summaryrefslogtreecommitdiff
path: root/app
diff options
context:
space:
mode:
Diffstat (limited to 'app')
-rw-r--r--app/assets/fronts7
-rw-r--r--app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java38
-rw-r--r--app/src/main/java/se/leap/bitmaskclient/providersetup/fragments/ConfigureProviderFragment.java4
-rw-r--r--app/src/main/java/se/leap/bitmaskclient/tor/ClientTransportPlugin.java30
-rw-r--r--app/src/main/res/values/untranslatable.xml30
-rw-r--r--app/src/test/resources/v4/riseup.net.cert76
6 files changed, 104 insertions, 81 deletions
diff --git a/app/assets/fronts b/app/assets/fronts
index cd850e2e..60c56333 100644
--- a/app/assets/fronts
+++ b/app/assets/fronts
@@ -1,3 +1,4 @@
-snowflake-target https://snowflake-broker.azureedge.net
-snowflake-front ajax.aspnetcdn.com
-snowflake-stun stun:stun.stunprotocol.org:3478,stun:stun.voip.blackberry.com:3478,stun:stun.altar.com.pl:3478,stun:stun.antisip.com:3478,stun:stun.bluesip.net:3478,stun:stun.dus.net:3478,stun:stun.epygi.com:3478,stun:stun.sonetel.com:3478,stun:stun.sonetel.net:3478,stun:stun.stunprotocol.org:3478,stun:stun.uls.co.za:3478,stun:stun.voipgate.com:3478,stun:stun.voys.nl:3478
+snowflake-target https://1098762253.rsc.cdn77.org
+snowflake-fronts www.cdn77.com,www.phpmyadmin.net
+snowflake-stun stun:stun.sonetel.com:3478,stun:stun.uls.co.za:3478,stun:stun.voipgate.com:3478,stun:stun.voys.nl:3478
+utls-imitate hellorandomizedalpn \ No newline at end of file
diff --git a/app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java b/app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java
index 506b04a6..9e778fae 100644
--- a/app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java
+++ b/app/src/main/java/de/blinkt/openvpn/core/OpenVPNService.java
@@ -187,7 +187,8 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac
mProcessThread = null;
}
VpnStatus.removeByteCountListener(this);
- unregisterDeviceStateReceiver();
+ unregisterDeviceStateReceiver(mDeviceStateReceiver);
+ mDeviceStateReceiver = null;
mOpenVPNThread = null;
if (!mStarting) {
stopForeground(!mNotificationAlwaysVisible);
@@ -200,35 +201,31 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac
firewallManager.stop();
}
- synchronized void registerDeviceStateReceiver(OpenVPNManagement magnagement) {
+ synchronized void registerDeviceStateReceiver(DeviceStateReceiver newDeviceStateReceiver) {
// Registers BroadcastReceiver to track network connection changes.
IntentFilter filter = new IntentFilter();
filter.addAction(ConnectivityManager.CONNECTIVITY_ACTION);
filter.addAction(Intent.ACTION_SCREEN_OFF);
filter.addAction(Intent.ACTION_SCREEN_ON);
- mDeviceStateReceiver = new DeviceStateReceiver(magnagement);
// Fetch initial network state
- mDeviceStateReceiver.networkStateChange(this);
-
- registerReceiver(mDeviceStateReceiver, filter);
- VpnStatus.addByteCountListener(mDeviceStateReceiver);
+ newDeviceStateReceiver.networkStateChange(this);
+ registerReceiver(newDeviceStateReceiver, filter);
+ VpnStatus.addByteCountListener(newDeviceStateReceiver);
}
- synchronized void unregisterDeviceStateReceiver() {
+ synchronized void unregisterDeviceStateReceiver(DeviceStateReceiver deviceStateReceiver) {
if (mDeviceStateReceiver != null)
try {
- VpnStatus.removeByteCountListener(mDeviceStateReceiver);
- this.unregisterReceiver(mDeviceStateReceiver);
+ VpnStatus.removeByteCountListener(deviceStateReceiver);
+ this.unregisterReceiver(deviceStateReceiver);
} catch (IllegalArgumentException iae) {
// I don't know why this happens:
// java.lang.IllegalArgumentException: Receiver not registered: de.blinkt.openvpn.NetworkSateReceiver@41a61a10
// Ignore for now ...
iae.printStackTrace();
}
- mDeviceStateReceiver = null;
-
}
@Override
@@ -469,14 +466,16 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac
mProcessThread.start();
}
- new Handler(getMainLooper()).post(() -> {
- if (mDeviceStateReceiver != null) {
- unregisterDeviceStateReceiver();
- }
- registerDeviceStateReceiver(mManagement);
- }
+ final DeviceStateReceiver oldDeviceStateReceiver = mDeviceStateReceiver;
+ final DeviceStateReceiver newDeviceStateReceiver = new DeviceStateReceiver(mManagement);
- );
+ guiHandler.post(() -> {
+ if (oldDeviceStateReceiver != null)
+ unregisterDeviceStateReceiver(oldDeviceStateReceiver);
+
+ registerDeviceStateReceiver(newDeviceStateReceiver);
+ mDeviceStateReceiver = newDeviceStateReceiver;
+ });
}
private void stopOldOpenVPNProcess() {
@@ -538,6 +537,7 @@ public class OpenVPNService extends VpnService implements StateListener, Callbac
@Override
public void onCreate() {
super.onCreate();
+ guiHandler = new Handler(getMainLooper());
notificationManager = new VpnNotificationManager(this);
firewallManager = new FirewallManager(this, true);
}
diff --git a/app/src/main/java/se/leap/bitmaskclient/providersetup/fragments/ConfigureProviderFragment.java b/app/src/main/java/se/leap/bitmaskclient/providersetup/fragments/ConfigureProviderFragment.java
index cdb255fc..f20bc9b6 100644
--- a/app/src/main/java/se/leap/bitmaskclient/providersetup/fragments/ConfigureProviderFragment.java
+++ b/app/src/main/java/se/leap/bitmaskclient/providersetup/fragments/ConfigureProviderFragment.java
@@ -223,8 +223,10 @@ public class ConfigureProviderFragment extends BaseSetupFragment implements Prop
setupActivityCallback.onProviderSelected(provider);
handler.postDelayed(() -> {
if (!ProviderSetupObservable.isCanceled()) {
- if (setupActivityCallback != null) {
+ try {
setupActivityCallback.onConfigurationSuccess();
+ } catch (NullPointerException npe) {
+ // callback disappeared in the meanwhile
}
}
}, 750);
diff --git a/app/src/main/java/se/leap/bitmaskclient/tor/ClientTransportPlugin.java b/app/src/main/java/se/leap/bitmaskclient/tor/ClientTransportPlugin.java
index f13eb70e..b7909865 100644
--- a/app/src/main/java/se/leap/bitmaskclient/tor/ClientTransportPlugin.java
+++ b/app/src/main/java/se/leap/bitmaskclient/tor/ClientTransportPlugin.java
@@ -1,6 +1,6 @@
package se.leap.bitmaskclient.tor;
/**
- * Copyright (c) 2021 LEAP Encryption Access Project and contributors
+ * Copyright (c) 2024 LEAP Encryption Access Project and contributors
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@@ -66,6 +66,7 @@ public class ClientTransportPlugin implements ClientTransportPluginInterface, Pr
this.contextRef = new WeakReference<>(context);
handlerThread = new HandlerThread("clientTransportPlugin", Thread.MIN_PRIORITY);
loadCdnFronts(context);
+ IPtProxy.setStateLocation(context.getApplicationContext().getCacheDir() + "/pt_state");
}
@Override
@@ -96,18 +97,39 @@ public class ClientTransportPlugin implements ClientTransportPluginInterface, Pr
private void startConnectionAttempt(boolean useAmpCache, @NonNull String logfilePath) {
//this is using the current, default Tor snowflake infrastructure
String target = getCdnFront("snowflake-target");
- String front = getCdnFront("snowflake-front");
+ String fronts = getCdnFront("snowflake-fronts");
String stunServer = getCdnFront("snowflake-stun");
String ampCache = null;
if (useAmpCache) {
target = "https://snowflake-broker.torproject.net/";
ampCache = "https://cdn.ampproject.org/";
- front = "www.google.com";
+ fronts = "www.google.com";
}
- snowflakePort = IPtProxy.startSnowflake(stunServer, target, front, ampCache, logfilePath, false, false, true, 5);
+
+ snowflakePort = startSnowflake(stunServer, target, fronts, ampCache, null, null, logfilePath, false, false, false, 5);
Log.d(TAG, "startSnowflake running on port: " + snowflakePort);
}
+/**
+ StartSnowflake - Start IPtProxy's Snowflake client.
+ @param ice Comma-separated list of ICE servers.
+ @param url URL of signaling broker.
+ @param fronts Comma-separated list of front domains.
+ @param ampCache OPTIONAL. URL of AMP cache to use as a proxy for signaling.
+ Only needed when you want to do the rendezvous over AMP instead of a domain fronted server.
+ @param sqsQueueURL OPTIONAL. URL of SQS Queue to use as a proxy for signaling.
+ @param sqsCredsStr OPTIONAL. Credentials to access SQS Queue
+ @param logFile Name of log file. OPTIONAL. Defaults to no log.
+ @param logToStateDir Resolve the log file relative to Tor's PT state dir.
+ @param keepLocalAddresses Keep local LAN address ICE candidates.
+ @param unsafeLogging Prevent logs from being scrubbed.
+ @param maxPeers Capacity for number of multiplexed WebRTC peers. DEFAULTs to 1 if less than that.
+ @return Port number where Snowflake will listen on, if no error happens during start up.
+ */
+ private long startSnowflake(String ice, String url, String fronts, String ampCache, String sqsQueueURL, String sqsCredsStr, String logFile, boolean logToStateDir, boolean keepLocalAddresses, boolean unsafeLogging, long maxPeers) {
+ return IPtProxy.startSnowflake(ice, url, fronts, ampCache, sqsQueueURL, sqsCredsStr, logFile, logToStateDir, keepLocalAddresses, unsafeLogging, maxPeers);
+ }
+
private void retryConnectionAttempt(boolean useAmpCache) {
Log.d(TAG, ">> retryConnectionAttempt - " + (useAmpCache ? "amp cache" : "http domain fronting"));
stopConnectionAttempt();
diff --git a/app/src/main/res/values/untranslatable.xml b/app/src/main/res/values/untranslatable.xml
index 957788a5..13d0204a 100644
--- a/app/src/main/res/values/untranslatable.xml
+++ b/app/src/main/res/values/untranslatable.xml
@@ -1,14 +1,13 @@
<?xml version="1.0" encoding="utf-8"?>
<resources>
<string name="notifcation_title_bitmask" translatable="false">%s - %s</string>
- <string name="copyright_leapgui" translatable="false">Copyright (c) 2012-2022\nLEAP Encryption Access Project &lt;info@leap.se></string>
- <string name="opevpn_copyright" translatable="false">Copyright (c) 2002-2019 OpenVPN Technologies, Inc. &lt;sales@openvpn.net>\n
- "OpenVPN" is a trademark of OpenVPN Technologies, Inc.</string>
- <string name="lzo_copyright" translatable="false">Copyright (c) 1996 - 2011 Markus Franz Xaver Johannes Oberhumer</string>
- <string name="copyright_openssl" translatable="false"> Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.\n\n
+ <string name="copyright_leapgui" translatable="false">Copyright (c) 2012-2024\nLEAP Encryption Access Project &lt;info@leap.se></string>
+ <string name="opevpn_copyright" translatable="false">Copyright (C) 2002-2024 OpenVPN Inc &lt;sales@openvpn.net></string>
+ <string name="lzo_copyright" translatable="false">Copyright (c) 1996 - 2011 Markus Franz Xaver Johannes Oberhumer.\nCopyright (C) 2002-2024 OpenVPN Inc &lt;sales@openvpn.net></string>
+ <string name="copyright_openssl" translatable="false"> Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.\n\n
This product includes cryptographic software written by Eric Young (eay@cryptsoft.com)\n
Copyright 1995-1998 Eric Young (eay@cryptsoft.com) All rights reserved.</string>
- <string name="copyright_okhttp" translatable="false">Copyright (c) 2022 Square, Inc.</string>
+ <string name="copyright_okhttp" translatable="false">Copyright (c) 2024 Square, Inc.</string>
<string name="okhttp" translatable="false">OkHttp</string>
<string name="openvpn" translatable="false">OpenVPN</string>
<string name="lzo" translatable="false">LZO</string>
@@ -18,12 +17,11 @@
https://github.com/schwabe/polarssl/blob/icsopenvpn_270/apache-2.0.txt
</string>
<string name="asio" translatable="false">Asio</string>
- <string name="copyright_asio" translatable="false">Copyright (c) 2003-2018 Christopher M. Kohlhoff (chris at kohlhoff dot com).\n\nDistributed under the Boost Software License, Version 1.0.</string>
+ <string name="copyright_asio" translatable="false">Copyright (c) 2003-2024 Christopher M. Kohlhoff (chris at kohlhoff dot com).\n\nDistributed under the Boost Software License, Version 1.0.</string>
<string name="openvpn3" translatable="false">OpenVPN 3</string>
- <string name="copyright_openvpn3" translatable="false">GNU AFFERO GENERAL PUBLIC LICENSE\n
- Version 3, 19 November 2007</string>
+ <string name="copyright_openvpn3" translatable="false">Copyright (C) 2012-2024 OpenVPN Inc.</string>
<string name="unknown_state" translatable="false">Unknown state</string>
- <string name="copyright_blinktgui" translatable="false">Copyright (c) 2012-2022 Arne Schwabe &lt;arne@rfc2549.org></string>
+ <string name="copyright_blinktgui" translatable="false">Copyright (c) 2012-2024 Arne Schwabe &lt;arne@rfc2549.org></string>
<string name="defaultserver" translatable="false">openvpn.uni-paderborn.de</string>
<string name="defaultport" translatable="false">1194</string>
<string name="copyright_file_dialog" translatable="false">File Dialog based on work by Alexander Ponomarev</string>
@@ -36,21 +34,21 @@
<string name="state_user_vpn_password_cancelled" translatable="false">VPN password input dialog cancelled</string>
<string name="state_user_vpn_permission_cancelled" translatable="false">VPN API permission dialog cancelled</string>
<string name="shapeshifter_library" translatable="false">Shapeshifter Library</string>
- <string name="copyright_shapeshifter_library" translatable="false">Copyright (c) 2022, LEAP Encryption Access Project (info@leap.se)</string>
+ <string name="copyright_shapeshifter_library" translatable="false">Copyright (c) 2024, LEAP Encryption Access Project (info@leap.se)</string>
<string name="shapeshifter_transports" translatable="false">Shapeshifter Transports</string>
- <string name="copyright_shapeshifter_transports" translatable="false">Copyright (c) 2020 Operator Foundation. Distributed under MIT license.</string>
+ <string name="copyright_shapeshifter_transports" translatable="false">Copyright (c) 2024 Operator Foundation. Distributed under MIT license.</string>
<string name="obfs4" translatable="false">obfs4 - The obfourscator</string>
<string name="copyright_obfs4" translatable="false">Copyright (c) 2014, Yawning Angel \n yawning at schwanenlied dot me \n All rights reserved.</string>
<string name="snowflake" translatable="false">Snowflake</string>
- <string name="copyright_snowflake" translatable="false">Copyright (c) 2016, Serene Han, Arlo Breault \n Copyright (c) 2019-2020, The Tor Project, Inc.\nDistributed under 3-clause BSD license.</string>
+ <string name="copyright_snowflake" translatable="false">Copyright (c) 2016, Serene Han, Arlo Breault \n Copyright (c) 2019-2024, The Tor Project, Inc.\nDistributed under 3-clause BSD license.</string>
<string name="iptproxy" translatable="false">IPtProxy</string>
- <string name="copyright_iptproxy" translatable="false">Copyright (c) 2020 - 2021 Benjamin Erhart (berhart@netzarchitekten.com). Distributed under the MIT License</string>
+ <string name="copyright_iptproxy" translatable="false">Copyright (c) 2020 - 2024 Benjamin Erhart (berhart@netzarchitekten.com). Distributed under the MIT License</string>
<string name="tor" translatable="false">Tor</string>
- <string name="copyright_tor" translatable="false">Copyright (c) 2001-2004, Roger Dingledine \n Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson \n Copyright (c) 2007-2019, The Tor Project, Inc. \n Distributed under the 3-clause BSD license</string>
+ <string name="copyright_tor" translatable="false">Copyright (c) 2001-2004, Roger Dingledine \n Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson \n Copyright (c) 2007-2024, The Tor Project, Inc. \n Distributed under the 3-clause BSD license</string>
<string name="tor_android" translatable="false">Tor Android</string>
<string name="copyright_tor_android" translatable="false">Copyright (c) 2009-2010, Nathan Freitas, The Guardian Project. Distributed under the 3-clause BSD license.</string>
<string name="circleImageView" translatable="false">CircleImageView</string>
- <string name="copyright_circleImageView" translatable="false">Copyright 2014 - 2022 Henning Dodenhof. Licensed under the Apache License, Version 2.0 </string>
+ <string name="copyright_circleImageView" translatable="false">Copyright 2014 - 2024 Henning Dodenhof. Licensed under the Apache License, Version 2.0 </string>
<!-- gateway selector, move to strings.xml, once the wording is clear -->
<string name="no_location" translatable="false">---</string>
diff --git a/app/src/test/resources/v4/riseup.net.cert b/app/src/test/resources/v4/riseup.net.cert
index 5181a66b..68f1a31d 100644
--- a/app/src/test/resources/v4/riseup.net.cert
+++ b/app/src/test/resources/v4/riseup.net.cert
@@ -1,43 +1,43 @@
-----BEGIN RSA PRIVATE KEY-----
-MIIEpAIBAAKCAQEAoubdIK609+1LgeOFWDt++yaizzQRgmYWGfV7MtK3H5FB4BG9
-dE0Y6Psfs1T9wgtZ1qf4gI0njpS7m5PlwDFkBCbbQ+frhSVwi9tJoQo8Npvc9VU8
-+0h1JTyySPNgKKrXzOTtkRgnVenf5HLJoBsMOyqlFkcoV3Rw3ca+n/pw87iriCyY
-HdQkh/i/psCG46s+p1O/C41dRoO4DQonCB68K0kA/EUM9KpTHxAw0f2Ug0X31st/
-z1apnCJn2LdzlW3qcgkrJgWJ0VkX1tImjuepfqYHme0m1yalavgUW27Hargl/MjY
-420BDA+hVyxfq0BpXCDUb8JmHvL5j7g+7SR4BwIDAQABAoIBABI3oSkDgKdtORF4
-gTQBy0yI4JItb3vWsMgMZM+lMudr1iMZuMclzBBZ7QygB5TIsi5IMIknv/G4/lYC
-ryHUJCw2sDSi3frQ2go55r0EqQEuYwJomt47Fyan6AQye2Fw4Zs/SrX8LoH0Gp6w
-m421GKQRO88G/CLzmZ+jlzPKzRDkO06RBK0kt2d6c2avOsk5KCLy/VhvLyMrbORe
-dSM+xHGIj1y83vgqy6mHFnDxRQrKTRskMrlZ04wIFf+ewke7eE7pBREki4ZPOGfi
-/CIpI0G6i5B3QnoJxdQcpFIYOYFu/ty3wsDEzfsRqEc+VPcgzGkvRGG1ewsrgIQ7
-bQQQGRkCgYEAxSxKPb1rVb5blIP+Mq8TqK7TeLL8ZXzkclIhtVh4lcCNTJpRN0Yk
-SnhlScWDg3gJ8Zb79pYz1PEiFjW0xK34VLXAWGeR2+YB8FUM1DpAJ1MEob1dA5ka
-fifc865AQLRB6bkM9xSqdTb7pQp5E88CE5w3ZCyQlPuBPGuS/zblLU0CgYEA04EA
-zaOZuaX0q/OvzLtsQqjbXHoCrd0pxEC2KZn+88sRvX0nk2sv8B58PMzYTrpKUHWg
-dJhwqGHNJVI5+v+1kyMtDgyIi0Yqqe5IqBzuk24ts0znODCXP4rVz9u5WdcIpofl
-Hhzg1svDtHPexswCaWF5HqHtyFA9dcENR0ZLIKMCgYEAvxAF+QHeSr4lXCrzXgXN
-VP3kKee3MFjvvd/cji/m2aY2xe4bmSY88HTuIahlojXl3Ndj3TT7kPMBBuiP/K5g
-HyXn90KVUrL1Wf/waI7xr6mAqYIn6d6oj2rtbqyB0rFZ1bPd3meGLgNTokAdx5Ym
-+v27pzSP/e4g832CehClz1kCgYEAoTeNCDKzQ7qHVObMUy9t5yXVB5mNH0AczRZS
-hEV4/BYHMLwMhadHhC2In8O5AdGoQcpXg2iLPx5FhDQ4M+XkXwKKHlJZZmgWry8N
-vO9Iv6JVPX3aJY+MSogmUGl40E1Dr8SYVarHi5MIWy2TW084a2E8NKhTmsPnBTIh
-T/n53CcCgYBuDeK4NoLne7h8q6TpSk/1p7fDkE/G5ueCcBOOrZBHan8y+VkUH1ZM
-rPkO8MprbJ+q/wBBfUvurycdHxtOQaahv7ZwIfKsXxGHShrhZseOTi1Wkkfw9kt2
-CE2U7O5Pn9KBKUwuPihaEqCtSjiSJKZr02UapFjS9R0FTAbf7LwYNg==
+MIIEowIBAAKCAQEA0OFWdcdiZtUfFQuADyIZyuFcIS5HIJIVaVY+D9g5bNqeqp6S
+xvtxTxykmm4A68Huwp99J20FWVUeNcPkscjtDxyWAcN9QcDFpgiYd0cQAsSDWX86
+sFd9pTzrWzO19kDfoHyMRlOEh0PAND5g/qTUPCDQzBudnf+0KwsxsoZUguRpWl7J
+jApGSWkuVH9gUmHSZFTX4U5jTgs3OVs9uih8aGtUlJPrH+1vlcQPMCSFopnziwq8
+OlTrunwUl7E2JN8E304vxZb6OrVo3VBqaVcY0emI0BFgqLDRokeDfhJfeLFV9IzX
+mI+e7K9e18Wx/8Ne8z2NfZx1usDEzT0PKZVHqQIDAQABAoIBAHHY388CBVgXAQHv
+arTU2UoC2rwbBRlzhcgMAXeRWntCDQjhtQ5PLcr4yZ6CJm5ZHVFmrEg425l9EyIq
+yxM7eDmsUvZTHoogD5oXRUJ9sPRRN2YoOkyy4wCU25Kx9JNreHd4atxJ2QoAm1ne
+Re+E10iOej9FLftXy1NKnqO3I4jTCKK6aUj3gayT7ot9Kr4v09S7G7gtgklbDqHY
+7Y88YNgb4E/P7j36BawiHE6tLT4ssrV8BpA5c9Tfc4208Z8s7PO9hOmr4VowJGk1
+JStWhZI4OBdTWFX3qYiKI1mDN1B7B02DYXz5g0zsA0ItLstTpY3/8dFNw0Ki0FoD
+EkF3MAECgYEA/Okk6yV/d7cRdnN6IKI6tMPSPRO254OWB21aJgLZEmprkVqtxDL5
+7hw7le7duZt+xmVlo7QqfRuVC4dbCO11+iTcS7FTe2ZnIYY3rdibqqSmGIFtuwI6
+B5ZRbl+sTpLp3QdVlazpyokwX4qtMkpJda95pBo4jU03CHIV+QF168ECgYEA026C
+bQaALllPyJ/56L6VLyOHIYQxwQCLJWJW3qquwuLnOGRh5QFq9yOW+eigU224ueNu
+p/IDL58qZpjnlSKNBMK9oCSn3fYuEQjSzLr2In1RlXaiY1yd5SomgKcYXxNmoqmZ
+TqVyzLeNydIb/US9C0ChObSUUrlKiAg41Gsi9ekCgYB81yDwKdxX3bfy/mGEhk/w
+NtEqcPbSJPQDyoi7RqCcJIfggiBQPtF8JdeL1RMBsa3MhPS88AwhIWJbBH99Uqnv
+xg4wFuIcgZnaxIPrfoaonwmWAx2FOD4ozJx5nSRSzNY/0oT+kxH8dee44Z1Iu76z
+JuEmjgLoTPsjYh1SgtQQgQKBgG8rbQKcZ2t3ZF7t1r5M7y4Q9S1nT63WdlNayKhd
+gHRSUBczmNGLlE2L9gdDDIGxcG61Keq+cnRosSevAB1HRHSbXI9Glsk7du9X/1bM
+ezyZPftjnHC4MwFaz1HYChV7ovymRki274y6eqACjNr3eJrhCaTI0TBJ4ulxwUfX
+aVN5AoGBAOAOfg8N2u+uZ1xrAKOoEkyYFzrkn2pq7e/9ewELoQEOCfF/Ad35Vz8h
+7cjmCkyZaTls6onJNHodK2H/O6DOZE/A1onUlyimScrfKiuwErCFSRMdulqFLEH+
+/i462yddISZFriuuWH/Q4HktO+kWVtl5eLNAXUj8+8s82cN/O9or
-----END RSA PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
-MIICdjCCAh2gAwIBAgIQEvFlsBeZpYERAhfR59N3ijAKBggqhkjOPQQDAjAzMTEw
+MIICdzCCAh2gAwIBAgIQAh39shpuOn8d0h0Ce/7QdDAKBggqhkjOPQQDAjAzMTEw
LwYDVQQDDChMRUFQIFJvb3QgQ0EgKGNsaWVudCBjZXJ0aWZpY2F0ZXMgb25seSEp
-MB4XDTI0MDIxNzE2MDgxNVoXDTI0MDMyMzE2MDgxNVowFDESMBAGA1UEAxMJVU5M
-SU1JVEVEMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoubdIK609+1L
-geOFWDt++yaizzQRgmYWGfV7MtK3H5FB4BG9dE0Y6Psfs1T9wgtZ1qf4gI0njpS7
-m5PlwDFkBCbbQ+frhSVwi9tJoQo8Npvc9VU8+0h1JTyySPNgKKrXzOTtkRgnVenf
-5HLJoBsMOyqlFkcoV3Rw3ca+n/pw87iriCyYHdQkh/i/psCG46s+p1O/C41dRoO4
-DQonCB68K0kA/EUM9KpTHxAw0f2Ug0X31st/z1apnCJn2LdzlW3qcgkrJgWJ0VkX
-1tImjuepfqYHme0m1yalavgUW27Hargl/MjY420BDA+hVyxfq0BpXCDUb8JmHvL5
-j7g+7SR4BwIDAQABo2cwZTAOBgNVHQ8BAf8EBAMCB4AwEwYDVR0lBAwwCgYIKwYB
-BQUHAwIwHQYDVR0OBBYEFIPsBEktjxealc2usc6QdNNK2xHFMB8GA1UdIwQYMBaA
-FH1KYtj/K0nEebaisdyOPmMHXKj+MAoGCCqGSM49BAMCA0cAMEQCIHMF70zfZQ7Y
-lcz0IDjFbHO/Xd+Mh0QSdcz6lU4OdXO4AiABPaZ/DUa2qBX8AWO4itwTEQYroeF8
-0onH42V60UWxEA==
+MB4XDTI0MDQwODEwNDI0OFoXDTI0MDUxMzEwNDI0OFowFDESMBAGA1UEAxMJVU5M
+SU1JVEVEMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0OFWdcdiZtUf
+FQuADyIZyuFcIS5HIJIVaVY+D9g5bNqeqp6SxvtxTxykmm4A68Huwp99J20FWVUe
+NcPkscjtDxyWAcN9QcDFpgiYd0cQAsSDWX86sFd9pTzrWzO19kDfoHyMRlOEh0PA
+ND5g/qTUPCDQzBudnf+0KwsxsoZUguRpWl7JjApGSWkuVH9gUmHSZFTX4U5jTgs3
+OVs9uih8aGtUlJPrH+1vlcQPMCSFopnziwq8OlTrunwUl7E2JN8E304vxZb6OrVo
+3VBqaVcY0emI0BFgqLDRokeDfhJfeLFV9IzXmI+e7K9e18Wx/8Ne8z2NfZx1usDE
+zT0PKZVHqQIDAQABo2cwZTAOBgNVHQ8BAf8EBAMCB4AwEwYDVR0lBAwwCgYIKwYB
+BQUHAwIwHQYDVR0OBBYEFETwjXTp5v7YT0/Xp9Nt2HpZcOzfMB8GA1UdIwQYMBaA
+FH1KYtj/K0nEebaisdyOPmMHXKj+MAoGCCqGSM49BAMCA0gAMEUCIQCMavb+KPlg
+gdx7YX0wllm3hP/06rdnGsljxCwJAtBztgIgd1EHzAYmWQ2pmcW3/8utGdCj+41x
+fOUCgjLYY1ww/Sw=
-----END CERTIFICATE-----