
 HOSTS='localhost-with-alias,127.0.0.1,::1'
 
@@ -27,13 +48,6 @@ cp $OBJ/host_ca_key.pub $OBJ/host_revoked_ca
 
 PLAIN_TYPES=`$SSH -Q key-plain | sed 's/^ssh-dss/ssh-dsa/g;s/^ssh-//'`
 
-type_has_legacy() {
-	case $1 in
-		ed25519*|ecdsa*) return 1 ;;
-	esac
-	return 0
-}
-
 # Prepare certificate, plain key and CA KRLs
 ${SSHKEYGEN} -kf $OBJ/host_krl_empty || fatal "KRL init failed"
 ${SSHKEYGEN} -kf $OBJ/host_krl_plain || fatal "KRL init failed"
@@ -61,18 +75,6 @@ for ktype in $PLAIN_TYPES ; do
 		fatal "KRL update failed"
 	cat $OBJ/cert_host_key_${ktype}-cert.pub >> $OBJ/host_revoked_cert
 	serial=`expr $serial + 1`
-	type_has_legacy $ktype || continue
-	cp $OBJ/cert_host_key_${ktype} $OBJ/cert_host_key_${ktype}_v00
-	cp $OBJ/cert_host_key_${ktype}.pub $OBJ/cert_host_key_${ktype}_v00.pub
-	verbose "$tid: sign host ${ktype}_v00 cert"
-	${SSHKEYGEN} -t v00 -h -q -s $OBJ/host_ca_key \
-	    -I "regress host key for $USER" \
-	    -n $HOSTS $OBJ/cert_host_key_${ktype}_v00 ||
-		fatal "couldn't sign cert_host_key_${ktype}_v00"
-	${SSHKEYGEN} -ukf $OBJ/host_krl_cert \
-	    $OBJ/cert_host_key_${ktype}_v00-cert.pub || \
-		fatal "KRL update failed"
-	cat $OBJ/cert_host_key_${ktype}_v00-cert.pub >> $OBJ/host_revoked_cert
 done
 
 attempt_connect() {
@@ -98,7 +100,7 @@ attempt_connect() {
 
 # Basic connect and revocation tests.
 for privsep in yes no ; do
-	for ktype in $PLAIN_TYPES rsa_v00 dsa_v00; do 
+	for ktype in $PLAIN_TYPES ; do 
 		verbose "$tid: host ${ktype} cert connect privsep $privsep"
 		(
 			cat $OBJ/sshd_proxy_bak
@@ -133,14 +135,14 @@ done
 	printf '@cert-authority '
 	printf "$HOSTS "
 	cat $OBJ/host_ca_key.pub
-	for ktype in $PLAIN_TYPES rsa_v00 dsa_v00; do
+	for ktype in $PLAIN_TYPES ; do
 		test -f "$OBJ/cert_host_key_${ktype}.pub" || fatal "no pubkey"
 		printf "@revoked * `cat $OBJ/cert_host_key_${ktype}.pub`\n"
 	done
 ) > $OBJ/known_hosts-cert.orig
 cp $OBJ/known_hosts-cert.orig $OBJ/known_hosts-cert
 for privsep in yes no ; do
-	for ktype in $PLAIN_TYPES rsa_v00 dsa_v00; do 
+	for ktype in $PLAIN_TYPES ; do 
 		verbose "$tid: host ${ktype} revoked cert privsep $privsep"
 		(
 			cat $OBJ/sshd_proxy_bak
@@ -169,7 +171,7 @@ done
 	cat $OBJ/host_ca_key.pub
 ) > $OBJ/known_hosts-cert.orig
 cp $OBJ/known_hosts-cert.orig $OBJ/known_hosts-cert
-for ktype in $PLAIN_TYPES rsa_v00 dsa_v00 ; do 
+for ktype in $PLAIN_TYPES ; do 
 	verbose "$tid: host ${ktype} revoked cert"
 	(
 		cat $OBJ/sshd_proxy_bak
@@ -198,17 +200,10 @@ test_one() {
 	result=$2
 	sign_opts=$3
 
-	for kt in rsa rsa_v00 ; do
-		case $kt in
-		*_v00) args="-t v00" ;;
-		*) args="" ;;
-		esac
-
-		verbose "$tid: host cert connect $ident $kt expect $result"
+	for kt in rsa ed25519 ; do
 		${SSHKEYGEN} -q -s $OBJ/host_ca_key \
 		    -I "regress host key for $USER" \
-		    $sign_opts $args \
-		    $OBJ/cert_host_key_${kt} ||
+		    $sign_opts $OBJ/cert_host_key_${kt} ||
 			fail "couldn't sign cert_host_key_${kt}"
 		(
 			cat $OBJ/sshd_proxy_bak
@@ -242,36 +237,33 @@ test_one "cert valid interval"	success "-h -V-1w:+2w"
 test_one "cert has constraints"	failure "-h -Oforce-command=false"
 
 # Check downgrade of cert to raw key when no CA found
-for v in v01 v00 ;  do 
-	for ktype in $PLAIN_TYPES ; do 
-		type_has_legacy $ktype || continue
-		rm -f $OBJ/known_hosts-cert $OBJ/cert_host_key*
-		verbose "$tid: host ${ktype} ${v} cert downgrade to raw key"
-		# Generate and sign a host key
-		${SSHKEYGEN} -q -N '' -t ${ktype} \
-		    -f $OBJ/cert_host_key_${ktype} || \
-			fail "ssh-keygen of cert_host_key_${ktype} failed"
-		${SSHKEYGEN} -t ${v} -h -q -s $OBJ/host_ca_key \
-		    -I "regress host key for $USER" \
-		    -n $HOSTS $OBJ/cert_host_key_${ktype} ||
-			fail "couldn't sign cert_host_key_${ktype}"
-		(
-			printf "$HOSTS "
-			cat $OBJ/cert_host_key_${ktype}.pub
-		) > $OBJ/known_hosts-cert
-		(
-			cat $OBJ/sshd_proxy_bak
-			echo HostKey $OBJ/cert_host_key_${ktype}
-			echo HostCertificate $OBJ/cert_host_key_${ktype}-cert.pub
-		) > $OBJ/sshd_proxy
-		
-		${SSH} -2 -oUserKnownHostsFile=$OBJ/known_hosts-cert \
-		    -oGlobalKnownHostsFile=$OBJ/known_hosts-cert \
-			-F $OBJ/ssh_proxy somehost true
-		if [ $? -ne 0 ]; then
-			fail "ssh cert connect failed"
-		fi
-	done
+for ktype in $PLAIN_TYPES ; do 
+	rm -f $OBJ/known_hosts-cert $OBJ/cert_host_key*
+	verbose "$tid: host ${ktype} ${v} cert downgrade to raw key"
+	# Generate and sign a host key
+	${SSHKEYGEN} -q -N '' -t ${ktype} \
+	    -f $OBJ/cert_host_key_${ktype} || \
+		fail "ssh-keygen of cert_host_key_${ktype} failed"
+	${SSHKEYGEN} -t ${v} -h -q -s $OBJ/host_ca_key \
+	    -I "regress host key for $USER" \
+	    -n $HOSTS $OBJ/cert_host_key_${ktype} ||
+		fail "couldn't sign cert_host_key_${ktype}"
+	(
+		printf "$HOSTS "
+		cat $OBJ/cert_host_key_${ktype}.pub
+	) > $OBJ/known_hosts-cert
+	(
+		cat $OBJ/sshd_proxy_bak
+		echo HostKey $OBJ/cert_host_key_${ktype}
+		echo HostCertificate $OBJ/cert_host_key_${ktype}-cert.pub
+	) > $OBJ/sshd_proxy
+	
+	${SSH} -2 -oUserKnownHostsFile=$OBJ/known_hosts-cert \
+	    -oGlobalKnownHostsFile=$OBJ/known_hosts-cert \
+		-F $OBJ/ssh_proxy somehost true
+	if [ $? -ne 0 ]; then
+		fail "ssh cert connect failed"
+	fi
 done
 
 # Wrong certificate
@@ -281,33 +273,30 @@ done
 	cat $OBJ/host_ca_key.pub
 ) > $OBJ/known_hosts-cert.orig
 cp $OBJ/known_hosts-cert.orig $OBJ/known_hosts-cert
-for v in v01 v00 ;  do 
-	for kt in $PLAIN_TYPES ; do 
-		type_has_legacy $kt || continue
-		rm -f $OBJ/cert_host_key*
-		# Self-sign key
-		${SSHKEYGEN} -q -N '' -t ${kt} \
-		    -f $OBJ/cert_host_key_${kt} || \
-			fail "ssh-keygen of cert_host_key_${kt} failed"
-		${SSHKEYGEN} -t ${v} -h -q -s $OBJ/cert_host_key_${kt} \
-		    -I "regress host key for $USER" \
-		    -n $HOSTS $OBJ/cert_host_key_${kt} ||
-			fail "couldn't sign cert_host_key_${kt}"
-		verbose "$tid: host ${kt} connect wrong cert"
-		(
-			cat $OBJ/sshd_proxy_bak
-			echo HostKey $OBJ/cert_host_key_${kt}
-			echo HostCertificate $OBJ/cert_host_key_${kt}-cert.pub
-		) > $OBJ/sshd_proxy
-	
-		cp $OBJ/known_hosts-cert.orig $OBJ/known_hosts-cert
-		${SSH} -2 -oUserKnownHostsFile=$OBJ/known_hosts-cert \
-		    -oGlobalKnownHostsFile=$OBJ/known_hosts-cert \
-			-F $OBJ/ssh_proxy -q somehost true >/dev/null 2>&1
-		if [ $? -eq 0 ]; then
-			fail "ssh cert connect $ident succeeded unexpectedly"
-		fi
-	done
+for kt in $PLAIN_TYPES ; do 
+	rm -f $OBJ/cert_host_key*
+	# Self-sign key
+	${SSHKEYGEN} -q -N '' -t ${kt} \
+	    -f $OBJ/cert_host_key_${kt} || \
+		fail "ssh-keygen of cert_host_key_${kt} failed"
+	${SSHKEYGEN} -t ${v} -h -q -s $OBJ/cert_host_key_${kt} \
+	    -I "regress host key for $USER" \
+	    -n $HOSTS $OBJ/cert_host_key_${kt} ||
+		fail "couldn't sign cert_host_key_${kt}"
+	verbose "$tid: host ${kt} connect wrong cert"
+	(
+		cat $OBJ/sshd_proxy_bak
+		echo HostKey $OBJ/cert_host_key_${kt}
+		echo HostCertificate $OBJ/cert_host_key_${kt}-cert.pub
+	) > $OBJ/sshd_proxy
+
+	cp $OBJ/known_hosts-cert.orig $OBJ/known_hosts-cert
+	${SSH} -2 -oUserKnownHostsFile=$OBJ/known_hosts-cert \
+	    -oGlobalKnownHostsFile=$OBJ/known_hosts-cert \
+		-F $OBJ/ssh_proxy -q somehost true >/dev/null 2>&1
+	if [ $? -eq 0 ]; then
+		fail "ssh cert connect $ident succeeded unexpectedly"
+	fi
 done
 
 rm -f $OBJ/known_hosts-cert* $OBJ/host_ca_key* $OBJ/cert_host_key*
diff --git a/crypto/openssh/regress/cert-userkey.sh b/crypto/openssh/regress/cert-userkey.sh
index b093a91..c38c00a 100755
--- a/crypto/openssh/regress/cert-userkey.sh
+++ b/crypto/openssh/regress/cert-userkey.sh
@@ -1,18 +1,17 @@
-#	$OpenBSD: cert-userkey.sh,v 1.12 2013/12/06 13:52:46 markus Exp $
+#	$OpenBSD: cert-userkey.sh,v 1.14 2015/07/10 06:23:25 markus Exp $
 #	Placed in the Public Domain.
 
 tid="certified user keys"
 
 rm -f $OBJ/authorized_keys_$USER $OBJ/user_ca_key* $OBJ/cert_user_key*
 cp $OBJ/sshd_proxy $OBJ/sshd_proxy_bak
+cp $OBJ/ssh_proxy $OBJ/ssh_proxy_bak
 
 PLAIN_TYPES=`$SSH -Q key-plain | sed 's/^ssh-dss/ssh-dsa/;s/^ssh-//'`
 
-type_has_legacy() {
-	case $1 in
-		ed25519*|ecdsa*) return 1 ;;
-	esac
-	return 0
+kname() {
+	n=`echo "$1" | sed 's/^dsa/ssh-dss/;s/^rsa/ssh-rsa/;s/^ed/ssh-ed/'`
+	echo "$n*,ssh-rsa*,ssh-ed25519*"
 }
 
 # Create a CA key
@@ -28,18 +27,11 @@ for ktype in $PLAIN_TYPES ; do
 	${SSHKEYGEN} -q -s $OBJ/user_ca_key -I "regress user key for $USER" \
 	    -z $$ -n ${USER},mekmitasdigoat $OBJ/cert_user_key_${ktype} ||
 		fail "couldn't sign cert_user_key_${ktype}"
-	type_has_legacy $ktype || continue
-	cp $OBJ/cert_user_key_${ktype} $OBJ/cert_user_key_${ktype}_v00
-	cp $OBJ/cert_user_key_${ktype}.pub $OBJ/cert_user_key_${ktype}_v00.pub
-	verbose "$tid: sign host ${ktype}_v00 cert"
-	${SSHKEYGEN} -q -t v00 -s $OBJ/user_ca_key -I \
-	    "regress user key for $USER" \
-	    -n ${USER},mekmitasdigoat $OBJ/cert_user_key_${ktype}_v00 ||
-		fatal "couldn't sign cert_user_key_${ktype}_v00"
 done
 
 # Test explicitly-specified principals
-for ktype in $PLAIN_TYPES rsa_v00 dsa_v00 ; do 
+for ktype in $PLAIN_TYPES ; do 
+	t=$(kname $ktype)
 	for privsep in yes no ; do
 		_prefix="${ktype} privsep $privsep"
 
@@ -51,7 +43,12 @@ for ktype in $PLAIN_TYPES rsa_v00 dsa_v00 ; do
 			echo "AuthorizedPrincipalsFile " \
 			    "$OBJ/authorized_principals_%u"
 			echo "TrustedUserCAKeys $OBJ/user_ca_key.pub"
+			echo "PubkeyAcceptedKeyTypes ${t}"
 		) > $OBJ/sshd_proxy
+		(
+			cat $OBJ/ssh_proxy_bak
+			echo "PubkeyAcceptedKeyTypes ${t}"
+		) > $OBJ/ssh_proxy
 
 		# Missing authorized_principals
 		verbose "$tid: ${_prefix} missing authorized_principals"
@@ -124,7 +121,12 @@ for ktype in $PLAIN_TYPES rsa_v00 dsa_v00 ; do
 		(
 			cat $OBJ/sshd_proxy_bak
 			echo "UsePrivilegeSeparation $privsep"
+			echo "PubkeyAcceptedKeyTypes ${t}"
 		) > $OBJ/sshd_proxy
+		(
+			cat $OBJ/ssh_proxy_bak
+			echo "PubkeyAcceptedKeyTypes ${t}"
+		) > $OBJ/ssh_proxy
 
 		# Wrong principals list
 		verbose "$tid: ${_prefix} wrong principals key option"
@@ -165,7 +167,8 @@ basic_tests() {
 		extra_sshd="TrustedUserCAKeys $OBJ/user_ca_key.pub"
 	fi
 	
-	for ktype in $PLAIN_TYPES rsa_v00 dsa_v00 ; do 
+	for ktype in $PLAIN_TYPES ; do 
+		t=$(kname $ktype)
 		for privsep in yes no ; do
 			_prefix="${ktype} privsep $privsep $auth"
 			# Simple connect
@@ -173,8 +176,13 @@ basic_tests() {
 			(
 				cat $OBJ/sshd_proxy_bak
 				echo "UsePrivilegeSeparation $privsep"
+				echo "PubkeyAcceptedKeyTypes ${t}"
 				echo "$extra_sshd"
 			) > $OBJ/sshd_proxy
+			(
+				cat $OBJ/ssh_proxy_bak
+				echo "PubkeyAcceptedKeyTypes ${t}"
+			) > $OBJ/ssh_proxy
 	
 			${SSH} -2i $OBJ/cert_user_key_${ktype} \
 			    -F $OBJ/ssh_proxy somehost true
@@ -188,6 +196,7 @@ basic_tests() {
 				cat $OBJ/sshd_proxy_bak
 				echo "UsePrivilegeSeparation $privsep"
 				echo "RevokedKeys $OBJ/cert_user_key_revoked"
+				echo "PubkeyAcceptedKeyTypes ${t}"
 				echo "$extra_sshd"
 			) > $OBJ/sshd_proxy
 			cp $OBJ/cert_user_key_${ktype}.pub \
@@ -220,6 +229,7 @@ basic_tests() {
 		(
 			cat $OBJ/sshd_proxy_bak
 			echo "RevokedKeys $OBJ/user_ca_key.pub"
+			echo "PubkeyAcceptedKeyTypes ${t}"
 			echo "$extra_sshd"
 		) > $OBJ/sshd_proxy
 		${SSH} -2i $OBJ/cert_user_key_${ktype} -F $OBJ/ssh_proxy \
@@ -232,6 +242,7 @@ basic_tests() {
 	verbose "$tid: $auth CA does not authenticate"
 	(
 		cat $OBJ/sshd_proxy_bak
+		echo "PubkeyAcceptedKeyTypes ${t}"
 		echo "$extra_sshd"
 	) > $OBJ/sshd_proxy
 	verbose "$tid: ensure CA key does not authenticate user"
@@ -257,12 +268,7 @@ test_one() {
 	fi
 
 	for auth in $auth_choice ; do
-		for ktype in rsa rsa_v00 ; do
-			case $ktype in
-			*_v00) keyv="-t v00" ;;
-			*) keyv="" ;;
-			esac
-
+		for ktype in rsa ed25519 ; do
 			cat $OBJ/sshd_proxy_bak > $OBJ/sshd_proxy
 			if test "x$auth" = "xauthorized_keys" ; then
 				# Add CA to authorized_keys
@@ -274,6 +280,8 @@ test_one() {
 				echo > $OBJ/authorized_keys_$USER
 				echo "TrustedUserCAKeys $OBJ/user_ca_key.pub" \
 				    >> $OBJ/sshd_proxy
+				echo "PubkeyAcceptedKeyTypes ${t}*" \
+				    >> $OBJ/sshd_proxy
 				if test "x$auth_opt" != "x" ; then
 					echo $auth_opt >> $OBJ/sshd_proxy
 				fi
@@ -282,8 +290,7 @@ test_one() {
 			verbose "$tid: $ident auth $auth expect $result $ktype"
 			${SSHKEYGEN} -q -s $OBJ/user_ca_key \
 			    -I "regress user key for $USER" \
-			    $sign_opts $keyv \
-			    $OBJ/cert_user_key_${ktype} ||
+			    $sign_opts $OBJ/cert_user_key_${ktype} ||
 				fail "couldn't sign cert_user_key_${ktype}"
 
 			${SSH} -2i $OBJ/cert_user_key_${ktype} \
@@ -335,13 +342,10 @@ test_one "principals key option no principals" failure "" \
 
 # Wrong certificate
 cat $OBJ/sshd_proxy_bak > $OBJ/sshd_proxy
-for ktype in $PLAIN_TYPES rsa_v00 dsa_v00 ; do 
-	case $ktype in
-	*_v00) args="-t v00" ;;
-	*) args="" ;;
-	esac
+for ktype in $PLAIN_TYPES ; do 
+	t=$(kname $ktype)
 	# Self-sign
-	${SSHKEYGEN} $args -q -s $OBJ/cert_user_key_${ktype} -I \
+	${SSHKEYGEN} -q -s $OBJ/cert_user_key_${ktype} -I \
 	    "regress user key for $USER" \
 	    -n $USER $OBJ/cert_user_key_${ktype} ||
 		fail "couldn't sign cert_user_key_${ktype}"
diff --git a/crypto/openssh/regress/hostkey-agent.sh b/crypto/openssh/regress/hostkey-agent.sh
index a011ec8..094700d 100755
--- a/crypto/openssh/regress/hostkey-agent.sh
+++ b/crypto/openssh/regress/hostkey-agent.sh
@@ -1,4 +1,4 @@
-#	$OpenBSD: hostkey-agent.sh,v 1.5 2015/02/21 20:51:02 djm Exp $
+#	$OpenBSD: hostkey-agent.sh,v 1.6 2015/07/10 06:23:25 markus Exp $
 #	Placed in the Public Domain.
 
 tid="hostkey agent"
@@ -31,10 +31,11 @@ cp $OBJ/known_hosts.orig $OBJ/known_hosts
 unset SSH_AUTH_SOCK
 
 for ps in no yes; do
-	cp $OBJ/sshd_proxy.orig $OBJ/sshd_proxy
-	echo "UsePrivilegeSeparation $ps" >> $OBJ/sshd_proxy
 	for k in `${SSH} -Q key-plain` ; do
 		verbose "key type $k privsep=$ps"
+		cp $OBJ/sshd_proxy.orig $OBJ/sshd_proxy
+		echo "UsePrivilegeSeparation $ps" >> $OBJ/sshd_proxy
+		echo "HostKeyAlgorithms $k" >> $OBJ/sshd_proxy
 		opts="-oHostKeyAlgorithms=$k -F $OBJ/ssh_proxy"
 		cp $OBJ/known_hosts.orig $OBJ/known_hosts
 		SSH_CONNECTION=`${SSH} $opts host 'echo $SSH_CONNECTION'`
diff --git a/crypto/openssh/regress/hostkey-rotate.sh b/crypto/openssh/regress/hostkey-rotate.sh
index cde6008..3aa8c40 100755
--- a/crypto/openssh/regress/hostkey-rotate.sh
+++ b/crypto/openssh/regress/hostkey-rotate.sh
@@ -1,4 +1,4 @@
-#	$OpenBSD: hostkey-rotate.sh,v 1.3 2015/03/24 20:22:17 markus Exp $
+#	$OpenBSD: hostkey-rotate.sh,v 1.4 2015/07/10 06:23:25 markus Exp $
 #	Placed in the Public Domain.
 
 tid="hostkey rotate"
@@ -56,7 +56,7 @@ check_key_present ssh-ed25519 || fail "unstrict didn't learn key"
 
 # Connect to sshd as usual
 verbose "learn additional hostkeys"
-dossh -oStrictHostKeyChecking=yes
+dossh -oStrictHostKeyChecking=yes -oHostKeyAlgorithms=$all_algs
 # Check that other keys learned
 expect_nkeys $nkeys "learn hostkeys"
 check_key_present ssh-rsa || fail "didn't learn keys"
@@ -74,7 +74,7 @@ verbose "learn changed non-primary hostkey"
 mv $OBJ/hkr.ssh-rsa.pub $OBJ/hkr.ssh-rsa.pub.old
 rm -f $OBJ/hkr.ssh-rsa
 ${SSHKEYGEN} -qt ssh-rsa -f $OBJ/hkr.ssh-rsa -N '' || fatal "ssh-keygen $k"
-dossh -oStrictHostKeyChecking=yes
+dossh -oStrictHostKeyChecking=yes -oHostKeyAlgorithms=$all_algs
 # Check that the key was replaced
 expect_nkeys $nkeys "learn hostkeys"
 check_key_present ssh-rsa $OBJ/hkr.ssh-rsa.pub.old && fail "old key present"
@@ -109,7 +109,7 @@ dossh -oStrictHostKeyChecking=yes -oHostKeyAlgorithms=ssh-rsa
 expect_nkeys 1 "learn hostkeys"
 check_key_present ssh-rsa || fail "didn't learn changed key"
 
-#	$OpenBSD: hostkey-rotate.sh,v 1.3 2015/03/24 20:22:17 markus Exp $
+#	$OpenBSD: hostkey-rotate.sh,v 1.4 2015/07/10 06:23:25 markus Exp $
 #	Placed in the Public Domain.
 
 tid="hostkey rotate"
diff --git a/crypto/openssh/regress/keygen-knownhosts.sh b/crypto/openssh/regress/keygen-knownhosts.sh
index 085aac6..693cd0e 100755
--- a/crypto/openssh/regress/keygen-knownhosts.sh
+++ b/crypto/openssh/regress/keygen-knownhosts.sh
@@ -1,4 +1,4 @@
-#	$OpenBSD: keygen-knownhosts.sh,v 1.2 2015/01/27 12:01:36 djm Exp $
+#	$OpenBSD: keygen-knownhosts.sh,v 1.3 2015/07/17 03:34:27 djm Exp $
 #	Placed in the Public Domain.
 
 tid="ssh-keygen known_hosts"
@@ -57,7 +57,7 @@ check_find() {
 	_name=$2
 	_keygenopt=$3
 	${SSHKEYGEN} $_keygenopt -f $OBJ/kh.invalid -F $_host > $OBJ/kh.result
-	if ! diff -uw $OBJ/kh.expect $OBJ/kh.result ; then
+	if ! diff -w $OBJ/kh.expect $OBJ/kh.result ; then
 		fail "didn't find $_name"
 	fi
 }
@@ -95,7 +95,7 @@ check_hashed_find() {
 	test "x$_file" = "x" && _file=$OBJ/kh.invalid
 	${SSHKEYGEN} -f $_file -HF $_host | grep '|1|' | \
 	    sed "s/^[^ ]*/$_host/" > $OBJ/kh.result
-	if ! diff -uw $OBJ/kh.expect $OBJ/kh.result ; then
+	if ! diff -w $OBJ/kh.expect $OBJ/kh.result ; then
 		fail "didn't find $_name"
 	fi
 }
@@ -135,47 +135,47 @@ check_hashed_find host-h "find multiple hosts"
 # Attempt remove key on invalid file.
 cp $OBJ/kh.invalid.orig $OBJ/kh.invalid
 ${SSHKEYGEN} -qf $OBJ/kh.invalid -R host-a 2>/dev/null
-diff -u $OBJ/kh.invalid $OBJ/kh.invalid.orig || fail "remove on invalid succeeded"
+diff $OBJ/kh.invalid $OBJ/kh.invalid.orig || fail "remove on invalid succeeded"
 
 # Remove key
 cp $OBJ/kh.hosts.orig $OBJ/kh.hosts
 ${SSHKEYGEN} -qf $OBJ/kh.hosts -R host-a 2>/dev/null
 grep -v "^host-a " $OBJ/kh.hosts.orig > $OBJ/kh.expect
-diff -u $OBJ/kh.hosts $OBJ/kh.expect || fail "remove simple"
+diff $OBJ/kh.hosts $OBJ/kh.expect || fail "remove simple"
 
 # Remove CA key
 cp $OBJ/kh.hosts.orig $OBJ/kh.hosts
 ${SSHKEYGEN} -qf $OBJ/kh.hosts -R host-c 2>/dev/null
 # CA key should not be removed.
-diff -u $OBJ/kh.hosts $OBJ/kh.hosts.orig || fail "remove CA"
+diff $OBJ/kh.hosts $OBJ/kh.hosts.orig || fail "remove CA"
 
 # Remove revoked key
 cp $OBJ/kh.hosts.orig $OBJ/kh.hosts
 ${SSHKEYGEN} -qf $OBJ/kh.hosts -R host-d 2>/dev/null
 # revoked key should not be removed.
-diff -u $OBJ/kh.hosts $OBJ/kh.hosts.orig || fail "remove revoked"
+diff $OBJ/kh.hosts $OBJ/kh.hosts.orig || fail "remove revoked"
 
 # Remove wildcard
 cp $OBJ/kh.hosts.orig $OBJ/kh.hosts
 ${SSHKEYGEN} -qf $OBJ/kh.hosts -R host-e.blahblah 2>/dev/null
 grep -v "^host-e[*] " $OBJ/kh.hosts.orig > $OBJ/kh.expect
-diff -u $OBJ/kh.hosts $OBJ/kh.expect || fail "remove wildcard"
+diff $OBJ/kh.hosts $OBJ/kh.expect || fail "remove wildcard"
 
 # Remove multiple
 cp $OBJ/kh.hosts.orig $OBJ/kh.hosts
 ${SSHKEYGEN} -qf $OBJ/kh.hosts -R host-h 2>/dev/null
 grep -v "^host-f," $OBJ/kh.hosts.orig > $OBJ/kh.expect
-diff -u $OBJ/kh.hosts $OBJ/kh.expect || fail "remove wildcard"
+diff $OBJ/kh.hosts $OBJ/kh.expect || fail "remove wildcard"
 
 # Attempt hash on invalid file
 cp $OBJ/kh.invalid.orig $OBJ/kh.invalid
 ${SSHKEYGEN} -qf $OBJ/kh.invalid -H 2>/dev/null && fail "hash invalid succeeded"
-diff -u $OBJ/kh.invalid $OBJ/kh.invalid.orig || fail "invalid file modified"
+diff $OBJ/kh.invalid $OBJ/kh.invalid.orig || fail "invalid file modified"
 
 # Hash valid file
 cp $OBJ/kh.hosts.orig $OBJ/kh.hosts
 ${SSHKEYGEN} -qf $OBJ/kh.hosts -H 2>/dev/null || fail "hash failed"
-diff -u $OBJ/kh.hosts.old $OBJ/kh.hosts.orig || fail "backup differs"
+diff $OBJ/kh.hosts.old $OBJ/kh.hosts.orig || fail "backup differs"
 grep "^host-[abfgh]" $OBJ/kh.hosts && fail "original hostnames persist"
 
 cp $OBJ/kh.hosts $OBJ/kh.hashed.orig
diff --git a/crypto/openssh/regress/keytype.sh b/crypto/openssh/regress/keytype.sh
index 9752acb..8f69778 100755
--- a/crypto/openssh/regress/keytype.sh
+++ b/crypto/openssh/regress/keytype.sh
@@ -1,4 +1,4 @@
-#	$OpenBSD: keytype.sh,v 1.3 2013/12/06 13:52:46 markus Exp $
+#	$OpenBSD: keytype.sh,v 1.4 2015/07/10 06:23:25 markus Exp $
 #	Placed in the Public Domain.
 
 tid="login with different key types"
@@ -36,14 +36,26 @@ for ut in $ktypes; do
 	htypes=$ut
 	#htypes=$ktypes
 	for ht in $htypes; do 
+		case $ht in
+		dsa-1024)	t=ssh-dss;;
+		ecdsa-256)	t=ecdsa-sha2-nistp256;;
+		ecdsa-384)	t=ecdsa-sha2-nistp384;;
+		ecdsa-521)	t=ecdsa-sha2-nistp521;;
+		ed25519-512)	t=ssh-ed25519;;
+		rsa-*)		t=ssh-rsa;;
+		esac
 		trace "ssh connect, userkey $ut, hostkey $ht"
 		(
 			grep -v HostKey $OBJ/sshd_proxy_bak
 			echo HostKey $OBJ/key.$ht 
+			echo PubkeyAcceptedKeyTypes $t
+			echo HostKeyAlgorithms $t
 		) > $OBJ/sshd_proxy
 		(
 			grep -v IdentityFile $OBJ/ssh_proxy_bak
 			echo IdentityFile $OBJ/key.$ut 
+			echo PubkeyAcceptedKeyTypes $t
+			echo HostKeyAlgorithms $t
 		) > $OBJ/ssh_proxy
 		(
 			printf 'localhost-with-alias,127.0.0.1,::1 '
diff --git a/crypto/openssh/regress/principals-command.sh b/crypto/openssh/regress/principals-command.sh
index 9006437..b90a8cf 100755
--- a/crypto/openssh/regress/principals-command.sh
+++ b/crypto/openssh/regress/principals-command.sh
@@ -14,15 +14,15 @@ fi
 
 # Establish a AuthorizedPrincipalsCommand in /var/run where it will have
 # acceptable directory permissions.
-PRINCIPALS_COMMAND="/var/run/principals_command_${LOGNAME}"
-cat << _EOF | $SUDO sh -c "cat > '$PRINCIPALS_COMMAND'"
+PRINCIPALS_CMD="/var/run/principals_command_${LOGNAME}"
+cat << _EOF | $SUDO sh -c "cat > '$PRINCIPALS_CMD'"
 #!/bin/sh
 test "x\$1" != "x${LOGNAME}" && exit 1
 test -f "$OBJ/authorized_principals_${LOGNAME}" &&
 	exec cat "$OBJ/authorized_principals_${LOGNAME}"
 _EOF
 test $? -eq 0 || fatal "couldn't prepare principals command"
-$SUDO chmod 0755 "$PRINCIPALS_COMMAND"
+$SUDO chmod 0755 "$PRINCIPALS_CMD"
 
 # Create a CA key and a user certificate.
 ${SSHKEYGEN} -q -N '' -t ed25519  -f $OBJ/user_ca_key || \
@@ -33,109 +33,113 @@ ${SSHKEYGEN} -q -s $OBJ/user_ca_key -I "regress user key for $USER" \
     -z $$ -n ${USER},mekmitasdigoat $OBJ/cert_user_key || \
 	fatal "couldn't sign cert_user_key"
 
-# Test explicitly-specified principals
-for privsep in yes no ; do
-	_prefix="privsep $privsep"
-
-	# Setup for AuthorizedPrincipalsCommand
-	rm -f $OBJ/authorized_keys_$USER
-	(
-		cat $OBJ/sshd_proxy_bak
-		echo "UsePrivilegeSeparation $privsep"
-		echo "AuthorizedKeysFile none"
-		echo "AuthorizedPrincipalsCommand $PRINCIPALS_COMMAND %u"
-		echo "AuthorizedPrincipalsCommandUser ${LOGNAME}"
-		echo "TrustedUserCAKeys $OBJ/user_ca_key.pub"
-	) > $OBJ/sshd_proxy
-
-	# XXX test missing command
-	# XXX test failing command
-
-	# Empty authorized_principals
-	verbose "$tid: ${_prefix} empty authorized_principals"
-	echo > $OBJ/authorized_principals_$USER
-	${SSH} -2i $OBJ/cert_user_key \
-	    -F $OBJ/ssh_proxy somehost true >/dev/null 2>&1
-	if [ $? -eq 0 ]; then
-		fail "ssh cert connect succeeded unexpectedly"
-	fi
-
-	# Wrong authorized_principals
-	verbose "$tid: ${_prefix} wrong authorized_principals"
-	echo gregorsamsa > $OBJ/authorized_principals_$USER
-	${SSH} -2i $OBJ/cert_user_key \
-	    -F $OBJ/ssh_proxy somehost true >/dev/null 2>&1
-	if [ $? -eq 0 ]; then
-		fail "ssh cert connect succeeded unexpectedly"
-	fi
-
-	# Correct authorized_principals
-	verbose "$tid: ${_prefix} correct authorized_principals"
-	echo mekmitasdigoat > $OBJ/authorized_principals_$USER
-	${SSH} -2i $OBJ/cert_user_key \
-	    -F $OBJ/ssh_proxy somehost true >/dev/null 2>&1
-	if [ $? -ne 0 ]; then
-		fail "ssh cert connect failed"
-	fi
-
-	# authorized_principals with bad key option
-	verbose "$tid: ${_prefix} authorized_principals bad key opt"
-	echo 'blah mekmitasdigoat' > $OBJ/authorized_principals_$USER
-	${SSH} -2i $OBJ/cert_user_key \
-	    -F $OBJ/ssh_proxy somehost true >/dev/null 2>&1
-	if [ $? -eq 0 ]; then
-		fail "ssh cert connect succeeded unexpectedly"
-	fi
-
-	# authorized_principals with command=false
-	verbose "$tid: ${_prefix} authorized_principals command=false"
-	echo 'command="false" mekmitasdigoat' > \
-	    $OBJ/authorized_principals_$USER
-	${SSH} -2i $OBJ/cert_user_key \
-	    -F $OBJ/ssh_proxy somehost true >/dev/null 2>&1
-	if [ $? -eq 0 ]; then
-		fail "ssh cert connect succeeded unexpectedly"
-	fi
-
-
-	# authorized_principals with command=true
-	verbose "$tid: ${_prefix} authorized_principals command=true"
-	echo 'command="true" mekmitasdigoat' > \
-	    $OBJ/authorized_principals_$USER
-	${SSH} -2i $OBJ/cert_user_key \
-	    -F $OBJ/ssh_proxy somehost false >/dev/null 2>&1
-	if [ $? -ne 0 ]; then
-		fail "ssh cert connect failed"
-	fi
-
-	# Setup for principals= key option
-	rm -f $OBJ/authorized_principals_$USER
-	(
-		cat $OBJ/sshd_proxy_bak
-		echo "UsePrivilegeSeparation $privsep"
-	) > $OBJ/sshd_proxy
-
-	# Wrong principals list
-	verbose "$tid: ${_prefix} wrong principals key option"
-	(
-		printf 'cert-authority,principals="gregorsamsa" '
-		cat $OBJ/user_ca_key.pub
-	) > $OBJ/authorized_keys_$USER
-	${SSH} -2i $OBJ/cert_user_key \
-	    -F $OBJ/ssh_proxy somehost true >/dev/null 2>&1
-	if [ $? -eq 0 ]; then
-		fail "ssh cert connect succeeded unexpectedly"
-	fi
-
-	# Correct principals list
-	verbose "$tid: ${_prefix} correct principals key option"
-	(
-		printf 'cert-authority,principals="mekmitasdigoat" '
-		cat $OBJ/user_ca_key.pub
-	) > $OBJ/authorized_keys_$USER
-	${SSH} -2i $OBJ/cert_user_key \
-	    -F $OBJ/ssh_proxy somehost true >/dev/null 2>&1
-	if [ $? -ne 0 ]; then
-		fail "ssh cert connect failed"
-	fi
-done
+if [ -x $PRINCIPALS_CMD ]; then
+	# Test explicitly-specified principals
+	for privsep in yes no ; do
+		_prefix="privsep $privsep"
+
+		# Setup for AuthorizedPrincipalsCommand
+		rm -f $OBJ/authorized_keys_$USER
+		(
+			cat $OBJ/sshd_proxy_bak
+			echo "UsePrivilegeSeparation $privsep"
+			echo "AuthorizedKeysFile none"
+			echo "AuthorizedPrincipalsCommand $PRINCIPALS_CMD %u"
+			echo "AuthorizedPrincipalsCommandUser ${LOGNAME}"
+			echo "TrustedUserCAKeys $OBJ/user_ca_key.pub"
+		) > $OBJ/sshd_proxy
+
+		# XXX test missing command
+		# XXX test failing command
+
+		# Empty authorized_principals
+		verbose "$tid: ${_prefix} empty authorized_principals"
+		echo > $OBJ/authorized_principals_$USER
+		${SSH} -2i $OBJ/cert_user_key \
+		    -F $OBJ/ssh_proxy somehost true >/dev/null 2>&1
+		if [ $? -eq 0 ]; then
+			fail "ssh cert connect succeeded unexpectedly"
+		fi
+
+		# Wrong authorized_principals
+		verbose "$tid: ${_prefix} wrong authorized_principals"
+		echo gregorsamsa > $OBJ/authorized_principals_$USER
+		${SSH} -2i $OBJ/cert_user_key \
+		    -F $OBJ/ssh_proxy somehost true >/dev/null 2>&1
+		if [ $? -eq 0 ]; then
+			fail "ssh cert connect succeeded unexpectedly"
+		fi
+
+		# Correct authorized_principals
+		verbose "$tid: ${_prefix} correct authorized_principals"
+		echo mekmitasdigoat > $OBJ/authorized_principals_$USER
+		${SSH} -2i $OBJ/cert_user_key \
+		    -F $OBJ/ssh_proxy somehost true >/dev/null 2>&1
+		if [ $? -ne 0 ]; then
+			fail "ssh cert connect failed"
+		fi
+
+		# authorized_principals with bad key option
+		verbose "$tid: ${_prefix} authorized_principals bad key opt"
+		echo 'blah mekmitasdigoat' > $OBJ/authorized_principals_$USER
+		${SSH} -2i $OBJ/cert_user_key \
+		    -F $OBJ/ssh_proxy somehost true >/dev/null 2>&1
+		if [ $? -eq 0 ]; then
+			fail "ssh cert connect succeeded unexpectedly"
+		fi
+
+		# authorized_principals with command=false
+		verbose "$tid: ${_prefix} authorized_principals command=false"
+		echo 'command="false" mekmitasdigoat' > \
+		    $OBJ/authorized_principals_$USER
+		${SSH} -2i $OBJ/cert_user_key \
+		    -F $OBJ/ssh_proxy somehost true >/dev/null 2>&1
+		if [ $? -eq 0 ]; then
+			fail "ssh cert connect succeeded unexpectedly"
+		fi
+
+		# authorized_principals with command=true
+		verbose "$tid: ${_prefix} authorized_principals command=true"
+		echo 'command="true" mekmitasdigoat' > \
+		    $OBJ/authorized_principals_$USER
+		${SSH} -2i $OBJ/cert_user_key \
+		    -F $OBJ/ssh_proxy somehost false >/dev/null 2>&1
+		if [ $? -ne 0 ]; then
+			fail "ssh cert connect failed"
+		fi
+
+		# Setup for principals= key option
+		rm -f $OBJ/authorized_principals_$USER
+		(
+			cat $OBJ/sshd_proxy_bak
+			echo "UsePrivilegeSeparation $privsep"
+		) > $OBJ/sshd_proxy
+
+		# Wrong principals list
+		verbose "$tid: ${_prefix} wrong principals key option"
+		(
+			printf 'cert-authority,principals="gregorsamsa" '
+			cat $OBJ/user_ca_key.pub
+		) > $OBJ/authorized_keys_$USER
+		${SSH} -2i $OBJ/cert_user_key \
+		    -F $OBJ/ssh_proxy somehost true >/dev/null 2>&1
+		if [ $? -eq 0 ]; then
+			fail "ssh cert connect succeeded unexpectedly"
+		fi
+
+		# Correct principals list
+		verbose "$tid: ${_prefix} correct principals key option"
+		(
+			printf 'cert-authority,principals="mekmitasdigoat" '
+			cat $OBJ/user_ca_key.pub
+		) > $OBJ/authorized_keys_$USER
+		${SSH} -2i $OBJ/cert_user_key \
+		    -F $OBJ/ssh_proxy somehost true >/dev/null 2>&1
+		if [ $? -ne 0 ]; then
+			fail "ssh cert connect failed"
+		fi
+	done
+else
+	echo "SKIPPED: $PRINCIPALS_COMMAND not executable " \
+	    "(/var/run mounted noexec?)"
+fi
diff --git a/crypto/openssh/regress/unittests/Makefile.inc b/crypto/openssh/regress/unittests/Makefile.inc
index c55d00c..7385e2b 100644
--- a/crypto/openssh/regress/unittests/Makefile.inc
+++ b/crypto/openssh/regress/unittests/Makefile.inc
@@ -1,4 +1,4 @@
-#	$OpenBSD: Makefile.inc,v 1.3 2015/01/23 21:21:23 miod Exp $
+#	$OpenBSD: Makefile.inc,v 1.6 2015/07/01 23:11:18 djm Exp $
 
 .include <bsd.own.mk>
 .include <bsd.obj.mk>
diff --git a/crypto/openssh/regress/unittests/kex/test_kex.c b/crypto/openssh/regress/unittests/kex/test_kex.c
index c61e2bd..6e5999b 100644
--- a/crypto/openssh/regress/unittests/kex/test_kex.c
+++ b/crypto/openssh/regress/unittests/kex/test_kex.c
@@ -1,4 +1,4 @@
-/* 	$OpenBSD: test_kex.c,v 1.1 2015/01/15 23:41:29 markus Exp $ */
+/* 	$OpenBSD: test_kex.c,v 1.2 2015/07/10 06:23:25 markus Exp $ */
 /*
  * Regress test KEX
  *
@@ -85,6 +85,7 @@ do_kex_with_key(char *kex, int keytype, int bits)
 	struct sshbuf *state;
 	struct kex_params kex_params;
 	char *myproposal[PROPOSAL_MAX] = { KEX_CLIENT };
+	char *keyname = NULL;
 
 	TEST_START("sshkey_generate");
 	ASSERT_INT_EQ(sshkey_generate(keytype, bits, &private), 0);
@@ -98,6 +99,9 @@ do_kex_with_key(char *kex, int keytype, int bits)
 	memcpy(kex_params.proposal, myproposal, sizeof(myproposal));
 	if (kex != NULL)
 		kex_params.proposal[PROPOSAL_KEX_ALGS] = kex;
+	keyname = strdup(sshkey_ssh_name(private));
+	ASSERT_PTR_NE(keyname, NULL);
+	kex_params.proposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = keyname;
 	ASSERT_INT_EQ(ssh_init(&client, 0, &kex_params), 0);
 	ASSERT_INT_EQ(ssh_init(&server, 1, &kex_params), 0);
 	ASSERT_PTR_NE(client, NULL);
@@ -167,6 +171,7 @@ do_kex_with_key(char *kex, int keytype, int bits)
 	ssh_free(client);
 	ssh_free(server);
 	ssh_free(server2);
+	free(keyname);
 	TEST_DONE();
 }
 
diff --git a/crypto/openssh/regress/unittests/sshkey/mktestdata.sh b/crypto/openssh/regress/unittests/sshkey/mktestdata.sh
index 09165af..e111001 100755
--- a/crypto/openssh/regress/unittests/sshkey/mktestdata.sh
+++ b/crypto/openssh/regress/unittests/sshkey/mktestdata.sh
@@ -1,5 +1,5 @@
 #!/bin/sh
-# $OpenBSD: mktestdata.sh,v 1.4 2015/01/18 19:54:46 djm Exp $
+# $OpenBSD: mktestdata.sh,v 1.5 2015/07/07 14:53:30 markus Exp $
 
 PW=mekmitasdigoat
 
@@ -94,8 +94,8 @@ rm -f rsa1_1_pw rsa_1_pw dsa_1_pw ecdsa_1_pw ed25519_1_pw
 rm -f rsa_n_pw dsa_n_pw ecdsa_n_pw
 rm -f pw *.pub *.bn.* *.param.* *.fp *.fp.bb
 
-ssh-keygen -t rsa1 -b 768 -C "RSA1 test key #1" -N "" -f rsa1_1
-ssh-keygen -t rsa -b 768 -C "RSA test key #1" -N "" -f rsa_1
+ssh-keygen -t rsa1 -b 1024 -C "RSA1 test key #1" -N "" -f rsa1_1
+ssh-keygen -t rsa -b 1024 -C "RSA test key #1" -N "" -f rsa_1
 ssh-keygen -t dsa -b 1024 -C "DSA test key #1" -N "" -f dsa_1
 ssh-keygen -t ecdsa -b 256 -C "ECDSA test key #1" -N "" -f ecdsa_1
 ssh-keygen -t ed25519 -C "ED25519 test key #1" -N "" -f ed25519_1
diff --git a/crypto/openssh/regress/unittests/sshkey/test_file.c b/crypto/openssh/regress/unittests/sshkey/test_file.c
index fa95212..c8a2369 100644
--- a/crypto/openssh/regress/unittests/sshkey/test_file.c
+++ b/crypto/openssh/regress/unittests/sshkey/test_file.c
@@ -1,4 +1,4 @@
-/* 	$OpenBSD: test_file.c,v 1.3 2015/03/04 23:22:35 djm Exp $ */
+/* 	$OpenBSD: test_file.c,v 1.4 2015/07/07 14:53:30 markus Exp $ */
 /*
  * Regress test for sshkey.h key management API
  *
@@ -83,7 +83,7 @@ sshkey_file_tests(void)
 
 	TEST_START("RSA1 key hex fingerprint");
 	buf = load_text_file("rsa1_1.fp");
-	cp = sshkey_fingerprint(k1, SSH_DIGEST_MD5, SSH_FP_HEX);
+	cp = sshkey_fingerprint(k1, SSH_DIGEST_SHA256, SSH_FP_BASE64);
 	ASSERT_PTR_NE(cp, NULL);
 	ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
 	sshbuf_free(buf);
@@ -167,7 +167,7 @@ sshkey_file_tests(void)
 
 	TEST_START("RSA key hex fingerprint");
 	buf = load_text_file("rsa_1.fp");
-	cp = sshkey_fingerprint(k1, SSH_DIGEST_MD5, SSH_FP_HEX);
+	cp = sshkey_fingerprint(k1, SSH_DIGEST_SHA256, SSH_FP_BASE64);
 	ASSERT_PTR_NE(cp, NULL);
 	ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
 	sshbuf_free(buf);
@@ -176,7 +176,7 @@ sshkey_file_tests(void)
 
 	TEST_START("RSA cert hex fingerprint");
 	buf = load_text_file("rsa_1-cert.fp");
-	cp = sshkey_fingerprint(k2, SSH_DIGEST_MD5, SSH_FP_HEX);
+	cp = sshkey_fingerprint(k2, SSH_DIGEST_SHA256, SSH_FP_BASE64);
 	ASSERT_PTR_NE(cp, NULL);
 	ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
 	sshbuf_free(buf);
@@ -260,7 +260,7 @@ sshkey_file_tests(void)
 
 	TEST_START("DSA key hex fingerprint");
 	buf = load_text_file("dsa_1.fp");
-	cp = sshkey_fingerprint(k1, SSH_DIGEST_MD5, SSH_FP_HEX);
+	cp = sshkey_fingerprint(k1, SSH_DIGEST_SHA256, SSH_FP_BASE64);
 	ASSERT_PTR_NE(cp, NULL);
 	ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
 	sshbuf_free(buf);
@@ -269,7 +269,7 @@ sshkey_file_tests(void)
 
 	TEST_START("DSA cert hex fingerprint");
 	buf = load_text_file("dsa_1-cert.fp");
-	cp = sshkey_fingerprint(k2, SSH_DIGEST_MD5, SSH_FP_HEX);
+	cp = sshkey_fingerprint(k2, SSH_DIGEST_SHA256, SSH_FP_BASE64);
 	ASSERT_PTR_NE(cp, NULL);
 	ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
 	sshbuf_free(buf);
@@ -360,7 +360,7 @@ sshkey_file_tests(void)
 
 	TEST_START("ECDSA key hex fingerprint");
 	buf = load_text_file("ecdsa_1.fp");
-	cp = sshkey_fingerprint(k1, SSH_DIGEST_MD5, SSH_FP_HEX);
+	cp = sshkey_fingerprint(k1, SSH_DIGEST_SHA256, SSH_FP_BASE64);
 	ASSERT_PTR_NE(cp, NULL);
 	ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
 	sshbuf_free(buf);
@@ -369,7 +369,7 @@ sshkey_file_tests(void)
 
 	TEST_START("ECDSA cert hex fingerprint");
 	buf = load_text_file("ecdsa_1-cert.fp");
-	cp = sshkey_fingerprint(k2, SSH_DIGEST_MD5, SSH_FP_HEX);
+	cp = sshkey_fingerprint(k2, SSH_DIGEST_SHA256, SSH_FP_BASE64);
 	ASSERT_PTR_NE(cp, NULL);
 	ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
 	sshbuf_free(buf);
@@ -427,7 +427,7 @@ sshkey_file_tests(void)
 
 	TEST_START("Ed25519 key hex fingerprint");
 	buf = load_text_file("ed25519_1.fp");
-	cp = sshkey_fingerprint(k1, SSH_DIGEST_MD5, SSH_FP_HEX);
+	cp = sshkey_fingerprint(k1, SSH_DIGEST_SHA256, SSH_FP_BASE64);
 	ASSERT_PTR_NE(cp, NULL);
 	ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
 	sshbuf_free(buf);
@@ -436,7 +436,7 @@ sshkey_file_tests(void)
 
 	TEST_START("Ed25519 cert hex fingerprint");
 	buf = load_text_file("ed25519_1-cert.fp");
-	cp = sshkey_fingerprint(k2, SSH_DIGEST_MD5, SSH_FP_HEX);
+	cp = sshkey_fingerprint(k2, SSH_DIGEST_SHA256, SSH_FP_BASE64);
 	ASSERT_PTR_NE(cp, NULL);
 	ASSERT_STRING_EQ(cp, (const char *)sshbuf_ptr(buf));
 	sshbuf_free(buf);
diff --git a/crypto/openssh/regress/unittests/sshkey/test_sshkey.c b/crypto/openssh/regress/unittests/sshkey/test_sshkey.c
index 4453a85..9b3ce7e 100644
--- a/crypto/openssh/regress/unittests/sshkey/test_sshkey.c
+++ b/crypto/openssh/regress/unittests/sshkey/test_sshkey.c
@@ -1,4 +1,4 @@
-/* 	$OpenBSD: test_sshkey.c,v 1.4 2015/04/22 01:38:36 djm Exp $ */
+/* 	$OpenBSD: test_sshkey.c,v 1.7 2015/08/05 05:27:33 djm Exp $ */
 /*
  * Regress test for sshkey.h key management API
  *
@@ -288,13 +288,15 @@ sshkey_tests(void)
 #endif
 
 	TEST_START("generate KEY_RSA");
-	ASSERT_INT_EQ(sshkey_generate(KEY_RSA, 768, &kr), 0);
+	ASSERT_INT_EQ(sshkey_generate(KEY_RSA, 767, &kr),
+	    SSH_ERR_INVALID_ARGUMENT);
+	ASSERT_INT_EQ(sshkey_generate(KEY_RSA, 1024, &kr), 0);
 	ASSERT_PTR_NE(kr, NULL);
 	ASSERT_PTR_NE(kr->rsa, NULL);
 	ASSERT_PTR_NE(kr->rsa->n, NULL);
 	ASSERT_PTR_NE(kr->rsa->e, NULL);
 	ASSERT_PTR_NE(kr->rsa->p, NULL);
-	ASSERT_INT_EQ(BN_num_bits(kr->rsa->n), 768);
+	ASSERT_INT_EQ(BN_num_bits(kr->rsa->n), 1024);
 	TEST_DONE();
 
 	TEST_START("generate KEY_DSA");
@@ -397,7 +399,7 @@ sshkey_tests(void)
 	TEST_DONE();
 
 	TEST_START("equal different keys");
-	ASSERT_INT_EQ(sshkey_generate(KEY_RSA, 768, &k1), 0);
+	ASSERT_INT_EQ(sshkey_generate(KEY_RSA, 1024, &k1), 0);
 	ASSERT_INT_EQ(sshkey_equal(kr, k1), 0);
 	sshkey_free(k1);
 	ASSERT_INT_EQ(sshkey_generate(KEY_DSA, 1024, &k1), 0);
@@ -424,7 +426,7 @@ sshkey_tests(void)
 	ASSERT_INT_EQ(sshkey_load_public(test_data_file("ed25519_1.pub"),
 	    &k1, NULL), 0);
 	k2 = get_private("ed25519_2");
-	ASSERT_INT_EQ(sshkey_to_certified(k1, 0), 0);
+	ASSERT_INT_EQ(sshkey_to_certified(k1), 0);
 	ASSERT_PTR_NE(k1->cert, NULL);
 	k1->cert->type = SSH2_CERT_TYPE_USER;
 	k1->cert->serial = 1234;
diff --git a/crypto/openssh/regress/unittests/sshkey/testdata/dsa_1 b/crypto/openssh/regress/unittests/sshkey/testdata/dsa_1
index 3434686..d3f2482 100644
--- a/crypto/openssh/regress/unittests/sshkey/testdata/dsa_1
+++ b/crypto/openssh/regress/unittests/sshkey/testdata/dsa_1
@@ -1,12 +1,12 @@
 -----BEGIN DSA PRIVATE KEY-----
-MIIBuwIBAAKBgQCxBNwH8TmLXqiZa0b9pxC6W+zS4Voqp8S+QwecYpNPTmhjaUYI
-E/aJWAzFVtdbysLM89ukvw/z8qBkbMSefdypKmjUtgv51ZD4nfV4Wxb+G+1QExHr
-M+kowOOL3XbcsdbPLUt8vxDJbBlQRch4zyai7CWjQR3JFXpR8sevUFJxSQIVAIdE
-oncp2DEY2U/ZZnIyGCwApCzfAoGARW+eewZTv1Eosxv3ANKx372pf5+fQKwnWizI
-j5z/GY3w3xobRCP9FiL4K3Nip2FvHLTGpRrlfm19RWYAg77VsNgztC4V9C8QrKWc
-WJdkUkoQpZ3VoO25rO13hmIelkal3omKCF4ZE/edeF3d2B8DlzYs0aBcjTCMDrub
-/CJILcYCgYEAgJt9jefGQi4Sl5F8h3jYo52LygE8sNYyurElMKVmyhFSKJ1Ifi9j
-4hNp2jZzu7jpZWhYndUoPaG6gbRB7fL3p5knlRo3P2Dznd6u6NAdhrADWW+JX9n1
-/EMKUv0h8rRFI/3b9RY1HVVzBQH7V3sNJ6iekH8JqOy1liCMaMylw4gCFBl7Lc6V
-hmTiTuhLXjoRdCZS/p/m
+MIIBvAIBAAKBgQD6kutNFRsHTwEAv6d39Lhsqy1apdHBZ9c2HfyRr7WmypyGIy2m
+Ka43vzXI8CNwmRSYs+A6d0vJC7Pl+f9QzJ/04NWOA+MiwfurwrR3CRe61QRYb8Py
+mcHOxueHs95IcjrbIPNn86cjnPP5qvv/guUzCjuww4zBdJOXpligrGt2XwIVAKMD
+/50qQy7j8JaMk+1+Xtg1pK01AoGBAO7l9QVVbSSoy5lq6cOtvpf8UlwOa6+zBwbl
+o4gmFd1RwX1yWkA8kQ7RrhCSg8Hc6mIGnKRgKRli/3LgbSfZ0obFJehkRtEWtN4P
+h8fVUeS74iQbIwFQeKlYHIlNTRoGtAbdi3nHdV+BBkEQc1V3rjqYqhjOoz/yNsgz
+LND26HrdAoGBAOdXpyfmobEBaOqZAuvgj1P0uhjG2P31Ufurv22FWPBU3A9qrkxb
+OXwE0LwvjCvrsQV/lrYhJz/tiys40VeahulWZE5SAHMXGIf95LiLSgaXMjko7joo
+t+LK84ltLymwZ4QMnYjnZSSclf1UuyQMcUtb34+I0u9Ycnyhp2mSFsQtAhRYIbQ5
+KfXsZuBPuWe5FJz3ldaEgw==
 -----END DSA PRIVATE KEY-----
diff --git a/crypto/openssh/regress/unittests/sshkey/testdata/dsa_1-cert.fp b/crypto/openssh/regress/unittests/sshkey/testdata/dsa_1-cert.fp
index b26145b..75ff0e9 100644
--- a/crypto/openssh/regress/unittests/sshkey/testdata/dsa_1-cert.fp
+++ b/crypto/openssh/regress/unittests/sshkey/testdata/dsa_1-cert.fp
@@ -1 +1 @@
-MD5:5a:4a:41:8c:4e:fa:4c:52:19:f9:39:49:31:fb:fd:74
+SHA256:kOLgXSoAT8O5T6r36n5NJUYigbux1d7gdH/rmWiJm6s
diff --git a/crypto/openssh/regress/unittests/sshkey/testdata/dsa_1-cert.pub b/crypto/openssh/regress/unittests/sshkey/testdata/dsa_1-cert.pub
index 023edf1..e768db1 100644
--- a/crypto/openssh/regress/unittests/sshkey/testdata/dsa_1-cert.pub
+++ b/crypto/openssh/regress/unittests/sshkey/testdata/dsa_1-cert.pub
@@ -1 +1 @@
-ssh-dss-cert-v01@openssh.com AAAAHHNzaC1kc3MtY2VydC12MDFAb3BlbnNzaC5jb20AAAAgj8zueN51MSQ7jW3fFwqyJWA3DycAAavQ8WgMHqcUG7YAAACBALEE3AfxOYteqJlrRv2nELpb7NLhWiqnxL5DB5xik09OaGNpRggT9olYDMVW11vKwszz26S/D/PyoGRsxJ593KkqaNS2C/nVkPid9XhbFv4b7VATEesz6SjA44vddtyx1s8tS3y/EMlsGVBFyHjPJqLsJaNBHckVelHyx69QUnFJAAAAFQCHRKJ3KdgxGNlP2WZyMhgsAKQs3wAAAIBFb557BlO/USizG/cA0rHfval/n59ArCdaLMiPnP8ZjfDfGhtEI/0WIvgrc2KnYW8ctMalGuV+bX1FZgCDvtWw2DO0LhX0LxCspZxYl2RSShClndWg7bms7XeGYh6WRqXeiYoIXhkT9514Xd3YHwOXNizRoFyNMIwOu5v8IkgtxgAAAIEAgJt9jefGQi4Sl5F8h3jYo52LygE8sNYyurElMKVmyhFSKJ1Ifi9j4hNp2jZzu7jpZWhYndUoPaG6gbRB7fL3p5knlRo3P2Dznd6u6NAdhrADWW+JX9n1/EMKUv0h8rRFI/3b9RY1HVVzBQH7V3sNJ6iekH8JqOy1liCMaMylw4gAAAAAAAAABgAAAAIAAAAGanVsaXVzAAAAEgAAAAVob3N0MQAAAAVob3N0MgAAAAA2i4NgAAAAAE0d4eAAAAAAAAAAAAAAAAAAAAAzAAAAC3NzaC1lZDI1NTE5AAAAILk95V5J3LKVx8bcLSB4073R7d0aAvR8gJrPvnV0D3MQAAAAUwAAAAtzc2gtZWQyNTUxOQAAAEA6qftqozw0ah9PG9obAg8iOPwQv6AsT9t/1G69eArSd9Am85OKIhAvYguI1Xtr9rw78X/Xk+6HtyAOF3QemaQD dsa_1.pub
+ssh-dss-cert-v01@openssh.com AAAAHHNzaC1kc3MtY2VydC12MDFAb3BlbnNzaC5jb20AAAAgdTlbNU9Hn9Qng3FHxwH971bxCIoq1ern/QWFFDWXgmYAAACBAPqS600VGwdPAQC/p3f0uGyrLVql0cFn1zYd/JGvtabKnIYjLaYprje/NcjwI3CZFJiz4Dp3S8kLs+X5/1DMn/Tg1Y4D4yLB+6vCtHcJF7rVBFhvw/KZwc7G54ez3khyOtsg82fzpyOc8/mq+/+C5TMKO7DDjMF0k5emWKCsa3ZfAAAAFQCjA/+dKkMu4/CWjJPtfl7YNaStNQAAAIEA7uX1BVVtJKjLmWrpw62+l/xSXA5rr7MHBuWjiCYV3VHBfXJaQDyRDtGuEJKDwdzqYgacpGApGWL/cuBtJ9nShsUl6GRG0Ra03g+Hx9VR5LviJBsjAVB4qVgciU1NGga0Bt2Lecd1X4EGQRBzVXeuOpiqGM6jP/I2yDMs0Pboet0AAACBAOdXpyfmobEBaOqZAuvgj1P0uhjG2P31Ufurv22FWPBU3A9qrkxbOXwE0LwvjCvrsQV/lrYhJz/tiys40VeahulWZE5SAHMXGIf95LiLSgaXMjko7joot+LK84ltLymwZ4QMnYjnZSSclf1UuyQMcUtb34+I0u9Ycnyhp2mSFsQtAAAAAAAAAAYAAAACAAAABmp1bGl1cwAAABIAAAAFaG9zdDEAAAAFaG9zdDIAAAAANowB8AAAAABNHmBwAAAAAAAAAAAAAAAAAAAAMwAAAAtzc2gtZWQyNTUxOQAAACBThupGO0X+FLQhbz8CoKPwc7V3JNsQuGtlsgN+F7SMGQAAAFMAAAALc3NoLWVkMjU1MTkAAABAh/z1LIdNL1b66tQ8t9DY9BTB3BQKpTKmc7ezyFKLwl96yaIniZwD9Ticdbe/8i/Li3uCFE3EAt8NAIv9zff8Bg== DSA test key #1
diff --git a/crypto/openssh/regress/unittests/sshkey/testdata/dsa_1.fp b/crypto/openssh/regress/unittests/sshkey/testdata/dsa_1.fp
index b26145b..75ff0e9 100644
--- a/crypto/openssh/regress/unittests/sshkey/testdata/dsa_1.fp
+++ b/crypto/openssh/regress/unittests/sshkey/testdata/dsa_1.fp
@@ -1 +1 @@
-MD5:5a:4a:41:8c:4e:fa:4c:52:19:f9:39:49:31:fb:fd:74
+SHA256:kOLgXSoAT8O5T6r36n5NJUYigbux1d7gdH/rmWiJm6s
diff --git a/crypto/openssh/regress/unittests/sshkey/testdata/dsa_1.fp.bb b/crypto/openssh/regress/unittests/sshkey/testdata/dsa_1.fp.bb
index 07dd9b4..ba37776 100644
--- a/crypto/openssh/regress/unittests/sshkey/testdata/dsa_1.fp.bb
+++ b/crypto/openssh/regress/unittests/sshkey/testdata/dsa_1.fp.bb
@@ -1 +1 @@
-xosat-baneh-gocad-relek-kepur-mibip-motog-bykyb-hisug-mysus-tuxix
+xetag-todiz-mifah-torec-mynyv-cyvit-gopon-pygag-rupic-cenav-bexax
diff --git a/crypto/openssh/regress/unittests/sshkey/testdata/dsa_1.param.g b/crypto/openssh/regress/unittests/sshkey/testdata/dsa_1.param.g
index 4b09f6d..e51c3f9 100644
--- a/crypto/openssh/regress/unittests/sshkey/testdata/dsa_1.param.g
+++ b/crypto/openssh/regress/unittests/sshkey/testdata/dsa_1.param.g
@@ -1 +1 @@
-456f9e7b0653bf5128b31bf700d2b1dfbda97f9f9f40ac275a2cc88f9cff198df0df1a1b4423fd1622f82b7362a7616f1cb4c6a51ae57e6d7d45660083bed5b0d833b42e15f42f10aca59c589764524a10a59dd5a0edb9aced7786621e9646a5de898a085e1913f79d785dddd81f0397362cd1a05c8d308c0ebb9bfc22482dc6
+00eee5f505556d24a8cb996ae9c3adbe97fc525c0e6bafb30706e5a3882615dd51c17d725a403c910ed1ae109283c1dcea62069ca460291962ff72e06d27d9d286c525e86446d116b4de0f87c7d551e4bbe2241b23015078a9581c894d4d1a06b406dd8b79c7755f81064110735577ae3a98aa18cea33ff236c8332cd0f6e87add
diff --git a/crypto/openssh/regress/unittests/sshkey/testdata/dsa_1.param.priv b/crypto/openssh/regress/unittests/sshkey/testdata/dsa_1.param.priv
index 2dd737c..4f74331 100644
--- a/crypto/openssh/regress/unittests/sshkey/testdata/dsa_1.param.priv
+++ b/crypto/openssh/regress/unittests/sshkey/testdata/dsa_1.param.priv
@@ -1 +1 @@
-197b2dce958664e24ee84b5e3a11742652fe9fe6
+5821b43929f5ec66e04fb967b9149cf795d68483
diff --git a/crypto/openssh/regress/unittests/sshkey/testdata/dsa_1.param.pub b/crypto/openssh/regress/unittests/sshkey/testdata/dsa_1.param.pub
index b23d720..ba0313b 100644
--- a/crypto/openssh/regress/unittests/sshkey/testdata/dsa_1.param.pub
+++ b/crypto/openssh/regress/unittests/sshkey/testdata/dsa_1.param.pub
@@ -1 +1 @@
-00809b7d8de7c6422e1297917c8778d8a39d8bca013cb0d632bab12530a566ca1152289d487e2f63e21369da3673bbb8e96568589dd5283da1ba81b441edf2f7a79927951a373f60f39ddeaee8d01d86b003596f895fd9f5fc430a52fd21f2b44523fddbf516351d55730501fb577b0d27a89e907f09a8ecb596208c68cca5c388
+00e757a727e6a1b10168ea9902ebe08f53f4ba18c6d8fdf551fbabbf6d8558f054dc0f6aae4c5b397c04d0bc2f8c2bebb1057f96b621273fed8b2b38d1579a86e956644e520073171887fde4b88b4a0697323928ee3a28b7e2caf3896d2f29b067840c9d88e765249c95fd54bb240c714b5bdf8f88d2ef58727ca1a7699216c42d
diff --git a/crypto/openssh/regress/unittests/sshkey/testdata/dsa_1.pub b/crypto/openssh/regress/unittests/sshkey/testdata/dsa_1.pub
index 8968197..41cae2f 100644
--- a/crypto/openssh/regress/unittests/sshkey/testdata/dsa_1.pub
+++ b/crypto/openssh/regress/unittests/sshkey/testdata/dsa_1.pub
@@ -1 +1 @@
-ssh-dss AAAAB3NzaC1kc3MAAACBALEE3AfxOYteqJlrRv2nELpb7NLhWiqnxL5DB5xik09OaGNpRggT9olYDMVW11vKwszz26S/D/PyoGRsxJ593KkqaNS2C/nVkPid9XhbFv4b7VATEesz6SjA44vddtyx1s8tS3y/EMlsGVBFyHjPJqLsJaNBHckVelHyx69QUnFJAAAAFQCHRKJ3KdgxGNlP2WZyMhgsAKQs3wAAAIBFb557BlO/USizG/cA0rHfval/n59ArCdaLMiPnP8ZjfDfGhtEI/0WIvgrc2KnYW8ctMalGuV+bX1FZgCDvtWw2DO0LhX0LxCspZxYl2RSShClndWg7bms7XeGYh6WRqXeiYoIXhkT9514Xd3YHwOXNizRoFyNMIwOu5v8IkgtxgAAAIEAgJt9jefGQi4Sl5F8h3jYo52LygE8sNYyurElMKVmyhFSKJ1Ifi9j4hNp2jZzu7jpZWhYndUoPaG6gbRB7fL3p5knlRo3P2Dznd6u6NAdhrADWW+JX9n1/EMKUv0h8rRFI/3b9RY1HVVzBQH7V3sNJ6iekH8JqOy1liCMaMylw4g= DSA test key #1
+ssh-dss AAAAB3NzaC1kc3MAAACBAPqS600VGwdPAQC/p3f0uGyrLVql0cFn1zYd/JGvtabKnIYjLaYprje/NcjwI3CZFJiz4Dp3S8kLs+X5/1DMn/Tg1Y4D4yLB+6vCtHcJF7rVBFhvw/KZwc7G54ez3khyOtsg82fzpyOc8/mq+/+C5TMKO7DDjMF0k5emWKCsa3ZfAAAAFQCjA/+dKkMu4/CWjJPtfl7YNaStNQAAAIEA7uX1BVVtJKjLmWrpw62+l/xSXA5rr7MHBuWjiCYV3VHBfXJaQDyRDtGuEJKDwdzqYgacpGApGWL/cuBtJ9nShsUl6GRG0Ra03g+Hx9VR5LviJBsjAVB4qVgciU1NGga0Bt2Lecd1X4EGQRBzVXeuOpiqGM6jP/I2yDMs0Pboet0AAACBAOdXpyfmobEBaOqZAuvgj1P0uhjG2P31Ufurv22FWPBU3A9qrkxbOXwE0LwvjCvrsQV/lrYhJz/tiys40VeahulWZE5SAHMXGIf95LiLSgaXMjko7joot+LK84ltLymwZ4QMnYjnZSSclf1UuyQMcUtb34+I0u9Ycnyhp2mSFsQt DSA test key #1
diff --git a/crypto/openssh/regress/unittests/sshkey/testdata/dsa_1_pw b/crypto/openssh/regress/unittests/sshkey/testdata/dsa_1_pw
index 1402153..24c7303 100644
--- a/crypto/openssh/regress/unittests/sshkey/testdata/dsa_1_pw
+++ b/crypto/openssh/regress/unittests/sshkey/testdata/dsa_1_pw
@@ -1,15 +1,15 @@
 -----BEGIN DSA PRIVATE KEY-----
 Proc-Type: 4,ENCRYPTED
-DEK-Info: AES-128-CBC,9E668E24E7B9D658E3E7D0446B32B376
+DEK-Info: AES-128-CBC,BC8386C373B22EB7F00ADC821D5D8BE9
 
-hDjDLbfCAQutblxLuyNzSLxISSgXTgyzq8St9GE0lUtEc7i0xGNWwoWpFSbtD9y1
-yTG5UkhATQt56SY1ABfXZ21wieYuEEQeSJi0gwUQNNt2SwwITx4EdzDedWiHjikt
-jbzH3v33agp/odw2X9wY6zu75y9CeW9o7SszRl286DliWIHJmhMlbb8r7jRqu62H
-s5YYxD0xS1ipWauxklmIXMWNZHcARo8ZiJOuNdLshrSrl8DUW9P6F89FvxclQzKr
-44u3OBm7KbgPvPURDFLgNP6uCGBjzHvhHTpzVBxmQzCl3aGgsTKXiwJ1eupNjntB
-ji0EnbznvoxR6qhXxw/WQ+MnWlWqTXka/2qaB6m3oJv+Zn7cPCJ5kvHnhr2JmNMl
-igTh4Ov4LZLyNgO0Lbec4KyxW9QInRV5CY4Pu5lhqHteiPmOIGMWFtuh8Bb8Kg2q
-VvXnPo5I3FjqV7UhDduO1Wn558sBZWQPqRbHVPN6wXJuM3HGkBl+aNjn0qddv9tr
-VFJd/xdly2Ne81g3CB8jysE+3WEOrV9kdybocp/EhSOzP4i6pjWlyWdR5+CgbvRm
-TUIeIaQbmPIB5251o5YK+Q==
++HDV2DQ09sxrIAeXTz9r3YFuPRa2hk1+NGcr3ETkXbC6KiZ14wpTnGTloKwaQjIW
+eXTa9mpCOWAoohgvsVb+hOuOlP7AfeHu1IXV4EAS+GDpkiV5UxlCXXwqlD75Buu4
+wwDd/p4SWzILH3WGjDk5JIXoxWNY13LHwC7Q6gtGJx4AicUG7YBRTXMIBDa/Kh77
+6o2rFETKmp4VHBvHbakmiETfptdM8bbWxKWeY2vakThyESgeofsLoTOQCIwlEfJC
+s2D/KYL65C8VbHYgIoSLTQnooO45DDyxIuhCqP+H23mhv9vB1Od3nc2atgHj/XFs
+dcOPFkF/msDRYqxY3V0AS6+jpKwFodZ7g/hyGcyPxOkzlJVuKoKuH6P5PyQ69Gx0
+iqri0xEPyABr7kGlXNrjjctojX+B4WwSnjg/2euXXWFXCRalIdA7ErATTiQbGOx7
+Vd6Gn8PZbSy1MkqEDrZRip0pfAFJYI/8GXPC75BpnRsrVlfhtrngbW+kBP35LzaN
+l2K+RQ3gSB3iFoqNb1Kuu6T5MZlyVl5H2dVlJSeb1euQ2OycXdDoFTyJ4AiyWS7w
+Vlh8zeJnso5QRDjMwx99pZilbbuFGSLsahiGEveFc6o=
 -----END DSA PRIVATE KEY-----
diff --git a/crypto/openssh/regress/unittests/sshkey/testdata/dsa_2 b/crypto/openssh/regress/unittests/sshkey/testdata/dsa_2
index b189dc8..3cc9631 100644
--- a/crypto/openssh/regress/unittests/sshkey/testdata/dsa_2
+++ b/crypto/openssh/regress/unittests/sshkey/testdata/dsa_2
@@ -1,12 +1,12 @@
 -----BEGIN DSA PRIVATE KEY-----
-MIIBuwIBAAKBgQDoMxCTyBnLPSO7CRU3RyfJLANLKBZ3/LdcsyNaARctaRA5gzRb
-XdTFFU+rWKfxv+otm0KyCOepLtWy8tjKRYb7Ni46USlGwtM0Adx/3vR4iWNfipDP
-K2V4O97JyMe3wsbF7siC01U4b8Ki+J44iFG9nuRnOTHqUWI615mraQRwlQIVAMsX
-nsPGH8QrU11F1ScAIfZC165dAoGACCXyOHFkxABpJDtJs6AE7Hl3XjI4dnlim/XH
-Y60W6gcO7gHSE2r2ljCubJqoUXmxd5mLKgnu91jIG/4URwDM4V7pb2k99sXpAi8I
-L52eQl88C0bRD9+lEJfR4PMT39EccDRPB4+E055RoYQZ/McIyad8sF3Qwt084Eq+
-IkUt2coCgYEAxZRpCY82sM9Mu4B0EcH6O8seRqIRScmelljhUtKxuvf2PChwIWkR
-HK9lORHBE3iKyurC5Muf3abuHKwMFjrOjHKOTqXBRrDZ7RgLQA0aUAQD3lWc9OTP
-NShjphpq5xr0HZB31eJg3/Mo6KxYlRpzMXbTyenZP0XLICSSAywvTDoCFG5whl2k
-Y2FLGfi9V6ylUVH6jKgE
+MIIBvQIBAAKBgQCbyPXNdHeLsjpobPVCMkfagBkt15Zsltqf/PGNP1y1cuz7rsTX
+ZekQwUkSTNm5coqXe+ZOw2O4tjobJDd60I1/VPgaB0NYlQR9Hn87M284WD4f6VY+
+aunHmP134a8ybG5G4NqVNF3ihvxAR2pVITqb7kE46r2uYZNcNlHI8voRCwIVAMcP
+bwqFNsQbH5pJyZW30wj4KVZ3AoGBAIK98BVeKQVf8qDFqx9ovMuNgVSxpd+N0Yta
+5ZEy1OI2ziu5RhjueIM2K7Gq2Mnp38ob1AM53BUxqlcBJaHEDa6rj6yvuMgW9oCJ
+dImBM8sIFxfBbXNbpJiMaDwa6WyT84OkpDE6uuAepTMnWOUWkUVkAiyokHDUGXkG
+GyoQblbXAoGBAIsf7TaZ804sUWwRV0wI8DYx+hxD5QdrfYPYMtL2fHn3lICimGt0
+FTtUZ25jKg0E0DMBPdET6ZEHB3ZZkR8hFoUzZhdnyJMu3UjVtgaV88Ue3PrXxchk
+0W2jHPaAgQU3JIWzo8HFIFqvC/HEL+EyW3rBTY2uXM3XGI+YcWSA4ZrZAhUAsY2f
+bDFNzgZ4DaZ9wLRzTgOswPU=
 -----END DSA PRIVATE KEY-----
diff --git a/crypto/openssh/regress/unittests/sshkey/testdata/dsa_2.fp b/crypto/openssh/regress/unittests/sshkey/testdata/dsa_2.fp
index 8226574..51fbeb4 100644
--- a/crypto/openssh/regress/unittests/sshkey/testdata/dsa_2.fp
+++ b/crypto/openssh/regress/unittests/sshkey/testdata/dsa_2.fp
@@ -1 +1 @@
-MD5:72:5f:50:6b:e5:64:c5:62:21:92:3f:8b:10:9b:9f:1a
+SHA256:ecwhWcXgpdBxZ2e+OjpRRY7dqXHHCD62BGtoVQQBwCk
diff --git a/crypto/openssh/regress/unittests/sshkey/testdata/dsa_2.fp.bb b/crypto/openssh/regress/unittests/sshkey/testdata/dsa_2.fp.bb
index 37a5221..4d908ee 100644
--- a/crypto/openssh/regress/unittests/sshkey/testdata/dsa_2.fp.bb
+++ b/crypto/openssh/regress/unittests/sshkey/testdata/dsa_2.fp.bb
@@ -1 +1 @@
-xesoh-mebaf-feced-lenuz-sicam-pevok-bosak-nogaz-ligen-fekef-fixex
+xeser-megad-pocan-rozit-belup-tapoh-fapif-kyvit-vonav-cehab-naxax
diff --git a/crypto/openssh/regress/unittests/sshkey/testdata/dsa_2.pub b/crypto/openssh/regress/unittests/sshkey/testdata/dsa_2.pub
index 6ed2736..77bb555 100644
--- a/crypto/openssh/regress/unittests/sshkey/testdata/dsa_2.pub
+++ b/crypto/openssh/regress/unittests/sshkey/testdata/dsa_2.pub
@@ -1 +1 @@
-ssh-dss AAAAB3NzaC1kc3MAAACBAOgzEJPIGcs9I7sJFTdHJ8ksA0soFnf8t1yzI1oBFy1pEDmDNFtd1MUVT6tYp/G/6i2bQrII56ku1bLy2MpFhvs2LjpRKUbC0zQB3H/e9HiJY1+KkM8rZXg73snIx7fCxsXuyILTVThvwqL4njiIUb2e5Gc5MepRYjrXmatpBHCVAAAAFQDLF57Dxh/EK1NdRdUnACH2QteuXQAAAIAIJfI4cWTEAGkkO0mzoATseXdeMjh2eWKb9cdjrRbqBw7uAdITavaWMK5smqhRebF3mYsqCe73WMgb/hRHAMzhXulvaT32xekCLwgvnZ5CXzwLRtEP36UQl9Hg8xPf0RxwNE8Hj4TTnlGhhBn8xwjJp3ywXdDC3TzgSr4iRS3ZygAAAIEAxZRpCY82sM9Mu4B0EcH6O8seRqIRScmelljhUtKxuvf2PChwIWkRHK9lORHBE3iKyurC5Muf3abuHKwMFjrOjHKOTqXBRrDZ7RgLQA0aUAQD3lWc9OTPNShjphpq5xr0HZB31eJg3/Mo6KxYlRpzMXbTyenZP0XLICSSAywvTDo= DSA test key #2
+ssh-dss AAAAB3NzaC1kc3MAAACBAJvI9c10d4uyOmhs9UIyR9qAGS3XlmyW2p/88Y0/XLVy7PuuxNdl6RDBSRJM2blyipd75k7DY7i2OhskN3rQjX9U+BoHQ1iVBH0efzszbzhYPh/pVj5q6ceY/XfhrzJsbkbg2pU0XeKG/EBHalUhOpvuQTjqva5hk1w2Ucjy+hELAAAAFQDHD28KhTbEGx+aScmVt9MI+ClWdwAAAIEAgr3wFV4pBV/yoMWrH2i8y42BVLGl343Ri1rlkTLU4jbOK7lGGO54gzYrsarYyenfyhvUAzncFTGqVwElocQNrquPrK+4yBb2gIl0iYEzywgXF8Ftc1ukmIxoPBrpbJPzg6SkMTq64B6lMydY5RaRRWQCLKiQcNQZeQYbKhBuVtcAAACBAIsf7TaZ804sUWwRV0wI8DYx+hxD5QdrfYPYMtL2fHn3lICimGt0FTtUZ25jKg0E0DMBPdET6ZEHB3ZZkR8hFoUzZhdnyJMu3UjVtgaV88Ue3PrXxchk0W2jHPaAgQU3JIWzo8HFIFqvC/HEL+EyW3rBTY2uXM3XGI+YcWSA4ZrZ DSA test key #2
diff --git a/crypto/openssh/regress/unittests/sshkey/testdata/dsa_n b/crypto/openssh/regress/unittests/sshkey/testdata/dsa_n
index 3434686..d3f2482 100644
--- a/crypto/openssh/regress/unittests/sshkey/testdata/dsa_n
+++ b/crypto/openssh/regress/unittests/sshkey/testdata/dsa_n
@@ -1,12 +1,12 @@
 -----BEGIN DSA PRIVATE KEY-----
-MIIBuwIBAAKBgQCxBNwH8TmLXqiZa0b9pxC6W+zS4Voqp8S+QwecYpNPTmhjaUYI
-E/aJWAzFVtdbysLM89ukvw/z8qBkbMSefdypKmjUtgv51ZD4nfV4Wxb+G+1QExHr
-M+kowOOL3XbcsdbPLUt8vxDJbBlQRch4zyai7CWjQR3JFXpR8sevUFJxSQIVAIdE
-oncp2DEY2U/ZZnIyGCwApCzfAoGARW+eewZTv1Eosxv3ANKx372pf5+fQKwnWizI
-j5z/GY3w3xobRCP9FiL4K3Nip2FvHLTGpRrlfm19RWYAg77VsNgztC4V9C8QrKWc
-WJdkUkoQpZ3VoO25rO13hmIelkal3omKCF4ZE/edeF3d2B8DlzYs0aBcjTCMDrub
-/CJILcYCgYEAgJt9jefGQi4Sl5F8h3jYo52LygE8sNYyurElMKVmyhFSKJ1Ifi9j
-4hNp2jZzu7jpZWhYndUoPaG6gbRB7fL3p5knlRo3P2Dznd6u6NAdhrADWW+JX9n1
-/EMKUv0h8rRFI/3b9RY1HVVzBQH7V3sNJ6iekH8JqOy1liCMaMylw4gCFBl7Lc6V
-hmTiTuhLXjoRdCZS/p/m
+MIIBvAIBAAKBgQD6kutNFRsHTwEAv6d39Lhsqy1apdHBZ9c2HfyRr7WmypyGIy2m
+Ka43vzXI8CNwmRSYs+A6d0vJC7Pl+f9QzJ/04NWOA+MiwfurwrR3CRe61QRYb8Py
+mcHOxueHs95IcjrbIPNn86cjnPP5qvv/guUzCjuww4zBdJOXpligrGt2XwIVAKMD
+/50qQy7j8JaMk+1+Xtg1pK01AoGBAO7l9QVVbSSoy5lq6cOtvpf8UlwOa6+zBwbl
+o4gmFd1RwX1yWkA8kQ7RrhCSg8Hc6mIGnKRgKRli/3LgbSfZ0obFJehkRtEWtN4P
+h8fVUeS74iQbIwFQeKlYHIlNTRoGtAbdi3nHdV+BBkEQc1V3rjqYqhjOoz/yNsgz
+LND26HrdAoGBAOdXpyfmobEBaOqZAuvgj1P0uhjG2P31Ufurv22FWPBU3A9qrkxb
+OXwE0LwvjCvrsQV/lrYhJz/tiys40VeahulWZE5SAHMXGIf95LiLSgaXMjko7joo
+t+LK84ltLymwZ4QMnYjnZSSclf1UuyQMcUtb34+I0u9Ycnyhp2mSFsQtAhRYIbQ5
+KfXsZuBPuWe5FJz3ldaEgw==
 -----END DSA PRIVATE KEY-----
diff --git a/crypto/openssh/regress/unittests/sshkey/testdata/dsa_n_pw b/crypto/openssh/regress/unittests/sshkey/testdata/dsa_n_pw
index 42f70dd..24ac299 100644
--- a/crypto/openssh/regress/unittests/sshkey/testdata/dsa_n_pw
+++ b/crypto/openssh/regress/unittests/sshkey/testdata/dsa_n_pw
@@ -1,22 +1,21 @@
 -----BEGIN OPENSSH PRIVATE KEY-----
-b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jYmMAAAAGYmNyeXB0AAAAGAAAABD5nB+Nkw
-LNoPtAG7C3IdXmAAAAEAAAAAEAAAGyAAAAB3NzaC1kc3MAAACBALEE3AfxOYteqJlrRv2n
-ELpb7NLhWiqnxL5DB5xik09OaGNpRggT9olYDMVW11vKwszz26S/D/PyoGRsxJ593KkqaN
-S2C/nVkPid9XhbFv4b7VATEesz6SjA44vddtyx1s8tS3y/EMlsGVBFyHjPJqLsJaNBHckV
-elHyx69QUnFJAAAAFQCHRKJ3KdgxGNlP2WZyMhgsAKQs3wAAAIBFb557BlO/USizG/cA0r
-Hfval/n59ArCdaLMiPnP8ZjfDfGhtEI/0WIvgrc2KnYW8ctMalGuV+bX1FZgCDvtWw2DO0
-LhX0LxCspZxYl2RSShClndWg7bms7XeGYh6WRqXeiYoIXhkT9514Xd3YHwOXNizRoFyNMI
-wOu5v8IkgtxgAAAIEAgJt9jefGQi4Sl5F8h3jYo52LygE8sNYyurElMKVmyhFSKJ1Ifi9j
-4hNp2jZzu7jpZWhYndUoPaG6gbRB7fL3p5knlRo3P2Dznd6u6NAdhrADWW+JX9n1/EMKUv
-0h8rRFI/3b9RY1HVVzBQH7V3sNJ6iekH8JqOy1liCMaMylw4gAAAHw8P1DtkBulOGv85qf
-P+md2+LL+NKufVzHl9k2UKQFjeqY6uqs4HSDqvhXe7oiXd5mz6I7orxjtKU9hGjNF4ABUD
-OawVGe/GCRUQ4WgpAgDnqQLeFcdIwtMSIrRZU6xjs314EI7TM7IIiG26JEuXDfZI1e7C3y
-Cc38ZsP3zmg/UjgcCQar5c4n++vhOmeO36+fcUyZ1QlR05SaEtFYJA+otP3RmKTiDwob8Q
-zRMr8Y57i2NTTtFjkmnnnQCibP62yz7N22Dve7RTOH8jiaW7p02Vn/6WmCarevN1rxtLLR
-lkuWtPoKY8z/Ktcev8YE9f2+9H2TfXDRKYqIEfxgZLCJ4yP2gxDe6zurabS0hAO1CP+ej5
-htdJM3/rTqHAIevXX5uhIDmMvRHnLGldaIX1xux8TIJvSfMkYNIwscIP4kx7BGMk04vXtW
-5DLm6IZhzw9T3hjr8R0kBugmT6/h9vD5iN1D+wiHIhHYzQKMU9nOeFNsMBFWgJjU0l8VlF
-gEjEMgAEfwynnmIoKB1iA/0em1tdU3naS59DBK+buE0trxUpTAAB5z8yPhAm6DdqrPE8cA
-N3HlMoWrbCuak2A0uyOlEJjPg4UJUnv12ve2c9pAMsAu/4CAszCEM0prR+qd/RA4nn4M5u
-Xrny2wNtt/DybCkA==
+b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jYmMAAAAGYmNyeXB0AAAAGAAAABCVs+LsMJ
+wnB5zM9U9pTXrGAAAAEAAAAAEAAAGzAAAAB3NzaC1kc3MAAACBAPqS600VGwdPAQC/p3f0
+uGyrLVql0cFn1zYd/JGvtabKnIYjLaYprje/NcjwI3CZFJiz4Dp3S8kLs+X5/1DMn/Tg1Y
+4D4yLB+6vCtHcJF7rVBFhvw/KZwc7G54ez3khyOtsg82fzpyOc8/mq+/+C5TMKO7DDjMF0
+k5emWKCsa3ZfAAAAFQCjA/+dKkMu4/CWjJPtfl7YNaStNQAAAIEA7uX1BVVtJKjLmWrpw6
+2+l/xSXA5rr7MHBuWjiCYV3VHBfXJaQDyRDtGuEJKDwdzqYgacpGApGWL/cuBtJ9nShsUl
+6GRG0Ra03g+Hx9VR5LviJBsjAVB4qVgciU1NGga0Bt2Lecd1X4EGQRBzVXeuOpiqGM6jP/
+I2yDMs0Pboet0AAACBAOdXpyfmobEBaOqZAuvgj1P0uhjG2P31Ufurv22FWPBU3A9qrkxb
+OXwE0LwvjCvrsQV/lrYhJz/tiys40VeahulWZE5SAHMXGIf95LiLSgaXMjko7joot+LK84
+ltLymwZ4QMnYjnZSSclf1UuyQMcUtb34+I0u9Ycnyhp2mSFsQtAAAB4HiOcRW4w+sIqBL0
+TPVbf0glN1hUi0rcE63Pqxmvxb8LkldC4IxAUagPrjhNAEW2AY42+CvPrtGB1z7gDADAIW
+xZX6wKwIcXP0Qh+xHE12F4u6mwfasssnAp4t1Ki8uCjMjnimgb3KdWpp0kiUV0oR062TXV
+PAdfrWjaq4fw0KOqbHIAG/v36AqzuqjSTfDbqvLZM3y0gp2Q1RxaQVJA5ZIKKyqRyFX7sr
+BaEIyCgeE3hM0EB7BycY1oIcS/eNxrACBWVJCENl5N7LtEYXNX7TANFniztfXzwaqGTT6A
+fCfbW4gz1UKldLUBzbIrPwMWlirAstbHvOf/2Iay2pNAs/SHhI0aF2jsGfvv5/D6N+r9dG
+B2SgDKBg7pywMH1DTvg6YT3P4GjCx0GUHqRCFLvD1rDdk4KSjvaRMpVq1PJ0/Wv6UGtsMS
+TR0PaEHDRNZqAX4YxqujnWrGKuRJhuz0eUvp7fZvbWHtiAMKV7368kkeUmkOHanb+TS+zs
+KINX8ev8zJZ6WVr8Vl+IQavpv0i2bXwS6QqbEuifpv/+uBb7pqRiU4u8en0eMdX1bZoTPM
+R6xHCnGD/Jpb3zS91Ya57T6CiXZ12KCaL6nWGnCkZVpzkfJ2HjFklWSWBQ6uyaosDQ==
 -----END OPENSSH PRIVATE KEY-----
diff --git a/crypto/openssh/regress/unittests/sshkey/testdata/ecdsa_1 b/crypto/openssh/regress/unittests/sshkey/testdata/ecdsa_1
index aec73dd..80382b6 100644
--- a/crypto/openssh/regress/unittests/sshkey/testdata/ecdsa_1
+++ b/crypto/openssh/regress/unittests/sshkey/testdata/ecdsa_1
@@ -1,5 +1,5 @@
 -----BEGIN EC PRIVATE KEY-----
-MHcCAQEEIFghsFR1K95tz8qOl3+tX6fv8a/O6AfNbxOSFZX3ihxooAoGCCqGSM49
-AwEHoUQDQgAEalpgP0BOePHtTw0Pus4tdhTb8P9yWUZluvLf1D8vrHImT+G4vr/W
-xo5iXGKQVEifuUVyLkAW2kDrq8J/szeRiQ==
+MHcCAQEEIPPNyUAnjvFr+eT/7t/IyjuQQd/aLFiTY92LB9gIjyrMoAoGCCqGSM49
+AwEHoUQDQgAEDFlblkOrW9ydKVhtM+9AY3c9saBE7SG3lFx38nBavkADDaI9jh3/
+kvG/Jt9vpm22qwoklTCGDfzCkXkIKaWlBw==
 -----END EC PRIVATE KEY-----
diff --git a/crypto/openssh/regress/unittests/sshkey/testdata/ecdsa_1-cert.fp b/crypto/openssh/regress/unittests/sshkey/testdata/ecdsa_1-cert.fp
index c3d747a..e48304f 100644
--- a/crypto/openssh/regress/unittests/sshkey/testdata/ecdsa_1-cert.fp
+++ b/crypto/openssh/regress/unittests/sshkey/testdata/ecdsa_1-cert.fp
@@ -1 +1 @@
-MD5:f7:be:4c:02:65:ed:4c:11:af:ab:a8:dd:0a:92:e7:44
+SHA256:8ty77fOpABat1y88aNdclQTfU+lVvWe7jYZGw8VYtfg
diff --git a/crypto/openssh/regress/unittests/sshkey/testdata/ecdsa_1-cert.pub b/crypto/openssh/regress/unittests/sshkey/testdata/ecdsa_1-cert.pub
index 29b06a4..55e2a25 100644
--- a/crypto/openssh/regress/unittests/sshkey/testdata/ecdsa_1-cert.pub
+++ b/crypto/openssh/regress/unittests/sshkey/testdata/ecdsa_1-cert.pub
@@ -1 +1 @@
-ecdsa-sha2-nistp256-cert-v01@openssh.com AAAAKGVjZHNhLXNoYTItbmlzdHAyNTYtY2VydC12MDFAb3BlbnNzaC5jb20AAAAgjpoHehzmM54xz776HOiTOLPhkOwSWyXOMYeqDhDEcLgAAAAIbmlzdHAyNTYAAABBBGpaYD9ATnjx7U8ND7rOLXYU2/D/cllGZbry39Q/L6xyJk/huL6/1saOYlxikFRIn7lFci5AFtpA66vCf7M3kYkAAAAAAAAABwAAAAIAAAAGanVsaXVzAAAAEgAAAAVob3N0MQAAAAVob3N0MgAAAAA2i4NgAAAAAE0d4eAAAAAAAAAAAAAAAAAAAABoAAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBGpaYD9ATnjx7U8ND7rOLXYU2/D/cllGZbry39Q/L6xyJk/huL6/1saOYlxikFRIn7lFci5AFtpA66vCf7M3kYkAAABjAAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAABIAAAAIFZM1PXlXf0a3VuGs7MVdWSealDXprT1nN5hQTg+m+EYAAAAIGN1yNXWEY5V315NhOD3mBuh/xCpfDn5rZjF4YntA7du ecdsa_1.pub
+ecdsa-sha2-nistp256-cert-v01@openssh.com AAAAKGVjZHNhLXNoYTItbmlzdHAyNTYtY2VydC12MDFAb3BlbnNzaC5jb20AAAAgOtFRnMigkGliaYfPmX5IidVWfV3tRH6lqRXv0l8bvKoAAAAIbmlzdHAyNTYAAABBBAxZW5ZDq1vcnSlYbTPvQGN3PbGgRO0ht5Rcd/JwWr5AAw2iPY4d/5Lxvybfb6ZttqsKJJUwhg38wpF5CCmlpQcAAAAAAAAABwAAAAIAAAAGanVsaXVzAAAAEgAAAAVob3N0MQAAAAVob3N0MgAAAAA2jAHwAAAAAE0eYHAAAAAAAAAAAAAAAAAAAABoAAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBAxZW5ZDq1vcnSlYbTPvQGN3PbGgRO0ht5Rcd/JwWr5AAw2iPY4d/5Lxvybfb6ZttqsKJJUwhg38wpF5CCmlpQcAAABkAAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAABJAAAAIHbxGwTnue7KxhHXGFvRcxBnekhQ3Qx84vV/Vs4oVCrpAAAAIQC7vk2+d14aS7td7kVXLQn392oALjEBzMZoDvT1vT/zOA== ECDSA test key #1
diff --git a/crypto/openssh/regress/unittests/sshkey/testdata/ecdsa_1.fp b/crypto/openssh/regress/unittests/sshkey/testdata/ecdsa_1.fp
index c3d747a..e48304f 100644
--- a/crypto/openssh/regress/unittests/sshkey/testdata/ecdsa_1.fp
+++ b/crypto/openssh/regress/unittests/sshkey/testdata/ecdsa_1.fp
@@ -1 +1 @@
-MD5:f7:be:4c:02:65:ed:4c:11:af:ab:a8:dd:0a:92:e7:44
+SHA256:8ty77fOpABat1y88aNdclQTfU+lVvWe7jYZGw8VYtfg
diff --git a/crypto/openssh/regress/unittests/sshkey/testdata/ecdsa_1.fp.bb b/crypto/openssh/regress/unittests/sshkey/testdata/ecdsa_1.fp.bb
index f01a5dd..fa23c33 100644
--- a/crypto/openssh/regress/unittests/sshkey/testdata/ecdsa_1.fp.bb
+++ b/crypto/openssh/regress/unittests/sshkey/testdata/ecdsa_1.fp.bb
@@ -1 +1 @@
-xotah-hecal-zibyb-nadug-romuc-hator-venum-hobip-ruluh-ripus-naxix
+xibah-vocun-sogyn-byhen-rivem-hegyh-luneh-dozyr-vatyf-dufid-myxyx
diff --git a/crypto/openssh/regress/unittests/sshkey/testdata/ecdsa_1.param.priv b/crypto/openssh/regress/unittests/sshkey/testdata/ecdsa_1.param.priv
index 3475f1f..dc908ad 100644
--- a/crypto/openssh/regress/unittests/sshkey/testdata/ecdsa_1.param.priv
+++ b/crypto/openssh/regress/unittests/sshkey/testdata/ecdsa_1.param.priv
@@ -1 +1 @@
-5821b054752bde6dcfca8e977fad5fa7eff1afcee807cd6f13921595f78a1c68
+00f3cdc940278ef16bf9e4ffeedfc8ca3b9041dfda2c589363dd8b07d8088f2acc
diff --git a/crypto/openssh/regress/unittests/sshkey/testdata/ecdsa_1.param.pub b/crypto/openssh/regress/unittests/sshkey/testdata/ecdsa_1.param.pub
index 11847a3..71c9584 100644
--- a/crypto/openssh/regress/unittests/sshkey/testdata/ecdsa_1.param.pub
+++ b/crypto/openssh/regress/unittests/sshkey/testdata/ecdsa_1.param.pub
@@ -1 +1 @@
-046a5a603f404e78f1ed4f0d0fbace2d7614dbf0ff72594665baf2dfd43f2fac72264fe1b8bebfd6c68e625c629054489fb945722e4016da40ebabc27fb3379189
+040c595b9643ab5bdc9d29586d33ef4063773db1a044ed21b7945c77f2705abe40030da23d8e1dff92f1bf26df6fa66db6ab0a249530860dfcc291790829a5a507
diff --git a/crypto/openssh/regress/unittests/sshkey/testdata/ecdsa_1.pub b/crypto/openssh/regress/unittests/sshkey/testdata/ecdsa_1.pub
index eca1620..84a71f9 100644
--- a/crypto/openssh/regress/unittests/sshkey/testdata/ecdsa_1.pub
+++ b/crypto/openssh/regress/unittests/sshkey/testdata/ecdsa_1.pub
@@ -1 +1 @@
-ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBGpaYD9ATnjx7U8ND7rOLXYU2/D/cllGZbry39Q/L6xyJk/huL6/1saOYlxikFRIn7lFci5AFtpA66vCf7M3kYk= ECDSA test key #1
+ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBAxZW5ZDq1vcnSlYbTPvQGN3PbGgRO0ht5Rcd/JwWr5AAw2iPY4d/5Lxvybfb6ZttqsKJJUwhg38wpF5CCmlpQc= ECDSA test key #1
diff --git a/crypto/openssh/regress/unittests/sshkey/testdata/ecdsa_1_pw b/crypto/openssh/regress/unittests/sshkey/testdata/ecdsa_1_pw
index 071154a..5c83a65 100644
--- a/crypto/openssh/regress/unittests/sshkey/testdata/ecdsa_1_pw
+++ b/crypto/openssh/regress/unittests/sshkey/testdata/ecdsa_1_pw
@@ -1,8 +1,8 @@
 -----BEGIN EC PRIVATE KEY-----
 Proc-Type: 4,ENCRYPTED
-DEK-Info: AES-128-CBC,74C8AEA5BFAFCC2B1C8B13DE671F5610
+DEK-Info: AES-128-CBC,7BA38DE00F67851E4207216809C3BB15
 
-vUsgOvCqezxPmcZcFqrSy9Y1MMlVguY0h9cfSPFC7gUrRr+45uCOYX5bOwEXecKn
-/9uCXZtlBwwqDS9iK5IPoUrjEHvzI5rVbHWUxDrEOVbsfiDuCxrQM19It6QIqC1v
-OSQEdXuBWR5WmhKNc3dqLbWsU8u2s60YwKQmZrj9nM4=
+8QkFoZHQkj9a2mt032sp+WKaJ1fwteqWDd4RpAW9OzDgqzMx1QO43qJgBDTfhzjt
+M2Q8YfiGjfBEYpg4kCbacfcV68DEV4z6Ll7rIzzzO7OfWUNL++brD64vKx4z6f46
++sn4nbZTXilpkzi/nmPDVzrNmTSywA8T7Yf0QcBUxks=
 -----END EC PRIVATE KEY-----
diff --git a/crypto/openssh/regress/unittests/sshkey/testdata/ecdsa_2 b/crypto/openssh/regress/unittests/sshkey/testdata/ecdsa_2
index 76ae07a..0f4e844 100644
--- a/crypto/openssh/regress/unittests/sshkey/testdata/ecdsa_2
+++ b/crypto/openssh/regress/unittests/sshkey/testdata/ecdsa_2
@@ -1,7 +1,7 @@
 -----BEGIN EC PRIVATE KEY-----
-MIHcAgEBBEIBg4kVxUfoo/RE/78/QBRqG6PZuHZ82eLnhmZVzBa7XREUiYI/Jw7r
-Qwp4FTBVfXL76Pt5AyBMf+52aVeOUlLRERSgBwYFK4EEACOhgYkDgYYABACNTJ5O
-uNo5dNgIQRLHzKU91m7immKFiutJ6BlDbkRkKr+Envj13J6HOgYvOTm0n7SPlKHS
-STZ4/T36d/rzQOAbIwEnbbwD9HMj6IzE4WH9lJzH7Zy7Tcyu6dOM8L7nOxCp3DUk
-F3aAnPSFJhD7NN0jBWOFsD6uy1OmaTklPfRAnCt1MQ==
+MIHcAgEBBEIBqBtN7e6Essd3dlsgISViPCXXC0atlNkGtoMgSQdBTKVUfeJOi4lc
+RZaXJdXnqWUqI/KEsH8h8QN4YcB8ugmAcc+gBwYFK4EEACOhgYkDgYYABAHZ2VNy
+oDedBwqsdzY+kkNptc9DrtRCVmO6cULLj+691MhItqVqTMJbTFlI4MnAg9PoGTF/
+0KmLJfy8vSffXGKqqwGKcFNtd1XCo+7Qu9tXbxron9g6Dmu7y8jaLkixcwZwnwLs
+6GmA9qZGuiAfOGV0Gf9/u98sr+vikOa4Ow5JFDTw5g==
 -----END EC PRIVATE KEY-----
diff --git a/crypto/openssh/regress/unittests/sshkey/testdata/ecdsa_2.fp b/crypto/openssh/regress/unittests/sshkey/testdata/ecdsa_2.fp
index fe7526b..581e48a 100644
--- a/crypto/openssh/regress/unittests/sshkey/testdata/ecdsa_2.fp
+++ b/crypto/openssh/regress/unittests/sshkey/testdata/ecdsa_2.fp
@@ -1 +1 @@
-MD5:51:bd:ff:2b:6d:26:9b:90:f9:e1:4a:ca:a0:29:8e:70
+SHA256:ed8YniRHA6qCrErCRnzrWxPHxYuA62a+CAFYUVxJgaI
diff --git a/crypto/openssh/regress/unittests/sshkey/testdata/ecdsa_2.fp.bb b/crypto/openssh/regress/unittests/sshkey/testdata/ecdsa_2.fp.bb
index 267bc63..e1cc664 100644
--- a/crypto/openssh/regress/unittests/sshkey/testdata/ecdsa_2.fp.bb
+++ b/crypto/openssh/regress/unittests/sshkey/testdata/ecdsa_2.fp.bb
@@ -1 +1 @@
-xuzaz-zuzuk-virop-vypah-zumel-gylak-selih-fevad-varag-zynif-haxox
+xufag-danul-putub-mokin-pugaz-covid-dofag-nihuz-sysab-genar-zaxyx
diff --git a/crypto/openssh/regress/unittests/sshkey/testdata/ecdsa_2.param.priv b/crypto/openssh/regress/unittests/sshkey/testdata/ecdsa_2.param.priv
index 537cdaa..dd898d9 100644
--- a/crypto/openssh/regress/unittests/sshkey/testdata/ecdsa_2.param.priv
+++ b/crypto/openssh/regress/unittests/sshkey/testdata/ecdsa_2.param.priv
@@ -1 +1 @@
-01838915c547e8a3f444ffbf3f40146a1ba3d9b8767cd9e2e7866655cc16bb5d111489823f270eeb430a781530557d72fbe8fb7903204c7fee7669578e5252d11114
+01a81b4dedee84b2c777765b202125623c25d70b46ad94d906b683204907414ca5547de24e8b895c45969725d5e7a9652a23f284b07f21f1037861c07cba098071cf
diff --git a/crypto/openssh/regress/unittests/sshkey/testdata/ecdsa_2.param.pub b/crypto/openssh/regress/unittests/sshkey/testdata/ecdsa_2.param.pub
index 3352ac7..94301c9 100644
--- a/crypto/openssh/regress/unittests/sshkey/testdata/ecdsa_2.param.pub
+++ b/crypto/openssh/regress/unittests/sshkey/testdata/ecdsa_2.param.pub
@@ -1 +1 @@
-04008d4c9e4eb8da3974d8084112c7cca53dd66ee29a62858aeb49e819436e44642abf849ef8f5dc9e873a062f3939b49fb48f94a1d2493678fd3dfa77faf340e01b2301276dbc03f47323e88cc4e161fd949cc7ed9cbb4dccaee9d38cf0bee73b10a9dc35241776809cf4852610fb34dd23056385b03eaecb53a66939253df4409c2b7531
+0401d9d95372a0379d070aac77363e924369b5cf43aed4425663ba7142cb8feebdd4c848b6a56a4cc25b4c5948e0c9c083d3e819317fd0a98b25fcbcbd27df5c62aaab018a70536d7755c2a3eed0bbdb576f1ae89fd83a0e6bbbcbc8da2e48b17306709f02ece86980f6a646ba201f38657419ff7fbbdf2cafebe290e6b83b0e491434f0e6
diff --git a/crypto/openssh/regress/unittests/sshkey/testdata/ecdsa_2.pub b/crypto/openssh/regress/unittests/sshkey/testdata/ecdsa_2.pub
index 34e1881..be9d84b 100644
--- a/crypto/openssh/regress/unittests/sshkey/testdata/ecdsa_2.pub
+++ b/crypto/openssh/regress/unittests/sshkey/testdata/ecdsa_2.pub
@@ -1 +1 @@
-ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBACNTJ5OuNo5dNgIQRLHzKU91m7immKFiutJ6BlDbkRkKr+Envj13J6HOgYvOTm0n7SPlKHSSTZ4/T36d/rzQOAbIwEnbbwD9HMj6IzE4WH9lJzH7Zy7Tcyu6dOM8L7nOxCp3DUkF3aAnPSFJhD7NN0jBWOFsD6uy1OmaTklPfRAnCt1MQ== ECDSA test key #2
+ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBAHZ2VNyoDedBwqsdzY+kkNptc9DrtRCVmO6cULLj+691MhItqVqTMJbTFlI4MnAg9PoGTF/0KmLJfy8vSffXGKqqwGKcFNtd1XCo+7Qu9tXbxron9g6Dmu7y8jaLkixcwZwnwLs6GmA9qZGuiAfOGV0Gf9/u98sr+vikOa4Ow5JFDTw5g== ECDSA test key #2
diff --git a/crypto/openssh/regress/unittests/sshkey/testdata/ecdsa_n b/crypto/openssh/regress/unittests/sshkey/testdata/ecdsa_n
index aec73dd..80382b6 100644
--- a/crypto/openssh/regress/unittests/sshkey/testdata/ecdsa_n
+++ b/crypto/openssh/regress/unittests/sshkey/testdata/ecdsa_n
@@ -1,5 +1,5 @@
 -----BEGIN EC PRIVATE KEY-----
-MHcCAQEEIFghsFR1K95tz8qOl3+tX6fv8a/O6AfNbxOSFZX3ihxooAoGCCqGSM49
-AwEHoUQDQgAEalpgP0BOePHtTw0Pus4tdhTb8P9yWUZluvLf1D8vrHImT+G4vr/W
-xo5iXGKQVEifuUVyLkAW2kDrq8J/szeRiQ==
+MHcCAQEEIPPNyUAnjvFr+eT/7t/IyjuQQd/aLFiTY92LB9gIjyrMoAoGCCqGSM49
+AwEHoUQDQgAEDFlblkOrW9ydKVhtM+9AY3c9saBE7SG3lFx38nBavkADDaI9jh3/
+kvG/Jt9vpm22qwoklTCGDfzCkXkIKaWlBw==
 -----END EC PRIVATE KEY-----
diff --git a/crypto/openssh/regress/unittests/sshkey/testdata/ecdsa_n_pw b/crypto/openssh/regress/unittests/sshkey/testdata/ecdsa_n_pw
index 75d5859..36b7fa7 100644
--- a/crypto/openssh/regress/unittests/sshkey/testdata/ecdsa_n_pw
+++ b/crypto/openssh/regress/unittests/sshkey/testdata/ecdsa_n_pw
@@ -1,9 +1,9 @@
 -----BEGIN OPENSSH PRIVATE KEY-----
-b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jYmMAAAAGYmNyeXB0AAAAGAAAABBXqI6Z6o
-uRM+jAwdhnDoIMAAAAEAAAAAEAAABoAAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlz
-dHAyNTYAAABBBGpaYD9ATnjx7U8ND7rOLXYU2/D/cllGZbry39Q/L6xyJk/huL6/1saOYl
-xikFRIn7lFci5AFtpA66vCf7M3kYkAAACwYMnoCTqvUTG0ktSSMNsOZLCdal5J4avEpM1L
-sV9SL/RVcwo3ChprhwsnQsaAtMiJCRcHerKgD9qy1MNNaE5VNfVJ0Ih/7ut04cbFKed8p6
-0V+w8WP7WvFffBPoHn+GGbQd1FDGzHhXUB61pH8Qzd1bI/sld/XEtMk7iYjNGQe9Rt0RaK
-Wi8trwaA0Fb2w/EFnrdsFFxrIhQEqYBdEQJo782IqAsMG9OwUaM0vy+8bcI=
+b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jYmMAAAAGYmNyeXB0AAAAGAAAABC4UwEov5
+z0RrCm7AMCxbuiAAAAEAAAAAEAAABoAAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlz
+dHAyNTYAAABBBAxZW5ZDq1vcnSlYbTPvQGN3PbGgRO0ht5Rcd/JwWr5AAw2iPY4d/5Lxvy
+bfb6ZttqsKJJUwhg38wpF5CCmlpQcAAACgbCnAklQTHrf5qiHiMxKYwQJ7k/X9mp4fXD4v
+xUbgNZiXSxN26mn8mC2rH+WA6Lk3CexR/hrtLI2ndpBsYu1h6HhVkOwwm3Kd/PMKArCupW
+l6sYEabrT0EghXR/3aDEZvj79hgKSdu3RpayLvMdbCR8k1cg0/mDmR9hicWfeJ61n/IH05
+tUR268+0BVRW9kDhh/cuv8tVY4L09jCCQ6CpsA==
 -----END OPENSSH PRIVATE KEY-----
diff --git a/crypto/openssh/regress/unittests/sshkey/testdata/ed25519_1 b/crypto/openssh/regress/unittests/sshkey/testdata/ed25519_1
index a537ae1..6b0ae01 100644
--- a/crypto/openssh/regress/unittests/sshkey/testdata/ed25519_1
+++ b/crypto/openssh/regress/unittests/sshkey/testdata/ed25519_1
@@ -1,7 +1,7 @@
 -----BEGIN OPENSSH PRIVATE KEY-----
 b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW
-QyNTUxOQAAACC5PeVeSdyylcfG3C0geNO90e3dGgL0fICaz751dA9zEAAAAJglsAcYJbAH
-GAAAAAtzc2gtZWQyNTUxOQAAACC5PeVeSdyylcfG3C0geNO90e3dGgL0fICaz751dA9zEA
-AAAED6HJ8Bh8tdQvhMd5o8IxtIwBv8/FV48FpBFWAbYdsIsLk95V5J3LKVx8bcLSB4073R
-7d0aAvR8gJrPvnV0D3MQAAAAE0VEMjU1MTkgdGVzdCBrZXkgIzEBAg==
+QyNTUxOQAAACBThupGO0X+FLQhbz8CoKPwc7V3JNsQuGtlsgN+F7SMGQAAAJjnj4Ao54+A
+KAAAAAtzc2gtZWQyNTUxOQAAACBThupGO0X+FLQhbz8CoKPwc7V3JNsQuGtlsgN+F7SMGQ
+AAAED3KgoDbjR54V7bdNpfKlQY5m20UK1QaHytkCR+6rZEDFOG6kY7Rf4UtCFvPwKgo/Bz
+tXck2xC4a2WyA34XtIwZAAAAE0VEMjU1MTkgdGVzdCBrZXkgIzEBAg==
 -----END OPENSSH PRIVATE KEY-----
diff --git a/crypto/openssh/regress/unittests/sshkey/testdata/ed25519_1-cert.fp b/crypto/openssh/regress/unittests/sshkey/testdata/ed25519_1-cert.fp
index fbde87a..a9674e2 100644
--- a/crypto/openssh/regress/unittests/sshkey/testdata/ed25519_1-cert.fp
+++ b/crypto/openssh/regress/unittests/sshkey/testdata/ed25519_1-cert.fp
@@ -1 +1 @@
-MD5:19:08:8e:7e:4d:e5:de:86:2a:09:47:65:eb:0a:51:2f
+SHA256:L3k/oJubblSY0lB9Ulsl7emDMnRPKm/8udf2ccwk560
diff --git a/crypto/openssh/regress/unittests/sshkey/testdata/ed25519_1-cert.pub b/crypto/openssh/regress/unittests/sshkey/testdata/ed25519_1-cert.pub
index ad0b9a8..649b4e8 100644
--- a/crypto/openssh/regress/unittests/sshkey/testdata/ed25519_1-cert.pub
+++ b/crypto/openssh/regress/unittests/sshkey/testdata/ed25519_1-cert.pub
@@ -1 +1 @@
-ssh-ed25519-cert-v01@openssh.com AAAAIHNzaC1lZDI1NTE5LWNlcnQtdjAxQG9wZW5zc2guY29tAAAAIHmdL66MkkOvncpc0W4MdvlJZMfQthHiOUv+XKm7gvzOAAAAILk95V5J3LKVx8bcLSB4073R7d0aAvR8gJrPvnV0D3MQAAAAAAAAAAgAAAACAAAABmp1bGl1cwAAABIAAAAFaG9zdDEAAAAFaG9zdDIAAAAANouDYAAAAABNHeHgAAAAAAAAAAAAAAAAAAAAMwAAAAtzc2gtZWQyNTUxOQAAACC5PeVeSdyylcfG3C0geNO90e3dGgL0fICaz751dA9zEAAAAFMAAAALc3NoLWVkMjU1MTkAAABAsUStKm1z3Rtvwy3eXE1DrgVp6kix2iEQXfB66IHX2UpAj5yl0eQGXWTSEDIxHDIb0SJvUH43OWX0PrEeAs0mAA== ed25519_1.pub
+ssh-ed25519-cert-v01@openssh.com AAAAIHNzaC1lZDI1NTE5LWNlcnQtdjAxQG9wZW5zc2guY29tAAAAIIxzuxl4z3uwAIslne8Huft+1n1IhHAlNbWZkQyyECCGAAAAIFOG6kY7Rf4UtCFvPwKgo/BztXck2xC4a2WyA34XtIwZAAAAAAAAAAgAAAACAAAABmp1bGl1cwAAABIAAAAFaG9zdDEAAAAFaG9zdDIAAAAANowB8AAAAABNHmBwAAAAAAAAAAAAAAAAAAAAMwAAAAtzc2gtZWQyNTUxOQAAACBThupGO0X+FLQhbz8CoKPwc7V3JNsQuGtlsgN+F7SMGQAAAFMAAAALc3NoLWVkMjU1MTkAAABABGTn+Bmz86Ajk+iqKCSdP5NClsYzn4alJd0V5bizhP0Kumc/HbqQfSt684J1WdSzih+EjvnTgBhK9jTBKb90AQ== ED25519 test key #1
diff --git a/crypto/openssh/regress/unittests/sshkey/testdata/ed25519_1.fp b/crypto/openssh/regress/unittests/sshkey/testdata/ed25519_1.fp
index fbde87a..a9674e2 100644
--- a/crypto/openssh/regress/unittests/sshkey/testdata/ed25519_1.fp
+++ b/crypto/openssh/regress/unittests/sshkey/testdata/ed25519_1.fp
@@ -1 +1 @@
-MD5:19:08:8e:7e:4d:e5:de:86:2a:09:47:65:eb:0a:51:2f
+SHA256:L3k/oJubblSY0lB9Ulsl7emDMnRPKm/8udf2ccwk560
diff --git a/crypto/openssh/regress/unittests/sshkey/testdata/ed25519_1.fp.bb b/crypto/openssh/regress/unittests/sshkey/testdata/ed25519_1.fp.bb
index 591a711..309f2da 100644
--- a/crypto/openssh/regress/unittests/sshkey/testdata/ed25519_1.fp.bb
+++ b/crypto/openssh/regress/unittests/sshkey/testdata/ed25519_1.fp.bb
@@ -1 +1 @@
-xofip-nuhoh-botam-cypeg-panig-tunef-bimav-numeb-nikic-gocyf-paxax
+xubop-rekyd-bakal-nubuf-pahaf-gicuh-logeb-gocif-petod-galip-fuxux
diff --git a/crypto/openssh/regress/unittests/sshkey/testdata/ed25519_1.pub b/crypto/openssh/regress/unittests/sshkey/testdata/ed25519_1.pub
index 633e050..e533059 100644
--- a/crypto/openssh/regress/unittests/sshkey/testdata/ed25519_1.pub
+++ b/crypto/openssh/regress/unittests/sshkey/testdata/ed25519_1.pub
@@ -1 +1 @@
-ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILk95V5J3LKVx8bcLSB4073R7d0aAvR8gJrPvnV0D3MQ ED25519 test key #1
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFOG6kY7Rf4UtCFvPwKgo/BztXck2xC4a2WyA34XtIwZ ED25519 test key #1
diff --git a/crypto/openssh/regress/unittests/sshkey/testdata/ed25519_1_pw b/crypto/openssh/regress/unittests/sshkey/testdata/ed25519_1_pw
index 9fc6352..c3b7ae7 100644
--- a/crypto/openssh/regress/unittests/sshkey/testdata/ed25519_1_pw
+++ b/crypto/openssh/regress/unittests/sshkey/testdata/ed25519_1_pw
@@ -1,8 +1,8 @@
 -----BEGIN OPENSSH PRIVATE KEY-----
-b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jYmMAAAAGYmNyeXB0AAAAGAAAABAlT1eewp
-9gl0gue+sSrBWKAAAAEAAAAAEAAAAzAAAAC3NzaC1lZDI1NTE5AAAAILk95V5J3LKVx8bc
-LSB4073R7d0aAvR8gJrPvnV0D3MQAAAAoMrL9ixIQHoJ86DcKMGt26+bCeaoyGjW5hha2Y
-IxAZ+rRvNjUuv3MGvbUxtUpPZkTP/vk2fVSCuCD9St5Lbt/LKdIk2MfWIFbjZ6iEfdzxz0
-DHmsSDMps8dbePqqIPULR8av447jEzQEkUc8GSR6WqFSJOjJ8OvrJat1KcEK7V2tjZnLS1
-GoLMqVAtCVhuXwUkeJiRQE/JRl172hxB+LAVw=
+b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jYmMAAAAGYmNyeXB0AAAAGAAAABCus+kaow
+AUjHphacvRp98dAAAAEAAAAAEAAAAzAAAAC3NzaC1lZDI1NTE5AAAAIFOG6kY7Rf4UtCFv
+PwKgo/BztXck2xC4a2WyA34XtIwZAAAAoJaqqgiYQuElraJAmYOm7Tb4nJ3eI4oj9mQ52M
+/Yd+ION2Ur1v8BDewpDX+LHEYgKHo3Mlmcn2UyF+QJ+7xUCW7QCtk/4szrJzw74DlEl6mH
+T8PT/f/av7PpECBD/YD3NoDlB9OWm/Q4sHcxfBEKfTGD7s2Onn71HgrdEOPqd4Sj/IQigR
+drfjtXEMlD32k9n3dd2eS9x7AHWYaGFEMkOcY=
 -----END OPENSSH PRIVATE KEY-----
diff --git a/crypto/openssh/regress/unittests/sshkey/testdata/ed25519_2 b/crypto/openssh/regress/unittests/sshkey/testdata/ed25519_2
index a6e5f00..e4aed63 100644
--- a/crypto/openssh/regress/unittests/sshkey/testdata/ed25519_2
+++ b/crypto/openssh/regress/unittests/sshkey/testdata/ed25519_2
@@ -1,7 +1,7 @@
 -----BEGIN OPENSSH PRIVATE KEY-----
 b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW
-QyNTUxOQAAACBXUfO5Kid+jhRnyVt+1r9wj2FN/mZ6RfgGdySeYoq4WAAAAJjGeKsZxnir
-GQAAAAtzc2gtZWQyNTUxOQAAACBXUfO5Kid+jhRnyVt+1r9wj2FN/mZ6RfgGdySeYoq4WA
-AAAEB+gn4gGClQl2WMeOkikY+w0A0kSw1KH4Oyami7hlypsFdR87kqJ36OFGfJW37Wv3CP
-YU3+ZnpF+AZ3JJ5iirhYAAAAE0VEMjU1MTkgdGVzdCBrZXkgIzEBAg==
+QyNTUxOQAAACDPVKyLnm3eZE0lm0IfM3Uy9AsdGSBtozcoCt21blYBCwAAAJix1mBGsdZg
+RgAAAAtzc2gtZWQyNTUxOQAAACDPVKyLnm3eZE0lm0IfM3Uy9AsdGSBtozcoCt21blYBCw
+AAAECZEQHXs18o3DKjhUYaTyt+bUbhqfMeqmsKjYyFvzGVgs9UrIuebd5kTSWbQh8zdTL0
+Cx0ZIG2jNygK3bVuVgELAAAAE0VEMjU1MTkgdGVzdCBrZXkgIzEBAg==
 -----END OPENSSH PRIVATE KEY-----
diff --git a/crypto/openssh/regress/unittests/sshkey/testdata/ed25519_2.fp b/crypto/openssh/regress/unittests/sshkey/testdata/ed25519_2.fp
index ec1cdbb..0496626 100644
--- a/crypto/openssh/regress/unittests/sshkey/testdata/ed25519_2.fp
+++ b/crypto/openssh/regress/unittests/sshkey/testdata/ed25519_2.fp
@@ -1 +1 @@
-MD5:5c:c9:ae:a3:0c:aa:28:29:b8:fc:7c:64:ba:6e:e9:c9
+SHA256:vMbaARqVciRgXyZPNHDo+P5p5WK5yWG1Oo6VC35Bomw
diff --git a/crypto/openssh/regress/unittests/sshkey/testdata/ed25519_2.fp.bb b/crypto/openssh/regress/unittests/sshkey/testdata/ed25519_2.fp.bb
index ebe782e..abba789 100644
--- a/crypto/openssh/regress/unittests/sshkey/testdata/ed25519_2.fp.bb
+++ b/crypto/openssh/regress/unittests/sshkey/testdata/ed25519_2.fp.bb
@@ -1 +1 @@
-xenoz-tovup-zecyt-hohar-motam-sugid-fecyz-tutyk-gosom-ginar-kixux
+xuces-bapyb-vikob-zesyv-budod-nupip-kebon-tacyc-fofed-lezic-soxax
diff --git a/crypto/openssh/regress/unittests/sshkey/testdata/ed25519_2.pub b/crypto/openssh/regress/unittests/sshkey/testdata/ed25519_2.pub
index 37b9335..af34236 100644
--- a/crypto/openssh/regress/unittests/sshkey/testdata/ed25519_2.pub
+++ b/crypto/openssh/regress/unittests/sshkey/testdata/ed25519_2.pub
@@ -1 +1 @@
-ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFdR87kqJ36OFGfJW37Wv3CPYU3+ZnpF+AZ3JJ5iirhY ED25519 test key #1
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIM9UrIuebd5kTSWbQh8zdTL0Cx0ZIG2jNygK3bVuVgEL ED25519 test key #1
diff --git a/crypto/openssh/regress/unittests/sshkey/testdata/rsa1_1 b/crypto/openssh/regress/unittests/sshkey/testdata/rsa1_1
index d22014e..161cc04 100644
--- a/crypto/openssh/regress/unittests/sshkey/testdata/rsa1_1
+++ b/crypto/openssh/regress/unittests/sshkey/testdata/rsa1_1
diff --git a/crypto/openssh/regress/unittests/sshkey/testdata/rsa1_1.fp b/crypto/openssh/regress/unittests/sshkey/testdata/rsa1_1.fp
index 2e1068c..21b3d1a 100644
--- a/crypto/openssh/regress/unittests/sshkey/testdata/rsa1_1.fp
+++ b/crypto/openssh/regress/unittests/sshkey/testdata/rsa1_1.fp
@@ -1 +1 @@
-MD5:a8:82:9b:98:c5:e6:19:d6:83:39:9f:4d:3a:8f:7c:80
+SHA256:/kk7K9S9kwYFiFilnZYFwCsQJweI/SGQVR2nIa8VBhE
diff --git a/crypto/openssh/regress/unittests/sshkey/testdata/rsa1_1.fp.bb b/crypto/openssh/regress/unittests/sshkey/testdata/rsa1_1.fp.bb
index caaf951..62991b3 100644
--- a/crypto/openssh/regress/unittests/sshkey/testdata/rsa1_1.fp.bb
+++ b/crypto/openssh/regress/unittests/sshkey/testdata/rsa1_1.fp.bb
@@ -1 +1 @@
-xukib-cymuf-mylib-kecih-rogyb-sorid-belys-kytem-dinin-cicil-kyxex
+xilil-nabyf-gynih-duheb-gokyp-bofet-nekac-bosod-lozin-kuvyh-poxix
diff --git a/crypto/openssh/regress/unittests/sshkey/testdata/rsa1_1.param.n b/crypto/openssh/regress/unittests/sshkey/testdata/rsa1_1.param.n
index 4ceb373..9a2549b 100644
--- a/crypto/openssh/regress/unittests/sshkey/testdata/rsa1_1.param.n
+++ b/crypto/openssh/regress/unittests/sshkey/testdata/rsa1_1.param.n
@@ -1 +1 @@
-00cf68059e5c7743318d740d3ebb55eb577891c9c3098817703f4c3157285055c2daa50102509ebdcade324e541c965e2931fd3459052fe65d013722da805d7ec8ef5b97cc006789d0566c5578b23e7aaa5be2b055d85798030cdead2eb2cc4eb3
+00ce8ca77a556eba887f9a866c084a6402785354a81c10854d343181fa09351223a65f99915f8433d11a9c41677d307c03c3a39865b83e7172d2c1d878333c980438d6e4462106a0065cd75cfea7ca7f21538bf2f43f2af49cacee51b22e3bdcc5e87b59cc691f7c6942a77ef13bfdfb24300777b727348d0ba7900ba06b886729
diff --git a/crypto/openssh/regress/unittests/sshkey/testdata/rsa1_1.pub b/crypto/openssh/regress/unittests/sshkey/testdata/rsa1_1.pub
index 56cf30d..f665b0d 100644
--- a/crypto/openssh/regress/unittests/sshkey/testdata/rsa1_1.pub
+++ b/crypto/openssh/regress/unittests/sshkey/testdata/rsa1_1.pub
@@ -1 +1 @@
-768 65537 1257820658919101781627826212425999371251377782154008557690434337796299274692579921603319269571889066123773172648045269780061837011867522525764583065919572648969392756890567918758763032103894830246827894023662422727333291801518558899 RSA1 test key #1
+1024 65537 145043942670517902781741650890610683756045780348507433188994725700923246927874581962206512480287863636935077725837494808988986557337885675565086448774391442851909709751605441036910145362277967349042489937363543710406342212883803780768870873303921572812138116796733586484633244057911618360651775855949808953129 RSA1 test key #1
diff --git a/crypto/openssh/regress/unittests/sshkey/testdata/rsa1_1_pw b/crypto/openssh/regress/unittests/sshkey/testdata/rsa1_1_pw
index 3113dbc..e73c679 100644
--- a/crypto/openssh/regress/unittests/sshkey/testdata/rsa1_1_pw
+++ b/crypto/openssh/regress/unittests/sshkey/testdata/rsa1_1_pw
diff --git a/crypto/openssh/regress/unittests/sshkey/testdata/rsa1_2 b/crypto/openssh/regress/unittests/sshkey/testdata/rsa1_2
index e75e665..1d672dd 100644
--- a/crypto/openssh/regress/unittests/sshkey/testdata/rsa1_2
+++ b/crypto/openssh/regress/unittests/sshkey/testdata/rsa1_2
diff --git a/crypto/openssh/regress/unittests/sshkey/testdata/rsa1_2.fp b/crypto/openssh/regress/unittests/sshkey/testdata/rsa1_2.fp
index cd00393..00516d5 100644
--- a/crypto/openssh/regress/unittests/sshkey/testdata/rsa1_2.fp
+++ b/crypto/openssh/regress/unittests/sshkey/testdata/rsa1_2.fp
@@ -1 +1 @@
-MD5:c0:83:1c:97:5f:32:77:7e:e4:e3:e9:29:b9:eb:76:9c
+SHA256:JaOeRCnLl/TLe7vn1+aQ4ONyKZCUhK5x3k4VHilmbpE
diff --git a/crypto/openssh/regress/unittests/sshkey/testdata/rsa1_2.fp.bb b/crypto/openssh/regress/unittests/sshkey/testdata/rsa1_2.fp.bb
index cd80371..b4989a5 100644
--- a/crypto/openssh/regress/unittests/sshkey/testdata/rsa1_2.fp.bb
+++ b/crypto/openssh/regress/unittests/sshkey/testdata/rsa1_2.fp.bb
@@ -1 +1 @@
-xifad-vevot-sozyl-fapeb-meryf-kylut-cydiv-firik-gavyb-lanad-kaxox
+xipag-zohut-zepuk-pisyv-kamog-pupus-netud-tudis-melup-cynov-gaxox
diff --git a/crypto/openssh/regress/unittests/sshkey/testdata/rsa1_2.param.n b/crypto/openssh/regress/unittests/sshkey/testdata/rsa1_2.param.n
index f8143a4..25d438d 100644
--- a/crypto/openssh/regress/unittests/sshkey/testdata/rsa1_2.param.n
+++ b/crypto/openssh/regress/unittests/sshkey/testdata/rsa1_2.param.n
@@ -1 +1 @@
-00b08a9fa386aceaab2ec3e9cdc7e6cb4eac9e98620279eed6762e1f513739a417ac8a86231fad3b8727a9de994973a7aae674a132547341984ade91aa1c22f01d2f0204ea7fa121969c367a5d04bda384066cf94e0b56d1efc47f50ca28e90603547df41c0676550d82d369f699b457d4f0f077999d9e76ab679fbf4206d418dbabed1823f14e4ddf3aac987686e6b006f8a23ea6af13b4c0e5b1fb5b1eb4db2f47b229422c450574cae9c64db5dcfce050836b6bdfa8fb541b4d426444a5ea20ad51a25d3048414ced2e199da2997968273e8beb10f3a351e98a57b00dadfa8f00a39bb55be94dae898fda6021d728f32b2ec93edd16e51073be3ac7511e5085
+00cab091b57a154740c1bb7020f46a21a19dc40f647db2aab1babd30cabe241f0437391e68376ba35e48c624b8eaf6b59424d4c1a848c9fd1ef5cdc7c1b7f5e5df23b7ad513b79021286d38c52fdfae35656659e8649b2bf8bedf7c99664e45534007bd1c5dc3de1dafdf2d34ad087155951aa0f3d500b36d0d804bbccdef15ab31ca3dd40bdf5196065a97f397ef576caffb606be8232f6e0614aea0e979b9584296673fabb1dbd9f3212495c428842a2ab1f1768dd424fb6fdceeeab9126cacdfc834f0a0d09ba73ad8360d183ba85bb1565555cc6a536eb8d06df1a1e841107c021ae28a2d8b3465f9d8b58ef4045aea1c4ad7f8bf639574d6b142af67b4eb3
diff --git a/crypto/openssh/regress/unittests/sshkey/testdata/rsa1_2.pub b/crypto/openssh/regress/unittests/sshkey/testdata/rsa1_2.pub
index de1afbb..acab6dd 100644
--- a/crypto/openssh/regress/unittests/sshkey/testdata/rsa1_2.pub
+++ b/crypto/openssh/regress/unittests/sshkey/testdata/rsa1_2.pub
@@ -1 +1 @@
-2048 65537 22286299513474010485021611215236051675183880694440075228245854420062562171290421803318459093678819161498086077099067169041536315773126601869537036602014639497662916952995546870691495931205282427606841521014293638607226118353743812583642616889028731910222603216563207637006843580936568089467160095319593442255227365472917576488012409542775346105980501967996562422764758836868135158147777193940857952623773420292946843206784104932927528915610322518810753953608862466374219925252817405397507396462117715293725218947744085154122395590957537510003558169729949140038634486299736757269280065662263306737701939154762092925061 RSA1 test key #2
+2048 65537 25587207108642486834576012232250034427766229965612147538722032399009467293691448851087324679403117563681753304072089087252850866332601294130674473984011813227791089686736237645788471744456489819306046398653719249100878753563464696688916667605969658659855996383142110932332560049231682024775766802333675397528993897914717996946881193454997890776063024953924432026083898531677702536941151535135950834711001926404724453460085864892836473957600610133803037286539329764689125111700732309717375455919436557475211197800228646235077584780367991159670572954337165006813357814232200750568307753718414790655085790471723847208627 RSA1 test key #2
diff --git a/crypto/openssh/regress/unittests/sshkey/testdata/rsa_1 b/crypto/openssh/regress/unittests/sshkey/testdata/rsa_1
index 09e79a7..5de3f84 100644
--- a/crypto/openssh/regress/unittests/sshkey/testdata/rsa_1
+++ b/crypto/openssh/regress/unittests/sshkey/testdata/rsa_1
@@ -1,12 +1,15 @@
 -----BEGIN RSA PRIVATE KEY-----
-MIIBywIBAAJhAM/6MDmVVm/uNQmZpOcthoAAgMDUg7G4H6ZLLyPEhboKaBBHvIdw
-ZdDmB+0LDf3D1aWXyUd2/pCkCysiBzqd/523zAzjY7HayqL6A940AxKBBbWLn+X6
-i2yJR7dTOYkk6QIDAQABAmAgKanBjfWzE5yCIo+c7K5rJyjCKVtAZaAHYIMmveKM
-VcWoFt/x9hDY0GoTX21HfDxLX8oDxnsmhsOrnvSmgUChFwkm45eSETqeVDWwIVFA
-FGL1s38xQsciWZWBFNppAIECMQD7nslReAxwz/Ad++ACXswfJg1l2wUQ1gJA3zh3
-jln6a4s3aV1zxbKlIn8iqBv0BZkCMQDTmO4WqyNnin73XCZs0DWu7GsfcuaH8QnD
-wqPjJgrclTZXedxHkeqO2oyZW4mLC9ECMBb/blsZ49kzyDiVWuYcj/+Q1MyodhAR
-32bagCi9RBAVYEYSRU5dlXRucLxULSnikQIxAJ5teY5Vcru6kZfJUifUuO0QrKAu
-WnbcPVBqMmUHfchsm/RhFFIt6W4uKmlEhTYrkQIxAMAStb7QCU3yU6ZkN7uL22Zs
-498i4jY6y+VEXv+L9O09VdlEnXhbUisOhy1bhyS3yg==
+MIICXAIBAAKBgQDLV5lUTt7FrADseB/CGhEZzpoojjEW5y8+ePvLppmK3MmMI18u
+d6vxzpK3bwZLYkVSyfJYI0HmIuGhdu7yMrW6wb84gbq8C31Xoe9EORcIUuGSvDKd
+NSM1SjlhDquRblDFB8kToqXyx1lqrXecXylxIUOL0jE+u0rU1967pDJx+wIDAQAB
+AoGAXyj5mpjmbD+YlxGIWz/zrM4hGsWgd4VteKEJxT6MMI4uzCRpkMd0ck8oHiwZ
+GAI/SwUzIsgtONQuH3AXVsUgghW4Ynn+8ksEv0IZ918WDMDwqvqkyrVzsOsZzqYj
+Pf8DUDKCpwFjnlknJ04yvWBZvVhWtY4OiZ8GV0Ttsu3k+GECQQD1YHfvBb5FdJBv
+Uhde2Il+jaFia8mwVVNNaiD2ECxXx6CzGz54ZLEB9NPVfDUZK8lJ4UJDqelWNh3i
+PF3RefWDAkEA1CVBzAFL4mNwpleVPzrfy69xP3gWOa26MxM/GE6zx9jC7HgQ3KPa
+WKdG/FuHs085aTRDaDLmGcZ8IvMuu7NgKQJAcIOKmxR0Gd8IN7NZugjqixggb0Pj
+mLKXXwESGiJyYtHL0zTj4Uqyi6Ya2GJ66o7UXscmnmYz828fJtTtZBdbRwJBALfi
+C2QvA32Zv/0PEXibKXy996WSC4G3ShwXZKtHHKHvCxY5BDSbehk59VesZrVPyG2e
+NYdOBxD0cIlCzJE56/ECQAndVkxvO8hwyEFGGwF3faHIAe/OxVb+MjaU25//Pe1/
+h/e6tlCk4w9CODpyV685gV394eYwMcGDcIkipTNUDZs=
 -----END RSA PRIVATE KEY-----
diff --git a/crypto/openssh/regress/unittests/sshkey/testdata/rsa_1-cert.fp b/crypto/openssh/regress/unittests/sshkey/testdata/rsa_1-cert.fp
index 1cf780d..79f380a 100644
--- a/crypto/openssh/regress/unittests/sshkey/testdata/rsa_1-cert.fp
+++ b/crypto/openssh/regress/unittests/sshkey/testdata/rsa_1-cert.fp
@@ -1 +1 @@
-MD5:be:27:4c:16:27:f5:04:03:62:a8:b7:91:df:a5:b1:3b
+SHA256:l6itGumSMcRBBAFteCgmjQBIXqLK/jFGUH3viHX1RmE
diff --git a/crypto/openssh/regress/unittests/sshkey/testdata/rsa_1-cert.pub b/crypto/openssh/regress/unittests/sshkey/testdata/rsa_1-cert.pub
index 51b1ce0..3bacf3c 100644
--- a/crypto/openssh/regress/unittests/sshkey/testdata/rsa_1-cert.pub
+++ b/crypto/openssh/regress/unittests/sshkey/testdata/rsa_1-cert.pub
@@ -1 +1 @@
-ssh-rsa-cert-v01@openssh.com AAAAHHNzaC1yc2EtY2VydC12MDFAb3BlbnNzaC5jb20AAAAg1i9Ueveqg9sFSGsEYmsQqlI+dpC3nqhucPfwBVo3DtcAAAADAQABAAAAYQDP+jA5lVZv7jUJmaTnLYaAAIDA1IOxuB+mSy8jxIW6CmgQR7yHcGXQ5gftCw39w9Wll8lHdv6QpAsrIgc6nf+dt8wM42Ox2sqi+gPeNAMSgQW1i5/l+otsiUe3UzmJJOkAAAAAAAAABQAAAAIAAAAGanVsaXVzAAAAEgAAAAVob3N0MQAAAAVob3N0MgAAAAA2i4NgAAAAAE0d4eAAAAAAAAAAAAAAAAAAAAAzAAAAC3NzaC1lZDI1NTE5AAAAILk95V5J3LKVx8bcLSB4073R7d0aAvR8gJrPvnV0D3MQAAAAUwAAAAtzc2gtZWQyNTUxOQAAAED0TLf2Mv2F9TBt1Skf/1vviUgt7bt9xvL5HqugnVDfKaEg+RNKgfa5Rtpteb39EODkH8v4FJPWlmNG0F9w0cYF rsa_1.pub
+ssh-rsa-cert-v01@openssh.com AAAAHHNzaC1yc2EtY2VydC12MDFAb3BlbnNzaC5jb20AAAAg98LhS2EHxLOWCLopZPwHdg/RJXusnkOqQXSc9R7aITkAAAADAQABAAAAgQDLV5lUTt7FrADseB/CGhEZzpoojjEW5y8+ePvLppmK3MmMI18ud6vxzpK3bwZLYkVSyfJYI0HmIuGhdu7yMrW6wb84gbq8C31Xoe9EORcIUuGSvDKdNSM1SjlhDquRblDFB8kToqXyx1lqrXecXylxIUOL0jE+u0rU1967pDJx+wAAAAAAAAAFAAAAAgAAAAZqdWxpdXMAAAASAAAABWhvc3QxAAAABWhvc3QyAAAAADaMAfAAAAAATR5gcAAAAAAAAAAAAAAAAAAAADMAAAALc3NoLWVkMjU1MTkAAAAgU4bqRjtF/hS0IW8/AqCj8HO1dyTbELhrZbIDfhe0jBkAAABTAAAAC3NzaC1lZDI1NTE5AAAAQI3QGlUCzC07KorupxpDkkGy6tniaZ8EvBflzvv+itXWNchGvfUeHmVT6aX0sRqehdz/lR+GmXRoZBhofwh0qAM= RSA test key #1
diff --git a/crypto/openssh/regress/unittests/sshkey/testdata/rsa_1.fp b/crypto/openssh/regress/unittests/sshkey/testdata/rsa_1.fp
index 1cf780d..79f380a 100644
--- a/crypto/openssh/regress/unittests/sshkey/testdata/rsa_1.fp
+++ b/crypto/openssh/regress/unittests/sshkey/testdata/rsa_1.fp
@@ -1 +1 @@
-MD5:be:27:4c:16:27:f5:04:03:62:a8:b7:91:df:a5:b1:3b
+SHA256:l6itGumSMcRBBAFteCgmjQBIXqLK/jFGUH3viHX1RmE
diff --git a/crypto/openssh/regress/unittests/sshkey/testdata/rsa_1.fp.bb b/crypto/openssh/regress/unittests/sshkey/testdata/rsa_1.fp.bb
index 448133b..45bacd5 100644
--- a/crypto/openssh/regress/unittests/sshkey/testdata/rsa_1.fp.bb
+++ b/crypto/openssh/regress/unittests/sshkey/testdata/rsa_1.fp.bb
@@ -1 +1 @@
-xetif-zuvul-nylyc-vykor-lumac-gyhyv-bacih-cimyk-sycen-gikym-pixax
+xosis-fodod-votot-dibum-ryvac-rediz-naruf-votun-kevis-halis-gexux
diff --git a/crypto/openssh/regress/unittests/sshkey/testdata/rsa_1.param.n b/crypto/openssh/regress/unittests/sshkey/testdata/rsa_1.param.n
index 2ffc2ba..4933712 100644
--- a/crypto/openssh/regress/unittests/sshkey/testdata/rsa_1.param.n
+++ b/crypto/openssh/regress/unittests/sshkey/testdata/rsa_1.param.n
@@ -1 +1 @@
-00cffa303995566fee350999a4e72d86800080c0d483b1b81fa64b2f23c485ba0a681047bc877065d0e607ed0b0dfdc3d5a597c94776fe90a40b2b22073a9dff9db7cc0ce363b1dacaa2fa03de3403128105b58b9fe5fa8b6c8947b753398924e9
+00cb5799544edec5ac00ec781fc21a1119ce9a288e3116e72f3e78fbcba6998adcc98c235f2e77abf1ce92b76f064b624552c9f2582341e622e1a176eef232b5bac1bf3881babc0b7d57a1ef4439170852e192bc329d3523354a39610eab916e50c507c913a2a5f2c7596aad779c5f297121438bd2313ebb4ad4d7debba43271fb
diff --git a/crypto/openssh/regress/unittests/sshkey/testdata/rsa_1.param.p b/crypto/openssh/regress/unittests/sshkey/testdata/rsa_1.param.p
index 4fcf148..4783d21 100644
--- a/crypto/openssh/regress/unittests/sshkey/testdata/rsa_1.param.p
+++ b/crypto/openssh/regress/unittests/sshkey/testdata/rsa_1.param.p
@@ -1 +1 @@
-00fb9ec951780c70cff01dfbe0025ecc1f260d65db0510d60240df38778e59fa6b8b37695d73c5b2a5227f22a81bf40599
+00f56077ef05be4574906f52175ed8897e8da1626bc9b055534d6a20f6102c57c7a0b31b3e7864b101f4d3d57c35192bc949e14243a9e956361de23c5dd179f583
diff --git a/crypto/openssh/regress/unittests/sshkey/testdata/rsa_1.param.q b/crypto/openssh/regress/unittests/sshkey/testdata/rsa_1.param.q
index 3473f51..00fc8a2 100644
--- a/crypto/openssh/regress/unittests/sshkey/testdata/rsa_1.param.q
+++ b/crypto/openssh/regress/unittests/sshkey/testdata/rsa_1.param.q
@@ -1 +1 @@
-00d398ee16ab23678a7ef75c266cd035aeec6b1f72e687f109c3c2a3e3260adc95365779dc4791ea8eda8c995b898b0bd1
+00d42541cc014be26370a657953f3adfcbaf713f781639adba33133f184eb3c7d8c2ec7810dca3da58a746fc5b87b34f396934436832e619c67c22f32ebbb36029
diff --git a/crypto/openssh/regress/unittests/sshkey/testdata/rsa_1.pub b/crypto/openssh/regress/unittests/sshkey/testdata/rsa_1.pub
index 889fdae..23ef872 100644
--- a/crypto/openssh/regress/unittests/sshkey/testdata/rsa_1.pub
+++ b/crypto/openssh/regress/unittests/sshkey/testdata/rsa_1.pub
@@ -1 +1 @@
-ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAYQDP+jA5lVZv7jUJmaTnLYaAAIDA1IOxuB+mSy8jxIW6CmgQR7yHcGXQ5gftCw39w9Wll8lHdv6QpAsrIgc6nf+dt8wM42Ox2sqi+gPeNAMSgQW1i5/l+otsiUe3UzmJJOk= RSA test key #1
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgQDLV5lUTt7FrADseB/CGhEZzpoojjEW5y8+ePvLppmK3MmMI18ud6vxzpK3bwZLYkVSyfJYI0HmIuGhdu7yMrW6wb84gbq8C31Xoe9EORcIUuGSvDKdNSM1SjlhDquRblDFB8kToqXyx1lqrXecXylxIUOL0jE+u0rU1967pDJx+w== RSA test key #1
diff --git a/crypto/openssh/regress/unittests/sshkey/testdata/rsa_1_pw b/crypto/openssh/regress/unittests/sshkey/testdata/rsa_1_pw
index 71637a5..b4c0674 100644
--- a/crypto/openssh/regress/unittests/sshkey/testdata/rsa_1_pw
+++ b/crypto/openssh/regress/unittests/sshkey/testdata/rsa_1_pw
@@ -1,15 +1,18 @@
 -----BEGIN RSA PRIVATE KEY-----
 Proc-Type: 4,ENCRYPTED
-DEK-Info: AES-128-CBC,1E851A01F12A49FDC256E7A665C61D4B
+DEK-Info: AES-128-CBC,0C3F819F6EEA66A471BAEEDDA8171606
 
-+sfWU7kg3idmHL6vShby5LXnfF4bZDPhJjv89uldae7qPEgEW8qS8o0Ssokxf7Au
-/vTQnbSB+gy/qZaUOykOzqiV1YL7UfkbOkM2QYnzzrVeGzI5RZ0G9iH8HBn2owQ+
-Ejf1UKDUVZEea5X0IwQRfE0zaZqFS4tyEex0iKz8dI4FvyabKLZsCs1DBGO7A3ml
-LgP947mh10yKWTP2fbq8LOhDUEWCXrh2NzuH6Rl5nNyC4MNQEkLzK1wL7J/WCNaL
-sciYmuqEQRDikDDQQFZw2wjBD638fhK+IhuN3VGegiXFnu5C+p9kzUvqVk4X9g2r
-BMmlP0pceFv/fEwtNNaeI2Tt7mIsWsZTmCqdzOUAYqGIiNjzykWw64nMO3TpVpbA
-i4854RhblbeiyjENbMVPU6BAk4fx7OJvDElLxwN43CS3U0MldbI7A4uG3B3RTSCj
-1rGxRNAHWC3q3zzrn6gLwrUVje4iTedaKItLIHQeo1A091Tr8AqQdZi/Ck2Ju0Hl
-4Qdwzjw1Y5n1Akm+EWh31ydxtUQ0YBOz/W6DKwTNA1D8oH9bZBG4f0pnvVhtttAO
-WKj+DUqMa+f3OOmQ9UXlitk2pEgjeMngTgfQnhZiCts=
+AhQNxgw7Z2un3dpm6KPHF1u5qVvOczm0yiTyPK4U11B3TTRhXOHdzPLAcKMX71Xq
+fmLm2/JIZATUbLTaysLKIQlmAgtpmXoKLv9b90R3AXLophgToZzOLpvlQTCt+y9G
+0E3QQZG/LFy9BLNyw6uD5cy0RHT3FQb5VQDwfBvR/I+K3qWBFLlb7Rw9bCujYczu
+D3bimcDj/k6YkrWVsEa81Ch5RF2RClOYufti6bsvc4xIsB0Kd++vokER+kXFuQqf
+Tl0Jz+SG0kr9QtjVvkhBtSxzJ6/olAosoUySQ5hqsB8iECufBgp1KelXqsHFJQXy
+gCvVmGiivFUinX0rKOuWCHTplsSKQ9BnPSwDAAs8A7ZLcTXcLs/hMQ5r6fmOYfNN
+YthhjZyE2ciJO0lydGJUJMb5aJUak0rl+uINRlYCHTRLVwmCOmpfqz9SfcJb1ieU
+4Us8NR+pXJar4U0+C2wVlNJkAdpL6GvYxN6vp7vLa+BiFwIZOQozswacIZk/ScXm
+QL9rmWug51RCmDeenX46WTEZeB0o0+xi60sDEDhhe4+iNYcJu5L0BJ5lqRFe3I5n
+HRRv1mBEjbF2fDcg/ChYfOXsc4gDivH2nObabeASuMFZyadmXfA8tnXRZf+7Wuy/
+LZGYbM2xLeEyV3ss16WBHuIqexDt04OEZvs0jN90zj6Yv7qKCB975bdOcuKkN2Nn
+n9lA11R2pgsCs6COp9rYiWXkXZeDf3sW6kdcEV+/SzkVsv4JlHcsIzgk4WGVF/E/
+ZkU4J9AvSdJPzEQDM+yszp0eeUow4+SAgpuNTqZiUO/2UUVbsr3qvlYMoCixhFAN
 -----END RSA PRIVATE KEY-----
diff --git a/crypto/openssh/regress/unittests/sshkey/testdata/rsa_2 b/crypto/openssh/regress/unittests/sshkey/testdata/rsa_2
index 058cf77..2441d52 100644
--- a/crypto/openssh/regress/unittests/sshkey/testdata/rsa_2
+++ b/crypto/openssh/regress/unittests/sshkey/testdata/rsa_2
@@ -1,27 +1,27 @@
 -----BEGIN RSA PRIVATE KEY-----
-MIIEowIBAAKCAQEAlDS/ygeFfsR/mhZK/XMHU/gzRogPuMQIYUd17WDjMprA6dQb
-ckTDrNm/mrf09I6YAhjgooEL16oWM1z6cesDE0KwaJsy6uTmXFMLO+Ha4mtFHhmu
-tiyJcQ9MKKr0vC64384WQZygZk0OlVz7x9WSPiGXzal5MzsX4TYq5B05o2Cb+epA
-FxK0c8cdYZD0Sy57gWRpRA3yJq4zh/hks98jzn0XA3HAJA39MKhUG5tf5e6z5BeP
-Yi5FvdnDQ9WcasRiEvkmHbg59pbgg/Lbsl6OgZQruS8hKiJ3YBARt2euCCeg7qAF
-KbXRR9TMwfphH3Ai4Oi/w6HPRAhdrwooA/gKkQIDAQABAoIBAH22OLB/rMaYmrvz
-COzvM1oQgD3lj6Bj98+8M9WEh3MXPWeaGSXWGjx1/0aXn1oJ0fqFa5Wr7IWkqmwr
-A+y5McSWntg8PPZt7tCFSFQlAetonhooIsA4CuUx2qHsUOeGoh6EyvAgkRX1atdb
-Jd6d1AyLph43EK1aBKltrvgLqiZfs7mcuwyvKtN9ktdKY2FDhn6DHpm9pE9MEHJV
-Xv1isNc6a0qNoRlKqxrSZHNEN4fbjLw31wBySzmmnIog5wVEwaHeASwLJT6TmuIZ
-eZxnd7/jMwRZWH8ZIGKvkTMp4fYzK9QkehO7A2HFD3FPDBVrkSJjqRdkujF8vu1C
-0RwrD1kCgYEAxFXUoE1ero6vp9akvR/mw94kYjXE/YOz1yi0KTkZUs6gURc8Kzsm
-MzlEZ31rnngE4jQHYAvuPEfiqcnUgylW3QuevMgo2hCLYO7aG5C0fk8TeOiuvnrF
-YPO8rSJWk/BgdrPtzu45P7jmWsjkHn+y+t8cKvq1sZY40sn2YgIhYK8CgYEAwT6j
-5tReI6sxpHltPUbvOdpD04eL6ggBAKwzb5aBoa/Dj+sU1zg5uyY8diggQEEznlBW
-iWTQmmmfy1ef9i6YAwNuZveKOrVwNMcdubQJ2X26XoFrmA59PjsbLtr1bdUb02gz
-6P5x6pcw5qzEq0mddgvHiU3RhL24xdc1LW8nmL8CgYEAmgaT1macPuklmNBlURGz
-4jll5b41GoW2EreWDzkCStpbHwLRa0DuCQWGSoI0aY/SlPsoRgtWDOiAQ59ZHsTR
-pnw1PfjxQ5HzJkp7xWBSmTzEE/jHDhwWuKa+gD0OGuVbaARkLhDpzLnrzZEIlXyt
-Fu7tlDI3VGh7j7Jtnhn5wXUCgYBKmPbGfcaVeFmih2lfFUn2CEbUmmetgUd5zf/R
-HMWP9/zDStlxt3e5winm5tiEVWcqvxKY2T0Zzppr8biDXTs7NpDg2MAYp7/X7+GO
-tWxz8/AE2WsCeN1qL4Dv1oCV1IV4V6pqUAcDqzeqZJlLEhDh5+wwGcU+u8pfPRN/
-JYCgmwKBgDa+kXPqzcc6vzD9cwEEk4ftn9/Vk2yBx0XOu8RdEkRhXj1QXGJckCqh
-FkXzVbuurFhsBt+H0B4arw+51T9fVCZqfcaU34u+Qa/FQvTod4OJUSRxYUaDqygs
-VTyuP+zGZlIw7JWktxjVazENsM/ef5wBH0Nf839OZbPVDLfn7K0j
+MIIEpAIBAAKCAQEA9NEUXp78SAkmL4+eAj4mBzPOjk+ccCPVzkTR+mZJdyTwkJAB
+HUN4cn4a2kTmh7Er+N8CXCsiqxIOV1GfH2fwaCiBlOEXeQJi/cMjxr9kVWO4FhC6
+l1UqbvPUdrUCUZjFTA9/Ah9MKgk7qGYq5SjE3p+sn4GLhRKbqmq9LjiHgMmkBuv/
+a1Slit+rXHzO2F8fH5hkjeHivyYVgw45aNvGCe2RRfbpoeW2mRtgIv7y9wSewt6a
+mhEDXSo/F6mkqA7xVinzro5NettEXLo91tA9Hb6f6x/Mc/GJDNXTKhpWCGeJ6xeW
+nAefDZORWAY7Y9YbuAxhEJVi9QL5NWoFOA0C6wIDAQABAoIBAQDtRGVVfwhKWHOl
+zK76xXjdqhwaWJXpKRHiI1jOMawpyKdNtAMgdW+apxUnTXePMurG/HuxEC09VvaH
+MhfhvD6G9BsCS1UQdnuyLRnTWVLIXyjeWcA9QtEpTy8vDSb+Je2xVaNmTybl5qTn
+BH22Mtj6Wg5XWJn7kplDhMdssGTDLsSCMw/rcxe9iT2qOKyltQal23RHzR7SijGp
+QTtBp2SDGhvMZcyGuyMqJ084W8sdJpbyVzdDim2iaZdHlk7uvW2n0HcJ56I6yhIq
+2U8wfgEEwydGVGHgmQNJ/n+SiT/hv6g5ebhDS46X9F9m5CHDwhdr0DrhPBVSsdhl
+1HeJ0+FhAoGBAPuC3uNHToiJis688juKlwc3SQ6ger5ffAg3yaNhEcpHkvOtdZlF
+/CfX94xazMov/YqFwkvpSSdKsX+PeXuaqnb1hPKNYX5t45U9RjB/ox7BIQj/2rPx
+Bfs99UFW9HKP4HsVmLu1xeJg1Pc9iylTK/xrnwfYiZ+H7IGVccizjnqHAoGBAPkv
+n1flAdxBzJH/O0rXoig2EtZsDRMPY51MGDdqVOW14ZOfTVlmu0OSnkSKQm2twfro
+TPDVb2TY3wTRutz8H9yOFW1c1Nz4YOyTb8FmJhE2FWAQ9t8QpwUlhn15if72dS/Y
+22+vP+AYu7wfqGL7QVVEXho5hGjXi053iEvfXBl9AoGAeZISpo1LGphRLgkKlVky
+E1zXxWgwrGB/FYHRx1UeQkZCc+K+Wy4G6kNr9r3VC04TIafx+Lt0jrd+AIibUfG6
+v/GBJ7TLEU+QmAycJskrUaxMiYsSbbPtDjoumDytv8pn2VbhEqqUUg44IqHu6DS5
+qDNlFWfHbgNHgIN6EmcoUXUCgYEAi2G57X4pRjx/4wIy9jAbggaNDuctgQXQoIGZ
+4hVWG49a+CnZKDKweKGgaZI0igjxQhmCQAwC3RP520Y9EbLtV38aOSv93QQJowrt
+Le6nSGVKG4whqrAz3EsbKUA8kiLldbgFNjl+ryjmidnjZEpKRxmQ0XZuu/4k6+Us
+ldQAPjkCgYBwjSm5eDUtK2eEPaBtbJykV05CTv5rn6CKC9L7ZBTkCcdU1hxeqe99
+wb22decnNawGRP1a5cGwqKJPOfkgybJVkdr6aqQW8ClzdFSaenjzs+nVW+T9JTXf
+9lFpIZg5kN/geld3B9B4C99riTM0jg9hbe2RQvpLRTrZbnWMA1XoRw==
 -----END RSA PRIVATE KEY-----
diff --git a/crypto/openssh/regress/unittests/sshkey/testdata/rsa_2.fp b/crypto/openssh/regress/unittests/sshkey/testdata/rsa_2.fp
index 8d43676..4659639 100644
--- a/crypto/openssh/regress/unittests/sshkey/testdata/rsa_2.fp
+++ b/crypto/openssh/regress/unittests/sshkey/testdata/rsa_2.fp
@@ -1 +1 @@
-MD5:fb:8f:7b:26:3d:42:40:ef:ed:f1:ed:ee:66:9e:ba:b0
+SHA256:NoQh0XBUuYUSWqnzOzOBnfpgJTRWLMj7BlWAb8IbjeE
diff --git a/crypto/openssh/regress/unittests/sshkey/testdata/rsa_2.fp.bb b/crypto/openssh/regress/unittests/sshkey/testdata/rsa_2.fp.bb
index e90a357..e9d1e4a 100644
--- a/crypto/openssh/regress/unittests/sshkey/testdata/rsa_2.fp.bb
+++ b/crypto/openssh/regress/unittests/sshkey/testdata/rsa_2.fp.bb
@@ -1 +1 @@
-xepev-gupub-vuvyg-femiv-gonat-defiv-hirak-betub-pahut-veryd-hexix
+xogit-gupof-mydon-hocep-zuval-feson-rarif-cefar-tobar-ryvap-kuxex
diff --git a/crypto/openssh/regress/unittests/sshkey/testdata/rsa_2.param.n b/crypto/openssh/regress/unittests/sshkey/testdata/rsa_2.param.n
index 389de42..a669dbf 100644
--- a/crypto/openssh/regress/unittests/sshkey/testdata/rsa_2.param.n
+++ b/crypto/openssh/regress/unittests/sshkey/testdata/rsa_2.param.n
@@ -1 +1 @@
-009434bfca07857ec47f9a164afd730753f83346880fb8c408614775ed60e3329ac0e9d41b7244c3acd9bf9ab7f4f48e980218e0a2810bd7aa16335cfa71eb031342b0689b32eae4e65c530b3be1dae26b451e19aeb62c89710f4c28aaf4bc2eb8dfce16419ca0664d0e955cfbc7d5923e2197cda979333b17e1362ae41d39a3609bf9ea401712b473c71d6190f44b2e7b816469440df226ae3387f864b3df23ce7d170371c0240dfd30a8541b9b5fe5eeb3e4178f622e45bdd9c343d59c6ac46212f9261db839f696e083f2dbb25e8e81942bb92f212a2277601011b767ae0827a0eea00529b5d147d4ccc1fa611f7022e0e8bfc3a1cf44085daf0a2803f80a91
+00f4d1145e9efc4809262f8f9e023e260733ce8e4f9c7023d5ce44d1fa66497724f09090011d4378727e1ada44e687b12bf8df025c2b22ab120e57519f1f67f068288194e117790262fdc323c6bf645563b81610ba97552a6ef3d476b5025198c54c0f7f021f4c2a093ba8662ae528c4de9fac9f818b85129baa6abd2e388780c9a406ebff6b54a58adfab5c7cced85f1f1f98648de1e2bf2615830e3968dbc609ed9145f6e9a1e5b6991b6022fef2f7049ec2de9a9a11035d2a3f17a9a4a80ef15629f3ae8e4d7adb445cba3dd6d03d1dbe9feb1fcc73f1890cd5d32a1a56086789eb17969c079f0d939158063b63d61bb80c61109562f502f9356a05380d02eb
diff --git a/crypto/openssh/regress/unittests/sshkey/testdata/rsa_2.param.p b/crypto/openssh/regress/unittests/sshkey/testdata/rsa_2.param.p
index c3c9a13..be7c1c3 100644
--- a/crypto/openssh/regress/unittests/sshkey/testdata/rsa_2.param.p
+++ b/crypto/openssh/regress/unittests/sshkey/testdata/rsa_2.param.p
@@ -1 +1 @@
-00c455d4a04d5eae8eafa7d6a4bd1fe6c3de246235c4fd83b3d728b429391952cea051173c2b3b26333944677d6b9e7804e23407600bee3c47e2a9c9d4832956dd0b9ebcc828da108b60eeda1b90b47e4f1378e8aebe7ac560f3bcad225693f06076b3edceee393fb8e65ac8e41e7fb2fadf1c2afab5b19638d2c9f662022160af
+00fb82dee3474e88898acebcf23b8a970737490ea07abe5f7c0837c9a36111ca4792f3ad759945fc27d7f78c5accca2ffd8a85c24be949274ab17f8f797b9aaa76f584f28d617e6de3953d46307fa31ec12108ffdab3f105fb3df54156f4728fe07b1598bbb5c5e260d4f73d8b29532bfc6b9f07d8899f87ec819571c8b38e7a87
diff --git a/crypto/openssh/regress/unittests/sshkey/testdata/rsa_2.param.q b/crypto/openssh/regress/unittests/sshkey/testdata/rsa_2.param.q
index 728c474..6f2c542 100644
--- a/crypto/openssh/regress/unittests/sshkey/testdata/rsa_2.param.q
+++ b/crypto/openssh/regress/unittests/sshkey/testdata/rsa_2.param.q
@@ -1 +1 @@
-00c13ea3e6d45e23ab31a4796d3d46ef39da43d3878bea080100ac336f9681a1afc38feb14d73839bb263c7628204041339e50568964d09a699fcb579ff62e9803036e66f78a3ab57034c71db9b409d97dba5e816b980e7d3e3b1b2edaf56dd51bd36833e8fe71ea9730e6acc4ab499d760bc7894dd184bdb8c5d7352d6f2798bf
+00f92f9f57e501dc41cc91ff3b4ad7a2283612d66c0d130f639d4c18376a54e5b5e1939f4d5966bb43929e448a426dadc1fae84cf0d56f64d8df04d1badcfc1fdc8e156d5cd4dcf860ec936fc166261136156010f6df10a70525867d7989fef6752fd8db6faf3fe018bbbc1fa862fb4155445e1a398468d78b4e77884bdf5c197d
diff --git a/crypto/openssh/regress/unittests/sshkey/testdata/rsa_2.pub b/crypto/openssh/regress/unittests/sshkey/testdata/rsa_2.pub
index ed9f78c..3322fbc 100644
--- a/crypto/openssh/regress/unittests/sshkey/testdata/rsa_2.pub
+++ b/crypto/openssh/regress/unittests/sshkey/testdata/rsa_2.pub
@@ -1 +1 @@
-ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCUNL/KB4V+xH+aFkr9cwdT+DNGiA+4xAhhR3XtYOMymsDp1BtyRMOs2b+at/T0jpgCGOCigQvXqhYzXPpx6wMTQrBomzLq5OZcUws74dria0UeGa62LIlxD0woqvS8LrjfzhZBnKBmTQ6VXPvH1ZI+IZfNqXkzOxfhNirkHTmjYJv56kAXErRzxx1hkPRLLnuBZGlEDfImrjOH+GSz3yPOfRcDccAkDf0wqFQbm1/l7rPkF49iLkW92cND1ZxqxGIS+SYduDn2luCD8tuyXo6BlCu5LyEqIndgEBG3Z64IJ6DuoAUptdFH1MzB+mEfcCLg6L/Doc9ECF2vCigD+AqR RSA test key #2
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD00RRenvxICSYvj54CPiYHM86OT5xwI9XORNH6Zkl3JPCQkAEdQ3hyfhraROaHsSv43wJcKyKrEg5XUZ8fZ/BoKIGU4Rd5AmL9wyPGv2RVY7gWELqXVSpu89R2tQJRmMVMD38CH0wqCTuoZirlKMTen6yfgYuFEpuqar0uOIeAyaQG6/9rVKWK36tcfM7YXx8fmGSN4eK/JhWDDjlo28YJ7ZFF9umh5baZG2Ai/vL3BJ7C3pqaEQNdKj8XqaSoDvFWKfOujk1620Rcuj3W0D0dvp/rH8xz8YkM1dMqGlYIZ4nrF5acB58Nk5FYBjtj1hu4DGEQlWL1Avk1agU4DQLr RSA test key #2
diff --git a/crypto/openssh/regress/unittests/sshkey/testdata/rsa_n b/crypto/openssh/regress/unittests/sshkey/testdata/rsa_n
index 09e79a7..5de3f84 100644
--- a/crypto/openssh/regress/unittests/sshkey/testdata/rsa_n
+++ b/crypto/openssh/regress/unittests/sshkey/testdata/rsa_n
@@ -1,12 +1,15 @@
 -----BEGIN RSA PRIVATE KEY-----
-MIIBywIBAAJhAM/6MDmVVm/uNQmZpOcthoAAgMDUg7G4H6ZLLyPEhboKaBBHvIdw
-ZdDmB+0LDf3D1aWXyUd2/pCkCysiBzqd/523zAzjY7HayqL6A940AxKBBbWLn+X6
-i2yJR7dTOYkk6QIDAQABAmAgKanBjfWzE5yCIo+c7K5rJyjCKVtAZaAHYIMmveKM
-VcWoFt/x9hDY0GoTX21HfDxLX8oDxnsmhsOrnvSmgUChFwkm45eSETqeVDWwIVFA
-FGL1s38xQsciWZWBFNppAIECMQD7nslReAxwz/Ad++ACXswfJg1l2wUQ1gJA3zh3
-jln6a4s3aV1zxbKlIn8iqBv0BZkCMQDTmO4WqyNnin73XCZs0DWu7GsfcuaH8QnD
-wqPjJgrclTZXedxHkeqO2oyZW4mLC9ECMBb/blsZ49kzyDiVWuYcj/+Q1MyodhAR
-32bagCi9RBAVYEYSRU5dlXRucLxULSnikQIxAJ5teY5Vcru6kZfJUifUuO0QrKAu
-WnbcPVBqMmUHfchsm/RhFFIt6W4uKmlEhTYrkQIxAMAStb7QCU3yU6ZkN7uL22Zs
-498i4jY6y+VEXv+L9O09VdlEnXhbUisOhy1bhyS3yg==
+MIICXAIBAAKBgQDLV5lUTt7FrADseB/CGhEZzpoojjEW5y8+ePvLppmK3MmMI18u
+d6vxzpK3bwZLYkVSyfJYI0HmIuGhdu7yMrW6wb84gbq8C31Xoe9EORcIUuGSvDKd
+NSM1SjlhDquRblDFB8kToqXyx1lqrXecXylxIUOL0jE+u0rU1967pDJx+wIDAQAB
+AoGAXyj5mpjmbD+YlxGIWz/zrM4hGsWgd4VteKEJxT6MMI4uzCRpkMd0ck8oHiwZ
+GAI/SwUzIsgtONQuH3AXVsUgghW4Ynn+8ksEv0IZ918WDMDwqvqkyrVzsOsZzqYj
+Pf8DUDKCpwFjnlknJ04yvWBZvVhWtY4OiZ8GV0Ttsu3k+GECQQD1YHfvBb5FdJBv
+Uhde2Il+jaFia8mwVVNNaiD2ECxXx6CzGz54ZLEB9NPVfDUZK8lJ4UJDqelWNh3i
+PF3RefWDAkEA1CVBzAFL4mNwpleVPzrfy69xP3gWOa26MxM/GE6zx9jC7HgQ3KPa
+WKdG/FuHs085aTRDaDLmGcZ8IvMuu7NgKQJAcIOKmxR0Gd8IN7NZugjqixggb0Pj
+mLKXXwESGiJyYtHL0zTj4Uqyi6Ya2GJ66o7UXscmnmYz828fJtTtZBdbRwJBALfi
+C2QvA32Zv/0PEXibKXy996WSC4G3ShwXZKtHHKHvCxY5BDSbehk59VesZrVPyG2e
+NYdOBxD0cIlCzJE56/ECQAndVkxvO8hwyEFGGwF3faHIAe/OxVb+MjaU25//Pe1/
+h/e6tlCk4w9CODpyV685gV394eYwMcGDcIkipTNUDZs=
 -----END RSA PRIVATE KEY-----
diff --git a/crypto/openssh/regress/unittests/sshkey/testdata/rsa_n_pw b/crypto/openssh/regress/unittests/sshkey/testdata/rsa_n_pw
index 0166fd5..dc18373 100644
--- a/crypto/openssh/regress/unittests/sshkey/testdata/rsa_n_pw
+++ b/crypto/openssh/regress/unittests/sshkey/testdata/rsa_n_pw
@@ -1,14 +1,17 @@
 -----BEGIN OPENSSH PRIVATE KEY-----
-b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jYmMAAAAGYmNyeXB0AAAAGAAAABClELgtaZ
-qAmMwESpqXDN0uAAAAEAAAAAEAAAB3AAAAB3NzaC1yc2EAAAADAQABAAAAYQDP+jA5lVZv
-7jUJmaTnLYaAAIDA1IOxuB+mSy8jxIW6CmgQR7yHcGXQ5gftCw39w9Wll8lHdv6QpAsrIg
-c6nf+dt8wM42Ox2sqi+gPeNAMSgQW1i5/l+otsiUe3UzmJJOkAAAGgwJpHy/nshQa9+Jbw
-yomvgNMYvuuoD7Ll7iCY/RFFGXivTkki27C9q0qx3afauSLQQWFanGhjeJn7JPy98lMcVl
-qnn5XOE5+xxZqA8ONOBD8eH0KBcTH17DH1A1z94p5zZ1VJKIWsBZ0krxgHIXcdv9ucAckj
-N0vAEBm+0wsfy2TTOtuqXvcj65wFwknpyy/SSvU0QTr99FiYe9PIhIslBHO6wlqxfKj+Tm
-E/nCb75dAVu6gTtS2P0pdOqV/V7VHX5C0z3BROqpKDJJcVeoc7vRkEl+MWfvvQrG66IPEW
-luohFXPDPDrxu1zDduyRsmNwpBHChi2rFhxtsjxNK0svMwESeCCKAWmPxnzLJfvMbTCv00
-SpaCr7WhtzsGt73axqSkeOdynp5NNrN7MEdwruMZFirF4BcI2z2H9ugpS+qbLPuE2H5vln
-h7NSwBUNwmZ+4TC8MXFH9KIpRg8dNhf66OU610LYiN4+ZfOYCmfQfgQuBGhMTYFMY6O4SB
-NCdIavvWY6rDSBq7QC1f4rHpwiXxpkiE43Rd8fM32TaPlBPtA=
+b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jYmMAAAAGYmNyeXB0AAAAGAAAABAFw/Wg/V
+I5SAXWj/HJr9qeAAAAEAAAAAEAAACXAAAAB3NzaC1yc2EAAAADAQABAAAAgQDLV5lUTt7F
+rADseB/CGhEZzpoojjEW5y8+ePvLppmK3MmMI18ud6vxzpK3bwZLYkVSyfJYI0HmIuGhdu
+7yMrW6wb84gbq8C31Xoe9EORcIUuGSvDKdNSM1SjlhDquRblDFB8kToqXyx1lqrXecXylx
+IUOL0jE+u0rU1967pDJx+wAAAgD1iSGiMlMJt2VH4kx5yr0wCJS+4UOmX0bxKO7UH5Jcul
+K5eaSe5ZoKE7hTYBaz0K5dRF/0fqLsvVZlE4quDjFLN6Hyavgn2W/QM7SUqBHgRMal9pgH
+LnxX6mFNWJ+4yb7f3bcbVIdgmMm3sT9Xjwaf5xgzNlR2mkUWtFwjyQh6FxUo5apNzqNBwO
+l2Q4xfmyZTp1s++pStQ/su6obXpxnE2Nx5G/D84ZL5iWl+njUy/MvJTazHRbiTSyihU+UA
+mUr5ZNuP3WUYY+h3KVlHpYHJYB7l3AMTKuPMFLhY9V7BJ+DuKPaqBgX4hvRzY0eVQiFr61
+ovjWjvfu1ulx550JqdYCgH2PpP0E89OQne35Cxs9QPThfe8DKojC9YquYh9zmVTvr7kNiE
+Soluk/7oKpQIDaC+/SRk7AJ2e3Cbt1lXyGNn37PuqaaC/apaF/DOD6Yig9aClS7jOUrT96
+56trFAYfHEIKbRCUSMCiM1+x6HOLYf5ROrGE9KxT3kUD9XMsMpTva+cPpHUpbGpXcYE10N
+MyYDz+V5M2/ZoIdEhscJNQ3UnhaZpeEaqcOyNyo90n3Dnaw/WpMDD/kNMGfm8daTaYInnQ
+QnwA2gwlYfpTAqxE71oXgOuGmtA0yqJB4778Xq26Pb+B7/mZZZe6n0FVmiNC+ZG37ZGOw/
+iGL9e2Sxzw==
 -----END OPENSSH PRIVATE KEY-----
diff --git a/crypto/openssh/sandbox-systrace.c b/crypto/openssh/sandbox-systrace.c
index 03b0d40..3830ed1 100644
--- a/crypto/openssh/sandbox-systrace.c
+++ b/crypto/openssh/sandbox-systrace.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sandbox-systrace.c,v 1.16 2015/06/29 22:35:12 djm Exp $ */
+/* $OpenBSD: sandbox-systrace.c,v 1.17 2015/07/27 16:29:23 guenther Exp $ */
 /*
  * Copyright (c) 2011 Damien Miller <djm@mindrot.org>
  *
@@ -63,6 +63,9 @@ static const struct sandbox_policy preauth_policy[] = {
 	{ SYS_getpid, SYSTR_POLICY_PERMIT },
 	{ SYS_getpgid, SYSTR_POLICY_PERMIT },
 	{ SYS_gettimeofday, SYSTR_POLICY_PERMIT },
+#ifdef SYS_kbind
+	{ SYS_kbind, SYSTR_POLICY_PERMIT },
+#endif
 	{ SYS_madvise, SYSTR_POLICY_PERMIT },
 	{ SYS_mmap, SYSTR_POLICY_PERMIT },
 	{ SYS_mprotect, SYSTR_POLICY_PERMIT },
diff --git a/crypto/openssh/scp.0 b/crypto/openssh/scp.0
deleted file mode 100644
index 3f309fe..0000000
--- a/crypto/openssh/scp.0
+++ /dev/null
@@ -1,164 +0,0 @@
-SCP(1)                      General Commands Manual                     SCP(1)
-
-NAME
-     scp M-bM-^@M-^S secure copy (remote file copy program)
-
-SYNOPSIS
-     scp [-12346BCpqrv] [-c cipher] [-F ssh_config] [-i identity_file]
-         [-l limit] [-o ssh_option] [-P port] [-S program]
-         [[user@]host1:]file1 ... [[user@]host2:]file2
-
-DESCRIPTION
-     scp copies files between hosts on a network.  It uses ssh(1) for data
-     transfer, and uses the same authentication and provides the same security
-     as ssh(1).  scp will ask for passwords or passphrases if they are needed
-     for authentication.
-
-     File names may contain a user and host specification to indicate that the
-     file is to be copied to/from that host.  Local file names can be made
-     explicit using absolute or relative pathnames to avoid scp treating file
-     names containing M-bM-^@M-^X:M-bM-^@M-^Y as host specifiers.  Copies between two remote hosts
-     are also permitted.
-
-     The options are as follows:
-
-     -1      Forces scp to use protocol 1.
-
-     -2      Forces scp to use protocol 2.
-
-     -3      Copies between two remote hosts are transferred through the local
-             host.  Without this option the data is copied directly between
-             the two remote hosts.  Note that this option disables the
-             progress meter.
-
-     -4      Forces scp to use IPv4 addresses only.
-
-     -6      Forces scp to use IPv6 addresses only.
-
-     -B      Selects batch mode (prevents asking for passwords or
-             passphrases).
-
-     -C      Compression enable.  Passes the -C flag to ssh(1) to enable
-             compression.
-
-     -c cipher
-             Selects the cipher to use for encrypting the data transfer.  This
-             option is directly passed to ssh(1).
-
-     -F ssh_config
-             Specifies an alternative per-user configuration file for ssh.
-             This option is directly passed to ssh(1).
-
-     -i identity_file
-             Selects the file from which the identity (private key) for public
-             key authentication is read.  This option is directly passed to
-             ssh(1).
-
-     -l limit
-             Limits the used bandwidth, specified in Kbit/s.
-
-     -o ssh_option
-             Can be used to pass options to ssh in the format used in
-             ssh_config(5).  This is useful for specifying options for which
-             there is no separate scp command-line flag.  For full details of
-             the options listed below, and their possible values, see
-             ssh_config(5).
-
-                   AddressFamily
-                   BatchMode
-                   BindAddress
-                   CanonicalDomains
-                   CanonicalizeFallbackLocal
-                   CanonicalizeHostname
-                   CanonicalizeMaxDots
-                   CanonicalizePermittedCNAMEs
-                   ChallengeResponseAuthentication
-                   CheckHostIP
-                   Cipher
-                   Ciphers
-                   Compression
-                   CompressionLevel
-                   ConnectionAttempts
-                   ConnectTimeout
-                   ControlMaster
-                   ControlPath
-                   ControlPersist
-                   GlobalKnownHostsFile
-                   GSSAPIAuthentication
-                   GSSAPIDelegateCredentials
-                   HashKnownHosts
-                   Host
-                   HostbasedAuthentication
-                   HostbasedKeyTypes
-                   HostKeyAlgorithms
-                   HostKeyAlias
-                   HostName
-                   IdentityFile
-                   IdentitiesOnly
-                   IPQoS
-                   KbdInteractiveAuthentication
-                   KbdInteractiveDevices
-                   KexAlgorithms
-                   LogLevel
-                   MACs
-                   NoHostAuthenticationForLocalhost
-                   NumberOfPasswordPrompts
-                   PasswordAuthentication
-                   PKCS11Provider
-                   Port
-                   PreferredAuthentications
-                   Protocol
-                   ProxyCommand
-                   PubkeyAuthentication
-                   RekeyLimit
-                   RhostsRSAAuthentication
-                   RSAAuthentication
-                   SendEnv
-                   ServerAliveInterval
-                   ServerAliveCountMax
-                   StrictHostKeyChecking
-                   TCPKeepAlive
-                   UpdateHostKeys
-                   UsePrivilegedPort
-                   User
-                   UserKnownHostsFile
-                   VerifyHostKeyDNS
-
-     -P port
-             Specifies the port to connect to on the remote host.  Note that
-             this option is written with a capital M-bM-^@M-^XPM-bM-^@M-^Y, because -p is already
-             reserved for preserving the times and modes of the file.
-
-     -p      Preserves modification times, access times, and modes from the
-             original file.
-
-     -q      Quiet mode: disables the progress meter as well as warning and
-             diagnostic messages from ssh(1).
-
-     -r      Recursively copy entire directories.  Note that scp follows
-             symbolic links encountered in the tree traversal.
-
-     -S program
-             Name of program to use for the encrypted connection.  The program
-             must understand ssh(1) options.
-
-     -v      Verbose mode.  Causes scp and ssh(1) to print debugging messages
-             about their progress.  This is helpful in debugging connection,
-             authentication, and configuration problems.
-
-EXIT STATUS
-     The scp utility exitsM-BM- 0 on success, andM-BM- >0 if an error occurs.
-
-SEE ALSO
-     sftp(1), ssh(1), ssh-add(1), ssh-agent(1), ssh-keygen(1), ssh_config(5),
-     sshd(8)
-
-HISTORY
-     scp is based on the rcp program in BSD source code from the Regents of
-     the University of California.
-
-AUTHORS
-     Timo Rinne <tri@iki.fi>
-     Tatu Ylonen <ylo@cs.hut.fi>
-
-OpenBSD 5.7                    January 30, 2015                    OpenBSD 5.7
diff --git a/crypto/openssh/scp.1 b/crypto/openssh/scp.1
index 0e84780..279b0d7 100644
--- a/crypto/openssh/scp.1
+++ b/crypto/openssh/scp.1
@@ -8,9 +8,9 @@
 .\"
 .\" Created: Sun May  7 00:14:37 1995 ylo
 .\"
-.\" $OpenBSD: scp.1,v 1.66 2015/01/30 11:43:14 djm Exp $
+.\" $OpenBSD: scp.1,v 1.67 2015/07/10 06:21:53 markus Exp $
 .\"
-.Dd $Mdocdate: January 30 2015 $
+.Dd $Mdocdate: July 10 2015 $
 .Dt SCP 1
 .Os
 .Sh NAME
@@ -170,6 +170,7 @@ For full details of the options listed below, and their possible values, see
 .It PreferredAuthentications
 .It Protocol
 .It ProxyCommand
+.It PubkeyAcceptedKeyTypes
 .It PubkeyAuthentication
 .It RekeyLimit
 .It RhostsRSAAuthentication
diff --git a/crypto/openssh/servconf.c b/crypto/openssh/servconf.c
index a997cef..ff61471 100644
--- a/crypto/openssh/servconf.c
+++ b/crypto/openssh/servconf.c
@@ -1,4 +1,5 @@
-/* $OpenBSD: servconf.c,v 1.274 2015/07/01 02:32:17 djm Exp $ */
+
+/* $OpenBSD: servconf.c,v 1.280 2015/08/06 14:53:21 deraadt Exp $ */
 /*
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
  *                    All rights reserved
@@ -109,6 +110,7 @@ initialize_server_options(ServerOptions *options)
 	options->hostbased_authentication = -1;
 	options->hostbased_uses_name_from_packet_only = -1;
 	options->hostbased_key_types = NULL;
+	options->hostkeyalgorithms = NULL;
 	options->rsa_authentication = -1;
 	options->pubkey_authentication = -1;
 	options->pubkey_key_types = NULL;
@@ -190,6 +192,8 @@ fill_default_server_options(ServerOptions *options)
 	/* Standard Options */
 	if (options->protocol == SSH_PROTO_UNKNOWN)
 		options->protocol = SSH_PROTO_2;
+	if (options->protocol & SSH_PROTO_1)
+		error("WARNING: SSH protocol version 1 enabled");
 	if (options->num_host_key_files == 0) {
 		/* fill default hostkeys for protocols */
 		if (options->protocol & SSH_PROTO_1)
@@ -259,14 +263,12 @@ fill_default_server_options(ServerOptions *options)
 		options->hostbased_authentication = 0;
 	if (options->hostbased_uses_name_from_packet_only == -1)
 		options->hostbased_uses_name_from_packet_only = 0;
-	if (options->hostbased_key_types == NULL)
-		options->hostbased_key_types = xstrdup("*");
+	if (options->hostkeyalgorithms == NULL)
+		options->hostkeyalgorithms = xstrdup(KEX_DEFAULT_PK_ALG);
 	if (options->rsa_authentication == -1)
 		options->rsa_authentication = 1;
 	if (options->pubkey_authentication == -1)
 		options->pubkey_authentication = 1;
-	if (options->pubkey_key_types == NULL)
-		options->pubkey_key_types = xstrdup("*");
 	if (options->kerberos_authentication == -1)
 		options->kerberos_authentication = 0;
 	if (options->kerberos_or_local_passwd == -1)
@@ -343,6 +345,16 @@ fill_default_server_options(ServerOptions *options)
 		options->fwd_opts.streamlocal_bind_unlink = 0;
 	if (options->fingerprint_hash == -1)
 		options->fingerprint_hash = SSH_FP_HASH_DEFAULT;
+
+	if (kex_assemble_names(KEX_SERVER_ENCRYPT, &options->ciphers) != 0 ||
+	    kex_assemble_names(KEX_SERVER_MAC, &options->macs) != 0 ||
+	    kex_assemble_names(KEX_SERVER_KEX, &options->kex_algorithms) != 0 ||
+	    kex_assemble_names(KEX_DEFAULT_PK_ALG,
+	    &options->hostbased_key_types) != 0 ||
+	    kex_assemble_names(KEX_DEFAULT_PK_ALG,
+	    &options->pubkey_key_types) != 0)
+		fatal("%s: kex_assemble_names failed", __func__);
+
 	/* Turn privilege separation on by default */
 	if (use_privsep == -1)
 		use_privsep = PRIVSEP_ON;
@@ -401,6 +413,7 @@ typedef enum {
 	sXAuthLocation, sSubsystem, sMaxStartups, sMaxAuthTries, sMaxSessions,
 	sBanner, sUseDNS, sHostbasedAuthentication,
 	sHostbasedUsesNameFromPacketOnly, sHostbasedAcceptedKeyTypes,
+	sHostKeyAlgorithms,
 	sClientAliveInterval, sClientAliveCountMax, sAuthorizedKeysFile,
 	sGssAuthentication, sGssCleanupCreds, sGssStrictAcceptor,
 	sAcceptEnv, sPermitTunnel,
@@ -451,6 +464,7 @@ static struct {
 	{ "hostbasedauthentication", sHostbasedAuthentication, SSHCFG_ALL },
 	{ "hostbasedusesnamefrompacketonly", sHostbasedUsesNameFromPacketOnly, SSHCFG_ALL },
 	{ "hostbasedacceptedkeytypes", sHostbasedAcceptedKeyTypes, SSHCFG_ALL },
+	{ "hostkeyalgorithms", sHostKeyAlgorithms, SSHCFG_GLOBAL },
 	{ "rsaauthentication", sRSAAuthentication, SSHCFG_ALL },
 	{ "pubkeyauthentication", sPubkeyAuthentication, SSHCFG_ALL },
 	{ "pubkeyacceptedkeytypes", sPubkeyAcceptedKeyTypes, SSHCFG_ALL },
@@ -551,6 +565,7 @@ static struct {
 	{ "streamlocalbindunlink", sStreamLocalBindUnlink, SSHCFG_ALL },
 	{ "allowstreamlocalforwarding", sAllowStreamLocalForwarding, SSHCFG_ALL },
 	{ "fingerprinthash", sFingerprintHash, SSHCFG_GLOBAL },
+	{ "noneenabled", sUnsupported, SSHCFG_ALL },
 	{ "hpndisabled", sDeprecated, SSHCFG_ALL },
 	{ "hpnbuffersize", sDeprecated, SSHCFG_ALL },
 	{ "tcprcvbufpoll", sDeprecated, SSHCFG_ALL },
@@ -909,6 +924,7 @@ static const struct multistate multistate_addressfamily[] = {
 };
 static const struct multistate multistate_permitrootlogin[] = {
 	{ "without-password",		PERMIT_NO_PASSWD },
+	{ "prohibit-password",		PERMIT_NO_PASSWD },
 	{ "forced-commands-only",	PERMIT_FORCED_ONLY },
 	{ "yes",			PERMIT_YES },
 	{ "no",				PERMIT_NO },
@@ -1180,13 +1196,17 @@ process_server_config_line(ServerOptions *options, char *line,
 		if (!arg || *arg == '\0')
 			fatal("%s line %d: Missing argument.",
 			    filename, linenum);
-		if (!sshkey_names_valid2(arg, 1))
+		if (!sshkey_names_valid2(*arg == '+' ? arg + 1 : arg, 1))
 			fatal("%s line %d: Bad key types '%s'.",
 			    filename, linenum, arg ? arg : "<NONE>");
 		if (*activep && *charptr == NULL)
 			*charptr = xstrdup(arg);
 		break;
 
+	case sHostKeyAlgorithms:
+		charptr = &options->hostkeyalgorithms;
+		goto parse_keytypes;
+
 	case sRSAAuthentication:
 		intptr = &options->rsa_authentication;
 		goto parse_flag;
@@ -1429,7 +1449,7 @@ process_server_config_line(ServerOptions *options, char *line,
 		arg = strdelim(&cp);
 		if (!arg || *arg == '\0')
 			fatal("%s line %d: Missing argument.", filename, linenum);
-		if (!ciphers_valid(arg))
+		if (!ciphers_valid(*arg == '+' ? arg + 1 : arg))
 			fatal("%s line %d: Bad SSH2 cipher spec '%s'.",
 			    filename, linenum, arg ? arg : "<NONE>");
 		if (options->ciphers == NULL)
@@ -1440,7 +1460,7 @@ process_server_config_line(ServerOptions *options, char *line,
 		arg = strdelim(&cp);
 		if (!arg || *arg == '\0')
 			fatal("%s line %d: Missing argument.", filename, linenum);
-		if (!mac_valid(arg))
+		if (!mac_valid(*arg == '+' ? arg + 1 : arg))
 			fatal("%s line %d: Bad SSH2 mac spec '%s'.",
 			    filename, linenum, arg ? arg : "<NONE>");
 		if (options->macs == NULL)
@@ -1452,7 +1472,7 @@ process_server_config_line(ServerOptions *options, char *line,
 		if (!arg || *arg == '\0')
 			fatal("%s line %d: Missing argument.",
 			    filename, linenum);
-		if (!kex_names_valid(arg))
+		if (!kex_names_valid(*arg == '+' ? arg + 1 : arg))
 			fatal("%s line %d: Bad SSH2 KexAlgorithms '%s'.",
 			    filename, linenum, arg ? arg : "<NONE>");
 		if (options->kex_algorithms == NULL)
@@ -2284,6 +2304,8 @@ dump_config(ServerOptions *o)
 	    o->kex_algorithms ? o->kex_algorithms : KEX_SERVER_KEX);
 	dump_cfg_string(sHostbasedAcceptedKeyTypes, o->hostbased_key_types ?
 	    o->hostbased_key_types : KEX_DEFAULT_PK_ALG);
+	dump_cfg_string(sHostKeyAlgorithms, o->hostkeyalgorithms ?
+	    o->hostkeyalgorithms : KEX_DEFAULT_PK_ALG);
 	dump_cfg_string(sPubkeyAcceptedKeyTypes, o->pubkey_key_types ?
 	    o->pubkey_key_types : KEX_DEFAULT_PK_ALG);
 
diff --git a/crypto/openssh/servconf.h b/crypto/openssh/servconf.h
index 606d80c..f4137af 100644
--- a/crypto/openssh/servconf.h
+++ b/crypto/openssh/servconf.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: servconf.h,v 1.119 2015/05/22 03:50:02 djm Exp $ */
+/* $OpenBSD: servconf.h,v 1.120 2015/07/10 06:21:53 markus Exp $ */
 
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -102,6 +102,7 @@ typedef struct {
 	int     hostbased_authentication;	/* If true, permit ssh2 hostbased auth */
 	int     hostbased_uses_name_from_packet_only; /* experimental */
 	char   *hostbased_key_types;	/* Key types allowed for hostbased */
+	char   *hostkeyalgorithms;	/* SSH2 server key types */
 	int     rsa_authentication;	/* If true, permit RSA authentication. */
 	int     pubkey_authentication;	/* If true, permit ssh2 pubkey authentication. */
 	char   *pubkey_key_types;	/* Key types allowed for public key */
diff --git a/crypto/openssh/serverloop.c b/crypto/openssh/serverloop.c
index f45baa5..306ac36 100644
--- a/crypto/openssh/serverloop.c
+++ b/crypto/openssh/serverloop.c
@@ -36,7 +36,6 @@
  */
 
 #include "includes.h"
-__RCSID("$FreeBSD$");
 
 #include <sys/param.h>	/* MIN MAX */
 #include <sys/types.h>
diff --git a/crypto/openssh/sftp-server.0 b/crypto/openssh/sftp-server.0
deleted file mode 100644
index 77b6bb5..0000000
--- a/crypto/openssh/sftp-server.0
+++ /dev/null
@@ -1,96 +0,0 @@
-SFTP-SERVER(8)              System Manager's Manual             SFTP-SERVER(8)
-
-NAME
-     sftp-server M-bM-^@M-^S SFTP server subsystem
-
-SYNOPSIS
-     sftp-server [-ehR] [-d start_directory] [-f log_facility] [-l log_level]
-                 [-P blacklisted_requests] [-p whitelisted_requests]
-                 [-u umask]
-     sftp-server -Q protocol_feature
-
-DESCRIPTION
-     sftp-server is a program that speaks the server side of SFTP protocol to
-     stdout and expects client requests from stdin.  sftp-server is not
-     intended to be called directly, but from sshd(8) using the Subsystem
-     option.
-
-     Command-line flags to sftp-server should be specified in the Subsystem
-     declaration.  See sshd_config(5) for more information.
-
-     Valid options are:
-
-     -d start_directory
-             specifies an alternate starting directory for users.  The
-             pathname may contain the following tokens that are expanded at
-             runtime: %% is replaced by a literal '%', %d is replaced by the
-             home directory of the user being authenticated, and %u is
-             replaced by the username of that user.  The default is to use the
-             user's home directory.  This option is useful in conjunction with
-             the sshd_config(5) ChrootDirectory option.
-
-     -e      Causes sftp-server to print logging information to stderr instead
-             of syslog for debugging.
-
-     -f log_facility
-             Specifies the facility code that is used when logging messages
-             from sftp-server.  The possible values are: DAEMON, USER, AUTH,
-             LOCAL0, LOCAL1, LOCAL2, LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7.
-             The default is AUTH.
-
-     -h      Displays sftp-server usage information.
-
-     -l log_level
-             Specifies which messages will be logged by sftp-server.  The
-             possible values are: QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG,
-             DEBUG1, DEBUG2, and DEBUG3.  INFO and VERBOSE log transactions
-             that sftp-server performs on behalf of the client.  DEBUG and
-             DEBUG1 are equivalent.  DEBUG2 and DEBUG3 each specify higher
-             levels of debugging output.  The default is ERROR.
-
-     -P blacklisted_requests
-             Specify a comma-separated list of SFTP protocol requests that are
-             banned by the server.  sftp-server will reply to any blacklisted
-             request with a failure.  The -Q flag can be used to determine the
-             supported request types.  If both a blacklist and a whitelist are
-             specified, then the blacklist is applied before the whitelist.
-
-     -p whitelisted_requests
-             Specify a comma-separated list of SFTP protocol requests that are
-             permitted by the server.  All request types that are not on the
-             whitelist will be logged and replied to with a failure message.
-
-             Care must be taken when using this feature to ensure that
-             requests made implicitly by SFTP clients are permitted.
-
-     -Q protocol_feature
-             Query protocol features supported by sftp-server.  At present the
-             only feature that may be queried is M-bM-^@M-^\requestsM-bM-^@M-^], which may be used
-             for black or whitelisting (flags -P and -p respectively).
-
-     -R      Places this instance of sftp-server into a read-only mode.
-             Attempts to open files for writing, as well as other operations
-             that change the state of the filesystem, will be denied.
-
-     -u umask
-             Sets an explicit umask(2) to be applied to newly-created files
-             and directories, instead of the user's default mask.
-
-     On some systems, sftp-server must be able to access /dev/log for logging
-     to work, and use of sftp-server in a chroot configuration therefore
-     requires that syslogd(8) establish a logging socket inside the chroot
-     directory.
-
-SEE ALSO
-     sftp(1), ssh(1), sshd_config(5), sshd(8)
-
-     T. Ylonen and S. Lehtinen, SSH File Transfer Protocol, draft-ietf-secsh-
-     filexfer-02.txt, October 2001, work in progress material.
-
-HISTORY
-     sftp-server first appeared in OpenBSD 2.8.
-
-AUTHORS
-     Markus Friedl <markus@openbsd.org>
-
-OpenBSD 5.7                    December 11, 2014                   OpenBSD 5.7
diff --git a/crypto/openssh/sftp-server.c b/crypto/openssh/sftp-server.c
index d1831bf..eac11d7 100644
--- a/crypto/openssh/sftp-server.c
+++ b/crypto/openssh/sftp-server.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sftp-server.c,v 1.106 2015/04/24 01:36:01 deraadt Exp $ */
+/* $OpenBSD: sftp-server.c,v 1.107 2015/08/20 22:32:42 deraadt Exp $ */
 /*
  * Copyright (c) 2000-2004 Markus Friedl.  All rights reserved.
  *
@@ -1632,8 +1632,8 @@ sftp_server_main(int argc, char **argv, struct passwd *user_pw)
 		fatal("%s: sshbuf_new failed", __func__);
 
 	set_size = howmany(max + 1, NFDBITS) * sizeof(fd_mask);
-	rset = (fd_set *)xmalloc(set_size);
-	wset = (fd_set *)xmalloc(set_size);
+	rset = xmalloc(set_size);
+	wset = xmalloc(set_size);
 
 	if (homedir != NULL) {
 		if (chdir(homedir) != 0) {
diff --git a/crypto/openssh/sftp.0 b/crypto/openssh/sftp.0
deleted file mode 100644
index 24fd991..0000000
--- a/crypto/openssh/sftp.0
+++ /dev/null
@@ -1,383 +0,0 @@
-SFTP(1)                     General Commands Manual                    SFTP(1)
-
-NAME
-     sftp M-bM-^@M-^S secure file transfer program
-
-SYNOPSIS
-     sftp [-1246aCfpqrv] [-B buffer_size] [-b batchfile] [-c cipher]
-          [-D sftp_server_path] [-F ssh_config] [-i identity_file] [-l limit]
-          [-o ssh_option] [-P port] [-R num_requests] [-S program]
-          [-s subsystem | sftp_server] host
-     sftp [user@]host[:file ...]
-     sftp [user@]host[:dir[/]]
-     sftp -b batchfile [user@]host
-
-DESCRIPTION
-     sftp is an interactive file transfer program, similar to ftp(1), which
-     performs all operations over an encrypted ssh(1) transport.  It may also
-     use many features of ssh, such as public key authentication and
-     compression.  sftp connects and logs into the specified host, then enters
-     an interactive command mode.
-
-     The second usage format will retrieve files automatically if a non-
-     interactive authentication method is used; otherwise it will do so after
-     successful interactive authentication.
-
-     The third usage format allows sftp to start in a remote directory.
-
-     The final usage format allows for automated sessions using the -b option.
-     In such cases, it is necessary to configure non-interactive
-     authentication to obviate the need to enter a password at connection time
-     (see sshd(8) and ssh-keygen(1) for details).
-
-     Since some usage formats use colon characters to delimit host names from
-     path names, IPv6 addresses must be enclosed in square brackets to avoid
-     ambiguity.
-
-     The options are as follows:
-
-     -1      Specify the use of protocol version 1.
-
-     -2      Specify the use of protocol version 2.
-
-     -4      Forces sftp to use IPv4 addresses only.
-
-     -6      Forces sftp to use IPv6 addresses only.
-
-     -a      Attempt to continue interrupted transfers rather than overwriting
-             existing partial or complete copies of files.  If the partial
-             contents differ from those being transferred, then the resultant
-             file is likely to be corrupt.
-
-     -B buffer_size
-             Specify the size of the buffer that sftp uses when transferring
-             files.  Larger buffers require fewer round trips at the cost of
-             higher memory consumption.  The default is 32768 bytes.
-
-     -b batchfile
-             Batch mode reads a series of commands from an input batchfile
-             instead of stdin.  Since it lacks user interaction it should be
-             used in conjunction with non-interactive authentication.  A
-             batchfile of M-bM-^@M-^X-M-bM-^@M-^Y may be used to indicate standard input.  sftp
-             will abort if any of the following commands fail: get, put,
-             reget, reput, rename, ln, rm, mkdir, chdir, ls, lchdir, chmod,
-             chown, chgrp, lpwd, df, symlink, and lmkdir.  Termination on
-             error can be suppressed on a command by command basis by
-             prefixing the command with a M-bM-^@M-^X-M-bM-^@M-^Y character (for example, -rm
-             /tmp/blah*).
-
-     -C      Enables compression (via ssh's -C flag).
-
-     -c cipher
-             Selects the cipher to use for encrypting the data transfers.
-             This option is directly passed to ssh(1).
-
-     -D sftp_server_path
-             Connect directly to a local sftp server (rather than via ssh(1)).
-             This option may be useful in debugging the client and server.
-
-     -F ssh_config
-             Specifies an alternative per-user configuration file for ssh(1).
-             This option is directly passed to ssh(1).
-
-     -f      Requests that files be flushed to disk immediately after
-             transfer.  When uploading files, this feature is only enabled if
-             the server implements the "fsync@openssh.com" extension.
-
-     -i identity_file
-             Selects the file from which the identity (private key) for public
-             key authentication is read.  This option is directly passed to
-             ssh(1).
-
-     -l limit
-             Limits the used bandwidth, specified in Kbit/s.
-
-     -o ssh_option
-             Can be used to pass options to ssh in the format used in
-             ssh_config(5).  This is useful for specifying options for which
-             there is no separate sftp command-line flag.  For example, to
-             specify an alternate port use: sftp -oPort=24.  For full details
-             of the options listed below, and their possible values, see
-             ssh_config(5).
-
-                   AddressFamily
-                   BatchMode
-                   BindAddress
-                   CanonicalDomains
-                   CanonicalizeFallbackLocal
-                   CanonicalizeHostname
-                   CanonicalizeMaxDots
-                   CanonicalizePermittedCNAMEs
-                   ChallengeResponseAuthentication
-                   CheckHostIP
-                   Cipher
-                   Ciphers
-                   Compression
-                   CompressionLevel
-                   ConnectionAttempts
-                   ConnectTimeout
-                   ControlMaster
-                   ControlPath
-                   ControlPersist
-                   GlobalKnownHostsFile
-                   GSSAPIAuthentication
-                   GSSAPIDelegateCredentials
-                   HashKnownHosts
-                   Host
-                   HostbasedAuthentication
-                   HostbasedKeyTypes
-                   HostKeyAlgorithms
-                   HostKeyAlias
-                   HostName
-                   IdentityFile
-                   IdentitiesOnly
-                   IPQoS
-                   KbdInteractiveAuthentication
-                   KbdInteractiveDevices
-                   KexAlgorithms
-                   LogLevel
-                   MACs
-                   NoHostAuthenticationForLocalhost
-                   NumberOfPasswordPrompts
-                   PasswordAuthentication
-                   PKCS11Provider
-                   Port
-                   PreferredAuthentications
-                   Protocol
-                   ProxyCommand
-                   PubkeyAuthentication
-                   RekeyLimit
-                   RhostsRSAAuthentication
-                   RSAAuthentication
-                   SendEnv
-                   ServerAliveInterval
-                   ServerAliveCountMax
-                   StrictHostKeyChecking
-                   TCPKeepAlive
-                   UpdateHostKeys
-                   UsePrivilegedPort
-                   User
-                   UserKnownHostsFile
-                   VerifyHostKeyDNS
-
-     -P port
-             Specifies the port to connect to on the remote host.
-
-     -p      Preserves modification times, access times, and modes from the
-             original files transferred.
-
-     -q      Quiet mode: disables the progress meter as well as warning and
-             diagnostic messages from ssh(1).
-
-     -R num_requests
-             Specify how many requests may be outstanding at any one time.
-             Increasing this may slightly improve file transfer speed but will
-             increase memory usage.  The default is 64 outstanding requests.
-
-     -r      Recursively copy entire directories when uploading and
-             downloading.  Note that sftp does not follow symbolic links
-             encountered in the tree traversal.
-
-     -S program
-             Name of the program to use for the encrypted connection.  The
-             program must understand ssh(1) options.
-
-     -s subsystem | sftp_server
-             Specifies the SSH2 subsystem or the path for an sftp server on
-             the remote host.  A path is useful for using sftp over protocol
-             version 1, or when the remote sshd(8) does not have an sftp
-             subsystem configured.
-
-     -v      Raise logging level.  This option is also passed to ssh.
-
-INTERACTIVE COMMANDS
-     Once in interactive mode, sftp understands a set of commands similar to
-     those of ftp(1).  Commands are case insensitive.  Pathnames that contain
-     spaces must be enclosed in quotes.  Any special characters contained
-     within pathnames that are recognized by glob(3) must be escaped with
-     backslashes (M-bM-^@M-^X\M-bM-^@M-^Y).
-
-     bye     Quit sftp.
-
-     cd path
-             Change remote directory to path.
-
-     chgrp grp path
-             Change group of file path to grp.  path may contain glob(3)
-             characters and may match multiple files.  grp must be a numeric
-             GID.
-
-     chmod mode path
-             Change permissions of file path to mode.  path may contain
-             glob(3) characters and may match multiple files.
-
-     chown own path
-             Change owner of file path to own.  path may contain glob(3)
-             characters and may match multiple files.  own must be a numeric
-             UID.
-
-     df [-hi] [path]
-             Display usage information for the filesystem holding the current
-             directory (or path if specified).  If the -h flag is specified,
-             the capacity information will be displayed using "human-readable"
-             suffixes.  The -i flag requests display of inode information in
-             addition to capacity information.  This command is only supported
-             on servers that implement the M-bM-^@M-^\statvfs@openssh.comM-bM-^@M-^] extension.
-
-     exit    Quit sftp.
-
-     get [-afPpr] remote-path [local-path]
-             Retrieve the remote-path and store it on the local machine.  If
-             the local path name is not specified, it is given the same name
-             it has on the remote machine.  remote-path may contain glob(3)
-             characters and may match multiple files.  If it does and
-             local-path is specified, then local-path must specify a
-             directory.
-
-             If the -a flag is specified, then attempt to resume partial
-             transfers of existing files.  Note that resumption assumes that
-             any partial copy of the local file matches the remote copy.  If
-             the remote file contents differ from the partial local copy then
-             the resultant file is likely to be corrupt.
-
-             If the -f flag is specified, then fsync(2) will be called after
-             the file transfer has completed to flush the file to disk.
-
-             If either the -P or -p flag is specified, then full file
-             permissions and access times are copied too.
-
-             If the -r flag is specified then directories will be copied
-             recursively.  Note that sftp does not follow symbolic links when
-             performing recursive transfers.
-
-     help    Display help text.
-
-     lcd path
-             Change local directory to path.
-
-     lls [ls-options [path]]
-             Display local directory listing of either path or current
-             directory if path is not specified.  ls-options may contain any
-             flags supported by the local system's ls(1) command.  path may
-             contain glob(3) characters and may match multiple files.
-
-     lmkdir path
-             Create local directory specified by path.
-
-     ln [-s] oldpath newpath
-             Create a link from oldpath to newpath.  If the -s flag is
-             specified the created link is a symbolic link, otherwise it is a
-             hard link.
-
-     lpwd    Print local working directory.
-
-     ls [-1afhlnrSt] [path]
-             Display a remote directory listing of either path or the current
-             directory if path is not specified.  path may contain glob(3)
-             characters and may match multiple files.
-
-             The following flags are recognized and alter the behaviour of ls
-             accordingly:
-
-             -1      Produce single columnar output.
-
-             -a      List files beginning with a dot (M-bM-^@M-^X.M-bM-^@M-^Y).
-
-             -f      Do not sort the listing.  The default sort order is
-                     lexicographical.
-
-             -h      When used with a long format option, use unit suffixes:
-                     Byte, Kilobyte, Megabyte, Gigabyte, Terabyte, Petabyte,
-                     and Exabyte in order to reduce the number of digits to
-                     four or fewer using powers of 2 for sizes (K=1024,
-                     M=1048576, etc.).
-
-             -l      Display additional details including permissions and
-                     ownership information.
-
-             -n      Produce a long listing with user and group information
-                     presented numerically.
-
-             -r      Reverse the sort order of the listing.
-
-             -S      Sort the listing by file size.
-
-             -t      Sort the listing by last modification time.
-
-     lumask umask
-             Set local umask to umask.
-
-     mkdir path
-             Create remote directory specified by path.
-
-     progress
-             Toggle display of progress meter.
-
-     put [-afPpr] local-path [remote-path]
-             Upload local-path and store it on the remote machine.  If the
-             remote path name is not specified, it is given the same name it
-             has on the local machine.  local-path may contain glob(3)
-             characters and may match multiple files.  If it does and
-             remote-path is specified, then remote-path must specify a
-             directory.
-
-             If the -a flag is specified, then attempt to resume partial
-             transfers of existing files.  Note that resumption assumes that
-             any partial copy of the remote file matches the local copy.  If
-             the local file contents differ from the remote local copy then
-             the resultant file is likely to be corrupt.
-
-             If the -f flag is specified, then a request will be sent to the
-             server to call fsync(2) after the file has been transferred.
-             Note that this is only supported by servers that implement the
-             "fsync@openssh.com" extension.
-
-             If either the -P or -p flag is specified, then full file
-             permissions and access times are copied too.
-
-             If the -r flag is specified then directories will be copied
-             recursively.  Note that sftp does not follow symbolic links when
-             performing recursive transfers.
-
-     pwd     Display remote working directory.
-
-     quit    Quit sftp.
-
-     reget [-Ppr] remote-path [local-path]
-             Resume download of remote-path.  Equivalent to get with the -a
-             flag set.
-
-     reput [-Ppr] [local-path] remote-path
-             Resume upload of [local-path].  Equivalent to put with the -a
-             flag set.
-
-     rename oldpath newpath
-             Rename remote file from oldpath to newpath.
-
-     rm path
-             Delete remote file specified by path.
-
-     rmdir path
-             Remove remote directory specified by path.
-
-     symlink oldpath newpath
-             Create a symbolic link from oldpath to newpath.
-
-     version
-             Display the sftp protocol version.
-
-     !command
-             Execute command in local shell.
-
-     !       Escape to local shell.
-
-     ?       Synonym for help.
-
-SEE ALSO
-     ftp(1), ls(1), scp(1), ssh(1), ssh-add(1), ssh-keygen(1), glob(3),
-     ssh_config(5), sftp-server(8), sshd(8)
-
-     T. Ylonen and S. Lehtinen, SSH File Transfer Protocol, draft-ietf-secsh-
-     filexfer-00.txt, January 2001, work in progress material.
-
-OpenBSD 5.7                    January 30, 2015                    OpenBSD 5.7
diff --git a/crypto/openssh/sftp.c b/crypto/openssh/sftp.c
index 7d8e22c..788601a 100644
--- a/crypto/openssh/sftp.c
+++ b/crypto/openssh/sftp.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sftp.c,v 1.170 2015/01/20 23:14:00 deraadt Exp $ */
+/* $OpenBSD: sftp.c,v 1.171 2015/08/20 22:32:42 deraadt Exp $ */
 /*
  * Copyright (c) 2001-2004 Damien Miller <djm@openbsd.org>
  *
@@ -16,7 +16,6 @@
  */
 
 #include "includes.h"
-__RCSID("$FreeBSD$");
 
 #include <sys/param.h>	/* MIN MAX */
 #include <sys/types.h>
@@ -1959,7 +1958,7 @@ complete(EditLine *el, int ch)
 
 	/* Figure out which argument the cursor points to */
 	cursor = lf->cursor - lf->buffer;
-	line = (char *)xmalloc(cursor + 1);
+	line = xmalloc(cursor + 1);
 	memcpy(line, lf->buffer, cursor);
 	line[cursor] = '\0';
 	argv = makeargv(line, &carg, 1, &quote, &terminated);
@@ -1967,7 +1966,7 @@ complete(EditLine *el, int ch)
 
 	/* Get all the arguments on the line */
 	len = lf->lastchar - lf->buffer;
-	line = (char *)xmalloc(len + 1);
+	line = xmalloc(len + 1);
 	memcpy(line, lf->buffer, len);
 	line[len] = '\0';
 	argv = makeargv(line, &argc, 1, NULL, NULL);
diff --git a/crypto/openssh/ssh-add.0 b/crypto/openssh/ssh-add.0
deleted file mode 100644
index 66493f1..0000000
--- a/crypto/openssh/ssh-add.0
+++ /dev/null
@@ -1,129 +0,0 @@
-SSH-ADD(1)                  General Commands Manual                 SSH-ADD(1)
-
-NAME
-     ssh-add M-bM-^@M-^S adds private key identities to the authentication agent
-
-SYNOPSIS
-     ssh-add [-cDdkLlXx] [-E fingerprint_hash] [-t life] [file ...]
-     ssh-add -s pkcs11
-     ssh-add -e pkcs11
-
-DESCRIPTION
-     ssh-add adds private key identities to the authentication agent,
-     ssh-agent(1).  When run without arguments, it adds the files
-     ~/.ssh/id_rsa, ~/.ssh/id_dsa, ~/.ssh/id_ecdsa, ~/.ssh/id_ed25519 and
-     ~/.ssh/identity.  After loading a private key, ssh-add will try to load
-     corresponding certificate information from the filename obtained by
-     appending -cert.pub to the name of the private key file.  Alternative
-     file names can be given on the command line.
-
-     If any file requires a passphrase, ssh-add asks for the passphrase from
-     the user.  The passphrase is read from the user's tty.  ssh-add retries
-     the last passphrase if multiple identity files are given.
-
-     The authentication agent must be running and the SSH_AUTH_SOCK
-     environment variable must contain the name of its socket for ssh-add to
-     work.
-
-     The options are as follows:
-
-     -c      Indicates that added identities should be subject to confirmation
-             before being used for authentication.  Confirmation is performed
-             by ssh-askpass(1).  Successful confirmation is signaled by a zero
-             exit status from ssh-askpass(1), rather than text entered into
-             the requester.
-
-     -D      Deletes all identities from the agent.
-
-     -d      Instead of adding identities, removes identities from the agent.
-             If ssh-add has been run without arguments, the keys for the
-             default identities and their corresponding certificates will be
-             removed.  Otherwise, the argument list will be interpreted as a
-             list of paths to public key files to specify keys and
-             certificates to be removed from the agent.  If no public key is
-             found at a given path, ssh-add will append .pub and retry.
-
-     -E fingerprint_hash
-             Specifies the hash algorithm used when displaying key
-             fingerprints.  Valid options are: M-bM-^@M-^\md5M-bM-^@M-^] and M-bM-^@M-^\sha256M-bM-^@M-^].  The
-             default is M-bM-^@M-^\sha256M-bM-^@M-^].
-
-     -e pkcs11
-             Remove keys provided by the PKCS#11 shared library pkcs11.
-
-     -k      When loading keys into or deleting keys from the agent, process
-             plain private keys only and skip certificates.
-
-     -L      Lists public key parameters of all identities currently
-             represented by the agent.
-
-     -l      Lists fingerprints of all identities currently represented by the
-             agent.
-
-     -s pkcs11
-             Add keys provided by the PKCS#11 shared library pkcs11.
-
-     -t life
-             Set a maximum lifetime when adding identities to an agent.  The
-             lifetime may be specified in seconds or in a time format
-             specified in sshd_config(5).
-
-     -X      Unlock the agent.
-
-     -x      Lock the agent with a password.
-
-ENVIRONMENT
-     DISPLAY and SSH_ASKPASS
-             If ssh-add needs a passphrase, it will read the passphrase from
-             the current terminal if it was run from a terminal.  If ssh-add
-             does not have a terminal associated with it but DISPLAY and
-             SSH_ASKPASS are set, it will execute the program specified by
-             SSH_ASKPASS (by default M-bM-^@M-^\ssh-askpassM-bM-^@M-^]) and open an X11 window to
-             read the passphrase.  This is particularly useful when calling
-             ssh-add from a .xsession or related script.  (Note that on some
-             machines it may be necessary to redirect the input from /dev/null
-             to make this work.)
-
-     SSH_AUTH_SOCK
-             Identifies the path of a UNIX-domain socket used to communicate
-             with the agent.
-
-FILES
-     ~/.ssh/identity
-             Contains the protocol version 1 RSA authentication identity of
-             the user.
-
-     ~/.ssh/id_dsa
-             Contains the protocol version 2 DSA authentication identity of
-             the user.
-
-     ~/.ssh/id_ecdsa
-             Contains the protocol version 2 ECDSA authentication identity of
-             the user.
-
-     ~/.ssh/id_ed25519
-             Contains the protocol version 2 Ed25519 authentication identity
-             of the user.
-
-     ~/.ssh/id_rsa
-             Contains the protocol version 2 RSA authentication identity of
-             the user.
-
-     Identity files should not be readable by anyone but the user.  Note that
-     ssh-add ignores identity files if they are accessible by others.
-
-EXIT STATUS
-     Exit status is 0 on success, 1 if the specified command fails, and 2 if
-     ssh-add is unable to contact the authentication agent.
-
-SEE ALSO
-     ssh(1), ssh-agent(1), ssh-askpass(1), ssh-keygen(1), sshd(8)
-
-AUTHORS
-     OpenSSH is a derivative of the original and free ssh 1.2.12 release by
-     Tatu Ylonen.  Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo
-     de Raadt and Dug Song removed many bugs, re-added newer features and
-     created OpenSSH.  Markus Friedl contributed the support for SSH protocol
-     versions 1.5 and 2.0.
-
-OpenBSD 5.7                     March 30, 2015                     OpenBSD 5.7
diff --git a/crypto/openssh/ssh-add.c b/crypto/openssh/ssh-add.c
index 9c8da54..d6271d7 100644
--- a/crypto/openssh/ssh-add.c
+++ b/crypto/openssh/ssh-add.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-add.c,v 1.122 2015/03/26 12:32:38 naddy Exp $ */
+/* $OpenBSD: ssh-add.c,v 1.123 2015/07/03 03:43:18 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -302,8 +302,7 @@ add_file(int agent_fd, const char *filename, int key_only)
 	} 
 
 	/* Graft with private bits */
-	if ((r = sshkey_to_certified(private,
-	    sshkey_cert_is_legacy(cert))) != 0) {
+	if ((r = sshkey_to_certified(private)) != 0) {
 		error("%s: sshkey_to_certified: %s", __func__, ssh_err(r));
 		sshkey_free(cert);
 		goto out;
diff --git a/crypto/openssh/ssh-agent.0 b/crypto/openssh/ssh-agent.0
deleted file mode 100644
index eb89281..0000000
--- a/crypto/openssh/ssh-agent.0
+++ /dev/null
@@ -1,112 +0,0 @@
-SSH-AGENT(1)                General Commands Manual               SSH-AGENT(1)
-
-NAME
-     ssh-agent M-bM-^@M-^S authentication agent
-
-SYNOPSIS
-     ssh-agent [-c | -s] [-Dd] [-a bind_address] [-E fingerprint_hash]
-               [-t life] [command [arg ...]]
-     ssh-agent [-c | -s] -k
-
-DESCRIPTION
-     ssh-agent is a program to hold private keys used for public key
-     authentication (RSA, DSA, ECDSA, Ed25519).  ssh-agent is usually started
-     in the beginning of an X-session or a login session, and all other
-     windows or programs are started as clients to the ssh-agent program.
-     Through use of environment variables the agent can be located and
-     automatically used for authentication when logging in to other machines
-     using ssh(1).
-
-     The agent initially does not have any private keys.  Keys are added using
-     ssh-add(1).  Multiple identities may be stored in ssh-agent concurrently
-     and ssh(1) will automatically use them if present.  ssh-add(1) is also
-     used to remove keys from ssh-agent and to query the keys that are held in
-     one.
-
-     The options are as follows:
-
-     -a bind_address
-             Bind the agent to the UNIX-domain socket bind_address.  The
-             default is $TMPDIR/ssh-XXXXXXXXXX/agent.<ppid>.
-
-     -c      Generate C-shell commands on stdout.  This is the default if
-             SHELL looks like it's a csh style of shell.
-
-     -D      Foreground mode.  When this option is specified ssh-agent will
-             not fork.
-
-     -d      Debug mode.  When this option is specified ssh-agent will not
-             fork and will write debug information to standard error.
-
-     -E fingerprint_hash
-             Specifies the hash algorithm used when displaying key
-             fingerprints.  Valid options are: M-bM-^@M-^\md5M-bM-^@M-^] and M-bM-^@M-^\sha256M-bM-^@M-^].  The
-             default is M-bM-^@M-^\sha256M-bM-^@M-^].
-
-     -k      Kill the current agent (given by the SSH_AGENT_PID environment
-             variable).
-
-     -s      Generate Bourne shell commands on stdout.  This is the default if
-             SHELL does not look like it's a csh style of shell.
-
-     -t life
-             Set a default value for the maximum lifetime of identities added
-             to the agent.  The lifetime may be specified in seconds or in a
-             time format specified in sshd_config(5).  A lifetime specified
-             for an identity with ssh-add(1) overrides this value.  Without
-             this option the default maximum lifetime is forever.
-
-     If a commandline is given, this is executed as a subprocess of the agent.
-     When the command dies, so does the agent.
-
-     The idea is that the agent is run in the user's local PC, laptop, or
-     terminal.  Authentication data need not be stored on any other machine,
-     and authentication passphrases never go over the network.  However, the
-     connection to the agent is forwarded over SSH remote logins, and the user
-     can thus use the privileges given by the identities anywhere in the
-     network in a secure way.
-
-     There are two main ways to get an agent set up: The first is that the
-     agent starts a new subcommand into which some environment variables are
-     exported, eg ssh-agent xterm &.  The second is that the agent prints the
-     needed shell commands (either sh(1) or csh(1) syntax can be generated)
-     which can be evaluated in the calling shell, eg eval `ssh-agent -s` for
-     Bourne-type shells such as sh(1) or ksh(1) and eval `ssh-agent -c` for
-     csh(1) and derivatives.
-
-     Later ssh(1) looks at these variables and uses them to establish a
-     connection to the agent.
-
-     The agent will never send a private key over its request channel.
-     Instead, operations that require a private key will be performed by the
-     agent, and the result will be returned to the requester.  This way,
-     private keys are not exposed to clients using the agent.
-
-     A UNIX-domain socket is created and the name of this socket is stored in
-     the SSH_AUTH_SOCK environment variable.  The socket is made accessible
-     only to the current user.  This method is easily abused by root or
-     another instance of the same user.
-
-     The SSH_AGENT_PID environment variable holds the agent's process ID.
-
-     The agent exits automatically when the command given on the command line
-     terminates.
-
-FILES
-     $TMPDIR/ssh-XXXXXXXXXX/agent.<ppid>
-             UNIX-domain sockets used to contain the connection to the
-             authentication agent.  These sockets should only be readable by
-             the owner.  The sockets should get automatically removed when the
-             agent exits.
-
-SEE ALSO
-     ssh(1), ssh-add(1), ssh-keygen(1), sshd(8)
-
-AUTHORS
-     OpenSSH is a derivative of the original and free ssh 1.2.12 release by
-     Tatu Ylonen.  Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo
-     de Raadt and Dug Song removed many bugs, re-added newer features and
-     created OpenSSH.  Markus Friedl contributed the support for SSH protocol
-     versions 1.5 and 2.0.
-
-OpenBSD 5.7                     April 24, 2015                     OpenBSD 5.7
diff --git a/crypto/openssh/ssh-agent.c b/crypto/openssh/ssh-agent.c
index a1938a6..52293db 100644
--- a/crypto/openssh/ssh-agent.c
+++ b/crypto/openssh/ssh-agent.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-agent.c,v 1.203 2015/05/15 05:44:21 dtucker Exp $ */
+/* $OpenBSD: ssh-agent.c,v 1.204 2015/07/08 20:24:02 markus Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -73,9 +73,6 @@ __RCSID("$FreeBSD$");
 # include <util.h>
 #endif
 
-#include "key.h"	/* XXX for typedef */
-#include "buffer.h"	/* XXX for typedef */
-
 #include "xmalloc.h"
 #include "ssh.h"
 #include "rsa.h"
diff --git a/crypto/openssh/ssh-keygen.0 b/crypto/openssh/ssh-keygen.0
deleted file mode 100644
index 784ad03..0000000
--- a/crypto/openssh/ssh-keygen.0
+++ /dev/null
@@ -1,566 +0,0 @@
-SSH-KEYGEN(1)               General Commands Manual              SSH-KEYGEN(1)
-
-NAME
-     ssh-keygen M-bM-^@M-^S authentication key generation, management and conversion
-
-SYNOPSIS
-     ssh-keygen [-q] [-b bits] [-t dsa | ecdsa | ed25519 | rsa | rsa1]
-                [-N new_passphrase] [-C comment] [-f output_keyfile]
-     ssh-keygen -p [-P old_passphrase] [-N new_passphrase] [-f keyfile]
-     ssh-keygen -i [-m key_format] [-f input_keyfile]
-     ssh-keygen -e [-m key_format] [-f input_keyfile]
-     ssh-keygen -y [-f input_keyfile]
-     ssh-keygen -c [-P passphrase] [-C comment] [-f keyfile]
-     ssh-keygen -l [-v] [-E fingerprint_hash] [-f input_keyfile]
-     ssh-keygen -B [-f input_keyfile]
-     ssh-keygen -D pkcs11
-     ssh-keygen -F hostname [-f known_hosts_file] [-l]
-     ssh-keygen -H [-f known_hosts_file]
-     ssh-keygen -R hostname [-f known_hosts_file]
-     ssh-keygen -r hostname [-f input_keyfile] [-g]
-     ssh-keygen -G output_file [-v] [-b bits] [-M memory] [-S start_point]
-     ssh-keygen -T output_file -f input_file [-v] [-a rounds] [-J num_lines]
-                [-j start_line] [-K checkpt] [-W generator]
-     ssh-keygen -s ca_key -I certificate_identity [-h] [-n principals]
-                [-O option] [-V validity_interval] [-z serial_number] file ...
-     ssh-keygen -L [-f input_keyfile]
-     ssh-keygen -A
-     ssh-keygen -k -f krl_file [-u] [-s ca_public] [-z version_number]
-                file ...
-     ssh-keygen -Q -f krl_file file ...
-
-DESCRIPTION
-     ssh-keygen generates, manages and converts authentication keys for
-     ssh(1).  ssh-keygen can create RSA keys for use by SSH protocol version 1
-     and DSA, ECDSA, Ed25519 or RSA keys for use by SSH protocol version 2.
-     The type of key to be generated is specified with the -t option.  If
-     invoked without any arguments, ssh-keygen will generate an RSA key for
-     use in SSH protocol 2 connections.
-
-     ssh-keygen is also used to generate groups for use in Diffie-Hellman
-     group exchange (DH-GEX).  See the MODULI GENERATION section for details.
-
-     Finally, ssh-keygen can be used to generate and update Key Revocation
-     Lists, and to test whether given keys have been revoked by one.  See the
-     KEY REVOCATION LISTS section for details.
-
-     Normally each user wishing to use SSH with public key authentication runs
-     this once to create the authentication key in ~/.ssh/identity,
-     ~/.ssh/id_dsa, ~/.ssh/id_ecdsa, ~/.ssh/id_ed25519 or ~/.ssh/id_rsa.
-     Additionally, the system administrator may use this to generate host
-     keys, as seen in /etc/rc.
-
-     Normally this program generates the key and asks for a file in which to
-     store the private key.  The public key is stored in a file with the same
-     name but M-bM-^@M-^\.pubM-bM-^@M-^] appended.  The program also asks for a passphrase.  The
-     passphrase may be empty to indicate no passphrase (host keys must have an
-     empty passphrase), or it may be a string of arbitrary length.  A
-     passphrase is similar to a password, except it can be a phrase with a
-     series of words, punctuation, numbers, whitespace, or any string of
-     characters you want.  Good passphrases are 10-30 characters long, are not
-     simple sentences or otherwise easily guessable (English prose has only
-     1-2 bits of entropy per character, and provides very bad passphrases),
-     and contain a mix of upper and lowercase letters, numbers, and non-
-     alphanumeric characters.  The passphrase can be changed later by using
-     the -p option.
-
-     There is no way to recover a lost passphrase.  If the passphrase is lost
-     or forgotten, a new key must be generated and the corresponding public
-     key copied to other machines.
-
-     For RSA1 keys, there is also a comment field in the key file that is only
-     for convenience to the user to help identify the key.  The comment can
-     tell what the key is for, or whatever is useful.  The comment is
-     initialized to M-bM-^@M-^\user@hostM-bM-^@M-^] when the key is created, but can be changed
-     using the -c option.
-
-     After a key is generated, instructions below detail where the keys should
-     be placed to be activated.
-
-     The options are as follows:
-
-     -A      For each of the key types (rsa1, rsa, dsa, ecdsa and ed25519) for
-             which host keys do not exist, generate the host keys with the
-             default key file path, an empty passphrase, default bits for the
-             key type, and default comment.  This is used by /etc/rc to
-             generate new host keys.
-
-     -a rounds
-             When saving a new-format private key (i.e. an ed25519 key or any
-             SSH protocol 2 key when the -o flag is set), this option
-             specifies the number of KDF (key derivation function) rounds
-             used.  Higher numbers result in slower passphrase verification
-             and increased resistance to brute-force password cracking (should
-             the keys be stolen).
-
-             When screening DH-GEX candidates ( using the -T command).  This
-             option specifies the number of primality tests to perform.
-
-     -B      Show the bubblebabble digest of specified private or public key
-             file.
-
-     -b bits
-             Specifies the number of bits in the key to create.  For RSA keys,
-             the minimum size is 768 bits and the default is 2048 bits.
-             Generally, 2048 bits is considered sufficient.  DSA keys must be
-             exactly 1024 bits as specified by FIPS 186-2.  For ECDSA keys,
-             the -b flag determines the key length by selecting from one of
-             three elliptic curve sizes: 256, 384 or 521 bits.  Attempting to
-             use bit lengths other than these three values for ECDSA keys will
-             fail.  Ed25519 keys have a fixed length and the -b flag will be
-             ignored.
-
-     -C comment
-             Provides a new comment.
-
-     -c      Requests changing the comment in the private and public key
-             files.  This operation is only supported for RSA1 keys.  The
-             program will prompt for the file containing the private keys, for
-             the passphrase if the key has one, and for the new comment.
-
-     -D pkcs11
-             Download the RSA public keys provided by the PKCS#11 shared
-             library pkcs11.  When used in combination with -s, this option
-             indicates that a CA key resides in a PKCS#11 token (see the
-             CERTIFICATES section for details).
-
-     -E fingerprint_hash
-             Specifies the hash algorithm used when displaying key
-             fingerprints.  Valid options are: M-bM-^@M-^\md5M-bM-^@M-^] and M-bM-^@M-^\sha256M-bM-^@M-^].  The
-             default is M-bM-^@M-^\sha256M-bM-^@M-^].
-
-     -e      This option will read a private or public OpenSSH key file and
-             print to stdout the key in one of the formats specified by the -m
-             option.  The default export format is M-bM-^@M-^\RFC4716M-bM-^@M-^].  This option
-             allows exporting OpenSSH keys for use by other programs,
-             including several commercial SSH implementations.
-
-     -F hostname
-             Search for the specified hostname in a known_hosts file, listing
-             any occurrences found.  This option is useful to find hashed host
-             names or addresses and may also be used in conjunction with the
-             -H option to print found keys in a hashed format.
-
-     -f filename
-             Specifies the filename of the key file.
-
-     -G output_file
-             Generate candidate primes for DH-GEX.  These primes must be
-             screened for safety (using the -T option) before use.
-
-     -g      Use generic DNS format when printing fingerprint resource records
-             using the -r command.
-
-     -H      Hash a known_hosts file.  This replaces all hostnames and
-             addresses with hashed representations within the specified file;
-             the original content is moved to a file with a .old suffix.
-             These hashes may be used normally by ssh and sshd, but they do
-             not reveal identifying information should the file's contents be
-             disclosed.  This option will not modify existing hashed hostnames
-             and is therefore safe to use on files that mix hashed and non-
-             hashed names.
-
-     -h      When signing a key, create a host certificate instead of a user
-             certificate.  Please see the CERTIFICATES section for details.
-
-     -I certificate_identity
-             Specify the key identity when signing a public key.  Please see
-             the CERTIFICATES section for details.
-
-     -i      This option will read an unencrypted private (or public) key file
-             in the format specified by the -m option and print an OpenSSH
-             compatible private (or public) key to stdout.  This option allows
-             importing keys from other software, including several commercial
-             SSH implementations.  The default import format is M-bM-^@M-^\RFC4716M-bM-^@M-^].
-
-     -J num_lines
-             Exit after screening the specified number of lines while
-             performing DH candidate screening using the -T option.
-
-     -j start_line
-             Start screening at the specified line number while performing DH
-             candidate screening using the -T option.
-
-     -K checkpt
-             Write the last line processed to the file checkpt while
-             performing DH candidate screening using the -T option.  This will
-             be used to skip lines in the input file that have already been
-             processed if the job is restarted.
-
-     -k      Generate a KRL file.  In this mode, ssh-keygen will generate a
-             KRL file at the location specified via the -f flag that revokes
-             every key or certificate presented on the command line.
-             Keys/certificates to be revoked may be specified by public key
-             file or using the format described in the KEY REVOCATION LISTS
-             section.
-
-     -L      Prints the contents of a certificate.
-
-     -l      Show fingerprint of specified public key file.  Private RSA1 keys
-             are also supported.  For RSA and DSA keys ssh-keygen tries to
-             find the matching public key file and prints its fingerprint.  If
-             combined with -v, an ASCII art representation of the key is
-             supplied with the fingerprint.
-
-     -M memory
-             Specify the amount of memory to use (in megabytes) when
-             generating candidate moduli for DH-GEX.
-
-     -m key_format
-             Specify a key format for the -i (import) or -e (export)
-             conversion options.  The supported key formats are: M-bM-^@M-^\RFC4716M-bM-^@M-^]
-             (RFC 4716/SSH2 public or private key), M-bM-^@M-^\PKCS8M-bM-^@M-^] (PEM PKCS8 public
-             key) or M-bM-^@M-^\PEMM-bM-^@M-^] (PEM public key).  The default conversion format is
-             M-bM-^@M-^\RFC4716M-bM-^@M-^].
-
-     -N new_passphrase
-             Provides the new passphrase.
-
-     -n principals
-             Specify one or more principals (user or host names) to be
-             included in a certificate when signing a key.  Multiple
-             principals may be specified, separated by commas.  Please see the
-             CERTIFICATES section for details.
-
-     -O option
-             Specify a certificate option when signing a key.  This option may
-             be specified multiple times.  Please see the CERTIFICATES section
-             for details.  The options that are valid for user certificates
-             are:
-
-             clear   Clear all enabled permissions.  This is useful for
-                     clearing the default set of permissions so permissions
-                     may be added individually.
-
-             force-command=command
-                     Forces the execution of command instead of any shell or
-                     command specified by the user when the certificate is
-                     used for authentication.
-
-             no-agent-forwarding
-                     Disable ssh-agent(1) forwarding (permitted by default).
-
-             no-port-forwarding
-                     Disable port forwarding (permitted by default).
-
-             no-pty  Disable PTY allocation (permitted by default).
-
-             no-user-rc
-                     Disable execution of ~/.ssh/rc by sshd(8) (permitted by
-                     default).
-
-             no-x11-forwarding
-                     Disable X11 forwarding (permitted by default).
-
-             permit-agent-forwarding
-                     Allows ssh-agent(1) forwarding.
-
-             permit-port-forwarding
-                     Allows port forwarding.
-
-             permit-pty
-                     Allows PTY allocation.
-
-             permit-user-rc
-                     Allows execution of ~/.ssh/rc by sshd(8).
-
-             permit-x11-forwarding
-                     Allows X11 forwarding.
-
-             source-address=address_list
-                     Restrict the source addresses from which the certificate
-                     is considered valid.  The address_list is a comma-
-                     separated list of one or more address/netmask pairs in
-                     CIDR format.
-
-             At present, no options are valid for host keys.
-
-     -o      Causes ssh-keygen to save SSH protocol 2 private keys using the
-             new OpenSSH format rather than the more compatible PEM format.
-             The new format has increased resistance to brute-force password
-             cracking but is not supported by versions of OpenSSH prior to
-             6.5.  Ed25519 keys always use the new private key format.
-
-     -P passphrase
-             Provides the (old) passphrase.
-
-     -p      Requests changing the passphrase of a private key file instead of
-             creating a new private key.  The program will prompt for the file
-             containing the private key, for the old passphrase, and twice for
-             the new passphrase.
-
-     -Q      Test whether keys have been revoked in a KRL.
-
-     -q      Silence ssh-keygen.
-
-     -R hostname
-             Removes all keys belonging to hostname from a known_hosts file.
-             This option is useful to delete hashed hosts (see the -H option
-             above).
-
-     -r hostname
-             Print the SSHFP fingerprint resource record named hostname for
-             the specified public key file.
-
-     -S start
-             Specify start point (in hex) when generating candidate moduli for
-             DH-GEX.
-
-     -s ca_key
-             Certify (sign) a public key using the specified CA key.  Please
-             see the CERTIFICATES section for details.
-
-             When generating a KRL, -s specifies a path to a CA public key
-             file used to revoke certificates directly by key ID or serial
-             number.  See the KEY REVOCATION LISTS section for details.
-
-     -T output_file
-             Test DH group exchange candidate primes (generated using the -G
-             option) for safety.
-
-     -t dsa | ecdsa | ed25519 | rsa | rsa1
-             Specifies the type of key to create.  The possible values are
-             M-bM-^@M-^\rsa1M-bM-^@M-^] for protocol version 1 and M-bM-^@M-^\dsaM-bM-^@M-^], M-bM-^@M-^\ecdsaM-bM-^@M-^], M-bM-^@M-^\ed25519M-bM-^@M-^], or
-             M-bM-^@M-^\rsaM-bM-^@M-^] for protocol version 2.
-
-     -u      Update a KRL.  When specified with -k, keys listed via the
-             command line are added to the existing KRL rather than a new KRL
-             being created.
-
-     -V validity_interval
-             Specify a validity interval when signing a certificate.  A
-             validity interval may consist of a single time, indicating that
-             the certificate is valid beginning now and expiring at that time,
-             or may consist of two times separated by a colon to indicate an
-             explicit time interval.  The start time may be specified as a
-             date in YYYYMMDD format, a time in YYYYMMDDHHMMSS format or a
-             relative time (to the current time) consisting of a minus sign
-             followed by a relative time in the format described in the TIME
-             FORMATS section of sshd_config(5).  The end time may be specified
-             as a YYYYMMDD date, a YYYYMMDDHHMMSS time or a relative time
-             starting with a plus character.
-
-             For example: M-bM-^@M-^\+52w1dM-bM-^@M-^] (valid from now to 52 weeks and one day
-             from now), M-bM-^@M-^\-4w:+4wM-bM-^@M-^] (valid from four weeks ago to four weeks
-             from now), M-bM-^@M-^\20100101123000:20110101123000M-bM-^@M-^] (valid from 12:30 PM,
-             January 1st, 2010 to 12:30 PM, January 1st, 2011), M-bM-^@M-^\-1d:20110101M-bM-^@M-^]
-             (valid from yesterday to midnight, January 1st, 2011).
-
-     -v      Verbose mode.  Causes ssh-keygen to print debugging messages
-             about its progress.  This is helpful for debugging moduli
-             generation.  Multiple -v options increase the verbosity.  The
-             maximum is 3.
-
-     -W generator
-             Specify desired generator when testing candidate moduli for DH-
-             GEX.
-
-     -y      This option will read a private OpenSSH format file and print an
-             OpenSSH public key to stdout.
-
-     -z serial_number
-             Specifies a serial number to be embedded in the certificate to
-             distinguish this certificate from others from the same CA.  The
-             default serial number is zero.
-
-             When generating a KRL, the -z flag is used to specify a KRL
-             version number.
-
-MODULI GENERATION
-     ssh-keygen may be used to generate groups for the Diffie-Hellman Group
-     Exchange (DH-GEX) protocol.  Generating these groups is a two-step
-     process: first, candidate primes are generated using a fast, but memory
-     intensive process.  These candidate primes are then tested for
-     suitability (a CPU-intensive process).
-
-     Generation of primes is performed using the -G option.  The desired
-     length of the primes may be specified by the -b option.  For example:
-
-           # ssh-keygen -G moduli-2048.candidates -b 2048
-
-     By default, the search for primes begins at a random point in the desired
-     length range.  This may be overridden using the -S option, which
-     specifies a different start point (in hex).
-
-     Once a set of candidates have been generated, they must be screened for
-     suitability.  This may be performed using the -T option.  In this mode
-     ssh-keygen will read candidates from standard input (or a file specified
-     using the -f option).  For example:
-
-           # ssh-keygen -T moduli-2048 -f moduli-2048.candidates
-
-     By default, each candidate will be subjected to 100 primality tests.
-     This may be overridden using the -a option.  The DH generator value will
-     be chosen automatically for the prime under consideration.  If a specific
-     generator is desired, it may be requested using the -W option.  Valid
-     generator values are 2, 3, and 5.
-
-     Screened DH groups may be installed in /etc/moduli.  It is important that
-     this file contains moduli of a range of bit lengths and that both ends of
-     a connection share common moduli.
-
-CERTIFICATES
-     ssh-keygen supports signing of keys to produce certificates that may be
-     used for user or host authentication.  Certificates consist of a public
-     key, some identity information, zero or more principal (user or host)
-     names and a set of options that are signed by a Certification Authority
-     (CA) key.  Clients or servers may then trust only the CA key and verify
-     its signature on a certificate rather than trusting many user/host keys.
-     Note that OpenSSH certificates are a different, and much simpler, format
-     to the X.509 certificates used in ssl(8).
-
-     ssh-keygen supports two types of certificates: user and host.  User
-     certificates authenticate users to servers, whereas host certificates
-     authenticate server hosts to users.  To generate a user certificate:
-
-           $ ssh-keygen -s /path/to/ca_key -I key_id /path/to/user_key.pub
-
-     The resultant certificate will be placed in /path/to/user_key-cert.pub.
-     A host certificate requires the -h option:
-
-           $ ssh-keygen -s /path/to/ca_key -I key_id -h /path/to/host_key.pub
-
-     The host certificate will be output to /path/to/host_key-cert.pub.
-
-     It is possible to sign using a CA key stored in a PKCS#11 token by
-     providing the token library using -D and identifying the CA key by
-     providing its public half as an argument to -s:
-
-           $ ssh-keygen -s ca_key.pub -D libpkcs11.so -I key_id host_key.pub
-
-     In all cases, key_id is a "key identifier" that is logged by the server
-     when the certificate is used for authentication.
-
-     Certificates may be limited to be valid for a set of principal
-     (user/host) names.  By default, generated certificates are valid for all
-     users or hosts.  To generate a certificate for a specified set of
-     principals:
-
-           $ ssh-keygen -s ca_key -I key_id -n user1,user2 user_key.pub
-           $ ssh-keygen -s ca_key -I key_id -h -n host.domain user_key.pub
-
-     Additional limitations on the validity and use of user certificates may
-     be specified through certificate options.  A certificate option may
-     disable features of the SSH session, may be valid only when presented
-     from particular source addresses or may force the use of a specific
-     command.  For a list of valid certificate options, see the documentation
-     for the -O option above.
-
-     Finally, certificates may be defined with a validity lifetime.  The -V
-     option allows specification of certificate start and end times.  A
-     certificate that is presented at a time outside this range will not be
-     considered valid.  By default, certificates are valid from UNIX Epoch to
-     the distant future.
-
-     For certificates to be used for user or host authentication, the CA
-     public key must be trusted by sshd(8) or ssh(1).  Please refer to those
-     manual pages for details.
-
-KEY REVOCATION LISTS
-     ssh-keygen is able to manage OpenSSH format Key Revocation Lists (KRLs).
-     These binary files specify keys or certificates to be revoked using a
-     compact format, taking as little as one bit per certificate if they are
-     being revoked by serial number.
-
-     KRLs may be generated using the -k flag.  This option reads one or more
-     files from the command line and generates a new KRL.  The files may
-     either contain a KRL specification (see below) or public keys, listed one
-     per line.  Plain public keys are revoked by listing their hash or
-     contents in the KRL and certificates revoked by serial number or key ID
-     (if the serial is zero or not available).
-
-     Revoking keys using a KRL specification offers explicit control over the
-     types of record used to revoke keys and may be used to directly revoke
-     certificates by serial number or key ID without having the complete
-     original certificate on hand.  A KRL specification consists of lines
-     containing one of the following directives followed by a colon and some
-     directive-specific information.
-
-     serial: serial_number[-serial_number]
-             Revokes a certificate with the specified serial number.  Serial
-             numbers are 64-bit values, not including zero and may be
-             expressed in decimal, hex or octal.  If two serial numbers are
-             specified separated by a hyphen, then the range of serial numbers
-             including and between each is revoked.  The CA key must have been
-             specified on the ssh-keygen command line using the -s option.
-
-     id: key_id
-             Revokes a certificate with the specified key ID string.  The CA
-             key must have been specified on the ssh-keygen command line using
-             the -s option.
-
-     key: public_key
-             Revokes the specified key.  If a certificate is listed, then it
-             is revoked as a plain public key.
-
-     sha1: public_key
-             Revokes the specified key by its SHA1 hash.
-
-     KRLs may be updated using the -u flag in addition to -k.  When this
-     option is specified, keys listed via the command line are merged into the
-     KRL, adding to those already there.
-
-     It is also possible, given a KRL, to test whether it revokes a particular
-     key (or keys).  The -Q flag will query an existing KRL, testing each key
-     specified on the commandline.  If any key listed on the command line has
-     been revoked (or an error encountered) then ssh-keygen will exit with a
-     non-zero exit status.  A zero exit status will only be returned if no key
-     was revoked.
-
-FILES
-     ~/.ssh/identity
-             Contains the protocol version 1 RSA authentication identity of
-             the user.  This file should not be readable by anyone but the
-             user.  It is possible to specify a passphrase when generating the
-             key; that passphrase will be used to encrypt the private part of
-             this file using 3DES.  This file is not automatically accessed by
-             ssh-keygen but it is offered as the default file for the private
-             key.  ssh(1) will read this file when a login attempt is made.
-
-     ~/.ssh/identity.pub
-             Contains the protocol version 1 RSA public key for
-             authentication.  The contents of this file should be added to
-             ~/.ssh/authorized_keys on all machines where the user wishes to
-             log in using RSA authentication.  There is no need to keep the
-             contents of this file secret.
-
-     ~/.ssh/id_dsa
-     ~/.ssh/id_ecdsa
-     ~/.ssh/id_ed25519
-     ~/.ssh/id_rsa
-             Contains the protocol version 2 DSA, ECDSA, Ed25519 or RSA
-             authentication identity of the user.  This file should not be
-             readable by anyone but the user.  It is possible to specify a
-             passphrase when generating the key; that passphrase will be used
-             to encrypt the private part of this file using 128-bit AES.  This
-             file is not automatically accessed by ssh-keygen but it is
-             offered as the default file for the private key.  ssh(1) will
-             read this file when a login attempt is made.
-
-     ~/.ssh/id_dsa.pub
-     ~/.ssh/id_ecdsa.pub
-     ~/.ssh/id_ed25519.pub
-     ~/.ssh/id_rsa.pub
-             Contains the protocol version 2 DSA, ECDSA, Ed25519 or RSA public
-             key for authentication.  The contents of this file should be
-             added to ~/.ssh/authorized_keys on all machines where the user
-             wishes to log in using public key authentication.  There is no
-             need to keep the contents of this file secret.
-
-     /etc/moduli
-             Contains Diffie-Hellman groups used for DH-GEX.  The file format
-             is described in moduli(5).
-
-SEE ALSO
-     ssh(1), ssh-add(1), ssh-agent(1), moduli(5), sshd(8)
-
-     The Secure Shell (SSH) Public Key File Format, RFC 4716, 2006.
-
-AUTHORS
-     OpenSSH is a derivative of the original and free ssh 1.2.12 release by
-     Tatu Ylonen.  Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo
-     de Raadt and Dug Song removed many bugs, re-added newer features and
-     created OpenSSH.  Markus Friedl contributed the support for SSH protocol
-     versions 1.5 and 2.0.
-
-OpenBSD 5.7                    February 24, 2015                   OpenBSD 5.7
diff --git a/crypto/openssh/ssh-keygen.1 b/crypto/openssh/ssh-keygen.1
index 9b93666..ed17a08 100644
--- a/crypto/openssh/ssh-keygen.1
+++ b/crypto/openssh/ssh-keygen.1
@@ -1,4 +1,4 @@
-.\"	$OpenBSD: ssh-keygen.1,v 1.125 2015/02/24 15:24:05 naddy Exp $
+.\"	$OpenBSD: ssh-keygen.1,v 1.127 2015/08/20 19:20:06 naddy Exp $
 .\"
 .\" Author: Tatu Ylonen <ylo@cs.hut.fi>
 .\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -35,7 +35,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: February 24 2015 $
+.Dd $Mdocdate: August 20 2015 $
 .Dt SSH-KEYGEN 1
 .Os
 .Sh NAME
@@ -244,7 +244,7 @@ This option specifies the number of primality tests to perform.
 Show the bubblebabble digest of specified private or public key file.
 .It Fl b Ar bits
 Specifies the number of bits in the key to create.
-For RSA keys, the minimum size is 768 bits and the default is 2048 bits.
+For RSA keys, the minimum size is 1024 bits and the default is 2048 bits.
 Generally, 2048 bits is considered sufficient.
 DSA keys must be exactly 1024 bits as specified by FIPS 186-2.
 For ECDSA keys, the
@@ -680,7 +680,7 @@ and identifying the CA key by providing its public half as an argument
 to
 .Fl s :
 .Pp
-.Dl $ ssh-keygen -s ca_key.pub -D libpkcs11.so -I key_id host_key.pub
+.Dl $ ssh-keygen -s ca_key.pub -D libpkcs11.so -I key_id user_key.pub
 .Pp
 In all cases,
 .Ar key_id
@@ -693,7 +693,7 @@ By default, generated certificates are valid for all users or hosts.
 To generate a certificate for a specified set of principals:
 .Pp
 .Dl $ ssh-keygen -s ca_key -I key_id -n user1,user2 user_key.pub
-.Dl "$ ssh-keygen -s ca_key -I key_id -h -n host.domain user_key.pub"
+.Dl "$ ssh-keygen -s ca_key -I key_id -h -n host.domain host_key.pub"
 .Pp
 Additional limitations on the validity and use of user certificates may
 be specified through certificate options.
diff --git a/crypto/openssh/ssh-keygen.c b/crypto/openssh/ssh-keygen.c
index 8259d87..4e0a855 100644
--- a/crypto/openssh/ssh-keygen.c
+++ b/crypto/openssh/ssh-keygen.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-keygen.c,v 1.274 2015/05/28 07:37:31 djm Exp $ */
+/* $OpenBSD: ssh-keygen.c,v 1.277 2015/08/19 23:17:51 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -217,8 +217,8 @@ type_bits_valid(int type, const char *name, u_int32_t *bitsp)
 		fatal("key bits exceeds maximum %d", maxbits);
 	if (type == KEY_DSA && *bitsp != 1024)
 		fatal("DSA keys must be 1024 bits");
-	else if (type != KEY_ECDSA && type != KEY_ED25519 && *bitsp < 768)
-		fatal("Key must at least be 768 bits");
+	else if (type != KEY_ECDSA && type != KEY_ED25519 && *bitsp < 1024)
+		fatal("Key must at least be 1024 bits");
 	else if (type == KEY_ECDSA && sshkey_ecdsa_bits_to_nid(*bitsp) == -1)
 		fatal("Invalid ECDSA key length - valid lengths are "
 		    "256, 384 or 521 bits");
@@ -239,7 +239,6 @@ ask_filename(struct passwd *pw, const char *prompt)
 			name = _PATH_SSH_CLIENT_IDENTITY;
 			break;
 		case KEY_DSA_CERT:
-		case KEY_DSA_CERT_V00:
 		case KEY_DSA:
 			name = _PATH_SSH_CLIENT_ID_DSA;
 			break;
@@ -250,7 +249,6 @@ ask_filename(struct passwd *pw, const char *prompt)
 			break;
 #endif
 		case KEY_RSA_CERT:
-		case KEY_RSA_CERT_V00:
 		case KEY_RSA:
 			name = _PATH_SSH_CLIENT_ID_RSA;
 			break;
@@ -1203,7 +1201,8 @@ do_known_hosts(struct passwd *pw, const char *name)
 		exit(1);
 	} else if (delete_host && !ctx.found_key) {
 		logit("Host %s not found in %s", name, identity_file);
-		unlink(tmp);
+		if (inplace)
+			unlink(tmp);
 	} else if (inplace) {
 		/* Backup existing file */
 		if (unlink(old) == -1 && errno != ENOENT)
@@ -1575,25 +1574,6 @@ do_ca_sign(struct passwd *pw, int argc, char **argv)
 	struct sshkey *ca, *public;
 	char *otmp, *tmp, *cp, *out, *comment, **plist = NULL;
 	FILE *f;
-	int v00 = 0; /* legacy keys */
-
-	if (key_type_name != NULL) {
-		switch (sshkey_type_from_name(key_type_name)) {
-		case KEY_RSA_CERT_V00:
-		case KEY_DSA_CERT_V00:
-			v00 = 1;
-			break;
-		case KEY_UNSPEC:
-			if (strcasecmp(key_type_name, "v00") == 0) {
-				v00 = 1;
-				break;
-			} else if (strcasecmp(key_type_name, "v01") == 0)
-				break;
-			/* FALLTHROUGH */
-		default:
-			fatal("unknown key type %s", key_type_name);
-		}
-	}
 
 #ifdef ENABLE_PKCS11
 	pkcs11_init(1);
@@ -1630,7 +1610,7 @@ do_ca_sign(struct passwd *pw, int argc, char **argv)
 			    __func__, tmp, sshkey_type(public));
 
 		/* Prepare certificate to sign */
-		if ((r = sshkey_to_certified(public, v00)) != 0)
+		if ((r = sshkey_to_certified(public)) != 0)
 			fatal("Could not upgrade key %s to certificate: %s",
 			    tmp, ssh_err(r));
 		public->cert->type = cert_key_type;
@@ -1640,15 +1620,9 @@ do_ca_sign(struct passwd *pw, int argc, char **argv)
 		public->cert->principals = plist;
 		public->cert->valid_after = cert_valid_from;
 		public->cert->valid_before = cert_valid_to;
-		if (v00) {
-			prepare_options_buf(public->cert->critical,
-			    OPTIONS_CRITICAL|OPTIONS_EXTENSIONS);
-		} else {
-			prepare_options_buf(public->cert->critical,
-			    OPTIONS_CRITICAL);
-			prepare_options_buf(public->cert->extensions,
-			    OPTIONS_EXTENSIONS);
-		}
+		prepare_options_buf(public->cert->critical, OPTIONS_CRITICAL);
+		prepare_options_buf(public->cert->extensions,
+		    OPTIONS_EXTENSIONS);
 		if ((r = sshkey_from_private(ca,
 		    &public->cert->signature_key)) != 0)
 			fatal("key_from_private (ca key): %s", ssh_err(r));
@@ -1833,7 +1807,7 @@ add_cert_option(char *opt)
 }
 
 static void
-show_options(struct sshbuf *optbuf, int v00, int in_critical)
+show_options(struct sshbuf *optbuf, int in_critical)
 {
 	char *name, *arg;
 	struct sshbuf *options, *option = NULL;
@@ -1848,14 +1822,14 @@ show_options(struct sshbuf *optbuf, int v00, int in_critical)
 		    (r = sshbuf_froms(options, &option)) != 0)
 			fatal("%s: buffer error: %s", __func__, ssh_err(r));
 		printf("                %s", name);
-		if ((v00 || !in_critical) && 
+		if (!in_critical &&
 		    (strcmp(name, "permit-X11-forwarding") == 0 ||
 		    strcmp(name, "permit-agent-forwarding") == 0 ||
 		    strcmp(name, "permit-port-forwarding") == 0 ||
 		    strcmp(name, "permit-pty") == 0 ||
 		    strcmp(name, "permit-user-rc") == 0))
 			printf("\n");
-		else if ((v00 || in_critical) &&
+		else if (in_critical &&
 		    (strcmp(name, "force-command") == 0 ||
 		    strcmp(name, "source-address") == 0)) {
 			if ((r = sshbuf_get_cstring(option, &arg, NULL)) != 0)
@@ -1882,7 +1856,7 @@ do_show_cert(struct passwd *pw)
 	struct sshkey *key;
 	struct stat st;
 	char *key_fp, *ca_fp;
-	u_int i, v00;
+	u_int i;
 	int r;
 
 	if (!have_identity)
@@ -1894,7 +1868,6 @@ do_show_cert(struct passwd *pw)
 		    identity_file, ssh_err(r));
 	if (!sshkey_is_cert(key))
 		fatal("%s is not a certificate", identity_file);
-	v00 = key->type == KEY_RSA_CERT_V00 || key->type == KEY_DSA_CERT_V00;
 
 	key_fp = sshkey_fingerprint(key, fingerprint_hash, SSH_FP_DEFAULT);
 	ca_fp = sshkey_fingerprint(key->cert->signature_key,
@@ -1909,10 +1882,7 @@ do_show_cert(struct passwd *pw)
 	printf("        Signing CA: %s %s\n",
 	    sshkey_type(key->cert->signature_key), ca_fp);
 	printf("        Key ID: \"%s\"\n", key->cert->key_id);
-	if (!v00) {
-		printf("        Serial: %llu\n",
-		    (unsigned long long)key->cert->serial);
-	}
+	printf("        Serial: %llu\n", (unsigned long long)key->cert->serial);
 	printf("        Valid: %s\n",
 	    fmt_validity(key->cert->valid_after, key->cert->valid_before));
 	printf("        Principals: ");
@@ -1929,16 +1899,14 @@ do_show_cert(struct passwd *pw)
 		printf("(none)\n");
 	else {
 		printf("\n");
-		show_options(key->cert->critical, v00, 1);
+		show_options(key->cert->critical, 1);
 	}
-	if (!v00) {
-		printf("        Extensions: ");
-		if (sshbuf_len(key->cert->extensions) == 0)
-			printf("(none)\n");
-		else {
-			printf("\n");
-			show_options(key->cert->extensions, v00, 0);
-		}
+	printf("        Extensions: ");
+	if (sshbuf_len(key->cert->extensions) == 0)
+		printf("(none)\n");
+	else {
+		printf("\n");
+		show_options(key->cert->extensions, 0);
 	}
 	exit(0);
 }
diff --git a/crypto/openssh/ssh-keyscan.0 b/crypto/openssh/ssh-keyscan.0
deleted file mode 100644
index fe7aa85..0000000
--- a/crypto/openssh/ssh-keyscan.0
+++ /dev/null
@@ -1,109 +0,0 @@
-SSH-KEYSCAN(1)              General Commands Manual             SSH-KEYSCAN(1)
-
-NAME
-     ssh-keyscan M-bM-^@M-^S gather ssh public keys
-
-SYNOPSIS
-     ssh-keyscan [-46Hv] [-f file] [-p port] [-T timeout] [-t type]
-                 [host | addrlist namelist] ...
-
-DESCRIPTION
-     ssh-keyscan is a utility for gathering the public ssh host keys of a
-     number of hosts.  It was designed to aid in building and verifying
-     ssh_known_hosts files.  ssh-keyscan provides a minimal interface suitable
-     for use by shell and perl scripts.
-
-     ssh-keyscan uses non-blocking socket I/O to contact as many hosts as
-     possible in parallel, so it is very efficient.  The keys from a domain of
-     1,000 hosts can be collected in tens of seconds, even when some of those
-     hosts are down or do not run ssh.  For scanning, one does not need login
-     access to the machines that are being scanned, nor does the scanning
-     process involve any encryption.
-
-     The options are as follows:
-
-     -4      Forces ssh-keyscan to use IPv4 addresses only.
-
-     -6      Forces ssh-keyscan to use IPv6 addresses only.
-
-     -f file
-             Read hosts or M-bM-^@M-^\addrlist namelistM-bM-^@M-^] pairs from file, one per line.
-             If - is supplied instead of a filename, ssh-keyscan will read
-             hosts or M-bM-^@M-^\addrlist namelistM-bM-^@M-^] pairs from the standard input.
-
-     -H      Hash all hostnames and addresses in the output.  Hashed names may
-             be used normally by ssh and sshd, but they do not reveal
-             identifying information should the file's contents be disclosed.
-
-     -p port
-             Port to connect to on the remote host.
-
-     -T timeout
-             Set the timeout for connection attempts.  If timeout seconds have
-             elapsed since a connection was initiated to a host or since the
-             last time anything was read from that host, then the connection
-             is closed and the host in question considered unavailable.
-             Default is 5 seconds.
-
-     -t type
-             Specifies the type of the key to fetch from the scanned hosts.
-             The possible values are M-bM-^@M-^\rsa1M-bM-^@M-^] for protocol version 1 and M-bM-^@M-^\dsaM-bM-^@M-^],
-             M-bM-^@M-^\ecdsaM-bM-^@M-^], M-bM-^@M-^\ed25519M-bM-^@M-^], or M-bM-^@M-^\rsaM-bM-^@M-^] for protocol version 2.  Multiple
-             values may be specified by separating them with commas.  The
-             default is to fetch M-bM-^@M-^\rsaM-bM-^@M-^], M-bM-^@M-^\ecdsaM-bM-^@M-^], and M-bM-^@M-^\ed25519M-bM-^@M-^] keys.
-
-     -v      Verbose mode.  Causes ssh-keyscan to print debugging messages
-             about its progress.
-
-SECURITY
-     If an ssh_known_hosts file is constructed using ssh-keyscan without
-     verifying the keys, users will be vulnerable to man in the middle
-     attacks.  On the other hand, if the security model allows such a risk,
-     ssh-keyscan can help in the detection of tampered keyfiles or man in the
-     middle attacks which have begun after the ssh_known_hosts file was
-     created.
-
-FILES
-     Input format:
-
-     1.2.3.4,1.2.4.4 name.my.domain,name,n.my.domain,n,1.2.3.4,1.2.4.4
-
-     Output format for RSA1 keys:
-
-     host-or-namelist bits exponent modulus
-
-     Output format for RSA, DSA, ECDSA, and Ed25519 keys:
-
-     host-or-namelist keytype base64-encoded-key
-
-     Where keytype is either M-bM-^@M-^\ecdsa-sha2-nistp256M-bM-^@M-^], M-bM-^@M-^\ecdsa-sha2-nistp384M-bM-^@M-^],
-     M-bM-^@M-^\ecdsa-sha2-nistp521M-bM-^@M-^], M-bM-^@M-^\ssh-ed25519M-bM-^@M-^], M-bM-^@M-^\ssh-dssM-bM-^@M-^] or M-bM-^@M-^\ssh-rsaM-bM-^@M-^].
-
-     /etc/ssh/ssh_known_hosts
-
-EXAMPLES
-     Print the rsa host key for machine hostname:
-
-     $ ssh-keyscan hostname
-
-     Find all hosts from the file ssh_hosts which have new or different keys
-     from those in the sorted file ssh_known_hosts:
-
-     $ ssh-keyscan -t rsa,dsa,ecdsa,ed25519 -f ssh_hosts | \
-             sort -u - ssh_known_hosts | diff ssh_known_hosts -
-
-SEE ALSO
-     ssh(1), sshd(8)
-
-AUTHORS
-     David Mazieres <dm@lcs.mit.edu> wrote the initial version, and Wayne
-     Davison <wayned@users.sourceforge.net> added support for protocol version
-     2.
-
-BUGS
-     It generates "Connection closed by remote host" messages on the consoles
-     of all the machines it scans if the server is older than version 2.9.
-     This is because it opens a connection to the ssh port, reads the public
-     key, and drops the connection as soon as it gets the key.
-
-OpenBSD 5.7                     August 30, 2014                    OpenBSD 5.7
diff --git a/crypto/openssh/ssh-keysign.0 b/crypto/openssh/ssh-keysign.0
deleted file mode 100644
index b061076..0000000
--- a/crypto/openssh/ssh-keysign.0
+++ /dev/null
@@ -1,53 +0,0 @@
-SSH-KEYSIGN(8)              System Manager's Manual             SSH-KEYSIGN(8)
-
-NAME
-     ssh-keysign M-bM-^@M-^S ssh helper program for host-based authentication
-
-SYNOPSIS
-     ssh-keysign
-
-DESCRIPTION
-     ssh-keysign is used by ssh(1) to access the local host keys and generate
-     the digital signature required during host-based authentication with SSH
-     protocol version 2.
-
-     ssh-keysign is disabled by default and can only be enabled in the global
-     client configuration file /etc/ssh/ssh_config by setting EnableSSHKeysign
-     to M-bM-^@M-^\yesM-bM-^@M-^].
-
-     ssh-keysign is not intended to be invoked by the user, but from ssh(1).
-     See ssh(1) and sshd(8) for more information about host-based
-     authentication.
-
-FILES
-     /etc/ssh/ssh_config
-             Controls whether ssh-keysign is enabled.
-
-     /etc/ssh/ssh_host_dsa_key
-     /etc/ssh/ssh_host_ecdsa_key
-     /etc/ssh/ssh_host_ed25519_key
-     /etc/ssh/ssh_host_rsa_key
-             These files contain the private parts of the host keys used to
-             generate the digital signature.  They should be owned by root,
-             readable only by root, and not accessible to others.  Since they
-             are readable only by root, ssh-keysign must be set-uid root if
-             host-based authentication is used.
-
-     /etc/ssh/ssh_host_dsa_key-cert.pub
-     /etc/ssh/ssh_host_ecdsa_key-cert.pub
-     /etc/ssh/ssh_host_ed25519_key-cert.pub
-     /etc/ssh/ssh_host_rsa_key-cert.pub
-             If these files exist they are assumed to contain public
-             certificate information corresponding with the private keys
-             above.
-
-SEE ALSO
-     ssh(1), ssh-keygen(1), ssh_config(5), sshd(8)
-
-HISTORY
-     ssh-keysign first appeared in OpenBSD 3.2.
-
-AUTHORS
-     Markus Friedl <markus@openbsd.org>
-
-OpenBSD 5.7                    December 7, 2013                    OpenBSD 5.7
diff --git a/crypto/openssh/ssh-keysign.c b/crypto/openssh/ssh-keysign.c
index 5688202..1dca3e2 100644
--- a/crypto/openssh/ssh-keysign.c
+++ b/crypto/openssh/ssh-keysign.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-keysign.c,v 1.48 2015/03/24 20:09:11 markus Exp $ */
+/* $OpenBSD: ssh-keysign.c,v 1.49 2015/07/03 03:56:25 djm Exp $ */
 /*
  * Copyright (c) 2002 Markus Friedl.  All rights reserved.
  *
@@ -187,6 +187,7 @@ main(int argc, char **argv)
 		close(fd);
 
 	i = 0;
+	/* XXX This really needs to read sshd_config for the paths */
 	key_fd[i++] = open(_PATH_HOST_DSA_KEY_FILE, O_RDONLY);
 	key_fd[i++] = open(_PATH_HOST_ECDSA_KEY_FILE, O_RDONLY);
 	key_fd[i++] = open(_PATH_HOST_ED25519_KEY_FILE, O_RDONLY);
diff --git a/crypto/openssh/ssh-pkcs11-helper.0 b/crypto/openssh/ssh-pkcs11-helper.0
deleted file mode 100644
index a4d6dd4..0000000
--- a/crypto/openssh/ssh-pkcs11-helper.0
+++ /dev/null
@@ -1,25 +0,0 @@
-SSH-PKCS11-HELPER(8)        System Manager's Manual       SSH-PKCS11-HELPER(8)
-
-NAME
-     ssh-pkcs11-helper M-bM-^@M-^S ssh-agent helper program for PKCS#11 support
-
-SYNOPSIS
-     ssh-pkcs11-helper
-
-DESCRIPTION
-     ssh-pkcs11-helper is used by ssh-agent(1) to access keys provided by a
-     PKCS#11 token.
-
-     ssh-pkcs11-helper is not intended to be invoked by the user, but from
-     ssh-agent(1).
-
-SEE ALSO
-     ssh(1), ssh-add(1), ssh-agent(1)
-
-HISTORY
-     ssh-pkcs11-helper first appeared in OpenBSD 4.7.
-
-AUTHORS
-     Markus Friedl <markus@openbsd.org>
-
-OpenBSD 5.7                      July 16, 2013                     OpenBSD 5.7
diff --git a/crypto/openssh/ssh-pkcs11-helper.c b/crypto/openssh/ssh-pkcs11-helper.c
index ceabc8b..f2d5863 100644
--- a/crypto/openssh/ssh-pkcs11-helper.c
+++ b/crypto/openssh/ssh-pkcs11-helper.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-pkcs11-helper.c,v 1.10 2015/01/20 23:14:00 deraadt Exp $ */
+/* $OpenBSD: ssh-pkcs11-helper.c,v 1.11 2015/08/20 22:32:42 deraadt Exp $ */
 /*
  * Copyright (c) 2010 Markus Friedl.  All rights reserved.
  *
@@ -301,8 +301,8 @@ main(int argc, char **argv)
 	buffer_init(&oqueue);
 
 	set_size = howmany(max + 1, NFDBITS) * sizeof(fd_mask);
-	rset = (fd_set *)xmalloc(set_size);
-	wset = (fd_set *)xmalloc(set_size);
+	rset = xmalloc(set_size);
+	wset = xmalloc(set_size);
 
 	for (;;) {
 		memset(rset, 0, set_size);
diff --git a/crypto/openssh/ssh-pkcs11.c b/crypto/openssh/ssh-pkcs11.c
index e074175..92614a5 100644
--- a/crypto/openssh/ssh-pkcs11.c
+++ b/crypto/openssh/ssh-pkcs11.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-pkcs11.c,v 1.19 2015/05/27 05:15:02 djm Exp $ */
+/* $OpenBSD: ssh-pkcs11.c,v 1.21 2015/07/18 08:02:17 djm Exp $ */
 /*
  * Copyright (c) 2010 Markus Friedl.  All rights reserved.
  *
@@ -481,15 +481,23 @@ pkcs11_fetch_keys_filter(struct pkcs11_provider *p, CK_ULONG slotidx,
 			error("C_GetAttributeValue failed: %lu", rv);
 			continue;
 		}
-		/* check that none of the attributes are zero length */
-		if (attribs[0].ulValueLen == 0 ||
-		    attribs[1].ulValueLen == 0 ||
+		/*
+		 * Allow CKA_ID (always first attribute) to be empty, but
+		 * ensure that none of the others are zero length.
+		 * XXX assumes CKA_ID is always first.
+		 */
+		if (attribs[1].ulValueLen == 0 ||
 		    attribs[2].ulValueLen == 0) {
 			continue;
 		}
 		/* allocate buffers for attributes */
-		for (i = 0; i < 3; i++)
-			attribs[i].pValue = xmalloc(attribs[i].ulValueLen);
+		for (i = 0; i < 3; i++) {
+			if (attribs[i].ulValueLen > 0) {
+				attribs[i].pValue = xmalloc(
+				    attribs[i].ulValueLen);
+			}
+		}
+
 		/*
 		 * retrieve ID, modulus and public exponent of RSA key,
 		 * or ID, subject and value for certificates.
@@ -631,6 +639,11 @@ pkcs11_add_provider(char *provider_id, char *pin, struct sshkey ***keyp)
 			error("C_GetTokenInfo failed: %lu", rv);
 			continue;
 		}
+		if ((token->flags & CKF_TOKEN_INITIALIZED) == 0) {
+			debug2("%s: ignoring uninitialised token in slot %lu",
+			    __func__, (unsigned long)i);
+			continue;
+		}
 		rmspace(token->label, sizeof(token->label));
 		rmspace(token->manufacturerID, sizeof(token->manufacturerID));
 		rmspace(token->model, sizeof(token->model));
diff --git a/crypto/openssh/ssh.0 b/crypto/openssh/ssh.0
deleted file mode 100644
index 5aaeb8d..0000000
--- a/crypto/openssh/ssh.0
+++ /dev/null
@@ -1,960 +0,0 @@
-SSH(1)                      General Commands Manual                     SSH(1)
-
-NAME
-     ssh M-bM-^@M-^S OpenSSH SSH client (remote login program)
-
-SYNOPSIS
-     ssh [-1246AaCfGgKkMNnqsTtVvXxYy] [-b bind_address] [-c cipher_spec]
-         [-D [bind_address:]port] [-E log_file] [-e escape_char]
-         [-F configfile] [-I pkcs11] [-i identity_file]
-         [-L [bind_address:]port:host:hostport] [-l login_name] [-m mac_spec]
-         [-O ctl_cmd] [-o option] [-p port]
-         [-Q cipher | cipher-auth | mac | kex | key | protocol-version]
-         [-R [bind_address:]port:host:hostport] [-S ctl_path] [-W host:port]
-         [-w local_tun[:remote_tun]] [user@]hostname [command]
-
-DESCRIPTION
-     ssh (SSH client) is a program for logging into a remote machine and for
-     executing commands on a remote machine.  It is intended to replace rlogin
-     and rsh, and provide secure encrypted communications between two
-     untrusted hosts over an insecure network.  X11 connections, arbitrary TCP
-     ports and UNIX-domain sockets can also be forwarded over the secure
-     channel.
-
-     ssh connects and logs into the specified hostname (with optional user
-     name).  The user must prove his/her identity to the remote machine using
-     one of several methods depending on the protocol version used (see
-     below).
-
-     If command is specified, it is executed on the remote host instead of a
-     login shell.
-
-     The options are as follows:
-
-     -1      Forces ssh to try protocol version 1 only.
-
-     -2      Forces ssh to try protocol version 2 only.
-
-     -4      Forces ssh to use IPv4 addresses only.
-
-     -6      Forces ssh to use IPv6 addresses only.
-
-     -A      Enables forwarding of the authentication agent connection.  This
-             can also be specified on a per-host basis in a configuration
-             file.
-
-             Agent forwarding should be enabled with caution.  Users with the
-             ability to bypass file permissions on the remote host (for the
-             agent's UNIX-domain socket) can access the local agent through
-             the forwarded connection.  An attacker cannot obtain key material
-             from the agent, however they can perform operations on the keys
-             that enable them to authenticate using the identities loaded into
-             the agent.
-
-     -a      Disables forwarding of the authentication agent connection.
-
-     -b bind_address
-             Use bind_address on the local machine as the source address of
-             the connection.  Only useful on systems with more than one
-             address.
-
-     -C      Requests compression of all data (including stdin, stdout,
-             stderr, and data for forwarded X11, TCP and UNIX-domain
-             connections).  The compression algorithm is the same used by
-             gzip(1), and the M-bM-^@M-^\levelM-bM-^@M-^] can be controlled by the
-             CompressionLevel option for protocol version 1.  Compression is
-             desirable on modem lines and other slow connections, but will
-             only slow down things on fast networks.  The default value can be
-             set on a host-by-host basis in the configuration files; see the
-             Compression option.
-
-     -c cipher_spec
-             Selects the cipher specification for encrypting the session.
-
-             Protocol version 1 allows specification of a single cipher.  The
-             supported values are M-bM-^@M-^\3desM-bM-^@M-^], M-bM-^@M-^\blowfishM-bM-^@M-^], and M-bM-^@M-^\desM-bM-^@M-^].  For protocol
-             version 2, cipher_spec is a comma-separated list of ciphers
-             listed in order of preference.  See the Ciphers keyword in
-             ssh_config(5) for more information.
-
-     -D [bind_address:]port
-             Specifies a local M-bM-^@M-^\dynamicM-bM-^@M-^] application-level port forwarding.
-             This works by allocating a socket to listen to port on the local
-             side, optionally bound to the specified bind_address.  Whenever a
-             connection is made to this port, the connection is forwarded over
-             the secure channel, and the application protocol is then used to
-             determine where to connect to from the remote machine.  Currently
-             the SOCKS4 and SOCKS5 protocols are supported, and ssh will act
-             as a SOCKS server.  Only root can forward privileged ports.
-             Dynamic port forwardings can also be specified in the
-             configuration file.
-
-             IPv6 addresses can be specified by enclosing the address in
-             square brackets.  Only the superuser can forward privileged
-             ports.  By default, the local port is bound in accordance with
-             the GatewayPorts setting.  However, an explicit bind_address may
-             be used to bind the connection to a specific address.  The
-             bind_address of M-bM-^@M-^\localhostM-bM-^@M-^] indicates that the listening port be
-             bound for local use only, while an empty address or M-bM-^@M-^X*M-bM-^@M-^Y indicates
-             that the port should be available from all interfaces.
-
-     -E log_file
-             Append debug logs to log_file instead of standard error.
-
-     -e escape_char
-             Sets the escape character for sessions with a pty (default: M-bM-^@M-^X~M-bM-^@M-^Y).
-             The escape character is only recognized at the beginning of a
-             line.  The escape character followed by a dot (M-bM-^@M-^X.M-bM-^@M-^Y) closes the
-             connection; followed by control-Z suspends the connection; and
-             followed by itself sends the escape character once.  Setting the
-             character to M-bM-^@M-^\noneM-bM-^@M-^] disables any escapes and makes the session
-             fully transparent.
-
-     -F configfile
-             Specifies an alternative per-user configuration file.  If a
-             configuration file is given on the command line, the system-wide
-             configuration file (/etc/ssh/ssh_config) will be ignored.  The
-             default for the per-user configuration file is ~/.ssh/config.
-
-     -f      Requests ssh to go to background just before command execution.
-             This is useful if ssh is going to ask for passwords or
-             passphrases, but the user wants it in the background.  This
-             implies -n.  The recommended way to start X11 programs at a
-             remote site is with something like ssh -f host xterm.
-
-             If the ExitOnForwardFailure configuration option is set to M-bM-^@M-^\yesM-bM-^@M-^],
-             then a client started with -f will wait for all remote port
-             forwards to be successfully established before placing itself in
-             the background.
-
-     -G      Causes ssh to print its configuration after evaluating Host and
-             Match blocks and exit.
-
-     -g      Allows remote hosts to connect to local forwarded ports.  If used
-             on a multiplexed connection, then this option must be specified
-             on the master process.
-
-     -I pkcs11
-             Specify the PKCS#11 shared library ssh should use to communicate
-             with a PKCS#11 token providing the user's private RSA key.
-
-     -i identity_file
-             Selects a file from which the identity (private key) for public
-             key authentication is read.  The default is ~/.ssh/identity for
-             protocol version 1, and ~/.ssh/id_dsa, ~/.ssh/id_ecdsa,
-             ~/.ssh/id_ed25519 and ~/.ssh/id_rsa for protocol version 2.
-             Identity files may also be specified on a per-host basis in the
-             configuration file.  It is possible to have multiple -i options
-             (and multiple identities specified in configuration files).  ssh
-             will also try to load certificate information from the filename
-             obtained by appending -cert.pub to identity filenames.
-
-     -K      Enables GSSAPI-based authentication and forwarding (delegation)
-             of GSSAPI credentials to the server.
-
-     -k      Disables forwarding (delegation) of GSSAPI credentials to the
-             server.
-
-     -L [bind_address:]port:host:hostport
-             Specifies that the given port on the local (client) host is to be
-             forwarded to the given host and port on the remote side.  This
-             works by allocating a socket to listen to port on the local side,
-             optionally bound to the specified bind_address.  Whenever a
-             connection is made to this port, the connection is forwarded over
-             the secure channel, and a connection is made to host port
-             hostport from the remote machine.  Port forwardings can also be
-             specified in the configuration file.  IPv6 addresses can be
-             specified by enclosing the address in square brackets.  Only the
-             superuser can forward privileged ports.  By default, the local
-             port is bound in accordance with the GatewayPorts setting.
-             However, an explicit bind_address may be used to bind the
-             connection to a specific address.  The bind_address of
-             M-bM-^@M-^\localhostM-bM-^@M-^] indicates that the listening port be bound for local
-             use only, while an empty address or M-bM-^@M-^X*M-bM-^@M-^Y indicates that the port
-             should be available from all interfaces.
-
-     -l login_name
-             Specifies the user to log in as on the remote machine.  This also
-             may be specified on a per-host basis in the configuration file.
-
-     -M      Places the ssh client into M-bM-^@M-^\masterM-bM-^@M-^] mode for connection sharing.
-             Multiple -M options places ssh into M-bM-^@M-^\masterM-bM-^@M-^] mode with
-             confirmation required before slave connections are accepted.
-             Refer to the description of ControlMaster in ssh_config(5) for
-             details.
-
-     -m mac_spec
-             Additionally, for protocol version 2 a comma-separated list of
-             MAC (message authentication code) algorithms can be specified in
-             order of preference.  See the MACs keyword for more information.
-
-     -N      Do not execute a remote command.  This is useful for just
-             forwarding ports (protocol version 2 only).
-
-     -n      Redirects stdin from /dev/null (actually, prevents reading from
-             stdin).  This must be used when ssh is run in the background.  A
-             common trick is to use this to run X11 programs on a remote
-             machine.  For example, ssh -n shadows.cs.hut.fi emacs & will
-             start an emacs on shadows.cs.hut.fi, and the X11 connection will
-             be automatically forwarded over an encrypted channel.  The ssh
-             program will be put in the background.  (This does not work if
-             ssh needs to ask for a password or passphrase; see also the -f
-             option.)
-
-     -O ctl_cmd
-             Control an active connection multiplexing master process.  When
-             the -O option is specified, the ctl_cmd argument is interpreted
-             and passed to the master process.  Valid commands are: M-bM-^@M-^\checkM-bM-^@M-^]
-             (check that the master process is running), M-bM-^@M-^\forwardM-bM-^@M-^] (request
-             forwardings without command execution), M-bM-^@M-^\cancelM-bM-^@M-^] (cancel
-             forwardings), M-bM-^@M-^\exitM-bM-^@M-^] (request the master to exit), and M-bM-^@M-^\stopM-bM-^@M-^]
-             (request the master to stop accepting further multiplexing
-             requests).
-
-     -o option
-             Can be used to give options in the format used in the
-             configuration file.  This is useful for specifying options for
-             which there is no separate command-line flag.  For full details
-             of the options listed below, and their possible values, see
-             ssh_config(5).
-
-                   AddressFamily
-                   BatchMode
-                   BindAddress
-                   CanonicalDomains
-                   CanonicalizeFallbackLocal
-                   CanonicalizeHostname
-                   CanonicalizeMaxDots
-                   CanonicalizePermittedCNAMEs
-                   ChallengeResponseAuthentication
-                   CheckHostIP
-                   Cipher
-                   Ciphers
-                   ClearAllForwardings
-                   Compression
-                   CompressionLevel
-                   ConnectionAttempts
-                   ConnectTimeout
-                   ControlMaster
-                   ControlPath
-                   ControlPersist
-                   DynamicForward
-                   EscapeChar
-                   ExitOnForwardFailure
-                   FingerprintHash
-                   ForwardAgent
-                   ForwardX11
-                   ForwardX11Timeout
-                   ForwardX11Trusted
-                   GatewayPorts
-                   GlobalKnownHostsFile
-                   GSSAPIAuthentication
-                   GSSAPIDelegateCredentials
-                   HashKnownHosts
-                   Host
-                   HostbasedAuthentication
-                   HostbasedKeyTypes
-                   HostKeyAlgorithms
-                   HostKeyAlias
-                   HostName
-                   IdentityFile
-                   IdentitiesOnly
-                   IPQoS
-                   KbdInteractiveAuthentication
-                   KbdInteractiveDevices
-                   KexAlgorithms
-                   LocalCommand
-                   LocalForward
-                   LogLevel
-                   MACs
-                   Match
-                   NoHostAuthenticationForLocalhost
-                   NumberOfPasswordPrompts
-                   PasswordAuthentication
-                   PermitLocalCommand
-                   PKCS11Provider
-                   Port
-                   PreferredAuthentications
-                   Protocol
-                   ProxyCommand
-                   ProxyUseFdpass
-                   PubkeyAuthentication
-                   RekeyLimit
-                   RemoteForward
-                   RequestTTY
-                   RhostsRSAAuthentication
-                   RSAAuthentication
-                   SendEnv
-                   ServerAliveInterval
-                   ServerAliveCountMax
-                   StreamLocalBindMask
-                   StreamLocalBindUnlink
-                   StrictHostKeyChecking
-                   TCPKeepAlive
-                   Tunnel
-                   TunnelDevice
-                   UpdateHostKeys
-                   UsePrivilegedPort
-                   User
-                   UserKnownHostsFile
-                   VerifyHostKeyDNS
-                   VisualHostKey
-                   XAuthLocation
-
-     -p port
-             Port to connect to on the remote host.  This can be specified on
-             a per-host basis in the configuration file.
-
-     -Q cipher | cipher-auth | mac | kex | key | protocol-version
-             Queries ssh for the algorithms supported for the specified
-             version 2.  The available features are: cipher (supported
-             symmetric ciphers), cipher-auth (supported symmetric ciphers that
-             support authenticated encryption), mac (supported message
-             integrity codes), kex (key exchange algorithms), key (key types)
-             and protocol-version (supported SSH protocol versions).
-
-     -q      Quiet mode.  Causes most warning and diagnostic messages to be
-             suppressed.
-
-     -R [bind_address:]port:host:hostport
-             Specifies that the given port on the remote (server) host is to
-             be forwarded to the given host and port on the local side.  This
-             works by allocating a socket to listen to port on the remote
-             side, and whenever a connection is made to this port, the
-             connection is forwarded over the secure channel, and a connection
-             is made to host port hostport from the local machine.
-
-             Port forwardings can also be specified in the configuration file.
-             Privileged ports can be forwarded only when logging in as root on
-             the remote machine.  IPv6 addresses can be specified by enclosing
-             the address in square brackets.
-
-             By default, the listening socket on the server will be bound to
-             the loopback interface only.  This may be overridden by
-             specifying a bind_address.  An empty bind_address, or the address
-             M-bM-^@M-^X*M-bM-^@M-^Y, indicates that the remote socket should listen on all
-             interfaces.  Specifying a remote bind_address will only succeed
-             if the server's GatewayPorts option is enabled (see
-             sshd_config(5)).
-
-             If the port argument is M-bM-^@M-^X0M-bM-^@M-^Y, the listen port will be dynamically
-             allocated on the server and reported to the client at run time.
-             When used together with -O forward the allocated port will be
-             printed to the standard output.
-
-     -S ctl_path
-             Specifies the location of a control socket for connection
-             sharing, or the string M-bM-^@M-^\noneM-bM-^@M-^] to disable connection sharing.
-             Refer to the description of ControlPath and ControlMaster in
-             ssh_config(5) for details.
-
-     -s      May be used to request invocation of a subsystem on the remote
-             system.  Subsystems are a feature of the SSH2 protocol which
-             facilitate the use of SSH as a secure transport for other
-             applications (eg. sftp(1)).  The subsystem is specified as the
-             remote command.
-
-     -T      Disable pseudo-terminal allocation.
-
-     -t      Force pseudo-terminal allocation.  This can be used to execute
-             arbitrary screen-based programs on a remote machine, which can be
-             very useful, e.g. when implementing menu services.  Multiple -t
-             options force tty allocation, even if ssh has no local tty.
-
-     -V      Display the version number and exit.
-
-     -v      Verbose mode.  Causes ssh to print debugging messages about its
-             progress.  This is helpful in debugging connection,
-             authentication, and configuration problems.  Multiple -v options
-             increase the verbosity.  The maximum is 3.
-
-     -W host:port
-             Requests that standard input and output on the client be
-             forwarded to host on port over the secure channel.  Implies -N,
-             -T, ExitOnForwardFailure and ClearAllForwardings.  Works with
-             Protocol version 2 only.
-
-     -w local_tun[:remote_tun]
-             Requests tunnel device forwarding with the specified tun(4)
-             devices between the client (local_tun) and the server
-             (remote_tun).
-
-             The devices may be specified by numerical ID or the keyword
-             M-bM-^@M-^\anyM-bM-^@M-^], which uses the next available tunnel device.  If
-             remote_tun is not specified, it defaults to M-bM-^@M-^\anyM-bM-^@M-^].  See also the
-             Tunnel and TunnelDevice directives in ssh_config(5).  If the
-             Tunnel directive is unset, it is set to the default tunnel mode,
-             which is M-bM-^@M-^\point-to-pointM-bM-^@M-^].
-
-     -X      Enables X11 forwarding.  This can also be specified on a per-host
-             basis in a configuration file.
-
-             X11 forwarding should be enabled with caution.  Users with the
-             ability to bypass file permissions on the remote host (for the
-             user's X authorization database) can access the local X11 display
-             through the forwarded connection.  An attacker may then be able
-             to perform activities such as keystroke monitoring.
-
-             For this reason, X11 forwarding is subjected to X11 SECURITY
-             extension restrictions by default.  Please refer to the ssh -Y
-             option and the ForwardX11Trusted directive in ssh_config(5) for
-             more information.
-
-     -x      Disables X11 forwarding.
-
-     -Y      Enables trusted X11 forwarding.  Trusted X11 forwardings are not
-             subjected to the X11 SECURITY extension controls.
-
-     -y      Send log information using the syslog(3) system module.  By
-             default this information is sent to stderr.
-
-     ssh may additionally obtain configuration data from a per-user
-     configuration file and a system-wide configuration file.  The file format
-     and configuration options are described in ssh_config(5).
-
-AUTHENTICATION
-     The OpenSSH SSH client supports SSH protocols 1 and 2.  The default is to
-     use protocol 2 only, though this can be changed via the Protocol option
-     in ssh_config(5) or the -1 and -2 options (see above).  Both protocols
-     support similar authentication methods, but protocol 2 is the default
-     since it provides additional mechanisms for confidentiality (the traffic
-     is encrypted using AES, 3DES, Blowfish, CAST128, or Arcfour) and
-     integrity (hmac-md5, hmac-sha1, hmac-sha2-256, hmac-sha2-512, umac-64,
-     umac-128, hmac-ripemd160).  Protocol 1 lacks a strong mechanism for
-     ensuring the integrity of the connection.
-
-     The methods available for authentication are: GSSAPI-based
-     authentication, host-based authentication, public key authentication,
-     challenge-response authentication, and password authentication.
-     Authentication methods are tried in the order specified above, though
-     protocol 2 has a configuration option to change the default order:
-     PreferredAuthentications.
-
-     Host-based authentication works as follows: If the machine the user logs
-     in from is listed in /etc/hosts.equiv or /etc/shosts.equiv on the remote
-     machine, and the user names are the same on both sides, or if the files
-     ~/.rhosts or ~/.shosts exist in the user's home directory on the remote
-     machine and contain a line containing the name of the client machine and
-     the name of the user on that machine, the user is considered for login.
-     Additionally, the server must be able to verify the client's host key
-     (see the description of /etc/ssh/ssh_known_hosts and ~/.ssh/known_hosts,
-     below) for login to be permitted.  This authentication method closes
-     security holes due to IP spoofing, DNS spoofing, and routing spoofing.
-     [Note to the administrator: /etc/hosts.equiv, ~/.rhosts, and the
-     rlogin/rsh protocol in general, are inherently insecure and should be
-     disabled if security is desired.]
-
-     Public key authentication works as follows: The scheme is based on
-     public-key cryptography, using cryptosystems where encryption and
-     decryption are done using separate keys, and it is unfeasible to derive
-     the decryption key from the encryption key.  The idea is that each user
-     creates a public/private key pair for authentication purposes.  The
-     server knows the public key, and only the user knows the private key.
-     ssh implements public key authentication protocol automatically, using
-     one of the DSA, ECDSA, Ed25519 or RSA algorithms.  Protocol 1 is
-     restricted to using only RSA keys, but protocol 2 may use any.  The
-     HISTORY section of ssl(8) contains a brief discussion of the DSA and RSA
-     algorithms.
-
-     The file ~/.ssh/authorized_keys lists the public keys that are permitted
-     for logging in.  When the user logs in, the ssh program tells the server
-     which key pair it would like to use for authentication.  The client
-     proves that it has access to the private key and the server checks that
-     the corresponding public key is authorized to accept the account.
-
-     The user creates his/her key pair by running ssh-keygen(1).  This stores
-     the private key in ~/.ssh/identity (protocol 1), ~/.ssh/id_dsa (protocol
-     2 DSA), ~/.ssh/id_ecdsa (protocol 2 ECDSA), ~/.ssh/id_ed25519 (protocol 2
-     Ed25519), or ~/.ssh/id_rsa (protocol 2 RSA) and stores the public key in
-     ~/.ssh/identity.pub (protocol 1), ~/.ssh/id_dsa.pub (protocol 2 DSA),
-     ~/.ssh/id_ecdsa.pub (protocol 2 ECDSA), ~/.ssh/id_ed25519.pub (protocol 2
-     Ed25519), or ~/.ssh/id_rsa.pub (protocol 2 RSA) in the user's home
-     directory.  The user should then copy the public key to
-     ~/.ssh/authorized_keys in his/her home directory on the remote machine.
-     The authorized_keys file corresponds to the conventional ~/.rhosts file,
-     and has one key per line, though the lines can be very long.  After this,
-     the user can log in without giving the password.
-
-     A variation on public key authentication is available in the form of
-     certificate authentication: instead of a set of public/private keys,
-     signed certificates are used.  This has the advantage that a single
-     trusted certification authority can be used in place of many
-     public/private keys.  See the CERTIFICATES section of ssh-keygen(1) for
-     more information.
-
-     The most convenient way to use public key or certificate authentication
-     may be with an authentication agent.  See ssh-agent(1) for more
-     information.
-
-     Challenge-response authentication works as follows: The server sends an
-     arbitrary "challenge" text, and prompts for a response.  Protocol 2
-     allows multiple challenges and responses; protocol 1 is restricted to
-     just one challenge/response.  Examples of challenge-response
-     authentication include BSD Authentication (see login.conf(5)) and PAM
-     (some non-OpenBSD systems).
-
-     Finally, if other authentication methods fail, ssh prompts the user for a
-     password.  The password is sent to the remote host for checking; however,
-     since all communications are encrypted, the password cannot be seen by
-     someone listening on the network.
-
-     ssh automatically maintains and checks a database containing
-     identification for all hosts it has ever been used with.  Host keys are
-     stored in ~/.ssh/known_hosts in the user's home directory.  Additionally,
-     the file /etc/ssh/ssh_known_hosts is automatically checked for known
-     hosts.  Any new hosts are automatically added to the user's file.  If a
-     host's identification ever changes, ssh warns about this and disables
-     password authentication to prevent server spoofing or man-in-the-middle
-     attacks, which could otherwise be used to circumvent the encryption.  The
-     StrictHostKeyChecking option can be used to control logins to machines
-     whose host key is not known or has changed.
-
-     When the user's identity has been accepted by the server, the server
-     either executes the given command in a non-interactive session or, if no
-     command has been specified, logs into the machine and gives the user a
-     normal shell as an interactive session.  All communication with the
-     remote command or shell will be automatically encrypted.
-
-     If an interactive session is requested ssh by default will only request a
-     pseudo-terminal (pty) for interactive sessions when the client has one.
-     The flags -T and -t can be used to override this behaviour.
-
-     If a pseudo-terminal has been allocated the user may use the escape
-     characters noted below.
-
-     If no pseudo-terminal has been allocated, the session is transparent and
-     can be used to reliably transfer binary data.  On most systems, setting
-     the escape character to M-bM-^@M-^\noneM-bM-^@M-^] will also make the session transparent
-     even if a tty is used.
-
-     The session terminates when the command or shell on the remote machine
-     exits and all X11 and TCP connections have been closed.
-
-ESCAPE CHARACTERS
-     When a pseudo-terminal has been requested, ssh supports a number of
-     functions through the use of an escape character.
-
-     A single tilde character can be sent as ~~ or by following the tilde by a
-     character other than those described below.  The escape character must
-     always follow a newline to be interpreted as special.  The escape
-     character can be changed in configuration files using the EscapeChar
-     configuration directive or on the command line by the -e option.
-
-     The supported escapes (assuming the default M-bM-^@M-^X~M-bM-^@M-^Y) are:
-
-     ~.      Disconnect.
-
-     ~^Z     Background ssh.
-
-     ~#      List forwarded connections.
-
-     ~&      Background ssh at logout when waiting for forwarded connection /
-             X11 sessions to terminate.
-
-     ~?      Display a list of escape characters.
-
-     ~B      Send a BREAK to the remote system (only useful for SSH protocol
-             version 2 and if the peer supports it).
-
-     ~C      Open command line.  Currently this allows the addition of port
-             forwardings using the -L, -R and -D options (see above).  It also
-             allows the cancellation of existing port-forwardings with
-             -KL[bind_address:]port for local, -KR[bind_address:]port for
-             remote and -KD[bind_address:]port for dynamic port-forwardings.
-             !command allows the user to execute a local command if the
-             PermitLocalCommand option is enabled in ssh_config(5).  Basic
-             help is available, using the -h option.
-
-     ~R      Request rekeying of the connection (only useful for SSH protocol
-             version 2 and if the peer supports it).
-
-     ~V      Decrease the verbosity (LogLevel) when errors are being written
-             to stderr.
-
-     ~v      Increase the verbosity (LogLevel) when errors are being written
-             to stderr.
-
-TCP FORWARDING
-     Forwarding of arbitrary TCP connections over the secure channel can be
-     specified either on the command line or in a configuration file.  One
-     possible application of TCP forwarding is a secure connection to a mail
-     server; another is going through firewalls.
-
-     In the example below, we look at encrypting communication between an IRC
-     client and server, even though the IRC server does not directly support
-     encrypted communications.  This works as follows: the user connects to
-     the remote host using ssh, specifying a port to be used to forward
-     connections to the remote server.  After that it is possible to start the
-     service which is to be encrypted on the client machine, connecting to the
-     same local port, and ssh will encrypt and forward the connection.
-
-     The following example tunnels an IRC session from client machine
-     M-bM-^@M-^\127.0.0.1M-bM-^@M-^] (localhost) to remote server M-bM-^@M-^\server.example.comM-bM-^@M-^]:
-
-         $ ssh -f -L 1234:localhost:6667 server.example.com sleep 10
-         $ irc -c '#users' -p 1234 pinky 127.0.0.1
-
-     This tunnels a connection to IRC server M-bM-^@M-^\server.example.comM-bM-^@M-^], joining
-     channel M-bM-^@M-^\#usersM-bM-^@M-^], nickname M-bM-^@M-^\pinkyM-bM-^@M-^], using port 1234.  It doesn't matter
-     which port is used, as long as it's greater than 1023 (remember, only
-     root can open sockets on privileged ports) and doesn't conflict with any
-     ports already in use.  The connection is forwarded to port 6667 on the
-     remote server, since that's the standard port for IRC services.
-
-     The -f option backgrounds ssh and the remote command M-bM-^@M-^\sleep 10M-bM-^@M-^] is
-     specified to allow an amount of time (10 seconds, in the example) to
-     start the service which is to be tunnelled.  If no connections are made
-     within the time specified, ssh will exit.
-
-X11 FORWARDING
-     If the ForwardX11 variable is set to M-bM-^@M-^\yesM-bM-^@M-^] (or see the description of the
-     -X, -x, and -Y options above) and the user is using X11 (the DISPLAY
-     environment variable is set), the connection to the X11 display is
-     automatically forwarded to the remote side in such a way that any X11
-     programs started from the shell (or command) will go through the
-     encrypted channel, and the connection to the real X server will be made
-     from the local machine.  The user should not manually set DISPLAY.
-     Forwarding of X11 connections can be configured on the command line or in
-     configuration files.
-
-     The DISPLAY value set by ssh will point to the server machine, but with a
-     display number greater than zero.  This is normal, and happens because
-     ssh creates a M-bM-^@M-^\proxyM-bM-^@M-^] X server on the server machine for forwarding the
-     connections over the encrypted channel.
-
-     ssh will also automatically set up Xauthority data on the server machine.
-     For this purpose, it will generate a random authorization cookie, store
-     it in Xauthority on the server, and verify that any forwarded connections
-     carry this cookie and replace it by the real cookie when the connection
-     is opened.  The real authentication cookie is never sent to the server
-     machine (and no cookies are sent in the plain).
-
-     If the ForwardAgent variable is set to M-bM-^@M-^\yesM-bM-^@M-^] (or see the description of
-     the -A and -a options above) and the user is using an authentication
-     agent, the connection to the agent is automatically forwarded to the
-     remote side.
-
-VERIFYING HOST KEYS
-     When connecting to a server for the first time, a fingerprint of the
-     server's public key is presented to the user (unless the option
-     StrictHostKeyChecking has been disabled).  Fingerprints can be determined
-     using ssh-keygen(1):
-
-           $ ssh-keygen -l -f /etc/ssh/ssh_host_rsa_key
-
-     If the fingerprint is already known, it can be matched and the key can be
-     accepted or rejected.  If only legacy (MD5) fingerprints for the server
-     are available, the ssh-keygen(1) -E option may be used to downgrade the
-     fingerprint algorithm to match.
-
-     Because of the difficulty of comparing host keys just by looking at
-     fingerprint strings, there is also support to compare host keys visually,
-     using random art.  By setting the VisualHostKey option to M-bM-^@M-^\yesM-bM-^@M-^], a small
-     ASCII graphic gets displayed on every login to a server, no matter if the
-     session itself is interactive or not.  By learning the pattern a known
-     server produces, a user can easily find out that the host key has changed
-     when a completely different pattern is displayed.  Because these patterns
-     are not unambiguous however, a pattern that looks similar to the pattern
-     remembered only gives a good probability that the host key is the same,
-     not guaranteed proof.
-
-     To get a listing of the fingerprints along with their random art for all
-     known hosts, the following command line can be used:
-
-           $ ssh-keygen -lv -f ~/.ssh/known_hosts
-
-     If the fingerprint is unknown, an alternative method of verification is
-     available: SSH fingerprints verified by DNS.  An additional resource
-     record (RR), SSHFP, is added to a zonefile and the connecting client is
-     able to match the fingerprint with that of the key presented.
-
-     In this example, we are connecting a client to a server,
-     M-bM-^@M-^\host.example.comM-bM-^@M-^].  The SSHFP resource records should first be added to
-     the zonefile for host.example.com:
-
-           $ ssh-keygen -r host.example.com.
-
-     The output lines will have to be added to the zonefile.  To check that
-     the zone is answering fingerprint queries:
-
-           $ dig -t SSHFP host.example.com
-
-     Finally the client connects:
-
-           $ ssh -o "VerifyHostKeyDNS ask" host.example.com
-           [...]
-           Matching host key fingerprint found in DNS.
-           Are you sure you want to continue connecting (yes/no)?
-
-     See the VerifyHostKeyDNS option in ssh_config(5) for more information.
-
-SSH-BASED VIRTUAL PRIVATE NETWORKS
-     ssh contains support for Virtual Private Network (VPN) tunnelling using
-     the tun(4) network pseudo-device, allowing two networks to be joined
-     securely.  The sshd_config(5) configuration option PermitTunnel controls
-     whether the server supports this, and at what level (layer 2 or 3
-     traffic).
-
-     The following example would connect client network 10.0.50.0/24 with
-     remote network 10.0.99.0/24 using a point-to-point connection from
-     10.1.1.1 to 10.1.1.2, provided that the SSH server running on the gateway
-     to the remote network, at 192.168.1.15, allows it.
-
-     On the client:
-
-           # ssh -f -w 0:1 192.168.1.15 true
-           # ifconfig tun0 10.1.1.1 10.1.1.2 netmask 255.255.255.252
-           # route add 10.0.99.0/24 10.1.1.2
-
-     On the server:
-
-           # ifconfig tun1 10.1.1.2 10.1.1.1 netmask 255.255.255.252
-           # route add 10.0.50.0/24 10.1.1.1
-
-     Client access may be more finely tuned via the /root/.ssh/authorized_keys
-     file (see below) and the PermitRootLogin server option.  The following
-     entry would permit connections on tun(4) device 1 from user M-bM-^@M-^\janeM-bM-^@M-^] and on
-     tun device 2 from user M-bM-^@M-^\johnM-bM-^@M-^], if PermitRootLogin is set to
-     M-bM-^@M-^\forced-commands-onlyM-bM-^@M-^]:
-
-       tunnel="1",command="sh /etc/netstart tun1" ssh-rsa ... jane
-       tunnel="2",command="sh /etc/netstart tun2" ssh-rsa ... john
-
-     Since an SSH-based setup entails a fair amount of overhead, it may be
-     more suited to temporary setups, such as for wireless VPNs.  More
-     permanent VPNs are better provided by tools such as ipsecctl(8) and
-     isakmpd(8).
-
-ENVIRONMENT
-     ssh will normally set the following environment variables:
-
-     DISPLAY               The DISPLAY variable indicates the location of the
-                           X11 server.  It is automatically set by ssh to
-                           point to a value of the form M-bM-^@M-^\hostname:nM-bM-^@M-^], where
-                           M-bM-^@M-^\hostnameM-bM-^@M-^] indicates the host where the shell runs,
-                           and M-bM-^@M-^XnM-bM-^@M-^Y is an integer M-bM-^IM-% 1.  ssh uses this special
-                           value to forward X11 connections over the secure
-                           channel.  The user should normally not set DISPLAY
-                           explicitly, as that will render the X11 connection
-                           insecure (and will require the user to manually
-                           copy any required authorization cookies).
-
-     HOME                  Set to the path of the user's home directory.
-
-     LOGNAME               Synonym for USER; set for compatibility with
-                           systems that use this variable.
-
-     MAIL                  Set to the path of the user's mailbox.
-
-     PATH                  Set to the default PATH, as specified when
-                           compiling ssh.
-
-     SSH_ASKPASS           If ssh needs a passphrase, it will read the
-                           passphrase from the current terminal if it was run
-                           from a terminal.  If ssh does not have a terminal
-                           associated with it but DISPLAY and SSH_ASKPASS are
-                           set, it will execute the program specified by
-                           SSH_ASKPASS and open an X11 window to read the
-                           passphrase.  This is particularly useful when
-                           calling ssh from a .xsession or related script.
-                           (Note that on some machines it may be necessary to
-                           redirect the input from /dev/null to make this
-                           work.)
-
-     SSH_AUTH_SOCK         Identifies the path of a UNIX-domain socket used to
-                           communicate with the agent.
-
-     SSH_CONNECTION        Identifies the client and server ends of the
-                           connection.  The variable contains four space-
-                           separated values: client IP address, client port
-                           number, server IP address, and server port number.
-
-     SSH_ORIGINAL_COMMAND  This variable contains the original command line if
-                           a forced command is executed.  It can be used to
-                           extract the original arguments.
-
-     SSH_TTY               This is set to the name of the tty (path to the
-                           device) associated with the current shell or
-                           command.  If the current session has no tty, this
-                           variable is not set.
-
-     TZ                    This variable is set to indicate the present time
-                           zone if it was set when the daemon was started
-                           (i.e. the daemon passes the value on to new
-                           connections).
-
-     USER                  Set to the name of the user logging in.
-
-     Additionally, ssh reads ~/.ssh/environment, and adds lines of the format
-     M-bM-^@M-^\VARNAME=valueM-bM-^@M-^] to the environment if the file exists and users are
-     allowed to change their environment.  For more information, see the
-     PermitUserEnvironment option in sshd_config(5).
-
-FILES
-     ~/.rhosts
-             This file is used for host-based authentication (see above).  On
-             some machines this file may need to be world-readable if the
-             user's home directory is on an NFS partition, because sshd(8)
-             reads it as root.  Additionally, this file must be owned by the
-             user, and must not have write permissions for anyone else.  The
-             recommended permission for most machines is read/write for the
-             user, and not accessible by others.
-
-     ~/.shosts
-             This file is used in exactly the same way as .rhosts, but allows
-             host-based authentication without permitting login with
-             rlogin/rsh.
-
-     ~/.ssh/
-             This directory is the default location for all user-specific
-             configuration and authentication information.  There is no
-             general requirement to keep the entire contents of this directory
-             secret, but the recommended permissions are read/write/execute
-             for the user, and not accessible by others.
-
-     ~/.ssh/authorized_keys
-             Lists the public keys (DSA, ECDSA, Ed25519, RSA) that can be used
-             for logging in as this user.  The format of this file is
-             described in the sshd(8) manual page.  This file is not highly
-             sensitive, but the recommended permissions are read/write for the
-             user, and not accessible by others.
-
-     ~/.ssh/config
-             This is the per-user configuration file.  The file format and
-             configuration options are described in ssh_config(5).  Because of
-             the potential for abuse, this file must have strict permissions:
-             read/write for the user, and not writable by others.
-
-     ~/.ssh/environment
-             Contains additional definitions for environment variables; see
-             ENVIRONMENT, above.
-
-     ~/.ssh/identity
-     ~/.ssh/id_dsa
-     ~/.ssh/id_ecdsa
-     ~/.ssh/id_ed25519
-     ~/.ssh/id_rsa
-             Contains the private key for authentication.  These files contain
-             sensitive data and should be readable by the user but not
-             accessible by others (read/write/execute).  ssh will simply
-             ignore a private key file if it is accessible by others.  It is
-             possible to specify a passphrase when generating the key which
-             will be used to encrypt the sensitive part of this file using
-             3DES.
-
-     ~/.ssh/identity.pub
-     ~/.ssh/id_dsa.pub
-     ~/.ssh/id_ecdsa.pub
-     ~/.ssh/id_ed25519.pub
-     ~/.ssh/id_rsa.pub
-             Contains the public key for authentication.  These files are not
-             sensitive and can (but need not) be readable by anyone.
-
-     ~/.ssh/known_hosts
-             Contains a list of host keys for all hosts the user has logged
-             into that are not already in the systemwide list of known host
-             keys.  See sshd(8) for further details of the format of this
-             file.
-
-     ~/.ssh/rc
-             Commands in this file are executed by ssh when the user logs in,
-             just before the user's shell (or command) is started.  See the
-             sshd(8) manual page for more information.
-
-     /etc/hosts.equiv
-             This file is for host-based authentication (see above).  It
-             should only be writable by root.
-
-     /etc/shosts.equiv
-             This file is used in exactly the same way as hosts.equiv, but
-             allows host-based authentication without permitting login with
-             rlogin/rsh.
-
-     /etc/ssh/ssh_config
-             Systemwide configuration file.  The file format and configuration
-             options are described in ssh_config(5).
-
-     /etc/ssh/ssh_host_key
-     /etc/ssh/ssh_host_dsa_key
-     /etc/ssh/ssh_host_ecdsa_key
-     /etc/ssh/ssh_host_ed25519_key
-     /etc/ssh/ssh_host_rsa_key
-             These files contain the private parts of the host keys and are
-             used for host-based authentication.  If protocol version 1 is
-             used, ssh must be setuid root, since the host key is readable
-             only by root.  For protocol version 2, ssh uses ssh-keysign(8) to
-             access the host keys, eliminating the requirement that ssh be
-             setuid root when host-based authentication is used.  By default
-             ssh is not setuid root.
-
-     /etc/ssh/ssh_known_hosts
-             Systemwide list of known host keys.  This file should be prepared
-             by the system administrator to contain the public host keys of
-             all machines in the organization.  It should be world-readable.
-             See sshd(8) for further details of the format of this file.
-
-     /etc/ssh/sshrc
-             Commands in this file are executed by ssh when the user logs in,
-             just before the user's shell (or command) is started.  See the
-             sshd(8) manual page for more information.
-
-EXIT STATUS
-     ssh exits with the exit status of the remote command or with 255 if an
-     error occurred.
-
-SEE ALSO
-     scp(1), sftp(1), ssh-add(1), ssh-agent(1), ssh-keygen(1), ssh-keyscan(1),
-     tun(4), ssh_config(5), ssh-keysign(8), sshd(8)
-
-STANDARDS
-     S. Lehtinen and C. Lonvick, The Secure Shell (SSH) Protocol Assigned
-     Numbers, RFC 4250, January 2006.
-
-     T. Ylonen and C. Lonvick, The Secure Shell (SSH) Protocol Architecture,
-     RFC 4251, January 2006.
-
-     T. Ylonen and C. Lonvick, The Secure Shell (SSH) Authentication Protocol,
-     RFC 4252, January 2006.
-
-     T. Ylonen and C. Lonvick, The Secure Shell (SSH) Transport Layer
-     Protocol, RFC 4253, January 2006.
-
-     T. Ylonen and C. Lonvick, The Secure Shell (SSH) Connection Protocol, RFC
-     4254, January 2006.
-
-     J. Schlyter and W. Griffin, Using DNS to Securely Publish Secure Shell
-     (SSH) Key Fingerprints, RFC 4255, January 2006.
-
-     F. Cusack and M. Forssen, Generic Message Exchange Authentication for the
-     Secure Shell Protocol (SSH), RFC 4256, January 2006.
-
-     J. Galbraith and P. Remaker, The Secure Shell (SSH) Session Channel Break
-     Extension, RFC 4335, January 2006.
-
-     M. Bellare, T. Kohno, and C. Namprempre, The Secure Shell (SSH) Transport
-     Layer Encryption Modes, RFC 4344, January 2006.
-
-     B. Harris, Improved Arcfour Modes for the Secure Shell (SSH) Transport
-     Layer Protocol, RFC 4345, January 2006.
-
-     M. Friedl, N. Provos, and W. Simpson, Diffie-Hellman Group Exchange for
-     the Secure Shell (SSH) Transport Layer Protocol, RFC 4419, March 2006.
-
-     J. Galbraith and R. Thayer, The Secure Shell (SSH) Public Key File
-     Format, RFC 4716, November 2006.
-
-     D. Stebila and J. Green, Elliptic Curve Algorithm Integration in the
-     Secure Shell Transport Layer, RFC 5656, December 2009.
-
-     A. Perrig and D. Song, Hash Visualization: a New Technique to improve
-     Real-World Security, 1999, International Workshop on Cryptographic
-     Techniques and E-Commerce (CrypTEC '99).
-
-AUTHORS
-     OpenSSH is a derivative of the original and free ssh 1.2.12 release by
-     Tatu Ylonen.  Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo
-     de Raadt and Dug Song removed many bugs, re-added newer features and
-     created OpenSSH.  Markus Friedl contributed the support for SSH protocol
-     versions 1.5 and 2.0.
-
-OpenBSD 5.7                      May 22, 2015                      OpenBSD 5.7
diff --git a/crypto/openssh/ssh.1 b/crypto/openssh/ssh.1
index 9158fda..9bb6c57 100644
--- a/crypto/openssh/ssh.1
+++ b/crypto/openssh/ssh.1
@@ -33,9 +33,9 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: ssh.1,v 1.358 2015/05/22 05:28:45 djm Exp $
+.\" $OpenBSD: ssh.1,v 1.361 2015/07/20 18:44:12 millert Exp $
 .\" $FreeBSD$
-.Dd $Mdocdate: May 22 2015 $
+.Dd $Mdocdate: July 20 2015 $
 .Dt SSH 1
 .Os
 .Sh NAME
@@ -53,14 +53,14 @@
 .Op Fl F Ar configfile
 .Op Fl I Ar pkcs11
 .Op Fl i Ar identity_file
-.Op Fl L Oo Ar bind_address : Oc Ns Ar port : Ns Ar host : Ns Ar hostport
+.Op Fl L Ar address
 .Op Fl l Ar login_name
 .Op Fl m Ar mac_spec
 .Op Fl O Ar ctl_cmd
 .Op Fl o Ar option
 .Op Fl p Ar port
 .Op Fl Q Cm cipher | cipher-auth | mac | kex | key | protocol-version
-.Op Fl R Oo Ar bind_address : Oc Ns Ar port : Ns Ar host : Ns Ar hostport
+.Op Fl R Ar address
 .Op Fl S Ar ctl_path
 .Op Fl W Ar host : Ns Ar port
 .Op Fl w Ar local_tun Ns Op : Ns Ar remote_tun
@@ -94,23 +94,28 @@ is specified,
 it is executed on the remote host instead of a login shell.
 .Pp
 The options are as follows:
-.Bl -tag -width Ds
+.Pp
+.Bl -tag -width Ds -compact
 .It Fl 1
 Forces
 .Nm
 to try protocol version 1 only.
+.Pp
 .It Fl 2
 Forces
 .Nm
 to try protocol version 2 only.
+.Pp
 .It Fl 4
 Forces
 .Nm
 to use IPv4 addresses only.
+.Pp
 .It Fl 6
 Forces
 .Nm
 to use IPv6 addresses only.
+.Pp
 .It Fl A
 Enables forwarding of the authentication agent connection.
 This can also be specified on a per-host basis in a configuration file.
@@ -123,14 +128,17 @@ socket) can access the local agent through the forwarded connection.
 An attacker cannot obtain key material from the agent,
 however they can perform operations on the keys that enable them to
 authenticate using the identities loaded into the agent.
+.Pp
 .It Fl a
 Disables forwarding of the authentication agent connection.
+.Pp
 .It Fl b Ar bind_address
 Use
 .Ar bind_address
 on the local machine as the source address
 of the connection.
 Only useful on systems with more than one address.
+.Pp
 .It Fl C
 Requests compression of all data (including stdin, stdout, stderr, and
 data for forwarded X11, TCP and
@@ -149,6 +157,7 @@ The default value can be set on a host-by-host basis in the
 configuration files; see the
 .Cm Compression
 option.
+.Pp
 .It Fl c Ar cipher_spec
 Selects the cipher specification for encrypting the session.
 .Pp
@@ -167,6 +176,7 @@ See the
 keyword in
 .Xr ssh_config 5
 for more information.
+.Pp
 .It Fl D Xo
 .Sm off
 .Oo Ar bind_address : Oc
@@ -206,10 +216,12 @@ indicates that the listening port be bound for local use only, while an
 empty address or
 .Sq *
 indicates that the port should be available from all interfaces.
+.Pp
 .It Fl E Ar log_file
 Append debug logs to
 .Ar log_file
 instead of standard error.
+.Pp
 .It Fl e Ar escape_char
 Sets the escape character for sessions with a pty (default:
 .Ql ~ ) .
@@ -222,6 +234,7 @@ and followed by itself sends the escape character once.
 Setting the character to
 .Dq none
 disables any escapes and makes the session fully transparent.
+.Pp
 .It Fl F Ar configfile
 Specifies an alternative per-user configuration file.
 If a configuration file is given on the command line,
@@ -230,6 +243,7 @@ the system-wide configuration file
 will be ignored.
 The default for the per-user configuration file is
 .Pa ~/.ssh/config .
+.Pp
 .It Fl f
 Requests
 .Nm
@@ -252,6 +266,7 @@ then a client started with
 .Fl f
 will wait for all remote port forwards to be successfully established
 before placing itself in the background.
+.Pp
 .It Fl G
 Causes
 .Nm
@@ -260,15 +275,18 @@ to print its configuration after evaluating
 and
 .Cm Match
 blocks and exit.
+.Pp
 .It Fl g
 Allows remote hosts to connect to local forwarded ports.
 If used on a multiplexed connection, then this option must be specified
 on the master process.
+.Pp
 .It Fl I Ar pkcs11
 Specify the PKCS#11 shared library
 .Nm
 should use to communicate with a PKCS#11 token providing the user's
 private RSA key.
+.Pp
 .It Fl i Ar identity_file
 Selects a file from which the identity (private key) for
 public key authentication is read.
@@ -292,33 +310,58 @@ will also try to load certificate information from the filename obtained
 by appending
 .Pa -cert.pub
 to identity filenames.
+.Pp
 .It Fl K
 Enables GSSAPI-based authentication and forwarding (delegation) of GSSAPI
 credentials to the server.
+.Pp
 .It Fl k
 Disables forwarding (delegation) of GSSAPI credentials to the server.
+.Pp
 .It Fl L Xo
 .Sm off
 .Oo Ar bind_address : Oc
 .Ar port : host : hostport
 .Sm on
 .Xc
-Specifies that the given port on the local (client) host is to be
-forwarded to the given host and port on the remote side.
-This works by allocating a socket to listen to
+.It Fl L Xo
+.Sm off
+.Oo Ar bind_address : Oc
+.Ar port : remote_socket
+.Sm on
+.Xc
+.It Fl L Xo
+.Sm off
+.Ar local_socket : host : hostport
+.Sm on
+.Xc
+.It Fl L Xo
+.Sm off
+.Ar local_socket : remote_socket
+.Sm on
+.Xc
+Specifies that connections to the given TCP port or Unix socket on the local
+(client) host are to be forwarded to the given host and port, or Unix socket,
+on the remote side.
+This works by allocating a socket to listen to either a TCP
 .Ar port
 on the local side, optionally bound to the specified
-.Ar bind_address .
-Whenever a connection is made to this port, the
+.Ar bind_address ,
+or to a Unix socket.
+Whenever a connection is made to the local port or socket, the
 connection is forwarded over the secure channel, and a connection is
-made to
+made to either
 .Ar host
 port
-.Ar hostport
+.Ar hostport ,
+or the Unix socket
+.Ar remote_socket ,
 from the remote machine.
+.Pp
 Port forwardings can also be specified in the configuration file.
-IPv6 addresses can be specified by enclosing the address in square brackets.
 Only the superuser can forward privileged ports.
+IPv6 addresses can be specified by enclosing the address in square brackets.
+.Pp
 By default, the local port is bound in accordance with the
 .Cm GatewayPorts
 setting.
@@ -333,9 +376,11 @@ indicates that the listening port be bound for local use only, while an
 empty address or
 .Sq *
 indicates that the port should be available from all interfaces.
+.Pp
 .It Fl l Ar login_name
 Specifies the user to log in as on the remote machine.
 This also may be specified on a per-host basis in the configuration file.
+.Pp
 .It Fl M
 Places the
 .Nm
@@ -354,6 +399,7 @@ Refer to the description of
 in
 .Xr ssh_config 5
 for details.
+.Pp
 .It Fl m Ar mac_spec
 Additionally, for protocol version 2 a comma-separated list of MAC
 (message authentication code) algorithms can
@@ -361,10 +407,12 @@ be specified in order of preference.
 See the
 .Cm MACs
 keyword for more information.
+.Pp
 .It Fl N
 Do not execute a remote command.
 This is useful for just forwarding ports
 (protocol version 2 only).
+.Pp
 .It Fl n
 Redirects stdin from
 .Pa /dev/null
@@ -385,6 +433,7 @@ program will be put in the background.
 needs to ask for a password or passphrase; see also the
 .Fl f
 option.)
+.Pp
 .It Fl O Ar ctl_cmd
 Control an active connection multiplexing master process.
 When the
@@ -403,6 +452,7 @@ Valid commands are:
 (request the master to exit), and
 .Dq stop
 (request the master to stop accepting further multiplexing requests).
+.Pp
 .It Fl o Ar option
 Can be used to give options in the format used in the configuration file.
 This is useful for specifying options for which there is no separate
@@ -471,6 +521,7 @@ For full details of the options listed below, and their possible values, see
 .It Protocol
 .It ProxyCommand
 .It ProxyUseFdpass
+.It PubkeyAcceptedKeyTypes
 .It PubkeyAuthentication
 .It RekeyLimit
 .It RemoteForward
@@ -495,10 +546,12 @@ For full details of the options listed below, and their possible values, see
 .It VisualHostKey
 .It XAuthLocation
 .El
+.Pp
 .It Fl p Ar port
 Port to connect to on the remote host.
 This can be specified on a
 per-host basis in the configuration file.
+.Pp
 .It Fl Q Cm cipher | cipher-auth | mac | kex | key | protocol-version
 Queries
 .Nm
@@ -516,25 +569,47 @@ The available features are:
 (key types) and
 .Ar protocol-version
 (supported SSH protocol versions).
+.Pp
 .It Fl q
 Quiet mode.
 Causes most warning and diagnostic messages to be suppressed.
+.Pp
 .It Fl R Xo
 .Sm off
 .Oo Ar bind_address : Oc
 .Ar port : host : hostport
 .Sm on
 .Xc
-Specifies that the given port on the remote (server) host is to be
-forwarded to the given host and port on the local side.
-This works by allocating a socket to listen to
+.It Fl R Xo
+.Sm off
+.Oo Ar bind_address : Oc
+.Ar port : local_socket
+.Sm on
+.Xc
+.It Fl R Xo
+.Sm off
+.Ar remote_socket : host : hostport
+.Sm on
+.Xc
+.It Fl R Xo
+.Sm off
+.Ar remote_socket : local_socket
+.Sm on
+.Xc
+Specifies that connections to the given TCP port or Unix socket on the remote
+(server) host are to be forwarded to the given host and port, or Unix socket,
+on the local side.
+This works by allocating a socket to listen to either a TCP
 .Ar port
-on the remote side, and whenever a connection is made to this port, the
-connection is forwarded over the secure channel, and a connection is
-made to
+or to a Unix socket on the remote side.
+Whenever a connection is made to this port or Unix socket, the
+connection is forwarded over the secure channel, and a connection
+is made to either
 .Ar host
 port
-.Ar hostport
+.Ar hostport ,
+or
+.Ar local_socket ,
 from the local machine.
 .Pp
 Port forwardings can also be specified in the configuration file.
@@ -542,7 +617,7 @@ Privileged ports can be forwarded only when
 logging in as root on the remote machine.
 IPv6 addresses can be specified by enclosing the address in square brackets.
 .Pp
-By default, the listening socket on the server will be bound to the loopback
+By default, TCP listening sockets on the server will be bound to the loopback
 interface only.
 This may be overridden by specifying a
 .Ar bind_address .
@@ -567,6 +642,7 @@ to the client at run time.
 When used together with
 .Ic -O forward
 the allocated port will be printed to the standard output.
+.Pp
 .It Fl S Ar ctl_path
 Specifies the location of a control socket for connection sharing,
 or the string
@@ -579,14 +655,17 @@ and
 in
 .Xr ssh_config 5
 for details.
+.Pp
 .It Fl s
 May be used to request invocation of a subsystem on the remote system.
 Subsystems are a feature of the SSH2 protocol which facilitate the use
 of SSH as a secure transport for other applications (eg.\&
 .Xr sftp 1 ) .
 The subsystem is specified as the remote command.
+.Pp
 .It Fl T
 Disable pseudo-terminal allocation.
+.Pp
 .It Fl t
 Force pseudo-terminal allocation.
 This can be used to execute arbitrary
@@ -597,8 +676,10 @@ Multiple
 options force tty allocation, even if
 .Nm
 has no local tty.
+.Pp
 .It Fl V
 Display the version number and exit.
+.Pp
 .It Fl v
 Verbose mode.
 Causes
@@ -610,6 +691,7 @@ Multiple
 .Fl v
 options increase the verbosity.
 The maximum is 3.
+.Pp
 .It Fl W Ar host : Ns Ar port
 Requests that standard input and output on the client be forwarded to
 .Ar host
@@ -623,6 +705,7 @@ Implies
 and
 .Cm ClearAllForwardings .
 Works with Protocol version 2 only.
+.Pp
 .It Fl w Xo
 .Ar local_tun Ns Op : Ns Ar remote_tun
 .Xc
@@ -652,6 +735,7 @@ If the
 .Cm Tunnel
 directive is unset, it is set to the default tunnel mode, which is
 .Dq point-to-point .
+.Pp
 .It Fl X
 Enables X11 forwarding.
 This can also be specified on a per-host basis in a configuration file.
@@ -672,12 +756,15 @@ option and the
 directive in
 .Xr ssh_config 5
 for more information.
+.Pp
 .It Fl x
 Disables X11 forwarding.
+.Pp
 .It Fl Y
 Enables trusted X11 forwarding.
 Trusted X11 forwardings are not subjected to the X11 SECURITY extension
 controls.
+.Pp
 .It Fl y
 Send log information using the
 .Xr syslog 3
diff --git a/crypto/openssh/ssh.c b/crypto/openssh/ssh.c
index 19abc06..046dc9d 100644
--- a/crypto/openssh/ssh.c
+++ b/crypto/openssh/ssh.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh.c,v 1.418 2015/05/04 06:10:48 djm Exp $ */
+/* $OpenBSD: ssh.c,v 1.420 2015/07/30 00:01:34 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -109,6 +109,7 @@ __RCSID("$FreeBSD$");
 #include "roaming.h"
 #include "version.h"
 #include "ssherr.h"
+#include "myproposal.h"
 
 #ifdef ENABLE_PKCS11
 #include "ssh-pkcs11.h"
@@ -204,10 +205,10 @@ usage(void)
 "usage: ssh [-1246AaCfGgKkMNnqsTtVvXxYy] [-b bind_address] [-c cipher_spec]\n"
 "           [-D [bind_address:]port] [-E log_file] [-e escape_char]\n"
 "           [-F configfile] [-I pkcs11] [-i identity_file]\n"
-"           [-L [bind_address:]port:host:hostport] [-l login_name] [-m mac_spec]\n"
+"           [-L address] [-l login_name] [-m mac_spec]\n"
 "           [-O ctl_cmd] [-o option] [-p port]\n"
 "           [-Q cipher | cipher-auth | mac | kex | key]\n"
-"           [-R [bind_address:]port:host:hostport] [-S ctl_path] [-W host:port]\n"
+"           [-R address] [-S ctl_path] [-W host:port]\n"
 "           [-w local_tun[:remote_tun]] [user@]hostname [command]\n"
 	);
 	exit(255);
@@ -795,26 +796,26 @@ main(int ac, char **av)
 			}
 			break;
 		case 'c':
-			if (ciphers_valid(optarg)) {
+			if (ciphers_valid(*optarg == '+' ?
+			    optarg + 1 : optarg)) {
 				/* SSH2 only */
 				options.ciphers = xstrdup(optarg);
 				options.cipher = SSH_CIPHER_INVALID;
-			} else {
-				/* SSH1 only */
-				options.cipher = cipher_number(optarg);
-				if (options.cipher == -1) {
-					fprintf(stderr,
-					    "Unknown cipher type '%s'\n",
-					    optarg);
-					exit(255);
-				}
-				if (options.cipher == SSH_CIPHER_3DES)
-					options.ciphers = "3des-cbc";
-				else if (options.cipher == SSH_CIPHER_BLOWFISH)
-					options.ciphers = "blowfish-cbc";
-				else
-					options.ciphers = (char *)-1;
+				break;
+			}
+			/* SSH1 only */
+			options.cipher = cipher_number(optarg);
+			if (options.cipher == -1) {
+				fprintf(stderr, "Unknown cipher type '%s'\n",
+				    optarg);
+				exit(255);
 			}
+			if (options.cipher == SSH_CIPHER_3DES)
+				options.ciphers = xstrdup("3des-cbc");
+			else if (options.cipher == SSH_CIPHER_BLOWFISH)
+				options.ciphers = xstrdup("blowfish-cbc");
+			else
+				options.ciphers = xstrdup(KEX_CLIENT_ENCRYPT);
 			break;
 		case 'm':
 			if (mac_valid(optarg))
@@ -989,6 +990,7 @@ main(int ac, char **av)
 	    SYSLOG_FACILITY_USER, !use_syslog);
 
 	if (debug_flag)
+		/* version_addendum is always NULL at this point */
 		logit("%s, %s", SSH_RELEASE, OPENSSL_VERSION);
 
 	/* Parse the configuration files */
diff --git a/crypto/openssh/ssh.h b/crypto/openssh/ssh.h
index c94633b..39c7e18 100644
--- a/crypto/openssh/ssh.h
+++ b/crypto/openssh/ssh.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh.h,v 1.79 2010/06/25 07:14:46 djm Exp $ */
+/* $OpenBSD: ssh.h,v 1.81 2015/08/04 05:23:06 djm Exp $ */
 
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
diff --git a/crypto/openssh/ssh_config b/crypto/openssh/ssh_config
index 4452d52..a07bf29 100644
--- a/crypto/openssh/ssh_config
+++ b/crypto/openssh/ssh_config
@@ -48,4 +48,4 @@
 #   ProxyCommand ssh -q -W %h:%p gateway.example.com
 #   RekeyLimit 1G 1h
 #   VerifyHostKeyDNS yes
-#   VersionAddendum FreeBSD-20160119
+#   VersionAddendum FreeBSD-20160121
diff --git a/crypto/openssh/ssh_config.0 b/crypto/openssh/ssh_config.0
deleted file mode 100644
index b0a614b..0000000
--- a/crypto/openssh/ssh_config.0
+++ /dev/null
@@ -1,985 +0,0 @@
-SSH_CONFIG(5)                 File Formats Manual                SSH_CONFIG(5)
-
-NAME
-     ssh_config M-bM-^@M-^S OpenSSH SSH client configuration files
-
-SYNOPSIS
-     ~/.ssh/config
-     /etc/ssh/ssh_config
-
-DESCRIPTION
-     ssh(1) obtains configuration data from the following sources in the
-     following order:
-
-           1.   command-line options
-           2.   user's configuration file (~/.ssh/config)
-           3.   system-wide configuration file (/etc/ssh/ssh_config)
-
-     For each parameter, the first obtained value will be used.  The
-     configuration files contain sections separated by M-bM-^@M-^\HostM-bM-^@M-^] specifications,
-     and that section is only applied for hosts that match one of the patterns
-     given in the specification.  The matched host name is usually the one
-     given on the command line (see the CanonicalizeHostname option for
-     exceptions.)
-
-     Since the first obtained value for each parameter is used, more host-
-     specific declarations should be given near the beginning of the file, and
-     general defaults at the end.
-
-     The configuration file has the following format:
-
-     Empty lines and lines starting with M-bM-^@M-^X#M-bM-^@M-^Y are comments.  Otherwise a line
-     is of the format M-bM-^@M-^\keyword argumentsM-bM-^@M-^].  Configuration options may be
-     separated by whitespace or optional whitespace and exactly one M-bM-^@M-^X=M-bM-^@M-^Y; the
-     latter format is useful to avoid the need to quote whitespace when
-     specifying configuration options using the ssh, scp, and sftp -o option.
-     Arguments may optionally be enclosed in double quotes (") in order to
-     represent arguments containing spaces.
-
-     The possible keywords and their meanings are as follows (note that
-     keywords are case-insensitive and arguments are case-sensitive):
-
-     Host    Restricts the following declarations (up to the next Host or
-             Match keyword) to be only for those hosts that match one of the
-             patterns given after the keyword.  If more than one pattern is
-             provided, they should be separated by whitespace.  A single M-bM-^@M-^X*M-bM-^@M-^Y
-             as a pattern can be used to provide global defaults for all
-             hosts.  The host is usually the hostname argument given on the
-             command line (see the CanonicalizeHostname option for
-             exceptions.)
-
-             A pattern entry may be negated by prefixing it with an
-             exclamation mark (M-bM-^@M-^X!M-bM-^@M-^Y).  If a negated entry is matched, then the
-             Host entry is ignored, regardless of whether any other patterns
-             on the line match.  Negated matches are therefore useful to
-             provide exceptions for wildcard matches.
-
-             See PATTERNS for more information on patterns.
-
-     Match   Restricts the following declarations (up to the next Host or
-             Match keyword) to be used only when the conditions following the
-             Match keyword are satisfied.  Match conditions are specified
-             using one or more critera or the single token all which always
-             matches.  The available criteria keywords are: canonical, exec,
-             host, originalhost, user, and localuser.  The all criteria must
-             appear alone or immediately after canonical.  Other criteria may
-             be combined arbitrarily.  All criteria but all and canonical
-             require an argument.  Criteria may be negated by prepending an
-             exclamation mark (M-bM-^@M-^X!M-bM-^@M-^Y).
-
-             The canonical keyword matches only when the configuration file is
-             being re-parsed after hostname canonicalization (see the
-             CanonicalizeHostname option.)  This may be useful to specify
-             conditions that work with canonical host names only.  The exec
-             keyword executes the specified command under the user's shell.
-             If the command returns a zero exit status then the condition is
-             considered true.  Commands containing whitespace characters must
-             be quoted.  The following character sequences in the command will
-             be expanded prior to execution: M-bM-^@M-^X%LM-bM-^@M-^Y will be substituted by the
-             first component of the local host name, M-bM-^@M-^X%lM-bM-^@M-^Y will be substituted
-             by the local host name (including any domain name), M-bM-^@M-^X%hM-bM-^@M-^Y will be
-             substituted by the target host name, M-bM-^@M-^X%nM-bM-^@M-^Y will be substituted by
-             the original target host name specified on the command-line, M-bM-^@M-^X%pM-bM-^@M-^Y
-             the destination port, M-bM-^@M-^X%rM-bM-^@M-^Y by the remote login username, and M-bM-^@M-^X%uM-bM-^@M-^Y
-             by the username of the user running ssh(1).
-
-             The other keywords' criteria must be single entries or comma-
-             separated lists and may use the wildcard and negation operators
-             described in the PATTERNS section.  The criteria for the host
-             keyword are matched against the target hostname, after any
-             substitution by the Hostname or CanonicalizeHostname options.
-             The originalhost keyword matches against the hostname as it was
-             specified on the command-line.  The user keyword matches against
-             the target username on the remote host.  The localuser keyword
-             matches against the name of the local user running ssh(1) (this
-             keyword may be useful in system-wide ssh_config files).
-
-     AddressFamily
-             Specifies which address family to use when connecting.  Valid
-             arguments are M-bM-^@M-^\anyM-bM-^@M-^], M-bM-^@M-^\inetM-bM-^@M-^] (use IPv4 only), or M-bM-^@M-^\inet6M-bM-^@M-^] (use IPv6
-             only).
-
-     BatchMode
-             If set to M-bM-^@M-^\yesM-bM-^@M-^], passphrase/password querying will be disabled.
-             This option is useful in scripts and other batch jobs where no
-             user is present to supply the password.  The argument must be
-             M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^].  The default is M-bM-^@M-^\noM-bM-^@M-^].
-
-     BindAddress
-             Use the specified address on the local machine as the source
-             address of the connection.  Only useful on systems with more than
-             one address.  Note that this option does not work if
-             UsePrivilegedPort is set to M-bM-^@M-^\yesM-bM-^@M-^].
-
-     CanonicalDomains
-             When CanonicalizeHostname is enabled, this option specifies the
-             list of domain suffixes in which to search for the specified
-             destination host.
-
-     CanonicalizeFallbackLocal
-             Specifies whether to fail with an error when hostname
-             canonicalization fails.  The default, M-bM-^@M-^\yesM-bM-^@M-^], will attempt to look
-             up the unqualified hostname using the system resolver's search
-             rules.  A value of M-bM-^@M-^\noM-bM-^@M-^] will cause ssh(1) to fail instantly if
-             CanonicalizeHostname is enabled and the target hostname cannot be
-             found in any of the domains specified by CanonicalDomains.
-
-     CanonicalizeHostname
-             Controls whether explicit hostname canonicalization is performed.
-             The default, M-bM-^@M-^\noM-bM-^@M-^], is not to perform any name rewriting and let
-             the system resolver handle all hostname lookups.  If set to M-bM-^@M-^\yesM-bM-^@M-^]
-             then, for connections that do not use a ProxyCommand, ssh(1) will
-             attempt to canonicalize the hostname specified on the command
-             line using the CanonicalDomains suffixes and
-             CanonicalizePermittedCNAMEs rules.  If CanonicalizeHostname is
-             set to M-bM-^@M-^\alwaysM-bM-^@M-^], then canonicalization is applied to proxied
-             connections too.
-
-             If this option is enabled, then the configuration files are
-             processed again using the new target name to pick up any new
-             configuration in matching Host and Match stanzas.
-
-     CanonicalizeMaxDots
-             Specifies the maximum number of dot characters in a hostname
-             before canonicalization is disabled.  The default, M-bM-^@M-^\1M-bM-^@M-^], allows a
-             single dot (i.e. hostname.subdomain).
-
-     CanonicalizePermittedCNAMEs
-             Specifies rules to determine whether CNAMEs should be followed
-             when canonicalizing hostnames.  The rules consist of one or more
-             arguments of source_domain_list:target_domain_list, where
-             source_domain_list is a pattern-list of domains that may follow
-             CNAMEs in canonicalization, and target_domain_list is a pattern-
-             list of domains that they may resolve to.
-
-             For example, M-bM-^@M-^\*.a.example.com:*.b.example.com,*.c.example.comM-bM-^@M-^]
-             will allow hostnames matching M-bM-^@M-^\*.a.example.comM-bM-^@M-^] to be
-             canonicalized to names in the M-bM-^@M-^\*.b.example.comM-bM-^@M-^] or
-             M-bM-^@M-^\*.c.example.comM-bM-^@M-^] domains.
-
-     ChallengeResponseAuthentication
-             Specifies whether to use challenge-response authentication.  The
-             argument to this keyword must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^].  The default is
-             M-bM-^@M-^\yesM-bM-^@M-^].
-
-     CheckHostIP
-             If this flag is set to M-bM-^@M-^\yesM-bM-^@M-^], ssh(1) will additionally check the
-             host IP address in the known_hosts file.  This allows ssh to
-             detect if a host key changed due to DNS spoofing and will add
-             addresses of destination hosts to ~/.ssh/known_hosts in the
-             process, regardless of the setting of StrictHostKeyChecking.  If
-             the option is set to M-bM-^@M-^\noM-bM-^@M-^], the check will not be executed.  The
-             default is M-bM-^@M-^\yesM-bM-^@M-^].
-
-     Cipher  Specifies the cipher to use for encrypting the session in
-             protocol version 1.  Currently, M-bM-^@M-^\blowfishM-bM-^@M-^], M-bM-^@M-^\3desM-bM-^@M-^], and M-bM-^@M-^\desM-bM-^@M-^] are
-             supported.  des is only supported in the ssh(1) client for
-             interoperability with legacy protocol 1 implementations that do
-             not support the 3des cipher.  Its use is strongly discouraged due
-             to cryptographic weaknesses.  The default is M-bM-^@M-^\3desM-bM-^@M-^].
-
-     Ciphers
-             Specifies the ciphers allowed for protocol version 2 in order of
-             preference.  Multiple ciphers must be comma-separated.  The
-             supported ciphers are:
-
-                   3des-cbc
-                   aes128-cbc
-                   aes192-cbc
-                   aes256-cbc
-                   aes128-ctr
-                   aes192-ctr
-                   aes256-ctr
-                   aes128-gcm@openssh.com
-                   aes256-gcm@openssh.com
-                   arcfour
-                   arcfour128
-                   arcfour256
-                   blowfish-cbc
-                   cast128-cbc
-                   chacha20-poly1305@openssh.com
-
-             The default is:
-
-                   aes128-ctr,aes192-ctr,aes256-ctr,
-                   aes128-gcm@openssh.com,aes256-gcm@openssh.com,
-                   chacha20-poly1305@openssh.com,
-                   arcfour256,arcfour128,
-                   aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,
-                   aes192-cbc,aes256-cbc,arcfour
-
-             The list of available ciphers may also be obtained using the -Q
-             option of ssh(1) with an argument of M-bM-^@M-^\cipherM-bM-^@M-^].
-
-     ClearAllForwardings
-             Specifies that all local, remote, and dynamic port forwardings
-             specified in the configuration files or on the command line be
-             cleared.  This option is primarily useful when used from the
-             ssh(1) command line to clear port forwardings set in
-             configuration files, and is automatically set by scp(1) and
-             sftp(1).  The argument must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^].  The default is
-             M-bM-^@M-^\noM-bM-^@M-^].
-
-     Compression
-             Specifies whether to use compression.  The argument must be M-bM-^@M-^\yesM-bM-^@M-^]
-             or M-bM-^@M-^\noM-bM-^@M-^].  The default is M-bM-^@M-^\noM-bM-^@M-^].
-
-     CompressionLevel
-             Specifies the compression level to use if compression is enabled.
-             The argument must be an integer from 1 (fast) to 9 (slow, best).
-             The default level is 6, which is good for most applications.  The
-             meaning of the values is the same as in gzip(1).  Note that this
-             option applies to protocol version 1 only.
-
-     ConnectionAttempts
-             Specifies the number of tries (one per second) to make before
-             exiting.  The argument must be an integer.  This may be useful in
-             scripts if the connection sometimes fails.  The default is 1.
-
-     ConnectTimeout
-             Specifies the timeout (in seconds) used when connecting to the
-             SSH server, instead of using the default system TCP timeout.
-             This value is used only when the target is down or really
-             unreachable, not when it refuses the connection.
-
-     ControlMaster
-             Enables the sharing of multiple sessions over a single network
-             connection.  When set to M-bM-^@M-^\yesM-bM-^@M-^], ssh(1) will listen for
-             connections on a control socket specified using the ControlPath
-             argument.  Additional sessions can connect to this socket using
-             the same ControlPath with ControlMaster set to M-bM-^@M-^\noM-bM-^@M-^] (the
-             default).  These sessions will try to reuse the master instance's
-             network connection rather than initiating new ones, but will fall
-             back to connecting normally if the control socket does not exist,
-             or is not listening.
-
-             Setting this to M-bM-^@M-^\askM-bM-^@M-^] will cause ssh to listen for control
-             connections, but require confirmation using ssh-askpass(1).  If
-             the ControlPath cannot be opened, ssh will continue without
-             connecting to a master instance.
-
-             X11 and ssh-agent(1) forwarding is supported over these
-             multiplexed connections, however the display and agent forwarded
-             will be the one belonging to the master connection i.e. it is not
-             possible to forward multiple displays or agents.
-
-             Two additional options allow for opportunistic multiplexing: try
-             to use a master connection but fall back to creating a new one if
-             one does not already exist.  These options are: M-bM-^@M-^\autoM-bM-^@M-^] and
-             M-bM-^@M-^\autoaskM-bM-^@M-^].  The latter requires confirmation like the M-bM-^@M-^\askM-bM-^@M-^]
-             option.
-
-     ControlPath
-             Specify the path to the control socket used for connection
-             sharing as described in the ControlMaster section above or the
-             string M-bM-^@M-^\noneM-bM-^@M-^] to disable connection sharing.  In the path, M-bM-^@M-^X%LM-bM-^@M-^Y
-             will be substituted by the first component of the local host
-             name, M-bM-^@M-^X%lM-bM-^@M-^Y will be substituted by the local host name (including
-             any domain name), M-bM-^@M-^X%hM-bM-^@M-^Y will be substituted by the target host
-             name, M-bM-^@M-^X%nM-bM-^@M-^Y will be substituted by the original target host name
-             specified on the command line, M-bM-^@M-^X%pM-bM-^@M-^Y the destination port, M-bM-^@M-^X%rM-bM-^@M-^Y by
-             the remote login username, M-bM-^@M-^X%uM-bM-^@M-^Y by the username of the user
-             running ssh(1), and M-bM-^@M-^X%CM-bM-^@M-^Y by a hash of the concatenation:
-             %l%h%p%r.  It is recommended that any ControlPath used for
-             opportunistic connection sharing include at least %h, %p, and %r
-             (or alternatively %C) and be placed in a directory that is not
-             writable by other users.  This ensures that shared connections
-             are uniquely identified.
-
-     ControlPersist
-             When used in conjunction with ControlMaster, specifies that the
-             master connection should remain open in the background (waiting
-             for future client connections) after the initial client
-             connection has been closed.  If set to M-bM-^@M-^\noM-bM-^@M-^], then the master
-             connection will not be placed into the background, and will close
-             as soon as the initial client connection is closed.  If set to
-             M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\0M-bM-^@M-^], then the master connection will remain in the
-             background indefinitely (until killed or closed via a mechanism
-             such as the ssh(1) M-bM-^@M-^\-O exitM-bM-^@M-^] option).  If set to a time in
-             seconds, or a time in any of the formats documented in
-             sshd_config(5), then the backgrounded master connection will
-             automatically terminate after it has remained idle (with no
-             client connections) for the specified time.
-
-     DynamicForward
-             Specifies that a TCP port on the local machine be forwarded over
-             the secure channel, and the application protocol is then used to
-             determine where to connect to from the remote machine.
-
-             The argument must be [bind_address:]port.  IPv6 addresses can be
-             specified by enclosing addresses in square brackets.  By default,
-             the local port is bound in accordance with the GatewayPorts
-             setting.  However, an explicit bind_address may be used to bind
-             the connection to a specific address.  The bind_address of
-             M-bM-^@M-^\localhostM-bM-^@M-^] indicates that the listening port be bound for local
-             use only, while an empty address or M-bM-^@M-^X*M-bM-^@M-^Y indicates that the port
-             should be available from all interfaces.
-
-             Currently the SOCKS4 and SOCKS5 protocols are supported, and
-             ssh(1) will act as a SOCKS server.  Multiple forwardings may be
-             specified, and additional forwardings can be given on the command
-             line.  Only the superuser can forward privileged ports.
-
-     EnableSSHKeysign
-             Setting this option to M-bM-^@M-^\yesM-bM-^@M-^] in the global client configuration
-             file /etc/ssh/ssh_config enables the use of the helper program
-             ssh-keysign(8) during HostbasedAuthentication.  The argument must
-             be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^].  The default is M-bM-^@M-^\noM-bM-^@M-^].  This option should be
-             placed in the non-hostspecific section.  See ssh-keysign(8) for
-             more information.
-
-     EscapeChar
-             Sets the escape character (default: M-bM-^@M-^X~M-bM-^@M-^Y).  The escape character
-             can also be set on the command line.  The argument should be a
-             single character, M-bM-^@M-^X^M-bM-^@M-^Y followed by a letter, or M-bM-^@M-^\noneM-bM-^@M-^] to disable
-             the escape character entirely (making the connection transparent
-             for binary data).
-
-     ExitOnForwardFailure
-             Specifies whether ssh(1) should terminate the connection if it
-             cannot set up all requested dynamic, tunnel, local, and remote
-             port forwardings.  The argument must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^].  The
-             default is M-bM-^@M-^\noM-bM-^@M-^].
-
-     FingerprintHash
-             Specifies the hash algorithm used when displaying key
-             fingerprints.  Valid options are: M-bM-^@M-^\md5M-bM-^@M-^] and M-bM-^@M-^\sha256M-bM-^@M-^].  The
-             default is M-bM-^@M-^\sha256M-bM-^@M-^].
-
-     ForwardAgent
-             Specifies whether the connection to the authentication agent (if
-             any) will be forwarded to the remote machine.  The argument must
-             be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^].  The default is M-bM-^@M-^\noM-bM-^@M-^].
-
-             Agent forwarding should be enabled with caution.  Users with the
-             ability to bypass file permissions on the remote host (for the
-             agent's Unix-domain socket) can access the local agent through
-             the forwarded connection.  An attacker cannot obtain key material
-             from the agent, however they can perform operations on the keys
-             that enable them to authenticate using the identities loaded into
-             the agent.
-
-     ForwardX11
-             Specifies whether X11 connections will be automatically
-             redirected over the secure channel and DISPLAY set.  The argument
-             must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^].  The default is M-bM-^@M-^\noM-bM-^@M-^].
-
-             X11 forwarding should be enabled with caution.  Users with the
-             ability to bypass file permissions on the remote host (for the
-             user's X11 authorization database) can access the local X11
-             display through the forwarded connection.  An attacker may then
-             be able to perform activities such as keystroke monitoring if the
-             ForwardX11Trusted option is also enabled.
-
-     ForwardX11Timeout
-             Specify a timeout for untrusted X11 forwarding using the format
-             described in the TIME FORMATS section of sshd_config(5).  X11
-             connections received by ssh(1) after this time will be refused.
-             The default is to disable untrusted X11 forwarding after twenty
-             minutes has elapsed.
-
-     ForwardX11Trusted
-             If this option is set to M-bM-^@M-^\yesM-bM-^@M-^], remote X11 clients will have full
-             access to the original X11 display.
-
-             If this option is set to M-bM-^@M-^\noM-bM-^@M-^], remote X11 clients will be
-             considered untrusted and prevented from stealing or tampering
-             with data belonging to trusted X11 clients.  Furthermore, the
-             xauth(1) token used for the session will be set to expire after
-             20 minutes.  Remote clients will be refused access after this
-             time.
-
-             The default is M-bM-^@M-^\noM-bM-^@M-^].
-
-             See the X11 SECURITY extension specification for full details on
-             the restrictions imposed on untrusted clients.
-
-     GatewayPorts
-             Specifies whether remote hosts are allowed to connect to local
-             forwarded ports.  By default, ssh(1) binds local port forwardings
-             to the loopback address.  This prevents other remote hosts from
-             connecting to forwarded ports.  GatewayPorts can be used to
-             specify that ssh should bind local port forwardings to the
-             wildcard address, thus allowing remote hosts to connect to
-             forwarded ports.  The argument must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^].  The
-             default is M-bM-^@M-^\noM-bM-^@M-^].
-
-     GlobalKnownHostsFile
-             Specifies one or more files to use for the global host key
-             database, separated by whitespace.  The default is
-             /etc/ssh/ssh_known_hosts, /etc/ssh/ssh_known_hosts2.
-
-     GSSAPIAuthentication
-             Specifies whether user authentication based on GSSAPI is allowed.
-             The default is M-bM-^@M-^\noM-bM-^@M-^].  Note that this option applies to protocol
-             version 2 only.
-
-     GSSAPIDelegateCredentials
-             Forward (delegate) credentials to the server.  The default is
-             M-bM-^@M-^\noM-bM-^@M-^].  Note that this option applies to protocol version 2 only.
-
-     HashKnownHosts
-             Indicates that ssh(1) should hash host names and addresses when
-             they are added to ~/.ssh/known_hosts.  These hashed names may be
-             used normally by ssh(1) and sshd(8), but they do not reveal
-             identifying information should the file's contents be disclosed.
-             The default is M-bM-^@M-^\noM-bM-^@M-^].  Note that existing names and addresses in
-             known hosts files will not be converted automatically, but may be
-             manually hashed using ssh-keygen(1).
-
-     HostbasedAuthentication
-             Specifies whether to try rhosts based authentication with public
-             key authentication.  The argument must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^].  The
-             default is M-bM-^@M-^\noM-bM-^@M-^].  This option applies to protocol version 2 only
-             and is similar to RhostsRSAAuthentication.
-
-     HostbasedKeyTypes
-             Specifies the key types that will be used for hostbased
-             authentication as a comma-separated pattern list.  The default
-             M-bM-^@M-^\*M-bM-^@M-^] will allow all key types.  The -Q option of ssh(1) may be
-             used to list supported key types.
-
-     HostKeyAlgorithms
-             Specifies the protocol version 2 host key algorithms that the
-             client wants to use in order of preference.  The default for this
-             option is:
-
-                ecdsa-sha2-nistp256-cert-v01@openssh.com,
-                ecdsa-sha2-nistp384-cert-v01@openssh.com,
-                ecdsa-sha2-nistp521-cert-v01@openssh.com,
-                ssh-ed25519-cert-v01@openssh.com,
-                ssh-rsa-cert-v01@openssh.com,ssh-dss-cert-v01@openssh.com,
-                ssh-rsa-cert-v00@openssh.com,ssh-dss-cert-v00@openssh.com,
-                ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,
-                ssh-ed25519,ssh-rsa,ssh-dss
-
-             If hostkeys are known for the destination host then this default
-             is modified to prefer their algorithms.
-
-             The list of available key types may also be obtained using the -Q
-             option of ssh(1) with an argument of M-bM-^@M-^\keyM-bM-^@M-^].
-
-     HostKeyAlias
-             Specifies an alias that should be used instead of the real host
-             name when looking up or saving the host key in the host key
-             database files.  This option is useful for tunneling SSH
-             connections or for multiple servers running on a single host.
-
-     HostName
-             Specifies the real host name to log into.  This can be used to
-             specify nicknames or abbreviations for hosts.  If the hostname
-             contains the character sequence M-bM-^@M-^X%hM-bM-^@M-^Y, then this will be replaced
-             with the host name specified on the command line (this is useful
-             for manipulating unqualified names).  The character sequence M-bM-^@M-^X%%M-bM-^@M-^Y
-             will be replaced by a single M-bM-^@M-^X%M-bM-^@M-^Y character, which may be used
-             when specifying IPv6 link-local addresses.
-
-             The default is the name given on the command line.  Numeric IP
-             addresses are also permitted (both on the command line and in
-             HostName specifications).
-
-     IdentitiesOnly
-             Specifies that ssh(1) should only use the authentication identity
-             files configured in the ssh_config files, even if ssh-agent(1) or
-             a PKCS11Provider offers more identities.  The argument to this
-             keyword must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^].  This option is intended for
-             situations where ssh-agent offers many different identities.  The
-             default is M-bM-^@M-^\noM-bM-^@M-^].
-
-     IdentityFile
-             Specifies a file from which the user's DSA, ECDSA, Ed25519 or RSA
-             authentication identity is read.  The default is ~/.ssh/identity
-             for protocol version 1, and ~/.ssh/id_dsa, ~/.ssh/id_ecdsa,
-             ~/.ssh/id_ed25519 and ~/.ssh/id_rsa for protocol version 2.
-             Additionally, any identities represented by the authentication
-             agent will be used for authentication unless IdentitiesOnly is
-             set.  ssh(1) will try to load certificate information from the
-             filename obtained by appending -cert.pub to the path of a
-             specified IdentityFile.
-
-             The file name may use the tilde syntax to refer to a user's home
-             directory or one of the following escape characters: M-bM-^@M-^X%dM-bM-^@M-^Y (local
-             user's home directory), M-bM-^@M-^X%uM-bM-^@M-^Y (local user name), M-bM-^@M-^X%lM-bM-^@M-^Y (local host
-             name), M-bM-^@M-^X%hM-bM-^@M-^Y (remote host name) or M-bM-^@M-^X%rM-bM-^@M-^Y (remote user name).
-
-             It is possible to have multiple identity files specified in
-             configuration files; all these identities will be tried in
-             sequence.  Multiple IdentityFile directives will add to the list
-             of identities tried (this behaviour differs from that of other
-             configuration directives).
-
-             IdentityFile may be used in conjunction with IdentitiesOnly to
-             select which identities in an agent are offered during
-             authentication.
-
-     IgnoreUnknown
-             Specifies a pattern-list of unknown options to be ignored if they
-             are encountered in configuration parsing.  This may be used to
-             suppress errors if ssh_config contains options that are
-             unrecognised by ssh(1).  It is recommended that IgnoreUnknown be
-             listed early in the configuration file as it will not be applied
-             to unknown options that appear before it.
-
-     IPQoS   Specifies the IPv4 type-of-service or DSCP class for connections.
-             Accepted values are M-bM-^@M-^\af11M-bM-^@M-^], M-bM-^@M-^\af12M-bM-^@M-^], M-bM-^@M-^\af13M-bM-^@M-^], M-bM-^@M-^\af21M-bM-^@M-^], M-bM-^@M-^\af22M-bM-^@M-^],
-             M-bM-^@M-^\af23M-bM-^@M-^], M-bM-^@M-^\af31M-bM-^@M-^], M-bM-^@M-^\af32M-bM-^@M-^], M-bM-^@M-^\af33M-bM-^@M-^], M-bM-^@M-^\af41M-bM-^@M-^], M-bM-^@M-^\af42M-bM-^@M-^], M-bM-^@M-^\af43M-bM-^@M-^], M-bM-^@M-^\cs0M-bM-^@M-^],
-             M-bM-^@M-^\cs1M-bM-^@M-^], M-bM-^@M-^\cs2M-bM-^@M-^], M-bM-^@M-^\cs3M-bM-^@M-^], M-bM-^@M-^\cs4M-bM-^@M-^], M-bM-^@M-^\cs5M-bM-^@M-^], M-bM-^@M-^\cs6M-bM-^@M-^], M-bM-^@M-^\cs7M-bM-^@M-^], M-bM-^@M-^\efM-bM-^@M-^],
-             M-bM-^@M-^\lowdelayM-bM-^@M-^], M-bM-^@M-^\throughputM-bM-^@M-^], M-bM-^@M-^\reliabilityM-bM-^@M-^], or a numeric value.
-             This option may take one or two arguments, separated by
-             whitespace.  If one argument is specified, it is used as the
-             packet class unconditionally.  If two values are specified, the
-             first is automatically selected for interactive sessions and the
-             second for non-interactive sessions.  The default is M-bM-^@M-^\lowdelayM-bM-^@M-^]
-             for interactive sessions and M-bM-^@M-^\throughputM-bM-^@M-^] for non-interactive
-             sessions.
-
-     KbdInteractiveAuthentication
-             Specifies whether to use keyboard-interactive authentication.
-             The argument to this keyword must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^].  The default
-             is M-bM-^@M-^\yesM-bM-^@M-^].
-
-     KbdInteractiveDevices
-             Specifies the list of methods to use in keyboard-interactive
-             authentication.  Multiple method names must be comma-separated.
-             The default is to use the server specified list.  The methods
-             available vary depending on what the server supports.  For an
-             OpenSSH server, it may be zero or more of: M-bM-^@M-^\bsdauthM-bM-^@M-^], M-bM-^@M-^\pamM-bM-^@M-^], and
-             M-bM-^@M-^\skeyM-bM-^@M-^].
-
-     KexAlgorithms
-             Specifies the available KEX (Key Exchange) algorithms.  Multiple
-             algorithms must be comma-separated.  The default is:
-
-                   curve25519-sha256@libssh.org,
-                   ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,
-                   diffie-hellman-group-exchange-sha256,
-                   diffie-hellman-group-exchange-sha1,
-                   diffie-hellman-group14-sha1,
-                   diffie-hellman-group1-sha1
-
-             The list of available key exchange algorithms may also be
-             obtained using the -Q option of ssh(1) with an argument of M-bM-^@M-^\kexM-bM-^@M-^].
-
-     LocalCommand
-             Specifies a command to execute on the local machine after
-             successfully connecting to the server.  The command string
-             extends to the end of the line, and is executed with the user's
-             shell.  The following escape character substitutions will be
-             performed: M-bM-^@M-^X%dM-bM-^@M-^Y (local user's home directory), M-bM-^@M-^X%hM-bM-^@M-^Y (remote host
-             name), M-bM-^@M-^X%lM-bM-^@M-^Y (local host name), M-bM-^@M-^X%nM-bM-^@M-^Y (host name as provided on the
-             command line), M-bM-^@M-^X%pM-bM-^@M-^Y (remote port), M-bM-^@M-^X%rM-bM-^@M-^Y (remote user name) or
-             M-bM-^@M-^X%uM-bM-^@M-^Y (local user name) or M-bM-^@M-^X%CM-bM-^@M-^Y by a hash of the concatenation:
-             %l%h%p%r.
-
-             The command is run synchronously and does not have access to the
-             session of the ssh(1) that spawned it.  It should not be used for
-             interactive commands.
-
-             This directive is ignored unless PermitLocalCommand has been
-             enabled.
-
-     LocalForward
-             Specifies that a TCP port on the local machine be forwarded over
-             the secure channel to the specified host and port from the remote
-             machine.  The first argument must be [bind_address:]port and the
-             second argument must be host:hostport.  IPv6 addresses can be
-             specified by enclosing addresses in square brackets.  Multiple
-             forwardings may be specified, and additional forwardings can be
-             given on the command line.  Only the superuser can forward
-             privileged ports.  By default, the local port is bound in
-             accordance with the GatewayPorts setting.  However, an explicit
-             bind_address may be used to bind the connection to a specific
-             address.  The bind_address of M-bM-^@M-^\localhostM-bM-^@M-^] indicates that the
-             listening port be bound for local use only, while an empty
-             address or M-bM-^@M-^X*M-bM-^@M-^Y indicates that the port should be available from
-             all interfaces.
-
-     LogLevel
-             Gives the verbosity level that is used when logging messages from
-             ssh(1).  The possible values are: QUIET, FATAL, ERROR, INFO,
-             VERBOSE, DEBUG, DEBUG1, DEBUG2, and DEBUG3.  The default is INFO.
-             DEBUG and DEBUG1 are equivalent.  DEBUG2 and DEBUG3 each specify
-             higher levels of verbose output.
-
-     MACs    Specifies the MAC (message authentication code) algorithms in
-             order of preference.  The MAC algorithm is used in protocol
-             version 2 for data integrity protection.  Multiple algorithms
-             must be comma-separated.  The algorithms that contain M-bM-^@M-^\-etmM-bM-^@M-^]
-             calculate the MAC after encryption (encrypt-then-mac).  These are
-             considered safer and their use recommended.  The default is:
-
-                   umac-64-etm@openssh.com,umac-128-etm@openssh.com,
-                   hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,
-                   umac-64@openssh.com,umac-128@openssh.com,
-                   hmac-sha2-256,hmac-sha2-512,
-                   hmac-md5-etm@openssh.com,hmac-sha1-etm@openssh.com,
-                   hmac-ripemd160-etm@openssh.com,
-                   hmac-sha1-96-etm@openssh.com,hmac-md5-96-etm@openssh.com,
-                   hmac-md5,hmac-sha1,hmac-ripemd160,
-                   hmac-sha1-96,hmac-md5-96
-
-             The list of available MAC algorithms may also be obtained using
-             the -Q option of ssh(1) with an argument of M-bM-^@M-^\macM-bM-^@M-^].
-
-     NoHostAuthenticationForLocalhost
-             This option can be used if the home directory is shared across
-             machines.  In this case localhost will refer to a different
-             machine on each of the machines and the user will get many
-             warnings about changed host keys.  However, this option disables
-             host authentication for localhost.  The argument to this keyword
-             must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^].  The default is to check the host key for
-             localhost.
-
-     NumberOfPasswordPrompts
-             Specifies the number of password prompts before giving up.  The
-             argument to this keyword must be an integer.  The default is 3.
-
-     PasswordAuthentication
-             Specifies whether to use password authentication.  The argument
-             to this keyword must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^].  The default is M-bM-^@M-^\yesM-bM-^@M-^].
-
-     PermitLocalCommand
-             Allow local command execution via the LocalCommand option or
-             using the !command escape sequence in ssh(1).  The argument must
-             be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^].  The default is M-bM-^@M-^\noM-bM-^@M-^].
-
-     PKCS11Provider
-             Specifies which PKCS#11 provider to use.  The argument to this
-             keyword is the PKCS#11 shared library ssh(1) should use to
-             communicate with a PKCS#11 token providing the user's private RSA
-             key.
-
-     Port    Specifies the port number to connect on the remote host.  The
-             default is 22.
-
-     PreferredAuthentications
-             Specifies the order in which the client should try protocol 2
-             authentication methods.  This allows a client to prefer one
-             method (e.g. keyboard-interactive) over another method (e.g.
-             password).  The default is:
-
-                   gssapi-with-mic,hostbased,publickey,
-                   keyboard-interactive,password
-
-     Protocol
-             Specifies the protocol versions ssh(1) should support in order of
-             preference.  The possible values are M-bM-^@M-^X1M-bM-^@M-^Y and M-bM-^@M-^X2M-bM-^@M-^Y.  Multiple
-             versions must be comma-separated.  When this option is set to
-             M-bM-^@M-^\2,1M-bM-^@M-^] ssh will try version 2 and fall back to version 1 if
-             version 2 is not available.  The default is M-bM-^@M-^X2M-bM-^@M-^Y.
-
-     ProxyCommand
-             Specifies the command to use to connect to the server.  The
-             command string extends to the end of the line, and is executed
-             using the user's shell M-bM-^@M-^XexecM-bM-^@M-^Y directive to avoid a lingering
-             shell process.
-
-             In the command string, any occurrence of M-bM-^@M-^X%hM-bM-^@M-^Y will be substituted
-             by the host name to connect, M-bM-^@M-^X%pM-bM-^@M-^Y by the port, and M-bM-^@M-^X%rM-bM-^@M-^Y by the
-             remote user name.  The command can be basically anything, and
-             should read from its standard input and write to its standard
-             output.  It should eventually connect an sshd(8) server running
-             on some machine, or execute sshd -i somewhere.  Host key
-             management will be done using the HostName of the host being
-             connected (defaulting to the name typed by the user).  Setting
-             the command to M-bM-^@M-^\noneM-bM-^@M-^] disables this option entirely.  Note that
-             CheckHostIP is not available for connects with a proxy command.
-
-             This directive is useful in conjunction with nc(1) and its proxy
-             support.  For example, the following directive would connect via
-             an HTTP proxy at 192.0.2.0:
-
-                ProxyCommand /usr/bin/nc -X connect -x 192.0.2.0:8080 %h %p
-
-     ProxyUseFdpass
-             Specifies that ProxyCommand will pass a connected file descriptor
-             back to ssh(1) instead of continuing to execute and pass data.
-             The default is M-bM-^@M-^\noM-bM-^@M-^].
-
-     PubkeyAuthentication
-             Specifies whether to try public key authentication.  The argument
-             to this keyword must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^].  The default is M-bM-^@M-^\yesM-bM-^@M-^].
-             This option applies to protocol version 2 only.
-
-     RekeyLimit
-             Specifies the maximum amount of data that may be transmitted
-             before the session key is renegotiated, optionally followed a
-             maximum amount of time that may pass before the session key is
-             renegotiated.  The first argument is specified in bytes and may
-             have a suffix of M-bM-^@M-^XKM-bM-^@M-^Y, M-bM-^@M-^XMM-bM-^@M-^Y, or M-bM-^@M-^XGM-bM-^@M-^Y to indicate Kilobytes,
-             Megabytes, or Gigabytes, respectively.  The default is between
-             M-bM-^@M-^X1GM-bM-^@M-^Y and M-bM-^@M-^X4GM-bM-^@M-^Y, depending on the cipher.  The optional second
-             value is specified in seconds and may use any of the units
-             documented in the TIME FORMATS section of sshd_config(5).  The
-             default value for RekeyLimit is M-bM-^@M-^\default noneM-bM-^@M-^], which means that
-             rekeying is performed after the cipher's default amount of data
-             has been sent or received and no time based rekeying is done.
-             This option applies to protocol version 2 only.
-
-     RemoteForward
-             Specifies that a TCP port on the remote machine be forwarded over
-             the secure channel to the specified host and port from the local
-             machine.  The first argument must be [bind_address:]port and the
-             second argument must be host:hostport.  IPv6 addresses can be
-             specified by enclosing addresses in square brackets.  Multiple
-             forwardings may be specified, and additional forwardings can be
-             given on the command line.  Privileged ports can be forwarded
-             only when logging in as root on the remote machine.
-
-             If the port argument is M-bM-^@M-^X0M-bM-^@M-^Y, the listen port will be dynamically
-             allocated on the server and reported to the client at run time.
-
-             If the bind_address is not specified, the default is to only bind
-             to loopback addresses.  If the bind_address is M-bM-^@M-^X*M-bM-^@M-^Y or an empty
-             string, then the forwarding is requested to listen on all
-             interfaces.  Specifying a remote bind_address will only succeed
-             if the server's GatewayPorts option is enabled (see
-             sshd_config(5)).
-
-     RequestTTY
-             Specifies whether to request a pseudo-tty for the session.  The
-             argument may be one of: M-bM-^@M-^\noM-bM-^@M-^] (never request a TTY), M-bM-^@M-^\yesM-bM-^@M-^] (always
-             request a TTY when standard input is a TTY), M-bM-^@M-^\forceM-bM-^@M-^] (always
-             request a TTY) or M-bM-^@M-^\autoM-bM-^@M-^] (request a TTY when opening a login
-             session).  This option mirrors the -t and -T flags for ssh(1).
-
-     RevokedHostKeys
-             Specifies revoked host public keys.  Keys listed in this file
-             will be refused for host authentication.  Note that if this file
-             does not exist or is not readable, then host authentication will
-             be refused for all hosts.  Keys may be specified as a text file,
-             listing one public key per line, or as an OpenSSH Key Revocation
-             List (KRL) as generated by ssh-keygen(1).  For more information
-             on KRLs, see the KEY REVOCATION LISTS section in ssh-keygen(1).
-
-     RhostsRSAAuthentication
-             Specifies whether to try rhosts based authentication with RSA
-             host authentication.  The argument must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^].  The
-             default is M-bM-^@M-^\noM-bM-^@M-^].  This option applies to protocol version 1 only
-             and requires ssh(1) to be setuid root.
-
-     RSAAuthentication
-             Specifies whether to try RSA authentication.  The argument to
-             this keyword must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^].  RSA authentication will only
-             be attempted if the identity file exists, or an authentication
-             agent is running.  The default is M-bM-^@M-^\yesM-bM-^@M-^].  Note that this option
-             applies to protocol version 1 only.
-
-     SendEnv
-             Specifies what variables from the local environ(7) should be sent
-             to the server.  Note that environment passing is only supported
-             for protocol 2.  The server must also support it, and the server
-             must be configured to accept these environment variables.  Note
-             that the TERM environment variable is always sent whenever a
-             pseudo-terminal is requested as it is required by the protocol.
-             Refer to AcceptEnv in sshd_config(5) for how to configure the
-             server.  Variables are specified by name, which may contain
-             wildcard characters.  Multiple environment variables may be
-             separated by whitespace or spread across multiple SendEnv
-             directives.  The default is not to send any environment
-             variables.
-
-             See PATTERNS for more information on patterns.
-
-     ServerAliveCountMax
-             Sets the number of server alive messages (see below) which may be
-             sent without ssh(1) receiving any messages back from the server.
-             If this threshold is reached while server alive messages are
-             being sent, ssh will disconnect from the server, terminating the
-             session.  It is important to note that the use of server alive
-             messages is very different from TCPKeepAlive (below).  The server
-             alive messages are sent through the encrypted channel and
-             therefore will not be spoofable.  The TCP keepalive option
-             enabled by TCPKeepAlive is spoofable.  The server alive mechanism
-             is valuable when the client or server depend on knowing when a
-             connection has become inactive.
-
-             The default value is 3.  If, for example, ServerAliveInterval
-             (see below) is set to 15 and ServerAliveCountMax is left at the
-             default, if the server becomes unresponsive, ssh will disconnect
-             after approximately 45 seconds.  This option applies to protocol
-             version 2 only.
-
-     ServerAliveInterval
-             Sets a timeout interval in seconds after which if no data has
-             been received from the server, ssh(1) will send a message through
-             the encrypted channel to request a response from the server.  The
-             default is 0, indicating that these messages will not be sent to
-             the server.  This option applies to protocol version 2 only.
-
-     StreamLocalBindMask
-             Sets the octal file creation mode mask (umask) used when creating
-             a Unix-domain socket file for local or remote port forwarding.
-             This option is only used for port forwarding to a Unix-domain
-             socket file.
-
-             The default value is 0177, which creates a Unix-domain socket
-             file that is readable and writable only by the owner.  Note that
-             not all operating systems honor the file mode on Unix-domain
-             socket files.
-
-     StreamLocalBindUnlink
-             Specifies whether to remove an existing Unix-domain socket file
-             for local or remote port forwarding before creating a new one.
-             If the socket file already exists and StreamLocalBindUnlink is
-             not enabled, ssh will be unable to forward the port to the Unix-
-             domain socket file.  This option is only used for port forwarding
-             to a Unix-domain socket file.
-
-             The argument must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^].  The default is M-bM-^@M-^\noM-bM-^@M-^].
-
-     StrictHostKeyChecking
-             If this flag is set to M-bM-^@M-^\yesM-bM-^@M-^], ssh(1) will never automatically add
-             host keys to the ~/.ssh/known_hosts file, and refuses to connect
-             to hosts whose host key has changed.  This provides maximum
-             protection against trojan horse attacks, though it can be
-             annoying when the /etc/ssh/ssh_known_hosts file is poorly
-             maintained or when connections to new hosts are frequently made.
-             This option forces the user to manually add all new hosts.  If
-             this flag is set to M-bM-^@M-^\noM-bM-^@M-^], ssh will automatically add new host
-             keys to the user known hosts files.  If this flag is set to
-             M-bM-^@M-^\askM-bM-^@M-^], new host keys will be added to the user known host files
-             only after the user has confirmed that is what they really want
-             to do, and ssh will refuse to connect to hosts whose host key has
-             changed.  The host keys of known hosts will be verified
-             automatically in all cases.  The argument must be M-bM-^@M-^\yesM-bM-^@M-^], M-bM-^@M-^\noM-bM-^@M-^], or
-             M-bM-^@M-^\askM-bM-^@M-^].  The default is M-bM-^@M-^\askM-bM-^@M-^].
-
-     TCPKeepAlive
-             Specifies whether the system should send TCP keepalive messages
-             to the other side.  If they are sent, death of the connection or
-             crash of one of the machines will be properly noticed.  However,
-             this means that connections will die if the route is down
-             temporarily, and some people find it annoying.
-
-             The default is M-bM-^@M-^\yesM-bM-^@M-^] (to send TCP keepalive messages), and the
-             client will notice if the network goes down or the remote host
-             dies.  This is important in scripts, and many users want it too.
-
-             To disable TCP keepalive messages, the value should be set to
-             M-bM-^@M-^\noM-bM-^@M-^].
-
-     Tunnel  Request tun(4) device forwarding between the client and the
-             server.  The argument must be M-bM-^@M-^\yesM-bM-^@M-^], M-bM-^@M-^\point-to-pointM-bM-^@M-^] (layer 3),
-             M-bM-^@M-^\ethernetM-bM-^@M-^] (layer 2), or M-bM-^@M-^\noM-bM-^@M-^].  Specifying M-bM-^@M-^\yesM-bM-^@M-^] requests the
-             default tunnel mode, which is M-bM-^@M-^\point-to-pointM-bM-^@M-^].  The default is
-             M-bM-^@M-^\noM-bM-^@M-^].
-
-     TunnelDevice
-             Specifies the tun(4) devices to open on the client (local_tun)
-             and the server (remote_tun).
-
-             The argument must be local_tun[:remote_tun].  The devices may be
-             specified by numerical ID or the keyword M-bM-^@M-^\anyM-bM-^@M-^], which uses the
-             next available tunnel device.  If remote_tun is not specified, it
-             defaults to M-bM-^@M-^\anyM-bM-^@M-^].  The default is M-bM-^@M-^\any:anyM-bM-^@M-^].
-
-     UpdateHostKeys
-             Specifies whether ssh(1) should accept notifications of
-             additional hostkeys from the server sent after authentication has
-             completed and add them to UserKnownHostsFile.  The argument must
-             be M-bM-^@M-^\yesM-bM-^@M-^], M-bM-^@M-^\noM-bM-^@M-^] (the default) or M-bM-^@M-^\askM-bM-^@M-^].  Enabling this option
-             allows learning alternate hostkeys for a server and supports
-             graceful key rotation by allowing a server to send replacement
-             public keys before old ones are removed.  Additional hostkeys are
-             only accepted if the key used to authenticate the host was
-             already trusted or explicity accepted by the user.  If
-             UpdateHostKeys is set to M-bM-^@M-^\askM-bM-^@M-^], then the user is asked to confirm
-             the modifications to the known_hosts file.  Confirmation is
-             currently incompatible with ControlPersist, and will be disabled
-             if it is enabled.
-
-             Presently, only sshd(8) from OpenSSH 6.8 and greater support the
-             M-bM-^@M-^\hostkeys@openssh.comM-bM-^@M-^] protocol extension used to inform the
-             client of all the server's hostkeys.
-
-     UsePrivilegedPort
-             Specifies whether to use a privileged port for outgoing
-             connections.  The argument must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^].  The default is
-             M-bM-^@M-^\noM-bM-^@M-^].  If set to M-bM-^@M-^\yesM-bM-^@M-^], ssh(1) must be setuid root.  Note that
-             this option must be set to M-bM-^@M-^\yesM-bM-^@M-^] for RhostsRSAAuthentication with
-             older servers.
-
-     User    Specifies the user to log in as.  This can be useful when a
-             different user name is used on different machines.  This saves
-             the trouble of having to remember to give the user name on the
-             command line.
-
-     UserKnownHostsFile
-             Specifies one or more files to use for the user host key
-             database, separated by whitespace.  The default is
-             ~/.ssh/known_hosts, ~/.ssh/known_hosts2.
-
-     VerifyHostKeyDNS
-             Specifies whether to verify the remote key using DNS and SSHFP
-             resource records.  If this option is set to M-bM-^@M-^\yesM-bM-^@M-^], the client
-             will implicitly trust keys that match a secure fingerprint from
-             DNS.  Insecure fingerprints will be handled as if this option was
-             set to M-bM-^@M-^\askM-bM-^@M-^].  If this option is set to M-bM-^@M-^\askM-bM-^@M-^], information on
-             fingerprint match will be displayed, but the user will still need
-             to confirm new host keys according to the StrictHostKeyChecking
-             option.  The argument must be M-bM-^@M-^\yesM-bM-^@M-^], M-bM-^@M-^\noM-bM-^@M-^], or M-bM-^@M-^\askM-bM-^@M-^].  The default
-             is M-bM-^@M-^\noM-bM-^@M-^].  Note that this option applies to protocol version 2
-             only.
-
-             See also VERIFYING HOST KEYS in ssh(1).
-
-     VisualHostKey
-             If this flag is set to M-bM-^@M-^\yesM-bM-^@M-^], an ASCII art representation of the
-             remote host key fingerprint is printed in addition to the
-             fingerprint string at login and for unknown host keys.  If this
-             flag is set to M-bM-^@M-^\noM-bM-^@M-^], no fingerprint strings are printed at login
-             and only the fingerprint string will be printed for unknown host
-             keys.  The default is M-bM-^@M-^\noM-bM-^@M-^].
-
-     XAuthLocation
-             Specifies the full pathname of the xauth(1) program.  The default
-             is /usr/X11R6/bin/xauth.
-
-PATTERNS
-     A pattern consists of zero or more non-whitespace characters, M-bM-^@M-^X*M-bM-^@M-^Y (a
-     wildcard that matches zero or more characters), or M-bM-^@M-^X?M-bM-^@M-^Y (a wildcard that
-     matches exactly one character).  For example, to specify a set of
-     declarations for any host in the M-bM-^@M-^\.co.ukM-bM-^@M-^] set of domains, the following
-     pattern could be used:
-
-           Host *.co.uk
-
-     The following pattern would match any host in the 192.168.0.[0-9] network
-     range:
-
-           Host 192.168.0.?
-
-     A pattern-list is a comma-separated list of patterns.  Patterns within
-     pattern-lists may be negated by preceding them with an exclamation mark
-     (M-bM-^@M-^X!M-bM-^@M-^Y).  For example, to allow a key to be used from anywhere within an
-     organization except from the M-bM-^@M-^\dialupM-bM-^@M-^] pool, the following entry (in
-     authorized_keys) could be used:
-
-           from="!*.dialup.example.com,*.example.com"
-
-FILES
-     ~/.ssh/config
-             This is the per-user configuration file.  The format of this file
-             is described above.  This file is used by the SSH client.
-             Because of the potential for abuse, this file must have strict
-             permissions: read/write for the user, and not accessible by
-             others.
-
-     /etc/ssh/ssh_config
-             Systemwide configuration file.  This file provides defaults for
-             those values that are not specified in the user's configuration
-             file, and for those users who do not have a configuration file.
-             This file must be world-readable.
-
-SEE ALSO
-     ssh(1)
-
-AUTHORS
-     OpenSSH is a derivative of the original and free ssh 1.2.12 release by
-     Tatu Ylonen.  Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo
-     de Raadt and Dug Song removed many bugs, re-added newer features and
-     created OpenSSH.  Markus Friedl contributed the support for SSH protocol
-     versions 1.5 and 2.0.
-
-OpenBSD 5.7                      June 2, 2015                      OpenBSD 5.7
diff --git a/crypto/openssh/ssh_config.5 b/crypto/openssh/ssh_config.5
index 9812072..9f67608 100644
--- a/crypto/openssh/ssh_config.5
+++ b/crypto/openssh/ssh_config.5
@@ -33,9 +33,9 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: ssh_config.5,v 1.211 2015/06/02 09:10:40 djm Exp $
+.\" $OpenBSD: ssh_config.5,v 1.215 2015/08/14 15:32:41 jmc Exp $
 .\" $FreeBSD$
-.Dd $Mdocdate: June 2 2015 $
+.Dd $Mdocdate: August 14 2015 $
 .Dt SSH_CONFIG 5
 .Os
 .Sh NAME
@@ -374,6 +374,11 @@ The default is
 Specifies the ciphers allowed for protocol version 2
 in order of preference.
 Multiple ciphers must be comma-separated.
+If the specified value begins with a
+.Sq +
+character, then the specified ciphers will be appended to the default set
+instead of replacing them.
+.Pp
 The supported ciphers are:
 .Pp
 .Bl -item -compact -offset indent
@@ -411,9 +416,9 @@ chacha20-poly1305@openssh.com
 .Pp
 The default is:
 .Bd -literal -offset indent
+chacha20-poly1305@openssh.com,
 aes128-ctr,aes192-ctr,aes256-ctr,
 aes128-gcm@openssh.com,aes256-gcm@openssh.com,
-chacha20-poly1305@openssh.com,
 arcfour256,arcfour128,
 aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,
 aes192-cbc,aes256-cbc,arcfour
@@ -782,9 +787,23 @@ is similar to
 .It Cm HostbasedKeyTypes
 Specifies the key types that will be used for hostbased authentication
 as a comma-separated pattern list.
-The default
-.Dq *
-will allow all key types.
+Alternately if the specified value begins with a
+.Sq +
+character, then the specified key types will be appended to the default set
+instead of replacing them.
+The default for this option is:
+.Bd -literal -offset 3n
+ecdsa-sha2-nistp256-cert-v01@openssh.com,
+ecdsa-sha2-nistp384-cert-v01@openssh.com,
+ecdsa-sha2-nistp521-cert-v01@openssh.com,
+ssh-ed25519-cert-v01@openssh.com,
+ssh-rsa-cert-v01@openssh.com,
+ssh-dss-cert-v01@openssh.com,
+ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,
+ecdsa-sha2-nistp521,ssh-ed25519,
+ssh-rsa,ssh-dss
+.Ed
+.Pp
 The
 .Fl Q
 option of
@@ -793,16 +812,21 @@ may be used to list supported key types.
 .It Cm HostKeyAlgorithms
 Specifies the protocol version 2 host key algorithms
 that the client wants to use in order of preference.
+Alternately if the specified value begins with a
+.Sq +
+character, then the specified key types will be appended to the default set
+instead of replacing them.
 The default for this option is:
 .Bd -literal -offset 3n
 ecdsa-sha2-nistp256-cert-v01@openssh.com,
 ecdsa-sha2-nistp384-cert-v01@openssh.com,
 ecdsa-sha2-nistp521-cert-v01@openssh.com,
 ssh-ed25519-cert-v01@openssh.com,
-ssh-rsa-cert-v01@openssh.com,ssh-dss-cert-v01@openssh.com,
-ssh-rsa-cert-v00@openssh.com,ssh-dss-cert-v00@openssh.com,
-ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,
-ssh-ed25519,ssh-rsa,ssh-dss
+ssh-rsa-cert-v01@openssh.com,
+ssh-dss-cert-v01@openssh.com,
+ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,
+ecdsa-sha2-nistp521,ssh-ed25519,
+ssh-rsa,ssh-dss
 .Ed
 .Pp
 If hostkeys are known for the destination host then this default is modified
@@ -975,14 +999,17 @@ and
 .It Cm KexAlgorithms
 Specifies the available KEX (Key Exchange) algorithms.
 Multiple algorithms must be comma-separated.
+Alternately if the specified value begins with a
+.Sq +
+character, then the specified methods will be appended to the default set
+instead of replacing them.
 The default is:
 .Bd -literal -offset indent
 curve25519-sha256@libssh.org,
 ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,
 diffie-hellman-group-exchange-sha256,
 diffie-hellman-group-exchange-sha1,
-diffie-hellman-group14-sha1,
-diffie-hellman-group1-sha1
+diffie-hellman-group14-sha1
 .Ed
 .Pp
 The list of available key exchange algorithms may also be obtained using the
@@ -1064,10 +1091,16 @@ in order of preference.
 The MAC algorithm is used in protocol version 2
 for data integrity protection.
 Multiple algorithms must be comma-separated.
+If the specified value begins with a
+.Sq +
+character, then the specified algorithms will be appended to the default set
+instead of replacing them.
+.Pp
 The algorithms that contain
 .Dq -etm
 calculate the MAC after encryption (encrypt-then-mac).
 These are considered safer and their use recommended.
+.Pp
 The default is:
 .Bd -literal -offset indent
 umac-64-etm@openssh.com,umac-128-etm@openssh.com,
@@ -1208,6 +1241,31 @@ will pass a connected file descriptor back to
 instead of continuing to execute and pass data.
 The default is
 .Dq no .
+.It Cm PubkeyAcceptedKeyTypes
+Specifies the key types that will be used for public key authentication
+as a comma-separated pattern list.
+Alternately if the specified value begins with a
+.Sq +
+character, then the key types after it will be appended to the default
+instead of replacing it.
+The default for this option is:
+.Bd -literal -offset 3n
+ecdsa-sha2-nistp256-cert-v01@openssh.com,
+ecdsa-sha2-nistp384-cert-v01@openssh.com,
+ecdsa-sha2-nistp521-cert-v01@openssh.com,
+ssh-ed25519-cert-v01@openssh.com,
+ssh-rsa-cert-v01@openssh.com,
+ssh-dss-cert-v01@openssh.com,
+ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,
+ecdsa-sha2-nistp521,ssh-ed25519,
+ssh-rsa,ssh-dss
+.Ed
+.Pp
+The
+.Fl Q
+option of
+.Xr ssh 1
+may be used to list supported key types.
 .It Cm PubkeyAuthentication
 Specifies whether to try public key authentication.
 The argument to this keyword must be
@@ -1600,7 +1658,7 @@ See also VERIFYING HOST KEYS in
 Specifies a string to append to the regular version string to identify
 OS- or site-specific modifications.
 The default is
-.Dq FreeBSD-20160119 .
+.Dq FreeBSD-20160121 .
 The value
 .Dq none
 may be used to disable this.
diff --git a/crypto/openssh/ssh_namespace.h b/crypto/openssh/ssh_namespace.h
index b593fd9..30e8f18 100644
--- a/crypto/openssh/ssh_namespace.h
+++ b/crypto/openssh/ssh_namespace.h
@@ -21,6 +21,7 @@
 #define Blowfish_expandstate			Fssh_Blowfish_expandstate
 #define Blowfish_initstate			Fssh_Blowfish_initstate
 #define Blowfish_stream2word			Fssh_Blowfish_stream2word
+#define _ssh_compat_realpath			Fssh__ssh_compat_realpath
 #define _ssh_exchange_banner			Fssh__ssh_exchange_banner
 #define _ssh_host_key_sign			Fssh__ssh_host_key_sign
 #define _ssh_host_private_key			Fssh__ssh_host_private_key
@@ -379,10 +380,10 @@
 #define input_kex_ecdh_reply			Fssh_input_kex_ecdh_reply
 #define iptos2str				Fssh_iptos2str
 #define ipv64_normalise_mapped			Fssh_ipv64_normalise_mapped
-#define is_cert_revoked				Fssh_is_cert_revoked
 #define is_key_revoked				Fssh_is_key_revoked
 #define kex_alg_by_name				Fssh_kex_alg_by_name
 #define kex_alg_list				Fssh_kex_alg_list
+#define kex_assemble_names			Fssh_kex_assemble_names
 #define kex_buf2prop				Fssh_kex_buf2prop
 #define kex_c25519_hash				Fssh_kex_c25519_hash
 #define kex_derive_keys				Fssh_kex_derive_keys
@@ -393,6 +394,7 @@
 #define kex_free_newkeys			Fssh_kex_free_newkeys
 #define kex_input_kexinit			Fssh_kex_input_kexinit
 #define kex_input_newkeys			Fssh_kex_input_newkeys
+#define kex_names_cat				Fssh_kex_names_cat
 #define kex_names_valid				Fssh_kex_names_valid
 #define kex_new					Fssh_kex_new
 #define kex_prop2buf				Fssh_kex_prop2buf
@@ -600,18 +602,6 @@
 #define ssh_get_app_data			Fssh_ssh_get_app_data
 #define ssh_get_authentication_socket		Fssh_ssh_get_authentication_socket
 #define ssh_get_progname			Fssh_ssh_get_progname
-#define ssh_gssapi_build_ctx			Fssh_ssh_gssapi_build_ctx
-#define ssh_gssapi_buildmic			Fssh_ssh_gssapi_buildmic
-#define ssh_gssapi_check_mechanism		Fssh_ssh_gssapi_check_mechanism
-#define ssh_gssapi_check_oid			Fssh_ssh_gssapi_check_oid
-#define ssh_gssapi_delete_ctx			Fssh_ssh_gssapi_delete_ctx
-#define ssh_gssapi_error			Fssh_ssh_gssapi_error
-#define ssh_gssapi_import_name			Fssh_ssh_gssapi_import_name
-#define ssh_gssapi_init_ctx			Fssh_ssh_gssapi_init_ctx
-#define ssh_gssapi_last_error			Fssh_ssh_gssapi_last_error
-#define ssh_gssapi_set_oid			Fssh_ssh_gssapi_set_oid
-#define ssh_gssapi_set_oid_data			Fssh_ssh_gssapi_set_oid_data
-#define ssh_gssapi_sign				Fssh_ssh_gssapi_sign
 #define ssh_hmac_bytes				Fssh_ssh_hmac_bytes
 #define ssh_hmac_final				Fssh_ssh_hmac_final
 #define ssh_hmac_free				Fssh_ssh_hmac_free
@@ -788,7 +778,6 @@
 #define sshkey_add_private			Fssh_sshkey_add_private
 #define sshkey_cert_check_authority		Fssh_sshkey_cert_check_authority
 #define sshkey_cert_copy			Fssh_sshkey_cert_copy
-#define sshkey_cert_is_legacy			Fssh_sshkey_cert_is_legacy
 #define sshkey_cert_type			Fssh_sshkey_cert_type
 #define sshkey_certify				Fssh_sshkey_certify
 #define sshkey_check_revoked			Fssh_sshkey_check_revoked
@@ -930,6 +919,5 @@
 #define xcrypt					Fssh_xcrypt
 #define xmalloc					Fssh_xmalloc
 #define xmmap					Fssh_xmmap
-#define xrealloc				Fssh_xrealloc
 #define xreallocarray				Fssh_xreallocarray
 #define xstrdup					Fssh_xstrdup
diff --git a/crypto/openssh/sshbuf-getput-crypto.c b/crypto/openssh/sshbuf-getput-crypto.c
index e2e093c..d0d791b 100644
--- a/crypto/openssh/sshbuf-getput-crypto.c
+++ b/crypto/openssh/sshbuf-getput-crypto.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: sshbuf-getput-crypto.c,v 1.4 2015/01/14 15:02:39 djm Exp $	*/
+/*	$OpenBSD: sshbuf-getput-crypto.c,v 1.5 2016/01/12 23:42:54 djm Exp $	*/
 /*
  * Copyright (c) 2011 Damien Miller
  *
@@ -158,10 +158,10 @@ sshbuf_put_bignum2(struct sshbuf *buf, const BIGNUM *v)
 	if (len > 0 && (d[1] & 0x80) != 0)
 		prepend = 1;
 	if ((r = sshbuf_put_string(buf, d + 1 - prepend, len + prepend)) < 0) {
-		bzero(d, sizeof(d));
+		explicit_bzero(d, sizeof(d));
 		return r;
 	}
-	bzero(d, sizeof(d));
+	explicit_bzero(d, sizeof(d));
 	return 0;
 }
 
@@ -177,13 +177,13 @@ sshbuf_put_bignum1(struct sshbuf *buf, const BIGNUM *v)
 	if (BN_bn2bin(v, d) != (int)len_bytes)
 		return SSH_ERR_INTERNAL_ERROR; /* Shouldn't happen */
 	if ((r = sshbuf_reserve(buf, len_bytes + 2, &dp)) < 0) {
-		bzero(d, sizeof(d));
+		explicit_bzero(d, sizeof(d));
 		return r;
 	}
 	POKE_U16(dp, len_bits);
 	if (len_bytes != 0)
 		memcpy(dp + 2, d, len_bytes);
-	bzero(d, sizeof(d));
+	explicit_bzero(d, sizeof(d));
 	return 0;
 }
 
@@ -210,7 +210,7 @@ sshbuf_put_ec(struct sshbuf *buf, const EC_POINT *v, const EC_GROUP *g)
 	}
 	BN_CTX_free(bn_ctx);
 	ret = sshbuf_put_string(buf, d, len);
-	bzero(d, len);
+	explicit_bzero(d, len);
 	return ret;
 }
 
diff --git a/crypto/openssh/sshbuf-misc.c b/crypto/openssh/sshbuf-misc.c
index d022065..3da4b80 100644
--- a/crypto/openssh/sshbuf-misc.c
+++ b/crypto/openssh/sshbuf-misc.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: sshbuf-misc.c,v 1.4 2015/03/24 20:03:44 markus Exp $	*/
+/*	$OpenBSD: sshbuf-misc.c,v 1.5 2015/10/05 17:11:21 djm Exp $	*/
 /*
  * Copyright (c) 2011 Damien Miller
  *
@@ -103,7 +103,7 @@ sshbuf_dtob64(struct sshbuf *buf)
 	if (SIZE_MAX / 2 <= len || (ret = malloc(plen)) == NULL)
 		return NULL;
 	if ((r = b64_ntop(p, len, ret, plen)) == -1) {
-		bzero(ret, plen);
+		explicit_bzero(ret, plen);
 		free(ret);
 		return NULL;
 	}
@@ -122,16 +122,16 @@ sshbuf_b64tod(struct sshbuf *buf, const char *b64)
 	if ((p = malloc(plen)) == NULL)
 		return SSH_ERR_ALLOC_FAIL;
 	if ((nlen = b64_pton(b64, p, plen)) < 0) {
-		bzero(p, plen);
+		explicit_bzero(p, plen);
 		free(p);
 		return SSH_ERR_INVALID_FORMAT;
 	}
 	if ((r = sshbuf_put(buf, p, nlen)) < 0) {
-		bzero(p, plen);
+		explicit_bzero(p, plen);
 		free(p);
 		return r;
 	}
-	bzero(p, plen);
+	explicit_bzero(p, plen);
 	free(p);
 	return 0;
 }
diff --git a/crypto/openssh/sshbuf.c b/crypto/openssh/sshbuf.c
index dbe0c91..19e162c 100644
--- a/crypto/openssh/sshbuf.c
+++ b/crypto/openssh/sshbuf.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: sshbuf.c,v 1.3 2015/01/20 23:14:00 deraadt Exp $	*/
+/*	$OpenBSD: sshbuf.c,v 1.4 2015/10/05 17:11:21 djm Exp $	*/
 /*
  * Copyright (c) 2011 Damien Miller
  *
@@ -134,7 +134,7 @@ sshbuf_fromb(struct sshbuf *buf)
 void
 sshbuf_init(struct sshbuf *ret)
 {
-	bzero(ret, sizeof(*ret));
+	explicit_bzero(ret, sizeof(*ret));
 	ret->alloc = SSHBUF_SIZE_INIT;
 	ret->max_size = SSHBUF_SIZE_MAX;
 	ret->readonly = 0;
@@ -177,10 +177,10 @@ sshbuf_free(struct sshbuf *buf)
 		return;
 	dont_free = buf->dont_free;
 	if (!buf->readonly) {
-		bzero(buf->d, buf->alloc);
+		explicit_bzero(buf->d, buf->alloc);
 		free(buf->d);
 	}
-	bzero(buf, sizeof(*buf));
+	explicit_bzero(buf, sizeof(*buf));
 	if (!dont_free)
 		free(buf);
 }
@@ -196,7 +196,7 @@ sshbuf_reset(struct sshbuf *buf)
 		return;
 	}
 	if (sshbuf_check_sanity(buf) == 0)
-		bzero(buf->d, buf->alloc);
+		explicit_bzero(buf->d, buf->alloc);
 	buf->off = buf->size = 0;
 	if (buf->alloc != SSHBUF_SIZE_INIT) {
 		if ((d = realloc(buf->d, SSHBUF_SIZE_INIT)) != NULL) {
@@ -255,7 +255,7 @@ sshbuf_set_max_size(struct sshbuf *buf, size_t max_size)
 			rlen = roundup(buf->size, SSHBUF_SIZE_INC);
 		if (rlen > max_size)
 			rlen = max_size;
-		bzero(buf->d + buf->size, buf->alloc - buf->size);
+		explicit_bzero(buf->d + buf->size, buf->alloc - buf->size);
 		SSHBUF_DBG(("new alloc = %zu", rlen));
 		if ((dp = realloc(buf->d, rlen)) == NULL)
 			return SSH_ERR_ALLOC_FAIL;
diff --git a/crypto/openssh/sshconnect.c b/crypto/openssh/sshconnect.c
index cc0413f..11a9cf6 100644
--- a/crypto/openssh/sshconnect.c
+++ b/crypto/openssh/sshconnect.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshconnect.c,v 1.262 2015/05/28 05:41:29 dtucker Exp $ */
+/* $OpenBSD: sshconnect.c,v 1.263 2015/08/20 22:32:42 deraadt Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -358,7 +358,7 @@ timeout_connect(int sockfd, const struct sockaddr *serv_addr,
 		goto done;
 	}
 
-	fdset = (fd_set *)xcalloc(howmany(sockfd + 1, NFDBITS),
+	fdset = xcalloc(howmany(sockfd + 1, NFDBITS),
 	    sizeof(fd_mask));
 	FD_SET(sockfd, fdset);
 	ms_to_timeval(&tv, *timeoutp);
diff --git a/crypto/openssh/sshconnect2.c b/crypto/openssh/sshconnect2.c
index fcaed6b..7751031 100644
--- a/crypto/openssh/sshconnect2.c
+++ b/crypto/openssh/sshconnect2.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshconnect2.c,v 1.224 2015/05/04 06:10:48 djm Exp $ */
+/* $OpenBSD: sshconnect2.c,v 1.226 2015/07/30 00:01:34 djm Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  * Copyright (c) 2008 Damien Miller.  All rights reserved.
@@ -163,18 +163,12 @@ ssh_kex2(char *host, struct sockaddr *hostaddr, u_short port)
 	xxx_host = host;
 	xxx_hostaddr = hostaddr;
 
-	if (options.ciphers == (char *)-1) {
-		logit("No valid ciphers for protocol version 2 given, using defaults.");
-		options.ciphers = NULL;
-	}
-	if (options.ciphers != NULL) {
-		myproposal[PROPOSAL_ENC_ALGS_CTOS] =
-		myproposal[PROPOSAL_ENC_ALGS_STOC] = options.ciphers;
-	}
+	myproposal[PROPOSAL_KEX_ALGS] = compat_kex_proposal(
+	    options.kex_algorithms);
 	myproposal[PROPOSAL_ENC_ALGS_CTOS] =
-	    compat_cipher_proposal(myproposal[PROPOSAL_ENC_ALGS_CTOS]);
+	    compat_cipher_proposal(options.ciphers);
 	myproposal[PROPOSAL_ENC_ALGS_STOC] =
-	    compat_cipher_proposal(myproposal[PROPOSAL_ENC_ALGS_STOC]);
+	    compat_cipher_proposal(options.ciphers);
 	if (options.compression) {
 		myproposal[PROPOSAL_COMP_ALGS_CTOS] =
 		myproposal[PROPOSAL_COMP_ALGS_STOC] = "zlib@openssh.com,zlib,none";
@@ -182,23 +176,22 @@ ssh_kex2(char *host, struct sockaddr *hostaddr, u_short port)
 		myproposal[PROPOSAL_COMP_ALGS_CTOS] =
 		myproposal[PROPOSAL_COMP_ALGS_STOC] = "none,zlib@openssh.com,zlib";
 	}
-	if (options.macs != NULL) {
-		myproposal[PROPOSAL_MAC_ALGS_CTOS] =
-		myproposal[PROPOSAL_MAC_ALGS_STOC] = options.macs;
-	}
-	if (options.hostkeyalgorithms != NULL)
+	myproposal[PROPOSAL_MAC_ALGS_CTOS] =
+	    myproposal[PROPOSAL_MAC_ALGS_STOC] = options.macs;
+	if (options.hostkeyalgorithms != NULL) {
+		if (kex_assemble_names(KEX_DEFAULT_PK_ALG,
+		    &options.hostkeyalgorithms) != 0)
+			fatal("%s: kex_assemble_namelist", __func__);
 		myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] =
 		    compat_pkalg_proposal(options.hostkeyalgorithms);
-	else {
+	} else {
+		/* Enforce default */
+		options.hostkeyalgorithms = xstrdup(KEX_DEFAULT_PK_ALG);
 		/* Prefer algorithms that we already have keys for */
 		myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] =
 		    compat_pkalg_proposal(
 		    order_hostkeyalgs(host, hostaddr, port));
 	}
-	if (options.kex_algorithms != NULL)
-		myproposal[PROPOSAL_KEX_ALGS] = options.kex_algorithms;
-	myproposal[PROPOSAL_KEX_ALGS] = compat_kex_proposal(
-	    myproposal[PROPOSAL_KEX_ALGS]);
 
 	if (options.rekey_limit || options.rekey_interval)
 		packet_set_rekey_limits((u_int32_t)options.rekey_limit,
@@ -1315,6 +1308,26 @@ pubkey_cleanup(Authctxt *authctxt)
 	}
 }
 
+static int
+try_identity(Identity *id)
+{
+	if (!id->key)
+		return (0);
+	if (match_pattern_list(sshkey_ssh_name(id->key),
+	    options.pubkey_key_types, 0) != 1) {
+		debug("Skipping %s key %s for not in PubkeyAcceptedKeyTypes",
+		    sshkey_ssh_name(id->key), id->filename);
+		return (0);
+	}
+	if (key_type_plain(id->key->type) == KEY_RSA &&
+	    (datafellows & SSH_BUG_RSASIGMD5) != 0) {
+		debug("Skipped %s key %s for RSA/MD5 server",
+		    key_type(id->key), id->filename);
+		return (0);
+	}
+	return (id->key->type != KEY_RSA1);
+}
+
 int
 userauth_pubkey(Authctxt *authctxt)
 {
@@ -1333,11 +1346,7 @@ userauth_pubkey(Authctxt *authctxt)
 		 * private key instead
 		 */
 		if (id->key != NULL) {
-			if (key_type_plain(id->key->type) == KEY_RSA &&
-			    (datafellows & SSH_BUG_RSASIGMD5) != 0) {
-				debug("Skipped %s key %s for RSA/MD5 server",
-				    key_type(id->key), id->filename);
-			} else if (id->key->type != KEY_RSA1) {
+			if (try_identity(id)) {
 				debug("Offering %s public key: %s",
 				    key_type(id->key), id->filename);
 				sent = send_pubkey_test(authctxt, id);
@@ -1347,13 +1356,8 @@ userauth_pubkey(Authctxt *authctxt)
 			id->key = load_identity_file(id->filename,
 			    id->userprovided);
 			if (id->key != NULL) {
-				id->isprivate = 1;
-				if (key_type_plain(id->key->type) == KEY_RSA &&
-				    (datafellows & SSH_BUG_RSASIGMD5) != 0) {
-					debug("Skipped %s key %s for RSA/MD5 "
-					    "server", key_type(id->key),
-					    id->filename);
-				} else {
+				if (try_identity(id)) {
+					id->isprivate = 1;
 					sent = sign_and_send_pubkey(
 					    authctxt, id);
 				}
diff --git a/crypto/openssh/sshd.0 b/crypto/openssh/sshd.0
deleted file mode 100644
index 616ae32..0000000
--- a/crypto/openssh/sshd.0
+++ /dev/null
@@ -1,641 +0,0 @@
-SSHD(8)                     System Manager's Manual                    SSHD(8)
-
-NAME
-     sshd M-bM-^@M-^S OpenSSH SSH daemon
-
-SYNOPSIS
-     sshd [-46DdeiqTt] [-b bits] [-C connection_spec]
-          [-c host_certificate_file] [-E log_file] [-f config_file]
-          [-g login_grace_time] [-h host_key_file] [-k key_gen_time]
-          [-o option] [-p port] [-u len]
-
-DESCRIPTION
-     sshd (OpenSSH Daemon) is the daemon program for ssh(1).  Together these
-     programs replace rlogin and rsh, and provide secure encrypted
-     communications between two untrusted hosts over an insecure network.
-
-     sshd listens for connections from clients.  It is normally started at
-     boot from /etc/rc.  It forks a new daemon for each incoming connection.
-     The forked daemons handle key exchange, encryption, authentication,
-     command execution, and data exchange.
-
-     sshd can be configured using command-line options or a configuration file
-     (by default sshd_config(5)); command-line options override values
-     specified in the configuration file.  sshd rereads its configuration file
-     when it receives a hangup signal, SIGHUP, by executing itself with the
-     name and options it was started with, e.g. /usr/sbin/sshd.
-
-     The options are as follows:
-
-     -4      Forces sshd to use IPv4 addresses only.
-
-     -6      Forces sshd to use IPv6 addresses only.
-
-     -b bits
-             Specifies the number of bits in the ephemeral protocol version 1
-             server key (default 1024).
-
-     -C connection_spec
-             Specify the connection parameters to use for the -T extended test
-             mode.  If provided, any Match directives in the configuration
-             file that would apply to the specified user, host, and address
-             will be set before the configuration is written to standard
-             output.  The connection parameters are supplied as keyword=value
-             pairs.  The keywords are M-bM-^@M-^\userM-bM-^@M-^], M-bM-^@M-^\hostM-bM-^@M-^], M-bM-^@M-^\laddrM-bM-^@M-^], M-bM-^@M-^\lportM-bM-^@M-^], and
-             M-bM-^@M-^\addrM-bM-^@M-^].  All are required and may be supplied in any order,
-             either with multiple -C options or as a comma-separated list.
-
-     -c host_certificate_file
-             Specifies a path to a certificate file to identify sshd during
-             key exchange.  The certificate file must match a host key file
-             specified using the -h option or the HostKey configuration
-             directive.
-
-     -D      When this option is specified, sshd will not detach and does not
-             become a daemon.  This allows easy monitoring of sshd.
-
-     -d      Debug mode.  The server sends verbose debug output to standard
-             error, and does not put itself in the background.  The server
-             also will not fork and will only process one connection.  This
-             option is only intended for debugging for the server.  Multiple
-             -d options increase the debugging level.  Maximum is 3.
-
-     -E log_file
-             Append debug logs to log_file instead of the system log.
-
-     -e      Write debug logs to standard error instead of the system log.
-
-     -f config_file
-             Specifies the name of the configuration file.  The default is
-             /etc/ssh/sshd_config.  sshd refuses to start if there is no
-             configuration file.
-
-     -g login_grace_time
-             Gives the grace time for clients to authenticate themselves
-             (default 120 seconds).  If the client fails to authenticate the
-             user within this many seconds, the server disconnects and exits.
-             A value of zero indicates no limit.
-
-     -h host_key_file
-             Specifies a file from which a host key is read.  This option must
-             be given if sshd is not run as root (as the normal host key files
-             are normally not readable by anyone but root).  The default is
-             /etc/ssh/ssh_host_key for protocol version 1, and
-             /etc/ssh/ssh_host_dsa_key, /etc/ssh/ssh_host_ecdsa_key.
-             /etc/ssh/ssh_host_ed25519_key and /etc/ssh/ssh_host_rsa_key for
-             protocol version 2.  It is possible to have multiple host key
-             files for the different protocol versions and host key
-             algorithms.
-
-     -i      Specifies that sshd is being run from inetd(8).  sshd is normally
-             not run from inetd because it needs to generate the server key
-             before it can respond to the client, and this may take tens of
-             seconds.  Clients would have to wait too long if the key was
-             regenerated every time.  However, with small key sizes (e.g. 512)
-             using sshd from inetd may be feasible.
-
-     -k key_gen_time
-             Specifies how often the ephemeral protocol version 1 server key
-             is regenerated (default 3600 seconds, or one hour).  The
-             motivation for regenerating the key fairly often is that the key
-             is not stored anywhere, and after about an hour it becomes
-             impossible to recover the key for decrypting intercepted
-             communications even if the machine is cracked into or physically
-             seized.  A value of zero indicates that the key will never be
-             regenerated.
-
-     -o option
-             Can be used to give options in the format used in the
-             configuration file.  This is useful for specifying options for
-             which there is no separate command-line flag.  For full details
-             of the options, and their values, see sshd_config(5).
-
-     -p port
-             Specifies the port on which the server listens for connections
-             (default 22).  Multiple port options are permitted.  Ports
-             specified in the configuration file with the Port option are
-             ignored when a command-line port is specified.  Ports specified
-             using the ListenAddress option override command-line ports.
-
-     -q      Quiet mode.  Nothing is sent to the system log.  Normally the
-             beginning, authentication, and termination of each connection is
-             logged.
-
-     -T      Extended test mode.  Check the validity of the configuration
-             file, output the effective configuration to stdout and then exit.
-             Optionally, Match rules may be applied by specifying the
-             connection parameters using one or more -C options.
-
-     -t      Test mode.  Only check the validity of the configuration file and
-             sanity of the keys.  This is useful for updating sshd reliably as
-             configuration options may change.
-
-     -u len  This option is used to specify the size of the field in the utmp
-             structure that holds the remote host name.  If the resolved host
-             name is longer than len, the dotted decimal value will be used
-             instead.  This allows hosts with very long host names that
-             overflow this field to still be uniquely identified.  Specifying
-             -u0 indicates that only dotted decimal addresses should be put
-             into the utmp file.  -u0 may also be used to prevent sshd from
-             making DNS requests unless the authentication mechanism or
-             configuration requires it.  Authentication mechanisms that may
-             require DNS include RhostsRSAAuthentication,
-             HostbasedAuthentication, and using a from="pattern-list" option
-             in a key file.  Configuration options that require DNS include
-             using a USER@HOST pattern in AllowUsers or DenyUsers.
-
-AUTHENTICATION
-     The OpenSSH SSH daemon supports SSH protocols 1 and 2.  The default is to
-     use protocol 2 only, though this can be changed via the Protocol option
-     in sshd_config(5).  Protocol 2 supports DSA, ECDSA, Ed25519 and RSA keys;
-     protocol 1 only supports RSA keys.  For both protocols, each host has a
-     host-specific key, normally 2048 bits, used to identify the host.
-
-     Forward security for protocol 1 is provided through an additional server
-     key, normally 768 bits, generated when the server starts.  This key is
-     normally regenerated every hour if it has been used, and is never stored
-     on disk.  Whenever a client connects, the daemon responds with its public
-     host and server keys.  The client compares the RSA host key against its
-     own database to verify that it has not changed.  The client then
-     generates a 256-bit random number.  It encrypts this random number using
-     both the host key and the server key, and sends the encrypted number to
-     the server.  Both sides then use this random number as a session key
-     which is used to encrypt all further communications in the session.  The
-     rest of the session is encrypted using a conventional cipher, currently
-     Blowfish or 3DES, with 3DES being used by default.  The client selects
-     the encryption algorithm to use from those offered by the server.
-
-     For protocol 2, forward security is provided through a Diffie-Hellman key
-     agreement.  This key agreement results in a shared session key.  The rest
-     of the session is encrypted using a symmetric cipher, currently 128-bit
-     AES, Blowfish, 3DES, CAST128, Arcfour, 192-bit AES, or 256-bit AES.  The
-     client selects the encryption algorithm to use from those offered by the
-     server.  Additionally, session integrity is provided through a
-     cryptographic message authentication code (hmac-md5, hmac-sha1, umac-64,
-     umac-128, hmac-ripemd160, hmac-sha2-256 or hmac-sha2-512).
-
-     Finally, the server and the client enter an authentication dialog.  The
-     client tries to authenticate itself using host-based authentication,
-     public key authentication, challenge-response authentication, or password
-     authentication.
-
-     Regardless of the authentication type, the account is checked to ensure
-     that it is accessible.  An account is not accessible if it is locked,
-     listed in DenyUsers or its group is listed in DenyGroups .  The
-     definition of a locked account is system dependant. Some platforms have
-     their own account database (eg AIX) and some modify the passwd field (
-     M-bM-^@M-^X*LK*M-bM-^@M-^Y on Solaris and UnixWare, M-bM-^@M-^X*M-bM-^@M-^Y on HP-UX, containing M-bM-^@M-^XNologinM-bM-^@M-^Y on
-     Tru64, a leading M-bM-^@M-^X*LOCKED*M-bM-^@M-^Y on FreeBSD and a leading M-bM-^@M-^X!M-bM-^@M-^Y on most
-     Linuxes).  If there is a requirement to disable password authentication
-     for the account while allowing still public-key, then the passwd field
-     should be set to something other than these values (eg M-bM-^@M-^XNPM-bM-^@M-^Y or M-bM-^@M-^X*NP*M-bM-^@M-^Y ).
-
-     If the client successfully authenticates itself, a dialog for preparing
-     the session is entered.  At this time the client may request things like
-     allocating a pseudo-tty, forwarding X11 connections, forwarding TCP
-     connections, or forwarding the authentication agent connection over the
-     secure channel.
-
-     After this, the client either requests a shell or execution of a command.
-     The sides then enter session mode.  In this mode, either side may send
-     data at any time, and such data is forwarded to/from the shell or command
-     on the server side, and the user terminal in the client side.
-
-     When the user program terminates and all forwarded X11 and other
-     connections have been closed, the server sends command exit status to the
-     client, and both sides exit.
-
-LOGIN PROCESS
-     When a user successfully logs in, sshd does the following:
-
-           1.   If the login is on a tty, and no command has been specified,
-                prints last login time and /etc/motd (unless prevented in the
-                configuration file or by ~/.hushlogin; see the FILES section).
-
-           2.   If the login is on a tty, records login time.
-
-           3.   Checks /etc/nologin; if it exists, prints contents and quits
-                (unless root).
-
-           4.   Changes to run with normal user privileges.
-
-           5.   Sets up basic environment.
-
-           6.   Reads the file ~/.ssh/environment, if it exists, and users are
-                allowed to change their environment.  See the
-                PermitUserEnvironment option in sshd_config(5).
-
-           7.   Changes to user's home directory.
-
-           8.   If ~/.ssh/rc exists and the sshd_config(5) PermitUserRC option
-                is set, runs it; else if /etc/ssh/sshrc exists, runs it;
-                otherwise runs xauth.  The M-bM-^@M-^\rcM-bM-^@M-^] files are given the X11
-                authentication protocol and cookie in standard input.  See
-                SSHRC, below.
-
-           9.   Runs user's shell or command.  All commands are run under the
-                user's login shell as specified in the system password
-                database.
-
-SSHRC
-     If the file ~/.ssh/rc exists, sh(1) runs it after reading the environment
-     files but before starting the user's shell or command.  It must not
-     produce any output on stdout; stderr must be used instead.  If X11
-     forwarding is in use, it will receive the "proto cookie" pair in its
-     standard input (and DISPLAY in its environment).  The script must call
-     xauth(1) because sshd will not run xauth automatically to add X11
-     cookies.
-
-     The primary purpose of this file is to run any initialization routines
-     which may be needed before the user's home directory becomes accessible;
-     AFS is a particular example of such an environment.
-
-     This file will probably contain some initialization code followed by
-     something similar to:
-
-        if read proto cookie && [ -n "$DISPLAY" ]; then
-                if [ `echo $DISPLAY | cut -c1-10` = 'localhost:' ]; then
-                        # X11UseLocalhost=yes
-                        echo add unix:`echo $DISPLAY |
-                            cut -c11-` $proto $cookie
-                else
-                        # X11UseLocalhost=no
-                        echo add $DISPLAY $proto $cookie
-                fi | xauth -q -
-        fi
-
-     If this file does not exist, /etc/ssh/sshrc is run, and if that does not
-     exist either, xauth is used to add the cookie.
-
-AUTHORIZED_KEYS FILE FORMAT
-     AuthorizedKeysFile specifies the files containing public keys for public
-     key authentication; if none is specified, the default is
-     ~/.ssh/authorized_keys and ~/.ssh/authorized_keys2.  Each line of the
-     file contains one key (empty lines and lines starting with a M-bM-^@M-^X#M-bM-^@M-^Y are
-     ignored as comments).  Protocol 1 public keys consist of the following
-     space-separated fields: options, bits, exponent, modulus, comment.
-     Protocol 2 public key consist of: options, keytype, base64-encoded key,
-     comment.  The options field is optional; its presence is determined by
-     whether the line starts with a number or not (the options field never
-     starts with a number).  The bits, exponent, modulus, and comment fields
-     give the RSA key for protocol version 1; the comment field is not used
-     for anything (but may be convenient for the user to identify the key).
-     For protocol version 2 the keytype is M-bM-^@M-^\ecdsa-sha2-nistp256M-bM-^@M-^],
-     M-bM-^@M-^\ecdsa-sha2-nistp384M-bM-^@M-^], M-bM-^@M-^\ecdsa-sha2-nistp521M-bM-^@M-^], M-bM-^@M-^\ssh-ed25519M-bM-^@M-^], M-bM-^@M-^\ssh-dssM-bM-^@M-^] or
-     M-bM-^@M-^\ssh-rsaM-bM-^@M-^].
-
-     Note that lines in this file are usually several hundred bytes long
-     (because of the size of the public key encoding) up to a limit of 8
-     kilobytes, which permits DSA keys up to 8 kilobits and RSA keys up to 16
-     kilobits.  You don't want to type them in; instead, copy the
-     identity.pub, id_dsa.pub, id_ecdsa.pub, id_ed25519.pub, or the id_rsa.pub
-     file and edit it.
-
-     sshd enforces a minimum RSA key modulus size for protocol 1 and protocol
-     2 keys of 768 bits.
-
-     The options (if present) consist of comma-separated option
-     specifications.  No spaces are permitted, except within double quotes.
-     The following option specifications are supported (note that option
-     keywords are case-insensitive):
-
-     cert-authority
-             Specifies that the listed key is a certification authority (CA)
-             that is trusted to validate signed certificates for user
-             authentication.
-
-             Certificates may encode access restrictions similar to these key
-             options.  If both certificate restrictions and key options are
-             present, the most restrictive union of the two is applied.
-
-     command="command"
-             Specifies that the command is executed whenever this key is used
-             for authentication.  The command supplied by the user (if any) is
-             ignored.  The command is run on a pty if the client requests a
-             pty; otherwise it is run without a tty.  If an 8-bit clean
-             channel is required, one must not request a pty or should specify
-             no-pty.  A quote may be included in the command by quoting it
-             with a backslash.  This option might be useful to restrict
-             certain public keys to perform just a specific operation.  An
-             example might be a key that permits remote backups but nothing
-             else.  Note that the client may specify TCP and/or X11 forwarding
-             unless they are explicitly prohibited.  The command originally
-             supplied by the client is available in the SSH_ORIGINAL_COMMAND
-             environment variable.  Note that this option applies to shell,
-             command or subsystem execution.  Also note that this command may
-             be superseded by either a sshd_config(5) ForceCommand directive
-             or a command embedded in a certificate.
-
-     environment="NAME=value"
-             Specifies that the string is to be added to the environment when
-             logging in using this key.  Environment variables set this way
-             override other default environment values.  Multiple options of
-             this type are permitted.  Environment processing is disabled by
-             default and is controlled via the PermitUserEnvironment option.
-             This option is automatically disabled if UseLogin is enabled.
-
-     from="pattern-list"
-             Specifies that in addition to public key authentication, either
-             the canonical name of the remote host or its IP address must be
-             present in the comma-separated list of patterns.  See PATTERNS in
-             ssh_config(5) for more information on patterns.
-
-             In addition to the wildcard matching that may be applied to
-             hostnames or addresses, a from stanza may match IP addresses
-             using CIDR address/masklen notation.
-
-             The purpose of this option is to optionally increase security:
-             public key authentication by itself does not trust the network or
-             name servers or anything (but the key); however, if somebody
-             somehow steals the key, the key permits an intruder to log in
-             from anywhere in the world.  This additional option makes using a
-             stolen key more difficult (name servers and/or routers would have
-             to be compromised in addition to just the key).
-
-     no-agent-forwarding
-             Forbids authentication agent forwarding when this key is used for
-             authentication.
-
-     no-port-forwarding
-             Forbids TCP forwarding when this key is used for authentication.
-             Any port forward requests by the client will return an error.
-             This might be used, e.g. in connection with the command option.
-
-     no-pty  Prevents tty allocation (a request to allocate a pty will fail).
-
-     no-user-rc
-             Disables execution of ~/.ssh/rc.
-
-     no-X11-forwarding
-             Forbids X11 forwarding when this key is used for authentication.
-             Any X11 forward requests by the client will return an error.
-
-     permitopen="host:port"
-             Limit local port forwarding with ssh(1) -L such that it may only
-             connect to the specified host and port.  IPv6 addresses can be
-             specified by enclosing the address in square brackets.  Multiple
-             permitopen options may be applied separated by commas.  No
-             pattern matching is performed on the specified hostnames, they
-             must be literal domains or addresses.  A port specification of *
-             matches any port.
-
-     principals="principals"
-             On a cert-authority line, specifies allowed principals for
-             certificate authentication as a comma-separated list.  At least
-             one name from the list must appear in the certificate's list of
-             principals for the certificate to be accepted.  This option is
-             ignored for keys that are not marked as trusted certificate
-             signers using the cert-authority option.
-
-     tunnel="n"
-             Force a tun(4) device on the server.  Without this option, the
-             next available device will be used if the client requests a
-             tunnel.
-
-     An example authorized_keys file:
-
-        # Comments allowed at start of line
-        ssh-rsa AAAAB3Nza...LiPk== user@example.net
-        from="*.sales.example.net,!pc.sales.example.net" ssh-rsa
-        AAAAB2...19Q== john@example.net
-        command="dump /home",no-pty,no-port-forwarding ssh-dss
-        AAAAC3...51R== example.net
-        permitopen="192.0.2.1:80",permitopen="192.0.2.2:25" ssh-dss
-        AAAAB5...21S==
-        tunnel="0",command="sh /etc/netstart tun0" ssh-rsa AAAA...==
-        jane@example.net
-
-SSH_KNOWN_HOSTS FILE FORMAT
-     The /etc/ssh/ssh_known_hosts and ~/.ssh/known_hosts files contain host
-     public keys for all known hosts.  The global file should be prepared by
-     the administrator (optional), and the per-user file is maintained
-     automatically: whenever the user connects from an unknown host, its key
-     is added to the per-user file.
-
-     Each line in these files contains the following fields: markers
-     (optional), hostnames, bits, exponent, modulus, comment.  The fields are
-     separated by spaces.
-
-     The marker is optional, but if it is present then it must be one of
-     M-bM-^@M-^\@cert-authorityM-bM-^@M-^], to indicate that the line contains a certification
-     authority (CA) key, or M-bM-^@M-^\@revokedM-bM-^@M-^], to indicate that the key contained on
-     the line is revoked and must not ever be accepted.  Only one marker
-     should be used on a key line.
-
-     Hostnames is a comma-separated list of patterns (M-bM-^@M-^X*M-bM-^@M-^Y and M-bM-^@M-^X?M-bM-^@M-^Y act as
-     wildcards); each pattern in turn is matched against the canonical host
-     name (when authenticating a client) or against the user-supplied name
-     (when authenticating a server).  A pattern may also be preceded by M-bM-^@M-^X!M-bM-^@M-^Y to
-     indicate negation: if the host name matches a negated pattern, it is not
-     accepted (by that line) even if it matched another pattern on the line.
-     A hostname or address may optionally be enclosed within M-bM-^@M-^X[M-bM-^@M-^Y and M-bM-^@M-^X]M-bM-^@M-^Y
-     brackets then followed by M-bM-^@M-^X:M-bM-^@M-^Y and a non-standard port number.
-
-     Alternately, hostnames may be stored in a hashed form which hides host
-     names and addresses should the file's contents be disclosed.  Hashed
-     hostnames start with a M-bM-^@M-^X|M-bM-^@M-^Y character.  Only one hashed hostname may
-     appear on a single line and none of the above negation or wildcard
-     operators may be applied.
-
-     Bits, exponent, and modulus are taken directly from the RSA host key;
-     they can be obtained, for example, from /etc/ssh/ssh_host_key.pub.  The
-     optional comment field continues to the end of the line, and is not used.
-
-     Lines starting with M-bM-^@M-^X#M-bM-^@M-^Y and empty lines are ignored as comments.
-
-     When performing host authentication, authentication is accepted if any
-     matching line has the proper key; either one that matches exactly or, if
-     the server has presented a certificate for authentication, the key of the
-     certification authority that signed the certificate.  For a key to be
-     trusted as a certification authority, it must use the M-bM-^@M-^\@cert-authorityM-bM-^@M-^]
-     marker described above.
-
-     The known hosts file also provides a facility to mark keys as revoked,
-     for example when it is known that the associated private key has been
-     stolen.  Revoked keys are specified by including the M-bM-^@M-^\@revokedM-bM-^@M-^] marker at
-     the beginning of the key line, and are never accepted for authentication
-     or as certification authorities, but instead will produce a warning from
-     ssh(1) when they are encountered.
-
-     It is permissible (but not recommended) to have several lines or
-     different host keys for the same names.  This will inevitably happen when
-     short forms of host names from different domains are put in the file.  It
-     is possible that the files contain conflicting information;
-     authentication is accepted if valid information can be found from either
-     file.
-
-     Note that the lines in these files are typically hundreds of characters
-     long, and you definitely don't want to type in the host keys by hand.
-     Rather, generate them by a script, ssh-keyscan(1) or by taking
-     /etc/ssh/ssh_host_key.pub and adding the host names at the front.
-     ssh-keygen(1) also offers some basic automated editing for
-     ~/.ssh/known_hosts including removing hosts matching a host name and
-     converting all host names to their hashed representations.
-
-     An example ssh_known_hosts file:
-
-        # Comments allowed at start of line
-        closenet,...,192.0.2.53 1024 37 159...93 closenet.example.net
-        cvs.example.net,192.0.2.10 ssh-rsa AAAA1234.....=
-        # A hashed hostname
-        |1|JfKTdBh7rNbXkVAQCRp4OQoPfmI=|USECr3SWf1JUPsms5AqfD5QfxkM= ssh-rsa
-        AAAA1234.....=
-        # A revoked key
-        @revoked * ssh-rsa AAAAB5W...
-        # A CA key, accepted for any host in *.mydomain.com or *.mydomain.org
-        @cert-authority *.mydomain.org,*.mydomain.com ssh-rsa AAAAB5W...
-
-FILES
-     ~/.hushlogin
-             This file is used to suppress printing the last login time and
-             /etc/motd, if PrintLastLog and PrintMotd, respectively, are
-             enabled.  It does not suppress printing of the banner specified
-             by Banner.
-
-     ~/.rhosts
-             This file is used for host-based authentication (see ssh(1) for
-             more information).  On some machines this file may need to be
-             world-readable if the user's home directory is on an NFS
-             partition, because sshd reads it as root.  Additionally, this
-             file must be owned by the user, and must not have write
-             permissions for anyone else.  The recommended permission for most
-             machines is read/write for the user, and not accessible by
-             others.
-
-     ~/.shosts
-             This file is used in exactly the same way as .rhosts, but allows
-             host-based authentication without permitting login with
-             rlogin/rsh.
-
-     ~/.ssh/
-             This directory is the default location for all user-specific
-             configuration and authentication information.  There is no
-             general requirement to keep the entire contents of this directory
-             secret, but the recommended permissions are read/write/execute
-             for the user, and not accessible by others.
-
-     ~/.ssh/authorized_keys
-             Lists the public keys (DSA, ECDSA, Ed25519, RSA) that can be used
-             for logging in as this user.  The format of this file is
-             described above.  The content of the file is not highly
-             sensitive, but the recommended permissions are read/write for the
-             user, and not accessible by others.
-
-             If this file, the ~/.ssh directory, or the user's home directory
-             are writable by other users, then the file could be modified or
-             replaced by unauthorized users.  In this case, sshd will not
-             allow it to be used unless the StrictModes option has been set to
-             M-bM-^@M-^\noM-bM-^@M-^].
-
-     ~/.ssh/environment
-             This file is read into the environment at login (if it exists).
-             It can only contain empty lines, comment lines (that start with
-             M-bM-^@M-^X#M-bM-^@M-^Y), and assignment lines of the form name=value.  The file
-             should be writable only by the user; it need not be readable by
-             anyone else.  Environment processing is disabled by default and
-             is controlled via the PermitUserEnvironment option.
-
-     ~/.ssh/known_hosts
-             Contains a list of host keys for all hosts the user has logged
-             into that are not already in the systemwide list of known host
-             keys.  The format of this file is described above.  This file
-             should be writable only by root/the owner and can, but need not
-             be, world-readable.
-
-     ~/.ssh/rc
-             Contains initialization routines to be run before the user's home
-             directory becomes accessible.  This file should be writable only
-             by the user, and need not be readable by anyone else.
-
-     /etc/hosts.allow
-     /etc/hosts.deny
-             Access controls that should be enforced by tcp-wrappers are
-             defined here.  Further details are described in hosts_access(5).
-
-     /etc/hosts.equiv
-             This file is for host-based authentication (see ssh(1)).  It
-             should only be writable by root.
-
-     /etc/moduli
-             Contains Diffie-Hellman groups used for the "Diffie-Hellman Group
-             Exchange".  The file format is described in moduli(5).
-
-     /etc/motd
-             See motd(5).
-
-     /etc/nologin
-             If this file exists, sshd refuses to let anyone except root log
-             in.  The contents of the file are displayed to anyone trying to
-             log in, and non-root connections are refused.  The file should be
-             world-readable.
-
-     /etc/shosts.equiv
-             This file is used in exactly the same way as hosts.equiv, but
-             allows host-based authentication without permitting login with
-             rlogin/rsh.
-
-     /etc/ssh/ssh_host_key
-     /etc/ssh/ssh_host_dsa_key
-     /etc/ssh/ssh_host_ecdsa_key
-     /etc/ssh/ssh_host_ed25519_key
-     /etc/ssh/ssh_host_rsa_key
-             These files contain the private parts of the host keys.  These
-             files should only be owned by root, readable only by root, and
-             not accessible to others.  Note that sshd does not start if these
-             files are group/world-accessible.
-
-     /etc/ssh/ssh_host_key.pub
-     /etc/ssh/ssh_host_dsa_key.pub
-     /etc/ssh/ssh_host_ecdsa_key.pub
-     /etc/ssh/ssh_host_ed25519_key.pub
-     /etc/ssh/ssh_host_rsa_key.pub
-             These files contain the public parts of the host keys.  These
-             files should be world-readable but writable only by root.  Their
-             contents should match the respective private parts.  These files
-             are not really used for anything; they are provided for the
-             convenience of the user so their contents can be copied to known
-             hosts files.  These files are created using ssh-keygen(1).
-
-     /etc/ssh/ssh_known_hosts
-             Systemwide list of known host keys.  This file should be prepared
-             by the system administrator to contain the public host keys of
-             all machines in the organization.  The format of this file is
-             described above.  This file should be writable only by root/the
-             owner and should be world-readable.
-
-     /etc/ssh/sshd_config
-             Contains configuration data for sshd.  The file format and
-             configuration options are described in sshd_config(5).
-
-     /etc/ssh/sshrc
-             Similar to ~/.ssh/rc, it can be used to specify machine-specific
-             login-time initializations globally.  This file should be
-             writable only by root, and should be world-readable.
-
-     /var/empty
-             chroot(2) directory used by sshd during privilege separation in
-             the pre-authentication phase.  The directory should not contain
-             any files and must be owned by root and not group or world-
-             writable.
-
-     /var/run/sshd.pid
-             Contains the process ID of the sshd listening for connections (if
-             there are several daemons running concurrently for different
-             ports, this contains the process ID of the one started last).
-             The content of this file is not sensitive; it can be world-
-             readable.
-
-SEE ALSO
-     scp(1), sftp(1), ssh(1), ssh-add(1), ssh-agent(1), ssh-keygen(1),
-     ssh-keyscan(1), chroot(2), hosts_access(5), login.conf(5), moduli(5),
-     sshd_config(5), inetd(8), sftp-server(8)
-
-AUTHORS
-     OpenSSH is a derivative of the original and free ssh 1.2.12 release by
-     Tatu Ylonen.  Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo
-     de Raadt and Dug Song removed many bugs, re-added newer features and
-     created OpenSSH.  Markus Friedl contributed the support for SSH protocol
-     versions 1.5 and 2.0.  Niels Provos and Markus Friedl contributed support
-     for privilege separation.
-
-OpenBSD 5.7                       May 1, 2015                      OpenBSD 5.7
diff --git a/crypto/openssh/sshd.8 b/crypto/openssh/sshd.8
index c2a4aaa..517ecbd 100644
--- a/crypto/openssh/sshd.8
+++ b/crypto/openssh/sshd.8
@@ -33,9 +33,9 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: sshd.8,v 1.279 2015/05/01 07:11:47 djm Exp $
+.\" $OpenBSD: sshd.8,v 1.280 2015/07/03 03:49:45 djm Exp $
 .\" $FreeBSD$
-.Dd $Mdocdate: May 1 2015 $
+.Dd $Mdocdate: July 3 2015 $
 .Dt SSHD 8
 .Os
 .Sh NAME
@@ -185,15 +185,12 @@ Specifies that
 .Nm
 is being run from
 .Xr inetd 8 .
+If SSH protocol 1 is enabled,
 .Nm
-is normally not run
+should not  normally be run
 from inetd because it needs to generate the server key before it can
-respond to the client, and this may take tens of seconds.
-Clients would have to wait too long if the key was regenerated every time.
-However, with small key sizes (e.g. 512) using
-.Nm
-from inetd may
-be feasible.
+respond to the client, and this may take some time.
+Clients may have to wait too long if the key was regenerated every time.
 .It Fl k Ar key_gen_time
 Specifies how often the ephemeral protocol version 1 server key is
 regenerated (default 3600 seconds, or one hour).
@@ -288,7 +285,7 @@ used to identify the host.
 .Pp
 Forward security for protocol 1 is provided through
 an additional server key,
-normally 768 bits,
+normally 1024 bits,
 generated when the server starts.
 This key is normally regenerated every hour if it has been used, and
 is never stored on disk.
diff --git a/crypto/openssh/sshd.c b/crypto/openssh/sshd.c
index faeb7a6..3db3551 100644
--- a/crypto/openssh/sshd.c
+++ b/crypto/openssh/sshd.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshd.c,v 1.450 2015/05/24 23:39:16 djm Exp $ */
+/* $OpenBSD: sshd.c,v 1.458 2015/08/20 22:32:42 deraadt Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -106,6 +106,7 @@ __RCSID("$FreeBSD$");
 #include "log.h"
 #include "buffer.h"
 #include "misc.h"
+#include "match.h"
 #include "servconf.h"
 #include "uidswap.h"
 #include "compat.h"
@@ -641,6 +642,8 @@ privsep_preauth_child(void)
 	arc4random_buf(rnd, sizeof(rnd));
 #ifdef WITH_OPENSSL
 	RAND_seed(rnd, sizeof(rnd));
+	if ((RAND_bytes((u_char *)rnd, 1)) != 1)
+		fatal("%s: RAND_bytes failed", __func__);
 #endif
 	explicit_bzero(rnd, sizeof(rnd));
 
@@ -784,6 +787,8 @@ privsep_postauth(Authctxt *authctxt)
 	arc4random_buf(rnd, sizeof(rnd));
 #ifdef WITH_OPENSSL
 	RAND_seed(rnd, sizeof(rnd));
+	if ((RAND_bytes((u_char *)rnd, 1)) != 1)
+		fatal("%s: RAND_bytes failed", __func__);
 #endif
 	explicit_bzero(rnd, sizeof(rnd));
 
@@ -815,8 +820,15 @@ list_hostkey_types(void)
 		key = sensitive_data.host_keys[i];
 		if (key == NULL)
 			key = sensitive_data.host_pubkeys[i];
-		if (key == NULL)
+		if (key == NULL || key->type == KEY_RSA1)
+			continue;
+		/* Check that the key is accepted in HostkeyAlgorithms */
+		if (match_pattern_list(sshkey_ssh_name(key),
+		    options.hostkeyalgorithms, 0) != 1) {
+			debug3("%s: %s key not permitted by HostkeyAlgorithms",
+			    __func__, sshkey_ssh_name(key));
 			continue;
+		}
 		switch (key->type) {
 		case KEY_RSA:
 		case KEY_DSA:
@@ -833,8 +845,6 @@ list_hostkey_types(void)
 		if (key == NULL)
 			continue;
 		switch (key->type) {
-		case KEY_RSA_CERT_V00:
-		case KEY_DSA_CERT_V00:
 		case KEY_RSA_CERT:
 		case KEY_DSA_CERT:
 		case KEY_ECDSA_CERT:
@@ -861,8 +871,6 @@ get_hostkey_by_type(int type, int nid, int need_private, struct ssh *ssh)
 
 	for (i = 0; i < options.num_host_key_files; i++) {
 		switch (type) {
-		case KEY_RSA_CERT_V00:
-		case KEY_DSA_CERT_V00:
 		case KEY_RSA_CERT:
 		case KEY_DSA_CERT:
 		case KEY_ECDSA_CERT:
@@ -1272,7 +1280,7 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s)
 			sighup_restart();
 		if (fdset != NULL)
 			free(fdset);
-		fdset = (fd_set *)xcalloc(howmany(maxfd + 1, NFDBITS),
+		fdset = xcalloc(howmany(maxfd + 1, NFDBITS),
 		    sizeof(fd_mask));
 
 		for (i = 0; i < num_listen_socks; i++)
@@ -1455,6 +1463,8 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s)
 			arc4random_buf(rnd, sizeof(rnd));
 #ifdef WITH_OPENSSL
 			RAND_seed(rnd, sizeof(rnd));
+			if ((RAND_bytes((u_char *)rnd, 1)) != 1)
+				fatal("%s: RAND_bytes failed", __func__);
 #endif
 			explicit_bzero(rnd, sizeof(rnd));
 		}
@@ -1901,8 +1911,8 @@ main(int ac, char **av)
 #ifdef WITH_SSH1
 	/* Check certain values for sanity. */
 	if (options.protocol & SSH_PROTO_1) {
-		if (options.server_key_bits < 512 ||
-		    options.server_key_bits > 32768) {
+		if (options.server_key_bits < SSH_RSA_MINIMUM_MODULUS_SIZE ||
+		    options.server_key_bits > OPENSSL_RSA_MAX_MODULUS_BITS) {
 			fprintf(stderr, "Bad server key size.\n");
 			exit(1);
 		}
@@ -2595,9 +2605,7 @@ sshd_hostkey_sign(Key *privkey, Key *pubkey, u_char **signature, size_t *slen,
 	return 0;
 }
 
-/*
- * SSH2 key exchange: diffie-hellman-group1-sha1
- */
+/* SSH2 key exchange */
 static void
 do_ssh2_kex(void)
 {
@@ -2605,19 +2613,15 @@ do_ssh2_kex(void)
 	struct kex *kex;
 	int r;
 
-	if (options.ciphers != NULL) {
-		myproposal[PROPOSAL_ENC_ALGS_CTOS] =
-		myproposal[PROPOSAL_ENC_ALGS_STOC] = options.ciphers;
-	}
-	myproposal[PROPOSAL_ENC_ALGS_CTOS] =
-	    compat_cipher_proposal(myproposal[PROPOSAL_ENC_ALGS_CTOS]);
-	myproposal[PROPOSAL_ENC_ALGS_STOC] =
-	    compat_cipher_proposal(myproposal[PROPOSAL_ENC_ALGS_STOC]);
-
-	if (options.macs != NULL) {
-		myproposal[PROPOSAL_MAC_ALGS_CTOS] =
-		myproposal[PROPOSAL_MAC_ALGS_STOC] = options.macs;
-	}
+	myproposal[PROPOSAL_KEX_ALGS] = compat_kex_proposal(
+	    options.kex_algorithms);
+	myproposal[PROPOSAL_ENC_ALGS_CTOS] = compat_cipher_proposal(
+	    options.ciphers);
+	myproposal[PROPOSAL_ENC_ALGS_STOC] = compat_cipher_proposal(
+	    options.ciphers);
+	myproposal[PROPOSAL_MAC_ALGS_CTOS] =
+	    myproposal[PROPOSAL_MAC_ALGS_STOC] = options.macs;
+
 	if (options.compression == COMP_NONE) {
 		myproposal[PROPOSAL_COMP_ALGS_CTOS] =
 		myproposal[PROPOSAL_COMP_ALGS_STOC] = "none";
@@ -2625,11 +2629,6 @@ do_ssh2_kex(void)
 		myproposal[PROPOSAL_COMP_ALGS_CTOS] =
 		myproposal[PROPOSAL_COMP_ALGS_STOC] = "none,zlib@openssh.com";
 	}
-	if (options.kex_algorithms != NULL)
-		myproposal[PROPOSAL_KEX_ALGS] = options.kex_algorithms;
-
-	myproposal[PROPOSAL_KEX_ALGS] = compat_kex_proposal(
-	    myproposal[PROPOSAL_KEX_ALGS]);
 
 	if (options.rekey_limit || options.rekey_interval)
 		packet_set_rekey_limits((u_int32_t)options.rekey_limit,
diff --git a/crypto/openssh/sshd_config b/crypto/openssh/sshd_config
index 4210b91..694654d 100644
--- a/crypto/openssh/sshd_config
+++ b/crypto/openssh/sshd_config
@@ -1,4 +1,4 @@
-#	$OpenBSD: sshd_config,v 1.95 2015/04/27 21:42:48 djm Exp $
+#	$OpenBSD: sshd_config,v 1.97 2015/08/06 14:53:21 deraadt Exp $
 #	$FreeBSD$
 
 # This is the sshd server system-wide configuration file.  See
@@ -45,7 +45,7 @@
 # Authentication:
 
 #LoginGraceTime 2m
-#PermitRootLogin no
+#PermitRootLogin prohibit-password
 #StrictModes yes
 #MaxAuthTries 6
 #MaxSessions 10
@@ -120,7 +120,7 @@
 #MaxStartups 10:30:100
 #PermitTunnel no
 #ChrootDirectory none
-#VersionAddendum FreeBSD-20160119
+#VersionAddendum FreeBSD-20160121
 
 # no default banner path
 #Banner none
diff --git a/crypto/openssh/sshd_config.0 b/crypto/openssh/sshd_config.0
deleted file mode 100644
index 6410418..0000000
--- a/crypto/openssh/sshd_config.0
+++ /dev/null
@@ -1,995 +0,0 @@
-SSHD_CONFIG(5)                File Formats Manual               SSHD_CONFIG(5)
-
-NAME
-     sshd_config M-bM-^@M-^S OpenSSH SSH daemon configuration file
-
-SYNOPSIS
-     /etc/ssh/sshd_config
-
-DESCRIPTION
-     sshd(8) reads configuration data from /etc/ssh/sshd_config (or the file
-     specified with -f on the command line).  The file contains keyword-
-     argument pairs, one per line.  Lines starting with M-bM-^@M-^X#M-bM-^@M-^Y and empty lines
-     are interpreted as comments.  Arguments may optionally be enclosed in
-     double quotes (") in order to represent arguments containing spaces.
-
-     The possible keywords and their meanings are as follows (note that
-     keywords are case-insensitive and arguments are case-sensitive):
-
-     AcceptEnv
-             Specifies what environment variables sent by the client will be
-             copied into the session's environ(7).  See SendEnv in
-             ssh_config(5) for how to configure the client.  Note that
-             environment passing is only supported for protocol 2, and that
-             the TERM environment variable is always sent whenever the client
-             requests a pseudo-terminal as it is required by the protocol.
-             Variables are specified by name, which may contain the wildcard
-             characters M-bM-^@M-^X*M-bM-^@M-^Y and M-bM-^@M-^X?M-bM-^@M-^Y.  Multiple environment variables may be
-             separated by whitespace or spread across multiple AcceptEnv
-             directives.  Be warned that some environment variables could be
-             used to bypass restricted user environments.  For this reason,
-             care should be taken in the use of this directive.  The default
-             is not to accept any environment variables.
-
-     AddressFamily
-             Specifies which address family should be used by sshd(8).  Valid
-             arguments are M-bM-^@M-^\anyM-bM-^@M-^], M-bM-^@M-^\inetM-bM-^@M-^] (use IPv4 only), or M-bM-^@M-^\inet6M-bM-^@M-^] (use IPv6
-             only).  The default is M-bM-^@M-^\anyM-bM-^@M-^].
-
-     AllowAgentForwarding
-             Specifies whether ssh-agent(1) forwarding is permitted.  The
-             default is M-bM-^@M-^\yesM-bM-^@M-^].  Note that disabling agent forwarding does not
-             improve security unless users are also denied shell access, as
-             they can always install their own forwarders.
-
-     AllowGroups
-             This keyword can be followed by a list of group name patterns,
-             separated by spaces.  If specified, login is allowed only for
-             users whose primary group or supplementary group list matches one
-             of the patterns.  Only group names are valid; a numerical group
-             ID is not recognized.  By default, login is allowed for all
-             groups.  The allow/deny directives are processed in the following
-             order: DenyUsers, AllowUsers, DenyGroups, and finally
-             AllowGroups.
-
-             See PATTERNS in ssh_config(5) for more information on patterns.
-
-     AllowTcpForwarding
-             Specifies whether TCP forwarding is permitted.  The available
-             options are M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\allM-bM-^@M-^] to allow TCP forwarding, M-bM-^@M-^\noM-bM-^@M-^] to
-             prevent all TCP forwarding, M-bM-^@M-^\localM-bM-^@M-^] to allow local (from the
-             perspective of ssh(1)) forwarding only or M-bM-^@M-^\remoteM-bM-^@M-^] to allow
-             remote forwarding only.  The default is M-bM-^@M-^\yesM-bM-^@M-^].  Note that
-             disabling TCP forwarding does not improve security unless users
-             are also denied shell access, as they can always install their
-             own forwarders.
-
-     AllowStreamLocalForwarding
-             Specifies whether StreamLocal (Unix-domain socket) forwarding is
-             permitted.  The available options are M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\allM-bM-^@M-^] to allow
-             StreamLocal forwarding, M-bM-^@M-^\noM-bM-^@M-^] to prevent all StreamLocal
-             forwarding, M-bM-^@M-^\localM-bM-^@M-^] to allow local (from the perspective of
-             ssh(1)) forwarding only or M-bM-^@M-^\remoteM-bM-^@M-^] to allow remote forwarding
-             only.  The default is M-bM-^@M-^\yesM-bM-^@M-^].  Note that disabling StreamLocal
-             forwarding does not improve security unless users are also denied
-             shell access, as they can always install their own forwarders.
-
-     AllowUsers
-             This keyword can be followed by a list of user name patterns,
-             separated by spaces.  If specified, login is allowed only for
-             user names that match one of the patterns.  Only user names are
-             valid; a numerical user ID is not recognized.  By default, login
-             is allowed for all users.  If the pattern takes the form
-             USER@HOST then USER and HOST are separately checked, restricting
-             logins to particular users from particular hosts.  The allow/deny
-             directives are processed in the following order: DenyUsers,
-             AllowUsers, DenyGroups, and finally AllowGroups.
-
-             See PATTERNS in ssh_config(5) for more information on patterns.
-
-     AuthenticationMethods
-             Specifies the authentication methods that must be successfully
-             completed for a user to be granted access.  This option must be
-             followed by one or more comma-separated lists of authentication
-             method names.  Successful authentication requires completion of
-             every method in at least one of these lists.
-
-             For example, an argument of M-bM-^@M-^\publickey,password
-             publickey,keyboard-interactiveM-bM-^@M-^] would require the user to
-             complete public key authentication, followed by either password
-             or keyboard interactive authentication.  Only methods that are
-             next in one or more lists are offered at each stage, so for this
-             example, it would not be possible to attempt password or
-             keyboard-interactive authentication before public key.
-
-             For keyboard interactive authentication it is also possible to
-             restrict authentication to a specific device by appending a colon
-             followed by the device identifier M-bM-^@M-^\bsdauthM-bM-^@M-^], M-bM-^@M-^\pamM-bM-^@M-^], or M-bM-^@M-^\skeyM-bM-^@M-^],
-             depending on the server configuration.  For example,
-             M-bM-^@M-^\keyboard-interactive:bsdauthM-bM-^@M-^] would restrict keyboard
-             interactive authentication to the M-bM-^@M-^\bsdauthM-bM-^@M-^] device.
-
-             If the M-bM-^@M-^\publickeyM-bM-^@M-^] method is listed more than once, sshd(8)
-             verifies that keys that have been used successfully are not
-             reused for subsequent authentications.  For example, an
-             AuthenticationMethods of M-bM-^@M-^\publickey,publickeyM-bM-^@M-^] will require
-             successful authentication using two different public keys.
-
-             This option is only available for SSH protocol 2 and will yield a
-             fatal error if enabled if protocol 1 is also enabled.  Note that
-             each authentication method listed should also be explicitly
-             enabled in the configuration.  The default is not to require
-             multiple authentication; successful completion of a single
-             authentication method is sufficient.
-
-     AuthorizedKeysCommand
-             Specifies a program to be used to look up the user's public keys.
-             The program must be owned by root, not writable by group or
-             others and specified by an absolute path.
-
-             Arguments to AuthorizedKeysCommand may be provided using the
-             following tokens, which will be expanded at runtime: %% is
-             replaced by a literal '%', %u is replaced by the username being
-             authenticated, %h is replaced by the home directory of the user
-             being authenticated, %t is replaced with the key type offered for
-             authentication, %f is replaced with the fingerprint of the key,
-             and %k is replaced with the key being offered for authentication.
-             If no arguments are specified then the username of the target
-             user will be supplied.
-
-             The program should produce on standard output zero or more lines
-             of authorized_keys output (see AUTHORIZED_KEYS in sshd(8)).  If a
-             key supplied by AuthorizedKeysCommand does not successfully
-             authenticate and authorize the user then public key
-             authentication continues using the usual AuthorizedKeysFile
-             files.  By default, no AuthorizedKeysCommand is run.
-
-     AuthorizedKeysCommandUser
-             Specifies the user under whose account the AuthorizedKeysCommand
-             is run.  It is recommended to use a dedicated user that has no
-             other role on the host than running authorized keys commands.  If
-             AuthorizedKeysCommand is specified but AuthorizedKeysCommandUser
-             is not, then sshd(8) will refuse to start.
-
-     AuthorizedKeysFile
-             Specifies the file that contains the public keys that can be used
-             for user authentication.  The format is described in the
-             AUTHORIZED_KEYS FILE FORMAT section of sshd(8).
-             AuthorizedKeysFile may contain tokens of the form %T which are
-             substituted during connection setup.  The following tokens are
-             defined: %% is replaced by a literal '%', %h is replaced by the
-             home directory of the user being authenticated, and %u is
-             replaced by the username of that user.  After expansion,
-             AuthorizedKeysFile is taken to be an absolute path or one
-             relative to the user's home directory.  Multiple files may be
-             listed, separated by whitespace.  The default is
-             M-bM-^@M-^\.ssh/authorized_keys .ssh/authorized_keys2M-bM-^@M-^].
-
-     AuthorizedPrincipalsCommand
-             Specifies a program to be used to generate the list of allowed
-             certificate principals as per AuthorizedPrincipalsFile.  The
-             program must be owned by root, not writable by group or others
-             and specified by an absolute path.
-
-             Arguments to AuthorizedPrincipalsCommand may be provided using
-             the following tokens, which will be expanded at runtime: %% is
-             replaced by a literal '%', %u is replaced by the username being
-             authenticated and %h is replaced by the home directory of the
-             user being authenticated.
-
-             The program should produce on standard output zero or more lines
-             of AuthorizedPrincipalsFile output.  If either
-             AuthorizedPrincipalsCommand or AuthorizedPrincipalsFile is
-             specified, then certificates offered by the client for
-             authentication must contain a principal that is listed.  By
-             default, no AuthorizedPrincipalsCommand is run.
-
-     AuthorizedPrincipalsCommandUser
-             Specifies the user under whose account the
-             AuthorizedPrincipalsCommand is run.  It is recommended to use a
-             dedicated user that has no other role on the host than running
-             authorized principals commands.  If AuthorizedPrincipalsCommand
-             is specified but AuthorizedPrincipalsCommandUser is not, then
-             sshd(8) will refuse to start.
-
-     AuthorizedPrincipalsFile
-             Specifies a file that lists principal names that are accepted for
-             certificate authentication.  When using certificates signed by a
-             key listed in TrustedUserCAKeys, this file lists names, one of
-             which must appear in the certificate for it to be accepted for
-             authentication.  Names are listed one per line preceded by key
-             options (as described in AUTHORIZED_KEYS FILE FORMAT in sshd(8)).
-             Empty lines and comments starting with M-bM-^@M-^X#M-bM-^@M-^Y are ignored.
-
-             AuthorizedPrincipalsFile may contain tokens of the form %T which
-             are substituted during connection setup.  The following tokens
-             are defined: %% is replaced by a literal '%', %h is replaced by
-             the home directory of the user being authenticated, and %u is
-             replaced by the username of that user.  After expansion,
-             AuthorizedPrincipalsFile is taken to be an absolute path or one
-             relative to the user's home directory.
-
-             The default is M-bM-^@M-^\noneM-bM-^@M-^], i.e. not to use a principals file M-bM-^@M-^S in
-             this case, the username of the user must appear in a
-             certificate's principals list for it to be accepted.  Note that
-             AuthorizedPrincipalsFile is only used when authentication
-             proceeds using a CA listed in TrustedUserCAKeys and is not
-             consulted for certification authorities trusted via
-             ~/.ssh/authorized_keys, though the principals= key option offers
-             a similar facility (see sshd(8) for details).
-
-     Banner  The contents of the specified file are sent to the remote user
-             before authentication is allowed.  If the argument is M-bM-^@M-^\noneM-bM-^@M-^] then
-             no banner is displayed.  This option is only available for
-             protocol version 2.  By default, no banner is displayed.
-
-     ChallengeResponseAuthentication
-             Specifies whether challenge-response authentication is allowed
-             (e.g. via PAM or through authentication styles supported in
-             login.conf(5)) The default is M-bM-^@M-^\yesM-bM-^@M-^].
-
-     ChrootDirectory
-             Specifies the pathname of a directory to chroot(2) to after
-             authentication.  At session startup sshd(8) checks that all
-             components of the pathname are root-owned directories which are
-             not writable by any other user or group.  After the chroot,
-             sshd(8) changes the working directory to the user's home
-             directory.
-
-             The pathname may contain the following tokens that are expanded
-             at runtime once the connecting user has been authenticated: %% is
-             replaced by a literal '%', %h is replaced by the home directory
-             of the user being authenticated, and %u is replaced by the
-             username of that user.
-
-             The ChrootDirectory must contain the necessary files and
-             directories to support the user's session.  For an interactive
-             session this requires at least a shell, typically sh(1), and
-             basic /dev nodes such as null(4), zero(4), stdin(4), stdout(4),
-             stderr(4), and tty(4) devices.  For file transfer sessions using
-             M-bM-^@M-^\sftpM-bM-^@M-^], no additional configuration of the environment is
-             necessary if the in-process sftp server is used, though sessions
-             which use logging may require /dev/log inside the chroot
-             directory on some operating systems (see sftp-server(8) for
-             details).
-
-             For safety, it is very important that the directory hierarchy be
-             prevented from modification by other processes on the system
-             (especially those outside the jail).  Misconfiguration can lead
-             to unsafe environments which sshd(8) cannot detect.
-
-             The default is not to chroot(2).
-
-     Ciphers
-             Specifies the ciphers allowed for protocol version 2.  Multiple
-             ciphers must be comma-separated.  The supported ciphers are:
-
-                   3des-cbc
-                   aes128-cbc
-                   aes192-cbc
-                   aes256-cbc
-                   aes128-ctr
-                   aes192-ctr
-                   aes256-ctr
-                   aes128-gcm@openssh.com
-                   aes256-gcm@openssh.com
-                   arcfour
-                   arcfour128
-                   arcfour256
-                   blowfish-cbc
-                   cast128-cbc
-                   chacha20-poly1305@openssh.com
-
-             The default is:
-
-                   aes128-ctr,aes192-ctr,aes256-ctr,
-                   aes128-gcm@openssh.com,aes256-gcm@openssh.com,
-                   chacha20-poly1305@openssh.com
-
-             The list of available ciphers may also be obtained using the -Q
-             option of ssh(1) with an argument of M-bM-^@M-^\cipherM-bM-^@M-^].
-
-     ClientAliveCountMax
-             Sets the number of client alive messages (see below) which may be
-             sent without sshd(8) receiving any messages back from the client.
-             If this threshold is reached while client alive messages are
-             being sent, sshd will disconnect the client, terminating the
-             session.  It is important to note that the use of client alive
-             messages is very different from TCPKeepAlive (below).  The client
-             alive messages are sent through the encrypted channel and
-             therefore will not be spoofable.  The TCP keepalive option
-             enabled by TCPKeepAlive is spoofable.  The client alive mechanism
-             is valuable when the client or server depend on knowing when a
-             connection has become inactive.
-
-             The default value is 3.  If ClientAliveInterval (see below) is
-             set to 15, and ClientAliveCountMax is left at the default,
-             unresponsive SSH clients will be disconnected after approximately
-             45 seconds.  This option applies to protocol version 2 only.
-
-     ClientAliveInterval
-             Sets a timeout interval in seconds after which if no data has
-             been received from the client, sshd(8) will send a message
-             through the encrypted channel to request a response from the
-             client.  The default is 0, indicating that these messages will
-             not be sent to the client.  This option applies to protocol
-             version 2 only.
-
-     Compression
-             Specifies whether compression is allowed, or delayed until the
-             user has authenticated successfully.  The argument must be M-bM-^@M-^\yesM-bM-^@M-^],
-             M-bM-^@M-^\delayedM-bM-^@M-^], or M-bM-^@M-^\noM-bM-^@M-^].  The default is M-bM-^@M-^\delayedM-bM-^@M-^].
-
-     DenyGroups
-             This keyword can be followed by a list of group name patterns,
-             separated by spaces.  Login is disallowed for users whose primary
-             group or supplementary group list matches one of the patterns.
-             Only group names are valid; a numerical group ID is not
-             recognized.  By default, login is allowed for all groups.  The
-             allow/deny directives are processed in the following order:
-             DenyUsers, AllowUsers, DenyGroups, and finally AllowGroups.
-
-             See PATTERNS in ssh_config(5) for more information on patterns.
-
-     DenyUsers
-             This keyword can be followed by a list of user name patterns,
-             separated by spaces.  Login is disallowed for user names that
-             match one of the patterns.  Only user names are valid; a
-             numerical user ID is not recognized.  By default, login is
-             allowed for all users.  If the pattern takes the form USER@HOST
-             then USER and HOST are separately checked, restricting logins to
-             particular users from particular hosts.  The allow/deny
-             directives are processed in the following order: DenyUsers,
-             AllowUsers, DenyGroups, and finally AllowGroups.
-
-             See PATTERNS in ssh_config(5) for more information on patterns.
-
-     FingerprintHash
-             Specifies the hash algorithm used when logging key fingerprints.
-             Valid options are: M-bM-^@M-^\md5M-bM-^@M-^] and M-bM-^@M-^\sha256M-bM-^@M-^].  The default is M-bM-^@M-^\sha256M-bM-^@M-^].
-
-     ForceCommand
-             Forces the execution of the command specified by ForceCommand,
-             ignoring any command supplied by the client and ~/.ssh/rc if
-             present.  The command is invoked by using the user's login shell
-             with the -c option.  This applies to shell, command, or subsystem
-             execution.  It is most useful inside a Match block.  The command
-             originally supplied by the client is available in the
-             SSH_ORIGINAL_COMMAND environment variable.  Specifying a command
-             of M-bM-^@M-^\internal-sftpM-bM-^@M-^] will force the use of an in-process sftp
-             server that requires no support files when used with
-             ChrootDirectory.
-
-     GatewayPorts
-             Specifies whether remote hosts are allowed to connect to ports
-             forwarded for the client.  By default, sshd(8) binds remote port
-             forwardings to the loopback address.  This prevents other remote
-             hosts from connecting to forwarded ports.  GatewayPorts can be
-             used to specify that sshd should allow remote port forwardings to
-             bind to non-loopback addresses, thus allowing other hosts to
-             connect.  The argument may be M-bM-^@M-^\noM-bM-^@M-^] to force remote port
-             forwardings to be available to the local host only, M-bM-^@M-^\yesM-bM-^@M-^] to
-             force remote port forwardings to bind to the wildcard address, or
-             M-bM-^@M-^\clientspecifiedM-bM-^@M-^] to allow the client to select the address to
-             which the forwarding is bound.  The default is M-bM-^@M-^\noM-bM-^@M-^].
-
-     GSSAPIAuthentication
-             Specifies whether user authentication based on GSSAPI is allowed.
-             The default is M-bM-^@M-^\noM-bM-^@M-^].  Note that this option applies to protocol
-             version 2 only.
-
-     GSSAPICleanupCredentials
-             Specifies whether to automatically destroy the user's credentials
-             cache on logout.  The default is M-bM-^@M-^\yesM-bM-^@M-^].  Note that this option
-             applies to protocol version 2 only.
-
-     GSSAPIStrictAcceptorCheck
-             Determines whether to be strict about the identity of the GSSAPI
-             acceptor a client authenticates against.  If set to M-bM-^@M-^\yesM-bM-^@M-^] then
-             the client must authenticate against the host service on the
-             current hostname.  If set to M-bM-^@M-^\noM-bM-^@M-^] then the client may
-             authenticate against any service key stored in the machine's
-             default store.  This facility is provided to assist with
-             operation on multi homed machines.  The default is M-bM-^@M-^\yesM-bM-^@M-^].
-
-     HostbasedAcceptedKeyTypes
-             Specifies the key types that will be accepted for hostbased
-             authentication as a comma-separated pattern list.  The default
-             M-bM-^@M-^\*M-bM-^@M-^] will allow all key types.  The -Q option of ssh(1) may be
-             used to list supported key types.
-
-     HostbasedAuthentication
-             Specifies whether rhosts or /etc/hosts.equiv authentication
-             together with successful public key client host authentication is
-             allowed (host-based authentication).  This option is similar to
-             RhostsRSAAuthentication and applies to protocol version 2 only.
-             The default is M-bM-^@M-^\noM-bM-^@M-^].
-
-     HostbasedUsesNameFromPacketOnly
-             Specifies whether or not the server will attempt to perform a
-             reverse name lookup when matching the name in the ~/.shosts,
-             ~/.rhosts, and /etc/hosts.equiv files during
-             HostbasedAuthentication.  A setting of M-bM-^@M-^\yesM-bM-^@M-^] means that sshd(8)
-             uses the name supplied by the client rather than attempting to
-             resolve the name from the TCP connection itself.  The default is
-             M-bM-^@M-^\noM-bM-^@M-^].
-
-     HostCertificate
-             Specifies a file containing a public host certificate.  The
-             certificate's public key must match a private host key already
-             specified by HostKey.  The default behaviour of sshd(8) is not to
-             load any certificates.
-
-     HostKey
-             Specifies a file containing a private host key used by SSH.  The
-             default is /etc/ssh/ssh_host_key for protocol version 1, and
-             /etc/ssh/ssh_host_dsa_key, /etc/ssh/ssh_host_ecdsa_key,
-             /etc/ssh/ssh_host_ed25519_key and /etc/ssh/ssh_host_rsa_key for
-             protocol version 2.  Note that sshd(8) will refuse to use a file
-             if it is group/world-accessible.  It is possible to have multiple
-             host key files.  M-bM-^@M-^\rsa1M-bM-^@M-^] keys are used for version 1 and M-bM-^@M-^\dsaM-bM-^@M-^],
-             M-bM-^@M-^\ecdsaM-bM-^@M-^], M-bM-^@M-^\ed25519M-bM-^@M-^] or M-bM-^@M-^\rsaM-bM-^@M-^] are used for version 2 of the SSH
-             protocol.  It is also possible to specify public host key files
-             instead.  In this case operations on the private key will be
-             delegated to an ssh-agent(1).
-
-     HostKeyAgent
-             Identifies the UNIX-domain socket used to communicate with an
-             agent that has access to the private host keys.  If
-             M-bM-^@M-^\SSH_AUTH_SOCKM-bM-^@M-^] is specified, the location of the socket will be
-             read from the SSH_AUTH_SOCK environment variable.
-
-     IgnoreRhosts
-             Specifies that .rhosts and .shosts files will not be used in
-             RhostsRSAAuthentication or HostbasedAuthentication.
-
-             /etc/hosts.equiv and /etc/shosts.equiv are still used.  The
-             default is M-bM-^@M-^\yesM-bM-^@M-^].
-
-     IgnoreUserKnownHosts
-             Specifies whether sshd(8) should ignore the user's
-             ~/.ssh/known_hosts during RhostsRSAAuthentication or
-             HostbasedAuthentication.  The default is M-bM-^@M-^\noM-bM-^@M-^].
-
-     IPQoS   Specifies the IPv4 type-of-service or DSCP class for the
-             connection.  Accepted values are M-bM-^@M-^\af11M-bM-^@M-^], M-bM-^@M-^\af12M-bM-^@M-^], M-bM-^@M-^\af13M-bM-^@M-^], M-bM-^@M-^\af21M-bM-^@M-^],
-             M-bM-^@M-^\af22M-bM-^@M-^], M-bM-^@M-^\af23M-bM-^@M-^], M-bM-^@M-^\af31M-bM-^@M-^], M-bM-^@M-^\af32M-bM-^@M-^], M-bM-^@M-^\af33M-bM-^@M-^], M-bM-^@M-^\af41M-bM-^@M-^], M-bM-^@M-^\af42M-bM-^@M-^], M-bM-^@M-^\af43M-bM-^@M-^],
-             M-bM-^@M-^\cs0M-bM-^@M-^], M-bM-^@M-^\cs1M-bM-^@M-^], M-bM-^@M-^\cs2M-bM-^@M-^], M-bM-^@M-^\cs3M-bM-^@M-^], M-bM-^@M-^\cs4M-bM-^@M-^], M-bM-^@M-^\cs5M-bM-^@M-^], M-bM-^@M-^\cs6M-bM-^@M-^], M-bM-^@M-^\cs7M-bM-^@M-^], M-bM-^@M-^\efM-bM-^@M-^],
-             M-bM-^@M-^\lowdelayM-bM-^@M-^], M-bM-^@M-^\throughputM-bM-^@M-^], M-bM-^@M-^\reliabilityM-bM-^@M-^], or a numeric value.
-             This option may take one or two arguments, separated by
-             whitespace.  If one argument is specified, it is used as the
-             packet class unconditionally.  If two values are specified, the
-             first is automatically selected for interactive sessions and the
-             second for non-interactive sessions.  The default is M-bM-^@M-^\lowdelayM-bM-^@M-^]
-             for interactive sessions and M-bM-^@M-^\throughputM-bM-^@M-^] for non-interactive
-             sessions.
-
-     KbdInteractiveAuthentication
-             Specifies whether to allow keyboard-interactive authentication.
-             The argument to this keyword must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^].  The default
-             is to use whatever value ChallengeResponseAuthentication is set
-             to (by default M-bM-^@M-^\yesM-bM-^@M-^]).
-
-     KerberosAuthentication
-             Specifies whether the password provided by the user for
-             PasswordAuthentication will be validated through the Kerberos
-             KDC.  To use this option, the server needs a Kerberos servtab
-             which allows the verification of the KDC's identity.  The default
-             is M-bM-^@M-^\noM-bM-^@M-^].
-
-     KerberosGetAFSToken
-             If AFS is active and the user has a Kerberos 5 TGT, attempt to
-             acquire an AFS token before accessing the user's home directory.
-             The default is M-bM-^@M-^\noM-bM-^@M-^].
-
-     KerberosOrLocalPasswd
-             If password authentication through Kerberos fails then the
-             password will be validated via any additional local mechanism
-             such as /etc/passwd.  The default is M-bM-^@M-^\yesM-bM-^@M-^].
-
-     KerberosTicketCleanup
-             Specifies whether to automatically destroy the user's ticket
-             cache file on logout.  The default is M-bM-^@M-^\yesM-bM-^@M-^].
-
-     KexAlgorithms
-             Specifies the available KEX (Key Exchange) algorithms.  Multiple
-             algorithms must be comma-separated.  The supported algorithms
-             are:
-
-                   curve25519-sha256@libssh.org
-                   diffie-hellman-group1-sha1
-                   diffie-hellman-group14-sha1
-                   diffie-hellman-group-exchange-sha1
-                   diffie-hellman-group-exchange-sha256
-                   ecdh-sha2-nistp256
-                   ecdh-sha2-nistp384
-                   ecdh-sha2-nistp521
-
-             The default is:
-
-                   curve25519-sha256@libssh.org,
-                   ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,
-                   diffie-hellman-group-exchange-sha256,
-                   diffie-hellman-group14-sha1
-
-             The list of available key exchange algorithms may also be
-             obtained using the -Q option of ssh(1) with an argument of M-bM-^@M-^\kexM-bM-^@M-^].
-
-     KeyRegenerationInterval
-             In protocol version 1, the ephemeral server key is automatically
-             regenerated after this many seconds (if it has been used).  The
-             purpose of regeneration is to prevent decrypting captured
-             sessions by later breaking into the machine and stealing the
-             keys.  The key is never stored anywhere.  If the value is 0, the
-             key is never regenerated.  The default is 3600 (seconds).
-
-     ListenAddress
-             Specifies the local addresses sshd(8) should listen on.  The
-             following forms may be used:
-
-                   ListenAddress host|IPv4_addr|IPv6_addr
-                   ListenAddress host|IPv4_addr:port
-                   ListenAddress [host|IPv6_addr]:port
-
-             If port is not specified, sshd will listen on the address and all
-             Port options specified.  The default is to listen on all local
-             addresses.  Multiple ListenAddress options are permitted.
-
-     LoginGraceTime
-             The server disconnects after this time if the user has not
-             successfully logged in.  If the value is 0, there is no time
-             limit.  The default is 120 seconds.
-
-     LogLevel
-             Gives the verbosity level that is used when logging messages from
-             sshd(8).  The possible values are: QUIET, FATAL, ERROR, INFO,
-             VERBOSE, DEBUG, DEBUG1, DEBUG2, and DEBUG3.  The default is INFO.
-             DEBUG and DEBUG1 are equivalent.  DEBUG2 and DEBUG3 each specify
-             higher levels of debugging output.  Logging with a DEBUG level
-             violates the privacy of users and is not recommended.
-
-     MACs    Specifies the available MAC (message authentication code)
-             algorithms.  The MAC algorithm is used in protocol version 2 for
-             data integrity protection.  Multiple algorithms must be comma-
-             separated.  The algorithms that contain M-bM-^@M-^\-etmM-bM-^@M-^] calculate the MAC
-             after encryption (encrypt-then-mac).  These are considered safer
-             and their use recommended.  The supported MACs are:
-
-                   hmac-md5
-                   hmac-md5-96
-                   hmac-ripemd160
-                   hmac-sha1
-                   hmac-sha1-96
-                   hmac-sha2-256
-                   hmac-sha2-512
-                   umac-64@openssh.com
-                   umac-128@openssh.com
-                   hmac-md5-etm@openssh.com
-                   hmac-md5-96-etm@openssh.com
-                   hmac-ripemd160-etm@openssh.com
-                   hmac-sha1-etm@openssh.com
-                   hmac-sha1-96-etm@openssh.com
-                   hmac-sha2-256-etm@openssh.com
-                   hmac-sha2-512-etm@openssh.com
-                   umac-64-etm@openssh.com
-                   umac-128-etm@openssh.com
-
-             The default is:
-
-                   umac-64-etm@openssh.com,umac-128-etm@openssh.com,
-                   hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,
-                   umac-64@openssh.com,umac-128@openssh.com,
-                   hmac-sha2-256,hmac-sha2-512
-
-             The list of available MAC algorithms may also be obtained using
-             the -Q option of ssh(1) with an argument of M-bM-^@M-^\macM-bM-^@M-^].
-
-     Match   Introduces a conditional block.  If all of the criteria on the
-             Match line are satisfied, the keywords on the following lines
-             override those set in the global section of the config file,
-             until either another Match line or the end of the file.  If a
-             keyword appears in multiple Match blocks that are satisfied, only
-             the first instance of the keyword is applied.
-
-             The arguments to Match are one or more criteria-pattern pairs or
-             the single token All which matches all criteria.  The available
-             criteria are User, Group, Host, LocalAddress, LocalPort, and
-             Address.  The match patterns may consist of single entries or
-             comma-separated lists and may use the wildcard and negation
-             operators described in the PATTERNS section of ssh_config(5).
-
-             The patterns in an Address criteria may additionally contain
-             addresses to match in CIDR address/masklen format, e.g.
-             M-bM-^@M-^\192.0.2.0/24M-bM-^@M-^] or M-bM-^@M-^\3ffe:ffff::/32M-bM-^@M-^].  Note that the mask length
-             provided must be consistent with the address - it is an error to
-             specify a mask length that is too long for the address or one
-             with bits set in this host portion of the address.  For example,
-             M-bM-^@M-^\192.0.2.0/33M-bM-^@M-^] and M-bM-^@M-^\192.0.2.0/8M-bM-^@M-^] respectively.
-
-             Only a subset of keywords may be used on the lines following a
-             Match keyword.  Available keywords are AcceptEnv,
-             AllowAgentForwarding, AllowGroups, AllowStreamLocalForwarding,
-             AllowTcpForwarding, AllowUsers, AuthenticationMethods,
-             AuthorizedKeysCommand, AuthorizedKeysCommandUser,
-             AuthorizedKeysFile, AuthorizedPrincipalsFile, Banner,
-             ChrootDirectory, DenyGroups, DenyUsers, ForceCommand,
-             GatewayPorts, GSSAPIAuthentication, HostbasedAcceptedKeyTypes,
-             HostbasedAuthentication, HostbasedUsesNameFromPacketOnly, IPQoS,
-             KbdInteractiveAuthentication, KerberosAuthentication,
-             MaxAuthTries, MaxSessions, PasswordAuthentication,
-             PermitEmptyPasswords, PermitOpen, PermitRootLogin, PermitTTY,
-             PermitTunnel, PermitUserRC, PubkeyAcceptedKeyTypes,
-             PubkeyAuthentication, RekeyLimit, RevokedKeys,
-             RhostsRSAAuthentication, RSAAuthentication, StreamLocalBindMask,
-             StreamLocalBindUnlink, TrustedUserCAKeys, X11DisplayOffset,
-             X11Forwarding and X11UseLocalHost.
-
-     MaxAuthTries
-             Specifies the maximum number of authentication attempts permitted
-             per connection.  Once the number of failures reaches half this
-             value, additional failures are logged.  The default is 6.
-
-     MaxSessions
-             Specifies the maximum number of open sessions permitted per
-             network connection.  The default is 10.
-
-     MaxStartups
-             Specifies the maximum number of concurrent unauthenticated
-             connections to the SSH daemon.  Additional connections will be
-             dropped until authentication succeeds or the LoginGraceTime
-             expires for a connection.  The default is 10:30:100.
-
-             Alternatively, random early drop can be enabled by specifying the
-             three colon separated values M-bM-^@M-^\start:rate:fullM-bM-^@M-^] (e.g. "10:30:60").
-             sshd(8) will refuse connection attempts with a probability of
-             M-bM-^@M-^\rate/100M-bM-^@M-^] (30%) if there are currently M-bM-^@M-^\startM-bM-^@M-^] (10)
-             unauthenticated connections.  The probability increases linearly
-             and all connection attempts are refused if the number of
-             unauthenticated connections reaches M-bM-^@M-^\fullM-bM-^@M-^] (60).
-
-     PasswordAuthentication
-             Specifies whether password authentication is allowed.  The
-             default is M-bM-^@M-^\yesM-bM-^@M-^].
-
-     PermitEmptyPasswords
-             When password authentication is allowed, it specifies whether the
-             server allows login to accounts with empty password strings.  The
-             default is M-bM-^@M-^\noM-bM-^@M-^].
-
-     PermitOpen
-             Specifies the destinations to which TCP port forwarding is
-             permitted.  The forwarding specification must be one of the
-             following forms:
-
-                   PermitOpen host:port
-                   PermitOpen IPv4_addr:port
-                   PermitOpen [IPv6_addr]:port
-
-             Multiple forwards may be specified by separating them with
-             whitespace.  An argument of M-bM-^@M-^\anyM-bM-^@M-^] can be used to remove all
-             restrictions and permit any forwarding requests.  An argument of
-             M-bM-^@M-^\noneM-bM-^@M-^] can be used to prohibit all forwarding requests.  By
-             default all port forwarding requests are permitted.
-
-     PermitRootLogin
-             Specifies whether root can log in using ssh(1).  The argument
-             must be M-bM-^@M-^\yesM-bM-^@M-^], M-bM-^@M-^\without-passwordM-bM-^@M-^], M-bM-^@M-^\forced-commands-onlyM-bM-^@M-^], or
-             M-bM-^@M-^\noM-bM-^@M-^].  The default is M-bM-^@M-^\noM-bM-^@M-^].
-
-             If this option is set to M-bM-^@M-^\without-passwordM-bM-^@M-^], password
-             authentication is disabled for root.
-
-             If this option is set to M-bM-^@M-^\forced-commands-onlyM-bM-^@M-^], root login with
-             public key authentication will be allowed, but only if the
-             command option has been specified (which may be useful for taking
-             remote backups even if root login is normally not allowed).  All
-             other authentication methods are disabled for root.
-
-             If this option is set to M-bM-^@M-^\noM-bM-^@M-^], root is not allowed to log in.
-
-     PermitTunnel
-             Specifies whether tun(4) device forwarding is allowed.  The
-             argument must be M-bM-^@M-^\yesM-bM-^@M-^], M-bM-^@M-^\point-to-pointM-bM-^@M-^] (layer 3), M-bM-^@M-^\ethernetM-bM-^@M-^]
-             (layer 2), or M-bM-^@M-^\noM-bM-^@M-^].  Specifying M-bM-^@M-^\yesM-bM-^@M-^] permits both
-             M-bM-^@M-^\point-to-pointM-bM-^@M-^] and M-bM-^@M-^\ethernetM-bM-^@M-^].  The default is M-bM-^@M-^\noM-bM-^@M-^].
-
-             Independent of this setting, the permissions of the selected
-             tun(4) device must allow access to the user.
-
-     PermitTTY
-             Specifies whether pty(4) allocation is permitted.  The default is
-             M-bM-^@M-^\yesM-bM-^@M-^].
-
-     PermitUserEnvironment
-             Specifies whether ~/.ssh/environment and environment= options in
-             ~/.ssh/authorized_keys are processed by sshd(8).  The default is
-             M-bM-^@M-^\noM-bM-^@M-^].  Enabling environment processing may enable users to bypass
-             access restrictions in some configurations using mechanisms such
-             as LD_PRELOAD.
-
-     PermitUserRC
-             Specifies whether any ~/.ssh/rc file is executed.  The default is
-             M-bM-^@M-^\yesM-bM-^@M-^].
-
-     PidFile
-             Specifies the file that contains the process ID of the SSH
-             daemon, or M-bM-^@M-^\noneM-bM-^@M-^] to not write one.  The default is
-             /var/run/sshd.pid.
-
-     Port    Specifies the port number that sshd(8) listens on.  The default
-             is 22.  Multiple options of this type are permitted.  See also
-             ListenAddress.
-
-     PrintLastLog
-             Specifies whether sshd(8) should print the date and time of the
-             last user login when a user logs in interactively.  The default
-             is M-bM-^@M-^\yesM-bM-^@M-^].
-
-     PrintMotd
-             Specifies whether sshd(8) should print /etc/motd when a user logs
-             in interactively.  (On some systems it is also printed by the
-             shell, /etc/profile, or equivalent.)  The default is M-bM-^@M-^\yesM-bM-^@M-^].
-
-     Protocol
-             Specifies the protocol versions sshd(8) supports.  The possible
-             values are M-bM-^@M-^X1M-bM-^@M-^Y and M-bM-^@M-^X2M-bM-^@M-^Y.  Multiple versions must be comma-
-             separated.  The default is M-bM-^@M-^X2M-bM-^@M-^Y.  Note that the order of the
-             protocol list does not indicate preference, because the client
-             selects among multiple protocol versions offered by the server.
-             Specifying M-bM-^@M-^\2,1M-bM-^@M-^] is identical to M-bM-^@M-^\1,2M-bM-^@M-^].
-
-     PubkeyAcceptedKeyTypes
-             Specifies the key types that will be accepted for public key
-             authentication as a comma-separated pattern list.  The default
-             M-bM-^@M-^\*M-bM-^@M-^] will allow all key types.  The -Q option of ssh(1) may be
-             used to list supported key types.
-
-     PubkeyAuthentication
-             Specifies whether public key authentication is allowed.  The
-             default is M-bM-^@M-^\yesM-bM-^@M-^].  Note that this option applies to protocol
-             version 2 only.
-
-     RekeyLimit
-             Specifies the maximum amount of data that may be transmitted
-             before the session key is renegotiated, optionally followed a
-             maximum amount of time that may pass before the session key is
-             renegotiated.  The first argument is specified in bytes and may
-             have a suffix of M-bM-^@M-^XKM-bM-^@M-^Y, M-bM-^@M-^XMM-bM-^@M-^Y, or M-bM-^@M-^XGM-bM-^@M-^Y to indicate Kilobytes,
-             Megabytes, or Gigabytes, respectively.  The default is between
-             M-bM-^@M-^X1GM-bM-^@M-^Y and M-bM-^@M-^X4GM-bM-^@M-^Y, depending on the cipher.  The optional second
-             value is specified in seconds and may use any of the units
-             documented in the TIME FORMATS section.  The default value for
-             RekeyLimit is M-bM-^@M-^\default noneM-bM-^@M-^], which means that rekeying is
-             performed after the cipher's default amount of data has been sent
-             or received and no time based rekeying is done.  This option
-             applies to protocol version 2 only.
-
-     RevokedKeys
-             Specifies revoked public keys file, or M-bM-^@M-^\noneM-bM-^@M-^] to not use one.
-             Keys listed in this file will be refused for public key
-             authentication.  Note that if this file is not readable, then
-             public key authentication will be refused for all users.  Keys
-             may be specified as a text file, listing one public key per line,
-             or as an OpenSSH Key Revocation List (KRL) as generated by
-             ssh-keygen(1).  For more information on KRLs, see the KEY
-             REVOCATION LISTS section in ssh-keygen(1).
-
-     RhostsRSAAuthentication
-             Specifies whether rhosts or /etc/hosts.equiv authentication
-             together with successful RSA host authentication is allowed.  The
-             default is M-bM-^@M-^\noM-bM-^@M-^].  This option applies to protocol version 1 only.
-
-     RSAAuthentication
-             Specifies whether pure RSA authentication is allowed.  The
-             default is M-bM-^@M-^\yesM-bM-^@M-^].  This option applies to protocol version 1
-             only.
-
-     ServerKeyBits
-             Defines the number of bits in the ephemeral protocol version 1
-             server key.  The minimum value is 512, and the default is 1024.
-
-     StreamLocalBindMask
-             Sets the octal file creation mode mask (umask) used when creating
-             a Unix-domain socket file for local or remote port forwarding.
-             This option is only used for port forwarding to a Unix-domain
-             socket file.
-
-             The default value is 0177, which creates a Unix-domain socket
-             file that is readable and writable only by the owner.  Note that
-             not all operating systems honor the file mode on Unix-domain
-             socket files.
-
-     StreamLocalBindUnlink
-             Specifies whether to remove an existing Unix-domain socket file
-             for local or remote port forwarding before creating a new one.
-             If the socket file already exists and StreamLocalBindUnlink is
-             not enabled, sshd will be unable to forward the port to the Unix-
-             domain socket file.  This option is only used for port forwarding
-             to a Unix-domain socket file.
-
-             The argument must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^].  The default is M-bM-^@M-^\noM-bM-^@M-^].
-
-     StrictModes
-             Specifies whether sshd(8) should check file modes and ownership
-             of the user's files and home directory before accepting login.
-             This is normally desirable because novices sometimes accidentally
-             leave their directory or files world-writable.  The default is
-             M-bM-^@M-^\yesM-bM-^@M-^].  Note that this does not apply to ChrootDirectory, whose
-             permissions and ownership are checked unconditionally.
-
-     Subsystem
-             Configures an external subsystem (e.g. file transfer daemon).
-             Arguments should be a subsystem name and a command (with optional
-             arguments) to execute upon subsystem request.
-
-             The command sftp-server(8) implements the M-bM-^@M-^\sftpM-bM-^@M-^] file transfer
-             subsystem.
-
-             Alternately the name M-bM-^@M-^\internal-sftpM-bM-^@M-^] implements an in-process
-             M-bM-^@M-^\sftpM-bM-^@M-^] server.  This may simplify configurations using
-             ChrootDirectory to force a different filesystem root on clients.
-
-             By default no subsystems are defined.  Note that this option
-             applies to protocol version 2 only.
-
-     SyslogFacility
-             Gives the facility code that is used when logging messages from
-             sshd(8).  The possible values are: DAEMON, USER, AUTH, LOCAL0,
-             LOCAL1, LOCAL2, LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7.  The
-             default is AUTH.
-
-     TCPKeepAlive
-             Specifies whether the system should send TCP keepalive messages
-             to the other side.  If they are sent, death of the connection or
-             crash of one of the machines will be properly noticed.  However,
-             this means that connections will die if the route is down
-             temporarily, and some people find it annoying.  On the other
-             hand, if TCP keepalives are not sent, sessions may hang
-             indefinitely on the server, leaving M-bM-^@M-^\ghostM-bM-^@M-^] users and consuming
-             server resources.
-
-             The default is M-bM-^@M-^\yesM-bM-^@M-^] (to send TCP keepalive messages), and the
-             server will notice if the network goes down or the client host
-             crashes.  This avoids infinitely hanging sessions.
-
-             To disable TCP keepalive messages, the value should be set to
-             M-bM-^@M-^\noM-bM-^@M-^].
-
-     TrustedUserCAKeys
-             Specifies a file containing public keys of certificate
-             authorities that are trusted to sign user certificates for
-             authentication, or M-bM-^@M-^\noneM-bM-^@M-^] to not use one.  Keys are listed one
-             per line; empty lines and comments starting with M-bM-^@M-^X#M-bM-^@M-^Y are allowed.
-             If a certificate is presented for authentication and has its
-             signing CA key listed in this file, then it may be used for
-             authentication for any user listed in the certificate's
-             principals list.  Note that certificates that lack a list of
-             principals will not be permitted for authentication using
-             TrustedUserCAKeys.  For more details on certificates, see the
-             CERTIFICATES section in ssh-keygen(1).
-
-     UseDNS  Specifies whether sshd(8) should look up the remote host name and
-             check that the resolved host name for the remote IP address maps
-             back to the very same IP address.  The default is M-bM-^@M-^\noM-bM-^@M-^].
-
-     UseLogin
-             Specifies whether login(1) is used for interactive login
-             sessions.  The default is M-bM-^@M-^\noM-bM-^@M-^].  Note that login(1) is never used
-             for remote command execution.  Note also, that if this is
-             enabled, X11Forwarding will be disabled because login(1) does not
-             know how to handle xauth(1) cookies.  If UsePrivilegeSeparation
-             is specified, it will be disabled after authentication.
-
-     UsePAM  Enables the Pluggable Authentication Module interface.  If set to
-             M-bM-^@M-^\yesM-bM-^@M-^] this will enable PAM authentication using
-             ChallengeResponseAuthentication and PasswordAuthentication in
-             addition to PAM account and session module processing for all
-             authentication types.
-
-             Because PAM challenge-response authentication usually serves an
-             equivalent role to password authentication, you should disable
-             either PasswordAuthentication or ChallengeResponseAuthentication.
-
-             If UsePAM is enabled, you will not be able to run sshd(8) as a
-             non-root user.  The default is M-bM-^@M-^\noM-bM-^@M-^].
-
-     UsePrivilegeSeparation
-             Specifies whether sshd(8) separates privileges by creating an
-             unprivileged child process to deal with incoming network traffic.
-             After successful authentication, another process will be created
-             that has the privilege of the authenticated user.  The goal of
-             privilege separation is to prevent privilege escalation by
-             containing any corruption within the unprivileged processes.  The
-             default is M-bM-^@M-^\yesM-bM-^@M-^].  If UsePrivilegeSeparation is set to M-bM-^@M-^\sandboxM-bM-^@M-^]
-             then the pre-authentication unprivileged process is subject to
-             additional restrictions.
-
-     VersionAddendum
-             Optionally specifies additional text to append to the SSH
-             protocol banner sent by the server upon connection.  The default
-             is M-bM-^@M-^\noneM-bM-^@M-^].
-
-     X11DisplayOffset
-             Specifies the first display number available for sshd(8)'s X11
-             forwarding.  This prevents sshd from interfering with real X11
-             servers.  The default is 10.
-
-     X11Forwarding
-             Specifies whether X11 forwarding is permitted.  The argument must
-             be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^].  The default is M-bM-^@M-^\noM-bM-^@M-^].
-
-             When X11 forwarding is enabled, there may be additional exposure
-             to the server and to client displays if the sshd(8) proxy display
-             is configured to listen on the wildcard address (see
-             X11UseLocalhost below), though this is not the default.
-             Additionally, the authentication spoofing and authentication data
-             verification and substitution occur on the client side.  The
-             security risk of using X11 forwarding is that the client's X11
-             display server may be exposed to attack when the SSH client
-             requests forwarding (see the warnings for ForwardX11 in
-             ssh_config(5)).  A system administrator may have a stance in
-             which they want to protect clients that may expose themselves to
-             attack by unwittingly requesting X11 forwarding, which can
-             warrant a M-bM-^@M-^\noM-bM-^@M-^] setting.
-
-             Note that disabling X11 forwarding does not prevent users from
-             forwarding X11 traffic, as users can always install their own
-             forwarders.  X11 forwarding is automatically disabled if UseLogin
-             is enabled.
-
-     X11UseLocalhost
-             Specifies whether sshd(8) should bind the X11 forwarding server
-             to the loopback address or to the wildcard address.  By default,
-             sshd binds the forwarding server to the loopback address and sets
-             the hostname part of the DISPLAY environment variable to
-             M-bM-^@M-^\localhostM-bM-^@M-^].  This prevents remote hosts from connecting to the
-             proxy display.  However, some older X11 clients may not function
-             with this configuration.  X11UseLocalhost may be set to M-bM-^@M-^\noM-bM-^@M-^] to
-             specify that the forwarding server should be bound to the
-             wildcard address.  The argument must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^].  The
-             default is M-bM-^@M-^\yesM-bM-^@M-^].
-
-     XAuthLocation
-             Specifies the full pathname of the xauth(1) program, or M-bM-^@M-^\noneM-bM-^@M-^] to
-             not use one.  The default is /usr/X11R6/bin/xauth.
-
-TIME FORMATS
-     sshd(8) command-line arguments and configuration file options that
-     specify time may be expressed using a sequence of the form:
-     time[qualifier], where time is a positive integer value and qualifier is
-     one of the following:
-
-           M-bM-^_M-(noneM-bM-^_M-)  seconds
-           s | S   seconds
-           m | M   minutes
-           h | H   hours
-           d | D   days
-           w | W   weeks
-
-     Each member of the sequence is added together to calculate the total time
-     value.
-
-     Time format examples:
-
-           600     600 seconds (10 minutes)
-           10m     10 minutes
-           1h30m   1 hour 30 minutes (90 minutes)
-
-FILES
-     /etc/ssh/sshd_config
-             Contains configuration data for sshd(8).  This file should be
-             writable by root only, but it is recommended (though not
-             necessary) that it be world-readable.
-
-SEE ALSO
-     sshd(8)
-
-AUTHORS
-     OpenSSH is a derivative of the original and free ssh 1.2.12 release by
-     Tatu Ylonen.  Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo
-     de Raadt and Dug Song removed many bugs, re-added newer features and
-     created OpenSSH.  Markus Friedl contributed the support for SSH protocol
-     versions 1.5 and 2.0.  Niels Provos and Markus Friedl contributed support
-     for privilege separation.
-
-OpenBSD 5.7                      June 5, 2015                      OpenBSD 5.7
diff --git a/crypto/openssh/sshd_config.5 b/crypto/openssh/sshd_config.5
index 2c0d946..4a0f72d 100644
--- a/crypto/openssh/sshd_config.5
+++ b/crypto/openssh/sshd_config.5
@@ -33,9 +33,9 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: sshd_config.5,v 1.204 2015/06/05 03:44:14 djm Exp $
+.\" $OpenBSD: sshd_config.5,v 1.211 2015/08/14 15:32:41 jmc Exp $
 .\" $FreeBSD$
-.Dd $Mdocdate: June 5 2015 $
+.Dd $Mdocdate: August 14 2015 $
 .Dt SSHD_CONFIG 5
 .Os
 .Sh NAME
@@ -435,6 +435,11 @@ The default is not to
 .It Cm Ciphers
 Specifies the ciphers allowed for protocol version 2.
 Multiple ciphers must be comma-separated.
+If the specified value begins with a
+.Sq +
+character, then the specified ciphers will be appended to the default set
+instead of replacing them.
+.Pp
 The supported ciphers are:
 .Pp
 .Bl -item -compact -offset indent
@@ -472,9 +477,9 @@ chacha20-poly1305@openssh.com
 .Pp
 The default is:
 .Bd -literal -offset indent
+chacha20-poly1305@openssh.com,
 aes128-ctr,aes192-ctr,aes256-ctr,
-aes128-gcm@openssh.com,aes256-gcm@openssh.com,
-chacha20-poly1305@openssh.com
+aes128-gcm@openssh.com,aes256-gcm@openssh.com
 .Ed
 .Pp
 The list of available ciphers may also be obtained using the
@@ -641,9 +646,23 @@ The default is
 .It Cm HostbasedAcceptedKeyTypes
 Specifies the key types that will be accepted for hostbased authentication
 as a comma-separated pattern list.
-The default
-.Dq *
-will allow all key types.
+Alternately if the specified value begins with a
+.Sq +
+character, then the specified key types will be appended to the default set
+instead of replacing them.
+The default for this option is:
+.Bd -literal -offset 3n
+ecdsa-sha2-nistp256-cert-v01@openssh.com,
+ecdsa-sha2-nistp384-cert-v01@openssh.com,
+ecdsa-sha2-nistp521-cert-v01@openssh.com,
+ssh-ed25519-cert-v01@openssh.com,
+ssh-rsa-cert-v01@openssh.com,
+ssh-dss-cert-v01@openssh.com,
+ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,
+ecdsa-sha2-nistp521,ssh-ed25519,
+ssh-rsa,ssh-dss
+.Ed
+.Pp
 The
 .Fl Q
 option of
@@ -695,9 +714,15 @@ for protocol version 1, and
 and
 .Pa /etc/ssh/ssh_host_rsa_key
 for protocol version 2.
+.Pp
 Note that
 .Xr sshd 8
-will refuse to use a file if it is group/world-accessible.
+will refuse to use a file if it is group/world-accessible
+and that the
+.Cm HostKeyAlgorithms
+option restricts which of the keys are actually used by
+.Xr sshd 8 .
+.Pp
 It is possible to have multiple host key files.
 .Dq rsa1
 keys are used for version 1 and
@@ -719,6 +744,28 @@ If
 is specified, the location of the socket will be read from the
 .Ev SSH_AUTH_SOCK
 environment variable.
+.It Cm HostKeyAlgorithms
+Specifies the protocol version 2 host key algorithms
+that the server offers.
+The default for this option is:
+.Bd -literal -offset 3n
+ecdsa-sha2-nistp256-cert-v01@openssh.com,
+ecdsa-sha2-nistp384-cert-v01@openssh.com,
+ecdsa-sha2-nistp521-cert-v01@openssh.com,
+ssh-ed25519-cert-v01@openssh.com,
+ssh-rsa-cert-v01@openssh.com,
+ssh-dss-cert-v01@openssh.com,
+ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,
+ecdsa-sha2-nistp521,ssh-ed25519,
+ssh-rsa,ssh-dss
+.Ed
+.Pp
+The list of available key types may also be obtained using the
+.Fl Q
+option of
+.Xr ssh 1
+with an argument of
+.Dq key .
 .It Cm IgnoreRhosts
 Specifies that
 .Pa .rhosts
@@ -822,6 +869,10 @@ The default is
 .It Cm KexAlgorithms
 Specifies the available KEX (Key Exchange) algorithms.
 Multiple algorithms must be comma-separated.
+Alternately if the specified value begins with a
+.Sq +
+character, then the specified methods will be appended to the default set
+instead of replacing them.
 The supported algorithms are:
 .Pp
 .Bl -item -compact -offset indent
@@ -920,6 +971,11 @@ Specifies the available MAC (message authentication code) algorithms.
 The MAC algorithm is used in protocol version 2
 for data integrity protection.
 Multiple algorithms must be comma-separated.
+If the specified value begins with a
+.Sq +
+character, then the specified algorithms will be appended to the default set
+instead of replacing them.
+.Pp
 The algorithms that contain
 .Dq -etm
 calculate the MAC after encryption (encrypt-then-mac).
@@ -1155,12 +1211,13 @@ Specifies whether root can log in using
 .Xr ssh 1 .
 The argument must be
 .Dq yes ,
+.Dq prohibit-password ,
 .Dq without-password ,
 .Dq forced-commands-only ,
 or
 .Dq no .
 The default is
-.Dq no .
+.Dq prohibit-password .
 Note that if
 .Cm ChallengeResponseAuthentication
 is
@@ -1170,8 +1227,10 @@ the root user may be allowed in with its password even if
 .Dq without-password .
 .Pp
 If this option is set to
+.Dq prohibit-password
+or
 .Dq without-password ,
-password authentication is disabled for root.
+password and keyboard-interactive authentication are disabled for root.
 .Pp
 If this option is set to
 .Dq forced-commands-only ,
@@ -1289,9 +1348,23 @@ is identical to
 .It Cm PubkeyAcceptedKeyTypes
 Specifies the key types that will be accepted for public key authentication
 as a comma-separated pattern list.
-The default
-.Dq *
-will allow all key types.
+Alternately if the specified value begins with a
+.Sq +
+character, then the specified key types will be appended to the default set
+instead of replacing them.
+The default for this option is:
+.Bd -literal -offset 3n
+ecdsa-sha2-nistp256-cert-v01@openssh.com,
+ecdsa-sha2-nistp384-cert-v01@openssh.com,
+ecdsa-sha2-nistp521-cert-v01@openssh.com,
+ssh-ed25519-cert-v01@openssh.com,
+ssh-rsa-cert-v01@openssh.com,
+ssh-dss-cert-v01@openssh.com,
+ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,
+ecdsa-sha2-nistp521,ssh-ed25519,
+ssh-rsa,ssh-dss
+.Ed
+.Pp
 The
 .Fl Q
 option of
@@ -1355,7 +1428,7 @@ The default is
 This option applies to protocol version 1 only.
 .It Cm ServerKeyBits
 Defines the number of bits in the ephemeral protocol version 1 server key.
-The minimum value is 512, and the default is 1024.
+The default and minimum value is 1024.
 .It Cm StreamLocalBindMask
 Sets the octal file creation mode mask
 .Pq umask
@@ -1463,11 +1536,20 @@ For more details on certificates, see the CERTIFICATES section in
 .It Cm UseDNS
 Specifies whether
 .Xr sshd 8
-should look up the remote host name and check that
+should look up the remote host name, and to check that
 the resolved host name for the remote IP address maps back to the
 very same IP address.
-The default is
-.Dq no .
+.Pp
+If this option is set to
+.Dq no
+(the default) then only addresses and not host names may be used in
+.Pa ~/.ssh/known_hosts
+.Cm from
+and
+.Nm
+.Cm Match
+.Cm Host
+directives.
 .It Cm UseLogin
 Specifies whether
 .Xr login 1
@@ -1532,7 +1614,7 @@ restrictions.
 Optionally specifies additional text to append to the SSH protocol banner
 sent by the server upon connection.
 The default is
-.Dq FreeBSD-20160119 .
+.Dq FreeBSD-20160121 .
 The value
 .Dq none
 may be used to disable this.
diff --git a/crypto/openssh/sshkey.c b/crypto/openssh/sshkey.c
index cfe5980..32dd8f2 100644
--- a/crypto/openssh/sshkey.c
+++ b/crypto/openssh/sshkey.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshkey.c,v 1.19 2015/05/21 04:55:51 djm Exp $ */
+/* $OpenBSD: sshkey.c,v 1.21 2015/08/19 23:19:01 djm Exp $ */
 /*
  * Copyright (c) 2000, 2001 Markus Friedl.  All rights reserved.
  * Copyright (c) 2008 Alexander von Gernler.  All rights reserved.
@@ -111,10 +111,6 @@ static const struct keytype keytypes[] = {
 	    KEY_ECDSA_CERT, NID_secp521r1, 1 },
 #  endif /* OPENSSL_HAS_NISTP521 */
 # endif /* OPENSSL_HAS_ECC */
-	{ "ssh-rsa-cert-v00@openssh.com", "RSA-CERT-V00",
-	    KEY_RSA_CERT_V00, 0, 1 },
-	{ "ssh-dss-cert-v00@openssh.com", "DSA-CERT-V00",
-	    KEY_DSA_CERT_V00, 0, 1 },
 #endif /* WITH_OPENSSL */
 	{ NULL, NULL, -1, -1, 0 }
 };
@@ -272,11 +268,9 @@ sshkey_size(const struct sshkey *k)
 #ifdef WITH_OPENSSL
 	case KEY_RSA1:
 	case KEY_RSA:
-	case KEY_RSA_CERT_V00:
 	case KEY_RSA_CERT:
 		return BN_num_bits(k->rsa->n);
 	case KEY_DSA:
-	case KEY_DSA_CERT_V00:
 	case KEY_DSA_CERT:
 		return BN_num_bits(k->dsa->p);
 	case KEY_ECDSA:
@@ -290,18 +284,6 @@ sshkey_size(const struct sshkey *k)
 	return 0;
 }
 
-int
-sshkey_cert_is_legacy(const struct sshkey *k)
-{
-	switch (k->type) {
-	case KEY_DSA_CERT_V00:
-	case KEY_RSA_CERT_V00:
-		return 1;
-	default:
-		return 0;
-	}
-}
-
 static int
 sshkey_type_is_valid_ca(int type)
 {
@@ -329,10 +311,8 @@ int
 sshkey_type_plain(int type)
 {
 	switch (type) {
-	case KEY_RSA_CERT_V00:
 	case KEY_RSA_CERT:
 		return KEY_RSA;
-	case KEY_DSA_CERT_V00:
 	case KEY_DSA_CERT:
 		return KEY_DSA;
 	case KEY_ECDSA_CERT:
@@ -497,7 +477,6 @@ sshkey_new(int type)
 #ifdef WITH_OPENSSL
 	case KEY_RSA1:
 	case KEY_RSA:
-	case KEY_RSA_CERT_V00:
 	case KEY_RSA_CERT:
 		if ((rsa = RSA_new()) == NULL ||
 		    (rsa->n = BN_new()) == NULL ||
@@ -510,7 +489,6 @@ sshkey_new(int type)
 		k->rsa = rsa;
 		break;
 	case KEY_DSA:
-	case KEY_DSA_CERT_V00:
 	case KEY_DSA_CERT:
 		if ((dsa = DSA_new()) == NULL ||
 		    (dsa->p = BN_new()) == NULL ||
@@ -558,7 +536,6 @@ sshkey_add_private(struct sshkey *k)
 #ifdef WITH_OPENSSL
 	case KEY_RSA1:
 	case KEY_RSA:
-	case KEY_RSA_CERT_V00:
 	case KEY_RSA_CERT:
 #define bn_maybe_alloc_failed(p) (p == NULL && (p = BN_new()) == NULL)
 		if (bn_maybe_alloc_failed(k->rsa->d) ||
@@ -570,7 +547,6 @@ sshkey_add_private(struct sshkey *k)
 			return SSH_ERR_ALLOC_FAIL;
 		break;
 	case KEY_DSA:
-	case KEY_DSA_CERT_V00:
 	case KEY_DSA_CERT:
 		if (bn_maybe_alloc_failed(k->dsa->priv_key))
 			return SSH_ERR_ALLOC_FAIL;
@@ -616,14 +592,12 @@ sshkey_free(struct sshkey *k)
 #ifdef WITH_OPENSSL
 	case KEY_RSA1:
 	case KEY_RSA:
-	case KEY_RSA_CERT_V00:
 	case KEY_RSA_CERT:
 		if (k->rsa != NULL)
 			RSA_free(k->rsa);
 		k->rsa = NULL;
 		break;
 	case KEY_DSA:
-	case KEY_DSA_CERT_V00:
 	case KEY_DSA_CERT:
 		if (k->dsa != NULL)
 			DSA_free(k->dsa);
@@ -695,13 +669,11 @@ sshkey_equal_public(const struct sshkey *a, const struct sshkey *b)
 	switch (a->type) {
 #ifdef WITH_OPENSSL
 	case KEY_RSA1:
-	case KEY_RSA_CERT_V00:
 	case KEY_RSA_CERT:
 	case KEY_RSA:
 		return a->rsa != NULL && b->rsa != NULL &&
 		    BN_cmp(a->rsa->e, b->rsa->e) == 0 &&
 		    BN_cmp(a->rsa->n, b->rsa->n) == 0;
-	case KEY_DSA_CERT_V00:
 	case KEY_DSA_CERT:
 	case KEY_DSA:
 		return a->dsa != NULL && b->dsa != NULL &&
@@ -772,8 +744,6 @@ to_blob_buf(const struct sshkey *key, struct sshbuf *b, int force_plain)
 
 	switch (type) {
 #ifdef WITH_OPENSSL
-	case KEY_DSA_CERT_V00:
-	case KEY_RSA_CERT_V00:
 	case KEY_DSA_CERT:
 	case KEY_ECDSA_CERT:
 	case KEY_RSA_CERT:
@@ -1297,8 +1267,6 @@ sshkey_read(struct sshkey *ret, char **cpp)
 	case KEY_DSA:
 	case KEY_ECDSA:
 	case KEY_ED25519:
-	case KEY_DSA_CERT_V00:
-	case KEY_RSA_CERT_V00:
 	case KEY_DSA_CERT:
 	case KEY_ECDSA_CERT:
 	case KEY_RSA_CERT:
@@ -1588,7 +1556,6 @@ dsa_generate_private_key(u_int bits, DSA **dsap)
 	*dsap = NULL;
 	if (!DSA_generate_parameters_ex(private, bits, NULL, 0, NULL,
 	    NULL, NULL) || !DSA_generate_key(private)) {
-		DSA_free(private);
 		ret = SSH_ERR_LIBCRYPTO_ERROR;
 		goto out;
 	}
@@ -1797,7 +1764,6 @@ sshkey_from_private(const struct sshkey *k, struct sshkey **pkp)
 	switch (k->type) {
 #ifdef WITH_OPENSSL
 	case KEY_DSA:
-	case KEY_DSA_CERT_V00:
 	case KEY_DSA_CERT:
 		if ((n = sshkey_new(k->type)) == NULL)
 			return SSH_ERR_ALLOC_FAIL;
@@ -1829,7 +1795,6 @@ sshkey_from_private(const struct sshkey *k, struct sshkey **pkp)
 # endif /* OPENSSL_HAS_ECC */
 	case KEY_RSA:
 	case KEY_RSA1:
-	case KEY_RSA_CERT_V00:
 	case KEY_RSA_CERT:
 		if ((n = sshkey_new(k->type)) == NULL)
 			return SSH_ERR_ALLOC_FAIL;
@@ -1873,21 +1838,20 @@ cert_parse(struct sshbuf *b, struct sshkey *key, struct sshbuf *certbuf)
 	u_char *sig = NULL;
 	size_t signed_len = 0, slen = 0, kidlen = 0;
 	int ret = SSH_ERR_INTERNAL_ERROR;
-	int v00 = sshkey_cert_is_legacy(key);
 
 	/* Copy the entire key blob for verification and later serialisation */
 	if ((ret = sshbuf_putb(key->cert->certblob, certbuf)) != 0)
 		return ret;
 
-	if ((!v00 && (ret = sshbuf_get_u64(b, &key->cert->serial)) != 0) ||
+	/* Parse body of certificate up to signature */
+	if ((ret = sshbuf_get_u64(b, &key->cert->serial)) != 0 ||
 	    (ret = sshbuf_get_u32(b, &key->cert->type)) != 0 ||
 	    (ret = sshbuf_get_cstring(b, &key->cert->key_id, &kidlen)) != 0 ||
 	    (ret = sshbuf_froms(b, &principals)) != 0 ||
 	    (ret = sshbuf_get_u64(b, &key->cert->valid_after)) != 0 ||
 	    (ret = sshbuf_get_u64(b, &key->cert->valid_before)) != 0 ||
 	    (ret = sshbuf_froms(b, &crit)) != 0 ||
-	    (!v00 && (ret = sshbuf_froms(b, &exts)) != 0) ||
-	    (v00 && (ret = sshbuf_get_string_direct(b, NULL, NULL)) != 0) ||
+	    (ret = sshbuf_froms(b, &exts)) != 0 ||
 	    (ret = sshbuf_get_string_direct(b, NULL, NULL)) != 0 ||
 	    (ret = sshbuf_froms(b, &ca)) != 0) {
 		/* XXX debug print error for ret */
@@ -1924,9 +1888,8 @@ cert_parse(struct sshbuf *b, struct sshkey *key, struct sshbuf *certbuf)
 			goto out;
 		}
 		oprincipals = key->cert->principals;
-		key->cert->principals = realloc(key->cert->principals,
-		    (key->cert->nprincipals + 1) *
-		    sizeof(*key->cert->principals));
+		key->cert->principals = reallocarray(key->cert->principals,
+		    key->cert->nprincipals + 1, sizeof(*key->cert->principals));
 		if (key->cert->principals == NULL) {
 			free(principal);
 			key->cert->principals = oprincipals;
@@ -1947,7 +1910,6 @@ cert_parse(struct sshbuf *b, struct sshkey *key, struct sshbuf *certbuf)
 
 	/*
 	 * Validate critical options and extensions sections format.
-	 * NB. extensions are not present in v00 certs.
 	 */
 	while (sshbuf_len(crit) != 0) {
 		if ((ret = sshbuf_get_string_direct(crit, NULL, NULL)) != 0 ||
@@ -2032,7 +1994,6 @@ sshkey_from_blob_internal(struct sshbuf *b, struct sshkey **keyp,
 		}
 		/* FALLTHROUGH */
 	case KEY_RSA:
-	case KEY_RSA_CERT_V00:
 		if ((key = sshkey_new(type)) == NULL) {
 			ret = SSH_ERR_ALLOC_FAIL;
 			goto out;
@@ -2054,7 +2015,6 @@ sshkey_from_blob_internal(struct sshbuf *b, struct sshkey **keyp,
 		}
 		/* FALLTHROUGH */
 	case KEY_DSA:
-	case KEY_DSA_CERT_V00:
 		if ((key = sshkey_new(type)) == NULL) {
 			ret = SSH_ERR_ALLOC_FAIL;
 			goto out;
@@ -2224,7 +2184,6 @@ sshkey_sign(const struct sshkey *key,
 		return SSH_ERR_INVALID_ARGUMENT;
 	switch (key->type) {
 #ifdef WITH_OPENSSL
-	case KEY_DSA_CERT_V00:
 	case KEY_DSA_CERT:
 	case KEY_DSA:
 		return ssh_dss_sign(key, sigp, lenp, data, datalen, compat);
@@ -2233,7 +2192,6 @@ sshkey_sign(const struct sshkey *key,
 	case KEY_ECDSA:
 		return ssh_ecdsa_sign(key, sigp, lenp, data, datalen, compat);
 # endif /* OPENSSL_HAS_ECC */
-	case KEY_RSA_CERT_V00:
 	case KEY_RSA_CERT:
 	case KEY_RSA:
 		return ssh_rsa_sign(key, sigp, lenp, data, datalen, compat);
@@ -2258,7 +2216,6 @@ sshkey_verify(const struct sshkey *key,
 		return SSH_ERR_INVALID_ARGUMENT;
 	switch (key->type) {
 #ifdef WITH_OPENSSL
-	case KEY_DSA_CERT_V00:
 	case KEY_DSA_CERT:
 	case KEY_DSA:
 		return ssh_dss_verify(key, sig, siglen, data, dlen, compat);
@@ -2267,7 +2224,6 @@ sshkey_verify(const struct sshkey *key,
 	case KEY_ECDSA:
 		return ssh_ecdsa_verify(key, sig, siglen, data, dlen, compat);
 # endif /* OPENSSL_HAS_ECC */
-	case KEY_RSA_CERT_V00:
 	case KEY_RSA_CERT:
 	case KEY_RSA:
 		return ssh_rsa_verify(key, sig, siglen, data, dlen, compat);
@@ -2303,7 +2259,6 @@ sshkey_demote(const struct sshkey *k, struct sshkey **dkp)
 
 	switch (k->type) {
 #ifdef WITH_OPENSSL
-	case KEY_RSA_CERT_V00:
 	case KEY_RSA_CERT:
 		if ((ret = sshkey_cert_copy(k, pk)) != 0)
 			goto fail;
@@ -2317,7 +2272,6 @@ sshkey_demote(const struct sshkey *k, struct sshkey **dkp)
 			goto fail;
 			}
 		break;
-	case KEY_DSA_CERT_V00:
 	case KEY_DSA_CERT:
 		if ((ret = sshkey_cert_copy(k, pk)) != 0)
 			goto fail;
@@ -2376,27 +2330,23 @@ sshkey_demote(const struct sshkey *k, struct sshkey **dkp)
 
 /* Convert a plain key to their _CERT equivalent */
 int
-sshkey_to_certified(struct sshkey *k, int legacy)
+sshkey_to_certified(struct sshkey *k)
 {
 	int newtype;
 
 	switch (k->type) {
 #ifdef WITH_OPENSSL
 	case KEY_RSA:
-		newtype = legacy ? KEY_RSA_CERT_V00 : KEY_RSA_CERT;
+		newtype = KEY_RSA_CERT;
 		break;
 	case KEY_DSA:
-		newtype = legacy ? KEY_DSA_CERT_V00 : KEY_DSA_CERT;
+		newtype = KEY_DSA_CERT;
 		break;
 	case KEY_ECDSA:
-		if (legacy)
-			return SSH_ERR_INVALID_ARGUMENT;
 		newtype = KEY_ECDSA_CERT;
 		break;
 #endif /* WITH_OPENSSL */
 	case KEY_ED25519:
-		if (legacy)
-			return SSH_ERR_INVALID_ARGUMENT;
 		newtype = KEY_ED25519_CERT;
 		break;
 	default:
@@ -2448,15 +2398,12 @@ sshkey_certify(struct sshkey *k, struct sshkey *ca)
 
 	/* -v01 certs put nonce first */
 	arc4random_buf(&nonce, sizeof(nonce));
-	if (!sshkey_cert_is_legacy(k)) {
-		if ((ret = sshbuf_put_string(cert, nonce, sizeof(nonce))) != 0)
-			goto out;
-	}
+	if ((ret = sshbuf_put_string(cert, nonce, sizeof(nonce))) != 0)
+		goto out;
 
 	/* XXX this substantially duplicates to_blob(); refactor */
 	switch (k->type) {
 #ifdef WITH_OPENSSL
-	case KEY_DSA_CERT_V00:
 	case KEY_DSA_CERT:
 		if ((ret = sshbuf_put_bignum2(cert, k->dsa->p)) != 0 ||
 		    (ret = sshbuf_put_bignum2(cert, k->dsa->q)) != 0 ||
@@ -2474,7 +2421,6 @@ sshkey_certify(struct sshkey *k, struct sshkey *ca)
 			goto out;
 		break;
 # endif /* OPENSSL_HAS_ECC */
-	case KEY_RSA_CERT_V00:
 	case KEY_RSA_CERT:
 		if ((ret = sshbuf_put_bignum2(cert, k->rsa->e)) != 0 ||
 		    (ret = sshbuf_put_bignum2(cert, k->rsa->n)) != 0)
@@ -2491,13 +2437,8 @@ sshkey_certify(struct sshkey *k, struct sshkey *ca)
 		goto out;
 	}
 
-	/* -v01 certs have a serial number next */
-	if (!sshkey_cert_is_legacy(k)) {
-		if ((ret = sshbuf_put_u64(cert, k->cert->serial)) != 0)
-			goto out;
-	}
-
-	if ((ret = sshbuf_put_u32(cert, k->cert->type)) != 0 ||
+	if ((ret = sshbuf_put_u64(cert, k->cert->serial)) != 0 ||
+	    (ret = sshbuf_put_u32(cert, k->cert->type)) != 0 ||
 	    (ret = sshbuf_put_cstring(cert, k->cert->key_id)) != 0)
 		goto out;
 
@@ -2513,22 +2454,9 @@ sshkey_certify(struct sshkey *k, struct sshkey *ca)
 	if ((ret = sshbuf_put_stringb(cert, principals)) != 0 ||
 	    (ret = sshbuf_put_u64(cert, k->cert->valid_after)) != 0 ||
 	    (ret = sshbuf_put_u64(cert, k->cert->valid_before)) != 0 ||
-	    (ret = sshbuf_put_stringb(cert, k->cert->critical)) != 0)
-		goto out;
-
-	/* -v01 certs have non-critical options here */
-	if (!sshkey_cert_is_legacy(k)) {
-		if ((ret = sshbuf_put_stringb(cert, k->cert->extensions)) != 0)
-			goto out;
-	}
-
-	/* -v00 certs put the nonce at the end */
-	if (sshkey_cert_is_legacy(k)) {
-		if ((ret = sshbuf_put_string(cert, nonce, sizeof(nonce))) != 0)
-			goto out;
-	}
-
-	if ((ret = sshbuf_put_string(cert, NULL, 0)) != 0 || /* Reserved */
+	    (ret = sshbuf_put_stringb(cert, k->cert->critical)) != 0 ||
+	    (ret = sshbuf_put_stringb(cert, k->cert->extensions)) != 0 ||
+	    (ret = sshbuf_put_string(cert, NULL, 0)) != 0 || /* Reserved */
 	    (ret = sshbuf_put_string(cert, ca_blob, ca_len)) != 0)
 		goto out;
 
@@ -2628,7 +2556,6 @@ sshkey_private_serialize(const struct sshkey *key, struct sshbuf *b)
 		    (r = sshbuf_put_bignum2(b, key->rsa->q)) != 0)
 			goto out;
 		break;
-	case KEY_RSA_CERT_V00:
 	case KEY_RSA_CERT:
 		if (key->cert == NULL || sshbuf_len(key->cert->certblob) == 0) {
 			r = SSH_ERR_INVALID_ARGUMENT;
@@ -2649,7 +2576,6 @@ sshkey_private_serialize(const struct sshkey *key, struct sshbuf *b)
 		    (r = sshbuf_put_bignum2(b, key->dsa->priv_key)) != 0)
 			goto out;
 		break;
-	case KEY_DSA_CERT_V00:
 	case KEY_DSA_CERT:
 		if (key->cert == NULL || sshbuf_len(key->cert->certblob) == 0) {
 			r = SSH_ERR_INVALID_ARGUMENT;
@@ -2740,7 +2666,6 @@ sshkey_private_deserialize(struct sshbuf *buf, struct sshkey **kp)
 		    (r = sshbuf_get_bignum2(buf, k->dsa->priv_key)) != 0)
 			goto out;
 		break;
-	case KEY_DSA_CERT_V00:
 	case KEY_DSA_CERT:
 		if ((r = sshkey_froms(buf, &k)) != 0 ||
 		    (r = sshkey_add_private(k)) != 0 ||
@@ -2813,7 +2738,6 @@ sshkey_private_deserialize(struct sshbuf *buf, struct sshkey **kp)
 		    (r = rsa_generate_additional_parameters(k->rsa)) != 0)
 			goto out;
 		break;
-	case KEY_RSA_CERT_V00:
 	case KEY_RSA_CERT:
 		if ((r = sshkey_froms(buf, &k)) != 0 ||
 		    (r = sshkey_add_private(k)) != 0 ||
@@ -2863,7 +2787,6 @@ sshkey_private_deserialize(struct sshbuf *buf, struct sshkey **kp)
 	/* enable blinding */
 	switch (k->type) {
 	case KEY_RSA:
-	case KEY_RSA_CERT_V00:
 	case KEY_RSA_CERT:
 	case KEY_RSA1:
 		if (RSA_blinding_on(k->rsa, NULL) != 1) {
diff --git a/crypto/openssh/sshkey.h b/crypto/openssh/sshkey.h
index cdac0e2..c8d3cdd 100644
--- a/crypto/openssh/sshkey.h
+++ b/crypto/openssh/sshkey.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshkey.h,v 1.6 2015/05/21 04:55:51 djm Exp $ */
+/* $OpenBSD: sshkey.h,v 1.9 2015/08/04 05:23:06 djm Exp $ */
 
 /*
  * Copyright (c) 2000, 2001 Markus Friedl.  All rights reserved.
@@ -62,8 +62,6 @@ enum sshkey_types {
 	KEY_DSA_CERT,
 	KEY_ECDSA_CERT,
 	KEY_ED25519_CERT,
-	KEY_RSA_CERT_V00,
-	KEY_DSA_CERT_V00,
 	KEY_UNSPEC
 };
 
@@ -137,13 +135,12 @@ int	 sshkey_type_from_name(const char *);
 int	 sshkey_is_cert(const struct sshkey *);
 int	 sshkey_type_is_cert(int);
 int	 sshkey_type_plain(int);
-int	 sshkey_to_certified(struct sshkey *, int);
+int	 sshkey_to_certified(struct sshkey *);
 int	 sshkey_drop_cert(struct sshkey *);
 int	 sshkey_certify(struct sshkey *, struct sshkey *);
 int	 sshkey_cert_copy(const struct sshkey *, struct sshkey *);
 int	 sshkey_cert_check_authority(const struct sshkey *, int, int,
     const char *, const char **);
-int	 sshkey_cert_is_legacy(const struct sshkey *);
 
 int		 sshkey_ecdsa_nid_from_name(const char *);
 int		 sshkey_curve_name_to_nid(const char *);
diff --git a/crypto/openssh/sshpty.c b/crypto/openssh/sshpty.c
index 7bb7641..15da8c6 100644
--- a/crypto/openssh/sshpty.c
+++ b/crypto/openssh/sshpty.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshpty.c,v 1.29 2014/09/03 18:55:07 djm Exp $ */
+/* $OpenBSD: sshpty.c,v 1.30 2015/07/30 23:09:15 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -197,7 +197,7 @@ pty_setowner(struct passwd *pw, const char *tty)
 	/* Determine the group to make the owner of the tty. */
 	grp = getgrnam("tty");
 	gid = (grp != NULL) ? grp->gr_gid : pw->pw_gid;
-	mode = (grp != NULL) ? 0622 : 0600;
+	mode = (grp != NULL) ? 0620 : 0600;
 
 	/*
 	 * Change owner and mode of the tty as required.
diff --git a/crypto/openssh/version.h b/crypto/openssh/version.h
index 88e313b..eb4c3b1 100644
--- a/crypto/openssh/version.h
+++ b/crypto/openssh/version.h
@@ -1,12 +1,12 @@
-/* $OpenBSD: version.h,v 1.73 2015/07/01 01:55:13 djm Exp $ */
+/* $OpenBSD: version.h,v 1.75 2015/08/21 03:45:26 djm Exp $ */
 /* $FreeBSD$ */
 
-#define SSH_VERSION	"OpenSSH_6.9"
+#define SSH_VERSION	"OpenSSH_7.1"
 
-#define SSH_PORTABLE	"p1"
+#define SSH_PORTABLE	"p2"
 #define SSH_RELEASE	SSH_VERSION SSH_PORTABLE
 
-#define SSH_VERSION_FREEBSD	"FreeBSD-20160119"
+#define SSH_VERSION_FREEBSD	"FreeBSD-20160121"
 
 #ifdef WITH_OPENSSL
 #define OPENSSL_VERSION	SSLeay_version(SSLEAY_VERSION)
diff --git a/etc/mtree/BSD.include.dist b/etc/mtree/BSD.include.dist
index bb0b26d..88e80e6 100644
--- a/etc/mtree/BSD.include.dist
+++ b/etc/mtree/BSD.include.dist
@@ -270,6 +270,8 @@
         ..
     ..
     netinet
+        cc
+        ..
     ..
     netinet6
     ..
diff --git a/etc/rc.d/sshd b/etc/rc.d/sshd
index 9f74716..e6e28c7 100755
--- a/etc/rc.d/sshd
+++ b/etc/rc.d/sshd
@@ -20,9 +20,9 @@ configtest_cmd="sshd_configtest"
 pidfile="/var/run/${name}.pid"
 extra_commands="configtest keygen reload"
 
-: ${sshd_rsa1_enable:="yes"}
+: ${sshd_rsa1_enable:="no"}
 : ${sshd_rsa_enable:="yes"}
-: ${sshd_dsa_enable:="yes"}
+: ${sshd_dsa_enable:="no"}
 : ${sshd_ecdsa_enable:="yes"}
 : ${sshd_ed25519_enable:="yes"}
 
diff --git a/gnu/lib/libgcc/Makefile b/gnu/lib/libgcc/Makefile
index ec3c7f4..f3166e7 100644
--- a/gnu/lib/libgcc/Makefile
+++ b/gnu/lib/libgcc/Makefile
@@ -193,7 +193,12 @@ LIB2_DIVMOD_FUNCS:= ${LIB2_DIVMOD_FUNCS:S/${sym}//g}
 .endif
 
 COMMONHDRS=	tm.h tconfig.h options.h gthr-default.h
-.if ${MK_LLVM_LIBUNWIND} == no
+.if ${MK_LLVM_LIBUNWIND} != "no"
+# unwind.h is a generated file when MK_LLVM_LIBUNWIND == "no", and a stale
+# copy may be left behind in OBJDIR when switching, so remove it explicitly.
+beforebuild:
+	@rm -f ${.OBJDIR}/unwind.h
+.else
 COMMONHDRS+=	unwind.h
 .endif
 
diff --git a/gnu/lib/libreadline/readline/Makefile b/gnu/lib/libreadline/readline/Makefile
index 17c84ae..1947b3e 100644
--- a/gnu/lib/libreadline/readline/Makefile
+++ b/gnu/lib/libreadline/readline/Makefile
@@ -2,7 +2,7 @@
 
 LIB=    readline
 INTERNALLIB=	yes
-NO_MAN=	yes
+MAN=
 
 TILDESRC= tilde.c
 SRCS=     readline.c vi_mode.c funmap.c keymaps.c parens.c search.c \
diff --git a/include/Makefile b/include/Makefile
index c75de6e..8033de1 100644
--- a/include/Makefile
+++ b/include/Makefile
@@ -53,6 +53,7 @@ LSUBDIRS=	cam/ata cam/scsi \
 	geom/raid geom/raid3 geom/shsec geom/stripe geom/virstor \
 	net/altq \
 	netgraph/atm netgraph/netflow \
+	netinet/cc \
 	security/audit \
 	security/mac_biba security/mac_bsdextended security/mac_lomac \
 	security/mac_mls security/mac_partition \
diff --git a/lib/Makefile b/lib/Makefile
index efe07f7..6bc17fb 100644
--- a/lib/Makefile
+++ b/lib/Makefile
@@ -266,7 +266,8 @@ _libproc=	libproc
 _librtld_db=	librtld_db
 .endif
 
-.if ${MACHINE_CPUARCH} == "aarch64" || ${MACHINE_CPUARCH} == "arm"
+.if ${MACHINE_CPUARCH} == "aarch64" || ${MACHINE_CPUARCH} == "arm" || \
+    ${MACHINE_CPUARCH} == "riscv"
 _libproc=	libproc
 _librtld_db=	librtld_db
 .endif
diff --git a/lib/clang/clang.lib.mk b/lib/clang/clang.lib.mk
index ab3551e..dd026e7 100644
--- a/lib/clang/clang.lib.mk
+++ b/lib/clang/clang.lib.mk
@@ -7,7 +7,8 @@ LLVM_SRCS= ${.CURDIR}/../../../contrib/llvm
 INTERNALLIB=
 
 .if ${MACHINE_CPUARCH} == "arm"
-STATIC_CXXFLAGS+= -mlong-calls
+# This will need to be enabled to link clang 3.8
+#STATIC_CXXFLAGS+= -mlong-calls
 .endif
 
 .include <bsd.lib.mk>
diff --git a/lib/libc/gen/readpassphrase.c b/lib/libc/gen/readpassphrase.c
index 60051a1..0961fbb 100644
--- a/lib/libc/gen/readpassphrase.c
+++ b/lib/libc/gen/readpassphrase.c
@@ -46,7 +46,7 @@ char *
 readpassphrase(const char *prompt, char *buf, size_t bufsiz, int flags)
 {
 	ssize_t nr;
-	int input, output, save_errno, i, need_restart;
+	int input, output, save_errno, i, need_restart, input_is_tty;
 	char ch, *p, *end;
 	struct termios term, oterm;
 	struct sigaction sa, savealrm, saveint, savehup, savequit, saveterm;
@@ -68,12 +68,20 @@ restart:
 	 * Read and write to /dev/tty if available.  If not, read from
 	 * stdin and write to stderr unless a tty is required.
 	 */
-	if ((flags & RPP_STDIN) ||
-	    (input = output = _open(_PATH_TTY, O_RDWR | O_CLOEXEC)) == -1) {
-		if (flags & RPP_REQUIRE_TTY) {
-			errno = ENOTTY;
-			return(NULL);
+	input_is_tty = 0;
+	if (!(flags & RPP_STDIN)) {
+        	input = output = _open(_PATH_TTY, O_RDWR | O_CLOEXEC);
+		if (input == -1) {
+			if (flags & RPP_REQUIRE_TTY) {
+				errno = ENOTTY;
+				return(NULL);
+			}
+			input = STDIN_FILENO;
+			output = STDERR_FILENO;
+		} else {
+			input_is_tty = 1;
 		}
+	} else {
 		input = STDIN_FILENO;
 		output = STDERR_FILENO;
 	}
@@ -83,7 +91,7 @@ restart:
 	 * If we are using a tty but are not the foreground pgrp this will
 	 * generate SIGTTOU, so do it *before* installing the signal handlers.
 	 */
-	if (input != STDIN_FILENO && tcgetattr(input, &oterm) == 0) {
+	if (input_is_tty && tcgetattr(input, &oterm) == 0) {
 		memcpy(&term, &oterm, sizeof(term));
 		if (!(flags & RPP_ECHO_ON))
 			term.c_lflag &= ~(ECHO | ECHONL);
@@ -152,7 +160,7 @@ restart:
 	(void)__libc_sigaction(SIGTSTP, &savetstp, NULL);
 	(void)__libc_sigaction(SIGTTIN, &savettin, NULL);
 	(void)__libc_sigaction(SIGTTOU, &savettou, NULL);
-	if (input != STDIN_FILENO)
+	if (input_is_tty)
 		(void)_close(input);
 
 	/*
diff --git a/lib/libc/gen/sem_new.c b/lib/libc/gen/sem_new.c
index c5dc7e7..8fe027f 100644
--- a/lib/libc/gen/sem_new.c
+++ b/lib/libc/gen/sem_new.c
@@ -177,8 +177,10 @@ _sem_open(const char *name, int flags, ...)
 		if (ni->name != NULL && strcmp(name, ni->name) == 0) {
 			fd = _open(path, flags | O_RDWR | O_CLOEXEC |
 			    O_EXLOCK, mode);
-			if (fd == -1 || _fstat(fd, &sb) == -1)
+			if (fd == -1 || _fstat(fd, &sb) == -1) {
+				ni = NULL;
 				goto error;
+			}
 			if ((flags & (O_CREAT | O_EXCL)) == (O_CREAT |
 			    O_EXCL) || ni->dev != sb.st_dev ||
 			    ni->ino != sb.st_ino) {
diff --git a/lib/libc/gmon/gmon.c b/lib/libc/gmon/gmon.c
index eebce0a..6ca8f79 100644
--- a/lib/libc/gmon/gmon.c
+++ b/lib/libc/gmon/gmon.c
@@ -37,6 +37,7 @@ __FBSDID("$FreeBSD$");
 #include <sys/param.h>
 #include <sys/time.h>
 #include <sys/gmon.h>
+#include <sys/mman.h>
 #include <sys/sysctl.h>
 
 #include <err.h>
@@ -50,14 +51,6 @@ __FBSDID("$FreeBSD$");
 
 #include "libc_private.h"
 
-#if defined(__i386__) || defined(__sparc64__) || defined(__amd64__) || (defined(__powerpc__) && !defined(__powerpc64__))
-extern char *minbrk __asm (".minbrk");
-#elif defined(__powerpc64__)
-extern char *minbrk __asm ("_minbrk");
-#else
-extern char *minbrk __asm ("minbrk");
-#endif
-
 struct gmonparam _gmonparam = { GMON_PROF_OFF };
 
 static int	s_scale;
@@ -94,8 +87,9 @@ monstartup(u_long lowpc, u_long highpc)
 		p->tolimit = MAXARCS;
 	p->tossize = p->tolimit * sizeof(struct tostruct);
 
-	cp = sbrk(p->kcountsize + p->fromssize + p->tossize);
-	if (cp == (char *)-1) {
+	cp = mmap(NULL, p->kcountsize + p->fromssize + p->tossize,
+	    PROT_READ | PROT_WRITE, MAP_ANON, -1, 0);
+	if (cp == MAP_FAILED) {
 		ERR("monstartup: out of memory\n");
 		return;
 	}
@@ -108,7 +102,6 @@ monstartup(u_long lowpc, u_long highpc)
 	cp += p->kcountsize;
 	p->froms = (u_short *)cp;
 
-	minbrk = sbrk(0);
 	p->tos[0].link = 0;
 
 	o = p->highpc - p->lowpc;
diff --git a/lib/libc/mips/SYS.h b/lib/libc/mips/SYS.h
index 10205b8..ceb6812 100644
--- a/lib/libc/mips/SYS.h
+++ b/lib/libc/mips/SYS.h
@@ -100,13 +100,31 @@
  * Do a syscall that cannot fail (sync, get{p,u,g,eu,eg)id)
  */
 #define RSYSCALL_NOERROR(x)						\
-	PSEUDO_NOERROR(x)
+LEAF(__sys_ ## x);							\
+	.weak _C_LABEL(x);						\
+	_C_LABEL(x) = _C_LABEL(__CONCAT(__sys_,x));			\
+	.weak _C_LABEL(__CONCAT(_,x));					\
+	_C_LABEL(__CONCAT(_,x)) = _C_LABEL(__CONCAT(__sys_,x));		\
+	SYSTRAP(x);							\
+	j ra;								\
+END(__sys_ ## x)
 
 /*
  * Do a normal syscall.
  */
 #define RSYSCALL(x)							\
-	PSEUDO(x)
+LEAF(__sys_ ## x);							\
+	.weak _C_LABEL(x);						\
+	_C_LABEL(x) = _C_LABEL(__CONCAT(__sys_,x));			\
+	.weak _C_LABEL(__CONCAT(_,x));					\
+	_C_LABEL(__CONCAT(_,x)) = _C_LABEL(__CONCAT(__sys_,x));		\
+	PIC_PROLOGUE(__sys_ ## x);					\
+	SYSTRAP(x);							\
+	bne a3,zero,err;						\
+	PIC_RETURN();							\
+err:									\
+	PIC_TAILCALL(__cerror);						\
+END(__sys_ ## x)
 
 /*
  * Do a renamed or pseudo syscall (e.g., _exit()), where the entrypoint
@@ -114,18 +132,14 @@
  */
 #define PSEUDO_NOERROR(x)						\
 LEAF(__sys_ ## x);							\
-	.weak _C_LABEL(x);						\
-	_C_LABEL(x) = _C_LABEL(__CONCAT(__sys_,x));			\
 	.weak _C_LABEL(__CONCAT(_,x));					\
 	_C_LABEL(__CONCAT(_,x)) = _C_LABEL(__CONCAT(__sys_,x));		\
 	SYSTRAP(x);							\
 	j ra;								\
-	END(__sys_ ## x)
+END(__sys_ ## x)
 
 #define PSEUDO(x)							\
 LEAF(__sys_ ## x);							\
-	.weak _C_LABEL(x);						\
-	_C_LABEL(x) = _C_LABEL(__CONCAT(__sys_,x));			\
 	.weak _C_LABEL(__CONCAT(_,x));					\
 	_C_LABEL(__CONCAT(_,x)) = _C_LABEL(__CONCAT(__sys_,x));		\
 	PIC_PROLOGUE(__sys_ ## x);					\
diff --git a/lib/libc/net/sctp_sys_calls.c b/lib/libc/net/sctp_sys_calls.c
index f07aa43..dcbcee7 100644
--- a/lib/libc/net/sctp_sys_calls.c
+++ b/lib/libc/net/sctp_sys_calls.c
@@ -700,14 +700,19 @@ sctp_sendx(int sd, const void *msg, size_t msg_len,
 #ifdef SYS_sctp_generic_sendmsg
 	if (addrcnt == 1) {
 		socklen_t l;
+		ssize_t ret;
 
 		/*
 		 * Quick way, we don't need to do a connectx so lets use the
 		 * syscall directly.
 		 */
 		l = addrs->sa_len;
-		return (syscall(SYS_sctp_generic_sendmsg, sd,
-		    msg, msg_len, addrs, l, sinfo, flags));
+		ret = syscall(SYS_sctp_generic_sendmsg, sd,
+		    msg, msg_len, addrs, l, sinfo, flags);
+		if ((ret >= 0) && (sinfo != NULL)) {
+			sinfo->sinfo_assoc_id = sctp_getassocid(sd, addrs);
+		}
+		return (ret);
 	}
 #endif
 
@@ -984,6 +989,7 @@ sctp_sendv(int sd,
 	struct sockaddr *addr;
 	struct sockaddr_in *addr_in;
 	struct sockaddr_in6 *addr_in6;
+	sctp_assoc_t *assoc_id;
 
 	if ((addrcnt < 0) ||
 	    (iovcnt < 0) ||
@@ -1002,6 +1008,7 @@ sctp_sendv(int sd,
 		errno = ENOMEM;
 		return (-1);
 	}
+	assoc_id = NULL;
 	msg.msg_control = cmsgbuf;
 	msg.msg_controllen = 0;
 	cmsg = (struct cmsghdr *)cmsgbuf;
@@ -1025,6 +1032,7 @@ sctp_sendv(int sd,
 		memcpy(CMSG_DATA(cmsg), info, sizeof(struct sctp_sndinfo));
 		msg.msg_controllen += CMSG_SPACE(sizeof(struct sctp_sndinfo));
 		cmsg = (struct cmsghdr *)((caddr_t)cmsg + CMSG_SPACE(sizeof(struct sctp_sndinfo)));
+		assoc_id = &(((struct sctp_sndinfo *)info)->snd_assoc_id);
 		break;
 	case SCTP_SENDV_PRINFO:
 		if ((info == NULL) || (infolen < sizeof(struct sctp_prinfo))) {
@@ -1066,6 +1074,7 @@ sctp_sendv(int sd,
 			memcpy(CMSG_DATA(cmsg), &spa_info->sendv_sndinfo, sizeof(struct sctp_sndinfo));
 			msg.msg_controllen += CMSG_SPACE(sizeof(struct sctp_sndinfo));
 			cmsg = (struct cmsghdr *)((caddr_t)cmsg + CMSG_SPACE(sizeof(struct sctp_sndinfo)));
+			assoc_id = &(spa_info->sendv_sndinfo.snd_assoc_id);
 		}
 		if (spa_info->sendv_flags & SCTP_SEND_PRINFO_VALID) {
 			cmsg->cmsg_level = IPPROTO_SCTP;
@@ -1164,6 +1173,9 @@ sctp_sendv(int sd,
 	msg.msg_flags = 0;
 	ret = sendmsg(sd, &msg, flags);
 	free(cmsgbuf);
+	if ((ret >= 0) && (addrs != NULL) && (assoc_id != NULL)) {
+		*assoc_id = sctp_getassocid(sd, addrs);
+	}
 	return (ret);
 }
 
diff --git a/lib/libc/stdlib/jemalloc/Makefile.inc b/lib/libc/stdlib/jemalloc/Makefile.inc
index a04ccf2..f322f98 100644
--- a/lib/libc/stdlib/jemalloc/Makefile.inc
+++ b/lib/libc/stdlib/jemalloc/Makefile.inc
@@ -20,7 +20,7 @@ jemalloc_${src}: ${LIBC_SRCTOP}/../../contrib/jemalloc/src/${src} .NOMETA
 
 MAN+=jemalloc.3
 CLEANFILES+=jemalloc.3
-jemalloc.3: ${LIBC_SRCTOP}/../../contrib/jemalloc/doc/jemalloc.3
+jemalloc.3: ${LIBC_SRCTOP}/../../contrib/jemalloc/doc/jemalloc.3 .NOMETA
 	ln -sf ${.ALLSRC} ${.TARGET}
 
 MLINKS+= \
diff --git a/lib/libc/string/strtok.3 b/lib/libc/string/strtok.3
index 78c2265..837064b 100644
--- a/lib/libc/string/strtok.3
+++ b/lib/libc/string/strtok.3
@@ -44,7 +44,7 @@
 .\"     @(#)strtok.3	8.2 (Berkeley) 2/3/94
 .\" $FreeBSD$
 .\"
-.Dd November 27, 1998
+.Dd January 22, 2016
 .Dt STRTOK 3
 .Os
 .Sh NAME
@@ -149,6 +149,11 @@ The
 function
 conforms to
 .St -isoC .
+The
+.Fn strtok_r
+function
+conforms to
+.St -p1003.1-2001 .
 .Sh AUTHORS
 .An Wes Peters Aq Mt wes@softweyr.com ,
 Softweyr LLC
diff --git a/lib/libelftc/Makefile b/lib/libelftc/Makefile
index ccae1a5..ed5c02a 100644
--- a/lib/libelftc/Makefile
+++ b/lib/libelftc/Makefile
@@ -25,6 +25,6 @@ SRCS=	elftc_bfdtarget.c                       \
 INCS=	libelftc.h
 CFLAGS+=-I${ELFTCDIR}/libelftc -I${ELFTCDIR}/common
 
-NO_MAN=	yes
+MAN=
 
 .include <bsd.lib.mk>
diff --git a/lib/libproc/proc_bkpt.c b/lib/libproc/proc_bkpt.c
index f0ff5c5..4a100cb 100644
--- a/lib/libproc/proc_bkpt.c
+++ b/lib/libproc/proc_bkpt.c
@@ -61,6 +61,9 @@ __FBSDID("$FreeBSD$");
 #elif defined(__powerpc__)
 #define	BREAKPOINT_INSTR	0x7fe00008	/* trap */
 #define	BREAKPOINT_INSTR_SZ	4
+#elif defined(__riscv__)
+#define	BREAKPOINT_INSTR	0x00100073	/* sbreak */
+#define	BREAKPOINT_INSTR_SZ	4
 #else
 #error "Add support for your architecture"
 #endif
diff --git a/lib/libproc/proc_regs.c b/lib/libproc/proc_regs.c
index aae43ba..745fa09 100644
--- a/lib/libproc/proc_regs.c
+++ b/lib/libproc/proc_regs.c
@@ -66,6 +66,8 @@ proc_regget(struct proc_handle *phdl, proc_reg_t reg, unsigned long *regvalue)
 		*regvalue = regs.r_regs[PC];
 #elif defined(__powerpc__)
 		*regvalue = regs.pc;
+#elif defined(__riscv__)
+		*regvalue = regs.sepc;
 #endif
 		break;
 	case REG_SP:
@@ -81,6 +83,8 @@ proc_regget(struct proc_handle *phdl, proc_reg_t reg, unsigned long *regvalue)
 		*regvalue = regs.r_regs[SP];
 #elif defined(__powerpc__)
 		*regvalue = regs.fixreg[1];
+#elif defined(__riscv__)
+		*regvalue = regs.sp;
 #endif
 		break;
 	default:
@@ -117,6 +121,8 @@ proc_regset(struct proc_handle *phdl, proc_reg_t reg, unsigned long regvalue)
 		regs.r_regs[PC] = regvalue;
 #elif defined(__powerpc__)
 		regs.pc = regvalue;
+#elif defined(__riscv__)
+		regs.sepc = regvalue;
 #endif
 		break;
 	case REG_SP:
@@ -132,6 +138,8 @@ proc_regset(struct proc_handle *phdl, proc_reg_t reg, unsigned long regvalue)
 		regs.r_regs[PC] = regvalue;
 #elif defined(__powerpc__)
 		regs.fixreg[1] = regvalue;
+#elif defined(__riscv__)
+		regs.sp = regvalue;
 #endif
 		break;
 	default:
diff --git a/libexec/rtld-elf/riscv/rtld_machdep.h b/libexec/rtld-elf/riscv/rtld_machdep.h
index aa37000..660787f 100644
--- a/libexec/rtld-elf/riscv/rtld_machdep.h
+++ b/libexec/rtld-elf/riscv/rtld_machdep.h
@@ -108,4 +108,6 @@ extern void *__tls_get_addr(tls_index* ti);
 #define	RTLD_DEFAULT_STACK_PF_EXEC	PF_X
 #define	RTLD_DEFAULT_STACK_EXEC		PROT_EXEC
 
+#define	md_abi_variant_hook(x)
+
 #endif
diff --git a/libexec/rtld-elf/rtld.c b/libexec/rtld-elf/rtld.c
index 06690ff..863fe25 100644
--- a/libexec/rtld-elf/rtld.c
+++ b/libexec/rtld-elf/rtld.c
@@ -2016,7 +2016,7 @@ initlist_add_neededs(Needed_Entry *needed, Objlist *list)
 
     /* Process the current needed object. */
     if (needed->obj != NULL)
-	initlist_add_objects(needed->obj, globallist_next(needed->obj), list);
+	initlist_add_objects(needed->obj, needed->obj, list);
 }
 
 /*
@@ -2039,7 +2039,7 @@ initlist_add_objects(Obj_Entry *obj, Obj_Entry *tail, Objlist *list)
 
     /* Recursively process the successor objects. */
     nobj = globallist_next(obj);
-    if (nobj != NULL && nobj != tail)
+    if (nobj != NULL && obj != tail)
 	initlist_add_objects(nobj, tail, list);
 
     /* Recursively process the needed objects. */
@@ -3140,7 +3140,7 @@ dlopen_object(const char *name, int fd, Obj_Entry *refobj, int lo_flags,
 		 */
 	    } else {
 		/* Make list of init functions to call. */
-		initlist_add_objects(obj, globallist_next(obj), &initlist);
+		initlist_add_objects(obj, obj, &initlist);
 	    }
 	    /*
 	     * Process all no_delete or global objects here, given
diff --git a/sbin/ifconfig/iflagg.c b/sbin/ifconfig/iflagg.c
index 97b42e3..cbf58f7 100644
--- a/sbin/ifconfig/iflagg.c
+++ b/sbin/ifconfig/iflagg.c
@@ -100,6 +100,19 @@ setlaggflowidshift(const char *val, int d, int s, const struct afswtch *afp)
 }
 
 static void
+setlaggrr_limit(const char *val, int d, int s, const struct afswtch *afp)
+{
+	struct lagg_reqopts ro;
+	
+	bzero(&ro, sizeof(ro));
+	strlcpy(ro.ro_ifname, name, sizeof(ro.ro_ifname));
+	ro.ro_bkt = (int)strtol(val, NULL, 10);
+
+	if (ioctl(s, SIOCSLAGGOPTS, &ro) != 0)
+		err(1, "SIOCSLAGG");
+}
+
+static void
 setlaggsetopt(const char *val, int d, int s, const struct afswtch *afp)
 {
 	struct lagg_reqopts ro;
@@ -252,6 +265,8 @@ lagg_status(int s)
 			printb("\t\tflags", ro.ro_opts, LAGG_OPT_BITS);
 			putchar('\n');
 			printf("\t\tflowid_shift: %d\n", ro.ro_flowid_shift);
+			if (ra.ra_proto == LAGG_PROTO_ROUNDROBIN)
+				printf("\t\trr_limit: %d\n", ro.ro_bkt);
 			printf("\tlagg statistics:\n");
 			printf("\t\tactive ports: %d\n", ro.ro_active);
 			printf("\t\tflapping: %u\n", ro.ro_flapping);
@@ -298,6 +313,7 @@ static struct cmd lagg_cmds[] = {
 	DEF_CMD("lacp_fast_timeout",	LAGG_OPT_LACP_TIMEOUT,	setlaggsetopt),
 	DEF_CMD("-lacp_fast_timeout",	-LAGG_OPT_LACP_TIMEOUT,	setlaggsetopt),
 	DEF_CMD_ARG("flowid_shift",	setlaggflowidshift),
+	DEF_CMD_ARG("rr_limit",		setlaggrr_limit),
 };
 static struct afswtch af_lagg = {
 	.af_name	= "af_lagg",
diff --git a/sbin/kldstat/Makefile b/sbin/kldstat/Makefile
index e4145d7..4bf022e 100644
--- a/sbin/kldstat/Makefile
+++ b/sbin/kldstat/Makefile
@@ -29,4 +29,6 @@
 PROG=	kldstat
 MAN=	kldstat.8
 
+LIBADD=	util
+
 .include <bsd.prog.mk>
diff --git a/sbin/kldstat/kldstat.8 b/sbin/kldstat/kldstat.8
index b892ef6..2ea9ca4 100644
--- a/sbin/kldstat/kldstat.8
+++ b/sbin/kldstat/kldstat.8
@@ -25,7 +25,7 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd January 22, 2014
+.Dd January 19, 2016
 .Dt KLDSTAT 8
 .Os
 .Sh NAME
@@ -33,6 +33,7 @@
 .Nd display status of dynamic kernel linker
 .Sh SYNOPSIS
 .Nm
+.Op Fl h
 .Op Fl q
 .Op Fl v
 .Op Fl i Ar id
@@ -48,6 +49,9 @@ kernel.
 .Pp
 The following options are available:
 .Bl -tag -width indentXX
+.It Fl h
+Display the size field in a human-readable form, using unit suffixes
+instead of hex values.
 .It Fl v
 Be more verbose.
 .It Fl i Ar id
diff --git a/sbin/kldstat/kldstat.c b/sbin/kldstat/kldstat.c
index 8785c00..c48024f 100644
--- a/sbin/kldstat/kldstat.c
+++ b/sbin/kldstat/kldstat.c
@@ -28,6 +28,7 @@
 __FBSDID("$FreeBSD$");
 
 #include <err.h>
+#include <libutil.h>
 #include <stdio.h>
 #include <stdlib.h>
 #include <unistd.h>
@@ -51,18 +52,27 @@ printmod(int modid)
 }
 
 static void
-printfile(int fileid, int verbose)
+printfile(int fileid, int verbose, int humanized)
 {
     struct kld_file_stat stat;
     int modid;
+    char buf[5];
 
     stat.version = sizeof(struct kld_file_stat);
-    if (kldstat(fileid, &stat) < 0)
+    if (kldstat(fileid, &stat) < 0) {
 	err(1, "can't stat file id %d", fileid);
-    else
-	printf("%2d %4d %p %-8zx %s",
-	       stat.id, stat.refs, stat.address, stat.size, 
-	       stat.name);
+    } else {
+	if (humanized) {
+	       humanize_number(buf, sizeof(buf), stat.size,
+	           "", HN_AUTOSCALE, HN_DECIMAL | HN_NOSPACE);
+
+	       printf("%2d %4d %p %5s %s",
+	           stat.id, stat.refs, stat.address, buf, stat.name);
+	} else {
+		printf("%2d %4d %p %-8zx %s",
+		    stat.id, stat.refs, stat.address, stat.size, stat.name);
+	}
+    }
 
     if (verbose) {
 	printf(" (%s)\n", stat.pathname);
@@ -78,7 +88,7 @@ printfile(int fileid, int verbose)
 static void
 usage(void)
 {
-    fprintf(stderr, "usage: kldstat [-q] [-v] [-i id] [-n filename]\n");
+    fprintf(stderr, "usage: kldstat [-h] [-q] [-v] [-i id] [-n filename]\n");
     fprintf(stderr, "       kldstat [-q] [-m modname]\n");
     exit(1);
 }
@@ -87,6 +97,7 @@ int
 main(int argc, char** argv)
 {
     int c;
+    int humanized = 0;
     int verbose = 0;
     int fileid = 0;
     int quiet = 0;
@@ -94,8 +105,11 @@ main(int argc, char** argv)
     char* modname = NULL;
     char* p;
 
-    while ((c = getopt(argc, argv, "i:m:n:qv")) != -1)
+    while ((c = getopt(argc, argv, "hi:m:n:qv")) != -1)
 	switch (c) {
+	case 'h':
+	    humanized = 1;
+	    break;
 	case 'i':
 	    fileid = (int)strtoul(optarg, &p, 10);
 	    if (*p != '\0')
@@ -155,12 +169,15 @@ main(int argc, char** argv)
 	}
     }
 
-    printf("Id Refs Address%*c Size     Name\n", POINTER_WIDTH - 7, ' ');
+    if (humanized)
+	    printf("Id Refs Address%*c  Size Name\n", POINTER_WIDTH - 7, ' ');
+    else
+	    printf("Id Refs Address%*c Size     Name\n", POINTER_WIDTH - 7, ' ');
     if (fileid != 0)
-	printfile(fileid, verbose);
+	printfile(fileid, verbose, humanized);
     else
 	for (fileid = kldnext(0); fileid > 0; fileid = kldnext(fileid))
-	    printfile(fileid, verbose);
+	    printfile(fileid, verbose, humanized);
 
     return 0;
 }
diff --git a/secure/lib/libssh/Makefile b/secure/lib/libssh/Makefile
index fa58675..35e291b 100644
--- a/secure/lib/libssh/Makefile
+++ b/secure/lib/libssh/Makefile
@@ -30,8 +30,8 @@ PACKAGE=	ssh
 
 # Portability layer
 SRCS+=	bcrypt_pbkdf.c blowfish.c bsd-misc.c explicit_bzero.c fmt_scaled.c \
-	glob.c openssl-compat.c port-tun.c strtonum.c timingsafe_bcmp.c \
-	vis.c xcrypt.c xmmap.c
+	glob.c openssl-compat.c port-tun.c realpath.c strtonum.c \
+	timingsafe_bcmp.c vis.c xcrypt.c xmmap.c
 
 .if ${MK_LDNS} == "no"
 SRCS+=	getrrsetbyname.c
diff --git a/share/dtrace/Makefile b/share/dtrace/Makefile
index a4bb4e6..83bc48e 100644
--- a/share/dtrace/Makefile
+++ b/share/dtrace/Makefile
@@ -22,7 +22,10 @@ SCRIPTS=	blocking \
 		tcpconn \
 		tcpstate \
 		tcptrack \
-		udptrack
+		udptrack \
+		watch_execve \
+		watch_kill \
+		watch_vop_remove
 
 SCRIPTSDIR= ${SHAREDIR}/dtrace
 
diff --git a/share/dtrace/watch_execve b/share/dtrace/watch_execve
new file mode 100755
index 0000000..1817d4b
--- /dev/null
+++ b/share/dtrace/watch_execve
@@ -0,0 +1,227 @@
+#!/usr/sbin/dtrace -s
+/* -
+ * Copyright (c) 2014 Devin Teske <dteske@FreeBSD.org>
+ * All rights reserved.
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * $Title: dtrace(1) script to log process(es) entering syscall::execve $
+ * $FreeBSD$
+ */
+
+#pragma D option quiet
+#pragma D option dynvarsize=16m
+#pragma D option switchrate=10hz
+
+/*********************************************************/
+
+syscall::execve:entry /* probe ID 1 */
+{
+	this->caller_execname = execname;
+}
+
+/*********************************************************/
+
+syscall::execve:return /execname != this->caller_execname/ /* probe ID 2 */
+{
+	/*
+	 * Examine process, parent process, and grandparent process details
+	 */
+
+	/******************* CURPROC *******************/
+
+	this->proc = curthread->td_proc;
+	this->pid0 = this->proc->p_pid;
+	this->uid0 = this->proc->p_ucred->cr_uid;
+	this->gid0 = this->proc->p_ucred->cr_rgid;
+	this->p_args = this->proc->p_args;
+	this->ar_length = this->p_args ? this->p_args->ar_length : 0;
+	this->ar_args = (char *)(this->p_args ? this->p_args->ar_args : 0);
+
+	this->arg0_0 = this->ar_length > 0 ?
+		this->ar_args : stringof(this->proc->p_comm);
+	this->len = this->ar_length > 0 ? strlen(this->ar_args) + 1 : 0;
+	this->ar_args += this->len;
+	this->ar_length -= this->len;
+
+	this->arg0_1 = this->ar_length > 0 ? this->ar_args : "";
+	this->len = this->ar_length > 0 ? strlen(this->ar_args) + 1 : 0;
+	this->ar_args += this->len;
+	this->ar_length -= this->len;
+
+	this->arg0_2 = this->ar_length > 0 ? this->ar_args : "";
+	this->len = this->ar_length > 0 ? strlen(this->ar_args) + 1 : 0;
+	this->ar_args += this->len;
+	this->ar_length -= this->len;
+
+	this->arg0_3 = this->ar_length > 0 ? this->ar_args : "";
+	this->len = this->ar_length > 0 ? strlen(this->ar_args) + 1 : 0;
+	this->ar_args += this->len;
+	this->ar_length -= this->len;
+
+	this->arg0_4 = this->ar_length > 0 ? "..." : "";
+
+	/******************* PPARENT *******************/
+
+	this->proc = this->proc->p_pptr;
+	this->pid1 = this->proc->p_pid;
+	this->uid1 = this->proc->p_ucred->cr_uid;
+	this->gid1 = this->proc->p_ucred->cr_rgid;
+	this->p_args = this->proc ? this->proc->p_args : 0;
+	this->ar_length = this->p_args ? this->p_args->ar_length : 0;
+	this->ar_args = (char *)(this->p_args ? this->p_args->ar_args : 0);
+
+	this->arg1_0 = this->ar_length > 0 ?
+		this->ar_args : stringof(this->proc->p_comm);
+	this->len = this->ar_length > 0 ? strlen(this->ar_args) + 1 : 0;
+	this->ar_args += this->len;
+	this->ar_length -= this->len;
+
+	this->arg1_1 = this->ar_length > 0 ? this->ar_args : "";
+	this->len = this->ar_length > 0 ? strlen(this->ar_args) + 1 : 0;
+	this->ar_args += this->len;
+	this->ar_length -= this->len;
+
+	this->arg1_2 = this->ar_length > 0 ? this->ar_args : "";
+	this->len = this->ar_length > 0 ? strlen(this->ar_args) + 1 : 0;
+	this->ar_args += this->len;
+	this->ar_length -= this->len;
+
+	this->arg1_3 = this->ar_length > 0 ? this->ar_args : "";
+	this->len = this->ar_length > 0 ? strlen(this->ar_args) + 1 : 0;
+	this->ar_args += this->len;
+	this->ar_length -= this->len;
+
+	this->arg1_4 = this->ar_length > 0 ? "..." : "";
+
+	/******************* GPARENT *******************/
+
+	this->proc = this->proc->p_pptr;
+	this->pid2 = this->proc->p_pid;
+	this->uid2 = this->proc->p_ucred->cr_uid;
+	this->gid2 = this->proc->p_ucred->cr_rgid;
+	this->p_args = this->proc ? this->proc->p_args : 0;
+	this->ar_length = this->p_args ? this->p_args->ar_length : 0;
+	this->ar_args = (char *)(this->p_args ? this->p_args->ar_args : 0);
+
+	this->arg2_0 = this->ar_length > 0 ?
+		this->ar_args : stringof(this->proc->p_comm);
+	this->len = this->ar_length > 0 ? strlen(this->ar_args) + 1 : 0;
+	this->ar_args += this->len;
+	this->ar_length -= this->len;
+
+	this->arg2_1 = this->ar_length > 0 ? this->ar_args : "";
+	this->len = this->ar_length > 0 ? strlen(this->ar_args) + 1 : 0;
+	this->ar_args += this->len;
+	this->ar_length -= this->len;
+
+	this->arg2_2 = this->ar_length > 0 ? this->ar_args : "";
+	this->len = this->ar_length > 0 ? strlen(this->ar_args) + 1 : 0;
+	this->ar_args += this->len;
+	this->ar_length -= this->len;
+
+	this->arg2_3 = this->ar_length > 0 ? this->ar_args : "";
+	this->len = this->ar_length > 0 ? strlen(this->ar_args) + 1 : 0;
+	this->ar_args += this->len;
+	this->ar_length -= this->len;
+
+	this->arg2_4 = this->ar_length > 0 ? "..." : "";
+
+	/******************* APARENT *******************/
+
+	this->proc = this->proc->p_pptr;
+	this->pid3 = this->proc->p_pid;
+	this->uid3 = this->proc->p_ucred->cr_uid;
+	this->gid3 = this->proc->p_ucred->cr_rgid;
+	this->p_args = this->proc ? this->proc->p_args : 0;
+	this->ar_length = this->p_args ? this->p_args->ar_length : 0;
+	this->ar_args = (char *)(this->p_args ? this->p_args->ar_args : 0);
+
+	this->arg3_0 = this->ar_length > 0 ?
+		this->ar_args : stringof(this->proc->p_comm);
+	this->len = this->ar_length > 0 ? strlen(this->ar_args) + 1 : 0;
+	this->ar_args += this->len;
+	this->ar_length -= this->len;
+
+	this->arg3_1 = this->ar_length > 0 ? this->ar_args : "";
+	this->len = this->ar_length > 0 ? strlen(this->ar_args) + 1 : 0;
+	this->ar_args += this->len;
+	this->ar_length -= this->len;
+
+	this->arg3_2 = this->ar_length > 0 ? this->ar_args : "";
+	this->len = this->ar_length > 0 ? strlen(this->ar_args) + 1 : 0;
+	this->ar_args += this->len;
+	this->ar_length -= this->len;
+
+	this->arg3_3 = this->ar_length > 0 ? this->ar_args : "";
+	this->len = this->ar_length > 0 ? strlen(this->ar_args) + 1 : 0;
+	this->ar_args += this->len;
+	this->ar_length -= this->len;
+
+	this->arg3_4 = this->ar_length > 0 ? "..." : "";
+
+	/***********************************************/
+
+	/*
+	 * Print process, parent, and grandparent details
+	 */
+
+	printf("%Y %s[%d]: ", timestamp + 1406598400000000000,
+		this->caller_execname, this->pid1);
+	printf("%s", this->arg0_0);
+	printf("%s%s", this->arg0_1 != "" ? " " : "", this->arg0_1);
+	printf("%s%s", this->arg0_2 != "" ? " " : "", this->arg0_2);
+	printf("%s%s", this->arg0_3 != "" ? " " : "", this->arg0_3);
+	printf("%s%s", this->arg0_4 != "" ? " " : "", this->arg0_4);
+	printf("\n");
+
+	printf(" -+= %05d %d.%d %s",
+		this->pid3, this->uid3, this->gid3, this->arg3_0);
+	printf("%s%s", this->arg3_1 != "" ? " " : "", this->arg3_1);
+	printf("%s%s", this->arg3_2 != "" ? " " : "", this->arg3_2);
+	printf("%s%s", this->arg3_3 != "" ? " " : "", this->arg3_3);
+	printf("%s%s", this->arg3_4 != "" ? " " : "", this->arg3_4);
+	printf("%s", this->arg3_0 != "" ? "\n" : "");
+
+	printf("  \-+= %05d %d.%d %s",
+		this->pid2, this->uid2, this->gid2, this->arg2_0);
+	printf("%s%s", this->arg2_1 != "" ? " " : "", this->arg2_1);
+	printf("%s%s", this->arg2_2 != "" ? " " : "", this->arg2_2);
+	printf("%s%s", this->arg2_3 != "" ? " " : "", this->arg2_3);
+	printf("%s%s", this->arg2_4 != "" ? " " : "", this->arg2_4);
+	printf("%s", this->arg2_0 != "" ? "\n" : "");
+
+	printf("    \-+= %05d %d.%d %s",
+		this->pid1, this->uid1, this->gid1, this->arg1_0);
+	printf("%s%s", this->arg1_1 != "" ? " " : "", this->arg1_1);
+	printf("%s%s", this->arg1_2 != "" ? " " : "", this->arg1_2);
+	printf("%s%s", this->arg1_3 != "" ? " " : "", this->arg1_3);
+	printf("%s%s", this->arg1_4 != "" ? " " : "", this->arg1_4);
+	printf("%s", this->arg1_0 != "" ? "\n" : "");
+
+	printf("      \-+= %05d %d.%d %s",
+		this->pid0, this->uid0, this->gid0, this->arg0_0);
+	printf("%s%s", this->arg0_1 != "" ? " " : "", this->arg0_1);
+	printf("%s%s", this->arg0_2 != "" ? " " : "", this->arg0_2);
+	printf("%s%s", this->arg0_3 != "" ? " " : "", this->arg0_3);
+	printf("%s%s", this->arg0_4 != "" ? " " : "", this->arg0_4);
+	printf("%s", this->arg0_0 != "" ? "\n" : "");
+}
diff --git a/share/dtrace/watch_kill b/share/dtrace/watch_kill
new file mode 100755
index 0000000..46f3cd8
--- /dev/null
+++ b/share/dtrace/watch_kill
@@ -0,0 +1,232 @@
+#!/usr/sbin/dtrace -s
+/* -
+ * Copyright (c) 2014-2016 Devin Teske <dteske@FreeBSD.org>
+ * All rights reserved.
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * $Title: dtrace(1) script to log process(es) entering syscall::kill $
+ * $FreeBSD$
+ */
+
+#pragma D option quiet
+#pragma D option dynvarsize=16m
+#pragma D option switchrate=10hz
+
+/*********************************************************/
+
+syscall::execve:entry /* probe ID 1 */
+{
+	this->caller_execname = execname;
+}
+
+/*********************************************************/
+
+syscall::kill:entry /* probe ID 2 */
+{
+	this->pid_to_kill = (pid_t)arg0;
+	this->kill_signal = (int)arg1;
+
+	/*
+	 * Examine process, parent process, and grandparent process details
+	 */
+
+	/******************* CURPROC *******************/
+
+	this->proc = curthread->td_proc;
+	this->pid0 = this->proc->p_pid;
+	this->uid0 = this->proc->p_ucred->cr_uid;
+	this->gid0 = this->proc->p_ucred->cr_rgid;
+	this->p_args = this->proc->p_args;
+	this->ar_length = this->p_args ? this->p_args->ar_length : 0;
+	this->ar_args = (char *)(this->p_args ? this->p_args->ar_args : 0);
+
+	this->arg0_0 = this->ar_length > 0 ?
+		this->ar_args : stringof(this->proc->p_comm);
+	this->len = this->ar_length > 0 ? strlen(this->ar_args) + 1 : 0;
+	this->ar_args += this->len;
+	this->ar_length -= this->len;
+
+	this->arg0_1 = this->ar_length > 0 ? this->ar_args : "";
+	this->len = this->ar_length > 0 ? strlen(this->ar_args) + 1 : 0;
+	this->ar_args += this->len;
+	this->ar_length -= this->len;
+
+	this->arg0_2 = this->ar_length > 0 ? this->ar_args : "";
+	this->len = this->ar_length > 0 ? strlen(this->ar_args) + 1 : 0;
+	this->ar_args += this->len;
+	this->ar_length -= this->len;
+
+	this->arg0_3 = this->ar_length > 0 ? this->ar_args : "";
+	this->len = this->ar_length > 0 ? strlen(this->ar_args) + 1 : 0;
+	this->ar_args += this->len;
+	this->ar_length -= this->len;
+
+	this->arg0_4 = this->ar_length > 0 ? "..." : "";
+
+	/******************* PPARENT *******************/
+
+	this->proc = this->proc->p_pptr;
+	this->pid1 = this->proc->p_pid;
+	this->uid1 = this->proc->p_ucred->cr_uid;
+	this->gid1 = this->proc->p_ucred->cr_rgid;
+	this->p_args = this->proc ? this->proc->p_args : 0;
+	this->ar_length = this->p_args ? this->p_args->ar_length : 0;
+	this->ar_args = (char *)(this->p_args ? this->p_args->ar_args : 0);
+
+	this->arg1_0 = this->ar_length > 0 ?
+		this->ar_args : stringof(this->proc->p_comm);
+	this->len = this->ar_length > 0 ? strlen(this->ar_args) + 1 : 0;
+	this->ar_args += this->len;
+	this->ar_length -= this->len;
+
+	this->arg1_1 = this->ar_length > 0 ? this->ar_args : "";
+	this->len = this->ar_length > 0 ? strlen(this->ar_args) + 1 : 0;
+	this->ar_args += this->len;
+	this->ar_length -= this->len;
+
+	this->arg1_2 = this->ar_length > 0 ? this->ar_args : "";
+	this->len = this->ar_length > 0 ? strlen(this->ar_args) + 1 : 0;
+	this->ar_args += this->len;
+	this->ar_length -= this->len;
+
+	this->arg1_3 = this->ar_length > 0 ? this->ar_args : "";
+	this->len = this->ar_length > 0 ? strlen(this->ar_args) + 1 : 0;
+	this->ar_args += this->len;
+	this->ar_length -= this->len;
+
+	this->arg1_4 = this->ar_length > 0 ? "..." : "";
+
+	/******************* GPARENT *******************/
+
+	this->proc = this->proc->p_pptr;
+	this->pid2 = this->proc->p_pid;
+	this->uid2 = this->proc->p_ucred->cr_uid;
+	this->gid2 = this->proc->p_ucred->cr_rgid;
+	this->p_args = this->proc ? this->proc->p_args : 0;
+	this->ar_length = this->p_args ? this->p_args->ar_length : 0;
+	this->ar_args = (char *)(this->p_args ? this->p_args->ar_args : 0);
+
+	this->arg2_0 = this->ar_length > 0 ?
+		this->ar_args : stringof(this->proc->p_comm);
+	this->len = this->ar_length > 0 ? strlen(this->ar_args) + 1 : 0;
+	this->ar_args += this->len;
+	this->ar_length -= this->len;
+
+	this->arg2_1 = this->ar_length > 0 ? this->ar_args : "";
+	this->len = this->ar_length > 0 ? strlen(this->ar_args) + 1 : 0;
+	this->ar_args += this->len;
+	this->ar_length -= this->len;
+
+	this->arg2_2 = this->ar_length > 0 ? this->ar_args : "";
+	this->len = this->ar_length > 0 ? strlen(this->ar_args) + 1 : 0;
+	this->ar_args += this->len;
+	this->ar_length -= this->len;
+
+	this->arg2_3 = this->ar_length > 0 ? this->ar_args : "";
+	this->len = this->ar_length > 0 ? strlen(this->ar_args) + 1 : 0;
+	this->ar_args += this->len;
+	this->ar_length -= this->len;
+
+	this->arg2_4 = this->ar_length > 0 ? "..." : "";
+
+	/******************* APARENT *******************/
+
+	this->proc = this->proc->p_pptr;
+	this->pid3 = this->proc->p_pid;
+	this->uid3 = this->proc->p_ucred->cr_uid;
+	this->gid3 = this->proc->p_ucred->cr_rgid;
+	this->p_args = this->proc ? this->proc->p_args : 0;
+	this->ar_length = this->p_args ? this->p_args->ar_length : 0;
+	this->ar_args = (char *)(this->p_args ? this->p_args->ar_args : 0);
+
+	this->arg3_0 = this->ar_length > 0 ?
+		this->ar_args : stringof(this->proc->p_comm);
+	this->len = this->ar_length > 0 ? strlen(this->ar_args) + 1 : 0;
+	this->ar_args += this->len;
+	this->ar_length -= this->len;
+
+	this->arg3_1 = this->ar_length > 0 ? this->ar_args : "";
+	this->len = this->ar_length > 0 ? strlen(this->ar_args) + 1 : 0;
+	this->ar_args += this->len;
+	this->ar_length -= this->len;
+
+	this->arg3_2 = this->ar_length > 0 ? this->ar_args : "";
+	this->len = this->ar_length > 0 ? strlen(this->ar_args) + 1 : 0;
+	this->ar_args += this->len;
+	this->ar_length -= this->len;
+
+	this->arg3_3 = this->ar_length > 0 ? this->ar_args : "";
+	this->len = this->ar_length > 0 ? strlen(this->ar_args) + 1 : 0;
+	this->ar_args += this->len;
+	this->ar_length -= this->len;
+
+	this->arg3_4 = this->ar_length > 0 ? "..." : "";
+
+	/***********************************************/
+
+	/*
+	 * Print process, parent, and grandparent details
+	 */
+
+	printf("%Y %s[%d]: ", timestamp + 1406598400000000000,
+		this->caller_execname, this->pid1);
+	printf("%s", this->arg0_0);
+	printf("%s%s", this->arg0_1 != "" ? " " : "", this->arg0_1);
+	printf("%s%s", this->arg0_2 != "" ? " " : "", this->arg0_2);
+	printf("%s%s", this->arg0_3 != "" ? " " : "", this->arg0_3);
+	printf("%s%s", this->arg0_4 != "" ? " " : "", this->arg0_4);
+	printf(" (sending signal %u to pid %u)",
+		this->kill_signal, this->pid_to_kill);
+	printf("\n");
+
+	printf(" -+= %05d %d.%d %s",
+		this->pid3, this->uid3, this->gid3, this->arg3_0);
+	printf("%s%s", this->arg3_1 != "" ? " " : "", this->arg3_1);
+	printf("%s%s", this->arg3_2 != "" ? " " : "", this->arg3_2);
+	printf("%s%s", this->arg3_3 != "" ? " " : "", this->arg3_3);
+	printf("%s%s", this->arg3_4 != "" ? " " : "", this->arg3_4);
+	printf("%s", this->arg3_0 != "" ? "\n" : "");
+
+	printf("  \-+= %05d %d.%d %s",
+		this->pid2, this->uid2, this->gid2, this->arg2_0);
+	printf("%s%s", this->arg2_1 != "" ? " " : "", this->arg2_1);
+	printf("%s%s", this->arg2_2 != "" ? " " : "", this->arg2_2);
+	printf("%s%s", this->arg2_3 != "" ? " " : "", this->arg2_3);
+	printf("%s%s", this->arg2_4 != "" ? " " : "", this->arg2_4);
+	printf("%s", this->arg2_0 != "" ? "\n" : "");
+
+	printf("    \-+= %05d %d.%d %s",
+		this->pid1, this->uid1, this->gid1, this->arg1_0);
+	printf("%s%s", this->arg1_1 != "" ? " " : "", this->arg1_1);
+	printf("%s%s", this->arg1_2 != "" ? " " : "", this->arg1_2);
+	printf("%s%s", this->arg1_3 != "" ? " " : "", this->arg1_3);
+	printf("%s%s", this->arg1_4 != "" ? " " : "", this->arg1_4);
+	printf("%s", this->arg1_0 != "" ? "\n" : "");
+
+	printf("      \-+= %05d %d.%d %s",
+		this->pid0, this->uid0, this->gid0, this->arg0_0);
+	printf("%s%s", this->arg0_1 != "" ? " " : "", this->arg0_1);
+	printf("%s%s", this->arg0_2 != "" ? " " : "", this->arg0_2);
+	printf("%s%s", this->arg0_3 != "" ? " " : "", this->arg0_3);
+	printf("%s%s", this->arg0_4 != "" ? " " : "", this->arg0_4);
+	printf("%s", this->arg0_0 != "" ? "\n" : "");
+}
diff --git a/share/dtrace/watch_vop_remove b/share/dtrace/watch_vop_remove
new file mode 100755
index 0000000..6a5e7c4
--- /dev/null
+++ b/share/dtrace/watch_vop_remove
@@ -0,0 +1,476 @@
+#!/usr/sbin/dtrace -s
+/* -
+ * Copyright (c) 2014 Devin Teske <dteske@FreeBSD.org>
+ * All rights reserved.
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * $Title: dtrace(1) script to log process(es) entering vfs::vop_remove $
+ * $FreeBSD$
+ */
+
+#pragma D option quiet
+#pragma D option dynvarsize=16m
+#pragma D option switchrate=10hz
+
+/*********************************************************/
+
+vfs::vop_remove:entry /* probe ID 1 */
+{
+	this->vp = (struct vnode *)arg0;
+	this->ncp = &(this->vp->v_cache_dst) != NULL ?
+		this->vp->v_cache_dst.tqh_first : 0;
+        this->fi_name = args[1] ? (
+		args[1]->a_cnp != NULL ?
+			stringof(args[1]->a_cnp->cn_nameptr) : ""
+	) : "";
+	this->mount = this->vp->v_mount; /* ptr to vfs we are in */
+	this->fi_fs = this->mount != 0 ?
+		stringof(this->mount->mnt_stat.f_fstypename) : "";
+	this->fi_mount = this->mount != 0 ?
+		stringof(this->mount->mnt_stat.f_mntonname) : "";
+	this->d_name = args[0]->v_cache_dd != NULL ?
+		stringof(args[0]->v_cache_dd->nc_name) : "";
+}
+
+vfs::vop_remove:entry /this->vp == 0 || this->fi_fs == 0 ||
+	this->fi_fs == "devfs" || this->fi_fs == "" ||
+	this->fi_name == ""/ /* probe ID 2 */
+{
+	this->ncp = 0;
+}
+
+/*********************************************************/
+
+vfs::vop_remove:entry /this->ncp/ /* probe ID 3 (depth 1) */
+{
+	this->dvp = this->ncp->nc_dvp != NULL ? (
+		&(this->ncp->nc_dvp->v_cache_dst) != NULL ?
+			this->ncp->nc_dvp->v_cache_dst.tqh_first : 0
+	) : 0;
+	this->name1 = this->dvp != 0 ? (
+		this->dvp->nc_name != 0 ? stringof(this->dvp->nc_name) : ""
+	) : "";
+}
+
+vfs::vop_remove:entry /this->name1 == 0 || this->fi_fs == 0 ||
+	this->fi_fs == "devfs" || this->fi_fs == "" ||
+	this->name1 == "/" || this->name1 == ""/ /* probe ID 4 */
+{
+	this->dvp = 0;
+}
+
+/*********************************************************/
+
+/*
+ * BEGIN Pathname-depth iterators (copy/paste as many times as-desired)
+ */
+
+vfs::vop_remove:entry /this->dvp/ /* probe ID 5 (depth 2) */
+{
+	this->dvp = this->dvp->nc_dvp != NULL ? (
+		&(this->dvp->nc_dvp->v_cache_dst) != NULL ?
+			this->dvp->nc_dvp->v_cache_dst.tqh_first : 0
+	) : 0;
+	this->name2 = this->dvp != 0 ? (
+		this->dvp->nc_name != 0 ? stringof(this->dvp->nc_name) : ""
+	) : "";
+}
+
+vfs::vop_remove:entry /this->dvp/ /* probe ID 6 (depth 3) */
+{
+	this->dvp = this->dvp->nc_dvp != NULL ? (
+		&(this->dvp->nc_dvp->v_cache_dst) != NULL ?
+			this->dvp->nc_dvp->v_cache_dst.tqh_first : 0
+	) : 0;
+	this->name3 = this->dvp != 0 ? (
+		this->dvp->nc_name != 0 ? stringof(this->dvp->nc_name) : ""
+	) : "";
+}
+
+vfs::vop_remove:entry /this->dvp/ /* probe ID 7 (depth 4) */
+{
+	this->dvp = this->dvp->nc_dvp != NULL ? (
+		&(this->dvp->nc_dvp->v_cache_dst) != NULL ?
+			this->dvp->nc_dvp->v_cache_dst.tqh_first : 0
+	) : 0;
+	this->name4 = this->dvp != 0 ? (
+		this->dvp->nc_name != 0 ? stringof(this->dvp->nc_name) : ""
+	) : "";
+}
+
+vfs::vop_remove:entry /this->dvp/ /* probe ID 8 (depth 5) */
+{
+	this->dvp = this->dvp->nc_dvp != NULL ? (
+		&(this->dvp->nc_dvp->v_cache_dst) != NULL ?
+			this->dvp->nc_dvp->v_cache_dst.tqh_first : 0
+	) : 0;
+	this->name5 = this->dvp != 0 ? (
+		this->dvp->nc_name != 0 ? stringof(this->dvp->nc_name) : ""
+	) : "";
+}
+
+vfs::vop_remove:entry /this->dvp/ /* probe ID 9 (depth 6) */
+{
+	this->dvp = this->dvp->nc_dvp != NULL ? (
+		&(this->dvp->nc_dvp->v_cache_dst) != NULL ?
+			this->dvp->nc_dvp->v_cache_dst.tqh_first : 0
+	) : 0;
+	this->name6 = this->dvp != 0 ? (
+		this->dvp->nc_name != 0 ? stringof(this->dvp->nc_name) : ""
+	) : "";
+}
+
+vfs::vop_remove:entry /this->dvp/ /* probe ID 10 (depth 7) */
+{
+	this->dvp = this->dvp->nc_dvp != NULL ? (
+		&(this->dvp->nc_dvp->v_cache_dst) != NULL ?
+			this->dvp->nc_dvp->v_cache_dst.tqh_first : 0
+	) : 0;
+	this->name7 = this->dvp != 0 ? (
+		this->dvp->nc_name != 0 ? stringof(this->dvp->nc_name) : ""
+	) : "";
+}
+
+vfs::vop_remove:entry /this->dvp/ /* probe ID 11 (depth 8) */
+{
+	this->dvp = this->dvp->nc_dvp != NULL ? (
+		&(this->dvp->nc_dvp->v_cache_dst) != NULL ?
+			this->dvp->nc_dvp->v_cache_dst.tqh_first : 0
+	) : 0;
+	this->name8 = this->dvp != 0 ? (
+		this->dvp->nc_name != 0 ? stringof(this->dvp->nc_name) : ""
+	) : "";
+}
+
+vfs::vop_remove:entry /this->dvp/ /* probe ID 12 (depth 9) */
+{
+	this->dvp = this->dvp->nc_dvp != NULL ? (
+		&(this->dvp->nc_dvp->v_cache_dst) != NULL ?
+			this->dvp->nc_dvp->v_cache_dst.tqh_first : 0
+	) : 0;
+	this->name9 = this->dvp != 0 ? (
+		this->dvp->nc_name != 0 ? stringof(this->dvp->nc_name) : ""
+	) : "";
+}
+
+vfs::vop_remove:entry /this->dvp/ /* probe ID 13 (depth 10) */
+{
+	this->dvp = this->dvp->nc_dvp != NULL ? (
+		&(this->dvp->nc_dvp->v_cache_dst) != NULL ?
+			this->dvp->nc_dvp->v_cache_dst.tqh_first : 0
+	) : 0;
+	this->name10 = this->dvp != 0 ? (
+		this->dvp->nc_name != 0 ? stringof(this->dvp->nc_name) : ""
+	) : "";
+}
+
+vfs::vop_remove:entry /this->dvp/ /* probe ID 14 (depth 11) */
+{
+	this->dvp = this->dvp->nc_dvp != NULL ? (
+		&(this->dvp->nc_dvp->v_cache_dst) != NULL ?
+			this->dvp->nc_dvp->v_cache_dst.tqh_first : 0
+	) : 0;
+	this->name11 = this->dvp != 0 ? (
+		this->dvp->nc_name != 0 ? stringof(this->dvp->nc_name) : ""
+	) : "";
+}
+
+vfs::vop_remove:entry /this->dvp/ /* probe ID 15 (depth 12) */
+{
+	this->dvp = this->dvp->nc_dvp != NULL ? (
+		&(this->dvp->nc_dvp->v_cache_dst) != NULL ?
+			this->dvp->nc_dvp->v_cache_dst.tqh_first : 0
+	) : 0;
+	this->name12 = this->dvp != 0 ? (
+		this->dvp->nc_name != 0 ? stringof(this->dvp->nc_name) : ""
+	) : "";
+}
+
+vfs::vop_remove:entry /this->dvp/ /* probe ID 16 (depth 13) */
+{
+	this->dvp = this->dvp->nc_dvp != NULL ? (
+		&(this->dvp->nc_dvp->v_cache_dst) != NULL ?
+			this->dvp->nc_dvp->v_cache_dst.tqh_first : 0
+	) : 0;
+	this->name13 = this->dvp != 0 ? (
+		this->dvp->nc_name != 0 ? stringof(this->dvp->nc_name) : ""
+	) : "";
+}
+
+vfs::vop_remove:entry /this->dvp/ /* probe ID 17 (depth 14) */
+{
+	this->dvp = this->dvp->nc_dvp != NULL ? (
+		&(this->dvp->nc_dvp->v_cache_dst) != NULL ?
+			this->dvp->nc_dvp->v_cache_dst.tqh_first : 0
+	) : 0;
+	this->name14 = this->dvp != 0 ? (
+		this->dvp->nc_name != 0 ? stringof(this->dvp->nc_name) : ""
+	) : "";
+}
+
+vfs::vop_remove:entry /this->dvp/ /* probe ID 18 (depth 15) */
+{
+	this->dvp = this->dvp->nc_dvp != NULL ? (
+		&(this->dvp->nc_dvp->v_cache_dst) != NULL ?
+			this->dvp->nc_dvp->v_cache_dst.tqh_first : 0
+	) : 0;
+	this->name15 = this->dvp != 0 ? (
+		this->dvp->nc_name != 0 ? stringof(this->dvp->nc_name) : ""
+	) : "";
+}
+
+vfs::vop_remove:entry /this->dvp/ /* probe ID 19 (depth 16) */
+{
+	this->dvp = this->dvp->nc_dvp != NULL ? (
+		&(this->dvp->nc_dvp->v_cache_dst) != NULL ?
+			this->dvp->nc_dvp->v_cache_dst.tqh_first : 0
+	) : 0;
+	this->name16 = this->dvp != 0 ? (
+		this->dvp->nc_name != 0 ? stringof(this->dvp->nc_name) : ""
+	) : "";
+}
+
+vfs::vop_remove:entry /this->dvp/ /* probe ID 20 (depth 17) */
+{
+	this->dvp = this->dvp->nc_dvp != NULL ? (
+		&(this->dvp->nc_dvp->v_cache_dst) != NULL ?
+			this->dvp->nc_dvp->v_cache_dst.tqh_first : 0
+	) : 0;
+	this->name17 = this->dvp != 0 ? (
+		this->dvp->nc_name != 0 ? stringof(this->dvp->nc_name) : ""
+	) : "";
+}
+
+vfs::vop_remove:entry /this->dvp/ /* probe ID 21 (depth 18) */
+{
+	this->dvp = this->dvp->nc_dvp != NULL ? (
+		&(this->dvp->nc_dvp->v_cache_dst) != NULL ?
+			this->dvp->nc_dvp->v_cache_dst.tqh_first : 0
+	) : 0;
+	this->name18 = this->dvp != 0 ? (
+		this->dvp->nc_name != 0 ? stringof(this->dvp->nc_name) : ""
+	) : "";
+}
+
+vfs::vop_remove:entry /this->dvp/ /* probe ID 22 (depth 19) */
+{
+	this->dvp = this->dvp->nc_dvp != NULL ? (
+		&(this->dvp->nc_dvp->v_cache_dst) != NULL ?
+			this->dvp->nc_dvp->v_cache_dst.tqh_first : 0
+	) : 0;
+	this->name19 = this->dvp != 0 ? (
+		this->dvp->nc_name != 0 ? stringof(this->dvp->nc_name) : ""
+	) : "";
+}
+
+vfs::vop_remove:entry /this->dvp/ /* probe ID 23 (depth 20) */
+{
+	this->dvp = this->dvp->nc_dvp != NULL ? (
+		&(this->dvp->nc_dvp->v_cache_dst) != NULL ?
+			this->dvp->nc_dvp->v_cache_dst.tqh_first : 0
+	) : 0;
+	this->name20 = this->dvp != 0 ? (
+		this->dvp->nc_name != 0 ? stringof(this->dvp->nc_name) : ""
+	) : "";
+}
+
+/*
+ * END Pathname-depth iterators
+ */
+
+/*********************************************************/
+
+vfs::vop_remove:entry /this->fi_mount != 0/ /* probe ID 24 */
+{
+	printf("%Y %s[%d]: ", timestamp + 1406598400000000000, execname, pid);
+
+	/*
+	 * Print full path of file to delete
+	 * NB: Up-to but not including the parent directory (printed below)
+	 */
+	printf("%s%s", this->fi_mount, this->fi_mount != 0 ? (
+		this->fi_mount == "/" ? "" : "/"
+	) : "/");
+	printf("%s%s", this->name = this->name20, this->name != "" ? "/" : "");
+	printf("%s%s", this->name = this->name19, this->name != "" ? "/" : "");
+	printf("%s%s", this->name = this->name18, this->name != "" ? "/" : "");
+	printf("%s%s", this->name = this->name17, this->name != "" ? "/" : "");
+	printf("%s%s", this->name = this->name16, this->name != "" ? "/" : "");
+	printf("%s%s", this->name = this->name15, this->name != "" ? "/" : "");
+	printf("%s%s", this->name = this->name14, this->name != "" ? "/" : "");
+	printf("%s%s", this->name = this->name13, this->name != "" ? "/" : "");
+	printf("%s%s", this->name = this->name12, this->name != "" ? "/" : "");
+	printf("%s%s", this->name = this->name11, this->name != "" ? "/" : "");
+	printf("%s%s", this->name = this->name10, this->name != "" ? "/" : "");
+	printf("%s%s", this->name = this->name9, this->name != "" ? "/" : "");
+	printf("%s%s", this->name = this->name8, this->name != "" ? "/" : "");
+	printf("%s%s", this->name = this->name7, this->name != "" ? "/" : "");
+	printf("%s%s", this->name = this->name6, this->name != "" ? "/" : "");
+	printf("%s%s", this->name = this->name5, this->name != "" ? "/" : "");
+	printf("%s%s", this->name = this->name4, this->name != "" ? "/" : "");
+	printf("%s%s", this->name = this->name3, this->name != "" ? "/" : "");
+	printf("%s%s", this->name = this->name2, this->name != "" ? "/" : "");
+	printf("%s%s", this->name = this->name1, this->name != "" ? "/" : "");
+
+	/* Print the parent directory name */
+	this->name = this->d_name != 0 ? this->d_name : "";
+	printf("%s%s", this->name, this->name != "" ? "/" : "");
+
+	/* Print the entry name */
+	this->name = this->fi_name != 0 ? this->fi_name : "";
+	printf("%s", this->name);
+
+	printf("\n");
+
+	/*
+	 * Examine process, parent process, and grandparent process details
+	 */
+
+	/******************* CURPROC *******************/
+
+	this->proc = curthread->td_proc;
+	this->pid0 = this->proc->p_pid;
+	this->uid0 = this->proc->p_ucred->cr_uid;
+	this->gid0 = this->proc->p_ucred->cr_rgid;
+	this->p_args = this->proc->p_args;
+	this->ar_length = this->p_args ? this->p_args->ar_length : 0;
+	this->ar_args = (char *)(this->p_args ? this->p_args->ar_args : 0);
+
+	this->arg0_0 = this->ar_length > 0 ?
+		this->ar_args : stringof(this->proc->p_comm);
+	this->len = this->ar_length > 0 ? strlen(this->ar_args) + 1 : 0;
+	this->ar_args += this->len;
+	this->ar_length -= this->len;
+
+	this->arg0_1 = this->ar_length > 0 ? this->ar_args : "";
+	this->len = this->ar_length > 0 ? strlen(this->ar_args) + 1 : 0;
+	this->ar_args += this->len;
+	this->ar_length -= this->len;
+
+	this->arg0_2 = this->ar_length > 0 ? this->ar_args : "";
+	this->len = this->ar_length > 0 ? strlen(this->ar_args) + 1 : 0;
+	this->ar_args += this->len;
+	this->ar_length -= this->len;
+
+	this->arg0_3 = this->ar_length > 0 ? this->ar_args : "";
+	this->len = this->ar_length > 0 ? strlen(this->ar_args) + 1 : 0;
+	this->ar_args += this->len;
+	this->ar_length -= this->len;
+
+	this->arg0_4 = this->ar_length > 0 ? "..." : "";
+
+	/******************* PPARENT *******************/
+
+	this->proc = this->proc->p_pptr;
+	this->pid1 = this->proc->p_pid;
+	this->uid1 = this->proc->p_ucred->cr_uid;
+	this->gid1 = this->proc->p_ucred->cr_rgid;
+	this->p_args = this->proc ? this->proc->p_args : 0;
+	this->ar_length = this->p_args ? this->p_args->ar_length : 0;
+	this->ar_args = (char *)(this->p_args ? this->p_args->ar_args : 0);
+
+	this->arg1_0 = this->ar_length > 0 ?
+		this->ar_args : stringof(this->proc->p_comm);
+	this->len = this->ar_length > 0 ? strlen(this->ar_args) + 1 : 0;
+	this->ar_args += this->len;
+	this->ar_length -= this->len;
+
+	this->arg1_1 = this->ar_length > 0 ? this->ar_args : "";
+	this->len = this->ar_length > 0 ? strlen(this->ar_args) + 1 : 0;
+	this->ar_args += this->len;
+	this->ar_length -= this->len;
+
+	this->arg1_2 = this->ar_length > 0 ? this->ar_args : "";
+	this->len = this->ar_length > 0 ? strlen(this->ar_args) + 1 : 0;
+	this->ar_args += this->len;
+	this->ar_length -= this->len;
+
+	this->arg1_3 = this->ar_length > 0 ? this->ar_args : "";
+	this->len = this->ar_length > 0 ? strlen(this->ar_args) + 1 : 0;
+	this->ar_args += this->len;
+	this->ar_length -= this->len;
+
+	this->arg1_4 = this->ar_length > 0 ? "..." : "";
+
+	/******************* GPARENT *******************/
+
+	this->proc = this->proc->p_pptr;
+	this->pid2 = this->proc->p_pid;
+	this->uid2 = this->proc->p_ucred->cr_uid;
+	this->gid2 = this->proc->p_ucred->cr_rgid;
+	this->p_args = this->proc ? this->proc->p_args : 0;
+	this->ar_length = this->p_args ? this->p_args->ar_length : 0;
+	this->ar_args = (char *)(this->p_args ? this->p_args->ar_args : 0);
+
+	this->arg2_0 = this->ar_length > 0 ?
+		this->ar_args : stringof(this->proc->p_comm);
+	this->len = this->ar_length > 0 ? strlen(this->ar_args) + 1 : 0;
+	this->ar_args += this->len;
+	this->ar_length -= this->len;
+
+	this->arg2_1 = this->ar_length > 0 ? this->ar_args : "";
+	this->len = this->ar_length > 0 ? strlen(this->ar_args) + 1 : 0;
+	this->ar_args += this->len;
+	this->ar_length -= this->len;
+
+	this->arg2_2 = this->ar_length > 0 ? this->ar_args : "";
+	this->len = this->ar_length > 0 ? strlen(this->ar_args) + 1 : 0;
+	this->ar_args += this->len;
+	this->ar_length -= this->len;
+
+	this->arg2_3 = this->ar_length > 0 ? this->ar_args : "";
+	this->len = this->ar_length > 0 ? strlen(this->ar_args) + 1 : 0;
+	this->ar_args += this->len;
+	this->ar_length -= this->len;
+
+	this->arg2_4 = this->ar_length > 0 ? "..." : "";
+
+	/***********************************************/
+
+	/*
+	 * Print process, parent, and grandparent details
+	 */
+
+	printf(" -+= %05d %d.%d %s",
+		this->pid2, this->uid2, this->gid2, this->arg2_0);
+	printf("%s%s", this->arg2_1 != "" ? " " : "", this->arg2_1);
+	printf("%s%s", this->arg2_2 != "" ? " " : "", this->arg2_2);
+	printf("%s%s", this->arg2_3 != "" ? " " : "", this->arg2_3);
+	printf("%s%s", this->arg2_4 != "" ? " " : "", this->arg2_4);
+	printf("%s", this->arg2_0 != "" ? "\n" : "");
+
+	printf("  \-+= %05d %d.%d %s",
+		this->pid1, this->uid1, this->gid1, this->arg1_0);
+	printf("%s%s", this->arg1_1 != "" ? " " : "", this->arg1_1);
+	printf("%s%s", this->arg1_2 != "" ? " " : "", this->arg1_2);
+	printf("%s%s", this->arg1_3 != "" ? " " : "", this->arg1_3);
+	printf("%s%s", this->arg1_4 != "" ? " " : "", this->arg1_4);
+	printf("%s", this->arg1_0 != "" ? "\n" : "");
+
+	printf("    \-+= %05d %d.%d %s",
+		this->pid0, this->uid0, this->gid0, this->arg0_0);
+	printf("%s%s", this->arg0_1 != "" ? " " : "", this->arg0_1);
+	printf("%s%s", this->arg0_2 != "" ? " " : "", this->arg0_2);
+	printf("%s%s", this->arg0_3 != "" ? " " : "", this->arg0_3);
+	printf("%s%s", this->arg0_4 != "" ? " " : "", this->arg0_4);
+	printf("%s", this->arg0_0 != "" ? "\n" : "");
+}
diff --git a/share/man/man4/Makefile b/share/man/man4/Makefile
index d962d38..f9c3adb 100644
--- a/share/man/man4/Makefile
+++ b/share/man/man4/Makefile
@@ -96,6 +96,7 @@ MAN=	aac.4 \
 	${_ccd.4} \
 	cd.4 \
 	cdce.4 \
+	cfi.4 \
 	ch.4 \
 	ciss.4 \
 	cloudabi.4 \
@@ -594,6 +595,7 @@ MLINKS+=bwn.4 if_bwn.4
 MLINKS+=${_bxe.4} ${_if_bxe.4}
 MLINKS+=cas.4 if_cas.4
 MLINKS+=cdce.4 if_cdce.4
+MLINKS+=cfi.4 cfid.4
 MLINKS+=cloudabi.4 cloudabi64.4
 MLINKS+=crypto.4 cryptodev.4
 MLINKS+=cue.4 if_cue.4
diff --git a/share/man/man4/cfi.4 b/share/man/man4/cfi.4
new file mode 100644
index 0000000..c5a9703
--- /dev/null
+++ b/share/man/man4/cfi.4
@@ -0,0 +1,94 @@
+.\"-
+.\" Copyright (c) 2015-2016 SRI International
+.\" All rights reserved.
+.\"
+.\" This software was developed by SRI International and the University of
+.\" Cambridge Computer Laboratory under DARPA/AFRL contract (FA8750-10-C-0237)
+.\" ("CTSRD"), as part of the DARPA CRASH research programme.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" $FreeBSD$
+.\"
+.Dd January 20, 2016
+.Dt CFI 4
+.Os
+.Sh NAME
+.Nm cfi ,
+.Nm cfid
+.Nd driver for Common Flash Interface (CFI) NOR flash
+.Sh SYNOPSIS
+.Cd "device cfi"
+.Cd "device cfid"
+.Cd "options CFI_SUPPORT_STRATAFLASH"
+.Cd "options CFI_ARMEDANDDANGEROUS"
+.Pp
+In
+.Pa /boot/device.hints :
+.Cd hint.cfi.0.at="nexus0"
+.Cd hint.cfi.0.maddr=0x74000000
+.Cd hint.cfi.0.msize=0x4000000
+.Pp
+In DTS file:
+.Cd flash@74000000 {
+.Cd "	compatible =" Qo cfi-flash Qc ;
+.Cd "	reg = <0x74000000 0x4000000>;"
+.Cd };
+.Sh DESCRIPTION
+The
+.Nm
+device driver provides a management interface to NOR flash devices supporting
+the Common Flash Interface (CFI) specification.
+Its companion device
+.Nm cfid
+provides a
+.Xr geom 4
+disk interface to the device.
+.Pp
+Special support for features of the Intel StrataFlash line are available
+with the
+.Cd CFI_SUPPORT_STRATAFLASH
+kernel option.
+Additional support for write-once bits to switch part of Intel StrataFlash
+devices to read-only can be enabled by the
+.Cd CFI_ARMEDANDDANGEROUS
+kernel option.
+.El
+.Sh SEE ALSO
+.Xr led 4
+.Sh HISTORY
+The
+.Nm
+device driver first appeared in
+.Fx 8.0 .
+.Sh AUTHORS
+The
+.Nm
+driver was written by
+.An Juniper Networks
+with StrataFlash support by
+.An Sam Leffler .
+This manual page was written by SRI International and the University of
+Cambridge Computer Laboratory under DARPA/AFRL contract
+.Pq FA8750-10-C-0237
+.Pq Do CTSRD Dc ,
+as part of the DARPA CRASH research programme.
diff --git a/share/man/man4/lagg.4 b/share/man/man4/lagg.4
index da070f1..c1a1bef 100644
--- a/share/man/man4/lagg.4
+++ b/share/man/man4/lagg.4
@@ -16,7 +16,7 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd November 6, 2015
+.Dd January 23, 2016
 .Dt LAGG 4
 .Os
 .Sh NAME
@@ -110,6 +110,11 @@ available, the VLAN tag, and the IP source and destination address.
 Distributes outgoing traffic using a round-robin scheduler
 through all active ports and accepts incoming traffic from
 any active port.
+Using
+.Ic roundrobin
+mode can cause unordered packet arrival at the client.
+Throughput might be limited as the client performs CPU-intensive packet
+reordering.
 .It Ic broadcast
 Sends frames to all ports of the LAG and receives frames on
 any port of the LAG.
@@ -161,6 +166,19 @@ Gigabit Ethernet interfaces:
 	192.168.1.1 netmask 255.255.255.0
 .Ed
 .Pp
+Create a link aggregation using ROUNDROBIN with two 
+.Xr bge 4
+Gigabit Ethernet interfaces and set the limit of 500 packets
+per interface:
+.Bd -literal -offset indent
+# ifconfig bge0 up
+# ifconfig bge1 up
+# ifconfig lagg0 create
+# ifconfig lagg0 laggproto roundrobin laggport bge0 laggport bge1 \e
+	192.168.1.1 netmask 255.255.255.0
+# ifconfig lagg0 rr_limit 500
+.Ed
+.Pp
 The following example uses an active failover interface to set up roaming
 between wired and wireless networks using two network devices.
 Whenever the wired master interface is unplugged, the wireless failover
diff --git a/share/man/man4/mod_cc.4 b/share/man/man4/mod_cc.4
index f5f4493..4712a39 100644
--- a/share/man/man4/mod_cc.4
+++ b/share/man/man4/mod_cc.4
@@ -30,7 +30,7 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd January 12, 2015
+.Dd January 21, 2016
 .Dt MOD_CC 4
 .Os
 .Sh NAME
@@ -49,7 +49,9 @@ using the
 facility.
 .Pp
 The default algorithm is NewReno, and all connections use the default unless
-explicitly overridden using the TCP_CONGESTION socket option (see
+explicitly overridden using the
+.Dv TCP_CONGESTION
+socket option (see
 .Xr tcp 4
 for details).
 The default can be changed using a
@@ -57,6 +59,14 @@ The default can be changed using a
 MIB variable detailed in the
 .Sx MIB Variables
 section below.
+.Pp
+Algorithm specific parameters can be set or queried using the
+.Dv TCP_CCALGOOPT
+socket option (see
+.Xr tcp 4
+for details).
+Callers must pass a pointer to an algorithm specific data, and specify
+its size.
 .Sh MIB Variables
 The framework exposes the following variables in the
 .Va net.inet.tcp.cc
diff --git a/share/man/man4/tcp.4 b/share/man/man4/tcp.4
index 8c5887f..de993e7 100644
--- a/share/man/man4/tcp.4
+++ b/share/man/man4/tcp.4
@@ -34,7 +34,7 @@
 .\"     From: @(#)tcp.4	8.1 (Berkeley) 6/5/93
 .\" $FreeBSD$
 .\"
-.Dd October 27, 2015
+.Dd January 21, 2016
 .Dt TCP 4
 .Os
 .Sh NAME
@@ -137,6 +137,11 @@ send window size,
 receive window size,
 and
 bandwidth-controlled window space.
+.It Dv TCP_CCALGOOPT
+Set or query congestion control algorithm specific parameters.
+See
+.Xr mod_cc 4
+for details.
 .It Dv TCP_CONGESTION
 Select or query the congestion control algorithm that TCP will use for the
 connection.
diff --git a/share/man/man5/ext2fs.5 b/share/man/man5/ext2fs.5
index 00be16f..db792bb 100644
--- a/share/man/man5/ext2fs.5
+++ b/share/man/man5/ext2fs.5
@@ -26,12 +26,12 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd October 1, 2013
+.Dd January 23, 2016
 .Dt EXT2FS 5
 .Os
 .Sh NAME
 .Nm ext2fs
-.Nd "Ext2fs file system"
+.Nd "ext2/ext3/ext4 file system"
 .Sh SYNOPSIS
 To link into the kernel:
 .Bd -ragged -offset indent
@@ -47,8 +47,14 @@ The
 driver will permit the
 .Fx
 kernel to access
-.Tn Ext2
+.Tn ext2 ,
+.Tn ext3 ,
+and
+.Tn ext4
 file systems.
+The
+.Tn ext4
+support is read-only.
 .Sh EXAMPLES
 To mount a
 .Nm
diff --git a/share/man/man9/hashinit.9 b/share/man/man9/hashinit.9
index b72cd75..65ef10e 100644
--- a/share/man/man9/hashinit.9
+++ b/share/man/man9/hashinit.9
@@ -25,7 +25,7 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd October 10, 2004
+.Dd January 23, 2016
 .Dt HASHINIT 9
 .Os
 .Sh NAME
@@ -102,9 +102,11 @@ Any malloc performed by the
 .Fn hashinit_flags
 function will not be allowed to wait, and therefore may fail.
 .It Dv HASH_WAITOK
-Any malloc performed by the
+Any malloc performed by
 .Fn hashinit_flags
 function is allowed to wait for memory.
+This is also the behavior of
+.Fn hashinit .
 .El
 .Sh IMPLEMENTATION NOTES
 The largest prime hash value chosen by
diff --git a/share/man/man9/mod_cc.9 b/share/man/man9/mod_cc.9
index f1cd5be..05205ed 100644
--- a/share/man/man9/mod_cc.9
+++ b/share/man/man9/mod_cc.9
@@ -31,7 +31,7 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd December 26, 2014
+.Dd January 21, 2016
 .Dt MOD_CC 9
 .Os
 .Sh NAME
@@ -40,7 +40,8 @@
 .Nm CCV
 .Nd Modular Congestion Control
 .Sh SYNOPSIS
-.In netinet/cc.h
+.In netinet/tcp.h
+.In netinet/tcp_cc.h
 .In netinet/cc/cc_module.h
 .Fn DECLARE_CC_MODULE "ccname" "ccalgo"
 .Fn CCV "ccv" "what"
@@ -74,6 +75,7 @@ struct cc_algo {
 	void	(*cong_signal) (struct cc_var *ccv, uint32_t type);
 	void	(*post_recovery) (struct cc_var *ccv);
 	void	(*after_idle) (struct cc_var *ccv);
+	int	(*ctl_output)(struct cc_var *, struct sockopt *, void *);
 };
 .Ed
 .Pp
@@ -166,6 +168,20 @@ function is called when data transfer resumes after an idle period.
 It should be implemented to adjust state as required.
 .Pp
 The
+.Va ctl_output
+function is called when
+.Xr getsockopt 2
+or
+.Xr setsockopt 2
+is called on a
+.Xr tcp 4
+socket with the
+.Va struct sockopt
+pointer forwarded unmodified from the TCP control, and a
+.Va void *
+pointer to algorithm specific argument.
+.Pp
+The
 .Fn DECLARE_CC_MODULE
 macro provides a convenient wrapper around the
 .Xr DECLARE_MODULE 9
diff --git a/sys/amd64/include/atomic.h b/sys/amd64/include/atomic.h
index 33d79b2..dd71e92 100644
--- a/sys/amd64/include/atomic.h
+++ b/sys/amd64/include/atomic.h
@@ -558,6 +558,7 @@ u_long	atomic_swap_long(volatile u_long *p, u_long v);
 #define	atomic_cmpset_rel_64	atomic_cmpset_rel_long
 #define	atomic_swap_64		atomic_swap_long
 #define	atomic_readandclear_64	atomic_readandclear_long
+#define	atomic_fetchadd_64	atomic_fetchadd_long
 #define	atomic_testandset_64	atomic_testandset_long
 
 /* Operations on pointers. */
diff --git a/sys/amd64/linux/linux.h b/sys/amd64/linux/linux.h
index c4fe9ae..639499a 100644
--- a/sys/amd64/linux/linux.h
+++ b/sys/amd64/linux/linux.h
@@ -530,8 +530,8 @@ struct l_pollfd {
 
 #define LINUX_ARCH_SET_GS		0x1001
 #define LINUX_ARCH_SET_FS		0x1002
-#define LINUX_ARCH_GET_GS		0x1003
-#define LINUX_ARCH_GET_FS		0x1004
+#define LINUX_ARCH_GET_FS		0x1003
+#define LINUX_ARCH_GET_GS		0x1004
 
 #define	linux_copyout_rusage(r, u)	copyout(r, u, sizeof(*r))
 
diff --git a/sys/amd64/linux/linux_machdep.c b/sys/amd64/linux/linux_machdep.c
index 451e4b4..376cce7 100644
--- a/sys/amd64/linux/linux_machdep.c
+++ b/sys/amd64/linux/linux_machdep.c
@@ -383,7 +383,6 @@ linux_sigaltstack(struct thread *td, struct linux_sigaltstack_args *uap)
 	return (error);
 }
 
-/* XXX do all */
 int
 linux_arch_prctl(struct thread *td, struct linux_arch_prctl_args *args)
 {
diff --git a/sys/arm/allwinner/a10_clk.c b/sys/arm/allwinner/a10_clk.c
index 2f41d6f..eab95b0 100644
--- a/sys/arm/allwinner/a10_clk.c
+++ b/sys/arm/allwinner/a10_clk.c
@@ -255,6 +255,57 @@ a10_clk_pll6_get_rate(void)
 	return ((CCM_CLK_REF_FREQ * n * k) / 2);
 }
 
+static int
+a10_clk_pll2_set_rate(unsigned int freq)
+{
+	struct a10_ccm_softc *sc;
+	uint32_t reg_value;
+	unsigned int prediv, postdiv, n;
+
+	sc = a10_ccm_sc;
+	if (sc == NULL)
+		return (ENXIO);
+
+	reg_value = ccm_read_4(sc, CCM_PLL2_CFG);
+	reg_value &= ~(CCM_PLL2_CFG_PREDIV | CCM_PLL2_CFG_POSTDIV |
+	    CCM_PLL_CFG_FACTOR_N);
+
+	/*
+	 * Audio Codec needs PLL2 to be either 24576000 Hz or 22579200 Hz
+	 *
+	 * PLL2 output frequency is 24MHz * n / prediv / postdiv.
+	 * To get as close as possible to the desired rate, we use a
+	 * pre-divider of 21 and a post-divider of 4. With these values,
+	 * a multiplier of 86 or 79 gets us close to the target rates.
+	 */
+	prediv = 21;
+	postdiv = 4;
+
+	switch (freq) {
+	case 24576000:
+		n = 86;
+		reg_value |= CCM_PLL_CFG_ENABLE;
+		break;
+	case 22579200:
+		n = 79;
+		reg_value |= CCM_PLL_CFG_ENABLE;
+		break;
+	case 0:
+		n = 1;
+		reg_value &= ~CCM_PLL_CFG_ENABLE;
+		break;
+	default:
+		return (EINVAL);
+	}
+
+	reg_value |= (prediv << CCM_PLL2_CFG_PREDIV_SHIFT);
+	reg_value |= (postdiv << CCM_PLL2_CFG_POSTDIV_SHIFT);
+	reg_value |= (n << CCM_PLL_CFG_FACTOR_N_SHIFT);
+	ccm_write_4(sc, CCM_PLL2_CFG, reg_value);
+
+	return (0);
+}
+
 int
 a10_clk_ahci_activate(void)
 {
@@ -347,3 +398,46 @@ a10_clk_mmc_cfg(int devid, int freq)
 
 	return (0);
 }
+
+int
+a10_clk_dmac_activate(void)
+{
+	struct a10_ccm_softc *sc;
+	uint32_t reg_value;
+
+	sc = a10_ccm_sc;
+	if (sc == NULL)
+		return (ENXIO);
+
+	/* Gating AHB clock for DMA controller */
+	reg_value = ccm_read_4(sc, CCM_AHB_GATING0);
+	reg_value |= CCM_AHB_GATING_DMA;
+	ccm_write_4(sc, CCM_AHB_GATING0, reg_value);
+
+	return (0);
+}
+
+int
+a10_clk_codec_activate(unsigned int freq)
+{
+	struct a10_ccm_softc *sc;
+	uint32_t reg_value;
+
+	sc = a10_ccm_sc;
+	if (sc == NULL)
+		return (ENXIO);
+
+	a10_clk_pll2_set_rate(freq);
+
+	/* Gating APB clock for ADDA */
+	reg_value = ccm_read_4(sc, CCM_APB0_GATING);
+	reg_value |= CCM_APB0_GATING_ADDA;
+	ccm_write_4(sc, CCM_APB0_GATING, reg_value);
+
+	/* Enable audio codec clock */
+	reg_value = ccm_read_4(sc, CCM_AUDIO_CODEC_CLK);
+	reg_value |= CCM_AUDIO_CODEC_ENABLE;
+	ccm_write_4(sc, CCM_AUDIO_CODEC_CLK, reg_value);
+
+	return (0);
+}
diff --git a/sys/arm/allwinner/a10_clk.h b/sys/arm/allwinner/a10_clk.h
index e5aa8c2..4df87cc 100644
--- a/sys/arm/allwinner/a10_clk.h
+++ b/sys/arm/allwinner/a10_clk.h
@@ -106,10 +106,14 @@
 #define	CCM_GMAC_CLK_EXT_RGMII	0x1
 #define	CCM_GMAC_CLK_RGMII	0x2
 
+/* APB0_GATING */
+#define	CCM_APB0_GATING_ADDA	(1 << 0)
+
 /* AHB_GATING_REG0 */
 #define	CCM_AHB_GATING_USB0	(1 << 0)
 #define	CCM_AHB_GATING_EHCI0	(1 << 1)
 #define	CCM_AHB_GATING_EHCI1	(1 << 3)
+#define	CCM_AHB_GATING_DMA	(1 << 6)
 #define	CCM_AHB_GATING_SDMMC0	(1 << 8)
 #define	CCM_AHB_GATING_EMAC	(1 << 17)
 #define	CCM_AHB_GATING_SATA	(1 << 25)
@@ -132,6 +136,11 @@
 #define	CCM_PLL_CFG_FACTOR_K_SHIFT	4
 #define	CCM_PLL_CFG_FACTOR_M		0x3
 
+#define	CCM_PLL2_CFG_POSTDIV		0x3c000000
+#define	CCM_PLL2_CFG_POSTDIV_SHIFT	26
+#define	CCM_PLL2_CFG_PREDIV		0x1f
+#define	CCM_PLL2_CFG_PREDIV_SHIFT	0
+
 #define	CCM_PLL6_CFG_SATA_CLKEN	(1U << 14)
 
 #define	CCM_SD_CLK_SRC_SEL		0x3000000
@@ -146,6 +155,8 @@
 #define	CCM_SD_CLK_OPHASE_CTR_SHIFT	8
 #define	CCM_SD_CLK_DIV_RATIO_M		0xf
 
+#define	CCM_AUDIO_CODEC_ENABLE	(1U << 31)
+
 #define	CCM_CLK_REF_FREQ	24000000U
 
 int a10_clk_usb_activate(void);
@@ -155,5 +166,7 @@ int a10_clk_gmac_activate(phandle_t);
 int a10_clk_ahci_activate(void);
 int a10_clk_mmc_activate(int);
 int a10_clk_mmc_cfg(int, int);
+int a10_clk_dmac_activate(void);
+int a10_clk_codec_activate(unsigned int);
 
 #endif /* _A10_CLK_H_ */
diff --git a/sys/arm/allwinner/a10_common.c b/sys/arm/allwinner/a10_common.c
index 3b5bf0e..dacb97e 100644
--- a/sys/arm/allwinner/a10_common.c
+++ b/sys/arm/allwinner/a10_common.c
@@ -42,6 +42,8 @@ struct fdt_fixup_entry fdt_fixup_table[] = {
 	{ NULL, NULL }
 };
 
+#ifndef ARM_INTRNG
+
 static int
 fdt_aintc_decode_ic(phandle_t node, pcell_t *intr, int *interrupt, int *trig,
     int *pol)
@@ -66,3 +68,5 @@ fdt_pic_decode_t fdt_pic_table[] = {
 	&fdt_aintc_decode_ic,
 	NULL
 };
+
+#endif /* ARM_INTRNG */
diff --git a/sys/arm/allwinner/a10_machdep.c b/sys/arm/allwinner/allwinner_machdep.c
index 718ced7..5e8e842 100644
--- a/sys/arm/allwinner/a10_machdep.c
+++ b/sys/arm/allwinner/allwinner_machdep.c
@@ -1,5 +1,6 @@
 /*-
  * Copyright (c) 2012 Ganbold Tsagaankhuu <ganbold@freebsd.org>
+ * Copyright (c) 2015-2016 Emmanuel Vadot <manu@bidouilliste.com>
  * All rights reserved.
  *
  * This code is derived from software written for Brini by Mark Brinicombe
@@ -45,32 +46,41 @@ __FBSDID("$FreeBSD$");
 #include <machine/bus.h>
 #include <machine/devmap.h>
 #include <machine/machdep.h>
-#include <machine/platform.h> 
+#include <machine/platformvar.h>
 
 #include <dev/fdt/fdt_common.h>
 
 #include <arm/allwinner/a10_wdog.h>
+#include <arm/allwinner/allwinner_machdep.h>
 
-vm_offset_t
-platform_lastaddr(void)
-{
+#include "platform_if.h"
 
-	return (arm_devmap_lastaddr());
-}
+static u_int soc_type;
+static u_int soc_family;
 
-void
-platform_probe_and_attach(void)
+static int
+a10_attach(platform_t plat)
 {
+	soc_type = ALLWINNERSOC_A10;
+	soc_family = ALLWINNERSOC_SUN4I;
+	return (0);
 }
 
-void
-platform_gpio_init(void)
+static int
+a20_attach(platform_t plat)
 {
+	soc_type = ALLWINNERSOC_A20;
+	soc_family = ALLWINNERSOC_SUN7I;
+
+	return (0);
 }
 
-void
-platform_late_init(void)
+
+static vm_offset_t
+allwinner_lastaddr(platform_t plat)
 {
+
+	return (arm_devmap_lastaddr());
 }
 
 /*
@@ -83,8 +93,8 @@ platform_late_init(void)
  * shouldn't be device-mapped.  The original code mapped a 4MB block, but
  * perhaps a 1MB block would be more appropriate.
  */
-int
-platform_devmap_init(void)
+static int
+allwinner_devmap_init(platform_t plat)
 {
 
 	arm_devmap_add_entry(0x01C00000, 0x00400000); /* 4MB */
@@ -111,3 +121,34 @@ cpu_reset()
 	printf("Reset failed!\n");
 	while (1);
 }
+
+static platform_method_t a10_methods[] = {
+	PLATFORMMETHOD(platform_attach,         a10_attach),
+	PLATFORMMETHOD(platform_lastaddr,       allwinner_lastaddr),
+	PLATFORMMETHOD(platform_devmap_init,    allwinner_devmap_init),
+
+	PLATFORMMETHOD_END,
+};
+
+static platform_method_t a20_methods[] = {
+	PLATFORMMETHOD(platform_attach,         a20_attach),
+	PLATFORMMETHOD(platform_lastaddr,       allwinner_lastaddr),
+	PLATFORMMETHOD(platform_devmap_init,    allwinner_devmap_init),
+
+	PLATFORMMETHOD_END,
+};
+
+u_int
+allwinner_soc_type(void)
+{
+	return (soc_type);
+}
+
+u_int
+allwinner_soc_family(void)
+{
+	return (soc_family);
+}
+
+FDT_PLATFORM_DEF(a10, "a10", 0, "allwinner,sun4i-a10");
+FDT_PLATFORM_DEF(a20, "a20", 0, "allwinner,sun7i-a20");
diff --git a/sys/dev/fdt/fdt_mips.c b/sys/arm/allwinner/allwinner_machdep.h
index 4e04602..0edd090 100644
--- a/sys/dev/fdt/fdt_mips.c
+++ b/sys/arm/allwinner/allwinner_machdep.h
@@ -1,9 +1,8 @@
 /*-
- * Copyright (c) 2009-2010 The FreeBSD Foundation
+ * Copyright (c) 2015 Emmanuel Vadot <manu@bidouilliste.com>
  * All rights reserved.
  *
- * This software was developed by Semihalf under sponsorship from
- * the FreeBSD Foundation.
+ * This code is derived from software written for Brini by Mark Brinicombe
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -17,7 +16,7 @@
  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
@@ -25,27 +24,24 @@
  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
+ *
+ * $FreeBSD$
+ *
  */
 
-#include <sys/cdefs.h>
-__FBSDID("$FreeBSD$");
-
-#include <sys/param.h>
-#include <sys/systm.h>
-#include <sys/kernel.h>
-#include <sys/module.h>
-#include <sys/bus.h>
-
-#include <machine/intr_machdep.h>
-
-#include <dev/ofw/ofw_bus.h>
-#include <dev/ofw/ofw_bus_subr.h>
-#include <dev/ofw/openfirm.h>
-
-#include "ofw_bus_if.h"
-#include "fdt_common.h"
-
-struct fdt_fixup_entry fdt_fixup_table[] = {
-	{ NULL, NULL }
-};
-
+#ifndef AW_MACHDEP_H
+#define	AW_MACHDEP_H
+ 
+#define	ALLWINNERSOC_A10	0x10000000
+#define	ALLWINNERSOC_A13	0x13000000
+#define	ALLWINNERSOC_A10S	0x10000001
+#define	ALLWINNERSOC_A20	0x20000000
+ 
+#define	ALLWINNERSOC_SUN4I	0x40000000
+#define	ALLWINNERSOC_SUN5I	0x50000000
+#define	ALLWINNERSOC_SUN7I	0x70000000
+ 
+u_int allwinner_soc_type(void);
+u_int allwinner_soc_family(void);
+ 
+#endif /* AW_MACHDEP_H */
diff --git a/sys/arm/allwinner/files.allwinner b/sys/arm/allwinner/files.allwinner
index ea59bc2..8606d91 100644
--- a/sys/arm/allwinner/files.allwinner
+++ b/sys/arm/allwinner/files.allwinner
@@ -6,11 +6,11 @@ arm/allwinner/a10_clk.c			standard
 arm/allwinner/a10_common.c		standard
 arm/allwinner/a10_ehci.c		optional	ehci
 arm/allwinner/a10_gpio.c		optional	gpio
-arm/allwinner/a10_machdep.c		standard
 arm/allwinner/a10_mmc.c			optional	mmc
 arm/allwinner/a10_sramc.c		standard
 arm/allwinner/a10_wdog.c		standard
 arm/allwinner/a20/a20_cpu_cfg.c 	standard
+arm/allwinner/allwinner_machdep.c	standard
 arm/allwinner/if_emac.c			optional	emac
 arm/allwinner/timer.c			standard
 #arm/allwinner/console.c		standard
diff --git a/sys/arm/arm/elf_machdep.c b/sys/arm/arm/elf_machdep.c
index 84b87f7..7dbdc91 100644
--- a/sys/arm/arm/elf_machdep.c
+++ b/sys/arm/arm/elf_machdep.c
@@ -256,7 +256,7 @@ elf_reloc_local(linker_file_t lf, Elf_Addr relocbase, const void *data,
 }
 
 int
-elf_cpu_load_file(linker_file_t lf __unused)
+elf_cpu_load_file(linker_file_t lf)
 {
 
 	/*
@@ -265,13 +265,25 @@ elf_cpu_load_file(linker_file_t lf __unused)
 	 * that kernel memory allocations always have EXECUTABLE protection even
 	 * when the memory isn't going to hold executable code.  The only time
 	 * kernel memory holding instructions does need a sync is after loading
-	 * a kernel module, and that's when this function gets called.  Normal
-	 * data cache maintenance has already been done by the IO code, and TLB
-	 * maintenance has been done by the pmap code, so all we have to do here
-	 * is invalidate the instruction cache (which also invalidates the
-	 * branch predictor cache on platforms that have one).
+	 * a kernel module, and that's when this function gets called.
+	 *
+	 * This syncs data and instruction caches after loading a module.  We
+	 * don't worry about the kernel itself (lf->id is 1) as locore.S did
+	 * that on entry.  Even if data cache maintenance was done by IO code,
+	 * the relocation fixup process creates dirty cache entries that we must
+	 * write back before doing icache sync. The instruction cache sync also
+	 * invalidates the branch predictor cache on platforms that have one.
 	 */
+	if (lf->id == 1)
+		return (0);
+#if __ARM_ARCH >= 6
+	dcache_wb_pou((vm_offset_t)lf->address, (vm_size_t)lf->size);
+	icache_inv_all();
+#else
+	cpu_dcache_wb_range((vm_offset_t)lf->address, (vm_size_t)lf->size);
+	cpu_l2cache_wb_range((vm_offset_t)lf->address, (vm_size_t)lf->size);
 	cpu_icache_sync_all();
+#endif
 	return (0);
 }
 
diff --git a/sys/arm/arm/minidump_machdep.c b/sys/arm/arm/minidump_machdep.c
index 7a4abe4..a351fb7 100644
--- a/sys/arm/arm/minidump_machdep.c
+++ b/sys/arm/arm/minidump_machdep.c
@@ -1,4 +1,5 @@
 /*-
+ * Copyright (c) 2006 Peter Wemm
  * Copyright (c) 2008 Semihalf, Grzegorz Bernacki
  * All rights reserved.
  *
@@ -61,14 +62,12 @@ CTASSERT(sizeof(struct kerneldumpheader) == 512);
 uint32_t *vm_page_dump;
 int vm_page_dump_size;
 
-#ifndef ARM_NEW_PMAP
-
 static struct kerneldumpheader kdh;
 
 static off_t dumplo;
 
 /* Handle chunked writes. */
-static size_t fragsz, offset;
+static size_t fragsz;
 static void *dump_va;
 static uint64_t counter, progress;
 
@@ -96,10 +95,9 @@ blk_flush(struct dumperinfo *di)
 	if (fragsz == 0)
 		return (0);
 
-	error = dump_write(di, (char*)dump_va + offset, 0, dumplo, fragsz - offset);
-	dumplo += (fragsz - offset);
+	error = dump_write(di, dump_va, 0, dumplo, fragsz);
+	dumplo += fragsz;
 	fragsz = 0;
-	offset = 0;
 	return (error);
 }
 
@@ -110,36 +108,36 @@ blk_write(struct dumperinfo *di, char *ptr, vm_paddr_t pa, size_t sz)
 	int error, i, c;
 	u_int maxdumpsz;
 
-	maxdumpsz = di->maxiosize;
-
+	maxdumpsz = min(di->maxiosize, MAXDUMPPGS * PAGE_SIZE);
 	if (maxdumpsz == 0)	/* seatbelt */
 		maxdumpsz = PAGE_SIZE;
-
 	error = 0;
-
 	if (ptr != NULL && pa != 0) {
 		printf("cant have both va and pa!\n");
 		return (EINVAL);
 	}
-
+	if (pa != 0) {
+		if ((sz % PAGE_SIZE) != 0) {
+			printf("size not page aligned\n");
+			return (EINVAL);
+		}
+		if ((pa & PAGE_MASK) != 0) {
+			printf("address not page aligned\n");
+			return (EINVAL);
+		}
+	}
 	if (ptr != NULL) {
-		/* If we're doing a virtual dump, flush any pre-existing pa pages */
+		/* Flush any pre-existing pa pages before a virtual dump. */
 		error = blk_flush(di);
 		if (error)
 			return (error);
 	}
-
 	while (sz) {
-		if (fragsz == 0) {
-			offset = pa & PAGE_MASK;
-			fragsz += offset;
-		}
 		len = maxdumpsz - fragsz;
 		if (len > sz)
 			len = sz;
 		counter += len;
 		progress -= len;
-
 		if (counter >> 22) {
 			printf(" %lld", PG2MB(progress >> PAGE_SHIFT));
 			counter &= (1<<22) - 1;
@@ -180,24 +178,9 @@ blk_write(struct dumperinfo *di, char *ptr, vm_paddr_t pa, size_t sz)
 	return (0);
 }
 
-static int
-blk_write_cont(struct dumperinfo *di, vm_paddr_t pa, size_t sz)
-{
-	int error;
-
-	error = blk_write(di, 0, pa, sz);
-	if (error)
-		return (error);
-
-	error = blk_flush(di);
-	if (error)
-		return (error);
-
-	return (0);
-}
-
-/* A fake page table page, to avoid having to handle both 4K and 2M pages */
-static pt_entry_t fakept[NPTEPG];
+/* A buffer for general use. Its size must be one page at least. */
+static char dumpbuf[PAGE_SIZE];
+CTASSERT(sizeof(dumpbuf) % sizeof(pt2_entry_t) == 0);
 
 int
 minidumpsys(struct dumperinfo *di)
@@ -208,9 +191,7 @@ minidumpsys(struct dumperinfo *di)
 	uint32_t bits;
 	uint32_t pa, prev_pa = 0, count = 0;
 	vm_offset_t va;
-	pd_entry_t *pdp;
-	pt_entry_t *pt, *ptp;
-	int i, k, bit, error;
+	int i, bit, error;
 	char *addr;
 
 	/*
@@ -228,48 +209,11 @@ minidumpsys(struct dumperinfo *di)
 	counter = 0;
 	/* Walk page table pages, set bits in vm_page_dump */
 	ptesize = 0;
-	for (va = KERNBASE; va < kernel_vm_end; va += NBPDR) {
-		/*
-		 * We always write a page, even if it is zero. Each
-		 * page written corresponds to 2MB of space
-		 */
-		ptesize += L2_TABLE_SIZE_REAL;
-		pmap_get_pde_pte(pmap_kernel(), va, &pdp, &ptp);
-		if (pmap_pde_v(pdp) && pmap_pde_section(pdp)) {
-			/* This is a section mapping 1M page. */
-			pa = (*pdp & L1_S_ADDR_MASK) | (va & ~L1_S_ADDR_MASK);
-			for (k = 0; k < (L1_S_SIZE / PAGE_SIZE); k++) {
-				if (is_dumpable(pa))
-					dump_add_page(pa);
-				pa += PAGE_SIZE;
-			}
-			continue;
-		}
-		if (pmap_pde_v(pdp) && pmap_pde_page(pdp)) {
-			/* Set bit for each valid page in this 1MB block */
-			addr = pmap_kenter_temporary(*pdp & L1_C_ADDR_MASK, 0);
-			pt = (pt_entry_t*)(addr +
-			    (((uint32_t)*pdp  & L1_C_ADDR_MASK) & PAGE_MASK));
-			for (k = 0; k < 256; k++) {
-				if ((pt[k] & L2_TYPE_MASK) == L2_TYPE_L) {
-					pa = (pt[k] & L2_L_FRAME) |
-					    (va & L2_L_OFFSET);
-					for (i = 0; i < 16; i++) {
-						if (is_dumpable(pa))
-							dump_add_page(pa);
-						k++;
-						pa += PAGE_SIZE;
-					}
-				} else if ((pt[k] & L2_TYPE_MASK) == L2_TYPE_S) {
-					pa = (pt[k] & L2_S_FRAME) |
-					    (va & L2_S_OFFSET);
-					if (is_dumpable(pa))
-						dump_add_page(pa);
-				}
-			}
-		} else {
-			/* Nothing, we're going to dump a null page */
-		}
+	for (va = KERNBASE; va < kernel_vm_end; va += PAGE_SIZE) {
+		pa = pmap_dump_kextract(va, NULL);
+		if (pa != 0 && is_dumpable(pa))
+			dump_add_page(pa);
+		ptesize += sizeof(pt2_entry_t);
 	}
 
 	/* Calculate dump size. */
@@ -331,14 +275,15 @@ minidumpsys(struct dumperinfo *di)
 	dumplo += sizeof(kdh);
 
 	/* Dump my header */
-	bzero(&fakept, sizeof(fakept));
-	bcopy(&mdhdr, &fakept, sizeof(mdhdr));
-	error = blk_write(di, (char *)&fakept, 0, PAGE_SIZE);
+	bzero(dumpbuf, sizeof(dumpbuf));
+	bcopy(&mdhdr, dumpbuf, sizeof(mdhdr));
+	error = blk_write(di, dumpbuf, 0, PAGE_SIZE);
 	if (error)
 		goto fail;
 
 	/* Dump msgbuf up front */
-	error = blk_write(di, (char *)msgbufp->msg_ptr, 0, round_page(msgbufp->msg_size));
+	error = blk_write(di, (char *)msgbufp->msg_ptr, 0,
+	    round_page(msgbufp->msg_size));
 	if (error)
 		goto fail;
 
@@ -349,81 +294,21 @@ minidumpsys(struct dumperinfo *di)
 		goto fail;
 
 	/* Dump kernel page table pages */
-	for (va = KERNBASE; va < kernel_vm_end; va += NBPDR) {
-		/* We always write a page, even if it is zero */
-		pmap_get_pde_pte(pmap_kernel(), va, &pdp, &ptp);
-
-		if (pmap_pde_v(pdp) && pmap_pde_section(pdp))  {
-			if (count) {
-				error = blk_write_cont(di, prev_pa,
-				    count * L2_TABLE_SIZE_REAL);
-				if (error)
-					goto fail;
-				count = 0;
-				prev_pa = 0;
-			}
-			/* This is a single 2M block. Generate a fake PTP */
-			pa = (*pdp & L1_S_ADDR_MASK) | (va & ~L1_S_ADDR_MASK);
-			for (k = 0; k < (L1_S_SIZE / PAGE_SIZE); k++) {
-				fakept[k] = L2_S_PROTO | (pa + (k * PAGE_SIZE)) |
-				    L2_S_PROT(PTE_KERNEL,
-				    VM_PROT_READ | VM_PROT_WRITE);
-			}
-			error = blk_write(di, (char *)&fakept, 0,
-			    L2_TABLE_SIZE_REAL);
-			if (error)
-				goto fail;
-			/* Flush, in case we reuse fakept in the same block */
-			error = blk_flush(di);
-			if (error)
-				goto fail;
-			continue;
-		}
-		if (pmap_pde_v(pdp) && pmap_pde_page(pdp)) {
-			pa = *pdp & L1_C_ADDR_MASK;
-			if (!count) {
-				prev_pa = pa;
-				count++;
-			}
-			else {
-				if (pa == (prev_pa + count * L2_TABLE_SIZE_REAL))
-					count++;
-				else {
-					error = blk_write_cont(di, prev_pa,
-					    count * L2_TABLE_SIZE_REAL);
-					if (error)
-						goto fail;
-					count = 1;
-					prev_pa = pa;
-				}
-			}
-		} else {
-			if (count) {
-				error = blk_write_cont(di, prev_pa,
-				    count * L2_TABLE_SIZE_REAL);
-				if (error)
-					goto fail;
-				count = 0;
-				prev_pa = 0;
-			}
-			bzero(fakept, sizeof(fakept));
-			error = blk_write(di, (char *)&fakept, 0,
-			    L2_TABLE_SIZE_REAL);
-			if (error)
-				goto fail;
-			/* Flush, in case we reuse fakept in the same block */
-			error = blk_flush(di);
-			if (error)
+	addr = dumpbuf;
+	for (va = KERNBASE; va < kernel_vm_end; va += PAGE_SIZE) {
+		pmap_dump_kextract(va, (pt2_entry_t *)addr);
+		addr += sizeof(pt2_entry_t);
+		if (addr == dumpbuf + sizeof(dumpbuf)) {
+			error = blk_write(di, dumpbuf, 0, sizeof(dumpbuf));
+			if (error != 0)
 				goto fail;
+			addr = dumpbuf;
 		}
 	}
-
-	if (count) {
-		error = blk_write_cont(di, prev_pa, count * L2_TABLE_SIZE_REAL);
-		if (error)
+	if (addr != dumpbuf) {
+		error = blk_write(di, dumpbuf, 0, addr - dumpbuf);
+		if (error != 0)
 			goto fail;
-		count = 0;
-		prev_pa = 0;
 	}
 
 	/* Dump memory chunks */
@@ -440,7 +325,7 @@ minidumpsys(struct dumperinfo *di)
 				if (pa == (prev_pa + count * PAGE_SIZE))
 					count++;
 				else {
-					error = blk_write_cont(di, prev_pa,
+					error = blk_write(di, NULL, prev_pa,
 					    count * PAGE_SIZE);
 					if (error)
 						goto fail;
@@ -452,13 +337,17 @@ minidumpsys(struct dumperinfo *di)
 		}
 	}
 	if (count) {
-		error = blk_write_cont(di, prev_pa, count * PAGE_SIZE);
+		error = blk_write(di, NULL, prev_pa, count * PAGE_SIZE);
 		if (error)
 			goto fail;
 		count = 0;
 		prev_pa = 0;
 	}
 
+	error = blk_flush(di);
+	if (error)
+		goto fail;
+
 	/* Dump trailer */
 	error = dump_write(di, &kdh, 0, dumplo, sizeof(kdh));
 	if (error)
@@ -484,17 +373,6 @@ fail:
 	return (0);
 }
 
-#else /* ARM_NEW_PMAP */
-
-int
-minidumpsys(struct dumperinfo *di)
-{
-
-	return (0);
-}
-
-#endif
-
 void
 dump_add_page(vm_paddr_t pa)
 {
diff --git a/sys/arm/arm/pmap-v6-new.c b/sys/arm/arm/pmap-v6-new.c
index 9a756cf..5c56f6c 100644
--- a/sys/arm/arm/pmap-v6-new.c
+++ b/sys/arm/arm/pmap-v6-new.c
@@ -1049,6 +1049,36 @@ pmap_kextract(vm_offset_t va)
 	return (pa);
 }
 
+/*
+ *  Extract from the kernel page table the physical address
+ *  that is mapped by the given virtual address "va". Also
+ *  return L2 page table entry which maps the address.
+ *
+ *  This is only intended to be used for panic dumps.
+ */
+vm_paddr_t
+pmap_dump_kextract(vm_offset_t va, pt2_entry_t *pte2p)
+{
+	vm_paddr_t pa;
+	pt1_entry_t pte1;
+	pt2_entry_t pte2;
+
+	pte1 = pte1_load(kern_pte1(va));
+	if (pte1_is_section(pte1)) {
+		pa = pte1_pa(pte1) | (va & PTE1_OFFSET);
+		pte2 = pa | ATTR_TO_L2(pte1) | PTE2_V;
+	} else if (pte1_is_link(pte1)) {
+		pte2 = pte2_load(pt2map_entry(va));
+		pa = pte2_pa(pte2);
+	} else {
+		pte2 = 0;
+		pa = 0;
+	}
+	if (pte2p != NULL)
+		*pte2p = pte2;
+	return (pa);
+}
+
 /*****************************************************************************
  *
  *	PMAP second stage initialization and utility functions
diff --git a/sys/arm/arm/pmap-v6.c b/sys/arm/arm/pmap-v6.c
index 4dbd9c4..26a075d 100644
--- a/sys/arm/arm/pmap-v6.c
+++ b/sys/arm/arm/pmap-v6.c
@@ -3536,6 +3536,52 @@ retry:
 	return (m);
 }
 
+vm_paddr_t
+pmap_dump_kextract(vm_offset_t va, pt2_entry_t *pte2p)
+{
+	struct l2_dtable *l2;
+	pd_entry_t l1pd;
+	pt_entry_t *ptep, pte;
+	vm_paddr_t pa;
+	u_int l1idx;
+
+	l1idx = L1_IDX(va);
+	l1pd = kernel_pmap->pm_l1->l1_kva[l1idx];
+	if (l1pte_section_p(l1pd)) {
+		if (l1pd & L1_S_SUPERSEC)
+			pa = (l1pd & L1_SUP_FRAME) | (va & L1_SUP_OFFSET);
+		else
+			pa = (l1pd & L1_S_FRAME) | (va & L1_S_OFFSET);
+		pte = L2_S_PROTO | pa |
+		    L2_S_PROT(PTE_KERNEL, VM_PROT_READ | VM_PROT_WRITE);
+	} else {
+		l2 = kernel_pmap->pm_l2[L2_IDX(l1idx)];
+		if (l2 == NULL ||
+		    (ptep = l2->l2_bucket[L2_BUCKET(l1idx)].l2b_kva) == NULL) {
+			pte = 0;
+			pa = 0;
+			goto out;
+		}
+		pte = ptep[l2pte_index(va)];
+		if (pte == 0) {
+			pa = 0;
+			goto out;
+		}
+		switch (pte & L2_TYPE_MASK) {
+		case L2_TYPE_L:
+			pa = (pte & L2_L_FRAME) | (va & L2_L_OFFSET);
+			break;
+		default:
+			pa = (pte & L2_S_FRAME) | (va & L2_S_OFFSET);
+			break;
+		}
+	}
+out:
+	if (pte2p != NULL)
+		*pte2p = pte;
+	return (pa);
+}
+
 /*
  * Initialize a preallocated and zeroed pmap structure,
  * such as one in a vmspace structure.
diff --git a/sys/arm/arm/pmap.c b/sys/arm/arm/pmap.c
index daaa0ee..e698f0e 100644
--- a/sys/arm/arm/pmap.c
+++ b/sys/arm/arm/pmap.c
@@ -3738,6 +3738,52 @@ retry:
 	return (m);
 }
 
+vm_paddr_t
+pmap_dump_kextract(vm_offset_t va, pt2_entry_t *pte2p)
+{
+	struct l2_dtable *l2;
+	pd_entry_t l1pd;
+	pt_entry_t *ptep, pte;
+	vm_paddr_t pa;
+	u_int l1idx;
+
+	l1idx = L1_IDX(va);
+	l1pd = kernel_pmap->pm_l1->l1_kva[l1idx];
+	if (l1pte_section_p(l1pd)) {
+		if (l1pd & L1_S_SUPERSEC)
+			pa = (l1pd & L1_SUP_FRAME) | (va & L1_SUP_OFFSET);
+		else
+			pa = (l1pd & L1_S_FRAME) | (va & L1_S_OFFSET);
+		pte = L2_S_PROTO | pa |
+		    L2_S_PROT(PTE_KERNEL, VM_PROT_READ | VM_PROT_WRITE);
+	} else {
+		l2 = kernel_pmap->pm_l2[L2_IDX(l1idx)];
+		if (l2 == NULL ||
+		    (ptep = l2->l2_bucket[L2_BUCKET(l1idx)].l2b_kva) == NULL) {
+			pte = 0;
+			pa = 0;
+			goto out;
+		}
+		pte = ptep[l2pte_index(va)];
+		if (pte == 0) {
+			pa = 0;
+			goto out;
+		}
+		switch (pte & L2_TYPE_MASK) {
+		case L2_TYPE_L:
+			pa = (pte & L2_L_FRAME) | (va & L2_L_OFFSET);
+			break;
+		default:
+			pa = (pte & L2_S_FRAME) | (va & L2_S_OFFSET);
+			break;
+		}
+	}
+out:
+	if (pte2p != NULL)
+		*pte2p = pte;
+	return (pa);
+}
+
 /*
  * Initialize a preallocated and zeroed pmap structure,
  * such as one in a vmspace structure.
diff --git a/sys/arm/conf/A20 b/sys/arm/conf/A20
index 21ecd85..353c5ec 100644
--- a/sys/arm/conf/A20
+++ b/sys/arm/conf/A20
@@ -23,9 +23,12 @@ ident		A20
 include 	"std.armv6"
 include 	"../allwinner/a20/std.a20"
 
+options 	ARM_INTRNG
+
 options 	HZ=100
 options 	SCHED_ULE		# ULE scheduler
 options 	SMP			# Enable multiple cores
+options 	PLATFORM
 
 # Debugging for use in -current
 makeoptions	DEBUG=-g		# Build kernel with gdb(1) debug symbols
diff --git a/sys/arm/conf/CUBIEBOARD b/sys/arm/conf/CUBIEBOARD
index 8102306..787c177 100644
--- a/sys/arm/conf/CUBIEBOARD
+++ b/sys/arm/conf/CUBIEBOARD
@@ -26,6 +26,7 @@ include 	"../allwinner/std.a10"
 
 options 	HZ=100
 options 	SCHED_4BSD		# 4BSD scheduler
+options 	PLATFORM
 
 # Debugging for use in -current
 makeoptions	DEBUG=-g		# Build kernel with gdb(1) debug symbols
diff --git a/sys/arm/include/pmap-v6.h b/sys/arm/include/pmap-v6.h
index 2b254f0..beaf638 100644
--- a/sys/arm/include/pmap-v6.h
+++ b/sys/arm/include/pmap-v6.h
@@ -200,6 +200,8 @@ void pmap_tlb_flush_range(pmap_t , vm_offset_t , vm_size_t );
 void pmap_dcache_wb_range(vm_paddr_t , vm_size_t , vm_memattr_t );
 
 vm_paddr_t pmap_kextract(vm_offset_t );
+vm_paddr_t pmap_dump_kextract(vm_offset_t, pt2_entry_t *);
+
 int pmap_fault(pmap_t , vm_offset_t , uint32_t , int , bool);
 #define	vtophys(va)	pmap_kextract((vm_offset_t)(va))
 
diff --git a/sys/arm/include/pmap.h b/sys/arm/include/pmap.h
index 923301f..a0b0d94 100644
--- a/sys/arm/include/pmap.h
+++ b/sys/arm/include/pmap.h
@@ -263,6 +263,7 @@ void	pmap_kremove_device(vm_offset_t, vm_size_t);
 void	*pmap_kenter_temporary(vm_paddr_t pa, int i);
 void 	pmap_kenter_user(vm_offset_t va, vm_paddr_t pa);
 vm_paddr_t pmap_kextract(vm_offset_t va);
+vm_paddr_t pmap_dump_kextract(vm_offset_t, pt2_entry_t *);
 void	pmap_kremove(vm_offset_t);
 void	*pmap_mapdev(vm_offset_t, vm_size_t);
 void	pmap_unmapdev(vm_offset_t, vm_size_t);
diff --git a/sys/arm/include/pte.h b/sys/arm/include/pte.h
index ef804ae..42e26ab 100644
--- a/sys/arm/include/pte.h
+++ b/sys/arm/include/pte.h
@@ -43,6 +43,7 @@
 #ifndef LOCORE
 typedef	uint32_t	pd_entry_t;		/* page directory entry */
 typedef	uint32_t	pt_entry_t;		/* page table entry */
+typedef	pt_entry_t	pt2_entry_t;		/* compatibility with v6 */
 #endif
 
 #define PG_FRAME	0xfffff000
diff --git a/sys/arm/mv/mv_pci.c b/sys/arm/mv/mv_pci.c
index 1bf065d..05dcbbc 100644
--- a/sys/arm/mv/mv_pci.c
+++ b/sys/arm/mv/mv_pci.c
@@ -922,7 +922,7 @@ static inline void
 pcib_write_irq_mask(struct mv_pcib_softc *sc, uint32_t mask)
 {
 
-	if (!sc->sc_type != MV_TYPE_PCI)
+	if (sc->sc_type != MV_TYPE_PCI)
 		return;
 
 	bus_space_write_4(sc->sc_bst, sc->sc_bsh, PCIE_REG_IRQ_MASK, mask);
diff --git a/sys/arm/ti/ti_common.c b/sys/arm/ti/ti_common.c
index 8a4d7e7..aaf9a6a 100644
--- a/sys/arm/ti/ti_common.c
+++ b/sys/arm/ti/ti_common.c
@@ -53,6 +53,7 @@ struct fdt_fixup_entry fdt_fixup_table[] = {
 	{ NULL, NULL }
 };
 
+#ifndef ARM_INTRNG
 #ifdef SOC_TI_AM335X
 static int
 fdt_aintc_decode_ic(phandle_t node, pcell_t *intr, int *interrupt, int *trig,
@@ -72,7 +73,7 @@ fdt_aintc_decode_ic(phandle_t node, pcell_t *intr, int *interrupt, int *trig,
 #endif
 
 fdt_pic_decode_t fdt_pic_table[] = {
-#if defined(SOC_OMAP4) && !defined(ARM_INTRNG)
+#if defined(SOC_OMAP4)
 	&gic_decode_fdt,
 #endif
 #ifdef SOC_TI_AM335X
@@ -80,3 +81,4 @@ fdt_pic_decode_t fdt_pic_table[] = {
 #endif
 	NULL
 };
+#endif /* !ARM_INTRNG */
diff --git a/sys/arm64/arm64/gic_fdt.c b/sys/arm64/arm64/gic_fdt.c
index a4c4e25..5160e5f 100644
--- a/sys/arm64/arm64/gic_fdt.c
+++ b/sys/arm64/arm64/gic_fdt.c
@@ -30,7 +30,8 @@
 #include <sys/cdefs.h>
 __FBSDID("$FreeBSD$");
 
-#include <sys/types.h>
+#include <sys/param.h>
+#include <sys/systm.h>
 #include <sys/bus.h>
 #include <sys/kernel.h>
 #include <sys/module.h>
@@ -38,7 +39,6 @@ __FBSDID("$FreeBSD$");
 
 #include <machine/bus.h>
 
-#include <dev/fdt/fdt_common.h>
 #include <dev/ofw/openfirm.h>
 #include <dev/ofw/ofw_bus.h>
 #include <dev/ofw/ofw_bus_subr.h>
diff --git a/sys/arm64/arm64/gic_v3_fdt.c b/sys/arm64/arm64/gic_v3_fdt.c
index 33164cb..10bc524 100644
--- a/sys/arm64/arm64/gic_v3_fdt.c
+++ b/sys/arm64/arm64/gic_v3_fdt.c
@@ -31,13 +31,13 @@
 __FBSDID("$FreeBSD$");
 
 #include <sys/param.h>
+#include <sys/systm.h>
 #include <sys/bus.h>
 #include <sys/kernel.h>
 #include <sys/module.h>
 
 #include <machine/resource.h>
 
-#include <dev/fdt/fdt_common.h>
 #include <dev/ofw/openfirm.h>
 #include <dev/ofw/ofw_bus.h>
 #include <dev/ofw/ofw_bus_subr.h>
diff --git a/sys/arm64/arm64/machdep.c b/sys/arm64/arm64/machdep.c
index f256260..0e61817b 100644
--- a/sys/arm64/arm64/machdep.c
+++ b/sys/arm64/arm64/machdep.c
@@ -83,7 +83,6 @@ __FBSDID("$FreeBSD$");
 #endif
 
 #ifdef FDT
-#include <dev/fdt/fdt_common.h>
 #include <dev/ofw/openfirm.h>
 #endif
 
diff --git a/sys/arm64/arm64/nexus.c b/sys/arm64/arm64/nexus.c
index 807993b..ec1fe84 100644
--- a/sys/arm64/arm64/nexus.c
+++ b/sys/arm64/arm64/nexus.c
@@ -64,7 +64,7 @@ __FBSDID("$FreeBSD$");
 #include "opt_platform.h"
 
 #ifdef FDT
-#include <dev/fdt/fdt_common.h>
+#include <dev/ofw/openfirm.h>
 #include "ofw_bus_if.h"
 #endif
 #ifdef DEV_ACPI
diff --git a/sys/boot/common/console.c b/sys/boot/common/console.c
index 6656eab..f4ffc56 100644
--- a/sys/boot/common/console.c
+++ b/sys/boot/common/console.c
@@ -38,7 +38,7 @@ __FBSDID("$FreeBSD$");
 static int	cons_set(struct env_var *ev, int flags, const void *value);
 static int	cons_find(const char *name);
 static int	cons_check(const char *string);
-static void	cons_change(const char *string);
+static int	cons_change(const char *string);
 static int	twiddle_set(struct env_var *ev, int flags, const void *value);
 
 /*
@@ -47,12 +47,12 @@ static int	twiddle_set(struct env_var *ev, int flags, const void *value);
  * as active.  Also create the console variable.
  */
 void
-cons_probe(void) 
+cons_probe(void)
 {
     int			cons;
     int			active;
     char		*prefconsole;
-    
+
     /* We want a callback to install the new value when this var changes. */
     env_setenv("twiddle_divisor", EV_VOLATILE, "1", twiddle_set, env_nounset);
 
@@ -162,54 +162,69 @@ cons_find(const char *name)
 static int
 cons_set(struct env_var *ev, int flags, const void *value)
 {
-    int		cons;
-
-    if ((value == NULL) || (cons_check(value) == -1)) {
-	if (value != NULL) 
-	    printf("no such console!\n");
-	printf("Available consoles:\n");
-	for (cons = 0; consoles[cons] != NULL; cons++)
-	    printf("    %s\n", consoles[cons]->c_name);
-	return(CMD_ERROR);
+    int		ret;
+
+    if ((value == NULL) || (cons_check(value) == 0)) {
+	/*
+	 * Return CMD_OK instead of CMD_ERROR to prevent forth syntax error,
+	 * which would prevent it processing any further loader.conf entries.
+	 */
+	return (CMD_OK);
     }
 
-    cons_change(value);
+    ret = cons_change(value);
+    if (ret != CMD_OK)
+	return (ret);
 
     env_setenv(ev->ev_name, flags | EV_NOHOOK, value, NULL, NULL);
-    return(CMD_OK);
+    return (CMD_OK);
 }
 
 /*
- * Check that all of the consoles listed in *string are valid consoles
+ * Check that at least one the consoles listed in *string is valid
  */
 static int
 cons_check(const char *string)
 {
-    int		cons;
+    int		cons, found, failed;
     char	*curpos, *dup, *next;
 
     dup = next = strdup(string);
-    cons = -1;
+    found = failed = 0;
     while (next != NULL) {
 	curpos = strsep(&next, " ,");
 	if (*curpos != '\0') {
 	    cons = cons_find(curpos);
-	    if (cons == -1)
-		break;
+	    if (cons == -1) {
+		printf("console %s is invalid!\n", curpos);
+		failed++;
+	    } else {
+		found++;
+	    }
 	}
     }
 
     free(dup);
-    return (cons);
+
+    if (found == 0)
+	printf("no valid consoles!\n");
+
+    if (found == 0 || failed != 0) {
+	printf("Available consoles:\n");
+	for (cons = 0; consoles[cons] != NULL; cons++)
+	    printf("    %s\n", consoles[cons]->c_name);
+    }
+
+    return (found);
 }
 
 /*
- * Activate all of the consoles listed in *string and disable all the others.
+ * Activate all the valid consoles listed in *string and disable all others.
  */
-static void
+static int
 cons_change(const char *string)
 {
-    int		cons;
+    int		cons, active;
     char	*curpos, *dup, *next;
 
     /* Disable all consoles */
@@ -219,6 +234,7 @@ cons_change(const char *string)
 
     /* Enable selected consoles */
     dup = next = strdup(string);
+    active = 0;
     while (next != NULL) {
 	curpos = strsep(&next, " ,");
 	if (*curpos == '\0')
@@ -227,14 +243,37 @@ cons_change(const char *string)
 	if (cons >= 0) {
 	    consoles[cons]->c_flags |= C_ACTIVEIN | C_ACTIVEOUT;
 	    consoles[cons]->c_init(0);
-	    if ((consoles[cons]->c_flags & (C_PRESENTIN | C_PRESENTOUT)) !=
-		(C_PRESENTIN | C_PRESENTOUT))
-		printf("console %s failed to initialize\n",
-		    consoles[cons]->c_name);
+	    if ((consoles[cons]->c_flags & (C_PRESENTIN | C_PRESENTOUT)) ==
+		(C_PRESENTIN | C_PRESENTOUT)) {
+		active++;
+		continue;
+	    }
+
+	    if (active != 0) {
+		/* If no consoles have initialised we wouldn't see this. */
+		printf("console %s failed to initialize\n", consoles[cons]->c_name);
+	    }
 	}
     }
 
     free(dup);
+
+    if (active == 0) {
+	/* All requested consoles failed to initialise, try to recover. */
+	for (cons = 0; consoles[cons] != NULL; cons++) {
+	    consoles[cons]->c_flags |= C_ACTIVEIN | C_ACTIVEOUT;
+	    consoles[cons]->c_init(0);
+	    if ((consoles[cons]->c_flags &
+		(C_PRESENTIN | C_PRESENTOUT)) ==
+		(C_PRESENTIN | C_PRESENTOUT))
+		active++;
+	}
+
+	if (active == 0)
+	    return (CMD_ERROR); /* Recovery failed. */
+    }
+
+    return (CMD_OK);
 }
 
 /*
diff --git a/sys/boot/common/ufsread.c b/sys/boot/common/ufsread.c
index 08ab697..6f499f9 100644
--- a/sys/boot/common/ufsread.c
+++ b/sys/boot/common/ufsread.c
@@ -165,7 +165,7 @@ static int sblock_try[] = SBLOCKSEARCH;
 #endif
 
 static ssize_t
-fsread(ufs_ino_t inode, void *buf, size_t nbyte)
+fsread_size(ufs_ino_t inode, void *buf, size_t nbyte, size_t *fsizep)
 {
 #ifndef UFS2_ONLY
 	static struct ufs1_dinode dp1;
@@ -185,6 +185,10 @@ fsread(ufs_ino_t inode, void *buf, size_t nbyte)
 	static ufs2_daddr_t blkmap, indmap;
 	u_int u;
 
+	/* Basic parameter validation. */
+	if ((buf == NULL && nbyte != 0) || dmadat == NULL)
+		return (-1);
+
 	blkbuf = dmadat->blkbuf;
 	indbuf = dmadat->indbuf;
 
@@ -231,18 +235,18 @@ fsread(ufs_ino_t inode, void *buf, size_t nbyte)
 			return -1;
 		n = INO_TO_VBO(n, inode);
 #if defined(UFS1_ONLY)
-		memcpy(&dp1, (struct ufs1_dinode *)blkbuf + n,
-		    sizeof(struct ufs1_dinode));
+		memcpy(&dp1, (struct ufs1_dinode *)(void *)blkbuf + n,
+		    sizeof(dp1));
 #elif defined(UFS2_ONLY)
-		memcpy(&dp2, (struct ufs2_dinode *)blkbuf + n,
-		    sizeof(struct ufs2_dinode));
+		memcpy(&dp2, (struct ufs2_dinode *)(void *)blkbuf + n,
+		    sizeof(dp2));
 #else
 		if (fs.fs_magic == FS_UFS1_MAGIC)
 			memcpy(&dp1, (struct ufs1_dinode *)(void *)blkbuf + n,
-			    sizeof(struct ufs1_dinode));
+			    sizeof(dp1));
 		else
 			memcpy(&dp2, (struct ufs2_dinode *)(void *)blkbuf + n,
-			    sizeof(struct ufs2_dinode));
+			    sizeof(dp2));
 #endif
 		inomap = inode;
 		fs_off = 0;
@@ -306,5 +310,17 @@ fsread(ufs_ino_t inode, void *buf, size_t nbyte)
 		fs_off += n;
 		nb -= n;
 	}
+
+	if (fsizep != NULL)
+		*fsizep = size;
+
 	return nbyte;
 }
+
+static ssize_t
+fsread(ufs_ino_t inode, void *buf, size_t nbyte)
+{
+
+	return fsread_size(inode, buf, nbyte, NULL);
+}
+
diff --git a/sys/boot/efi/boot1/ufs_module.c b/sys/boot/efi/boot1/ufs_module.c
index 9181b6e..07c7152 100644
--- a/sys/boot/efi/boot1/ufs_module.c
+++ b/sys/boot/efi/boot1/ufs_module.c
@@ -68,93 +68,23 @@ dskread(void *buf, u_int64_t lba, int nblk)
 
 #include "ufsread.c"
 
-static ssize_t
-fsstat(ufs_ino_t inode)
+static struct dmadat __dmadat;
+
+static int
+init_dev(dev_info_t* dev)
 {
-#ifndef UFS2_ONLY
-	static struct ufs1_dinode dp1;
-#endif
-#ifndef UFS1_ONLY
-	static struct ufs2_dinode dp2;
-#endif
-	static struct fs fs;
-	static ufs_ino_t inomap;
-	char *blkbuf;
-	void *indbuf;
-	size_t n, size;
-	static ufs2_daddr_t blkmap, indmap;
-
-	blkbuf = dmadat->blkbuf;
-	indbuf = dmadat->indbuf;
-	if (!dsk_meta) {
-		inomap = 0;
-		for (n = 0; sblock_try[n] != -1; n++) {
-			if (dskread(dmadat->sbbuf, sblock_try[n] / DEV_BSIZE,
-			    SBLOCKSIZE / DEV_BSIZE))
-				return (-1);
-			memcpy(&fs, dmadat->sbbuf, sizeof(struct fs));
-			if ((
-#if defined(UFS1_ONLY)
-			    fs.fs_magic == FS_UFS1_MAGIC
-#elif defined(UFS2_ONLY)
-			    (fs.fs_magic == FS_UFS2_MAGIC &&
-			    fs.fs_sblockloc == sblock_try[n])
-#else
-			    fs.fs_magic == FS_UFS1_MAGIC ||
-			    (fs.fs_magic == FS_UFS2_MAGIC &&
-			    fs.fs_sblockloc == sblock_try[n])
-#endif
-			    ) &&
-			    fs.fs_bsize <= MAXBSIZE &&
-			    fs.fs_bsize >= (int32_t)sizeof(struct fs))
-				break;
-		}
-		if (sblock_try[n] == -1) {
-			return (-1);
-		}
-		dsk_meta++;
-	} else
-		memcpy(&fs, dmadat->sbbuf, sizeof(struct fs));
-	if (!inode)
-		return (0);
-	if (inomap != inode) {
-		n = IPERVBLK(&fs);
-		if (dskread(blkbuf, INO_TO_VBA(&fs, n, inode), DBPERVBLK))
-			return (-1);
-		n = INO_TO_VBO(n, inode);
-#if defined(UFS1_ONLY)
-		memcpy(&dp1, (struct ufs1_dinode *)blkbuf + n,
-		    sizeof(struct ufs1_dinode));
-#elif defined(UFS2_ONLY)
-		memcpy(&dp2, (struct ufs2_dinode *)blkbuf + n,
-		    sizeof(struct ufs2_dinode));
-#else
-		if (fs.fs_magic == FS_UFS1_MAGIC)
-			memcpy(&dp1, (struct ufs1_dinode *)(void *)blkbuf + n,
-			    sizeof(struct ufs1_dinode));
-		else
-			memcpy(&dp2, (struct ufs2_dinode *)(void *)blkbuf + n,
-			    sizeof(struct ufs2_dinode));
-#endif
-		inomap = inode;
-		fs_off = 0;
-		blkmap = indmap = 0;
-	}
-	size = DIP(di_size);
-	n = size - fs_off;
 
-	return (n);
-}
+	devinfo = dev;
+	dmadat = &__dmadat;
 
-static struct dmadat __dmadat;
+	return fsread(0, NULL, 0);
+}
 
 static EFI_STATUS
 probe(dev_info_t* dev)
 {
 
-	devinfo = dev;
-	dmadat = &__dmadat;
-	if (fsread(0, NULL, 0) < 0)
+	if (init_dev(dev) < 0)
 		return (EFI_UNSUPPORTED);
 
 	add_device(&devices, dev);
@@ -171,14 +101,15 @@ try_load(dev_info_t *dev, const char *loader_path, void **bufp, size_t *bufsize)
 	ssize_t read;
 	void *buf;
 
-	dsk_meta = 0;
-	devinfo = dev;
+	if (init_dev(dev) < 0)
+		return (EFI_UNSUPPORTED);
+
 	if ((ino = lookup(loader_path)) == 0)
 		return (EFI_NOT_FOUND);
 
-	size = fsstat(ino);
-	if (size <= 0) {
-		printf("Failed to fsstat %s ino: %d\n", loader_path, ino);
+	if (fsread_size(ino, NULL, 0, &size) < 0 || size <= 0) {
+		printf("Failed to read size of '%s' ino: %d\n", loader_path,
+		    ino);
 		return (EFI_INVALID_PARAMETER);
 	}
 
@@ -191,7 +122,7 @@ try_load(dev_info_t *dev, const char *loader_path, void **bufp, size_t *bufsize)
 
 	read = fsread(ino, buf, size);
 	if ((size_t)read != size) {
-		printf("Failed to read %s (%zd != %zu)\n", loader_path, read,
+		printf("Failed to read '%s' (%zd != %zu)\n", loader_path, read,
 		    size);
 		(void)bs->FreePool(buf);
 		return (EFI_INVALID_PARAMETER);
diff --git a/sys/boot/kshim/bsd_global.h b/sys/boot/kshim/bsd_global.h
index 4f6d88b..63bba75 100644
--- a/sys/boot/kshim/bsd_global.h
+++ b/sys/boot/kshim/bsd_global.h
@@ -55,7 +55,6 @@
 #include <dev/usb/usb_pf.h>
 #include <dev/usb/usb_request.h>
 #include <dev/usb/usb_util.h>
-#include <dev/usb/usb_compat_linux.h>
 #include <dev/usb/usbhid.h>
 #include <dev/usb/usb_ioctl.h>
 #include <dev/usb/usb_generic.h>
diff --git a/sys/boot/kshim/bsd_kernel.c b/sys/boot/kshim/bsd_kernel.c
index de92c8f..ccdec49 100644
--- a/sys/boot/kshim/bsd_kernel.c
+++ b/sys/boot/kshim/bsd_kernel.c
@@ -47,6 +47,74 @@ mtx_system_init(void *arg)
 }
 SYSINIT(mtx_system_init, SI_SUB_LOCK, SI_ORDER_MIDDLE, mtx_system_init, NULL);
 
+int
+bus_dma_tag_create(bus_dma_tag_t parent, bus_size_t alignment,
+		   bus_size_t boundary, bus_addr_t lowaddr,
+		   bus_addr_t highaddr, bus_dma_filter_t *filter,
+		   void *filterarg, bus_size_t maxsize, int nsegments,
+		   bus_size_t maxsegsz, int flags, bus_dma_lock_t *lockfunc,
+		   void *lockfuncarg, bus_dma_tag_t *dmat)
+{
+	struct bus_dma_tag *ret;
+
+	ret = malloc(sizeof(struct bus_dma_tag), XXX, XXX);
+	if (*dmat == NULL)
+		return (ENOMEM);
+	ret->alignment = alignment;
+	ret->maxsize = maxsize;
+
+	*dmat = ret;
+
+	return (0);
+}
+
+int
+bus_dmamem_alloc(bus_dma_tag_t dmat, void** vaddr, int flags,
+    bus_dmamap_t *mapp)
+{
+	void *addr;
+
+	addr = malloc(dmat->maxsize + dmat->alignment, XXX, XXX);
+	if (addr == 0)
+		return (ENOMEM);
+
+	*mapp = addr;
+	addr = (void*)(((uintptr_t)addr + dmat->alignment - 1) & ~(dmat->alignment - 1));
+
+	*vaddr = addr;
+	return (0);
+}
+
+int
+bus_dmamap_load(bus_dma_tag_t dmat, bus_dmamap_t map, void *buf,
+    bus_size_t buflen, bus_dmamap_callback_t *callback,
+    void *callback_arg, int flags)
+{
+	bus_dma_segment_t segs[1];
+
+	segs[0].ds_addr = (uintptr_t)buf;
+	segs[0].ds_len = buflen;
+
+	(*callback)(callback_arg, segs, 1, 0);
+
+	return (0);
+}
+
+void
+bus_dmamem_free(bus_dma_tag_t dmat, void *vaddr, bus_dmamap_t map)
+{
+
+	free(map, XXX);
+}
+
+int
+bus_dma_tag_destroy(bus_dma_tag_t dmat)
+{
+
+	free(dmat, XXX);
+	return (0);
+}
+
 struct resource *
 bus_alloc_resource_any(device_t dev, int type, int *rid, unsigned int flags)
 {
diff --git a/sys/boot/kshim/bsd_kernel.h b/sys/boot/kshim/bsd_kernel.h
index 72e0d23..efae6c4 100644
--- a/sys/boot/kshim/bsd_kernel.h
+++ b/sys/boot/kshim/bsd_kernel.h
@@ -48,8 +48,15 @@
 #define	USB_BUS_EXPLORE_PROC(bus) (usb_process + 0)
 #define	USB_BUS_CONTROL_XFER_PROC(bus) (usb_process + 1)
 #define	SYSCTL_DECL(...)
+struct sysctl_req {
+	void		*newptr;
+};
+#define	SYSCTL_HANDLER_ARGS void *oidp, void *arg1,	\
+	uint32_t arg2, struct sysctl_req *req
 #define	SYSCTL_NODE(name,...) struct { } name __used
 #define	SYSCTL_INT(...)
+#define	SYSCTL_UINT(...)
+#define	SYSCTL_PROC(...)
 #define	TUNABLE_INT(...)
 #define	MALLOC_DECLARE(...)
 #define	MALLOC_DEFINE(...)
@@ -65,6 +72,7 @@
 #define	MOD_UNLOAD 2
 #define	DEVMETHOD(what,func) { #what, (void *)&func }
 #define	DEVMETHOD_END {0,0}
+#define	EARLY_DRIVER_MODULE(a, b, c, d, e, f, g)	DRIVER_MODULE(a, b, c, d, e, f)
 #define	DRIVER_MODULE(name, busname, driver, devclass, evh, arg)	\
   static struct module_data bsd_##name##_##busname##_driver_mod = {	\
 	evh, arg, #busname, #name, #busname "/" #name,			\
@@ -202,11 +210,30 @@ typedef unsigned long u_long;
 typedef unsigned long bus_addr_t;
 typedef unsigned long bus_size_t;
 
+typedef struct bus_dma_segment {
+	bus_addr_t	ds_addr;	/* DMA address */
+	bus_size_t	ds_len;		/* length of transfer */
+} bus_dma_segment_t;
+
+struct bus_dma_tag {
+	uint32_t	alignment;
+	uint32_t	maxsize;
+};
+
 typedef void *bus_dmamap_t;
-typedef void *bus_dma_tag_t;
+typedef struct bus_dma_tag *bus_dma_tag_t;
+
+typedef enum {
+	BUS_DMA_LOCK	= 0x01,
+	BUS_DMA_UNLOCK	= 0x02,
+} bus_dma_lock_op_t;
 
 typedef void *bus_space_tag_t;
 typedef uint8_t *bus_space_handle_t;
+typedef int bus_dma_filter_t(void *, bus_addr_t);
+typedef void bus_dma_lock_t(void *, bus_dma_lock_op_t);
+
+typedef uint32_t bool;
 
 /* SYSINIT API */
 
@@ -579,4 +606,40 @@ extern int (*ofw_bus_is_compatible_cb)(device_t dev, char *name);
 #define	strlcpy(d,s,n) snprintf((d),(n),"%s",(s))
 #endif
 
+/* Should be defined in user application since it is machine-dependent */
+extern int delay(unsigned int);
+
+/* BUS dma */
+#define	BUS_SPACE_MAXADDR_24BIT	0xFFFFFF
+#define	BUS_SPACE_MAXADDR_32BIT	0xFFFFFFFF
+#define	BUS_SPACE_MAXADDR	0xFFFFFFFF
+#define	BUS_SPACE_MAXSIZE_24BIT	0xFFFFFF
+#define	BUS_SPACE_MAXSIZE_32BIT	0xFFFFFFFF
+#define	BUS_SPACE_MAXSIZE	0xFFFFFFFF
+
+#define	BUS_DMA_WAITOK		0x00	/* safe to sleep (pseudo-flag) */
+#define	BUS_DMA_NOWAIT		0x01	/* not safe to sleep */
+#define	BUS_DMA_ALLOCNOW	0x02	/* perform resource allocation now */
+#define	BUS_DMA_COHERENT	0x04	/* hint: map memory in a coherent way */
+#define	BUS_DMA_ZERO		0x08	/* allocate zero'ed memory */
+#define	BUS_DMA_BUS1		0x10	/* placeholders for bus functions... */
+#define	BUS_DMA_BUS2		0x20
+#define	BUS_DMA_BUS3		0x40
+#define	BUS_DMA_BUS4		0x80
+
+typedef void bus_dmamap_callback_t(void *, bus_dma_segment_t *, int, int);
+
+int
+bus_dma_tag_create(bus_dma_tag_t parent, bus_size_t alignment,
+		   bus_size_t boundary, bus_addr_t lowaddr,
+		   bus_addr_t highaddr, bus_dma_filter_t *filter,
+		   void *filterarg, bus_size_t maxsize, int nsegments,
+		   bus_size_t maxsegsz, int flags, bus_dma_lock_t *lockfunc,
+		   void *lockfuncarg, bus_dma_tag_t *dmat);
+
+int bus_dmamem_alloc(bus_dma_tag_t dmat, void** vaddr, int flags,
+    bus_dmamap_t *mapp);
+void bus_dmamem_free(bus_dma_tag_t dmat, void *vaddr, bus_dmamap_t map);
+int bus_dma_tag_destroy(bus_dma_tag_t dmat);
+
 #endif					/* _BSD_KERNEL_H_ */
diff --git a/sys/boot/mips/beri/boot2/flashboot.ldscript b/sys/boot/mips/beri/boot2/flashboot.ldscript
index 0c820fa..4d61438 100644
--- a/sys/boot/mips/beri/boot2/flashboot.ldscript
+++ b/sys/boot/mips/beri/boot2/flashboot.ldscript
@@ -49,13 +49,13 @@ SECTIONS
 {
 	. = __boot2_base_vaddr__;
 	. += SIZEOF_HEADERS;
-	.text ALIGN(0x8): {
+	.text ALIGN(0x10): {
 		relocate.o(.text)
 		start.o(.text)
 		*(EXCLUDE_FILE (relocate.o start.o) .text)
 	}
-	.data ALIGN(0x8): { *(.data)}
-	.bss ALIGN(0x8): { *(.bss) }
+	.data ALIGN(0x10): { *(.data)}
+	.bss ALIGN(0x10): { *(.bss) }
 
 	__heap = ALIGN(0x8);	/* 64-bit aligned heap pointer */
 	__data_end = .;
diff --git a/sys/boot/mips/beri/boot2/jtagboot.ldscript b/sys/boot/mips/beri/boot2/jtagboot.ldscript
index 25fb61d..064c6e1 100644
--- a/sys/boot/mips/beri/boot2/jtagboot.ldscript
+++ b/sys/boot/mips/beri/boot2/jtagboot.ldscript
@@ -49,12 +49,12 @@ SECTIONS
 {
 	. = __boot2_base_vaddr__;
 	. += SIZEOF_HEADERS;
-	.text ALIGN(0x8): {
+	.text ALIGN(0x10): {
 		start.o(.text)
 		*(EXCLUDE_FILE (start.o) .text)
 	}
-	.data ALIGN(0x8): { *(.data)}
-	.bss ALIGN(0x8): { *(.bss) }
+	.data ALIGN(0x10): { *(.data)}
+	.bss ALIGN(0x10): { *(.bss) }
 
 	__heap = ALIGN(0x8);	/* 64-bit aligned heap pointer */
 	__data_end = .;
diff --git a/sys/boot/usb/tools/Makefile b/sys/boot/usb/tools/Makefile
index ae3259f..64cf28c 100644
--- a/sys/boot/usb/tools/Makefile
+++ b/sys/boot/usb/tools/Makefile
@@ -1,7 +1,7 @@
 # $FreeBSD$
 
 PROG=	sysinit
-NO_MAN=
+MAN=
 
 CFLAGS+=	-I${.CURDIR}/../../kshim
 
diff --git a/sys/cam/ctl/ctl_ha.c b/sys/cam/ctl/ctl_ha.c
index 5e31b41..57466ec 100644
--- a/sys/cam/ctl/ctl_ha.c
+++ b/sys/cam/ctl/ctl_ha.c
@@ -443,7 +443,7 @@ ctl_ha_connect(struct ha_softc *softc)
 
 	memcpy(&sa, &softc->ha_peer_in, sizeof(sa));
 	error = soconnect(so, (struct sockaddr *)&sa, td);
-	if (error != 0) {
+	if (error != 0 && bootverbose) {
 		printf("%s: soconnect() error %d\n", __func__, error);
 		goto out;
 	}
diff --git a/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/dmu.c b/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/dmu.c
index ed3f19c..b60236f 100644
--- a/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/dmu.c
+++ b/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/dmu.c
@@ -1420,6 +1420,9 @@ dmu_assign_arcbuf(dmu_buf_t *handle, uint64_t offset, arc_buf_t *buf,
 	 */
 	if (offset == db->db.db_offset && blksz == db->db.db_size &&
 	    DBUF_GET_BUFC_TYPE(db) == ARC_BUFC_DATA) {
+#ifdef _KERNEL
+		curthread->td_ru.ru_oublock++;
+#endif
 		dbuf_assign_arcbuf(db, buf, tx);
 		dbuf_rele(db, FTAG);
 	} else {
diff --git a/sys/compat/linuxkpi/common/include/asm/atomic-long.h b/sys/compat/linuxkpi/common/include/asm/atomic-long.h
index f522af8..0cf91c9 100644
--- a/sys/compat/linuxkpi/common/include/asm/atomic-long.h
+++ b/sys/compat/linuxkpi/common/include/asm/atomic-long.h
@@ -36,7 +36,7 @@
 #include <machine/atomic.h>
 
 typedef struct {
-	volatile u_long counter;
+	volatile long counter;
 } atomic_long_t;
 
 #define	atomic_long_add(i, v)		atomic_long_add_return((i), (v))
diff --git a/sys/compat/linuxkpi/common/include/asm/atomic.h b/sys/compat/linuxkpi/common/include/asm/atomic.h
index fc22a39..ee85624 100644
--- a/sys/compat/linuxkpi/common/include/asm/atomic.h
+++ b/sys/compat/linuxkpi/common/include/asm/atomic.h
@@ -2,7 +2,7 @@
  * Copyright (c) 2010 Isilon Systems, Inc.
  * Copyright (c) 2010 iX Systems, Inc.
  * Copyright (c) 2010 Panasas, Inc.
- * Copyright (c) 2013, 2014 Mellanox Technologies, Ltd.
+ * Copyright (c) 2013-2016 Mellanox Technologies, Ltd.
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -36,9 +36,13 @@
 #include <machine/atomic.h>
 
 typedef struct {
-	volatile u_int counter;
+	volatile int counter;
 } atomic_t;
 
+/*------------------------------------------------------------------------*
+ *	32-bit atomic operations
+ *------------------------------------------------------------------------*/
+
 #define	atomic_add(i, v)		atomic_add_return((i), (v))
 #define	atomic_sub(i, v)		atomic_sub_return((i), (v))
 #define	atomic_inc_return(v)		atomic_add_return(1, (v))
@@ -46,7 +50,8 @@ typedef struct {
 #define	atomic_sub_and_test(i, v)	(atomic_sub_return((i), (v)) == 0)
 #define	atomic_dec_and_test(v)		(atomic_sub_return(1, (v)) == 0)
 #define	atomic_inc_and_test(v)		(atomic_add_return(1, (v)) == 0)
-#define atomic_dec_return(v)             atomic_sub_return(1, (v))
+#define	atomic_dec_return(v)		atomic_sub_return(1, (v))
+#define	atomic_inc_not_zero(v)		atomic_add_unless((v), 1, 0)
 
 static inline int
 atomic_add_return(int i, atomic_t *v)
@@ -84,24 +89,19 @@ atomic_dec(atomic_t *v)
 	return atomic_fetchadd_int(&v->counter, -1) - 1;
 }
 
-static inline int atomic_add_unless(atomic_t *v, int a, int u)
+static inline int
+atomic_add_unless(atomic_t *v, int a, int u)
 {
-        int c, old;
-        c = atomic_read(v);
-        for (;;) {
-                if (unlikely(c == (u)))
-                        break;
-                old = atomic_cmpset_int(&v->counter, c, c + (a));
-                if (likely(old == c))
-                        break;
-                c = old;
-        }
-        return c != (u);
-}
-
-#define atomic_inc_not_zero(v) atomic_add_unless((v), 1, 0)
-
-
+	int c;
 
+	for (;;) {
+		c = atomic_read(v);
+		if (unlikely(c == u))
+			break;
+		if (likely(atomic_cmpset_int(&v->counter, c, c + a)))
+			break;
+	}
+	return (c != u);
+}
 
-#endif	/* _ASM_ATOMIC_H_ */
+#endif					/* _ASM_ATOMIC_H_ */
diff --git a/sys/compat/linuxkpi/common/include/asm/atomic64.h b/sys/compat/linuxkpi/common/include/asm/atomic64.h
new file mode 100644
index 0000000..3d49baa
--- /dev/null
+++ b/sys/compat/linuxkpi/common/include/asm/atomic64.h
@@ -0,0 +1,104 @@
+/*-
+ * Copyright (c) 2016 Mellanox Technologies, Ltd.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice unmodified, this list of conditions, and the following
+ *    disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+ * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ * $FreeBSD$
+ */
+#ifndef	_ASM_ATOMIC64_H_
+#define	_ASM_ATOMIC64_H_
+
+#include <sys/cdefs.h>
+#include <sys/types.h>
+#include <machine/atomic.h>
+
+typedef struct {
+	volatile int64_t counter;
+} atomic64_t;
+
+/*------------------------------------------------------------------------*
+ *	64-bit atomic operations
+ *------------------------------------------------------------------------*/
+
+#define	atomic64_add(i, v)		atomic64_add_return((i), (v))
+#define	atomic64_sub(i, v)		atomic64_sub_return((i), (v))
+#define	atomic64_inc_return(v)		atomic64_add_return(1, (v))
+#define	atomic64_add_negative(i, v)	(atomic64_add_return((i), (v)) < 0)
+#define	atomic64_sub_and_test(i, v)	(atomic64_sub_return((i), (v)) == 0)
+#define	atomic64_dec_and_test(v)	(atomic64_sub_return(1, (v)) == 0)
+#define	atomic64_inc_and_test(v)	(atomic64_add_return(1, (v)) == 0)
+#define	atomic64_dec_return(v)		atomic64_sub_return(1, (v))
+#define	atomic64_inc_not_zero(v)	atomic64_add_unless((v), 1, 0)
+
+static inline int64_t
+atomic64_add_return(int64_t i, atomic64_t *v)
+{
+	return i + atomic_fetchadd_64(&v->counter, i);
+}
+
+static inline int64_t
+atomic64_sub_return(int64_t i, atomic64_t *v)
+{
+	return atomic_fetchadd_64(&v->counter, -i) - i;
+}
+
+static inline void
+atomic64_set(atomic64_t *v, int64_t i)
+{
+	atomic_store_rel_64(&v->counter, i);
+}
+
+static inline int64_t
+atomic64_read(atomic64_t *v)
+{
+	return atomic_load_acq_64(&v->counter);
+}
+
+static inline int64_t
+atomic64_inc(atomic64_t *v)
+{
+	return atomic_fetchadd_64(&v->counter, 1) + 1;
+}
+
+static inline int64_t
+atomic64_dec(atomic64_t *v)
+{
+	return atomic_fetchadd_64(&v->counter, -1) - 1;
+}
+
+static inline int64_t
+atomic64_add_unless(atomic64_t *v, int64_t a, int64_t u)
+{
+	int64_t c;
+
+	for (;;) {
+		c = atomic64_read(v);
+		if (unlikely(c == u))
+			break;
+		if (likely(atomic_cmpset_64(&v->counter, c, c + a)))
+			break;
+	}
+	return (c != u);
+}
+
+#endif					/* _ASM_ATOMIC64_H_ */
diff --git a/sys/compat/linuxkpi/common/include/linux/idr.h b/sys/compat/linuxkpi/common/include/linux/idr.h
index fc377d4..d13aeaf 100644
--- a/sys/compat/linuxkpi/common/include/linux/idr.h
+++ b/sys/compat/linuxkpi/common/include/linux/idr.h
@@ -2,7 +2,7 @@
  * Copyright (c) 2010 Isilon Systems, Inc.
  * Copyright (c) 2010 iX Systems, Inc.
  * Copyright (c) 2010 Panasas, Inc.
- * Copyright (c) 2013 Mellanox Technologies, Ltd.
+ * Copyright (c) 2013-2016 Mellanox Technologies, Ltd.
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -60,6 +60,7 @@ struct idr {
 	struct idr_layer	*top;
 	struct idr_layer	*free;
 	int			layers;
+	int			next_cyclic_id;
 };
 
 #define DEFINE_IDR(name)						\
@@ -67,6 +68,9 @@ struct idr {
 	SYSINIT(name##_idr_sysinit, SI_SUB_DRIVERS, SI_ORDER_FIRST,	\
 	    idr_init, &(name));
 
+#define	idr_preload(x) do { } while (0)
+#define	idr_preload_end() do { } while (0)
+
 void	*idr_find(struct idr *idp, int id);
 int	idr_pre_get(struct idr *idp, gfp_t gfp_mask);
 int	idr_get_new(struct idr *idp, void *ptr, int *id);
@@ -76,5 +80,7 @@ void	idr_remove(struct idr *idp, int id);
 void	idr_remove_all(struct idr *idp);
 void	idr_destroy(struct idr *idp);
 void	idr_init(struct idr *idp);
+int	idr_alloc(struct idr *idp, void *ptr, int start, int end, gfp_t);
+int	idr_alloc_cyclic(struct idr *idp, void *ptr, int start, int end, gfp_t);
 
 #endif	/* _LINUX_IDR_H_ */
diff --git a/sys/compat/linuxkpi/common/include/linux/mutex.h b/sys/compat/linuxkpi/common/include/linux/mutex.h
index aee34cf..68bbfaa 100644
--- a/sys/compat/linuxkpi/common/include/linux/mutex.h
+++ b/sys/compat/linuxkpi/common/include/linux/mutex.h
@@ -59,6 +59,6 @@ linux_mutex_init(mutex_t *m)
 	sx_init_flags(&m->sx, "lnxmtx",  SX_NOWITNESS);
 }
 
-#define	mutex_init	linux_mutex_init
+#define	mutex_init(m)	linux_mutex_init(m)
 
 #endif	/* _LINUX_MUTEX_H_ */
diff --git a/sys/compat/linuxkpi/common/src/linux_idr.c b/sys/compat/linuxkpi/common/src/linux_idr.c
index fa98622..6d9ec81 100644
--- a/sys/compat/linuxkpi/common/src/linux_idr.c
+++ b/sys/compat/linuxkpi/common/src/linux_idr.c
@@ -2,7 +2,7 @@
  * Copyright (c) 2010 Isilon Systems, Inc.
  * Copyright (c) 2010 iX Systems, Inc.
  * Copyright (c) 2010 Panasas, Inc.
- * Copyright (c) 2013, 2014 Mellanox Technologies, Ltd.
+ * Copyright (c) 2013-2016 Mellanox Technologies, Ltd.
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -116,21 +116,18 @@ idr_remove_all(struct idr *idr)
 	mtx_unlock(&idr->lock);
 }
 
-void
-idr_remove(struct idr *idr, int id)
+static void
+idr_remove_locked(struct idr *idr, int id)
 {
 	struct idr_layer *il;
 	int layer;
 	int idx;
 
 	id &= MAX_ID_MASK;
-	mtx_lock(&idr->lock);
 	il = idr->top;
 	layer = idr->layers - 1;
-	if (il == NULL || id > idr_max(idr)) {
-		mtx_unlock(&idr->lock);
+	if (il == NULL || id > idr_max(idr))
 		return;
-	}
 	/*
 	 * Walk down the tree to this item setting bitmaps along the way
 	 * as we know at least one item will be free along this path.
@@ -152,8 +149,14 @@ idr_remove(struct idr *idr, int id)
 		    id, idr, il);
 	il->ary[idx] = NULL;
 	il->bitmap |= 1 << idx;
+}
+
+void
+idr_remove(struct idr *idr, int id)
+{
+	mtx_lock(&idr->lock);
+	idr_remove_locked(idr, id);
 	mtx_unlock(&idr->lock);
-	return;
 }
 
 void *
@@ -278,8 +281,8 @@ idr_get(struct idr *idr)
  * Could be implemented as get_new_above(idr, ptr, 0, idp) but written
  * first for simplicity sake.
  */
-int
-idr_get_new(struct idr *idr, void *ptr, int *idp)
+static int
+idr_get_new_locked(struct idr *idr, void *ptr, int *idp)
 {
 	struct idr_layer *stack[MAX_LEVEL];
 	struct idr_layer *il;
@@ -288,8 +291,9 @@ idr_get_new(struct idr *idr, void *ptr, int *idp)
 	int idx;
 	int id;
 
+	mtx_assert(&idr->lock, MA_OWNED);
+
 	error = -EAGAIN;
-	mtx_lock(&idr->lock);
 	/*
 	 * Expand the tree until there is free space.
 	 */
@@ -350,12 +354,22 @@ out:
 		    idr, id, ptr);
 	}
 #endif
-	mtx_unlock(&idr->lock);
 	return (error);
 }
 
 int
-idr_get_new_above(struct idr *idr, void *ptr, int starting_id, int *idp)
+idr_get_new(struct idr *idr, void *ptr, int *idp)
+{
+	int retval;
+
+	mtx_lock(&idr->lock);
+	retval = idr_get_new_locked(idr, ptr, idp);
+	mtx_unlock(&idr->lock);
+	return (retval);
+}
+
+static int
+idr_get_new_above_locked(struct idr *idr, void *ptr, int starting_id, int *idp)
 {
 	struct idr_layer *stack[MAX_LEVEL];
 	struct idr_layer *il;
@@ -364,8 +378,9 @@ idr_get_new_above(struct idr *idr, void *ptr, int starting_id, int *idp)
 	int idx, sidx;
 	int id;
 
+	mtx_assert(&idr->lock, MA_OWNED);
+
 	error = -EAGAIN;
-	mtx_lock(&idr->lock);
 	/*
 	 * Compute the layers required to support starting_id and the mask
 	 * at the top layer.
@@ -457,6 +472,70 @@ out:
 		    idr, id, ptr);
 	}
 #endif
-	mtx_unlock(&idr->lock);
 	return (error);
 }
+
+int
+idr_get_new_above(struct idr *idr, void *ptr, int starting_id, int *idp)
+{
+	int retval;
+
+	mtx_lock(&idr->lock);
+	retval = idr_get_new_above_locked(idr, ptr, starting_id, idp);
+	mtx_unlock(&idr->lock);
+	return (retval);
+}
+
+static int
+idr_alloc_locked(struct idr *idr, void *ptr, int start, int end)
+{
+	int max = end > 0 ? end - 1 : INT_MAX;
+	int error;
+	int id;
+
+	mtx_assert(&idr->lock, MA_OWNED);
+
+	if (unlikely(start < 0))
+		return (-EINVAL);
+	if (unlikely(max < start))
+		return (-ENOSPC);
+
+	if (start == 0)
+		error = idr_get_new_locked(idr, ptr, &id);
+	else
+		error = idr_get_new_above_locked(idr, ptr, start, &id);
+
+	if (unlikely(error < 0))
+		return (error);
+	if (unlikely(id > max)) {
+		idr_remove_locked(idr, id);
+		return (-ENOSPC);
+	}
+	return (id);
+}
+
+int
+idr_alloc(struct idr *idr, void *ptr, int start, int end, gfp_t gfp_mask)
+{
+	int retval;
+
+	mtx_lock(&idr->lock);
+	retval = idr_alloc_locked(idr, ptr, start, end);
+	mtx_unlock(&idr->lock);
+	return (retval);
+}
+
+int
+idr_alloc_cyclic(struct idr *idr, void *ptr, int start, int end, gfp_t gfp_mask)
+{
+	int retval;
+
+	mtx_lock(&idr->lock);
+	retval = idr_alloc_locked(idr, ptr, max(start, idr->next_cyclic_id), end);
+	if (unlikely(retval == -ENOSPC))
+		retval = idr_alloc_locked(idr, ptr, start, end);
+	if (likely(retval >= 0))
+		idr->next_cyclic_id = retval + 1;
+	mtx_unlock(&idr->lock);
+	return (retval);
+}
diff --git a/sys/conf/files b/sys/conf/files
index ad2ea5e..076b3ce 100644
--- a/sys/conf/files
+++ b/sys/conf/files
@@ -1410,6 +1410,15 @@ dev/ex/if_ex.c			optional ex
 dev/ex/if_ex_isa.c		optional ex isa
 dev/ex/if_ex_pccard.c		optional ex pccard
 dev/exca/exca.c			optional cbb
+dev/extres/clk/clk.c		optional ext_resources clk
+dev/extres/clk/clkdev_if.m	optional ext_resources clk
+dev/extres/clk/clknode_if.m	optional ext_resources clk
+dev/extres/clk/clk_div.c	optional ext_resources clk
+dev/extres/clk/clk_fixed.c	optional ext_resources clk
+dev/extres/clk/clk_gate.c	optional ext_resources clk
+dev/extres/clk/clk_mux.c	optional ext_resources clk
+dev/extres/hwreset/hwreset.c	optional ext_resources hwreset
+dev/extres/hwreset/hwreset_if.m	optional ext_resources hwreset
 dev/fatm/if_fatm.c		optional fatm pci
 dev/fb/fbd.c			optional fbd | vt
 dev/fb/fb_if.m			standard
@@ -1419,7 +1428,7 @@ dev/fdt/fdt_clock_if.m		optional fdt fdt_clock
 dev/fdt/fdt_common.c		optional fdt
 dev/fdt/fdt_pinctrl.c		optional fdt fdt_pinctrl
 dev/fdt/fdt_pinctrl_if.m	optional fdt fdt_pinctrl
-dev/fdt/fdt_slicer.c		optional fdt cfi | fdt nand
+dev/fdt/fdt_slicer.c		optional fdt cfi | fdt nand | fdt mx25l
 dev/fdt/fdt_static_dtb.S	optional fdt fdt_dtb_static \
 	dependency	"$S/boot/fdt/dts/${MACHINE}/${FDT_DTS_FILE}"
 dev/fdt/simplebus.c		optional fdt
@@ -3010,7 +3019,7 @@ geom/geom_disk.c		standard
 geom/geom_dump.c		standard
 geom/geom_event.c		standard
 geom/geom_fox.c			optional geom_fox
-geom/geom_flashmap.c		optional fdt cfi | fdt nand
+geom/geom_flashmap.c		optional fdt cfi | fdt nand | fdt mx25l
 geom/geom_io.c			standard
 geom/geom_kern.c		standard
 geom/geom_map.c			optional geom_map
@@ -3114,6 +3123,8 @@ fs/ext2fs/ext2_bmap.c		optional ext2fs
 fs/ext2fs/ext2_extents.c	optional ext2fs
 fs/ext2fs/ext2_inode.c		optional ext2fs
 fs/ext2fs/ext2_inode_cnv.c	optional ext2fs
+fs/ext2fs/ext2_hash.c		optional ext2fs
+fs/ext2fs/ext2_htree.c		optional ext2fs
 fs/ext2fs/ext2_lookup.c		optional ext2fs
 fs/ext2fs/ext2_subr.c		optional ext2fs
 fs/ext2fs/ext2_vfsops.c		optional ext2fs
@@ -3211,6 +3222,7 @@ kern/kern_rmlock.c		standard
 kern/kern_rwlock.c		standard
 kern/kern_sdt.c			optional kdtrace_hooks
 kern/kern_sema.c		standard
+kern/kern_sendfile.c		standard
 kern/kern_sharedpage.c		standard
 kern/kern_shutdown.c		standard
 kern/kern_sig.c			standard
diff --git a/sys/conf/files.amd64 b/sys/conf/files.amd64
index 5944a38..a6ab7d9 100644
--- a/sys/conf/files.amd64
+++ b/sys/conf/files.amd64
@@ -240,7 +240,6 @@ dev/fdc/fdc.c			optional	fdc
 dev/fdc/fdc_acpi.c		optional	fdc
 dev/fdc/fdc_isa.c		optional	fdc isa
 dev/fdc/fdc_pccard.c		optional	fdc pccard
-dev/fdt/fdt_x86.c		optional	fdt
 dev/hpt27xx/hpt27xx_os_bsd.c	optional	hpt27xx
 dev/hpt27xx/hpt27xx_osm_bsd.c	optional	hpt27xx
 dev/hpt27xx/hpt27xx_config.c	optional	hpt27xx
diff --git a/sys/conf/files.arm64 b/sys/conf/files.arm64
index a128967..6168d70 100644
--- a/sys/conf/files.arm64
+++ b/sys/conf/files.arm64
@@ -59,7 +59,6 @@ crypto/blowfish/bf_enc.c	optional	crypto | ipsec
 crypto/des/des_enc.c		optional	crypto | ipsec | netsmb
 dev/acpica/acpi_if.m		optional	acpi
 dev/ahci/ahci_generic.c		optional ahci fdt
-dev/fdt/fdt_arm64.c		optional	fdt
 dev/hwpmc/hwpmc_arm64.c		optional	hwpmc
 dev/hwpmc/hwpmc_arm64_md.c	optional	hwpmc
 dev/mmc/host/dwmmc.c		optional	dwmmc
diff --git a/sys/conf/files.i386 b/sys/conf/files.i386
index 334e857..172897b 100644
--- a/sys/conf/files.i386
+++ b/sys/conf/files.i386
@@ -208,7 +208,6 @@ dev/fdc/fdc.c			optional fdc
 dev/fdc/fdc_acpi.c		optional fdc
 dev/fdc/fdc_isa.c		optional fdc isa
 dev/fdc/fdc_pccard.c		optional fdc pccard
-dev/fdt/fdt_x86.c		optional fdt
 dev/fe/if_fe_isa.c		optional fe isa
 dev/glxiic/glxiic.c		optional glxiic
 dev/glxsb/glxsb.c		optional glxsb
diff --git a/sys/conf/files.mips b/sys/conf/files.mips
index da21410..0bd6938 100644
--- a/sys/conf/files.mips
+++ b/sys/conf/files.mips
@@ -80,7 +80,6 @@ dev/syscons/scvtb.c			optional	sc
 mips/mips/sc_machdep.c			optional	sc
 
 # FDT support
-dev/fdt/fdt_mips.c			optional	fdt
 dev/uart/uart_cpu_fdt.c			optional	uart fdt
 
 # crypto support -- use generic
diff --git a/sys/conf/options b/sys/conf/options
index acded05..c7cd5818 100644
--- a/sys/conf/options
+++ b/sys/conf/options
@@ -90,6 +90,7 @@ COMPAT_LINUXKPI	opt_compat.h
 COMPILING_LINT	opt_global.h
 CY_PCI_FASTINTR
 DEADLKRES	opt_watchdog.h
+EXT_RESOURCES	opt_global.h
 DIRECTIO
 FILEMON		opt_dontuse.h
 FFCLOCK
diff --git a/sys/dev/cxgb/ulp/iw_cxgb/iw_cxgb.h b/sys/dev/cxgb/ulp/iw_cxgb/iw_cxgb.h
index 9fd3e0c..81f305f 100644
--- a/sys/dev/cxgb/ulp/iw_cxgb/iw_cxgb.h
+++ b/sys/dev/cxgb/ulp/iw_cxgb/iw_cxgb.h
@@ -174,4 +174,5 @@ static inline void remove_handle(struct iwch_dev *rhp, struct idr *idr, u32 id)
 }
 
 void iwch_ev_dispatch(struct iwch_dev *, struct mbuf *);
+void process_newconn(struct iw_cm_id *parent_cm_id, struct socket *child_so);
 #endif
diff --git a/sys/dev/cxgb/ulp/iw_cxgb/iw_cxgb_cm.c b/sys/dev/cxgb/ulp/iw_cxgb/iw_cxgb_cm.c
index b98caae..9bcc1b0 100644
--- a/sys/dev/cxgb/ulp/iw_cxgb/iw_cxgb_cm.c
+++ b/sys/dev/cxgb/ulp/iw_cxgb/iw_cxgb_cm.c
@@ -260,7 +260,6 @@ alloc_ep(int size, int flags)
 void __free_ep(struct iwch_ep_common *epc)
 {
 	CTR3(KTR_IW_CXGB, "%s ep %p state %s", __FUNCTION__, epc, states[state_read(epc)]);
-	KASSERT(!epc->so, ("%s warning ep->so %p \n", __FUNCTION__, epc->so));
 	KASSERT(!epc->entry.tqe_prev, ("%s epc %p still on req list!\n", __FUNCTION__, epc));
 	free(epc, M_DEVBUF);
 }
@@ -1361,7 +1360,7 @@ out:
 }
 
 int
-iwch_create_listen(struct iw_cm_id *cm_id, int backlog)
+iwch_create_listen_ep(struct iw_cm_id *cm_id, int backlog)
 {
 	int err = 0;
 	struct iwch_listen_ep *ep;
@@ -1381,35 +1380,22 @@ iwch_create_listen(struct iw_cm_id *cm_id, int backlog)
 	state_set(&ep->com, LISTEN);
 
 	ep->com.so = cm_id->so;
-	err = init_sock(&ep->com);
-	if (err)
-		goto fail;
-
-	err = solisten(ep->com.so, ep->backlog, ep->com.thread);
-	if (!err) {
-		cm_id->provider_data = ep;
-		goto out;
-	}
-	close_socket(&ep->com, 0);
-fail:
-	cm_id->rem_ref(cm_id);
-	put_ep(&ep->com);
+	cm_id->provider_data = ep;
 out:
 	return err;
 }
 
-int
-iwch_destroy_listen(struct iw_cm_id *cm_id)
+void
+iwch_destroy_listen_ep(struct iw_cm_id *cm_id)
 {
 	struct iwch_listen_ep *ep = to_listen_ep(cm_id);
 
 	CTR2(KTR_IW_CXGB, "%s ep %p", __FUNCTION__, ep);
 
 	state_set(&ep->com, DEAD);
-	close_socket(&ep->com, 0);
 	cm_id->rem_ref(cm_id);
 	put_ep(&ep->com);
-	return 0;
+	return;
 }
 
 int
@@ -1526,54 +1512,32 @@ process_connected(struct iwch_ep *ep)
 	}
 }
 
-static struct socket *
-dequeue_socket(struct socket *head, struct sockaddr_in **remote, struct iwch_ep *child_ep)
-{
-	struct socket *so;
-
-	ACCEPT_LOCK();
-	so = TAILQ_FIRST(&head->so_comp);
-	if (!so) {
-		ACCEPT_UNLOCK();
-		return NULL;
-	}
-	TAILQ_REMOVE(&head->so_comp, so, so_list);
-	head->so_qlen--;
-	SOCK_LOCK(so);
-	so->so_qstate &= ~SQ_COMP;
-	so->so_head = NULL;
-	soref(so);
-	soupcall_set(so, SO_RCV, iwch_so_upcall, child_ep);
-	so->so_state |= SS_NBIO;
-	PANIC_IF(!(so->so_state & SS_ISCONNECTED));
-	PANIC_IF(so->so_error);
-	SOCK_UNLOCK(so);
-	ACCEPT_UNLOCK();
-	soaccept(so, (struct sockaddr **)remote);
-	return so;
-}
-
-static void
-process_newconn(struct iwch_ep *parent_ep)
+void
+process_newconn(struct iw_cm_id *parent_cm_id, struct socket *child_so)
 {
-	struct socket *child_so;
 	struct iwch_ep *child_ep;
+	struct sockaddr_in *local;
 	struct sockaddr_in *remote;
+	struct iwch_ep *parent_ep = parent_cm_id->provider_data;
 
 	CTR3(KTR_IW_CXGB, "%s parent ep %p so %p", __FUNCTION__, parent_ep, parent_ep->com.so);
+	if (!child_so) {
+		log(LOG_ERR, "%s - invalid child socket!\n", __func__);
+		return;
+	}
 	child_ep = alloc_ep(sizeof(*child_ep), M_NOWAIT);
 	if (!child_ep) {
 		log(LOG_ERR, "%s - failed to allocate ep entry!\n",
 		       __FUNCTION__);
 		return;
 	}
-	child_so = dequeue_socket(parent_ep->com.so, &remote, child_ep);
-	if (!child_so) {
-		log(LOG_ERR, "%s - failed to dequeue child socket!\n",
-		       __FUNCTION__);
-		__free_ep(&child_ep->com);
-		return;
-	}
+	SOCKBUF_LOCK(&child_so->so_rcv);
+	soupcall_set(child_so, SO_RCV, iwch_so_upcall, child_ep);
+	SOCKBUF_UNLOCK(&child_so->so_rcv);
+
+	in_getsockaddr(child_so, (struct sockaddr **)&local);
+	in_getpeeraddr(child_so, (struct sockaddr **)&remote);
+
 	CTR3(KTR_IW_CXGB, "%s remote addr %s port %d", __FUNCTION__, 
 		inet_ntoa(remote->sin_addr), ntohs(remote->sin_port));
 	child_ep->com.tdev = parent_ep->com.tdev;
@@ -1590,9 +1554,9 @@ process_newconn(struct iwch_ep *parent_ep)
 	child_ep->com.thread = parent_ep->com.thread;
 	child_ep->parent_ep = parent_ep;
 
+	free(local, M_SONAME);
 	free(remote, M_SONAME);
 	get_ep(&parent_ep->com);
-	child_ep->parent_ep = parent_ep;
 	callout_init(&child_ep->timer, 1);
 	state_set(&child_ep->com, MPA_REQ_WAIT);
 	start_ep_timer(child_ep);
@@ -1630,7 +1594,10 @@ process_socket_event(struct iwch_ep *ep)
 	}
 
 	if (state == LISTEN) {
-		process_newconn(ep);
+		/* socket listening events are handled at IWCM */
+		CTR3(KTR_IW_CXGB, "%s Invalid ep state:%u, ep:%p", __func__,
+			ep->com.state, ep);
+		BUG();
 		return;
 	}
 
diff --git a/sys/dev/cxgb/ulp/iw_cxgb/iw_cxgb_cm.h b/sys/dev/cxgb/ulp/iw_cxgb/iw_cxgb_cm.h
index ef76729..241106b 100644
--- a/sys/dev/cxgb/ulp/iw_cxgb/iw_cxgb_cm.h
+++ b/sys/dev/cxgb/ulp/iw_cxgb/iw_cxgb_cm.h
@@ -231,8 +231,8 @@ iwch_wakeup(struct cv *cv, struct mtx *lock, int *rpl_done)
 /* CM prototypes */
 
 int iwch_connect(struct iw_cm_id *cm_id, struct iw_cm_conn_param *conn_param);
-int iwch_create_listen(struct iw_cm_id *cm_id, int backlog);
-int iwch_destroy_listen(struct iw_cm_id *cm_id);
+int iwch_create_listen_ep(struct iw_cm_id *cm_id, int backlog);
+void iwch_destroy_listen_ep(struct iw_cm_id *cm_id);
 int iwch_reject_cr(struct iw_cm_id *cm_id, const void *pdata, u8 pdata_len);
 int iwch_accept_cr(struct iw_cm_id *cm_id, struct iw_cm_conn_param *conn_param);
 int iwch_ep_disconnect(struct iwch_ep *ep, int abrupt, int flags);
diff --git a/sys/dev/cxgb/ulp/iw_cxgb/iw_cxgb_provider.c b/sys/dev/cxgb/ulp/iw_cxgb/iw_cxgb_provider.c
index f9d36b3..448b993 100644
--- a/sys/dev/cxgb/ulp/iw_cxgb/iw_cxgb_provider.c
+++ b/sys/dev/cxgb/ulp/iw_cxgb/iw_cxgb_provider.c
@@ -1140,8 +1140,9 @@ int iwch_register_device(struct iwch_dev *dev)
 	dev->ibdev.iwcm->connect = iwch_connect;
 	dev->ibdev.iwcm->accept = iwch_accept_cr;
 	dev->ibdev.iwcm->reject = iwch_reject_cr;
-	dev->ibdev.iwcm->create_listen = iwch_create_listen;
-	dev->ibdev.iwcm->destroy_listen = iwch_destroy_listen;
+	dev->ibdev.iwcm->create_listen_ep = iwch_create_listen_ep;
+	dev->ibdev.iwcm->destroy_listen_ep = iwch_destroy_listen_ep;
+	dev->ibdev.iwcm->newconn = process_newconn;
 	dev->ibdev.iwcm->add_ref = iwch_qp_add_ref;
 	dev->ibdev.iwcm->rem_ref = iwch_qp_rem_ref;
 	dev->ibdev.iwcm->get_qp = iwch_get_qp;
diff --git a/sys/dev/cxgbe/iw_cxgbe/cm.c b/sys/dev/cxgbe/iw_cxgbe/cm.c
index 8af7df5..c884f5a 100644
--- a/sys/dev/cxgbe/iw_cxgbe/cm.c
+++ b/sys/dev/cxgbe/iw_cxgbe/cm.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2009-2013 Chelsio, Inc. All rights reserved.
+ * Copyright (c) 2009-2013, 2016 Chelsio, Inc. All rights reserved.
  *
  * This software is available to you under a choice of one of two
  * licenses.  You may choose to be licensed under the terms of the GNU
@@ -111,8 +111,6 @@ static void ep_timeout(unsigned long arg);
 static void init_sock(struct c4iw_ep_common *epc);
 static void process_data(struct c4iw_ep *ep);
 static void process_connected(struct c4iw_ep *ep);
-static struct socket * dequeue_socket(struct socket *head, struct sockaddr_in **remote, struct c4iw_ep *child_ep);
-static void process_newconn(struct c4iw_ep *parent_ep);
 static int c4iw_so_upcall(struct socket *so, void *arg, int waitflag);
 static void process_socket_event(struct c4iw_ep *ep);
 static void release_ep_resources(struct c4iw_ep *ep);
@@ -623,40 +621,21 @@ process_connected(struct c4iw_ep *ep)
 	}
 }
 
-static struct socket *
-dequeue_socket(struct socket *head, struct sockaddr_in **remote,
-    struct c4iw_ep *child_ep)
-{
-	struct socket *so;
-
-	ACCEPT_LOCK();
-	so = TAILQ_FIRST(&head->so_comp);
-	if (!so) {
-		ACCEPT_UNLOCK();
-		return (NULL);
-	}
-	TAILQ_REMOVE(&head->so_comp, so, so_list);
-	head->so_qlen--;
-	SOCK_LOCK(so);
-	so->so_qstate &= ~SQ_COMP;
-	so->so_head = NULL;
-	soref(so);
-	soupcall_set(so, SO_RCV, c4iw_so_upcall, child_ep);
-	so->so_state |= SS_NBIO;
-	SOCK_UNLOCK(so);
-	ACCEPT_UNLOCK();
-	soaccept(so, (struct sockaddr **)remote);
-
-	return (so);
-}
-
-static void
-process_newconn(struct c4iw_ep *parent_ep)
+void
+process_newconn(struct iw_cm_id *parent_cm_id, struct socket *child_so)
 {
-	struct socket *child_so;
 	struct c4iw_ep *child_ep;
+	struct sockaddr_in *local;
 	struct sockaddr_in *remote;
+	struct c4iw_ep *parent_ep = parent_cm_id->provider_data;
 
+	if (!child_so) {
+		CTR4(KTR_IW_CXGBE,
+		    "%s: parent so %p, parent ep %p, child so %p, invalid so",
+		    __func__, parent_ep->com.so, parent_ep, child_so);
+		log(LOG_ERR, "%s: invalid child socket\n", __func__);
+		return;
+	}
 	child_ep = alloc_ep(sizeof(*child_ep), M_NOWAIT);
 	if (!child_ep) {
 		CTR3(KTR_IW_CXGBE, "%s: parent so %p, parent ep %p, ENOMEM",
@@ -664,23 +643,18 @@ process_newconn(struct c4iw_ep *parent_ep)
 		log(LOG_ERR, "%s: failed to allocate ep entry\n", __func__);
 		return;
 	}
-
-	child_so = dequeue_socket(parent_ep->com.so, &remote, child_ep);
-	if (!child_so) {
-		CTR4(KTR_IW_CXGBE,
-		    "%s: parent so %p, parent ep %p, child ep %p, dequeue err",
-		    __func__, parent_ep->com.so, parent_ep, child_ep);
-		log(LOG_ERR, "%s: failed to dequeue child socket\n", __func__);
-		__free_ep(&child_ep->com);
-		return;
-
-	}
+	SOCKBUF_LOCK(&child_so->so_rcv);
+	soupcall_set(child_so, SO_RCV, c4iw_so_upcall, child_ep);
+	SOCKBUF_UNLOCK(&child_so->so_rcv);
 
 	CTR5(KTR_IW_CXGBE,
 	    "%s: parent so %p, parent ep %p, child so %p, child ep %p",
 	     __func__, parent_ep->com.so, parent_ep, child_so, child_ep);
 
-	child_ep->com.local_addr = parent_ep->com.local_addr;
+	in_getsockaddr(child_so, (struct sockaddr **)&local);
+	in_getpeeraddr(child_so, (struct sockaddr **)&remote);
+
+	child_ep->com.local_addr = *local;
 	child_ep->com.remote_addr = *remote;
 	child_ep->com.dev = parent_ep->com.dev;
 	child_ep->com.so = child_so;
@@ -688,15 +662,17 @@ process_newconn(struct c4iw_ep *parent_ep)
 	child_ep->com.thread = parent_ep->com.thread;
 	child_ep->parent_ep = parent_ep;
 
+	free(local, M_SONAME);
 	free(remote, M_SONAME);
+
 	c4iw_get_ep(&parent_ep->com);
-	child_ep->parent_ep = parent_ep;
 	init_timer(&child_ep->timer);
 	state_set(&child_ep->com, MPA_REQ_WAIT);
 	START_EP_TIMER(child_ep);
 
 	/* maybe the request has already been queued up on the socket... */
 	process_mpa_request(child_ep);
+	return;
 }
 
 static int
@@ -738,7 +714,10 @@ process_socket_event(struct c4iw_ep *ep)
 	}
 
 	if (state == LISTEN) {
-		process_newconn(ep);
+		/* socket listening events are handled at IWCM */
+		CTR3(KTR_IW_CXGBE, "%s Invalid ep state:%u, ep:%p", __func__,
+			    ep->com.state, ep);
+		BUG();
 		return;
 	}
 
@@ -919,7 +898,6 @@ void _c4iw_free_ep(struct kref *kref)
 
 	ep = container_of(kref, struct c4iw_ep, com.kref);
 	epc = &ep->com;
-	KASSERT(!epc->so, ("%s ep->so %p", __func__, epc->so));
 	KASSERT(!epc->entry.tqe_prev, ("%s epc %p still on req list",
 	    __func__, epc));
 	kfree(ep);
@@ -2126,10 +2104,10 @@ out:
 }
 
 /*
- * iwcm->create_listen.  Returns -errno on failure.
+ * iwcm->create_listen_ep.  Returns -errno on failure.
  */
 int
-c4iw_create_listen(struct iw_cm_id *cm_id, int backlog)
+c4iw_create_listen_ep(struct iw_cm_id *cm_id, int backlog)
 {
 	int rc;
 	struct c4iw_dev *dev = to_c4iw_dev(cm_id->device);
@@ -2154,17 +2132,6 @@ c4iw_create_listen(struct iw_cm_id *cm_id, int backlog)
 	ep->com.thread = curthread;
 	state_set(&ep->com, LISTEN);
 	ep->com.so = so;
-	init_sock(&ep->com);
-
-	rc = solisten(so, ep->backlog, ep->com.thread);
-	if (rc != 0) {
-		log(LOG_ERR, "%s: failed to start listener: %d\n", __func__,
-		    rc);
-		close_socket(&ep->com, 0);
-		cm_id->rem_ref(cm_id);
-		c4iw_put_ep(&ep->com);
-		goto failed;
-	}
 
 	cm_id->provider_data = ep;
 	return (0);
@@ -2174,21 +2141,19 @@ failed:
 	return (-rc);
 }
 
-int
-c4iw_destroy_listen(struct iw_cm_id *cm_id)
+void
+c4iw_destroy_listen_ep(struct iw_cm_id *cm_id)
 {
-	int rc;
 	struct c4iw_listen_ep *ep = to_listen_ep(cm_id);
 
-	CTR4(KTR_IW_CXGBE, "%s: cm_id %p, so %p, inp %p", __func__, cm_id,
-	    cm_id->so, cm_id->so->so_pcb);
+	CTR4(KTR_IW_CXGBE, "%s: cm_id %p, so %p, state %s", __func__, cm_id,
+	    cm_id->so, states[ep->com.state]);
 
 	state_set(&ep->com, DEAD);
-	rc = close_socket(&ep->com, 0);
 	cm_id->rem_ref(cm_id);
 	c4iw_put_ep(&ep->com);
 
-	return (rc);
+	return;
 }
 
 int c4iw_ep_disconnect(struct c4iw_ep *ep, int abrupt, gfp_t gfp)
@@ -2365,15 +2330,18 @@ static int fw6_cqe_handler(struct adapter *sc, const __be64 *rpl)
 
 static int terminate(struct sge_iq *iq, const struct rss_header *rss, struct mbuf *m)
 {
-
 	struct adapter *sc = iq->adapter;
-
-	const struct cpl_rdma_terminate *rpl = (const void *)(rss + 1);
-	unsigned int tid = GET_TID(rpl);
+	const struct cpl_rdma_terminate *cpl = mtod(m, const void *);
+	unsigned int tid = GET_TID(cpl);
 	struct c4iw_qp_attributes attrs;
 	struct toepcb *toep = lookup_tid(sc, tid);
-	struct socket *so = inp_inpcbtosocket(toep->inp);
-	struct c4iw_ep *ep = so->so_rcv.sb_upcallarg;
+	struct socket *so;
+	struct c4iw_ep *ep;
+
+	INP_WLOCK(toep->inp);
+	so = inp_inpcbtosocket(toep->inp);
+	ep = so->so_rcv.sb_upcallarg;
+	INP_WUNLOCK(toep->inp);
 
 	CTR2(KTR_IW_CXGBE, "%s:tB %p %d", __func__, ep);
 
diff --git a/sys/dev/cxgbe/iw_cxgbe/iw_cxgbe.h b/sys/dev/cxgbe/iw_cxgbe/iw_cxgbe.h
index e6d70f4..f6c8a59 100644
--- a/sys/dev/cxgbe/iw_cxgbe/iw_cxgbe.h
+++ b/sys/dev/cxgbe/iw_cxgbe/iw_cxgbe.h
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2009-2013 Chelsio, Inc. All rights reserved.
+ * Copyright (c) 2009-2013, 2016 Chelsio, Inc. All rights reserved.
  *
  * This software is available to you under a choice of one of two
  * licenses.  You may choose to be licensed under the terms of the GNU
@@ -850,8 +850,8 @@ int c4iw_post_receive(struct ib_qp *ibqp, struct ib_recv_wr *wr,
 int c4iw_bind_mw(struct ib_qp *qp, struct ib_mw *mw,
 		 struct ib_mw_bind *mw_bind);
 int c4iw_connect(struct iw_cm_id *cm_id, struct iw_cm_conn_param *conn_param);
-int c4iw_create_listen(struct iw_cm_id *cm_id, int backlog);
-int c4iw_destroy_listen(struct iw_cm_id *cm_id);
+int c4iw_create_listen_ep(struct iw_cm_id *cm_id, int backlog);
+void c4iw_destroy_listen_ep(struct iw_cm_id *cm_id);
 int c4iw_accept_cr(struct iw_cm_id *cm_id, struct iw_cm_conn_param *conn_param);
 int c4iw_reject_cr(struct iw_cm_id *cm_id, const void *pdata, u8 pdata_len);
 void c4iw_qp_add_ref(struct ib_qp *qp);
@@ -914,6 +914,8 @@ u32 c4iw_get_qpid(struct c4iw_rdev *rdev, struct c4iw_dev_ucontext *uctx);
 void c4iw_put_qpid(struct c4iw_rdev *rdev, u32 qid,
 		struct c4iw_dev_ucontext *uctx);
 void c4iw_ev_dispatch(struct c4iw_dev *dev, struct t4_cqe *err_cqe);
+void process_newconn(struct iw_cm_id *parent_cm_id,
+		struct socket *child_so);
 
 extern struct cxgb4_client t4c_client;
 extern c4iw_handler_func c4iw_handlers[NUM_CPL_CMDS];
diff --git a/sys/dev/cxgbe/iw_cxgbe/provider.c b/sys/dev/cxgbe/iw_cxgbe/provider.c
index d7ce079..a21fb9c 100644
--- a/sys/dev/cxgbe/iw_cxgbe/provider.c
+++ b/sys/dev/cxgbe/iw_cxgbe/provider.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2009-2013 Chelsio, Inc. All rights reserved.
+ * Copyright (c) 2009-2013, 2016 Chelsio, Inc. All rights reserved.
  *
  * This software is available to you under a choice of one of two
  * licenses.  You may choose to be licensed under the terms of the GNU
@@ -474,8 +474,9 @@ c4iw_register_device(struct c4iw_dev *dev)
 	iwcm->connect = c4iw_connect;
 	iwcm->accept = c4iw_accept_cr;
 	iwcm->reject = c4iw_reject_cr;
-	iwcm->create_listen = c4iw_create_listen;
-	iwcm->destroy_listen = c4iw_destroy_listen;
+	iwcm->create_listen_ep = c4iw_create_listen_ep;
+	iwcm->destroy_listen_ep = c4iw_destroy_listen_ep;
+	iwcm->newconn = process_newconn;
 	iwcm->add_ref = c4iw_qp_add_ref;
 	iwcm->rem_ref = c4iw_qp_rem_ref;
 	iwcm->get_qp = c4iw_get_qp;
diff --git a/sys/dev/extres/clk/clk.c b/sys/dev/extres/clk/clk.c
new file mode 100644
index 0000000..f1ed098
--- /dev/null
+++ b/sys/dev/extres/clk/clk.c
@@ -0,0 +1,1261 @@
+/*-
+ * Copyright 2016 Michal Meloun <mmel@FreeBSD.org>
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include <sys/cdefs.h>
+__FBSDID("$FreeBSD$");
+
+#include "opt_platform.h"
+#include <sys/param.h>
+#include <sys/conf.h>
+#include <sys/bus.h>
+#include <sys/kernel.h>
+#include <sys/queue.h>
+#include <sys/kobj.h>
+#include <sys/malloc.h>
+#include <sys/mutex.h>
+#include <sys/limits.h>
+#include <sys/lock.h>
+#include <sys/sysctl.h>
+#include <sys/systm.h>
+#include <sys/sx.h>
+
+#ifdef FDT
+#include <dev/fdt/fdt_common.h>
+#include <dev/ofw/ofw_bus.h>
+#include <dev/ofw/ofw_bus_subr.h>
+#endif
+#include <dev/extres/clk/clk.h>
+
+MALLOC_DEFINE(M_CLOCK, "clocks", "Clock framework");
+
+/* Forward declarations. */
+struct clk;
+struct clknodenode;
+struct clkdom;
+
+typedef TAILQ_HEAD(clknode_list, clknode) clknode_list_t;
+typedef TAILQ_HEAD(clkdom_list, clkdom) clkdom_list_t;
+
+/* Default clock methods. */
+static int clknode_method_init(struct clknode *clk, device_t dev);
+static int clknode_method_recalc_freq(struct clknode *clk, uint64_t *freq);
+static int clknode_method_set_freq(struct clknode *clk, uint64_t fin,
+    uint64_t *fout, int flags, int *stop);
+static int clknode_method_set_gate(struct clknode *clk, bool enable);
+static int clknode_method_set_mux(struct clknode *clk, int idx);
+
+/*
+ * Clock controller methods.
+ */
+static clknode_method_t clknode_methods[] = {
+	CLKNODEMETHOD(clknode_init,		clknode_method_init),
+	CLKNODEMETHOD(clknode_recalc_freq,	clknode_method_recalc_freq),
+	CLKNODEMETHOD(clknode_set_freq,		clknode_method_set_freq),
+	CLKNODEMETHOD(clknode_set_gate,		clknode_method_set_gate),
+	CLKNODEMETHOD(clknode_set_mux,		clknode_method_set_mux),
+
+	CLKNODEMETHOD_END
+};
+DEFINE_CLASS_0(clknode, clknode_class, clknode_methods, 0);
+
+/*
+ * Clock node - basic element for modeling SOC clock graph.  It holds the clock
+ * provider's data about the clock, and the links for the clock's membership in
+ * various lists.
+ */
+struct clknode {
+	KOBJ_FIELDS;
+
+	/* Clock nodes topology. */
+	struct clkdom 		*clkdom;	/* Owning clock domain */
+	TAILQ_ENTRY(clknode)	clkdom_link;	/* Domain list entry */
+	TAILQ_ENTRY(clknode)	clklist_link;	/* Global list entry */
+
+	/* String based parent list. */
+	const char		**parent_names;	/* Array of parent names */
+	int			parent_cnt;	/* Number of parents */
+	int			parent_idx;	/* Parent index or -1 */
+
+	/* Cache for already resolved names. */
+	struct clknode		**parents;	/* Array of potential parents */
+	struct clknode		*parent;	/* Current parent */
+
+	/* Parent/child relationship links. */
+	clknode_list_t		children;	/* List of our children */
+	TAILQ_ENTRY(clknode)	sibling_link; 	/* Our entry in parent's list */
+
+	/* Details of this device. */
+	void			*softc;		/* Instance softc */
+	const char		*name;		/* Globally unique name */
+	intptr_t		id;		/* Per domain unique id */
+	int			flags;		/* CLK_FLAG_*  */
+	struct sx		lock;		/* Lock for this clock */
+	int			ref_cnt;	/* Reference counter */
+	int			enable_cnt;	/* Enabled counter */
+
+	/* Cached values. */
+	uint64_t		freq;		/* Actual frequency */
+};
+
+/*
+ *  Per consumer data, information about how a consumer is using a clock node.
+ *  A pointer to this structure is used as a handle in the consumer interface.
+ */
+struct clk {
+	device_t		dev;
+	struct clknode		*clknode;
+	int			enable_cnt;
+};
+
+/*
+ * Clock domain - a group of clocks provided by one clock device.
+ */
+struct clkdom {
+	device_t 		dev; 	/* Link to provider device */
+	TAILQ_ENTRY(clkdom)	link;		/* Global domain list entry */
+	clknode_list_t		clknode_list;	/* All clocks in the domain */
+
+#ifdef FDT
+	clknode_ofw_mapper_func	*ofw_mapper;	/* Find clock using FDT xref */
+#endif
+};
+
+/*
+ * The system-wide list of clock domains.
+ */
+static clkdom_list_t clkdom_list = TAILQ_HEAD_INITIALIZER(clkdom_list);
+
+/*
+ * Each clock node is linked on a system-wide list and can be searched by name.
+ */
+static clknode_list_t clknode_list = TAILQ_HEAD_INITIALIZER(clknode_list);
+
+/*
+ * Locking - we use three levels of locking:
+ * - First, topology lock is taken.  This one protect all lists.
+ * - Second level is per clknode lock.  It protects clknode data.
+ * - Third level is outside of this file, it protect clock device registers.
+ * First two levels use sleepable locks; clock device can use mutex or sx lock.
+ */
+static struct sx		clk_topo_lock;
+SX_SYSINIT(clock_topology, &clk_topo_lock, "Clock topology lock");
+
+#define CLK_TOPO_SLOCK()	sx_slock(&clk_topo_lock)
+#define CLK_TOPO_XLOCK()	sx_xlock(&clk_topo_lock)
+#define CLK_TOPO_UNLOCK()	sx_unlock(&clk_topo_lock)
+#define CLK_TOPO_ASSERT()	sx_assert(&clk_topo_lock, SA_LOCKED)
+#define CLK_TOPO_XASSERT()	sx_assert(&clk_topo_lock, SA_XLOCKED)
+
+#define CLKNODE_SLOCK(_sc)	sx_slock(&((_sc)->lock))
+#define CLKNODE_XLOCK(_sc)	sx_xlock(&((_sc)->lock))
+#define CLKNODE_UNLOCK(_sc)	sx_unlock(&((_sc)->lock))
+
+static void clknode_adjust_parent(struct clknode *clknode, int idx);
+
+/*
+ * Default clock methods for base class.
+ */
+static int
+clknode_method_init(struct clknode *clknode, device_t dev)
+{
+
+	return (0);
+}
+
+static int
+clknode_method_recalc_freq(struct clknode *clknode, uint64_t *freq)
+{
+
+	return (0);
+}
+
+static int
+clknode_method_set_freq(struct clknode *clknode, uint64_t fin,  uint64_t *fout,
+   int flags, int *stop)
+{
+
+	*stop = 0;
+	return (0);
+}
+
+static int
+clknode_method_set_gate(struct clknode *clk, bool enable)
+{
+
+	return (0);
+}
+
+static int
+clknode_method_set_mux(struct clknode *clk, int idx)
+{
+
+	return (0);
+}
+
+/*
+ * Internal functions.
+ */
+
+/*
+ * Duplicate an array of parent names.
+ *
+ * Compute total size and allocate a single block which holds both the array of
+ * pointers to strings and the copied strings themselves.  Returns a pointer to
+ * the start of the block where the array of copied string pointers lives.
+ *
+ * XXX Revisit this, no need for the DECONST stuff.
+ */
+static const char **
+strdup_list(const char **names, int num)
+{
+	size_t len, slen;
+	const char **outptr, *ptr;
+	int i;
+
+	len = sizeof(char *) * num;
+	for (i = 0; i < num; i++) {
+		if (names[i] == NULL)
+			continue;
+		slen = strlen(names[i]);
+		if (slen == 0)
+			panic("Clock parent names array have empty string");
+		len += slen + 1;
+	}
+	outptr = malloc(len, M_CLOCK, M_WAITOK | M_ZERO);
+	ptr = (char *)(outptr + num);
+	for (i = 0; i < num; i++) {
+		if (names[i] == NULL)
+			continue;
+		outptr[i] = ptr;
+		slen = strlen(names[i]) + 1;
+		bcopy(names[i], __DECONST(void *, outptr[i]), slen);
+		ptr += slen;
+	}
+	return (outptr);
+}
+
+/*
+ * Recompute the cached frequency for this node and all its children.
+ */
+static int
+clknode_refresh_cache(struct clknode *clknode, uint64_t freq)
+{
+	int rv;
+	struct clknode *entry;
+
+	CLK_TOPO_XASSERT();
+
+	/* Compute generated frequency. */
+	rv = CLKNODE_RECALC_FREQ(clknode, &freq);
+	if (rv != 0) {
+		 /* XXX If an error happens while refreshing children
+		  * this leaves the world in a  partially-updated state.
+		  * Panic for now.
+		  */
+		panic("clknode_refresh_cache failed for '%s'\n",
+		    clknode->name);
+		return (rv);
+	}
+	/* Refresh cache for this node. */
+	clknode->freq = freq;
+
+	/* Refresh cache for all children. */
+	TAILQ_FOREACH(entry, &(clknode->children), sibling_link) {
+		rv = clknode_refresh_cache(entry, freq);
+		if (rv != 0)
+			return (rv);
+	}
+	return (0);
+}
+
+/*
+ * Public interface.
+ */
+
+struct clknode *
+clknode_find_by_name(const char *name)
+{
+	struct clknode *entry;
+
+	CLK_TOPO_ASSERT();
+
+	TAILQ_FOREACH(entry, &clknode_list, clklist_link) {
+		if (strcmp(entry->name, name) == 0)
+			return (entry);
+	}
+	return (NULL);
+}
+
+struct clknode *
+clknode_find_by_id(struct clkdom *clkdom, intptr_t id)
+{
+	struct clknode *entry;
+
+	CLK_TOPO_ASSERT();
+
+	TAILQ_FOREACH(entry, &clkdom->clknode_list, clkdom_link) {
+		if (entry->id ==  id)
+			return (entry);
+	}
+
+	return (NULL);
+}
+
+/* -------------------------------------------------------------------------- */
+/*
+ * Clock domain functions
+ */
+
+/* Find clock domain associated to device in global list. */
+struct clkdom *
+clkdom_get_by_dev(const device_t dev)
+{
+	struct clkdom *entry;
+
+	CLK_TOPO_ASSERT();
+
+	TAILQ_FOREACH(entry, &clkdom_list, link) {
+		if (entry->dev == dev)
+			return (entry);
+	}
+	return (NULL);
+}
+
+
+#ifdef FDT
+/* Default DT mapper. */
+static int
+clknode_default_ofw_map(struct clkdom *clkdom, uint32_t ncells,
+    phandle_t *cells, struct clknode **clk)
+{
+
+	CLK_TOPO_ASSERT();
+
+	if (ncells == 0)
+		*clk = clknode_find_by_id(clkdom, 1);
+	else if (ncells == 1)
+		*clk = clknode_find_by_id(clkdom, cells[0]);
+	else
+		return  (ERANGE);
+
+	if (*clk == NULL)
+		return (ENXIO);
+	return (0);
+}
+#endif
+
+/*
+ * Create a clock domain.  Returns with the topo lock held.
+ */
+struct clkdom *
+clkdom_create(device_t dev)
+{
+	struct clkdom *clkdom;
+
+	clkdom = malloc(sizeof(struct clkdom), M_CLOCK, M_WAITOK | M_ZERO);
+	clkdom->dev = dev;
+	TAILQ_INIT(&clkdom->clknode_list);
+#ifdef FDT
+	clkdom->ofw_mapper = clknode_default_ofw_map;
+#endif
+
+	return (clkdom);
+}
+
+void
+clkdom_unlock(struct clkdom *clkdom)
+{
+
+	CLK_TOPO_UNLOCK();
+}
+
+void
+clkdom_xlock(struct clkdom *clkdom)
+{
+
+	CLK_TOPO_XLOCK();
+}
+
+/*
+ * Finalize initialization of clock domain.  Releases topo lock.
+ *
+ * XXX Revisit failure handling.
+ */
+int
+clkdom_finit(struct clkdom *clkdom)
+{
+	struct clknode *clknode;
+	int i, rv;
+#ifdef FDT
+	phandle_t node;
+
+
+	if ((node = ofw_bus_get_node(clkdom->dev)) == -1) {
+		device_printf(clkdom->dev,
+		    "%s called on not ofw based device\n", __func__);
+		return (ENXIO);
+	}
+#endif
+	rv = 0;
+
+	/* Make clock domain globally visible. */
+	CLK_TOPO_XLOCK();
+	TAILQ_INSERT_TAIL(&clkdom_list, clkdom, link);
+#ifdef FDT
+	OF_device_register_xref(OF_xref_from_node(node), clkdom->dev);
+#endif
+
+	/* Register all clock names into global list. */
+	TAILQ_FOREACH(clknode, &clkdom->clknode_list, clkdom_link) {
+		TAILQ_INSERT_TAIL(&clknode_list, clknode, clklist_link);
+	}
+	/*
+	 * At this point all domain nodes must be registered and all
+	 * parents must be valid.
+	 */
+	TAILQ_FOREACH(clknode, &clkdom->clknode_list, clkdom_link) {
+		if (clknode->parent_cnt == 0)
+			continue;
+		for (i = 0; i < clknode->parent_cnt; i++) {
+			if (clknode->parents[i] != NULL)
+				continue;
+			if (clknode->parent_names[i] == NULL)
+				continue;
+			clknode->parents[i] = clknode_find_by_name(
+			    clknode->parent_names[i]);
+			if (clknode->parents[i] == NULL) {
+				device_printf(clkdom->dev,
+				    "Clock %s have unknown parent: %s\n",
+				    clknode->name, clknode->parent_names[i]);
+				rv = ENODEV;
+			}
+		}
+
+		/* If parent index is not set yet... */
+		if (clknode->parent_idx == CLKNODE_IDX_NONE) {
+			device_printf(clkdom->dev,
+			    "Clock %s have not set parent idx\n",
+			    clknode->name);
+			rv = ENXIO;
+			continue;
+		}
+		if (clknode->parents[clknode->parent_idx] == NULL) {
+			device_printf(clkdom->dev,
+			    "Clock %s have unknown parent(idx %d): %s\n",
+			    clknode->name, clknode->parent_idx,
+			    clknode->parent_names[clknode->parent_idx]);
+			rv = ENXIO;
+			continue;
+		}
+		clknode_adjust_parent(clknode, clknode->parent_idx);
+	}
+	CLK_TOPO_UNLOCK();
+	return (rv);
+}
+
+/* Dump clock domain. */
+void
+clkdom_dump(struct clkdom * clkdom)
+{
+	struct clknode *clknode;
+	int rv;
+	uint64_t freq;
+
+	CLK_TOPO_SLOCK();
+	TAILQ_FOREACH(clknode, &clkdom->clknode_list, clkdom_link) {
+		rv = clknode_get_freq(clknode, &freq);
+		printf("Clock: %s, parent: %s(%d), freq: %llu\n", clknode->name,
+		    clknode->parent == NULL ? "(NULL)" : clknode->parent->name,
+		    clknode->parent_idx,
+		    ((rv == 0) ? freq: rv));
+	}
+	CLK_TOPO_UNLOCK();
+}
+
+/*
+ * Create and initialize clock object, but do not register it.
+ */
+struct clknode *
+clknode_create(struct clkdom * clkdom, clknode_class_t clknode_class,
+    const struct clknode_init_def *def)
+{
+	struct clknode *clknode;
+
+	KASSERT(def->name != NULL, ("clock name is NULL"));
+	KASSERT(def->name[0] != '\0', ("clock name is empty"));
+#ifdef   INVARIANTS
+	CLK_TOPO_SLOCK();
+	if (clknode_find_by_name(def->name) != NULL)
+		panic("Duplicated clock registration: %s\n", def->name);
+	CLK_TOPO_UNLOCK();
+#endif
+
+	/* Create object and initialize it. */
+	clknode = malloc(sizeof(struct clknode), M_CLOCK, M_WAITOK | M_ZERO);
+	kobj_init((kobj_t)clknode, (kobj_class_t)clknode_class);
+	sx_init(&clknode->lock, "Clocknode lock");
+
+	/* Allocate softc if required. */
+	if (clknode_class->size > 0) {
+		clknode->softc = malloc(clknode_class->size,
+		    M_CLOCK, M_WAITOK | M_ZERO);
+	}
+
+	/* Prepare array for ptrs to parent clocks. */
+	clknode->parents = malloc(sizeof(struct clknode *) * def->parent_cnt,
+	    M_CLOCK, M_WAITOK | M_ZERO);
+
+	/* Copy all strings unless they're flagged as static. */
+	if (def->flags & CLK_NODE_STATIC_STRINGS) {
+		clknode->name = def->name;
+		clknode->parent_names = def->parent_names;
+	} else {
+		clknode->name = strdup(def->name, M_CLOCK);
+		clknode->parent_names =
+		    strdup_list(def->parent_names, def->parent_cnt);
+	}
+
+	/* Rest of init. */
+	clknode->id = def->id;
+	clknode->clkdom = clkdom;
+	clknode->flags = def->flags;
+	clknode->parent_cnt = def->parent_cnt;
+	clknode->parent = NULL;
+	clknode->parent_idx = CLKNODE_IDX_NONE;
+	TAILQ_INIT(&clknode->children);
+
+	return (clknode);
+}
+
+/*
+ * Register clock object into clock domain hierarchy.
+ */
+struct clknode *
+clknode_register(struct clkdom * clkdom, struct clknode *clknode)
+{
+	int rv;
+
+	rv = CLKNODE_INIT(clknode, clknode_get_device(clknode));
+	if (rv != 0) {
+		printf(" CLKNODE_INIT failed: %d\n", rv);
+		return (NULL);
+	}
+
+	TAILQ_INSERT_TAIL(&clkdom->clknode_list, clknode, clkdom_link);
+
+	return (clknode);
+}
+
+/*
+ * Clock providers interface.
+ */
+
+/*
+ * Reparent clock node.
+ */
+static void
+clknode_adjust_parent(struct clknode *clknode, int idx)
+{
+
+	CLK_TOPO_XASSERT();
+
+	if (clknode->parent_cnt == 0)
+		return;
+	if ((idx == CLKNODE_IDX_NONE) || (idx >= clknode->parent_cnt))
+		panic("Invalid clock parent index\n");
+
+	if (clknode->parents[idx] == NULL)
+		panic("%s: Attempt to set invalid parent %d for clock %s",
+		    __func__, idx, clknode->name);
+
+	/* Remove me from old children list. */
+	if (clknode->parent != NULL) {
+		TAILQ_REMOVE(&clknode->parent->children, clknode, sibling_link);
+	}
+
+	/* Insert into children list of new parent. */
+	clknode->parent_idx = idx;
+	clknode->parent = clknode->parents[idx];
+	TAILQ_INSERT_TAIL(&clknode->parent->children, clknode, sibling_link);
+}
+
+/*
+ * Set parent index - init function.
+ */
+void
+clknode_init_parent_idx(struct clknode *clknode, int idx)
+{
+
+	if (clknode->parent_cnt == 0) {
+		clknode->parent_idx = CLKNODE_IDX_NONE;
+		clknode->parent = NULL;
+		return;
+	}
+	if ((idx == CLKNODE_IDX_NONE) ||
+	    (idx >= clknode->parent_cnt) ||
+	    (clknode->parent_names[idx] == NULL))
+		panic("%s: Invalid clock parent index: %d\n", __func__, idx);
+
+	clknode->parent_idx = idx;
+}
+
+int
+clknode_set_parent_by_idx(struct clknode *clknode, int idx)
+{
+	int rv;
+	uint64_t freq;
+	int  oldidx;
+
+	/* We have exclusive topology lock, node lock is not needed. */
+	CLK_TOPO_XASSERT();
+
+	if (clknode->parent_cnt == 0)
+		return (0);
+
+	if (clknode->parent_idx == idx)
+		return (0);
+
+	oldidx = clknode->parent_idx;
+	clknode_adjust_parent(clknode, idx);
+	rv = CLKNODE_SET_MUX(clknode, idx);
+	if (rv != 0) {
+		clknode_adjust_parent(clknode, oldidx);
+		return (rv);
+	}
+	rv = clknode_get_freq(clknode->parent, &freq);
+	if (rv != 0)
+		return (rv);
+	rv = clknode_refresh_cache(clknode, freq);
+	return (rv);
+}
+
+int
+clknode_set_parent_by_name(struct clknode *clknode, const char *name)
+{
+	int rv;
+	uint64_t freq;
+	int  oldidx, idx;
+
+	/* We have exclusive topology lock, node lock is not needed. */
+	CLK_TOPO_XASSERT();
+
+	if (clknode->parent_cnt == 0)
+		return (0);
+
+	/*
+	 * If this node doesnt have mux, then passthrough request to parent.
+	 * This feature is used in clock domain initialization and allows us to
+	 * set clock source and target frequency on the tail node of the clock
+	 * chain.
+	 */
+	if (clknode->parent_cnt == 1) {
+		rv = clknode_set_parent_by_name(clknode->parent, name);
+		return (rv);
+	}
+
+	for (idx = 0; idx < clknode->parent_cnt; idx++) {
+		if (clknode->parent_names[idx] == NULL)
+			continue;
+		if (strcmp(clknode->parent_names[idx], name) == 0)
+			break;
+	}
+	if (idx >= clknode->parent_cnt) {
+		return (ENXIO);
+	}
+	if (clknode->parent_idx == idx)
+		return (0);
+
+	oldidx = clknode->parent_idx;
+	clknode_adjust_parent(clknode, idx);
+	rv = CLKNODE_SET_MUX(clknode, idx);
+	if (rv != 0) {
+		clknode_adjust_parent(clknode, oldidx);
+		CLKNODE_UNLOCK(clknode);
+		return (rv);
+	}
+	rv = clknode_get_freq(clknode->parent, &freq);
+	if (rv != 0)
+		return (rv);
+	rv = clknode_refresh_cache(clknode, freq);
+	return (rv);
+}
+
+struct clknode *
+clknode_get_parent(struct clknode *clknode)
+{
+
+	return (clknode->parent);
+}
+
+const char *
+clknode_get_name(struct clknode *clknode)
+{
+
+	return (clknode->name);
+}
+
+const char **
+clknode_get_parent_names(struct clknode *clknode)
+{
+
+	return (clknode->parent_names);
+}
+
+int
+clknode_get_parents_num(struct clknode *clknode)
+{
+
+	return (clknode->parent_cnt);
+}
+
+int
+clknode_get_parent_idx(struct clknode *clknode)
+{
+
+	return (clknode->parent_idx);
+}
+
+int
+clknode_get_flags(struct clknode *clknode)
+{
+
+	return (clknode->flags);
+}
+
+
+void *
+clknode_get_softc(struct clknode *clknode)
+{
+
+	return (clknode->softc);
+}
+
+device_t
+clknode_get_device(struct clknode *clknode)
+{
+
+	return (clknode->clkdom->dev);
+}
+
+#ifdef FDT
+void
+clkdom_set_ofw_mapper(struct clkdom * clkdom, clknode_ofw_mapper_func *map)
+{
+
+	clkdom->ofw_mapper = map;
+}
+#endif
+
+/*
+ * Real consumers executive
+ */
+int
+clknode_get_freq(struct clknode *clknode, uint64_t *freq)
+{
+	int rv;
+
+	CLK_TOPO_ASSERT();
+
+	/* Use cached value, if it exists. */
+	*freq  = clknode->freq;
+	if (*freq != 0)
+		return (0);
+
+	/* Get frequency from parent, if the clock has a parent. */
+	if (clknode->parent_cnt > 0) {
+		rv = clknode_get_freq(clknode->parent, freq);
+		if (rv != 0) {
+			return (rv);
+		}
+	}
+
+	/* And recalculate my output frequency. */
+	CLKNODE_XLOCK(clknode);
+	rv = CLKNODE_RECALC_FREQ(clknode, freq);
+	if (rv != 0) {
+		CLKNODE_UNLOCK(clknode);
+		printf("Cannot get frequency for clk: %s, error: %d\n",
+		    clknode->name, rv);
+		return (rv);
+	}
+
+	/* Save new frequency to cache. */
+	clknode->freq = *freq;
+	CLKNODE_UNLOCK(clknode);
+	return (0);
+}
+
+int
+clknode_set_freq(struct clknode *clknode, uint64_t freq, int flags,
+    int enablecnt)
+{
+	int rv, done;
+	uint64_t parent_freq;
+
+	/* We have exclusive topology lock, node lock is not needed. */
+	CLK_TOPO_XASSERT();
+
+	parent_freq = 0;
+
+	/*
+	 * We can set frequency only if
+	 *   clock is disabled
+	 * OR
+	 *   clock is glitch free and is enabled by calling consumer only
+	 */
+	if ((clknode->enable_cnt > 1) &&
+	    ((clknode->enable_cnt > enablecnt) ||
+	    !(clknode->flags & CLK_NODE_GLITCH_FREE))) {
+		return (EBUSY);
+	}
+
+	/* Get frequency from parent, if the clock has a parent. */
+	if (clknode->parent_cnt > 0) {
+		rv = clknode_get_freq(clknode->parent, &parent_freq);
+		if (rv != 0) {
+			return (rv);
+		}
+	}
+
+	/* Set frequency for this clock. */
+	rv = CLKNODE_SET_FREQ(clknode, parent_freq, &freq, flags, &done);
+	if (rv != 0) {
+		printf("Cannot set frequency for clk: %s, error: %d\n",
+		    clknode->name, rv);
+		if ((flags & CLK_SET_DRYRUN) == 0)
+			clknode_refresh_cache(clknode, parent_freq);
+		return (rv);
+	}
+
+	if (done) {
+		/* Success - invalidate frequency cache for all children. */
+		clknode->freq = freq;
+		if ((flags & CLK_SET_DRYRUN) == 0)
+			clknode_refresh_cache(clknode, parent_freq);
+	} else if (clknode->parent != NULL) {
+		/* Nothing changed, pass request to parent. */
+		rv = clknode_set_freq(clknode->parent, freq, flags, enablecnt);
+	} else {
+		/* End of chain without action. */
+		printf("Cannot set frequency for clk: %s, end of chain\n",
+		    clknode->name);
+		rv = ENXIO;
+	}
+
+	return (rv);
+}
+
+int
+clknode_enable(struct clknode *clknode)
+{
+	int rv;
+
+	CLK_TOPO_ASSERT();
+
+	/* Enable clock for each node in chain, starting from source. */
+	if (clknode->parent_cnt > 0) {
+		rv = clknode_enable(clknode->parent);
+		if (rv != 0) {
+			return (rv);
+		}
+	}
+
+	/* Handle this node */
+	CLKNODE_XLOCK(clknode);
+	if (clknode->enable_cnt == 0) {
+		rv = CLKNODE_SET_GATE(clknode, 1);
+		if (rv != 0) {
+			CLKNODE_UNLOCK(clknode);
+			return (rv);
+		}
+	}
+	clknode->enable_cnt++;
+	CLKNODE_UNLOCK(clknode);
+	return (0);
+}
+
+int
+clknode_disable(struct clknode *clknode)
+{
+	int rv;
+
+	CLK_TOPO_ASSERT();
+	rv = 0;
+
+	CLKNODE_XLOCK(clknode);
+	/* Disable clock for each node in chain, starting from consumer. */
+	if ((clknode->enable_cnt == 1) &&
+	    ((clknode->flags & CLK_NODE_CANNOT_STOP) == 0)) {
+		rv = CLKNODE_SET_GATE(clknode, 0);
+		if (rv != 0) {
+			CLKNODE_UNLOCK(clknode);
+			return (rv);
+		}
+	}
+	clknode->enable_cnt--;
+	CLKNODE_UNLOCK(clknode);
+
+	if (clknode->parent_cnt > 0) {
+		rv = clknode_disable(clknode->parent);
+	}
+	return (rv);
+}
+
+int
+clknode_stop(struct clknode *clknode, int depth)
+{
+	int rv;
+
+	CLK_TOPO_ASSERT();
+	rv = 0;
+
+	CLKNODE_XLOCK(clknode);
+	/* The first node cannot be enabled. */
+	if ((clknode->enable_cnt != 0) && (depth == 0)) {
+		CLKNODE_UNLOCK(clknode);
+		return (EBUSY);
+	}
+	/* Stop clock for each node in chain, starting from consumer. */
+	if ((clknode->enable_cnt == 0) &&
+	    ((clknode->flags & CLK_NODE_CANNOT_STOP) == 0)) {
+		rv = CLKNODE_SET_GATE(clknode, 0);
+		if (rv != 0) {
+			CLKNODE_UNLOCK(clknode);
+			return (rv);
+		}
+	}
+	CLKNODE_UNLOCK(clknode);
+
+	if (clknode->parent_cnt > 0)
+		rv = clknode_stop(clknode->parent, depth + 1);
+	return (rv);
+}
+
+/* --------------------------------------------------------------------------
+ *
+ * Clock consumers interface.
+ *
+ */
+/* Helper function for clk_get*() */
+static clk_t
+clk_create(struct clknode *clknode, device_t dev)
+{
+	struct clk *clk;
+
+	CLK_TOPO_ASSERT();
+
+	clk =  malloc(sizeof(struct clk), M_CLOCK, M_WAITOK);
+	clk->dev = dev;
+	clk->clknode = clknode;
+	clk->enable_cnt = 0;
+	clknode->ref_cnt++;
+
+	return (clk);
+}
+
+int
+clk_get_freq(clk_t clk, uint64_t *freq)
+{
+	int rv;
+	struct clknode *clknode;
+
+	clknode = clk->clknode;
+	KASSERT(clknode->ref_cnt > 0,
+	   ("Attempt to access unreferenced clock: %s\n", clknode->name));
+
+	CLK_TOPO_SLOCK();
+	rv = clknode_get_freq(clknode, freq);
+	CLK_TOPO_UNLOCK();
+	return (rv);
+}
+
+int
+clk_set_freq(clk_t clk, uint64_t freq, int flags)
+{
+	int rv;
+	struct clknode *clknode;
+
+	flags &= CLK_SET_USER_MASK;
+	clknode = clk->clknode;
+	KASSERT(clknode->ref_cnt > 0,
+	   ("Attempt to access unreferenced clock: %s\n", clknode->name));
+
+	CLK_TOPO_XLOCK();
+	rv = clknode_set_freq(clknode, freq, flags, clk->enable_cnt);
+	CLK_TOPO_UNLOCK();
+	return (rv);
+}
+
+int
+clk_test_freq(clk_t clk, uint64_t freq, int flags)
+{
+	int rv;
+	struct clknode *clknode;
+
+	flags &= CLK_SET_USER_MASK;
+	clknode = clk->clknode;
+	KASSERT(clknode->ref_cnt > 0,
+	   ("Attempt to access unreferenced clock: %s\n", clknode->name));
+
+	CLK_TOPO_XLOCK();
+	rv = clknode_set_freq(clknode, freq, flags | CLK_SET_DRYRUN, 0);
+	CLK_TOPO_UNLOCK();
+	return (rv);
+}
+
+int
+clk_get_parent(clk_t clk, clk_t *parent)
+{
+	struct clknode *clknode;
+	struct clknode *parentnode;
+
+	clknode = clk->clknode;
+	KASSERT(clknode->ref_cnt > 0,
+	   ("Attempt to access unreferenced clock: %s\n", clknode->name));
+
+	CLK_TOPO_SLOCK();
+	parentnode = clknode_get_parent(clknode);
+	if (parentnode == NULL) {
+		CLK_TOPO_UNLOCK();
+		return (ENODEV);
+	}
+	*parent = clk_create(parentnode, clk->dev);
+	CLK_TOPO_UNLOCK();
+	return (0);
+}
+
+int
+clk_set_parent_by_clk(clk_t clk, clk_t parent)
+{
+	int rv;
+	struct clknode *clknode;
+	struct clknode *parentnode;
+
+	clknode = clk->clknode;
+	parentnode = parent->clknode;
+	KASSERT(clknode->ref_cnt > 0,
+	   ("Attempt to access unreferenced clock: %s\n", clknode->name));
+	KASSERT(parentnode->ref_cnt > 0,
+	   ("Attempt to access unreferenced clock: %s\n", clknode->name));
+	CLK_TOPO_XLOCK();
+	rv = clknode_set_parent_by_name(clknode, parentnode->name);
+	CLK_TOPO_UNLOCK();
+	return (rv);
+}
+
+int
+clk_enable(clk_t clk)
+{
+	int rv;
+	struct clknode *clknode;
+
+	clknode = clk->clknode;
+	KASSERT(clknode->ref_cnt > 0,
+	   ("Attempt to access unreferenced clock: %s\n", clknode->name));
+	CLK_TOPO_SLOCK();
+	rv = clknode_enable(clknode);
+	if (rv == 0)
+		clk->enable_cnt++;
+	CLK_TOPO_UNLOCK();
+	return (rv);
+}
+
+int
+clk_disable(clk_t clk)
+{
+	int rv;
+	struct clknode *clknode;
+
+	clknode = clk->clknode;
+	KASSERT(clknode->ref_cnt > 0,
+	   ("Attempt to access unreferenced clock: %s\n", clknode->name));
+	KASSERT(clk->enable_cnt > 0,
+	   ("Attempt to disable already disabled clock: %s\n", clknode->name));
+	CLK_TOPO_SLOCK();
+	rv = clknode_disable(clknode);
+	if (rv == 0)
+		clk->enable_cnt--;
+	CLK_TOPO_UNLOCK();
+	return (rv);
+}
+
+int
+clk_stop(clk_t clk)
+{
+	int rv;
+	struct clknode *clknode;
+
+	clknode = clk->clknode;
+	KASSERT(clknode->ref_cnt > 0,
+	   ("Attempt to access unreferenced clock: %s\n", clknode->name));
+	KASSERT(clk->enable_cnt == 0,
+	   ("Attempt to stop already enabled clock: %s\n", clknode->name));
+
+	CLK_TOPO_SLOCK();
+	rv = clknode_stop(clknode, 0);
+	CLK_TOPO_UNLOCK();
+	return (rv);
+}
+
+int
+clk_release(clk_t clk)
+{
+	struct clknode *clknode;
+
+	clknode = clk->clknode;
+	KASSERT(clknode->ref_cnt > 0,
+	   ("Attempt to access unreferenced clock: %s\n", clknode->name));
+	CLK_TOPO_SLOCK();
+	while (clk->enable_cnt > 0) {
+		clknode_disable(clknode);
+		clk->enable_cnt--;
+	}
+	CLKNODE_XLOCK(clknode);
+	clknode->ref_cnt--;
+	CLKNODE_UNLOCK(clknode);
+	CLK_TOPO_UNLOCK();
+
+	free(clk, M_CLOCK);
+	return (0);
+}
+
+const char *
+clk_get_name(clk_t clk)
+{
+	const char *name;
+	struct clknode *clknode;
+
+	clknode = clk->clknode;
+	KASSERT(clknode->ref_cnt > 0,
+	   ("Attempt to access unreferenced clock: %s\n", clknode->name));
+	name = clknode_get_name(clknode);
+	return (name);
+}
+
+int
+clk_get_by_name(device_t dev, const char *name, clk_t *clk)
+{
+	struct clknode *clknode;
+
+	CLK_TOPO_SLOCK();
+	clknode = clknode_find_by_name(name);
+	if (clknode == NULL) {
+		CLK_TOPO_UNLOCK();
+		return (ENODEV);
+	}
+	*clk = clk_create(clknode, dev);
+	CLK_TOPO_UNLOCK();
+	return (0);
+}
+
+int
+clk_get_by_id(device_t dev, struct clkdom *clkdom, intptr_t id, clk_t *clk)
+{
+	struct clknode *clknode;
+
+	CLK_TOPO_SLOCK();
+
+	clknode = clknode_find_by_id(clkdom, id);
+	if (clknode == NULL) {
+		CLK_TOPO_UNLOCK();
+		return (ENODEV);
+	}
+	*clk = clk_create(clknode, dev);
+	CLK_TOPO_UNLOCK();
+
+	return (0);
+}
+
+#ifdef FDT
+
+int
+clk_get_by_ofw_index(device_t dev, int idx, clk_t *clk)
+{
+	phandle_t cnode, parent, *cells;
+	device_t clockdev;
+	int ncells, rv;
+	struct clkdom *clkdom;
+	struct clknode *clknode;
+
+	*clk = NULL;
+
+	cnode = ofw_bus_get_node(dev);
+	if (cnode <= 0) {
+		device_printf(dev, "%s called on not ofw based device\n",
+		 __func__);
+		return (ENXIO);
+	}
+
+	rv = ofw_bus_parse_xref_list_alloc(cnode, "clocks", "#clock-cells", idx,
+	    &parent, &ncells, &cells);
+	if (rv != 0) {
+		return (rv);
+	}
+
+	clockdev = OF_device_from_xref(parent);
+	if (clockdev == NULL) {
+		rv = ENODEV;
+		goto done;
+	}
+
+	CLK_TOPO_SLOCK();
+	clkdom = clkdom_get_by_dev(clockdev);
+	if (clkdom == NULL){
+		CLK_TOPO_UNLOCK();
+		rv = ENXIO;
+		goto done;
+	}
+
+	rv = clkdom->ofw_mapper(clkdom, ncells, cells, &clknode);
+	if (rv == 0) {
+		*clk = clk_create(clknode, dev);
+	}
+	CLK_TOPO_UNLOCK();
+
+done:
+	if (cells != NULL)
+		free(cells, M_OFWPROP);
+	return (rv);
+}
+
+int
+clk_get_by_ofw_name(device_t dev, const char *name, clk_t *clk)
+{
+	int rv, idx;
+	phandle_t cnode;
+
+	cnode = ofw_bus_get_node(dev);
+	if (cnode <= 0) {
+		device_printf(dev, "%s called on not ofw based device\n",
+		 __func__);
+		return (ENXIO);
+	}
+	rv = ofw_bus_find_string_index(cnode, "clock-names", name, &idx);
+	if (rv != 0)
+		return (rv);
+	return (clk_get_by_ofw_index(dev, idx, clk));
+}
+#endif
diff --git a/sys/dev/extres/clk/clk.h b/sys/dev/extres/clk/clk.h
new file mode 100644
index 0000000..8547bae
--- /dev/null
+++ b/sys/dev/extres/clk/clk.h
@@ -0,0 +1,136 @@
+/*-
+ * Copyright 2016 Michal Meloun <mmel@FreeBSD.org>
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * $FreeBSD$
+ */
+
+#ifndef _DEV_EXTRES_CLK_H_
+#define _DEV_EXTRES_CLK_H_
+#include "opt_platform.h"
+
+#include <sys/kobj.h>
+#ifdef FDT
+#include <dev/ofw/ofw_bus.h>
+#endif
+#include "clknode_if.h"
+
+#define CLKNODE_IDX_NONE	-1		/* Not-selected index */
+
+/* clknode flags. */
+#define	CLK_NODE_STATIC_STRINGS	0x00000001	/* Static name strings */
+#define	CLK_NODE_GLITCH_FREE	0x00000002	/* Freq can change w/o stop */
+#define	CLK_NODE_CANNOT_STOP	0x00000004	/* Clock cannot be disabled */
+
+/* Flags passed to clk_set_freq() and clknode_set_freq(). */
+#define	CLK_SET_ROUND_UP	0x00000001
+#define	CLK_SET_ROUND_DOWN	0x00000002
+#define	CLK_SET_USER_MASK	0x0000FFFF
+#define	CLK_SET_DRYRUN		0x00010000
+
+typedef struct clk *clk_t;
+
+/* Initialization parameters for clocknode creation. */
+struct clknode_init_def {
+	const char	*name;
+	intptr_t	id;
+	const char	**parent_names;
+	int		parent_cnt;
+	int		flags;
+};
+
+/*
+ * Shorthands for constructing method tables.
+ */
+#define	CLKNODEMETHOD		KOBJMETHOD
+#define	CLKNODEMETHOD_END	KOBJMETHOD_END
+#define	clknode_method_t	kobj_method_t
+#define	clknode_class_t		kobj_class_t
+DECLARE_CLASS(clknode_class);
+
+/*
+ *  Clock domain functions.
+ */
+struct clkdom *clkdom_create(device_t dev);
+int clkdom_finit(struct clkdom *clkdom);
+void clkdom_dump(struct clkdom * clkdom);
+void clkdom_unlock(struct clkdom *clkdom);
+void clkdom_xlock(struct clkdom *clkdom);
+
+/*
+ * Clock providers interface.
+ */
+struct clkdom *clkdom_get_by_dev(const device_t dev);
+
+struct clknode *clknode_create(struct clkdom *clkdom,
+    clknode_class_t clknode_class, const struct clknode_init_def *def);
+struct clknode *clknode_register(struct clkdom *cldom, struct clknode *clk);
+#ifdef FDT
+typedef int clknode_ofw_mapper_func(struct clkdom *clkdom, uint32_t ncells,
+    phandle_t *cells, struct clknode **clk);
+void clkdom_set_ofw_mapper(struct clkdom *clkdom, clknode_ofw_mapper_func *cmp);
+#endif
+
+void clknode_init_parent_idx(struct clknode *clknode, int idx);
+int clknode_set_parent_by_idx(struct clknode *clk, int idx);
+int clknode_set_parent_by_name(struct clknode *clk, const char *name);
+const char *clknode_get_name(struct clknode *clk);
+const char **clknode_get_parent_names(struct clknode *clk);
+int clknode_get_parents_num(struct clknode *clk);
+int clknode_get_parent_idx(struct clknode *clk);
+struct clknode *clknode_get_parent(struct clknode *clk);
+int clknode_get_flags(struct clknode *clk);
+void *clknode_get_softc(struct clknode *clk);
+device_t clknode_get_device(struct clknode *clk);
+struct clknode *clknode_find_by_name(const char *name);
+struct clknode *clknode_find_by_id(struct clkdom *clkdom, intptr_t id);
+int clknode_get_freq(struct clknode *clknode, uint64_t *freq);
+int clknode_set_freq(struct clknode *clknode, uint64_t freq, int flags,
+    int enablecnt);
+int clknode_enable(struct clknode *clknode);
+int clknode_disable(struct clknode *clknode);
+int clknode_stop(struct clknode *clknode, int depth);
+
+/*
+ * Clock consumers interface.
+ */
+int clk_get_by_name(device_t dev, const char *name, clk_t *clk);
+int clk_get_by_id(device_t dev, struct clkdom *clkdom, intptr_t id, clk_t *clk);
+int clk_release(clk_t clk);
+int clk_get_freq(clk_t clk, uint64_t *freq);
+int clk_set_freq(clk_t clk, uint64_t freq, int flags);
+int clk_test_freq(clk_t clk, uint64_t freq, int flags);
+int clk_enable(clk_t clk);
+int clk_disable(clk_t clk);
+int clk_stop(clk_t clk);
+int clk_get_parent(clk_t clk, clk_t *parent);
+int clk_set_parent_by_clk(clk_t clk, clk_t parent);
+const char *clk_get_name(clk_t clk);
+
+#ifdef FDT
+int clk_get_by_ofw_index(device_t dev, int idx, clk_t *clk);
+int clk_get_by_ofw_name(device_t dev, const char *name, clk_t *clk);
+#endif
+
+#endif /* _DEV_EXTRES_CLK_H_ */
diff --git a/sys/dev/extres/clk/clk_div.c b/sys/dev/extres/clk/clk_div.c
new file mode 100644
index 0000000..fcb0a57
--- /dev/null
+++ b/sys/dev/extres/clk/clk_div.c
@@ -0,0 +1,209 @@
+/*-
+ * Copyright 2016 Michal Meloun <mmel@FreeBSD.org>
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include <sys/cdefs.h>
+__FBSDID("$FreeBSD$");
+
+
+#include <sys/param.h>
+#include <sys/conf.h>
+#include <sys/bus.h>
+#include <sys/kernel.h>
+#include <sys/systm.h>
+
+#include <machine/bus.h>
+
+#include <dev/extres/clk/clk_div.h>
+
+#include "clkdev_if.h"
+
+#define	WR4(_clk, off, val)						\
+	CLKDEV_WRITE_4(clknode_get_device(_clk), off, val)
+#define	RD4(_clk, off, val)						\
+	CLKDEV_READ_4(clknode_get_device(_clk), off, val)
+#define	MD4(_clk, off, clr, set )					\
+	CLKDEV_MODIFY_4(clknode_get_device(_clk), off, clr, set)
+
+static int clknode_div_init(struct clknode *clk, device_t dev);
+static int clknode_div_recalc(struct clknode *clk, uint64_t *req);
+static int clknode_div_set_freq(struct clknode *clknode, uint64_t fin,
+    uint64_t *fout, int flag, int *stop);
+
+struct clknode_div_sc {
+	struct mtx	*mtx;
+	struct resource *mem_res;
+	uint32_t	offset;
+	uint32_t	i_shift;
+	uint32_t	i_mask;
+	uint32_t	i_width;
+	uint32_t	f_shift;
+	uint32_t	f_mask;
+	uint32_t	f_width;
+	int		div_flags;
+	uint32_t	divider;	/* in natural form */
+};
+
+static clknode_method_t clknode_div_methods[] = {
+	/* Device interface */
+	CLKNODEMETHOD(clknode_init,		clknode_div_init),
+	CLKNODEMETHOD(clknode_recalc_freq,	clknode_div_recalc),
+	CLKNODEMETHOD(clknode_set_freq,		clknode_div_set_freq),
+	CLKNODEMETHOD_END
+};
+DEFINE_CLASS_1(clknode_div, clknode_div_class, clknode_div_methods,
+   sizeof(struct clknode_div_sc), clknode_class);
+
+static int
+clknode_div_init(struct clknode *clk, device_t dev)
+{
+	uint32_t reg;
+	struct clknode_div_sc *sc;
+	uint32_t i_div, f_div;
+	int rv;
+
+	sc = clknode_get_softc(clk);
+
+	rv = RD4(clk, sc->offset, &reg);
+	if (rv != 0)
+		return (rv);
+
+	i_div = (reg >> sc->i_shift) & sc->i_mask;
+	if (!(sc->div_flags & CLK_DIV_ZERO_BASED))
+		i_div++;
+	f_div = (reg >> sc->f_shift) & sc->f_mask;
+	sc->divider = i_div << sc->f_width | f_div;
+	clknode_init_parent_idx(clk, 0);
+	return(0);
+}
+
+static int
+clknode_div_recalc(struct clknode *clk, uint64_t *freq)
+{
+	struct clknode_div_sc *sc;
+
+	sc = clknode_get_softc(clk);
+	if (sc->divider == 0) {
+		printf("%s: %s divider is zero!\n", clknode_get_name(clk),
+		__func__);
+		*freq = 0;
+		return(EINVAL);
+	}
+	*freq = (*freq << sc->f_width) / sc->divider;
+	return (0);
+}
+
+static int
+clknode_div_set_freq(struct clknode *clk, uint64_t fin, uint64_t *fout,
+  int flags, int *stop)
+{
+	struct clknode_div_sc *sc;
+	uint64_t divider, _fin, _fout;
+	uint32_t reg, i_div, f_div, hw_i_div;
+	int rv;
+
+	sc = clknode_get_softc(clk);
+
+	/* For fractional divider. */
+	_fin = fin << sc->f_width;
+	divider = (_fin + *fout / 2) / *fout;
+	_fout = _fin / divider;
+
+	/* Rounding. */
+	if ((flags & CLK_SET_ROUND_UP) && (*fout < _fout))
+		divider--;
+	else if ((flags & CLK_SET_ROUND_DOWN) && (*fout > _fout))
+		divider++;
+
+	/* Break divider into integer and fractional parts. */
+	i_div = divider >> sc->f_width;
+	f_div = divider  & sc->f_mask;
+
+	if (i_div == 0) {
+		printf("%s: %s integer divider is zero!\n",
+		     clknode_get_name(clk), __func__);
+		return(EINVAL);
+	}
+
+	hw_i_div = i_div;
+	if (!(sc->div_flags & CLK_DIV_ZERO_BASED))
+		hw_i_div--;
+
+	*stop = 1;
+	if (hw_i_div > sc->i_mask) {
+		/* XXX Or only return error? */
+		printf("%s: %s integer divider is too big: %u\n",
+		    clknode_get_name(clk), __func__, hw_i_div);
+		hw_i_div = sc->i_mask;
+		*stop = 0;
+	}
+
+	i_div = hw_i_div;
+	if (!(sc->div_flags & CLK_DIV_ZERO_BASED))
+		i_div++;
+	divider = i_div << sc->f_width | f_div;
+
+	if ((flags & CLK_SET_DRYRUN) == 0) {
+		if ((*stop != 0) &&
+		    ((flags & (CLK_SET_ROUND_UP | CLK_SET_ROUND_DOWN)) == 0) &&
+		    (*fout != (_fin / divider)))
+			return (ERANGE);
+
+		rv = MD4(clk, sc->offset,
+		    (sc->i_mask << sc->i_shift) | (sc->f_mask << sc->f_shift),
+		    (i_div << sc->i_shift) | (f_div << sc->f_shift));
+		if (rv != 0)
+			return (rv);
+		RD4(clk, sc->offset, &reg);
+		sc->divider = divider;
+	}
+
+	*fout = _fin / divider;
+	return (0);
+}
+
+int
+clknode_div_register(struct clkdom *clkdom, struct clk_div_def *clkdef)
+{
+	struct clknode *clk;
+	struct clknode_div_sc *sc;
+
+	clk = clknode_create(clkdom, &clknode_div_class, &clkdef->clkdef);
+	if (clk == NULL)
+		return (1);
+
+	sc = clknode_get_softc(clk);
+	sc->offset = clkdef->offset;
+	sc->i_shift = clkdef->i_shift;
+	sc->i_width = clkdef->i_width;
+	sc->i_mask = (1 << clkdef->i_width) - 1;
+	sc->f_shift = clkdef->f_shift;
+	sc->f_width = clkdef->f_width;
+	sc->f_mask = (1 << clkdef->f_width) - 1;
+	sc->div_flags = clkdef->div_flags;
+
+	clknode_register(clkdom, clk);
+	return (0);
+}
diff --git a/sys/dev/extres/clk/clk_div.h b/sys/dev/extres/clk/clk_div.h
new file mode 100644
index 0000000..85b8a01
--- /dev/null
+++ b/sys/dev/extres/clk/clk_div.h
@@ -0,0 +1,48 @@
+/*-
+ * Copyright 2016 Michal Meloun <mmel@FreeBSD.org>
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * $FreeBSD$
+ */
+
+#ifndef _DEV_EXTRES_CLK_DIV_H_
+#define _DEV_EXTRES_CLK_DIV_H_
+
+#include <dev/extres/clk/clk.h>
+
+#define	CLK_DIV_ZERO_BASED	0x0001 /* Zero based divider. */
+
+struct clk_div_def {
+	struct clknode_init_def clkdef;
+	uint32_t		offset;		/* Divider register offset */
+	uint32_t		i_shift;	/* Pos of div bits in reg */
+	uint32_t		i_width;	/* Width of div bit field */
+	uint32_t		f_shift;	/* Fractional divide bits, */
+	uint32_t		f_width;	/* set to 0 for int divider */
+	int			div_flags;	/* Divider-specific flags */
+};
+
+int clknode_div_register(struct clkdom *clkdom, struct clk_div_def *clkdef);
+
+#endif /*_DEV_EXTRES_CLK_DIV_H_*/
diff --git a/sys/dev/extres/clk/clk_fixed.c b/sys/dev/extres/clk/clk_fixed.c
new file mode 100644
index 0000000..4ddceae
--- /dev/null
+++ b/sys/dev/extres/clk/clk_fixed.c
@@ -0,0 +1,114 @@
+/*-
+ * Copyright 2016 Michal Meloun <mmel@FreeBSD.org>
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include <sys/cdefs.h>
+__FBSDID("$FreeBSD$");
+
+
+#include <sys/param.h>
+#include <sys/conf.h>
+#include <sys/bus.h>
+#include <sys/kernel.h>
+#include <sys/kobj.h>
+#include <sys/malloc.h>
+#include <sys/mutex.h>
+#include <sys/rman.h>
+#include <sys/systm.h>
+
+#include <machine/bus.h>
+
+#include <dev/extres/clk/clk_fixed.h>
+
+#define	DEVICE_LOCK(_sc)      mtx_lock((_sc)->mtx)
+#define	DEVICE_UNLOCK(_sc)    mtx_unlock((_sc)->mtx)
+
+static int clknode_fixed_init(struct clknode *clk, device_t dev);
+static int clknode_fixed_recalc(struct clknode *clk, uint64_t *freq);
+struct clknode_fixed_sc {
+	struct mtx	*mtx;
+	int		fixed_flags;
+	uint64_t	freq;
+	uint32_t	mult;
+	uint32_t	div;
+};
+
+static clknode_method_t clknode_fixed_methods[] = {
+	/* Device interface */
+	CLKNODEMETHOD(clknode_init,	   clknode_fixed_init),
+	CLKNODEMETHOD(clknode_recalc_freq, clknode_fixed_recalc),
+	CLKNODEMETHOD_END
+};
+DEFINE_CLASS_1(clknode_fixed, clknode_fixed_class, clknode_fixed_methods,
+   sizeof(struct clknode_fixed_sc), clknode_class);
+
+static int
+clknode_fixed_init(struct clknode *clk, device_t dev)
+{
+	struct clknode_fixed_sc *sc;
+
+	sc = clknode_get_softc(clk);
+	if (sc->freq == 0)
+		clknode_init_parent_idx(clk, 0);
+	return(0);
+}
+static int
+clknode_fixed_recalc(struct clknode *clk, uint64_t *freq)
+{
+	struct clknode_fixed_sc *sc;
+
+	sc = clknode_get_softc(clk);
+	if (sc->freq != 0)
+		*freq = sc->freq;
+	else if ((sc->mult != 0) && (sc->div != 0))
+		*freq = (*freq / sc->div) * sc->mult;
+	else
+		*freq = 0;
+	return (0);
+}
+
+int
+clknode_fixed_register(struct clkdom *clkdom, struct clk_fixed_def *clkdef,
+    struct mtx *dev_mtx)
+{
+	struct clknode *clk;
+	struct clknode_fixed_sc *sc;
+
+	if ((clkdef->freq == 0) && (clkdef->clkdef.parent_cnt == 0))
+		panic("fixed clk: Frequency is not defined for clock source");
+	clk = clknode_create(clkdom, &clknode_fixed_class, &clkdef->clkdef);
+	if (clk == NULL)
+		return (1);
+
+	sc = clknode_get_softc(clk);
+	sc->mtx = dev_mtx;
+	sc->fixed_flags = clkdef->fixed_flags;
+	sc->freq = clkdef->freq;
+	sc->mult = clkdef->mult;
+	sc->div = clkdef->div;
+
+	clknode_register(clkdom, clk);
+	return (0);
+}
diff --git a/sys/dev/extres/clk/clk_fixed.h b/sys/dev/extres/clk/clk_fixed.h
new file mode 100644
index 0000000..f57ee96
--- /dev/null
+++ b/sys/dev/extres/clk/clk_fixed.h
@@ -0,0 +1,53 @@
+/*-
+ * Copyright 2016 Michal Meloun <mmel@FreeBSD.org>
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * $FreeBSD$
+ */
+
+#ifndef _DEV_EXTRES_CLK_FIXED_H_
+#define _DEV_EXTRES_CLK_FIXED_H_
+
+#include <dev/extres/clk/clk.h>
+
+/*
+ * A fixed clock can represent several different real-world objects, including
+ * an oscillator with a fixed output frequency, a fixed divider (multiplier and
+ * divisor must both be > 0), or a phase-fractional divider within a PLL
+ * (however the code currently divides first, then multiplies, potentially
+ * leading to different roundoff errors than the hardware PLL).
+ */
+
+struct clk_fixed_def {
+	struct clknode_init_def clkdef;
+	uint64_t		freq;
+	uint32_t		mult;
+	uint32_t		div;
+	int			fixed_flags;
+};
+
+int clknode_fixed_register(struct clkdom *clkdom, struct clk_fixed_def *clkdef,
+    struct mtx *dev_mtx);
+
+#endif /*_DEV_EXTRES_CLK_FIXED_H_*/
diff --git a/sys/dev/extres/clk/clk_gate.c b/sys/dev/extres/clk/clk_gate.c
new file mode 100644
index 0000000..2107450
--- /dev/null
+++ b/sys/dev/extres/clk/clk_gate.c
@@ -0,0 +1,126 @@
+/*-
+ * Copyright 2016 Michal Meloun <mmel@FreeBSD.org>
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include <sys/cdefs.h>
+__FBSDID("$FreeBSD$");
+
+
+#include <sys/param.h>
+#include <sys/conf.h>
+#include <sys/bus.h>
+#include <sys/kernel.h>
+#include <sys/systm.h>
+
+#include <machine/bus.h>
+
+#include <dev/extres/clk/clk_gate.h>
+
+#include "clkdev_if.h"
+
+#define	WR4(_clk, off, val)						\
+	CLKDEV_WRITE_4(clknode_get_device(_clk), off, val)
+#define	RD4(_clk, off, val)						\
+	CLKDEV_READ_4(clknode_get_device(_clk), off, val)
+#define	MD4(_clk, off, clr, set )					\
+	CLKDEV_MODIFY_4(clknode_get_device(_clk), off, clr, set)
+
+
+static int clknode_gate_init(struct clknode *clk, device_t dev);
+static int clknode_gate_set_gate(struct clknode *clk, bool enable);
+struct clknode_gate_sc {
+	uint32_t	offset;
+	uint32_t	shift;
+	uint32_t	mask;
+	uint32_t	on_value;
+	uint32_t	off_value;
+	int		gate_flags;
+	bool		ungated;
+};
+
+static clknode_method_t clknode_gate_methods[] = {
+	/* Device interface */
+	CLKNODEMETHOD(clknode_init,	clknode_gate_init),
+	CLKNODEMETHOD(clknode_set_gate,	clknode_gate_set_gate),
+	CLKNODEMETHOD_END
+};
+DEFINE_CLASS_1(clknode_gate, clknode_gate_class, clknode_gate_methods,
+   sizeof(struct clknode_gate_sc), clknode_class);
+
+static int
+clknode_gate_init(struct clknode *clk, device_t dev)
+{
+	uint32_t reg;
+	struct clknode_gate_sc *sc;
+	int rv;
+
+	sc = clknode_get_softc(clk);
+	rv = RD4(clk, sc->offset, &reg);
+	if (rv != 0)
+		return (rv);
+	reg = (reg >> sc->shift) & sc->mask;
+	sc->ungated = reg == sc->on_value ? 1 : 0;
+	clknode_init_parent_idx(clk, 0);
+	return(0);
+}
+
+static int
+clknode_gate_set_gate(struct clknode *clk, bool enable)
+{
+	uint32_t reg;
+	struct clknode_gate_sc *sc;
+	int rv;
+
+	sc = clknode_get_softc(clk);
+	sc->ungated = enable;
+	rv = MD4(clk, sc->offset, sc->mask << sc->shift,
+	    (sc->ungated ? sc->on_value : sc->off_value) << sc->shift);
+	if (rv != 0)
+		return (rv);
+	RD4(clk, sc->offset, &reg);
+	return(0);
+}
+
+int
+clknode_gate_register(struct clkdom *clkdom, struct clk_gate_def *clkdef)
+{
+	struct clknode *clk;
+	struct clknode_gate_sc *sc;
+
+	clk = clknode_create(clkdom, &clknode_gate_class, &clkdef->clkdef);
+	if (clk == NULL)
+		return (1);
+
+	sc = clknode_get_softc(clk);
+	sc->offset = clkdef->offset;
+	sc->shift = clkdef->shift;
+	sc->mask =  clkdef->mask;
+	sc->on_value = clkdef->on_value;
+	sc->off_value = clkdef->off_value;
+	sc->gate_flags = clkdef->gate_flags;
+
+	clknode_register(clkdom, clk);
+	return (0);
+}
diff --git a/sys/dev/fdt/fdt_arm64.c b/sys/dev/extres/clk/clk_gate.h
index fc98f51..b6646c2 100644
--- a/sys/dev/fdt/fdt_arm64.c
+++ b/sys/dev/extres/clk/clk_gate.h
@@ -1,10 +1,7 @@
 /*-
- * Copyright (c) 2009-2010 The FreeBSD Foundation
+ * Copyright 2016 Michal Meloun <mmel@FreeBSD.org>
  * All rights reserved.
  *
- * This software was developed by Semihalf under sponsorship from
- * the FreeBSD Foundation.
- *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
@@ -17,7 +14,7 @@
  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
@@ -25,25 +22,25 @@
  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
+ *
+ * $FreeBSD$
  */
 
-#include <sys/cdefs.h>
-__FBSDID("$FreeBSD$");
-
-#include <sys/param.h>
-#include <sys/systm.h>
-#include <sys/kernel.h>
-#include <sys/module.h>
-#include <sys/bus.h>
+#ifndef _DEV_EXTRES_CLK_GATE_H_
+#define _DEV_EXTRES_CLK_GATE_H_
 
-#include <dev/ofw/ofw_bus.h>
-#include <dev/ofw/ofw_bus_subr.h>
-#include <dev/ofw/openfirm.h>
+#include <dev/extres/clk/clk.h>
 
-#include "ofw_bus_if.h"
-#include "fdt_common.h"
-
-struct fdt_fixup_entry fdt_fixup_table[] = {
-	{ NULL, NULL }
+struct clk_gate_def {
+	struct clknode_init_def clkdef;
+	uint32_t		offset;
+	uint32_t		shift;
+	uint32_t		mask;
+	uint32_t		on_value;
+	uint32_t		off_value;
+	int			gate_flags;
 };
 
+int clknode_gate_register(struct clkdom *clkdom, struct clk_gate_def *clkdef);
+
+#endif /* _DEV_EXTRES_CLK_GATE_H_ */
diff --git a/sys/dev/extres/clk/clk_mux.c b/sys/dev/extres/clk/clk_mux.c
new file mode 100644
index 0000000..54e0653
--- /dev/null
+++ b/sys/dev/extres/clk/clk_mux.c
@@ -0,0 +1,122 @@
+/*-
+ * Copyright 2016 Michal Meloun <mmel@FreeBSD.org>
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include <sys/cdefs.h>
+__FBSDID("$FreeBSD$");
+
+
+#include <sys/param.h>
+#include <sys/conf.h>
+#include <sys/bus.h>
+#include <sys/kernel.h>
+#include <sys/systm.h>
+
+#include <machine/bus.h>
+
+#include <dev/extres/clk/clk_mux.h>
+
+#include "clkdev_if.h"
+
+#define	WR4(_clk, off, val)						\
+	CLKDEV_WRITE_4(clknode_get_device(_clk), off, val)
+#define	RD4(_clk, off, val)						\
+	CLKDEV_READ_4(clknode_get_device(_clk), off, val)
+#define	MD4(_clk, off, clr, set )					\
+	CLKDEV_MODIFY_4(clknode_get_device(_clk), off, clr, set)
+
+static int clknode_mux_init(struct clknode *clk, device_t dev);
+static int clknode_mux_set_mux(struct clknode *clk, int idx);
+
+struct clknode_mux_sc {
+	uint32_t	offset;
+	uint32_t	shift;
+	uint32_t	mask;
+	int		mux_flags;
+};
+
+static clknode_method_t clknode_mux_methods[] = {
+	/* Device interface */
+	CLKNODEMETHOD(clknode_init, 	clknode_mux_init),
+	CLKNODEMETHOD(clknode_set_mux, 	clknode_mux_set_mux),
+	CLKNODEMETHOD_END
+};
+DEFINE_CLASS_1(clknode_mux, clknode_mux_class, clknode_mux_methods,
+   sizeof(struct clknode_mux_sc), clknode_class);
+
+
+static int
+clknode_mux_init(struct clknode *clk, device_t dev)
+{
+	uint32_t reg;
+	struct clknode_mux_sc *sc;
+	int rv;
+
+	sc = clknode_get_softc(clk);
+
+	rv = RD4(clk, sc->offset, &reg);
+	if (rv != 0)
+		return (rv);
+	reg = (reg >> sc->shift) & sc->mask;
+	clknode_init_parent_idx(clk, reg);
+	return(0);
+}
+
+static int
+clknode_mux_set_mux(struct clknode *clk, int idx)
+{
+	uint32_t reg;
+	struct clknode_mux_sc *sc;
+	int rv;
+
+	sc = clknode_get_softc(clk);
+
+	rv = MD4(clk, sc->offset, sc->mask << sc->shift,
+	    (idx & sc->mask) << sc->shift);
+	if (rv != 0)
+		return (rv);
+	RD4(clk, sc->offset, &reg);
+	return(0);
+}
+
+int
+clknode_mux_register(struct clkdom *clkdom, struct clk_mux_def *clkdef)
+{
+	struct clknode *clk;
+	struct clknode_mux_sc *sc;
+
+	clk = clknode_create(clkdom, &clknode_mux_class, &clkdef->clkdef);
+	if (clk == NULL)
+		return (1);
+
+	sc = clknode_get_softc(clk);
+	sc->offset = clkdef->offset;
+	sc->shift = clkdef->shift;
+	sc->mask =  (1 << clkdef->width) - 1;
+	sc->mux_flags = clkdef->mux_flags;
+
+	clknode_register(clkdom, clk);
+	return (0);
+}
diff --git a/sys/dev/fdt/fdt_x86.c b/sys/dev/extres/clk/clk_mux.h
index d4d9fc8..193a82f 100644
--- a/sys/dev/fdt/fdt_x86.c
+++ b/sys/dev/extres/clk/clk_mux.h
@@ -1,5 +1,5 @@
 /*-
- * Copyright (c) 2013 Juniper Networks, Inc.
+ * Copyright 2016 Michal Meloun <mmel@FreeBSD.org>
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -22,27 +22,22 @@
  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
+ *
+ * $FreeBSD$
  */
+#ifndef _DEV_EXTRESF_CLK_MUX_H_
+#define _DEV_EXTRESF_CLK_MUX_H_
 
-#include <sys/cdefs.h>
-__FBSDID("$FreeBSD$");
-
-#include <sys/param.h>
-#include <sys/systm.h>
-#include <sys/kernel.h>
-#include <sys/module.h>
-#include <sys/bus.h>
-
-#include <machine/intr_machdep.h>
+#include <dev/extres/clk/clk.h>
 
-#include <dev/ofw/ofw_bus.h>
-#include <dev/ofw/ofw_bus_subr.h>
-#include <dev/ofw/openfirm.h>
-
-#include "ofw_bus_if.h"
-#include "fdt_common.h"
-
-struct fdt_fixup_entry fdt_fixup_table[] = {
-	{ NULL, NULL }
+struct clk_mux_def {
+	struct clknode_init_def clkdef;
+	uint32_t		offset;
+	uint32_t		shift;
+	uint32_t		width;
+	int			mux_flags;
 };
 
+int clknode_mux_register(struct clkdom *clkdom, struct clk_mux_def *clkdef);
+
+#endif /* _DEV_EXTRESF_CLK_MUX_H_ */
diff --git a/sys/dev/extres/clk/clkdev_if.m b/sys/dev/extres/clk/clkdev_if.m
new file mode 100644
index 0000000..b43d205
--- /dev/null
+++ b/sys/dev/extres/clk/clkdev_if.m
@@ -0,0 +1,59 @@
+#-
+# Copyright 2016 Michal Meloun <mmel@FreeBSD.org>
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# 1. Redistributions of source code must retain the above copyright
+#    notice, this list of conditions and the following disclaimer.
+# 2. Redistributions in binary form must reproduce the above copyright
+#    notice, this list of conditions and the following disclaimer in the
+#    documentation and/or other materials provided with the distribution.
+#
+# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+# ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+# SUCH DAMAGE.
+#
+# $FreeBSD$
+#
+
+#include <machine/bus.h>
+
+INTERFACE clkdev;
+
+#
+# Write single register
+#
+METHOD int write_4 {
+	device_t	dev;
+	bus_addr_t	addr;
+	uint32_t	val;
+};
+
+#
+# Read single register
+#
+METHOD int read_4 {
+	device_t	dev;
+	bus_addr_t	addr;
+	uint32_t	*val;
+};
+
+#
+# Modify single register
+#
+METHOD int modify_4 {
+	device_t	dev;
+	bus_addr_t	addr;
+	uint32_t	clear_mask;
+	uint32_t	set_mask;
+};
diff --git a/sys/dev/extres/clk/clknode_if.m b/sys/dev/extres/clk/clknode_if.m
new file mode 100644
index 0000000..80d6754
--- /dev/null
+++ b/sys/dev/extres/clk/clknode_if.m
@@ -0,0 +1,79 @@
+#-
+# Copyright 2016 Michal Meloun <mmel@FreeBSD.org>
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# 1. Redistributions of source code must retain the above copyright
+#    notice, this list of conditions and the following disclaimer.
+# 2. Redistributions in binary form must reproduce the above copyright
+#    notice, this list of conditions and the following disclaimer in the
+#    documentation and/or other materials provided with the distribution.
+#
+# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+# ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+# SUCH DAMAGE.
+#
+# $FreeBSD$
+#
+
+INTERFACE clknode;
+
+HEADER {
+	struct clknode;
+}
+
+#
+# Initialize clock node, get shanpshot of cached values
+#
+METHOD int init {
+	struct clknode	*clk;
+	device_t	dev;
+};
+
+#
+# Recalculate frequency
+#     req - in/out recalulated frequency
+#
+METHOD int recalc_freq {
+	struct clknode	*clk;
+	uint64_t	*freq;
+};
+
+#
+# Set frequency
+#     fin - parent (input)frequency.
+#     fout - requested output freqency. If clock cannot change frequency,
+#	    then must return new requested frequency for his parent
+METHOD int set_freq {
+	struct clknode	*clk;
+	uint64_t	fin;
+	uint64_t	*fout;
+	int		flags;
+	int		*done;
+};
+
+#
+# Enable/disable clock
+#
+METHOD int set_gate {
+	struct clknode	*clk;
+	bool		enable;
+};
+
+#
+# Set multiplexer
+#
+METHOD int set_mux {
+	struct clknode	*clk;
+	int		idx;
+};
diff --git a/sys/dev/extres/hwreset/hwreset.c b/sys/dev/extres/hwreset/hwreset.c
new file mode 100644
index 0000000..b3493de
--- /dev/null
+++ b/sys/dev/extres/hwreset/hwreset.c
@@ -0,0 +1,186 @@
+/*-
+ * Copyright 2016 Michal Meloun <mmel@FreeBSD.org>
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * $FreeBSD$
+ */
+#include "opt_platform.h"
+#include <sys/cdefs.h>
+#include <sys/param.h>
+#include <sys/kernel.h>
+#include <sys/kobj.h>
+#include <sys/malloc.h>
+#include <sys/systm.h>
+
+#ifdef FDT
+#include <dev/ofw/ofw_bus.h>
+#include <dev/ofw/ofw_bus_subr.h>
+#endif
+
+#include <dev/extres/hwreset/hwreset.h>
+
+#include "hwreset_if.h"
+
+struct hwreset {
+	device_t consumer_dev;		/* consumer device*/
+	device_t provider_dev;		/* provider device*/
+	int 	rst_id;			/* reset id */
+};
+
+MALLOC_DEFINE(M_HWRESET, "hwreset", "Reset framework");
+
+int
+hwreset_assert(hwreset_t rst)
+{
+
+	return (HWRESET_ASSERT(rst->provider_dev, rst->rst_id, true));
+}
+
+int
+hwreset_deassert(hwreset_t rst)
+{
+
+	return (HWRESET_ASSERT(rst->provider_dev, rst->rst_id, false));
+}
+
+int
+hwreset_is_asserted(hwreset_t rst, bool *value)
+{
+
+	return (HWRESET_IS_ASSERTED(rst->provider_dev, rst->rst_id, value));
+}
+
+void
+hwreset_release(hwreset_t rst)
+{
+	free(rst, M_HWRESET);
+}
+
+int
+hwreset_get_by_id(device_t consumer_dev, device_t provider_dev, intptr_t id,
+    hwreset_t *rst_out)
+{
+	hwreset_t rst;
+
+	/* Create handle */
+	rst = malloc(sizeof(struct hwreset), M_HWRESET,
+	    M_WAITOK | M_ZERO);
+	rst->consumer_dev = consumer_dev;
+	rst->provider_dev = provider_dev;
+	rst->rst_id = id;
+	*rst_out = rst;
+	return (0);
+}
+
+#ifdef FDT
+int
+hwreset_default_ofw_map(device_t provider_dev, phandle_t xref, int ncells,
+    pcell_t *cells, intptr_t *id)
+{
+	if (ncells == 0)
+		*id = 1;
+	else if (ncells == 1)
+		*id = cells[0];
+	else
+		return  (ERANGE);
+
+	return (0);
+}
+
+int
+hwreset_get_by_ofw_idx(device_t consumer_dev, int idx, hwreset_t *rst)
+{
+	phandle_t cnode, xnode;
+	pcell_t *cells;
+	device_t rstdev;
+	int ncells, rv;
+	intptr_t id;
+
+	cnode = ofw_bus_get_node(consumer_dev);
+	if (cnode <= 0) {
+		device_printf(consumer_dev,
+		    "%s called on not ofw based device\n", __func__);
+		return (ENXIO);
+	}
+
+	rv = ofw_bus_parse_xref_list_alloc(cnode, "resets", "#reset-cells",
+	    idx, &xnode, &ncells, &cells);
+	if (rv != 0)
+		return (rv);
+
+	/* Tranlate provider to device */
+	rstdev = OF_device_from_xref(xnode);
+	if (rstdev == NULL) {
+		free(cells, M_OFWPROP);
+		return (ENODEV);
+	}
+	/* Map reset to number */
+	rv = HWRESET_MAP(rstdev, xnode, ncells, cells, &id);
+	free(cells, M_OFWPROP);
+	if (rv != 0)
+		return (rv);
+
+	return (hwreset_get_by_id(consumer_dev, rstdev, id, rst));
+}
+
+int
+hwreset_get_by_ofw_name(device_t consumer_dev, char *name, hwreset_t *rst)
+{
+	int rv, idx;
+	phandle_t cnode;
+
+	cnode = ofw_bus_get_node(consumer_dev);
+	if (cnode <= 0) {
+		device_printf(consumer_dev,
+		    "%s called on not ofw based device\n",  __func__);
+		return (ENXIO);
+	}
+	rv = ofw_bus_find_string_index(cnode, "reset-names", name, &idx);
+	if (rv != 0)
+		return (rv);
+	return (hwreset_get_by_ofw_idx(consumer_dev, idx, rst));
+}
+
+void
+hwreset_register_ofw_provider(device_t provider_dev)
+{
+	phandle_t xref, node;
+
+	node = ofw_bus_get_node(provider_dev);
+	if (node <= 0)
+		panic("%s called on not ofw based device.\n", __func__);
+
+	xref = OF_xref_from_node(node);
+	OF_device_register_xref(xref, provider_dev);
+}
+
+void
+hwreset_unregister_ofw_provider(device_t provider_dev)
+{
+	phandle_t xref;
+
+	xref = OF_xref_from_device(provider_dev);
+	OF_device_register_xref(xref, NULL);
+}
+#endif
diff --git a/sys/dev/extres/hwreset/hwreset.h b/sys/dev/extres/hwreset/hwreset.h
new file mode 100644
index 0000000..75e653a
--- /dev/null
+++ b/sys/dev/extres/hwreset/hwreset.h
@@ -0,0 +1,67 @@
+/*-
+ * Copyright 2016 Michal Meloun <mmel@FreeBSD.org>
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+ * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ * $FreeBSD$
+ */
+
+#ifndef DEV_EXTRES_HWRESET_HWRESET_H
+#define DEV_EXTRES_HWRESET_HWRESET_H
+
+#include "opt_platform.h"
+#include <sys/types.h>
+#ifdef FDT
+#include <dev/ofw/ofw_bus.h>
+#endif
+
+typedef struct hwreset *hwreset_t;
+
+/*
+ * Provider interface
+ */
+#ifdef FDT
+int hwreset_default_ofw_map(device_t provider_dev, phandle_t xref, int ncells,
+    pcell_t *cells, intptr_t *id);
+void hwreset_register_ofw_provider(device_t provider_dev);
+void hwreset_unregister_ofw_provider(device_t provider_dev);
+#endif
+
+/*
+ * Consumer interface
+ */
+int hwreset_get_by_id(device_t consumer_dev, device_t provider_dev, intptr_t id,
+    hwreset_t *rst);
+void hwreset_release(hwreset_t rst);
+
+int hwreset_assert(hwreset_t rst);
+int hwreset_deassert(hwreset_t rst);
+int hwreset_is_asserted(hwreset_t rst, bool *value);
+
+#ifdef FDT
+int hwreset_get_by_ofw_name(device_t consumer_dev, char *name, hwreset_t *rst);
+int hwreset_get_by_ofw_idx(device_t consumer_dev, int idx, hwreset_t *rst);
+#endif
+
+
+
+#endif /* DEV_EXTRES_HWRESET_HWRESET_H */
diff --git a/sys/dev/extres/hwreset/hwreset_if.m b/sys/dev/extres/hwreset/hwreset_if.m
new file mode 100644
index 0000000..f1816f9
--- /dev/null
+++ b/sys/dev/extres/hwreset/hwreset_if.m
@@ -0,0 +1,72 @@
+#-
+# Copyright 2016 Michal Meloun <mmel@FreeBSD.org>
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# 1. Redistributions of source code must retain the above copyright
+#    notice, this list of conditions and the following disclaimer.
+# 2. Redistributions in binary form must reproduce the above copyright
+#    notice, this list of conditions and the following disclaimer in the
+#    documentation and/or other materials provided with the distribution.
+#
+# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+# ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+# SUCH DAMAGE.
+#
+# $FreeBSD$
+#
+
+#ifdef FDT
+#include <sys/types.h>
+#include <dev/ofw/ofw_bus.h>
+#endif
+
+INTERFACE hwreset;
+
+#ifdef FDT
+HEADER {
+int hwreset_default_ofw_map(device_t , phandle_t, int, pcell_t *, intptr_t *);
+}
+
+#
+# map fdt property cells to reset id
+# Returns 0 on success or a standard errno value.
+#
+METHOD int map {
+	device_t	provider_dev;
+	phandle_t	xref;
+	int		ncells;
+	pcell_t		*cells;
+	intptr_t	*id;
+} DEFAULT hwreset_default_ofw_map;
+#endif
+
+#
+# Assert/deassert given reset.
+# Returns 0 on success or a standard errno value.
+#
+METHOD int assert {
+	device_t	provider_dev;
+	intptr_t	id;
+	bool		value;
+};
+
+#
+# Get actual status of given reset.
+# Returns 0 on success or a standard errno value.
+#
+METHOD int is_asserted {
+	device_t	provider_dev;
+	intptr_t	id;
+	bool		*value;
+};
diff --git a/sys/dev/fdt/fdt_common.h b/sys/dev/fdt/fdt_common.h
index 3d05341..3eb33c1 100644
--- a/sys/dev/fdt/fdt_common.h
+++ b/sys/dev/fdt/fdt_common.h
@@ -45,15 +45,19 @@ struct fdt_sense_level {
 	enum intr_polarity	pol;
 };
 
+#if defined(__arm__) && !defined(ARM_INTRNG)
 typedef int (*fdt_pic_decode_t)(phandle_t, pcell_t *, int *, int *, int *);
 extern fdt_pic_decode_t fdt_pic_table[];
+#endif
 
+#if defined(__arm__) || defined(__powerpc__)
 typedef void (*fdt_fixup_t)(phandle_t);
 struct fdt_fixup_entry {
 	char		*model;
 	fdt_fixup_t	handler;
 };
 extern struct fdt_fixup_entry fdt_fixup_table[];
+#endif
 
 extern SLIST_HEAD(fdt_ic_list, fdt_ic) fdt_ic_list_head;
 struct fdt_ic {
diff --git a/sys/dev/flash/mx25l.c b/sys/dev/flash/mx25l.c
index d9aaa1c..c4dad4b 100644
--- a/sys/dev/flash/mx25l.c
+++ b/sys/dev/flash/mx25l.c
@@ -93,6 +93,7 @@ static int mx25l_open(struct disk *dp);
 static int mx25l_close(struct disk *dp);
 static int mx25l_ioctl(struct disk *, u_long, void *, int, struct thread *);
 static void mx25l_strategy(struct bio *bp);
+static int mx25l_getattr(struct bio *bp);
 static void mx25l_task(void *arg);
 
 struct mx25l_flash_ident flash_devices[] = {
@@ -383,6 +384,7 @@ mx25l_attach(device_t dev)
 	sc->sc_disk->d_open = mx25l_open;
 	sc->sc_disk->d_close = mx25l_close;
 	sc->sc_disk->d_strategy = mx25l_strategy;
+	sc->sc_disk->d_getattr = mx25l_getattr;
 	sc->sc_disk->d_ioctl = mx25l_ioctl;
 	sc->sc_disk->d_name = "flash/spi";
 	sc->sc_disk->d_drv1 = sc;
@@ -448,6 +450,27 @@ mx25l_strategy(struct bio *bp)
 	M25PXX_UNLOCK(sc);
 }
 
+static int
+mx25l_getattr(struct bio *bp)
+{
+	struct mx25l_softc *sc;
+	device_t dev;
+
+	if (bp->bio_disk == NULL || bp->bio_disk->d_drv1 == NULL)
+		return (ENXIO);
+
+	sc = bp->bio_disk->d_drv1;
+	dev = sc->sc_dev;
+
+	if (strcmp(bp->bio_attribute, "SPI::device") == 0) {
+		if (bp->bio_length != sizeof(dev))
+			return (EFAULT);
+		bcopy(&dev, bp->bio_data, sizeof(dev));
+	} else
+		return (-1);
+	return (0);
+}
+
 static void
 mx25l_task(void *arg)
 {
diff --git a/sys/dev/hyperv/netvsc/hv_net_vsc.c b/sys/dev/hyperv/netvsc/hv_net_vsc.c
index 65913b5..8bf34a8 100644
--- a/sys/dev/hyperv/netvsc/hv_net_vsc.c
+++ b/sys/dev/hyperv/netvsc/hv_net_vsc.c
@@ -1028,4 +1028,6 @@ hv_nv_on_channel_callback(void *context)
 
 	if (bufferlen > NETVSC_PACKET_SIZE)
 		free(buffer, M_NETVSC);
+
+	hv_rf_channel_rollup(net_dev);
 }
diff --git a/sys/dev/hyperv/netvsc/hv_net_vsc.h b/sys/dev/hyperv/netvsc/hv_net_vsc.h
index 9157f91..dbe5464 100644
--- a/sys/dev/hyperv/netvsc/hv_net_vsc.h
+++ b/sys/dev/hyperv/netvsc/hv_net_vsc.h
@@ -38,12 +38,16 @@
 #ifndef __HV_NET_VSC_H__
 #define __HV_NET_VSC_H__
 
-#include <sys/types.h>
 #include <sys/param.h>
 #include <sys/lock.h>
 #include <sys/malloc.h>
+#include <sys/queue.h>
 #include <sys/sx.h>
 
+#include <machine/bus.h>
+#include <sys/bus.h>
+#include <sys/bus_dma.h>
+
 #include <netinet/in.h>
 #include <netinet/tcp_lro.h>
 
@@ -984,6 +988,9 @@ typedef struct {
 	hv_bool_uint8_t	link_state;
 } netvsc_device_info;
 
+struct hn_txdesc;
+SLIST_HEAD(hn_txdesc_list, hn_txdesc);
+
 /*
  * Device-specific softc structure
  */
@@ -1001,6 +1008,18 @@ typedef struct hn_softc {
 	struct hv_device  *hn_dev_obj;
 	netvsc_dev  	*net_dev;
 
+	int		hn_txdesc_cnt;
+	struct hn_txdesc *hn_txdesc;
+	bus_dma_tag_t	hn_tx_data_dtag;
+	bus_dma_tag_t	hn_tx_rndis_dtag;
+	int		hn_tx_chimney_size;
+	int		hn_tx_chimney_max;
+
+	struct mtx	hn_txlist_spin;
+	struct hn_txdesc_list hn_txlist;
+	int		hn_txdesc_avail;
+	int		hn_txeof;
+
 	struct lro_ctrl	hn_lro;
 	int		hn_lro_hiwat;
 
@@ -1012,6 +1031,11 @@ typedef struct hn_softc {
 	u_long		hn_csum_trusted;
 	u_long		hn_lro_tried;
 	u_long		hn_small_pkts;
+	u_long		hn_no_txdescs;
+	u_long		hn_send_failed;
+	u_long		hn_txdma_failed;
+	u_long		hn_tx_collapsed;
+	u_long		hn_tx_chimney;
 } hn_softc_t;
 
 
diff --git a/sys/dev/hyperv/netvsc/hv_netvsc_drv_freebsd.c b/sys/dev/hyperv/netvsc/hv_netvsc_drv_freebsd.c
index 29ceb2a..10e8ada 100644
--- a/sys/dev/hyperv/netvsc/hv_netvsc_drv_freebsd.c
+++ b/sys/dev/hyperv/netvsc/hv_netvsc_drv_freebsd.c
@@ -129,6 +129,41 @@ __FBSDID("$FreeBSD$");
 #define HV_NV_SC_PTR_OFFSET_IN_BUF         0
 #define HV_NV_PACKET_OFFSET_IN_BUF         16
 
+/* YYY should get it from the underlying channel */
+#define HN_TX_DESC_CNT			512
+
+#define HN_RNDIS_MSG_LEN		\
+    (sizeof(rndis_msg) +		\
+     RNDIS_VLAN_PPI_SIZE +		\
+     RNDIS_TSO_PPI_SIZE +		\
+     RNDIS_CSUM_PPI_SIZE)
+#define HN_RNDIS_MSG_BOUNDARY		PAGE_SIZE
+#define HN_RNDIS_MSG_ALIGN		CACHE_LINE_SIZE
+
+#define HN_TX_DATA_BOUNDARY		PAGE_SIZE
+#define HN_TX_DATA_MAXSIZE		IP_MAXPACKET
+#define HN_TX_DATA_SEGSIZE		PAGE_SIZE
+#define HN_TX_DATA_SEGCNT_MAX		\
+    (NETVSC_PACKET_MAXPAGE - HV_RF_NUM_TX_RESERVED_PAGE_BUFS)
+
+struct hn_txdesc {
+	SLIST_ENTRY(hn_txdesc) link;
+	struct mbuf	*m;
+	struct hn_softc	*sc;
+	int		refs;
+	uint32_t	flags;		/* HN_TXD_FLAG_ */
+	netvsc_packet	netvsc_pkt;	/* XXX to be removed */
+
+	bus_dmamap_t	data_dmap;
+
+	bus_addr_t	rndis_msg_paddr;
+	rndis_msg	*rndis_msg;
+	bus_dmamap_t	rndis_msg_dmap;
+};
+
+#define HN_TXD_FLAG_ONLIST	0x1
+#define HN_TXD_FLAG_DMAMAP	0x2
+
 /*
  * A unified flag for all outbound check sum flags is useful,
  * and it helps avoiding unnecessary check sum calculation in
@@ -171,9 +206,19 @@ __FBSDID("$FreeBSD$");
 int hv_promisc_mode = 0;    /* normal mode by default */
 
 /* Trust tcp segements verification on host side. */
-static int hn_trust_hosttcp = 0;
+static int hn_trust_hosttcp = 1;
 TUNABLE_INT("dev.hn.trust_hosttcp", &hn_trust_hosttcp);
 
+#if __FreeBSD_version >= 1100045
+/* Limit TSO burst size */
+static int hn_tso_maxlen = 0;
+TUNABLE_INT("dev.hn.tso_maxlen", &hn_tso_maxlen);
+#endif
+
+/* Limit chimney send size */
+static int hn_tx_chimney_size = 0;
+TUNABLE_INT("dev.hn.tx_chimney_size", &hn_tx_chimney_size);
+
 /*
  * Forward declarations
  */
@@ -181,14 +226,17 @@ static void hn_stop(hn_softc_t *sc);
 static void hn_ifinit_locked(hn_softc_t *sc);
 static void hn_ifinit(void *xsc);
 static int  hn_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data);
-static int  hn_start_locked(struct ifnet *ifp);
+static void hn_start_locked(struct ifnet *ifp);
 static void hn_start(struct ifnet *ifp);
 static int hn_ifmedia_upd(struct ifnet *ifp);
 static void hn_ifmedia_sts(struct ifnet *ifp, struct ifmediareq *ifmr);
 #ifdef HN_LRO_HIWAT
 static int hn_lro_hiwat_sysctl(SYSCTL_HANDLER_ARGS);
 #endif
+static int hn_tx_chimney_size_sysctl(SYSCTL_HANDLER_ARGS);
 static int hn_check_iplen(const struct mbuf *, int);
+static int hn_create_tx_ring(struct hn_softc *sc);
+static void hn_destroy_tx_ring(struct hn_softc *sc);
 
 static __inline void
 hn_set_lro_hiwat(struct hn_softc *sc, int hiwat)
@@ -318,10 +366,13 @@ netvsc_attach(device_t dev)
 	netvsc_device_info device_info;
 	hn_softc_t *sc;
 	int unit = device_get_unit(dev);
-	struct ifnet *ifp;
+	struct ifnet *ifp = NULL;
 	struct sysctl_oid_list *child;
 	struct sysctl_ctx_list *ctx;
-	int ret;
+	int error;
+#if __FreeBSD_version >= 1100045
+	int tso_maxlen;
+#endif
 
 	sc = device_get_softc(dev);
 	if (sc == NULL) {
@@ -334,6 +385,10 @@ netvsc_attach(device_t dev)
 	sc->hn_lro_hiwat = HN_LRO_HIWAT_DEF;
 	sc->hn_trust_hosttcp = hn_trust_hosttcp;
 
+	error = hn_create_tx_ring(sc);
+	if (error)
+		goto failed;
+
 	NV_LOCK_INIT(sc, "NetVSCLock");
 
 	sc->hn_dev_obj = device_ctx;
@@ -381,12 +436,10 @@ netvsc_attach(device_t dev)
 	else
 		ifp->if_hwassist = CSUM_TCP | CSUM_TSO;
 
-	ret = hv_rf_on_device_add(device_ctx, &device_info);
-	if (ret != 0) {
-		if_free(ifp);
+	error = hv_rf_on_device_add(device_ctx, &device_info);
+	if (error)
+		goto failed;
 
-		return (ret);
-	}
 	if (device_info.link_state == 0) {
 		sc->hn_carrier = 1;
 	}
@@ -400,8 +453,30 @@ netvsc_attach(device_t dev)
 #endif
 #endif	/* INET || INET6 */
 
+#if __FreeBSD_version >= 1100045
+	tso_maxlen = hn_tso_maxlen;
+	if (tso_maxlen <= 0 || tso_maxlen > IP_MAXPACKET)
+		tso_maxlen = IP_MAXPACKET;
+
+	ifp->if_hw_tsomaxsegcount = HN_TX_DATA_SEGCNT_MAX;
+	ifp->if_hw_tsomaxsegsize = PAGE_SIZE;
+	ifp->if_hw_tsomax = tso_maxlen -
+	    (ETHER_HDR_LEN + ETHER_VLAN_ENCAP_LEN);
+#endif
+
 	ether_ifattach(ifp, device_info.mac_addr);
 
+#if __FreeBSD_version >= 1100045
+	if_printf(ifp, "TSO: %u/%u/%u\n", ifp->if_hw_tsomax,
+	    ifp->if_hw_tsomaxsegcount, ifp->if_hw_tsomaxsegsize);
+#endif
+
+	sc->hn_tx_chimney_max = sc->net_dev->send_section_size;
+	sc->hn_tx_chimney_size = sc->hn_tx_chimney_max;
+	if (hn_tx_chimney_size > 0 &&
+	    hn_tx_chimney_size < sc->hn_tx_chimney_max)
+		sc->hn_tx_chimney_size = hn_tx_chimney_size;
+
 	ctx = device_get_sysctl_ctx(dev);
 	child = SYSCTL_CHILDREN(device_get_sysctl_tree(dev));
 
@@ -429,6 +504,26 @@ netvsc_attach(device_t dev)
 	    "# of TCP segements that we trust host's csum verification");
 	SYSCTL_ADD_ULONG(ctx, child, OID_AUTO, "small_pkts",
 	    CTLFLAG_RW, &sc->hn_small_pkts, "# of small packets received");
+	SYSCTL_ADD_ULONG(ctx, child, OID_AUTO, "no_txdescs",
+	    CTLFLAG_RW, &sc->hn_no_txdescs, "# of times short of TX descs");
+	SYSCTL_ADD_ULONG(ctx, child, OID_AUTO, "send_failed",
+	    CTLFLAG_RW, &sc->hn_send_failed, "# of hyper-v sending failure");
+	SYSCTL_ADD_ULONG(ctx, child, OID_AUTO, "txdma_failed",
+	    CTLFLAG_RW, &sc->hn_txdma_failed, "# of TX DMA failure");
+	SYSCTL_ADD_ULONG(ctx, child, OID_AUTO, "tx_collapsed",
+	    CTLFLAG_RW, &sc->hn_tx_collapsed, "# of TX mbuf collapsed");
+	SYSCTL_ADD_ULONG(ctx, child, OID_AUTO, "tx_chimney",
+	    CTLFLAG_RW, &sc->hn_tx_chimney, "# of chimney send");
+	SYSCTL_ADD_INT(ctx, child, OID_AUTO, "txdesc_cnt",
+	    CTLFLAG_RD, &sc->hn_txdesc_cnt, 0, "# of total TX descs");
+	SYSCTL_ADD_INT(ctx, child, OID_AUTO, "txdesc_avail",
+	    CTLFLAG_RD, &sc->hn_txdesc_avail, 0, "# of available TX descs");
+	SYSCTL_ADD_INT(ctx, child, OID_AUTO, "tx_chimney_max",
+	    CTLFLAG_RD, &sc->hn_tx_chimney_max, 0,
+	    "Chimney send packet size upper boundary");
+	SYSCTL_ADD_PROC(ctx, child, OID_AUTO, "tx_chimney_size",
+	    CTLTYPE_INT | CTLFLAG_RW, sc, 0, hn_tx_chimney_size_sysctl,
+	    "I", "Chimney send packet size limit");
 
 	if (unit == 0) {
 		struct sysctl_ctx_list *dc_ctx;
@@ -446,9 +541,21 @@ netvsc_attach(device_t dev)
 		    CTLFLAG_RD, &hn_trust_hosttcp, 0,
 		    "Trust tcp segement verification on host side, "
 		    "when csum info is missing (global setting)");
+		SYSCTL_ADD_INT(dc_ctx, dc_child, OID_AUTO, "tx_chimney_size",
+		    CTLFLAG_RD, &hn_tx_chimney_size, 0,
+		    "Chimney send packet size limit");
+#if __FreeBSD_version >= 1100045
+		SYSCTL_ADD_INT(dc_ctx, dc_child, OID_AUTO, "tso_maxlen",
+		    CTLFLAG_RD, &hn_tso_maxlen, 0, "TSO burst limit");
+#endif
 	}
 
 	return (0);
+failed:
+	hn_destroy_tx_ring(sc);
+	if (ifp != NULL)
+		if_free(ifp);
+	return (error);
 }
 
 /*
@@ -480,6 +587,7 @@ netvsc_detach(device_t dev)
 #if defined(INET) || defined(INET6)
 	tcp_lro_free(&sc->hn_lro);
 #endif
+	hn_destroy_tx_ring(sc);
 
 	return (0);
 }
@@ -493,6 +601,112 @@ netvsc_shutdown(device_t dev)
 	return (0);
 }
 
+static __inline int
+hn_txdesc_dmamap_load(struct hn_softc *sc, struct hn_txdesc *txd,
+    struct mbuf **m_head, bus_dma_segment_t *segs, int *nsegs)
+{
+	struct mbuf *m = *m_head;
+	int error;
+
+	error = bus_dmamap_load_mbuf_sg(sc->hn_tx_data_dtag, txd->data_dmap,
+	    m, segs, nsegs, BUS_DMA_NOWAIT);
+	if (error == EFBIG) {
+		struct mbuf *m_new;
+
+		m_new = m_collapse(m, M_NOWAIT, HN_TX_DATA_SEGCNT_MAX);
+		if (m_new == NULL)
+			return ENOBUFS;
+		else
+			*m_head = m = m_new;
+		sc->hn_tx_collapsed++;
+
+		error = bus_dmamap_load_mbuf_sg(sc->hn_tx_data_dtag,
+		    txd->data_dmap, m, segs, nsegs, BUS_DMA_NOWAIT);
+	}
+	if (!error) {
+		bus_dmamap_sync(sc->hn_tx_data_dtag, txd->data_dmap,
+		    BUS_DMASYNC_PREWRITE);
+		txd->flags |= HN_TXD_FLAG_DMAMAP;
+	}
+	return error;
+}
+
+static __inline void
+hn_txdesc_dmamap_unload(struct hn_softc *sc, struct hn_txdesc *txd)
+{
+
+	if (txd->flags & HN_TXD_FLAG_DMAMAP) {
+		bus_dmamap_sync(sc->hn_tx_data_dtag,
+		    txd->data_dmap, BUS_DMASYNC_POSTWRITE);
+		bus_dmamap_unload(sc->hn_tx_data_dtag,
+		    txd->data_dmap);
+		txd->flags &= ~HN_TXD_FLAG_DMAMAP;
+	}
+}
+
+static __inline int
+hn_txdesc_put(struct hn_softc *sc, struct hn_txdesc *txd)
+{
+
+	KASSERT((txd->flags & HN_TXD_FLAG_ONLIST) == 0,
+	    ("put an onlist txd %#x", txd->flags));
+
+	KASSERT(txd->refs > 0, ("invalid txd refs %d", txd->refs));
+	if (atomic_fetchadd_int(&txd->refs, -1) != 1)
+		return 0;
+
+	hn_txdesc_dmamap_unload(sc, txd);
+	if (txd->m != NULL) {
+		m_freem(txd->m);
+		txd->m = NULL;
+	}
+
+	txd->flags |= HN_TXD_FLAG_ONLIST;
+
+	mtx_lock_spin(&sc->hn_txlist_spin);
+	KASSERT(sc->hn_txdesc_avail >= 0 &&
+	    sc->hn_txdesc_avail < sc->hn_txdesc_cnt,
+	    ("txdesc_put: invalid txd avail %d", sc->hn_txdesc_avail));
+	sc->hn_txdesc_avail++;
+	SLIST_INSERT_HEAD(&sc->hn_txlist, txd, link);
+	mtx_unlock_spin(&sc->hn_txlist_spin);
+
+	return 1;
+}
+
+static __inline struct hn_txdesc *
+hn_txdesc_get(struct hn_softc *sc)
+{
+	struct hn_txdesc *txd;
+
+	mtx_lock_spin(&sc->hn_txlist_spin);
+	txd = SLIST_FIRST(&sc->hn_txlist);
+	if (txd != NULL) {
+		KASSERT(sc->hn_txdesc_avail > 0,
+		    ("txdesc_get: invalid txd avail %d", sc->hn_txdesc_avail));
+		sc->hn_txdesc_avail--;
+		SLIST_REMOVE_HEAD(&sc->hn_txlist, link);
+	}
+	mtx_unlock_spin(&sc->hn_txlist_spin);
+
+	if (txd != NULL) {
+		KASSERT(txd->m == NULL && txd->refs == 0 &&
+		    (txd->flags & HN_TXD_FLAG_ONLIST), ("invalid txd"));
+		txd->flags &= ~HN_TXD_FLAG_ONLIST;
+		txd->refs = 1;
+	}
+	return txd;
+}
+
+static __inline void
+hn_txdesc_hold(struct hn_txdesc *txd)
+{
+
+	/* 0->1 transition will never work */
+	KASSERT(txd->refs > 0, ("invalid refs %d", txd->refs));
+	atomic_add_int(&txd->refs, 1);
+}
+
 /*
  * Send completion processing
  *
@@ -503,34 +717,44 @@ netvsc_shutdown(device_t dev)
 void
 netvsc_xmit_completion(void *context)
 {
-	netvsc_packet *packet = (netvsc_packet *)context;
-	struct mbuf *mb;
-	uint8_t *buf;
+	netvsc_packet *packet = context;
+	struct hn_txdesc *txd;
+	struct hn_softc *sc;
 
-	mb = (struct mbuf *)(uintptr_t)packet->compl.send.send_completion_tid;
-	buf = ((uint8_t *)packet) - HV_NV_PACKET_OFFSET_IN_BUF;
+	txd = (struct hn_txdesc *)(uintptr_t)
+	    packet->compl.send.send_completion_tid;
 
-	free(buf, M_NETVSC);
+	sc = txd->sc;
+	sc->hn_txeof = 1;
+	hn_txdesc_put(sc, txd);
+}
 
-	if (mb != NULL) {
-		m_freem(mb);
-	}
+void
+netvsc_channel_rollup(struct hv_device *device_ctx)
+{
+	struct hn_softc *sc = device_get_softc(device_ctx->device);
+	struct ifnet *ifp;
+
+	if (!sc->hn_txeof)
+		return;
+
+	sc->hn_txeof = 0;
+	ifp = sc->hn_ifp;
+	NV_LOCK(sc);
+	ifp->if_drv_flags &= ~IFF_DRV_OACTIVE;
+	hn_start_locked(ifp);
+	NV_UNLOCK(sc);
 }
 
 /*
  * Start a transmit of one or more packets
  */
-static int
+static void
 hn_start_locked(struct ifnet *ifp)
 {
 	hn_softc_t *sc = ifp->if_softc;
 	struct hv_device *device_ctx = vmbus_get_devctx(sc->hn_dev);
 	netvsc_dev *net_dev = sc->net_dev;
-	device_t dev = device_ctx->device;
-	uint8_t *buf;
-	netvsc_packet *packet;
-	struct mbuf *m_head, *m;
-	struct mbuf *mc_head = NULL;
 	struct ether_vlan_header *eh;
 	rndis_msg *rndis_mesg;
 	rndis_packet *rndis_pkt;
@@ -539,84 +763,36 @@ hn_start_locked(struct ifnet *ifp)
 	rndis_tcp_ip_csum_info *csum_info;
 	rndis_tcp_tso_info *tso_info;	
 	int ether_len;
-	int i;
-	int num_frags;
-	int len;
-	int retries = 0;
-	int ret = 0;	
 	uint32_t rndis_msg_size = 0;
 	uint32_t trans_proto_type;
-	uint32_t send_buf_section_idx =
-	    NVSP_1_CHIMNEY_SEND_INVALID_SECTION_INDEX;
-
-	while (!IFQ_DRV_IS_EMPTY(&sc->hn_ifp->if_snd)) {
-		IFQ_DRV_DEQUEUE(&sc->hn_ifp->if_snd, m_head);
-		if (m_head == NULL) {
-			break;
-		}
 
-		len = 0;
-		num_frags = 0;
+	if ((ifp->if_drv_flags & (IFF_DRV_RUNNING | IFF_DRV_OACTIVE)) !=
+	    IFF_DRV_RUNNING)
+		return;
 
-		/* Walk the mbuf list computing total length and num frags */
-		for (m = m_head; m != NULL; m = m->m_next) {
-			if (m->m_len != 0) {
-				num_frags++;
-				len += m->m_len;
-			}
-		}
+	while (!IFQ_DRV_IS_EMPTY(&ifp->if_snd)) {
+		bus_dma_segment_t segs[HN_TX_DATA_SEGCNT_MAX];
+		int error, nsegs, i, send_failed = 0;
+		struct hn_txdesc *txd;
+		netvsc_packet *packet;
+		struct mbuf *m_head;
 
-		/*
-		 * Reserve the number of pages requested.  Currently,
-		 * one page is reserved for the message in the RNDIS
-		 * filter packet
-		 */
-		num_frags += HV_RF_NUM_TX_RESERVED_PAGE_BUFS;
-
-		/* If exceeds # page_buffers in netvsc_packet */
-		if (num_frags > NETVSC_PACKET_MAXPAGE) {
-			device_printf(dev, "exceed max page buffers,%d,%d\n",
-			    num_frags, NETVSC_PACKET_MAXPAGE);
-			m_freem(m_head);
-			if_inc_counter(ifp, IFCOUNTER_OERRORS, 1);
-			return (EINVAL);
-		}
+		IFQ_DRV_DEQUEUE(&ifp->if_snd, m_head);
+		if (m_head == NULL)
+			break;
 
-		/*
-		 * Allocate a buffer with space for a netvsc packet plus a
-		 * number of reserved areas.  First comes a (currently 16
-		 * bytes, currently unused) reserved data area.  Second is
-		 * the netvsc_packet. Third is an area reserved for an 
-		 * rndis_filter_packet struct. Fourth (optional) is a 
-		 * rndis_per_packet_info struct.
-		 * Changed malloc to M_NOWAIT to avoid sleep under spin lock.
-		 * No longer reserving extra space for page buffers, as they
-		 * are already part of the netvsc_packet.
-		 */
-		buf = malloc(HV_NV_PACKET_OFFSET_IN_BUF +
-			sizeof(netvsc_packet) + 
-			sizeof(rndis_msg) +
-			RNDIS_VLAN_PPI_SIZE +
-			RNDIS_TSO_PPI_SIZE +
-			RNDIS_CSUM_PPI_SIZE,
-			M_NETVSC, M_ZERO | M_NOWAIT);
-		if (buf == NULL) {
-			device_printf(dev, "hn:malloc packet failed\n");
-			m_freem(m_head);
-			if_inc_counter(ifp, IFCOUNTER_OERRORS, 1);
-			return (ENOMEM);
+		txd = hn_txdesc_get(sc);
+		if (txd == NULL) {
+			sc->hn_no_txdescs++;
+			IF_PREPEND(&ifp->if_snd, m_head);
+			ifp->if_drv_flags |= IFF_DRV_OACTIVE;
+			break;
 		}
 
-		packet = (netvsc_packet *)(buf + HV_NV_PACKET_OFFSET_IN_BUF);
-		*(vm_offset_t *)buf = HV_NV_SC_PTR_OFFSET_IN_BUF;
-
+		packet = &txd->netvsc_pkt;
 		packet->is_data_pkt = TRUE;
-
-		/* Set up the rndis header */
-		packet->page_buf_count = num_frags;
-
 		/* Initialize it from the mbuf */
-		packet->tot_data_buf_len = len;
+		packet->tot_data_buf_len = m_head->m_pkthdr.len;
 
 		/*
 		 * extension points to the area reserved for the
@@ -624,8 +800,9 @@ hn_start_locked(struct ifnet *ifp)
 		 * the netvsc_packet (and rppi struct, if present;
 		 * length is updated later).
 		 */
-		packet->rndis_mesg = packet + 1;
-		rndis_mesg = (rndis_msg *)packet->rndis_mesg;
+		rndis_mesg = txd->rndis_msg;
+		/* XXX not necessary */
+		memset(rndis_mesg, 0, HN_RNDIS_MSG_LEN);
 		rndis_mesg->ndis_msg_type = REMOTE_NDIS_PACKET_MSG;
 
 		rndis_pkt = &rndis_mesg->msg.packet;
@@ -644,8 +821,6 @@ hn_start_locked(struct ifnet *ifp)
 			 * set up some additional fields so the Hyper-V infrastructure will stuff the VLAN tag
 			 * into the frame.
 			 */
-			packet->vlan_tci = m_head->m_pkthdr.ether_vtag;
-
 			rndis_msg_size += RNDIS_VLAN_PPI_SIZE;
 
 			rppi = hv_set_rppi_data(rndis_mesg, RNDIS_VLAN_PPI_SIZE,
@@ -656,7 +831,7 @@ hn_start_locked(struct ifnet *ifp)
 			    rppi->per_packet_info_offset);
 			/* FreeBSD does not support CFI or priority */
 			rppi_vlan_info->u1.s1.vlan_id =
-			    packet->vlan_tci & 0xfff;
+			    m_head->m_pkthdr.ether_vtag & 0xfff;
 		}
 
 		/* Only check the flags for outbound and ignore the ones for inbound */
@@ -758,58 +933,71 @@ pre_send:
 		packet->tot_data_buf_len = rndis_mesg->msg_len;
 
 		/* send packet with send buffer */
-		if (packet->tot_data_buf_len < net_dev->send_section_size) {
+		if (packet->tot_data_buf_len < sc->hn_tx_chimney_size) {
+			uint32_t send_buf_section_idx;
+
 			send_buf_section_idx =
 			    hv_nv_get_next_send_section(net_dev);
 			if (send_buf_section_idx !=
 			    NVSP_1_CHIMNEY_SEND_INVALID_SECTION_INDEX) {
-				char *dest = ((char *)net_dev->send_buf +
-				    send_buf_section_idx *
-				    net_dev->send_section_size);
+				uint8_t *dest = ((uint8_t *)net_dev->send_buf +
+				    (send_buf_section_idx *
+				     net_dev->send_section_size));
 
 				memcpy(dest, rndis_mesg, rndis_msg_size);
 				dest += rndis_msg_size;
-				for (m = m_head; m != NULL; m = m->m_next) {
-					if (m->m_len) {
-						memcpy(dest,
-						    (void *)mtod(m, vm_offset_t),
-						    m->m_len);
-						dest += m->m_len;
-					}
-				}
+
+				m_copydata(m_head, 0, m_head->m_pkthdr.len,
+				    dest);
 
 				packet->send_buf_section_idx =
 				    send_buf_section_idx;
 				packet->send_buf_section_size =
 				    packet->tot_data_buf_len;
 				packet->page_buf_count = 0;
+				sc->hn_tx_chimney++;
 				goto do_send;
 			}
 		}
 
+		error = hn_txdesc_dmamap_load(sc, txd, &m_head, segs, &nsegs);
+		if (error) {
+			int freed;
+
+			/*
+			 * This mbuf is not linked w/ the txd yet, so free
+			 * it now.
+			 */
+			m_freem(m_head);
+			freed = hn_txdesc_put(sc, txd);
+			KASSERT(freed != 0,
+			    ("fail to free txd upon txdma error"));
+
+			sc->hn_txdma_failed++;
+			if_inc_counter(ifp, IFCOUNTER_OERRORS, 1);
+			continue;
+		}
+
+		packet->page_buf_count = nsegs +
+		    HV_RF_NUM_TX_RESERVED_PAGE_BUFS;
+
 		/* send packet with page buffer */
-		packet->page_buffers[0].pfn =
-		    atop(hv_get_phys_addr(rndis_mesg));
+		packet->page_buffers[0].pfn = atop(txd->rndis_msg_paddr);
 		packet->page_buffers[0].offset =
-		    (unsigned long)rndis_mesg & PAGE_MASK;
+		    txd->rndis_msg_paddr & PAGE_MASK;
 		packet->page_buffers[0].length = rndis_msg_size;
 
 		/*
 		 * Fill the page buffers with mbuf info starting at index
 		 * HV_RF_NUM_TX_RESERVED_PAGE_BUFS.
 		 */
-		i = HV_RF_NUM_TX_RESERVED_PAGE_BUFS;
-		for (m = m_head; m != NULL; m = m->m_next) {
-			if (m->m_len) {
-				vm_offset_t paddr =
-				    vtophys(mtod(m, vm_offset_t));
-				packet->page_buffers[i].pfn =
-				    paddr >> PAGE_SHIFT;
-				packet->page_buffers[i].offset =
-				    paddr & (PAGE_SIZE - 1);
-				packet->page_buffers[i].length = m->m_len;
-				i++;
-			}
+		for (i = 0; i < nsegs; ++i) {
+			hv_vmbus_page_buffer *pb = &packet->page_buffers[
+			    i + HV_RF_NUM_TX_RESERVED_PAGE_BUFS];
+
+			pb->pfn = atop(segs[i].ds_addr);
+			pb->offset = segs[i].ds_addr & PAGE_MASK;
+			pb->length = segs[i].ds_len;
 		}
 
 		packet->send_buf_section_idx = 
@@ -817,63 +1005,65 @@ pre_send:
 		packet->send_buf_section_size = 0;
 
 do_send:
+		txd->m = m_head;
 
-		/*
-		 * If bpf, copy the mbuf chain.  This is less expensive than
-		 * it appears; the mbuf clusters are not copied, only their
-		 * reference counts are incremented.
-		 * Needed to avoid a race condition where the completion
-		 * callback is invoked, freeing the mbuf chain, before the
-		 * bpf_mtap code has a chance to run.
-		 */
-		if (ifp->if_bpf) {
-			mc_head = m_copypacket(m_head, M_NOWAIT);
-		}
-retry_send:
 		/* Set the completion routine */
 		packet->compl.send.on_send_completion = netvsc_xmit_completion;
 		packet->compl.send.send_completion_context = packet;
-		packet->compl.send.send_completion_tid = (uint64_t)(uintptr_t)m_head;
+		packet->compl.send.send_completion_tid =
+		    (uint64_t)(uintptr_t)txd;
 
-		/* Removed critical_enter(), does not appear necessary */
-		ret = hv_nv_on_send(device_ctx, packet);
-		if (ret == 0) {
+again:
+		/*
+		 * Make sure that txd is not freed before ETHER_BPF_MTAP.
+		 */
+		hn_txdesc_hold(txd);
+		error = hv_nv_on_send(device_ctx, packet);
+		if (!error) {
+			ETHER_BPF_MTAP(ifp, m_head);
 			if_inc_counter(ifp, IFCOUNTER_OPACKETS, 1);
-			/* if bpf && mc_head, call bpf_mtap code */
-			if (mc_head) {
-				ETHER_BPF_MTAP(ifp, mc_head);
-			}
-		} else {
-			retries++;
-			if (retries < 4) {
-				goto retry_send;
-			}
+		}
+		hn_txdesc_put(sc, txd);
 
-			IF_PREPEND(&ifp->if_snd, m_head);
-			ifp->if_drv_flags |= IFF_DRV_OACTIVE;
+		if (__predict_false(error)) {
+			int freed;
 
 			/*
-			 * Null the mbuf pointer so the completion function
-			 * does not free the mbuf chain.  We just pushed the
-			 * mbuf chain back on the if_snd queue.
+			 * This should "really rarely" happen.
+			 *
+			 * XXX Too many RX to be acked or too many sideband
+			 * commands to run?  Ask netvsc_channel_rollup()
+			 * to kick start later.
 			 */
-			packet->compl.send.send_completion_tid = 0;
+			sc->hn_txeof = 1;
+			if (!send_failed) {
+				sc->hn_send_failed++;
+				send_failed = 1;
+				/*
+				 * Try sending again after set hn_txeof;
+				 * in case that we missed the last
+				 * netvsc_channel_rollup().
+				 */
+				goto again;
+			}
+			if_printf(ifp, "send failed\n");
 
 			/*
-			 * Release the resources since we will not get any
-			 * send completion
+			 * This mbuf will be prepended, don't free it
+			 * in hn_txdesc_put(); only unload it from the
+			 * DMA map in hn_txdesc_put(), if it was loaded.
 			 */
-			netvsc_xmit_completion(packet);
-			if_inc_counter(ifp, IFCOUNTER_OERRORS, 1);
-		}
+			txd->m = NULL;
+			freed = hn_txdesc_put(sc, txd);
+			KASSERT(freed != 0,
+			    ("fail to free txd upon send error"));
 
-		/* if bpf && mc_head, free the mbuf chain copy */
-		if (mc_head) {
-			m_freem(mc_head);
+			sc->hn_send_failed++;
+			IF_PREPEND(&ifp->if_snd, m_head);
+			ifp->if_drv_flags |= IFF_DRV_OACTIVE;
+			break;
 		}
 	}
-
-	return (ret);
 }
 
 /*
@@ -1220,6 +1410,9 @@ hn_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data)
 			break;
 		}
 
+		sc->hn_tx_chimney_max = sc->net_dev->send_section_size;
+		if (sc->hn_tx_chimney_size > sc->hn_tx_chimney_max)
+			sc->hn_tx_chimney_size = sc->hn_tx_chimney_max;
 		hn_ifinit_locked(sc);
 
 		NV_LOCK(sc);
@@ -1477,6 +1670,25 @@ hn_lro_hiwat_sysctl(SYSCTL_HANDLER_ARGS)
 #endif	/* HN_LRO_HIWAT */
 
 static int
+hn_tx_chimney_size_sysctl(SYSCTL_HANDLER_ARGS)
+{
+	struct hn_softc *sc = arg1;
+	int chimney_size, error;
+
+	chimney_size = sc->hn_tx_chimney_size;
+	error = sysctl_handle_int(oidp, &chimney_size, 0, req);
+	if (error || req->newptr == NULL)
+		return error;
+
+	if (chimney_size > sc->hn_tx_chimney_max || chimney_size <= 0)
+		return EINVAL;
+
+	if (sc->hn_tx_chimney_size != chimney_size)
+		sc->hn_tx_chimney_size = chimney_size;
+	return 0;
+}
+
+static int
 hn_check_iplen(const struct mbuf *m, int hoff)
 {
 	const struct ip *ip;
@@ -1551,6 +1763,150 @@ hn_check_iplen(const struct mbuf *m, int hoff)
 	return ip->ip_p;
 }
 
+static void
+hn_dma_map_paddr(void *arg, bus_dma_segment_t *segs, int nseg, int error)
+{
+	bus_addr_t *paddr = arg;
+
+	if (error)
+		return;
+
+	KASSERT(nseg == 1, ("too many segments %d!", nseg));
+	*paddr = segs->ds_addr;
+}
+
+static int
+hn_create_tx_ring(struct hn_softc *sc)
+{
+	bus_dma_tag_t parent_dtag;
+	int error, i;
+
+	sc->hn_txdesc_cnt = HN_TX_DESC_CNT;
+	sc->hn_txdesc = malloc(sizeof(struct hn_txdesc) * sc->hn_txdesc_cnt,
+	    M_NETVSC, M_WAITOK | M_ZERO);
+	SLIST_INIT(&sc->hn_txlist);
+	mtx_init(&sc->hn_txlist_spin, "hn txlist", NULL, MTX_SPIN);
+
+	parent_dtag = bus_get_dma_tag(sc->hn_dev);
+
+	/* DMA tag for RNDIS messages. */
+	error = bus_dma_tag_create(parent_dtag, /* parent */
+	    HN_RNDIS_MSG_ALIGN,		/* alignment */
+	    HN_RNDIS_MSG_BOUNDARY,	/* boundary */
+	    BUS_SPACE_MAXADDR,		/* lowaddr */
+	    BUS_SPACE_MAXADDR,		/* highaddr */
+	    NULL, NULL,			/* filter, filterarg */
+	    HN_RNDIS_MSG_LEN,		/* maxsize */
+	    1,				/* nsegments */
+	    HN_RNDIS_MSG_LEN,		/* maxsegsize */
+	    0,				/* flags */
+	    NULL,			/* lockfunc */
+	    NULL,			/* lockfuncarg */
+	    &sc->hn_tx_rndis_dtag);
+	if (error) {
+		device_printf(sc->hn_dev, "failed to create rndis dmatag\n");
+		return error;
+	}
+
+	/* DMA tag for data. */
+	error = bus_dma_tag_create(parent_dtag, /* parent */
+	    1,				/* alignment */
+	    HN_TX_DATA_BOUNDARY,	/* boundary */
+	    BUS_SPACE_MAXADDR,		/* lowaddr */
+	    BUS_SPACE_MAXADDR,		/* highaddr */
+	    NULL, NULL,			/* filter, filterarg */
+	    HN_TX_DATA_MAXSIZE,		/* maxsize */
+	    HN_TX_DATA_SEGCNT_MAX,	/* nsegments */
+	    HN_TX_DATA_SEGSIZE,		/* maxsegsize */
+	    0,				/* flags */
+	    NULL,			/* lockfunc */
+	    NULL,			/* lockfuncarg */
+	    &sc->hn_tx_data_dtag);
+	if (error) {
+		device_printf(sc->hn_dev, "failed to create data dmatag\n");
+		return error;
+	}
+
+	for (i = 0; i < sc->hn_txdesc_cnt; ++i) {
+		struct hn_txdesc *txd = &sc->hn_txdesc[i];
+
+		txd->sc = sc;
+
+		/*
+		 * Allocate and load RNDIS messages.
+		 */
+        	error = bus_dmamem_alloc(sc->hn_tx_rndis_dtag,
+		    (void **)&txd->rndis_msg,
+		    BUS_DMA_WAITOK | BUS_DMA_COHERENT,
+		    &txd->rndis_msg_dmap);
+		if (error) {
+			device_printf(sc->hn_dev,
+			    "failed to allocate rndis_msg, %d\n", i);
+			return error;
+		}
+
+		error = bus_dmamap_load(sc->hn_tx_rndis_dtag,
+		    txd->rndis_msg_dmap,
+		    txd->rndis_msg, HN_RNDIS_MSG_LEN,
+		    hn_dma_map_paddr, &txd->rndis_msg_paddr,
+		    BUS_DMA_NOWAIT);
+		if (error) {
+			device_printf(sc->hn_dev,
+			    "failed to load rndis_msg, %d\n", i);
+			bus_dmamem_free(sc->hn_tx_rndis_dtag,
+			    txd->rndis_msg, txd->rndis_msg_dmap);
+			return error;
+		}
+
+		/* DMA map for TX data. */
+		error = bus_dmamap_create(sc->hn_tx_data_dtag, 0,
+		    &txd->data_dmap);
+		if (error) {
+			device_printf(sc->hn_dev,
+			    "failed to allocate tx data dmamap\n");
+			bus_dmamap_unload(sc->hn_tx_rndis_dtag,
+			    txd->rndis_msg_dmap);
+			bus_dmamem_free(sc->hn_tx_rndis_dtag,
+			    txd->rndis_msg, txd->rndis_msg_dmap);
+			return error;
+		}
+
+		/* All set, put it to list */
+		txd->flags |= HN_TXD_FLAG_ONLIST;
+		SLIST_INSERT_HEAD(&sc->hn_txlist, txd, link);
+	}
+	sc->hn_txdesc_avail = sc->hn_txdesc_cnt;
+
+	return 0;
+}
+
+static void
+hn_destroy_tx_ring(struct hn_softc *sc)
+{
+	struct hn_txdesc *txd;
+
+	while ((txd = SLIST_FIRST(&sc->hn_txlist)) != NULL) {
+		KASSERT(txd->m == NULL, ("still has mbuf installed"));
+		KASSERT((txd->flags & HN_TXD_FLAG_DMAMAP) == 0,
+		    ("still dma mapped"));
+		SLIST_REMOVE_HEAD(&sc->hn_txlist, link);
+
+		bus_dmamap_unload(sc->hn_tx_rndis_dtag,
+		    txd->rndis_msg_dmap);
+		bus_dmamem_free(sc->hn_tx_rndis_dtag,
+		    txd->rndis_msg, txd->rndis_msg_dmap);
+
+		bus_dmamap_destroy(sc->hn_tx_data_dtag, txd->data_dmap);
+	}
+
+	if (sc->hn_tx_data_dtag != NULL)
+		bus_dma_tag_destroy(sc->hn_tx_data_dtag);
+	if (sc->hn_tx_rndis_dtag != NULL)
+		bus_dma_tag_destroy(sc->hn_tx_rndis_dtag);
+	free(sc->hn_txdesc, M_NETVSC);
+	mtx_destroy(&sc->hn_txlist_spin);
+}
+
 static device_method_t netvsc_methods[] = {
         /* Device interface */
         DEVMETHOD(device_probe,         netvsc_probe),
diff --git a/sys/dev/hyperv/netvsc/hv_rndis.h b/sys/dev/hyperv/netvsc/hv_rndis.h
index fd032de..cd46ecc 100644
--- a/sys/dev/hyperv/netvsc/hv_rndis.h
+++ b/sys/dev/hyperv/netvsc/hv_rndis.h
@@ -1050,6 +1050,7 @@ int netvsc_recv(struct hv_device *device_ctx,
     netvsc_packet *packet, 
     rndis_tcp_ip_csum_info *csum_info);
 void netvsc_recv_rollup(struct hv_device *device_ctx);
+void netvsc_channel_rollup(struct hv_device *device_ctx);
 
 void* hv_set_rppi_data(rndis_msg *rndis_mesg,
     uint32_t rppi_size,
diff --git a/sys/dev/hyperv/netvsc/hv_rndis_filter.c b/sys/dev/hyperv/netvsc/hv_rndis_filter.c
index 3e95024..dfd0b47 100644
--- a/sys/dev/hyperv/netvsc/hv_rndis_filter.c
+++ b/sys/dev/hyperv/netvsc/hv_rndis_filter.c
@@ -974,3 +974,21 @@ hv_rf_receive_rollup(netvsc_dev *net_dev)
 	rndis_dev = (rndis_device *)net_dev->extension;
 	netvsc_recv_rollup(rndis_dev->net_dev->dev);
 }
+
+void
+hv_rf_channel_rollup(netvsc_dev *net_dev)
+{
+	rndis_device *rndis_dev;
+
+	rndis_dev = (rndis_device *)net_dev->extension;
+
+	/*
+	 * This could be called pretty early, so we need
+	 * to make sure everything has been setup.
+	 */
+	if (rndis_dev == NULL ||
+	    rndis_dev->net_dev == NULL ||
+	    rndis_dev->net_dev->dev == NULL)
+		return;
+	netvsc_channel_rollup(rndis_dev->net_dev->dev);
+}
diff --git a/sys/dev/hyperv/netvsc/hv_rndis_filter.h b/sys/dev/hyperv/netvsc/hv_rndis_filter.h
index 2f3ebd8..9d7a38d 100644
--- a/sys/dev/hyperv/netvsc/hv_rndis_filter.h
+++ b/sys/dev/hyperv/netvsc/hv_rndis_filter.h
@@ -99,6 +99,7 @@ typedef struct rndis_device_ {
 int hv_rf_on_receive(netvsc_dev *net_dev,
     struct hv_device *device, netvsc_packet *pkt);
 void hv_rf_receive_rollup(netvsc_dev *net_dev);
+void hv_rf_channel_rollup(netvsc_dev *net_dev);
 int hv_rf_on_device_add(struct hv_device *device, void *additl_info);
 int hv_rf_on_device_remove(struct hv_device *device, boolean_t destroy_channel);
 int hv_rf_on_open(struct hv_device *device);
diff --git a/sys/dev/hyperv/storvsc/hv_storvsc_drv_freebsd.c b/sys/dev/hyperv/storvsc/hv_storvsc_drv_freebsd.c
index 27a94ef..098c8c9 100644
--- a/sys/dev/hyperv/storvsc/hv_storvsc_drv_freebsd.c
+++ b/sys/dev/hyperv/storvsc/hv_storvsc_drv_freebsd.c
@@ -1923,6 +1923,66 @@ create_storvsc_request(union ccb *ccb, struct hv_storvsc_request *reqp)
 	return(0);
 }
 
+/*
+ * Modified based on scsi_print_inquiry which is responsible to
+ * print the detail information for scsi_inquiry_data.
+ *
+ * Return 1 if it is valid, 0 otherwise.
+ */
+static inline int
+is_inquiry_valid(const struct scsi_inquiry_data *inq_data)
+{
+	uint8_t type;
+	char vendor[16], product[48], revision[16];
+
+	/*
+	 * Check device type and qualifier
+	 */
+	if (!(SID_QUAL_IS_VENDOR_UNIQUE(inq_data) ||
+	    SID_QUAL(inq_data) == SID_QUAL_LU_CONNECTED))
+		return (0);
+
+	type = SID_TYPE(inq_data);
+	switch (type) {
+	case T_DIRECT:
+	case T_SEQUENTIAL:
+	case T_PRINTER:
+	case T_PROCESSOR:
+	case T_WORM:
+	case T_CDROM:
+	case T_SCANNER:
+	case T_OPTICAL:
+	case T_CHANGER:
+	case T_COMM:
+	case T_STORARRAY:
+	case T_ENCLOSURE:
+	case T_RBC:
+	case T_OCRW:
+	case T_OSD:
+	case T_ADC:
+		break;
+	case T_NODEVICE:
+	default:
+		return (0);
+	}
+
+	/*
+	 * Check vendor, product, and revision
+	 */
+	cam_strvis(vendor, inq_data->vendor, sizeof(inq_data->vendor),
+	    sizeof(vendor));
+	cam_strvis(product, inq_data->product, sizeof(inq_data->product),
+	    sizeof(product));
+	cam_strvis(revision, inq_data->revision, sizeof(inq_data->revision),
+	    sizeof(revision));
+	if (strlen(vendor) == 0  ||
+	    strlen(product) == 0 ||
+	    strlen(revision) == 0)
+		return (0);
+
+	return (1);
+}
+
 /**
  * @brief completion function before returning to CAM
  *
@@ -1993,11 +2053,33 @@ storvsc_io_done(struct hv_storvsc_request *reqp)
 	ccb->ccb_h.status &= ~CAM_SIM_QUEUED;
 	ccb->ccb_h.status &= ~CAM_STATUS_MASK;
 	if (vm_srb->scsi_status == SCSI_STATUS_OK) {
-		ccb->ccb_h.status |= CAM_REQ_CMP;
-	 } else {
+		const struct scsi_generic *cmd;
+
+		/*
+		 * Check whether the data for INQUIRY cmd is valid or
+		 * not.  Windows 10 and Windows 2016 send all zero
+		 * inquiry data to VM even for unpopulated slots.
+		 */
+		cmd = (const struct scsi_generic *)
+		    ((ccb->ccb_h.flags & CAM_CDB_POINTER) ?
+		     csio->cdb_io.cdb_ptr : csio->cdb_io.cdb_bytes);
+		if (cmd->opcode == INQUIRY &&
+		    is_inquiry_valid(
+		    (const struct scsi_inquiry_data *)csio->data_ptr) == 0) {
+			ccb->ccb_h.status |= CAM_DEV_NOT_THERE;
+			if (bootverbose) {
+				mtx_lock(&sc->hs_lock);
+				xpt_print(ccb->ccb_h.path,
+				    "storvsc uninstalled device\n");
+				mtx_unlock(&sc->hs_lock);
+			}
+		} else {
+			ccb->ccb_h.status |= CAM_REQ_CMP;
+		}
+	} else {
 		mtx_lock(&sc->hs_lock);
 		xpt_print(ccb->ccb_h.path,
-			"srovsc scsi_status = %d\n",
+			"storvsc scsi_status = %d\n",
 			vm_srb->scsi_status);
 		mtx_unlock(&sc->hs_lock);
 		ccb->ccb_h.status |= CAM_SCSI_STATUS_ERROR;
diff --git a/sys/dev/hyperv/vmbus/hv_channel.c b/sys/dev/hyperv/vmbus/hv_channel.c
index 94137fb..facddc2 100644
--- a/sys/dev/hyperv/vmbus/hv_channel.c
+++ b/sys/dev/hyperv/vmbus/hv_channel.c
@@ -665,11 +665,11 @@ hv_vmbus_channel_send_packet_pagebuffer(
 {
 
 	int					ret = 0;
-	int					i = 0;
 	boolean_t				need_sig;
 	uint32_t				packet_len;
+	uint32_t				page_buflen;
 	uint32_t				packetLen_aligned;
-	hv_vmbus_sg_buffer_list			buffer_list[3];
+	hv_vmbus_sg_buffer_list			buffer_list[4];
 	hv_vmbus_channel_packet_page_buffer	desc;
 	uint32_t				descSize;
 	uint64_t				alignedData = 0;
@@ -681,36 +681,33 @@ hv_vmbus_channel_send_packet_pagebuffer(
 	 * Adjust the size down since hv_vmbus_channel_packet_page_buffer
 	 *  is the largest size we support
 	 */
-	descSize = sizeof(hv_vmbus_channel_packet_page_buffer) -
-			((HV_MAX_PAGE_BUFFER_COUNT - page_count) *
-			sizeof(hv_vmbus_page_buffer));
-	packet_len = descSize + buffer_len;
+	descSize = __offsetof(hv_vmbus_channel_packet_page_buffer, range);
+	page_buflen = sizeof(hv_vmbus_page_buffer) * page_count;
+	packet_len = descSize + page_buflen + buffer_len;
 	packetLen_aligned = HV_ALIGN_UP(packet_len, sizeof(uint64_t));
 
 	/* Setup the descriptor */
 	desc.type = HV_VMBUS_PACKET_TYPE_DATA_USING_GPA_DIRECT;
 	desc.flags = HV_VMBUS_DATA_PACKET_FLAG_COMPLETION_REQUESTED;
-	desc.data_offset8 = descSize >> 3; /* in 8-bytes granularity */
+	/* in 8-bytes granularity */
+	desc.data_offset8 = (descSize + page_buflen) >> 3;
 	desc.length8 = (uint16_t) (packetLen_aligned >> 3);
 	desc.transaction_id = request_id;
 	desc.range_count = page_count;
 
-	for (i = 0; i < page_count; i++) {
-		desc.range[i].length = page_buffers[i].length;
-		desc.range[i].offset = page_buffers[i].offset;
-		desc.range[i].pfn = page_buffers[i].pfn;
-	}
-
 	buffer_list[0].data = &desc;
 	buffer_list[0].length = descSize;
 
-	buffer_list[1].data = buffer;
-	buffer_list[1].length = buffer_len;
+	buffer_list[1].data = page_buffers;
+	buffer_list[1].length = page_buflen;
 
-	buffer_list[2].data = &alignedData;
-	buffer_list[2].length = packetLen_aligned - packet_len;
+	buffer_list[2].data = buffer;
+	buffer_list[2].length = buffer_len;
 
-	ret = hv_ring_buffer_write(&channel->outbound, buffer_list, 3,
+	buffer_list[3].data = &alignedData;
+	buffer_list[3].length = packetLen_aligned - packet_len;
+
+	ret = hv_ring_buffer_write(&channel->outbound, buffer_list, 4,
 	    &need_sig);
 
 	/* TODO: We should determine if this is optional */
diff --git a/sys/dev/hyperv/vmbus/hv_channel_mgmt.c b/sys/dev/hyperv/vmbus/hv_channel_mgmt.c
index 1a4763c..93008aa 100644
--- a/sys/dev/hyperv/vmbus/hv_channel_mgmt.c
+++ b/sys/dev/hyperv/vmbus/hv_channel_mgmt.c
@@ -271,14 +271,16 @@ vmbus_channel_process_offer(hv_vmbus_channel *new_channel)
 	boolean_t		f_new;
 	hv_vmbus_channel*	channel;
 	int			ret;
+	uint32_t                relid;
 
 	f_new = TRUE;
 	channel = NULL;
-
+	relid = new_channel->offer_msg.child_rel_id;
 	/*
 	 * Make sure this is a new offer
 	 */
 	mtx_lock(&hv_vmbus_g_connection.channel_lock);
+	hv_vmbus_g_connection.channels[relid] = new_channel;
 
 	TAILQ_FOREACH(channel, &hv_vmbus_g_connection.channel_anchor,
 	    list_entry)
@@ -322,16 +324,18 @@ vmbus_channel_process_offer(hv_vmbus_channel *new_channel)
 			mtx_unlock(&channel->sc_lock);
 
 			/* Insert new channel into channel_anchor. */
-			printf("Storvsc get multi-channel offer, rel=%u.\n",
-			    new_channel->offer_msg.child_rel_id);	
+			printf("VMBUS get multi-channel offer, rel=%u,sub=%u\n",
+			    new_channel->offer_msg.child_rel_id,
+			    new_channel->offer_msg.offer.sub_channel_index);	
 			mtx_lock(&hv_vmbus_g_connection.channel_lock);
 			TAILQ_INSERT_TAIL(&hv_vmbus_g_connection.channel_anchor,
 			    new_channel, list_entry);				
 			mtx_unlock(&hv_vmbus_g_connection.channel_lock);
 
 			if(bootverbose)
-				printf("VMBUS: new multi-channel offer <%p>.\n",
-				    new_channel);
+				printf("VMBUS: new multi-channel offer <%p>, "
+				    "its primary channel is <%p>.\n",
+				    new_channel, new_channel->primary_channel);
 
 			/*XXX add it to percpu_list */
 
@@ -521,11 +525,14 @@ vmbus_channel_on_offer_rescind(hv_vmbus_channel_msg_header* hdr)
 
 	rescind = (hv_vmbus_channel_rescind_offer*) hdr;
 
-	channel = hv_vmbus_get_channel_from_rel_id(rescind->child_rel_id);
+	channel = hv_vmbus_g_connection.channels[rescind->child_rel_id];
 	if (channel == NULL) 
 	    return;
 
 	hv_vmbus_child_device_unregister(channel->device);
+	mtx_lock(&hv_vmbus_g_connection.channel_lock);
+	hv_vmbus_g_connection.channels[rescind->child_rel_id] = NULL;
+	mtx_unlock(&hv_vmbus_g_connection.channel_lock);
 }
 
 /**
@@ -779,6 +786,8 @@ hv_vmbus_release_unattached_channels(void)
 	    hv_vmbus_child_device_unregister(channel->device);
 	    hv_vmbus_free_vmbus_channel(channel);
 	}
+	bzero(hv_vmbus_g_connection.channels, 
+		sizeof(hv_vmbus_channel*) * HV_CHANNEL_MAX_COUNT);
 	mtx_unlock(&hv_vmbus_g_connection.channel_lock);
 }
 
diff --git a/sys/dev/hyperv/vmbus/hv_connection.c b/sys/dev/hyperv/vmbus/hv_connection.c
index 691d069..97071cc 100644
--- a/sys/dev/hyperv/vmbus/hv_connection.c
+++ b/sys/dev/hyperv/vmbus/hv_connection.c
@@ -229,6 +229,9 @@ hv_vmbus_connect(void) {
 	    goto cleanup;
 	}
 
+	hv_vmbus_g_connection.channels = malloc(sizeof(hv_vmbus_channel*) *
+		HV_CHANNEL_MAX_COUNT,
+		M_DEVBUF, M_WAITOK | M_ZERO);
 	/*
 	 * Find the highest vmbus version number we can support.
 	 */
@@ -292,6 +295,7 @@ hv_vmbus_connect(void) {
 		free(msg_info, M_DEVBUF);
 	}
 
+	free(hv_vmbus_g_connection.channels, M_DEVBUF);
 	return (ret);
 }
 
@@ -322,6 +326,7 @@ hv_vmbus_disconnect(void) {
 	hv_work_queue_close(hv_vmbus_g_connection.work_queue);
 	sema_destroy(&hv_vmbus_g_connection.control_sema);
 
+	free(hv_vmbus_g_connection.channels, M_DEVBUF);
 	hv_vmbus_g_connection.connect_state = HV_DISCONNECTED;
 
 	free(msg, M_DEVBUF);
@@ -330,35 +335,6 @@ hv_vmbus_disconnect(void) {
 }
 
 /**
- * Get the channel object given its child relative id (ie channel id)
- */
-hv_vmbus_channel*
-hv_vmbus_get_channel_from_rel_id(uint32_t rel_id) {
-
-	hv_vmbus_channel* channel;
-	hv_vmbus_channel* foundChannel = NULL;
-
-	/*
-	 * TODO:
-	 * Consider optimization where relids are stored in a fixed size array
-	 *  and channels are accessed without the need to take this lock or search
-	 *  the list.
-	 */
-	mtx_lock(&hv_vmbus_g_connection.channel_lock);
-	TAILQ_FOREACH(channel,
-		&hv_vmbus_g_connection.channel_anchor, list_entry) {
-
-	    if (channel->offer_msg.child_rel_id == rel_id) {
-		foundChannel = channel;
-		break;
-	    }
-	}
-	mtx_unlock(&hv_vmbus_g_connection.channel_lock);
-
-	return (foundChannel);
-}
-
-/**
  * Process a channel event notification
  */
 static void
@@ -374,7 +350,7 @@ VmbusProcessChannelEvent(uint32_t relid)
 	 * the channel callback to process the event
 	 */
 
-	channel = hv_vmbus_get_channel_from_rel_id(relid);
+	channel = hv_vmbus_g_connection.channels[relid];
 
 	if (channel == NULL) {
 		return;
@@ -470,7 +446,7 @@ hv_vmbus_on_events(void *arg)
 	if (recv_interrupt_page != NULL) {
 	    for (dword = 0; dword < maxdword; dword++) {
 		if (recv_interrupt_page[dword]) {
-		    for (bit = 0; bit < 32; bit++) {
+		    for (bit = 0; bit < HV_CHANNEL_DWORD_LEN; bit++) {
 			if (synch_test_and_clear_bit(bit,
 			    (uint32_t *) &recv_interrupt_page[dword])) {
 			    rel_id = (dword << 5) + bit;
diff --git a/sys/dev/hyperv/vmbus/hv_vmbus_priv.h b/sys/dev/hyperv/vmbus/hv_vmbus_priv.h
index 74fe824..13a35c4 100644
--- a/sys/dev/hyperv/vmbus/hv_vmbus_priv.h
+++ b/sys/dev/hyperv/vmbus/hv_vmbus_priv.h
@@ -58,6 +58,12 @@ typedef uint16_t hv_vmbus_status;
 #define HV_EVENT_FLAGS_BYTE_COUNT   (256)
 #define HV_EVENT_FLAGS_DWORD_COUNT  (256 / sizeof(uint32_t))
 
+/**
+ * max channel count <== event_flags_dword_count * bit_of_dword
+ */
+#define HV_CHANNEL_DWORD_LEN        (32)
+#define HV_CHANNEL_MAX_COUNT        \
+	((HV_EVENT_FLAGS_DWORD_COUNT) * HV_CHANNEL_DWORD_LEN)
 /*
  * MessageId: HV_STATUS_INSUFFICIENT_BUFFERS
  * MessageText:
@@ -355,6 +361,10 @@ typedef struct {
 	TAILQ_HEAD(, hv_vmbus_channel)		channel_anchor;
 	struct mtx				channel_lock;
 
+	/**
+	 * channel table for fast lookup through id.
+	 */
+	hv_vmbus_channel                        **channels;
 	hv_vmbus_handle				work_queue;
 	struct sema				control_sema;
 } hv_vmbus_connection;
@@ -699,7 +709,6 @@ int			hv_vmbus_child_device_register(
 					struct hv_device *child_dev);
 int			hv_vmbus_child_device_unregister(
 					struct hv_device *child_dev);
-hv_vmbus_channel*	hv_vmbus_get_channel_from_rel_id(uint32_t rel_id);
 
 /**
  * Connection interfaces
diff --git a/sys/dev/ixgbe/if_ix.c b/sys/dev/ixgbe/if_ix.c
index 67cc4ba..8d96c9a 100644
--- a/sys/dev/ixgbe/if_ix.c
+++ b/sys/dev/ixgbe/if_ix.c
@@ -1948,10 +1948,16 @@ ixgbe_media_change(struct ifnet * ifp)
 
 	hw->mac.autotry_restart = TRUE;
 	hw->mac.ops.setup_link(hw, speed, TRUE);
-	adapter->advertise =
-		((speed & IXGBE_LINK_SPEED_10GB_FULL) << 2) |
-		((speed & IXGBE_LINK_SPEED_1GB_FULL) << 1) |
-		((speed & IXGBE_LINK_SPEED_100_FULL) << 0);
+	if (IFM_SUBTYPE(ifm->ifm_media) == IFM_AUTO) {
+		adapter->advertise = 0;
+	} else {
+		if ((speed & IXGBE_LINK_SPEED_10GB_FULL) != 0)
+			adapter->advertise |= 1 << 2;
+		if ((speed & IXGBE_LINK_SPEED_1GB_FULL) != 0)
+			adapter->advertise |= 1 << 1;
+		if ((speed & IXGBE_LINK_SPEED_100_FULL) != 0)
+			adapter->advertise |= 1 << 0;
+	}
 
 	return (0);
 
diff --git a/sys/dev/ofw/ofw_fdt.c b/sys/dev/ofw/ofw_fdt.c
index 6cabc3c..fc41d5b 100644
--- a/sys/dev/ofw/ofw_fdt.c
+++ b/sys/dev/ofw/ofw_fdt.c
@@ -394,6 +394,7 @@ ofw_fdt_package_to_path(ofw_t ofw, phandle_t package, char *buf, size_t len)
 	return (-1);
 }
 
+#if defined(__arm__) || defined(__powerpc__)
 static int
 ofw_fdt_fixup(ofw_t ofw)
 {
@@ -427,10 +428,12 @@ ofw_fdt_fixup(ofw_t ofw)
 
 	return (0);
 }
+#endif
 
 static int
 ofw_fdt_interpret(ofw_t ofw, const char *cmd, int nret, cell_t *retvals)
 {
+#if defined(__arm__) || defined(__powerpc__)
 	int rv;
 
 	/*
@@ -449,4 +452,7 @@ ofw_fdt_interpret(ofw_t ofw, const char *cmd, int nret, cell_t *retvals)
 		retvals[0] = rv;
 
 	return (rv);
+#else
+	return (0);
+#endif
 }
diff --git a/sys/dev/ofw/openfirm.c b/sys/dev/ofw/openfirm.c
index b04dbc6..762e859 100644
--- a/sys/dev/ofw/openfirm.c
+++ b/sys/dev/ofw/openfirm.c
@@ -599,10 +599,9 @@ OF_xref_from_node(phandle_t node)
 		return (xi->xref);
 	}
 
-	if (OF_getencprop(node, "phandle", &xref, sizeof(xref)) ==
-	    -1 && OF_getencprop(node, "ibm,phandle", &xref,
-	    sizeof(xref)) == -1 && OF_getencprop(node,
-	    "linux,phandle", &xref, sizeof(xref)) == -1)
+	if (OF_getencprop(node, "phandle", &xref, sizeof(xref)) == -1 &&
+	    OF_getencprop(node, "ibm,phandle", &xref, sizeof(xref)) == -1 &&
+	    OF_getencprop(node, "linux,phandle", &xref, sizeof(xref)) == -1)
 		return (node);
 	return (xref);
 }
diff --git a/sys/dev/pty/pty.c b/sys/dev/pty/pty.c
index 666ee87..e38ed69 100644
--- a/sys/dev/pty/pty.c
+++ b/sys/dev/pty/pty.c
@@ -126,10 +126,8 @@ pty_clone(void *arg, struct ucred *cr, char *name, int namelen,
 	mda.mda_gid = GID_WHEEL;
 	mda.mda_mode = 0666;
 	error = make_dev_s(&mda, dev, "%s", name);
-	if (error != 0) {
-		printf("pty_clone: failed to create %s: %d\n", name, error);
+	if (error != 0)
 		*dev = NULL;
-	}
 }
 
 static int
diff --git a/sys/dev/sound/pci/hdspe.h b/sys/dev/sound/pci/hdspe.h
index c7be775..c2654c8 100644
--- a/sys/dev/sound/pci/hdspe.h
+++ b/sys/dev/sound/pci/hdspe.h
@@ -1,5 +1,5 @@
 /*-
- * Copyright (c) 2012 Ruslan Bukin <br@bsdpad.com>
+ * Copyright (c) 2012-2016 Ruslan Bukin <br@bsdpad.com>
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -26,71 +26,97 @@
  * $FreeBSD$
  */
 
-#define PCI_VENDOR_XILINX		0x10ee
-#define PCI_DEVICE_XILINX_HDSPE		0x3fc6 /* AIO, MADI, AES, RayDAT */
-#define PCI_CLASS_REVISION		0x08
-#define PCI_REVISION_AIO		212
-#define PCI_REVISION_RAYDAT		211
+#define	PCI_VENDOR_XILINX		0x10ee
+#define	PCI_DEVICE_XILINX_HDSPE		0x3fc6 /* AIO, MADI, AES, RayDAT */
+#define	PCI_CLASS_REVISION		0x08
+#define	PCI_REVISION_AIO		212
+#define	PCI_REVISION_RAYDAT		211
 
-#define AIO				0
-#define RAYDAT				1
+#define	AIO				0
+#define	RAYDAT				1
 
 /* Hardware mixer */
-#define HDSPE_OUT_ENABLE_BASE		512
-#define HDSPE_IN_ENABLE_BASE		768
-#define HDSPE_MIXER_BASE		32768
-#define HDSPE_MAX_GAIN			32768
+#define	HDSPE_OUT_ENABLE_BASE		512
+#define	HDSPE_IN_ENABLE_BASE		768
+#define	HDSPE_MIXER_BASE		32768
+#define	HDSPE_MAX_GAIN			32768
 
 /* Buffer */
-#define HDSPE_PAGE_ADDR_BUF_OUT		8192
-#define HDSPE_PAGE_ADDR_BUF_IN		(HDSPE_PAGE_ADDR_BUF_OUT + 64 * 16 * 4)
-#define HDSPE_BUF_POSITION_MASK		0x000FFC0
+#define	HDSPE_PAGE_ADDR_BUF_OUT		8192
+#define	HDSPE_PAGE_ADDR_BUF_IN		(HDSPE_PAGE_ADDR_BUF_OUT + 64 * 16 * 4)
+#define	HDSPE_BUF_POSITION_MASK		0x000FFC0
 
 /* Frequency */
-#define HDSPE_FREQ_0			(1<<6)
-#define HDSPE_FREQ_1			(1<<7)
-#define HDSPE_FREQ_DOUBLE		(1<<8)
-#define HDSPE_FREQ_QUAD			(1<<31)
-
-#define HDSPE_FREQ_32000		HDSPE_FREQ_0
-#define HDSPE_FREQ_44100		HDSPE_FREQ_1
-#define HDSPE_FREQ_48000		(HDSPE_FREQ_0 | HDSPE_FREQ_1)
-#define HDSPE_FREQ_MASK			(HDSPE_FREQ_0 | HDSPE_FREQ_1 |	\
+#define	HDSPE_FREQ_0			(1 << 6)
+#define	HDSPE_FREQ_1			(1 << 7)
+#define	HDSPE_FREQ_DOUBLE		(1 << 8)
+#define	HDSPE_FREQ_QUAD			(1 << 31)
+
+#define	HDSPE_FREQ_32000		HDSPE_FREQ_0
+#define	HDSPE_FREQ_44100		HDSPE_FREQ_1
+#define	HDSPE_FREQ_48000		(HDSPE_FREQ_0 | HDSPE_FREQ_1)
+#define	HDSPE_FREQ_MASK			(HDSPE_FREQ_0 | HDSPE_FREQ_1 |	\
 					HDSPE_FREQ_DOUBLE | HDSPE_FREQ_QUAD)
-#define HDSPE_FREQ_MASK_DEFAULT		HDSPE_FREQ_48000
-#define HDSPE_FREQ_REG			256
-#define HDSPE_FREQ_AIO			104857600000000ULL
+#define	HDSPE_FREQ_MASK_DEFAULT		HDSPE_FREQ_48000
+#define	HDSPE_FREQ_REG			256
+#define	HDSPE_FREQ_AIO			104857600000000ULL
 
-#define HDSPE_SPEED_DEFAULT		48000
+#define	HDSPE_SPEED_DEFAULT		48000
 
 /* Latency */
-#define HDSPE_LAT_0			(1<<1)
-#define HDSPE_LAT_1			(1<<2)
-#define HDSPE_LAT_2			(1<<3)
-#define HDSPE_LAT_MASK			(HDSPE_LAT_0 | HDSPE_LAT_1 | HDSPE_LAT_2)
-#define HDSPE_LAT_BYTES_MAX		(4096 * 4)
-#define HDSPE_LAT_BYTES_MIN		(32 * 4)
-#define hdspe_encode_latency(x)		(((x)<<1) & HDSPE_LAT_MASK)
+#define	HDSPE_LAT_0			(1 << 1)
+#define	HDSPE_LAT_1			(1 << 2)
+#define	HDSPE_LAT_2			(1 << 3)
+#define	HDSPE_LAT_MASK			(HDSPE_LAT_0 | HDSPE_LAT_1 | HDSPE_LAT_2)
+#define	HDSPE_LAT_BYTES_MAX		(4096 * 4)
+#define	HDSPE_LAT_BYTES_MIN		(32 * 4)
+#define	hdspe_encode_latency(x)		(((x)<<1) & HDSPE_LAT_MASK)
+
+/* Gain */
+#define	HDSP_ADGain0			(1 << 25)
+#define	HDSP_ADGain1			(1 << 26)
+#define	HDSP_DAGain0			(1 << 27)
+#define	HDSP_DAGain1			(1 << 28)
+#define	HDSP_PhoneGain0			(1 << 29)
+#define	HDSP_PhoneGain1			(1 << 30)
+
+#define	HDSP_ADGainMask			(HDSP_ADGain0 | HDSP_ADGain1)
+#define	HDSP_ADGainMinus10dBV		(HDSP_ADGainMask)
+#define	HDSP_ADGainPlus4dBu		(HDSP_ADGain0)
+#define	HDSP_ADGainLowGain		0
+
+#define	HDSP_DAGainMask			(HDSP_DAGain0 | HDSP_DAGain1)
+#define	HDSP_DAGainHighGain		(HDSP_DAGainMask)
+#define	HDSP_DAGainPlus4dBu		(HDSP_DAGain0)
+#define	HDSP_DAGainMinus10dBV		0
+
+#define	HDSP_PhoneGainMask		(HDSP_PhoneGain0|HDSP_PhoneGain1)
+#define	HDSP_PhoneGain0dB		HDSP_PhoneGainMask
+#define	HDSP_PhoneGainMinus6dB		(HDSP_PhoneGain0)
+#define	HDSP_PhoneGainMinus12dB		0
+
+#define	HDSPM_statusRegister		0
+#define	HDSPM_statusRegister2		192
 
 /* Settings */
-#define HDSPE_SETTINGS_REG		0
-#define HDSPE_CONTROL_REG		64
-#define HDSPE_STATUS_REG		0
-#define HDSPE_ENABLE			(1<<0)
-#define HDSPM_CLOCK_MODE_MASTER		(1<<4)
+#define	HDSPE_SETTINGS_REG		0
+#define	HDSPE_CONTROL_REG		64
+#define	HDSPE_STATUS_REG		0
+#define	HDSPE_ENABLE			(1 << 0)
+#define	HDSPM_CLOCK_MODE_MASTER		(1 << 4)
 
 /* Interrupts */
-#define HDSPE_AUDIO_IRQ_PENDING		(1<<0)
-#define HDSPE_AUDIO_INT_ENABLE		(1<<5)
-#define HDSPE_INTERRUPT_ACK		96
+#define	HDSPE_AUDIO_IRQ_PENDING		(1 << 0)
+#define	HDSPE_AUDIO_INT_ENABLE		(1 << 5)
+#define	HDSPE_INTERRUPT_ACK		96
 
 /* Channels */
-#define HDSPE_MAX_SLOTS			64 /* Mono channels */
-#define HDSPE_MAX_CHANS			(HDSPE_MAX_SLOTS / 2) /* Stereo pairs */
+#define	HDSPE_MAX_SLOTS			64 /* Mono channels */
+#define	HDSPE_MAX_CHANS			(HDSPE_MAX_SLOTS / 2) /* Stereo pairs */
 
-#define HDSPE_CHANBUF_SAMPLES		(16 * 1024)
-#define HDSPE_CHANBUF_SIZE		(4 * HDSPE_CHANBUF_SAMPLES)
-#define HDSPE_DMASEGSIZE		(HDSPE_CHANBUF_SIZE * HDSPE_MAX_SLOTS)
+#define	HDSPE_CHANBUF_SAMPLES		(16 * 1024)
+#define	HDSPE_CHANBUF_SIZE		(4 * HDSPE_CHANBUF_SAMPLES)
+#define	HDSPE_DMASEGSIZE		(HDSPE_CHANBUF_SIZE * HDSPE_MAX_SLOTS)
 
 struct hdspe_channel {
 	uint32_t	left;
@@ -164,16 +190,16 @@ struct sc_info {
 	uint32_t		speed;
 };
 
-#define hdspe_read_1(sc, regno)						\
+#define	hdspe_read_1(sc, regno)						\
 	bus_space_read_1((sc)->cst, (sc)->csh, (regno))
-#define hdspe_read_2(sc, regno)						\
+#define	hdspe_read_2(sc, regno)						\
 	bus_space_read_2((sc)->cst, (sc)->csh, (regno))
-#define hdspe_read_4(sc, regno)						\
+#define	hdspe_read_4(sc, regno)						\
 	bus_space_read_4((sc)->cst, (sc)->csh, (regno))
 
-#define hdspe_write_1(sc, regno, data)					\
+#define	hdspe_write_1(sc, regno, data)					\
 	bus_space_write_1((sc)->cst, (sc)->csh, (regno), (data))
-#define hdspe_write_2(sc, regno, data)					\
+#define	hdspe_write_2(sc, regno, data)					\
 	bus_space_write_2((sc)->cst, (sc)->csh, (regno), (data))
-#define hdspe_write_4(sc, regno, data)					\
+#define	hdspe_write_4(sc, regno, data)					\
 	bus_space_write_4((sc)->cst, (sc)->csh, (regno), (data))
diff --git a/sys/dev/usb/wlan/if_urtwn.c b/sys/dev/usb/wlan/if_urtwn.c
index 7466d1a..a6a8f50 100644
--- a/sys/dev/usb/wlan/if_urtwn.c
+++ b/sys/dev/usb/wlan/if_urtwn.c
@@ -75,18 +75,35 @@ __FBSDID("$FreeBSD$");
 #include <dev/usb/usb_device.h>
 #include "usbdevs.h"
 
-#define USB_DEBUG_VAR urtwn_debug
 #include <dev/usb/usb_debug.h>
 
 #include <dev/usb/wlan/if_urtwnreg.h>
 #include <dev/usb/wlan/if_urtwnvar.h>
 
 #ifdef USB_DEBUG
-static int urtwn_debug = 0;
+enum {
+	URTWN_DEBUG_XMIT	= 0x00000001,	/* basic xmit operation */
+	URTWN_DEBUG_RECV	= 0x00000002,	/* basic recv operation */
+	URTWN_DEBUG_STATE	= 0x00000004,	/* 802.11 state transitions */
+	URTWN_DEBUG_RA		= 0x00000008,	/* f/w rate adaptation setup */
+	URTWN_DEBUG_USB		= 0x00000010,	/* usb requests */
+	URTWN_DEBUG_FIRMWARE	= 0x00000020,	/* firmware(9) loading debug */
+	URTWN_DEBUG_BEACON	= 0x00000040,	/* beacon handling */
+	URTWN_DEBUG_INTR	= 0x00000080,	/* ISR */
+	URTWN_DEBUG_TEMP	= 0x00000100,	/* temperature calibration */
+	URTWN_DEBUG_ROM		= 0x00000200,	/* various ROM info */
+	URTWN_DEBUG_KEY		= 0x00000400,	/* crypto keys management */
+	URTWN_DEBUG_TXPWR	= 0x00000800,	/* dump Tx power values */
+	URTWN_DEBUG_ANY		= 0xffffffff
+};
+
+#define URTWN_DPRINTF(_sc, _m, ...) do {			\
+	if ((_sc)->sc_debug & (_m))				\
+		device_printf((_sc)->sc_dev, __VA_ARGS__);	\
+} while(0)
 
-SYSCTL_NODE(_hw_usb, OID_AUTO, urtwn, CTLFLAG_RW, 0, "USB urtwn");
-SYSCTL_INT(_hw_usb_urtwn, OID_AUTO, debug, CTLFLAG_RWTUN, &urtwn_debug, 0,
-    "Debug level");
+#else
+#define URTWN_DPRINTF(_sc, _m, ...)	do { (void) sc; } while (0)
 #endif
 
 #define	IEEE80211_HAS_ADDR4(wh)	IEEE80211_IS_DSTODS(wh)
@@ -174,7 +191,8 @@ static device_detach_t	urtwn_detach;
 static usb_callback_t   urtwn_bulk_tx_callback;
 static usb_callback_t	urtwn_bulk_rx_callback;
 
-static void		urtwn_drain_mbufq(struct urtwn_softc *sc);
+static void		urtwn_sysctlattach(struct urtwn_softc *);
+static void		urtwn_drain_mbufq(struct urtwn_softc *);
 static usb_error_t	urtwn_do_request(struct urtwn_softc *,
 			    struct usb_device_request *, void *);
 static struct ieee80211vap *urtwn_vap_create(struct ieee80211com *,
@@ -228,7 +246,7 @@ static int		urtwn_llt_write(struct urtwn_softc *, uint32_t,
 static int		urtwn_efuse_read_next(struct urtwn_softc *, uint8_t *);
 static int		urtwn_efuse_read_data(struct urtwn_softc *, uint8_t *,
 			    uint8_t, uint8_t);
-#ifdef URTWN_DEBUG
+#ifdef USB_DEBUG
 static void		urtwn_dump_rom_contents(struct urtwn_softc *,
 			    uint8_t *, uint16_t);
 #endif
@@ -268,6 +286,9 @@ static void		urtwn_ibss_recv_mgmt(struct ieee80211_node *,
 			    const struct ieee80211_rx_stats *, int, int);
 static int		urtwn_newstate(struct ieee80211vap *,
 			    enum ieee80211_state, int);
+static void		urtwn_calib_to(void *);
+static void		urtwn_calib_cb(struct urtwn_softc *,
+			    union sec_param *);
 static void		urtwn_watchdog(void *);
 static void		urtwn_update_avgrssi(struct urtwn_softc *, int, int8_t);
 static int8_t		urtwn_get_rssi(struct urtwn_softc *, int, void *);
@@ -319,6 +340,10 @@ static void		urtwn_scan_start(struct ieee80211com *);
 static void		urtwn_scan_end(struct ieee80211com *);
 static void		urtwn_set_channel(struct ieee80211com *);
 static int		urtwn_wme_update(struct ieee80211com *);
+static void		urtwn_update_slot(struct ieee80211com *);
+static void		urtwn_update_slot_cb(struct urtwn_softc *,
+			    union sec_param *);
+static void		urtwn_update_aifs(struct urtwn_softc *, uint8_t);
 static void		urtwn_set_promisc(struct urtwn_softc *);
 static void		urtwn_update_promisc(struct ieee80211com *);
 static void		urtwn_update_mcast(struct ieee80211com *);
@@ -331,6 +356,7 @@ static void		urtwn_set_chan(struct urtwn_softc *,
 			    struct ieee80211_channel *);
 static void		urtwn_iq_calib(struct urtwn_softc *);
 static void		urtwn_lc_calib(struct urtwn_softc *);
+static void		urtwn_temp_calib(struct urtwn_softc *);
 static int		urtwn_init(struct urtwn_softc *);
 static void		urtwn_stop(struct urtwn_softc *);
 static void		urtwn_abort_xfers(struct urtwn_softc *);
@@ -448,10 +474,18 @@ urtwn_attach(device_t self)
 	if (USB_GET_DRIVER_INFO(uaa) == URTWN_RTL8188E)
 		sc->chip |= URTWN_CHIP_88E;
 
+#ifdef USB_DEBUG
+	int debug;
+	if (resource_int_value(device_get_name(sc->sc_dev),
+	    device_get_unit(sc->sc_dev), "debug", &debug) == 0)
+		sc->sc_debug = debug;
+#endif
+
 	mtx_init(&sc->sc_mtx, device_get_nameunit(self),
 	    MTX_NETWORK_LOCK, MTX_DEF);
 	URTWN_CMDQ_LOCK_INIT(sc);
 	URTWN_NT_LOCK_INIT(sc);
+	callout_init(&sc->sc_calib_to, 0);
 	callout_init(&sc->sc_watchdog_ch, 0);
 	mbufq_init(&sc->sc_snd, ifqmaxlen);
 
@@ -540,6 +574,7 @@ urtwn_attach(device_t self)
 	ic->ic_vap_create = urtwn_vap_create;
 	ic->ic_vap_delete = urtwn_vap_delete;
 	ic->ic_wme.wme_update = urtwn_wme_update;
+	ic->ic_updateslot = urtwn_update_slot;
 	ic->ic_update_promisc = urtwn_update_promisc;
 	ic->ic_update_mcast = urtwn_update_mcast;
 	if (sc->chip & URTWN_CHIP_88E) {
@@ -556,6 +591,8 @@ urtwn_attach(device_t self)
 
 	TASK_INIT(&sc->cmdq_task, 0, urtwn_cmdq_cb, sc);
 
+	urtwn_sysctlattach(sc);
+
 	if (bootverbose)
 		ieee80211_announce(ic);
 
@@ -566,6 +603,19 @@ detach:
 	return (ENXIO);			/* failure */
 }
 
+static void
+urtwn_sysctlattach(struct urtwn_softc *sc)
+{
+#ifdef USB_DEBUG
+	struct sysctl_ctx_list *ctx = device_get_sysctl_ctx(sc->sc_dev);
+	struct sysctl_oid *tree = device_get_sysctl_tree(sc->sc_dev);
+
+	SYSCTL_ADD_U32(ctx, SYSCTL_CHILDREN(tree), OID_AUTO,
+	    "debug", CTLFLAG_RW, &sc->sc_debug, sc->sc_debug,
+	    "control debugging printfs");
+#endif
+}
+
 static int
 urtwn_detach(device_t self)
 {
@@ -581,6 +631,7 @@ urtwn_detach(device_t self)
 	urtwn_stop(sc);
 
 	callout_drain(&sc->sc_watchdog_ch);
+	callout_drain(&sc->sc_calib_to);
 
 	/* stop all USB transfers */
 	usbd_transfer_unsetup(sc->sc_xfer, URTWN_N_TRANSFER);
@@ -646,8 +697,9 @@ urtwn_do_request(struct urtwn_softc *sc, struct usb_device_request *req,
 		if (err == 0)
 			break;
 
-		DPRINTFN(1, "Control request failed, %s (retrying)\n",
-		    usbd_errstr(err));
+		URTWN_DPRINTF(sc, URTWN_DEBUG_USB,
+		    "%s: control request failed, %s (retries left: %d)\n",
+		    __func__, usbd_errstr(err), ntries);
 		usb_pause_mtx(&sc->sc_mtx, hz / 100);
 	}
 	return (err);
@@ -741,14 +793,16 @@ urtwn_rx_copy_to_mbuf(struct urtwn_softc *sc, struct r92c_rx_stat *stat,
 		 * This should not happen since we setup our Rx filter
 		 * to not receive these frames.
 		 */
-		DPRINTFN(6, "RX flags error (%s)\n",
+		URTWN_DPRINTF(sc, URTWN_DEBUG_RECV,
+		    "%s: RX flags error (%s)\n", __func__,
 		    rxdw0 & R92C_RXDW0_CRCERR ? "CRC" : "ICV");
 		goto fail;
 	}
 
 	pktlen = MS(rxdw0, R92C_RXDW0_PKTLEN);
 	if (pktlen < sizeof(struct ieee80211_frame_ack)) {
-		DPRINTFN(6, "frame too short: %d\n", pktlen);
+		URTWN_DPRINTF(sc, URTWN_DEBUG_RECV,
+		    "%s: frame is too short: %d\n", __func__, pktlen);
 		goto fail;
 	}
 
@@ -805,7 +859,9 @@ urtwn_report_intr(struct usb_xfer *xfer, struct urtwn_data *data)
 			urtwn_r88e_ratectl_tx_complete(sc, &stat[1]);
 			break;
 		default:
-			DPRINTFN(7, "case %d was not handled\n", report_sel);
+			URTWN_DPRINTF(sc, URTWN_DEBUG_INTR,
+			    "%s: case %d was not handled\n", __func__,
+			    report_sel);
 			break;
 		}
 	} else
@@ -825,7 +881,8 @@ urtwn_rxeof(struct urtwn_softc *sc, uint8_t *buf, int len)
 	/* Get the number of encapsulated frames. */
 	stat = (struct r92c_rx_stat *)buf;
 	npkts = MS(le32toh(stat->rxdw2), R92C_RXDW2_PKTCNT);
-	DPRINTFN(6, "Rx %d frames in one chunk\n", npkts);
+	URTWN_DPRINTF(sc, URTWN_DEBUG_RECV,
+	    "%s: Rx %d frames in one chunk\n", __func__, npkts);
 
 	/* Process all of them. */
 	while (npkts-- > 0) {
@@ -880,6 +937,10 @@ urtwn_r88e_ratectl_tx_complete(struct urtwn_softc *sc, void *arg)
 	ni = sc->node_list[macid];
 	if (ni != NULL) {
 		vap = ni->ni_vap;
+		URTWN_DPRINTF(sc, URTWN_DEBUG_INTR, "%s: frame for macid %d was"
+		    "%s sent (%d retries)\n", __func__, macid,
+		    (rpt->rptb1 & R88E_RPTB1_PKT_OK) ? "" : " not",
+		    ntries);
 
 		if (rpt->rptb1 & R88E_RPTB1_PKT_OK) {
 			ieee80211_ratectl_tx_complete(vap, ni,
@@ -888,8 +949,10 @@ urtwn_r88e_ratectl_tx_complete(struct urtwn_softc *sc, void *arg)
 			ieee80211_ratectl_tx_complete(vap, ni,
 			    IEEE80211_RATECTL_TX_FAILURE, &ntries, NULL);
 		}
-	} else
-		DPRINTFN(8, "macid %d, ni is NULL\n", macid);
+	} else {
+		URTWN_DPRINTF(sc, URTWN_DEBUG_INTR, "%s: macid %d, ni is NULL\n",
+		    __func__, macid);
+	}
 	URTWN_NT_UNLOCK(sc);
 }
 
@@ -1172,7 +1235,8 @@ urtwn_bulk_tx_callback(struct usb_xfer *xfer, usb_error_t error)
 tr_setup:
 		data = STAILQ_FIRST(&sc->sc_tx_pending);
 		if (data == NULL) {
-			DPRINTF("%s: empty pending queue\n", __func__);
+			URTWN_DPRINTF(sc, URTWN_DEBUG_XMIT,
+			    "%s: empty pending queue\n", __func__);
 			goto finish;
 		}
 		STAILQ_REMOVE_HEAD(&sc->sc_tx_pending, next);
@@ -1205,8 +1269,10 @@ _urtwn_getbuf(struct urtwn_softc *sc)
 	bf = STAILQ_FIRST(&sc->sc_tx_inactive);
 	if (bf != NULL)
 		STAILQ_REMOVE_HEAD(&sc->sc_tx_inactive, next);
-	else
-		DPRINTF("%s: %s\n", __func__, "out of xmit buffers");
+	else {
+		URTWN_DPRINTF(sc, URTWN_DEBUG_XMIT,
+		    "%s: out of xmit buffers\n", __func__);
+	}
 	return (bf);
 }
 
@@ -1218,8 +1284,10 @@ urtwn_getbuf(struct urtwn_softc *sc)
 	URTWN_ASSERT_LOCKED(sc);
 
 	bf = _urtwn_getbuf(sc);
-	if (bf == NULL)
-		DPRINTF("%s: stop queue\n", __func__);
+	if (bf == NULL) {
+		URTWN_DPRINTF(sc, URTWN_DEBUG_XMIT, "%s: stop queue\n",
+		    __func__);
+	}
 	return (bf);
 }
 
@@ -1524,20 +1592,22 @@ urtwn_efuse_read_data(struct urtwn_softc *sc, uint8_t *rom, uint8_t off,
 		error = urtwn_efuse_read_next(sc, &reg);
 		if (error != 0)
 			return (error);
-		DPRINTF("rom[0x%03X] == 0x%02X\n", off * 8 + i * 2, reg);
+		URTWN_DPRINTF(sc, URTWN_DEBUG_ROM, "rom[0x%03X] == 0x%02X\n",
+		    off * 8 + i * 2, reg);
 		rom[off * 8 + i * 2 + 0] = reg;
 
 		error = urtwn_efuse_read_next(sc, &reg);
 		if (error != 0)
 			return (error);
-		DPRINTF("rom[0x%03X] == 0x%02X\n", off * 8 + i * 2 + 1, reg);
+		URTWN_DPRINTF(sc, URTWN_DEBUG_ROM, "rom[0x%03X] == 0x%02X\n",
+		    off * 8 + i * 2 + 1, reg);
 		rom[off * 8 + i * 2 + 1] = reg;
 	}
 
 	return (0);
 }
 
-#ifdef URTWN_DEBUG
+#ifdef USB_DEBUG
 static void
 urtwn_dump_rom_contents(struct urtwn_softc *sc, uint8_t *rom, uint16_t size)
 {
@@ -1594,8 +1664,8 @@ urtwn_efuse_read(struct urtwn_softc *sc, uint8_t *rom, uint16_t size)
 
 end:
 
-#ifdef URTWN_DEBUG
-	if (urtwn_debug >= 2)
+#ifdef USB_DEBUG
+	if (sc->sc_debug & URTWN_DEBUG_ROM)
 		urtwn_dump_rom_contents(sc, rom, size);
 #endif
 
@@ -1690,12 +1760,14 @@ urtwn_read_rom(struct urtwn_softc *sc)
 	error = urtwn_efuse_read_next(sc, &sc->pa_setting);
 	if (error != 0)
 		return (error);
-	DPRINTF("PA setting=0x%x\n", sc->pa_setting);
+	URTWN_DPRINTF(sc, URTWN_DEBUG_ROM, "%s: PA setting=0x%x\n", __func__,
+	    sc->pa_setting);
 
 	sc->board_type = MS(rom->rf_opt1, R92C_ROM_RF1_BOARD_TYPE);
 
 	sc->regulatory = MS(rom->rf_opt1, R92C_ROM_RF1_REGULATORY);
-	DPRINTF("regulatory type=%d\n", sc->regulatory);
+	URTWN_DPRINTF(sc, URTWN_DEBUG_ROM, "%s: regulatory type=%d\n",
+	    __func__, sc->regulatory);
 	IEEE80211_ADDR_COPY(sc->sc_ic.ic_macaddr, rom->macaddr);
 
 	sc->sc_rf_write = urtwn_r92c_rf_write;
@@ -1721,7 +1793,8 @@ urtwn_r88e_read_rom(struct urtwn_softc *sc)
 	if (sc->ofdm_tx_pwr_diff & 0x08)
 		sc->ofdm_tx_pwr_diff |= 0xf0;
 	sc->regulatory = MS(rom->rf_board_opt, R92C_ROM_RF1_REGULATORY);
-	DPRINTF("regulatory type=%d\n", sc->regulatory);
+	URTWN_DPRINTF(sc, URTWN_DEBUG_ROM, "%s: regulatory type %d\n",
+	    __func__,sc->regulatory);
 	IEEE80211_ADDR_COPY(sc->sc_ic.ic_macaddr, rom->macaddr);
 
 	sc->sc_rf_write = urtwn_r88e_rf_write;
@@ -1772,7 +1845,8 @@ urtwn_ra_init(struct urtwn_softc *sc)
 		mode = R92C_RAID_11B;
 	else
 		mode = R92C_RAID_11BG;
-	DPRINTF("mode=0x%x rates=0x%08x, basicrates=0x%08x\n",
+	URTWN_DPRINTF(sc, URTWN_DEBUG_RA,
+	    "%s: mode 0x%x, rates 0x%08x, basicrates 0x%08x\n", __func__,
 	    mode, rates, basicrates);
 
 	/* Set rates mask for group addressed frames. */
@@ -1786,7 +1860,8 @@ urtwn_ra_init(struct urtwn_softc *sc)
 		return (error);
 	}
 	/* Set initial MRR rate. */
-	DPRINTF("maxbasicrate=%d\n", maxbasicrate);
+	URTWN_DPRINTF(sc, URTWN_DEBUG_RA, "%s: maxbasicrate %d\n", __func__,
+	    maxbasicrate);
 	urtwn_write_1(sc, R92C_INIDATA_RATE_SEL(URTWN_MACID_BC),
 	    maxbasicrate);
 
@@ -1800,7 +1875,8 @@ urtwn_ra_init(struct urtwn_softc *sc)
 		return (error);
 	}
 	/* Set initial MRR rate. */
-	DPRINTF("maxrate=%d\n", maxrate);
+	URTWN_DPRINTF(sc, URTWN_DEBUG_RA, "%s: maxrate %d\n", __func__,
+	    maxrate);
 	urtwn_write_1(sc, R92C_INIDATA_RATE_SEL(URTWN_MACID_BSS),
 	    maxrate);
 
@@ -1867,6 +1943,10 @@ urtwn_setup_beacon(struct urtwn_softc *sc, struct ieee80211_node *ni)
 	if ((error = urtwn_tx_beacon(sc, uvp)) != 0)
 		return (error);
 
+	URTWN_DPRINTF(sc, URTWN_DEBUG_BEACON, "%s: beacon was %srecognized\n",
+	    __func__, urtwn_read_1(sc, R92C_TDECTRL + 2) &
+	    (R92C_TDECTRL_BCN_VALID >> 16) ? "" : "not ");
+
 	return (0);
 }
 
@@ -1999,9 +2079,11 @@ urtwn_key_set_cb(struct urtwn_softc *sc, union sec_param *data)
 		return;
 	}
 
-	DPRINTFN(9, "keyix %d, keyid %d, algo %d/%d, flags %04X, len %d, "
-	    "macaddr %s\n", k->wk_keyix, keyid, k->wk_cipher->ic_cipher, algo,
-	    k->wk_flags, k->wk_keylen, ether_sprintf(k->wk_macaddr));
+	URTWN_DPRINTF(sc, URTWN_DEBUG_KEY,
+	    "%s: keyix %d, keyid %d, algo %d/%d, flags %04X, len %d, "
+	    "macaddr %s\n", __func__, k->wk_keyix, keyid,
+	    k->wk_cipher->ic_cipher, algo, k->wk_flags, k->wk_keylen,
+	    ether_sprintf(k->wk_macaddr));
 
 	/* Write key. */
 	for (i = 0; i < 4; i++) {
@@ -2036,7 +2118,8 @@ urtwn_key_del_cb(struct urtwn_softc *sc, union sec_param *data)
 	struct ieee80211_key *k = &data->key;
 	int i;
 
-	DPRINTFN(9, "keyix %d, flags %04X, macaddr %s\n", 
+	URTWN_DPRINTF(sc, URTWN_DEBUG_KEY,
+	    "%s: keyix %d, flags %04X, macaddr %s\n", __func__,
 	    k->wk_keyix, k->wk_flags, ether_sprintf(k->wk_macaddr));
 
 	urtwn_cam_write(sc, R92C_CAM_CTL0(k->wk_keyix), 0);
@@ -2228,14 +2311,17 @@ urtwn_newstate(struct ieee80211vap *vap, enum ieee80211_state nstate, int arg)
 	int error = 0;
 
 	ostate = vap->iv_state;
-	DPRINTF("%s -> %s\n", ieee80211_state_name[ostate],
-	    ieee80211_state_name[nstate]);
+	URTWN_DPRINTF(sc, URTWN_DEBUG_STATE, "%s -> %s\n",
+	    ieee80211_state_name[ostate], ieee80211_state_name[nstate]);
 
 	IEEE80211_UNLOCK(ic);
 	URTWN_LOCK(sc);
 	callout_stop(&sc->sc_watchdog_ch);
 
 	if (ostate == IEEE80211_S_RUN) {
+		/* Stop calibration. */
+		callout_stop(&sc->sc_calib_to);
+
 		/* Turn link LED off. */
 		urtwn_set_led(sc, URTWN_LED_LINK, 0);
 
@@ -2373,8 +2459,10 @@ urtwn_newstate(struct ieee80211vap *vap, enum ieee80211_state nstate, int arg)
 
 		sc->avg_pwdb = -1;	/* Reset average RSSI. */
 		/* Reset temperature calibration state machine. */
-		sc->thcal_state = 0;
+		sc->sc_flags &= ~URTWN_TEMP_MEASURED;
 		sc->thcal_lctemp = 0;
+		/* Start periodic calibration. */
+		callout_reset(&sc->sc_calib_to, 2*hz, urtwn_calib_to, sc);
 
 end_run:
 		ieee80211_free_node(ni);
@@ -2389,6 +2477,25 @@ end_run:
 }
 
 static void
+urtwn_calib_to(void *arg)
+{
+	struct urtwn_softc *sc = arg;
+
+	/* Do it in a process context. */
+	urtwn_cmd_sleepable(sc, NULL, 0, urtwn_calib_cb);
+}
+
+static void
+urtwn_calib_cb(struct urtwn_softc *sc, union sec_param *data)
+{
+	/* Do temperature compensation. */
+	urtwn_temp_calib(sc);
+
+	if ((urtwn_read_1(sc, R92C_MSR) & R92C_MSR_MASK) != R92C_MSR_NOLINK)
+		callout_reset(&sc->sc_calib_to, 2*hz, urtwn_calib_to, sc);
+}
+
+static void
 urtwn_watchdog(void *arg)
 {
 	struct urtwn_softc *sc = arg;
@@ -2437,7 +2544,8 @@ urtwn_update_avgrssi(struct urtwn_softc *sc, int rate, int8_t rssi)
 		sc->avg_pwdb = ((sc->avg_pwdb * 19 + pwdb) / 20) + 1;
 	else
 		sc->avg_pwdb = ((sc->avg_pwdb * 19 + pwdb) / 20);
-	DPRINTFN(4, "PWDB=%d EMA=%d\n", pwdb, sc->avg_pwdb);
+	URTWN_DPRINTF(sc, URTWN_DEBUG_RA, "%s: PWDB %d, EMA %d\n", __func__,
+	    pwdb, sc->avg_pwdb);
 }
 
 static int8_t
@@ -3270,7 +3378,8 @@ urtwn_load_firmware(struct urtwn_softc *sc)
 	if ((le16toh(hdr->signature) >> 4) == 0x88c ||
 	    (le16toh(hdr->signature) >> 4) == 0x88e ||
 	    (le16toh(hdr->signature) >> 4) == 0x92c) {
-		DPRINTF("FW V%d.%d %02d-%02d %02d:%02d\n",
+		URTWN_DPRINTF(sc, URTWN_DEBUG_FIRMWARE,
+		    "FW V%d.%d %02d-%02d %02d:%02d\n",
 		    le16toh(hdr->version), le16toh(hdr->subversion),
 		    hdr->month, hdr->date, hdr->hour, hdr->minute);
 		ptr += sizeof(*hdr);
@@ -3981,8 +4090,8 @@ urtwn_get_txpower(struct urtwn_softc *sc, int chain,
 		if (power[ridx] > R92C_MAX_TX_PWR)
 			power[ridx] = R92C_MAX_TX_PWR;
 	}
-#ifdef URTWN_DEBUG
-	if (urtwn_debug >= 4) {
+#ifdef USB_DEBUG
+	if (sc->sc_debug & URTWN_DEBUG_TXPWR) {
 		/* Dump per-rate Tx power values. */
 		printf("Tx power for chain %d:\n", chain);
 		for (ridx = URTWN_RIDX_CCK1; ridx < URTWN_RIDX_COUNT; ridx++)
@@ -4195,6 +4304,41 @@ urtwn_wme_update(struct ieee80211com *ic)
 }
 
 static void
+urtwn_update_slot(struct ieee80211com *ic)
+{
+	urtwn_cmd_sleepable(ic->ic_softc, NULL, 0, urtwn_update_slot_cb);
+}
+
+static void
+urtwn_update_slot_cb(struct urtwn_softc *sc, union sec_param *data)
+{
+	struct ieee80211com *ic = &sc->sc_ic;
+	uint8_t slottime;
+
+	slottime = IEEE80211_GET_SLOTTIME(ic);
+
+	URTWN_DPRINTF(sc, URTWN_DEBUG_ANY, "%s: setting slot time to %uus\n",
+	    __func__, slottime);
+
+	urtwn_write_1(sc, R92C_SLOT, slottime);
+	urtwn_update_aifs(sc, slottime);
+}
+
+static void
+urtwn_update_aifs(struct urtwn_softc *sc, uint8_t slottime)
+{
+	const struct wmeParams *wmep =
+	    sc->sc_ic.ic_wme.wme_chanParams.cap_wmeParams;
+	uint8_t aifs, ac;
+
+	for (ac = WME_AC_BE; ac < WME_NUM_AC; ac++) {
+		/* AIFS[AC] = AIFSN[AC] * aSlotTime + aSIFSTime. */
+		aifs = wmep[ac].wmep_aifsn * slottime + IEEE80211_DUR_SIFS;
+		urtwn_write_1(sc, wme2queue[ac].reg, aifs);
+        }
+}
+
+static void
 urtwn_set_promisc(struct urtwn_softc *sc)
 {
 	struct ieee80211com *ic = &sc->sc_ic;
@@ -4443,6 +4587,64 @@ urtwn_lc_calib(struct urtwn_softc *sc)
 	}
 }
 
+static void
+urtwn_temp_calib(struct urtwn_softc *sc)
+{
+	uint8_t temp;
+
+	URTWN_ASSERT_LOCKED(sc);
+
+	if (!(sc->sc_flags & URTWN_TEMP_MEASURED)) {
+		/* Start measuring temperature. */
+		URTWN_DPRINTF(sc, URTWN_DEBUG_TEMP,
+		    "%s: start measuring temperature\n", __func__);
+		if (sc->chip & URTWN_CHIP_88E) {
+			urtwn_rf_write(sc, 0, R88E_RF_T_METER,
+			    R88E_RF_T_METER_START);
+		} else {
+			urtwn_rf_write(sc, 0, R92C_RF_T_METER,
+			    R92C_RF_T_METER_START);
+		}
+		sc->sc_flags |= URTWN_TEMP_MEASURED;
+		return;
+	}
+	sc->sc_flags &= ~URTWN_TEMP_MEASURED;
+
+	/* Read measured temperature. */
+	if (sc->chip & URTWN_CHIP_88E) {
+		temp = MS(urtwn_rf_read(sc, 0, R88E_RF_T_METER),
+		    R88E_RF_T_METER_VAL);
+	} else {
+		temp = MS(urtwn_rf_read(sc, 0, R92C_RF_T_METER),
+		    R92C_RF_T_METER_VAL);
+	}
+	if (temp == 0) {	/* Read failed, skip. */
+		URTWN_DPRINTF(sc, URTWN_DEBUG_TEMP,
+		    "%s: temperature read failed, skipping\n", __func__);
+		return;
+	}
+
+	URTWN_DPRINTF(sc, URTWN_DEBUG_TEMP,
+	    "%s: temperature: previous %u, current %u\n",
+	    __func__, sc->thcal_lctemp, temp);
+
+	/*
+	 * Redo LC calibration if temperature changed significantly since
+	 * last calibration.
+	 */
+	if (sc->thcal_lctemp == 0) {
+		/* First LC calibration is performed in urtwn_init(). */
+		sc->thcal_lctemp = temp;
+	} else if (abs(temp - sc->thcal_lctemp) > 1) {
+		URTWN_DPRINTF(sc, URTWN_DEBUG_TEMP,
+		    "%s: LC calib triggered by temp: %u -> %u\n",
+		    __func__, sc->thcal_lctemp, temp);
+		urtwn_lc_calib(sc);
+		/* Record temperature of last LC calibration. */
+		sc->thcal_lctemp = temp;
+	}
+}
+
 static int
 urtwn_init(struct urtwn_softc *sc)
 {
@@ -4690,7 +4892,8 @@ urtwn_stop(struct urtwn_softc *sc)
 		return;
 	}
 
-	sc->sc_flags &= ~URTWN_RUNNING;
+	sc->sc_flags &= ~(URTWN_RUNNING | URTWN_TEMP_MEASURED);
+	sc->thcal_lctemp = 0;
 	callout_stop(&sc->sc_watchdog_ch);
 	urtwn_abort_xfers(sc);
 
diff --git a/sys/dev/usb/wlan/if_urtwnreg.h b/sys/dev/usb/wlan/if_urtwnreg.h
index f4d1d73..5b8b4f5 100644
--- a/sys/dev/usb/wlan/if_urtwnreg.h
+++ b/sys/dev/usb/wlan/if_urtwnreg.h
@@ -458,6 +458,7 @@
 /* Bits for R92C_TDECTRL. */
 #define R92C_TDECTRL_BLK_DESC_NUM_M	0x000000f0
 #define R92C_TDECTRL_BLK_DESC_NUM_S	4
+#define R92C_TDECTRL_BCN_VALID		0x00010000
 
 /* Bits for R92C_FWHW_TXQ_CTRL. */
 #define R92C_FWHW_TXQ_CTRL_AMPDU_RTY_NEW	0x80
@@ -812,6 +813,7 @@
 #define R92C_RF_SYN_G(i)	(0x25 + (i))
 #define R92C_RF_RCK_OS		0x30
 #define R92C_RF_TXPA_G(i)	(0x31 + (i))
+#define R88E_RF_T_METER		0x42
 
 /* Bits for R92C_RF_AC. */
 #define R92C_RF_AC_MODE_M	0x70000
@@ -825,6 +827,16 @@
 #define R88E_RF_CHNLBW_BW20	0x00c00
 #define R92C_RF_CHNLBW_LCSTART	0x08000
 
+/* Bits for R92C_RF_T_METER. */
+#define R92C_RF_T_METER_START	0x60
+#define R92C_RF_T_METER_VAL_M	0x1f
+#define R92C_RF_T_METER_VAL_S	0
+
+/* Bits for R88E_RF_T_METER. */
+#define R88E_RF_T_METER_VAL_M	0x0fc00
+#define R88E_RF_T_METER_VAL_S	10
+#define R88E_RF_T_METER_START	0x30000
+
 
 /*
  * CAM entries.
diff --git a/sys/dev/usb/wlan/if_urtwnvar.h b/sys/dev/usb/wlan/if_urtwnvar.h
index 40ad1ca..ac94f96 100644
--- a/sys/dev/usb/wlan/if_urtwnvar.h
+++ b/sys/dev/usb/wlan/if_urtwnvar.h
@@ -150,11 +150,13 @@ struct urtwn_softc {
 	device_t			sc_dev;
 	struct usb_device		*sc_udev;
 
+	uint32_t			sc_debug;
 	uint8_t				sc_iface_index;
-	u_int				sc_flags;
+	uint8_t				sc_flags;
 #define URTWN_FLAG_CCK_HIPWR	0x01
 #define URTWN_DETACHED		0x02
 #define	URTWN_RUNNING		0x04
+#define URTWN_TEMP_MEASURED	0x10
 
 	u_int				chip;
 #define	URTWN_CHIP_92C		0x01
@@ -179,8 +181,7 @@ struct urtwn_softc {
 	int8_t				ofdm_tx_pwr_diff;
 	int8_t				bw20_tx_pwr_diff;
 	int				avg_pwdb;
-	int				thcal_state;
-	int				thcal_lctemp;
+	uint8_t				thcal_lctemp;
 	int				ntxchains;
 	int				nrxchains;
 	int				ledlink;
@@ -202,7 +203,8 @@ struct urtwn_softc {
 
 	union urtwn_rom			rom;
 	uint16_t			last_rom_addr;
-		
+
+	struct callout			sc_calib_to;
 	struct callout			sc_watchdog_ch;
 	struct mtx			sc_mtx;
 	uint32_t			keys_bmap;
diff --git a/sys/fs/devfs/devfs_devs.c b/sys/fs/devfs/devfs_devs.c
index 40023c1..2c11fa4 100644
--- a/sys/fs/devfs/devfs_devs.c
+++ b/sys/fs/devfs/devfs_devs.c
@@ -304,6 +304,13 @@ devfs_vmkdir(struct devfs_mount *dmp, char *name, int namelen, struct devfs_dire
 void
 devfs_dirent_free(struct devfs_dirent *de)
 {
+	struct vnode *vp;
+
+	vp = de->de_vnode;
+	mtx_lock(&devfs_de_interlock);
+	if (vp != NULL && vp->v_data == de)
+		vp->v_data = NULL;
+	mtx_unlock(&devfs_de_interlock);
 	free(de, M_DEVFS3);
 }
 
diff --git a/sys/fs/ext2fs/ext2_alloc.c b/sys/fs/ext2fs/ext2_alloc.c
index 935cb0c..12067d2 100644
--- a/sys/fs/ext2fs/ext2_alloc.c
+++ b/sys/fs/ext2fs/ext2_alloc.c
@@ -393,6 +393,7 @@ ext2_valloc(struct vnode *pvp, int mode, struct ucred *cred, struct vnode **vpp)
 	 * Linux doesn't read the old inode in when it is allocating a
 	 * new one. I will set at least i_size and i_blocks to zero.
 	 */
+	ip->i_flag = 0;
 	ip->i_size = 0;
 	ip->i_blocks = 0;
 	ip->i_mode = 0;
diff --git a/sys/fs/ext2fs/ext2_dinode.h b/sys/fs/ext2fs/ext2_dinode.h
index 6ab6a84..3f5ddef 100644
--- a/sys/fs/ext2fs/ext2_dinode.h
+++ b/sys/fs/ext2fs/ext2_dinode.h
@@ -51,8 +51,8 @@
 /*
  * Inode flags
  * The system supports EXT2_IMMUTABLE, EXT2_APPEND and EXT2_NODUMP flags.
- * The current implementation also uses EXT4_INDEX, EXT4_EXTENTS and
- * EXT4_HUGE_FILE with some restrictions, imposed the lack of write
+ * The current implementation also uses EXT3_INDEX, EXT4_EXTENTS and
+ * EXT4_HUGE_FILE with some restrictions imposed by the lack of write
  * support.
  */
 #define	EXT2_SECRM		0x00000001	/* Secure deletion */
@@ -63,7 +63,7 @@
 #define	EXT2_APPEND		0x00000020 /* Writes to file may only append */
 #define	EXT2_NODUMP		0x00000040	/* Do not dump file */
 #define	EXT2_NOATIME		0x00000080	/* Do not update atime */
-#define	EXT4_INDEX		0x00001000	/* Hash-indexed directory */
+#define	EXT3_INDEX		0x00001000	/* Hash-indexed directory */
 #define	EXT4_IMAGIC		0x00002000	/* AFS directory */
 #define	EXT4_JOURNAL_DATA	0x00004000 /* File data should be journaled */
 #define	EXT4_NOTAIL		0x00008000 /* File tail should not be merged */
diff --git a/sys/fs/ext2fs/ext2_dir.h b/sys/fs/ext2fs/ext2_dir.h
index 1138b86..8d92882 100644
--- a/sys/fs/ext2fs/ext2_dir.h
+++ b/sys/fs/ext2fs/ext2_dir.h
@@ -40,6 +40,21 @@ struct	ext2fs_direct {
 	uint16_t e2d_namlen;		/* length of string in e2d_name */
 	char e2d_name[EXT2FS_MAXNAMLEN];/* name with length<=EXT2FS_MAXNAMLEN */
 };
+
+enum slotstatus {
+	NONE,
+	COMPACT,
+	FOUND
+};
+
+struct ext2fs_searchslot {
+	enum slotstatus slotstatus;
+	doff_t slotoffset;	/* offset of area with free space */
+	int slotsize;		/* size of area at slotoffset */
+	int slotfreespace;	/* amount of space free in slot */
+	int slotneeded;		/* sizeof the entry we are seeking */
+};
+
 /*
  * The new version of the directory entry.  Since EXT2 structures are
  * stored in intel byte order, and the name_len field could never be
diff --git a/sys/fs/ext2fs/ext2_extern.h b/sys/fs/ext2fs/ext2_extern.h
index f7b7657..93bd3f7 100644
--- a/sys/fs/ext2fs/ext2_extern.h
+++ b/sys/fs/ext2fs/ext2_extern.h
@@ -40,12 +40,15 @@
 #define	_FS_EXT2FS_EXT2_EXTERN_H_
 
 struct ext2fs_dinode;
+struct ext2fs_direct_2;
+struct ext2fs_searchslot;
 struct indir;
 struct inode;
 struct mount;
 struct vfsconf;
 struct vnode;
 
+int	ext2_add_entry(struct vnode *, struct ext2fs_direct_2 *);
 int	ext2_alloc(struct inode *, daddr_t, e4fs_daddr_t, int,
 	    struct ucred *, e4fs_daddr_t *);
 int	ext2_balloc(struct inode *,
@@ -83,6 +86,18 @@ int	ext2_dirempty(struct inode *, ino_t, struct ucred *);
 int	ext2_checkpath(struct inode *, struct inode *, struct ucred *);
 int	cg_has_sb(int i);
 int	ext2_inactive(struct vop_inactive_args *);
+int	ext2_htree_add_entry(struct vnode *, struct ext2fs_direct_2 *,
+	    struct componentname *);
+int	ext2_htree_create_index(struct vnode *, struct componentname *,
+	    struct ext2fs_direct_2 *);
+int	ext2_htree_has_idx(struct inode *);
+int	ext2_htree_hash(const char *, int, uint32_t *, int, uint32_t *,
+	    uint32_t *);
+int	ext2_htree_lookup(struct inode *, const char *, int, struct buf **,
+	    int *, doff_t *, doff_t *, doff_t *, struct ext2fs_searchslot *);
+int	ext2_search_dirblock(struct inode *, void *, int *, const char *, int,
+	    int *, doff_t *, doff_t *, doff_t *, struct ext2fs_searchslot *);
+
 
 /* Flags to low-level allocation routines.
  * The low 16-bits are reserved for IO_ flags from vnode.h.
diff --git a/sys/fs/ext2fs/ext2_hash.c b/sys/fs/ext2fs/ext2_hash.c
new file mode 100644
index 0000000..663a2df
--- /dev/null
+++ b/sys/fs/ext2fs/ext2_hash.c
@@ -0,0 +1,316 @@
+/*-
+ * Copyright (c) 2010, 2013 Zheng Liu <lz@freebsd.org>
+ * Copyright (c) 2012, Vyacheslav Matyushin
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * $FreeBSD$
+ */
+
+/*
+ * The following notice applies to the code in ext2_half_md4():
+ *
+ * Copyright (C) 1990-2, RSA Data Security, Inc. All rights reserved.
+ *
+ * License to copy and use this software is granted provided that it
+ * is identified as the "RSA Data Security, Inc. MD4 Message-Digest
+ * Algorithm" in all material mentioning or referencing this software
+ * or this function.
+ *
+ * License is also granted to make and use derivative works provided
+ * that such works are identified as "derived from the RSA Data
+ * Security, Inc. MD4 Message-Digest Algorithm" in all material
+ * mentioning or referencing the derived work.
+ *
+ * RSA Data Security, Inc. makes no representations concerning either
+ * the merchantability of this software or the suitability of this
+ * software for any particular purpose. It is provided "as is"
+ * without express or implied warranty of any kind.
+ *
+ * These notices must be retained in any copies of any part of this
+ * documentation and/or software.
+ */
+
+#include <sys/param.h>
+#include <sys/systm.h>
+#include <sys/conf.h>
+#include <sys/vnode.h>
+#include <sys/stat.h>
+#include <sys/mount.h>
+
+#include <fs/ext2fs/htree.h>
+#include <fs/ext2fs/inode.h>
+#include <fs/ext2fs/ext2_mount.h>
+#include <fs/ext2fs/ext2_extern.h>
+
+/* F, G, and H are MD4 functions */
+#define F(x, y, z) (((x) & (y)) | ((~x) & (z)))
+#define G(x, y, z) (((x) & (y)) | ((x) & (z)) | ((y) & (z)))
+#define H(x, y, z) ((x) ^ (y) ^ (z))
+
+/* ROTATE_LEFT rotates x left n bits */
+#define ROTATE_LEFT(x, n) (((x) << (n)) | ((x) >> (32 - (n))))
+
+/*
+ * FF, GG, and HH are transformations for rounds 1, 2, and 3.
+ * Rotation is separated from addition to prevent recomputation.
+ */
+#define FF(a, b, c, d, x, s) { \
+	(a) += F ((b), (c), (d)) + (x); \
+	(a) = ROTATE_LEFT ((a), (s)); \
+}
+
+#define GG(a, b, c, d, x, s) { \
+	(a) += G ((b), (c), (d)) + (x) + (uint32_t)0x5A827999; \
+	(a) = ROTATE_LEFT ((a), (s)); \
+}
+
+#define HH(a, b, c, d, x, s) { \
+	(a) += H ((b), (c), (d)) + (x) + (uint32_t)0x6ED9EBA1; \
+	(a) = ROTATE_LEFT ((a), (s)); \
+}
+
+/*
+ * MD4 basic transformation.  It transforms state based on block.
+ *
+ * This is a half md4 algorithm since Linux uses this algorithm for dir
+ * index.  This function is derived from the RSA Data Security, Inc. MD4
+ * Message-Digest Algorithm and was modified as necessary.
+ *
+ * The return value of this function is uint32_t in Linux, but actually we don't
+ * need to check this value, so in our version this function doesn't return any
+ * value.
+ */
+static void
+ext2_half_md4(uint32_t hash[4], uint32_t data[8])
+{
+	uint32_t a = hash[0], b = hash[1], c = hash[2], d = hash[3];
+
+	/* Round 1 */
+	FF(a, b, c, d, data[0],  3);
+	FF(d, a, b, c, data[1],  7);
+	FF(c, d, a, b, data[2], 11);
+	FF(b, c, d, a, data[3], 19);
+	FF(a, b, c, d, data[4],  3);
+	FF(d, a, b, c, data[5],  7);
+	FF(c, d, a, b, data[6], 11);
+	FF(b, c, d, a, data[7], 19);
+
+	/* Round 2 */
+	GG(a, b, c, d, data[1],  3);
+	GG(d, a, b, c, data[3],  5);
+	GG(c, d, a, b, data[5],  9);
+	GG(b, c, d, a, data[7], 13);
+	GG(a, b, c, d, data[0],  3);
+	GG(d, a, b, c, data[2],  5);
+	GG(c, d, a, b, data[4],  9);
+	GG(b, c, d, a, data[6], 13);
+
+	/* Round 3 */
+	HH(a, b, c, d, data[3],  3);
+	HH(d, a, b, c, data[7],  9);
+	HH(c, d, a, b, data[2], 11);
+	HH(b, c, d, a, data[6], 15);
+	HH(a, b, c, d, data[1],  3);
+	HH(d, a, b, c, data[5],  9);
+	HH(c, d, a, b, data[0], 11);
+	HH(b, c, d, a, data[4], 15);
+
+	hash[0] += a;
+	hash[1] += b;
+	hash[2] += c;
+	hash[3] += d;
+}
+
+/*
+ * Tiny Encryption Algorithm.
+ */
+static void
+ext2_tea(uint32_t hash[4], uint32_t data[8])
+{
+	uint32_t tea_delta = 0x9E3779B9;
+	uint32_t sum;
+	uint32_t x = hash[0], y = hash[1];
+	int n = 16;
+	int i = 1;
+
+	while (n-- > 0) {
+		sum = i * tea_delta;
+		x += ((y << 4) + data[0]) ^ (y + sum) ^ ((y >> 5) + data[1]);
+		y += ((x << 4) + data[2]) ^ (x + sum) ^ ((x >> 5) + data[3]);
+		i++;
+	}
+
+	hash[0] += x;
+	hash[1] += y;
+}
+
+static uint32_t
+ext2_legacy_hash(const char *name, int len, int unsigned_char)
+{
+	uint32_t h0, h1 = 0x12A3FE2D, h2 = 0x37ABE8F9;
+	uint32_t multi = 0x6D22F5;
+	const unsigned char *uname = (const unsigned char *)name;
+	const signed char *sname = (const signed char *)name;
+	int val, i;
+
+	for (i = 0; i < len; i++) {
+		if (unsigned_char)
+			val = (u_int)*uname++;
+		else
+			val = (int)*sname++;
+
+		h0 = h2 + (h1 ^ (val * multi));
+		if (h0 & 0x80000000)
+			h0 -= 0x7FFFFFFF;
+		h2 = h1;
+		h1 = h0;
+	}
+
+	return (h1 << 1);
+}
+
+static void
+ext2_prep_hashbuf(const char *src, int slen, uint32_t *dst, int dlen,
+	     int unsigned_char)
+{
+	uint32_t padding = slen | (slen << 8) | (slen << 16) | (slen << 24);
+	uint32_t buf_val;
+	const unsigned char *ubuf = (const unsigned char *)src;
+	const signed char *sbuf = (const signed char *)src;
+	int len, i;
+	int buf_byte;
+
+	if (slen > dlen)
+		len = dlen;
+	else
+		len = slen;
+
+	buf_val = padding;
+
+	for (i = 0; i < len; i++) {
+		if (unsigned_char)
+			buf_byte = (u_int)ubuf[i];
+		else
+			buf_byte = (int)sbuf[i];
+
+		if ((i % 4) == 0)
+			buf_val = padding;
+
+		buf_val <<= 8;
+		buf_val += buf_byte;
+
+		if ((i % 4) == 3) {
+			*dst++ = buf_val;
+			dlen -= sizeof(uint32_t);
+			buf_val = padding;
+		}
+	}
+
+	dlen -= sizeof(uint32_t);
+	if (dlen >= 0)
+		*dst++ = buf_val;
+
+	dlen -= sizeof(uint32_t);
+	while (dlen >= 0) {
+		*dst++ = padding;
+		dlen -= sizeof(uint32_t);
+	}
+}
+
+int
+ext2_htree_hash(const char *name, int len,
+		uint32_t *hash_seed, int hash_version,
+		uint32_t *hash_major, uint32_t *hash_minor)
+{
+	uint32_t hash[4];
+	uint32_t data[8];
+	uint32_t major = 0, minor = 0;
+	int unsigned_char = 0;
+
+	if (!name || !hash_major)
+		return (-1);
+
+	if (len < 1 || len > 255)
+		goto error;
+
+	hash[0] = 0x67452301;
+	hash[1] = 0xEFCDAB89;
+	hash[2] = 0x98BADCFE;
+	hash[3] = 0x10325476;
+
+	if (hash_seed)
+		memcpy(hash, hash_seed, sizeof(hash));
+
+	switch (hash_version) {
+	case EXT2_HTREE_TEA_UNSIGNED:
+		unsigned_char = 1;
+		/* FALLTHROUGH */
+	case EXT2_HTREE_TEA:
+		while (len > 0) {
+			ext2_prep_hashbuf(name, len, data, 16, unsigned_char);
+			ext2_tea(hash, data);
+			len -= 16;
+			name += 16;
+		}
+		major = hash[0];
+		minor = hash[1];
+		break;
+	case EXT2_HTREE_LEGACY_UNSIGNED:
+		unsigned_char = 1;
+		/* FALLTHROUGH */
+	case EXT2_HTREE_LEGACY:
+		major = ext2_legacy_hash(name, len, unsigned_char);
+		break;
+	case EXT2_HTREE_HALF_MD4_UNSIGNED:
+		unsigned_char = 1;
+		/* FALLTHROUGH */
+	case EXT2_HTREE_HALF_MD4:
+		while (len > 0) {
+			ext2_prep_hashbuf(name, len, data, 32, unsigned_char);
+			ext2_half_md4(hash, data);
+			len -= 32;
+			name += 32;
+		}
+		major = hash[1];
+		minor = hash[2];
+		break;
+	default:
+		goto error;
+	}
+
+	major &= ~1;
+	if (major == (EXT2_HTREE_EOF << 1))
+		major = (EXT2_HTREE_EOF - 1) << 1;
+	*hash_major = major;
+	if (hash_minor)
+		*hash_minor = minor;
+
+	return (0);
+
+error:
+	*hash_major = 0;
+	if (hash_minor)
+		*hash_minor = 0;
+	return (-1);
+}
diff --git a/sys/fs/ext2fs/ext2_htree.c b/sys/fs/ext2fs/ext2_htree.c
new file mode 100644
index 0000000..a109224
--- /dev/null
+++ b/sys/fs/ext2fs/ext2_htree.c
@@ -0,0 +1,899 @@
+/*-
+ * Copyright (c) 2010, 2012 Zheng Liu <lz@freebsd.org>
+ * Copyright (c) 2012, Vyacheslav Matyushin
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * $FreeBSD$
+ */
+
+#include <sys/param.h>
+#include <sys/endian.h>
+#include <sys/systm.h>
+#include <sys/namei.h>
+#include <sys/bio.h>
+#include <sys/buf.h>
+#include <sys/endian.h>
+#include <sys/mount.h>
+#include <sys/vnode.h>
+#include <sys/malloc.h>
+#include <sys/dirent.h>
+#include <sys/sysctl.h>
+
+#include <ufs/ufs/dir.h>
+
+#include <fs/ext2fs/inode.h>
+#include <fs/ext2fs/ext2_mount.h>
+#include <fs/ext2fs/ext2fs.h>
+#include <fs/ext2fs/fs.h>
+#include <fs/ext2fs/ext2_extern.h>
+#include <fs/ext2fs/ext2_dinode.h>
+#include <fs/ext2fs/ext2_dir.h>
+#include <fs/ext2fs/htree.h>
+
+static void	ext2_append_entry(char *block, uint32_t blksize,
+		    struct ext2fs_direct_2 *last_entry,
+		    struct ext2fs_direct_2 *new_entry);
+static int	ext2_htree_append_block(struct vnode *vp, char *data,
+		    struct componentname *cnp, uint32_t blksize);
+static int	ext2_htree_check_next(struct inode *ip, uint32_t hash,
+		    const char *name, struct ext2fs_htree_lookup_info *info);
+static int	ext2_htree_cmp_sort_entry(const void *e1, const void *e2);
+static int	ext2_htree_find_leaf(struct inode *ip, const char *name,
+		    int namelen, uint32_t *hash, uint8_t *hash_version,
+		    struct ext2fs_htree_lookup_info *info);
+static uint32_t ext2_htree_get_block(struct ext2fs_htree_entry *ep);
+static uint16_t	ext2_htree_get_count(struct ext2fs_htree_entry *ep);
+static uint32_t ext2_htree_get_hash(struct ext2fs_htree_entry *ep);
+static uint16_t	ext2_htree_get_limit(struct ext2fs_htree_entry *ep);
+static void	ext2_htree_insert_entry_to_level(struct ext2fs_htree_lookup_level *level,
+		    uint32_t hash, uint32_t blk);
+static void	ext2_htree_insert_entry(struct ext2fs_htree_lookup_info *info,
+		    uint32_t hash, uint32_t blk);
+static uint32_t	ext2_htree_node_limit(struct inode *ip);
+static void	ext2_htree_set_block(struct ext2fs_htree_entry *ep,
+		    uint32_t blk);
+static void	ext2_htree_set_count(struct ext2fs_htree_entry *ep,
+		    uint16_t cnt);
+static void	ext2_htree_set_hash(struct ext2fs_htree_entry *ep,
+		    uint32_t hash);
+static void	ext2_htree_set_limit(struct ext2fs_htree_entry *ep,
+		    uint16_t limit);
+static int	ext2_htree_split_dirblock(char *block1, char *block2,
+		    uint32_t blksize, uint32_t *hash_seed, uint8_t hash_version,
+		    uint32_t *split_hash, struct  ext2fs_direct_2 *entry);
+static void	ext2_htree_release(struct ext2fs_htree_lookup_info *info);
+static uint32_t	ext2_htree_root_limit(struct inode *ip, int len);
+static int	ext2_htree_writebuf(struct ext2fs_htree_lookup_info *info);
+
+int
+ext2_htree_has_idx(struct inode *ip)
+{
+	if (EXT2_HAS_COMPAT_FEATURE(ip->i_e2fs, EXT2F_COMPAT_DIRHASHINDEX) &&
+	    ip->i_flag & IN_E3INDEX)
+		return (1);
+	else
+		return (0);
+}
+
+static int
+ext2_htree_check_next(struct inode *ip, uint32_t hash, const char *name,
+		struct ext2fs_htree_lookup_info *info)
+{
+	struct vnode *vp = ITOV(ip);
+	struct ext2fs_htree_lookup_level *level;
+	struct buf *bp;
+	uint32_t next_hash;
+	int idx = info->h_levels_num - 1;
+	int levels = 0;
+
+	do {
+		level = &info->h_levels[idx];
+		level->h_entry++;
+		if (level->h_entry < level->h_entries +
+		    ext2_htree_get_count(level->h_entries))
+			break;
+		if (idx == 0)
+			return (0);
+		idx--;
+		levels++;
+	} while (1);
+
+	next_hash = ext2_htree_get_hash(level->h_entry);
+	if ((hash & 1) == 0) {
+		if (hash != (next_hash & ~1))
+			return (0);
+	}
+
+	while (levels > 0) {
+		levels--;
+		if (ext2_blkatoff(vp, ext2_htree_get_block(level->h_entry) *
+		    ip->i_e2fs->e2fs_bsize, NULL, &bp) != 0)
+			return (0);
+		level = &info->h_levels[idx + 1];
+		brelse(level->h_bp);
+		level->h_bp = bp;
+		level->h_entry = level->h_entries =
+		    ((struct ext2fs_htree_node *)bp->b_data)->h_entries;
+	}
+
+	return (1);
+}
+
+static uint32_t
+ext2_htree_get_block(struct ext2fs_htree_entry *ep)
+{
+	return (ep->h_blk & 0x00FFFFFF);
+}
+
+static void
+ext2_htree_set_block(struct ext2fs_htree_entry *ep, uint32_t blk)
+{
+	ep->h_blk = blk;
+}
+
+static uint16_t
+ext2_htree_get_count(struct ext2fs_htree_entry *ep)
+{
+	return (((struct ext2fs_htree_count *)(ep))->h_entries_num);
+}
+
+static void
+ext2_htree_set_count(struct ext2fs_htree_entry *ep, uint16_t cnt)
+{
+	((struct ext2fs_htree_count *)(ep))->h_entries_num = cnt;
+}
+
+static uint32_t
+ext2_htree_get_hash(struct ext2fs_htree_entry *ep)
+{
+	return (ep->h_hash);
+}
+
+static uint16_t
+ext2_htree_get_limit(struct ext2fs_htree_entry *ep)
+{
+	return (((struct ext2fs_htree_count *)(ep))->h_entries_max);
+}
+
+static void
+ext2_htree_set_hash(struct ext2fs_htree_entry *ep, uint32_t hash)
+{
+	ep->h_hash = hash;
+}
+
+static void
+ext2_htree_set_limit(struct ext2fs_htree_entry *ep, uint16_t limit)
+{
+	((struct ext2fs_htree_count *)(ep))->h_entries_max = limit;
+}
+
+static void
+ext2_htree_release(struct ext2fs_htree_lookup_info *info)
+{
+	int i;
+
+	for (i = 0; i < info->h_levels_num; i++) {
+		struct buf *bp = info->h_levels[i].h_bp;
+		if (bp != NULL)
+			brelse(bp);
+	}
+}
+
+static uint32_t
+ext2_htree_root_limit(struct inode *ip, int len)
+{
+	uint32_t space;
+
+	space = ip->i_e2fs->e2fs_bsize - EXT2_DIR_REC_LEN(1) -
+	    EXT2_DIR_REC_LEN(2) - len;
+	return (space / sizeof(struct ext2fs_htree_entry));
+}
+
+static uint32_t
+ext2_htree_node_limit(struct inode *ip)
+{
+	struct m_ext2fs *fs;
+	uint32_t space;
+
+	fs = ip->i_e2fs;
+	space = fs->e2fs_bsize - EXT2_DIR_REC_LEN(0);
+
+	return (space / sizeof(struct ext2fs_htree_entry));
+}
+
+static int
+ext2_htree_find_leaf(struct inode *ip, const char *name, int namelen,
+		     uint32_t *hash, uint8_t *hash_ver,
+		     struct ext2fs_htree_lookup_info *info)
+{
+	struct vnode *vp;
+	struct ext2fs *fs;
+	struct m_ext2fs *m_fs;
+	struct buf *bp = NULL;
+	struct ext2fs_htree_root *rootp;
+	struct ext2fs_htree_entry *entp, *start, *end, *middle, *found;
+	struct ext2fs_htree_lookup_level *level_info;
+	uint32_t hash_major = 0, hash_minor = 0;
+	uint32_t levels, cnt;
+	uint8_t hash_version;
+
+	if (name == NULL || info == NULL)
+		return (-1);
+
+	vp = ITOV(ip);
+	fs = ip->i_e2fs->e2fs;
+	m_fs = ip->i_e2fs;
+
+	if (ext2_blkatoff(vp, 0, NULL, &bp) != 0)
+		return (-1);
+
+	info->h_levels_num = 1;
+	info->h_levels[0].h_bp = bp;
+	rootp = (struct ext2fs_htree_root *)bp->b_data;
+	if (rootp->h_info.h_hash_version != EXT2_HTREE_LEGACY &&
+	    rootp->h_info.h_hash_version != EXT2_HTREE_HALF_MD4 &&
+	    rootp->h_info.h_hash_version != EXT2_HTREE_TEA)
+		goto error;
+
+	hash_version = rootp->h_info.h_hash_version;
+	if (hash_version <= EXT2_HTREE_TEA)
+		hash_version += m_fs->e2fs_uhash;
+	*hash_ver = hash_version;
+
+	ext2_htree_hash(name, namelen, fs->e3fs_hash_seed,
+	    hash_version, &hash_major, &hash_minor);
+	*hash = hash_major;
+
+	if ((levels = rootp->h_info.h_ind_levels) > 1)
+		goto error;
+
+	entp = (struct ext2fs_htree_entry *)(((char *)&rootp->h_info) +
+	    rootp->h_info.h_info_len);
+
+	if (ext2_htree_get_limit(entp) !=
+	    ext2_htree_root_limit(ip, rootp->h_info.h_info_len))
+		goto error;
+
+	while (1) {
+		cnt = ext2_htree_get_count(entp);
+		if (cnt == 0 || cnt > ext2_htree_get_limit(entp))
+			goto error;
+
+		start = entp + 1;
+		end = entp + cnt - 1;
+		while (start <= end) {
+			middle = start + (end - start) / 2;
+			if (ext2_htree_get_hash(middle) > hash_major)
+				end = middle - 1;
+			else
+				start = middle + 1;
+		}
+		found = start - 1;
+
+		level_info = &(info->h_levels[info->h_levels_num - 1]);
+		level_info->h_bp = bp;
+		level_info->h_entries = entp;
+		level_info->h_entry = found;
+		if (levels == 0)
+			return (0);
+		levels--;
+		if (ext2_blkatoff(vp,
+		    ext2_htree_get_block(found) * m_fs->e2fs_bsize,
+		    NULL, &bp) != 0)
+			goto error;
+		entp = ((struct ext2fs_htree_node *)bp->b_data)->h_entries;
+		info->h_levels_num++;
+		info->h_levels[info->h_levels_num - 1].h_bp = bp;
+	}
+
+error:
+	ext2_htree_release(info);
+	return (-1);
+}
+
+/*
+ * Try to lookup a directory entry in HTree index
+ */
+int
+ext2_htree_lookup(struct inode *ip, const char *name, int namelen,
+		  struct buf **bpp, int *entryoffp, doff_t *offp,
+		  doff_t *prevoffp, doff_t *endusefulp,
+		  struct ext2fs_searchslot *ss)
+{
+	struct vnode *vp;
+	struct ext2fs_htree_lookup_info info;
+	struct ext2fs_htree_entry *leaf_node;
+	struct m_ext2fs *m_fs;
+	struct buf *bp;
+	uint32_t blk;
+	uint32_t dirhash;
+	uint32_t bsize;
+	uint8_t hash_version;
+	int search_next;
+	int found = 0;
+
+	m_fs = ip->i_e2fs;
+	bsize = m_fs->e2fs_bsize;
+	vp = ITOV(ip);
+
+	/* TODO: print error msg because we don't lookup '.' and '..' */
+
+	memset(&info, 0, sizeof(info));
+	if (ext2_htree_find_leaf(ip, name, namelen, &dirhash,
+	    &hash_version, &info))
+		return (-1);
+
+	do {
+		leaf_node = info.h_levels[info.h_levels_num - 1].h_entry;
+		blk = ext2_htree_get_block(leaf_node);
+		if (ext2_blkatoff(vp, blk * bsize, NULL, &bp) != 0) {
+			ext2_htree_release(&info);
+			return (-1);
+		}
+
+		*offp = blk * bsize;
+		*entryoffp = 0;
+		*prevoffp = blk * bsize;
+		*endusefulp = blk * bsize;
+
+		if (ss->slotstatus == NONE) {
+			ss->slotoffset = -1;
+			ss->slotfreespace = 0;
+		}
+
+		if (ext2_search_dirblock(ip, bp->b_data, &found,
+		    name, namelen, entryoffp, offp, prevoffp,
+		    endusefulp, ss) != 0) {
+			brelse(bp);
+			ext2_htree_release(&info);
+			return (-1);
+		}
+
+		if (found) {
+			*bpp = bp;
+			ext2_htree_release(&info);
+			return (0);
+		}
+
+		brelse(bp);
+		search_next = ext2_htree_check_next(ip, dirhash, name, &info);
+	} while (search_next);
+
+	ext2_htree_release(&info);
+	return (ENOENT);
+}
+
+static int
+ext2_htree_append_block(struct vnode *vp, char *data,
+			struct componentname *cnp, uint32_t blksize)
+{
+	struct iovec aiov;
+	struct uio auio;
+	struct inode *dp = VTOI(vp);
+	uint64_t cursize, newsize;
+	int error;
+
+	cursize = roundup(dp->i_size, blksize);
+	newsize = cursize + blksize;
+
+	auio.uio_offset = cursize;
+	auio.uio_resid = blksize;
+	aiov.iov_len = blksize;
+	aiov.iov_base = data;
+	auio.uio_iov = &aiov;
+	auio.uio_iovcnt = 1;
+	auio.uio_rw = UIO_WRITE;
+	auio.uio_segflg = UIO_SYSSPACE;
+	error = VOP_WRITE(vp, &auio, IO_SYNC, cnp->cn_cred);
+	if (!error)
+		dp->i_size = newsize;
+
+	return (error);
+}
+
+static int
+ext2_htree_writebuf(struct ext2fs_htree_lookup_info *info)
+{
+	int i, error;
+
+	for (i = 0; i < info->h_levels_num; i++) {
+		struct buf *bp = info->h_levels[i].h_bp;
+		error = bwrite(bp);
+		if (error)
+			return (error);
+	}
+
+	return (0);
+}
+
+static void
+ext2_htree_insert_entry_to_level(struct ext2fs_htree_lookup_level *level,
+				 uint32_t hash, uint32_t blk)
+{
+	struct ext2fs_htree_entry *target;
+	int entries_num;
+
+	target = level->h_entry + 1;
+	entries_num = ext2_htree_get_count(level->h_entries);
+
+	memmove(target + 1, target, (char *)(level->h_entries + entries_num) -
+	    (char *)target);
+	ext2_htree_set_block(target, blk);
+	ext2_htree_set_hash(target, hash);
+	ext2_htree_set_count(level->h_entries, entries_num + 1);
+}
+
+/*
+ * Insert an index entry to the index node.
+ */
+static void
+ext2_htree_insert_entry(struct ext2fs_htree_lookup_info *info,
+			uint32_t hash, uint32_t blk)
+{
+	struct ext2fs_htree_lookup_level *level;
+
+	level = &info->h_levels[info->h_levels_num - 1];
+	ext2_htree_insert_entry_to_level(level, hash, blk);
+}
+
+/*
+ * Compare two entry sort descriptors by name hash value.
+ * This is used together with qsort.
+ */
+static int
+ext2_htree_cmp_sort_entry(const void *e1, const void *e2)
+{
+	const struct ext2fs_htree_sort_entry *entry1, *entry2;
+
+	entry1 = (const struct ext2fs_htree_sort_entry *)e1;
+	entry2 = (const struct ext2fs_htree_sort_entry *)e2;
+
+	if (entry1->h_hash < entry2->h_hash)
+		return (-1);
+	if (entry1->h_hash > entry2->h_hash)
+		return (1);
+	return (0);
+}
+
+/*
+ * Append an entry to the end of the directory block.
+ */
+static void
+ext2_append_entry(char *block, uint32_t blksize,
+		  struct ext2fs_direct_2 *last_entry,
+		  struct ext2fs_direct_2 *new_entry)
+{
+	uint16_t entry_len;
+
+	entry_len = EXT2_DIR_REC_LEN(last_entry->e2d_namlen);
+	last_entry->e2d_reclen = entry_len;
+	last_entry = (struct ext2fs_direct_2 *)((char *)last_entry + entry_len);
+	new_entry->e2d_reclen = block + blksize - (char *)last_entry;
+	memcpy(last_entry, new_entry, EXT2_DIR_REC_LEN(new_entry->e2d_namlen));
+}
+
+/*
+ * Move half of entries from the old directory block to the new one.
+ */
+static int
+ext2_htree_split_dirblock(char *block1, char *block2, uint32_t blksize,
+			  uint32_t *hash_seed, uint8_t hash_version,
+			  uint32_t *split_hash, struct ext2fs_direct_2 *entry)
+{
+	int entry_cnt = 0;
+	int size = 0;
+	int i, k;
+	uint32_t offset;
+	uint16_t entry_len = 0;
+	uint32_t entry_hash;
+	struct ext2fs_direct_2 *ep, *last;
+	char *dest;
+	struct ext2fs_htree_sort_entry *sort_info;
+
+	ep = (struct ext2fs_direct_2 *)block1;
+	dest = block2;
+	sort_info = (struct ext2fs_htree_sort_entry *)
+	    ((char *)block2 + blksize);
+
+	/*
+	 * Calculate name hash value for the entry which is to be added.
+	 */
+	ext2_htree_hash(entry->e2d_name, entry->e2d_namlen, hash_seed,
+	    hash_version, &entry_hash, NULL);
+
+	/*
+	 * Fill in directory entry sort descriptors.
+	 */
+	while ((char *)ep < block1 + blksize) {
+		if (ep->e2d_ino && ep->e2d_namlen) {
+			entry_cnt++;
+			sort_info--;
+			sort_info->h_size = ep->e2d_reclen;
+			sort_info->h_offset = (char *)ep - block1;
+			ext2_htree_hash(ep->e2d_name, ep->e2d_namlen,
+			    hash_seed, hash_version,
+			    &sort_info->h_hash, NULL);
+		}
+		ep = (struct ext2fs_direct_2 *)
+		    ((char *)ep + ep->e2d_reclen);
+	}
+
+	/*
+	 * Sort directory entry descriptors by name hash value.
+	 */
+	qsort(sort_info, entry_cnt, sizeof(struct ext2fs_htree_sort_entry),
+	    ext2_htree_cmp_sort_entry);
+
+	/*
+	 * Count the number of entries to move to directory block 2.
+	 */
+	for (i = entry_cnt - 1; i >= 0; i--) {
+		if (sort_info[i].h_size + size > blksize / 2)
+			break;
+		size += sort_info[i].h_size;
+	}
+
+	*split_hash = sort_info[i + 1].h_hash;
+
+	/*
+	 * Set collision bit.
+	 */
+	if (*split_hash == sort_info[i].h_hash)
+		*split_hash += 1;
+
+	/*
+	 * Move half of directory entries from block 1 to block 2.
+	 */
+	for (k = i + 1; k < entry_cnt; k++) {
+		ep = (struct ext2fs_direct_2 *)((char *)block1 +
+		    sort_info[k].h_offset);
+		entry_len = EXT2_DIR_REC_LEN(ep->e2d_namlen);
+		memcpy(dest, ep, entry_len);
+		((struct ext2fs_direct_2 *)dest)->e2d_reclen = entry_len;
+		/* Mark directory entry as unused. */
+		ep->e2d_ino = 0;
+		dest += entry_len;
+	}
+	dest -= entry_len;
+
+	/* Shrink directory entries in block 1. */
+	last = (struct ext2fs_direct_2 *)block1;
+	entry_len = 0;
+	for (offset = 0; offset < blksize; ) {
+		ep = (struct ext2fs_direct_2 *)(block1 + offset);
+		offset += ep->e2d_reclen;
+		if (ep->e2d_ino) {
+			last = (struct ext2fs_direct_2 *)
+			   ((char *)last + entry_len);
+			entry_len = EXT2_DIR_REC_LEN(ep->e2d_namlen);
+			memcpy((void *)last, (void *)ep, entry_len);
+			last->e2d_reclen = entry_len;
+		}
+	}
+
+	if (entry_hash >= *split_hash) {
+		/* Add entry to block 2. */
+		ext2_append_entry(block2, blksize,
+		    (struct ext2fs_direct_2 *)dest, entry);
+
+		/* Adjust length field of last entry of block 1. */
+		last->e2d_reclen = block1 + blksize - (char *)last;
+	} else {
+		/* Add entry to block 1. */
+		ext2_append_entry(block1, blksize, last, entry);
+
+		/* Adjust length field of last entry of block 2. */
+		((struct ext2fs_direct_2 *)dest)->e2d_reclen =
+		    block2 + blksize - dest;
+	}
+
+	return (0);
+}
+
+/*
+ * Create an HTree index for a directory
+ */
+int
+ext2_htree_create_index(struct vnode *vp, struct componentname *cnp,
+			struct ext2fs_direct_2 *new_entry)
+{
+	struct buf *bp = NULL;
+	struct inode *dp;
+	struct ext2fs *fs;
+	struct m_ext2fs *m_fs;
+	struct ext2fs_direct_2 *ep, *dotdot;
+	struct ext2fs_htree_root *root;
+	struct ext2fs_htree_lookup_info info;
+	uint32_t blksize, dirlen, split_hash;
+	uint8_t hash_version;
+	char *buf1 = NULL;
+	char *buf2 = NULL;
+	int error = 0;
+
+	dp = VTOI(vp);
+	fs = dp->i_e2fs->e2fs;
+	m_fs = dp->i_e2fs;
+	blksize = m_fs->e2fs_bsize;
+
+	buf1 = malloc(blksize, M_TEMP, M_WAITOK | M_ZERO);
+	buf2 = malloc(blksize, M_TEMP, M_WAITOK | M_ZERO);
+
+	if ((error = ext2_blkatoff(vp, 0, NULL, &bp)) != 0)
+		goto out;
+
+	root = (struct ext2fs_htree_root *)bp->b_data;
+	dotdot = (struct ext2fs_direct_2 *)((char *)&(root->h_dotdot));
+	ep = (struct ext2fs_direct_2 *)((char *)dotdot + dotdot->e2d_reclen);
+	dirlen = (char *)root + blksize - (char *)ep;
+	memcpy(buf1, ep, dirlen);
+	ep = (struct ext2fs_direct_2 *)buf1;
+	while ((char *)ep < buf1 + dirlen)
+		ep = (struct ext2fs_direct_2 *)
+		    ((char *)ep + ep->e2d_reclen);
+	ep->e2d_reclen = buf1 + blksize - (char *)ep;
+
+	dp->i_flag |= IN_E3INDEX;
+
+	/*
+	 * Initialize index root.
+	 */
+	dotdot->e2d_reclen = blksize - EXT2_DIR_REC_LEN(1);
+	memset(&root->h_info, 0, sizeof(root->h_info));
+	root->h_info.h_hash_version = fs->e3fs_def_hash_version;
+	root->h_info.h_info_len = sizeof(root->h_info);
+	ext2_htree_set_block(root->h_entries, 1);
+	ext2_htree_set_count(root->h_entries, 1);
+	ext2_htree_set_limit(root->h_entries,
+	    ext2_htree_root_limit(dp, sizeof(root->h_info)));
+
+	memset(&info, 0, sizeof(info));
+	info.h_levels_num = 1;
+	info.h_levels[0].h_entries = root->h_entries;
+	info.h_levels[0].h_entry = root->h_entries;
+
+	hash_version = root->h_info.h_hash_version;
+	if (hash_version <= EXT2_HTREE_TEA)
+		hash_version += m_fs->e2fs_uhash;
+	ext2_htree_split_dirblock(buf1, buf2, blksize, fs->e3fs_hash_seed,
+	    hash_version, &split_hash, new_entry);
+	ext2_htree_insert_entry(&info, split_hash, 2);
+
+	/*
+	 * Write directory block 0.
+	 */
+	if (DOINGASYNC(vp)) {
+		bdwrite(bp);
+		error = 0;
+	} else {
+		error = bwrite(bp);
+	}
+	dp->i_flag |= IN_CHANGE | IN_UPDATE;
+	if (error)
+		goto out;
+
+	/*
+	 * Write directory block 1.
+	 */
+	error = ext2_htree_append_block(vp, buf1, cnp, blksize);
+	if (error)
+		goto out1;
+
+	/*
+	 * Write directory block 2.
+	 */
+	error = ext2_htree_append_block(vp, buf2, cnp, blksize);
+
+	free(buf1, M_TEMP);
+	free(buf2, M_TEMP);
+	return (error);
+out:
+	if (bp != NULL)
+		brelse(bp);
+out1:
+	free(buf1, M_TEMP);
+	free(buf2, M_TEMP);
+	return (error);
+}
+
+/*
+ * Add an entry to the directory using htree index.
+ */
+int
+ext2_htree_add_entry(struct vnode *dvp, struct ext2fs_direct_2 *entry,
+		     struct componentname *cnp)
+{
+	struct ext2fs_htree_entry *entries, *leaf_node;
+	struct ext2fs_htree_lookup_info info;
+	struct buf *bp = NULL;
+	struct ext2fs *fs;
+	struct m_ext2fs *m_fs;
+	struct inode *ip;
+	uint16_t ent_num;
+	uint32_t dirhash, split_hash;
+	uint32_t blksize, blknum;
+	uint64_t cursize, dirsize;
+	uint8_t hash_version;
+	char *newdirblock = NULL;
+	char *newidxblock = NULL;
+	struct ext2fs_htree_node *dst_node;
+	struct ext2fs_htree_entry *dst_entries;
+	struct ext2fs_htree_entry *root_entires;
+	struct buf *dst_bp = NULL;
+	int error, write_bp = 0, write_dst_bp = 0, write_info = 0;
+
+	ip = VTOI(dvp);
+	m_fs = ip->i_e2fs;
+	fs = m_fs->e2fs;
+	blksize = m_fs->e2fs_bsize;
+
+	if (ip->i_count != 0) 
+		return ext2_add_entry(dvp, entry);
+
+	/* Target directory block is full, split it */
+	memset(&info, 0, sizeof(info));
+	error = ext2_htree_find_leaf(ip, entry->e2d_name, entry->e2d_namlen,
+	    &dirhash, &hash_version, &info);
+	if (error)
+		return (error);
+
+	entries = info.h_levels[info.h_levels_num - 1].h_entries;
+	ent_num = ext2_htree_get_count(entries);
+	if (ent_num == ext2_htree_get_limit(entries)) {
+		/* Split the index node. */
+		root_entires = info.h_levels[0].h_entries;
+		newidxblock = malloc(blksize, M_TEMP, M_WAITOK | M_ZERO);
+		dst_node = (struct ext2fs_htree_node *)newidxblock;
+		dst_entries = dst_node->h_entries;
+		memset(&dst_node->h_fake_dirent, 0,
+		    sizeof(dst_node->h_fake_dirent));
+		dst_node->h_fake_dirent.e2d_reclen = blksize;
+
+		cursize = roundup(ip->i_size, blksize);
+		dirsize = cursize + blksize;
+		blknum = dirsize / blksize - 1;
+
+		error = ext2_htree_append_block(dvp, newidxblock,
+		    cnp, blksize);
+		if (error)
+			goto finish;
+		error = ext2_blkatoff(dvp, cursize, NULL, &dst_bp);
+		if (error)
+			goto finish;
+		dst_node = (struct ext2fs_htree_node *)dst_bp->b_data;
+		dst_entries = dst_node->h_entries;
+
+		if (info.h_levels_num == 2) {
+			uint16_t src_ent_num, dst_ent_num;
+
+			if (ext2_htree_get_count(root_entires) ==
+			    ext2_htree_get_limit(root_entires)) {
+				/* Directory index is full */
+				error = EIO;
+				goto finish;
+			}
+
+			src_ent_num = ent_num / 2;
+			dst_ent_num = ent_num - src_ent_num;
+			split_hash = ext2_htree_get_hash(entries + src_ent_num);
+
+			/* Move half of index entries to the new index node */
+			memcpy(dst_entries, entries + src_ent_num,
+			    dst_ent_num * sizeof(struct ext2fs_htree_entry));
+			ext2_htree_set_count(entries, src_ent_num);
+			ext2_htree_set_count(dst_entries, dst_ent_num);
+			ext2_htree_set_limit(dst_entries,
+			    ext2_htree_node_limit(ip));
+
+			if (info.h_levels[1].h_entry >= entries + src_ent_num) {
+				struct buf *tmp = info.h_levels[1].h_bp;
+				info.h_levels[1].h_bp = dst_bp;
+				dst_bp = tmp;
+
+				info.h_levels[1].h_entry =
+				    info.h_levels[1].h_entry -
+				    (entries + src_ent_num) +
+				    dst_entries;
+				info.h_levels[1].h_entries = dst_entries;
+			}
+			ext2_htree_insert_entry_to_level(&info.h_levels[0],
+			    split_hash, blknum);
+
+			/* Write new index node to disk */
+			error = bwrite(dst_bp);
+			ip->i_flag |= IN_CHANGE | IN_UPDATE;
+			if (error)
+				goto finish;
+			write_dst_bp = 1;
+		} else {
+			/* Create second level for htree index */
+			struct ext2fs_htree_root *idx_root;
+
+			memcpy(dst_entries, entries,
+			    ent_num * sizeof(struct ext2fs_htree_entry));
+			ext2_htree_set_limit(dst_entries,
+			    ext2_htree_node_limit(ip));
+
+			idx_root = (struct ext2fs_htree_root *)
+			    info.h_levels[0].h_bp->b_data;
+			idx_root->h_info.h_ind_levels = 1;
+
+			ext2_htree_set_count(entries, 1);
+			ext2_htree_set_block(entries, blknum);
+
+			info.h_levels_num = 2;
+			info.h_levels[1].h_entries = dst_entries;
+			info.h_levels[1].h_entry = info.h_levels[0].h_entry -
+			    info.h_levels[0].h_entries + dst_entries;
+			info.h_levels[1].h_bp = dst_bp;
+			dst_bp = NULL;
+		}
+	}
+
+	leaf_node = info.h_levels[info.h_levels_num - 1].h_entry;
+	blknum = ext2_htree_get_block(leaf_node);
+	error = ext2_blkatoff(dvp, blknum * blksize, NULL, &bp);
+	if (error)
+		goto finish;
+
+	/* Split target directory block */
+	newdirblock = malloc(blksize, M_TEMP, M_WAITOK | M_ZERO);
+	ext2_htree_split_dirblock((char *)bp->b_data, newdirblock, blksize,
+	    fs->e3fs_hash_seed, hash_version, &split_hash, entry);
+	cursize = roundup(ip->i_size, blksize);
+	dirsize = cursize + blksize;
+	blknum = dirsize / blksize - 1;
+
+	/* Add index entry for the new directory block */
+	ext2_htree_insert_entry(&info, split_hash, blknum);
+
+	/* Write the new directory block to the end of the directory */
+	error = ext2_htree_append_block(dvp, newdirblock, cnp, blksize);
+	if (error)
+		goto finish;
+
+	/* Write the target directory block */
+	error = bwrite(bp);
+	ip->i_flag |= IN_CHANGE | IN_UPDATE;
+	if (error)
+		goto finish;
+	write_bp = 1;
+
+	/* Write the index block */
+	error = ext2_htree_writebuf(&info);
+	if (!error)
+		write_info = 1;
+
+finish:
+	if (dst_bp != NULL && !write_dst_bp)
+		brelse(dst_bp);
+	if (bp != NULL && !write_bp)
+		brelse(bp);
+	if (newdirblock != NULL)
+		free(newdirblock, M_TEMP);
+	if (newidxblock != NULL)
+		free(newidxblock, M_TEMP);
+	if (!write_info)
+		ext2_htree_release(&info);
+	return (error);
+}
diff --git a/sys/fs/ext2fs/ext2_inode_cnv.c b/sys/fs/ext2fs/ext2_inode_cnv.c
index b69d4e5..78679cf 100644
--- a/sys/fs/ext2fs/ext2_inode_cnv.c
+++ b/sys/fs/ext2fs/ext2_inode_cnv.c
@@ -110,7 +110,7 @@ ext2_ei2i(struct ext2fs_dinode *ei, struct inode *ip)
 	ip->i_flags |= (ei->e2di_flags & EXT2_APPEND) ? SF_APPEND : 0;
 	ip->i_flags |= (ei->e2di_flags & EXT2_IMMUTABLE) ? SF_IMMUTABLE : 0;
 	ip->i_flags |= (ei->e2di_flags & EXT2_NODUMP) ? UF_NODUMP : 0;
-	ip->i_flag |= (ei->e2di_flags & EXT4_INDEX) ? IN_E4INDEX : 0;
+	ip->i_flag |= (ei->e2di_flags & EXT3_INDEX) ? IN_E3INDEX : 0;
 	ip->i_flag |= (ei->e2di_flags & EXT4_EXTENTS) ? IN_E4EXTENTS : 0;
 	ip->i_blocks = ei->e2di_nblock;
 	if (E2DI_HAS_HUGE_FILE(ip)) {
@@ -149,18 +149,16 @@ ext2_i2ei(struct inode *ip, struct ext2fs_dinode *ei)
 	ei->e2di_atime = ip->i_atime;
 	ei->e2di_mtime = ip->i_mtime;
 	ei->e2di_ctime = ip->i_ctime;
-	if (E2DI_HAS_XTIME(ip)) {
-		ei->e2di_ctime_extra = NSEC_TO_XTIME(ip->i_ctimensec);
-		ei->e2di_mtime_extra = NSEC_TO_XTIME(ip->i_mtimensec);
-		ei->e2di_atime_extra = NSEC_TO_XTIME(ip->i_atimensec);
-		ei->e2di_crtime = ip->i_birthtime;
-		ei->e2di_crtime_extra = NSEC_TO_XTIME(ip->i_birthnsec);
-	}
+	ei->e2di_ctime_extra = NSEC_TO_XTIME(ip->i_ctimensec);
+	ei->e2di_mtime_extra = NSEC_TO_XTIME(ip->i_mtimensec);
+	ei->e2di_atime_extra = NSEC_TO_XTIME(ip->i_atimensec);
+	ei->e2di_crtime = ip->i_birthtime;
+	ei->e2di_crtime_extra = NSEC_TO_XTIME(ip->i_birthnsec);
 	ei->e2di_flags = 0;
 	ei->e2di_flags |= (ip->i_flags & SF_APPEND) ? EXT2_APPEND: 0;
 	ei->e2di_flags |= (ip->i_flags & SF_IMMUTABLE) ? EXT2_IMMUTABLE: 0;
 	ei->e2di_flags |= (ip->i_flags & UF_NODUMP) ? EXT2_NODUMP: 0;
-	ei->e2di_flags |= (ip->i_flag & IN_E4INDEX) ? EXT4_INDEX: 0;
+	ei->e2di_flags |= (ip->i_flag & IN_E3INDEX) ? EXT3_INDEX: 0;
 	ei->e2di_flags |= (ip->i_flag & IN_E4EXTENTS) ? EXT4_EXTENTS: 0;
 	ei->e2di_nblock = ip->i_blocks & 0xffffffff;
 	ei->e2di_nblock_high = ip->i_blocks >> 32 & 0xffff;
diff --git a/sys/fs/ext2fs/ext2_lookup.c b/sys/fs/ext2fs/ext2_lookup.c
index 379eb44..5980c4b 100644
--- a/sys/fs/ext2fs/ext2_lookup.c
+++ b/sys/fs/ext2fs/ext2_lookup.c
@@ -113,9 +113,19 @@ static u_char dt_to_ext2_ft[] = {
 
 static int	ext2_dirbadentry(struct vnode *dp, struct ext2fs_direct_2 *de,
 		    int entryoffsetinblock);
+static int	ext2_is_dot_entry(struct componentname *cnp);
 static int	ext2_lookup_ino(struct vnode *vdp, struct vnode **vpp,
 		    struct componentname *cnp, ino_t *dd_ino);
 
+static int
+ext2_is_dot_entry(struct componentname *cnp)
+{
+	if (cnp->cn_namelen <= 2 && cnp->cn_nameptr[0] == '.' &&
+	    (cnp->cn_nameptr[1] == '.' || cnp->cn_nameptr[1] == '\0'))
+		return (1);
+	return (0);
+}
+
 /*
  * Vnode op for reading directories.
  */
@@ -296,13 +306,9 @@ ext2_lookup_ino(struct vnode *vdp, struct vnode **vpp, struct componentname *cnp
 	struct buf *bp;			/* a buffer of directory entries */
 	struct ext2fs_direct_2 *ep;	/* the current directory entry */
 	int entryoffsetinblock;		/* offset of ep in bp's buffer */
-	enum {NONE, COMPACT, FOUND} slotstatus;
-	doff_t slotoffset;		/* offset of area with free space */
+	struct ext2fs_searchslot ss;
 	doff_t i_diroff;		/* cached i_diroff value */
 	doff_t i_offset;		/* cached i_offset value */
-	int slotsize;			/* size of area at slotoffset */
-	int slotfreespace;		/* amount of space free in slot */
-	int slotneeded;			/* size of the entry we're seeking */
 	int numdirpasses;		/* strategy for directory search */
 	doff_t endsearch;		/* offset to end directory search */
 	doff_t prevoff;			/* prev entry dp->i_offset */
@@ -310,12 +316,13 @@ ext2_lookup_ino(struct vnode *vdp, struct vnode **vpp, struct componentname *cnp
 	struct vnode *tdp;		/* returned by VFS_VGET */
 	doff_t enduseful;		/* pointer past last used dir slot */
 	u_long bmask;			/* block offset mask */
-	int namlen, error;
+	int error;
 	struct ucred *cred = cnp->cn_cred;
 	int flags = cnp->cn_flags;
 	int nameiop = cnp->cn_nameiop;
 	ino_t ino, ino1;
 	int ltype;
+	int entry_found = 0;
 
 	int	DIRBLKSIZ = VTOI(vdp)->i_e2fs->e2fs_bsize;
 
@@ -326,31 +333,57 @@ ext2_lookup_ino(struct vnode *vdp, struct vnode **vpp, struct componentname *cnp
 	bmask = VFSTOEXT2(vdp->v_mount)->um_mountp->mnt_stat.f_iosize - 1;
 restart:
 	bp = NULL;
-	slotoffset = -1;
+	ss.slotoffset = -1;
 
 	/*
 	 * We now have a segment name to search for, and a directory to search.
-	 */
-
-	/*
+	 *
 	 * Suppress search for slots unless creating
 	 * file and at end of pathname, in which case
 	 * we watch for a place to put the new file in
 	 * case it doesn't already exist.
 	 */
 	i_diroff = dp->i_diroff;
-	slotstatus = FOUND;
-	slotfreespace = slotsize = slotneeded = 0;
+	ss.slotstatus = FOUND;
+	ss.slotfreespace = ss.slotsize = ss.slotneeded = 0;
 	if ((nameiop == CREATE || nameiop == RENAME) &&
 	    (flags & ISLASTCN)) {
-		slotstatus = NONE;
-		slotneeded = EXT2_DIR_REC_LEN(cnp->cn_namelen);
+		ss.slotstatus = NONE;
+		ss.slotneeded = EXT2_DIR_REC_LEN(cnp->cn_namelen);
 		/* was
-		slotneeded = (sizeof(struct direct) - MAXNAMLEN +
+		ss.slotneeded = (sizeof(struct direct) - MAXNAMLEN +
 			cnp->cn_namelen + 3) &~ 3; */
 	}
 
 	/*
+	 * Try to lookup dir entry using htree directory index.
+	 *
+	 * If we got an error or we want to find '.' or '..' entry,
+	 * we will fall back to linear search.
+	 */
+	if (!ext2_is_dot_entry(cnp) && ext2_htree_has_idx(dp)) {
+		numdirpasses = 1;
+		entryoffsetinblock = 0;
+		switch (ext2_htree_lookup(dp, cnp->cn_nameptr, cnp->cn_namelen,
+				&bp, &entryoffsetinblock, &i_offset, &prevoff,
+				&enduseful, &ss)) {
+		case 0:
+			ep = (struct ext2fs_direct_2 *)((char *)bp->b_data +
+				(i_offset & bmask));
+			goto foundentry;
+		case ENOENT:
+			i_offset = roundup2(dp->i_size, DIRBLKSIZ);
+			goto notfound;
+		default:
+			/*
+			 * Something failed; just fallback to do a linear
+			 * search.
+			 */
+			break;
+		}
+	}
+
+	/*
 	 * If there is cached information on a previous search of
 	 * this directory, pick up where we last left off.
 	 * We cache only lookups as these are the most common
@@ -384,96 +417,38 @@ searchloop:
 		/*
 		 * If necessary, get the next directory block.
 		 */
-		if ((i_offset & bmask) == 0) {
-			if (bp != NULL)
-				brelse(bp);
-			if ((error =
-			    ext2_blkatoff(vdp, (off_t)i_offset, NULL,
-			    &bp)) != 0)
-				return (error);
-			entryoffsetinblock = 0;
-		}
+		if (bp != NULL)
+			brelse(bp);
+		error = ext2_blkatoff(vdp, (off_t)i_offset, NULL, &bp);
+		if (error != 0)
+			return (error);
+		entryoffsetinblock = 0;
 		/*
 		 * If still looking for a slot, and at a DIRBLKSIZE
 		 * boundary, have to start looking for free space again.
 		 */
-		if (slotstatus == NONE &&
+		if (ss.slotstatus == NONE &&
 		    (entryoffsetinblock & (DIRBLKSIZ - 1)) == 0) {
-			slotoffset = -1;
-			slotfreespace = 0;
+			ss.slotoffset = -1;
+			ss.slotfreespace = 0;
 		}
-		/*
-		 * Get pointer to next entry.
-		 * Full validation checks are slow, so we only check
-		 * enough to insure forward progress through the
-		 * directory. Complete checks can be run by setting
-		 * "vfs.e2fs.dirchk" to be true.
-		 */
-		ep = (struct ext2fs_direct_2 *)
-			((char *)bp->b_data + entryoffsetinblock);
-		if (ep->e2d_reclen == 0 ||
-		    (dirchk && ext2_dirbadentry(vdp, ep, entryoffsetinblock))) {
-			int i;
-			ext2_dirbad(dp, i_offset, "mangled entry");
-			i = DIRBLKSIZ - (entryoffsetinblock & (DIRBLKSIZ - 1));
-			i_offset += i;
-			entryoffsetinblock += i;
-			continue;
-		}
-
-		/*
-		 * If an appropriate sized slot has not yet been found,
-		 * check to see if one is available. Also accumulate space
-		 * in the current block so that we can determine if
-		 * compaction is viable.
-		 */
-		if (slotstatus != FOUND) {
-			int size = ep->e2d_reclen;
-
-			if (ep->e2d_ino != 0)
-				size -= EXT2_DIR_REC_LEN(ep->e2d_namlen);
-			if (size > 0) {
-				if (size >= slotneeded) {
-					slotstatus = FOUND;
-					slotoffset = i_offset;
-					slotsize = ep->e2d_reclen;
-				} else if (slotstatus == NONE) {
-					slotfreespace += size;
-					if (slotoffset == -1)
-						slotoffset = i_offset;
-					if (slotfreespace >= slotneeded) {
-						slotstatus = COMPACT;
-						slotsize = i_offset +
-						      ep->e2d_reclen - slotoffset;
-					}
-				}
-			}
+		error = ext2_search_dirblock(dp, bp->b_data, &entry_found,
+				cnp->cn_nameptr, cnp->cn_namelen,
+				&entryoffsetinblock, &i_offset, &prevoff,
+				&enduseful, &ss);
+		if (error != 0) {
+			brelse(bp);
+			return (error);
 		}
-
-		/*
-		 * Check for a name match.
-		 */
-		if (ep->e2d_ino) {
-			namlen = ep->e2d_namlen;
-			if (namlen == cnp->cn_namelen &&
-			    !bcmp(cnp->cn_nameptr, ep->e2d_name,
-				(unsigned)namlen)) {
-				/*
-				 * Save directory entry's inode number and
-				 * reclen in ndp->ni_ufs area, and release
-				 * directory buffer.
-				 */
-				ino = ep->e2d_ino;
-				goto found;
-			}
+		if (entry_found) {
+			ep = (struct ext2fs_direct_2 *)((char *)bp->b_data +
+				(entryoffsetinblock & bmask));
+foundentry:
+			ino = ep->e2d_ino;
+			goto found;
 		}
-		prevoff = i_offset;
-		i_offset += ep->e2d_reclen;
-		entryoffsetinblock += ep->e2d_reclen;
-		if (ep->e2d_ino)
-			enduseful = i_offset;
 	}
-/* notfound: */
+notfound:
 	/*
 	 * If we started in the middle of the directory and failed
 	 * to find our target, we must check the beginning as well.
@@ -508,15 +483,15 @@ searchloop:
 		 * can be put in the range from dp->i_offset to
 		 * dp->i_offset + dp->i_count.
 		 */
-		if (slotstatus == NONE) {
+		if (ss.slotstatus == NONE) {
 			dp->i_offset = roundup2(dp->i_size, DIRBLKSIZ);
 			dp->i_count = 0;
 			enduseful = dp->i_offset;
 		} else {
-			dp->i_offset = slotoffset;
-			dp->i_count = slotsize;
-			if (enduseful < slotoffset + slotsize)
-				enduseful = slotoffset + slotsize;
+			dp->i_offset = ss.slotoffset;
+			dp->i_count = ss.slotsize;
+			if (enduseful < ss.slotoffset + ss.slotsize)
+				enduseful = ss.slotoffset + ss.slotsize;
 		}
 		dp->i_endoff = roundup2(enduseful, DIRBLKSIZ);
 		/*
@@ -722,6 +697,102 @@ found:
 	return (0);
 }
 
+int
+ext2_search_dirblock(struct inode *ip, void *data, int *foundp,
+	const char *name, int namelen, int *entryoffsetinblockp,
+	doff_t *offp, doff_t *prevoffp, doff_t *endusefulp,
+	struct ext2fs_searchslot *ssp)
+{
+	struct vnode *vdp;
+	struct ext2fs_direct_2 *ep, *top;
+	uint32_t bsize = ip->i_e2fs->e2fs_bsize;
+	int offset = *entryoffsetinblockp;
+	int namlen;
+
+	vdp = ITOV(ip);
+
+	ep = (struct ext2fs_direct_2 *)((char *)data + offset);
+	top = (struct ext2fs_direct_2 *)((char *)data +
+		bsize - EXT2_DIR_REC_LEN(0));
+
+	while (ep < top) {
+		/*
+		 * Full validation checks are slow, so we only check
+		 * enough to insure forward progress through the
+		 * directory. Complete checks can be run by setting
+		 * "vfs.e2fs.dirchk" to be true.
+		 */
+		if (ep->e2d_reclen == 0 ||
+		    (dirchk && ext2_dirbadentry(vdp, ep, offset))) {
+			int i;
+			ext2_dirbad(ip, *offp, "mangled entry");
+			i = bsize - (offset & (bsize - 1));
+			*offp += i;
+			offset += i;
+			continue;
+		}
+
+		/*
+		 * If an appropriate sized slot has not yet been found,
+		 * check to see if one is available. Also accumulate space
+		 * in the current block so that we can determine if
+		 * compaction is viable.
+		 */
+		if (ssp->slotstatus != FOUND) {
+			int size = ep->e2d_reclen;
+
+			if (ep->e2d_ino != 0)
+				size -= EXT2_DIR_REC_LEN(ep->e2d_namlen);
+			if (size > 0) {
+				if (size >= ssp->slotneeded) {
+					ssp->slotstatus = FOUND;
+					ssp->slotoffset = *offp;
+					ssp->slotsize = ep->e2d_reclen;
+				} else if (ssp->slotstatus == NONE) {
+					ssp->slotfreespace += size;
+					if (ssp->slotoffset == -1)
+						ssp->slotoffset = *offp;
+					if (ssp->slotfreespace >= ssp->slotneeded) {
+						ssp->slotstatus = COMPACT;
+						ssp->slotsize = *offp +
+							ep->e2d_reclen -
+							ssp->slotoffset;
+					}
+				}
+			}
+		}
+
+		/*
+		 * Check for a name match.
+		 */
+		if (ep->e2d_ino) {
+			namlen = ep->e2d_namlen;
+			if (namlen == namelen &&
+			    !bcmp(name, ep->e2d_name, (unsigned)namlen)) {
+				/*
+				 * Save directory entry's inode number and
+				 * reclen in ndp->ni_ufs area, and release
+				 * directory buffer.
+				 */
+				*foundp = 1;
+				return (0);
+			}
+		}
+		*prevoffp = *offp;
+		*offp += ep->e2d_reclen;
+		offset += ep->e2d_reclen;
+		*entryoffsetinblockp = offset;
+		if (ep->e2d_ino)
+			*endusefulp = *offp;
+		/*
+		 * Get pointer to the next entry.
+		 */
+		ep = (struct ext2fs_direct_2 *)((char *)data + offset);
+	}
+
+	return (0);
+}
+
 void
 ext2_dirbad(struct inode *ip, doff_t offset, char *how)
 {
@@ -791,16 +862,12 @@ ext2_dirbadentry(struct vnode *dp, struct ext2fs_direct_2 *de,
 int
 ext2_direnter(struct inode *ip, struct vnode *dvp, struct componentname *cnp)
 {
-	struct ext2fs_direct_2 *ep, *nep;
 	struct inode *dp;
-	struct buf *bp;
 	struct ext2fs_direct_2 newdir;
 	struct iovec aiov;
 	struct uio auio;
-	u_int dsize;
-	int error, loc, newentrysize, spacefree;
-	char *dirbuf;
-	int     DIRBLKSIZ = ip->i_e2fs->e2fs_bsize;
+	int error, newentrysize;
+	int DIRBLKSIZ = ip->i_e2fs->e2fs_bsize;
 
 
 #ifdef INVARIANTS
@@ -817,6 +884,28 @@ ext2_direnter(struct inode *ip, struct vnode *dvp, struct componentname *cnp)
 		newdir.e2d_type = EXT2_FT_UNKNOWN;
 	bcopy(cnp->cn_nameptr, newdir.e2d_name, (unsigned)cnp->cn_namelen + 1);
 	newentrysize = EXT2_DIR_REC_LEN(newdir.e2d_namlen);
+
+	if (ext2_htree_has_idx(dp)) {
+		error = ext2_htree_add_entry(dvp, &newdir, cnp);
+		if (error) {
+			dp->i_flag &= ~IN_E3INDEX;
+			dp->i_flag |= IN_CHANGE | IN_UPDATE;
+		}
+		return (error);
+	}
+
+	if (EXT2_HAS_COMPAT_FEATURE(ip->i_e2fs, EXT2F_COMPAT_DIRHASHINDEX) &&
+	    !ext2_htree_has_idx(dp)) {
+		if ((dp->i_size / DIRBLKSIZ) == 1 &&
+		    dp->i_offset == DIRBLKSIZ) {
+			/*
+			 * Making indexed directory when one block is not
+			 * enough to save all entries.
+			 */
+			return ext2_htree_create_index(dvp, cnp, &newdir);
+		}
+	}
+
 	if (dp->i_count == 0) {
 		/*
 		 * If dp->i_count is 0, then namei could find no
@@ -848,6 +937,29 @@ ext2_direnter(struct inode *ip, struct vnode *dvp, struct componentname *cnp)
 		return (error);
 	}
 
+	error = ext2_add_entry(dvp, &newdir);
+	if (!error && dp->i_endoff && dp->i_endoff < dp->i_size)
+		error = ext2_truncate(dvp, (off_t)dp->i_endoff, IO_SYNC,
+		    cnp->cn_cred, cnp->cn_thread);
+	return (error);
+}
+
+/*
+ * Insert an entry into the directory block.
+ * Compact the contents.
+ */
+int
+ext2_add_entry(struct vnode *dvp, struct ext2fs_direct_2 *entry)
+{
+	struct ext2fs_direct_2 *ep, *nep;
+	struct inode *dp;
+	struct buf *bp;
+	u_int dsize;
+	int error, loc, newentrysize, spacefree;
+	char *dirbuf;
+
+	dp = VTOI(dvp);
+
 	/*
 	 * If dp->i_count is non-zero, then namei found space
 	 * for the new entry in the range dp->i_offset to
@@ -879,6 +991,7 @@ ext2_direnter(struct inode *ip, struct vnode *dvp, struct componentname *cnp)
 	 * dp->i_offset + dp->i_count would yield the
 	 * space.
 	 */
+	newentrysize = EXT2_DIR_REC_LEN(entry->e2d_namlen);
 	ep = (struct ext2fs_direct_2 *)dirbuf;
 	dsize = EXT2_DIR_REC_LEN(ep->e2d_namlen);
 	spacefree = ep->e2d_reclen - dsize;
@@ -904,15 +1017,15 @@ ext2_direnter(struct inode *ip, struct vnode *dvp, struct componentname *cnp)
 	if (ep->e2d_ino == 0) {
 		if (spacefree + dsize < newentrysize)
 			panic("ext2_direnter: compact1");
-		newdir.e2d_reclen = spacefree + dsize;
+		entry->e2d_reclen = spacefree + dsize;
 	} else {
 		if (spacefree < newentrysize)
 			panic("ext2_direnter: compact2");
-		newdir.e2d_reclen = spacefree;
+		entry->e2d_reclen = spacefree;
 		ep->e2d_reclen = dsize;
 		ep = (struct ext2fs_direct_2 *)((char *)ep + dsize);
 	}
-	bcopy((caddr_t)&newdir, (caddr_t)ep, (u_int)newentrysize);
+	bcopy((caddr_t)entry, (caddr_t)ep, (u_int)newentrysize);
 	if (DOINGASYNC(dvp)) {
 		bdwrite(bp);
 		error = 0;
@@ -920,9 +1033,6 @@ ext2_direnter(struct inode *ip, struct vnode *dvp, struct componentname *cnp)
 		error = bwrite(bp);
 	}
 	dp->i_flag |= IN_CHANGE | IN_UPDATE;
-	if (!error && dp->i_endoff && dp->i_endoff < dp->i_size)
-		error = ext2_truncate(dvp, (off_t)dp->i_endoff, IO_SYNC,
-		    cnp->cn_cred, cnp->cn_thread);
 	return (error);
 }
 
diff --git a/sys/fs/ext2fs/ext2_vfsops.c b/sys/fs/ext2fs/ext2_vfsops.c
index 5339aa2..fab98a5 100644
--- a/sys/fs/ext2fs/ext2_vfsops.c
+++ b/sys/fs/ext2fs/ext2_vfsops.c
@@ -399,8 +399,22 @@ compute_sb_data(struct vnode *devvp, struct ext2fs *es,
 	if (es->e2fs_rev == E2FS_REV0 ||
 	    !EXT2_HAS_RO_COMPAT_FEATURE(fs, EXT2F_ROCOMPAT_LARGEFILE))
 		fs->e2fs_maxfilesize = 0x7fffffff;
-	else
-		fs->e2fs_maxfilesize = 0x7fffffffffffffff;
+	else {
+		fs->e2fs_maxfilesize = 0xffffffffffff;
+		if (EXT2_HAS_RO_COMPAT_FEATURE(fs, EXT2F_ROCOMPAT_HUGE_FILE))
+			fs->e2fs_maxfilesize = 0x7fffffffffffffff;
+	}
+	if (es->e4fs_flags & E2FS_UNSIGNED_HASH) {
+		fs->e2fs_uhash = 3;
+	} else if ((es->e4fs_flags & E2FS_SIGNED_HASH) == 0) {
+#ifdef __CHAR_UNSIGNED__
+		es->e4fs_flags |= E2FS_UNSIGNED_HASH;
+		fs->e2fs_uhash = 3;
+#else
+		es->e4fs_flags |= E2FS_SIGNED_HASH;
+#endif
+	}
+
 	return (0);
 }
 
diff --git a/sys/fs/ext2fs/ext2fs.h b/sys/fs/ext2fs/ext2fs.h
index 756803f..b8c4701 100644
--- a/sys/fs/ext2fs/ext2fs.h
+++ b/sys/fs/ext2fs/ext2fs.h
@@ -147,6 +147,7 @@ struct m_ext2fs {
 	int32_t  e2fs_contigsumsize;    /* size of cluster summary array */
 	int32_t *e2fs_maxcluster;       /* max cluster in each cyl group */
 	struct   csum *e2fs_clustersum; /* cluster summary in each cyl group */
+	int32_t  e2fs_uhash;	  /* 3 if hash should be signed, 0 if not */
 };
 
 /* cluster summary information */
@@ -213,6 +214,7 @@ struct csum {
  * - EXT2F_INCOMPAT_FLEX_BG
  * - EXT2F_INCOMPAT_META_BG
  */
+#define	EXT2F_COMPAT_SUPP		EXT2F_COMPAT_DIRHASHINDEX
 #define	EXT2F_ROCOMPAT_SUPP		(EXT2F_ROCOMPAT_SPARSESUPER | \
 					 EXT2F_ROCOMPAT_LARGEFILE | \
 					 EXT2F_ROCOMPAT_EXTRA_ISIZE)
@@ -243,6 +245,12 @@ struct csum {
 #define	E2FS_ISCLEAN			0x0001	/* Unmounted cleanly */
 #define	E2FS_ERRORS			0x0002	/* Errors detected */
 
+/*
+ * Filesystem miscellaneous flags
+ */
+#define	E2FS_SIGNED_HASH	0x0001
+#define	E2FS_UNSIGNED_HASH	0x0002
+
 /* ext2 file system block group descriptor */
 
 struct ext2_gd {
diff --git a/sys/fs/ext2fs/inode.h b/sys/fs/ext2fs/inode.h
index b1563e4..5222ba0 100644
--- a/sys/fs/ext2fs/inode.h
+++ b/sys/fs/ext2fs/inode.h
@@ -157,7 +157,7 @@ struct inode {
  * These are translation flags for some attributes that Ext4
  * passes as inode flags but that we cannot pass directly.
  */
-#define	IN_E4INDEX	0x010000
+#define	IN_E3INDEX	0x010000
 #define	IN_E4EXTENTS	0x020000
 
 #define i_devvp i_ump->um_devvp
diff --git a/sys/geom/geom_flashmap.c b/sys/geom/geom_flashmap.c
index 0383f69..76dd1fa 100644
--- a/sys/geom/geom_flashmap.c
+++ b/sys/geom/geom_flashmap.c
@@ -190,8 +190,12 @@ g_flashmap_taste(struct g_class *mp, struct g_provider *pp, int flags)
 		size = sizeof(device_t);
 		if (g_io_getattr("NAND::device", cp, &size, &dev)) {
 			size = sizeof(device_t);
-			if (g_io_getattr("CFI::device", cp, &size, &dev))
-				break;
+			if (g_io_getattr("CFI::device", cp, &size, &dev)) {
+				size = sizeof(device_t);
+				if (g_io_getattr("SPI::device", cp, &size,
+				    &dev))
+					break;
+			}
 		}
 
 		nslices = g_flashmap_load(dev, &head);
diff --git a/sys/kern/kern_exit.c b/sys/kern/kern_exit.c
index ee87e58..1cd9b62 100644
--- a/sys/kern/kern_exit.c
+++ b/sys/kern/kern_exit.c
@@ -189,7 +189,6 @@ exit1(struct thread *td, int rval, int signo)
 {
 	struct proc *p, *nq, *q, *t;
 	struct thread *tdt;
-	struct vnode *ttyvp = NULL;
 
 	mtx_assert(&Giant, MA_NOTOWNED);
 	KASSERT(rval == 0 || signo == 0, ("exit1 rv %d sig %d", rval, signo));
@@ -394,60 +393,9 @@ exit1(struct thread *td, int rval, int signo)
 	}
 
 	vmspace_exit(td);
-
-	sx_xlock(&proctree_lock);
-	if (SESS_LEADER(p)) {
-		struct session *sp = p->p_session;
-		struct tty *tp;
-
-		/*
-		 * s_ttyp is not zero'd; we use this to indicate that
-		 * the session once had a controlling terminal. (for
-		 * logging and informational purposes)
-		 */
-		SESS_LOCK(sp);
-		ttyvp = sp->s_ttyvp;
-		tp = sp->s_ttyp;
-		sp->s_ttyvp = NULL;
-		sp->s_ttydp = NULL;
-		sp->s_leader = NULL;
-		SESS_UNLOCK(sp);
-
-		/*
-		 * Signal foreground pgrp and revoke access to
-		 * controlling terminal if it has not been revoked
-		 * already.
-		 *
-		 * Because the TTY may have been revoked in the mean
-		 * time and could already have a new session associated
-		 * with it, make sure we don't send a SIGHUP to a
-		 * foreground process group that does not belong to this
-		 * session.
-		 */
-
-		if (tp != NULL) {
-			tty_lock(tp);
-			if (tp->t_session == sp)
-				tty_signal_pgrp(tp, SIGHUP);
-			tty_unlock(tp);
-		}
-
-		if (ttyvp != NULL) {
-			sx_xunlock(&proctree_lock);
-			if (vn_lock(ttyvp, LK_EXCLUSIVE) == 0) {
-				VOP_REVOKE(ttyvp, REVOKEALL);
-				VOP_UNLOCK(ttyvp, 0);
-			}
-			sx_xlock(&proctree_lock);
-		}
-	}
-	fixjobc(p, p->p_pgrp, 0);
-	sx_xunlock(&proctree_lock);
+	killjobc();
 	(void)acct_process(td);
 
-	/* Release the TTY now we've unlocked everything. */
-	if (ttyvp != NULL)
-		vrele(ttyvp);
 #ifdef KTRACE
 	ktrprocexit(td);
 #endif
diff --git a/sys/kern/kern_proc.c b/sys/kern/kern_proc.c
index bbedd9b..a4f8576 100644
--- a/sys/kern/kern_proc.c
+++ b/sys/kern/kern_proc.c
@@ -650,13 +650,11 @@ pgadjustjobc(pgrp, entering)
  * entering == 1 => p is entering specified group.
  */
 void
-fixjobc(p, pgrp, entering)
-	register struct proc *p;
-	register struct pgrp *pgrp;
-	int entering;
+fixjobc(struct proc *p, struct pgrp *pgrp, int entering)
 {
-	register struct pgrp *hispgrp;
-	register struct session *mysession;
+	struct pgrp *hispgrp;
+	struct session *mysession;
+	struct proc *q;
 
 	sx_assert(&proctree_lock, SX_LOCKED);
 	PROC_LOCK_ASSERT(p, MA_NOTOWNED);
@@ -677,21 +675,90 @@ fixjobc(p, pgrp, entering)
 	 * their process groups; if so, adjust counts for children's
 	 * process groups.
 	 */
-	LIST_FOREACH(p, &p->p_children, p_sibling) {
-		hispgrp = p->p_pgrp;
+	LIST_FOREACH(q, &p->p_children, p_sibling) {
+		hispgrp = q->p_pgrp;
 		if (hispgrp == pgrp ||
 		    hispgrp->pg_session != mysession)
 			continue;
-		PROC_LOCK(p);
-		if (p->p_state == PRS_ZOMBIE) {
-			PROC_UNLOCK(p);
+		if (q->p_state == PRS_ZOMBIE)
 			continue;
-		}
-		PROC_UNLOCK(p);
 		pgadjustjobc(hispgrp, entering);
 	}
 }
 
+void
+killjobc(void)
+{
+	struct session *sp;
+	struct tty *tp;
+	struct proc *p;
+	struct vnode *ttyvp;
+
+	p = curproc;
+	MPASS(p->p_flag & P_WEXIT);
+	/*
+	 * Do a quick check to see if there is anything to do with the
+	 * proctree_lock held. pgrp and LIST_EMPTY checks are for fixjobc().
+	 */
+	PROC_LOCK(p);
+	if (!SESS_LEADER(p) &&
+	    (p->p_pgrp == p->p_pptr->p_pgrp) &&
+	    LIST_EMPTY(&p->p_children)) {
+		PROC_UNLOCK(p);
+		return;
+	}
+	PROC_UNLOCK(p);
+
+	sx_xlock(&proctree_lock);
+	if (SESS_LEADER(p)) {
+		sp = p->p_session;
+
+		/*
+		 * s_ttyp is not zero'd; we use this to indicate that
+		 * the session once had a controlling terminal. (for
+		 * logging and informational purposes)
+		 */
+		SESS_LOCK(sp);
+		ttyvp = sp->s_ttyvp;
+		tp = sp->s_ttyp;
+		sp->s_ttyvp = NULL;
+		sp->s_ttydp = NULL;
+		sp->s_leader = NULL;
+		SESS_UNLOCK(sp);
+
+		/*
+		 * Signal foreground pgrp and revoke access to
+		 * controlling terminal if it has not been revoked
+		 * already.
+		 *
+		 * Because the TTY may have been revoked in the mean
+		 * time and could already have a new session associated
+		 * with it, make sure we don't send a SIGHUP to a
+		 * foreground process group that does not belong to this
+		 * session.
+		 */
+
+		if (tp != NULL) {
+			tty_lock(tp);
+			if (tp->t_session == sp)
+				tty_signal_pgrp(tp, SIGHUP);
+			tty_unlock(tp);
+		}
+
+		if (ttyvp != NULL) {
+			sx_xunlock(&proctree_lock);
+			if (vn_lock(ttyvp, LK_EXCLUSIVE) == 0) {
+				VOP_REVOKE(ttyvp, REVOKEALL);
+				VOP_UNLOCK(ttyvp, 0);
+			}
+			vrele(ttyvp);
+			sx_xlock(&proctree_lock);
+		}
+	}
+	fixjobc(p, p->p_pgrp, 0);
+	sx_xunlock(&proctree_lock);
+}
+
 /*
  * A process group has become orphaned;
  * if there are any stopped processes in the group,
diff --git a/sys/kern/kern_sendfile.c b/sys/kern/kern_sendfile.c
new file mode 100644
index 0000000..a55bb4d
--- /dev/null
+++ b/sys/kern/kern_sendfile.c
@@ -0,0 +1,1038 @@
+/*-
+ * Copyright (c) 2013-2015 Gleb Smirnoff <glebius@FreeBSD.org>
+ * Copyright (c) 1998, David Greenman. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 4. Neither the name of the University nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include <sys/cdefs.h>
+__FBSDID("$FreeBSD$");
+
+#include "opt_compat.h"
+
+#include <sys/param.h>
+#include <sys/systm.h>
+#include <sys/capsicum.h>
+#include <sys/kernel.h>
+#include <sys/lock.h>
+#include <sys/mutex.h>
+#include <sys/sysproto.h>
+#include <sys/malloc.h>
+#include <sys/proc.h>
+#include <sys/mman.h>
+#include <sys/mount.h>
+#include <sys/mbuf.h>
+#include <sys/protosw.h>
+#include <sys/rwlock.h>
+#include <sys/sf_buf.h>
+#include <sys/socket.h>
+#include <sys/socketvar.h>
+#include <sys/syscallsubr.h>
+#include <sys/sysctl.h>
+#include <sys/vnode.h>
+
+#include <net/vnet.h>
+
+#include <security/audit/audit.h>
+#include <security/mac/mac_framework.h>
+
+#include <vm/vm.h>
+#include <vm/vm_object.h>
+#include <vm/vm_pager.h>
+
+/*
+ * Structure describing a single sendfile(2) I/O, which may consist of
+ * several underlying pager I/Os.
+ *
+ * The syscall context allocates the structure and initializes 'nios'
+ * to 1.  As sendfile_swapin() runs through pages and starts asynchronous
+ * paging operations, it increments 'nios'.
+ *
+ * Every I/O completion calls sendfile_iodone(), which decrements the 'nios',
+ * and the syscall also calls sendfile_iodone() after allocating all mbufs,
+ * linking them and sending to socket.  Whoever reaches zero 'nios' is
+ * responsible to * call pru_ready on the socket, to notify it of readyness
+ * of the data.
+ */
+struct sf_io {
+	volatile u_int	nios;
+	u_int		error;
+	int		npages;
+	struct file	*sock_fp;
+	struct mbuf	*m;
+	vm_page_t	pa[];
+};
+
+/*
+ * Structure used to track requests with SF_SYNC flag.
+ */
+struct sendfile_sync {
+	struct mtx	mtx;
+	struct cv	cv;
+	unsigned	count;
+};
+
+counter_u64_t sfstat[sizeof(struct sfstat) / sizeof(uint64_t)];
+
+static void
+sfstat_init(const void *unused)
+{
+
+	COUNTER_ARRAY_ALLOC(sfstat, sizeof(struct sfstat) / sizeof(uint64_t),
+	    M_WAITOK);
+}
+SYSINIT(sfstat, SI_SUB_MBUF, SI_ORDER_FIRST, sfstat_init, NULL);
+
+static int
+sfstat_sysctl(SYSCTL_HANDLER_ARGS)
+{
+	struct sfstat s;
+
+	COUNTER_ARRAY_COPY(sfstat, &s, sizeof(s) / sizeof(uint64_t));
+	if (req->newptr)
+		COUNTER_ARRAY_ZERO(sfstat, sizeof(s) / sizeof(uint64_t));
+	return (SYSCTL_OUT(req, &s, sizeof(s)));
+}
+SYSCTL_PROC(_kern_ipc, OID_AUTO, sfstat, CTLTYPE_OPAQUE | CTLFLAG_RW,
+    NULL, 0, sfstat_sysctl, "I", "sendfile statistics");
+
+/*
+ * Add more references to a vm_page + sf_buf + sendfile_sync.  Called
+ * by mbuf(9) code to add extra references to a page.
+ */
+void
+sf_ext_ref(void *arg1, void *arg2)
+{
+	struct sf_buf *sf = arg1;
+	struct sendfile_sync *sfs = arg2;
+	vm_page_t pg = sf_buf_page(sf);
+
+	sf_buf_ref(sf);
+
+	vm_page_lock(pg);
+	vm_page_wire(pg);
+	vm_page_unlock(pg);
+
+	if (sfs != NULL) {
+		mtx_lock(&sfs->mtx);
+		KASSERT(sfs->count > 0, ("Sendfile sync botchup count == 0"));
+		sfs->count++;
+		mtx_unlock(&sfs->mtx);
+	}
+}
+
+/*
+ * Detach mapped page and release resources back to the system.  Called
+ * by mbuf(9) code when last reference to a page is freed.
+ */
+void
+sf_ext_free(void *arg1, void *arg2)
+{
+	struct sf_buf *sf = arg1;
+	struct sendfile_sync *sfs = arg2;
+	vm_page_t pg = sf_buf_page(sf);
+
+	sf_buf_free(sf);
+
+	vm_page_lock(pg);
+	/*
+	 * Check for the object going away on us. This can
+	 * happen since we don't hold a reference to it.
+	 * If so, we're responsible for freeing the page.
+	 */
+	if (vm_page_unwire(pg, PQ_INACTIVE) && pg->object == NULL)
+		vm_page_free(pg);
+	vm_page_unlock(pg);
+
+	if (sfs != NULL) {
+		mtx_lock(&sfs->mtx);
+		KASSERT(sfs->count > 0, ("Sendfile sync botchup count == 0"));
+		if (--sfs->count == 0)
+			cv_signal(&sfs->cv);
+		mtx_unlock(&sfs->mtx);
+	}
+}
+
+/*
+ * Same as above, but forces the page to be detached from the object
+ * and go into free pool.
+ */
+void
+sf_ext_free_nocache(void *arg1, void *arg2)
+{
+	struct sf_buf *sf = arg1;
+	struct sendfile_sync *sfs = arg2;
+	vm_page_t pg = sf_buf_page(sf);
+
+	sf_buf_free(sf);
+
+	vm_page_lock(pg);
+	if (vm_page_unwire(pg, PQ_NONE)) {
+		vm_object_t obj;
+
+		/* Try to free the page, but only if it is cheap to. */
+		if ((obj = pg->object) == NULL)
+			vm_page_free(pg);
+		else if (!vm_page_xbusied(pg) && VM_OBJECT_TRYWLOCK(obj)) {
+			vm_page_free(pg);
+			VM_OBJECT_WUNLOCK(obj);
+		} else
+			vm_page_deactivate(pg);
+	}
+	vm_page_unlock(pg);
+
+	if (sfs != NULL) {
+		mtx_lock(&sfs->mtx);
+		KASSERT(sfs->count > 0, ("Sendfile sync botchup count == 0"));
+		if (--sfs->count == 0)
+			cv_signal(&sfs->cv);
+		mtx_unlock(&sfs->mtx);
+	}
+}
+
+/*
+ * Helper function to calculate how much data to put into page i of n.
+ * Only first and last pages are special.
+ */
+static inline off_t
+xfsize(int i, int n, off_t off, off_t len)
+{
+
+	if (i == 0)
+		return (omin(PAGE_SIZE - (off & PAGE_MASK), len));
+
+	if (i == n - 1 && ((off + len) & PAGE_MASK) > 0)
+		return ((off + len) & PAGE_MASK);
+
+	return (PAGE_SIZE);
+}
+
+/*
+ * Helper function to get offset within object for i page.
+ */
+static inline vm_offset_t
+vmoff(int i, off_t off)
+{
+
+	if (i == 0)
+		return ((vm_offset_t)off);
+
+	return (trunc_page(off + i * PAGE_SIZE));
+}
+
+/*
+ * Helper function used when allocation of a page or sf_buf failed.
+ * Pretend as if we don't have enough space, subtract xfsize() of
+ * all pages that failed.
+ */
+static inline void
+fixspace(int old, int new, off_t off, int *space)
+{
+
+	KASSERT(old > new, ("%s: old %d new %d", __func__, old, new));
+
+	/* Subtract last one. */
+	*space -= xfsize(old - 1, old, off, *space);
+	old--;
+
+	if (new == old)
+		/* There was only one page. */
+		return;
+
+	/* Subtract first one. */
+	if (new == 0) {
+		*space -= xfsize(0, old, off, *space);
+		new++;
+	}
+
+	/* Rest of pages are full sized. */
+	*space -= (old - new) * PAGE_SIZE;
+
+	KASSERT(*space >= 0, ("%s: space went backwards", __func__));
+}
+
+/*
+ * I/O completion callback.
+ */
+static void
+sendfile_iodone(void *arg, vm_page_t *pg, int count, int error)
+{
+	struct sf_io *sfio = arg;
+	struct socket *so;
+
+	for (int i = 0; i < count; i++)
+		vm_page_xunbusy(pg[i]);
+
+	if (error)
+		sfio->error = error;
+
+	if (!refcount_release(&sfio->nios))
+		return;
+
+	so = sfio->sock_fp->f_data;
+
+	if (sfio->error) {
+		struct mbuf *m;
+
+		/*
+		 * I/O operation failed.  The state of data in the socket
+		 * is now inconsistent, and all what we can do is to tear
+		 * it down. Protocol abort method would tear down protocol
+		 * state, free all ready mbufs and detach not ready ones.
+		 * We will free the mbufs corresponding to this I/O manually.
+		 *
+		 * The socket would be marked with EIO and made available
+		 * for read, so that application receives EIO on next
+		 * syscall and eventually closes the socket.
+		 */
+		so->so_proto->pr_usrreqs->pru_abort(so);
+		so->so_error = EIO;
+
+		m = sfio->m;
+		for (int i = 0; i < sfio->npages; i++)
+			m = m_free(m);
+	} else {
+		CURVNET_SET(so->so_vnet);
+		(void )(so->so_proto->pr_usrreqs->pru_ready)(so, sfio->m,
+		    sfio->npages);
+		CURVNET_RESTORE();
+	}
+
+	/* XXXGL: curthread */
+	fdrop(sfio->sock_fp, curthread);
+	free(sfio, M_TEMP);
+}
+
+/*
+ * Iterate through pages vector and request paging for non-valid pages.
+ */
+static int
+sendfile_swapin(vm_object_t obj, struct sf_io *sfio, off_t off, off_t len,
+    int npages, int rhpages, int flags)
+{
+	vm_page_t *pa = sfio->pa;
+	int nios;
+
+	nios = 0;
+	flags = (flags & SF_NODISKIO) ? VM_ALLOC_NOWAIT : 0;
+
+	/*
+	 * First grab all the pages and wire them.  Note that we grab
+	 * only required pages.  Readahead pages are dealt with later.
+	 */
+	VM_OBJECT_WLOCK(obj);
+	for (int i = 0; i < npages; i++) {
+		pa[i] = vm_page_grab(obj, OFF_TO_IDX(vmoff(i, off)),
+		    VM_ALLOC_WIRED | VM_ALLOC_NORMAL | flags);
+		if (pa[i] == NULL) {
+			npages = i;
+			rhpages = 0;
+			break;
+		}
+	}
+
+	for (int i = 0; i < npages;) {
+		int j, a, count, rv;
+
+		/* Skip valid pages. */
+		if (vm_page_is_valid(pa[i], vmoff(i, off) & PAGE_MASK,
+		    xfsize(i, npages, off, len))) {
+			vm_page_xunbusy(pa[i]);
+			SFSTAT_INC(sf_pages_valid);
+			i++;
+			continue;
+		}
+
+		/*
+		 * Now 'i' points to first invalid page, iterate further
+		 * to make 'j' point at first valid after a bunch of
+		 * invalid ones.
+		 */
+		for (j = i + 1; j < npages; j++)
+			if (vm_page_is_valid(pa[j], vmoff(j, off) & PAGE_MASK,
+			    xfsize(j, npages, off, len))) {
+				SFSTAT_INC(sf_pages_valid);
+				break;
+			}
+
+		/*
+		 * Now we got region of invalid pages between 'i' and 'j'.
+		 * Check that they belong to pager.  They may not be there,
+		 * which is a regular situation for shmem pager.  For vnode
+		 * pager this happens only in case of sparse file.
+		 *
+		 * Important feature of vm_pager_has_page() is the hint
+		 * stored in 'a', about how many pages we can pagein after
+		 * this page in a single I/O.
+		 */
+		while (!vm_pager_has_page(obj, OFF_TO_IDX(vmoff(i, off)),
+		    NULL, &a) && i < j) {
+			pmap_zero_page(pa[i]);
+			pa[i]->valid = VM_PAGE_BITS_ALL;
+			pa[i]->dirty = 0;
+			vm_page_xunbusy(pa[i]);
+			i++;
+		}
+		if (i == j)
+			continue;
+
+		/*
+		 * We want to pagein as many pages as possible, limited only
+		 * by the 'a' hint and actual request.
+		 *
+		 * We should not pagein into already valid page, thus if
+		 * 'j' didn't reach last page, trim by that page.
+		 *
+		 * When the pagein fulfils the request, also specify readahead.
+		 */
+		if (j < npages)
+			a = min(a, j - i - 1);
+		count = min(a + 1, npages - i);
+
+		refcount_acquire(&sfio->nios);
+		rv = vm_pager_get_pages_async(obj, pa + i, count, NULL,
+		    i + count == npages ? &rhpages : NULL,
+		    &sendfile_iodone, sfio);
+		KASSERT(rv == VM_PAGER_OK, ("%s: pager fail obj %p page %p",
+		    __func__, obj, pa[i]));
+
+		SFSTAT_INC(sf_iocnt);
+		SFSTAT_ADD(sf_pages_read, count);
+		if (i + count == npages)
+			SFSTAT_ADD(sf_rhpages_read, rhpages);
+
+#ifdef INVARIANTS
+		for (j = i; j < i + count && j < npages; j++)
+			KASSERT(pa[j] == vm_page_lookup(obj,
+			    OFF_TO_IDX(vmoff(j, off))),
+			    ("pa[j] %p lookup %p\n", pa[j],
+			    vm_page_lookup(obj, OFF_TO_IDX(vmoff(j, off)))));
+#endif
+		i += count;
+		nios++;
+	}
+
+	VM_OBJECT_WUNLOCK(obj);
+
+	if (nios == 0 && npages != 0)
+		SFSTAT_INC(sf_noiocnt);
+
+	return (nios);
+}
+
+static int
+sendfile_getobj(struct thread *td, struct file *fp, vm_object_t *obj_res,
+    struct vnode **vp_res, struct shmfd **shmfd_res, off_t *obj_size,
+    int *bsize)
+{
+	struct vattr va;
+	vm_object_t obj;
+	struct vnode *vp;
+	struct shmfd *shmfd;
+	int error;
+
+	vp = *vp_res = NULL;
+	obj = NULL;
+	shmfd = *shmfd_res = NULL;
+	*bsize = 0;
+
+	/*
+	 * The file descriptor must be a regular file and have a
+	 * backing VM object.
+	 */
+	if (fp->f_type == DTYPE_VNODE) {
+		vp = fp->f_vnode;
+		vn_lock(vp, LK_SHARED | LK_RETRY);
+		if (vp->v_type != VREG) {
+			error = EINVAL;
+			goto out;
+		}
+		*bsize = vp->v_mount->mnt_stat.f_iosize;
+		error = VOP_GETATTR(vp, &va, td->td_ucred);
+		if (error != 0)
+			goto out;
+		*obj_size = va.va_size;
+		obj = vp->v_object;
+		if (obj == NULL) {
+			error = EINVAL;
+			goto out;
+		}
+	} else if (fp->f_type == DTYPE_SHM) {
+		error = 0;
+		shmfd = fp->f_data;
+		obj = shmfd->shm_object;
+		*obj_size = shmfd->shm_size;
+	} else {
+		error = EINVAL;
+		goto out;
+	}
+
+	VM_OBJECT_WLOCK(obj);
+	if ((obj->flags & OBJ_DEAD) != 0) {
+		VM_OBJECT_WUNLOCK(obj);
+		error = EBADF;
+		goto out;
+	}
+
+	/*
+	 * Temporarily increase the backing VM object's reference
+	 * count so that a forced reclamation of its vnode does not
+	 * immediately destroy it.
+	 */
+	vm_object_reference_locked(obj);
+	VM_OBJECT_WUNLOCK(obj);
+	*obj_res = obj;
+	*vp_res = vp;
+	*shmfd_res = shmfd;
+
+out:
+	if (vp != NULL)
+		VOP_UNLOCK(vp, 0);
+	return (error);
+}
+
+static int
+sendfile_getsock(struct thread *td, int s, struct file **sock_fp,
+    struct socket **so)
+{
+	cap_rights_t rights;
+	int error;
+
+	*sock_fp = NULL;
+	*so = NULL;
+
+	/*
+	 * The socket must be a stream socket and connected.
+	 */
+	error = getsock_cap(td, s, cap_rights_init(&rights, CAP_SEND),
+	    sock_fp, NULL);
+	if (error != 0)
+		return (error);
+	*so = (*sock_fp)->f_data;
+	if ((*so)->so_type != SOCK_STREAM)
+		return (EINVAL);
+	if (((*so)->so_state & SS_ISCONNECTED) == 0)
+		return (ENOTCONN);
+	return (0);
+}
+
+int
+vn_sendfile(struct file *fp, int sockfd, struct uio *hdr_uio,
+    struct uio *trl_uio, off_t offset, size_t nbytes, off_t *sent, int flags,
+    int kflags, struct thread *td)
+{
+	struct file *sock_fp;
+	struct vnode *vp;
+	struct vm_object *obj;
+	struct socket *so;
+	struct mbuf *m, *mh, *mhtail;
+	struct sf_buf *sf;
+	struct shmfd *shmfd;
+	struct sendfile_sync *sfs;
+	struct vattr va;
+	off_t off, sbytes, rem, obj_size;
+	int error, softerr, bsize, hdrlen;
+
+	obj = NULL;
+	so = NULL;
+	m = mh = NULL;
+	sfs = NULL;
+	sbytes = 0;
+	softerr = 0;
+
+	error = sendfile_getobj(td, fp, &obj, &vp, &shmfd, &obj_size, &bsize);
+	if (error != 0)
+		return (error);
+
+	error = sendfile_getsock(td, sockfd, &sock_fp, &so);
+	if (error != 0)
+		goto out;
+
+#ifdef MAC
+	error = mac_socket_check_send(td->td_ucred, so);
+	if (error != 0)
+		goto out;
+#endif
+
+	SFSTAT_INC(sf_syscalls);
+	SFSTAT_ADD(sf_rhpages_requested, SF_READAHEAD(flags));
+
+	if (flags & SF_SYNC) {
+		sfs = malloc(sizeof *sfs, M_TEMP, M_WAITOK | M_ZERO);
+		mtx_init(&sfs->mtx, "sendfile", NULL, MTX_DEF);
+		cv_init(&sfs->cv, "sendfile");
+	}
+
+	/* If headers are specified copy them into mbufs. */
+	if (hdr_uio != NULL && hdr_uio->uio_resid > 0) {
+		hdr_uio->uio_td = td;
+		hdr_uio->uio_rw = UIO_WRITE;
+		/*
+		 * In FBSD < 5.0 the nbytes to send also included
+		 * the header.  If compat is specified subtract the
+		 * header size from nbytes.
+		 */
+		if (kflags & SFK_COMPAT) {
+			if (nbytes > hdr_uio->uio_resid)
+				nbytes -= hdr_uio->uio_resid;
+			else
+				nbytes = 0;
+		}
+		mh = m_uiotombuf(hdr_uio, M_WAITOK, 0, 0, 0);
+		hdrlen = m_length(mh, &mhtail);
+	} else
+		hdrlen = 0;
+
+	rem = nbytes ? omin(nbytes, obj_size - offset) : obj_size - offset;
+
+	/*
+	 * Protect against multiple writers to the socket.
+	 *
+	 * XXXRW: Historically this has assumed non-interruptibility, so now
+	 * we implement that, but possibly shouldn't.
+	 */
+	(void)sblock(&so->so_snd, SBL_WAIT | SBL_NOINTR);
+
+	/*
+	 * Loop through the pages of the file, starting with the requested
+	 * offset. Get a file page (do I/O if necessary), map the file page
+	 * into an sf_buf, attach an mbuf header to the sf_buf, and queue
+	 * it on the socket.
+	 * This is done in two loops.  The inner loop turns as many pages
+	 * as it can, up to available socket buffer space, without blocking
+	 * into mbufs to have it bulk delivered into the socket send buffer.
+	 * The outer loop checks the state and available space of the socket
+	 * and takes care of the overall progress.
+	 */
+	for (off = offset; rem > 0; ) {
+		struct sf_io *sfio;
+		vm_page_t *pa;
+		struct mbuf *mtail;
+		int nios, space, npages, rhpages;
+
+		mtail = NULL;
+		/*
+		 * Check the socket state for ongoing connection,
+		 * no errors and space in socket buffer.
+		 * If space is low allow for the remainder of the
+		 * file to be processed if it fits the socket buffer.
+		 * Otherwise block in waiting for sufficient space
+		 * to proceed, or if the socket is nonblocking, return
+		 * to userland with EAGAIN while reporting how far
+		 * we've come.
+		 * We wait until the socket buffer has significant free
+		 * space to do bulk sends.  This makes good use of file
+		 * system read ahead and allows packet segmentation
+		 * offloading hardware to take over lots of work.  If
+		 * we were not careful here we would send off only one
+		 * sfbuf at a time.
+		 */
+		SOCKBUF_LOCK(&so->so_snd);
+		if (so->so_snd.sb_lowat < so->so_snd.sb_hiwat / 2)
+			so->so_snd.sb_lowat = so->so_snd.sb_hiwat / 2;
+retry_space:
+		if (so->so_snd.sb_state & SBS_CANTSENDMORE) {
+			error = EPIPE;
+			SOCKBUF_UNLOCK(&so->so_snd);
+			goto done;
+		} else if (so->so_error) {
+			error = so->so_error;
+			so->so_error = 0;
+			SOCKBUF_UNLOCK(&so->so_snd);
+			goto done;
+		}
+		space = sbspace(&so->so_snd);
+		if (space < rem &&
+		    (space <= 0 ||
+		     space < so->so_snd.sb_lowat)) {
+			if (so->so_state & SS_NBIO) {
+				SOCKBUF_UNLOCK(&so->so_snd);
+				error = EAGAIN;
+				goto done;
+			}
+			/*
+			 * sbwait drops the lock while sleeping.
+			 * When we loop back to retry_space the
+			 * state may have changed and we retest
+			 * for it.
+			 */
+			error = sbwait(&so->so_snd);
+			/*
+			 * An error from sbwait usually indicates that we've
+			 * been interrupted by a signal. If we've sent anything
+			 * then return bytes sent, otherwise return the error.
+			 */
+			if (error != 0) {
+				SOCKBUF_UNLOCK(&so->so_snd);
+				goto done;
+			}
+			goto retry_space;
+		}
+		SOCKBUF_UNLOCK(&so->so_snd);
+
+		/*
+		 * Reduce space in the socket buffer by the size of
+		 * the header mbuf chain.
+		 * hdrlen is set to 0 after the first loop.
+		 */
+		space -= hdrlen;
+
+		if (vp != NULL) {
+			error = vn_lock(vp, LK_SHARED);
+			if (error != 0)
+				goto done;
+			error = VOP_GETATTR(vp, &va, td->td_ucred);
+			if (error != 0 || off >= va.va_size) {
+				VOP_UNLOCK(vp, 0);
+				goto done;
+			}
+			if (va.va_size != obj_size) {
+				if (nbytes == 0)
+					rem += va.va_size - obj_size;
+				else if (offset + nbytes > va.va_size)
+					rem -= (offset + nbytes - va.va_size);
+				obj_size = va.va_size;
+			}
+		}
+
+		if (space > rem)
+			space = rem;
+
+		npages = howmany(space + (off & PAGE_MASK), PAGE_SIZE);
+
+		/*
+		 * Calculate maximum allowed number of pages for readahead
+		 * at this iteration.  First, we allow readahead up to "rem".
+		 * If application wants more, let it be, but there is no
+		 * reason to go above MAXPHYS.  Also check against "obj_size",
+		 * since vm_pager_has_page() can hint beyond EOF.
+		 */
+		rhpages = howmany(rem + (off & PAGE_MASK), PAGE_SIZE) - npages;
+		rhpages += SF_READAHEAD(flags);
+		rhpages = min(howmany(MAXPHYS, PAGE_SIZE), rhpages);
+		rhpages = min(howmany(obj_size - trunc_page(off), PAGE_SIZE) -
+		    npages, rhpages);
+
+		sfio = malloc(sizeof(struct sf_io) +
+		    npages * sizeof(vm_page_t), M_TEMP, M_WAITOK);
+		refcount_init(&sfio->nios, 1);
+		sfio->error = 0;
+
+		nios = sendfile_swapin(obj, sfio, off, space, npages, rhpages,
+		    flags);
+
+		/*
+		 * Loop and construct maximum sized mbuf chain to be bulk
+		 * dumped into socket buffer.
+		 */
+		pa = sfio->pa;
+		for (int i = 0; i < npages; i++) {
+			struct mbuf *m0;
+
+			/*
+			 * If a page wasn't grabbed successfully, then
+			 * trim the array. Can happen only with SF_NODISKIO.
+			 */
+			if (pa[i] == NULL) {
+				SFSTAT_INC(sf_busy);
+				fixspace(npages, i, off, &space);
+				npages = i;
+				softerr = EBUSY;
+				break;
+			}
+
+			/*
+			 * Get a sendfile buf.  When allocating the
+			 * first buffer for mbuf chain, we usually
+			 * wait as long as necessary, but this wait
+			 * can be interrupted.  For consequent
+			 * buffers, do not sleep, since several
+			 * threads might exhaust the buffers and then
+			 * deadlock.
+			 */
+			sf = sf_buf_alloc(pa[i],
+			    m != NULL ? SFB_NOWAIT : SFB_CATCH);
+			if (sf == NULL) {
+				SFSTAT_INC(sf_allocfail);
+				for (int j = i; j < npages; j++) {
+					vm_page_lock(pa[j]);
+					vm_page_unwire(pa[j], PQ_INACTIVE);
+					vm_page_unlock(pa[j]);
+				}
+				if (m == NULL)
+					softerr = ENOBUFS;
+				fixspace(npages, i, off, &space);
+				npages = i;
+				break;
+			}
+
+			m0 = m_get(M_WAITOK, MT_DATA);
+			m0->m_ext.ext_buf = (char *)sf_buf_kva(sf);
+			m0->m_ext.ext_size = PAGE_SIZE;
+			m0->m_ext.ext_arg1 = sf;
+			m0->m_ext.ext_arg2 = sfs;
+			/*
+			 * SF_NOCACHE sets the page as being freed upon send.
+			 * However, we ignore it for the last page in 'space',
+			 * if the page is truncated, and we got more data to
+			 * send (rem > space), or if we have readahead
+			 * configured (rhpages > 0).
+			 */
+			if ((flags & SF_NOCACHE) == 0 ||
+			    (i == npages - 1 &&
+			    ((off + space) & PAGE_MASK) &&
+			    (rem > space || rhpages > 0)))
+				m0->m_ext.ext_type = EXT_SFBUF;
+			else
+				m0->m_ext.ext_type = EXT_SFBUF_NOCACHE;
+			m0->m_ext.ext_flags = 0;
+			m0->m_flags |= (M_EXT | M_RDONLY);
+			if (nios)
+				m0->m_flags |= M_NOTREADY;
+			m0->m_data = (char *)sf_buf_kva(sf) +
+			    (vmoff(i, off) & PAGE_MASK);
+			m0->m_len = xfsize(i, npages, off, space);
+
+			if (i == 0)
+				sfio->m = m0;
+
+			/* Append to mbuf chain. */
+			if (mtail != NULL)
+				mtail->m_next = m0;
+			else
+				m = m0;
+			mtail = m0;
+
+			if (sfs != NULL) {
+				mtx_lock(&sfs->mtx);
+				sfs->count++;
+				mtx_unlock(&sfs->mtx);
+			}
+		}
+
+		if (vp != NULL)
+			VOP_UNLOCK(vp, 0);
+
+		/* Keep track of bytes processed. */
+		off += space;
+		rem -= space;
+
+		/* Prepend header, if any. */
+		if (hdrlen) {
+			mhtail->m_next = m;
+			m = mh;
+			mh = NULL;
+		}
+
+		if (m == NULL) {
+			KASSERT(softerr, ("%s: m NULL, no error", __func__));
+			error = softerr;
+			free(sfio, M_TEMP);
+			goto done;
+		}
+
+		/* Add the buffer chain to the socket buffer. */
+		KASSERT(m_length(m, NULL) == space + hdrlen,
+		    ("%s: mlen %u space %d hdrlen %d",
+		    __func__, m_length(m, NULL), space, hdrlen));
+
+		CURVNET_SET(so->so_vnet);
+		if (nios == 0) {
+			/*
+			 * If sendfile_swapin() didn't initiate any I/Os,
+			 * which happens if all data is cached in VM, then
+			 * we can send data right now without the
+			 * PRUS_NOTREADY flag.
+			 */
+			free(sfio, M_TEMP);
+			error = (*so->so_proto->pr_usrreqs->pru_send)
+			    (so, 0, m, NULL, NULL, td);
+		} else {
+			sfio->sock_fp = sock_fp;
+			sfio->npages = npages;
+			fhold(sock_fp);
+			error = (*so->so_proto->pr_usrreqs->pru_send)
+			    (so, PRUS_NOTREADY, m, NULL, NULL, td);
+			sendfile_iodone(sfio, NULL, 0, 0);
+		}
+		CURVNET_RESTORE();
+
+		m = NULL;	/* pru_send always consumes */
+		if (error)
+			goto done;
+		sbytes += space + hdrlen;
+		if (hdrlen)
+			hdrlen = 0;
+		if (softerr) {
+			error = softerr;
+			goto done;
+		}
+	}
+
+	/*
+	 * Send trailers. Wimp out and use writev(2).
+	 */
+	if (trl_uio != NULL) {
+		sbunlock(&so->so_snd);
+		error = kern_writev(td, sockfd, trl_uio);
+		if (error == 0)
+			sbytes += td->td_retval[0];
+		goto out;
+	}
+
+done:
+	sbunlock(&so->so_snd);
+out:
+	/*
+	 * If there was no error we have to clear td->td_retval[0]
+	 * because it may have been set by writev.
+	 */
+	if (error == 0) {
+		td->td_retval[0] = 0;
+	}
+	if (sent != NULL) {
+		(*sent) = sbytes;
+	}
+	if (obj != NULL)
+		vm_object_deallocate(obj);
+	if (so)
+		fdrop(sock_fp, td);
+	if (m)
+		m_freem(m);
+	if (mh)
+		m_freem(mh);
+
+	if (sfs != NULL) {
+		mtx_lock(&sfs->mtx);
+		if (sfs->count != 0)
+			cv_wait(&sfs->cv, &sfs->mtx);
+		KASSERT(sfs->count == 0, ("sendfile sync still busy"));
+		cv_destroy(&sfs->cv);
+		mtx_destroy(&sfs->mtx);
+		free(sfs, M_TEMP);
+	}
+
+	if (error == ERESTART)
+		error = EINTR;
+
+	return (error);
+}
+
+static int
+sendfile(struct thread *td, struct sendfile_args *uap, int compat)
+{
+	struct sf_hdtr hdtr;
+	struct uio *hdr_uio, *trl_uio;
+	struct file *fp;
+	cap_rights_t rights;
+	off_t sbytes;
+	int error;
+
+	/*
+	 * File offset must be positive.  If it goes beyond EOF
+	 * we send only the header/trailer and no payload data.
+	 */
+	if (uap->offset < 0)
+		return (EINVAL);
+
+	hdr_uio = trl_uio = NULL;
+
+	if (uap->hdtr != NULL) {
+		error = copyin(uap->hdtr, &hdtr, sizeof(hdtr));
+		if (error != 0)
+			goto out;
+		if (hdtr.headers != NULL) {
+			error = copyinuio(hdtr.headers, hdtr.hdr_cnt,
+			    &hdr_uio);
+			if (error != 0)
+				goto out;
+		}
+		if (hdtr.trailers != NULL) {
+			error = copyinuio(hdtr.trailers, hdtr.trl_cnt,
+			    &trl_uio);
+			if (error != 0)
+				goto out;
+		}
+	}
+
+	AUDIT_ARG_FD(uap->fd);
+
+	/*
+	 * sendfile(2) can start at any offset within a file so we require
+	 * CAP_READ+CAP_SEEK = CAP_PREAD.
+	 */
+	if ((error = fget_read(td, uap->fd,
+	    cap_rights_init(&rights, CAP_PREAD), &fp)) != 0) {
+		goto out;
+	}
+
+	error = fo_sendfile(fp, uap->s, hdr_uio, trl_uio, uap->offset,
+	    uap->nbytes, &sbytes, uap->flags, compat ? SFK_COMPAT : 0, td);
+	fdrop(fp, td);
+
+	if (uap->sbytes != NULL)
+		copyout(&sbytes, uap->sbytes, sizeof(off_t));
+
+out:
+	free(hdr_uio, M_IOV);
+	free(trl_uio, M_IOV);
+	return (error);
+}
+
+/*
+ * sendfile(2)
+ * 
+ * int sendfile(int fd, int s, off_t offset, size_t nbytes,
+ *       struct sf_hdtr *hdtr, off_t *sbytes, int flags)
+ * 
+ * Send a file specified by 'fd' and starting at 'offset' to a socket
+ * specified by 's'. Send only 'nbytes' of the file or until EOF if nbytes ==
+ * 0.  Optionally add a header and/or trailer to the socket output.  If
+ * specified, write the total number of bytes sent into *sbytes.
+ */
+int
+sys_sendfile(struct thread *td, struct sendfile_args *uap)
+{
+ 
+	return (sendfile(td, uap, 0));
+}
+
+#ifdef COMPAT_FREEBSD4
+int
+freebsd4_sendfile(struct thread *td, struct freebsd4_sendfile_args *uap)
+{
+	struct sendfile_args args;
+
+	args.fd = uap->fd;
+	args.s = uap->s;
+	args.offset = uap->offset;
+	args.nbytes = uap->nbytes;
+	args.hdtr = uap->hdtr;
+	args.sbytes = uap->sbytes;
+	args.flags = uap->flags;
+
+	return (sendfile(td, &args, 1));
+}
+#endif /* COMPAT_FREEBSD4 */
diff --git a/sys/kern/tty.c b/sys/kern/tty.c
index 1dc6af2..e28b303 100644
--- a/sys/kern/tty.c
+++ b/sys/kern/tty.c
@@ -213,7 +213,7 @@ ttydev_leave(struct tty *tp)
 
 	ttydisc_close(tp);
 
-	/* Destroy associated buffers already. */
+	/* Free i/o queues now since they might be large. */
 	ttyinq_free(&tp->t_inq);
 	tp->t_inlow = 0;
 	ttyoutq_free(&tp->t_outq);
@@ -1031,10 +1031,15 @@ tty_dealloc(void *arg)
 {
 	struct tty *tp = arg;
 
-	/* Make sure we haven't leaked buffers. */
-	MPASS(ttyinq_getsize(&tp->t_inq) == 0);
-	MPASS(ttyoutq_getsize(&tp->t_outq) == 0);
-
+	/*
+	 * ttyydev_leave() usually frees the i/o queues earlier, but it is
+	 * not always called between queue allocation and here.  The queues
+	 * may be allocated by ioctls on a pty control device without the
+	 * corresponding pty slave device ever being open, or after it is
+	 * closed.
+	 */
+	ttyinq_free(&tp->t_inq);
+	ttyoutq_free(&tp->t_outq);
 	seldrain(&tp->t_inpoll);
 	seldrain(&tp->t_outpoll);
 	knlist_destroy(&tp->t_inpoll.si_note);
diff --git a/sys/kern/uipc_syscalls.c b/sys/kern/uipc_syscalls.c
index cac698a..79444e0 100644
--- a/sys/kern/uipc_syscalls.c
+++ b/sys/kern/uipc_syscalls.c
@@ -2,9 +2,6 @@
  * Copyright (c) 1982, 1986, 1989, 1990, 1993
  *	The Regents of the University of California.  All rights reserved.
  *
- * sendfile(2) and related extensions:
- * Copyright (c) 1998, David Greenman. All rights reserved.
- *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
@@ -44,33 +41,21 @@ __FBSDID("$FreeBSD$");
 #include <sys/param.h>
 #include <sys/systm.h>
 #include <sys/capsicum.h>
-#include <sys/condvar.h>
 #include <sys/kernel.h>
 #include <sys/lock.h>
 #include <sys/mutex.h>
 #include <sys/sysproto.h>
 #include <sys/malloc.h>
 #include <sys/filedesc.h>
-#include <sys/event.h>
 #include <sys/proc.h>
-#include <sys/fcntl.h>
-#include <sys/file.h>
 #include <sys/filio.h>
 #include <sys/jail.h>
-#include <sys/mman.h>
-#include <sys/mount.h>
 #include <sys/mbuf.h>
 #include <sys/protosw.h>
 #include <sys/rwlock.h>
-#include <sys/sf_buf.h>
-#include <sys/sysent.h>
 #include <sys/socket.h>
 #include <sys/socketvar.h>
-#include <sys/signalvar.h>
 #include <sys/syscallsubr.h>
-#include <sys/sysctl.h>
-#include <sys/uio.h>
-#include <sys/vnode.h>
 #ifdef KTRACE
 #include <sys/ktrace.h>
 #endif
@@ -83,15 +68,6 @@ __FBSDID("$FreeBSD$");
 #include <security/audit/audit.h>
 #include <security/mac/mac_framework.h>
 
-#include <vm/vm.h>
-#include <vm/vm_param.h>
-#include <vm/vm_object.h>
-#include <vm/vm_page.h>
-#include <vm/vm_pager.h>
-#include <vm/vm_kern.h>
-#include <vm/vm_extern.h>
-#include <vm/uma.h>
-
 /*
  * Flags for accept1() and kern_accept4(), in addition to SOCK_CLOEXEC
  * and SOCK_NONBLOCK.
@@ -104,37 +80,11 @@ static int recvit(struct thread *td, int s, struct msghdr *mp, void *namelenp);
 
 static int accept1(struct thread *td, int s, struct sockaddr *uname,
 		   socklen_t *anamelen, int flags);
-static int do_sendfile(struct thread *td, struct sendfile_args *uap,
-		   int compat);
 static int getsockname1(struct thread *td, struct getsockname_args *uap,
 			int compat);
 static int getpeername1(struct thread *td, struct getpeername_args *uap,
 			int compat);
 
-counter_u64_t sfstat[sizeof(struct sfstat) / sizeof(uint64_t)];
-
-static void
-sfstat_init(const void *unused)
-{
-
-	COUNTER_ARRAY_ALLOC(sfstat, sizeof(struct sfstat) / sizeof(uint64_t),
-	    M_WAITOK);
-}
-SYSINIT(sfstat, SI_SUB_MBUF, SI_ORDER_FIRST, sfstat_init, NULL);
-
-static int
-sfstat_sysctl(SYSCTL_HANDLER_ARGS)
-{
-	struct sfstat s;
-
-	COUNTER_ARRAY_COPY(sfstat, &s, sizeof(s) / sizeof(uint64_t));
-	if (req->newptr)
-		COUNTER_ARRAY_ZERO(sfstat, sizeof(s) / sizeof(uint64_t));
-	return (SYSCTL_OUT(req, &s, sizeof(s)));
-}
-SYSCTL_PROC(_kern_ipc, OID_AUTO, sfstat, CTLTYPE_OPAQUE | CTLFLAG_RW,
-    NULL, 0, sfstat_sysctl, "I", "sendfile statistics");
-
 /*
  * Convert a user file descriptor to a kernel file entry and check if required
  * capability rights are present.
@@ -1805,944 +1755,3 @@ getsockaddr(namp, uaddr, len)
 	}
 	return (error);
 }
-
-struct sendfile_sync {
-	struct mtx	mtx;
-	struct cv	cv;
-	unsigned	count;
-};
-
-/*
- * Add more references to a vm_page + sf_buf + sendfile_sync.
- */
-void
-sf_ext_ref(void *arg1, void *arg2)
-{
-	struct sf_buf *sf = arg1;
-	struct sendfile_sync *sfs = arg2;
-	vm_page_t pg = sf_buf_page(sf);
-
-	sf_buf_ref(sf);
-
-	vm_page_lock(pg);
-	vm_page_wire(pg);
-	vm_page_unlock(pg);
-
-	if (sfs != NULL) {
-		mtx_lock(&sfs->mtx);
-		KASSERT(sfs->count > 0, ("Sendfile sync botchup count == 0"));
-		sfs->count++;
-		mtx_unlock(&sfs->mtx);
-	}
-}
-
-/*
- * Detach mapped page and release resources back to the system.
- */
-void
-sf_ext_free(void *arg1, void *arg2)
-{
-	struct sf_buf *sf = arg1;
-	struct sendfile_sync *sfs = arg2;
-	vm_page_t pg = sf_buf_page(sf);
-
-	sf_buf_free(sf);
-
-	vm_page_lock(pg);
-	/*
-	 * Check for the object going away on us. This can
-	 * happen since we don't hold a reference to it.
-	 * If so, we're responsible for freeing the page.
-	 */
-	if (vm_page_unwire(pg, PQ_INACTIVE) && pg->object == NULL)
-		vm_page_free(pg);
-	vm_page_unlock(pg);
-
-	if (sfs != NULL) {
-		mtx_lock(&sfs->mtx);
-		KASSERT(sfs->count > 0, ("Sendfile sync botchup count == 0"));
-		if (--sfs->count == 0)
-			cv_signal(&sfs->cv);
-		mtx_unlock(&sfs->mtx);
-	}
-}
-
-/*
- * Same as above, but forces the page to be detached from the object
- * and go into free pool.
- */
-void
-sf_ext_free_nocache(void *arg1, void *arg2)
-{
-	struct sf_buf *sf = arg1;
-	struct sendfile_sync *sfs = arg2;
-	vm_page_t pg = sf_buf_page(sf);
-
-	sf_buf_free(sf);
-
-	vm_page_lock(pg);
-	if (vm_page_unwire(pg, PQ_NONE)) {
-		vm_object_t obj;
-
-		/* Try to free the page, but only if it is cheap to. */
-		if ((obj = pg->object) == NULL)
-			vm_page_free(pg);
-		else if (!vm_page_xbusied(pg) && VM_OBJECT_TRYWLOCK(obj)) {
-			vm_page_free(pg);
-			VM_OBJECT_WUNLOCK(obj);
-		} else
-			vm_page_deactivate(pg);
-	}
-	vm_page_unlock(pg);
-
-	if (sfs != NULL) {
-		mtx_lock(&sfs->mtx);
-		KASSERT(sfs->count > 0, ("Sendfile sync botchup count == 0"));
-		if (--sfs->count == 0)
-			cv_signal(&sfs->cv);
-		mtx_unlock(&sfs->mtx);
-	}
-}
-
-/*
- * sendfile(2)
- *
- * int sendfile(int fd, int s, off_t offset, size_t nbytes,
- *	 struct sf_hdtr *hdtr, off_t *sbytes, int flags)
- *
- * Send a file specified by 'fd' and starting at 'offset' to a socket
- * specified by 's'. Send only 'nbytes' of the file or until EOF if nbytes ==
- * 0.  Optionally add a header and/or trailer to the socket output.  If
- * specified, write the total number of bytes sent into *sbytes.
- */
-int
-sys_sendfile(struct thread *td, struct sendfile_args *uap)
-{
-
-	return (do_sendfile(td, uap, 0));
-}
-
-static int
-do_sendfile(struct thread *td, struct sendfile_args *uap, int compat)
-{
-	struct sf_hdtr hdtr;
-	struct uio *hdr_uio, *trl_uio;
-	struct file *fp;
-	cap_rights_t rights;
-	off_t sbytes;
-	int error;
-
-	/*
-	 * File offset must be positive.  If it goes beyond EOF
-	 * we send only the header/trailer and no payload data.
-	 */
-	if (uap->offset < 0)
-		return (EINVAL);
-
-	hdr_uio = trl_uio = NULL;
-
-	if (uap->hdtr != NULL) {
-		error = copyin(uap->hdtr, &hdtr, sizeof(hdtr));
-		if (error != 0)
-			goto out;
-		if (hdtr.headers != NULL) {
-			error = copyinuio(hdtr.headers, hdtr.hdr_cnt,
-			    &hdr_uio);
-			if (error != 0)
-				goto out;
-		}
-		if (hdtr.trailers != NULL) {
-			error = copyinuio(hdtr.trailers, hdtr.trl_cnt,
-			    &trl_uio);
-			if (error != 0)
-				goto out;
-		}
-	}
-
-	AUDIT_ARG_FD(uap->fd);
-
-	/*
-	 * sendfile(2) can start at any offset within a file so we require
-	 * CAP_READ+CAP_SEEK = CAP_PREAD.
-	 */
-	if ((error = fget_read(td, uap->fd,
-	    cap_rights_init(&rights, CAP_PREAD), &fp)) != 0) {
-		goto out;
-	}
-
-	error = fo_sendfile(fp, uap->s, hdr_uio, trl_uio, uap->offset,
-	    uap->nbytes, &sbytes, uap->flags, compat ? SFK_COMPAT : 0, td);
-	fdrop(fp, td);
-
-	if (uap->sbytes != NULL)
-		copyout(&sbytes, uap->sbytes, sizeof(off_t));
-
-out:
-	free(hdr_uio, M_IOV);
-	free(trl_uio, M_IOV);
-	return (error);
-}
-
-#ifdef COMPAT_FREEBSD4
-int
-freebsd4_sendfile(struct thread *td, struct freebsd4_sendfile_args *uap)
-{
-	struct sendfile_args args;
-
-	args.fd = uap->fd;
-	args.s = uap->s;
-	args.offset = uap->offset;
-	args.nbytes = uap->nbytes;
-	args.hdtr = uap->hdtr;
-	args.sbytes = uap->sbytes;
-	args.flags = uap->flags;
-
-	return (do_sendfile(td, &args, 1));
-}
-#endif /* COMPAT_FREEBSD4 */
-
- /*
-  * How much data to put into page i of n.
-  * Only first and last pages are special.
-  */
-static inline off_t
-xfsize(int i, int n, off_t off, off_t len)
-{
-
-	if (i == 0)
-		return (omin(PAGE_SIZE - (off & PAGE_MASK), len));
-
-	if (i == n - 1 && ((off + len) & PAGE_MASK) > 0)
-		return ((off + len) & PAGE_MASK);
-
-	return (PAGE_SIZE);
-}
-
-/*
- * Offset within object for i page.
- */
-static inline vm_offset_t
-vmoff(int i, off_t off)
-{
-
-	if (i == 0)
-		return ((vm_offset_t)off);
-
-	return (trunc_page(off + i * PAGE_SIZE));
-}
-
-/*
- * Pretend as if we don't have enough space, subtract xfsize() of
- * all pages that failed.
- */
-static inline void
-fixspace(int old, int new, off_t off, int *space)
-{
-
-	KASSERT(old > new, ("%s: old %d new %d", __func__, old, new));
-
-	/* Subtract last one. */
-	*space -= xfsize(old - 1, old, off, *space);
-	old--;
-
-	if (new == old)
-		/* There was only one page. */
-		return;
-
-	/* Subtract first one. */
-	if (new == 0) {
-		*space -= xfsize(0, old, off, *space);
-		new++;
-	}
-
-	/* Rest of pages are full sized. */
-	*space -= (old - new) * PAGE_SIZE;
-
-	KASSERT(*space >= 0, ("%s: space went backwards", __func__));
-}
-
-/*
- * Structure describing a single sendfile(2) I/O, which may consist of
- * several underlying pager I/Os.
- *
- * The syscall context allocates the structure and initializes 'nios'
- * to 1.  As sendfile_swapin() runs through pages and starts asynchronous
- * paging operations, it increments 'nios'.
- *
- * Every I/O completion calls sf_iodone(), which decrements the 'nios', and
- * the syscall also calls sf_iodone() after allocating all mbufs, linking them
- * and sending to socket.  Whoever reaches zero 'nios' is responsible to
- * call pru_ready on the socket, to notify it of readyness of the data.
- */
-struct sf_io {
-	volatile u_int	nios;
-	u_int		error;
-	int		npages;
-	struct file	*sock_fp;
-	struct mbuf	*m;
-	vm_page_t	pa[];
-};
-
-static void
-sf_iodone(void *arg, vm_page_t *pg, int count, int error)
-{
-	struct sf_io *sfio = arg;
-	struct socket *so;
-
-	for (int i = 0; i < count; i++)
-		vm_page_xunbusy(pg[i]);
-
-	if (error)
-		sfio->error = error;
-
-	if (!refcount_release(&sfio->nios))
-		return;
-
-	so = sfio->sock_fp->f_data;
-
-	if (sfio->error) {
-		struct mbuf *m;
-
-		/*
-		 * I/O operation failed.  The state of data in the socket
-		 * is now inconsistent, and all what we can do is to tear
-		 * it down. Protocol abort method would tear down protocol
-		 * state, free all ready mbufs and detach not ready ones.
-		 * We will free the mbufs corresponding to this I/O manually.
-		 *
-		 * The socket would be marked with EIO and made available
-		 * for read, so that application receives EIO on next
-		 * syscall and eventually closes the socket.
-		 */
-		so->so_proto->pr_usrreqs->pru_abort(so);
-		so->so_error = EIO;
-
-		m = sfio->m;
-		for (int i = 0; i < sfio->npages; i++)
-			m = m_free(m);
-	} else {
-		CURVNET_SET(so->so_vnet);
-		(void )(so->so_proto->pr_usrreqs->pru_ready)(so, sfio->m,
-		    sfio->npages);
-		CURVNET_RESTORE();
-	}
-
-	/* XXXGL: curthread */
-	fdrop(sfio->sock_fp, curthread);
-	free(sfio, M_TEMP);
-}
-
-/*
- * Iterate through pages vector and request paging for non-valid pages.
- */
-static int
-sendfile_swapin(vm_object_t obj, struct sf_io *sfio, off_t off, off_t len,
-    int npages, int rhpages, int flags)
-{
-	vm_page_t *pa = sfio->pa;
-	int nios;
-
-	nios = 0;
-	flags = (flags & SF_NODISKIO) ? VM_ALLOC_NOWAIT : 0;
-
-	/*
-	 * First grab all the pages and wire them.  Note that we grab
-	 * only required pages.  Readahead pages are dealt with later.
-	 */
-	VM_OBJECT_WLOCK(obj);
-	for (int i = 0; i < npages; i++) {
-		pa[i] = vm_page_grab(obj, OFF_TO_IDX(vmoff(i, off)),
-		    VM_ALLOC_WIRED | VM_ALLOC_NORMAL | flags);
-		if (pa[i] == NULL) {
-			npages = i;
-			rhpages = 0;
-			break;
-		}
-	}
-
-	for (int i = 0; i < npages;) {
-		int j, a, count, rv;
-
-		/* Skip valid pages. */
-		if (vm_page_is_valid(pa[i], vmoff(i, off) & PAGE_MASK,
-		    xfsize(i, npages, off, len))) {
-			vm_page_xunbusy(pa[i]);
-			SFSTAT_INC(sf_pages_valid);
-			i++;
-			continue;
-		}
-
-		/*
-		 * Now 'i' points to first invalid page, iterate further
-		 * to make 'j' point at first valid after a bunch of
-		 * invalid ones.
-		 */
-		for (j = i + 1; j < npages; j++)
-			if (vm_page_is_valid(pa[j], vmoff(j, off) & PAGE_MASK,
-			    xfsize(j, npages, off, len))) {
-				SFSTAT_INC(sf_pages_valid);
-				break;
-			}
-
-		/*
-		 * Now we got region of invalid pages between 'i' and 'j'.
-		 * Check that they belong to pager.  They may not be there,
-		 * which is a regular situation for shmem pager.  For vnode
-		 * pager this happens only in case of sparse file.
-		 *
-		 * Important feature of vm_pager_has_page() is the hint
-		 * stored in 'a', about how many pages we can pagein after
-		 * this page in a single I/O.
-		 */
-		while (!vm_pager_has_page(obj, OFF_TO_IDX(vmoff(i, off)),
-		    NULL, &a) && i < j) {
-			pmap_zero_page(pa[i]);
-			pa[i]->valid = VM_PAGE_BITS_ALL;
-			pa[i]->dirty = 0;
-			vm_page_xunbusy(pa[i]);
-			i++;
-		}
-		if (i == j)
-			continue;
-
-		/*
-		 * We want to pagein as many pages as possible, limited only
-		 * by the 'a' hint and actual request.
-		 *
-		 * We should not pagein into already valid page, thus if
-		 * 'j' didn't reach last page, trim by that page.
-		 *
-		 * When the pagein fulfils the request, also specify readahead.
-		 */
-		if (j < npages)
-			a = min(a, j - i - 1);
-		count = min(a + 1, npages - i);
-
-		refcount_acquire(&sfio->nios);
-		rv = vm_pager_get_pages_async(obj, pa + i, count, NULL,
-		    i + count == npages ? &rhpages : NULL,
-		    &sf_iodone, sfio);
-		KASSERT(rv == VM_PAGER_OK, ("%s: pager fail obj %p page %p",
-		    __func__, obj, pa[i]));
-
-		SFSTAT_INC(sf_iocnt);
-		SFSTAT_ADD(sf_pages_read, count);
-		if (i + count == npages)
-			SFSTAT_ADD(sf_rhpages_read, rhpages);
-
-#ifdef INVARIANTS
-		for (j = i; j < i + count && j < npages; j++)
-			KASSERT(pa[j] == vm_page_lookup(obj,
-			    OFF_TO_IDX(vmoff(j, off))),
-			    ("pa[j] %p lookup %p\n", pa[j],
-			    vm_page_lookup(obj, OFF_TO_IDX(vmoff(j, off)))));
-#endif
-		i += count;
-		nios++;
-	}
-
-	VM_OBJECT_WUNLOCK(obj);
-
-	if (nios == 0 && npages != 0)
-		SFSTAT_INC(sf_noiocnt);
-
-	return (nios);
-}
-
-static int
-sendfile_getobj(struct thread *td, struct file *fp, vm_object_t *obj_res,
-    struct vnode **vp_res, struct shmfd **shmfd_res, off_t *obj_size,
-    int *bsize)
-{
-	struct vattr va;
-	vm_object_t obj;
-	struct vnode *vp;
-	struct shmfd *shmfd;
-	int error;
-
-	vp = *vp_res = NULL;
-	obj = NULL;
-	shmfd = *shmfd_res = NULL;
-	*bsize = 0;
-
-	/*
-	 * The file descriptor must be a regular file and have a
-	 * backing VM object.
-	 */
-	if (fp->f_type == DTYPE_VNODE) {
-		vp = fp->f_vnode;
-		vn_lock(vp, LK_SHARED | LK_RETRY);
-		if (vp->v_type != VREG) {
-			error = EINVAL;
-			goto out;
-		}
-		*bsize = vp->v_mount->mnt_stat.f_iosize;
-		error = VOP_GETATTR(vp, &va, td->td_ucred);
-		if (error != 0)
-			goto out;
-		*obj_size = va.va_size;
-		obj = vp->v_object;
-		if (obj == NULL) {
-			error = EINVAL;
-			goto out;
-		}
-	} else if (fp->f_type == DTYPE_SHM) {
-		error = 0;
-		shmfd = fp->f_data;
-		obj = shmfd->shm_object;
-		*obj_size = shmfd->shm_size;
-	} else {
-		error = EINVAL;
-		goto out;
-	}
-
-	VM_OBJECT_WLOCK(obj);
-	if ((obj->flags & OBJ_DEAD) != 0) {
-		VM_OBJECT_WUNLOCK(obj);
-		error = EBADF;
-		goto out;
-	}
-
-	/*
-	 * Temporarily increase the backing VM object's reference
-	 * count so that a forced reclamation of its vnode does not
-	 * immediately destroy it.
-	 */
-	vm_object_reference_locked(obj);
-	VM_OBJECT_WUNLOCK(obj);
-	*obj_res = obj;
-	*vp_res = vp;
-	*shmfd_res = shmfd;
-
-out:
-	if (vp != NULL)
-		VOP_UNLOCK(vp, 0);
-	return (error);
-}
-
-static int
-kern_sendfile_getsock(struct thread *td, int s, struct file **sock_fp,
-    struct socket **so)
-{
-	cap_rights_t rights;
-	int error;
-
-	*sock_fp = NULL;
-	*so = NULL;
-
-	/*
-	 * The socket must be a stream socket and connected.
-	 */
-	error = getsock_cap(td, s, cap_rights_init(&rights, CAP_SEND),
-	    sock_fp, NULL);
-	if (error != 0)
-		return (error);
-	*so = (*sock_fp)->f_data;
-	if ((*so)->so_type != SOCK_STREAM)
-		return (EINVAL);
-	if (((*so)->so_state & SS_ISCONNECTED) == 0)
-		return (ENOTCONN);
-	return (0);
-}
-
-int
-vn_sendfile(struct file *fp, int sockfd, struct uio *hdr_uio,
-    struct uio *trl_uio, off_t offset, size_t nbytes, off_t *sent, int flags,
-    int kflags, struct thread *td)
-{
-	struct file *sock_fp;
-	struct vnode *vp;
-	struct vm_object *obj;
-	struct socket *so;
-	struct mbuf *m, *mh, *mhtail;
-	struct sf_buf *sf;
-	struct shmfd *shmfd;
-	struct sendfile_sync *sfs;
-	struct vattr va;
-	off_t off, sbytes, rem, obj_size;
-	int error, softerr, bsize, hdrlen;
-
-	obj = NULL;
-	so = NULL;
-	m = mh = NULL;
-	sfs = NULL;
-	sbytes = 0;
-	softerr = 0;
-
-	error = sendfile_getobj(td, fp, &obj, &vp, &shmfd, &obj_size, &bsize);
-	if (error != 0)
-		return (error);
-
-	error = kern_sendfile_getsock(td, sockfd, &sock_fp, &so);
-	if (error != 0)
-		goto out;
-
-#ifdef MAC
-	error = mac_socket_check_send(td->td_ucred, so);
-	if (error != 0)
-		goto out;
-#endif
-
-	SFSTAT_INC(sf_syscalls);
-	SFSTAT_ADD(sf_rhpages_requested, SF_READAHEAD(flags));
-
-	if (flags & SF_SYNC) {
-		sfs = malloc(sizeof *sfs, M_TEMP, M_WAITOK | M_ZERO);
-		mtx_init(&sfs->mtx, "sendfile", NULL, MTX_DEF);
-		cv_init(&sfs->cv, "sendfile");
-	}
-
-	/* If headers are specified copy them into mbufs. */
-	if (hdr_uio != NULL && hdr_uio->uio_resid > 0) {
-		hdr_uio->uio_td = td;
-		hdr_uio->uio_rw = UIO_WRITE;
-		/*
-		 * In FBSD < 5.0 the nbytes to send also included
-		 * the header.  If compat is specified subtract the
-		 * header size from nbytes.
-		 */
-		if (kflags & SFK_COMPAT) {
-			if (nbytes > hdr_uio->uio_resid)
-				nbytes -= hdr_uio->uio_resid;
-			else
-				nbytes = 0;
-		}
-		mh = m_uiotombuf(hdr_uio, M_WAITOK, 0, 0, 0);
-		hdrlen = m_length(mh, &mhtail);
-	} else
-		hdrlen = 0;
-
-	rem = nbytes ? omin(nbytes, obj_size - offset) : obj_size - offset;
-
-	/*
-	 * Protect against multiple writers to the socket.
-	 *
-	 * XXXRW: Historically this has assumed non-interruptibility, so now
-	 * we implement that, but possibly shouldn't.
-	 */
-	(void)sblock(&so->so_snd, SBL_WAIT | SBL_NOINTR);
-
-	/*
-	 * Loop through the pages of the file, starting with the requested
-	 * offset. Get a file page (do I/O if necessary), map the file page
-	 * into an sf_buf, attach an mbuf header to the sf_buf, and queue
-	 * it on the socket.
-	 * This is done in two loops.  The inner loop turns as many pages
-	 * as it can, up to available socket buffer space, without blocking
-	 * into mbufs to have it bulk delivered into the socket send buffer.
-	 * The outer loop checks the state and available space of the socket
-	 * and takes care of the overall progress.
-	 */
-	for (off = offset; rem > 0; ) {
-		struct sf_io *sfio;
-		vm_page_t *pa;
-		struct mbuf *mtail;
-		int nios, space, npages, rhpages;
-
-		mtail = NULL;
-		/*
-		 * Check the socket state for ongoing connection,
-		 * no errors and space in socket buffer.
-		 * If space is low allow for the remainder of the
-		 * file to be processed if it fits the socket buffer.
-		 * Otherwise block in waiting for sufficient space
-		 * to proceed, or if the socket is nonblocking, return
-		 * to userland with EAGAIN while reporting how far
-		 * we've come.
-		 * We wait until the socket buffer has significant free
-		 * space to do bulk sends.  This makes good use of file
-		 * system read ahead and allows packet segmentation
-		 * offloading hardware to take over lots of work.  If
-		 * we were not careful here we would send off only one
-		 * sfbuf at a time.
-		 */
-		SOCKBUF_LOCK(&so->so_snd);
-		if (so->so_snd.sb_lowat < so->so_snd.sb_hiwat / 2)
-			so->so_snd.sb_lowat = so->so_snd.sb_hiwat / 2;
-retry_space:
-		if (so->so_snd.sb_state & SBS_CANTSENDMORE) {
-			error = EPIPE;
-			SOCKBUF_UNLOCK(&so->so_snd);
-			goto done;
-		} else if (so->so_error) {
-			error = so->so_error;
-			so->so_error = 0;
-			SOCKBUF_UNLOCK(&so->so_snd);
-			goto done;
-		}
-		space = sbspace(&so->so_snd);
-		if (space < rem &&
-		    (space <= 0 ||
-		     space < so->so_snd.sb_lowat)) {
-			if (so->so_state & SS_NBIO) {
-				SOCKBUF_UNLOCK(&so->so_snd);
-				error = EAGAIN;
-				goto done;
-			}
-			/*
-			 * sbwait drops the lock while sleeping.
-			 * When we loop back to retry_space the
-			 * state may have changed and we retest
-			 * for it.
-			 */
-			error = sbwait(&so->so_snd);
-			/*
-			 * An error from sbwait usually indicates that we've
-			 * been interrupted by a signal. If we've sent anything
-			 * then return bytes sent, otherwise return the error.
-			 */
-			if (error != 0) {
-				SOCKBUF_UNLOCK(&so->so_snd);
-				goto done;
-			}
-			goto retry_space;
-		}
-		SOCKBUF_UNLOCK(&so->so_snd);
-
-		/*
-		 * Reduce space in the socket buffer by the size of
-		 * the header mbuf chain.
-		 * hdrlen is set to 0 after the first loop.
-		 */
-		space -= hdrlen;
-
-		if (vp != NULL) {
-			error = vn_lock(vp, LK_SHARED);
-			if (error != 0)
-				goto done;
-			error = VOP_GETATTR(vp, &va, td->td_ucred);
-			if (error != 0 || off >= va.va_size) {
-				VOP_UNLOCK(vp, 0);
-				goto done;
-			}
-			if (va.va_size != obj_size) {
-				if (nbytes == 0)
-					rem += va.va_size - obj_size;
-				else if (offset + nbytes > va.va_size)
-					rem -= (offset + nbytes - va.va_size);
-				obj_size = va.va_size;
-			}
-		}
-
-		if (space > rem)
-			space = rem;
-
-		npages = howmany(space + (off & PAGE_MASK), PAGE_SIZE);
-
-		/*
-		 * Calculate maximum allowed number of pages for readahead
-		 * at this iteration.  First, we allow readahead up to "rem".
-		 * If application wants more, let it be, but there is no
-		 * reason to go above MAXPHYS.  Also check against "obj_size",
-		 * since vm_pager_has_page() can hint beyond EOF.
-		 */
-		rhpages = howmany(rem + (off & PAGE_MASK), PAGE_SIZE) - npages;
-		rhpages += SF_READAHEAD(flags);
-		rhpages = min(howmany(MAXPHYS, PAGE_SIZE), rhpages);
-		rhpages = min(howmany(obj_size - trunc_page(off), PAGE_SIZE) -
-		    npages, rhpages);
-
-		sfio = malloc(sizeof(struct sf_io) +
-		    npages * sizeof(vm_page_t), M_TEMP, M_WAITOK);
-		refcount_init(&sfio->nios, 1);
-		sfio->error = 0;
-
-		nios = sendfile_swapin(obj, sfio, off, space, npages, rhpages,
-		    flags);
-
-		/*
-		 * Loop and construct maximum sized mbuf chain to be bulk
-		 * dumped into socket buffer.
-		 */
-		pa = sfio->pa;
-		for (int i = 0; i < npages; i++) {
-			struct mbuf *m0;
-
-			/*
-			 * If a page wasn't grabbed successfully, then
-			 * trim the array. Can happen only with SF_NODISKIO.
-			 */
-			if (pa[i] == NULL) {
-				SFSTAT_INC(sf_busy);
-				fixspace(npages, i, off, &space);
-				npages = i;
-				softerr = EBUSY;
-				break;
-			}
-
-			/*
-			 * Get a sendfile buf.  When allocating the
-			 * first buffer for mbuf chain, we usually
-			 * wait as long as necessary, but this wait
-			 * can be interrupted.  For consequent
-			 * buffers, do not sleep, since several
-			 * threads might exhaust the buffers and then
-			 * deadlock.
-			 */
-			sf = sf_buf_alloc(pa[i],
-			    m != NULL ? SFB_NOWAIT : SFB_CATCH);
-			if (sf == NULL) {
-				SFSTAT_INC(sf_allocfail);
-				for (int j = i; j < npages; j++) {
-					vm_page_lock(pa[j]);
-					vm_page_unwire(pa[j], PQ_INACTIVE);
-					vm_page_unlock(pa[j]);
-				}
-				if (m == NULL)
-					softerr = ENOBUFS;
-				fixspace(npages, i, off, &space);
-				npages = i;
-				break;
-			}
-
-			m0 = m_get(M_WAITOK, MT_DATA);
-			m0->m_ext.ext_buf = (char *)sf_buf_kva(sf);
-			m0->m_ext.ext_size = PAGE_SIZE;
-			m0->m_ext.ext_arg1 = sf;
-			m0->m_ext.ext_arg2 = sfs;
-			/*
-			 * SF_NOCACHE sets the page as being freed upon send.
-			 * However, we ignore it for the last page in 'space',
-			 * if the page is truncated, and we got more data to
-			 * send (rem > space), or if we have readahead
-			 * configured (rhpages > 0).
-			 */
-			if ((flags & SF_NOCACHE) == 0 ||
-			    (i == npages - 1 &&
-			    ((off + space) & PAGE_MASK) &&
-			    (rem > space || rhpages > 0)))
-				m0->m_ext.ext_type = EXT_SFBUF;
-			else
-				m0->m_ext.ext_type = EXT_SFBUF_NOCACHE;
-			m0->m_ext.ext_flags = 0;
-			m0->m_flags |= (M_EXT | M_RDONLY);
-			if (nios)
-				m0->m_flags |= M_NOTREADY;
-			m0->m_data = (char *)sf_buf_kva(sf) +
-			    (vmoff(i, off) & PAGE_MASK);
-			m0->m_len = xfsize(i, npages, off, space);
-
-			if (i == 0)
-				sfio->m = m0;
-
-			/* Append to mbuf chain. */
-			if (mtail != NULL)
-				mtail->m_next = m0;
-			else
-				m = m0;
-			mtail = m0;
-
-			if (sfs != NULL) {
-				mtx_lock(&sfs->mtx);
-				sfs->count++;
-				mtx_unlock(&sfs->mtx);
-			}
-		}
-
-		if (vp != NULL)
-			VOP_UNLOCK(vp, 0);
-
-		/* Keep track of bytes processed. */
-		off += space;
-		rem -= space;
-
-		/* Prepend header, if any. */
-		if (hdrlen) {
-			mhtail->m_next = m;
-			m = mh;
-			mh = NULL;
-		}
-
-		if (m == NULL) {
-			KASSERT(softerr, ("%s: m NULL, no error", __func__));
-			error = softerr;
-			free(sfio, M_TEMP);
-			goto done;
-		}
-
-		/* Add the buffer chain to the socket buffer. */
-		KASSERT(m_length(m, NULL) == space + hdrlen,
-		    ("%s: mlen %u space %d hdrlen %d",
-		    __func__, m_length(m, NULL), space, hdrlen));
-
-		CURVNET_SET(so->so_vnet);
-		if (nios == 0) {
-			/*
-			 * If sendfile_swapin() didn't initiate any I/Os,
-			 * which happens if all data is cached in VM, then
-			 * we can send data right now without the
-			 * PRUS_NOTREADY flag.
-			 */
-			free(sfio, M_TEMP);
-			error = (*so->so_proto->pr_usrreqs->pru_send)
-			    (so, 0, m, NULL, NULL, td);
-		} else {
-			sfio->sock_fp = sock_fp;
-			sfio->npages = npages;
-			fhold(sock_fp);
-			error = (*so->so_proto->pr_usrreqs->pru_send)
-			    (so, PRUS_NOTREADY, m, NULL, NULL, td);
-			sf_iodone(sfio, NULL, 0, 0);
-		}
-		CURVNET_RESTORE();
-
-		m = NULL;	/* pru_send always consumes */
-		if (error)
-			goto done;
-		sbytes += space + hdrlen;
-		if (hdrlen)
-			hdrlen = 0;
-		if (softerr) {
-			error = softerr;
-			goto done;
-		}
-	}
-
-	/*
-	 * Send trailers. Wimp out and use writev(2).
-	 */
-	if (trl_uio != NULL) {
-		sbunlock(&so->so_snd);
-		error = kern_writev(td, sockfd, trl_uio);
-		if (error == 0)
-			sbytes += td->td_retval[0];
-		goto out;
-	}
-
-done:
-	sbunlock(&so->so_snd);
-out:
-	/*
-	 * If there was no error we have to clear td->td_retval[0]
-	 * because it may have been set by writev.
-	 */
-	if (error == 0) {
-		td->td_retval[0] = 0;
-	}
-	if (sent != NULL) {
-		(*sent) = sbytes;
-	}
-	if (obj != NULL)
-		vm_object_deallocate(obj);
-	if (so)
-		fdrop(sock_fp, td);
-	if (m)
-		m_freem(m);
-	if (mh)
-		m_freem(mh);
-
-	if (sfs != NULL) {
-		mtx_lock(&sfs->mtx);
-		if (sfs->count != 0)
-			cv_wait(&sfs->cv, &sfs->mtx);
-		KASSERT(sfs->count == 0, ("sendfile sync still busy"));
-		cv_destroy(&sfs->cv);
-		mtx_destroy(&sfs->mtx);
-		free(sfs, M_TEMP);
-	}
-
-	if (error == ERESTART)
-		error = EINTR;
-
-	return (error);
-}
diff --git a/sys/kern/vfs_aio.c b/sys/kern/vfs_aio.c
index 4a4c612..1d99a56 100644
--- a/sys/kern/vfs_aio.c
+++ b/sys/kern/vfs_aio.c
@@ -130,12 +130,12 @@ static SYSCTL_NODE(_vfs, OID_AUTO, aio, CTLFLAG_RW, 0, "Async IO management");
 static int max_aio_procs = MAX_AIO_PROCS;
 SYSCTL_INT(_vfs_aio, OID_AUTO, max_aio_procs,
 	CTLFLAG_RW, &max_aio_procs, 0,
-	"Maximum number of kernel threads to use for handling async IO ");
+	"Maximum number of kernel processes to use for handling async IO ");
 
 static int num_aio_procs = 0;
 SYSCTL_INT(_vfs_aio, OID_AUTO, num_aio_procs,
 	CTLFLAG_RD, &num_aio_procs, 0,
-	"Number of presently active kernel threads for async IO");
+	"Number of presently active kernel processes for async IO");
 
 /*
  * The code will adjust the actual number of AIO processes towards this
@@ -143,7 +143,7 @@ SYSCTL_INT(_vfs_aio, OID_AUTO, num_aio_procs,
  */
 static int target_aio_procs = TARGET_AIO_PROCS;
 SYSCTL_INT(_vfs_aio, OID_AUTO, target_aio_procs, CTLFLAG_RW, &target_aio_procs,
-	0, "Preferred number of ready kernel threads for async IO");
+	0, "Preferred number of ready kernel processes for async IO");
 
 static int max_queue_count = MAX_AIO_QUEUE;
 SYSCTL_INT(_vfs_aio, OID_AUTO, max_aio_queue, CTLFLAG_RW, &max_queue_count, 0,
@@ -157,7 +157,7 @@ static int num_buf_aio = 0;
 SYSCTL_INT(_vfs_aio, OID_AUTO, num_buf_aio, CTLFLAG_RD, &num_buf_aio, 0,
     "Number of aio requests presently handled by the buf subsystem");
 
-/* Number of async I/O thread in the process of being started */
+/* Number of async I/O processes in the process of being started */
 /* XXX This should be local to aio_aqueue() */
 static int num_aio_resv_start = 0;
 
@@ -210,8 +210,8 @@ typedef struct oaiocb {
  * Current, there is only two backends: BIO and generic file I/O.
  * socket I/O is served by generic file I/O, this is not a good idea, since
  * disk file I/O and any other types without O_NONBLOCK flag can block daemon
- * threads, if there is no thread to serve socket I/O, the socket I/O will be
- * delayed too long or starved, we should create some threads dedicated to
+ * processes, if there is no thread to serve socket I/O, the socket I/O will be
+ * delayed too long or starved, we should create some processes dedicated to
  * sockets to do non-blocking I/O, same for pipe and fifo, for these I/O
  * systems we really need non-blocking interface, fiddling O_NONBLOCK in file
  * structure is not safe because there is race between userland and aio
@@ -253,10 +253,10 @@ struct aiocblist {
  */
 #define AIOP_FREE	0x1			/* proc on free queue */
 
-struct aiothreadlist {
-	int aiothreadflags;			/* (c) AIO proc flags */
-	TAILQ_ENTRY(aiothreadlist) list;	/* (c) list of processes */
-	struct thread *aiothread;		/* (*) the AIO thread */
+struct aioproc {
+	int aioprocflags;			/* (c) AIO proc flags */
+	TAILQ_ENTRY(aioproc) list;		/* (c) list of processes */
+	struct proc *aioproc;			/* (*) the AIO proc */
 };
 
 /*
@@ -293,11 +293,8 @@ struct kaioinfo {
 	TAILQ_HEAD(,aioliojob) kaio_liojoblist; /* (a) list of lio jobs */
 	TAILQ_HEAD(,aiocblist) kaio_jobqueue;	/* (a) job queue for process */
 	TAILQ_HEAD(,aiocblist) kaio_bufqueue;	/* (a) buffer job queue for process */
-	TAILQ_HEAD(,aiocblist) kaio_sockqueue;  /* (a) queue for aios waiting on sockets,
-						 *  NOT USED YET.
-						 */
 	TAILQ_HEAD(,aiocblist) kaio_syncqueue;	/* (a) queue for aio_fsync */
-	struct	task	kaio_task;	/* (*) task to kick aio threads */
+	struct	task	kaio_task;	/* (*) task to kick aio processes */
 };
 
 #define AIO_LOCK(ki)		mtx_lock(&(ki)->kaio_mtx)
@@ -322,10 +319,9 @@ struct aiocb_ops {
 	int	(*store_aiocb)(struct aiocb **ujobp, struct aiocb *ujob);
 };
 
-static TAILQ_HEAD(,aiothreadlist) aio_freeproc;		/* (c) Idle daemons */
+static TAILQ_HEAD(,aioproc) aio_freeproc;		/* (c) Idle daemons */
 static struct sema aio_newproc_sem;
 static struct mtx aio_job_mtx;
-static struct mtx aio_sock_mtx;
 static TAILQ_HEAD(,aiocblist) aio_jobs;			/* (c) Async job list */
 static struct unrhdr *aiod_unr;
 
@@ -361,7 +357,7 @@ static int	filt_lio(struct knote *kn, long hint);
 /*
  * Zones for:
  * 	kaio	Per process async io info
- *	aiop	async io thread data
+ *	aiop	async io process data
  *	aiocb	async io jobs
  *	aiol	list io job pointer - internal to aio_suspend XXX
  *	aiolio	list io jobs
@@ -483,12 +479,11 @@ aio_onceonly(void)
 	TAILQ_INIT(&aio_freeproc);
 	sema_init(&aio_newproc_sem, 0, "aio_new_proc");
 	mtx_init(&aio_job_mtx, "aio_job", NULL, MTX_DEF);
-	mtx_init(&aio_sock_mtx, "aio_sock", NULL, MTX_DEF);
 	TAILQ_INIT(&aio_jobs);
 	aiod_unr = new_unrhdr(1, INT_MAX, NULL);
 	kaio_zone = uma_zcreate("AIO", sizeof(struct kaioinfo), NULL, NULL,
 	    NULL, NULL, UMA_ALIGN_PTR, UMA_ZONE_NOFREE);
-	aiop_zone = uma_zcreate("AIOP", sizeof(struct aiothreadlist), NULL,
+	aiop_zone = uma_zcreate("AIOP", sizeof(struct aioproc), NULL,
 	    NULL, NULL, NULL, UMA_ALIGN_PTR, UMA_ZONE_NOFREE);
 	aiocb_zone = uma_zcreate("AIOCB", sizeof(struct aiocblist), NULL, NULL,
 	    NULL, NULL, UMA_ALIGN_PTR, UMA_ZONE_NOFREE);
@@ -556,7 +551,6 @@ aio_unload(void)
 	EVENTHANDLER_DEREGISTER(process_exit, exit_tag);
 	EVENTHANDLER_DEREGISTER(process_exec, exec_tag);
 	mtx_destroy(&aio_job_mtx);
-	mtx_destroy(&aio_sock_mtx);
 	sema_destroy(&aio_newproc_sem);
 	p31b_setcfg(CTL_P1003_1B_AIO_LISTIO_MAX, -1);
 	p31b_setcfg(CTL_P1003_1B_AIO_MAX, -1);
@@ -587,7 +581,6 @@ aio_init_aioinfo(struct proc *p)
 	TAILQ_INIT(&ki->kaio_jobqueue);
 	TAILQ_INIT(&ki->kaio_bufqueue);
 	TAILQ_INIT(&ki->kaio_liojoblist);
-	TAILQ_INIT(&ki->kaio_sockqueue);
 	TAILQ_INIT(&ki->kaio_syncqueue);
 	TASK_INIT(&ki->kaio_task, 0, aio_kick_helper, p);
 	PROC_LOCK(p);
@@ -803,7 +796,7 @@ restart:
  * Select a job to run (called by an AIO daemon).
  */
 static struct aiocblist *
-aio_selectjob(struct aiothreadlist *aiop)
+aio_selectjob(struct aioproc *aiop)
 {
 	struct aiocblist *aiocbe;
 	struct kaioinfo *ki;
@@ -1063,7 +1056,7 @@ static void
 aio_daemon(void *_id)
 {
 	struct aiocblist *aiocbe;
-	struct aiothreadlist *aiop;
+	struct aioproc *aiop;
 	struct kaioinfo *ki;
 	struct proc *p, *userp;
 	struct vmspace *myvm;
@@ -1085,8 +1078,8 @@ aio_daemon(void *_id)
 	 * per daemon.
 	 */
 	aiop = uma_zalloc(aiop_zone, M_WAITOK);
-	aiop->aiothread = td;
-	aiop->aiothreadflags = 0;
+	aiop->aioproc = p;
+	aiop->aioprocflags = 0;
 
 	/*
 	 * Wakeup parent process.  (Parent sleeps to keep from blasting away
@@ -1099,9 +1092,9 @@ aio_daemon(void *_id)
 		/*
 		 * Take daemon off of free queue
 		 */
-		if (aiop->aiothreadflags & AIOP_FREE) {
+		if (aiop->aioprocflags & AIOP_FREE) {
 			TAILQ_REMOVE(&aio_freeproc, aiop, list);
-			aiop->aiothreadflags &= ~AIOP_FREE;
+			aiop->aioprocflags &= ~AIOP_FREE;
 		}
 
 		/*
@@ -1162,15 +1155,15 @@ aio_daemon(void *_id)
 		mtx_assert(&aio_job_mtx, MA_OWNED);
 
 		TAILQ_INSERT_HEAD(&aio_freeproc, aiop, list);
-		aiop->aiothreadflags |= AIOP_FREE;
+		aiop->aioprocflags |= AIOP_FREE;
 
 		/*
 		 * If daemon is inactive for a long time, allow it to exit,
 		 * thereby freeing resources.
 		 */
-		if (msleep(aiop->aiothread, &aio_job_mtx, PRIBIO, "aiordy",
+		if (msleep(p, &aio_job_mtx, PRIBIO, "aiordy",
 		    aiod_lifetime) == EWOULDBLOCK && TAILQ_EMPTY(&aio_jobs) &&
-		    (aiop->aiothreadflags & AIOP_FREE) &&
+		    (aiop->aioprocflags & AIOP_FREE) &&
 		    num_aio_procs > target_aio_procs)
 			break;
 	}
@@ -1788,13 +1781,13 @@ static void
 aio_kick_nowait(struct proc *userp)
 {
 	struct kaioinfo *ki = userp->p_aioinfo;
-	struct aiothreadlist *aiop;
+	struct aioproc *aiop;
 
 	mtx_assert(&aio_job_mtx, MA_OWNED);
 	if ((aiop = TAILQ_FIRST(&aio_freeproc)) != NULL) {
 		TAILQ_REMOVE(&aio_freeproc, aiop, list);
-		aiop->aiothreadflags &= ~AIOP_FREE;
-		wakeup(aiop->aiothread);
+		aiop->aioprocflags &= ~AIOP_FREE;
+		wakeup(aiop->aioproc);
 	} else if (((num_aio_resv_start + num_aio_procs) < max_aio_procs) &&
 	    ((ki->kaio_active_count + num_aio_resv_start) <
 	    ki->kaio_maxactive_count)) {
@@ -1806,15 +1799,15 @@ static int
 aio_kick(struct proc *userp)
 {
 	struct kaioinfo *ki = userp->p_aioinfo;
-	struct aiothreadlist *aiop;
+	struct aioproc *aiop;
 	int error, ret = 0;
 
 	mtx_assert(&aio_job_mtx, MA_OWNED);
 retryproc:
 	if ((aiop = TAILQ_FIRST(&aio_freeproc)) != NULL) {
 		TAILQ_REMOVE(&aio_freeproc, aiop, list);
-		aiop->aiothreadflags &= ~AIOP_FREE;
-		wakeup(aiop->aiothread);
+		aiop->aioprocflags &= ~AIOP_FREE;
+		wakeup(aiop->aioproc);
 	} else if (((num_aio_resv_start + num_aio_procs) < max_aio_procs) &&
 	    ((ki->kaio_active_count + num_aio_resv_start) <
 	    ki->kaio_maxactive_count)) {
diff --git a/sys/kern/vfs_cache.c b/sys/kern/vfs_cache.c
index f1bd821..ff2ad21 100644
--- a/sys/kern/vfs_cache.c
+++ b/sys/kern/vfs_cache.c
@@ -39,6 +39,7 @@ __FBSDID("$FreeBSD$");
 
 #include <sys/param.h>
 #include <sys/systm.h>
+#include <sys/counter.h>
 #include <sys/filedesc.h>
 #include <sys/fnv_hash.h>
 #include <sys/kernel.h>
@@ -272,37 +273,35 @@ SYSCTL_INT(_debug_sizeof, OID_AUTO, namecache, CTLFLAG_RD, SYSCTL_NULL_INT_PTR,
  */
 static SYSCTL_NODE(_vfs, OID_AUTO, cache, CTLFLAG_RW, 0,
     "Name cache statistics");
-#define STATNODE(mode, name, var, descr) \
-	SYSCTL_ULONG(_vfs_cache, OID_AUTO, name, mode, var, 0, descr);
-STATNODE(CTLFLAG_RD, numneg, &numneg, "Number of negative cache entries");
-STATNODE(CTLFLAG_RD, numcache, &numcache, "Number of cache entries");
-static u_long numcalls; STATNODE(CTLFLAG_RD, numcalls, &numcalls,
-    "Number of cache lookups");
-static u_long dothits; STATNODE(CTLFLAG_RD, dothits, &dothits,
-    "Number of '.' hits");
-static u_long dotdothits; STATNODE(CTLFLAG_RD, dotdothits, &dotdothits,
-    "Number of '..' hits");
-static u_long numchecks; STATNODE(CTLFLAG_RD, numchecks, &numchecks,
-    "Number of checks in lookup");
-static u_long nummiss; STATNODE(CTLFLAG_RD, nummiss, &nummiss,
-    "Number of cache misses");
-static u_long nummisszap; STATNODE(CTLFLAG_RD, nummisszap, &nummisszap,
-    "Number of cache misses we do not want to cache");
-static u_long numposzaps; STATNODE(CTLFLAG_RD, numposzaps, &numposzaps,
+#define STATNODE_ULONG(name, descr)	\
+	SYSCTL_ULONG(_vfs_cache, OID_AUTO, name, CTLFLAG_RD, &name, 0, descr);
+#define STATNODE_COUNTER(name, descr)	\
+	static counter_u64_t name;	\
+	SYSCTL_COUNTER_U64(_vfs_cache, OID_AUTO, name, CTLFLAG_RD, &name, descr);
+STATNODE_ULONG(numneg, "Number of negative cache entries");
+STATNODE_ULONG(numcache, "Number of cache entries");
+STATNODE_COUNTER(numcalls, "Number of cache lookups");
+STATNODE_COUNTER(dothits, "Number of '.' hits");
+STATNODE_COUNTER(dotdothits, "Number of '..' hits");
+STATNODE_COUNTER(numchecks, "Number of checks in lookup");
+STATNODE_COUNTER(nummiss, "Number of cache misses");
+STATNODE_COUNTER(nummisszap, "Number of cache misses we do not want to cache");
+STATNODE_COUNTER(numposzaps,
     "Number of cache hits (positive) we do not want to cache");
-static u_long numposhits; STATNODE(CTLFLAG_RD, numposhits, &numposhits,
-    "Number of cache hits (positive)");
-static u_long numnegzaps; STATNODE(CTLFLAG_RD, numnegzaps, &numnegzaps,
+STATNODE_COUNTER(numposhits, "Number of cache hits (positive)");
+STATNODE_COUNTER(numnegzaps,
     "Number of cache hits (negative) we do not want to cache");
-static u_long numneghits; STATNODE(CTLFLAG_RD, numneghits, &numneghits,
-    "Number of cache hits (negative)");
-static u_long numupgrades; STATNODE(CTLFLAG_RD, numupgrades, &numupgrades,
+STATNODE_COUNTER(numneghits, "Number of cache hits (negative)");
+/* These count for kern___getcwd(), too. */
+STATNODE_COUNTER(numfullpathcalls, "Number of fullpath search calls");
+STATNODE_COUNTER(numfullpathfail1, "Number of fullpath search errors (ENOTDIR)");
+STATNODE_COUNTER(numfullpathfail2,
+    "Number of fullpath search errors (VOP_VPTOCNP failures)");
+STATNODE_COUNTER(numfullpathfail4, "Number of fullpath search errors (ENOMEM)");
+STATNODE_COUNTER(numfullpathfound, "Number of successful fullpath calls");
+static long numupgrades; STATNODE_ULONG(numupgrades,
     "Number of updates of the cache after lookup (write lock + retry)");
 
-SYSCTL_OPAQUE(_vfs_cache, OID_AUTO, nchstats, CTLFLAG_RD | CTLFLAG_MPSAFE,
-    &nchstats, sizeof(nchstats), "LU",
-    "VFS cache effectiveness statistics");
-
 static void cache_zap(struct namecache *ncp);
 static int vn_vptocnp_locked(struct vnode **vp, struct ucred *cred, char *buf,
     u_int *buflen);
@@ -311,6 +310,38 @@ static int vn_fullpath1(struct thread *td, struct vnode *vp, struct vnode *rdir,
 
 static MALLOC_DEFINE(M_VFSCACHE, "vfscache", "VFS name cache entries");
 
+static uint32_t
+cache_get_hash(char *name, u_char len, struct vnode *dvp)
+{
+	uint32_t hash;
+
+	hash = fnv_32_buf(name, len, FNV1_32_INIT);
+	hash = fnv_32_buf(&dvp, sizeof(dvp), hash);
+	return (hash);
+}
+
+static int
+sysctl_nchstats(SYSCTL_HANDLER_ARGS)
+{
+	struct nchstats snap;
+
+	if (req->oldptr == NULL)
+		return (SYSCTL_OUT(req, 0, sizeof(snap)));
+
+	snap = nchstats;
+	snap.ncs_goodhits = counter_u64_fetch(numposhits);
+	snap.ncs_neghits = counter_u64_fetch(numneghits);
+	snap.ncs_badhits = counter_u64_fetch(numposzaps) +
+	    counter_u64_fetch(numnegzaps);
+	snap.ncs_miss = counter_u64_fetch(nummisszap) +
+	    counter_u64_fetch(nummiss);
+
+	return (SYSCTL_OUT(req, &snap, sizeof(snap)));
+}
+SYSCTL_PROC(_vfs_cache, OID_AUTO, nchstats, CTLTYPE_OPAQUE | CTLFLAG_RD |
+    CTLFLAG_MPSAFE, 0, 0, sysctl_nchstats, "LU",
+    "VFS cache effectiveness statistics");
+
 #ifdef DIAGNOSTIC
 /*
  * Grab an atomic snapshot of the name cache hash chain lengths
@@ -477,9 +508,8 @@ cache_lookup(struct vnode *dvp, struct vnode **vpp, struct componentname *cnp,
 		return (0);
 	}
 retry:
-	CACHE_RLOCK();
 	wlocked = 0;
-	numcalls++;
+	counter_u64_add(numcalls, 1);
 	error = 0;
 
 retry_wlocked:
@@ -488,16 +518,36 @@ retry_wlocked:
 			*vpp = dvp;
 			CTR2(KTR_VFS, "cache_lookup(%p, %s) found via .",
 			    dvp, cnp->cn_nameptr);
-			dothits++;
+			counter_u64_add(dothits, 1);
 			SDT_PROBE3(vfs, namecache, lookup, hit, dvp, ".", *vpp);
 			if (tsp != NULL)
 				timespecclear(tsp);
 			if (ticksp != NULL)
 				*ticksp = ticks;
-			goto success;
+			VREF(*vpp);
+			/*
+			 * When we lookup "." we still can be asked to lock it
+			 * differently...
+			 */
+			ltype = cnp->cn_lkflags & LK_TYPE_MASK;
+			if (ltype != VOP_ISLOCKED(*vpp)) {
+				if (ltype == LK_EXCLUSIVE) {
+					vn_lock(*vpp, LK_UPGRADE | LK_RETRY);
+					if ((*vpp)->v_iflag & VI_DOOMED) {
+						/* forced unmount */
+						vrele(*vpp);
+						*vpp = NULL;
+						return (ENOENT);
+					}
+				} else
+					vn_lock(*vpp, LK_DOWNGRADE | LK_RETRY);
+			}
+			return (-1);
 		}
+		if (!wlocked)
+			CACHE_RLOCK();
 		if (cnp->cn_namelen == 2 && cnp->cn_nameptr[1] == '.') {
-			dotdothits++;
+			counter_u64_add(dotdothits, 1);
 			if (dvp->v_cache_dd == NULL) {
 				SDT_PROBE3(vfs, namecache, lookup, miss, dvp,
 				    "..", NULL);
@@ -531,12 +581,12 @@ retry_wlocked:
 				    nc_dotdottime;
 			goto success;
 		}
-	}
+	} else if (!wlocked)
+		CACHE_RLOCK();
 
-	hash = fnv_32_buf(cnp->cn_nameptr, cnp->cn_namelen, FNV1_32_INIT);
-	hash = fnv_32_buf(&dvp, sizeof(dvp), hash);
+	hash = cache_get_hash(cnp->cn_nameptr, cnp->cn_namelen, dvp);
 	LIST_FOREACH(ncp, (NCHHASH(hash)), nc_hash) {
-		numchecks++;
+		counter_u64_add(numchecks, 1);
 		if (ncp->nc_dvp == dvp && ncp->nc_nlen == cnp->cn_namelen &&
 		    !bcmp(nc_get_name(ncp), cnp->cn_nameptr, ncp->nc_nlen))
 			break;
@@ -547,18 +597,16 @@ retry_wlocked:
 		SDT_PROBE3(vfs, namecache, lookup, miss, dvp, cnp->cn_nameptr,
 		    NULL);
 		if ((cnp->cn_flags & MAKEENTRY) == 0) {
-			nummisszap++;
+			counter_u64_add(nummisszap, 1);
 		} else {
-			nummiss++;
+			counter_u64_add(nummiss, 1);
 		}
-		nchstats.ncs_miss++;
 		goto unlock;
 	}
 
 	/* We don't want to have an entry, so dump it */
 	if ((cnp->cn_flags & MAKEENTRY) == 0) {
-		numposzaps++;
-		nchstats.ncs_badhits++;
+		counter_u64_add(numposzaps, 1);
 		if (!wlocked && !CACHE_UPGRADE_LOCK())
 			goto wlock;
 		cache_zap(ncp);
@@ -568,8 +616,7 @@ retry_wlocked:
 
 	/* We found a "positive" match, return the vnode */
 	if (ncp->nc_vp) {
-		numposhits++;
-		nchstats.ncs_goodhits++;
+		counter_u64_add(numposhits, 1);
 		*vpp = ncp->nc_vp;
 		CTR4(KTR_VFS, "cache_lookup(%p, %s) found %p via ncp %p",
 		    dvp, cnp->cn_nameptr, *vpp, ncp);
@@ -582,8 +629,7 @@ retry_wlocked:
 negative_success:
 	/* We found a negative match, and want to create it, so purge */
 	if (cnp->cn_nameiop == CREATE) {
-		numnegzaps++;
-		nchstats.ncs_badhits++;
+		counter_u64_add(numnegzaps, 1);
 		if (!wlocked && !CACHE_UPGRADE_LOCK())
 			goto wlock;
 		cache_zap(ncp);
@@ -593,7 +639,7 @@ negative_success:
 
 	if (!wlocked && !CACHE_UPGRADE_LOCK())
 		goto wlock;
-	numneghits++;
+	counter_u64_add(numneghits, 1);
 	/*
 	 * We found a "negative" match, so we shift it to the end of
 	 * the "negative" cache entries queue to satisfy LRU.  Also,
@@ -602,7 +648,6 @@ negative_success:
 	 */
 	TAILQ_REMOVE(&ncneg, ncp, nc_dst);
 	TAILQ_INSERT_TAIL(&ncneg, ncp, nc_dst);
-	nchstats.ncs_neghits++;
 	if (ncp->nc_flag & NCF_WHITE)
 		cnp->cn_flags |= ISWHITEOUT;
 	SDT_PROBE2(vfs, namecache, lookup, hit__negative, dvp,
@@ -627,31 +672,7 @@ success:
 	 * On success we return a locked and ref'd vnode as per the lookup
 	 * protocol.
 	 */
-	if (dvp == *vpp) {   /* lookup on "." */
-		VREF(*vpp);
-		if (wlocked)
-			CACHE_WUNLOCK();
-		else
-			CACHE_RUNLOCK();
-		/*
-		 * When we lookup "." we still can be asked to lock it
-		 * differently...
-		 */
-		ltype = cnp->cn_lkflags & LK_TYPE_MASK;
-		if (ltype != VOP_ISLOCKED(*vpp)) {
-			if (ltype == LK_EXCLUSIVE) {
-				vn_lock(*vpp, LK_UPGRADE | LK_RETRY);
-				if ((*vpp)->v_iflag & VI_DOOMED) {
-					/* forced unmount */
-					vrele(*vpp);
-					*vpp = NULL;
-					return (ENOENT);
-				}
-			} else
-				vn_lock(*vpp, LK_DOWNGRADE | LK_RETRY);
-		}
-		return (-1);
-	}
+	MPASS(dvp != *vpp);
 	ltype = 0;	/* silence gcc warning */
 	if (cnp->cn_flags & ISDOTDOT) {
 		ltype = VOP_ISLOCKED(dvp);
@@ -702,8 +723,6 @@ cache_enter_time(struct vnode *dvp, struct vnode *vp, struct componentname *cnp,
 	struct nchashhead *ncpp;
 	uint32_t hash;
 	int flag;
-	int hold;
-	int zap;
 	int len;
 
 	CTR3(KTR_VFS, "cache_enter(%p, %p, %s)", dvp, vp, cnp->cn_nameptr);
@@ -761,9 +780,6 @@ cache_enter_time(struct vnode *dvp, struct vnode *vp, struct componentname *cnp,
 		}
 	}
 
-	hold = 0;
-	zap = 0;
-
 	/*
 	 * Calculate the hash key and setup as much of the new
 	 * namecache entry as possible before acquiring the lock.
@@ -783,9 +799,8 @@ cache_enter_time(struct vnode *dvp, struct vnode *vp, struct componentname *cnp,
 		}
 	}
 	len = ncp->nc_nlen = cnp->cn_namelen;
-	hash = fnv_32_buf(cnp->cn_nameptr, len, FNV1_32_INIT);
+	hash = cache_get_hash(cnp->cn_nameptr, len, dvp);
 	strlcpy(nc_get_name(ncp), cnp->cn_nameptr, len + 1);
-	hash = fnv_32_buf(&dvp, sizeof(dvp), hash);
 	CACHE_WLOCK();
 
 	/*
@@ -835,24 +850,22 @@ cache_enter_time(struct vnode *dvp, struct vnode *vp, struct componentname *cnp,
 	}
 
 	numcache++;
-	if (vp == NULL) {
-		numneg++;
-		if (cnp->cn_flags & ISWHITEOUT)
-			ncp->nc_flag |= NCF_WHITE;
-	} else if (vp->v_type == VDIR) {
-		if (flag != NCF_ISDOTDOT) {
-			/*
-			 * For this case, the cache entry maps both the
-			 * directory name in it and the name ".." for the
-			 * directory's parent.
-			 */
-			if ((n2 = vp->v_cache_dd) != NULL &&
-			    (n2->nc_flag & NCF_ISDOTDOT) != 0)
-				cache_zap(n2);
-			vp->v_cache_dd = ncp;
+	if (vp != NULL) {
+		if (vp->v_type == VDIR) {
+			if (flag != NCF_ISDOTDOT) {
+				/*
+				 * For this case, the cache entry maps both the
+				 * directory name in it and the name ".." for the
+				 * directory's parent.
+				 */
+				if ((n2 = vp->v_cache_dd) != NULL &&
+				    (n2->nc_flag & NCF_ISDOTDOT) != 0)
+					cache_zap(n2);
+				vp->v_cache_dd = ncp;
+			}
+		} else {
+			vp->v_cache_dd = NULL;
 		}
-	} else {
-		vp->v_cache_dd = NULL;
 	}
 
 	/*
@@ -862,7 +875,7 @@ cache_enter_time(struct vnode *dvp, struct vnode *vp, struct componentname *cnp,
 	LIST_INSERT_HEAD(ncpp, ncp, nc_hash);
 	if (flag != NCF_ISDOTDOT) {
 		if (LIST_EMPTY(&dvp->v_cache_src)) {
-			hold = 1;
+			vhold(dvp);
 			numcachehv++;
 		}
 		LIST_INSERT_HEAD(&dvp->v_cache_src, ncp, nc_src);
@@ -878,7 +891,10 @@ cache_enter_time(struct vnode *dvp, struct vnode *vp, struct componentname *cnp,
 		SDT_PROBE3(vfs, namecache, enter, done, dvp, nc_get_name(ncp),
 		    vp);
 	} else {
+		if (cnp->cn_flags & ISWHITEOUT)
+			ncp->nc_flag |= NCF_WHITE;
 		TAILQ_INSERT_TAIL(&ncneg, ncp, nc_dst);
+		numneg++;
 		SDT_PROBE2(vfs, namecache, enter_negative, done, dvp,
 		    nc_get_name(ncp));
 	}
@@ -886,12 +902,8 @@ cache_enter_time(struct vnode *dvp, struct vnode *vp, struct componentname *cnp,
 		ncp = TAILQ_FIRST(&ncneg);
 		KASSERT(ncp->nc_vp == NULL, ("ncp %p vp %p on ncneg",
 		    ncp, ncp->nc_vp));
-		zap = 1;
-	}
-	if (hold)
-		vhold(dvp);
-	if (zap)
 		cache_zap(ncp);
+	}
 	CACHE_WUNLOCK();
 }
 
@@ -918,6 +930,22 @@ nchinit(void *dummy __unused)
 	    NULL, NULL, NULL, NULL, UMA_ALIGN_PTR, UMA_ZONE_ZINIT);
 
 	nchashtbl = hashinit(desiredvnodes * 2, M_VFSCACHE, &nchash);
+
+	numcalls = counter_u64_alloc(M_WAITOK);
+	dothits = counter_u64_alloc(M_WAITOK);
+	dotdothits = counter_u64_alloc(M_WAITOK);
+	numchecks = counter_u64_alloc(M_WAITOK);
+	nummiss = counter_u64_alloc(M_WAITOK);
+	nummisszap = counter_u64_alloc(M_WAITOK);
+	numposzaps = counter_u64_alloc(M_WAITOK);
+	numposhits = counter_u64_alloc(M_WAITOK);
+	numnegzaps = counter_u64_alloc(M_WAITOK);
+	numneghits = counter_u64_alloc(M_WAITOK);
+	numfullpathcalls = counter_u64_alloc(M_WAITOK);
+	numfullpathfail1 = counter_u64_alloc(M_WAITOK);
+	numfullpathfail2 = counter_u64_alloc(M_WAITOK);
+	numfullpathfail4 = counter_u64_alloc(M_WAITOK);
+	numfullpathfound = counter_u64_alloc(M_WAITOK);
 }
 SYSINIT(vfs, SI_SUB_VFS, SI_ORDER_SECOND, nchinit, NULL);
 
@@ -948,10 +976,8 @@ cache_changesize(int newmaxvnodes)
 	nchash = new_nchash;
 	for (i = 0; i <= old_nchash; i++) {
 		while ((ncp = LIST_FIRST(&old_nchashtbl[i])) != NULL) {
-			hash = fnv_32_buf(nc_get_name(ncp), ncp->nc_nlen,
-			    FNV1_32_INIT);
-			hash = fnv_32_buf(&ncp->nc_dvp, sizeof(ncp->nc_dvp),
-			    hash);
+			hash = cache_get_hash(nc_get_name(ncp), ncp->nc_nlen,
+			    ncp->nc_dvp);
 			LIST_REMOVE(ncp, nc_hash);
 			LIST_INSERT_HEAD(NCHHASH(hash), ncp, nc_hash);
 		}
@@ -1122,23 +1148,10 @@ kern___getcwd(struct thread *td, char *buf, enum uio_seg bufseg, u_int buflen,
  * Thus begins the fullpath magic.
  */
 
-#undef STATNODE
-#define STATNODE(name, descr)						\
-	static u_int name;						\
-	SYSCTL_UINT(_vfs_cache, OID_AUTO, name, CTLFLAG_RD, &name, 0, descr)
-
 static int disablefullpath;
 SYSCTL_INT(_debug, OID_AUTO, disablefullpath, CTLFLAG_RW, &disablefullpath, 0,
     "Disable the vn_fullpath function");
 
-/* These count for kern___getcwd(), too. */
-STATNODE(numfullpathcalls, "Number of fullpath search calls");
-STATNODE(numfullpathfail1, "Number of fullpath search errors (ENOTDIR)");
-STATNODE(numfullpathfail2,
-    "Number of fullpath search errors (VOP_VPTOCNP failures)");
-STATNODE(numfullpathfail4, "Number of fullpath search errors (ENOMEM)");
-STATNODE(numfullpathfound, "Number of successful fullpath calls");
-
 /*
  * Retrieve the full filesystem path that correspond to a vnode from the name
  * cache (if available)
@@ -1226,7 +1239,7 @@ vn_vptocnp_locked(struct vnode **vp, struct ucred *cred, char *buf,
 		if (*buflen < ncp->nc_nlen) {
 			CACHE_RUNLOCK();
 			vrele(*vp);
-			numfullpathfail4++;
+			counter_u64_add(numfullpathfail4, 1);
 			error = ENOMEM;
 			SDT_PROBE3(vfs, namecache, fullpath, return, error,
 			    vp, NULL);
@@ -1251,7 +1264,7 @@ vn_vptocnp_locked(struct vnode **vp, struct ucred *cred, char *buf,
 	error = VOP_VPTOCNP(*vp, &dvp, cred, buf, buflen);
 	vput(*vp);
 	if (error) {
-		numfullpathfail2++;
+		counter_u64_add(numfullpathfail2, 1);
 		SDT_PROBE3(vfs, namecache, fullpath, return,  error, vp, NULL);
 		return (error);
 	}
@@ -1292,7 +1305,7 @@ vn_fullpath1(struct thread *td, struct vnode *vp, struct vnode *rdir,
 	slash_prefixed = 0;
 
 	SDT_PROBE1(vfs, namecache, fullpath, entry, vp);
-	numfullpathcalls++;
+	counter_u64_add(numfullpathcalls, 1);
 	vref(vp);
 	CACHE_RLOCK();
 	if (vp->v_type != VDIR) {
@@ -1328,7 +1341,7 @@ vn_fullpath1(struct thread *td, struct vnode *vp, struct vnode *rdir,
 		if (vp->v_type != VDIR) {
 			CACHE_RUNLOCK();
 			vrele(vp);
-			numfullpathfail1++;
+			counter_u64_add(numfullpathfail1, 1);
 			error = ENOTDIR;
 			SDT_PROBE3(vfs, namecache, fullpath, return,
 			    error, vp, NULL);
@@ -1354,14 +1367,14 @@ vn_fullpath1(struct thread *td, struct vnode *vp, struct vnode *rdir,
 		if (buflen == 0) {
 			CACHE_RUNLOCK();
 			vrele(vp);
-			numfullpathfail4++;
+			counter_u64_add(numfullpathfail4, 1);
 			SDT_PROBE3(vfs, namecache, fullpath, return, ENOMEM,
 			    startvp, NULL);
 			return (ENOMEM);
 		}
 		buf[--buflen] = '/';
 	}
-	numfullpathfound++;
+	counter_u64_add(numfullpathfound, 1);
 	CACHE_RUNLOCK();
 	vrele(vp);
 
diff --git a/sys/kern/vfs_export.c b/sys/kern/vfs_export.c
index 7524aab..9be0ece 100644
--- a/sys/kern/vfs_export.c
+++ b/sys/kern/vfs_export.c
@@ -199,7 +199,7 @@ vfs_hang_addrlist(struct mount *mp, struct netexport *nep,
 		goto out;
 	}
 	RADIX_NODE_HEAD_LOCK(rnh);
-	rn = (*rnh->rnh_addaddr)(saddr, smask, rnh, np->netc_rnodes);
+	rn = (*rnh->rnh_addaddr)(saddr, smask, &rnh->rh, np->netc_rnodes);
 	RADIX_NODE_HEAD_UNLOCK(rnh);
 	if (rn == NULL || np != (struct netcred *)rn) {	/* already exists */
 		error = EPERM;
@@ -231,7 +231,7 @@ vfs_free_netcred(struct radix_node *rn, void *w)
 	struct radix_node_head *rnh = (struct radix_node_head *) w;
 	struct ucred *cred;
 
-	(*rnh->rnh_deladdr) (rn->rn_key, rn->rn_mask, rnh);
+	(*rnh->rnh_deladdr) (rn->rn_key, rn->rn_mask, &rnh->rh);
 	cred = ((struct netcred *)rn)->netc_anon;
 	if (cred != NULL)
 		crfree(cred);
@@ -256,7 +256,7 @@ vfs_free_addrlist_af(struct radix_node_head **prnh)
 
 	rnh = *prnh;
 	RADIX_NODE_HEAD_LOCK(rnh);
-	(*rnh->rnh_walktree) (rnh, vfs_free_netcred, rnh);
+	(*rnh->rnh_walktree)(&rnh->rh, vfs_free_netcred, &rnh->rh);
 	RADIX_NODE_HEAD_UNLOCK(rnh);
 	RADIX_NODE_HEAD_DESTROY(rnh);
 	free(rnh, M_RTABLE);
@@ -470,7 +470,7 @@ vfs_export_lookup(struct mount *mp, struct sockaddr *nam)
 			if (rnh != NULL) {
 				RADIX_NODE_HEAD_RLOCK(rnh);
 				np = (struct netcred *)
-				    (*rnh->rnh_matchaddr)(saddr, rnh);
+				    (*rnh->rnh_matchaddr)(saddr, &rnh->rh);
 				RADIX_NODE_HEAD_RUNLOCK(rnh);
 				if (np && np->netc_rnodes->rn_flags & RNF_ROOT)
 					np = NULL;
diff --git a/sys/kern/vfs_vnops.c b/sys/kern/vfs_vnops.c
index 5f8bddc..4320b14 100644
--- a/sys/kern/vfs_vnops.c
+++ b/sys/kern/vfs_vnops.c
@@ -743,12 +743,13 @@ get_advice(struct file *fp, struct uio *uio)
 	int ret;
 
 	ret = POSIX_FADV_NORMAL;
-	if (fp->f_advice == NULL)
+	if (fp->f_advice == NULL || fp->f_vnode->v_type != VREG)
 		return (ret);
 
 	mtxp = mtx_pool_find(mtxpool_sleep, fp);
 	mtx_lock(mtxp);
-	if (uio->uio_offset >= fp->f_advice->fa_start &&
+	if (fp->f_advice != NULL &&
+	    uio->uio_offset >= fp->f_advice->fa_start &&
 	    uio->uio_offset + uio->uio_resid <= fp->f_advice->fa_end)
 		ret = fp->f_advice->fa_advice;
 	mtx_unlock(mtxp);
diff --git a/sys/mips/include/asm.h b/sys/mips/include/asm.h
index 1a48adf..9e7e771 100644
--- a/sys/mips/include/asm.h
+++ b/sys/mips/include/asm.h
@@ -666,20 +666,21 @@ _C_LABEL(x):
 /* Only valid with the _JB_MAGIC_SETJMP magic */
 
 #define _JB_SIGMASK		13
-
-#define _JB_FPREG_F20		14
-#define _JB_FPREG_F21		15
-#define _JB_FPREG_F22		16
-#define _JB_FPREG_F23		17
-#define _JB_FPREG_F24		18
-#define _JB_FPREG_F25		19
-#define _JB_FPREG_F26		20
-#define _JB_FPREG_F27		21
-#define _JB_FPREG_F28		22
-#define _JB_FPREG_F29		23
-#define _JB_FPREG_F30		24
-#define _JB_FPREG_F31		25
-#define _JB_FPREG_FCSR		26
+#define	__JB_SIGMASK_REMAINDER	14	/* sigmask_t is 128-bits */
+
+#define _JB_FPREG_F20		15
+#define _JB_FPREG_F21		16
+#define _JB_FPREG_F22		17
+#define _JB_FPREG_F23		18
+#define _JB_FPREG_F24		19
+#define _JB_FPREG_F25		20
+#define _JB_FPREG_F26		21
+#define _JB_FPREG_F27		22
+#define _JB_FPREG_F28		23
+#define _JB_FPREG_F29		24
+#define _JB_FPREG_F30		25
+#define _JB_FPREG_F31		26
+#define _JB_FPREG_FCSR		27
 
 /*
  * Various macros for dealing with TLB hazards
diff --git a/sys/mips/nlm/xlp_machdep.c b/sys/mips/nlm/xlp_machdep.c
index 624e57f..dde6a74 100644
--- a/sys/mips/nlm/xlp_machdep.c
+++ b/sys/mips/nlm/xlp_machdep.c
@@ -311,8 +311,6 @@ xlp_bootargs_init(__register_t arg)
 		while (1);
 	if (OF_init((void *)dtbp) != 0)
 		while (1);
-	if (fdt_immr_addr(xlp_io_base) != 0)
-		while (1);
 	OF_interpret("perform-fixup", 0);
 
 	chosen = OF_finddevice("/chosen");
diff --git a/sys/modules/ext2fs/Makefile b/sys/modules/ext2fs/Makefile
index 48697da..fc10ab0 100644
--- a/sys/modules/ext2fs/Makefile
+++ b/sys/modules/ext2fs/Makefile
@@ -3,8 +3,8 @@
 .PATH:	${.CURDIR}/../../fs/ext2fs
 KMOD=	ext2fs
 SRCS=	opt_ddb.h opt_directio.h opt_quota.h opt_suiddir.h vnode_if.h \
-	ext2_alloc.c ext2_balloc.c ext2_bmap.c ext2_extents.c \
-	ext2_inode.c ext2_inode_cnv.c ext2_lookup.c ext2_subr.c \
+	ext2_alloc.c ext2_balloc.c ext2_bmap.c ext2_extents.c ext2_hash.c \
+	ext2_htree.c ext2_inode.c ext2_inode_cnv.c ext2_lookup.c ext2_subr.c \
 	ext2_vfsops.c ext2_vnops.c
 
 .include <bsd.kmod.mk>
diff --git a/sys/modules/i2c/iicbb/Makefile b/sys/modules/i2c/iicbb/Makefile
index d192e68..b226310 100644
--- a/sys/modules/i2c/iicbb/Makefile
+++ b/sys/modules/i2c/iicbb/Makefile
@@ -2,7 +2,7 @@
 
 .PATH:		${.CURDIR}/../../../dev/iicbus
 .if ${MACHINE_CPUARCH} == "aarch64" || ${MACHINE_CPUARCH} == "arm" || \
-    ${MACHINE_CPUARCH} == "powerpc"
+    ${MACHINE_CPUARCH} == "mips" || ${MACHINE_CPUARCH} == "powerpc"
 ofw_bus_if=	ofw_bus_if.h
 .endif
 KMOD		= iicbb
diff --git a/sys/net/if_lagg.c b/sys/net/if_lagg.c
index 730a044..e1e1837 100644
--- a/sys/net/if_lagg.c
+++ b/sys/net/if_lagg.c
@@ -3,7 +3,7 @@
 /*
  * Copyright (c) 2005, 2006 Reyk Floeter <reyk@openbsd.org>
  * Copyright (c) 2007 Andrew Thompson <thompsa@FreeBSD.org>
- * Copyright (c) 2014 Marcelo Araujo <araujo@FreeBSD.org>
+ * Copyright (c) 2014, 2016 Marcelo Araujo <araujo@FreeBSD.org>
  *
  * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
@@ -1291,10 +1291,17 @@ lagg_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data)
 			SLIST_FOREACH(lp, &sc->sc_ports, lp_entries)
 				ro->ro_active += LAGG_PORTACTIVE(lp);
 		}
+		ro->ro_bkt = sc->sc_bkt;
 		ro->ro_flapping = sc->sc_flapping;
 		ro->ro_flowid_shift = sc->flowid_shift;
 		break;
 	case SIOCSLAGGOPTS:
+		if (sc->sc_proto == LAGG_PROTO_ROUNDROBIN) {
+			if (ro->ro_bkt == 0)
+				sc->sc_bkt = 1; // Minimum 1 packet per iface.
+			else
+				sc->sc_bkt = ro->ro_bkt;
+		}
 		error = priv_check(td, PRIV_NET_LAGG);
 		if (error)
 			break;
@@ -1329,6 +1336,7 @@ lagg_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data)
 		}
 
 		LAGG_WLOCK(sc);
+
 		if (valid == 0 ||
 		    (lacp == 1 && sc->sc_proto != LAGG_PROTO_LACP)) {
 			/* Invalid combination of options specified. */
@@ -1879,6 +1887,7 @@ lagg_rr_attach(struct lagg_softc *sc)
 {
 	sc->sc_capabilities = IFCAP_LAGG_FULLDUPLEX;
 	sc->sc_seq = 0;
+	sc->sc_bkt_count = sc->sc_bkt;
 }
 
 static int
@@ -1887,9 +1896,21 @@ lagg_rr_start(struct lagg_softc *sc, struct mbuf *m)
 	struct lagg_port *lp;
 	uint32_t p;
 
-	p = atomic_fetchadd_32(&sc->sc_seq, 1);
+	if (sc->sc_bkt_count == 0 && sc->sc_bkt > 0)
+		sc->sc_bkt_count = sc->sc_bkt;
+
+	if (sc->sc_bkt > 0) {
+		atomic_subtract_int(&sc->sc_bkt_count, 1);
+	if (atomic_cmpset_int(&sc->sc_bkt_count, 0, sc->sc_bkt))
+		p = atomic_fetchadd_32(&sc->sc_seq, 1);
+	else
+		p = sc->sc_seq; 
+	} else
+		p = atomic_fetchadd_32(&sc->sc_seq, 1);
+
 	p %= sc->sc_count;
 	lp = SLIST_FIRST(&sc->sc_ports);
+
 	while (p--)
 		lp = SLIST_NEXT(lp, lp_entries);
 
diff --git a/sys/net/if_lagg.h b/sys/net/if_lagg.h
index 195ac3a..334995e 100644
--- a/sys/net/if_lagg.h
+++ b/sys/net/if_lagg.h
@@ -153,6 +153,7 @@ struct lagg_reqopts {
 	u_int			ro_active;		/* active port count */
 	u_int			ro_flapping;		/* number of flapping */
 	int			ro_flowid_shift;	/* shift the flowid */
+	uint32_t		ro_bkt;			/* packet bucket for roundrobin */
 };
 
 #define	SIOCGLAGGOPTS		_IOWR('i', 152, struct lagg_reqopts)
@@ -243,6 +244,8 @@ struct lagg_softc {
 	struct callout			sc_callout;
 	u_int				sc_opts;
 	int				flowid_shift;	/* shift the flowid */
+	uint32_t			sc_bkt;		/* packates bucket for roundrobin */
+	uint32_t			sc_bkt_count;	/* packates bucket count for roundrobin */
 	struct lagg_counters		detached_counters; /* detached ports sum */
 };
 
diff --git a/sys/net/radix.c b/sys/net/radix.c
index d6db35e..2b4b954 100644
--- a/sys/net/radix.c
+++ b/sys/net/radix.c
@@ -56,18 +56,15 @@
 #include <net/radix.h>
 #endif /* !_KERNEL */
 
-static int	rn_walktree_from(struct radix_node_head *h, void *a, void *m,
-		    walktree_f_t *f, void *w);
-static int rn_walktree(struct radix_node_head *, walktree_f_t *, void *);
 static struct radix_node
-	 *rn_insert(void *, struct radix_node_head *, int *,
+	 *rn_insert(void *, struct radix_head *, int *,
 	     struct radix_node [2]),
 	 *rn_newpair(void *, int, struct radix_node[2]),
 	 *rn_search(void *, struct radix_node *),
 	 *rn_search_m(void *, struct radix_node *, void *);
+static struct radix_node *rn_addmask(void *, struct radix_mask_head *, int,int);
 
-static void rn_detachhead_internal(void **head);
-static int rn_inithead_internal(void **head, int off);
+static void rn_detachhead_internal(struct radix_head *);
 
 #define	RADIX_MAX_KEY_LEN	32
 
@@ -215,7 +212,7 @@ rn_refines(void *m_arg, void *n_arg)
  * from host routes.
  */
 struct radix_node *
-rn_lookup(void *v_arg, void *m_arg, struct radix_node_head *head)
+rn_lookup(void *v_arg, void *m_arg, struct radix_head *head)
 {
 	struct radix_node *x;
 	caddr_t netmask;
@@ -277,7 +274,7 @@ rn_satisfies_leaf(char *trial, struct radix_node *leaf, int skip)
  * Search for longest-prefix match in given @head
  */
 struct radix_node *
-rn_match(void *v_arg, struct radix_node_head *head)
+rn_match(void *v_arg, struct radix_head *head)
 {
 	caddr_t v = v_arg;
 	struct radix_node *t = head->rnh_treetop, *x;
@@ -426,7 +423,7 @@ rn_newpair(void *v, int b, struct radix_node nodes[2])
 }
 
 static struct radix_node *
-rn_insert(void *v_arg, struct radix_node_head *head, int *dupentry,
+rn_insert(void *v_arg, struct radix_head *head, int *dupentry,
     struct radix_node nodes[2])
 {
 	caddr_t v = v_arg;
@@ -490,7 +487,7 @@ on1:
 }
 
 struct radix_node *
-rn_addmask(void *n_arg, struct radix_node_head *maskhead, int search, int skip)
+rn_addmask(void *n_arg, struct radix_mask_head *maskhead, int search, int skip)
 {
 	unsigned char *netmask = n_arg;
 	unsigned char *cp, *cplim;
@@ -505,7 +502,7 @@ rn_addmask(void *n_arg, struct radix_node_head *maskhead, int search, int skip)
 	if (skip == 0)
 		skip = 1;
 	if (mlen <= skip)
-		return (maskhead->rnh_nodes);
+		return (maskhead->mask_nodes);
 
 	bzero(addmask_key, RADIX_MAX_KEY_LEN);
 	if (skip > 1)
@@ -518,9 +515,9 @@ rn_addmask(void *n_arg, struct radix_node_head *maskhead, int search, int skip)
 		cp--;
 	mlen = cp - addmask_key;
 	if (mlen <= skip)
-		return (maskhead->rnh_nodes);
+		return (maskhead->mask_nodes);
 	*addmask_key = mlen;
-	x = rn_search(addmask_key, maskhead->rnh_treetop);
+	x = rn_search(addmask_key, maskhead->head.rnh_treetop);
 	if (bcmp(addmask_key, x->rn_key, mlen) != 0)
 		x = 0;
 	if (x || search)
@@ -530,7 +527,7 @@ rn_addmask(void *n_arg, struct radix_node_head *maskhead, int search, int skip)
 		return (0);
 	netmask = cp = (unsigned char *)(x + 2);
 	bcopy(addmask_key, cp, mlen);
-	x = rn_insert(cp, maskhead, &maskduplicated, x);
+	x = rn_insert(cp, &maskhead->head, &maskduplicated, x);
 	if (maskduplicated) {
 		log(LOG_ERR, "rn_addmask: mask impossibly already in tree");
 		R_Free(saved_x);
@@ -598,7 +595,7 @@ rn_new_radix_mask(struct radix_node *tt, struct radix_mask *next)
 }
 
 struct radix_node *
-rn_addroute(void *v_arg, void *n_arg, struct radix_node_head *head,
+rn_addroute(void *v_arg, void *n_arg, struct radix_head *head,
     struct radix_node treenodes[2])
 {
 	caddr_t v = (caddr_t)v_arg, netmask = (caddr_t)n_arg;
@@ -772,7 +769,7 @@ on2:
 }
 
 struct radix_node *
-rn_delete(void *v_arg, void *netmask_arg, struct radix_node_head *head)
+rn_delete(void *v_arg, void *netmask_arg, struct radix_head *head)
 {
 	struct radix_node *t, *p, *x, *tt;
 	struct radix_mask *m, *saved_m, **mp;
@@ -959,8 +956,8 @@ out:
  * This is the same as rn_walktree() except for the parameters and the
  * exit.
  */
-static int
-rn_walktree_from(struct radix_node_head *h, void *a, void *m,
+int
+rn_walktree_from(struct radix_head *h, void *a, void *m,
     walktree_f_t *f, void *w)
 {
 	int error;
@@ -1065,8 +1062,8 @@ rn_walktree_from(struct radix_node_head *h, void *a, void *m,
 	return (0);
 }
 
-static int
-rn_walktree(struct radix_node_head *h, walktree_f_t *f, void *w)
+int
+rn_walktree(struct radix_head *h, walktree_f_t *f, void *w)
 {
 	int error;
 	struct radix_node *base, *next;
@@ -1105,75 +1102,76 @@ rn_walktree(struct radix_node_head *h, walktree_f_t *f, void *w)
 }
 
 /*
- * Allocate and initialize an empty tree. This has 3 nodes, which are
- * part of the radix_node_head (in the order <left,root,right>) and are
+ * Initialize an empty tree. This has 3 nodes, which are passed
+ * via base_nodes (in the order <left,root,right>) and are
  * marked RNF_ROOT so they cannot be freed.
  * The leaves have all-zero and all-one keys, with significant
  * bits starting at 'off'.
- * Return 1 on success, 0 on error.
  */
-static int
-rn_inithead_internal(void **head, int off)
+void
+rn_inithead_internal(struct radix_head *rh, struct radix_node *base_nodes, int off)
 {
-	struct radix_node_head *rnh;
 	struct radix_node *t, *tt, *ttt;
-	if (*head)
-		return (1);
-	R_Zalloc(rnh, struct radix_node_head *, sizeof (*rnh));
-	if (rnh == 0)
-		return (0);
-	*head = rnh;
-	t = rn_newpair(rn_zeros, off, rnh->rnh_nodes);
-	ttt = rnh->rnh_nodes + 2;
+
+	t = rn_newpair(rn_zeros, off, base_nodes);
+	ttt = base_nodes + 2;
 	t->rn_right = ttt;
 	t->rn_parent = t;
-	tt = t->rn_left;	/* ... which in turn is rnh->rnh_nodes */
+	tt = t->rn_left;	/* ... which in turn is base_nodes */
 	tt->rn_flags = t->rn_flags = RNF_ROOT | RNF_ACTIVE;
 	tt->rn_bit = -1 - off;
 	*ttt = *tt;
 	ttt->rn_key = rn_ones;
-	rnh->rnh_addaddr = rn_addroute;
-	rnh->rnh_deladdr = rn_delete;
-	rnh->rnh_matchaddr = rn_match;
-	rnh->rnh_lookup = rn_lookup;
-	rnh->rnh_walktree = rn_walktree;
-	rnh->rnh_walktree_from = rn_walktree_from;
-	rnh->rnh_treetop = t;
-	return (1);
+
+	rh->rnh_treetop = t;
 }
 
 static void
-rn_detachhead_internal(void **head)
+rn_detachhead_internal(struct radix_head *head)
 {
-	struct radix_node_head *rnh;
 
-	KASSERT((head != NULL && *head != NULL),
+	KASSERT((head != NULL),
 	    ("%s: head already freed", __func__));
-	rnh = *head;
 	
 	/* Free <left,root,right> nodes. */
-	R_Free(rnh);
-
-	*head = NULL;
+	R_Free(head);
 }
 
+/* Functions used by 'struct radix_node_head' users */
+
 int
 rn_inithead(void **head, int off)
 {
 	struct radix_node_head *rnh;
+	struct radix_mask_head *rmh;
+
+	rnh = *head;
+	rmh = NULL;
 
 	if (*head != NULL)
 		return (1);
 
-	if (rn_inithead_internal(head, off) == 0)
+	R_Zalloc(rnh, struct radix_node_head *, sizeof (*rnh));
+	R_Zalloc(rmh, struct radix_mask_head *, sizeof (*rmh));
+	if (rnh == NULL || rmh == NULL) {
+		if (rnh != NULL)
+			R_Free(rnh);
 		return (0);
+	}
 
-	rnh = (struct radix_node_head *)(*head);
+	/* Init trees */
+	rn_inithead_internal(&rnh->rh, rnh->rnh_nodes, off);
+	rn_inithead_internal(&rmh->head, rmh->mask_nodes, 0);
+	*head = rnh;
+	rnh->rh.rnh_masks = rmh;
 
-	if (rn_inithead_internal((void **)&rnh->rnh_masks, 0) == 0) {
-		rn_detachhead_internal(head);
-		return (0);
-	}
+	/* Finally, set base callbacks */
+	rnh->rnh_addaddr = rn_addroute;
+	rnh->rnh_deladdr = rn_delete;
+	rnh->rnh_matchaddr = rn_match;
+	rnh->rnh_lookup = rn_lookup;
+	rnh->rnh_walktree = rn_walktree;
+	rnh->rnh_walktree_from = rn_walktree_from;
 
 	return (1);
 }
@@ -1181,7 +1179,7 @@ rn_inithead(void **head, int off)
 static int
 rn_freeentry(struct radix_node *rn, void *arg)
 {
-	struct radix_node_head * const rnh = arg;
+	struct radix_head * const rnh = arg;
 	struct radix_node *x;
 
 	x = (struct radix_node *)rn_delete(rn + 2, NULL, rnh);
@@ -1198,11 +1196,14 @@ rn_detachhead(void **head)
 	KASSERT((head != NULL && *head != NULL),
 	    ("%s: head already freed", __func__));
 
-	rnh = *head;
+	rnh = (struct radix_node_head *)(*head);
+
+	rn_walktree(&rnh->rh.rnh_masks->head, rn_freeentry, rnh->rh.rnh_masks);
+	rn_detachhead_internal(&rnh->rh.rnh_masks->head);
+	rn_detachhead_internal(&rnh->rh);
+
+	*head = NULL;
 
-	rn_walktree(rnh->rnh_masks, rn_freeentry, rnh->rnh_masks);
-	rn_detachhead_internal((void **)&rnh->rnh_masks);
-	rn_detachhead_internal(head);
 	return (1);
 }
 
diff --git a/sys/net/radix.h b/sys/net/radix.h
index d4bb58a..69aad83 100644
--- a/sys/net/radix.h
+++ b/sys/net/radix.h
@@ -101,35 +101,53 @@ struct radix_mask {
 #define	rm_mask rm_rmu.rmu_mask
 #define	rm_leaf rm_rmu.rmu_leaf		/* extra field would make 32 bytes */
 
+struct radix_head;
+
 typedef int walktree_f_t(struct radix_node *, void *);
+typedef struct radix_node *rn_matchaddr_f_t(void *v,
+    struct radix_head *head);
+typedef struct radix_node *rn_addaddr_f_t(void *v, void *mask,
+    struct radix_head *head, struct radix_node nodes[]);
+typedef struct radix_node *rn_deladdr_f_t(void *v, void *mask,
+    struct radix_head *head);
+typedef struct radix_node *rn_lookup_f_t(void *v, void *mask,
+    struct radix_head *head);
+typedef int rn_walktree_t(struct radix_head *head, walktree_f_t *f,
+    void *w);
+typedef int rn_walktree_from_t(struct radix_head *head,
+    void *a, void *m, walktree_f_t *f, void *w);
+typedef void rn_close_t(struct radix_node *rn, struct radix_head *head);
+
+struct radix_mask_head;
+
+struct radix_head {
+	struct	radix_node *rnh_treetop;
+	struct	radix_mask_head *rnh_masks;	/* Storage for our masks */
+};
 
 struct radix_node_head {
-	struct	radix_node *rnh_treetop;
-	u_int	rnh_gen;		/* generation counter */
-	int	rnh_multipath;		/* multipath capable ? */
-	struct	radix_node *(*rnh_addaddr)	/* add based on sockaddr */
-		(void *v, void *mask,
-		     struct radix_node_head *head, struct radix_node nodes[]);
-	struct	radix_node *(*rnh_deladdr)	/* remove based on sockaddr */
-		(void *v, void *mask, struct radix_node_head *head);
-	struct	radix_node *(*rnh_matchaddr)	/* longest match for sockaddr */
-		(void *v, struct radix_node_head *head);
-	struct	radix_node *(*rnh_lookup)	/*exact match for sockaddr*/
-		(void *v, void *mask, struct radix_node_head *head);
-	int	(*rnh_walktree)			/* traverse tree */
-		(struct radix_node_head *head, walktree_f_t *f, void *w);
-	int	(*rnh_walktree_from)		/* traverse tree below a */
-		(struct radix_node_head *head, void *a, void *m,
-		     walktree_f_t *f, void *w);
-	void	(*rnh_close)	/* do something when the last ref drops */
-		(struct radix_node *rn, struct radix_node_head *head);
+	struct radix_head rh;
+	rn_matchaddr_f_t	*rnh_matchaddr;	/* longest match for sockaddr */
+	rn_addaddr_f_t	*rnh_addaddr;	/* add based on sockaddr*/
+	rn_deladdr_f_t	*rnh_deladdr;	/* remove based on sockaddr */
+	rn_lookup_f_t	*rnh_lookup;	/* exact match for sockaddr */
+	rn_walktree_t	*rnh_walktree;	/* traverse tree */
+	rn_walktree_from_t	*rnh_walktree_from; /* traverse tree below a */
+	rn_close_t	*rnh_close;	/*do something when the last ref drops*/
 	struct	radix_node rnh_nodes[3];	/* empty tree for common case */
-	struct	radix_node_head *rnh_masks;	/* Storage for our masks */
 #ifdef _KERNEL
 	struct	rwlock rnh_lock;		/* locks entire radix tree */
 #endif
 };
 
+struct radix_mask_head {
+	struct radix_head head;
+	struct radix_node mask_nodes[3];
+};
+
+void rn_inithead_internal(struct radix_head *rh, struct radix_node *base_nodes,
+    int off);
+
 #ifndef _KERNEL
 #define R_Malloc(p, t, n) (p = (t) malloc((unsigned int)(n)))
 #define R_Zalloc(p, t, n) (p = (t) calloc(1,(unsigned int)(n)))
@@ -156,13 +174,14 @@ struct radix_node_head {
 int	 rn_inithead(void **, int);
 int	 rn_detachhead(void **);
 int	 rn_refines(void *, void *);
-struct radix_node
-	 *rn_addmask(void *, struct radix_node_head *, int, int),
-	 *rn_addroute (void *, void *, struct radix_node_head *,
-			struct radix_node [2]),
-	 *rn_delete(void *, void *, struct radix_node_head *),
-	 *rn_lookup (void *v_arg, void *m_arg,
-		        struct radix_node_head *head),
-	 *rn_match(void *, struct radix_node_head *);
+struct radix_node *rn_addroute(void *, void *, struct radix_head *,
+    struct radix_node[2]);
+struct radix_node *rn_delete(void *, void *, struct radix_head *);
+struct radix_node *rn_lookup (void *v_arg, void *m_arg,
+    struct radix_head *head);
+struct radix_node *rn_match(void *, struct radix_head *);
+int rn_walktree_from(struct radix_head *h, void *a, void *m,
+    walktree_f_t *f, void *w);
+int rn_walktree(struct radix_head *, walktree_f_t *, void *);
 
 #endif /* _RADIX_H_ */
diff --git a/sys/net/radix_mpath.c b/sys/net/radix_mpath.c
index 5f40745..c02f0ff 100644
--- a/sys/net/radix_mpath.c
+++ b/sys/net/radix_mpath.c
@@ -48,6 +48,7 @@ __FBSDID("$FreeBSD$");
 #include <net/radix.h>
 #include <net/radix_mpath.h>
 #include <net/route.h>
+#include <net/route_var.h>
 #include <net/if.h>
 #include <net/if_var.h>
 
@@ -57,12 +58,19 @@ __FBSDID("$FreeBSD$");
 static uint32_t hashjitter;
 
 int
-rn_mpath_capable(struct radix_node_head *rnh)
+rt_mpath_capable(struct rib_head *rnh)
 {
 
 	return rnh->rnh_multipath;
 }
 
+int
+rn_mpath_capable(struct radix_head *rh)
+{
+
+	return (rt_mpath_capable((struct rib_head *)rh));
+}
+
 struct radix_node *
 rn_mpath_next(struct radix_node *rn)
 {
@@ -159,14 +167,14 @@ rt_mpath_deldup(struct rtentry *headrt, struct rtentry *rt)
  * Assume @rt rt_key host bits are cleared according to @netmask
  */
 int
-rt_mpath_conflict(struct radix_node_head *rnh, struct rtentry *rt,
+rt_mpath_conflict(struct rib_head *rnh, struct rtentry *rt,
     struct sockaddr *netmask)
 {
 	struct radix_node *rn, *rn1;
 	struct rtentry *rt1;
 
 	rn = (struct radix_node *)rt;
-	rn1 = rnh->rnh_lookup(rt_key(rt), netmask, rnh);
+	rn1 = rnh->rnh_lookup(rt_key(rt), netmask, &rnh->head);
 	if (!rn1 || rn1->rn_flags & RNF_ROOT)
 		return (0);
 
@@ -284,11 +292,11 @@ extern int	in_inithead(void **head, int off);
 int
 rn4_mpath_inithead(void **head, int off)
 {
-	struct radix_node_head *rnh;
+	struct rib_head *rnh;
 
 	hashjitter = arc4random();
 	if (in_inithead(head, off) == 1) {
-		rnh = (struct radix_node_head *)*head;
+		rnh = (struct rib_head *)*head;
 		rnh->rnh_multipath = 1;
 		return 1;
 	} else
@@ -300,11 +308,11 @@ rn4_mpath_inithead(void **head, int off)
 int
 rn6_mpath_inithead(void **head, int off)
 {
-	struct radix_node_head *rnh;
+	struct rib_head *rnh;
 
 	hashjitter = arc4random();
 	if (in6_inithead(head, off) == 1) {
-		rnh = (struct radix_node_head *)*head;
+		rnh = (struct rib_head *)*head;
 		rnh->rnh_multipath = 1;
 		return 1;
 	} else
diff --git a/sys/net/radix_mpath.h b/sys/net/radix_mpath.h
index fc6f777..2b0d442 100644
--- a/sys/net/radix_mpath.h
+++ b/sys/net/radix_mpath.h
@@ -44,17 +44,16 @@
 struct route;
 struct rtentry;
 struct sockaddr;
-int	rn_mpath_capable(struct radix_node_head *);
+struct rib_head;
+int	rt_mpath_capable(struct rib_head *);
+int	rn_mpath_capable(struct radix_head *);
 struct radix_node *rn_mpath_next(struct radix_node *);
 u_int32_t rn_mpath_count(struct radix_node *);
 struct rtentry *rt_mpath_matchgate(struct rtentry *, struct sockaddr *);
-int rt_mpath_conflict(struct radix_node_head *, struct rtentry *,
+int rt_mpath_conflict(struct rib_head *, struct rtentry *,
     struct sockaddr *);
 void rtalloc_mpath_fib(struct route *, u_int32_t, u_int);
-#define rtalloc_mpath(_route, _hash) rtalloc_mpath_fib((_route), (_hash), 0)
 struct rtentry *rt_mpath_select(struct rtentry *, uint32_t);
-struct radix_node *rn_mpath_lookup(void *, void *,
-    struct radix_node_head *);
 int rt_mpath_deldup(struct rtentry *, struct rtentry *);
 int	rn4_mpath_inithead(void **, int);
 int	rn6_mpath_inithead(void **, int);
diff --git a/sys/net/route.c b/sys/net/route.c
index 001a15f..8ad0e24 100644
--- a/sys/net/route.c
+++ b/sys/net/route.c
@@ -57,6 +57,7 @@
 #include <net/if_var.h>
 #include <net/if_dl.h>
 #include <net/route.h>
+#include <net/route_var.h>
 #include <net/vnet.h>
 #include <net/flowtable.h>
 
@@ -114,7 +115,7 @@ SYSCTL_UINT(_net, OID_AUTO, add_addr_allfibs, CTLFLAG_RWTUN | CTLFLAG_VNET,
 VNET_DEFINE(struct rtstat, rtstat);
 #define	V_rtstat	VNET(rtstat)
 
-VNET_DEFINE(struct radix_node_head *, rt_tables);
+VNET_DEFINE(struct rib_head *, rt_tables);
 #define	V_rt_tables	VNET(rt_tables)
 
 VNET_DEFINE(int, rttrash);		/* routes not in table but not freed */
@@ -136,15 +137,15 @@ VNET_DEFINE(int, rttrash);		/* routes not in table but not freed */
 static VNET_DEFINE(uma_zone_t, rtzone);		/* Routing table UMA zone. */
 #define	V_rtzone	VNET(rtzone)
 
-static int rtrequest1_fib_change(struct radix_node_head *, struct rt_addrinfo *,
+static int rtrequest1_fib_change(struct rib_head *, struct rt_addrinfo *,
     struct rtentry **, u_int);
 static void rt_setmetrics(const struct rt_addrinfo *, struct rtentry *);
 static int rt_ifdelroute(const struct rtentry *rt, void *arg);
-static struct rtentry *rt_unlinkrte(struct radix_node_head *rnh,
+static struct rtentry *rt_unlinkrte(struct rib_head *rnh,
     struct rt_addrinfo *info, int *perror);
 static void rt_notifydelete(struct rtentry *rt, struct rt_addrinfo *info);
 #ifdef RADIX_MPATH
-static struct radix_node *rt_mpath_unlink(struct radix_node_head *rnh,
+static struct radix_node *rt_mpath_unlink(struct rib_head *rnh,
     struct rt_addrinfo *info, struct rtentry *rto, int *perror);
 #endif
 static int rt_exportinfo(struct rtentry *rt, struct rt_addrinfo *info,
@@ -175,10 +176,10 @@ sysctl_my_fibnum(SYSCTL_HANDLER_ARGS)
 SYSCTL_PROC(_net, OID_AUTO, my_fibnum, CTLTYPE_INT|CTLFLAG_RD,
             NULL, 0, &sysctl_my_fibnum, "I", "default FIB of caller");
 
-static __inline struct radix_node_head **
+static __inline struct rib_head **
 rt_tables_get_rnh_ptr(int table, int fam)
 {
-	struct radix_node_head **rnh;
+	struct rib_head **rnh;
 
 	KASSERT(table >= 0 && table < rt_numfibs, ("%s: table out of bounds.",
 	    __func__));
@@ -186,14 +187,14 @@ rt_tables_get_rnh_ptr(int table, int fam)
 	    __func__));
 
 	/* rnh is [fib=0][af=0]. */
-	rnh = (struct radix_node_head **)V_rt_tables;
+	rnh = (struct rib_head **)V_rt_tables;
 	/* Get the offset to the requested table and fam. */
 	rnh += table * (AF_MAX+1) + fam;
 
 	return (rnh);
 }
 
-struct radix_node_head *
+struct rib_head *
 rt_tables_get_rnh(int table, int fam)
 {
 
@@ -263,12 +264,12 @@ static void
 vnet_route_init(const void *unused __unused)
 {
 	struct domain *dom;
-	struct radix_node_head **rnh;
+	struct rib_head **rnh;
 	int table;
 	int fam;
 
 	V_rt_tables = malloc(rt_numfibs * (AF_MAX+1) *
-	    sizeof(struct radix_node_head *), M_RTABLE, M_WAITOK|M_ZERO);
+	    sizeof(struct rib_head *), M_RTABLE, M_WAITOK|M_ZERO);
 
 	V_rtzone = uma_zcreate("rtentry", sizeof(struct rtentry),
 	    rtentry_ctor, rtentry_dtor,
@@ -299,7 +300,7 @@ vnet_route_uninit(const void *unused __unused)
 	int table;
 	int fam;
 	struct domain *dom;
-	struct radix_node_head **rnh;
+	struct rib_head **rnh;
 
 	for (dom = domains; dom; dom = dom->dom_next) {
 		if (dom->dom_rtdetach == NULL)
@@ -325,6 +326,43 @@ VNET_SYSUNINIT(vnet_route_uninit, SI_SUB_PROTO_DOMAIN, SI_ORDER_THIRD,
     vnet_route_uninit, 0);
 #endif
 
+struct rib_head *
+rt_table_init(int offset)
+{
+	struct rib_head *rh;
+
+	rh = malloc(sizeof(struct rib_head), M_RTABLE, M_WAITOK | M_ZERO);
+
+	/* TODO: These details should be hidded inside radix.c */
+	/* Init masks tree */
+	rn_inithead_internal(&rh->head, rh->rnh_nodes, offset);
+	rn_inithead_internal(&rh->rmhead.head, rh->rmhead.mask_nodes, 0);
+	rh->head.rnh_masks = &rh->rmhead;
+
+	/* Init locks */
+	rw_init(&rh->rib_lock, "rib head lock");
+
+	/* Finally, set base callbacks */
+	rh->rnh_addaddr = rn_addroute;
+	rh->rnh_deladdr = rn_delete;
+	rh->rnh_matchaddr = rn_match;
+	rh->rnh_lookup = rn_lookup;
+	rh->rnh_walktree = rn_walktree;
+	rh->rnh_walktree_from = rn_walktree_from;
+
+	return (rh);
+}
+
+void
+rt_table_destroy(struct rib_head *rh)
+{
+
+	/* Assume table is already empty */
+	rw_destroy(&rh->rib_lock);
+	free(rh, M_RTABLE);
+}
+
+
 #ifndef _SYS_SYSPROTO_H_
 struct setfib_args {
 	int     fibnum;
@@ -375,32 +413,32 @@ struct rtentry *
 rtalloc1_fib(struct sockaddr *dst, int report, u_long ignflags,
 		    u_int fibnum)
 {
-	struct radix_node_head *rnh;
+	struct rib_head *rh;
 	struct radix_node *rn;
 	struct rtentry *newrt;
 	struct rt_addrinfo info;
 	int err = 0, msgtype = RTM_MISS;
 
 	KASSERT((fibnum < rt_numfibs), ("rtalloc1_fib: bad fibnum"));
-	rnh = rt_tables_get_rnh(fibnum, dst->sa_family);
+	rh = rt_tables_get_rnh(fibnum, dst->sa_family);
 	newrt = NULL;
-	if (rnh == NULL)
+	if (rh == NULL)
 		goto miss;
 
 	/*
 	 * Look up the address in the table for that Address Family
 	 */
-	RADIX_NODE_HEAD_RLOCK(rnh);
-	rn = rnh->rnh_matchaddr(dst, rnh);
+	RIB_RLOCK(rh);
+	rn = rh->rnh_matchaddr(dst, &rh->head);
 	if (rn && ((rn->rn_flags & RNF_ROOT) == 0)) {
 		newrt = RNTORT(rn);
 		RT_LOCK(newrt);
 		RT_ADDREF(newrt);
-		RADIX_NODE_HEAD_RUNLOCK(rnh);
+		RIB_RUNLOCK(rh);
 		return (newrt);
 
 	} else
-		RADIX_NODE_HEAD_RUNLOCK(rnh);
+		RIB_RUNLOCK(rh);
 	
 	/*
 	 * Either we hit the root or couldn't find any match,
@@ -430,7 +468,7 @@ miss:
 void
 rtfree(struct rtentry *rt)
 {
-	struct radix_node_head *rnh;
+	struct rib_head *rnh;
 
 	KASSERT(rt != NULL,("%s: NULL rt", __func__));
 	rnh = rt_tables_get_rnh(rt->rt_fibnum, rt_key(rt)->sa_family);
@@ -458,7 +496,7 @@ rtfree(struct rtentry *rt)
 	 * on the entry so that the code below reclaims the storage.
 	 */
 	if (rt->rt_refcnt == 0 && rnh->rnh_close)
-		rnh->rnh_close((struct radix_node *)rt, rnh);
+		rnh->rnh_close((struct radix_node *)rt, &rnh->head);
 
 	/*
 	 * If we are no longer "up" (and ref == 0)
@@ -522,7 +560,7 @@ rtredirect_fib(struct sockaddr *dst,
 	short *stat = NULL;
 	struct rt_addrinfo info;
 	struct ifaddr *ifa;
-	struct radix_node_head *rnh;
+	struct rib_head *rnh;
 
 	ifa = NULL;
 	rnh = rt_tables_get_rnh(fibnum, dst->sa_family);
@@ -608,10 +646,10 @@ rtredirect_fib(struct sockaddr *dst,
 			 * add the key and gateway (in one malloc'd chunk).
 			 */
 			RT_UNLOCK(rt);
-			RADIX_NODE_HEAD_LOCK(rnh);
+			RIB_WLOCK(rnh);
 			RT_LOCK(rt);
 			rt_setgate(rt, rt_key(rt), gateway);
-			RADIX_NODE_HEAD_UNLOCK(rnh);
+			RIB_WUNLOCK(rnh);
 		}
 	} else
 		error = EHOSTUNREACH;
@@ -853,7 +891,7 @@ int
 rib_lookup_info(uint32_t fibnum, const struct sockaddr *dst, uint32_t flags,
     uint32_t flowid, struct rt_addrinfo *info)
 {
-	struct radix_node_head *rh;
+	struct rib_head *rh;
 	struct radix_node *rn;
 	struct rtentry *rt;
 	int error;
@@ -863,20 +901,20 @@ rib_lookup_info(uint32_t fibnum, const struct sockaddr *dst, uint32_t flags,
 	if (rh == NULL)
 		return (ENOENT);
 
-	RADIX_NODE_HEAD_RLOCK(rh);
-	rn = rh->rnh_matchaddr(__DECONST(void *, dst), rh);
+	RIB_RLOCK(rh);
+	rn = rh->rnh_matchaddr(__DECONST(void *, dst), &rh->head);
 	if (rn != NULL && ((rn->rn_flags & RNF_ROOT) == 0)) {
 		rt = RNTORT(rn);
 		/* Ensure route & ifp is UP */
 		if (RT_LINK_IS_UP(rt->rt_ifp)) {
 			flags = (flags & NHR_REF) | NHR_COPY;
 			error = rt_exportinfo(rt, info, flags);
-			RADIX_NODE_HEAD_RUNLOCK(rh);
+			RIB_RUNLOCK(rh);
 
 			return (error);
 		}
 	}
-	RADIX_NODE_HEAD_RUNLOCK(rh);
+	RIB_RUNLOCK(rh);
 
 	return (ENOENT);
 }
@@ -903,7 +941,7 @@ void
 rt_foreach_fib_walk(int af, rt_setwarg_t *setwa_f, rt_walktree_f_t *wa_f,
     void *arg)
 {
-	struct radix_node_head *rnh;
+	struct rib_head *rnh;
 	uint32_t fibnum;
 	int i;
 
@@ -916,9 +954,9 @@ rt_foreach_fib_walk(int af, rt_setwarg_t *setwa_f, rt_walktree_f_t *wa_f,
 			if (setwa_f != NULL)
 				setwa_f(rnh, fibnum, af, arg);
 
-			RADIX_NODE_HEAD_LOCK(rnh);
-			rnh->rnh_walktree(rnh, (walktree_f_t *)wa_f, arg);
-			RADIX_NODE_HEAD_UNLOCK(rnh);
+			RIB_WLOCK(rnh);
+			rnh->rnh_walktree(&rnh->head, (walktree_f_t *)wa_f,arg);
+			RIB_WUNLOCK(rnh);
 			continue;
 		}
 
@@ -929,9 +967,9 @@ rt_foreach_fib_walk(int af, rt_setwarg_t *setwa_f, rt_walktree_f_t *wa_f,
 			if (setwa_f != NULL)
 				setwa_f(rnh, fibnum, i, arg);
 
-			RADIX_NODE_HEAD_LOCK(rnh);
-			rnh->rnh_walktree(rnh, (walktree_f_t *)wa_f, arg);
-			RADIX_NODE_HEAD_UNLOCK(rnh);
+			RIB_WLOCK(rnh);
+			rnh->rnh_walktree(&rnh->head, (walktree_f_t *)wa_f,arg);
+			RIB_WUNLOCK(rnh);
 		}
 	}
 }
@@ -939,7 +977,7 @@ rt_foreach_fib_walk(int af, rt_setwarg_t *setwa_f, rt_walktree_f_t *wa_f,
 struct rt_delinfo
 {
 	struct rt_addrinfo info;
-	struct radix_node_head *rnh;
+	struct rib_head *rnh;
 	struct rtentry *head;
 };
 
@@ -987,7 +1025,7 @@ rt_checkdelroute(struct radix_node *rn, void *arg)
 void
 rt_foreach_fib_walk_del(int af, rt_filter_f_t *filter_f, void *arg)
 {
-	struct radix_node_head *rnh;
+	struct rib_head *rnh;
 	struct rt_delinfo di;
 	struct rtentry *rt;
 	uint32_t fibnum;
@@ -1013,9 +1051,9 @@ rt_foreach_fib_walk_del(int af, rt_filter_f_t *filter_f, void *arg)
 				continue;
 			di.rnh = rnh;
 
-			RADIX_NODE_HEAD_LOCK(rnh);
-			rnh->rnh_walktree(rnh, rt_checkdelroute, &di);
-			RADIX_NODE_HEAD_UNLOCK(rnh);
+			RIB_WLOCK(rnh);
+			rnh->rnh_walktree(&rnh->head, rt_checkdelroute, &di);
+			RIB_WUNLOCK(rnh);
 
 			if (di.head == NULL)
 				continue;
@@ -1092,7 +1130,7 @@ rt_flushifroutes(struct ifnet *ifp)
  * ENOENT - if supplied filter function returned 0 (not matched).
  */
 static struct rtentry *
-rt_unlinkrte(struct radix_node_head *rnh, struct rt_addrinfo *info, int *perror)
+rt_unlinkrte(struct rib_head *rnh, struct rt_addrinfo *info, int *perror)
 {
 	struct sockaddr *dst, *netmask;
 	struct rtentry *rt;
@@ -1101,7 +1139,7 @@ rt_unlinkrte(struct radix_node_head *rnh, struct rt_addrinfo *info, int *perror)
 	dst = info->rti_info[RTAX_DST];
 	netmask = info->rti_info[RTAX_NETMASK];
 
-	rt = (struct rtentry *)rnh->rnh_lookup(dst, netmask, rnh);
+	rt = (struct rtentry *)rnh->rnh_lookup(dst, netmask, &rnh->head);
 	if (rt == NULL) {
 		*perror = ESRCH;
 		return (NULL);
@@ -1136,11 +1174,11 @@ rt_unlinkrte(struct radix_node_head *rnh, struct rt_addrinfo *info, int *perror)
 	 */
 	*perror = ESRCH;
 #ifdef RADIX_MPATH
-	if (rn_mpath_capable(rnh))
+	if (rt_mpath_capable(rnh))
 		rn = rt_mpath_unlink(rnh, info, rt, perror);
 	else
 #endif
-	rn = rnh->rnh_deladdr(dst, netmask, rnh);
+	rn = rnh->rnh_deladdr(dst, netmask, &rnh->head);
 	if (rn == NULL)
 		return (NULL);
 
@@ -1273,7 +1311,7 @@ void
 rt_updatemtu(struct ifnet *ifp)
 {
 	struct if_mtuinfo ifmtu;
-	struct radix_node_head *rnh;
+	struct rib_head *rnh;
 	int i, j;
 
 	ifmtu.ifp = ifp;
@@ -1289,9 +1327,9 @@ rt_updatemtu(struct ifnet *ifp)
 			rnh = rt_tables_get_rnh(j, i);
 			if (rnh == NULL)
 				continue;
-			RADIX_NODE_HEAD_LOCK(rnh);
-			rnh->rnh_walktree(rnh, if_updatemtu_cb, &ifmtu);
-			RADIX_NODE_HEAD_UNLOCK(rnh);
+			RIB_WLOCK(rnh);
+			rnh->rnh_walktree(&rnh->head, if_updatemtu_cb, &ifmtu);
+			RIB_WUNLOCK(rnh);
 		}
 	}
 }
@@ -1357,7 +1395,7 @@ rt_print(char *buf, int buflen, struct rtentry *rt)
  * and sets @perror to ESRCH.
  */
 static struct radix_node *
-rt_mpath_unlink(struct radix_node_head *rnh, struct rt_addrinfo *info,
+rt_mpath_unlink(struct rib_head *rnh, struct rt_addrinfo *info,
     struct rtentry *rto, int *perror)
 {
 	/*
@@ -1409,7 +1447,7 @@ rt_mpath_unlink(struct radix_node_head *rnh, struct rt_addrinfo *info,
 		 * use the normal delete code to remove
 		 * the first entry
 		 */
-		rn = rnh->rnh_deladdr(dst, netmask, rnh);
+		rn = rnh->rnh_deladdr(dst, netmask, &rnh->head);
 		*perror = 0;
 		return (rn);
 	}
@@ -1427,7 +1465,7 @@ rt_mpath_unlink(struct radix_node_head *rnh, struct rt_addrinfo *info,
 
 #ifdef FLOWTABLE
 static struct rtentry *
-rt_flowtable_check_route(struct radix_node_head *rnh, struct rt_addrinfo *info)
+rt_flowtable_check_route(struct rib_head *rnh, struct rt_addrinfo *info)
 {
 #if defined(INET6) || defined(INET)
 	struct radix_node *rn;
@@ -1444,7 +1482,7 @@ rt_flowtable_check_route(struct radix_node_head *rnh, struct rt_addrinfo *info)
 	case AF_INET:
 #endif
 #if defined(INET6) || defined(INET)
-		rn = rnh->rnh_matchaddr(dst, rnh);
+		rn = rnh->rnh_matchaddr(dst, &rnh->head);
 		if (rn && ((rn->rn_flags & RNF_ROOT) == 0)) {
 			struct sockaddr *mask;
 			u_char *m, *n;
@@ -1499,7 +1537,7 @@ rtrequest1_fib(int req, struct rt_addrinfo *info, struct rtentry **ret_nrt,
 	struct rtentry *rt0;
 #endif
 	struct radix_node *rn;
-	struct radix_node_head *rnh;
+	struct rib_head *rnh;
 	struct ifaddr *ifa;
 	struct sockaddr *ndst;
 	struct sockaddr_storage mdst;
@@ -1537,9 +1575,9 @@ rtrequest1_fib(int req, struct rt_addrinfo *info, struct rtentry **ret_nrt,
 			dst = (struct sockaddr *)&mdst;
 		}
 
-		RADIX_NODE_HEAD_LOCK(rnh);
+		RIB_WLOCK(rnh);
 		rt = rt_unlinkrte(rnh, info, &error);
-		RADIX_NODE_HEAD_UNLOCK(rnh);
+		RIB_WUNLOCK(rnh);
 		if (error != 0)
 			return (error);
 
@@ -1616,13 +1654,13 @@ rtrequest1_fib(int req, struct rt_addrinfo *info, struct rtentry **ret_nrt,
 
 		rt_setmetrics(info, rt);
 
-		RADIX_NODE_HEAD_LOCK(rnh);
+		RIB_WLOCK(rnh);
 		RT_LOCK(rt);
 #ifdef RADIX_MPATH
 		/* do not permit exactly the same dst/mask/gw pair */
-		if (rn_mpath_capable(rnh) &&
+		if (rt_mpath_capable(rnh) &&
 			rt_mpath_conflict(rnh, rt, netmask)) {
-			RADIX_NODE_HEAD_UNLOCK(rnh);
+			RIB_WUNLOCK(rnh);
 
 			ifa_free(rt->rt_ifa);
 			R_Free(rt_key(rt));
@@ -1636,7 +1674,7 @@ rtrequest1_fib(int req, struct rt_addrinfo *info, struct rtentry **ret_nrt,
 #endif /* FLOWTABLE */
 
 		/* XXX mtu manipulation will be done in rnh_addaddr -- itojun */
-		rn = rnh->rnh_addaddr(ndst, netmask, rnh, rt->rt_nodes);
+		rn = rnh->rnh_addaddr(ndst, netmask, &rnh->head, rt->rt_nodes);
 
 		rt_old = NULL;
 		if (rn == NULL && (info->rti_flags & RTF_PINNED) != 0) {
@@ -1653,10 +1691,10 @@ rtrequest1_fib(int req, struct rt_addrinfo *info, struct rtentry **ret_nrt,
 			info->rti_flags |= RTF_PINNED;
 			info->rti_info[RTAX_DST] = info_dst;
 			if (rt_old != NULL)
-				rn = rnh->rnh_addaddr(ndst, netmask, rnh,
+				rn = rnh->rnh_addaddr(ndst, netmask, &rnh->head,
 				    rt->rt_nodes);
 		}
-		RADIX_NODE_HEAD_UNLOCK(rnh);
+		RIB_WUNLOCK(rnh);
 
 		if (rt_old != NULL)
 			RT_UNLOCK(rt_old);
@@ -1705,9 +1743,9 @@ rtrequest1_fib(int req, struct rt_addrinfo *info, struct rtentry **ret_nrt,
 		RT_UNLOCK(rt);
 		break;
 	case RTM_CHANGE:
-		RADIX_NODE_HEAD_LOCK(rnh);
+		RIB_WLOCK(rnh);
 		error = rtrequest1_fib_change(rnh, info, ret_nrt, fibnum);
-		RADIX_NODE_HEAD_UNLOCK(rnh);
+		RIB_WUNLOCK(rnh);
 		break;
 	default:
 		error = EOPNOTSUPP;
@@ -1724,7 +1762,7 @@ rtrequest1_fib(int req, struct rt_addrinfo *info, struct rtentry **ret_nrt,
 #undef flags
 
 static int
-rtrequest1_fib_change(struct radix_node_head *rnh, struct rt_addrinfo *info,
+rtrequest1_fib_change(struct rib_head *rnh, struct rt_addrinfo *info,
     struct rtentry **ret_nrt, u_int fibnum)
 {
 	struct rtentry *rt = NULL;
@@ -1734,7 +1772,7 @@ rtrequest1_fib_change(struct radix_node_head *rnh, struct rt_addrinfo *info,
 	struct if_mtuinfo ifmtu;
 
 	rt = (struct rtentry *)rnh->rnh_lookup(info->rti_info[RTAX_DST],
-	    info->rti_info[RTAX_NETMASK], rnh);
+	    info->rti_info[RTAX_NETMASK], &rnh->head);
 
 	if (rt == NULL)
 		return (ESRCH);
@@ -1744,7 +1782,7 @@ rtrequest1_fib_change(struct radix_node_head *rnh, struct rt_addrinfo *info,
 	 * If we got multipath routes,
 	 * we require users to specify a matching RTAX_GATEWAY.
 	 */
-	if (rn_mpath_capable(rnh)) {
+	if (rt_mpath_capable(rnh)) {
 		rt = rt_mpath_matchgate(rt, info->rti_info[RTAX_GATEWAY]);
 		if (rt == NULL)
 			return (ESRCH);
@@ -1935,7 +1973,7 @@ rtinit1(struct ifaddr *ifa, int cmd, int flags, int fibnum)
 	int didwork = 0;
 	int a_failure = 0;
 	static struct sockaddr_dl null_sdl = {sizeof(null_sdl), AF_LINK};
-	struct radix_node_head *rnh;
+	struct rib_head *rnh;
 
 	if (flags & RTF_HOST) {
 		dst = ifa->ifa_dstaddr;
@@ -2003,10 +2041,10 @@ rtinit1(struct ifaddr *ifa, int cmd, int flags, int fibnum)
 			if (rnh == NULL)
 				/* this table doesn't exist but others might */
 				continue;
-			RADIX_NODE_HEAD_RLOCK(rnh);
-			rn = rnh->rnh_lookup(dst, netmask, rnh);
+			RIB_RLOCK(rnh);
+			rn = rnh->rnh_lookup(dst, netmask, &rnh->head);
 #ifdef RADIX_MPATH
-			if (rn_mpath_capable(rnh)) {
+			if (rt_mpath_capable(rnh)) {
 
 				if (rn == NULL) 
 					error = ESRCH;
@@ -2029,7 +2067,7 @@ rtinit1(struct ifaddr *ifa, int cmd, int flags, int fibnum)
 			error = (rn == NULL ||
 			    (rn->rn_flags & RNF_ROOT) ||
 			    RNTORT(rn)->rt_ifa != ifa);
-			RADIX_NODE_HEAD_RUNLOCK(rnh);
+			RIB_RUNLOCK(rnh);
 			if (error) {
 				/* this is only an error if bad on ALL tables */
 				continue;
diff --git a/sys/net/route.h b/sys/net/route.h
index ed21a29..6cc1e1c 100644
--- a/sys/net/route.h
+++ b/sys/net/route.h
@@ -204,21 +204,6 @@ struct rtentry {
 /* Control plane route request flags */
 #define	NHR_COPY		0x100	/* Copy rte data */
 
-/* rte<>nhop translation */
-static inline uint16_t
-fib_rte_to_nh_flags(int rt_flags)
-{
-	uint16_t res;
-
-	res = (rt_flags & RTF_REJECT) ? NHF_REJECT : 0;
-	res |= (rt_flags & RTF_BLACKHOLE) ? NHF_BLACKHOLE : 0;
-	res |= (rt_flags & (RTF_DYNAMIC|RTF_MODIFIED)) ? NHF_REDIRECT : 0;
-	res |= (rt_flags & RTF_BROADCAST) ? NHF_BROADCAST : 0;
-	res |= (rt_flags & RTF_GATEWAY) ? NHF_GATEWAY : 0;
-
-	return (res);
-}
-
 #ifdef _KERNEL
 /* rte<>ro_flags translation */
 static inline void
@@ -413,9 +398,8 @@ struct rt_addrinfo {
 	}							\
 } while (0)
 
-struct radix_node_head *rt_tables_get_rnh(int, int);
-
 struct ifmultiaddr;
+struct rib_head;
 
 void	 rt_ieee80211msg(struct ifnet *, int, void *, size_t);
 void	 rt_ifannouncemsg(struct ifnet *, int);
@@ -429,6 +413,8 @@ int	 rt_routemsg(int, struct ifnet *ifp, int, struct rtentry *, int);
 void	 rt_newmaddrmsg(int, struct ifmultiaddr *);
 int	 rt_setgate(struct rtentry *, struct sockaddr *, struct sockaddr *);
 void 	 rt_maskedcopy(struct sockaddr *, struct sockaddr *, struct sockaddr *);
+struct rib_head *rt_table_init(int);
+void	rt_table_destroy(struct rib_head *);
 
 int	rtsock_addrmsg(int, struct ifaddr *, int);
 int	rtsock_routemsg(int, struct ifnet *ifp, int, struct rtentry *, int);
@@ -447,7 +433,7 @@ void	 rtfree(struct rtentry *);
 void	rt_updatemtu(struct ifnet *);
 
 typedef int rt_walktree_f_t(struct rtentry *, void *);
-typedef void rt_setwarg_t(struct radix_node_head *, uint32_t, int, void *);
+typedef void rt_setwarg_t(struct rib_head *, uint32_t, int, void *);
 void	rt_foreach_fib_walk(int af, rt_setwarg_t *, rt_walktree_f_t *, void *);
 void	rt_foreach_fib_walk_del(int af, rt_filter_f_t *filter_f, void *arg);
 void	rt_flushifroutes(struct ifnet *ifp);
diff --git a/sys/net/route_var.h b/sys/net/route_var.h
new file mode 100644
index 0000000..86fc8a9
--- /dev/null
+++ b/sys/net/route_var.h
@@ -0,0 +1,76 @@
+/*-
+ * Copyright (c) 2015-2016
+ * 	Alexander V. Chernikov <melifaro@FreeBSD.org>
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 4. Neither the name of the University nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * $FreeBSD$
+ */
+
+#ifndef _NET_ROUTE_VAR_H_
+#define _NET_ROUTE_VAR_H_
+
+struct rib_head {
+	struct radix_head	head;
+	rn_matchaddr_f_t	*rnh_matchaddr;	/* longest match for sockaddr */
+	rn_addaddr_f_t		*rnh_addaddr;	/* add based on sockaddr*/
+	rn_deladdr_f_t		*rnh_deladdr;	/* remove based on sockaddr */
+	rn_lookup_f_t		*rnh_lookup;	/* exact match for sockaddr */
+	rn_walktree_t		*rnh_walktree;	/* traverse tree */
+	rn_walktree_from_t	*rnh_walktree_from; /* traverse tree below a */
+	rn_close_t		*rnh_close;	/*do something when the last ref drops*/
+	u_int			rnh_gen;	/* generation counter */
+	int			rnh_multipath;	/* multipath capable ? */
+	struct radix_node	rnh_nodes[3];	/* empty tree for common case */
+	struct rwlock		rib_lock;	/* config/data path lock */
+	struct radix_mask_head	rmhead;		/* masks radix head */
+};
+
+#define	RIB_RLOCK(rh)		rw_rlock(&(rh)->rib_lock)
+#define	RIB_RUNLOCK(rh)		rw_runlock(&(rh)->rib_lock)
+#define	RIB_WLOCK(rh)		rw_wlock(&(rh)->rib_lock)
+#define	RIB_WUNLOCK(rh)		rw_wunlock(&(rh)->rib_lock)
+#define	RIB_LOCK_ASSERT(rh)	rw_assert(&(rh)->rib_lock, RA_LOCKED)
+#define	RIB_WLOCK_ASSERT(rh)	rw_assert(&(rh)->rib_lock, RA_WLOCKED)
+
+struct rib_head *rt_tables_get_rnh(int fib, int family);
+
+/* rte<>nhop translation */
+static inline uint16_t
+fib_rte_to_nh_flags(int rt_flags)
+{
+	uint16_t res;
+
+	res = (rt_flags & RTF_REJECT) ? NHF_REJECT : 0;
+	res |= (rt_flags & RTF_BLACKHOLE) ? NHF_BLACKHOLE : 0;
+	res |= (rt_flags & (RTF_DYNAMIC|RTF_MODIFIED)) ? NHF_REDIRECT : 0;
+	res |= (rt_flags & RTF_BROADCAST) ? NHF_BROADCAST : 0;
+	res |= (rt_flags & RTF_GATEWAY) ? NHF_GATEWAY : 0;
+
+	return (res);
+}
+
+
+#endif
diff --git a/sys/net/rtsock.c b/sys/net/rtsock.c
index a5ca9fa..d59ef70 100644
--- a/sys/net/rtsock.c
+++ b/sys/net/rtsock.c
@@ -59,6 +59,7 @@
 #include <net/netisr.h>
 #include <net/raw_cb.h>
 #include <net/route.h>
+#include <net/route_var.h>
 #include <net/vnet.h>
 
 #include <netinet/in.h>
@@ -520,7 +521,7 @@ route_output(struct mbuf *m, struct socket *so, ...)
 {
 	struct rt_msghdr *rtm = NULL;
 	struct rtentry *rt = NULL;
-	struct radix_node_head *rnh;
+	struct rib_head *rnh;
 	struct rt_addrinfo info;
 	struct sockaddr_storage ss;
 #ifdef INET6
@@ -706,7 +707,7 @@ route_output(struct mbuf *m, struct socket *so, ...)
 		if (rnh == NULL)
 			senderr(EAFNOSUPPORT);
 
-		RADIX_NODE_HEAD_RLOCK(rnh);
+		RIB_RLOCK(rnh);
 
 		if (info.rti_info[RTAX_NETMASK] == NULL &&
 		    rtm->rtm_type == RTM_GET) {
@@ -716,14 +717,14 @@ route_output(struct mbuf *m, struct socket *so, ...)
 			 * 'route -n get addr'
 			 */
 			rt = (struct rtentry *) rnh->rnh_matchaddr(
-			    info.rti_info[RTAX_DST], rnh);
+			    info.rti_info[RTAX_DST], &rnh->head);
 		} else
 			rt = (struct rtentry *) rnh->rnh_lookup(
 			    info.rti_info[RTAX_DST],
-			    info.rti_info[RTAX_NETMASK], rnh);
+			    info.rti_info[RTAX_NETMASK], &rnh->head);
 
 		if (rt == NULL) {
-			RADIX_NODE_HEAD_RUNLOCK(rnh);
+			RIB_RUNLOCK(rnh);
 			senderr(ESRCH);
 		}
 #ifdef RADIX_MPATH
@@ -735,11 +736,11 @@ route_output(struct mbuf *m, struct socket *so, ...)
 		 * if gate == NULL the first match is returned.
 		 * (no need to call rt_mpath_matchgate if gate == NULL)
 		 */
-		if (rn_mpath_capable(rnh) &&
+		if (rt_mpath_capable(rnh) &&
 		    (rtm->rtm_type != RTM_GET || info.rti_info[RTAX_GATEWAY])) {
 			rt = rt_mpath_matchgate(rt, info.rti_info[RTAX_GATEWAY]);
 			if (!rt) {
-				RADIX_NODE_HEAD_RUNLOCK(rnh);
+				RIB_RUNLOCK(rnh);
 				senderr(ESRCH);
 			}
 		}
@@ -770,15 +771,16 @@ route_output(struct mbuf *m, struct socket *so, ...)
 			/* 
 			 * refactor rt and no lock operation necessary
 			 */
-			rt = (struct rtentry *)rnh->rnh_matchaddr(&laddr, rnh);
+			rt = (struct rtentry *)rnh->rnh_matchaddr(&laddr,
+			    &rnh->head);
 			if (rt == NULL) {
-				RADIX_NODE_HEAD_RUNLOCK(rnh);
+				RIB_RUNLOCK(rnh);
 				senderr(ESRCH);
 			}
 		} 
 		RT_LOCK(rt);
 		RT_ADDREF(rt);
-		RADIX_NODE_HEAD_RUNLOCK(rnh);
+		RIB_RUNLOCK(rnh);
 
 report:
 		RT_LOCK_ASSERT(rt);
@@ -1803,7 +1805,7 @@ sysctl_rtsock(SYSCTL_HANDLER_ARGS)
 {
 	int	*name = (int *)arg1;
 	u_int	namelen = arg2;
-	struct radix_node_head *rnh = NULL; /* silence compiler. */
+	struct rib_head *rnh = NULL; /* silence compiler. */
 	int	i, lim, error = EINVAL;
 	int	fib = 0;
 	u_char	af;
@@ -1872,10 +1874,10 @@ sysctl_rtsock(SYSCTL_HANDLER_ARGS)
 		for (error = 0; error == 0 && i <= lim; i++) {
 			rnh = rt_tables_get_rnh(fib, i);
 			if (rnh != NULL) {
-				RADIX_NODE_HEAD_RLOCK(rnh); 
-			    	error = rnh->rnh_walktree(rnh,
+				RIB_RLOCK(rnh); 
+			    	error = rnh->rnh_walktree(&rnh->head,
 				    sysctl_dumpentry, &w);
-				RADIX_NODE_HEAD_RUNLOCK(rnh);
+				RIB_RUNLOCK(rnh);
 			} else if (af != 0)
 				error = EAFNOSUPPORT;
 		}
diff --git a/sys/net80211/ieee80211_ioctl.c b/sys/net80211/ieee80211_ioctl.c
index 1ca3d45..e78b862 100644
--- a/sys/net80211/ieee80211_ioctl.c
+++ b/sys/net80211/ieee80211_ioctl.c
@@ -68,7 +68,7 @@ static struct ieee80211_channel *findchannel(struct ieee80211com *,
 static int ieee80211_scanreq(struct ieee80211vap *,
 		struct ieee80211_scan_req *);
 
-static __noinline int
+static int
 ieee80211_ioctl_getkey(struct ieee80211vap *vap, struct ieee80211req *ireq)
 {
 	struct ieee80211com *ic = vap->iv_ic;
@@ -124,7 +124,7 @@ ieee80211_ioctl_getkey(struct ieee80211vap *vap, struct ieee80211req *ireq)
 	return copyout(&ik, ireq->i_data, sizeof(ik));
 }
 
-static __noinline int
+static int
 ieee80211_ioctl_getchanlist(struct ieee80211vap *vap, struct ieee80211req *ireq)
 {
 	struct ieee80211com *ic = vap->iv_ic;
@@ -134,7 +134,7 @@ ieee80211_ioctl_getchanlist(struct ieee80211vap *vap, struct ieee80211req *ireq)
 	return copyout(&ic->ic_chan_active, ireq->i_data, ireq->i_len);
 }
 
-static __noinline int
+static int
 ieee80211_ioctl_getchaninfo(struct ieee80211vap *vap, struct ieee80211req *ireq)
 {
 	struct ieee80211com *ic = vap->iv_ic;
@@ -148,36 +148,40 @@ ieee80211_ioctl_getchaninfo(struct ieee80211vap *vap, struct ieee80211req *ireq)
 	return copyout(&ic->ic_nchans, ireq->i_data, space);
 }
 
-static __noinline int
+static int
 ieee80211_ioctl_getwpaie(struct ieee80211vap *vap,
 	struct ieee80211req *ireq, int req)
 {
 	struct ieee80211_node *ni;
-	struct ieee80211req_wpaie2 wpaie;
+	struct ieee80211req_wpaie2 *wpaie;
 	int error;
 
 	if (ireq->i_len < IEEE80211_ADDR_LEN)
 		return EINVAL;
-	error = copyin(ireq->i_data, wpaie.wpa_macaddr, IEEE80211_ADDR_LEN);
+	wpaie = IEEE80211_MALLOC(sizeof(*wpaie), M_TEMP,
+	    IEEE80211_M_NOWAIT | IEEE80211_M_ZERO);
+	if (wpaie == NULL)
+		return ENOMEM;
+	error = copyin(ireq->i_data, wpaie->wpa_macaddr, IEEE80211_ADDR_LEN);
 	if (error != 0)
-		return error;
-	ni = ieee80211_find_vap_node(&vap->iv_ic->ic_sta, vap, wpaie.wpa_macaddr);
-	if (ni == NULL)
-		return ENOENT;
-	memset(wpaie.wpa_ie, 0, sizeof(wpaie.wpa_ie));
+		goto bad;
+	ni = ieee80211_find_vap_node(&vap->iv_ic->ic_sta, vap, wpaie->wpa_macaddr);
+	if (ni == NULL) {
+		error = ENOENT;
+		goto bad;
+	}
 	if (ni->ni_ies.wpa_ie != NULL) {
 		int ielen = ni->ni_ies.wpa_ie[1] + 2;
-		if (ielen > sizeof(wpaie.wpa_ie))
-			ielen = sizeof(wpaie.wpa_ie);
-		memcpy(wpaie.wpa_ie, ni->ni_ies.wpa_ie, ielen);
+		if (ielen > sizeof(wpaie->wpa_ie))
+			ielen = sizeof(wpaie->wpa_ie);
+		memcpy(wpaie->wpa_ie, ni->ni_ies.wpa_ie, ielen);
 	}
 	if (req == IEEE80211_IOC_WPAIE2) {
-		memset(wpaie.rsn_ie, 0, sizeof(wpaie.rsn_ie));
 		if (ni->ni_ies.rsn_ie != NULL) {
 			int ielen = ni->ni_ies.rsn_ie[1] + 2;
-			if (ielen > sizeof(wpaie.rsn_ie))
-				ielen = sizeof(wpaie.rsn_ie);
-			memcpy(wpaie.rsn_ie, ni->ni_ies.rsn_ie, ielen);
+			if (ielen > sizeof(wpaie->rsn_ie))
+				ielen = sizeof(wpaie->rsn_ie);
+			memcpy(wpaie->rsn_ie, ni->ni_ies.rsn_ie, ielen);
 		}
 		if (ireq->i_len > sizeof(struct ieee80211req_wpaie2))
 			ireq->i_len = sizeof(struct ieee80211req_wpaie2);
@@ -186,18 +190,21 @@ ieee80211_ioctl_getwpaie(struct ieee80211vap *vap,
 		/* XXX check ic_flags? */
 		if (ni->ni_ies.rsn_ie != NULL) {
 			int ielen = ni->ni_ies.rsn_ie[1] + 2;
-			if (ielen > sizeof(wpaie.wpa_ie))
-				ielen = sizeof(wpaie.wpa_ie);
-			memcpy(wpaie.wpa_ie, ni->ni_ies.rsn_ie, ielen);
+			if (ielen > sizeof(wpaie->wpa_ie))
+				ielen = sizeof(wpaie->wpa_ie);
+			memcpy(wpaie->wpa_ie, ni->ni_ies.rsn_ie, ielen);
 		}
 		if (ireq->i_len > sizeof(struct ieee80211req_wpaie))
 			ireq->i_len = sizeof(struct ieee80211req_wpaie);
 	}
 	ieee80211_free_node(ni);
-	return copyout(&wpaie, ireq->i_data, ireq->i_len);
+	error = copyout(wpaie, ireq->i_data, ireq->i_len);
+bad:
+	IEEE80211_FREE(wpaie, M_TEMP);
+	return error;
 }
 
-static __noinline int
+static int
 ieee80211_ioctl_getstastats(struct ieee80211vap *vap, struct ieee80211req *ireq)
 {
 	struct ieee80211_node *ni;
@@ -252,7 +259,7 @@ get_scan_space(void *arg, const struct ieee80211_scan_entry *se)
 	req->space += scan_space(se, &ielen);
 }
 
-static __noinline void
+static void
 get_scan_result(void *arg, const struct ieee80211_scan_entry *se)
 {
 	struct scanreq *req = arg;
@@ -302,7 +309,7 @@ get_scan_result(void *arg, const struct ieee80211_scan_entry *se)
 	req->sr = (struct ieee80211req_scan_result *)(((uint8_t *)sr) + len);
 }
 
-static __noinline int
+static int
 ieee80211_ioctl_getscanresults(struct ieee80211vap *vap,
 	struct ieee80211req *ireq)
 {
@@ -366,7 +373,7 @@ get_sta_space(void *arg, struct ieee80211_node *ni)
 	req->space += sta_space(ni, &ielen);
 }
 
-static __noinline void
+static void
 get_sta_info(void *arg, struct ieee80211_node *ni)
 {
 	struct stainforeq *req = arg;
@@ -452,7 +459,7 @@ get_sta_info(void *arg, struct ieee80211_node *ni)
 	req->space -= len;
 }
 
-static __noinline int
+static int
 getstainfo_common(struct ieee80211vap *vap, struct ieee80211req *ireq,
 	struct ieee80211_node *ni, size_t off)
 {
@@ -496,7 +503,7 @@ bad:
 	return error;
 }
 
-static __noinline int
+static int
 ieee80211_ioctl_getstainfo(struct ieee80211vap *vap, struct ieee80211req *ireq)
 {
 	uint8_t macaddr[IEEE80211_ADDR_LEN];
@@ -519,7 +526,7 @@ ieee80211_ioctl_getstainfo(struct ieee80211vap *vap, struct ieee80211req *ireq)
 	return getstainfo_common(vap, ireq, ni, off);
 }
 
-static __noinline int
+static int
 ieee80211_ioctl_getstatxpow(struct ieee80211vap *vap, struct ieee80211req *ireq)
 {
 	struct ieee80211_node *ni;
@@ -540,7 +547,7 @@ ieee80211_ioctl_getstatxpow(struct ieee80211vap *vap, struct ieee80211req *ireq)
 	return error;
 }
 
-static __noinline int
+static int
 ieee80211_ioctl_getwmeparam(struct ieee80211vap *vap, struct ieee80211req *ireq)
 {
 	struct ieee80211com *ic = vap->iv_ic;
@@ -583,7 +590,7 @@ ieee80211_ioctl_getwmeparam(struct ieee80211vap *vap, struct ieee80211req *ireq)
 	return 0;
 }
 
-static __noinline int
+static int
 ieee80211_ioctl_getmaccmd(struct ieee80211vap *vap, struct ieee80211req *ireq)
 {
 	const struct ieee80211_aclator *acl = vap->iv_acl;
@@ -591,7 +598,7 @@ ieee80211_ioctl_getmaccmd(struct ieee80211vap *vap, struct ieee80211req *ireq)
 	return (acl == NULL ? EINVAL : acl->iac_getioctl(vap, ireq));
 }
 
-static __noinline int
+static int
 ieee80211_ioctl_getcurchan(struct ieee80211vap *vap, struct ieee80211req *ireq)
 {
 	struct ieee80211com *ic = vap->iv_ic;
@@ -648,7 +655,7 @@ ieee80211_ioctl_getappie(struct ieee80211vap *vap, struct ieee80211req *ireq)
 	return EINVAL;
 }
 
-static __noinline int
+static int
 ieee80211_ioctl_getregdomain(struct ieee80211vap *vap,
 	const struct ieee80211req *ireq)
 {
@@ -660,7 +667,7 @@ ieee80211_ioctl_getregdomain(struct ieee80211vap *vap,
 	    sizeof(ic->ic_regdomain));
 }
 
-static __noinline int
+static int
 ieee80211_ioctl_getroam(struct ieee80211vap *vap,
 	const struct ieee80211req *ireq)
 {
@@ -671,7 +678,7 @@ ieee80211_ioctl_getroam(struct ieee80211vap *vap,
 	return copyout(vap->iv_roamparms, ireq->i_data, len);
 }
 
-static __noinline int
+static int
 ieee80211_ioctl_gettxparams(struct ieee80211vap *vap,
 	const struct ieee80211req *ireq)
 {
@@ -682,7 +689,7 @@ ieee80211_ioctl_gettxparams(struct ieee80211vap *vap,
 	return copyout(vap->iv_txparms, ireq->i_data, len);
 }
 
-static __noinline int
+static int
 ieee80211_ioctl_getdevcaps(struct ieee80211com *ic,
 	const struct ieee80211req *ireq)
 {
@@ -716,7 +723,7 @@ ieee80211_ioctl_getdevcaps(struct ieee80211com *ic,
 	return error;
 }
 
-static __noinline int
+static int
 ieee80211_ioctl_getstavlan(struct ieee80211vap *vap, struct ieee80211req *ireq)
 {
 	struct ieee80211_node *ni;
@@ -765,23 +772,7 @@ ieee80211_ioctl_getdefault(struct ieee80211vap *vap, struct ieee80211req *ireq)
 	return EINVAL;
 }
 
-/*
- * When building the kernel with -O2 on the i386 architecture, gcc
- * seems to want to inline this function into ieee80211_ioctl()
- * (which is the only routine that calls it). When this happens,
- * ieee80211_ioctl() ends up consuming an additional 2K of stack
- * space. (Exactly why it needs so much is unclear.) The problem
- * is that it's possible for ieee80211_ioctl() to invoke other
- * routines (including driver init functions) which could then find
- * themselves perilously close to exhausting the stack.
- *
- * To avoid this, we deliberately prevent gcc from inlining this
- * routine. Another way to avoid this is to use less agressive
- * optimization when compiling this file (i.e. -O instead of -O2)
- * but special-casing the compilation of this one module in the
- * build system would be awkward.
- */
-static __noinline int
+static int
 ieee80211_ioctl_get80211(struct ieee80211vap *vap, u_long cmd,
     struct ieee80211req *ireq)
 {
@@ -932,8 +923,6 @@ ieee80211_ioctl_get80211(struct ieee80211vap *vap, u_long cmd,
 			    ireq->i_len);
 		break;
 	case IEEE80211_IOC_WPAIE:
-		error = ieee80211_ioctl_getwpaie(vap, ireq, ireq->i_type);
-		break;
 	case IEEE80211_IOC_WPAIE2:
 		error = ieee80211_ioctl_getwpaie(vap, ireq, ireq->i_type);
 		break;
@@ -1138,7 +1127,7 @@ ieee80211_ioctl_get80211(struct ieee80211vap *vap, u_long cmd,
 #undef MS
 }
 
-static __noinline int
+static int
 ieee80211_ioctl_setkey(struct ieee80211vap *vap, struct ieee80211req *ireq)
 {
 	struct ieee80211req_key ik;
@@ -1212,7 +1201,7 @@ ieee80211_ioctl_setkey(struct ieee80211vap *vap, struct ieee80211req *ireq)
 	return error;
 }
 
-static __noinline int
+static int
 ieee80211_ioctl_delkey(struct ieee80211vap *vap, struct ieee80211req *ireq)
 {
 	struct ieee80211req_del_key dk;
@@ -1354,7 +1343,7 @@ setmlme_dropsta(struct ieee80211vap *vap,
 	return error;
 }
 
-static __noinline int
+static int
 setmlme_common(struct ieee80211vap *vap, int op,
 	const uint8_t mac[IEEE80211_ADDR_LEN], int reason)
 {
@@ -1515,7 +1504,7 @@ mlmelookup(void *arg, const struct ieee80211_scan_entry *se)
 	look->se = se;
 }
 
-static __noinline int
+static int
 setmlme_assoc_sta(struct ieee80211vap *vap,
 	const uint8_t mac[IEEE80211_ADDR_LEN], int ssid_len,
 	const uint8_t ssid[IEEE80211_NWID_LEN])
@@ -1540,12 +1529,13 @@ setmlme_assoc_sta(struct ieee80211vap *vap,
 	return 0;
 }
 
-static __noinline int
+static int
 setmlme_assoc_adhoc(struct ieee80211vap *vap,
 	const uint8_t mac[IEEE80211_ADDR_LEN], int ssid_len,
 	const uint8_t ssid[IEEE80211_NWID_LEN])
 {
-	struct ieee80211_scan_req sr;
+	struct ieee80211_scan_req *sr;
+	int error;
 
 	KASSERT(vap->iv_opmode == IEEE80211_M_IBSS ||
 	    vap->iv_opmode == IEEE80211_M_AHDEMO,
@@ -1555,23 +1545,30 @@ setmlme_assoc_adhoc(struct ieee80211vap *vap,
 	if (ssid_len == 0)
 		return EINVAL;
 
+	sr = IEEE80211_MALLOC(sizeof(*sr), M_TEMP,
+	     IEEE80211_M_NOWAIT | IEEE80211_M_ZERO);
+	if (sr == NULL)
+		return ENOMEM;
+
 	/* NB: IEEE80211_IOC_SSID call missing for ap_scan=2. */
 	memset(vap->iv_des_ssid[0].ssid, 0, IEEE80211_NWID_LEN);
 	vap->iv_des_ssid[0].len = ssid_len;
 	memcpy(vap->iv_des_ssid[0].ssid, ssid, ssid_len);
 	vap->iv_des_nssid = 1;
 
-	memset(&sr, 0, sizeof(sr));
-	sr.sr_flags = IEEE80211_IOC_SCAN_ACTIVE | IEEE80211_IOC_SCAN_ONCE;
-	sr.sr_duration = IEEE80211_IOC_SCAN_FOREVER;
-	memcpy(sr.sr_ssid[0].ssid, ssid, ssid_len);
-	sr.sr_ssid[0].len = ssid_len;
-	sr.sr_nssid = 1;
+	sr->sr_flags = IEEE80211_IOC_SCAN_ACTIVE | IEEE80211_IOC_SCAN_ONCE;
+	sr->sr_duration = IEEE80211_IOC_SCAN_FOREVER;
+	memcpy(sr->sr_ssid[0].ssid, ssid, ssid_len);
+	sr->sr_ssid[0].len = ssid_len;
+	sr->sr_nssid = 1;
+
+	error = ieee80211_scanreq(vap, sr);
 
-	return ieee80211_scanreq(vap, &sr);
+	IEEE80211_FREE(sr, M_TEMP);
+	return error;
 }
 
-static __noinline int
+static int
 ieee80211_ioctl_setmlme(struct ieee80211vap *vap, struct ieee80211req *ireq)
 {
 	struct ieee80211req_mlme mlme;
@@ -1596,7 +1593,7 @@ ieee80211_ioctl_setmlme(struct ieee80211vap *vap, struct ieee80211req *ireq)
 		    mlme.im_macaddr, mlme.im_reason);
 }
 
-static __noinline int
+static int
 ieee80211_ioctl_macmac(struct ieee80211vap *vap, struct ieee80211req *ireq)
 {
 	uint8_t mac[IEEE80211_ADDR_LEN];
@@ -1621,7 +1618,7 @@ ieee80211_ioctl_macmac(struct ieee80211vap *vap, struct ieee80211req *ireq)
 	return 0;
 }
 
-static __noinline int
+static int
 ieee80211_ioctl_setmaccmd(struct ieee80211vap *vap, struct ieee80211req *ireq)
 {
 	const struct ieee80211_aclator *acl = vap->iv_acl;
@@ -1659,7 +1656,7 @@ ieee80211_ioctl_setmaccmd(struct ieee80211vap *vap, struct ieee80211req *ireq)
 	return 0;
 }
 
-static __noinline int
+static int
 ieee80211_ioctl_setchanlist(struct ieee80211vap *vap, struct ieee80211req *ireq)
 {
 	struct ieee80211com *ic = vap->iv_ic;
@@ -1705,7 +1702,7 @@ ieee80211_ioctl_setchanlist(struct ieee80211vap *vap, struct ieee80211req *ireq)
 	return ENETRESET;
 }
 
-static __noinline int
+static int
 ieee80211_ioctl_setstastats(struct ieee80211vap *vap, struct ieee80211req *ireq)
 {
 	struct ieee80211_node *ni;
@@ -1731,7 +1728,7 @@ ieee80211_ioctl_setstastats(struct ieee80211vap *vap, struct ieee80211req *ireq)
 	return 0;
 }
 
-static __noinline int
+static int
 ieee80211_ioctl_setstatxpow(struct ieee80211vap *vap, struct ieee80211req *ireq)
 {
 	struct ieee80211_node *ni;
@@ -1751,7 +1748,7 @@ ieee80211_ioctl_setstatxpow(struct ieee80211vap *vap, struct ieee80211req *ireq)
 	return error;
 }
 
-static __noinline int
+static int
 ieee80211_ioctl_setwmeparam(struct ieee80211vap *vap, struct ieee80211req *ireq)
 {
 	struct ieee80211com *ic = vap->iv_ic;
@@ -1977,7 +1974,7 @@ setcurchan(struct ieee80211vap *vap, struct ieee80211_channel *c)
  * Old api for setting the current channel; this is
  * deprecated because channel numbers are ambiguous.
  */
-static __noinline int
+static int
 ieee80211_ioctl_setchannel(struct ieee80211vap *vap,
 	const struct ieee80211req *ireq)
 {
@@ -2056,7 +2053,7 @@ ieee80211_ioctl_setchannel(struct ieee80211vap *vap,
  * channel description is provide so there is no ambiguity in
  * identifying the channel.
  */
-static __noinline int
+static int
 ieee80211_ioctl_setcurchan(struct ieee80211vap *vap,
 	const struct ieee80211req *ireq)
 {
@@ -2080,7 +2077,7 @@ ieee80211_ioctl_setcurchan(struct ieee80211vap *vap,
 	return setcurchan(vap, c);
 }
 
-static __noinline int
+static int
 ieee80211_ioctl_setregdomain(struct ieee80211vap *vap,
 	const struct ieee80211req *ireq)
 {
@@ -2154,7 +2151,7 @@ checkmcs(int mcs)
 	return (mcs & 0x7f) <= 15;	/* XXX could search ht rate set */
 }
 
-static __noinline int
+static int
 ieee80211_ioctl_settxparams(struct ieee80211vap *vap,
 	const struct ieee80211req *ireq)
 {
@@ -2275,7 +2272,7 @@ setwparsnie(struct ieee80211vap *vap, uint8_t *ie, int space)
 		vap->iv_rsn_ie = ie;
 }
 
-static __noinline int
+static int
 ieee80211_ioctl_setappie_locked(struct ieee80211vap *vap,
 	const struct ieee80211req *ireq, int fc0)
 {
@@ -2353,7 +2350,7 @@ ieee80211_ioctl_setappie_locked(struct ieee80211vap *vap,
 	return error;
 }
 
-static __noinline int
+static int
 ieee80211_ioctl_setappie(struct ieee80211vap *vap,
 	const struct ieee80211req *ireq)
 {
@@ -2371,7 +2368,7 @@ ieee80211_ioctl_setappie(struct ieee80211vap *vap,
 	return error;
 }
 
-static __noinline int
+static int
 ieee80211_ioctl_chanswitch(struct ieee80211vap *vap, struct ieee80211req *ireq)
 {
 	struct ieee80211com *ic = vap->iv_ic;
@@ -2507,21 +2504,28 @@ ieee80211_scanreq(struct ieee80211vap *vap, struct ieee80211_scan_req *sr)
 #undef IEEE80211_IOC_SCAN_FLAGS
 }
 
-static __noinline int
+static int
 ieee80211_ioctl_scanreq(struct ieee80211vap *vap, struct ieee80211req *ireq)
 {
-	struct ieee80211_scan_req sr;		/* XXX off stack? */
+	struct ieee80211_scan_req *sr;
 	int error;
 
-	if (ireq->i_len != sizeof(sr))
+	if (ireq->i_len != sizeof(*sr))
 		return EINVAL;
-	error = copyin(ireq->i_data, &sr, sizeof(sr));
+	sr = IEEE80211_MALLOC(sizeof(*sr), M_TEMP,
+	     IEEE80211_M_NOWAIT | IEEE80211_M_ZERO);
+	if (sr == NULL)
+		return ENOMEM;
+	error = copyin(ireq->i_data, sr, sizeof(*sr));
 	if (error != 0)
-		return error;
-	return ieee80211_scanreq(vap, &sr);
+		goto bad;
+	error = ieee80211_scanreq(vap, sr);
+bad:
+	IEEE80211_FREE(sr, M_TEMP);
+	return error;
 }
 
-static __noinline int
+static int
 ieee80211_ioctl_setstavlan(struct ieee80211vap *vap, struct ieee80211req *ireq)
 {
 	struct ieee80211_node *ni;
@@ -2585,7 +2589,7 @@ ieee80211_ioctl_setdefault(struct ieee80211vap *vap, struct ieee80211req *ireq)
 	return EINVAL;
 }
 
-static __noinline int
+static int
 ieee80211_ioctl_set80211(struct ieee80211vap *vap, u_long cmd, struct ieee80211req *ireq)
 {
 	struct ieee80211com *ic = vap->iv_ic;
diff --git a/sys/netinet/cc/cc.c b/sys/netinet/cc/cc.c
index 7f76632..718bfb4 100644
--- a/sys/netinet/cc/cc.c
+++ b/sys/netinet/cc/cc.c
@@ -63,13 +63,13 @@ __FBSDID("$FreeBSD$");
 #include <sys/socketvar.h>
 #include <sys/sysctl.h>
 
-#include <net/if.h>
-#include <net/if_var.h>
+#include <net/vnet.h>
 
-#include <netinet/cc.h>
 #include <netinet/in.h>
 #include <netinet/in_pcb.h>
+#include <netinet/tcp.h>
 #include <netinet/tcp_var.h>
+#include <netinet/tcp_cc.h>
 
 #include <netinet/cc/cc_module.h>
 
diff --git a/sys/netinet/cc/cc_cdg.c b/sys/netinet/cc/cc_cdg.c
index 6e87276..ec4e73c 100644
--- a/sys/netinet/cc/cc_cdg.c
+++ b/sys/netinet/cc/cc_cdg.c
@@ -63,14 +63,13 @@ __FBSDID("$FreeBSD$");
 #include <sys/sysctl.h>
 #include <sys/systm.h>
 
-#include <net/if.h>
 #include <net/vnet.h>
 
-#include <netinet/cc.h>
+#include <netinet/tcp.h>
 #include <netinet/tcp_seq.h>
 #include <netinet/tcp_timer.h>
 #include <netinet/tcp_var.h>
-
+#include <netinet/tcp_cc.h>
 #include <netinet/cc/cc_module.h>
 
 #include <netinet/khelp/h_ertt.h>
diff --git a/sys/netinet/cc/cc_chd.c b/sys/netinet/cc/cc_chd.c
index 9f9eb2a..67cf5f3 100644
--- a/sys/netinet/cc/cc_chd.c
+++ b/sys/netinet/cc/cc_chd.c
@@ -65,14 +65,13 @@ __FBSDID("$FreeBSD$");
 #include <sys/sysctl.h>
 #include <sys/systm.h>
 
-#include <net/if.h>
 #include <net/vnet.h>
 
-#include <netinet/cc.h>
+#include <netinet/tcp.h>
 #include <netinet/tcp_seq.h>
 #include <netinet/tcp_timer.h>
 #include <netinet/tcp_var.h>
-
+#include <netinet/tcp_cc.h>
 #include <netinet/cc/cc_module.h>
 
 #include <netinet/khelp/h_ertt.h>
diff --git a/sys/netinet/cc/cc_cubic.c b/sys/netinet/cc/cc_cubic.c
index 339ee6f..5e9404a 100644
--- a/sys/netinet/cc/cc_cubic.c
+++ b/sys/netinet/cc/cc_cubic.c
@@ -59,11 +59,11 @@ __FBSDID("$FreeBSD$");
 
 #include <net/vnet.h>
 
-#include <netinet/cc.h>
+#include <netinet/tcp.h>
 #include <netinet/tcp_seq.h>
 #include <netinet/tcp_timer.h>
 #include <netinet/tcp_var.h>
-
+#include <netinet/tcp_cc.h>
 #include <netinet/cc/cc_cubic.h>
 #include <netinet/cc/cc_module.h>
 
diff --git a/sys/netinet/cc/cc_dctcp.c b/sys/netinet/cc/cc_dctcp.c
index 93eb495..63e4250 100644
--- a/sys/netinet/cc/cc_dctcp.c
+++ b/sys/netinet/cc/cc_dctcp.c
@@ -50,12 +50,10 @@ __FBSDID("$FreeBSD$");
 
 #include <net/vnet.h>
 
-#include <netinet/in.h>
-#include <netinet/ip.h>
-#include <netinet/cc.h>
+#include <netinet/tcp.h>
 #include <netinet/tcp_seq.h>
 #include <netinet/tcp_var.h>
-
+#include <netinet/tcp_cc.h>
 #include <netinet/cc/cc_module.h>
 
 #define	CAST_PTR_INT(X)	(*((int*)(X)))
diff --git a/sys/netinet/cc/cc_hd.c b/sys/netinet/cc/cc_hd.c
index d6f18f4..a9d6f87 100644
--- a/sys/netinet/cc/cc_hd.c
+++ b/sys/netinet/cc/cc_hd.c
@@ -66,14 +66,13 @@ __FBSDID("$FreeBSD$");
 #include <sys/sysctl.h>
 #include <sys/systm.h>
 
-#include <net/if.h>
 #include <net/vnet.h>
 
-#include <netinet/cc.h>
+#include <netinet/tcp.h>
 #include <netinet/tcp_seq.h>
 #include <netinet/tcp_timer.h>
 #include <netinet/tcp_var.h>
-
+#include <netinet/tcp_cc.h>
 #include <netinet/cc/cc_module.h>
 
 #include <netinet/khelp/h_ertt.h>
diff --git a/sys/netinet/cc/cc_htcp.c b/sys/netinet/cc/cc_htcp.c
index 3f1681c..e5d1c9b 100644
--- a/sys/netinet/cc/cc_htcp.c
+++ b/sys/netinet/cc/cc_htcp.c
@@ -62,11 +62,11 @@ __FBSDID("$FreeBSD$");
 
 #include <net/vnet.h>
 
-#include <netinet/cc.h>
+#include <netinet/tcp.h>
 #include <netinet/tcp_seq.h>
 #include <netinet/tcp_timer.h>
 #include <netinet/tcp_var.h>
-
+#include <netinet/tcp_cc.h>
 #include <netinet/cc/cc_module.h>
 
 /* Fixed point math shifts. */
diff --git a/sys/netinet/cc/cc_newreno.c b/sys/netinet/cc/cc_newreno.c
index 31b70cc..e887d0d 100644
--- a/sys/netinet/cc/cc_newreno.c
+++ b/sys/netinet/cc/cc_newreno.c
@@ -62,10 +62,10 @@ __FBSDID("$FreeBSD$");
 
 #include <net/vnet.h>
 
-#include <netinet/cc.h>
+#include <netinet/tcp.h>
 #include <netinet/tcp_seq.h>
 #include <netinet/tcp_var.h>
-
+#include <netinet/tcp_cc.h>
 #include <netinet/cc/cc_module.h>
 
 static void	newreno_ack_received(struct cc_var *ccv, uint16_t type);
diff --git a/sys/netinet/cc/cc_vegas.c b/sys/netinet/cc/cc_vegas.c
index b9fbf3f..db894ab 100644
--- a/sys/netinet/cc/cc_vegas.c
+++ b/sys/netinet/cc/cc_vegas.c
@@ -67,14 +67,12 @@ __FBSDID("$FreeBSD$");
 #include <sys/sysctl.h>
 #include <sys/systm.h>
 
-#include <net/if.h>
 #include <net/vnet.h>
 
-#include <netinet/cc.h>
-#include <netinet/tcp_seq.h>
+#include <netinet/tcp.h>
 #include <netinet/tcp_timer.h>
 #include <netinet/tcp_var.h>
-
+#include <netinet/tcp_cc.h>
 #include <netinet/cc/cc_module.h>
 
 #include <netinet/khelp/h_ertt.h>
diff --git a/sys/netinet/igmp.c b/sys/netinet/igmp.c
index d83348c..2154149 100644
--- a/sys/netinet/igmp.c
+++ b/sys/netinet/igmp.c
@@ -659,16 +659,12 @@ igmp_ifdetach(struct ifnet *ifp)
 void
 igmp_domifdetach(struct ifnet *ifp)
 {
-	struct igmp_ifsoftc *igi;
 
 	CTR3(KTR_IGMPV3, "%s: called for ifp %p(%s)",
 	    __func__, ifp, ifp->if_xname);
 
 	IGMP_LOCK();
-
-	igi = ((struct in_ifinfo *)ifp->if_afdata[AF_INET])->ii_igmp;
 	igi_delete_locked(ifp);
-
 	IGMP_UNLOCK();
 }
 
diff --git a/sys/netinet/in_fib.c b/sys/netinet/in_fib.c
index 352c6d0..afd5418 100644
--- a/sys/netinet/in_fib.c
+++ b/sys/netinet/in_fib.c
@@ -48,6 +48,7 @@ __FBSDID("$FreeBSD$");
 #include <net/if_var.h>
 #include <net/if_dl.h>
 #include <net/route.h>
+#include <net/route_var.h>
 #include <net/vnet.h>
 
 #ifdef RADIX_MPATH
@@ -133,7 +134,7 @@ int
 fib4_lookup_nh_basic(uint32_t fibnum, struct in_addr dst, uint32_t flags,
     uint32_t flowid, struct nhop4_basic *pnh4)
 {
-	struct radix_node_head *rh;
+	struct rib_head *rh;
 	struct radix_node *rn;
 	struct sockaddr_in sin;
 	struct rtentry *rte;
@@ -148,19 +149,19 @@ fib4_lookup_nh_basic(uint32_t fibnum, struct in_addr dst, uint32_t flags,
 	sin.sin_len = sizeof(struct sockaddr_in);
 	sin.sin_addr = dst;
 
-	RADIX_NODE_HEAD_RLOCK(rh);
-	rn = rh->rnh_matchaddr((void *)&sin, rh);
+	RIB_RLOCK(rh);
+	rn = rh->rnh_matchaddr((void *)&sin, &rh->head);
 	if (rn != NULL && ((rn->rn_flags & RNF_ROOT) == 0)) {
 		rte = RNTORT(rn);
 		/* Ensure route & ifp is UP */
 		if (RT_LINK_IS_UP(rte->rt_ifp)) {
 			fib4_rte_to_nh_basic(rte, dst, flags, pnh4);
-			RADIX_NODE_HEAD_RUNLOCK(rh);
+			RIB_RUNLOCK(rh);
 
 			return (0);
 		}
 	}
-	RADIX_NODE_HEAD_RUNLOCK(rh);
+	RIB_RUNLOCK(rh);
 
 	return (ENOENT);
 }
@@ -181,7 +182,7 @@ int
 fib4_lookup_nh_ext(uint32_t fibnum, struct in_addr dst, uint32_t flags,
     uint32_t flowid, struct nhop4_extended *pnh4)
 {
-	struct radix_node_head *rh;
+	struct rib_head *rh;
 	struct radix_node *rn;
 	struct sockaddr_in sin;
 	struct rtentry *rte;
@@ -196,14 +197,14 @@ fib4_lookup_nh_ext(uint32_t fibnum, struct in_addr dst, uint32_t flags,
 	sin.sin_len = sizeof(struct sockaddr_in);
 	sin.sin_addr = dst;
 
-	RADIX_NODE_HEAD_RLOCK(rh);
-	rn = rh->rnh_matchaddr((void *)&sin, rh);
+	RIB_RLOCK(rh);
+	rn = rh->rnh_matchaddr((void *)&sin, &rh->head);
 	if (rn != NULL && ((rn->rn_flags & RNF_ROOT) == 0)) {
 		rte = RNTORT(rn);
 #ifdef RADIX_MPATH
 		rte = rt_mpath_select(rte, flowid);
 		if (rte == NULL) {
-			RADIX_NODE_HEAD_RUNLOCK(rh);
+			RIB_RUNLOCK(rh);
 			return (ENOENT);
 		}
 #endif
@@ -213,12 +214,12 @@ fib4_lookup_nh_ext(uint32_t fibnum, struct in_addr dst, uint32_t flags,
 			if ((flags & NHR_REF) != 0) {
 				/* TODO: lwref on egress ifp's ? */
 			}
-			RADIX_NODE_HEAD_RUNLOCK(rh);
+			RIB_RUNLOCK(rh);
 
 			return (0);
 		}
 	}
-	RADIX_NODE_HEAD_RUNLOCK(rh);
+	RIB_RUNLOCK(rh);
 
 	return (ENOENT);
 }
diff --git a/sys/netinet/in_rmx.c b/sys/netinet/in_rmx.c
index ced5381..c2a09e4 100644
--- a/sys/netinet/in_rmx.c
+++ b/sys/netinet/in_rmx.c
@@ -40,6 +40,7 @@ __FBSDID("$FreeBSD$");
 #include <net/if.h>
 #include <net/if_var.h>
 #include <net/route.h>
+#include <net/route_var.h>
 #include <net/vnet.h>
 
 #include <netinet/in.h>
@@ -57,13 +58,12 @@ extern int	in_detachhead(void **head, int off);
  * Do what we need to do when inserting a route.
  */
 static struct radix_node *
-in_addroute(void *v_arg, void *n_arg, struct radix_node_head *head,
+in_addroute(void *v_arg, void *n_arg, struct radix_head *head,
     struct radix_node *treenodes)
 {
 	struct rtentry *rt = (struct rtentry *)treenodes;
 	struct sockaddr_in *sin = (struct sockaddr_in *)rt_key(rt);
 
-	RADIX_NODE_HEAD_WLOCK_ASSERT(head);
 	/*
 	 * A little bit of help for both IP output and input:
 	 *   For host routes, we make sure that RTF_BROADCAST
@@ -113,15 +113,15 @@ static int _in_rt_was_here;
 int
 in_inithead(void **head, int off)
 {
-	struct radix_node_head *rnh;
+	struct rib_head *rh;
 
-	if (!rn_inithead(head, 32))
-		return 0;
+	rh = rt_table_init(32);
+	if (rh == NULL)
+		return (0);
 
-	rnh = *head;
-	RADIX_NODE_HEAD_LOCK_INIT(rnh);
+	rh->rnh_addaddr = in_addroute;
+	*head = (void *)rh;
 
-	rnh->rnh_addaddr = in_addroute;
 	if (_in_rt_was_here == 0 ) {
 		_in_rt_was_here = 1;
 	}
diff --git a/sys/netinet/in_var.h b/sys/netinet/in_var.h
index 121c6da..c5f27b0 100644
--- a/sys/netinet/in_var.h
+++ b/sys/netinet/in_var.h
@@ -351,7 +351,6 @@ inm_acquire_locked(struct in_multi *inm)
 struct	rtentry;
 struct	route;
 struct	ip_moptions;
-struct radix_node_head;
 
 struct in_multi *inm_lookup_locked(struct ifnet *, const struct in_addr);
 struct in_multi *inm_lookup(struct ifnet *, const struct in_addr);
diff --git a/sys/netinet/tcp.h b/sys/netinet/tcp.h
index bfc8073..4703810 100644
--- a/sys/netinet/tcp.h
+++ b/sys/netinet/tcp.h
@@ -165,6 +165,7 @@ struct tcphdr {
 #define TCP_MD5SIG	16	/* use MD5 digests (RFC2385) */
 #define	TCP_INFO	32	/* retrieve tcp_info structure */
 #define	TCP_CONGESTION	64	/* get/set congestion control algorithm */
+#define	TCP_CCALGOOPT	65	/* get/set cc algorithm specific options */
 #define	TCP_KEEPINIT	128	/* N, time to establish connection */
 #define	TCP_KEEPIDLE	256	/* L,N,X start keeplives after this period */
 #define	TCP_KEEPINTVL	512	/* L,N interval between keepalives */
diff --git a/sys/netinet/cc.h b/sys/netinet/tcp_cc.h
index 481b401..d90cd19 100644
--- a/sys/netinet/cc.h
+++ b/sys/netinet/tcp_cc.h
@@ -48,11 +48,12 @@
  *   http://caia.swin.edu.au/urp/newtcp/
  */
 
-#ifndef _NETINET_CC_H_
-#define _NETINET_CC_H_
+#ifndef _NETINET_TCP_CC_H_
+#define _NETINET_TCP_CC_H_
 
-/* XXX: TCP_CA_NAME_MAX define lives in tcp.h for compat reasons. */
-#include <netinet/tcp.h>
+#if !defined(_KERNEL)
+#error "no user-servicable parts inside"
+#endif
 
 /* Global CC vars. */
 extern STAILQ_HEAD(cc_head, cc_algo) cc_list;
@@ -150,6 +151,9 @@ struct cc_algo {
 	/* Called for an additional ECN processing apart from RFC3168. */
 	void	(*ecnpkt_handler)(struct cc_var *ccv);
 
+	/* Called for {get|set}sockopt() on a TCP socket with TCP_CCALGOOPT. */
+	int     (*ctl_output)(struct cc_var *, struct sockopt *, void *);
+
 	STAILQ_ENTRY (cc_algo) entries;
 };
 
@@ -171,4 +175,4 @@ extern struct rwlock cc_list_lock;
 #define	CC_LIST_WUNLOCK()	rw_wunlock(&cc_list_lock)
 #define	CC_LIST_LOCK_ASSERT()	rw_assert(&cc_list_lock, RA_LOCKED)
 
-#endif /* _NETINET_CC_H_ */
+#endif /* _NETINET_TCP_CC_H_ */
diff --git a/sys/netinet/tcp_input.c b/sys/netinet/tcp_input.c
index 3a979a0..7b2193e 100644
--- a/sys/netinet/tcp_input.c
+++ b/sys/netinet/tcp_input.c
@@ -82,12 +82,10 @@ __FBSDID("$FreeBSD$");
 
 #define TCPSTATES		/* for logging */
 
-#include <netinet/cc.h>
 #include <netinet/in.h>
 #include <netinet/in_kdtrace.h>
 #include <netinet/in_pcb.h>
 #include <netinet/in_systm.h>
-#include <netinet/in_var.h>
 #include <netinet/ip.h>
 #include <netinet/ip_icmp.h>	/* required for icmp_var.h */
 #include <netinet/icmp_var.h>	/* for ICMP_BANDLIM */
@@ -96,17 +94,20 @@ __FBSDID("$FreeBSD$");
 #include <netinet/ip6.h>
 #include <netinet/icmp6.h>
 #include <netinet6/in6_pcb.h>
+#include <netinet6/in6_var.h>
 #include <netinet6/ip6_var.h>
 #include <netinet6/nd6.h>
 #ifdef TCP_RFC7413
 #include <netinet/tcp_fastopen.h>
 #endif
+#include <netinet/tcp.h>
 #include <netinet/tcp_fsm.h>
 #include <netinet/tcp_seq.h>
 #include <netinet/tcp_timer.h>
 #include <netinet/tcp_var.h>
 #include <netinet6/tcp6_var.h>
 #include <netinet/tcpip.h>
+#include <netinet/tcp_cc.h>
 #ifdef TCPPCAP
 #include <netinet/tcp_pcap.h>
 #endif
diff --git a/sys/netinet/tcp_output.c b/sys/netinet/tcp_output.c
index 4a4e7eb5..55cf209 100644
--- a/sys/netinet/tcp_output.c
+++ b/sys/netinet/tcp_output.c
@@ -55,7 +55,6 @@ __FBSDID("$FreeBSD$");
 #include <net/route.h>
 #include <net/vnet.h>
 
-#include <netinet/cc.h>
 #include <netinet/in.h>
 #include <netinet/in_kdtrace.h>
 #include <netinet/in_systm.h>
@@ -71,12 +70,14 @@ __FBSDID("$FreeBSD$");
 #ifdef TCP_RFC7413
 #include <netinet/tcp_fastopen.h>
 #endif
+#include <netinet/tcp.h>
 #define	TCPOUTFLAGS
 #include <netinet/tcp_fsm.h>
 #include <netinet/tcp_seq.h>
 #include <netinet/tcp_timer.h>
 #include <netinet/tcp_var.h>
 #include <netinet/tcpip.h>
+#include <netinet/tcp_cc.h>
 #ifdef TCPPCAP
 #include <netinet/tcp_pcap.h>
 #endif
diff --git a/sys/netinet/tcp_stacks/fastpath.c b/sys/netinet/tcp_stacks/fastpath.c
index a49f85b..c3664df 100644
--- a/sys/netinet/tcp_stacks/fastpath.c
+++ b/sys/netinet/tcp_stacks/fastpath.c
@@ -81,19 +81,15 @@ __FBSDID("$FreeBSD$");
 
 #include <vm/uma.h>
 
-#include <net/if.h>
-#include <net/if_var.h>
 #include <net/route.h>
 #include <net/vnet.h>
 
 #define TCPSTATES		/* for logging */
 
-#include <netinet/cc.h>
 #include <netinet/in.h>
 #include <netinet/in_kdtrace.h>
 #include <netinet/in_pcb.h>
 #include <netinet/in_systm.h>
-#include <netinet/in_var.h>
 #include <netinet/ip.h>
 #include <netinet/ip_icmp.h>	/* required for icmp_var.h */
 #include <netinet/icmp_var.h>	/* for ICMP_BANDLIM */
@@ -103,7 +99,7 @@ __FBSDID("$FreeBSD$");
 #include <netinet/icmp6.h>
 #include <netinet6/in6_pcb.h>
 #include <netinet6/ip6_var.h>
-#include <netinet6/nd6.h>
+#include <netinet/tcp.h>
 #include <netinet/tcp_fsm.h>
 #include <netinet/tcp_seq.h>
 #include <netinet/tcp_timer.h>
@@ -111,6 +107,7 @@ __FBSDID("$FreeBSD$");
 #include <netinet6/tcp6_var.h>
 #include <netinet/tcpip.h>
 #include <netinet/tcp_syncache.h>
+#include <netinet/tcp_cc.h>
 #ifdef TCPDEBUG
 #include <netinet/tcp_debug.h>
 #endif /* TCPDEBUG */
diff --git a/sys/netinet/tcp_subr.c b/sys/netinet/tcp_subr.c
index d68a8a6..0ef8693 100644
--- a/sys/netinet/tcp_subr.c
+++ b/sys/netinet/tcp_subr.c
@@ -68,8 +68,8 @@ __FBSDID("$FreeBSD$");
 #include <net/if_var.h>
 #include <net/vnet.h>
 
-#include <netinet/cc.h>
 #include <netinet/in.h>
+#include <netinet/in_fib.h>
 #include <netinet/in_kdtrace.h>
 #include <netinet/in_pcb.h>
 #include <netinet/in_systm.h>
@@ -79,6 +79,7 @@ __FBSDID("$FreeBSD$");
 #include <netinet/ip_var.h>
 #ifdef INET6
 #include <netinet/ip6.h>
+#include <netinet6/in6_fib.h>
 #include <netinet6/in6_pcb.h>
 #include <netinet6/ip6_var.h>
 #include <netinet6/scope6_var.h>
@@ -88,11 +89,13 @@ __FBSDID("$FreeBSD$");
 #ifdef TCP_RFC7413
 #include <netinet/tcp_fastopen.h>
 #endif
+#include <netinet/tcp.h>
 #include <netinet/tcp_fsm.h>
 #include <netinet/tcp_seq.h>
 #include <netinet/tcp_timer.h>
 #include <netinet/tcp_var.h>
 #include <netinet/tcp_syncache.h>
+#include <netinet/tcp_cc.h>
 #ifdef INET6
 #include <netinet6/tcp6_var.h>
 #endif
@@ -2204,27 +2207,20 @@ tcp_mtudisc(struct inpcb *inp, int mtuoffer)
 u_long
 tcp_maxmtu(struct in_conninfo *inc, struct tcp_ifcap *cap)
 {
-	struct route sro;
-	struct sockaddr_in *dst;
+	struct nhop4_extended nh4;
 	struct ifnet *ifp;
 	u_long maxmtu = 0;
 
 	KASSERT(inc != NULL, ("tcp_maxmtu with NULL in_conninfo pointer"));
 
-	bzero(&sro, sizeof(sro));
 	if (inc->inc_faddr.s_addr != INADDR_ANY) {
-	        dst = (struct sockaddr_in *)&sro.ro_dst;
-		dst->sin_family = AF_INET;
-		dst->sin_len = sizeof(*dst);
-		dst->sin_addr = inc->inc_faddr;
-		in_rtalloc_ign(&sro, 0, inc->inc_fibnum);
-	}
-	if (sro.ro_rt != NULL) {
-		ifp = sro.ro_rt->rt_ifp;
-		if (sro.ro_rt->rt_mtu == 0)
-			maxmtu = ifp->if_mtu;
-		else
-			maxmtu = min(sro.ro_rt->rt_mtu, ifp->if_mtu);
+
+		if (fib4_lookup_nh_ext(inc->inc_fibnum, inc->inc_faddr,
+		    NHR_REF, 0, &nh4) != 0)
+			return (0);
+
+		ifp = nh4.nh_ifp;
+		maxmtu = nh4.nh_mtu;
 
 		/* Report additional interface capabilities. */
 		if (cap != NULL) {
@@ -2236,7 +2232,7 @@ tcp_maxmtu(struct in_conninfo *inc, struct tcp_ifcap *cap)
 				cap->tsomaxsegsize = ifp->if_hw_tsomaxsegsize;
 			}
 		}
-		RTFREE(sro.ro_rt);
+		fib4_free_nh_ext(inc->inc_fibnum, &nh4);
 	}
 	return (maxmtu);
 }
@@ -2246,26 +2242,22 @@ tcp_maxmtu(struct in_conninfo *inc, struct tcp_ifcap *cap)
 u_long
 tcp_maxmtu6(struct in_conninfo *inc, struct tcp_ifcap *cap)
 {
-	struct route_in6 sro6;
+	struct nhop6_extended nh6;
+	struct in6_addr dst6;
+	uint32_t scopeid;
 	struct ifnet *ifp;
 	u_long maxmtu = 0;
 
 	KASSERT(inc != NULL, ("tcp_maxmtu6 with NULL in_conninfo pointer"));
 
-	bzero(&sro6, sizeof(sro6));
 	if (!IN6_IS_ADDR_UNSPECIFIED(&inc->inc6_faddr)) {
-		sro6.ro_dst.sin6_family = AF_INET6;
-		sro6.ro_dst.sin6_len = sizeof(struct sockaddr_in6);
-		sro6.ro_dst.sin6_addr = inc->inc6_faddr;
-		in6_rtalloc_ign(&sro6, 0, inc->inc_fibnum);
-	}
-	if (sro6.ro_rt != NULL) {
-		ifp = sro6.ro_rt->rt_ifp;
-		if (sro6.ro_rt->rt_mtu == 0)
-			maxmtu = IN6_LINKMTU(sro6.ro_rt->rt_ifp);
-		else
-			maxmtu = min(sro6.ro_rt->rt_mtu,
-				     IN6_LINKMTU(sro6.ro_rt->rt_ifp));
+		in6_splitscope(&inc->inc6_faddr, &dst6, &scopeid);
+		if (fib6_lookup_nh_ext(inc->inc_fibnum, &dst6, scopeid, 0,
+		    0, &nh6) != 0)
+			return (0);
+
+		ifp = nh6.nh_ifp;
+		maxmtu = nh6.nh_mtu;
 
 		/* Report additional interface capabilities. */
 		if (cap != NULL) {
@@ -2277,7 +2269,7 @@ tcp_maxmtu6(struct in_conninfo *inc, struct tcp_ifcap *cap)
 				cap->tsomaxsegsize = ifp->if_hw_tsomaxsegsize;
 			}
 		}
-		RTFREE(sro6.ro_rt);
+		fib6_free_nh_ext(inc->inc_fibnum, &nh6);
 	}
 
 	return (maxmtu);
diff --git a/sys/netinet/tcp_timer.c b/sys/netinet/tcp_timer.c
index fb4ff11..0dfeb13 100644
--- a/sys/netinet/tcp_timer.c
+++ b/sys/netinet/tcp_timer.c
@@ -55,7 +55,6 @@ __FBSDID("$FreeBSD$");
 #include <net/vnet.h>
 #include <net/netisr.h>
 
-#include <netinet/cc.h>
 #include <netinet/in.h>
 #include <netinet/in_kdtrace.h>
 #include <netinet/in_pcb.h>
@@ -65,9 +64,11 @@ __FBSDID("$FreeBSD$");
 #include <netinet6/in6_pcb.h>
 #endif
 #include <netinet/ip_var.h>
+#include <netinet/tcp.h>
 #include <netinet/tcp_fsm.h>
 #include <netinet/tcp_timer.h>
 #include <netinet/tcp_var.h>
+#include <netinet/tcp_cc.h>
 #ifdef INET6
 #include <netinet6/tcp6_var.h>
 #endif
diff --git a/sys/netinet/tcp_usrreq.c b/sys/netinet/tcp_usrreq.c
index 76bc8aa..4b3150b 100644
--- a/sys/netinet/tcp_usrreq.c
+++ b/sys/netinet/tcp_usrreq.c
@@ -69,7 +69,6 @@ __FBSDID("$FreeBSD$");
 #include <net/route.h>
 #include <net/vnet.h>
 
-#include <netinet/cc.h>
 #include <netinet/in.h>
 #include <netinet/in_kdtrace.h>
 #include <netinet/in_pcb.h>
@@ -85,11 +84,13 @@ __FBSDID("$FreeBSD$");
 #ifdef TCP_RFC7413
 #include <netinet/tcp_fastopen.h>
 #endif
+#include <netinet/tcp.h>
 #include <netinet/tcp_fsm.h>
 #include <netinet/tcp_seq.h>
 #include <netinet/tcp_timer.h>
 #include <netinet/tcp_var.h>
 #include <netinet/tcpip.h>
+#include <netinet/tcp_cc.h>
 #ifdef TCPPCAP
 #include <netinet/tcp_pcap.h>
 #endif
@@ -1478,8 +1479,34 @@ tcp_default_ctloutput(struct socket *so, struct sockopt *sopt, struct inpcb *inp
 	u_int	ui;
 	struct	tcp_info ti;
 	struct cc_algo *algo;
-	char buf[TCP_CA_NAME_MAX];
-	
+	char	*buf;
+
+	/*
+	 * For TCP_CCALGOOPT forward the control to CC module, for both
+	 * SOPT_SET and SOPT_GET.
+	 */
+	switch (sopt->sopt_name) {
+	case TCP_CCALGOOPT:
+		INP_WUNLOCK(inp);
+		buf = malloc(sopt->sopt_valsize, M_TEMP, M_WAITOK | M_ZERO);
+		error = sooptcopyin(sopt, buf, sopt->sopt_valsize,
+		    sopt->sopt_valsize);
+		if (error) {
+			free(buf, M_TEMP);
+			return (error);
+		}
+		INP_WLOCK_RECHECK(inp);
+		if (CC_ALGO(tp)->ctl_output != NULL)
+			error = CC_ALGO(tp)->ctl_output(tp->ccv, sopt, buf);
+		else
+			error = ENOENT;
+		INP_WUNLOCK(inp);
+		if (error == 0 && sopt->sopt_dir == SOPT_GET)
+			error = sooptcopyout(sopt, buf, sopt->sopt_valsize);
+		free(buf, M_TEMP);
+		return (error);
+	}
+
 	switch (sopt->sopt_dir) {
 	case SOPT_SET:
 		switch (sopt->sopt_name) {
@@ -1573,50 +1600,47 @@ unlock_and_done:
 
 		case TCP_CONGESTION:
 			INP_WUNLOCK(inp);
-			bzero(buf, sizeof(buf));
-			error = sooptcopyin(sopt, &buf, sizeof(buf), 1);
-			if (error)
+			buf = malloc(TCP_CA_NAME_MAX, M_TEMP, M_WAITOK|M_ZERO);
+			error = sooptcopyin(sopt, buf, TCP_CA_NAME_MAX, 1);
+			if (error) {
+				free(buf, M_TEMP);
 				break;
+			}
+			CC_LIST_RLOCK();
+			STAILQ_FOREACH(algo, &cc_list, entries)
+				if (strncmp(buf, algo->name,
+				    TCP_CA_NAME_MAX) == 0)
+					break;
+			CC_LIST_RUNLOCK();
+			free(buf, M_TEMP);
+			if (algo == NULL) {
+				error = EINVAL;
+				break;
+			}
 			INP_WLOCK_RECHECK(inp);
 			/*
-			 * Return EINVAL if we can't find the requested cc algo.
+			 * We hold a write lock over the tcb so it's safe to
+			 * do these things without ordering concerns.
 			 */
-			error = EINVAL;
-			CC_LIST_RLOCK();
-			STAILQ_FOREACH(algo, &cc_list, entries) {
-				if (strncmp(buf, algo->name, TCP_CA_NAME_MAX)
-				    == 0) {
-					/* We've found the requested algo. */
-					error = 0;
-					/*
-					 * We hold a write lock over the tcb
-					 * so it's safe to do these things
-					 * without ordering concerns.
-					 */
-					if (CC_ALGO(tp)->cb_destroy != NULL)
-						CC_ALGO(tp)->cb_destroy(tp->ccv);
-					CC_ALGO(tp) = algo;
-					/*
-					 * If something goes pear shaped
-					 * initialising the new algo,
-					 * fall back to newreno (which
-					 * does not require initialisation).
-					 */
-					if (algo->cb_init != NULL)
-						if (algo->cb_init(tp->ccv) > 0) {
-							CC_ALGO(tp) = &newreno_cc_algo;
-							/*
-							 * The only reason init
-							 * should fail is
-							 * because of malloc.
-							 */
-							error = ENOMEM;
-						}
-					break; /* Break the STAILQ_FOREACH. */
-				}
+			if (CC_ALGO(tp)->cb_destroy != NULL)
+				CC_ALGO(tp)->cb_destroy(tp->ccv);
+			CC_ALGO(tp) = algo;
+			/*
+			 * If something goes pear shaped initialising the new
+			 * algo, fall back to newreno (which does not
+			 * require initialisation).
+			 */
+			if (algo->cb_init != NULL &&
+			    algo->cb_init(tp->ccv) != 0) {
+				CC_ALGO(tp) = &newreno_cc_algo;
+				/*
+				 * The only reason init should fail is
+				 * because of malloc.
+				 */
+				error = ENOMEM;
 			}
-			CC_LIST_RUNLOCK();
-			goto unlock_and_done;
+			INP_WUNLOCK(inp);
+			break;
 
 		case TCP_KEEPIDLE:
 		case TCP_KEEPINTVL:
@@ -1762,10 +1786,9 @@ unlock_and_done:
 			error = sooptcopyout(sopt, &ti, sizeof ti);
 			break;
 		case TCP_CONGESTION:
-			bzero(buf, sizeof(buf));
-			strlcpy(buf, CC_ALGO(tp)->name, TCP_CA_NAME_MAX);
 			INP_WUNLOCK(inp);
-			error = sooptcopyout(sopt, buf, TCP_CA_NAME_MAX);
+			error = sooptcopyout(sopt, CC_ALGO(tp)->name,
+			    TCP_CA_NAME_MAX);
 			break;
 		case TCP_KEEPIDLE:
 		case TCP_KEEPINTVL:
diff --git a/sys/netinet6/in6_fib.c b/sys/netinet6/in6_fib.c
index 96acfbb..b01e633 100644
--- a/sys/netinet6/in6_fib.c
+++ b/sys/netinet6/in6_fib.c
@@ -49,6 +49,7 @@ __FBSDID("$FreeBSD$");
 #include <net/if_var.h>
 #include <net/if_dl.h>
 #include <net/route.h>
+#include <net/route_var.h>
 #include <net/vnet.h>
 
 #ifdef RADIX_MPATH
@@ -170,7 +171,7 @@ int
 fib6_lookup_nh_basic(uint32_t fibnum, const struct in6_addr *dst, uint32_t scopeid,
     uint32_t flags, uint32_t flowid, struct nhop6_basic *pnh6)
 {
-	struct radix_node_head *rh;
+	struct rib_head *rh;
 	struct radix_node *rn;
 	struct sockaddr_in6 sin6;
 	struct rtentry *rte;
@@ -188,18 +189,18 @@ fib6_lookup_nh_basic(uint32_t fibnum, const struct in6_addr *dst, uint32_t scope
 	if (IN6_IS_SCOPE_LINKLOCAL(dst))
 		sin6.sin6_addr.s6_addr16[1] = htons(scopeid & 0xffff);
 
-	RADIX_NODE_HEAD_RLOCK(rh);
-	rn = rh->rnh_matchaddr((void *)&sin6, rh);
+	RIB_RLOCK(rh);
+	rn = rh->rnh_matchaddr((void *)&sin6, &rh->head);
 	if (rn != NULL && ((rn->rn_flags & RNF_ROOT) == 0)) {
 		rte = RNTORT(rn);
 		/* Ensure route & ifp is UP */
 		if (RT_LINK_IS_UP(rte->rt_ifp)) {
 			fib6_rte_to_nh_basic(rte, &sin6.sin6_addr, flags, pnh6);
-			RADIX_NODE_HEAD_RUNLOCK(rh);
+			RIB_RUNLOCK(rh);
 			return (0);
 		}
 	}
-	RADIX_NODE_HEAD_RUNLOCK(rh);
+	RIB_RUNLOCK(rh);
 
 	return (ENOENT);
 }
@@ -219,7 +220,7 @@ int
 fib6_lookup_nh_ext(uint32_t fibnum, const struct in6_addr *dst,uint32_t scopeid,
     uint32_t flags, uint32_t flowid, struct nhop6_extended *pnh6)
 {
-	struct radix_node_head *rh;
+	struct rib_head *rh;
 	struct radix_node *rn;
 	struct sockaddr_in6 sin6;
 	struct rtentry *rte;
@@ -237,14 +238,14 @@ fib6_lookup_nh_ext(uint32_t fibnum, const struct in6_addr *dst,uint32_t scopeid,
 	if (IN6_IS_SCOPE_LINKLOCAL(dst))
 		sin6.sin6_addr.s6_addr16[1] = htons(scopeid & 0xffff);
 
-	RADIX_NODE_HEAD_RLOCK(rh);
-	rn = rh->rnh_matchaddr((void *)&sin6, rh);
+	RIB_RLOCK(rh);
+	rn = rh->rnh_matchaddr((void *)&sin6, &rh->head);
 	if (rn != NULL && ((rn->rn_flags & RNF_ROOT) == 0)) {
 		rte = RNTORT(rn);
 #ifdef RADIX_MPATH
 		rte = rt_mpath_select(rte, flowid);
 		if (rte == NULL) {
-			RADIX_NODE_HEAD_RUNLOCK(rh);
+			RIB_RUNLOCK(rh);
 			return (ENOENT);
 		}
 #endif
@@ -255,12 +256,12 @@ fib6_lookup_nh_ext(uint32_t fibnum, const struct in6_addr *dst,uint32_t scopeid,
 			if ((flags & NHR_REF) != 0) {
 				/* TODO: Do lwref on egress ifp's */
 			}
-			RADIX_NODE_HEAD_RUNLOCK(rh);
+			RIB_RUNLOCK(rh);
 
 			return (0);
 		}
 	}
-	RADIX_NODE_HEAD_RUNLOCK(rh);
+	RIB_RUNLOCK(rh);
 
 	return (ENOENT);
 }
diff --git a/sys/netinet6/in6_rmx.c b/sys/netinet6/in6_rmx.c
index 93c786c..38b4bf2 100644
--- a/sys/netinet6/in6_rmx.c
+++ b/sys/netinet6/in6_rmx.c
@@ -77,6 +77,7 @@ __FBSDID("$FreeBSD$");
 #include <net/if.h>
 #include <net/if_var.h>
 #include <net/route.h>
+#include <net/route_var.h>
 
 #include <netinet/in.h>
 #include <netinet/ip_var.h>
@@ -102,13 +103,12 @@ extern int	in6_detachhead(void **head, int off);
  * Do what we need to do when inserting a route.
  */
 static struct radix_node *
-in6_addroute(void *v_arg, void *n_arg, struct radix_node_head *head,
+in6_addroute(void *v_arg, void *n_arg, struct radix_head *head,
     struct radix_node *treenodes)
 {
 	struct rtentry *rt = (struct rtentry *)treenodes;
 	struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)rt_key(rt);
 
-	RADIX_NODE_HEAD_WLOCK_ASSERT(head);
 	if (IN6_IS_ADDR_MULTICAST(&sin6->sin6_addr))
 		rt->rt_flags |= RTF_MULTICAST;
 
@@ -154,7 +154,7 @@ in6_addroute(void *v_arg, void *n_arg, struct radix_node_head *head,
  * Age old PMTUs.
  */
 struct mtuex_arg {
-	struct radix_node_head *rnh;
+	struct rib_head *rnh;
 	time_t nextstop;
 };
 static VNET_DEFINE(struct callout, rtq_mtutimer);
@@ -179,7 +179,7 @@ in6_mtuexpire(struct rtentry *rt, void *rock)
 #define	MTUTIMO_DEFAULT	(60*1)
 
 static void
-in6_mtutimo_setwa(struct radix_node_head *rnh, uint32_t fibum, int af,
+in6_mtutimo_setwa(struct rib_head *rnh, uint32_t fibum, int af,
     void *_arg)
 {
 	struct mtuex_arg *arg;
@@ -213,15 +213,14 @@ static VNET_DEFINE(int, _in6_rt_was_here);
 int
 in6_inithead(void **head, int off)
 {
-	struct radix_node_head *rnh;
+	struct rib_head *rh;
 
-	if (!rn_inithead(head, offsetof(struct sockaddr_in6, sin6_addr) << 3))
+	rh = rt_table_init(offsetof(struct sockaddr_in6, sin6_addr) << 3);
+	if (rh == NULL)
 		return (0);
 
-	rnh = *head;
-	RADIX_NODE_HEAD_LOCK_INIT(rnh);
-
-	rnh->rnh_addaddr = in6_addroute;
+	rh->rnh_addaddr = in6_addroute;
+	*head = (void *)rh;
 
 	if (V__in6_rt_was_here == 0) {
 		callout_init(&V_rtq_mtutimer, 1);
diff --git a/sys/netinet6/nd6_rtr.c b/sys/netinet6/nd6_rtr.c
index b57cf15..ca64908 100644
--- a/sys/netinet6/nd6_rtr.c
+++ b/sys/netinet6/nd6_rtr.c
@@ -54,6 +54,7 @@ __FBSDID("$FreeBSD$");
 #include <net/if_types.h>
 #include <net/if_dl.h>
 #include <net/route.h>
+#include <net/route_var.h>
 #include <net/radix.h>
 #include <net/vnet.h>
 
@@ -1525,7 +1526,7 @@ static int
 nd6_prefix_onlink_rtrequest(struct nd_prefix *pr, struct ifaddr *ifa)
 {
 	static struct sockaddr_dl null_sdl = {sizeof(null_sdl), AF_LINK};
-	struct radix_node_head *rnh;
+	struct rib_head *rnh;
 	struct rtentry *rt;
 	struct sockaddr_in6 mask6;
 	u_long rtflags;
@@ -1554,7 +1555,7 @@ nd6_prefix_onlink_rtrequest(struct nd_prefix *pr, struct ifaddr *ifa)
 
 			rnh = rt_tables_get_rnh(rt->rt_fibnum, AF_INET6);
 			/* XXX what if rhn == NULL? */
-			RADIX_NODE_HEAD_LOCK(rnh);
+			RIB_WLOCK(rnh);
 			RT_LOCK(rt);
 			if (rt_setgate(rt, rt_key(rt),
 			    (struct sockaddr *)&null_sdl) == 0) {
@@ -1564,7 +1565,7 @@ nd6_prefix_onlink_rtrequest(struct nd_prefix *pr, struct ifaddr *ifa)
 				dl->sdl_type = rt->rt_ifp->if_type;
 				dl->sdl_index = rt->rt_ifp->if_index;
 			}
-			RADIX_NODE_HEAD_UNLOCK(rnh);
+			RIB_WUNLOCK(rnh);
 			nd6_rtmsg(RTM_ADD, rt);
 			RT_UNLOCK(rt);
 			pr->ndpr_stateflags |= NDPRF_ONLINK;
diff --git a/sys/netpfil/ipfw/ip_fw_table_algo.c b/sys/netpfil/ipfw/ip_fw_table_algo.c
index 2ce550e..c04ee86 100644
--- a/sys/netpfil/ipfw/ip_fw_table_algo.c
+++ b/sys/netpfil/ipfw/ip_fw_table_algo.c
@@ -51,6 +51,7 @@ __FBSDID("$FreeBSD$");
 #include <net/if.h>	/* ip_fw.h requires IFNAMSIZ */
 #include <net/radix.h>
 #include <net/route.h>
+#include <net/route_var.h>
 
 #include <netinet/in.h>
 #include <netinet/in_fib.h>
@@ -409,7 +410,7 @@ ta_lookup_radix(struct table_info *ti, void *key, uint32_t keylen,
 		KEY_LEN(sa) = KEY_LEN_INET;
 		sa.sin_addr.s_addr = *((in_addr_t *)key);
 		rnh = (struct radix_node_head *)ti->state;
-		ent = (struct radix_addr_entry *)(rnh->rnh_matchaddr(&sa, rnh));
+		ent = (struct radix_addr_entry *)(rnh->rnh_matchaddr(&sa, &rnh->rh));
 		if (ent != NULL) {
 			*val = ent->value;
 			return (1);
@@ -420,7 +421,7 @@ ta_lookup_radix(struct table_info *ti, void *key, uint32_t keylen,
 		KEY_LEN(sa6) = KEY_LEN_INET6;
 		memcpy(&sa6.sin6_addr, key, sizeof(struct in6_addr));
 		rnh = (struct radix_node_head *)ti->xstate;
-		xent = (struct radix_addr_xentry *)(rnh->rnh_matchaddr(&sa6, rnh));
+		xent = (struct radix_addr_xentry *)(rnh->rnh_matchaddr(&sa6, &rnh->rh));
 		if (xent != NULL) {
 			*val = xent->value;
 			return (1);
@@ -461,7 +462,7 @@ flush_radix_entry(struct radix_node *rn, void *arg)
 	struct radix_addr_entry *ent;
 
 	ent = (struct radix_addr_entry *)
-	    rnh->rnh_deladdr(rn->rn_key, rn->rn_mask, rnh);
+	    rnh->rnh_deladdr(rn->rn_key, rn->rn_mask, &rnh->rh);
 	if (ent != NULL)
 		free(ent, M_IPFW_TBL);
 	return (0);
@@ -476,11 +477,11 @@ ta_destroy_radix(void *ta_state, struct table_info *ti)
 	cfg = (struct radix_cfg *)ta_state;
 
 	rnh = (struct radix_node_head *)(ti->state);
-	rnh->rnh_walktree(rnh, flush_radix_entry, rnh);
+	rnh->rnh_walktree(&rnh->rh, flush_radix_entry, rnh);
 	rn_detachhead(&ti->state);
 
 	rnh = (struct radix_node_head *)(ti->xstate);
-	rnh->rnh_walktree(rnh, flush_radix_entry, rnh);
+	rnh->rnh_walktree(&rnh->rh, flush_radix_entry, rnh);
 	rn_detachhead(&ti->xstate);
 
 	free(cfg, M_IPFW);
@@ -548,13 +549,13 @@ ta_find_radix_tentry(void *ta_state, struct table_info *ti,
 		KEY_LEN(sa) = KEY_LEN_INET;
 		sa.sin_addr.s_addr = tent->k.addr.s_addr;
 		rnh = (struct radix_node_head *)ti->state;
-		e = rnh->rnh_matchaddr(&sa, rnh);
+		e = rnh->rnh_matchaddr(&sa, &rnh->rh);
 	} else {
 		struct sa_in6 sa6;
 		KEY_LEN(sa6) = KEY_LEN_INET6;
 		memcpy(&sa6.sin6_addr, &tent->k.addr6, sizeof(struct in6_addr));
 		rnh = (struct radix_node_head *)ti->xstate;
-		e = rnh->rnh_matchaddr(&sa6, rnh);
+		e = rnh->rnh_matchaddr(&sa6, &rnh->rh);
 	}
 
 	if (e != NULL) {
@@ -572,10 +573,10 @@ ta_foreach_radix(void *ta_state, struct table_info *ti, ta_foreach_f *f,
 	struct radix_node_head *rnh;
 
 	rnh = (struct radix_node_head *)(ti->state);
-	rnh->rnh_walktree(rnh, (walktree_f_t *)f, arg);
+	rnh->rnh_walktree(&rnh->rh, (walktree_f_t *)f, arg);
 
 	rnh = (struct radix_node_head *)(ti->xstate);
-	rnh->rnh_walktree(rnh, (walktree_f_t *)f, arg);
+	rnh->rnh_walktree(&rnh->rh, (walktree_f_t *)f, arg);
 }
 
 
@@ -722,7 +723,7 @@ ta_add_radix(void *ta_state, struct table_info *ti, struct tentry_info *tei,
 	}
 
 	/* Search for an entry first */
-	rn = rnh->rnh_lookup(tb->addr_ptr, tb->mask_ptr, rnh);
+	rn = rnh->rnh_lookup(tb->addr_ptr, tb->mask_ptr, &rnh->rh);
 	if (rn != NULL) {
 		if ((tei->flags & TEI_FLAGS_UPDATE) == 0)
 			return (EEXIST);
@@ -746,7 +747,7 @@ ta_add_radix(void *ta_state, struct table_info *ti, struct tentry_info *tei,
 	if ((tei->flags & TEI_FLAGS_DONTADD) != 0)
 		return (EFBIG);
 
-	rn = rnh->rnh_addaddr(tb->addr_ptr, tb->mask_ptr, rnh, tb->ent_ptr);
+	rn = rnh->rnh_addaddr(tb->addr_ptr, tb->mask_ptr, &rnh->rh,tb->ent_ptr);
 	if (rn == NULL) {
 		/* Unknown error */
 		return (EINVAL);
@@ -817,7 +818,7 @@ ta_del_radix(void *ta_state, struct table_info *ti, struct tentry_info *tei,
 	else
 		rnh = ti->xstate;
 
-	rn = rnh->rnh_deladdr(tb->addr_ptr, tb->mask_ptr, rnh);
+	rn = rnh->rnh_deladdr(tb->addr_ptr, tb->mask_ptr, &rnh->rh);
 
 	if (rn == NULL)
 		return (ENOENT);
@@ -4042,21 +4043,21 @@ static void
 ta_foreach_kfib(void *ta_state, struct table_info *ti, ta_foreach_f *f,
     void *arg)
 {
-	struct radix_node_head *rnh;
+	struct rib_head *rh;
 	int error;
 
-	rnh = rt_tables_get_rnh(ti->data, AF_INET);
-	if (rnh != NULL) {
-		RADIX_NODE_HEAD_RLOCK(rnh); 
-		error = rnh->rnh_walktree(rnh, (walktree_f_t *)f, arg);
-		RADIX_NODE_HEAD_RUNLOCK(rnh);
+	rh = rt_tables_get_rnh(ti->data, AF_INET);
+	if (rh != NULL) {
+		RIB_RLOCK(rh); 
+		error = rh->rnh_walktree(&rh->head, (walktree_f_t *)f, arg);
+		RIB_RUNLOCK(rh);
 	}
 
-	rnh = rt_tables_get_rnh(ti->data, AF_INET6);
-	if (rnh != NULL) {
-		RADIX_NODE_HEAD_RLOCK(rnh); 
-		error = rnh->rnh_walktree(rnh, (walktree_f_t *)f, arg);
-		RADIX_NODE_HEAD_RUNLOCK(rnh);
+	rh = rt_tables_get_rnh(ti->data, AF_INET6);
+	if (rh != NULL) {
+		RIB_RLOCK(rh); 
+		error = rh->rnh_walktree(&rh->head, (walktree_f_t *)f, arg);
+		RIB_RUNLOCK(rh); 
 	}
 }
 
diff --git a/sys/netpfil/ipfw/ip_fw_table_value.c b/sys/netpfil/ipfw/ip_fw_table_value.c
index c8c755c..a196b03 100644
--- a/sys/netpfil/ipfw/ip_fw_table_value.c
+++ b/sys/netpfil/ipfw/ip_fw_table_value.c
@@ -158,6 +158,7 @@ update_tvalue(struct namedobj_instance *ni, struct named_object *no, void *arg)
 
 	pval = da->pval;
 	ptv->pval = &pval[ptv->no.kidx];
+	ptv->no.name = (char *)&pval[ptv->no.kidx];
 
 }
 
diff --git a/sys/netpfil/pf/pf_table.c b/sys/netpfil/pf/pf_table.c
index b9f13b9..b9889b9 100644
--- a/sys/netpfil/pf/pf_table.c
+++ b/sys/netpfil/pf/pf_table.c
@@ -559,10 +559,10 @@ pfr_get_addrs(struct pfr_table *tbl, struct pfr_addr *addr, int *size,
 	w.pfrw_op = PFRW_GET_ADDRS;
 	w.pfrw_addr = addr;
 	w.pfrw_free = kt->pfrkt_cnt;
-	rv = kt->pfrkt_ip4->rnh_walktree(kt->pfrkt_ip4, pfr_walktree, &w);
+	rv = kt->pfrkt_ip4->rnh_walktree(&kt->pfrkt_ip4->rh, pfr_walktree, &w);
 	if (!rv)
-		rv = kt->pfrkt_ip6->rnh_walktree(kt->pfrkt_ip6, pfr_walktree,
-		    &w);
+		rv = kt->pfrkt_ip6->rnh_walktree(&kt->pfrkt_ip6->rh,
+		    pfr_walktree, &w);
 	if (rv)
 		return (rv);
 
@@ -601,10 +601,10 @@ pfr_get_astats(struct pfr_table *tbl, struct pfr_astats *addr, int *size,
 	w.pfrw_op = PFRW_GET_ASTATS;
 	w.pfrw_astats = addr;
 	w.pfrw_free = kt->pfrkt_cnt;
-	rv = kt->pfrkt_ip4->rnh_walktree(kt->pfrkt_ip4, pfr_walktree, &w);
+	rv = kt->pfrkt_ip4->rnh_walktree(&kt->pfrkt_ip4->rh, pfr_walktree, &w);
 	if (!rv)
-		rv = kt->pfrkt_ip6->rnh_walktree(kt->pfrkt_ip6, pfr_walktree,
-		    &w);
+		rv = kt->pfrkt_ip6->rnh_walktree(&kt->pfrkt_ip6->rh,
+		    pfr_walktree, &w);
 	if (!rv && (flags & PFR_FLAG_CLSTATS)) {
 		pfr_enqueue_addrs(kt, &workq, NULL, 0);
 		pfr_clstats_kentries(&workq, tzero, 0);
@@ -710,12 +710,12 @@ pfr_enqueue_addrs(struct pfr_ktable *kt, struct pfr_kentryworkq *workq,
 	w.pfrw_op = sweep ? PFRW_SWEEP : PFRW_ENQUEUE;
 	w.pfrw_workq = workq;
 	if (kt->pfrkt_ip4 != NULL)
-		if (kt->pfrkt_ip4->rnh_walktree(kt->pfrkt_ip4, pfr_walktree,
-		    &w))
+		if (kt->pfrkt_ip4->rnh_walktree(&kt->pfrkt_ip4->rh,
+		    pfr_walktree, &w))
 			printf("pfr_enqueue_addrs: IPv4 walktree failed.\n");
 	if (kt->pfrkt_ip6 != NULL)
-		if (kt->pfrkt_ip6->rnh_walktree(kt->pfrkt_ip6, pfr_walktree,
-		    &w))
+		if (kt->pfrkt_ip6->rnh_walktree(&kt->pfrkt_ip6->rh,
+		    pfr_walktree, &w))
 			printf("pfr_enqueue_addrs: IPv6 walktree failed.\n");
 	if (naddr != NULL)
 		*naddr = w.pfrw_cnt;
@@ -728,9 +728,9 @@ pfr_mark_addrs(struct pfr_ktable *kt)
 
 	bzero(&w, sizeof(w));
 	w.pfrw_op = PFRW_MARK;
-	if (kt->pfrkt_ip4->rnh_walktree(kt->pfrkt_ip4, pfr_walktree, &w))
+	if (kt->pfrkt_ip4->rnh_walktree(&kt->pfrkt_ip4->rh, pfr_walktree, &w))
 		printf("pfr_mark_addrs: IPv4 walktree failed.\n");
-	if (kt->pfrkt_ip6->rnh_walktree(kt->pfrkt_ip6, pfr_walktree, &w))
+	if (kt->pfrkt_ip6->rnh_walktree(&kt->pfrkt_ip6->rh, pfr_walktree, &w))
 		printf("pfr_mark_addrs: IPv6 walktree failed.\n");
 }
 
@@ -739,7 +739,7 @@ static struct pfr_kentry *
 pfr_lookup_addr(struct pfr_ktable *kt, struct pfr_addr *ad, int exact)
 {
 	union sockaddr_union	 sa, mask;
-	struct radix_node_head	*head = NULL;
+	struct radix_head	*head = NULL;
 	struct pfr_kentry	*ke;
 
 	PF_RULES_ASSERT();
@@ -747,10 +747,10 @@ pfr_lookup_addr(struct pfr_ktable *kt, struct pfr_addr *ad, int exact)
 	bzero(&sa, sizeof(sa));
 	if (ad->pfra_af == AF_INET) {
 		FILLIN_SIN(sa.sin, ad->pfra_ip4addr);
-		head = kt->pfrkt_ip4;
+		head = &kt->pfrkt_ip4->rh;
 	} else if ( ad->pfra_af == AF_INET6 ) {
 		FILLIN_SIN6(sa.sin6, ad->pfra_ip6addr);
-		head = kt->pfrkt_ip6;
+		head = &kt->pfrkt_ip6->rh;
 	}
 	if (ADDR_NETWORK(ad)) {
 		pfr_prepare_network(&mask, ad->pfra_af, ad->pfra_net);
@@ -929,15 +929,15 @@ pfr_route_kentry(struct pfr_ktable *kt, struct pfr_kentry *ke)
 {
 	union sockaddr_union	 mask;
 	struct radix_node	*rn;
-	struct radix_node_head	*head = NULL;
+	struct radix_head	*head = NULL;
 
 	PF_RULES_WASSERT();
 
 	bzero(ke->pfrke_node, sizeof(ke->pfrke_node));
 	if (ke->pfrke_af == AF_INET)
-		head = kt->pfrkt_ip4;
+		head = &kt->pfrkt_ip4->rh;
 	else if (ke->pfrke_af == AF_INET6)
-		head = kt->pfrkt_ip6;
+		head = &kt->pfrkt_ip6->rh;
 
 	if (KENTRY_NETWORK(ke)) {
 		pfr_prepare_network(&mask, ke->pfrke_af, ke->pfrke_net);
@@ -953,12 +953,12 @@ pfr_unroute_kentry(struct pfr_ktable *kt, struct pfr_kentry *ke)
 {
 	union sockaddr_union	 mask;
 	struct radix_node	*rn;
-	struct radix_node_head	*head = NULL;
+	struct radix_head	*head = NULL;
 
 	if (ke->pfrke_af == AF_INET)
-		head = kt->pfrkt_ip4;
+		head = &kt->pfrkt_ip4->rh;
 	else if (ke->pfrke_af == AF_INET6)
-		head = kt->pfrkt_ip6;
+		head = &kt->pfrkt_ip6->rh;
 
 	if (KENTRY_NETWORK(ke)) {
 		pfr_prepare_network(&mask, ke->pfrke_af, ke->pfrke_net);
@@ -1907,7 +1907,7 @@ pfr_match_addr(struct pfr_ktable *kt, struct pf_addr *a, sa_family_t af)
 		sin.sin_len = sizeof(sin);
 		sin.sin_family = AF_INET;
 		sin.sin_addr.s_addr = a->addr32[0];
-		ke = (struct pfr_kentry *)rn_match(&sin, kt->pfrkt_ip4);
+		ke = (struct pfr_kentry *)rn_match(&sin, &kt->pfrkt_ip4->rh);
 		if (ke && KENTRY_RNF_ROOT(ke))
 			ke = NULL;
 		break;
@@ -1922,7 +1922,7 @@ pfr_match_addr(struct pfr_ktable *kt, struct pf_addr *a, sa_family_t af)
 		sin6.sin6_len = sizeof(sin6);
 		sin6.sin6_family = AF_INET6;
 		bcopy(a, &sin6.sin6_addr, sizeof(sin6.sin6_addr));
-		ke = (struct pfr_kentry *)rn_match(&sin6, kt->pfrkt_ip6);
+		ke = (struct pfr_kentry *)rn_match(&sin6, &kt->pfrkt_ip6->rh);
 		if (ke && KENTRY_RNF_ROOT(ke))
 			ke = NULL;
 		break;
@@ -1958,7 +1958,7 @@ pfr_update_stats(struct pfr_ktable *kt, struct pf_addr *a, sa_family_t af,
 		sin.sin_len = sizeof(sin);
 		sin.sin_family = AF_INET;
 		sin.sin_addr.s_addr = a->addr32[0];
-		ke = (struct pfr_kentry *)rn_match(&sin, kt->pfrkt_ip4);
+		ke = (struct pfr_kentry *)rn_match(&sin, &kt->pfrkt_ip4->rh);
 		if (ke && KENTRY_RNF_ROOT(ke))
 			ke = NULL;
 		break;
@@ -1973,7 +1973,7 @@ pfr_update_stats(struct pfr_ktable *kt, struct pf_addr *a, sa_family_t af,
 		sin6.sin6_len = sizeof(sin6);
 		sin6.sin6_family = AF_INET6;
 		bcopy(a, &sin6.sin6_addr, sizeof(sin6.sin6_addr));
-		ke = (struct pfr_kentry *)rn_match(&sin6, kt->pfrkt_ip6);
+		ke = (struct pfr_kentry *)rn_match(&sin6, &kt->pfrkt_ip6->rh);
 		if (ke && KENTRY_RNF_ROOT(ke))
 			ke = NULL;
 		break;
@@ -2120,11 +2120,11 @@ _next_block:
 		switch (af) {
 		case AF_INET:
 			ke2 = (struct pfr_kentry *)rn_match(&uaddr,
-			    kt->pfrkt_ip4);
+			    &kt->pfrkt_ip4->rh);
 			break;
 		case AF_INET6:
 			ke2 = (struct pfr_kentry *)rn_match(&uaddr,
-			    kt->pfrkt_ip6);
+			    &kt->pfrkt_ip6->rh);
 			break;
 		}
 		/* no need to check KENTRY_RNF_ROOT() here */
@@ -2162,12 +2162,12 @@ pfr_kentry_byidx(struct pfr_ktable *kt, int idx, int af)
 	switch (af) {
 #ifdef INET
 	case AF_INET:
-		kt->pfrkt_ip4->rnh_walktree(kt->pfrkt_ip4, pfr_walktree, &w);
+		kt->pfrkt_ip4->rnh_walktree(&kt->pfrkt_ip4->rh, pfr_walktree, &w);
 		return (w.pfrw_kentry);
 #endif /* INET */
 #ifdef INET6
 	case AF_INET6:
-		kt->pfrkt_ip6->rnh_walktree(kt->pfrkt_ip6, pfr_walktree, &w);
+		kt->pfrkt_ip6->rnh_walktree(&kt->pfrkt_ip6->rh, pfr_walktree, &w);
 		return (w.pfrw_kentry);
 #endif /* INET6 */
 	default:
@@ -2187,7 +2187,7 @@ pfr_dynaddr_update(struct pfr_ktable *kt, struct pfi_dynaddr *dyn)
 	dyn->pfid_acnt4 = 0;
 	dyn->pfid_acnt6 = 0;
 	if (!dyn->pfid_af || dyn->pfid_af == AF_INET)
-		kt->pfrkt_ip4->rnh_walktree(kt->pfrkt_ip4, pfr_walktree, &w);
+		kt->pfrkt_ip4->rnh_walktree(&kt->pfrkt_ip4->rh, pfr_walktree, &w);
 	if (!dyn->pfid_af || dyn->pfid_af == AF_INET6)
-		kt->pfrkt_ip6->rnh_walktree(kt->pfrkt_ip6, pfr_walktree, &w);
+		kt->pfrkt_ip6->rnh_walktree(&kt->pfrkt_ip6->rh, pfr_walktree, &w);
 }
diff --git a/sys/nfs/bootp_subr.c b/sys/nfs/bootp_subr.c
index c5bd4cb..dd76d7e 100644
--- a/sys/nfs/bootp_subr.c
+++ b/sys/nfs/bootp_subr.c
@@ -65,6 +65,9 @@ __FBSDID("$FreeBSD$");
 #include <net/if.h>
 #include <net/if_var.h>
 #include <net/route.h>
+#ifdef BOOTP_DEBUG
+#include <net/route_var.h>
+#endif
 
 #include <netinet/in.h>
 #include <netinet/in_var.h>
@@ -369,15 +372,15 @@ bootpboot_p_tree(struct radix_node *rn)
 void
 bootpboot_p_rtlist(void)
 {
-	struct radix_node_head *rnh;
+	struct rib_head *rnh;
 
 	printf("Routing table:\n");
 	rnh = rt_tables_get_rnh(0, AF_INET);
 	if (rnh == NULL)
 		return;
-	RADIX_NODE_HEAD_RLOCK(rnh);	/* could sleep XXX */
+	RIB_RLOCK(rnh);	/* could sleep XXX */
 	bootpboot_p_tree(rnh->rnh_treetop);
-	RADIX_NODE_HEAD_RUNLOCK(rnh);
+	RIB_RUNLOCK(rnh);
 }
 
 void
diff --git a/sys/ofed/drivers/infiniband/core/cma.c b/sys/ofed/drivers/infiniband/core/cma.c
index 40c4d82..1cafced 100644
--- a/sys/ofed/drivers/infiniband/core/cma.c
+++ b/sys/ofed/drivers/infiniband/core/cma.c
@@ -3,6 +3,7 @@
  * Copyright (c) 2002-2005, Network Appliance, Inc. All rights reserved.
  * Copyright (c) 1999-2005, Mellanox Technologies, Inc. All rights reserved.
  * Copyright (c) 2005-2006 Intel Corporation.  All rights reserved.
+ * Copyright (c) 2016 Chelsio Communications.  All rights reserved.
  *
  * This software is available to you under a choice of one of two
  * licenses.  You may choose to be licensed under the terms of the GNU
@@ -407,6 +408,75 @@ static int find_gid_port(struct ib_device *device, union ib_gid *gid, u8 port_nu
 	return -EAGAIN;
 }
 
+int
+rdma_find_cmid_laddr(struct sockaddr_in *local_addr, unsigned short dev_type,
+							void **cm_id)
+{
+	int ret;
+	u8 port;
+	int found_dev = 0, found_cmid = 0;
+	struct rdma_id_private  *id_priv;
+	struct rdma_id_private  *dev_id_priv;
+	struct cma_device	*cma_dev;
+	struct rdma_dev_addr	dev_addr;
+	union ib_gid		gid;
+	enum rdma_link_layer dev_ll = dev_type == ARPHRD_INFINIBAND ?
+		IB_LINK_LAYER_INFINIBAND : IB_LINK_LAYER_ETHERNET;
+
+	memset(&dev_addr, 0, sizeof(dev_addr));
+
+	ret = rdma_translate_ip((struct sockaddr *)local_addr,
+							&dev_addr, NULL);
+	if (ret)
+		goto err;
+
+	/* find rdma device based on MAC address/gid */
+	mutex_lock(&lock);
+
+	memcpy(&gid, dev_addr.src_dev_addr +
+	       rdma_addr_gid_offset(&dev_addr), sizeof(gid));
+
+	list_for_each_entry(cma_dev, &dev_list, list)
+		for (port = 1; port <= cma_dev->device->phys_port_cnt; ++port)
+			if ((rdma_port_get_link_layer(cma_dev->device, port) ==
+								 dev_ll) &&
+			 (rdma_node_get_transport(cma_dev->device->node_type) ==
+							RDMA_TRANSPORT_IWARP)) {
+					ret = find_gid_port(cma_dev->device,
+								&gid, port);
+					if (!ret) {
+						found_dev = 1;
+						goto out;
+					} else if (ret == 1) {
+						mutex_unlock(&lock);
+						goto err;
+					}
+			}
+out:
+	mutex_unlock(&lock);
+
+	if (!found_dev)
+		goto err;
+
+	/* Traverse through the list of listening cm_id's to find the
+	 * desired cm_id based on rdma device & port number.
+	 */
+	list_for_each_entry(id_priv, &listen_any_list, list)
+		list_for_each_entry(dev_id_priv, &id_priv->listen_list,
+						 listen_list)
+			if (dev_id_priv->cma_dev == cma_dev)
+				if (dev_id_priv->cm_id.iw->local_addr.sin_port
+						== local_addr->sin_port) {
+					*cm_id = (void *)dev_id_priv->cm_id.iw;
+					found_cmid = 1;
+				}
+	return found_cmid ? 0 : -ENODEV;
+
+err:
+	return -ENODEV;
+}
+EXPORT_SYMBOL(rdma_find_cmid_laddr);
+
 static int cma_acquire_dev(struct rdma_id_private *id_priv)
 {
 	struct rdma_dev_addr *dev_addr = &id_priv->id.route.addr.dev_addr;
@@ -780,6 +850,12 @@ static inline int cma_any_addr(struct sockaddr *addr)
 {
 	return cma_zero_addr(addr) || cma_loopback_addr(addr);
 }
+int
+rdma_cma_any_addr(struct sockaddr *addr)
+{
+	return cma_any_addr(addr);
+}
+EXPORT_SYMBOL(rdma_cma_any_addr);
 
 static int cma_addr_cmp(struct sockaddr *src, struct sockaddr *dst)
 {
@@ -1707,6 +1783,7 @@ static void cma_listen_on_dev(struct rdma_id_private *id_priv,
 	dev_id_priv = container_of(id, struct rdma_id_private, id);
 
 	dev_id_priv->state = RDMA_CM_ADDR_BOUND;
+	dev_id_priv->sock = id_priv->sock;
 	memcpy(&id->route.addr.src_addr, &id_priv->id.route.addr.src_addr,
 	       ip_addr_size((struct sockaddr *) &id_priv->id.route.addr.src_addr));
 
diff --git a/sys/ofed/drivers/infiniband/core/iwcm.c b/sys/ofed/drivers/infiniband/core/iwcm.c
index 14d23cc..a90f907 100644
--- a/sys/ofed/drivers/infiniband/core/iwcm.c
+++ b/sys/ofed/drivers/infiniband/core/iwcm.c
@@ -5,6 +5,7 @@
  * Copyright (c) 2005 Sun Microsystems, Inc. All rights reserved.
  * Copyright (c) 2005 Open Grid Computing, Inc. All rights reserved.
  * Copyright (c) 2005 Network Appliance, Inc. All rights reserved.
+ * Copyright (c) 2016 Chelsio Communications.  All rights reserved.
  *
  * This software is available to you under a choice of one of two
  * licenses.  You may choose to be licensed under the terms of the GNU
@@ -35,6 +36,8 @@
  * SOFTWARE.
  *
  */
+#include "opt_inet.h"
+
 #include <linux/dma-mapping.h>
 #include <linux/err.h>
 #include <linux/idr.h>
@@ -47,7 +50,10 @@
 #include <linux/slab.h>
 #include <linux/module.h>
 #include <linux/string.h>
+#include <netinet/tcp.h>
+#include <sys/mutex.h>
 
+#include <rdma/rdma_cm.h>
 #include <rdma/iw_cm.h>
 #include <rdma/ib_addr.h>
 
@@ -65,6 +71,85 @@ struct iwcm_work {
 	struct iw_cm_event event;
 	struct list_head free_list;
 };
+struct iwcm_listen_work {
+	struct work_struct work;
+	struct iw_cm_id *cm_id;
+};
+
+static LIST_HEAD(listen_port_list);
+
+static DEFINE_MUTEX(listen_port_mutex);
+static DEFINE_MUTEX(dequeue_mutex);
+
+struct listen_port_info {
+	struct list_head list;
+	uint16_t port_num;
+	uint32_t refcnt;
+};
+
+static int32_t
+add_port_to_listenlist(uint16_t port)
+{
+	struct listen_port_info *port_info;
+	int err = 0;
+
+	mutex_lock(&listen_port_mutex);
+
+	list_for_each_entry(port_info, &listen_port_list, list)
+		if (port_info->port_num == port)
+			goto found_port;
+
+	port_info = kmalloc(sizeof(*port_info), GFP_KERNEL);
+	if (!port_info) {
+		err = -ENOMEM;
+		mutex_unlock(&listen_port_mutex);
+		goto out;
+	}
+
+	port_info->port_num = port;
+	port_info->refcnt    = 0;
+
+	list_add(&port_info->list, &listen_port_list);
+
+found_port:
+	++(port_info->refcnt);
+	mutex_unlock(&listen_port_mutex);
+	return port_info->refcnt;
+out:
+	return err;
+}
+
+static int32_t
+rem_port_from_listenlist(uint16_t port)
+{
+	struct listen_port_info *port_info;
+	int ret, found_port = 0;
+
+	mutex_lock(&listen_port_mutex);
+
+	list_for_each_entry(port_info, &listen_port_list, list)
+		if (port_info->port_num == port) {
+			found_port = 1;
+			break;
+		}
+
+	if (found_port) {
+		--(port_info->refcnt);
+		ret = port_info->refcnt;
+		if (port_info->refcnt == 0) {
+			/* Remove this entry from the list as there are no
+			 * more listeners for this port_num.
+			 */
+			list_del(&port_info->list);
+			kfree(port_info);
+		}
+	} else {
+		ret = -EINVAL;
+	}
+	mutex_unlock(&listen_port_mutex);
+	return ret;
+
+}
 
 /*
  * The following services provide a mechanism for pre-allocating iwcm_work
@@ -320,6 +405,167 @@ int iw_cm_disconnect(struct iw_cm_id *cm_id, int abrupt)
 }
 EXPORT_SYMBOL(iw_cm_disconnect);
 
+static struct socket *
+dequeue_socket(struct socket *head)
+{
+	struct socket *so;
+	struct sockaddr_in *remote;
+
+	ACCEPT_LOCK();
+	so = TAILQ_FIRST(&head->so_comp);
+	if (!so) {
+		ACCEPT_UNLOCK();
+		return NULL;
+	}
+
+	SOCK_LOCK(so);
+	/*
+	 * Before changing the flags on the socket, we have to bump the
+	 * reference count.  Otherwise, if the protocol calls sofree(),
+	 * the socket will be released due to a zero refcount.
+	 */
+	soref(so);
+	TAILQ_REMOVE(&head->so_comp, so, so_list);
+	head->so_qlen--;
+	so->so_qstate &= ~SQ_COMP;
+	so->so_head = NULL;
+	so->so_state |= SS_NBIO;
+	SOCK_UNLOCK(so);
+	ACCEPT_UNLOCK();
+	soaccept(so, (struct sockaddr **)&remote);
+
+	free(remote, M_SONAME);
+	return so;
+}
+static void
+iw_so_event_handler(struct work_struct *_work)
+{
+#ifdef INET
+	struct	iwcm_listen_work *work = container_of(_work,
+						struct iwcm_listen_work, work);
+	struct	iw_cm_id *listen_cm_id = work->cm_id;
+	struct	iwcm_id_private *cm_id_priv;
+	struct	iw_cm_id *real_cm_id;
+	struct	sockaddr_in *local;
+	struct	socket *so;
+
+	cm_id_priv = container_of(listen_cm_id, struct iwcm_id_private, id);
+
+	if (cm_id_priv->state != IW_CM_STATE_LISTEN) {
+		kfree(work);
+		return;
+	}
+	mutex_lock(&dequeue_mutex);
+
+	/* Dequeue & process  all new 'so' connection requests for this cmid */
+	while ((so = dequeue_socket(work->cm_id->so)) != NULL) {
+		if (rdma_cma_any_addr((struct sockaddr *)
+					&listen_cm_id->local_addr)) {
+			in_getsockaddr(so, (struct sockaddr **)&local);
+			if (rdma_find_cmid_laddr(local, ARPHRD_ETHER,
+					(void **) &real_cm_id)) {
+				free(local, M_SONAME);
+				goto err;
+			}
+			free(local, M_SONAME);
+
+			real_cm_id->device->iwcm->newconn(real_cm_id, so);
+		} else {
+			listen_cm_id->device->iwcm->newconn(listen_cm_id, so);
+		}
+	}
+err:
+	mutex_unlock(&dequeue_mutex);
+	kfree(work);
+#endif
+	return;
+}
+static int
+iw_so_upcall(struct socket *parent_so, void *arg, int waitflag)
+{
+	struct iwcm_listen_work *work;
+	struct socket *so;
+	struct iw_cm_id *cm_id = arg;
+
+	mutex_lock(&dequeue_mutex);
+	/* check whether iw_so_event_handler() already dequeued this 'so' */
+	so = TAILQ_FIRST(&parent_so->so_comp);
+	if (!so)
+		return SU_OK;
+	work = kzalloc(sizeof(*work), M_NOWAIT);
+	if (!work)
+		return -ENOMEM;
+	work->cm_id = cm_id;
+
+	INIT_WORK(&work->work, iw_so_event_handler);
+	queue_work(iwcm_wq, &work->work);
+
+	mutex_unlock(&dequeue_mutex);
+	return SU_OK;
+}
+
+static void
+iw_init_sock(struct iw_cm_id *cm_id)
+{
+	struct sockopt sopt;
+	struct socket *so = cm_id->so;
+	int on = 1;
+
+	SOCK_LOCK(so);
+	soupcall_set(so, SO_RCV, iw_so_upcall, cm_id);
+	so->so_state |= SS_NBIO;
+	SOCK_UNLOCK(so);
+	sopt.sopt_dir = SOPT_SET;
+	sopt.sopt_level = IPPROTO_TCP;
+	sopt.sopt_name = TCP_NODELAY;
+	sopt.sopt_val = (caddr_t)&on;
+	sopt.sopt_valsize = sizeof(on);
+	sopt.sopt_td = NULL;
+	sosetopt(so, &sopt);
+}
+
+static int
+iw_close_socket(struct iw_cm_id *cm_id, int close)
+{
+	struct socket *so = cm_id->so;
+	int rc;
+
+
+	SOCK_LOCK(so);
+	soupcall_clear(so, SO_RCV);
+	SOCK_UNLOCK(so);
+
+	if (close)
+		rc = soclose(so);
+	else
+		rc = soshutdown(so, SHUT_WR | SHUT_RD);
+
+	cm_id->so = NULL;
+
+	return rc;
+}
+
+static int
+iw_create_listen(struct iw_cm_id *cm_id, int backlog)
+{
+	int rc;
+
+	iw_init_sock(cm_id);
+	rc = solisten(cm_id->so, backlog, curthread);
+	if (rc != 0)
+		iw_close_socket(cm_id, 0);
+	return rc;
+}
+
+static int
+iw_destroy_listen(struct iw_cm_id *cm_id)
+{
+	int rc;
+	rc = iw_close_socket(cm_id, 0);
+	return rc;
+}
+
+
 /*
  * CM_ID <-- DESTROYING
  *
@@ -330,7 +576,7 @@ static void destroy_cm_id(struct iw_cm_id *cm_id)
 {
 	struct iwcm_id_private *cm_id_priv;
 	unsigned long flags;
-	int ret;
+	int ret = 0, refcnt;
 
 	cm_id_priv = container_of(cm_id, struct iwcm_id_private, id);
 	/*
@@ -345,8 +591,18 @@ static void destroy_cm_id(struct iw_cm_id *cm_id)
 	case IW_CM_STATE_LISTEN:
 		cm_id_priv->state = IW_CM_STATE_DESTROYING;
 		spin_unlock_irqrestore(&cm_id_priv->lock, flags);
-		/* destroy the listening endpoint */
-		ret = cm_id->device->iwcm->destroy_listen(cm_id);
+		if (rdma_cma_any_addr((struct sockaddr *)&cm_id->local_addr)) {
+			refcnt =
+			  rem_port_from_listenlist(cm_id->local_addr.sin_port);
+
+			if (refcnt == 0)
+				ret = iw_destroy_listen(cm_id);
+
+			cm_id->device->iwcm->destroy_listen_ep(cm_id);
+		} else {
+			ret = iw_destroy_listen(cm_id);
+			cm_id->device->iwcm->destroy_listen_ep(cm_id);
+		}
 		spin_lock_irqsave(&cm_id_priv->lock, flags);
 		break;
 	case IW_CM_STATE_ESTABLISHED:
@@ -418,7 +674,7 @@ int iw_cm_listen(struct iw_cm_id *cm_id, int backlog)
 {
 	struct iwcm_id_private *cm_id_priv;
 	unsigned long flags;
-	int ret;
+	int ret, refcnt;
 
 	cm_id_priv = container_of(cm_id, struct iwcm_id_private, id);
 
@@ -431,9 +687,33 @@ int iw_cm_listen(struct iw_cm_id *cm_id, int backlog)
 	case IW_CM_STATE_IDLE:
 		cm_id_priv->state = IW_CM_STATE_LISTEN;
 		spin_unlock_irqrestore(&cm_id_priv->lock, flags);
-		ret = cm_id->device->iwcm->create_listen(cm_id, backlog);
-		if (ret)
+
+		if (rdma_cma_any_addr((struct sockaddr *)&cm_id->local_addr)) {
+			refcnt =
+			  add_port_to_listenlist(cm_id->local_addr.sin_port);
+
+			if (refcnt == 1) {
+				ret = iw_create_listen(cm_id, backlog);
+			} else if (refcnt <= 0) {
+				ret = -EINVAL;
+			} else {
+				/* if refcnt > 1, a socket listener created
+				 * already. And we need not create socket
+				 * listener on other rdma devices/listen cm_id's
+				 * due to TOE. That is when a socket listener is
+				 * created with INADDR_ANY all registered TOE
+				 * devices will get a call to start
+				 * hardware listeners.
+				 */
+			}
+		} else {
+			ret = iw_create_listen(cm_id, backlog);
+		}
+		if (!ret)
+			cm_id->device->iwcm->create_listen_ep(cm_id, backlog);
+		else
 			cm_id_priv->state = IW_CM_STATE_IDLE;
+
 		spin_lock_irqsave(&cm_id_priv->lock, flags);
 		break;
 	default:
diff --git a/sys/ofed/include/rdma/iw_cm.h b/sys/ofed/include/rdma/iw_cm.h
index 271c2f8..a246e61 100644
--- a/sys/ofed/include/rdma/iw_cm.h
+++ b/sys/ofed/include/rdma/iw_cm.h
@@ -1,6 +1,7 @@
 /*
  * Copyright (c) 2005 Network Appliance, Inc. All rights reserved.
  * Copyright (c) 2005 Open Grid Computing, Inc. All rights reserved.
+ * Copyright (c) 2016 Chelsio Communications.  All rights reserved.
  *
  * This software is available to you under a choice of one of two
  * licenses.  You may choose to be licensed under the terms of the GNU
@@ -120,10 +121,13 @@ struct iw_cm_verbs {
 	int		(*reject)(struct iw_cm_id *cm_id,
 				  const void *pdata, u8 pdata_len);
 
-	int		(*create_listen)(struct iw_cm_id *cm_id,
+	int		(*create_listen_ep)(struct iw_cm_id *cm_id,
 					 int backlog);
 
-	int		(*destroy_listen)(struct iw_cm_id *cm_id);
+	void		(*destroy_listen_ep)(struct iw_cm_id *cm_id);
+
+	void		(*newconn)(struct iw_cm_id *parent_cm_id,
+						struct socket *so);
 };
 
 /**
diff --git a/sys/ofed/include/rdma/rdma_cm.h b/sys/ofed/include/rdma/rdma_cm.h
index d699261..33be957 100644
--- a/sys/ofed/include/rdma/rdma_cm.h
+++ b/sys/ofed/include/rdma/rdma_cm.h
@@ -1,6 +1,7 @@
 /*
  * Copyright (c) 2005 Voltaire Inc.  All rights reserved.
  * Copyright (c) 2005 Intel Corporation.  All rights reserved.
+ * Copyright (c) 2016 Chelsio Communications.  All rights reserved.
  *
  * This software is available to you under a choice of one of two
  * licenses.  You may choose to be licensed under the terms of the GNU
@@ -400,5 +401,7 @@ int rdma_set_afonly(struct rdma_cm_id *id, int afonly);
  * @timeout: QP timeout
  */
 void rdma_set_timeout(struct rdma_cm_id *id, int timeout);
-
+int rdma_cma_any_addr(struct sockaddr *addr);
+int rdma_find_cmid_laddr(struct sockaddr_in *local_addr,
+		unsigned short dev_type, void **cm_id);
 #endif /* RDMA_CM_H */
diff --git a/sys/sparc64/include/atomic.h b/sys/sparc64/include/atomic.h
index 789ed24..c70e99a 100644
--- a/sys/sparc64/include/atomic.h
+++ b/sys/sparc64/include/atomic.h
@@ -319,6 +319,7 @@ ATOMIC_GEN(ptr, uintptr_t *, uintptr_t, uintptr_t, 64);
 #define	atomic_fetchadd_int	atomic_add_int
 #define	atomic_fetchadd_32	atomic_add_32
 #define	atomic_fetchadd_long	atomic_add_long
+#define	atomic_fetchadd_64	atomic_add_64
 
 #undef ATOMIC_GEN
 #undef atomic_cas
diff --git a/sys/sys/elf_common.h b/sys/sys/elf_common.h
index 6e16819..99f0549 100644
--- a/sys/sys/elf_common.h
+++ b/sys/sys/elf_common.h
@@ -753,8 +753,9 @@ typedef struct {
 #define	STB_LOCAL	0	/* Local symbol */
 #define	STB_GLOBAL	1	/* Global symbol */
 #define	STB_WEAK	2	/* like global - lower precedence */
-#define	STB_LOOS	10	/* Reserved range for operating system */
-#define	STB_HIOS	12	/*   specific semantics. */
+#define	STB_LOOS	10	/* Start of operating system reserved range. */
+#define	STB_GNU_UNIQUE	10	/* Unique symbol (GNU) */
+#define	STB_HIOS	12	/* End of operating system reserved range. */
 #define	STB_LOPROC	13	/* reserved range for processor */
 #define	STB_HIPROC	15	/*   specific semantics. */
 
diff --git a/sys/sys/param.h b/sys/sys/param.h
index be0e737..7c03f33 100644
--- a/sys/sys/param.h
+++ b/sys/sys/param.h
@@ -58,7 +58,7 @@
  *		in the range 5 to 9.
  */
 #undef __FreeBSD_version
-#define __FreeBSD_version 1100095	/* Master, propagated to newvers */
+#define __FreeBSD_version 1100096	/* Master, propagated to newvers */
 
 /*
  * __FreeBSD_kernel__ indicates that this system uses the kernel of FreeBSD,
diff --git a/sys/sys/priv.h b/sys/sys/priv.h
index cf34762..981538b 100644
--- a/sys/sys/priv.h
+++ b/sys/sys/priv.h
@@ -45,8 +45,9 @@
  * loadable kernel module ABI, and should not be changed across minor
  * releases.
  *
- * When adding a new privilege, remember to determine if it's appropriate for
- * use in jail, and update the privilege switch in kern_jail.c as necessary.
+ * When adding a new privilege, remember to determine if it's appropriate
+ * for use in jail, and update the privilege switch in prison_priv_check()
+ * in kern_jail.c as necessary.
  */
 
 /*
diff --git a/sys/sys/proc.h b/sys/sys/proc.h
index fc5c90d..f2f4a9d 100644
--- a/sys/sys/proc.h
+++ b/sys/sys/proc.h
@@ -938,6 +938,7 @@ void	fork_return(struct thread *, struct trapframe *);
 int	inferior(struct proc *p);
 void	kern_yield(int);
 void 	kick_proc0(void);
+void	killjobc(void);
 int	leavepgrp(struct proc *p);
 int	maybe_preempt(struct thread *td);
 void	maybe_yield(void);
diff --git a/sys/vm/vm_map.c b/sys/vm/vm_map.c
index 5fdc62f..5e22b3e 100644
--- a/sys/vm/vm_map.c
+++ b/sys/vm/vm_map.c
@@ -1553,7 +1553,7 @@ again:
  *
  *	The map must be locked.
  *
- *	This routine guarentees that the passed entry remains valid (though
+ *	This routine guarantees that the passed entry remains valid (though
  *	possibly extended).  When merging, this routine may delete one or
  *	both neighbors.
  */
diff --git a/tools/regression/posixsem2/semtest.c b/tools/regression/posixsem2/semtest.c
index b1255db..0879ff9 100644
--- a/tools/regression/posixsem2/semtest.c
+++ b/tools/regression/posixsem2/semtest.c
@@ -7,6 +7,7 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <err.h>
+#include <errno.h>
 #include <fcntl.h>
 #include <unistd.h>
 
@@ -14,6 +15,7 @@
 
 int test_unnamed(void);
 int test_named(void);
+int test_named2(void);
 
 int
 test_unnamed(void)
@@ -94,9 +96,42 @@ test_named(void)
 }
 
 int
+test_named2(void)
+{
+	sem_t *s, *s2, *s3;
+
+	printf("testing named process-shared semaphore, O_EXCL cases\n");
+	sem_unlink(SEM_NAME);
+	s = sem_open(SEM_NAME, O_CREAT | O_EXCL, 0777, 0);
+	if (s == SEM_FAILED)
+		err(1, "sem_open failed");
+	s2 = sem_open(SEM_NAME, O_CREAT | O_EXCL, 0777, 0);
+	if (s2 != SEM_FAILED)
+		errx(2, "second sem_open call wrongly succeeded");
+	if (errno != EEXIST)
+		err(3, "second sem_open call failed with wrong errno");
+
+	s3 = sem_open(SEM_NAME, 0);
+	if (s3 == SEM_FAILED)
+		err(4, "third sem_open call failed");
+	if (s != s3)
+		errx(5,
+"two sem_open calls for same semaphore do not return same address");
+	if (sem_close(s3))
+		err(6, "sem_close failed");
+
+	if (sem_close(s))
+		err(7, "sem_close failed");
+	
+	printf("OK.\n");
+	return (0);
+}
+
+int
 main(void)
 {
 	test_unnamed();
 	test_named();
+	test_named2();
 	return (0);
 }
diff --git a/tools/regression/sockets/unix_cmsg/unix_cmsg.c b/tools/regression/sockets/unix_cmsg/unix_cmsg.c
index d91cef4..7f6b45c 100644
--- a/tools/regression/sockets/unix_cmsg/unix_cmsg.c
+++ b/tools/regression/sockets/unix_cmsg/unix_cmsg.c
@@ -83,7 +83,13 @@ static int	t_sockcred_2(void);
 static int	t_cmsgcred_sockcred(void);
 static int	t_timeval(void);
 static int	t_bintime(void);
+/*
+ * The testcase fails on 64-bit architectures (amd64), but passes on 32-bit
+ * architectures (i386); see bug 206543
+ */
+#ifndef __LP64__
 static int	t_cmsg_len(void);
+#endif
 static int	t_peercred(void);
 
 struct test_func {
@@ -120,10 +126,12 @@ static const struct test_func test_stream_tbl[] = {
 	  .func = t_bintime,
 	  .desc = "Sending, receiving bintime"
 	},
+#ifndef __LP64__
 	{
 	  .func = t_cmsg_len,
 	  .desc = "Check cmsghdr.cmsg_len"
 	},
+#endif
 	{
 	  .func = t_peercred,
 	  .desc = "Check LOCAL_PEERCRED socket option"
@@ -158,10 +166,12 @@ static const struct test_func test_dgram_tbl[] = {
 	  .func = t_bintime,
 	  .desc = "Sending, receiving bintime"
 	},
+#ifndef __LP64__
 	{
 	  .func = t_cmsg_len,
 	  .desc = "Check cmsghdr.cmsg_len"
 	}
+#endif
 };
 
 #define TEST_DGRAM_TBL_SIZE \
@@ -980,6 +990,8 @@ check_groups(const char *gid_arr_str, const gid_t *gid_arr,
 static int
 check_xucred(const struct xucred *xucred, socklen_t len)
 {
+	int rc;
+
 	if (len != sizeof(*xucred)) {
 		logmsgx("option value size %zu != %zu",
 		    (size_t)len, sizeof(*xucred));
@@ -990,170 +1002,178 @@ check_xucred(const struct xucred *xucred, socklen_t len)
 	dbgmsg("xucred.cr_uid %lu", (u_long)xucred->cr_uid);
 	dbgmsg("xucred.cr_ngroups %d", xucred->cr_ngroups);
 
+	rc = 0;
+
 	if (xucred->cr_version != XUCRED_VERSION) {
 		logmsgx("xucred.cr_version %u != %d",
 		    xucred->cr_version, XUCRED_VERSION);
-		return (-1);
+		rc = -1;
 	}
 	if (xucred->cr_uid != proc_cred.euid) {
 		logmsgx("xucred.cr_uid %lu != %lu (EUID)",
 		   (u_long)xucred->cr_uid, (u_long)proc_cred.euid);
-		return (-1);
+		rc = -1;
 	}
 	if (xucred->cr_ngroups == 0) {
 		logmsgx("xucred.cr_ngroups == 0");
-		return (-1);
+		rc = -1;
 	}
 	if (xucred->cr_ngroups < 0) {
 		logmsgx("xucred.cr_ngroups < 0");
-		return (-1);
+		rc = -1;
 	}
 	if (xucred->cr_ngroups > XU_NGROUPS) {
 		logmsgx("xucred.cr_ngroups %hu > %u (max)",
 		    xucred->cr_ngroups, XU_NGROUPS);
-		return (-1);
+		rc = -1;
 	}
 	if (xucred->cr_groups[0] != proc_cred.egid) {
 		logmsgx("xucred.cr_groups[0] %lu != %lu (EGID)",
 		    (u_long)xucred->cr_groups[0], (u_long)proc_cred.egid);
-		return (-1);
+		rc = -1;
 	}
 	if (check_groups("xucred.cr_groups", xucred->cr_groups,
 	    "xucred.cr_ngroups", xucred->cr_ngroups, false) < 0)
-		return (-1);
-	return (0);
+		rc = -1;
+	return (rc);
 }
 
 static int
 check_scm_creds_cmsgcred(struct cmsghdr *cmsghdr)
 {
-	const struct cmsgcred *cmsgcred;
+	const struct cmsgcred *cmcred;
+	int rc;
 
-	if (check_cmsghdr(cmsghdr, SCM_CREDS, sizeof(*cmsgcred)) < 0)
+	if (check_cmsghdr(cmsghdr, SCM_CREDS, sizeof(struct cmsgcred)) < 0)
 		return (-1);
 
-	cmsgcred = (struct cmsgcred *)CMSG_DATA(cmsghdr);
+	cmcred = (struct cmsgcred *)CMSG_DATA(cmsghdr);
 
-	dbgmsg("cmsgcred.cmcred_pid %ld", (long)cmsgcred->cmcred_pid);
-	dbgmsg("cmsgcred.cmcred_uid %lu", (u_long)cmsgcred->cmcred_uid);
-	dbgmsg("cmsgcred.cmcred_euid %lu", (u_long)cmsgcred->cmcred_euid);
-	dbgmsg("cmsgcred.cmcred_gid %lu", (u_long)cmsgcred->cmcred_gid);
-	dbgmsg("cmsgcred.cmcred_ngroups %d", cmsgcred->cmcred_ngroups);
+	dbgmsg("cmsgcred.cmcred_pid %ld", (long)cmcred->cmcred_pid);
+	dbgmsg("cmsgcred.cmcred_uid %lu", (u_long)cmcred->cmcred_uid);
+	dbgmsg("cmsgcred.cmcred_euid %lu", (u_long)cmcred->cmcred_euid);
+	dbgmsg("cmsgcred.cmcred_gid %lu", (u_long)cmcred->cmcred_gid);
+	dbgmsg("cmsgcred.cmcred_ngroups %d", cmcred->cmcred_ngroups);
 
-	if (cmsgcred->cmcred_pid != client_pid) {
+	rc = 0;
+
+	if (cmcred->cmcred_pid != client_pid) {
 		logmsgx("cmsgcred.cmcred_pid %ld != %ld",
-		    (long)cmsgcred->cmcred_pid, (long)client_pid);
-		return (-1);
+		    (long)cmcred->cmcred_pid, (long)client_pid);
+		rc = -1;
 	}
-	if (cmsgcred->cmcred_uid != proc_cred.uid) {
+	if (cmcred->cmcred_uid != proc_cred.uid) {
 		logmsgx("cmsgcred.cmcred_uid %lu != %lu",
-		    (u_long)cmsgcred->cmcred_uid, (u_long)proc_cred.uid);
-		return (-1);
+		    (u_long)cmcred->cmcred_uid, (u_long)proc_cred.uid);
+		rc = -1;
 	}
-	if (cmsgcred->cmcred_euid != proc_cred.euid) {
+	if (cmcred->cmcred_euid != proc_cred.euid) {
 		logmsgx("cmsgcred.cmcred_euid %lu != %lu",
-		    (u_long)cmsgcred->cmcred_euid, (u_long)proc_cred.euid);
-		return (-1);
+		    (u_long)cmcred->cmcred_euid, (u_long)proc_cred.euid);
+		rc = -1;
 	}
-	if (cmsgcred->cmcred_gid != proc_cred.gid) {
+	if (cmcred->cmcred_gid != proc_cred.gid) {
 		logmsgx("cmsgcred.cmcred_gid %lu != %lu",
-		    (u_long)cmsgcred->cmcred_gid, (u_long)proc_cred.gid);
-		return (-1);
+		    (u_long)cmcred->cmcred_gid, (u_long)proc_cred.gid);
+		rc = -1;
 	}
-	if (cmsgcred->cmcred_ngroups == 0) {
+	if (cmcred->cmcred_ngroups == 0) {
 		logmsgx("cmsgcred.cmcred_ngroups == 0");
-		return (-1);
+		rc = -1;
 	}
-	if (cmsgcred->cmcred_ngroups < 0) {
+	if (cmcred->cmcred_ngroups < 0) {
 		logmsgx("cmsgcred.cmcred_ngroups %d < 0",
-		    cmsgcred->cmcred_ngroups);
-		return (-1);
+		    cmcred->cmcred_ngroups);
+		rc = -1;
 	}
-	if (cmsgcred->cmcred_ngroups > CMGROUP_MAX) {
+	if (cmcred->cmcred_ngroups > CMGROUP_MAX) {
 		logmsgx("cmsgcred.cmcred_ngroups %d > %d",
-		    cmsgcred->cmcred_ngroups, CMGROUP_MAX);
-		return (-1);
+		    cmcred->cmcred_ngroups, CMGROUP_MAX);
+		rc = -1;
 	}
-	if (cmsgcred->cmcred_groups[0] != proc_cred.egid) {
+	if (cmcred->cmcred_groups[0] != proc_cred.egid) {
 		logmsgx("cmsgcred.cmcred_groups[0] %lu != %lu (EGID)",
-		    (u_long)cmsgcred->cmcred_groups[0], (u_long)proc_cred.egid);
-		return (-1);
+		    (u_long)cmcred->cmcred_groups[0], (u_long)proc_cred.egid);
+		rc = -1;
 	}
-	if (check_groups("cmsgcred.cmcred_groups", cmsgcred->cmcred_groups,
-	    "cmsgcred.cmcred_ngroups", cmsgcred->cmcred_ngroups, false) < 0)
-		return (-1);
-	return (0);
+	if (check_groups("cmsgcred.cmcred_groups", cmcred->cmcred_groups,
+	    "cmsgcred.cmcred_ngroups", cmcred->cmcred_ngroups, false) < 0)
+		rc = -1;
+	return (rc);
 }
 
 static int
 check_scm_creds_sockcred(struct cmsghdr *cmsghdr)
 {
-	const struct sockcred *sockcred;
+	const struct sockcred *sc;
+	int rc;
 
 	if (check_cmsghdr(cmsghdr, SCM_CREDS,
 	    SOCKCREDSIZE(proc_cred.gid_num)) < 0)
 		return (-1);
 
-	sockcred = (struct sockcred *)CMSG_DATA(cmsghdr);
+	sc = (struct sockcred *)CMSG_DATA(cmsghdr);
+
+	rc = 0;
 
-	dbgmsg("sockcred.sc_uid %lu", (u_long)sockcred->sc_uid);
-	dbgmsg("sockcred.sc_euid %lu", (u_long)sockcred->sc_euid);
-	dbgmsg("sockcred.sc_gid %lu", (u_long)sockcred->sc_gid);
-	dbgmsg("sockcred.sc_egid %lu", (u_long)sockcred->sc_egid);
-	dbgmsg("sockcred.sc_ngroups %d", sockcred->sc_ngroups);
+	dbgmsg("sockcred.sc_uid %lu", (u_long)sc->sc_uid);
+	dbgmsg("sockcred.sc_euid %lu", (u_long)sc->sc_euid);
+	dbgmsg("sockcred.sc_gid %lu", (u_long)sc->sc_gid);
+	dbgmsg("sockcred.sc_egid %lu", (u_long)sc->sc_egid);
+	dbgmsg("sockcred.sc_ngroups %d", sc->sc_ngroups);
 
-	if (sockcred->sc_uid != proc_cred.uid) {
+	if (sc->sc_uid != proc_cred.uid) {
 		logmsgx("sockcred.sc_uid %lu != %lu",
-		    (u_long)sockcred->sc_uid, (u_long)proc_cred.uid);
-		return (-1);
+		    (u_long)sc->sc_uid, (u_long)proc_cred.uid);
+		rc = -1;
 	}
-	if (sockcred->sc_euid != proc_cred.euid) {
+	if (sc->sc_euid != proc_cred.euid) {
 		logmsgx("sockcred.sc_euid %lu != %lu",
-		    (u_long)sockcred->sc_euid, (u_long)proc_cred.euid);
-		return (-1);
+		    (u_long)sc->sc_euid, (u_long)proc_cred.euid);
+		rc = -1;
 	}
-	if (sockcred->sc_gid != proc_cred.gid) {
+	if (sc->sc_gid != proc_cred.gid) {
 		logmsgx("sockcred.sc_gid %lu != %lu",
-		    (u_long)sockcred->sc_gid, (u_long)proc_cred.gid);
-		return (-1);
+		    (u_long)sc->sc_gid, (u_long)proc_cred.gid);
+		rc = -1;
 	}
-	if (sockcred->sc_egid != proc_cred.egid) {
+	if (sc->sc_egid != proc_cred.egid) {
 		logmsgx("sockcred.sc_egid %lu != %lu",
-		    (u_long)sockcred->sc_egid, (u_long)proc_cred.egid);
-		return (-1);
+		    (u_long)sc->sc_egid, (u_long)proc_cred.egid);
+		rc = -1;
 	}
-	if (sockcred->sc_ngroups == 0) {
+	if (sc->sc_ngroups == 0) {
 		logmsgx("sockcred.sc_ngroups == 0");
-		return (-1);
+		rc = -1;
 	}
-	if (sockcred->sc_ngroups < 0) {
+	if (sc->sc_ngroups < 0) {
 		logmsgx("sockcred.sc_ngroups %d < 0",
-		    sockcred->sc_ngroups);
-		return (-1);
+		    sc->sc_ngroups);
+		rc = -1;
 	}
-	if (sockcred->sc_ngroups != proc_cred.gid_num) {
+	if (sc->sc_ngroups != proc_cred.gid_num) {
 		logmsgx("sockcred.sc_ngroups %d != %u",
-		    sockcred->sc_ngroups, proc_cred.gid_num);
-		return (-1);
+		    sc->sc_ngroups, proc_cred.gid_num);
+		rc = -1;
 	}
-	if (check_groups("sockcred.sc_groups", sockcred->sc_groups,
-	    "sockcred.sc_ngroups", sockcred->sc_ngroups, true) < 0)
-		return (-1);
-	return (0);
+	if (check_groups("sockcred.sc_groups", sc->sc_groups,
+	    "sockcred.sc_ngroups", sc->sc_ngroups, true) < 0)
+		rc = -1;
+	return (rc);
 }
 
 static int
 check_scm_timestamp(struct cmsghdr *cmsghdr)
 {
-	const struct timeval *timeval;
+	const struct timeval *tv;
 
 	if (check_cmsghdr(cmsghdr, SCM_TIMESTAMP, sizeof(struct timeval)) < 0)
 		return (-1);
 
-	timeval = (struct timeval *)CMSG_DATA(cmsghdr);
+	tv = (struct timeval *)CMSG_DATA(cmsghdr);
 
 	dbgmsg("timeval.tv_sec %"PRIdMAX", timeval.tv_usec %"PRIdMAX,
-	    (intmax_t)timeval->tv_sec, (intmax_t)timeval->tv_usec);
+	    (intmax_t)tv->tv_sec, (intmax_t)tv->tv_usec);
 
 	return (0);
 }
@@ -1161,15 +1181,15 @@ check_scm_timestamp(struct cmsghdr *cmsghdr)
 static int
 check_scm_bintime(struct cmsghdr *cmsghdr)
 {
-	const struct bintime *bintime;
+	const struct bintime *bt;
 
 	if (check_cmsghdr(cmsghdr, SCM_BINTIME, sizeof(struct bintime)) < 0)
 		return (-1);
 
-	bintime = (struct bintime *)CMSG_DATA(cmsghdr);
+	bt = (struct bintime *)CMSG_DATA(cmsghdr);
 
 	dbgmsg("bintime.sec %"PRIdMAX", bintime.frac %"PRIu64,
-	    (intmax_t)bintime->sec, bintime->frac);
+	    (intmax_t)bt->sec, bt->frac);
 
 	return (0);
 }
@@ -1213,6 +1233,10 @@ msghdr_init_client(struct msghdr *msghdr, struct iovec *iov,
 
 	msghdr_init_generic(msghdr, iov, cmsg_data);
 	if (cmsg_data != NULL) {
+		if (send_array_flag)
+			dbgmsg("sending an array");
+		else
+			dbgmsg("sending a scalar");
 		msghdr->msg_controllen = send_array_flag ?
 		    cmsg_size : CMSG_SPACE(0);
 		cmsghdr = CMSG_FIRSTHDR(msghdr);
@@ -1815,6 +1839,7 @@ t_bintime(void)
 	return (t_generic(t_bintime_client, t_bintime_server));
 }
 
+#ifndef __LP64__
 static int
 t_cmsg_len_client(int fd)
 {
@@ -1853,8 +1878,11 @@ t_cmsg_len_client(int fd)
 		    (u_int)msghdr.msg_controllen);
 		dbgmsg("send: cmsghdr.cmsg_len %u",
 		    (u_int)cmsghdr->cmsg_len);
-		if (sendmsg(fd, &msghdr, 0) < 0)
+		if (sendmsg(fd, &msghdr, 0) < 0) {
+			dbgmsg("sendmsg(2) failed: %s; retrying",
+			    strerror(errno));
 			continue;
+		}
 		logmsgx("sent message with cmsghdr.cmsg_len %u < %u",
 		    (u_int)cmsghdr->cmsg_len, (u_int)CMSG_LEN(0));
 		break;
@@ -1904,6 +1932,7 @@ t_cmsg_len(void)
 {
 	return (t_generic(t_cmsg_len_client, t_cmsg_len_server));
 }
+#endif
 
 static int
 t_peercred_client(int fd)
diff --git a/tools/regression/sockets/zerosend/zerosend.c b/tools/regression/sockets/zerosend/zerosend.c
index 5d29c0c..ac9542a 100644
--- a/tools/regression/sockets/zerosend/zerosend.c
+++ b/tools/regression/sockets/zerosend/zerosend.c
@@ -74,7 +74,7 @@ try_0write(const char *test, int fd)
 }
 
 static void
-setup_udp(const char *test, int *fdp)
+setup_udp(const char *test, int *fdp, int port1, int port2)
 {
 	struct sockaddr_in sin;
 	int sock1, sock2;
@@ -84,14 +84,14 @@ setup_udp(const char *test, int *fdp)
 	sin.sin_family = AF_INET;
 	sin.sin_addr.s_addr = htonl(INADDR_LOOPBACK);
 
-	sin.sin_port = htons(PORT1);
+	sin.sin_port = htons(port1);
 	sock1 = socket(PF_INET, SOCK_DGRAM, 0);
 	if (sock1 < 0)
 		err(1, "%s: setup_udp: socket", test);
 	if (bind(sock1, (struct sockaddr *)&sin, sizeof(sin)) < 0)
 		err(1, "%s: setup_udp: bind(%s, %d)", test,
 		    inet_ntoa(sin.sin_addr), PORT1);
-	sin.sin_port = htons(PORT2);
+	sin.sin_port = htons(port2);
 	if (connect(sock1, (struct sockaddr *)&sin, sizeof(sin)) < 0)
 		err(1, "%s: setup_udp: connect(%s, %d)", test,
 		    inet_ntoa(sin.sin_addr), PORT2);
@@ -102,7 +102,7 @@ setup_udp(const char *test, int *fdp)
 	if (bind(sock2, (struct sockaddr *)&sin, sizeof(sin)) < 0)
 		err(1, "%s: setup_udp: bind(%s, %d)", test,
 		    inet_ntoa(sin.sin_addr), PORT2);
-	sin.sin_port = htons(PORT1);
+	sin.sin_port = htons(port1);
 	if (connect(sock2, (struct sockaddr *)&sin, sizeof(sin)) < 0)
 		err(1, "%s: setup_udp: connect(%s, %d)", test,
 		    inet_ntoa(sin.sin_addr), PORT1);
@@ -112,7 +112,7 @@ setup_udp(const char *test, int *fdp)
 }
 
 static void
-setup_tcp(const char *test, int *fdp)
+setup_tcp(const char *test, int *fdp, int port)
 {
 	fd_set writefds, exceptfds;
 	struct sockaddr_in sin;
@@ -127,7 +127,7 @@ setup_tcp(const char *test, int *fdp)
 	/*
 	 * First set up the listen socket.
 	 */
-	sin.sin_port = htons(PORT1);
+	sin.sin_port = htons(port);
 	sock1 = socket(PF_INET, SOCK_STREAM, 0);
 	if (sock1 < 0)
 		err(1, "%s: setup_tcp: socket", test);
@@ -246,19 +246,19 @@ main(void)
 {
 	int fd[2];
 
-	setup_udp("udp_0send", fd);
+	setup_udp("udp_0send", fd, PORT1, PORT2);
 	try_0send("udp_0send", fd[0]);
 	close_both(fd);
 
-	setup_udp("udp_0write", fd);
+	setup_udp("udp_0write", fd, PORT1 + 10, PORT2 + 10);
 	try_0write("udp_0write", fd[0]);
 	close_both(fd);
 
-	setup_tcp("tcp_0send", fd);
+	setup_tcp("tcp_0send", fd, PORT1);
 	try_0send("tcp_0send", fd[0]);
 	close_both(fd);
 
-	setup_tcp("tcp_0write", fd);
+	setup_tcp("tcp_0write", fd, PORT1 + 10);
 	try_0write("tcp_0write", fd[0]);
 	close_both(fd);
 
diff --git a/tools/tools/ath/ath_ee_v4k_print/v4k.c b/tools/tools/ath/ath_ee_v4k_print/v4k.c
index a3a8e6d..72dc142 100644
--- a/tools/tools/ath/ath_ee_v4k_print/v4k.c
+++ b/tools/tools/ath/ath_ee_v4k_print/v4k.c
@@ -26,12 +26,13 @@
  * $FreeBSD$
  */
 
+#include <sys/types.h>
+
+#include <err.h>
 #include <stdio.h>
 #include <stdlib.h>
-#include <unistd.h>
 #include <string.h>
-#include <sys/types.h>
-#include <err.h>
+#include <unistd.h>
 
 typedef enum {
         AH_FALSE = 0,           /* NB: lots of code assumes false is zero */
@@ -128,12 +129,10 @@ eeprom_v4k_modal_print(uint16_t *buf)
 
 	printf("| Modal Version: %.2x |\n", mh->version);
 
-	printf("| futureModal: 0x%.2x 0x%.2x 0x%.2x 0x%.2x |\n",
-	    mh->futureModal[0],
-	    mh->futureModal[1],
-	    mh->futureModal[2],
-	    mh->futureModal[3]
-	);
+	printf("| tx_diversity: 0x%.2x |\n", mh->tx_diversity);
+	printf("| flc_pwr_thresh: 0x%.2x |\n", mh->flc_pwr_thresh);
+	printf("| bb_scale_smrt_antenna: 0x%.2x |\n", mh->bb_scale_smrt_antenna);
+	printf("| futureModal: 0x%.2x |\n", mh->futureModal[0]);
 
 	/* and now, spur channels */
 	for (i = 0; i < AR5416_EEPROM_MODAL_SPURS; i++) {
diff --git a/usr.bin/elfdump/elfdump.c b/usr.bin/elfdump/elfdump.c
index 908c699..e42727a 100644
--- a/usr.bin/elfdump/elfdump.c
+++ b/usr.bin/elfdump/elfdump.c
@@ -408,9 +408,27 @@ static const char *sh_flags[] = {
 	"SHF_WRITE|SHF_ALLOC|SHF_EXECINSTR"
 };
 
-static const char *st_types[] = {
-	"STT_NOTYPE", "STT_OBJECT", "STT_FUNC", "STT_SECTION", "STT_FILE"
-};
+static const char *
+st_type(unsigned int mach, unsigned int type)
+{
+        static char s_type[32];
+
+        switch (type) {
+        case STT_NOTYPE: return "STT_NOTYPE";
+        case STT_OBJECT: return "STT_OBJECT";
+        case STT_FUNC: return "STT_FUNC";
+        case STT_SECTION: return "STT_SECTION";
+        case STT_FILE: return "STT_FILE";
+        case STT_COMMON: return "STT_COMMON";
+        case STT_TLS: return "STT_TLS";
+        case 13:
+                if (mach == EM_SPARCV9)
+                        return "STT_SPARC_REGISTER";
+                break;
+        }
+        snprintf(s_type, sizeof(s_type), "<unknown: %#x>", type);
+        return (s_type);
+}
 
 static const char *st_bindings[] = {
 	"STB_LOCAL", "STB_GLOBAL", "STB_WEAK"
@@ -824,6 +842,7 @@ elf_print_shdr(Elf32_Ehdr *e, void *sh)
 static void
 elf_print_symtab(Elf32_Ehdr *e, void *sh, char *str)
 {
+	u_int64_t machine;
 	u_int64_t offset;
 	u_int64_t entsize;
 	u_int64_t size;
@@ -835,6 +854,7 @@ elf_print_symtab(Elf32_Ehdr *e, void *sh, char *str)
 	int len;
 	int i;
 
+	machine = elf_get_quarter(e, e, E_MACHINE);
 	offset = elf_get_off(e, sh, SH_OFFSET);
 	entsize = elf_get_size(e, sh, SH_ENTSIZE);
 	size = elf_get_size(e, sh, SH_SIZE);
@@ -854,7 +874,7 @@ elf_print_symtab(Elf32_Ehdr *e, void *sh, char *str)
 		fprintf(out, "\tst_value: %#jx\n", value);
 		fprintf(out, "\tst_size: %jd\n", (intmax_t)size);
 		fprintf(out, "\tst_info: %s %s\n",
-		    st_types[ELF32_ST_TYPE(info)],
+		    st_type(machine, ELF32_ST_TYPE(info)),
 		    st_bindings[ELF32_ST_BIND(info)]);
 		fprintf(out, "\tst_shndx: %jd\n", (intmax_t)shndx);
 	}
diff --git a/usr.bin/ldd/ldd.c b/usr.bin/ldd/ldd.c
index c8e0be3..cc3a769 100644
--- a/usr.bin/ldd/ldd.c
+++ b/usr.bin/ldd/ldd.c
@@ -48,8 +48,8 @@ __FBSDID("$FreeBSD$");
 
 #include "extern.h"
 
-/* We don't support a.out executables on arm64 */
-#ifndef __aarch64__
+/* We don't support a.out executables on arm64 and riscv */
+#if !defined(__aarch64__) && !defined(__riscv__)
 #include <a.out.h>
 #define	AOUT_SUPPORTED
 #endif
diff --git a/usr.bin/whois/whois.1 b/usr.bin/whois/whois.1
index a9ed50a..0b74cc5 100644
--- a/usr.bin/whois/whois.1
+++ b/usr.bin/whois/whois.1
@@ -28,7 +28,7 @@
 .\"     From: @(#)whois.1	8.1 (Berkeley) 6/6/93
 .\" $FreeBSD$
 .\"
-.Dd May 14, 2015
+.Dd January 23, 2016
 .Dt WHOIS 1
 .Os
 .Sh NAME
@@ -36,7 +36,7 @@
 .Nd "Internet domain name and network number directory service"
 .Sh SYNOPSIS
 .Nm
-.Op Fl aAbfgiIklmPQr
+.Op Fl aAbfgiIklmPQrRS
 .Op Fl c Ar country-code | Fl h Ar host
 .Op Fl p Ar port
 .Ar name ...
@@ -49,39 +49,22 @@ Network Information Centers
 .Pp
 By default
 .Nm
-automatically discovers the name of a whois server to use
-from the top-level domain
-.Pq Tn TLD
-of the supplied (single) argument.
-It tries
-.Qq Va TLD Ns Li .whois-servers.net
-and
-.Qq Li whois.nic. Ns Va TLD
-and if neither host exists it falls back to its default server.
+starts by querying the Internet Assigned Numbers Authority (IANA) whois server,
+and follows referrals to whois servers
+that have more specific details about the query
+.Ar name .
+The IANA whois server knows about
+IP address and AS numbers
+as well as domain names.
 .Pp
-If an IP address is specified, the whois server will default to
-the American Registry for Internet Numbers
-.Pq Tn ARIN .
-If a query to
-.Tn ARIN
-references
-.Tn APNIC , AfriNIC , LACNIC ,
-or
-.Tn RIPE ,
-that server will be queried also, provided that the
-.Fl Q
-option is not specified.
-.Pp
-If
+There are a few special cases where referrals do not work, so
 .Nm
-cannot automatically discover a server,
-it will fall back to
-the host specified in the
-.Ev WHOIS_SERVER
-or
-.Ev RA_SERVER
-environment variables, or if those are not set, it will use
-.Pa whois.crsnic.net .
+goes directly to the appropriate server.
+These include point-of-contact handles for ARIN,
+.Pa nic.at ,
+NORID, and RIPE,
+and domain names under
+.Pa ac.uk .
 .Pp
 The options are as follows:
 .Bl -tag -width indent
@@ -93,17 +76,16 @@ It contains network numbers used in those parts of the world covered neither by
 .Tn APNIC , AfriNIC , LACNIC ,
 nor by
 .Tn RIPE .
-.Pp
-(Hint: All point of contact handles in the
-.Tn ARIN
-whois database end with
-.Qq Li -ARIN . )
+The query syntax is documented at
+.Pa https://www.arin.net/resources/whoisrws/whois_api.html#nicname
 .It Fl A
 Use the Asia/Pacific Network Information Center
 .Pq Tn APNIC
 database.
 It contains network numbers used in East Asia, Australia,
 New Zealand, and the Pacific islands.
+Get query syntax documentation using
+.Ic whois -A help
 .It Fl b
 Use the Network Abuse Clearinghouse database.
 It contains addresses to which network abuse should be reported,
@@ -119,6 +101,8 @@ Use the African Network Information Centre
 database.
 It contains network numbers used in Africa and the islands of the
 western Indian Ocean.
+Get query syntax documentation using
+.Ic whois -f help
 .It Fl g
 Use the US non-military federal government database, which contains points of
 contact for subdomains of
@@ -127,14 +111,28 @@ contact for subdomains of
 Use the specified host instead of the default.
 Either a host name or an IP address may be specified.
 .It Fl i
-Use the obsolete Network Solutions Registry for Internet Numbers
-.Pq Pa whois.networksolutions.com
+Use the traditional Network Information Center (InterNIC)
+.Pq Pa whois.internic.net
 database.
+This now contains only registrations for domain names under
+.Pa .COM ,
+.Pa .NET ,
+.Pa .EDU .
+You can specify the type of object to search for like
+.Ic whois -i ' Ns Ar type Ar name Ns Ic '
+where
+.Ar type
+can be
+.Nm domain , nameserver , registrar .
+The
+.Ar name
+can contain
+.Li *
+wildcards.
 .It Fl I
 Use the Internet Assigned Numbers Authority
 .Pq Tn IANA
 database.
-It contains network information for top-level domains.
 .It Fl k
 Use the National Internet Development Agency of Korea's
 .Pq Tn KRNIC
@@ -164,18 +162,41 @@ Use the PeeringDB database of AS numbers.
 It contains details about presence at internet peering points
 for many network operators.
 .It Fl Q
-Do a quick lookup.
-This means that
+Do a quick lookup;
 .Nm
-will not attempt to lookup the name in the authoritative whois
-server (if one is listed).
-This option has no effect when combined with any other options.
+will not attempt to follow referrals to other whois servers.
+This is the default if a server is explicitly specified
+using one of the other options or in an environment variable.
+See also the
+.Fl R
+option.
 .It Fl r
 Use the R\(aaeseaux IP Europ\(aaeens
 .Pq Tn RIPE
 database.
 It contains network numbers and domain contact information
 for Europe.
+Get query syntax documentation using
+.Ic whois -r help
+.It Fl R
+Do a recursive lookup;
+.Nm
+will attempt to follow referrals to other whois servers.
+This is the default if no server is explicitly specified.
+See also the
+.Fl Q
+option.
+.It Fl S
+By default
+.Nm
+adjusts simple queries (without spaces) to produce more useful output
+from certain whois servers,
+and it suppresses some uninformative output.
+With the
+.Fl S
+option,
+.Nm
+sends the query and prints the output verbatim.
 .El
 .Pp
 The operands specified to
@@ -196,22 +217,11 @@ The secondary default whois server.
 If this is unset,
 .Nm
 will use
-.Pa whois.crsnic.net .
+.Pa whois.iana.org .
 .El
 .Sh EXIT STATUS
 .Ex -std
 .Sh EXAMPLES
-Most types of data, such as domain names and
-.Tn IP
-addresses, can be used as arguments to
-.Nm
-without any options, and
-.Nm
-will choose the correct whois server to query.
-Some exceptions, where
-.Nm
-will not be able to handle data correctly, are detailed below.
-.Pp
 To obtain contact information about an
 administrator located in the Russian
 .Tn TLD
diff --git a/usr.bin/whois/whois.c b/usr.bin/whois/whois.c
index 278b50c..1630067 100644
--- a/usr.bin/whois/whois.c
+++ b/usr.bin/whois/whois.c
@@ -61,32 +61,36 @@ __FBSDID("$FreeBSD$");
 
 #define	ABUSEHOST	"whois.abuse.net"
 #define	ANICHOST	"whois.arin.net"
-#define	BNICHOST	"whois.registro.br"
+#define	DENICHOST	"whois.denic.de"
+#define	DKNICHOST	"whois.dk-hostmaster.dk"
 #define	FNICHOST	"whois.afrinic.net"
-#define	GERMNICHOST	"de.whois-servers.net"
 #define	GNICHOST	"whois.nic.gov"
 #define	IANAHOST	"whois.iana.org"
-#define	INICHOST	"whois.networksolutions.com"
+#define	INICHOST	"whois.internic.net"
 #define	KNICHOST	"whois.krnic.net"
 #define	LNICHOST	"whois.lacnic.net"
 #define	MNICHOST	"whois.ra.net"
-#define	NICHOST		"whois.crsnic.net"
 #define	PDBHOST		"whois.peeringdb.com"
 #define	PNICHOST	"whois.apnic.net"
-#define	QNICHOST_HEAD	"whois.nic."
 #define	QNICHOST_TAIL	".whois-servers.net"
 #define	RNICHOST	"whois.ripe.net"
+#define	VNICHOST	"whois.verisign-grs.com"
 
 #define	DEFAULT_PORT	"whois"
 
-#define	WHOIS_SERVER_ID	"Whois Server: "
-#define	WHOIS_ORG_SERVER_ID	"Registrant Street1:Whois Server:"
+#define WHOIS_RECURSE	0x01
+#define WHOIS_QUICK	0x02
+#define WHOIS_SPAM_ME	0x04
 
-#define WHOIS_RECURSE		0x01
-#define WHOIS_QUICK		0x02
+#define CHOPSPAM	">>> Last update of WHOIS database:"
 
 #define ishost(h) (isalnum((unsigned char)h) || h == '.' || h == '-')
 
+#define SCAN(p, end, check)					\
+	while ((p) < (end))					\
+		if (check) ++(p);				\
+		else break
+
 static struct {
 	const char *suffix, *server;
 } whoiswhere[] = {
@@ -97,14 +101,25 @@ static struct {
 	{ "-RIPE", RNICHOST },
 	/* Nominet's whois server doesn't return referrals to JANET */
 	{ ".ac.uk", "ac.uk" QNICHOST_TAIL },
-	{ NULL, NULL }
+	{ "", IANAHOST }, /* default */
+	{ NULL, NULL } /* safety belt */
+};
+
+#define WHOIS_REFERRAL(s) { s, sizeof(s) - 1 }
+static struct {
+	const char *prefix;
+	size_t len;
+} whois_referral[] = {
+	WHOIS_REFERRAL("whois:"), /* IANA */
+	WHOIS_REFERRAL("Whois Server:"),
+	WHOIS_REFERRAL("Registrar WHOIS Server:"), /* corporatedomains.com */
+	WHOIS_REFERRAL("ReferralServer:  whois://"), /* ARIN */
+	{ NULL, 0 }
 };
 
-static const char *ip_whois[] = { LNICHOST, RNICHOST, PNICHOST, BNICHOST,
-				  FNICHOST, NULL };
 static const char *port = DEFAULT_PORT;
 
-static char *choose_server(char *);
+static const char *choose_server(char *);
 static struct addrinfo *gethostinfo(char const *host, int exitnoname);
 static void s_asprintf(char **ret, const char *format, ...) __printflike(2, 3);
 static void usage(void);
@@ -114,16 +129,15 @@ int
 main(int argc, char *argv[])
 {
 	const char *country, *host;
-	char *qnichost;
-	int ch, flags, use_qnichost;
+	int ch, flags;
 
 #ifdef	SOCKS
 	SOCKSinit(argv[0]);
 #endif
 
-	country = host = qnichost = NULL;
-	flags = use_qnichost = 0;
-	while ((ch = getopt(argc, argv, "aAbc:fgh:iIklmp:PQr")) != -1) {
+	country = host = NULL;
+	flags = 0;
+	while ((ch = getopt(argc, argv, "aAbc:fgh:iIklmp:PQrRS")) != -1) {
 		switch (ch) {
 		case 'a':
 			host = ANICHOST;
@@ -173,6 +187,12 @@ main(int argc, char *argv[])
 		case 'r':
 			host = RNICHOST;
 			break;
+		case 'R':
+			flags |= WHOIS_RECURSE;
+			break;
+		case 'S':
+			flags |= WHOIS_SPAM_ME;
+			break;
 		case '?':
 		default:
 			usage();
@@ -186,96 +206,43 @@ main(int argc, char *argv[])
 		usage();
 
 	/*
-	 * If no host or country is specified, try to determine the top
-	 * level domain from the query, or fall back to NICHOST.
+	 * If no host or country is specified, rely on referrals from IANA.
 	 */
 	if (host == NULL && country == NULL) {
 		if ((host = getenv("WHOIS_SERVER")) == NULL &&
 		    (host = getenv("RA_SERVER")) == NULL) {
-			use_qnichost = 1;
-			host = NICHOST;
 			if (!(flags & WHOIS_QUICK))
 				flags |= WHOIS_RECURSE;
 		}
 	}
 	while (argc-- > 0) {
 		if (country != NULL) {
+			char *qnichost;
 			s_asprintf(&qnichost, "%s%s", country, QNICHOST_TAIL);
 			whois(*argv, qnichost, flags);
-		} else if (use_qnichost)
-			if ((qnichost = choose_server(*argv)) != NULL)
-				whois(*argv, qnichost, flags);
-		if (qnichost == NULL)
-			whois(*argv, host, flags);
-		free(qnichost);
-		qnichost = NULL;
+			free(qnichost);
+		} else
+			whois(*argv, host != NULL ? host :
+			      choose_server(*argv), flags);
 		argv++;
 	}
 	exit(0);
 }
 
-/*
- * This function will remove any trailing periods from domain, after which it
- * returns a pointer to newly allocated memory containing the whois server to
- * be queried, or a NULL if the correct server couldn't be determined.  The
- * caller must remember to free(3) the allocated memory.
- *
- * If the domain is an IPv6 address or has a known suffix, that determines
- * the server, else if the TLD is a number, query ARIN, else try a couple of
- * formulaic server names. Fail if the domain does not contain '.'.
- */
-static char *
+static const char *
 choose_server(char *domain)
 {
-	char *pos, *retval;
+	size_t len = strlen(domain);
 	int i;
-	struct addrinfo *res;
 
-	if (strchr(domain, ':')) {
-		s_asprintf(&retval, "%s", ANICHOST);
-		return (retval);
-	}
-	for (pos = strchr(domain, '\0'); pos > domain && pos[-1] == '.';)
-		*--pos = '\0';
-	if (*domain == '\0')
-		errx(EX_USAGE, "can't search for a null string");
 	for (i = 0; whoiswhere[i].suffix != NULL; i++) {
 		size_t suffix_len = strlen(whoiswhere[i].suffix);
-		if (domain + suffix_len < pos &&
-		    strcasecmp(pos - suffix_len, whoiswhere[i].suffix) == 0) {
-			s_asprintf(&retval, "%s", whoiswhere[i].server);
-			return (retval);
-		}
-	}
-	while (pos > domain && *pos != '.')
-		--pos;
-	if (pos <= domain)
-		return (NULL);
-	if (isdigit((unsigned char)*++pos)) {
-		s_asprintf(&retval, "%s", ANICHOST);
-		return (retval);
-	}
-	/* Try possible alternative whois server name formulae. */
-	for (i = 0; ; ++i) {
-		switch (i) {
-		case 0:
-			s_asprintf(&retval, "%s%s", pos, QNICHOST_TAIL);
-			break;
-		case 1:
-			s_asprintf(&retval, "%s%s", QNICHOST_HEAD, pos);
-			break;
-		default:
-			return (NULL);
-		}
-		res = gethostinfo(retval, 0);
-		if (res) {
-			freeaddrinfo(res);
-			return (retval);
-		} else {
-			free(retval);
-			continue;
-		}
+		if (len > suffix_len &&
+		    strcasecmp(domain + len - suffix_len,
+			       whoiswhere[i].suffix) == 0)
+			return (whoiswhere[i].server);
 	}
+	errx(EX_SOFTWARE, "no default whois server");
 }
 
 static struct addrinfo *
@@ -285,7 +252,7 @@ gethostinfo(char const *host, int exit_on_noname)
 	int error;
 
 	memset(&hints, 0, sizeof(hints));
-	hints.ai_flags = 0;
+	hints.ai_flags = AI_CANONNAME;
 	hints.ai_family = AF_UNSPEC;
 	hints.ai_socktype = SOCK_STREAM;
 	res = NULL;
@@ -319,14 +286,13 @@ whois(const char *query, const char *hostname, int flags)
 	char *buf, *host, *nhost, *p;
 	int s = -1, f;
 	nfds_t i, j;
-	size_t c, len, count;
+	size_t len, count;
 	struct pollfd *fds;
 	int timeout = 180;
 
 	hostres = gethostinfo(hostname, 1);
 	for (res = hostres, count = 0; res; res = res->ai_next)
 		count++;
-
 	fds = calloc(count, sizeof(*fds));
 	if (fds == NULL)
 		err(EX_OSERR, "calloc()");
@@ -393,8 +359,8 @@ whois(const char *query, const char *hostname, int flags)
 				break;
 			} else if (n < 0) {
 				/*
-				 * errno here can only be EINTR which we would want
-				 * to clean up and bail out.
+				 * errno here can only be EINTR which we would
+				 * want to clean up and bail out.
 				 */
 				s = -1;
 				goto done;
@@ -428,85 +394,91 @@ whois(const char *query, const char *hostname, int flags)
 	s = -1;
 	if (count == 0)
 		errno = ETIMEDOUT;
-
 done:
+	if (s == -1)
+		err(EX_OSERR, "connect()");
+
 	/* Close all watched fds except the succeeded one */
 	for (j = 0; j < i; j++)
 		if (fds[j].fd != s && fds[j].fd != -1)
 			close(fds[j].fd);
-
-	if (s != -1) {
-                /* Restore default blocking behavior.  */
-                if ((f = fcntl(s, F_GETFL)) != -1) {
-                        f &= ~O_NONBLOCK;
-                        if (fcntl(s, F_SETFL, f) == -1)
-                                err(EX_OSERR, "fcntl()");
-                } else
-			err(EX_OSERR, "fcntl()");
-        }
-
 	free(fds);
-	freeaddrinfo(hostres);
-	if (s == -1)
-		err(EX_OSERR, "connect()");
+
+	/* Restore default blocking behavior.  */
+	if ((f = fcntl(s, F_GETFL)) == -1)
+		err(EX_OSERR, "fcntl()");
+	f &= ~O_NONBLOCK;
+	if (fcntl(s, F_SETFL, f) == -1)
+		err(EX_OSERR, "fcntl()");
 
 	fp = fdopen(s, "r+");
 	if (fp == NULL)
 		err(EX_OSERR, "fdopen()");
-	if (strcmp(hostname, GERMNICHOST) == 0) {
-		fprintf(fp, "-T dn,ace -C ISO-8859-1 %s\r\n", query);
-	} else if (strcmp(hostname, "dk" QNICHOST_TAIL) == 0) {
+
+	if (!(flags & WHOIS_SPAM_ME) &&
+	    (strcasecmp(hostname, DENICHOST) == 0 ||
+	     strcasecmp(hostname, "de" QNICHOST_TAIL) == 0)) {
+		const char *q;
+		int idn = 0;
+		for (q = query; *q != '\0'; q++)
+			if (!isascii(*q))
+				idn = 1;
+		fprintf(fp, "-T dn%s %s\r\n", idn ? "" : ",ace", query);
+	} else if (!(flags & WHOIS_SPAM_ME) &&
+		   (strcasecmp(hostname, DKNICHOST) == 0 ||
+		    strcasecmp(hostname, "dk" QNICHOST_TAIL) == 0))
 		fprintf(fp, "--show-handles %s\r\n", query);
-	} else {
+	else if ((flags & WHOIS_SPAM_ME) ||
+		 strchr(query, ' ') != NULL)
+		fprintf(fp, "%s\r\n", query);
+	else if (strcasecmp(hostname, ANICHOST) == 0)
+		fprintf(fp, "+ %s\r\n", query);
+	else if (strcasecmp(hostres->ai_canonname, VNICHOST) == 0)
+		fprintf(fp, "domain %s\r\n", query);
+	else
 		fprintf(fp, "%s\r\n", query);
-	}
 	fflush(fp);
+
 	nhost = NULL;
 	while ((buf = fgetln(fp, &len)) != NULL) {
-		while (len > 0 && isspace((unsigned char)buf[len - 1]))
-			buf[--len] = '\0';
-		printf("%.*s\n", (int)len, buf);
+		/* Nominet */
+		if (!(flags & WHOIS_SPAM_ME) &&
+		    len == 5 && strncmp(buf, "-- \r\n", 5) == 0)
+			break;
+
+		printf("%.*s", (int)len, buf);
 
 		if ((flags & WHOIS_RECURSE) && nhost == NULL) {
-			host = strnstr(buf, WHOIS_SERVER_ID, len);
-			if (host != NULL) {
-				host += sizeof(WHOIS_SERVER_ID) - 1;
-				for (p = host; p < buf + len; p++) {
-					if (!ishost(*p)) {
-						*p = '\0';
-						break;
-					}
-				}
-				s_asprintf(&nhost, "%.*s",
-				     (int)(buf + len - host), host);
-			} else if ((host =
-			    strnstr(buf, WHOIS_ORG_SERVER_ID, len)) != NULL) {
-				host += sizeof(WHOIS_ORG_SERVER_ID) - 1;
-				for (p = host; p < buf + len; p++) {
-					if (!ishost(*p)) {
-						*p = '\0';
-						break;
-					}
-				}
-				s_asprintf(&nhost, "%.*s",
-				    (int)(buf + len - host), host);
-			} else if (strcmp(hostname, ANICHOST) == 0) {
-				for (c = 0; c <= len; c++)
-					buf[c] = tolower((unsigned char)buf[c]);
-				for (i = 0; ip_whois[i] != NULL; i++) {
-					if (strnstr(buf, ip_whois[i], len) !=
-					    NULL) {
-						s_asprintf(&nhost, "%s",
-						    ip_whois[i]);
-						break;
-					}
-				}
+			for (i = 0; whois_referral[i].prefix != NULL; i++) {
+				p = buf;
+				SCAN(p, buf+len, *p == ' ');
+				if (strncasecmp(p, whois_referral[i].prefix,
+					           whois_referral[i].len) != 0)
+					continue;
+				p += whois_referral[i].len;
+				SCAN(p, buf+len, *p == ' ');
+				host = p;
+				SCAN(p, buf+len, ishost(*p));
+				/* avoid loops */
+				if (strncmp(hostname, host, p - host) != 0)
+					s_asprintf(&nhost, "%.*s",
+						   (int)(p - host), host);
+				break;
 			}
 		}
+		/* Verisign etc. */
+		if (!(flags & WHOIS_SPAM_ME) &&
+		    len >= sizeof(CHOPSPAM)-1 &&
+		    (strncasecmp(buf, CHOPSPAM, sizeof(CHOPSPAM)-1) == 0 ||
+		     strncasecmp(buf, CHOPSPAM+4, sizeof(CHOPSPAM)-5) == 0)) {
+			printf("\n");
+			break;
+		}
 	}
 	fclose(fp);
+	freeaddrinfo(hostres);
 	if (nhost != NULL) {
-		whois(query, nhost, 0);
+		whois(query, nhost, flags);
 		free(nhost);
 	}
 }
@@ -515,7 +487,7 @@ static void
 usage(void)
 {
 	fprintf(stderr,
-	    "usage: whois [-aAbfgiIklmPQr] [-c country-code | -h hostname] "
+	    "usage: whois [-aAbfgiIklmPQrRS] [-c country-code | -h hostname] "
 	    "[-p port] name ...\n");
 	exit(EX_USAGE);
 }
diff --git a/usr.bin/xlint/arch/riscv/targparam.h b/usr.bin/xlint/arch/riscv/targparam.h
new file mode 100644
index 0000000..8d57fbd
--- /dev/null
+++ b/usr.bin/xlint/arch/riscv/targparam.h
@@ -0,0 +1,53 @@
+/*	$NetBSD: targparam.h,v 1.2 2002/01/30 06:55:00 thorpej Exp $	*/
+
+/*
+ * Copyright (c) 1994, 1995 Jochen Pohl
+ * All Rights Reserved.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *	This product includes software developed by Jochen Pohl for
+ *	The NetBSD Project.
+ * 4. The name of the author may not be used to endorse or promote products
+ *    derived from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+ * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * Machine-dependent target parameters for lint1.
+ */
+
+#include "lp64.h"
+
+/*    
+ * Should be set to 1 if the difference of two pointers is of type long
+ * or the value of sizeof is of type unsigned long.  Note this MUST be
+ * kept in sync with the compiler!
+ */     
+
+#define	PTRDIFF_IS_LONG		1
+#define	SIZEOF_IS_ULONG		1
+
+#define	FLOAT_SIZE		(4 * CHAR_BIT)
+#define	DOUBLE_SIZE		(8 * CHAR_BIT)
+#define	LDOUBLE_SIZE		(16 * CHAR_BIT)
+
+#define	ENUM_SIZE		(4 * CHAR_BIT)
diff --git a/usr.bin/xlint/lint1/param.h b/usr.bin/xlint/lint1/param.h
index 7d31373..1e15fbd 100644
--- a/usr.bin/xlint/lint1/param.h
+++ b/usr.bin/xlint/lint1/param.h
@@ -80,6 +80,9 @@
 #elif __powerpc__
 #define PTRDIFF_IS_LONG		0
 #define SIZEOF_IS_ULONG		0
+#elif __riscv__
+#define PTRDIFF_IS_LONG		1
+#define SIZEOF_IS_ULONG		1
 #elif __sparc__
 #define PTRDIFF_IS_LONG		0
 #define SIZEOF_IS_ULONG		0
diff --git a/usr.sbin/autofs/automount.c b/usr.sbin/autofs/automount.c
index ce5d861..c87d6c0 100644
--- a/usr.sbin/autofs/automount.c
+++ b/usr.sbin/autofs/automount.c
@@ -46,6 +46,7 @@ __FBSDID("$FreeBSD$");
 #include <errno.h>
 #include <fcntl.h>
 #include <libgen.h>
+#include <libutil.h>
 #include <netdb.h>
 #include <signal.h>
 #include <stdbool.h>
@@ -55,8 +56,6 @@ __FBSDID("$FreeBSD$");
 #include <string.h>
 #include <unistd.h>
 
-#include <libutil.h>
-
 #include "common.h"
 #include "mntopts.h"
 
diff --git a/usr.sbin/autofs/automountd.c b/usr.sbin/autofs/automountd.c
index 2c9b1a9..44eda69 100644
--- a/usr.sbin/autofs/automountd.c
+++ b/usr.sbin/autofs/automountd.c
@@ -46,6 +46,7 @@ __FBSDID("$FreeBSD$");
 #include <errno.h>
 #include <fcntl.h>
 #include <libgen.h>
+#include <libutil.h>
 #include <netdb.h>
 #include <signal.h>
 #include <stdbool.h>
@@ -55,8 +56,6 @@ __FBSDID("$FreeBSD$");
 #include <string.h>
 #include <unistd.h>
 
-#include <libutil.h>
-
 #include "autofs_ioctl.h"
 
 #include "common.h"
diff --git a/usr.sbin/autofs/autounmountd.c b/usr.sbin/autofs/autounmountd.c
index b85f3ca..02971cf 100644
--- a/usr.sbin/autofs/autounmountd.c
+++ b/usr.sbin/autofs/autounmountd.c
@@ -37,13 +37,13 @@ __FBSDID("$FreeBSD$");
 #include <sys/time.h>
 #include <assert.h>
 #include <errno.h>
+#include <libutil.h>
 #include <stdbool.h>
 #include <stdint.h>
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
 #include <unistd.h>
-#include <libutil.h>
 
 #include "common.h"
 
diff --git a/usr.sbin/autofs/common.c b/usr.sbin/autofs/common.c
index eae118f..584c10b 100644
--- a/usr.sbin/autofs/common.c
+++ b/usr.sbin/autofs/common.c
@@ -47,6 +47,7 @@ __FBSDID("$FreeBSD$");
 #include <errno.h>
 #include <fcntl.h>
 #include <libgen.h>
+#include <libutil.h>
 #include <netdb.h>
 #include <paths.h>
 #include <signal.h>
@@ -58,8 +59,6 @@ __FBSDID("$FreeBSD$");
 #include <string.h>
 #include <unistd.h>
 
-#include <libutil.h>
-
 #include "autofs_ioctl.h"
 
 #include "common.h"
diff --git a/usr.sbin/autofs/defined.c b/usr.sbin/autofs/defined.c
index eaaea28..f94b92d 100644
--- a/usr.sbin/autofs/defined.c
+++ b/usr.sbin/autofs/defined.c
@@ -51,6 +51,7 @@ __FBSDID("$FreeBSD$");
 #include <errno.h>
 #include <fcntl.h>
 #include <libgen.h>
+#include <libutil.h>
 #include <netdb.h>
 #include <signal.h>
 #include <stdbool.h>
@@ -60,8 +61,6 @@ __FBSDID("$FreeBSD$");
 #include <string.h>
 #include <unistd.h>
 
-#include <libutil.h>
-
 #include "common.h"
 
 static TAILQ_HEAD(, defined_value)	defined_values;
diff --git a/usr.sbin/bsdconfig/share/strings.subr b/usr.sbin/bsdconfig/share/strings.subr
index 487e061..e624fb5 100644
--- a/usr.sbin/bsdconfig/share/strings.subr
+++ b/usr.sbin/bsdconfig/share/strings.subr
@@ -110,7 +110,7 @@ f_sprintf()
 # Example 2:
 #
 # 	limit=12 format="%s %s"
-# 	format_args="   'doghouse'      'foxhound'   "
+# 	format_args="   'doghouse'      'fox'   "
 # 		# even more spaces added to illustrate escape-method
 # 	f_vsnprintf foo $limit "$format" "$format_args" # foo=[doghouse fox]
 #
diff --git a/usr.sbin/iscsid/iscsid.c b/usr.sbin/iscsid/iscsid.c
index c1c8b1b..72828ef 100644
--- a/usr.sbin/iscsid/iscsid.c
+++ b/usr.sbin/iscsid/iscsid.c
@@ -42,6 +42,7 @@ __FBSDID("$FreeBSD$");
 #include <assert.h>
 #include <errno.h>
 #include <fcntl.h>
+#include <libutil.h>
 #include <netdb.h>
 #include <signal.h>
 #include <stdbool.h>
@@ -51,8 +52,6 @@ __FBSDID("$FreeBSD$");
 #include <string.h>
 #include <unistd.h>
 
-#include <libutil.h>
-
 #include "iscsid.h"
 
 static volatile bool sigalrm_received = false;
diff --git a/usr.sbin/ntp/config.h b/usr.sbin/ntp/config.h
index 73f83a3..ae3efba 100644
--- a/usr.sbin/ntp/config.h
+++ b/usr.sbin/ntp/config.h
@@ -182,7 +182,7 @@
 /* #undef C_ALLOCA */
 
 /* Enable debugging code? */
-#define DEBUG 1
+/* #undef DEBUG */
 
 /* Enable processing time debugging? */
 /* #undef DEBUG_TIMING */
@@ -1437,7 +1437,7 @@
 #define PACKAGE_NAME "ntp"
 
 /* Define to the full name and version of this package. */
-#define PACKAGE_STRING "ntp 4.2.8p5"
+#define PACKAGE_STRING "ntp 4.2.8p6"
 
 /* Define to the one symbol short name of this package. */
 #define PACKAGE_TARNAME "ntp"
@@ -1446,7 +1446,7 @@
 #define PACKAGE_URL "http://www.ntp.org./"
 
 /* Define to the version of this package. */
-#define PACKAGE_VERSION "4.2.8p5"
+#define PACKAGE_VERSION "4.2.8p6"
 
 /* data dir */
 #define PERLLIBDIR "/usr/local/share/ntp/lib"
@@ -1627,7 +1627,7 @@ typedef unsigned int	uintptr_t;
 /* #undef USE_UDP_SIGPOLL */
 
 /* Version number of package */
-#define VERSION "4.2.8p5"
+#define VERSION "4.2.8p6"
 
 /* vsnprintf expands "%m" to strerror(errno) */
 /* #undef VSNPRINTF_PERCENT_M */
@@ -1804,5 +1804,5 @@ typedef union mpinfou {
 /*
  * FreeBSD specific: Explicitly specify date/time for reproducible build.
  */
-#define	MKREPRO_DATE "Jan 8 2016"
-#define	MKREPRO_TIME "12:37:48"
+#define	MKREPRO_DATE "Jan 21 2016"
+#define	MKREPRO_TIME "01:03:28"
diff --git a/usr.sbin/ntp/doc/ntp-keygen.8 b/usr.sbin/ntp/doc/ntp-keygen.8
index a0c0954..e18940e 100644
--- a/usr.sbin/ntp/doc/ntp-keygen.8
+++ b/usr.sbin/ntp/doc/ntp-keygen.8
@@ -1,11 +1,11 @@
-.Dd January 7 2016
+.Dd January 20 2016
 .Dt NTP_KEYGEN 8 User Commands
 .Os
 .\"  EDIT THIS FILE WITH CAUTION  (ntp-keygen-opts.mdoc)
 .\"
 .\" $FreeBSD$
 .\"
-.\"  It has been AutoGen-ed  January  7, 2016 at 11:32:43 PM by AutoGen 5.18.5
+.\"  It has been AutoGen-ed  January 20, 2016 at 04:19:51 AM by AutoGen 5.18.5
 .\"  From the definitions    ntp-keygen-opts.def
 .\"  and the template file   agmdoc-cmd.tpl
 .Sh NAME
@@ -1055,7 +1055,7 @@ it to autogen\-users@lists.sourceforge.net.  Thank you.
 .Sh "AUTHORS"
 The University of Delaware and Network Time Foundation
 .Sh "COPYRIGHT"
-Copyright (C) 1992\-2015 The University of Delaware and Network Time Foundation all rights reserved.
+Copyright (C) 1992\-2016 The University of Delaware and Network Time Foundation all rights reserved.
 This program is released under the terms of the NTP license, <http://ntp.org/license>.
 .Sh BUGS
 It can take quite a while to generate some cryptographic values,
diff --git a/usr.sbin/ntp/doc/ntp.conf.5 b/usr.sbin/ntp/doc/ntp.conf.5
index 3f075a1..343f574 100644
--- a/usr.sbin/ntp/doc/ntp.conf.5
+++ b/usr.sbin/ntp/doc/ntp.conf.5
@@ -1,11 +1,11 @@
-.Dd January 7 2016
+.Dd January 20 2016
 .Dt NTP_CONF 5 File Formats
 .Os
 .\"  EDIT THIS FILE WITH CAUTION  (ntp.mdoc)
 .\"
 .\" $FreeBSD$
 .\"
-.\"  It has been AutoGen-ed  January  7, 2016 at 11:30:57 PM by AutoGen 5.18.5
+.\"  It has been AutoGen-ed  January 20, 2016 at 04:18:07 AM by AutoGen 5.18.5
 .\"  From the definitions    ntp.conf.def
 .\"  and the template file   agmdoc-cmd.tpl
 .Sh NAME
@@ -2395,16 +2395,18 @@ a 6\-bit code.  The default value is 46, signifying Expedited Forwarding.
 .Oo
 .Cm auth | Cm bclient |
 .Cm calibrate | Cm kernel |
-.Cm mode7 | monitor |
-.Cm ntp | Cm stats
+.Cm mode7 | Cm monitor |
+.Cm ntp | Cm stats |
+.Cm unpeer_crypto_early | Cm unpeer_crypto_nak_early | Cm unpeer_digest_early
 .Oc
 .Xc
 .It Xo Ic disable
 .Oo
 .Cm auth | Cm bclient |
 .Cm calibrate | Cm kernel |
-.Cm mode7 | monitor |
-.Cm ntp | Cm stats
+.Cm mode7 | Cm monitor |
+.Cm ntp | Cm stats |
+.Cm unpeer_crypto_early | Cm unpeer_crypto_nak_early | Cm unpeer_digest_early
 .Oc
 .Xc
 Provides a way to enable or disable various server options.
@@ -2478,6 +2480,67 @@ See the
 section for further information.
 The default for this flag is
 .Ic disable .
+.It Cm unpeer_crypto_early
+By default, if
+.Xr ntpd 8
+receives an autokey packet that fails TEST9,
+a crypto failure,
+the association is immediately cleared.
+This is almost certainly a feature,
+but if, in spite of the current recommendation of not using autokey,
+you are
+.B still
+using autokey
+.B and
+you are seeing this sort of DoS attack
+disabling this flag will delay
+tearing down the association until the reachability counter
+becomes zero.
+You can check your
+.Cm peerstats
+file for evidence of any of these attacks.
+The
+default for this flag is
+.Ic enable .
+.It Cm unpeer_crypto_nak_early
+By default, if
+.Xr ntpd 8
+receives a crypto\-NAK packet that
+passes the duplicate packet and origin timestamp checks
+the association is immediately cleared.
+While this is generally a feature
+as it allows for quick recovery if a server key has changed,
+a properly forged and appropriately delivered crypto\-NAK packet
+can be used in a DoS attack.
+If you have active noticable problems with this type of DoS attack
+then you should consider
+disabling this option.
+You can check your
+.Cm peerstats
+file for evidence of any of these attacks.
+The
+default for this flag is
+.Ic enable .
+.It Cm unpeer_digest_early
+By default, if
+.Xr ntpd 8
+receives what should be an authenticated packet
+that passes other packet sanity checks but
+contains an invalid digest
+the association is immediately cleared.
+While this is generally a feature
+as it allows for quick recovery,
+if this type of packet is carefully forged and sent
+during an appropriate window it can be used for a DoS attack.
+If you have active noticable problems with this type of DoS attack
+then you should consider
+disabling this option.
+You can check your
+.Cm peerstats
+file for evidence of any of these attacks.
+The
+default for this flag is
+.Ic enable .
 .El
 .It Ic includefile Ar includefile
 This command allows additional configuration commands
@@ -2836,7 +2899,7 @@ A snapshot of this documentation is available in HTML format in
 .Sh "AUTHORS"
 The University of Delaware and Network Time Foundation
 .Sh "COPYRIGHT"
-Copyright (C) 1992\-2015 The University of Delaware and Network Time Foundation all rights reserved.
+Copyright (C) 1992\-2016 The University of Delaware and Network Time Foundation all rights reserved.
 This program is released under the terms of the NTP license, <http://ntp.org/license>.
 .Sh BUGS
 The syntax checking is not picky; some combinations of
diff --git a/usr.sbin/ntp/doc/ntp.keys.5 b/usr.sbin/ntp/doc/ntp.keys.5
index 04dfbcd..6f711b9 100644
--- a/usr.sbin/ntp/doc/ntp.keys.5
+++ b/usr.sbin/ntp/doc/ntp.keys.5
@@ -1,11 +1,11 @@
-.Dd January 7 2016
+.Dd January 20 2016
 .Dt NTP_KEYS 5 File Formats
 .Os SunOS 5.10
 .\"  EDIT THIS FILE WITH CAUTION  (ntp.mdoc)
 .\"
 .\" $FreeBSD$
 .\"
-.\"  It has been AutoGen-ed  January  7, 2016 at 11:31:00 PM by AutoGen 5.18.5
+.\"  It has been AutoGen-ed  January 20, 2016 at 04:18:10 AM by AutoGen 5.18.5
 .\"  From the definitions    ntp.keys.def
 .\"  and the template file   agmdoc-file.tpl
 .Sh NAME
@@ -46,7 +46,7 @@ The key file uses the same comment conventions
 as the configuration file.
 Key entries use a fixed format of the form
 .Pp
-.D1 Ar keyno type key
+.D1 Ar keyno type key opt_IP_list
 .Pp
 where
 .Ar keyno
@@ -55,7 +55,15 @@ is a positive integer (between 1 and 65534),
 is the message digest algorithm,
 and
 .Ar key
-is the key itself.
+is the key itself, and
+.Ar opt_IP_list
+is an optional comma\-separated list of IPs
+that are allowed to serve time.
+If
+.Ar opt_IP_list
+is empty,
+any properly\-authenticated server message will be
+accepted.
 .Pp
 The
 .Ar key
@@ -149,7 +157,7 @@ it to autogen\-users@lists.sourceforge.net.  Thank you.
 .Sh "AUTHORS"
 The University of Delaware and Network Time Foundation
 .Sh "COPYRIGHT"
-Copyright (C) 1992\-2015 The University of Delaware and Network Time Foundation all rights reserved.
+Copyright (C) 1992\-2016 The University of Delaware and Network Time Foundation all rights reserved.
 This program is released under the terms of the NTP license, <http://ntp.org/license>.
 .Sh "BUGS"
 Please send bug reports to: http://bugs.ntp.org, bugs@ntp.org
diff --git a/usr.sbin/ntp/doc/ntpd.8 b/usr.sbin/ntp/doc/ntpd.8
index 70ab88e..3f6b673 100644
--- a/usr.sbin/ntp/doc/ntpd.8
+++ b/usr.sbin/ntp/doc/ntpd.8
@@ -1,11 +1,11 @@
-.Dd January 7 2016
+.Dd January 20 2016
 .Dt NTPD 8 User Commands
 .Os
 .\"  EDIT THIS FILE WITH CAUTION  (ntpd-opts.mdoc)
 .\"
 .\" $FreeBSD$
 .\"
-.\"  It has been AutoGen-ed  January  7, 2016 at 11:31:02 PM by AutoGen 5.18.5
+.\"  It has been AutoGen-ed  January 20, 2016 at 04:18:12 AM by AutoGen 5.18.5
 .\"  From the definitions    ntpd-opts.def
 .\"  and the template file   agmdoc-cmd.tpl
 .Sh NAME
@@ -888,7 +888,7 @@ A snapshot of this documentation is available in HTML format in
 .Sh "AUTHORS"
 The University of Delaware and Network Time Foundation
 .Sh "COPYRIGHT"
-Copyright (C) 1992\-2015 The University of Delaware and Network Time Foundation all rights reserved.
+Copyright (C) 1992\-2016 The University of Delaware and Network Time Foundation all rights reserved.
 This program is released under the terms of the NTP license, <http://ntp.org/license>.
 .Sh BUGS
 The
diff --git a/usr.sbin/ntp/doc/ntpdc.8 b/usr.sbin/ntp/doc/ntpdc.8
index 3561f2a..36511dc 100644
--- a/usr.sbin/ntp/doc/ntpdc.8
+++ b/usr.sbin/ntp/doc/ntpdc.8
@@ -1,11 +1,11 @@
-.Dd January 7 2016
+.Dd January 20 2016
 .Dt NTPDC 8 User Commands
 .Os
 .\"  EDIT THIS FILE WITH CAUTION  (ntpdc-opts.mdoc)
 .\"
 .\" $FreeBSD$
 .\"
-.\"  It has been AutoGen-ed  January  7, 2016 at 11:31:29 PM by AutoGen 5.18.5
+.\"  It has been AutoGen-ed  January 20, 2016 at 04:18:39 AM by AutoGen 5.18.5
 .\"  From the definitions    ntpdc-opts.def
 .\"  and the template file   agmdoc-cmd.tpl
 .Sh NAME
@@ -789,7 +789,7 @@ it to autogen\-users@lists.sourceforge.net.  Thank you.
 .Sh AUTHORS
 The formatting directives in this document came from FreeBSD.
 .Sh "COPYRIGHT"
-Copyright (C) 1992\-2015 The University of Delaware and Network Time Foundation all rights reserved.
+Copyright (C) 1992\-2016 The University of Delaware and Network Time Foundation all rights reserved.
 This program is released under the terms of the NTP license, <http://ntp.org/license>.
 .Sh BUGS
 The
diff --git a/usr.sbin/ntp/doc/ntpq.8 b/usr.sbin/ntp/doc/ntpq.8
index e71a84b..a1e1c64 100644
--- a/usr.sbin/ntp/doc/ntpq.8
+++ b/usr.sbin/ntp/doc/ntpq.8
@@ -1,11 +1,11 @@
-.Dd January 7 2016
+.Dd January 20 2016
 .Dt NTPQ 8 User Commands
 .Os
 .\"  EDIT THIS FILE WITH CAUTION  (ntpq-opts.mdoc)
 .\"
 .\" $FreeBSD$
 .\"
-.\"  It has been AutoGen-ed  January  7, 2016 at 11:32:02 PM by AutoGen 5.18.5
+.\"  It has been AutoGen-ed  January 20, 2016 at 04:19:12 AM by AutoGen 5.18.5
 .\"  From the definitions    ntpq-opts.def
 .\"  and the template file   agmdoc-cmd.tpl
 .Sh NAME
@@ -957,7 +957,7 @@ it to autogen\-users@lists.sourceforge.net.  Thank you.
 .Sh "AUTHORS"
 The University of Delaware and Network Time Foundation
 .Sh "COPYRIGHT"
-Copyright (C) 1992\-2015 The University of Delaware and Network Time Foundation all rights reserved.
+Copyright (C) 1992\-2016 The University of Delaware and Network Time Foundation all rights reserved.
 This program is released under the terms of the NTP license, <http://ntp.org/license>.
 .Sh "BUGS"
 Please send bug reports to: http://bugs.ntp.org, bugs@ntp.org
diff --git a/usr.sbin/ntp/doc/sntp.8 b/usr.sbin/ntp/doc/sntp.8
index 0d2dd64..b800b9e 100644
--- a/usr.sbin/ntp/doc/sntp.8
+++ b/usr.sbin/ntp/doc/sntp.8
@@ -1,11 +1,11 @@
-.Dd January 7 2016
+.Dd January 20 2016
 .Dt SNTP 8 User Commands
 .Os
 .\"  EDIT THIS FILE WITH CAUTION  (sntp-opts.mdoc)
 .\"
 .\" $FreeBSD$
 .\"
-.\"  It has been AutoGen-ed  January  7, 2016 at 11:23:27 PM by AutoGen 5.18.5
+.\"  It has been AutoGen-ed  January 20, 2016 at 04:06:45 AM by AutoGen 5.18.5
 .\"  From the definitions    sntp-opts.def
 .\"  and the template file   agmdoc-cmd.tpl
 .Sh NAME
@@ -305,7 +305,7 @@ it to autogen\-users@lists.sourceforge.net.  Thank you.
 .An "Harlan Stenn"
 .An "Dave Hart"
 .Sh "COPYRIGHT"
-Copyright (C) 1992\-2015 The University of Delaware and Network Time Foundation all rights reserved.
+Copyright (C) 1992\-2016 The University of Delaware and Network Time Foundation all rights reserved.
 This program is released under the terms of the NTP license, <http://ntp.org/license>.
 .Sh "BUGS"
 Please send bug reports to: http://bugs.ntp.org, bugs@ntp.org
diff --git a/usr.sbin/ntp/libntp/Makefile b/usr.sbin/ntp/libntp/Makefile
index 1e48483..6a58cdb 100644
--- a/usr.sbin/ntp/libntp/Makefile
+++ b/usr.sbin/ntp/libntp/Makefile
@@ -16,6 +16,7 @@ NTP_SRCS= systime.c	a_md5encrypt.c	adjtime.c	atoint.c \
 	clocktypes.c	decodenetnum.c	dofptoa.c	dolfptoa.c \
 	emalloc.c	findconfig.c	getopt.c	hextoint.c \
 	hextolfp.c	humandate.c	icom.c		iosignal.c \
+	is_ip_address.c \
 	lib_strbuf.c	machines.c	mktime.c	modetoa.c \
 	mstolfp.c	msyslog.c	netof.c		ntp_calendar.c \
 	ntp_crypto_rnd.c		ntp_intres.c	ntp_libopts.c \
diff --git a/usr.sbin/ntp/scripts/mkver b/usr.sbin/ntp/scripts/mkver
index 6a99756..c200a1b 100755
--- a/usr.sbin/ntp/scripts/mkver
+++ b/usr.sbin/ntp/scripts/mkver
@@ -6,7 +6,7 @@ PROG=${1-UNKNOWN}
 
 ConfStr="$PROG"
 
-ConfStr="$ConfStr 4.2.8p5"
+ConfStr="$ConfStr 4.2.8p6"
 
 case "$CSET" in
  '') ;;
diff --git a/usr.sbin/ypldap/yp.c b/usr.sbin/ypldap/yp.c
index 3676245..2868c8f 100644
--- a/usr.sbin/ypldap/yp.c
+++ b/usr.sbin/ypldap/yp.c
@@ -83,17 +83,14 @@ void
 yp_enable_events(void)
 {
 	int i;
-	extern fd_set svc_fdset;
 	struct yp_event	*ye;
 
-	for (i = 0; i < FD_SETSIZE; i++) {
-		if (FD_ISSET(i, &svc_fdset)) {
-			if ((ye = calloc(1, sizeof(*ye))) == NULL)
-				fatal(NULL);
-			event_set(&ye->ye_event, i, EV_READ, yp_fd_event, NULL);
-			event_add(&ye->ye_event, NULL);
-			TAILQ_INSERT_TAIL(&env->sc_yp->yd_events, ye, ye_entry);
-		}
+	for (i = 0; i < getdtablesize(); i++) {
+		if ((ye = calloc(1, sizeof(*ye))) == NULL)
+			fatal(NULL);
+		event_set(&ye->ye_event, i, EV_READ, yp_fd_event, NULL);
+		event_add(&ye->ye_event, NULL);
+		TAILQ_INSERT_TAIL(&env->sc_yp->yd_events, ye, ye_entry);
 	}
 }