diff -burN openssh-3.7.1p2/Makefile.in openssh/Makefile.in
--- openssh-3.7.1p2/Makefile.in	2003-09-21 18:00:12.000000000 -0700
+++ openssh/Makefile.in	2004-02-08 01:54:16.000000000 -0800
@@ -90,6 +90,14 @@
 MANPAGES_IN	= scp.1 ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh-keyscan.1 ssh.1 sshd.8 sftp-server.8 sftp.1 ssh-rand-helper.8 ssh-keysign.8 sshd_config.5 ssh_config.5
 MANTYPE		= @MANTYPE@
 
+SRP_PROGS = srp-keygen$(EXEEXT) moduli2tconf$(EXEEXT) tconf2embed$(EXEEXT)
+SRP_CONFIG = moduli2tconf$(EXEEXT) tconf2embed$(EXEEXT)
+TARGETS += $(SRP_PROGS)
+LIBSSH_OBJS += srp-param.o srp-util.o tpasswd-util.o
+SSHDOBJS += auth-srp.o
+MANPAGES += srp-keygen.1.out
+MANPAGES_IN += srp-keygen.1
+
 CONFIGFILES=sshd_config.out ssh_config.out moduli.out
 CONFIGFILES_IN=sshd_config ssh_config moduli
 
@@ -108,11 +116,12 @@
 	-e 's|/etc/sshrc|$(sysconfdir)/sshrc|g' \
 	-e 's|/usr/X11R6/bin/xauth|$(XAUTH_PATH)|g' \
 	-e 's|/var/empty|$(PRIVSEP_PATH)|g' \
+	-e 's|/etc/verifier|$(sysconfdir)/verifier|g' \
 	-e 's|/usr/bin:/bin:/usr/sbin:/sbin|@user_path@|g'
 
 FIXPATHSCMD	= $(SED) $(PATHSUBS)
 
-all: $(CONFIGFILES) ssh_prng_cmds.out $(MANPAGES) $(TARGETS)
+all: $(CONFIGFILES) ssh_prng_cmds.out $(SRP_CONFIG) $(MANPAGES) $(TARGETS)
 
 $(LIBSSH_OBJS): Makefile.in config.h
 $(SSHOBJS): Makefile.in config.h
@@ -167,6 +176,39 @@
 logintest: logintest.o $(LIBCOMPAT) libssh.a loginrec.o
 	$(LD) -o $@ logintest.o $(LDFLAGS) loginrec.o -lopenbsd-compat -lssh $(LIBS)
 
+# moduli2tconf and tconf2embed need to be independent from libssh.a so
+# srp-param.c can be rebuilt
+
+SRP_SUB = log.o xmalloc.o tpasswd-util.o fatal.o
+
+moduli2tconf$(EXEEXT): $(LIBCOMPAT) moduli2tconf.o $(SRP_SUB)
+	$(LD) -o $@ moduli2tconf.o $(SRP_SUB) $(LDFLAGS) -lopenbsd-compat $(LIBS)
+
+tconf2embed$(EXEEXT): $(LIBCOMPAT) tconf2embed.o $(SRP_SUB)
+	$(LD) -o $@ tconf2embed.o $(SRP_SUB) $(LDFLAGS) -lopenbsd-compat $(LIBS)
+
+srp-keygen$(EXEEXT): $(LIBCOMPAT) libssh.a srp-keygen.o
+	$(LD) -o $@ srp-keygen.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
+
+# this isn't built by default, but the primality testing code is useful
+readtconf$(EXEEXT): $(LIBCOMPAT) libssh.a readtconf.o
+	$(LD) -o $@ readtconf.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
+
+# Note that this relies on the "moduli" file being safe! (It's supposed to be.)
+# If entries are added to "moduli" they should be checked.
+# (DH requirements are different from SRP requirements.)
+# The distribution comes with an srp-param.c file that
+# has everything in it already (built by the code below):
+
+srp-param.c: moduli2tconf$(EXEEXT) tconf2embed$(EXEEXT)
+	@if [ -f srp-param.c ]; then \
+		echo srp-param.c will not be overwritten; \
+		touch srp-param.c; \
+	else \
+		./moduli2tconf$(EXEEXT) moduli | \
+		./tconf2embed$(EXEEXT) $(FAST) libsrp.conf - > srp-param.c; \
+	fi
+
 $(MANPAGES): $(MANPAGES_IN)
 	if test "$(MANTYPE)" = "cat"; then \
 		manpage=$(srcdir)/`echo $@ | sed 's/\.[1-9]\.out$$/\.0/'`; \
@@ -248,6 +290,7 @@
 	$(INSTALL) -m 0755 $(STRIP_OPT) ssh-add $(DESTDIR)$(bindir)/ssh-add
 	$(INSTALL) -m 0755 $(STRIP_OPT) ssh-agent $(DESTDIR)$(bindir)/ssh-agent
 	$(INSTALL) -m 0755 $(STRIP_OPT) ssh-keygen $(DESTDIR)$(bindir)/ssh-keygen
+	$(INSTALL) -m 0755 $(STRIP_OPT) srp-keygen $(DESTDIR)$(bindir)/srp-keygen
 	$(INSTALL) -m 0755 $(STRIP_OPT) ssh-keyscan $(DESTDIR)$(bindir)/ssh-keyscan
 	$(INSTALL) -m 0755 $(STRIP_OPT) sshd $(DESTDIR)$(sbindir)/sshd
 	if test ! -z "$(INSTALL_SSH_RAND_HELPER)" ; then \
@@ -270,6 +313,7 @@
 	fi
 	$(INSTALL) -m 644 sftp.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/sftp.1
 	$(INSTALL) -m 644 sftp-server.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/sftp-server.8
+	$(INSTALL) -m 644 srp-keygen.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/srp-keygen.1
 	$(INSTALL) -m 644 ssh-keysign.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-keysign.8
 	-rm -f $(DESTDIR)$(bindir)/slogin
 	ln -s ./ssh$(EXEEXT) $(DESTDIR)$(bindir)/slogin
@@ -349,6 +393,7 @@
 	-rm -f $(DESTDIR)$(bindir)/ssh-add$(EXEEXT)
 	-rm -f $(DESTDIR)$(bindir)/ssh-agent$(EXEEXT)
 	-rm -f $(DESTDIR)$(bindir)/ssh-keygen$(EXEEXT)
+	-rm -f $(DESTDIR)$(bindir)/srp-keygen$(EXEEXT)
 	-rm -f $(DESTDIR)$(bindir)/ssh-keyscan$(EXEEXT)
 	-rm -f $(DESTDIR)$(bindir)/sftp$(EXEEXT)
 	-rm -f $(DESTDIR)$(sbindir)/sshd$(EXEEXT)
@@ -360,6 +405,7 @@
 	-rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-add.1
 	-rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-agent.1
 	-rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-keygen.1
+	-rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/srp-keygen.1
 	-rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/sftp.1
 	-rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-keyscan.1
 	-rm -f $(DESTDIR)$(mandir)/$(mansubdir)8/sshd.8
diff -burN openssh-3.7.1p2/README.SRP openssh/README.SRP
--- openssh-3.7.1p2/README.SRP	1969-12-31 16:00:00.000000000 -0800
+++ openssh/README.SRP	2004-02-08 01:41:02.000000000 -0800
@@ -0,0 +1,76 @@
+
+* This patch is relative to openssh-3.7.1p2.
+
+Recent major changes: 1. SRP is no longer a configuration option;
+the code is included by default, and enabled by default.  You can still
+disable SRP authentication via the configuration file, but if you really
+don't want to use SRP, don't apply the patch. 2. Privsep is now supported.
+
+See installation instructions below.
+
+NOTE: The srp-param.c file has been regenerated.  (Apr 3, 2002)
+
+The new file contains additional primes from the 'moduli' file.  Some of the
+old primes (from the old 'primes' file) are no longer in the 'moduli' file;
+these were moved to the libsrp.conf file so that old verifiers will continue
+to work, with the following exceptions:
+
+The old 512 bit, 640 bit, and 768 bit primes have been removed from the
+default configuration.  Their use is deprecated, and users should upgrade
+their verifiers if they are using these primes.
+
+Verifiers that use these old primes may still be used by adding the lines:
+
+:3Kn/YYiomHkFkfM1x4kayR125MGkzpLUDy3y14FlTMwYnhZkjrMXnoC2TcFAecNlU5kFzgcpKYUbBOPZFRtyf3:2
+:CbDP.jR6YD6wAj2ByQWxQxQZ7.9J9xkn2.Uqb3zVm16vQyizprhBw9hi80psatZ8k54vwZfiIeEHZVsDnyqeWSSIpWso.wh5GD4OFgdhVI3:2
+:iqJ7nFZ4bGCRjE1F.FXEwL085Zb0kLM2TdHDaVVCdq0cKxvnH/0FLskJTKlDtt6sDl89dc//aEULTVFGtcbA/tDzc.bnFE.DWthQOu2n2JwKjgKfgCR2lZFWXdnWmoOh:2
+:///////////93zgY8MZ2DCJ6Oek0t1pHAG9E28fdp7G22xwcEnER8b5A27cED0JTxvKPiyqwGnimAmfjybyKDq/XDMrjKS95v8MrTc9UViRqJ4BffZes8F//////////:7
+
+to the SSHDIR/verifier.conf file.
+
+----------
+
+SRP is a strong passphrase authentication method which provides the ability
+to authenticate in both directions, without using any client state apart
+from the user-entered passphrase.  That is, SRP authenticates the server in
+addition to the user (preventing host spoofing), and also authenticates the
+server host key.  Thus it is useful in situations where no authentic host
+key is known (because it has been changed, for example).
+
+To install:
+
+1. Configure and make as usual. SRP is automatically enabled unless you
+uncomment and change the line in SSHDIR/sshd_config that says
+
+       #SRPAuthentication yes
+
+The server currently defaults to allowing SRP unless it is disabled in the
+config file. You may also wish to disable other authentication methods, such
+as password. No configuration changes are needed on the client side.
+
+2. If you already have an /etc/tpasswd file you can skip this step.
+Each user must have a verifier entry on the server.  To create it, the
+user must run
+
+       srp-keygen
+
+which asks for a passphrase and stores a verifier in $HOME/.ssh/verifier.
+The contents of this file must be kept secret: they are vulnerable to a
+dictionary attack (this is less of a problem if you use a good pass-
+phrase, but few people do).  Alternatively the administrator may create
+a verifier on behalf of the user:
+
+       mkdir -p ~user/.ssh             # if not already present
+       chmod 700 ~user/.ssh            #
+       srp-keygen -f ~user/.ssh/verifier -u user
+       chown user ~user/.ssh/verifier
+       chmod 600 ~user/.ssh/verifier
+
+with a temporary passphrase that the user can change later, as above.
+Multiple verifiers may also be stored in SSHDIR/verifier (or /etc/tpasswd),
+in this case the file must not be world readable and must be owned by root.
+
+3. Finally, if you use /etc/tpasswd, and a user has created and added a new
+prime to /etc/tpasswd.conf, the client must also have a copy of this file
+(if it doesn't already); it can be copied to either SSHDIR/verifier.conf or
+/etc/tpasswd.conf.
diff -burN openssh-3.7.1p2/auth-srp.c openssh/auth-srp.c
--- openssh-3.7.1p2/auth-srp.c	1969-12-31 16:00:00.000000000 -0800
+++ openssh/auth-srp.c	2004-02-08 01:41:02.000000000 -0800
@@ -0,0 +1,287 @@
+/* SRP implementation for OpenSSH by Dr. Tom <tomh@kurage.nimh.nih.gov>. */
+
+#include "includes.h"
+
+#include <openssl/bn.h>
+
+#include "ssh2.h"
+#include "xmalloc.h"
+#include "packet.h"
+#include "log.h"
+#include "dispatch.h"
+#include "servconf.h"
+#include "auth.h"
+#include "monitor_wrap.h"
+#include "srp.h"
+
+int auth_srp_param(Authctxt *authctxt);
+void fatal_bignum_error(void);
+static void input_userauth_srp_value(int type, u_int32_t seq, void *ctxt);
+static void input_userauth_srp_proof(int type, u_int32_t seq, void *ctxt);
+
+/* import */
+extern ServerOptions options;
+
+static int
+userauth_srp(Authctxt *authctxt)
+{
+       packet_check_eom();
+
+       /* Allocate an SRP context. */
+
+       authctxt->srp = SRP_CTX_new();
+
+       /* Get the user's parameters. */
+
+       if (!PRIVSEP(auth_srp_param(authctxt)))
+               packet_disconnect("unknown/unsafe SRP group for user %s",
+                   authctxt->pw->pw_name);
+
+       return auth_srp(authctxt);
+}
+
+/*
+ * Get the user's parameters, which must be done in the non-chrooted
+ * parent under privsep.
+ */
+int
+auth_srp_param(Authctxt *authctxt)
+{
+       /* Find the user's prime p, generator g, verifier v, and salt. */
+
+       srp_find_verifier(authctxt->pw, authctxt->srp);
+
+       /* Make sure the group is OK (it might be user generated). */
+
+       return is_safe_group(authctxt->srp->p, authctxt->srp->g);
+}
+
+/*
+ * First round of SRP authentication.  Send the user's parameters,
+ * then calculate f and return; round 2 begins when we get the reply.
+ */
+int
+auth_srp(Authctxt *authctxt)
+{
+       int i, plen;
+       BIGNUM *tmp;
+       SRP_CTX *srp;
+
+       srp = authctxt->srp;
+
+       /* Send p, g, and salt. */
+
+       packet_start(SSH2_MSG_USERAUTH_SRP_REPLY);
+       packet_put_bignum2(srp->p);
+       packet_put_bignum2(srp->g);
+       packet_put_string(srp->salt, srp->slen);
+       packet_send();
+       packet_write_wait();
+
+       /* We can precompute some things now that we'll need later. */
+
+       /* p-1 */
+
+       if (!BN_sub(srp->pm1, srp->p, BN_value_one()))
+               goto err;
+
+       /*
+        * The random exponent b is ALEN bits long, or the size of p,
+        * whichever is less.
+        */
+       plen = BN_num_bits(srp->p);
+       i = ALEN;
+       if (plen < ALEN)
+               i = plen;
+
+       /* Loop until we find valid f and u values. */
+
+       if ((tmp = BN_new()) == NULL)
+               goto err;
+       for (;;) {
+
+               /*
+                * Generate the random exponent b.  Ensure that b > lg(p).
+                * Note that there is only one secret exponent per side,
+                * which is called 'a' in the SRP_CTX struct.
+                */
+               if (!BN_set_word(tmp, plen))
+                       goto err;
+               for (;;) {
+                       if (!BN_rand(srp->a, i, 0, 0))
+                               goto err;
+                       if (BN_ucmp(srp->a, tmp) > 0)
+                               break;
+               }
+
+               /* Generate the public value f = (v + g^b) mod p. */
+
+               if (!BN_mod_exp(srp->f, srp->g, srp->a, srp->p, srp->ctx))
+                       goto err;
+               if (!BN_add(srp->f, srp->v, srp->f))
+                       goto err;
+               if (BN_ucmp(srp->f, srp->p) >= 0) {
+                       if (!BN_sub(tmp, srp->f, srp->p))
+                               goto err;
+                       if (BN_copy(srp->f, tmp) == NULL)
+                               goto err;
+               }
+
+               /* Try again if it's 0, 1, or p-1. */
+
+               if (BN_is_zero(srp->f) || BN_is_one(srp->f) ||
+                   BN_ucmp(srp->f, srp->pm1) == 0)
+                       continue;
+
+               /* Calculate u from f; try again if it's zero. */
+
+               srp->u = srp_u_calc(srp->f);
+               if (srp->u != 0)
+                       break;
+       }
+       BN_free(tmp);
+
+       /* Now we're all set, so we go back to wait for the next packet. */
+
+       dispatch_set(SSH2_MSG_USERAUTH_SRP_VALUE, &input_userauth_srp_value);
+       authctxt->postponed = 1;
+       return 0;
+
+err:
+       fatal_bignum_error();
+       return 0;       /* mu */
+}
+
+/* Round 2: send f, calculate the shared secret K and the proofs. */
+
+static void
+input_userauth_srp_value(int type, u_int32_t seq, void *ctxt)
+{
+       BIGNUM *tmp, *K;
+       Authctxt *authctxt;
+       SRP_CTX *srp;
+
+       /* Make sure we're where we're supposed to be. */
+
+       authctxt = ctxt;
+       if (authctxt == NULL || authctxt->srp == NULL)
+               fatal("input_userauth_srp_value: no context");
+       srp = authctxt->srp;
+       dispatch_set(SSH2_MSG_USERAUTH_SRP_VALUE, NULL);
+
+       /* The client sent us e = g^a mod q. */
+
+       packet_get_bignum2(srp->e);
+       packet_check_eom();
+
+       /* Sanity check e.  Abort if e is not in (1, p-1). */
+
+       if (BN_cmp(srp->e, BN_value_one()) <= 0 ||
+           BN_ucmp(srp->e, srp->pm1) >= 0)
+               packet_disconnect("bad SRP e value for user %s",
+                   authctxt->pw->pw_name);
+
+       /* Now we can send f. */
+
+       packet_start(SSH2_MSG_USERAUTH_SRP_VALUE);
+       packet_put_bignum2(srp->f);
+       packet_send();
+       packet_write_wait();
+
+       /*
+        * Calculate the shared secret K = (e * v^u)^b mod p.
+        * Abort if e * v^u == 1 or -1 mod p.
+        */
+       if ((tmp = BN_new()) == NULL)
+               goto err;
+       if ((K = BN_new()) == NULL)
+               goto err;
+
+       if (!BN_set_word(tmp, srp->u))
+               goto err;
+       if (!BN_mod_exp(K, srp->v, tmp, srp->p, srp->ctx)) /* use K as a temp */
+               goto err;
+       if (!BN_mod_mul(tmp, srp->e, K, srp->p, srp->ctx))
+               goto err;
+
+       if (BN_cmp(tmp, BN_value_one()) <= 0 || BN_ucmp(tmp, srp->pm1) >= 0)
+               packet_disconnect("bad SRP base value");
+
+       if (!BN_mod_exp(K, tmp, srp->a, srp->p, srp->ctx))
+               goto err;
+
+       /* Calculate the exchange hash and proofs. */
+
+       srp_hash_calc(authctxt->user, authctxt->service, SRP_GEX_SHA1, srp, K);
+
+       BN_clear_free(K);
+       BN_clear_free(tmp);
+
+       /* Now we're ready for round 3. */
+
+       dispatch_set(SSH2_MSG_USERAUTH_SRP_PROOF, &input_userauth_srp_proof);
+       return;
+
+err:
+       fatal_bignum_error();
+}
+
+/* Round 3.  Check the client's proof and then send ours. */
+
+static void
+input_userauth_srp_proof(int type, u_int32_t seq, void *ctxt)
+{
+       int authenticated, mlen;
+       char *mbuf;
+       Authctxt *authctxt;
+       SRP_CTX *srp;
+
+       authctxt = ctxt;
+       if (authctxt == NULL || authctxt->srp == NULL)
+               fatal("input_userauth_srp_proof: no context");
+       srp = authctxt->srp;
+       dispatch_set(SSH2_MSG_USERAUTH_SRP_PROOF, NULL);
+
+       /* Get the client's version of m1. */
+
+       mbuf = packet_get_string(&mlen);
+       packet_check_eom();
+
+       authenticated = 0;
+       if (mlen == srp->m1len && memcmp(mbuf, srp->m1, mlen) == 0)
+               authenticated = 1;
+
+       xfree(mbuf);
+
+       /*
+        * The return proof is either a flag set to true plus the server
+        * authenticator m2, or if the client was NOT authenticated,
+        * just the flag, set to false.
+        */
+       packet_start(SSH2_MSG_USERAUTH_SRP_PROOF);
+       packet_put_char(authenticated);
+       if (authenticated)
+               packet_put_string(srp->m2, srp->m2len);
+       packet_send();
+       packet_write_wait();
+
+       /* All done, nuke the context. */
+
+       SRP_CTX_free(srp);
+       authctxt->srp = NULL;
+
+       /*
+        * Finish up.  The client will inform us of our status by either
+        * accepting or rejecting the success message we send if the
+        * client was OK.
+        */
+       authctxt->postponed = 0;
+       mm_send_srp_done(authenticated);
+       userauth_finish(authctxt, authenticated, SRP_GEX_SHA1);
+}
+
+Authmethod method_srp = {
+       SRP_GEX_SHA1,
+       userauth_srp,
+       &options.srp_authentication
+};
diff -burN openssh-3.7.1p2/auth.h openssh/auth.h
--- openssh-3.7.1p2/auth.h	2003-09-02 19:11:30.000000000 -0700
+++ openssh/auth.h	2004-02-08 09:01:13.000000000 -0800
@@ -41,6 +41,7 @@
 #ifdef KRB5
 #include <krb5.h>
 #endif
+#include "srp.h"
 
 typedef struct Authctxt Authctxt;
 typedef struct Authmethod Authmethod;
@@ -66,6 +67,7 @@
 	krb5_principal	 krb5_user;
 	char		*krb5_ticket_file;
 #endif
+	SRP_CTX *srp;
 	void		*methoddata;
 };
 /*
@@ -121,6 +123,8 @@
 void	krb5_cleanup_proc(void *authctxt);
 #endif /* KRB5 */
 
+int     auth_srp(Authctxt *authctxt);
+
 #include "auth-pam.h"
 
 Authctxt *do_authentication(void);
diff -burN openssh-3.7.1p2/auth2.c openssh/auth2.c
--- openssh-3.7.1p2/auth2.c	2003-09-02 14:32:46.000000000 -0700
+++ openssh/auth2.c	2004-02-08 01:41:02.000000000 -0800
@@ -35,6 +35,7 @@
 #include "dispatch.h"
 #include "pathnames.h"
 #include "monitor_wrap.h"
+#include "srp.h"
 
 #ifdef GSSAPI
 #include "ssh-gss.h"
@@ -54,6 +55,7 @@
 extern Authmethod method_passwd;
 extern Authmethod method_kbdint;
 extern Authmethod method_hostbased;
+extern Authmethod method_srp;
 #ifdef GSSAPI
 extern Authmethod method_gssapi;
 #endif
@@ -67,6 +69,7 @@
 	&method_passwd,
 	&method_kbdint,
 	&method_hostbased,
+	&method_srp,
 	NULL
 };
 
@@ -196,6 +199,10 @@
 #endif
 
 	authctxt->postponed = 0;
+	if (authctxt->srp) {
+		SRP_CTX_free(authctxt->srp);
+		authctxt->srp = NULL;
+	}
 
 	/* try to authenticate user */
 	m = authmethod_lookup(method);
diff -burN openssh-3.7.1p2/libsrp.conf openssh/libsrp.conf
--- openssh-3.7.1p2/libsrp.conf	1969-12-31 16:00:00.000000000 -0800
+++ openssh/libsrp.conf	2004-02-08 01:41:02.000000000 -0800
@@ -0,0 +1,77 @@
+# These are the default primes and generators used by the srp-1.7.1
+# distribution of libsrp, with lengths >= 1024 bits.
+:Ewl2hcjiutMd3Fu2lgFnUXWSc67TVyy2vwYCKoS9MLsrdJVT9RgWTCuEqWJrfB6uE3LsE9GkOlaZabS7M29sj5TnzUqOLJMjiwEzArfiLr9WbMRANlF68N5AVLcPWvNx6Zjl3m5Scp0BzJBz9TkgfhzKJZ.WtP3Mv/67I/0wmRZ:2
+:F//////////oG/QeY5emZJ4ncABWDmSqIa2JWYAPynq0Wk.fZiJco9HIWXvZZG4tU.L6RFDEaCRC2iARV9V53TFuJLjRL72HUI5jNPYNdx6z4n2wQOtxMiB/rosz0QtxUuuQ/jQYP.bhfya4NnB7.P9A6PHxEPJWV//////////:5
+:3NUKQ2Re4P5BEK0TLg2dX3gETNNNECPoe92h4OVMaDn3Xo/0QdjgG/EvM.hiVV1BdIGklSI14HA38Mpe5k04juR5/EXMU0r1WtsLhNXwKBlf2zEfoOh0zVmDvqInpU695f29Iy7sNW3U5RIogcs740oUp2Kdv5wuITwnIx84cnO.e467/IV1lPnvMCr0pd1dgS0a.RV5eBJr03Q65Xy61R:2
+:dUyyhxav9tgnyIg65wHxkzkb7VIPh4o0lkwfOKiPp4rVJrzLRYVBtb76gKlaO7ef5LYGEw3G.4E0jbMxcYBetDy2YdpiP/3GWJInoBbvYHIRO9uBuxgsFKTKWu7RnR7yTau/IrFTdQ4LY/q.AvoCzMxV0PKvD9Odso/LFIItn8PbTov3VMn/ZEH2SqhtpBUkWtmcIkEflhX/YY/fkBKfBbe27/zUaKUUZEUYZ2H2nlCL60.JIPeZJSzsu/xHDVcx:2
+:2iQzj1CagQc/5ctbuJYLWlhtAsPHc7xWVyCPAKFRLWKADpASkqe9djWPFWTNTdeJtL8nAhImCn3Sr/IAdQ1FrGw0WvQUstPx3FO9KNcXOwisOQ1VlL.gheAHYfbYyBaxXL.NcJx9TUwgWDT0hRzFzqSrdGGTN3FgSTA1v4QnHtEygNj3eZ.u0MThqWUaDiP87nqha7XnT66bkTCkQ8.7T8L4KZjIImrNrUftedTTBi.WCi.zlrBxDuOM0da0JbUkQlXqvp0yvJAPpC11nxmmZOAbQOywZGmu9nhZNuwTlxjfIro0FOdthaDTuZRL9VL7MRPUDo/DQEyW.d4H.UIlzp:2
+# These are the primes from the old 'primes' file that are not included
+# in the new 'moduli' file.
+:gkqSd6XW9yaVqGp1bxd27WLqOdeuhx6U2VHSx1upNY/IjnRrtLdauJNOo5kt18LUlx6wqqaDQByUJ63.lhSd/DRN8T77Q7bPW0WFn6kPKetV80G6LUWm0HEwQwMwAVCU5fYd1VANLxogO6uD1VRTVbXRW/yl9BKGEjpeinOch5R:2
+:gkqSd6XW9yaVqGp1bxd27WLqOdeuhx6U2VHSx1upNY/IjnRrtLdauJNOo5kt18LUlx6wqqaDQByUJ63.lhSd/DRN8T77Q7bPW0WFn6kPKetV80G6LUWm0HEwQwMwAVCU5fYd1VANLxogO6uD1VRTVbXRW/yl9BKGEjpeinOch5R:2
+:gkqSd6XW9yaVqGp1bxd27WLqOdeuhx6U2VHSx1upNY/IjnRrtLdauJNOo5kt18LUlx6wqqaDQByUJ63.lhSd/DRN8T77Q7bPW0WFn6kPKetV80G6LUWm0HEwQwMwAVCU5fYd1VANLxogO6uD1VRTVbXRW/yl9BKGEjpeinOmMSp:2
+:gkqSd6XW9yaVqGp1bxd27WLqOdeuhx6U2VHSx1upNY/IjnRrtLdauJNOo5kt18LUlx6wqqaDQByUJ63.lhSd/DRN8T77Q7bPW0WFn6kPKetV80G6LUWm0HEwQwMwAVCU5fYd1VANLxogO6uD1VRTVbXRW/yl9BKGEjpeinOmMSp:2
+:gkqSd6XW9yaVqGp1bxd27WLqOdeuhx6U2VHSx1upNY/IjnRrtLdauJNOo5kt18LUlx6wqqaDQByUJ63.lhSd/DRN8T77Q7bPW0WFn6kPKetV80G6LUWm0HEwQwMwAVCU5fYd1VANLxogO6uD1VRTVbXRW/yl9BKGEjpeinOxft3:2
+:gkqSd6XW9yaVqGp1bxd27WLqOdeuhx6U2VHSx1upNY/IjnRrtLdauJNOo5kt18LUlx6wqqaDQByUJ63.lhSd/DRN8T77Q7bPW0WFn6kPKetV80G6LUWm0HEwQwMwAVCU5fYd1VANLxogO6uD1VRTVbXRW/yl9BKGEjpeinOxft3:2
+:gkqSd6XW9yaVqGp1bxd27WLqOdeuhx6U2VHSx1upNY/IjnRrtLdauJNOo5kt18LUlx6wqqaDQByUJ63.lhSd/DRN8T77Q7bPW0WFn6kPKetV80G6LUWm0HEwQwMwAVCU5fYd1VANLxogO6uD1VRTVbXRW/yl9BKGEjpeinPBWzx:2
+:gkqSd6XW9yaVqGp1bxd27WLqOdeuhx6U2VHSx1upNY/IjnRrtLdauJNOo5kt18LUlx6wqqaDQByUJ63.lhSd/DRN8T77Q7bPW0WFn6kPKetV80G6LUWm0HEwQwMwAVCU5fYd1VANLxogO6uD1VRTVbXRW/yl9BKGEjpeinPBWzx:2
+:gkqSd6XW9yaVqGp1bxd27WLqOdeuhx6U2VHSx1upNY/IjnRrtLdauJNOo5kt18LUlx6wqqaDQByUJ63.lhSd/DRN8T77Q7bPW0WFn6kPKetV80G6LUWm0HEwQwMwAVCU5fYd1VANLxogO6uD1VRTVbXRW/yl9BKGEjpeinPBxwZ:2
+:gkqSd6XW9yaVqGp1bxd27WLqOdeuhx6U2VHSx1upNY/IjnRrtLdauJNOo5kt18LUlx6wqqaDQByUJ63.lhSd/DRN8T77Q7bPW0WFn6kPKetV80G6LUWm0HEwQwMwAVCU5fYd1VANLxogO6uD1VRTVbXRW/yl9BKGEjpeinPBxwZ:2
+:gkqSd6XW9yaVqGp1bxd27WLqOdeuhx6U2VHSx1upNY/IjnRrtLdauJNOo5kt18LUlx6wqqaDQByUJ63.lhSd/DRN8T77Q7bPW0WFn6kPKetV80G6LUWm0HEwQwMwAVCU5fYd1VANLxogO6uD1VRTVbXRW/yl9BKGEjpeinPCGYB:2
+:gkqSd6XW9yaVqGp1bxd27WLqOdeuhx6U2VHSx1upNY/IjnRrtLdauJNOo5kt18LUlx6wqqaDQByUJ63.lhSd/DRN8T77Q7bPW0WFn6kPKetV80G6LUWm0HEwQwMwAVCU5fYd1VANLxogO6uD1VRTVbXRW/yl9BKGEjpeinPCGYB:2
+:gkqSd6XW9yaVqGp1bxd27WLqOdeuhx6U2VHSx1upNY/IjnRrtLdauJNOo5kt18LUlx6wqqaDQByUJ63.lhSd/DRN8T77Q7bPW0WFn6kPKetV80G6LUWm0HEwQwMwAVCU5fYd1VANLxogO6uD1VRTVbXRW/yl9BKGEjpeinPGq83:2
+:gkqSd6XW9yaVqGp1bxd27WLqOdeuhx6U2VHSx1upNY/IjnRrtLdauJNOo5kt18LUlx6wqqaDQByUJ63.lhSd/DRN8T77Q7bPW0WFn6kPKetV80G6LUWm0HEwQwMwAVCU5fYd1VANLxogO6uD1VRTVbXRW/yl9BKGEjpeinPGq83:2
+:gkqSd6XW9yaVqGp1bxd27WLqOdeuhx6U2VHSx1upNY/IjnRrtLdauJNOo5kt18LUlx6wqqaDQByUJ63.lhSd/DRN8T77Q7bPW0WFn6kPKetV80G6LUWm0HEwQwMwAVCU5fYd1VANLxogO6uD1VRTVbXRW/yl9BKGEjpeinPQK0R:2
+:gkqSd6XW9yaVqGp1bxd27WLqOdeuhx6U2VHSx1upNY/IjnRrtLdauJNOo5kt18LUlx6wqqaDQByUJ63.lhSd/DRN8T77Q7bPW0WFn6kPKetV80G6LUWm0HEwQwMwAVCU5fYd1VANLxogO6uD1VRTVbXRW/yl9BKGEjpeinPQK0R:2
+:gkqSd6XW9yaVqGp1bxd27WLqOdeuhx6U2VHSx1upNY/IjnRrtLdauJNOo5kt18LUlx6wqqaDQByUJ63.lhSd/DRN8T77Q7bPW0WFn6kPKetV80G6LUWm0HEwQwMwAVCU5fYd1VANLxogO6uD1VRTVbXRW/yl9BKGEjpeinPQqxx:2
+:gkqSd6XW9yaVqGp1bxd27WLqOdeuhx6U2VHSx1upNY/IjnRrtLdauJNOo5kt18LUlx6wqqaDQByUJ63.lhSd/DRN8T77Q7bPW0WFn6kPKetV80G6LUWm0HEwQwMwAVCU5fYd1VANLxogO6uD1VRTVbXRW/yl9BKGEjpeinPQqxx:2
+:gkqSd6XW9yaVqGp1bxd27WLqOdeuhx6U2VHSx1upNY/IjnRrtLdauJNOo5kt18LUlx6wqqaDQByUJ63.lhSd/DRN8T77Q7bPW0WFn6kPKetV80G6LUWm0HEwQwMwAVCU5fYd1VANLxogO6uD1VRTVbXRW/yl9BKGEjpeinPRTbJ:2
+:gkqSd6XW9yaVqGp1bxd27WLqOdeuhx6U2VHSx1upNY/IjnRrtLdauJNOo5kt18LUlx6wqqaDQByUJ63.lhSd/DRN8T77Q7bPW0WFn6kPKetV80G6LUWm0HEwQwMwAVCU5fYd1VANLxogO6uD1VRTVbXRW/yl9BKGEjpeinPRTbJ:2
+:gkqSd6XW9yaVqGp1bxd27WLqOdeuhx6U2VHSx1upNY/IjnRrtLdauJNOo5kt18LUlx6wqqaDQByUJ63.lhSd/DRN8T77Q7bPW0WFn6kPKetV80G6LUWm0HEwQwMwAVCU5fYd1VANLxogO6uD1VRTVbXRW/yl9BKGEjpeinPVQQB:2
+:gkqSd6XW9yaVqGp1bxd27WLqOdeuhx6U2VHSx1upNY/IjnRrtLdauJNOo5kt18LUlx6wqqaDQByUJ63.lhSd/DRN8T77Q7bPW0WFn6kPKetV80G6LUWm0HEwQwMwAVCU5fYd1VANLxogO6uD1VRTVbXRW/yl9BKGEjpeinPVQQB:2
+:gkqSd6XW9yaVqGp1bxd27WLqOdeuhx6U2VHSx1upNY/IjnRrtLdauJNOo5kt18LUlx6wqqaDQByUJ63.lhSd/DRN8T77Q7bPW0WFn6kPKetV80G6LUWm0HEwQwMwAVCU5fYd1VANLxogO6uD1VRTVbXRW/yl9BKGEjpeinPXEWp:2
+:gkqSd6XW9yaVqGp1bxd27WLqOdeuhx6U2VHSx1upNY/IjnRrtLdauJNOo5kt18LUlx6wqqaDQByUJ63.lhSd/DRN8T77Q7bPW0WFn6kPKetV80G6LUWm0HEwQwMwAVCU5fYd1VANLxogO6uD1VRTVbXRW/yl9BKGEjpeinPXEWp:2
+:gkqSd6XW9yaVqGp1bxd27WLqOdeuhx6U2VHSx1upNY/IjnRrtLdauJNOo5kt18LUlx6wqqaDQByUJ63.lhSd/DRN8T77Q7bPW0WFn6kPKetV80G6LUWm0HEwQwMwAVCU5fYd1VANLxogO6uD1VRTVbXRW/yl9BKGEjpeinPYxQB:2
+:gkqSd6XW9yaVqGp1bxd27WLqOdeuhx6U2VHSx1upNY/IjnRrtLdauJNOo5kt18LUlx6wqqaDQByUJ63.lhSd/DRN8T77Q7bPW0WFn6kPKetV80G6LUWm0HEwQwMwAVCU5fYd1VANLxogO6uD1VRTVbXRW/yl9BKGEjpeinPYxQB:2
+:gkqSd6XW9yaVqGp1bxd27WLqOdeuhx6U2VHSx1upNY/IjnRrtLdauJNOo5kt18LUlx6wqqaDQByUJ63.lhSd/DRN8T77Q7bPW0WFn6kPKetV80G6LUWm0HEwQwMwAVCU5fYd1VANLxogO6uD1VRTVbXRW/yl9BKGEjpeinPZUyx:2
+:gkqSd6XW9yaVqGp1bxd27WLqOdeuhx6U2VHSx1upNY/IjnRrtLdauJNOo5kt18LUlx6wqqaDQByUJ63.lhSd/DRN8T77Q7bPW0WFn6kPKetV80G6LUWm0HEwQwMwAVCU5fYd1VANLxogO6uD1VRTVbXRW/yl9BKGEjpeinPZUyx:2
+:gkqSd6XW9yaVqGp1bxd27WLqOdeuhx6U2VHSx1upNY/IjnRrtLdauJNOo5kt18LUlx6wqqaDQByUJ63.lhSd/DRN8T77Q7bPW0WFn6kPKetV80G6LUWm0HEwQwMwAVCU5fYd1VANLxogO6uD1VRTVbXRW/yl9BKGEjpeinPkDNp:2
+:gkqSd6XW9yaVqGp1bxd27WLqOdeuhx6U2VHSx1upNY/IjnRrtLdauJNOo5kt18LUlx6wqqaDQByUJ63.lhSd/DRN8T77Q7bPW0WFn6kPKetV80G6LUWm0HEwQwMwAVCU5fYd1VANLxogO6uD1VRTVbXRW/yl9BKGEjpeinPkDNp:2
+:gkqSd6XW9yaVqGp1bxd27WLqOdeuhx6U2VHSx1upNY/IjnRrtLdauJNOo5kt18LUlx6wqqaDQByUJ63.lhSd/DRN8T77Q7bPW0WFn6kPKetV80G6LUWm0HEwQwMwAVCU5fYd1VANLxogO6uD1VRTVbXRW/yl9BKGEjpeinPkyJx:2
+:gkqSd6XW9yaVqGp1bxd27WLqOdeuhx6U2VHSx1upNY/IjnRrtLdauJNOo5kt18LUlx6wqqaDQByUJ63.lhSd/DRN8T77Q7bPW0WFn6kPKetV80G6LUWm0HEwQwMwAVCU5fYd1VANLxogO6uD1VRTVbXRW/yl9BKGEjpeinPkyJx:2
+:gkqSd6XW9yaVqGp1bxd27WLqOdeuhx6U2VHSx1upNY/IjnRrtLdauJNOo5kt18LUlx6wqqaDQByUJ63.lhSd/DRN8T77Q7bPW0WFn6kPKetV80G6LUWm0HEwQwMwAVCU5fYd1VANLxogO6uD1VRTVbXRW/yl9BKGEjpeinPpw7x:2
+:gkqSd6XW9yaVqGp1bxd27WLqOdeuhx6U2VHSx1upNY/IjnRrtLdauJNOo5kt18LUlx6wqqaDQByUJ63.lhSd/DRN8T77Q7bPW0WFn6kPKetV80G6LUWm0HEwQwMwAVCU5fYd1VANLxogO6uD1VRTVbXRW/yl9BKGEjpeinPpw7x:2
+:gkqSd6XW9yaVqGp1bxd27WLqOdeuhx6U2VHSx1upNY/IjnRrtLdauJNOo5kt18LUlx6wqqaDQByUJ63.lhSd/DRN8T77Q7bPW0WFn6kPKetV80G6LUWm0HEwQwMwAVCU5fYd1VANLxogO6uD1VRTVbXRW/yl9BKGEjpeinQ884h:2
+:gkqSd6XW9yaVqGp1bxd27WLqOdeuhx6U2VHSx1upNY/IjnRrtLdauJNOo5kt18LUlx6wqqaDQByUJ63.lhSd/DRN8T77Q7bPW0WFn6kPKetV80G6LUWm0HEwQwMwAVCU5fYd1VANLxogO6uD1VRTVbXRW/yl9BKGEjpeinQ884h:2
+:gkqSd6XW9yaVqGp1bxd27WLqOdeuhx6U2VHSx1upNY/IjnRrtLdauJNOo5kt18LUlx6wqqaDQByUJ63.lhSd/DRN8T77Q7bPW0WFn6kPKetV80G6LUWm0HEwQwMwAVCU5fYd1VANLxogO6uD1VRTVbXRW/yl9BKGEjpeinQB6Mp:2
+:gkqSd6XW9yaVqGp1bxd27WLqOdeuhx6U2VHSx1upNY/IjnRrtLdauJNOo5kt18LUlx6wqqaDQByUJ63.lhSd/DRN8T77Q7bPW0WFn6kPKetV80G6LUWm0HEwQwMwAVCU5fYd1VANLxogO6uD1VRTVbXRW/yl9BKGEjpeinQB6Mp:2
+:gkqSd6XW9yaVqGp1bxd27WLqOdeuhx6U2VHSx1upNY/IjnRrtLdauJNOo5kt18LUlx6wqqaDQByUJ63.lhSd/DRN8T77Q7bPW0WFn6kPKetV80G6LUWm0HEwQwMwAVCU5fYd1VANLxogO6uD1VRTVbXRW/yl9BKGEjpeinQDMuZ:2
+:gkqSd6XW9yaVqGp1bxd27WLqOdeuhx6U2VHSx1upNY/IjnRrtLdauJNOo5kt18LUlx6wqqaDQByUJ63.lhSd/DRN8T77Q7bPW0WFn6kPKetV80G6LUWm0HEwQwMwAVCU5fYd1VANLxogO6uD1VRTVbXRW/yl9BKGEjpeinQDMuZ:2
+:gkqSd6XW9yaVqGp1bxd27WLqOdeuhx6U2VHSx1upNY/IjnRrtLdauJNOo5kt18LUlx6wqqaDQByUJ63.lhSd/DRN8T77Q7bPW0WFn6kPKetV80G6LUWm0HEwQwMwAVCU5fYd1VANLxogO6uD1VRTVbXRW/yl9BKGEjpeinQNGwZ:2
+:gkqSd6XW9yaVqGp1bxd27WLqOdeuhx6U2VHSx1upNY/IjnRrtLdauJNOo5kt18LUlx6wqqaDQByUJ63.lhSd/DRN8T77Q7bPW0WFn6kPKetV80G6LUWm0HEwQwMwAVCU5fYd1VANLxogO6uD1VRTVbXRW/yl9BKGEjpeinQNGwZ:2
+:4wtEYp5YHyOWToTDc9nGMiXb7qwcEjDnMadhzzmgfq/2WAoED2D5FiTdvN7w3FPQbOLf9caZ6m.xpq6BzAIxuhjzD91D59IIU2VQsQDD23HUpGDqraXu5MXA/y9vXKrkxdBBUK65NCHlq.u5RhGGfNmmOOND4.FPEiipRhZsAyOSCHi9ajhxqrg3NAHggqld7AYXIvYq/TSg254Lt4PJ7t4RfAr1KpghHE.3dNbIjyHbMZC9xlkyF.ZV8HENvOto8rbiQLg9axvzWUnIkOaQKUpc8FthZ4qThOVvURetNDurUzrur6SkeNPI6fxmmEX2rYpUymcsxIpK7B0fAMmuyx:2
+:4wtEYp5YHyOWToTDc9nGMiXb7qwcEjDnMadhzzmgfq/2WAoED2D5FiTdvN7w3FPQbOLf9caZ6m.xpq6BzAIxuhjzD91D59IIU2VQsQDD23HUpGDqraXu5MXA/y9vXKrkxdBBUK65NCHlq.u5RhGGfNmmOOND4.FPEiipRhZsAyOSCHi9ajhxqrg3NAHggqld7AYXIvYq/TSg254Lt4PJ7t4RfAr1KpghHE.3dNbIjyHbMZC9xlkyF.ZV8HENvOto8rbiQLg9axvzWUnIkOaQKUpc8FthZ4qThOVvURetNDurUzrur6SkeNPI6fxmmEX2rYpUymcsxIpK7B0fAMuhKB:2
+:4wtEYp5YHyOWToTDc9nGMiXb7qwcEjDnMadhzzmgfq/2WAoED2D5FiTdvN7w3FPQbOLf9caZ6m.xpq6BzAIxuhjzD91D59IIU2VQsQDD23HUpGDqraXu5MXA/y9vXKrkxdBBUK65NCHlq.u5RhGGfNmmOOND4.FPEiipRhZsAyOSCHi9ajhxqrg3NAHggqld7AYXIvYq/TSg254Lt4PJ7t4RfAr1KpghHE.3dNbIjyHbMZC9xlkyF.ZV8HENvOto8rbiQLg9axvzWUnIkOaQKUpc8FthZ4qThOVvURetNDurUzrur6SkeNPI6fxmmEX2rYpUymcsxIpK7B0fANG4rZ:2
+:4wtEYp5YHyOWToTDc9nGMiXb7qwcEjDnMadhzzmgfq/2WAoED2D5FiTdvN7w3FPQbOLf9caZ6m.xpq6BzAIxuhjzD91D59IIU2VQsQDD23HUpGDqraXu5MXA/y9vXKrkxdBBUK65NCHlq.u5RhGGfNmmOOND4.FPEiipRhZsAyOSCHi9ajhxqrg3NAHggqld7AYXIvYq/TSg254Lt4PJ7t4RfAr1KpghHE.3dNbIjyHbMZC9xlkyF.ZV8HENvOto8rbiQLg9axvzWUnIkOaQKUpc8FthZ4qThOVvURetNDurUzrur6SkeNPI6fxmmEX2rYpUymcsxIpK7B0fANiobh:2
+:4wtEYp5YHyOWToTDc9nGMiXb7qwcEjDnMadhzzmgfq/2WAoED2D5FiTdvN7w3FPQbOLf9caZ6m.xpq6BzAIxuhjzD91D59IIU2VQsQDD23HUpGDqraXu5MXA/y9vXKrkxdBBUK65NCHlq.u5RhGGfNmmOOND4.FPEiipRhZsAyOSCHi9ajhxqrg3NAHggqld7AYXIvYq/TSg254Lt4PJ7t4RfAr1KpghHE.3dNbIjyHbMZC9xlkyF.ZV8HENvOto8rbiQLg9axvzWUnIkOaQKUpc8FthZ4qThOVvURetNDurUzrur6SkeNPI6fxmmEX2rYpUymcsxIpK7B0fAO/D.B:2
+:4wtEYp5YHyOWToTDc9nGMiXb7qwcEjDnMadhzzmgfq/2WAoED2D5FiTdvN7w3FPQbOLf9caZ6m.xpq6BzAIxuhjzD91D59IIU2VQsQDD23HUpGDqraXu5MXA/y9vXKrkxdBBUK65NCHlq.u5RhGGfNmmOOND4.FPEiipRhZsAyOSCHi9ajhxqrg3NAHggqld7AYXIvYq/TSg254Lt4PJ7t4RfAr1KpghHE.3dNbIjyHbMZC9xlkyF.ZV8HENvOto8rbiQLg9axvzWUnIkOaQKUpc8FthZ4qThOVvURetNDurUzrur6SkeNPI6fxmmEX2rYpUymcsxIpK7B0fAODm8x:2
+:4wtEYp5YHyOWToTDc9nGMiXb7qwcEjDnMadhzzmgfq/2WAoED2D5FiTdvN7w3FPQbOLf9caZ6m.xpq6BzAIxuhjzD91D59IIU2VQsQDD23HUpGDqraXu5MXA/y9vXKrkxdBBUK65NCHlq.u5RhGGfNmmOOND4.FPEiipRhZsAyOSCHi9ajhxqrg3NAHggqld7AYXIvYq/TSg254Lt4PJ7t4RfAr1KpghHE.3dNbIjyHbMZC9xlkyF.ZV8HENvOto8rbiQLg9axvzWUnIkOaQKUpc8FthZ4qThOVvURetNDurUzrur6SkeNPI6fxmmEX2rYpUymcsxIpK7B0fAPqjtB:2
+:4wtEYp5YHyOWToTDc9nGMiXb7qwcEjDnMadhzzmgfq/2WAoED2D5FiTdvN7w3FPQbOLf9caZ6m.xpq6BzAIxuhjzD91D59IIU2VQsQDD23HUpGDqraXu5MXA/y9vXKrkxdBBUK65NCHlq.u5RhGGfNmmOOND4.FPEiipRhZsAyOSCHi9ajhxqrg3NAHggqld7AYXIvYq/TSg254Lt4PJ7t4RfAr1KpghHE.3dNbIjyHbMZC9xlkyF.ZV8HENvOto8rbiQLg9axvzWUnIkOaQKUpc8FthZ4qThOVvURetNDurUzrur6SkeNPI6fxmmEX2rYpUymcsxIpK7B0fAQ1hxB:2
+:4wtEYp5YHyOWToTDc9nGMiXb7qwcEjDnMadhzzmgfq/2WAoED2D5FiTdvN7w3FPQbOLf9caZ6m.xpq6BzAIxuhjzD91D59IIU2VQsQDD23HUpGDqraXu5MXA/y9vXKrkxdBBUK65NCHlq.u5RhGGfNmmOOND4.FPEiipRhZsAyOSCHi9ajhxqrg3NAHggqld7AYXIvYq/TSg254Lt4PJ7t4RfAr1KpghHE.3dNbIjyHbMZC9xlkyF.ZV8HENvOto8rbiQLg9axvzWUnIkOaQKUpc8FthZ4qThOVvURetNDurUzrur6SkeNPI6fxmmEX2rYpUymcsxIpK7B0fAQA.8J:2
+:4wtEYp5YHyOWToTDc9nGMiXb7qwcEjDnMadhzzmgfq/2WAoED2D5FiTdvN7w3FPQbOLf9caZ6m.xpq6BzAIxuhjzD91D59IIU2VQsQDD23HUpGDqraXu5MXA/y9vXKrkxdBBUK65NCHlq.u5RhGGfNmmOOND4.FPEiipRhZsAyOSCHi9ajhxqrg3NAHggqld7AYXIvYq/TSg254Lt4PJ7t4RfAr1KpghHE.3dNbIjyHbMZC9xlkyF.ZV8HENvOto8rbiQLg9axvzWUnIkOaQKUpc8FthZ4qThOVvURetNDurUzrur6SkeNPI6fxmmEX2rYpUymcsxIpK7B0fAQVn3h:2
+:4wtEYp5YHyOWToTDc9nGMiXb7qwcEjDnMadhzzmgfq/2WAoED2D5FiTdvN7w3FPQbOLf9caZ6m.xpq6BzAIxuhjzD91D59IIU2VQsQDD23HUpGDqraXu5MXA/y9vXKrkxdBBUK65NCHlq.u5RhGGfNmmOOND4.FPEiipRhZsAyOSCHi9ajhxqrg3NAHggqld7AYXIvYq/TSg254Lt4PJ7t4RfAr1KpghHE.3dNbIjyHbMZC9xlkyF.ZV8HENvOto8rbiQLg9axvzWUnIkOaQKUpc8FthZ4qThOVvURetNDurUzrur6SkeNPI6fxmmEX2rYpUymcsxIpK7B0fARbdZZ:2
+:4wtEYp5YHyOWToTDc9nGMiXb7qwcEjDnMadhzzmgfq/2WAoED2D5FiTdvN7w3FPQbOLf9caZ6m.xpq6BzAIxuhjzD91D59IIU2VQsQDD23HUpGDqraXu5MXA/y9vXKrkxdBBUK65NCHlq.u5RhGGfNmmOOND4.FPEiipRhZsAyOSCHi9ajhxqrg3NAHggqld7AYXIvYq/TSg254Lt4PJ7t4RfAr1KpghHE.3dNbIjyHbMZC9xlkyF.ZV8HENvOto8rbiQLg9axvzWUnIkOaQKUpc8FthZ4qThOVvURetNDurUzrur6SkeNPI6fxmmEX2rYpUymcsxIpK7B0fARoLEJ:2
+:4wtEYp5YHyOWToTDc9nGMiXb7qwcEjDnMadhzzmgfq/2WAoED2D5FiTdvN7w3FPQbOLf9caZ6m.xpq6BzAIxuhjzD91D59IIU2VQsQDD23HUpGDqraXu5MXA/y9vXKrkxdBBUK65NCHlq.u5RhGGfNmmOOND4.FPEiipRhZsAyOSCHi9ajhxqrg3NAHggqld7AYXIvYq/TSg254Lt4PJ7t4RfAr1KpghHE.3dNbIjyHbMZC9xlkyF.ZV8HENvOto8rbiQLg9axvzWUnIkOaQKUpc8FthZ4qThOVvURetNDurUzrur6SkeNPI6fxmmEX2rYpUymcsxIpK7B0fAS0SIp:2
+:4wtEYp5YHyOWToTDc9nGMiXb7qwcEjDnMadhzzmgfq/2WAoED2D5FiTdvN7w3FPQbOLf9caZ6m.xpq6BzAIxuhjzD91D59IIU2VQsQDD23HUpGDqraXu5MXA/y9vXKrkxdBBUK65NCHlq.u5RhGGfNmmOOND4.FPEiipRhZsAyOSCHi9ajhxqrg3NAHggqld7AYXIvYq/TSg254Lt4PJ7t4RfAr1KpghHE.3dNbIjyHbMZC9xlkyF.ZV8HENvOto8rbiQLg9axvzWUnIkOaQKUpc8FthZ4qThOVvURetNDurUzrur6SkeNPI6fxmmEX2rYpUymcsxIpK7B0fASINr3:2
+:4wtEYp5YHyOWToTDc9nGMiXb7qwcEjDnMadhzzmgfq/2WAoED2D5FiTdvN7w3FPQbOLf9caZ6m.xpq6BzAIxuhjzD91D59IIU2VQsQDD23HUpGDqraXu5MXA/y9vXKrkxdBBUK65NCHlq.u5RhGGfNmmOOND4.FPEiipRhZsAyOSCHi9ajhxqrg3NAHggqld7AYXIvYq/TSg254Lt4PJ7t4RfAr1KpghHE.3dNbIjyHbMZC9xlkyF.ZV8HENvOto8rbiQLg9axvzWUnIkOaQKUpc8FthZ4qThOVvURetNDurUzrur6SkeNPI6fxmmEX2rYpUymcsxIpK7B0fASKzKB:2
+:4wtEYp5YHyOWToTDc9nGMiXb7qwcEjDnMadhzzmgfq/2WAoED2D5FiTdvN7w3FPQbOLf9caZ6m.xpq6BzAIxuhjzD91D59IIU2VQsQDD23HUpGDqraXu5MXA/y9vXKrkxdBBUK65NCHlq.u5RhGGfNmmOOND4.FPEiipRhZsAyOSCHi9ajhxqrg3NAHggqld7AYXIvYq/TSg254Lt4PJ7t4RfAr1KpghHE.3dNbIjyHbMZC9xlkyF.ZV8HENvOto8rbiQLg9axvzWUnIkOaQKUpc8FthZ4qThOVvURetNDurUzrur6SkeNPI6fxmmEX2rYpUymcsxIpK7B0fASsn63:2
+:4wtEYp5YHyOWToTDc9nGMiXb7qwcEjDnMadhzzmgfq/2WAoED2D5FiTdvN7w3FPQbOLf9caZ6m.xpq6BzAIxuhjzD91D59IIU2VQsQDD23HUpGDqraXu5MXA/y9vXKrkxdBBUK65NCHlq.u5RhGGfNmmOOND4.FPEiipRhZsAyOSCHi9ajhxqrg3NAHggqld7AYXIvYq/TSg254Lt4PJ7t4RfAr1KpghHE.3dNbIjyHbMZC9xlkyF.ZV8HENvOto8rbiQLg9axvzWUnIkOaQKUpc8FthZ4qThOVvURetNDurUzrur6SkeNPI6fxmmEX2rYpUymcsxIpK7B0fAT2GSx:2
+:4wtEYp5YHyOWToTDc9nGMiXb7qwcEjDnMadhzzmgfq/2WAoED2D5FiTdvN7w3FPQbOLf9caZ6m.xpq6BzAIxuhjzD91D59IIU2VQsQDD23HUpGDqraXu5MXA/y9vXKrkxdBBUK65NCHlq.u5RhGGfNmmOOND4.FPEiipRhZsAyOSCHi9ajhxqrg3NAHggqld7AYXIvYq/TSg254Lt4PJ7t4RfAr1KpghHE.3dNbIjyHbMZC9xlkyF.ZV8HENvOto8rbiQLg9axvzWUnIkOaQKUpc8FthZ4qThOVvURetNDurUzrur6SkeNPI6fxmmEX2rYpUymcsxIpK7B0fAT4gu3:2
+:4wtEYp5YHyOWToTDc9nGMiXb7qwcEjDnMadhzzmgfq/2WAoED2D5FiTdvN7w3FPQbOLf9caZ6m.xpq6BzAIxuhjzD91D59IIU2VQsQDD23HUpGDqraXu5MXA/y9vXKrkxdBBUK65NCHlq.u5RhGGfNmmOOND4.FPEiipRhZsAyOSCHi9ajhxqrg3NAHggqld7AYXIvYq/TSg254Lt4PJ7t4RfAr1KpghHE.3dNbIjyHbMZC9xlkyF.ZV8HENvOto8rbiQLg9axvzWUnIkOaQKUpc8FthZ4qThOVvURetNDurUzrur6SkeNPI6fxmmEX2rYpUymcsxIpK7B0fATL7CZ:2
+:4wtEYp5YHyOWToTDc9nGMiXb7qwcEjDnMadhzzmgfq/2WAoED2D5FiTdvN7w3FPQbOLf9caZ6m.xpq6BzAIxuhjzD91D59IIU2VQsQDD23HUpGDqraXu5MXA/y9vXKrkxdBBUK65NCHlq.u5RhGGfNmmOOND4.FPEiipRhZsAyOSCHi9ajhxqrg3NAHggqld7AYXIvYq/TSg254Lt4PJ7t4RfAr1KpghHE.3dNbIjyHbMZC9xlkyF.ZV8HENvOto8rbiQLg9axvzWUnIkOaQKUpc8FthZ4qThOVvURetNDurUzrur6SkeNPI6fxmmEX2rYpUymcsxIpK7B0fATPQAZ:2
+:4wtEYp5YHyOWToTDc9nGMiXb7qwcEjDnMadhzzmgfq/2WAoED2D5FiTdvN7w3FPQbOLf9caZ6m.xpq6BzAIxuhjzD91D59IIU2VQsQDD23HUpGDqraXu5MXA/y9vXKrkxdBBUK65NCHlq.u5RhGGfNmmOOND4.FPEiipRhZsAyOSCHi9ajhxqrg3NAHggqld7AYXIvYq/TSg254Lt4PJ7t4RfAr1KpghHE.3dNbIjyHbMZC9xlkyF.ZV8HENvOto8rbiQLg9axvzWUnIkOaQKUpc8FthZ4qThOVvURetNDurUzrur6SkeNPI6fxmmEX2rYpUymcsxIpK7B0fATPhDp:2
+:4wtEYp5YHyOWToTDc9nGMiXb7qwcEjDnMadhzzmgfq/2WAoED2D5FiTdvN7w3FPQbOLf9caZ6m.xpq6BzAIxuhjzD91D59IIU2VQsQDD23HUpGDqraXu5MXA/y9vXKrkxdBBUK65NCHlq.u5RhGGfNmmOOND4.FPEiipRhZsAyOSCHi9ajhxqrg3NAHggqld7AYXIvYq/TSg254Lt4PJ7t4RfAr1KpghHE.3dNbIjyHbMZC9xlkyF.ZV8HENvOto8rbiQLg9axvzWUnIkOaQKUpc8FthZ4qThOVvURetNDurUzrur6SkeNPI6fxmmEX2rYpUymcsxIpK7B0fATaZmJ:2
+:4wtEYp5YHyOWToTDc9nGMiXb7qwcEjDnMadhzzmgfq/2WAoED2D5FiTdvN7w3FPQbOLf9caZ6m.xpq6BzAIxuhjzD91D59IIU2VQsQDD23HUpGDqraXu5MXA/y9vXKrkxdBBUK65NCHlq.u5RhGGfNmmOOND4.FPEiipRhZsAyOSCHi9ajhxqrg3NAHggqld7AYXIvYq/TSg254Lt4PJ7t4RfAr1KpghHE.3dNbIjyHbMZC9xlkyF.ZV8HENvOto8rbiQLg9axvzWUnIkOaQKUpc8FthZ4qThOVvURetNDurUzrur6SkeNPI6fxmmEX2rYpUymcsxIpK7B0fATdepZ:2
+:4wtEYp5YHyOWToTDc9nGMiXb7qwcEjDnMadhzzmgfq/2WAoED2D5FiTdvN7w3FPQbOLf9caZ6m.xpq6BzAIxuhjzD91D59IIU2VQsQDD23HUpGDqraXu5MXA/y9vXKrkxdBBUK65NCHlq.u5RhGGfNmmOOND4.FPEiipRhZsAyOSCHi9ajhxqrg3NAHggqld7AYXIvYq/TSg254Lt4PJ7t4RfAr1KpghHE.3dNbIjyHbMZC9xlkyF.ZV8HENvOto8rbiQLg9axvzWUnIkOaQKUpc8FthZ4qThOVvURetNDurUzrur6SkeNPI6fxmmEX2rYpUymcsxIpK7B0fAToFvh:2
+:4wtEYp5YHyOWToTDc9nGMiXb7qwcEjDnMadhzzmgfq/2WAoED2D5FiTdvN7w3FPQbOLf9caZ6m.xpq6BzAIxuhjzD91D59IIU2VQsQDD23HUpGDqraXu5MXA/y9vXKrkxdBBUK65NCHlq.u5RhGGfNmmOOND4.FPEiipRhZsAyOSCHi9ajhxqrg3NAHggqld7AYXIvYq/TSg254Lt4PJ7t4RfAr1KpghHE.3dNbIjyHbMZC9xlkyF.ZV8HENvOto8rbiQLg9axvzWUnIkOaQKUpc8FthZ4qThOVvURetNDurUzrur6SkeNPI6fxmmEX2rYpUymcsxIpK7B0fAU0I7h:2
+:4wtEYp5YHyOWToTDc9nGMiXb7qwcEjDnMadhzzmgfq/2WAoED2D5FiTdvN7w3FPQbOLf9caZ6m.xpq6BzAIxuhjzD91D59IIU2VQsQDD23HUpGDqraXu5MXA/y9vXKrkxdBBUK65NCHlq.u5RhGGfNmmOOND4.FPEiipRhZsAyOSCHi9ajhxqrg3NAHggqld7AYXIvYq/TSg254Lt4PJ7t4RfAr1KpghHE.3dNbIjyHbMZC9xlkyF.ZV8HENvOto8rbiQLg9axvzWUnIkOaQKUpc8FthZ4qThOVvURetNDurUzrur6SkeNPI6fxmmEX2rYpUymcsxIpK7B0fAU2JxR:2
diff -burN openssh-3.7.1p2/moduli2tconf.c openssh/moduli2tconf.c
--- openssh-3.7.1p2/moduli2tconf.c	1969-12-31 16:00:00.000000000 -0800
+++ openssh/moduli2tconf.c	2004-02-08 01:41:22.000000000 -0800
@@ -0,0 +1,116 @@
+/* SRP implementation for OpenSSH by Dr. Tom <tomh@kurage.nimh.nih.gov>. */
+
+#include "includes.h"
+
+#include <openssl/bn.h>
+
+#include "xmalloc.h"
+#include "log.h"
+#include "srp.h"
+
+/* argv0 */
+#ifdef HAVE___PROGNAME
+extern char *__progname;
+#else
+char *__progname;
+#endif
+
+void parse_prime(char *buf, BIGNUM *p, BIGNUM *g);
+void write_tconf(const BIGNUM *p, const BIGNUM *g);
+
+/*
+ * Convert the "moduli" file into libsrp base64 format.  The result,
+ * along with other parameters from existing /etc/tpasswd.conf files (that
+ * differ from the libsrp defaults, which are already in libsrp.conf),
+ * is then passed to the tconf2embed program which makes the parameters
+ * into a C file that can be linked with ssh and sshd.
+ */
+int
+main(int argc, char **argv)
+{
+	char buf[8 * 1024];
+	FILE *infile;
+	BIGNUM *p, *g;
+
+	__progname = ssh_get_progname(*argv);
+
+	if (argc != 2) {
+		fprintf(stderr,
+		    "usage: %s <primes file>\n"
+		    "output appears on stdout\n", __progname);
+		exit(1);
+	}
+
+	if ((p = BN_new()) == NULL || (g = BN_new()) == NULL) {
+		fprintf(stderr, "can't allocate BIGNUMs\n");
+		exit(1);
+	}
+
+	if ((infile = fopen(argv[1], "r")) == NULL) {
+		fprintf(stderr, "file '%s' not found\n", argv[1]);
+		exit(1);
+	}
+
+	printf("# These are the primes and generators from the file '%s'.\n",
+	    argv[1]);
+	while (fgets(buf, sizeof(buf), infile) != NULL) {
+		if (buf[0] == '#' || buf[0] == '\n')
+			continue;
+		parse_prime(buf, p, g);
+		write_tconf(p, g);
+	}
+
+	fclose(infile);
+	return 0;
+}
+
+char Fieldsep[] = { ' ', '\0' };
+
+void
+parse_prime(char *buf, BIGNUM *p, BIGNUM *g)
+{
+	char *s, *prime, *gen;
+	static int lineno = 1;
+
+	s = buf;
+	if (strsep(&s, Fieldsep) == NULL)                       /* time */
+		goto err;
+	if (strsep(&s, Fieldsep) == NULL)                       /* type */
+		goto err;
+	if (strsep(&s, Fieldsep) == NULL)                       /* tests */
+		goto err;
+	if (strsep(&s, Fieldsep) == NULL)                       /* tries */
+		goto err;
+	if (strsep(&s, Fieldsep) == NULL)                       /* size */
+		goto err;
+	if ((gen = strsep(&s, Fieldsep)) == NULL)               /* gen */
+		goto err;
+	if ((prime = strsep(&s, Fieldsep)) == NULL)             /* prime */
+		goto err;
+	if (s != NULL)
+		goto err;
+
+	if (!BN_hex2bn(&p, prime))
+		goto err;
+	if (!BN_hex2bn(&g, gen))
+		goto err;
+
+	lineno++;
+	return;
+
+err:
+	fprintf(stderr, "%s: parse error on line %d\n", __progname, lineno);
+	exit(1);
+}
+
+void
+write_tconf(const BIGNUM *p, const BIGNUM *g)
+{
+	char buf[8 * 1024];
+	static int index = 1;
+
+	printf("%d:", index);
+	printf("%s:", srp_bn2tfmt(buf, p));
+	printf("%s\n", srp_bn2tfmt(buf, g));
+	index++;
+}
diff -burN openssh-3.7.1p2/monitor.c openssh/monitor.c
--- openssh-3.7.1p2/monitor.c	2003-09-02 14:32:46.000000000 -0700
+++ openssh/monitor.c	2004-02-08 01:41:22.000000000 -0800
@@ -58,6 +58,7 @@
 #include "compat.h"
 #include "ssh2.h"
 #include "mpaux.h"
+#include "srp.h"
 
 #ifdef GSSAPI
 #include "ssh-gss.h"
@@ -110,6 +111,8 @@
 int mm_answer_bsdauthrespond(int, Buffer *);
 int mm_answer_skeyquery(int, Buffer *);
 int mm_answer_skeyrespond(int, Buffer *);
+int mm_answer_srp_param(int, Buffer *);
+int mm_answer_srp_done(int, Buffer *);
 int mm_answer_keyallowed(int, Buffer *);
 int mm_answer_keyverify(int, Buffer *);
 int mm_answer_pty(int, Buffer *);
@@ -187,6 +190,8 @@
     {MONITOR_REQ_SKEYQUERY, MON_ISAUTH, mm_answer_skeyquery},
     {MONITOR_REQ_SKEYRESPOND, MON_AUTH, mm_answer_skeyrespond},
 #endif
+    {MONITOR_REQ_SRP_PARAM, MON_ISAUTH, mm_answer_srp_param},
+    {MONITOR_REQ_SRP_DONE, MON_AUTH, mm_answer_srp_done},
     {MONITOR_REQ_KEYALLOWED, MON_ISAUTH, mm_answer_keyallowed},
     {MONITOR_REQ_KEYVERIFY, MON_AUTH, mm_answer_keyverify},
 #ifdef GSSAPI
@@ -911,6 +916,47 @@
 }
 #endif
 
+int
+mm_answer_srp_param(int socket, Buffer *m)
+{
+       int res;
+       SRP_CTX *srp;
+       int auth_srp_param(Authctxt *authctxt);
+
+if (authctxt->srp) fatal("unexpected SRP context");
+if (!authctxt->valid) debug3("%s: invalid user, pw = %p", __func__, authctxt->pw);
+       srp = SRP_CTX_new();
+       authctxt->srp = srp;
+       res = auth_srp_param(authctxt);
+       authctxt->srp = NULL;
+
+       buffer_clear(m);
+       buffer_put_int(m, res);
+       if (res) {
+               buffer_put_string(m, srp->salt, srp->slen);
+               buffer_put_bignum2(m, srp->p);
+               buffer_put_bignum2(m, srp->g);
+               buffer_put_bignum2(m, srp->v);
+       }
+
+       SRP_CTX_free(srp);
+
+       debug3("%s: sending SRP parameters", __func__);
+       mm_request_send(socket, MONITOR_ANS_SRP_PARAM, m);
+
+       return (0);
+}
+
+int
+mm_answer_srp_done(int socket, Buffer *m)
+{
+       int authenticated;
+
+       authenticated = buffer_get_int(m);
+       auth_method = SRP_GEX_SHA1;
+       return authenticated;
+}
+
 static void
 mm_append_debug(Buffer *m)
 {
diff -burN openssh-3.7.1p2/monitor.h openssh/monitor.h
--- openssh-3.7.1p2/monitor.h	2003-09-02 05:51:17.000000000 -0700
+++ openssh/monitor.h	2004-02-08 09:11:13.000000000 -0800
@@ -39,6 +39,7 @@
 	MONITOR_REQ_BSDAUTHRESPOND, MONITOR_ANS_BSDAUTHRESPOND,
 	MONITOR_REQ_SKEYQUERY, MONITOR_ANS_SKEYQUERY,
 	MONITOR_REQ_SKEYRESPOND, MONITOR_ANS_SKEYRESPOND,
+	MONITOR_REQ_SRP_PARAM, MONITOR_ANS_SRP_PARAM, MONITOR_REQ_SRP_DONE,
 	MONITOR_REQ_KEYALLOWED, MONITOR_ANS_KEYALLOWED,
 	MONITOR_REQ_KEYVERIFY, MONITOR_ANS_KEYVERIFY,
 	MONITOR_REQ_KEYEXPORT,
diff -burN openssh-3.7.1p2/monitor_wrap.c openssh/monitor_wrap.c
--- openssh-3.7.1p2/monitor_wrap.c	2003-09-02 05:51:17.000000000 -0700
+++ openssh/monitor_wrap.c	2004-02-08 01:41:22.000000000 -0800
@@ -48,6 +48,7 @@
 #include "monitor_fdpass.h"
 #include "getput.h"
 #include "servconf.h"
+#include "srp.h"
 
 #include "auth.h"
 #include "channels.h"
@@ -958,6 +959,45 @@
 	return ((authok == 0) ? -1 : 0);
 }
 
+/* Request the user's SRP parameters. */
+
+int
+mm_auth_srp_param(Authctxt *authctxt)
+{
+       int res;
+       Buffer m;
+       SRP_CTX *srp;
+
+       buffer_init(&m);
+
+       mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_SRP_PARAM, &m);
+       mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_SRP_PARAM, &m);
+
+       srp = authctxt->srp;
+       res = buffer_get_int(&m);
+       if (res) {
+               srp->salt = buffer_get_string(&m, &srp->slen);
+               buffer_get_bignum2(&m, srp->p);
+               buffer_get_bignum2(&m, srp->g);
+               buffer_get_bignum2(&m, srp->v);
+       }
+
+       buffer_free(&m);
+
+       return res;
+}
+
+void
+mm_send_srp_done(int authenticated)
+{
+       Buffer m;
+
+       buffer_init(&m);
+       buffer_put_int(&m, authenticated);
+       mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_SRP_DONE, &m);
+       buffer_free(&m);
+}
+
 void
 mm_ssh1_session_id(u_char session_id[16])
 {
diff -burN openssh-3.7.1p2/monitor_wrap.h openssh/monitor_wrap.h
--- openssh-3.7.1p2/monitor_wrap.h	2003-09-02 05:51:17.000000000 -0700
+++ openssh/monitor_wrap.h	2004-02-08 01:41:33.000000000 -0800
@@ -96,6 +96,10 @@
 int mm_skey_query(void *, char **, char **, u_int *, char ***, u_int **);
 int mm_skey_respond(void *, u_int, char **);
 
+/* srp */
+int mm_auth_srp_param(struct Authctxt *);
+void mm_send_srp_done(int);
+
 /* zlib allocation hooks */
 
 void *mm_zalloc(struct mm_master *, u_int, u_int);
diff -burN openssh-3.7.1p2/p4096.conf openssh/p4096.conf
--- openssh-3.7.1p2/p4096.conf	1969-12-31 16:00:00.000000000 -0800
+++ openssh/p4096.conf	2004-02-08 01:41:33.000000000 -0800
@@ -0,0 +1 @@
+:AM7BtDyz2O8KXDNPqZkkBkMKa4ou3n90KNJxBfMj8foNCgHT5a7KPWM1ndolQHmNgocnUrNG4ioHKLo2ASvuZzySYXtCr8DklWPIapIh6lT8QZ31tbZV5F/n54ILiMxUtZ.WUZCM6/NY7PuLT4MfZuZ5V7JzP5sEZELNwhje7id6uBAga7bCtolgxrbzfE2emTQE/Ej98caI1saBUXG2wAGdKn5k49Ub4BCA1w0Kqa0tOs1rqivELl33Q/2Yh7thA/XcPfgvRQZbvW.mGtVHMsM1WI.wtWeBv1hiWONLIzMMgn.tfPJy45Bf1hIqGzJGrw1mfJaQDdACYRmTU5MFfqyZyaECaO4vGPk1TPwbVIAqwC6T5xfSUL39DPHnc5FW12dJvys2PC62qQ81DukFxI0ec7V/DRgCRKoXoFluKkF88uTpB7RRpLe9F0ELBkPLD3YnnOeHS22YJLm.AEAy03j9OBksbT2jYIfor5z2sgAOVDdGQJLErHS7xwK9Ebn1WPgcT1p8Zr/w4EgZhSt6zoWNhWNcgz9AzMnKmbyXwBTiNnYQCNfG61NoWeaTvwy8HhZPtvxbaCEdE/tz3mV39TP5PKoQkXvlxpEC/sDGUx8UXp8Sr3AkTe/AE8TU44cUZQN93WwX3SUL8YzqqC3QZSg4YSbs6FBhp7gsVY2XFp3:2
diff -burN openssh-3.7.1p2/pathnames.h openssh/pathnames.h
--- openssh-3.7.1p2/pathnames.h	2002-06-06 12:57:34.000000000 -0700
+++ openssh/pathnames.h	2004-02-08 01:41:33.000000000 -0800
@@ -98,6 +98,16 @@
 #define _PATH_SSH_USER_PERMITTED_KEYS2	".ssh/authorized_keys2"
 
 /*
+ * The locations of the files that hold the verifiers and groups used
+ * by the SRP protocol.
+ */
+#define _PATH_SSH_USER_VERIFIER         _PATH_SSH_USER_DIR "/verifier"
+#define _PATH_SSH_SYSTEM_VERIFIER       SSHDIR "/verifier"
+#define _PATH_SSH_SYSTEM_SRPGROUPS      SSHDIR "/verifier.conf"
+#define _PATH_SSH_LIBSRP_TPASSWD        "/etc/tpasswd"
+#define _PATH_SSH_LIBSRP_TPASSWD_CONF   "/etc/tpasswd.conf"
+
+/*
  * Per-user and system-wide ssh "rc" files.  These files are executed with
  * /bin/sh before starting the shell or command if they exist.  They will be
  * passed "proto cookie" as arguments if X11 forwarding with spoofing is in
diff -burN openssh-3.7.1p2/readconf.c openssh/readconf.c
--- openssh-3.7.1p2/readconf.c	2003-09-02 05:58:22.000000000 -0700
+++ openssh/readconf.c	2004-02-08 01:41:33.000000000 -0800
@@ -91,7 +91,7 @@
 	oBadOption,
 	oForwardAgent, oForwardX11, oGatewayPorts,
 	oPasswordAuthentication, oRSAAuthentication,
-	oChallengeResponseAuthentication, oXAuthLocation,
+	oChallengeResponseAuthentication, oXAuthLocation, oSRPAuthentication,
 	oIdentityFile, oHostName, oPort, oCipher, oRemoteForward, oLocalForward,
 	oUser, oHost, oEscapeChar, oRhostsRSAAuthentication, oProxyCommand,
 	oGlobalKnownHostsFile, oUserKnownHostsFile, oConnectionAttempts,
@@ -141,6 +141,7 @@
 	{ "gssapiauthentication", oUnsupported },
 	{ "gssapidelegatecredentials", oUnsupported },
 #endif
+	{ "srpauthentication", oSRPAuthentication },
 	{ "fallbacktorsh", oDeprecated },
 	{ "usersh", oDeprecated },
 	{ "identityfile", oIdentityFile },
@@ -390,6 +391,10 @@
 		intptr = &options->gss_deleg_creds;
 		goto parse_flag;
 
+	case oSRPAuthentication:
+		intptr = &options->srp_authentication;
+		goto parse_flag;
+
 	case oBatchMode:
 		intptr = &options->batch_mode;
 		goto parse_flag;
@@ -814,6 +819,7 @@
 	options->challenge_response_authentication = -1;
 	options->gss_authentication = -1;
 	options->gss_deleg_creds = -1;
+	options->srp_authentication = -1;
 	options->password_authentication = -1;
 	options->kbd_interactive_authentication = -1;
 	options->kbd_interactive_devices = NULL;
@@ -888,6 +894,8 @@
 		options->gss_authentication = 1;
 	if (options->gss_deleg_creds == -1)
 		options->gss_deleg_creds = 0;
+	if (options->srp_authentication == -1)
+		options->srp_authentication = 1;
 	if (options->password_authentication == -1)
 		options->password_authentication = 1;
 	if (options->kbd_interactive_authentication == -1)
diff -burN openssh-3.7.1p2/readconf.h openssh/readconf.h
--- openssh-3.7.1p2/readconf.h	2003-09-02 05:58:22.000000000 -0700
+++ openssh/readconf.h	2004-02-08 01:41:45.000000000 -0800
@@ -42,6 +42,7 @@
 					/* Try S/Key or TIS, authentication. */
 	int     gss_authentication;	/* Try GSS authentication */
 	int     gss_deleg_creds;	/* Delegate GSS credentials */
+	int     srp_authentication;	/* Try SRP authentication. */
 	int     password_authentication;	/* Try password
 						 * authentication. */
 	int     kbd_interactive_authentication; /* Try keyboard-interactive auth. */
diff -burN openssh-3.7.1p2/readtconf.c openssh/readtconf.c
--- openssh-3.7.1p2/readtconf.c	1969-12-31 16:00:00.000000000 -0800
+++ openssh/readtconf.c	2004-02-08 01:41:45.000000000 -0800
@@ -0,0 +1,136 @@
+/* SRP implementation for OpenSSH by Dr. Tom <tomh@kurage.nimh.nih.gov>. */
+
+#include "includes.h"
+
+#include <openssl/bn.h>
+
+#include "xmalloc.h"
+#include "srp.h"
+
+/* argv0 */
+#ifdef HAVE___PROGNAME
+extern char *__progname;
+#else
+char *__progname;
+#endif
+
+void parse_tconf(char *buf, BIGNUM *p, BIGNUM *g);
+
+/*
+ * Read a tpasswd.conf file in the format used by libsrp and check the
+ * primes.  Used for testing.
+ */
+int
+main(int argc, char **argv)
+{
+	char buf[8 * 1024];
+	int gen;
+	FILE *infile;
+	BIGNUM *p, *g, *q, *r;
+	BN_CTX *ctx;
+	BN_ULONG l;
+
+	__progname = ssh_get_progname(*argv);
+
+	if (argc != 2) {
+		fprintf(stderr, "usage: %s <tconf file>\n", __progname);
+		exit(1);
+	}
+
+	if ((p = BN_new()) == NULL || (g = BN_new()) == NULL ||
+	    (q = BN_new()) == NULL || (r = BN_new()) == NULL) {
+		fprintf(stderr, "can't allocate BIGNUMs\n");
+		exit(1);
+	}
+	if ((ctx = BN_CTX_new()) == NULL) {
+		fprintf(stderr, "can't allocate BN_CTX\n");
+		exit(1);
+	}
+
+	if ((infile = fopen(argv[1], "r")) == NULL) {
+		fprintf(stderr, "file '%s' not found\n", argv[1]);
+		exit(1);
+	}
+
+	while (fgets(buf, sizeof(buf), infile) != NULL) {
+		if (buf[0] == '#')
+			continue;
+		parse_tconf(buf, p, g);
+
+		printf("p = ");
+		BN_print_fp(stdout, p);
+		putchar('\n');
+		printf("g = ");
+		BN_print_fp(stdout, g);
+		putchar('\n');
+
+		gen = -1;
+		if (BN_is_word(g, 2))
+			gen = 2;
+		if (BN_is_word(g, 5))
+			gen = 5;
+
+		if (BN_is_prime(p, 50, NULL, ctx, NULL) != 1)
+			printf("prime test failed!!!\n");
+		else {
+			printf("prime test passed\n");
+			BN_rshift1(q, p);
+			if (BN_is_prime(q, 50, NULL, ctx, NULL) != 1)
+				printf("(p - 1) / 2 prime test failed!!!\n");
+			else
+				printf("(p - 1) / 2 prime test passed\n");
+		}
+
+		if (gen == 2 && BN_mod_word(p, 24) == 11)
+			printf("g is a primitive generator\n");
+		else if (gen == 5) {
+			l = BN_mod_word(p, 10);
+			if (l == 3 || l == 7)
+				printf("g is a primitive generator\n");
+		} else {
+
+			/* Do it the slow way; g^q mod p != 1 -> primitive. */
+
+			BN_rshift1(q, p);
+			BN_mod_exp(r, g, q, p, ctx);
+			if (BN_is_one(r))
+				printf("g is not a primitive generator!!!\n");
+			else
+				printf("g is a primitive generator\n");
+		}
+	}
+
+	fclose(infile);
+	return 0;
+}
+
+char Fieldsep[] = { ':', '\0' };
+
+void
+parse_tconf(char *buf, BIGNUM *p, BIGNUM *g)
+{
+	char *s, *prime, *gen;
+	static int lineno = 1;
+
+	s = buf;
+	if (strsep(&s, Fieldsep) == NULL)                       /* index */
+		goto err;
+	if ((prime = strsep(&s, Fieldsep)) == NULL)             /* prime */
+		goto err;
+	if ((gen = strsep(&s, Fieldsep)) == NULL)               /* gen */
+		goto err;
+	if (s != NULL)
+		goto err;
+
+	if (!srp_tfmt2bn(p, prime))
+		goto err;
+	if (!srp_tfmt2bn(g, gen))
+		goto err;
+
+	lineno++;
+	return;
+
+err:
+	fprintf(stderr, "parse error on line %d\n", lineno);
+	exit(1);
+}
diff -burN openssh-3.7.1p2/servconf.c openssh/servconf.c
--- openssh-3.7.1p2/servconf.c	2003-09-23 02:24:21.000000000 -0700
+++ openssh/servconf.c	2004-02-08 01:41:45.000000000 -0800
@@ -74,6 +74,7 @@
 	options->kerberos_ticket_cleanup = -1;
 	options->gss_authentication=-1;
 	options->gss_cleanup_creds = -1;
+	options->srp_authentication = -1;
 	options->password_authentication = -1;
 	options->kbd_interactive_authentication = -1;
 	options->challenge_response_authentication = -1;
@@ -185,6 +186,8 @@
 		options->gss_authentication = 0;
 	if (options->gss_cleanup_creds == -1)
 		options->gss_cleanup_creds = 1;
+	if (options->srp_authentication == -1)
+		options->srp_authentication = 1;
 	if (options->password_authentication == -1)
 		options->password_authentication = 1;
 	if (options->kbd_interactive_authentication == -1)
@@ -248,7 +251,7 @@
 	/* Standard Options */
 	sPort, sHostKeyFile, sServerKeyBits, sLoginGraceTime, sKeyRegenerationTime,
 	sPermitRootLogin, sLogFacility, sLogLevel,
-	sRhostsRSAAuthentication, sRSAAuthentication,
+	sRhostsRSAAuthentication, sRSAAuthentication, sSRPAuthentication,
 	sKerberosAuthentication, sKerberosOrLocalPasswd, sKerberosTicketCleanup,
 	sKerberosTgtPassing, sChallengeResponseAuthentication,
 	sPasswordAuthentication, sKbdInteractiveAuthentication, sListenAddress,
@@ -315,6 +318,7 @@
 	{ "gssapiauthentication", sUnsupported },
 	{ "gssapicleanupcreds", sUnsupported },
 #endif
+	{ "srpauthentication", sSRPAuthentication },
 	{ "passwordauthentication", sPasswordAuthentication },
 	{ "kbdinteractiveauthentication", sKbdInteractiveAuthentication },
 	{ "challengeresponseauthentication", sChallengeResponseAuthentication },
@@ -637,6 +641,10 @@
 		intptr = &options->gss_cleanup_creds;
 		goto parse_flag;
 
+	case sSRPAuthentication:
+		intptr = &options->srp_authentication;
+		goto parse_flag;
+
 	case sPasswordAuthentication:
 		intptr = &options->password_authentication;
 		goto parse_flag;
diff -burN openssh-3.7.1p2/servconf.h openssh/servconf.h
--- openssh-3.7.1p2/servconf.h	2003-09-02 05:58:22.000000000 -0700
+++ openssh/servconf.h	2004-02-08 01:41:45.000000000 -0800
@@ -82,6 +82,7 @@
 						 * file on logout. */
 	int     gss_authentication;	/* If true, permit GSSAPI authentication */
 	int     gss_cleanup_creds;	/* If true, destroy cred cache on logout */
+	int     srp_authentication;     /* If true, permit SRP authentication. */
 	int     password_authentication;	/* If true, permit password
 						 * authentication. */
 	int     kbd_interactive_authentication;	/* If true, permit */
diff -burN openssh-3.7.1p2/srp-auth.nroff openssh/srp-auth.nroff
--- openssh-3.7.1p2/srp-auth.nroff	1969-12-31 16:00:00.000000000 -0800
+++ openssh/srp-auth.nroff	2004-02-08 01:41:55.000000000 -0800
@@ -0,0 +1,382 @@
+.\" -*- mode: nroff; fill-column: 68 -*-
+.pl 10.0i
+.po 0
+.ll 7.2i
+.lt 7.2i
+.nr LL 7.2i
+.nr LT 7.2i
+.ds LF Tom Holroyd
+.ds RF FORMFEED[Page %]
+.ds CF
+.ds LH INTERNET-DRAFT
+.ds RH 20 March 2001
+.ds CH SRP authorization with Secure Shell.
+.hy 0
+.ad l
+.in 0
+INTERNET-DRAFT                                                T. Holroyd
+draft-tomh-secsh-srp-00.txt                                        T. Wu
+Expires in September 2001                                     N. Moeller
+							   20 March 2001
+
+.ce
+Using the SRP protocol as an authorization method in Secure Shell
+
+.ti 0
+Status of this Memo
+.fi
+.in 3
+
+This document is an Internet-Draft and is in full conformance with
+all provisions of Section 10 of RFC2026.
+
+Internet-Drafts are working documents of the Internet Engineering
+Task Force (IETF), its areas, and its working groups. Note that
+other groups may also distribute working documents as
+Internet-Drafts.
+
+Internet-Drafts are draft documents valid for a maximum of six
+months and may be updated, replaced, or obsoleted by other documents
+at any time. It is inappropriate to use Internet-Drafts as reference
+material or to cite them other than as "work in progress."
+
+The list of current Internet-Drafts can be accessed at
+http://www.ietf.org/ietf/1id-abstracts.txt
+
+The list of Internet-Draft Shadow Directories can be accessed at
+http://www.ietf.org/shadow.html.
+
+.ti 0
+Copyright Notice
+
+Copyright (C) The Internet Society (2000). See the Full Copyright
+Notice below for details.
+
+.ti 0
+Abstract
+
+This memo describes an experimental method for authentication in the Secure
+Shell protocol, version 2 [SSH-ARCH].
+
+The main virtue of the use of the SRP protocol [SRP] as an authentication
+method in the "ssh-userauth"-service [SSH-USERAUTH] is its ability to
+provide strong authentication in both directions, without using any client
+state apart from the user-entered passphrase.  That is, SRP authenticates
+the server in addition to the user, and can also authenticate the server
+host key.  It is useful in situations where no authentic host key is known.
+
+.ti 0
+Conventions and notations
+
+Some of the conventions used in this document are taken from [SSH-USERAUTH],
+others are from [SRP].
+
+C is the client, S is the server; q is a large safe prime, g is a primitive
+root.
+
+The ^ operator is the exponentiation operation, and the mod operator is the
+integer remainder operation.  Most implementations perform the
+exponentiation and remainder in a single stage to avoid generating unwieldy
+intermediate results.
+
+The | symbol indicates string concatenation.
+
+HASH is a hash function (currently SHA1), n is the user's name (used for
+looking up salt and verifier in the server's database), p is a passphrase,
+and s is a random salt string 80 bits long.
+
+x is constructed from the strings n, p and s as HASH(s | HASH(n | ":" | p)),
+and the verifier v is computed as g^x mod q.  S keeps a database containing
+entries of the form <n, v, s, q, g>, indexed by n.
+
+Numerical ranges such as e in (1, q-1) are non-inclusive, i.e. 1 < e < q-1.
+
+.ti 0
+Protocol description
+
+1. C sends n to S.
+
+2. S uses n to find v, s, q, and g in its database.  S sends q, g,
+   and s to C.
+
+3. C renerates a random number a with ALEN bits (lg(q) < a) and
+   computes e = g^a mod q.  C sends e to S.
+
+4. S generates a random number b with ALEN bits (lg(q) < b) and
+   computes f = v + g^b mod q.  S selects u as the integer
+   corresponding to the first 32 bits of HASH(f).  If f or u happen
+   to be zero, S must try another b.  S sends f to C, and then
+   computes the shared secret K = (e * v^u)^b mod q.
+
+5. C gets the passphrase p from the user and computes
+   x = HASH(s | HASH(n | ":" | p)) and v = g^x mod q.  C also
+   computes u in the same way as S.  Finally, C computes the
+   shared secret K = (f - v) ^ (a + u * x) mod q.
+
+C must check that q is a safe prime and that g is a primitive root, ideally
+by looking these values up in a well known table.
+
+The random exponents a and b have ALEN bits, or lg(q) bits if lg(q)
+< ALEN.  ALEN should be at least 256, but either side may use a longer
+value (at the expense of speed).
+
+Each party must check that e and f are in the range (1, q-1). If
+not, the key exchange fails.
+
+At this point C and S have a shared secret K.  They must now prove
+that they know the same value.  Even if we're primarily interested
+in authenticating the server, the user must prove knowledge of the
+key *first*.  (Otherwise, the server leaks information about the
+verifier).
+
+To do this, the client sends m1 = HMAC(K, H) to the server, where H
+is the "exchange hash" defined below.  After verifying the MAC, the
+server responds by sending m2 = HMAC(K, e | m1 | H) to the client.
+The purpose of this final message exchange is twofold: (i) to prove
+knowledge of the shared secret key K, completing the SRP protocol,
+and (ii) to use the shared key K to authenticate the session id,
+which is part of the exchange hash and which is itself a hash of the
+server host key and other data.  The latter is needed in order to
+protect against attacks on the algorithm negotiation that happens
+before the SRP exchange, as well as version rollback attacks.
+
+.ti 0
+Protocol messages
+
+The name of the method, when listed in the SSH2_MSG_USERAUTH_REQUEST
+message, is "srp-gex-sha1".
+
+First, the client sends:
+
+  byte      SSH2_MSG_USERAUTH_REQUEST
+  string    user name (in ISO-10646 UTF-8 encoding [RFC-2279])
+  string    service name (in US-ASCII)
+  string    "srp-gex-sha1"
+
+The server responds with
+
+  byte      SSH2_MSG_USERAUTH_SRP_REPLY
+  mpint     q
+  mpint     g
+  string    s
+
+The client MUST verify that q is a safe prime (i.e., that q is prime, and
+that (q - 1) / 2 is also prime), and that g is a primitive root of the
+multiplicative group formed by q (i.e., that for all x in [1, q-1],
+there exists a y such that g^y mod q = x).  If q is not safe, or
+g is not primitive, the client MUST abort authentication.
+
+The client then sends
+
+  byte      SSH2_MSG_USERAUTH_SRP_VALUE
+  mpint     e
+
+The server MUST abort if e is not in the range (1, q-1).
+
+The server responds with
+
+  byte      SSH2_MSG_USERAUTH_SRP_VALUE
+  mpint     f
+
+The server MUST NOT send this message until after it has received and
+checked the the client's SSH2_MSG_USERAUTH_SRP_VALUE message.
+
+Both sides compute u as the first 32 bits of HASH(f).  The server MUST NOT
+send an f such that u == 0, and f MUST be in the range (1, q-1).  The client
+MUST abort if u is 0 or f is outside the range (1, q-1).
+
+At this point, both sides calculate K.  The client obtains a passphrase
+from the user, and calculates x, v, and K.  The server MUST abort if
+e * v^u == 1 or -1 (mod q).
+
+Both sides now compute the exchange hash H, as the HASH of the concatenation
+of the following data:
+
+  string    session_id, calculated during the initial key exchange
+			(see [SSH-TRANS] for more information)
+  byte      SSH2_MSG_USERAUTH_REQUEST
+  string    user name (in ISO-10646 UTF-8 encoding [RFC-2279])
+  string    service name (in US-ASCII)
+  string    "srp-gex-sha1"
+  string    s, the salt
+  mpint     q, the prime sent by the server
+  mpint     g, the primitive root sent by the server
+  mpint     e, exchange value sent by the client
+  mpint     f, exchange value sent by the server
+
+The client computes m1 = HMAC(K, H), and sends it to the server, to
+prove that it knows the shared key.  It sends
+
+  byte      SSH2_MSG_USERAUTH_SRP_PROOF
+  string    m1
+
+The server verifies that m1 is correct using its own K.  If they
+don't match, the server MUST NOT send any proof back to the client,
+but MAY continue without disconnecting in order to allow retries.
+
+Finally, the server computes m2 = HMAC(K, H2), where H2 is the HASH of:
+
+  mpint     e
+  string    m1
+  string    H
+
+and sends to the client either:
+
+  byte      SSH2_MSG_USERAUTH_SRP_PROOF
+  boolean   0
+
+in the case that the client's proof was rejected, or:
+
+  byte      SSH2_MSG_USERAUTH_SRP_PROOF
+  boolean   1
+  string    m2
+
+in the case that the client's proof was accepted.  If m2 was not sent, the
+client is not authenticated and MAY retry after receiving the
+SSH2_MSG_USERAUTH_FAILURE message that the server MUST send.  If m2 was
+sent, the client verifies that m2 is correct, and if so, the server is
+authenticated.
+
+Note that according to the SSH2 protocol [SSH-USERAUTH], it is the server
+that either rejects the authentication request by sending
+SSH2_MSG_USERAUTH_FAILURE, or accepts it by sending SSH2_MSG_USERAUTH_SUCCESS.
+If the m2 value sent by the server does not match the value computed by the
+client, the client MUST abort if it receives a SSH2_MSG_USERAUTH_SUCCESS
+message, since the authenticity of the server is in doubt.
+
+.ti 0
+Message numbers
+
+The following message numbers have been defined in this protocol:
+
+  /* 60-79 User authentication method specific (numbers can be
+   *       reused for different authentication methods)
+   */
+
+  #define SSH2_MSG_USERAUTH_SRP_REPLY           60
+  #define SSH2_MSG_USERAUTH_SRP_VALUE           61
+  #define SSH2_MSG_USERAUTH_SRP_PROOF           62
+
+.ti 0
+Security Considerations
+
+This entire draft discusses an authentication and key exchange system that
+provides strong authentication, protects passphrases, and exchanges keys
+across an untrusted network.  Most of this section is taken from [SRP],
+which also provides more details.
+
+Knowledge of the verifier enables an attacker to mount an offline search
+(also known as a "dictionary attack") on the user's passphrase, as well as to
+impersonate the server.  So the verifier should be kept secret.  The <name,
+salt, verifier, prime, gen> entry can be created on the user's machine and
+transferred to the server over a secure channel, or it could be created on
+the server.  The former approach has the advantage that the cleartext
+passphrase is not even temporarily known by the server.
+
+SRP has been designed not only to counter the threat of casual
+passphrase-sniffing, but also to prevent a determined attacker equipped with
+a dictionary of passphrases from guessing at passphrases using captured
+network traffic.  The SRP protocol itself also resists active network
+attacks, and implementations can use the securely exchanged keys to protect
+the session against hijacking and provide confidentiality.
+
+Although SRP may be used as an initial authentication and key-exchange
+method (e.g. instead of the diffie-hellman-group1-sha1 method required by
+SSH-TRANS), using SRP as an authentication method in Secure Shell has the
+following advantages: 1) the username is not transmitted in the clear;
+2) the server is authenticated to the client, preventing server spoofing;
+and 3) since the session id is incorporated into the exchange hashes,
+it (and implicitly the host key it was generated from) is authenticated
+along with the server.
+
+As some of the best known algorithms for computing discrete logarithms use
+extensive precomputations, it is desirable not to depend on a single fixed
+group.  However, care must be taken whenever a client starts to use a new
+group.  An attacker that knows how to compute discrete logarithms in the
+multiplicative group of a particular prime, and can convince the client to
+use that group (by spoofing the server, for example), can obtain the random
+value a from e, and mount a dictionary attack on m1.  While dictionary
+attacks may often be successful due to weak passphrases or simple passwords,
+this one depends on the ability to compute discrete logs in a safe-prime
+group, which is currently theoretically difficult, and requires expensive
+modular exponentiation and multiplication for each test passphrase.  In
+addition, this is not a passive attack, although most of the calculations
+can be carried out off-line.
+
+SRP authentication of the host key protects against a man-in-the-middle
+attack, where a client is tricked into connecting to a fake server, who
+would then capture the user's password, along with session data.
+
+SRP also has the added advantage of permitting the host to store passphrases
+in a form that is not directly useful to an attacker.  Even if the host's
+passphrase verifier database were publicly revealed, the attacker would
+still need an expensive dictionary search to obtain any passphrases.  The
+exponential computation required to validate a guess in this case is much
+more time-consuming than the hash currently used by most UNIX systems.
+Hosts are still advised, though, to try their best to keep their passphrase
+verifier files secure.
+
+.ti 0
+Author's Address
+
+.nf
+Dr. Tom Holroyd
+NIMH MEG Core Facility
+Bldg 10 Rm B1D65A
+National Institutes of Health
+9000 Rockville Pike
+Bethesda, MD 20892-1059
+email: tomh@kurage.nimh.nih.gov
+tel: 301-402-2362
+fax: 301-480-7795
+(or tom.holroyd@nih.gov)
+
+Thomas Wu
+Arcot Systems
+3200 Patrick Henry Blvd.
+Santa Clara, CA 95054
+
+EMail: tom@arcot.com
+
+.ti 0
+References
+
+[SRP]  T. Wu, "The SRP Authentication and Key Exchange System",
+Internet Draft, RFC 2945
+
+[SSH-ARCH] Ylonen, T., et al, "SSH Protocol Architecture", Internet
+Draft, draft-ietf-secsh-architecture-08.txt
+
+[SSH-TRANS] Ylonen, T., et al, "SSH Transport Layer Protocol", Internet
+Draft, draft-ietf-secsh-transport-10.txt
+
+[SSH-USERAUTH] Ylonen, T., et al, "SSH Authentication Protocol",
+Internet Draft, draft-ietf-secsh-userauth-10.txt
+
+.ti 0
+Full Copyright Statement
+
+Copyright (C) The Internet Society (2001). All Rights Reserved.
+
+This document and translations of it may be copied and furnished to
+others, and derivative works that comment on or otherwise explain it
+or assist in its implmentation may be prepared, copied, published and
+distributed, in whole or in part, without restriction of any kind,
+provided that the above copyright notice and this paragraph are
+included on all such copies and derivative works. However, this
+document itself may not be modified in any way, such as by removing
+the copyright notice or references to the Internet Society or other
+Internet organizations, except as needed for the purpose of developing
+Internet standards in which case the procedures for copyrights defined
+in the Internet Standards process must be followed, or as required to
+translate it into languages other than English.
+
+The limited permissions granted above are perpetual and will not be
+revoked by the Internet Society or its successors or assigns.
+
+This document and the information contained herein is provided on an
+"AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
+TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT
+NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN
+WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
+MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE."
diff -burN openssh-3.7.1p2/srp-keygen.0 openssh/srp-keygen.0
--- openssh-3.7.1p2/srp-keygen.0	1969-12-31 16:00:00.000000000 -0800
+++ openssh/srp-keygen.0	2004-02-08 01:41:55.000000000 -0800
@@ -0,0 +1,85 @@
+SRP-KEYGEN(1)           System General Commands Manual           SRP-KEYGEN(1)
+
+NAME
+     srp-keygen - generate SRP verifiers
+
+SYNOPSIS
+     srp-keygen [-b bits] [-f output_verifier_file] [-u username]
+
+DESCRIPTION
+     srp-keygen generates SRP verifiers for use with ssh(1).  To use SRP
+     authentication, a user runs this to create a $HOME/.ssh/verifier file on
+     the host server.  Note that you must already be connected to the server
+     over a secure channel in order to do this!  Usually the system adminis-
+     trator will set up an initial verifier file using the -f and -u options.
+
+     If the server is already using SRP-aware telnet(1) or login(1), a
+     $HOME/.ssh/verifier file is not necessary.  In that case, verifiers may
+     be set or updated using the tpasswd(1) program.  srp-keygen may still be
+     used to create a $HOME/.ssh/verifier file which will override the
+     /etc/tpasswd entry, if any.
+
+     srp-keygen asks for a passphrase to use in creating the SRP verifier.
+     The same passphrase is required when connecting to the server using SRP
+     authentication.  Good passphrases are 10-30 characters long and are not
+     simple sentences or otherwise easily guessable (English prose has only
+     1-2 bits of entropy per word).
+
+     There is no way to recover a lost passphrase.  If the passphrase is lost
+     or forgotten, you (or the system administrator) will have to generate a
+     new one.
+
+     The options are as follows:
+
+     -b bits
+             Specifies the number of bits in the prime group.  Only certain
+             sizes are available, use -b0 to see the list.  Generally 1024
+             bits is considered sufficient. Sizes above that make things
+             slower and might not improve security.  The default is 1535 bits.
+
+     -f filename
+             Specifies the name of the output verifier file.  The default is
+             $HOME/.ssh/verifier.
+
+     -u username
+             Specifies the username.  This option is only useful to the system
+             administrator, in combination with -f.  Note that the username is
+             encoded as part of the verifier.  If a user's name ever changes,
+             the verifier will have to be recreated.
+
+FILES
+     $HOME/.ssh/verifier
+             Contains the SRP verifier for the user (server-side).  This file
+             should not be readable by anyone but the user.  sshd(8) will read
+             this file when a login attempt is made.
+
+     /etc/verifier
+             Contains SRP verifier entries for all users of the server.  This
+             file should not be readable by anyone but the sshd user (usually
+             root).  This file is not necessary, but may be used to centralize
+             verifier administration.  sshd(8) will read this file when a
+             login attempt is made, if no $HOME/.ssh/verifier file is present.
+
+     /etc/verifier.conf
+             A list of valid prime groups.  This file should be world read-
+             able.
+
+     /etc/tpasswd
+             This file will be used to look up the user's verifier if no
+             $HOME/.ssh/verifier or /etc/verifier exists, or no entry for the
+             user could be found in those files.
+
+     /etc/tpasswd.conf
+             This file contains additional prime groups to use when the user's
+             verifier is located in /etc/tpasswd.
+
+AUTHORS
+     OpenSSH is a derivative of the original and free ssh 1.2.12 release by
+     Tatu Ylonen.  Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo
+     de Raadt and Dug Song removed many bugs, re-added newer features and cre-
+     ated OpenSSH.  Tom Holroyd contributed the support for SRP.
+
+SEE ALSO
+     ssh(1), ssh-add(1), ssh-agent(1), sshd(8), tpasswd(1), tconf(1)
+
+BSD                             March 20, 2001                             BSD
diff -burN openssh-3.7.1p2/srp-keygen.1 openssh/srp-keygen.1
--- openssh-3.7.1p2/srp-keygen.1	1969-12-31 16:00:00.000000000 -0800
+++ openssh/srp-keygen.1	2004-02-08 01:41:55.000000000 -0800
@@ -0,0 +1,140 @@
+.\"  -*- nroff -*-
+.\"
+.\" Author: Tom Holroyd <tomh@kurage.nimh.nih.gov>
+.\"
+.\" Copyright (c) 2001 Tom Holroyd. All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
+.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+.\"
+.Dd March 20, 2001
+.Dt SRP-KEYGEN 1
+.Os
+.Sh NAME
+.Nm srp-keygen
+.Nd generate SRP verifiers
+.Sh SYNOPSIS
+.Nm srp-keygen
+.Op Fl b Ar bits
+.Op Fl f Ar output_verifier_file
+.Op Fl u Ar username
+.Sh DESCRIPTION
+.Nm
+generates SRP verifiers for use with
+.Xr ssh 1 .
+To use SRP authentication, a user runs this to create a
+.Pa $HOME/.ssh/verifier
+file on the host server.  Note that you must already be connected to
+the server over a secure channel in order to do this!  Usually the system
+administrator will set up an initial verifier file using the
+.Fl f
+and
+.Fl u
+options.
+.Pp
+If the server is already using SRP-aware
+.Xr telnet 1
+or
+.Xr login 1 , a
+.Pa $HOME/.ssh/verifier
+file is not necessary.  In that case, verifiers may be set or updated
+using the
+.Xr tpasswd 1
+program.
+.Nm
+may still be used to create a
+.Pa $HOME/.ssh/verifier
+file which will override the
+.Pa /etc/tpasswd
+entry, if any.
+.Pp
+.Nm
+asks for a passphrase to use in creating the SRP verifier.  The same passphrase
+is required when connecting to the server using SRP authentication.
+Good passphrases are 10-30 characters long and are
+not simple sentences or otherwise easily guessable (English
+prose has only 1-2 bits of entropy per word).
+.Pp
+There is no way to recover a lost passphrase.  If the passphrase is lost or
+forgotten, you (or the system administrator) will have to generate a new
+one.
+.Pp
+The options are as follows:
+.Bl -tag -width Ds
+.It Fl b Ar bits
+Specifies the number of bits in the prime group.  Only certain sizes are
+available, use
+.Fl b0
+to see the list.
+Generally 1024 bits is considered sufficient. Sizes
+above that make things slower and might not improve security.
+The default is 1535 bits.
+.It Fl f Ar filename
+Specifies the name of the output verifier file.  The default is
+.Pa $HOME/.ssh/verifier .
+.It Fl u Ar username
+Specifies the username.  This option is only useful to the system
+administrator, in combination with
+.Fl f .
+Note that the username is encoded as part of the verifier.  If a user's
+name ever changes, the verifier will have to be recreated.
+.El
+.Sh FILES
+.Bl -tag -width Ds
+.It Pa $HOME/.ssh/verifier
+Contains the SRP verifier for the user (server-side).
+This file should not be readable by anyone but the user.
+.Xr sshd 8
+will read this file when a login attempt is made.
+.It Pa /etc/verifier
+Contains SRP verifier entries for all users of the server.  This file should
+not be readable by anyone but the sshd user (usually root).  This file is
+not necessary, but may be used to centralize verifier administration.
+.Xr sshd 8
+will read this file when a login attempt is made, if no
+.Pa $HOME/.ssh/verifier
+file is present.
+.It Pa /etc/verifier.conf
+A list of valid prime groups.  This file should be world readable.
+.It Pa /etc/tpasswd
+This file will be used to look up the user's verifier if no
+.Pa $HOME/.ssh/verifier
+or
+.Pa /etc/verifier
+exists, or no entry for the user could be found in those files.
+.It Pa /etc/tpasswd.conf
+This file contains additional prime groups to use when the user's
+verifier is located in /etc/tpasswd.
+.El
+.Sh AUTHORS
+OpenSSH is a derivative of the original and free
+ssh 1.2.12 release by Tatu Ylonen.
+Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos,
+Theo de Raadt and Dug Song
+removed many bugs, re-added newer features and
+created OpenSSH.
+Tom Holroyd contributed the support for SRP.
+.Sh SEE ALSO
+.Xr ssh 1 ,
+.Xr ssh-add 1 ,
+.Xr ssh-agent 1 ,
+.Xr sshd 8 ,
+.Xr tpasswd 1 ,
+.Xr tconf 1
diff -burN openssh-3.7.1p2/srp-keygen.c openssh/srp-keygen.c
--- openssh-3.7.1p2/srp-keygen.c	1969-12-31 16:00:00.000000000 -0800
+++ openssh/srp-keygen.c	2004-02-08 01:42:06.000000000 -0800
@@ -0,0 +1,351 @@
+/* SRP implementation for OpenSSH by Dr. Tom <tomh@kurage.nimh.nih.gov>. */
+
+#include "includes.h"
+
+#include <openssl/bn.h>
+
+#include "xmalloc.h"
+#include "log.h"
+#include "pathnames.h"
+#include "readpass.h"
+#include "srp.h"
+
+/* argv0 */
+#ifdef HAVE___PROGNAME
+extern char *__progname;
+#else
+char *__progname;
+#endif
+
+#define USAGE() fprintf(stderr, Usage, __progname)
+
+char Usage[] =
+    "usage: %s [-b <bits>] [-f <output_verifier_file>] [-u <username>]\n"
+    "This program creates an SRP verifier for username (default: the\n"
+    "current user), and stores it in the verifier file (default:\n"
+    "$HOME/.ssh/verifier).  The previous file contents, if any, are\n"
+    "destroyed.\n"
+    "The prime group used is selected at random from a predefined set;\n"
+    "the -b flag may be used to specify the number of bits used for\n"
+    "the prime (default: 1535).  Use -b0 to see the choices.\n";
+
+/*
+ * -f is most useful (to the system administrator) along with -u, to
+ * create a verifier entry for an arbitrary user.  Note that the verifier
+ * file must not be world readable, and must be owned by the user.
+ * Be aware that the username is part of the verifier; if you want to
+ * change the user's name, you cannot simply change the username field
+ * with an editor, you must regenerate the verifier with this program.
+ *
+ * XXX This version will always overwrite a preexisting file.  If you
+ * need to have verifier entries for multiple users in the same file,
+ * you must currently use an editor to add them, or use the tpasswd(1)
+ * utility from the Stanford SRP distribution.
+ */
+
+/*
+ * This little bit of stuff is a hack to make it possible to link this
+ * with srp-util.c, since srp_hash_calc() uses it.
+ */
+u_char *session_id2;
+int session_id2_len;
+
+/* Keep track of the bit sizes we know. */
+void bits_add(int bits);
+void bits_dump();
+
+/* Create an SRP verifier file. */
+
+int
+main(int argc, char **argv)
+{
+	int i, j, c, bits, slen, which, fd;
+	char *filename, *username, *buf;
+	char *salt, *passphrase, *p2, prompt[100];
+	FILE *outfile;
+	struct passwd *pw = NULL;
+	struct stat st;
+	BIGNUM *p, *g, *s, *x, *v;
+	BN_CTX *ctx, *ctx2;
+	extern int optind;
+	extern char *optarg;
+
+	__progname = ssh_get_progname(*argv);
+	init_rng();
+	log_init(__progname, SYSLOG_LEVEL_INFO, SYSLOG_FACILITY_USER, 1);
+	seed_rng();
+
+	/* Parse option arguments. */
+
+	bits = 1535;
+	filename = NULL;
+	username = NULL;
+	while ((c = getopt(argc, argv, "b:f:u:")) != EOF) {
+		switch (c) {
+		case 'b':
+			bits = atoi(optarg);
+			break;
+
+		case 'f':
+			filename = xstrdup(optarg);
+			break;
+
+		case 'u':
+			username = xstrdup(optarg);
+			break;
+
+		default:
+			USAGE();
+			exit(1);
+		}
+	}
+	argc -= optind;
+	argv += optind;
+
+	if (argc != 0) {
+		USAGE();
+		exit(1);
+	}
+
+	/*
+	 * Figure out who we are, and where to write the file.  If both
+	 * -f and -u are specified, we don't need to consult the passwd
+	 * database.  This allows creation of verifiers for usernames
+	 * that don't have local accounts.
+	 */
+	if (username == NULL || filename == NULL) {
+		if (username == NULL)
+			pw = getpwuid(getuid());
+		else
+			pw = getpwnam(username);
+		if (pw == NULL) {
+			fprintf(stderr,
+			    "%s: can't find user passwd entry\n", __progname);
+			exit(1);
+		}
+		username = xstrdup(pw->pw_name);
+	}
+	if (filename == NULL) {
+
+		/* Create the ~/.ssh directory if it doesn't already exist. */
+
+		c = strlen(pw->pw_dir) + strlen(_PATH_SSH_USER_DIR) + 2;
+		filename = xmalloc(c);
+		snprintf(filename, c, "%s/%s", pw->pw_dir, _PATH_SSH_USER_DIR);
+		if (stat(filename, &st) < 0) {
+			if (mkdir(filename, 0700) < 0) {
+				fprintf(stderr,
+				    "%s: could not create directory '%s'.\n",
+				    __progname, filename);
+				exit(1);
+			} else
+				printf("Created directory '%s'.\n", filename);
+		}
+		xfree(filename);
+
+		/* Now create the pathname to the verifier file. */
+
+		c = strlen(pw->pw_dir) + strlen(_PATH_SSH_USER_VERIFIER) + 2;
+		filename = xmalloc(c);
+		snprintf(filename, c,
+		    "%s/%s", pw->pw_dir, _PATH_SSH_USER_VERIFIER);
+	}
+
+	/* Allocate BIGNUMs and stuff. */
+
+	if ((ctx = BN_CTX_new()) == NULL)
+		goto err;
+	if ((ctx2 = BN_CTX_new()) == NULL)
+		goto err;
+	BN_CTX_start(ctx);
+	p = BN_CTX_get(ctx);
+	g = BN_CTX_get(ctx);
+	s = BN_CTX_get(ctx);
+	x = BN_CTX_get(ctx);
+	v = BN_CTX_get(ctx);
+	if (v == NULL)
+		goto err;
+
+	/*
+	 * Count the number of primes we know that are bits long.
+	 * Just use the built-in values for now.  Better would be
+	 * to include the external tables as well, ignoring any
+	 * duplicates.  Maybe later.
+	 */
+	c = 0;
+	for (i = 0; i < SRP_nparams; i++) {
+		srp_get_param(i, p, g);
+		j = BN_num_bits(p);
+		bits_add(j);
+		if (j == bits)
+			c++;
+	}
+	if (c == 0) {
+		if (bits != 0)
+			fprintf(stderr, "%s: no primes found with %d bits\n",
+			    __progname, bits);
+		bits_dump();
+		exit(1);
+	}
+	printf("%d candidate groups with %d bits found.\n", c, bits);
+
+	/* Pick one, and get it. */
+
+	which = arc4random() % c;
+	c = 0;
+	for (i = 0; i < SRP_nparams; i++) {
+		srp_get_param(i, p, g);
+		j = BN_num_bits(p);
+		if (j == bits) {
+			if (c == which)
+				break;
+			c++;
+		}
+	}
+
+	/* Pick a random salt. */
+
+	if (!BN_rand(s, SALTLEN, 0, 0))
+		goto err;
+	slen = BN_num_bytes(s);
+	salt = xmalloc(slen);
+	if (!BN_bn2bin(s, salt))
+		goto err;
+
+	/* Get the (new) passphrase. */
+
+	snprintf(prompt, sizeof(prompt),
+	    "Enter SRP passphrase for %s: ", username);
+	passphrase = read_passphrase(prompt, 0);
+	p2 = read_passphrase("Verify: ", 0);
+	if (strcmp(passphrase, p2) != 0) {
+		fprintf(stderr,
+		    "%s: passphrase mismatch, no action taken\n", __progname);
+		exit(1);
+	}
+
+	/* Calculate x = HASH(salt | HASH(username | passphrase)). */
+
+	srp_x_calc(salt, slen, username, passphrase, x);
+
+	memset(passphrase, 0, strlen(passphrase));
+	memset(p2, 0, strlen(p2));
+	xfree(passphrase);
+	xfree(p2);
+
+	/* Calculate v = g^x mod p. */
+
+	if (!BN_mod_exp(v, g, x, p, ctx2))
+		goto err;
+
+	/* Create the file. */
+
+	fd = open(filename, O_WRONLY | O_CREAT | O_TRUNC, 0600);
+	if (fd < 0) {
+		fprintf(stderr, "%s: can't create '%s'\n", __progname, filename);
+		exit(1);
+	}
+	outfile = fdopen(fd, "w");
+	if (outfile == NULL) {
+		fprintf(stderr, "%s: fdopen() failed\n", __progname);
+		close(fd);
+		exit(1);
+	}
+
+	/* Convert to base64 and write it all out. */
+
+	buf = xmalloc(8 * 1024);
+
+	fprintf(outfile, "%s:", username);
+
+	srp_bn2tfmt(buf, v);
+	fprintf(outfile, "%s:", buf);
+
+	srp_bn2tfmt(buf, s);
+	fprintf(outfile, "%s::", buf);
+
+	srp_bn2tfmt(buf, p);
+	fprintf(outfile, "%s:", buf);
+
+	srp_bn2tfmt(buf, g);
+	fprintf(outfile, "%s\n", buf);
+
+	fclose(outfile);
+
+	BN_CTX_end(ctx);
+	BN_CTX_free(ctx);
+	BN_CTX_free(ctx2);
+	return 0;
+
+err:
+	fprintf(stderr, "%s: BIGNUM error\n", __progname);
+	return 1;
+}
+
+/* Keep track of the number of different bit sizes we know. */
+
+typedef struct bitslist BITSLIST;
+struct bitslist {
+	int bits;
+	int count;
+	BITSLIST *next;
+};
+
+BITSLIST *Bits = NULL;
+
+BITSLIST *
+bits_new(int bits, BITSLIST *next)
+{
+	BITSLIST *p;
+
+	p = xmalloc(sizeof(BITSLIST));
+	p->bits = bits;
+	p->count = 1;
+	p->next = next;
+
+	return p;
+}
+
+void
+bits_add(int bits)
+{
+	BITSLIST *p, *pp = NULL;
+
+	/* Do a little insertion sort, just for fun. */
+
+	if (Bits == NULL) {
+		Bits = bits_new(bits, NULL);
+		return;
+	}
+	for (p = Bits; p; p = p->next) {
+		if (p->bits == bits) {
+			p->count++;
+			return;
+		}
+		if (p->bits > bits)
+			break;
+		pp = p;
+	}
+	if (pp == NULL) {
+		p = Bits;
+		Bits = bits_new(bits, p);
+	} else {
+		p = pp->next;
+		pp->next = bits_new(bits, p);
+	}
+}
+
+void
+bits_dump()
+{
+	BITSLIST *p;
+
+	if (!Bits) {
+		fprintf(stderr, "no known prime groups!\n");
+		exit(1);
+	}
+	printf("Known prime group sizes (count):\n");
+	for (p = Bits; p; p = p->next)
+		printf("\t%d (%d)\n", p->bits, p->count);
+}
+
diff -burN openssh-3.7.1p2/srp-param.c openssh/srp-param.c
--- openssh-3.7.1p2/srp-param.c	1969-12-31 16:00:00.000000000 -0800
+++ openssh/srp-param.c	2004-02-08 01:42:06.000000000 -0800
@@ -0,0 +1,700 @@
+/* This file was created by tconf2embed.  Do not edit. */
+/* Converted by tomh on Wed Apr  3 14:56:53 2002. */
+
+#include "includes.h"
+#include <openssl/bn.h>
+#include "srp.h"
+
+SRP_PARAM SRP_param[] = {
+	/* These are the default primes and generators used by the srp-1.7.1 */
+	/* distribution of libsrp, with lengths >= 1024 bits. */
+	{ "Ewl2hcjiutMd3Fu2lgFnUXWSc67TVyy2vwYCKoS9MLsrdJVT9RgWTCuEqWJrfB6uE3LsE9GkOlaZabS7M29sj5TnzUqOLJMjiwEzArfiLr9WbMRANlF68N5AVLcPWvNx6Zjl3m5Scp0BzJBz9TkgfhzKJZ.WtP3Mv/67I/0wmRZ",
+	  "2",
+	  NULL, NULL },
+	{ "F//////////oG/QeY5emZJ4ncABWDmSqIa2JWYAPynq0Wk.fZiJco9HIWXvZZG4tU.L6RFDEaCRC2iARV9V53TFuJLjRL72HUI5jNPYNdx6z4n2wQOtxMiB/rosz0QtxUuuQ/jQYP.bhfya4NnB7.P9A6PHxEPJWV//////////",
+	  "5",
+	  NULL, NULL },
+	{ "3NUKQ2Re4P5BEK0TLg2dX3gETNNNECPoe92h4OVMaDn3Xo/0QdjgG/EvM.hiVV1BdIGklSI14HA38Mpe5k04juR5/EXMU0r1WtsLhNXwKBlf2zEfoOh0zVmDvqInpU695f29Iy7sNW3U5RIogcs740oUp2Kdv5wuITwnIx84cnO.e467/IV1lPnvMCr0pd1dgS0a.RV5eBJr03Q65Xy61R",
+	  "2",
+	  NULL, NULL },
+	{ "dUyyhxav9tgnyIg65wHxkzkb7VIPh4o0lkwfOKiPp4rVJrzLRYVBtb76gKlaO7ef5LYGEw3G.4E0jbMxcYBetDy2YdpiP/3GWJInoBbvYHIRO9uBuxgsFKTKWu7RnR7yTau/IrFTdQ4LY/q.AvoCzMxV0PKvD9Odso/LFIItn8PbTov3VMn/ZEH2SqhtpBUkWtmcIkEflhX/YY/fkBKfBbe27/zUaKUUZEUYZ2H2nlCL60.JIPeZJSzsu/xHDVcx",
+	  "2",
+	  NULL, NULL },
+	{ "2iQzj1CagQc/5ctbuJYLWlhtAsPHc7xWVyCPAKFRLWKADpASkqe9djWPFWTNTdeJtL8nAhImCn3Sr/IAdQ1FrGw0WvQUstPx3FO9KNcXOwisOQ1VlL.gheAHYfbYyBaxXL.NcJx9TUwgWDT0hRzFzqSrdGGTN3FgSTA1v4QnHtEygNj3eZ.u0MThqWUaDiP87nqha7XnT66bkTCkQ8.7T8L4KZjIImrNrUftedTTBi.WCi.zlrBxDuOM0da0JbUkQlXqvp0yvJAPpC11nxmmZOAbQOywZGmu9nhZNuwTlxjfIro0FOdthaDTuZRL9VL7MRPUDo/DQEyW.d4H.UIlzp",
+	  "2",
+	  NULL, NULL },
+	/* These are the primes from the old 'primes' file that are not included */
+	/* in the new 'moduli' file. */
+	{ "gkqSd6XW9yaVqGp1bxd27WLqOdeuhx6U2VHSx1upNY/IjnRrtLdauJNOo5kt18LUlx6wqqaDQByUJ63.lhSd/DRN8T77Q7bPW0WFn6kPKetV80G6LUWm0HEwQwMwAVCU5fYd1VANLxogO6uD1VRTVbXRW/yl9BKGEjpeinOch5R",
+	  "2",
+	  NULL, NULL },
+	{ "gkqSd6XW9yaVqGp1bxd27WLqOdeuhx6U2VHSx1upNY/IjnRrtLdauJNOo5kt18LUlx6wqqaDQByUJ63.lhSd/DRN8T77Q7bPW0WFn6kPKetV80G6LUWm0HEwQwMwAVCU5fYd1VANLxogO6uD1VRTVbXRW/yl9BKGEjpeinOch5R",
+	  "2",
+	  NULL, NULL },
+	{ "gkqSd6XW9yaVqGp1bxd27WLqOdeuhx6U2VHSx1upNY/IjnRrtLdauJNOo5kt18LUlx6wqqaDQByUJ63.lhSd/DRN8T77Q7bPW0WFn6kPKetV80G6LUWm0HEwQwMwAVCU5fYd1VANLxogO6uD1VRTVbXRW/yl9BKGEjpeinOmMSp",
+	  "2",
+	  NULL, NULL },
+	{ "gkqSd6XW9yaVqGp1bxd27WLqOdeuhx6U2VHSx1upNY/IjnRrtLdauJNOo5kt18LUlx6wqqaDQByUJ63.lhSd/DRN8T77Q7bPW0WFn6kPKetV80G6LUWm0HEwQwMwAVCU5fYd1VANLxogO6uD1VRTVbXRW/yl9BKGEjpeinOmMSp",
+	  "2",
+	  NULL, NULL },
+	{ "gkqSd6XW9yaVqGp1bxd27WLqOdeuhx6U2VHSx1upNY/IjnRrtLdauJNOo5kt18LUlx6wqqaDQByUJ63.lhSd/DRN8T77Q7bPW0WFn6kPKetV80G6LUWm0HEwQwMwAVCU5fYd1VANLxogO6uD1VRTVbXRW/yl9BKGEjpeinOxft3",
+	  "2",
+	  NULL, NULL },
+	{ "gkqSd6XW9yaVqGp1bxd27WLqOdeuhx6U2VHSx1upNY/IjnRrtLdauJNOo5kt18LUlx6wqqaDQByUJ63.lhSd/DRN8T77Q7bPW0WFn6kPKetV80G6LUWm0HEwQwMwAVCU5fYd1VANLxogO6uD1VRTVbXRW/yl9BKGEjpeinOxft3",
+	  "2",
+	  NULL, NULL },
+	{ "gkqSd6XW9yaVqGp1bxd27WLqOdeuhx6U2VHSx1upNY/IjnRrtLdauJNOo5kt18LUlx6wqqaDQByUJ63.lhSd/DRN8T77Q7bPW0WFn6kPKetV80G6LUWm0HEwQwMwAVCU5fYd1VANLxogO6uD1VRTVbXRW/yl9BKGEjpeinPBWzx",
+	  "2",
+	  NULL, NULL },
+	{ "gkqSd6XW9yaVqGp1bxd27WLqOdeuhx6U2VHSx1upNY/IjnRrtLdauJNOo5kt18LUlx6wqqaDQByUJ63.lhSd/DRN8T77Q7bPW0WFn6kPKetV80G6LUWm0HEwQwMwAVCU5fYd1VANLxogO6uD1VRTVbXRW/yl9BKGEjpeinPBWzx",
+	  "2",
+	  NULL, NULL },
+	{ "gkqSd6XW9yaVqGp1bxd27WLqOdeuhx6U2VHSx1upNY/IjnRrtLdauJNOo5kt18LUlx6wqqaDQByUJ63.lhSd/DRN8T77Q7bPW0WFn6kPKetV80G6LUWm0HEwQwMwAVCU5fYd1VANLxogO6uD1VRTVbXRW/yl9BKGEjpeinPBxwZ",
+	  "2",
+	  NULL, NULL },
+	{ "gkqSd6XW9yaVqGp1bxd27WLqOdeuhx6U2VHSx1upNY/IjnRrtLdauJNOo5kt18LUlx6wqqaDQByUJ63.lhSd/DRN8T77Q7bPW0WFn6kPKetV80G6LUWm0HEwQwMwAVCU5fYd1VANLxogO6uD1VRTVbXRW/yl9BKGEjpeinPBxwZ",
+	  "2",
+	  NULL, NULL },
+	{ "gkqSd6XW9yaVqGp1bxd27WLqOdeuhx6U2VHSx1upNY/IjnRrtLdauJNOo5kt18LUlx6wqqaDQByUJ63.lhSd/DRN8T77Q7bPW0WFn6kPKetV80G6LUWm0HEwQwMwAVCU5fYd1VANLxogO6uD1VRTVbXRW/yl9BKGEjpeinPCGYB",
+	  "2",
+	  NULL, NULL },
+	{ "gkqSd6XW9yaVqGp1bxd27WLqOdeuhx6U2VHSx1upNY/IjnRrtLdauJNOo5kt18LUlx6wqqaDQByUJ63.lhSd/DRN8T77Q7bPW0WFn6kPKetV80G6LUWm0HEwQwMwAVCU5fYd1VANLxogO6uD1VRTVbXRW/yl9BKGEjpeinPCGYB",
+	  "2",
+	  NULL, NULL },
+	{ "gkqSd6XW9yaVqGp1bxd27WLqOdeuhx6U2VHSx1upNY/IjnRrtLdauJNOo5kt18LUlx6wqqaDQByUJ63.lhSd/DRN8T77Q7bPW0WFn6kPKetV80G6LUWm0HEwQwMwAVCU5fYd1VANLxogO6uD1VRTVbXRW/yl9BKGEjpeinPGq83",
+	  "2",
+	  NULL, NULL },
+	{ "gkqSd6XW9yaVqGp1bxd27WLqOdeuhx6U2VHSx1upNY/IjnRrtLdauJNOo5kt18LUlx6wqqaDQByUJ63.lhSd/DRN8T77Q7bPW0WFn6kPKetV80G6LUWm0HEwQwMwAVCU5fYd1VANLxogO6uD1VRTVbXRW/yl9BKGEjpeinPGq83",
+	  "2",
+	  NULL, NULL },
+	{ "gkqSd6XW9yaVqGp1bxd27WLqOdeuhx6U2VHSx1upNY/IjnRrtLdauJNOo5kt18LUlx6wqqaDQByUJ63.lhSd/DRN8T77Q7bPW0WFn6kPKetV80G6LUWm0HEwQwMwAVCU5fYd1VANLxogO6uD1VRTVbXRW/yl9BKGEjpeinPQK0R",
+	  "2",
+	  NULL, NULL },
+	{ "gkqSd6XW9yaVqGp1bxd27WLqOdeuhx6U2VHSx1upNY/IjnRrtLdauJNOo5kt18LUlx6wqqaDQByUJ63.lhSd/DRN8T77Q7bPW0WFn6kPKetV80G6LUWm0HEwQwMwAVCU5fYd1VANLxogO6uD1VRTVbXRW/yl9BKGEjpeinPQK0R",
+	  "2",
+	  NULL, NULL },
+	{ "gkqSd6XW9yaVqGp1bxd27WLqOdeuhx6U2VHSx1upNY/IjnRrtLdauJNOo5kt18LUlx6wqqaDQByUJ63.lhSd/DRN8T77Q7bPW0WFn6kPKetV80G6LUWm0HEwQwMwAVCU5fYd1VANLxogO6uD1VRTVbXRW/yl9BKGEjpeinPQqxx",
+	  "2",
+	  NULL, NULL },
+	{ "gkqSd6XW9yaVqGp1bxd27WLqOdeuhx6U2VHSx1upNY/IjnRrtLdauJNOo5kt18LUlx6wqqaDQByUJ63.lhSd/DRN8T77Q7bPW0WFn6kPKetV80G6LUWm0HEwQwMwAVCU5fYd1VANLxogO6uD1VRTVbXRW/yl9BKGEjpeinPQqxx",
+	  "2",
+	  NULL, NULL },
+	{ "gkqSd6XW9yaVqGp1bxd27WLqOdeuhx6U2VHSx1upNY/IjnRrtLdauJNOo5kt18LUlx6wqqaDQByUJ63.lhSd/DRN8T77Q7bPW0WFn6kPKetV80G6LUWm0HEwQwMwAVCU5fYd1VANLxogO6uD1VRTVbXRW/yl9BKGEjpeinPRTbJ",
+	  "2",
+	  NULL, NULL },
+	{ "gkqSd6XW9yaVqGp1bxd27WLqOdeuhx6U2VHSx1upNY/IjnRrtLdauJNOo5kt18LUlx6wqqaDQByUJ63.lhSd/DRN8T77Q7bPW0WFn6kPKetV80G6LUWm0HEwQwMwAVCU5fYd1VANLxogO6uD1VRTVbXRW/yl9BKGEjpeinPRTbJ",
+	  "2",
+	  NULL, NULL },
+	{ "gkqSd6XW9yaVqGp1bxd27WLqOdeuhx6U2VHSx1upNY/IjnRrtLdauJNOo5kt18LUlx6wqqaDQByUJ63.lhSd/DRN8T77Q7bPW0WFn6kPKetV80G6LUWm0HEwQwMwAVCU5fYd1VANLxogO6uD1VRTVbXRW/yl9BKGEjpeinPVQQB",
+	  "2",
+	  NULL, NULL },
+	{ "gkqSd6XW9yaVqGp1bxd27WLqOdeuhx6U2VHSx1upNY/IjnRrtLdauJNOo5kt18LUlx6wqqaDQByUJ63.lhSd/DRN8T77Q7bPW0WFn6kPKetV80G6LUWm0HEwQwMwAVCU5fYd1VANLxogO6uD1VRTVbXRW/yl9BKGEjpeinPVQQB",
+	  "2",
+	  NULL, NULL },
+	{ "gkqSd6XW9yaVqGp1bxd27WLqOdeuhx6U2VHSx1upNY/IjnRrtLdauJNOo5kt18LUlx6wqqaDQByUJ63.lhSd/DRN8T77Q7bPW0WFn6kPKetV80G6LUWm0HEwQwMwAVCU5fYd1VANLxogO6uD1VRTVbXRW/yl9BKGEjpeinPXEWp",
+	  "2",
+	  NULL, NULL },
+	{ "gkqSd6XW9yaVqGp1bxd27WLqOdeuhx6U2VHSx1upNY/IjnRrtLdauJNOo5kt18LUlx6wqqaDQByUJ63.lhSd/DRN8T77Q7bPW0WFn6kPKetV80G6LUWm0HEwQwMwAVCU5fYd1VANLxogO6uD1VRTVbXRW/yl9BKGEjpeinPXEWp",
+	  "2",
+	  NULL, NULL },
+	{ "gkqSd6XW9yaVqGp1bxd27WLqOdeuhx6U2VHSx1upNY/IjnRrtLdauJNOo5kt18LUlx6wqqaDQByUJ63.lhSd/DRN8T77Q7bPW0WFn6kPKetV80G6LUWm0HEwQwMwAVCU5fYd1VANLxogO6uD1VRTVbXRW/yl9BKGEjpeinPYxQB",
+	  "2",
+	  NULL, NULL },
+	{ "gkqSd6XW9yaVqGp1bxd27WLqOdeuhx6U2VHSx1upNY/IjnRrtLdauJNOo5kt18LUlx6wqqaDQByUJ63.lhSd/DRN8T77Q7bPW0WFn6kPKetV80G6LUWm0HEwQwMwAVCU5fYd1VANLxogO6uD1VRTVbXRW/yl9BKGEjpeinPYxQB",
+	  "2",
+	  NULL, NULL },
+	{ "gkqSd6XW9yaVqGp1bxd27WLqOdeuhx6U2VHSx1upNY/IjnRrtLdauJNOo5kt18LUlx6wqqaDQByUJ63.lhSd/DRN8T77Q7bPW0WFn6kPKetV80G6LUWm0HEwQwMwAVCU5fYd1VANLxogO6uD1VRTVbXRW/yl9BKGEjpeinPZUyx",
+	  "2",
+	  NULL, NULL },
+	{ "gkqSd6XW9yaVqGp1bxd27WLqOdeuhx6U2VHSx1upNY/IjnRrtLdauJNOo5kt18LUlx6wqqaDQByUJ63.lhSd/DRN8T77Q7bPW0WFn6kPKetV80G6LUWm0HEwQwMwAVCU5fYd1VANLxogO6uD1VRTVbXRW/yl9BKGEjpeinPZUyx",
+	  "2",
+	  NULL, NULL },
+	{ "gkqSd6XW9yaVqGp1bxd27WLqOdeuhx6U2VHSx1upNY/IjnRrtLdauJNOo5kt18LUlx6wqqaDQByUJ63.lhSd/DRN8T77Q7bPW0WFn6kPKetV80G6LUWm0HEwQwMwAVCU5fYd1VANLxogO6uD1VRTVbXRW/yl9BKGEjpeinPkDNp",
+	  "2",
+	  NULL, NULL },
+	{ "gkqSd6XW9yaVqGp1bxd27WLqOdeuhx6U2VHSx1upNY/IjnRrtLdauJNOo5kt18LUlx6wqqaDQByUJ63.lhSd/DRN8T77Q7bPW0WFn6kPKetV80G6LUWm0HEwQwMwAVCU5fYd1VANLxogO6uD1VRTVbXRW/yl9BKGEjpeinPkDNp",
+	  "2",
+	  NULL, NULL },
+	{ "gkqSd6XW9yaVqGp1bxd27WLqOdeuhx6U2VHSx1upNY/IjnRrtLdauJNOo5kt18LUlx6wqqaDQByUJ63.lhSd/DRN8T77Q7bPW0WFn6kPKetV80G6LUWm0HEwQwMwAVCU5fYd1VANLxogO6uD1VRTVbXRW/yl9BKGEjpeinPkyJx",
+	  "2",
+	  NULL, NULL },
+	{ "gkqSd6XW9yaVqGp1bxd27WLqOdeuhx6U2VHSx1upNY/IjnRrtLdauJNOo5kt18LUlx6wqqaDQByUJ63.lhSd/DRN8T77Q7bPW0WFn6kPKetV80G6LUWm0HEwQwMwAVCU5fYd1VANLxogO6uD1VRTVbXRW/yl9BKGEjpeinPkyJx",
+	  "2",
+	  NULL, NULL },
+	{ "gkqSd6XW9yaVqGp1bxd27WLqOdeuhx6U2VHSx1upNY/IjnRrtLdauJNOo5kt18LUlx6wqqaDQByUJ63.lhSd/DRN8T77Q7bPW0WFn6kPKetV80G6LUWm0HEwQwMwAVCU5fYd1VANLxogO6uD1VRTVbXRW/yl9BKGEjpeinPpw7x",
+	  "2",
+	  NULL, NULL },
+	{ "gkqSd6XW9yaVqGp1bxd27WLqOdeuhx6U2VHSx1upNY/IjnRrtLdauJNOo5kt18LUlx6wqqaDQByUJ63.lhSd/DRN8T77Q7bPW0WFn6kPKetV80G6LUWm0HEwQwMwAVCU5fYd1VANLxogO6uD1VRTVbXRW/yl9BKGEjpeinPpw7x",
+	  "2",
+	  NULL, NULL },
+	{ "gkqSd6XW9yaVqGp1bxd27WLqOdeuhx6U2VHSx1upNY/IjnRrtLdauJNOo5kt18LUlx6wqqaDQByUJ63.lhSd/DRN8T77Q7bPW0WFn6kPKetV80G6LUWm0HEwQwMwAVCU5fYd1VANLxogO6uD1VRTVbXRW/yl9BKGEjpeinQ884h",
+	  "2",
+	  NULL, NULL },
+	{ "gkqSd6XW9yaVqGp1bxd27WLqOdeuhx6U2VHSx1upNY/IjnRrtLdauJNOo5kt18LUlx6wqqaDQByUJ63.lhSd/DRN8T77Q7bPW0WFn6kPKetV80G6LUWm0HEwQwMwAVCU5fYd1VANLxogO6uD1VRTVbXRW/yl9BKGEjpeinQ884h",
+	  "2",
+	  NULL, NULL },
+	{ "gkqSd6XW9yaVqGp1bxd27WLqOdeuhx6U2VHSx1upNY/IjnRrtLdauJNOo5kt18LUlx6wqqaDQByUJ63.lhSd/DRN8T77Q7bPW0WFn6kPKetV80G6LUWm0HEwQwMwAVCU5fYd1VANLxogO6uD1VRTVbXRW/yl9BKGEjpeinQB6Mp",
+	  "2",
+	  NULL, NULL },
+	{ "gkqSd6XW9yaVqGp1bxd27WLqOdeuhx6U2VHSx1upNY/IjnRrtLdauJNOo5kt18LUlx6wqqaDQByUJ63.lhSd/DRN8T77Q7bPW0WFn6kPKetV80G6LUWm0HEwQwMwAVCU5fYd1VANLxogO6uD1VRTVbXRW/yl9BKGEjpeinQB6Mp",
+	  "2",
+	  NULL, NULL },
+	{ "gkqSd6XW9yaVqGp1bxd27WLqOdeuhx6U2VHSx1upNY/IjnRrtLdauJNOo5kt18LUlx6wqqaDQByUJ63.lhSd/DRN8T77Q7bPW0WFn6kPKetV80G6LUWm0HEwQwMwAVCU5fYd1VANLxogO6uD1VRTVbXRW/yl9BKGEjpeinQDMuZ",
+	  "2",
+	  NULL, NULL },
+	{ "gkqSd6XW9yaVqGp1bxd27WLqOdeuhx6U2VHSx1upNY/IjnRrtLdauJNOo5kt18LUlx6wqqaDQByUJ63.lhSd/DRN8T77Q7bPW0WFn6kPKetV80G6LUWm0HEwQwMwAVCU5fYd1VANLxogO6uD1VRTVbXRW/yl9BKGEjpeinQDMuZ",
+	  "2",
+	  NULL, NULL },
+	{ "gkqSd6XW9yaVqGp1bxd27WLqOdeuhx6U2VHSx1upNY/IjnRrtLdauJNOo5kt18LUlx6wqqaDQByUJ63.lhSd/DRN8T77Q7bPW0WFn6kPKetV80G6LUWm0HEwQwMwAVCU5fYd1VANLxogO6uD1VRTVbXRW/yl9BKGEjpeinQNGwZ",
+	  "2",
+	  NULL, NULL },
+	{ "gkqSd6XW9yaVqGp1bxd27WLqOdeuhx6U2VHSx1upNY/IjnRrtLdauJNOo5kt18LUlx6wqqaDQByUJ63.lhSd/DRN8T77Q7bPW0WFn6kPKetV80G6LUWm0HEwQwMwAVCU5fYd1VANLxogO6uD1VRTVbXRW/yl9BKGEjpeinQNGwZ",
+	  "2",
+	  NULL, NULL },
+	{ "4wtEYp5YHyOWToTDc9nGMiXb7qwcEjDnMadhzzmgfq/2WAoED2D5FiTdvN7w3FPQbOLf9caZ6m.xpq6BzAIxuhjzD91D59IIU2VQsQDD23HUpGDqraXu5MXA/y9vXKrkxdBBUK65NCHlq.u5RhGGfNmmOOND4.FPEiipRhZsAyOSCHi9ajhxqrg3NAHggqld7AYXIvYq/TSg254Lt4PJ7t4RfAr1KpghHE.3dNbIjyHbMZC9xlkyF.ZV8HENvOto8rbiQLg9axvzWUnIkOaQKUpc8FthZ4qThOVvURetNDurUzrur6SkeNPI6fxmmEX2rYpUymcsxIpK7B0fAMmuyx",
+	  "2",
+	  NULL, NULL },
+	{ "4wtEYp5YHyOWToTDc9nGMiXb7qwcEjDnMadhzzmgfq/2WAoED2D5FiTdvN7w3FPQbOLf9caZ6m.xpq6BzAIxuhjzD91D59IIU2VQsQDD23HUpGDqraXu5MXA/y9vXKrkxdBBUK65NCHlq.u5RhGGfNmmOOND4.FPEiipRhZsAyOSCHi9ajhxqrg3NAHggqld7AYXIvYq/TSg254Lt4PJ7t4RfAr1KpghHE.3dNbIjyHbMZC9xlkyF.ZV8HENvOto8rbiQLg9axvzWUnIkOaQKUpc8FthZ4qThOVvURetNDurUzrur6SkeNPI6fxmmEX2rYpUymcsxIpK7B0fAMuhKB",
+	  "2",
+	  NULL, NULL },
+	{ "4wtEYp5YHyOWToTDc9nGMiXb7qwcEjDnMadhzzmgfq/2WAoED2D5FiTdvN7w3FPQbOLf9caZ6m.xpq6BzAIxuhjzD91D59IIU2VQsQDD23HUpGDqraXu5MXA/y9vXKrkxdBBUK65NCHlq.u5RhGGfNmmOOND4.FPEiipRhZsAyOSCHi9ajhxqrg3NAHggqld7AYXIvYq/TSg254Lt4PJ7t4RfAr1KpghHE.3dNbIjyHbMZC9xlkyF.ZV8HENvOto8rbiQLg9axvzWUnIkOaQKUpc8FthZ4qThOVvURetNDurUzrur6SkeNPI6fxmmEX2rYpUymcsxIpK7B0fANG4rZ",
+	  "2",
+	  NULL, NULL },
+	{ "4wtEYp5YHyOWToTDc9nGMiXb7qwcEjDnMadhzzmgfq/2WAoED2D5FiTdvN7w3FPQbOLf9caZ6m.xpq6BzAIxuhjzD91D59IIU2VQsQDD23HUpGDqraXu5MXA/y9vXKrkxdBBUK65NCHlq.u5RhGGfNmmOOND4.FPEiipRhZsAyOSCHi9ajhxqrg3NAHggqld7AYXIvYq/TSg254Lt4PJ7t4RfAr1KpghHE.3dNbIjyHbMZC9xlkyF.ZV8HENvOto8rbiQLg9axvzWUnIkOaQKUpc8FthZ4qThOVvURetNDurUzrur6SkeNPI6fxmmEX2rYpUymcsxIpK7B0fANiobh",
+	  "2",
+	  NULL, NULL },
+	{ "4wtEYp5YHyOWToTDc9nGMiXb7qwcEjDnMadhzzmgfq/2WAoED2D5FiTdvN7w3FPQbOLf9caZ6m.xpq6BzAIxuhjzD91D59IIU2VQsQDD23HUpGDqraXu5MXA/y9vXKrkxdBBUK65NCHlq.u5RhGGfNmmOOND4.FPEiipRhZsAyOSCHi9ajhxqrg3NAHggqld7AYXIvYq/TSg254Lt4PJ7t4RfAr1KpghHE.3dNbIjyHbMZC9xlkyF.ZV8HENvOto8rbiQLg9axvzWUnIkOaQKUpc8FthZ4qThOVvURetNDurUzrur6SkeNPI6fxmmEX2rYpUymcsxIpK7B0fAO/D.B",
+	  "2",
+	  NULL, NULL },
+	{ "4wtEYp5YHyOWToTDc9nGMiXb7qwcEjDnMadhzzmgfq/2WAoED2D5FiTdvN7w3FPQbOLf9caZ6m.xpq6BzAIxuhjzD91D59IIU2VQsQDD23HUpGDqraXu5MXA/y9vXKrkxdBBUK65NCHlq.u5RhGGfNmmOOND4.FPEiipRhZsAyOSCHi9ajhxqrg3NAHggqld7AYXIvYq/TSg254Lt4PJ7t4RfAr1KpghHE.3dNbIjyHbMZC9xlkyF.ZV8HENvOto8rbiQLg9axvzWUnIkOaQKUpc8FthZ4qThOVvURetNDurUzrur6SkeNPI6fxmmEX2rYpUymcsxIpK7B0fAODm8x",
+	  "2",
+	  NULL, NULL },
+	{ "4wtEYp5YHyOWToTDc9nGMiXb7qwcEjDnMadhzzmgfq/2WAoED2D5FiTdvN7w3FPQbOLf9caZ6m.xpq6BzAIxuhjzD91D59IIU2VQsQDD23HUpGDqraXu5MXA/y9vXKrkxdBBUK65NCHlq.u5RhGGfNmmOOND4.FPEiipRhZsAyOSCHi9ajhxqrg3NAHggqld7AYXIvYq/TSg254Lt4PJ7t4RfAr1KpghHE.3dNbIjyHbMZC9xlkyF.ZV8HENvOto8rbiQLg9axvzWUnIkOaQKUpc8FthZ4qThOVvURetNDurUzrur6SkeNPI6fxmmEX2rYpUymcsxIpK7B0fAPqjtB",
+	  "2",
+	  NULL, NULL },
+	{ "4wtEYp5YHyOWToTDc9nGMiXb7qwcEjDnMadhzzmgfq/2WAoED2D5FiTdvN7w3FPQbOLf9caZ6m.xpq6BzAIxuhjzD91D59IIU2VQsQDD23HUpGDqraXu5MXA/y9vXKrkxdBBUK65NCHlq.u5RhGGfNmmOOND4.FPEiipRhZsAyOSCHi9ajhxqrg3NAHggqld7AYXIvYq/TSg254Lt4PJ7t4RfAr1KpghHE.3dNbIjyHbMZC9xlkyF.ZV8HENvOto8rbiQLg9axvzWUnIkOaQKUpc8FthZ4qThOVvURetNDurUzrur6SkeNPI6fxmmEX2rYpUymcsxIpK7B0fAQ1hxB",
+	  "2",
+	  NULL, NULL },
+	{ "4wtEYp5YHyOWToTDc9nGMiXb7qwcEjDnMadhzzmgfq/2WAoED2D5FiTdvN7w3FPQbOLf9caZ6m.xpq6BzAIxuhjzD91D59IIU2VQsQDD23HUpGDqraXu5MXA/y9vXKrkxdBBUK65NCHlq.u5RhGGfNmmOOND4.FPEiipRhZsAyOSCHi9ajhxqrg3NAHggqld7AYXIvYq/TSg254Lt4PJ7t4RfAr1KpghHE.3dNbIjyHbMZC9xlkyF.ZV8HENvOto8rbiQLg9axvzWUnIkOaQKUpc8FthZ4qThOVvURetNDurUzrur6SkeNPI6fxmmEX2rYpUymcsxIpK7B0fAQA.8J",
+	  "2",
+	  NULL, NULL },
+	{ "4wtEYp5YHyOWToTDc9nGMiXb7qwcEjDnMadhzzmgfq/2WAoED2D5FiTdvN7w3FPQbOLf9caZ6m.xpq6BzAIxuhjzD91D59IIU2VQsQDD23HUpGDqraXu5MXA/y9vXKrkxdBBUK65NCHlq.u5RhGGfNmmOOND4.FPEiipRhZsAyOSCHi9ajhxqrg3NAHggqld7AYXIvYq/TSg254Lt4PJ7t4RfAr1KpghHE.3dNbIjyHbMZC9xlkyF.ZV8HENvOto8rbiQLg9axvzWUnIkOaQKUpc8FthZ4qThOVvURetNDurUzrur6SkeNPI6fxmmEX2rYpUymcsxIpK7B0fAQVn3h",
+	  "2",
+	  NULL, NULL },
+	{ "4wtEYp5YHyOWToTDc9nGMiXb7qwcEjDnMadhzzmgfq/2WAoED2D5FiTdvN7w3FPQbOLf9caZ6m.xpq6BzAIxuhjzD91D59IIU2VQsQDD23HUpGDqraXu5MXA/y9vXKrkxdBBUK65NCHlq.u5RhGGfNmmOOND4.FPEiipRhZsAyOSCHi9ajhxqrg3NAHggqld7AYXIvYq/TSg254Lt4PJ7t4RfAr1KpghHE.3dNbIjyHbMZC9xlkyF.ZV8HENvOto8rbiQLg9axvzWUnIkOaQKUpc8FthZ4qThOVvURetNDurUzrur6SkeNPI6fxmmEX2rYpUymcsxIpK7B0fARbdZZ",
+	  "2",
+	  NULL, NULL },
+	{ "4wtEYp5YHyOWToTDc9nGMiXb7qwcEjDnMadhzzmgfq/2WAoED2D5FiTdvN7w3FPQbOLf9caZ6m.xpq6BzAIxuhjzD91D59IIU2VQsQDD23HUpGDqraXu5MXA/y9vXKrkxdBBUK65NCHlq.u5RhGGfNmmOOND4.FPEiipRhZsAyOSCHi9ajhxqrg3NAHggqld7AYXIvYq/TSg254Lt4PJ7t4RfAr1KpghHE.3dNbIjyHbMZC9xlkyF.ZV8HENvOto8rbiQLg9axvzWUnIkOaQKUpc8FthZ4qThOVvURetNDurUzrur6SkeNPI6fxmmEX2rYpUymcsxIpK7B0fARoLEJ",
+	  "2",
+	  NULL, NULL },
+	{ "4wtEYp5YHyOWToTDc9nGMiXb7qwcEjDnMadhzzmgfq/2WAoED2D5FiTdvN7w3FPQbOLf9caZ6m.xpq6BzAIxuhjzD91D59IIU2VQsQDD23HUpGDqraXu5MXA/y9vXKrkxdBBUK65NCHlq.u5RhGGfNmmOOND4.FPEiipRhZsAyOSCHi9ajhxqrg3NAHggqld7AYXIvYq/TSg254Lt4PJ7t4RfAr1KpghHE.3dNbIjyHbMZC9xlkyF.ZV8HENvOto8rbiQLg9axvzWUnIkOaQKUpc8FthZ4qThOVvURetNDurUzrur6SkeNPI6fxmmEX2rYpUymcsxIpK7B0fAS0SIp",
+	  "2",
+	  NULL, NULL },
+	{ "4wtEYp5YHyOWToTDc9nGMiXb7qwcEjDnMadhzzmgfq/2WAoED2D5FiTdvN7w3FPQbOLf9caZ6m.xpq6BzAIxuhjzD91D59IIU2VQsQDD23HUpGDqraXu5MXA/y9vXKrkxdBBUK65NCHlq.u5RhGGfNmmOOND4.FPEiipRhZsAyOSCHi9ajhxqrg3NAHggqld7AYXIvYq/TSg254Lt4PJ7t4RfAr1KpghHE.3dNbIjyHbMZC9xlkyF.ZV8HENvOto8rbiQLg9axvzWUnIkOaQKUpc8FthZ4qThOVvURetNDurUzrur6SkeNPI6fxmmEX2rYpUymcsxIpK7B0fASINr3",
+	  "2",
+	  NULL, NULL },
+	{ "4wtEYp5YHyOWToTDc9nGMiXb7qwcEjDnMadhzzmgfq/2WAoED2D5FiTdvN7w3FPQbOLf9caZ6m.xpq6BzAIxuhjzD91D59IIU2VQsQDD23HUpGDqraXu5MXA/y9vXKrkxdBBUK65NCHlq.u5RhGGfNmmOOND4.FPEiipRhZsAyOSCHi9ajhxqrg3NAHggqld7AYXIvYq/TSg254Lt4PJ7t4RfAr1KpghHE.3dNbIjyHbMZC9xlkyF.ZV8HENvOto8rbiQLg9axvzWUnIkOaQKUpc8FthZ4qThOVvURetNDurUzrur6SkeNPI6fxmmEX2rYpUymcsxIpK7B0fASKzKB",
+	  "2",
+	  NULL, NULL },
+	{ "4wtEYp5YHyOWToTDc9nGMiXb7qwcEjDnMadhzzmgfq/2WAoED2D5FiTdvN7w3FPQbOLf9caZ6m.xpq6BzAIxuhjzD91D59IIU2VQsQDD23HUpGDqraXu5MXA/y9vXKrkxdBBUK65NCHlq.u5RhGGfNmmOOND4.FPEiipRhZsAyOSCHi9ajhxqrg3NAHggqld7AYXIvYq/TSg254Lt4PJ7t4RfAr1KpghHE.3dNbIjyHbMZC9xlkyF.ZV8HENvOto8rbiQLg9axvzWUnIkOaQKUpc8FthZ4qThOVvURetNDurUzrur6SkeNPI6fxmmEX2rYpUymcsxIpK7B0fASsn63",
+	  "2",
+	  NULL, NULL },
+	{ "4wtEYp5YHyOWToTDc9nGMiXb7qwcEjDnMadhzzmgfq/2WAoED2D5FiTdvN7w3FPQbOLf9caZ6m.xpq6BzAIxuhjzD91D59IIU2VQsQDD23HUpGDqraXu5MXA/y9vXKrkxdBBUK65NCHlq.u5RhGGfNmmOOND4.FPEiipRhZsAyOSCHi9ajhxqrg3NAHggqld7AYXIvYq/TSg254Lt4PJ7t4RfAr1KpghHE.3dNbIjyHbMZC9xlkyF.ZV8HENvOto8rbiQLg9axvzWUnIkOaQKUpc8FthZ4qThOVvURetNDurUzrur6SkeNPI6fxmmEX2rYpUymcsxIpK7B0fAT2GSx",
+	  "2",
+	  NULL, NULL },
+	{ "4wtEYp5YHyOWToTDc9nGMiXb7qwcEjDnMadhzzmgfq/2WAoED2D5FiTdvN7w3FPQbOLf9caZ6m.xpq6BzAIxuhjzD91D59IIU2VQsQDD23HUpGDqraXu5MXA/y9vXKrkxdBBUK65NCHlq.u5RhGGfNmmOOND4.FPEiipRhZsAyOSCHi9ajhxqrg3NAHggqld7AYXIvYq/TSg254Lt4PJ7t4RfAr1KpghHE.3dNbIjyHbMZC9xlkyF.ZV8HENvOto8rbiQLg9axvzWUnIkOaQKUpc8FthZ4qThOVvURetNDurUzrur6SkeNPI6fxmmEX2rYpUymcsxIpK7B0fAT4gu3",
+	  "2",
+	  NULL, NULL },
+	{ "4wtEYp5YHyOWToTDc9nGMiXb7qwcEjDnMadhzzmgfq/2WAoED2D5FiTdvN7w3FPQbOLf9caZ6m.xpq6BzAIxuhjzD91D59IIU2VQsQDD23HUpGDqraXu5MXA/y9vXKrkxdBBUK65NCHlq.u5RhGGfNmmOOND4.FPEiipRhZsAyOSCHi9ajhxqrg3NAHggqld7AYXIvYq/TSg254Lt4PJ7t4RfAr1KpghHE.3dNbIjyHbMZC9xlkyF.ZV8HENvOto8rbiQLg9axvzWUnIkOaQKUpc8FthZ4qThOVvURetNDurUzrur6SkeNPI6fxmmEX2rYpUymcsxIpK7B0fATL7CZ",
+	  "2",
+	  NULL, NULL },
+	{ "4wtEYp5YHyOWToTDc9nGMiXb7qwcEjDnMadhzzmgfq/2WAoED2D5FiTdvN7w3FPQbOLf9caZ6m.xpq6BzAIxuhjzD91D59IIU2VQsQDD23HUpGDqraXu5MXA/y9vXKrkxdBBUK65NCHlq.u5RhGGfNmmOOND4.FPEiipRhZsAyOSCHi9ajhxqrg3NAHggqld7AYXIvYq/TSg254Lt4PJ7t4RfAr1KpghHE.3dNbIjyHbMZC9xlkyF.ZV8HENvOto8rbiQLg9axvzWUnIkOaQKUpc8FthZ4qThOVvURetNDurUzrur6SkeNPI6fxmmEX2rYpUymcsxIpK7B0fATPQAZ",
+	  "2",
+	  NULL, NULL },
+	{ "4wtEYp5YHyOWToTDc9nGMiXb7qwcEjDnMadhzzmgfq/2WAoED2D5FiTdvN7w3FPQbOLf9caZ6m.xpq6BzAIxuhjzD91D59IIU2VQsQDD23HUpGDqraXu5MXA/y9vXKrkxdBBUK65NCHlq.u5RhGGfNmmOOND4.FPEiipRhZsAyOSCHi9ajhxqrg3NAHggqld7AYXIvYq/TSg254Lt4PJ7t4RfAr1KpghHE.3dNbIjyHbMZC9xlkyF.ZV8HENvOto8rbiQLg9axvzWUnIkOaQKUpc8FthZ4qThOVvURetNDurUzrur6SkeNPI6fxmmEX2rYpUymcsxIpK7B0fATPhDp",
+	  "2",
+	  NULL, NULL },
+	{ "4wtEYp5YHyOWToTDc9nGMiXb7qwcEjDnMadhzzmgfq/2WAoED2D5FiTdvN7w3FPQbOLf9caZ6m.xpq6BzAIxuhjzD91D59IIU2VQsQDD23HUpGDqraXu5MXA/y9vXKrkxdBBUK65NCHlq.u5RhGGfNmmOOND4.FPEiipRhZsAyOSCHi9ajhxqrg3NAHggqld7AYXIvYq/TSg254Lt4PJ7t4RfAr1KpghHE.3dNbIjyHbMZC9xlkyF.ZV8HENvOto8rbiQLg9axvzWUnIkOaQKUpc8FthZ4qThOVvURetNDurUzrur6SkeNPI6fxmmEX2rYpUymcsxIpK7B0fATaZmJ",
+	  "2",
+	  NULL, NULL },
+	{ "4wtEYp5YHyOWToTDc9nGMiXb7qwcEjDnMadhzzmgfq/2WAoED2D5FiTdvN7w3FPQbOLf9caZ6m.xpq6BzAIxuhjzD91D59IIU2VQsQDD23HUpGDqraXu5MXA/y9vXKrkxdBBUK65NCHlq.u5RhGGfNmmOOND4.FPEiipRhZsAyOSCHi9ajhxqrg3NAHggqld7AYXIvYq/TSg254Lt4PJ7t4RfAr1KpghHE.3dNbIjyHbMZC9xlkyF.ZV8HENvOto8rbiQLg9axvzWUnIkOaQKUpc8FthZ4qThOVvURetNDurUzrur6SkeNPI6fxmmEX2rYpUymcsxIpK7B0fATdepZ",
+	  "2",
+	  NULL, NULL },
+	{ "4wtEYp5YHyOWToTDc9nGMiXb7qwcEjDnMadhzzmgfq/2WAoED2D5FiTdvN7w3FPQbOLf9caZ6m.xpq6BzAIxuhjzD91D59IIU2VQsQDD23HUpGDqraXu5MXA/y9vXKrkxdBBUK65NCHlq.u5RhGGfNmmOOND4.FPEiipRhZsAyOSCHi9ajhxqrg3NAHggqld7AYXIvYq/TSg254Lt4PJ7t4RfAr1KpghHE.3dNbIjyHbMZC9xlkyF.ZV8HENvOto8rbiQLg9axvzWUnIkOaQKUpc8FthZ4qThOVvURetNDurUzrur6SkeNPI6fxmmEX2rYpUymcsxIpK7B0fAToFvh",
+	  "2",
+	  NULL, NULL },
+	{ "4wtEYp5YHyOWToTDc9nGMiXb7qwcEjDnMadhzzmgfq/2WAoED2D5FiTdvN7w3FPQbOLf9caZ6m.xpq6BzAIxuhjzD91D59IIU2VQsQDD23HUpGDqraXu5MXA/y9vXKrkxdBBUK65NCHlq.u5RhGGfNmmOOND4.FPEiipRhZsAyOSCHi9ajhxqrg3NAHggqld7AYXIvYq/TSg254Lt4PJ7t4RfAr1KpghHE.3dNbIjyHbMZC9xlkyF.ZV8HENvOto8rbiQLg9axvzWUnIkOaQKUpc8FthZ4qThOVvURetNDurUzrur6SkeNPI6fxmmEX2rYpUymcsxIpK7B0fAU0I7h",
+	  "2",
+	  NULL, NULL },
+	{ "4wtEYp5YHyOWToTDc9nGMiXb7qwcEjDnMadhzzmgfq/2WAoED2D5FiTdvN7w3FPQbOLf9caZ6m.xpq6BzAIxuhjzD91D59IIU2VQsQDD23HUpGDqraXu5MXA/y9vXKrkxdBBUK65NCHlq.u5RhGGfNmmOOND4.FPEiipRhZsAyOSCHi9ajhxqrg3NAHggqld7AYXIvYq/TSg254Lt4PJ7t4RfAr1KpghHE.3dNbIjyHbMZC9xlkyF.ZV8HENvOto8rbiQLg9axvzWUnIkOaQKUpc8FthZ4qThOVvURetNDurUzrur6SkeNPI6fxmmEX2rYpUymcsxIpK7B0fAU2JxR",
+	  "2",
+	  NULL, NULL },
+	/* These are the primes and generators from the file 'moduli'. */
+	{ "DpwnE/edri8AMAhccVerZw4.aaUNJXqbuWLXeMLHf5ZsWPXvY2AZ2pK.3YJjJXahVqXLEZOxw56kjW8LYvBzia3IFrvxhCuVPFyUKEyHGkbKvcwFFFVlGrESO001x3frV4kUYotwav9WIvnNut5SCHut2th74cmheUbtrH9mY7B",
+	  "2",
+	  NULL, NULL },
+	{ "DpwnE/edri8AMAhccVerZw4.aaUNJXqbuWLXeMLHf5ZsWPXvY2AZ2pK.3YJjJXahVqXLEZOxw56kjW8LYvBzia3IFrvxhCuVPFyUKEyHGkbKvcwFFFVlGrESO001x3frV4kUYotwav9WIvnNut5SCHut2th74cmheUbtrH9oLf3",
+	  "2",
+	  NULL, NULL },
+	{ "DpwnE/edri8AMAhccVerZw4.aaUNJXqbuWLXeMLHf5ZsWPXvY2AZ2pK.3YJjJXahVqXLEZOxw56kjW8LYvBzia3IFrvxhCuVPFyUKEyHGkbKvcwFFFVlGrESO001x3frV4kUYotwav9WIvnNut5SCHut2th74cmheUbtrH9p8px",
+	  "2",
+	  NULL, NULL },
+	{ "DpwnE/edri8AMAhccVerZw4.aaUNJXqbuWLXeMLHf5ZsWPXvY2AZ2pK.3YJjJXahVqXLEZOxw56kjW8LYvBzia3IFrvxhCuVPFyUKEyHGkbKvcwFFFVlGrESO001x3frV4kUYotwav9WIvnNut5SCHut2th74cmheUbtrH9sRst",
+	  "5",
+	  NULL, NULL },
+	{ "DpwnE/edri8AMAhccVerZw4.aaUNJXqbuWLXeMLHf5ZsWPXvY2AZ2pK.3YJjJXahVqXLEZOxw56kjW8LYvBzia3IFrvxhCuVPFyUKEyHGkbKvcwFFFVlGrESO001x3frV4kUYotwav9WIvnNut5SCHut2th74cmheUbtrH9.sxp",
+	  "2",
+	  NULL, NULL },
+	{ "DpwnE/edri8AMAhccVerZw4.aaUNJXqbuWLXeMLHf5ZsWPXvY2AZ2pK.3YJjJXahVqXLEZOxw56kjW8LYvBzia3IFrvxhCuVPFyUKEyHGkbKvcwFFFVlGrESO001x3frV4kUYotwav9WIvnNut5SCHut2th74cmheUbtrHA005J",
+	  "2",
+	  NULL, NULL },
+	{ "DpwnE/edri8AMAhccVerZw4.aaUNJXqbuWLXeMLHf5ZsWPXvY2AZ2pK.3YJjJXahVqXLEZOxw56kjW8LYvBzia3IFrvxhCuVPFyUKEyHGkbKvcwFFFVlGrESO001x3frV4kUYotwav9WIvnNut5SCHut2th74cmheUbtrHA1kdh",
+	  "2",
+	  NULL, NULL },
+	{ "DpwnE/edri8AMAhccVerZw4.aaUNJXqbuWLXeMLHf5ZsWPXvY2AZ2pK.3YJjJXahVqXLEZOxw56kjW8LYvBzia3IFrvxhCuVPFyUKEyHGkbKvcwFFFVlGrESO001x3frV4kUYotwav9WIvnNut5SCHut2th74cmheUbtrHA7ooJ",
+	  "2",
+	  NULL, NULL },
+	{ "DpwnE/edri8AMAhccVerZw4.aaUNJXqbuWLXeMLHf5ZsWPXvY2AZ2pK.3YJjJXahVqXLEZOxw56kjW8LYvBzia3IFrvxhCuVPFyUKEyHGkbKvcwFFFVlGrESO001x3frV4kUYotwav9WIvnNut5SCHut2th74cmheUbtrHA86hR",
+	  "2",
+	  NULL, NULL },
+	{ "DpwnE/edri8AMAhccVerZw4.aaUNJXqbuWLXeMLHf5ZsWPXvY2AZ2pK.3YJjJXahVqXLEZOxw56kjW8LYvBzia3IFrvxhCuVPFyUKEyHGkbKvcwFFFVlGrESO001x3frV4kUYotwav9WIvnNut5SCHut2th74cmheUbtrHAAX2R",
+	  "2",
+	  NULL, NULL },
+	{ "DpwnE/edri8AMAhccVerZw4.aaUNJXqbuWLXeMLHf5ZsWPXvY2AZ2pK.3YJjJXahVqXLEZOxw56kjW8LYvBzia3IFrvxhCuVPFyUKEyHGkbKvcwFFFVlGrESO001x3frV4kUYotwav9WIvnNut5SCHut2th74cmheUbtrHAAy6x",
+	  "2",
+	  NULL, NULL },
+	{ "DpwnE/edri8AMAhccVerZw4.aaUNJXqbuWLXeMLHf5ZsWPXvY2AZ2pK.3YJjJXahVqXLEZOxw56kjW8LYvBzia3IFrvxhCuVPFyUKEyHGkbKvcwFFFVlGrESO001x3frV4kUYotwav9WIvnNut5SCHut2th74cmheUbtrHAEjph",
+	  "2",
+	  NULL, NULL },
+	{ "DpwnE/edri8AMAhccVerZw4.aaUNJXqbuWLXeMLHf5ZsWPXvY2AZ2pK.3YJjJXahVqXLEZOxw56kjW8LYvBzia3IFrvxhCuVPFyUKEyHGkbKvcwFFFVlGrESO001x3frV4kUYotwav9WIvnNut5SCHut2th74cmheUbtrHANekl",
+	  "5",
+	  NULL, NULL },
+	{ "DpwnE/edri8AMAhccVerZw4.aaUNJXqbuWLXeMLHf5ZsWPXvY2AZ2pK.3YJjJXahVqXLEZOxw56kjW8LYvBzia3IFrvxhCuVPFyUKEyHGkbKvcwFFFVlGrESO001x3frV4kUYotwav9WIvnNut5SCHut2th74cmheUbtrHARLJN",
+	  "5",
+	  NULL, NULL },
+	{ "DpwnE/edri8AMAhccVerZw4.aaUNJXqbuWLXeMLHf5ZsWPXvY2AZ2pK.3YJjJXahVqXLEZOxw56kjW8LYvBzia3IFrvxhCuVPFyUKEyHGkbKvcwFFFVlGrESO001x3frV4kUYotwav9WIvnNut5SCHut2th74cmheUbtrHARiHl",
+	  "5",
+	  NULL, NULL },
+	{ "DpwnE/edri8AMAhccVerZw4.aaUNJXqbuWLXeMLHf5ZsWPXvY2AZ2pK.3YJjJXahVqXLEZOxw56kjW8LYvBzia3IFrvxhCuVPFyUKEyHGkbKvcwFFFVlGrESO001x3frV4kUYotwav9WIvnNut5SCHut2th74cmheUbtrHAk69l",
+	  "5",
+	  NULL, NULL },
+	{ "DpwnE/edri8AMAhccVerZw4.aaUNJXqbuWLXeMLHf5ZsWPXvY2AZ2pK.3YJjJXahVqXLEZOxw56kjW8LYvBzia3IFrvxhCuVPFyUKEyHGkbKvcwFFFVlGrESO001x3frV4kUYotwav9WIvnNut5SCHut2th74cmheUbtrHAnznp",
+	  "2",
+	  NULL, NULL },
+	{ "DpwnE/edri8AMAhccVerZw4.aaUNJXqbuWLXeMLHf5ZsWPXvY2AZ2pK.3YJjJXahVqXLEZOxw56kjW8LYvBzia3IFrvxhCuVPFyUKEyHGkbKvcwFFFVlGrESO001x3frV4kUYotwav9WIvnNut5SCHut2th74cmheUbtrHAx/1p",
+	  "2",
+	  NULL, NULL },
+	{ "DpwnE/edri8AMAhccVerZw4.aaUNJXqbuWLXeMLHf5ZsWPXvY2AZ2pK.3YJjJXahVqXLEZOxw56kjW8LYvBzia3IFrvxhCuVPFyUKEyHGkbKvcwFFFVlGrESO001x3frV4kUYotwav9WIvnNut5SCHut2th74cmheUbtrHAzPJ/",
+	  "5",
+	  NULL, NULL },
+	{ "DpwnE/edri8AMAhccVerZw4.aaUNJXqbuWLXeMLHf5ZsWPXvY2AZ2pK.3YJjJXahVqXLEZOxw56kjW8LYvBzia3IFrvxhCuVPFyUKEyHGkbKvcwFFFVlGrESO001x3frV4kUYotwav9WIvnNut5SCHut2th74cmheUbtrHA/knJ",
+	  "2",
+	  NULL, NULL },
+	{ "DpwnE/edri8AMAhccVerZw4.aaUNJXqbuWLXeMLHf5ZsWPXvY2AZ2pK.3YJjJXahVqXLEZOxw56kjW8LYvBzia3IFrvxhCuVPFyUKEyHGkbKvcwFFFVlGrESO001x3frV4kUYotwav9WIvnNut5SCHut2th74cmheUbtrHB2pKJ",
+	  "2",
+	  NULL, NULL },
+	{ "DpwnE/edri8AMAhccVerZw4.aaUNJXqbuWLXeMLHf5ZsWPXvY2AZ2pK.3YJjJXahVqXLEZOxw56kjW8LYvBzia3IFrvxhCuVPFyUKEyHGkbKvcwFFFVlGrESO001x3frV4kUYotwav9WIvnNut5SCHut2th74cmheUbtrHB5bS7",
+	  "5",
+	  NULL, NULL },
+	{ "DpwnE/edri8AMAhccVerZw4.aaUNJXqbuWLXeMLHf5ZsWPXvY2AZ2pK.3YJjJXahVqXLEZOxw56kjW8LYvBzia3IFrvxhCuVPFyUKEyHGkbKvcwFFFVlGrESO001x3frV4kUYotwav9WIvnNut5SCHut2th74cmheUbtrHBEfPp",
+	  "2",
+	  NULL, NULL },
+	{ "DpwnE/edri8AMAhccVerZw4.aaUNJXqbuWLXeMLHf5ZsWPXvY2AZ2pK.3YJjJXahVqXLEZOxw56kjW8LYvBzia3IFrvxhCuVPFyUKEyHGkbKvcwFFFVlGrESO001x3frV4kUYotwav9WIvnNut5SCHut2th74cmheUbtrHBGcOZ",
+	  "2",
+	  NULL, NULL },
+	{ "DpwnE/edri8AMAhccVerZw4.aaUNJXqbuWLXeMLHf5ZsWPXvY2AZ2pK.3YJjJXahVqXLEZOxw56kjW8LYvBzia3IFrvxhCuVPFyUKEyHGkbKvcwFFFVlGrESO001x3frV4kUYotwav9WIvnNut5SCHut2th74cmheUbtrHBH2VR",
+	  "2",
+	  NULL, NULL },
+	{ "DpwnE/edri8AMAhccVerZw4.aaUNJXqbuWLXeMLHf5ZsWPXvY2AZ2pK.3YJjJXahVqXLEZOxw56kjW8LYvBzia3IFrvxhCuVPFyUKEyHGkbKvcwFFFVlGrESO001x3frV4kUYotwav9WIvnNut5SCHut2th74cmheUbtrHBNZ/7",
+	  "5",
+	  NULL, NULL },
+	{ "DpwnE/edri8AMAhccVerZw4.aaUNJXqbuWLXeMLHf5ZsWPXvY2AZ2pK.3YJjJXahVqXLEZOxw56kjW8LYvBzia3IFrvxhCuVPFyUKEyHGkbKvcwFFFVlGrESO001x3frV4kUYotwav9WIvnNut5SCHut2th74cmheUbtrHBPPPB",
+	  "2",
+	  NULL, NULL },
+	{ "DpwnE/edri8AMAhccVerZw4.aaUNJXqbuWLXeMLHf5ZsWPXvY2AZ2pK.3YJjJXahVqXLEZOxw56kjW8LYvBzia3IFrvxhCuVPFyUKEyHGkbKvcwFFFVlGrESO001x3frV4kUYotwav9WIvnNut5SCHut2th74cmheUbtrHBQfDp",
+	  "2",
+	  NULL, NULL },
+	{ "DpwnE/edri8AMAhccVerZw4.aaUNJXqbuWLXeMLHf5ZsWPXvY2AZ2pK.3YJjJXahVqXLEZOxw56kjW8LYvBzia3IFrvxhCuVPFyUKEyHGkbKvcwFFFVlGrESO001x3frV4kUYotwav9WIvnNut5SCHut2th74cmheUbtrHBSWEp",
+	  "2",
+	  NULL, NULL },
+	{ "DpwnE/edri8AMAhccVerZw4.aaUNJXqbuWLXeMLHf5ZsWPXvY2AZ2pK.3YJjJXahVqXLEZOxw56kjW8LYvBzia3IFrvxhCuVPFyUKEyHGkbKvcwFFFVlGrESO001x3frV4kUYotwav9WIvnNut5SCHut2th74cmheUbtrHBUf//",
+	  "5",
+	  NULL, NULL },
+	{ "DpwnE/edri8AMAhccVerZw4.aaUNJXqbuWLXeMLHf5ZsWPXvY2AZ2pK.3YJjJXahVqXLEZOxw56kjW8LYvBzia3IFrvxhCuVPFyUKEyHGkbKvcwFFFVlGrESO001x3frV4kUYotwav9WIvnNut5SCHut2th74cmheUbtrHBVQhJ",
+	  "2",
+	  NULL, NULL },
+	{ "DpwnE/edri8AMAhccVerZw4.aaUNJXqbuWLXeMLHf5ZsWPXvY2AZ2pK.3YJjJXahVqXLEZOxw56kjW8LYvBzia3IFrvxhCuVPFyUKEyHGkbKvcwFFFVlGrESO001x3frV4kUYotwav9WIvnNut5SCHut2th74cmheUbtrHBXLml",
+	  "5",
+	  NULL, NULL },
+	{ "DpwnE/edri8AMAhccVerZw4.aaUNJXqbuWLXeMLHf5ZsWPXvY2AZ2pK.3YJjJXahVqXLEZOxw56kjW8LYvBzia3IFrvxhCuVPFyUKEyHGkbKvcwFFFVlGrESO001x3frV4kUYotwav9WIvnNut5SCHut2th74cmheUbtrHBZ5Fh",
+	  "2",
+	  NULL, NULL },
+	{ "DpwnE/edri8AMAhccVerZw4.aaUNJXqbuWLXeMLHf5ZsWPXvY2AZ2pK.3YJjJXahVqXLEZOxw56kjW8LYvBzia3IFrvxhCuVPFyUKEyHGkbKvcwFFFVlGrESO001x3frV4kUYotwav9WIvnNut5SCHut2th74cmheUbtrHBdoR3",
+	  "2",
+	  NULL, NULL },
+	{ "DpwnE/edri8AMAhccVerZw4.aaUNJXqbuWLXeMLHf5ZsWPXvY2AZ2pK.3YJjJXahVqXLEZOxw56kjW8LYvBzia3IFrvxhCuVPFyUKEyHGkbKvcwFFFVlGrESO001x3frV4kUYotwav9WIvnNut5SCHut2th74cmheUbtrHBe0QN",
+	  "5",
+	  NULL, NULL },
+	{ "DpwnE/edri8AMAhccVerZw4.aaUNJXqbuWLXeMLHf5ZsWPXvY2AZ2pK.3YJjJXahVqXLEZOxw56kjW8LYvBzia3IFrvxhCuVPFyUKEyHGkbKvcwFFFVlGrESO001x3frV4kUYotwav9WIvnNut5SCHut2th74cmheUbtrHBfKCJ",
+	  "2",
+	  NULL, NULL },
+	{ "DpwnE/edri8AMAhccVerZw4.aaUNJXqbuWLXeMLHf5ZsWPXvY2AZ2pK.3YJjJXahVqXLEZOxw56kjW8LYvBzia3IFrvxhCuVPFyUKEyHGkbKvcwFFFVlGrESO001x3frV4kUYotwav9WIvnNut5SCHut2th74cmheUbtrHBhkyd",
+	  "5",
+	  NULL, NULL },
+	{ "DpwnE/edri8AMAhccVerZw4.aaUNJXqbuWLXeMLHf5ZsWPXvY2AZ2pK.3YJjJXahVqXLEZOxw56kjW8LYvBzia3IFrvxhCuVPFyUKEyHGkbKvcwFFFVlGrESO001x3frV4kUYotwav9WIvnNut5SCHut2th74cmheUbtrHBjSuB",
+	  "2",
+	  NULL, NULL },
+	{ "RVqMsMQUslGkzTJks2geImL1ti84MshrK26XXFChojvXIX51Dm8icej1m9hyE1cUSmM6Jt2eS8yt/24d9axFJwCZaV93p6AubWBJWJ22PvvRtqbhgT.ao1Yj8Umc6syHX1vlBU5NJEbGbOGThmKeQCpLwR/AL3u9DBKATgMOvfCJRUBKUQxpU5sNklzFk5gur6sa9CJCNX6holSOWtuMDGc2luedSeCOx0B77j5azNpR4XjoOKjxV41c4.mpEL67",
+	  "5",
+	  NULL, NULL },
+	{ "RVqMsMQUslGkzTJks2geImL1ti84MshrK26XXFChojvXIX51Dm8icej1m9hyE1cUSmM6Jt2eS8yt/24d9axFJwCZaV93p6AubWBJWJ22PvvRtqbhgT.ao1Yj8Umc6syHX1vlBU5NJEbGbOGThmKeQCpLwR/AL3u9DBKATgMOvfCJRUBKUQxpU5sNklzFk5gur6sa9CJCNX6holSOWtuMDGc2luedSeCOx0B77j5azNpR4XjoOKjxV41c4.mpJj5R",
+	  "2",
+	  NULL, NULL },
+	{ "RVqMsMQUslGkzTJks2geImL1ti84MshrK26XXFChojvXIX51Dm8icej1m9hyE1cUSmM6Jt2eS8yt/24d9axFJwCZaV93p6AubWBJWJ22PvvRtqbhgT.ao1Yj8Umc6syHX1vlBU5NJEbGbOGThmKeQCpLwR/AL3u9DBKATgMOvfCJRUBKUQxpU5sNklzFk5gur6sa9CJCNX6holSOWtuMDGc2luedSeCOx0B77j5azNpR4XjoOKjxV41c4.mpMVm7",
+	  "5",
+	  NULL, NULL },
+	{ "RVqMsMQUslGkzTJks2geImL1ti84MshrK26XXFChojvXIX51Dm8icej1m9hyE1cUSmM6Jt2eS8yt/24d9axFJwCZaV93p6AubWBJWJ22PvvRtqbhgT.ao1Yj8Umc6syHX1vlBU5NJEbGbOGThmKeQCpLwR/AL3u9DBKATgMOvfCJRUBKUQxpU5sNklzFk5gur6sa9CJCNX6holSOWtuMDGc2luedSeCOx0B77j5azNpR4XjoOKjxV41c4.mpNtg3",
+	  "2",
+	  NULL, NULL },
+	{ "RVqMsMQUslGkzTJks2geImL1ti84MshrK26XXFChojvXIX51Dm8icej1m9hyE1cUSmM6Jt2eS8yt/24d9axFJwCZaV93p6AubWBJWJ22PvvRtqbhgT.ao1Yj8Umc6syHX1vlBU5NJEbGbOGThmKeQCpLwR/AL3u9DBKATgMOvfCJRUBKUQxpU5sNklzFk5gur6sa9CJCNX6holSOWtuMDGc2luedSeCOx0B77j5azNpR4XjoOKjxV41c4.mpRHGp",
+	  "2",
+	  NULL, NULL },
+	{ "RVqMsMQUslGkzTJks2geImL1ti84MshrK26XXFChojvXIX51Dm8icej1m9hyE1cUSmM6Jt2eS8yt/24d9axFJwCZaV93p6AubWBJWJ22PvvRtqbhgT.ao1Yj8Umc6syHX1vlBU5NJEbGbOGThmKeQCpLwR/AL3u9DBKATgMOvfCJRUBKUQxpU5sNklzFk5gur6sa9CJCNX6holSOWtuMDGc2luedSeCOx0B77j5azNpR4XjoOKjxV41c4.mpUoKx",
+	  "2",
+	  NULL, NULL },
+	{ "RVqMsMQUslGkzTJks2geImL1ti84MshrK26XXFChojvXIX51Dm8icej1m9hyE1cUSmM6Jt2eS8yt/24d9axFJwCZaV93p6AubWBJWJ22PvvRtqbhgT.ao1Yj8Umc6syHX1vlBU5NJEbGbOGThmKeQCpLwR/AL3u9DBKATgMOvfCJRUBKUQxpU5sNklzFk5gur6sa9CJCNX6holSOWtuMDGc2luedSeCOx0B77j5azNpR4XjoOKjxV41c4.mpezG/",
+	  "5",
+	  NULL, NULL },
+	{ "RVqMsMQUslGkzTJks2geImL1ti84MshrK26XXFChojvXIX51Dm8icej1m9hyE1cUSmM6Jt2eS8yt/24d9axFJwCZaV93p6AubWBJWJ22PvvRtqbhgT.ao1Yj8Umc6syHX1vlBU5NJEbGbOGThmKeQCpLwR/AL3u9DBKATgMOvfCJRUBKUQxpU5sNklzFk5gur6sa9CJCNX6holSOWtuMDGc2luedSeCOx0B77j5azNpR4XjoOKjxV41c4.mploIZ",
+	  "2",
+	  NULL, NULL },
+	{ "RVqMsMQUslGkzTJks2geImL1ti84MshrK26XXFChojvXIX51Dm8icej1m9hyE1cUSmM6Jt2eS8yt/24d9axFJwCZaV93p6AubWBJWJ22PvvRtqbhgT.ao1Yj8Umc6syHX1vlBU5NJEbGbOGThmKeQCpLwR/AL3u9DBKATgMOvfCJRUBKUQxpU5sNklzFk5gur6sa9CJCNX6holSOWtuMDGc2luedSeCOx0B77j5azNpR4XjoOKjxV41c4.mq0HkB",
+	  "2",
+	  NULL, NULL },
+	{ "RVqMsMQUslGkzTJks2geImL1ti84MshrK26XXFChojvXIX51Dm8icej1m9hyE1cUSmM6Jt2eS8yt/24d9axFJwCZaV93p6AubWBJWJ22PvvRtqbhgT.ao1Yj8Umc6syHX1vlBU5NJEbGbOGThmKeQCpLwR/AL3u9DBKATgMOvfCJRUBKUQxpU5sNklzFk5gur6sa9CJCNX6holSOWtuMDGc2luedSeCOx0B77j5azNpR4XjoOKjxV41c4.mq0gal",
+	  "5",
+	  NULL, NULL },
+	{ "RVqMsMQUslGkzTJks2geImL1ti84MshrK26XXFChojvXIX51Dm8icej1m9hyE1cUSmM6Jt2eS8yt/24d9axFJwCZaV93p6AubWBJWJ22PvvRtqbhgT.ao1Yj8Umc6syHX1vlBU5NJEbGbOGThmKeQCpLwR/AL3u9DBKATgMOvfCJRUBKUQxpU5sNklzFk5gur6sa9CJCNX6holSOWtuMDGc2luedSeCOx0B77j5azNpR4XjoOKjxV41c4.mq1jD3",
+	  "2",
+	  NULL, NULL },
+	{ "RVqMsMQUslGkzTJks2geImL1ti84MshrK26XXFChojvXIX51Dm8icej1m9hyE1cUSmM6Jt2eS8yt/24d9axFJwCZaV93p6AubWBJWJ22PvvRtqbhgT.ao1Yj8Umc6syHX1vlBU5NJEbGbOGThmKeQCpLwR/AL3u9DBKATgMOvfCJRUBKUQxpU5sNklzFk5gur6sa9CJCNX6holSOWtuMDGc2luedSeCOx0B77j5azNpR4XjoOKjxV41c4.mqDleh",
+	  "2",
+	  NULL, NULL },
+	{ "RVqMsMQUslGkzTJks2geImL1ti84MshrK26XXFChojvXIX51Dm8icej1m9hyE1cUSmM6Jt2eS8yt/24d9axFJwCZaV93p6AubWBJWJ22PvvRtqbhgT.ao1Yj8Umc6syHX1vlBU5NJEbGbOGThmKeQCpLwR/AL3u9DBKATgMOvfCJRUBKUQxpU5sNklzFk5gur6sa9CJCNX6holSOWtuMDGc2luedSeCOx0B77j5azNpR4XjoOKjxV41c4.mqSSyR",
+	  "2",
+	  NULL, NULL },
+	{ "RVqMsMQUslGkzTJks2geImL1ti84MshrK26XXFChojvXIX51Dm8icej1m9hyE1cUSmM6Jt2eS8yt/24d9axFJwCZaV93p6AubWBJWJ22PvvRtqbhgT.ao1Yj8Umc6syHX1vlBU5NJEbGbOGThmKeQCpLwR/AL3u9DBKATgMOvfCJRUBKUQxpU5sNklzFk5gur6sa9CJCNX6holSOWtuMDGc2luedSeCOx0B77j5azNpR4XjoOKjxV41c4.mrAlNl",
+	  "5",
+	  NULL, NULL },
+	{ "RVqMsMQUslGkzTJks2geImL1ti84MshrK26XXFChojvXIX51Dm8icej1m9hyE1cUSmM6Jt2eS8yt/24d9axFJwCZaV93p6AubWBJWJ22PvvRtqbhgT.ao1Yj8Umc6syHX1vlBU5NJEbGbOGThmKeQCpLwR/AL3u9DBKATgMOvfCJRUBKUQxpU5sNklzFk5gur6sa9CJCNX6holSOWtuMDGc2luedSeCOx0B77j5azNpR4XjoOKjxV41c4.mrZCFB",
+	  "2",
+	  NULL, NULL },
+	{ "RVqMsMQUslGkzTJks2geImL1ti84MshrK26XXFChojvXIX51Dm8icej1m9hyE1cUSmM6Jt2eS8yt/24d9axFJwCZaV93p6AubWBJWJ22PvvRtqbhgT.ao1Yj8Umc6syHX1vlBU5NJEbGbOGThmKeQCpLwR/AL3u9DBKATgMOvfCJRUBKUQxpU5sNklzFk5gur6sa9CJCNX6holSOWtuMDGc2luedSeCOx0B77j5azNpR4XjoOKjxV41c4.mrgRV/",
+	  "5",
+	  NULL, NULL },
+	{ "RVqMsMQUslGkzTJks2geImL1ti84MshrK26XXFChojvXIX51Dm8icej1m9hyE1cUSmM6Jt2eS8yt/24d9axFJwCZaV93p6AubWBJWJ22PvvRtqbhgT.ao1Yj8Umc6syHX1vlBU5NJEbGbOGThmKeQCpLwR/AL3u9DBKATgMOvfCJRUBKUQxpU5sNklzFk5gur6sa9CJCNX6holSOWtuMDGc2luedSeCOx0B77j5azNpR4XjoOKjxV41c4.mrif9/",
+	  "5",
+	  NULL, NULL },
+	{ "RVqMsMQUslGkzTJks2geImL1ti84MshrK26XXFChojvXIX51Dm8icej1m9hyE1cUSmM6Jt2eS8yt/24d9axFJwCZaV93p6AubWBJWJ22PvvRtqbhgT.ao1Yj8Umc6syHX1vlBU5NJEbGbOGThmKeQCpLwR/AL3u9DBKATgMOvfCJRUBKUQxpU5sNklzFk5gur6sa9CJCNX6holSOWtuMDGc2luedSeCOx0B77j5azNpR4XjoOKjxV41c4.mrn7CZ",
+	  "2",
+	  NULL, NULL },
+	{ "RVqMsMQUslGkzTJks2geImL1ti84MshrK26XXFChojvXIX51Dm8icej1m9hyE1cUSmM6Jt2eS8yt/24d9axFJwCZaV93p6AubWBJWJ22PvvRtqbhgT.ao1Yj8Umc6syHX1vlBU5NJEbGbOGThmKeQCpLwR/AL3u9DBKATgMOvfCJRUBKUQxpU5sNklzFk5gur6sa9CJCNX6holSOWtuMDGc2luedSeCOx0B77j5azNpR4XjoOKjxV41c4.mrpwd3",
+	  "2",
+	  NULL, NULL },
+	{ "RVqMsMQUslGkzTJks2geImL1ti84MshrK26XXFChojvXIX51Dm8icej1m9hyE1cUSmM6Jt2eS8yt/24d9axFJwCZaV93p6AubWBJWJ22PvvRtqbhgT.ao1Yj8Umc6syHX1vlBU5NJEbGbOGThmKeQCpLwR/AL3u9DBKATgMOvfCJRUBKUQxpU5sNklzFk5gur6sa9CJCNX6holSOWtuMDGc2luedSeCOx0B77j5azNpR4XjoOKjxV41c4.mruBit",
+	  "5",
+	  NULL, NULL },
+	{ "RVqMsMQUslGkzTJks2geImL1ti84MshrK26XXFChojvXIX51Dm8icej1m9hyE1cUSmM6Jt2eS8yt/24d9axFJwCZaV93p6AubWBJWJ22PvvRtqbhgT.ao1Yj8Umc6syHX1vlBU5NJEbGbOGThmKeQCpLwR/AL3u9DBKATgMOvfCJRUBKUQxpU5sNklzFk5gur6sa9CJCNX6holSOWtuMDGc2luedSeCOx0B77j5azNpR4XjoOKjxV41c4.mrwSmZ",
+	  "2",
+	  NULL, NULL },
+	{ "RVqMsMQUslGkzTJks2geImL1ti84MshrK26XXFChojvXIX51Dm8icej1m9hyE1cUSmM6Jt2eS8yt/24d9axFJwCZaV93p6AubWBJWJ22PvvRtqbhgT.ao1Yj8Umc6syHX1vlBU5NJEbGbOGThmKeQCpLwR/AL3u9DBKATgMOvfCJRUBKUQxpU5sNklzFk5gur6sa9CJCNX6holSOWtuMDGc2luedSeCOx0B77j5azNpR4XjoOKjxV41c4.mr/Nrd",
+	  "5",
+	  NULL, NULL },
+	{ "RVqMsMQUslGkzTJks2geImL1ti84MshrK26XXFChojvXIX51Dm8icej1m9hyE1cUSmM6Jt2eS8yt/24d9axFJwCZaV93p6AubWBJWJ22PvvRtqbhgT.ao1Yj8Umc6syHX1vlBU5NJEbGbOGThmKeQCpLwR/AL3u9DBKATgMOvfCJRUBKUQxpU5sNklzFk5gur6sa9CJCNX6holSOWtuMDGc2luedSeCOx0B77j5azNpR4XjoOKjxV41c4.ms1IpB",
+	  "2",
+	  NULL, NULL },
+	{ "RVqMsMQUslGkzTJks2geImL1ti84MshrK26XXFChojvXIX51Dm8icej1m9hyE1cUSmM6Jt2eS8yt/24d9axFJwCZaV93p6AubWBJWJ22PvvRtqbhgT.ao1Yj8Umc6syHX1vlBU5NJEbGbOGThmKeQCpLwR/AL3u9DBKATgMOvfCJRUBKUQxpU5sNklzFk5gur6sa9CJCNX6holSOWtuMDGc2luedSeCOx0B77j5azNpR4XjoOKjxV41c4.msIXu7",
+	  "5",
+	  NULL, NULL },
+	{ "RVqMsMQUslGkzTJks2geImL1ti84MshrK26XXFChojvXIX51Dm8icej1m9hyE1cUSmM6Jt2eS8yt/24d9axFJwCZaV93p6AubWBJWJ22PvvRtqbhgT.ao1Yj8Umc6syHX1vlBU5NJEbGbOGThmKeQCpLwR/AL3u9DBKATgMOvfCJRUBKUQxpU5sNklzFk5gur6sa9CJCNX6holSOWtuMDGc2luedSeCOx0B77j5azNpR4XjoOKjxV41c4.mshLLN",
+	  "5",
+	  NULL, NULL },
+	{ "RVqMsMQUslGkzTJks2geImL1ti84MshrK26XXFChojvXIX51Dm8icej1m9hyE1cUSmM6Jt2eS8yt/24d9axFJwCZaV93p6AubWBJWJ22PvvRtqbhgT.ao1Yj8Umc6syHX1vlBU5NJEbGbOGThmKeQCpLwR/AL3u9DBKATgMOvfCJRUBKUQxpU5sNklzFk5gur6sa9CJCNX6holSOWtuMDGc2luedSeCOx0B77j5azNpR4XjoOKjxV41c4.msxbU/",
+	  "5",
+	  NULL, NULL },
+	{ "RVqMsMQUslGkzTJks2geImL1ti84MshrK26XXFChojvXIX51Dm8icej1m9hyE1cUSmM6Jt2eS8yt/24d9axFJwCZaV93p6AubWBJWJ22PvvRtqbhgT.ao1Yj8Umc6syHX1vlBU5NJEbGbOGThmKeQCpLwR/AL3u9DBKATgMOvfCJRUBKUQxpU5sNklzFk5gur6sa9CJCNX6holSOWtuMDGc2luedSeCOx0B77j5azNpR4XjoOKjxV41c4.mt5gSB",
+	  "2",
+	  NULL, NULL },
+	{ "RVqMsMQUslGkzTJks2geImL1ti84MshrK26XXFChojvXIX51Dm8icej1m9hyE1cUSmM6Jt2eS8yt/24d9axFJwCZaV93p6AubWBJWJ22PvvRtqbhgT.ao1Yj8Umc6syHX1vlBU5NJEbGbOGThmKeQCpLwR/AL3u9DBKATgMOvfCJRUBKUQxpU5sNklzFk5gur6sa9CJCNX6holSOWtuMDGc2luedSeCOx0B77j5azNpR4XjoOKjxV41c4.mt7G4B",
+	  "2",
+	  NULL, NULL },
+	{ "RVqMsMQUslGkzTJks2geImL1ti84MshrK26XXFChojvXIX51Dm8icej1m9hyE1cUSmM6Jt2eS8yt/24d9axFJwCZaV93p6AubWBJWJ22PvvRtqbhgT.ao1Yj8Umc6syHX1vlBU5NJEbGbOGThmKeQCpLwR/AL3u9DBKATgMOvfCJRUBKUQxpU5sNklzFk5gur6sa9CJCNX6holSOWtuMDGc2luedSeCOx0B77j5azNpR4XjoOKjxV41c4.mt7hN7",
+	  "5",
+	  NULL, NULL },
+	{ "RVqMsMQUslGkzTJks2geImL1ti84MshrK26XXFChojvXIX51Dm8icej1m9hyE1cUSmM6Jt2eS8yt/24d9axFJwCZaV93p6AubWBJWJ22PvvRtqbhgT.ao1Yj8Umc6syHX1vlBU5NJEbGbOGThmKeQCpLwR/AL3u9DBKATgMOvfCJRUBKUQxpU5sNklzFk5gur6sa9CJCNX6holSOWtuMDGc2luedSeCOx0B77j5azNpR4XjoOKjxV41c4.mt9rzB",
+	  "2",
+	  NULL, NULL },
+	{ "RVqMsMQUslGkzTJks2geImL1ti84MshrK26XXFChojvXIX51Dm8icej1m9hyE1cUSmM6Jt2eS8yt/24d9axFJwCZaV93p6AubWBJWJ22PvvRtqbhgT.ao1Yj8Umc6syHX1vlBU5NJEbGbOGThmKeQCpLwR/AL3u9DBKATgMOvfCJRUBKUQxpU5sNklzFk5gur6sa9CJCNX6holSOWtuMDGc2luedSeCOx0B77j5azNpR4XjoOKjxV41c4.mtECFp",
+	  "2",
+	  NULL, NULL },
+	{ "1.q8YBPWg1ZnNbzsf/A/4CcTT1ATe4H6nW4MoSW0K11WkA/mTTpWm8pltsbKGERnRypR1ZMT20xsBMI5owwvIvA.TnrJMqwfnT5DXCrsIU9SVFwYoHH8RCA/tdV4mDyTRTxMN.ulKwVwQGh.EEu0mLJxhl.JL6QnTiiAxG95YbKfAVJgVyFc.VTOtdyYp1z9P1z9A2146zmGdmpXZuW/oJwfh4mKCcWheSMsU.sCXX5IfVbIgCtF6yu2kDa.WC4Jpf/YvAoacobukPgCNw8nftzUV61DHCV6wfZLOIbDJtgmOKCigukzpiDbdUPFPIPUQv/5z6XvknVCD9auKwogoh",
+	  "2",
+	  NULL, NULL },
+	{ "1.q8YBPWg1ZnNbzsf/A/4CcTT1ATe4H6nW4MoSW0K11WkA/mTTpWm8pltsbKGERnRypR1ZMT20xsBMI5owwvIvA.TnrJMqwfnT5DXCrsIU9SVFwYoHH8RCA/tdV4mDyTRTxMN.ulKwVwQGh.EEu0mLJxhl.JL6QnTiiAxG95YbKfAVJgVyFc.VTOtdyYp1z9P1z9A2146zmGdmpXZuW/oJwfh4mKCcWheSMsU.sCXX5IfVbIgCtF6yu2kDa.WC4Jpf/YvAoacobukPgCNw8nftzUV61DHCV6wfZLOIbDJtgmOKCigukzpiDbdUPFPIPUQv/5z6XvknVCD9auKwvRuF",
+	  "5",
+	  NULL, NULL },
+	{ "1.q8YBPWg1ZnNbzsf/A/4CcTT1ATe4H6nW4MoSW0K11WkA/mTTpWm8pltsbKGERnRypR1ZMT20xsBMI5owwvIvA.TnrJMqwfnT5DXCrsIU9SVFwYoHH8RCA/tdV4mDyTRTxMN.ulKwVwQGh.EEu0mLJxhl.JL6QnTiiAxG95YbKfAVJgVyFc.VTOtdyYp1z9P1z9A2146zmGdmpXZuW/oJwfh4mKCcWheSMsU.sCXX5IfVbIgCtF6yu2kDa.WC4Jpf/YvAoacobukPgCNw8nftzUV61DHCV6wfZLOIbDJtgmOKCigukzpiDbdUPFPIPUQv/5z6XvknVCD9auKwxUBJ",
+	  "2",
+	  NULL, NULL },
+	{ "1.q8YBPWg1ZnNbzsf/A/4CcTT1ATe4H6nW4MoSW0K11WkA/mTTpWm8pltsbKGERnRypR1ZMT20xsBMI5owwvIvA.TnrJMqwfnT5DXCrsIU9SVFwYoHH8RCA/tdV4mDyTRTxMN.ulKwVwQGh.EEu0mLJxhl.JL6QnTiiAxG95YbKfAVJgVyFc.VTOtdyYp1z9P1z9A2146zmGdmpXZuW/oJwfh4mKCcWheSMsU.sCXX5IfVbIgCtF6yu2kDa.WC4Jpf/YvAoacobukPgCNw8nftzUV61DHCV6wfZLOIbDJtgmOKCigukzpiDbdUPFPIPUQv/5z6XvknVCD9auKx3pBB",
+	  "2",
+	  NULL, NULL },
+	{ "1.q8YBPWg1ZnNbzsf/A/4CcTT1ATe4H6nW4MoSW0K11WkA/mTTpWm8pltsbKGERnRypR1ZMT20xsBMI5owwvIvA.TnrJMqwfnT5DXCrsIU9SVFwYoHH8RCA/tdV4mDyTRTxMN.ulKwVwQGh.EEu0mLJxhl.JL6QnTiiAxG95YbKfAVJgVyFc.VTOtdyYp1z9P1z9A2146zmGdmpXZuW/oJwfh4mKCcWheSMsU.sCXX5IfVbIgCtF6yu2kDa.WC4Jpf/YvAoacobukPgCNw8nftzUV61DHCV6wfZLOIbDJtgmOKCigukzpiDbdUPFPIPUQv/5z6XvknVCD9auKxCEK3",
+	  "2",
+	  NULL, NULL },
+	{ "1.q8YBPWg1ZnNbzsf/A/4CcTT1ATe4H6nW4MoSW0K11WkA/mTTpWm8pltsbKGERnRypR1ZMT20xsBMI5owwvIvA.TnrJMqwfnT5DXCrsIU9SVFwYoHH8RCA/tdV4mDyTRTxMN.ulKwVwQGh.EEu0mLJxhl.JL6QnTiiAxG95YbKfAVJgVyFc.VTOtdyYp1z9P1z9A2146zmGdmpXZuW/oJwfh4mKCcWheSMsU.sCXX5IfVbIgCtF6yu2kDa.WC4Jpf/YvAoacobukPgCNw8nftzUV61DHCV6wfZLOIbDJtgmOKCigukzpiDbdUPFPIPUQv/5z6XvknVCD9auKxoQzN",
+	  "5",
+	  NULL, NULL },
+	{ "1.q8YBPWg1ZnNbzsf/A/4CcTT1ATe4H6nW4MoSW0K11WkA/mTTpWm8pltsbKGERnRypR1ZMT20xsBMI5owwvIvA.TnrJMqwfnT5DXCrsIU9SVFwYoHH8RCA/tdV4mDyTRTxMN.ulKwVwQGh.EEu0mLJxhl.JL6QnTiiAxG95YbKfAVJgVyFc.VTOtdyYp1z9P1z9A2146zmGdmpXZuW/oJwfh4mKCcWheSMsU.sCXX5IfVbIgCtF6yu2kDa.WC4Jpf/YvAoacobukPgCNw8nftzUV61DHCV6wfZLOIbDJtgmOKCigukzpiDbdUPFPIPUQv/5z6XvknVCD9auKy859Z",
+	  "2",
+	  NULL, NULL },
+	{ "1.q8YBPWg1ZnNbzsf/A/4CcTT1ATe4H6nW4MoSW0K11WkA/mTTpWm8pltsbKGERnRypR1ZMT20xsBMI5owwvIvA.TnrJMqwfnT5DXCrsIU9SVFwYoHH8RCA/tdV4mDyTRTxMN.ulKwVwQGh.EEu0mLJxhl.JL6QnTiiAxG95YbKfAVJgVyFc.VTOtdyYp1z9P1z9A2146zmGdmpXZuW/oJwfh4mKCcWheSMsU.sCXX5IfVbIgCtF6yu2kDa.WC4Jpf/YvAoacobukPgCNw8nftzUV61DHCV6wfZLOIbDJtgmOKCigukzpiDbdUPFPIPUQv/5z6XvknVCD9auKyFovJ",
+	  "2",
+	  NULL, NULL },
+	{ "1.q8YBPWg1ZnNbzsf/A/4CcTT1ATe4H6nW4MoSW0K11WkA/mTTpWm8pltsbKGERnRypR1ZMT20xsBMI5owwvIvA.TnrJMqwfnT5DXCrsIU9SVFwYoHH8RCA/tdV4mDyTRTxMN.ulKwVwQGh.EEu0mLJxhl.JL6QnTiiAxG95YbKfAVJgVyFc.VTOtdyYp1z9P1z9A2146zmGdmpXZuW/oJwfh4mKCcWheSMsU.sCXX5IfVbIgCtF6yu2kDa.WC4Jpf/YvAoacobukPgCNw8nftzUV61DHCV6wfZLOIbDJtgmOKCigukzpiDbdUPFPIPUQv/5z6XvknVCD9auKyeek/",
+	  "5",
+	  NULL, NULL },
+	{ "1.q8YBPWg1ZnNbzsf/A/4CcTT1ATe4H6nW4MoSW0K11WkA/mTTpWm8pltsbKGERnRypR1ZMT20xsBMI5owwvIvA.TnrJMqwfnT5DXCrsIU9SVFwYoHH8RCA/tdV4mDyTRTxMN.ulKwVwQGh.EEu0mLJxhl.JL6QnTiiAxG95YbKfAVJgVyFc.VTOtdyYp1z9P1z9A2146zmGdmpXZuW/oJwfh4mKCcWheSMsU.sCXX5IfVbIgCtF6yu2kDa.WC4Jpf/YvAoacobukPgCNw8nftzUV61DHCV6wfZLOIbDJtgmOKCigukzpiDbdUPFPIPUQv/5z6XvknVCD9auKyk143",
+	  "2",
+	  NULL, NULL },
+	{ "1.q8YBPWg1ZnNbzsf/A/4CcTT1ATe4H6nW4MoSW0K11WkA/mTTpWm8pltsbKGERnRypR1ZMT20xsBMI5owwvIvA.TnrJMqwfnT5DXCrsIU9SVFwYoHH8RCA/tdV4mDyTRTxMN.ulKwVwQGh.EEu0mLJxhl.JL6QnTiiAxG95YbKfAVJgVyFc.VTOtdyYp1z9P1z9A2146zmGdmpXZuW/oJwfh4mKCcWheSMsU.sCXX5IfVbIgCtF6yu2kDa.WC4Jpf/YvAoacobukPgCNw8nftzUV61DHCV6wfZLOIbDJtgmOKCigukzpiDbdUPFPIPUQv/5z6XvknVCD9auKzyJj7",
+	  "5",
+	  NULL, NULL },
+	{ "1.q8YBPWg1ZnNbzsf/A/4CcTT1ATe4H6nW4MoSW0K11WkA/mTTpWm8pltsbKGERnRypR1ZMT20xsBMI5owwvIvA.TnrJMqwfnT5DXCrsIU9SVFwYoHH8RCA/tdV4mDyTRTxMN.ulKwVwQGh.EEu0mLJxhl.JL6QnTiiAxG95YbKfAVJgVyFc.VTOtdyYp1z9P1z9A2146zmGdmpXZuW/oJwfh4mKCcWheSMsU.sCXX5IfVbIgCtF6yu2kDa.WC4Jpf/YvAoacobukPgCNw8nftzUV61DHCV6wfZLOIbDJtgmOKCigukzpiDbdUPFPIPUQv/5z6XvknVCD9auKzy.rJ",
+	  "2",
+	  NULL, NULL },
+	{ "1.q8YBPWg1ZnNbzsf/A/4CcTT1ATe4H6nW4MoSW0K11WkA/mTTpWm8pltsbKGERnRypR1ZMT20xsBMI5owwvIvA.TnrJMqwfnT5DXCrsIU9SVFwYoHH8RCA/tdV4mDyTRTxMN.ulKwVwQGh.EEu0mLJxhl.JL6QnTiiAxG95YbKfAVJgVyFc.VTOtdyYp1z9P1z9A2146zmGdmpXZuW/oJwfh4mKCcWheSMsU.sCXX5IfVbIgCtF6yu2kDa.WC4Jpf/YvAoacobukPgCNw8nftzUV61DHCV6wfZLOIbDJtgmOKCigukzpiDbdUPFPIPUQv/5z6XvknVCD9auK.NINd",
+	  "5",
+	  NULL, NULL },
+	{ "1.q8YBPWg1ZnNbzsf/A/4CcTT1ATe4H6nW4MoSW0K11WkA/mTTpWm8pltsbKGERnRypR1ZMT20xsBMI5owwvIvA.TnrJMqwfnT5DXCrsIU9SVFwYoHH8RCA/tdV4mDyTRTxMN.ulKwVwQGh.EEu0mLJxhl.JL6QnTiiAxG95YbKfAVJgVyFc.VTOtdyYp1z9P1z9A2146zmGdmpXZuW/oJwfh4mKCcWheSMsU.sCXX5IfVbIgCtF6yu2kDa.WC4Jpf/YvAoacobukPgCNw8nftzUV61DHCV6wfZLOIbDJtgmOKCigukzpiDbdUPFPIPUQv/5z6XvknVCD9auK.dF0J",
+	  "2",
+	  NULL, NULL },
+	{ "1.q8YBPWg1ZnNbzsf/A/4CcTT1ATe4H6nW4MoSW0K11WkA/mTTpWm8pltsbKGERnRypR1ZMT20xsBMI5owwvIvA.TnrJMqwfnT5DXCrsIU9SVFwYoHH8RCA/tdV4mDyTRTxMN.ulKwVwQGh.EEu0mLJxhl.JL6QnTiiAxG95YbKfAVJgVyFc.VTOtdyYp1z9P1z9A2146zmGdmpXZuW/oJwfh4mKCcWheSMsU.sCXX5IfVbIgCtF6yu2kDa.WC4Jpf/YvAoacobukPgCNw8nftzUV61DHCV6wfZLOIbDJtgmOKCigukzpiDbdUPFPIPUQv/5z6XvknVCD9auK.dXph",
+	  "2",
+	  NULL, NULL },
+	{ "1.q8YBPWg1ZnNbzsf/A/4CcTT1ATe4H6nW4MoSW0K11WkA/mTTpWm8pltsbKGERnRypR1ZMT20xsBMI5owwvIvA.TnrJMqwfnT5DXCrsIU9SVFwYoHH8RCA/tdV4mDyTRTxMN.ulKwVwQGh.EEu0mLJxhl.JL6QnTiiAxG95YbKfAVJgVyFc.VTOtdyYp1z9P1z9A2146zmGdmpXZuW/oJwfh4mKCcWheSMsU.sCXX5IfVbIgCtF6yu2kDa.WC4Jpf/YvAoacobukPgCNw8nftzUV61DHCV6wfZLOIbDJtgmOKCigukzpiDbdUPFPIPUQv/5z6XvknVCD9auK.zOj/",
+	  "5",
+	  NULL, NULL },
+	{ "1.q8YBPWg1ZnNbzsf/A/4CcTT1ATe4H6nW4MoSW0K11WkA/mTTpWm8pltsbKGERnRypR1ZMT20xsBMI5owwvIvA.TnrJMqwfnT5DXCrsIU9SVFwYoHH8RCA/tdV4mDyTRTxMN.ulKwVwQGh.EEu0mLJxhl.JL6QnTiiAxG95YbKfAVJgVyFc.VTOtdyYp1z9P1z9A2146zmGdmpXZuW/oJwfh4mKCcWheSMsU.sCXX5IfVbIgCtF6yu2kDa.WC4Jpf/YvAoacobukPgCNw8nftzUV61DHCV6wfZLOIbDJtgmOKCigukzpiDbdUPFPIPUQv/5z6XvknVCD9auK/0NQN",
+	  "5",
+	  NULL, NULL },
+	{ "1.q8YBPWg1ZnNbzsf/A/4CcTT1ATe4H6nW4MoSW0K11WkA/mTTpWm8pltsbKGERnRypR1ZMT20xsBMI5owwvIvA.TnrJMqwfnT5DXCrsIU9SVFwYoHH8RCA/tdV4mDyTRTxMN.ulKwVwQGh.EEu0mLJxhl.JL6QnTiiAxG95YbKfAVJgVyFc.VTOtdyYp1z9P1z9A2146zmGdmpXZuW/oJwfh4mKCcWheSMsU.sCXX5IfVbIgCtF6yu2kDa.WC4Jpf/YvAoacobukPgCNw8nftzUV61DHCV6wfZLOIbDJtgmOKCigukzpiDbdUPFPIPUQv/5z6XvknVCD9auK/3dBJ",
+	  "2",
+	  NULL, NULL },
+	{ "1.q8YBPWg1ZnNbzsf/A/4CcTT1ATe4H6nW4MoSW0K11WkA/mTTpWm8pltsbKGERnRypR1ZMT20xsBMI5owwvIvA.TnrJMqwfnT5DXCrsIU9SVFwYoHH8RCA/tdV4mDyTRTxMN.ulKwVwQGh.EEu0mLJxhl.JL6QnTiiAxG95YbKfAVJgVyFc.VTOtdyYp1z9P1z9A2146zmGdmpXZuW/oJwfh4mKCcWheSMsU.sCXX5IfVbIgCtF6yu2kDa.WC4Jpf/YvAoacobukPgCNw8nftzUV61DHCV6wfZLOIbDJtgmOKCigukzpiDbdUPFPIPUQv/5z6XvknVCD9auK/5CuN",
+	  "5",
+	  NULL, NULL },
+	{ "1.q8YBPWg1ZnNbzsf/A/4CcTT1ATe4H6nW4MoSW0K11WkA/mTTpWm8pltsbKGERnRypR1ZMT20xsBMI5owwvIvA.TnrJMqwfnT5DXCrsIU9SVFwYoHH8RCA/tdV4mDyTRTxMN.ulKwVwQGh.EEu0mLJxhl.JL6QnTiiAxG95YbKfAVJgVyFc.VTOtdyYp1z9P1z9A2146zmGdmpXZuW/oJwfh4mKCcWheSMsU.sCXX5IfVbIgCtF6yu2kDa.WC4Jpf/YvAoacobukPgCNw8nftzUV61DHCV6wfZLOIbDJtgmOKCigukzpiDbdUPFPIPUQv/5z6XvknVCD9auK/BkkZ",
+	  "2",
+	  NULL, NULL },
+	{ "1.q8YBPWg1ZnNbzsf/A/4CcTT1ATe4H6nW4MoSW0K11WkA/mTTpWm8pltsbKGERnRypR1ZMT20xsBMI5owwvIvA.TnrJMqwfnT5DXCrsIU9SVFwYoHH8RCA/tdV4mDyTRTxMN.ulKwVwQGh.EEu0mLJxhl.JL6QnTiiAxG95YbKfAVJgVyFc.VTOtdyYp1z9P1z9A2146zmGdmpXZuW/oJwfh4mKCcWheSMsU.sCXX5IfVbIgCtF6yu2kDa.WC4Jpf/YvAoacobukPgCNw8nftzUV61DHCV6wfZLOIbDJtgmOKCigukzpiDbdUPFPIPUQv/5z6XvknVCD9auK/Kkad",
+	  "5",
+	  NULL, NULL },
+	{ "1.q8YBPWg1ZnNbzsf/A/4CcTT1ATe4H6nW4MoSW0K11WkA/mTTpWm8pltsbKGERnRypR1ZMT20xsBMI5owwvIvA.TnrJMqwfnT5DXCrsIU9SVFwYoHH8RCA/tdV4mDyTRTxMN.ulKwVwQGh.EEu0mLJxhl.JL6QnTiiAxG95YbKfAVJgVyFc.VTOtdyYp1z9P1z9A2146zmGdmpXZuW/oJwfh4mKCcWheSMsU.sCXX5IfVbIgCtF6yu2kDa.WC4Jpf/YvAoacobukPgCNw8nftzUV61DHCV6wfZLOIbDJtgmOKCigukzpiDbdUPFPIPUQv/5z6XvknVCD9auK/Ts.B",
+	  "2",
+	  NULL, NULL },
+	{ "1.q8YBPWg1ZnNbzsf/A/4CcTT1ATe4H6nW4MoSW0K11WkA/mTTpWm8pltsbKGERnRypR1ZMT20xsBMI5owwvIvA.TnrJMqwfnT5DXCrsIU9SVFwYoHH8RCA/tdV4mDyTRTxMN.ulKwVwQGh.EEu0mLJxhl.JL6QnTiiAxG95YbKfAVJgVyFc.VTOtdyYp1z9P1z9A2146zmGdmpXZuW/oJwfh4mKCcWheSMsU.sCXX5IfVbIgCtF6yu2kDa.WC4Jpf/YvAoacobukPgCNw8nftzUV61DHCV6wfZLOIbDJtgmOKCigukzpiDbdUPFPIPUQv/5z6XvknVCD9auK/oO13",
+	  "2",
+	  NULL, NULL },
+	{ "1.q8YBPWg1ZnNbzsf/A/4CcTT1ATe4H6nW4MoSW0K11WkA/mTTpWm8pltsbKGERnRypR1ZMT20xsBMI5owwvIvA.TnrJMqwfnT5DXCrsIU9SVFwYoHH8RCA/tdV4mDyTRTxMN.ulKwVwQGh.EEu0mLJxhl.JL6QnTiiAxG95YbKfAVJgVyFc.VTOtdyYp1z9P1z9A2146zmGdmpXZuW/oJwfh4mKCcWheSMsU.sCXX5IfVbIgCtF6yu2kDa.WC4Jpf/YvAoacobukPgCNw8nftzUV61DHCV6wfZLOIbDJtgmOKCigukzpiDbdUPFPIPUQv/5z6XvknVCD9auK/r.gl",
+	  "5",
+	  NULL, NULL },
+	{ "1.q8YBPWg1ZnNbzsf/A/4CcTT1ATe4H6nW4MoSW0K11WkA/mTTpWm8pltsbKGERnRypR1ZMT20xsBMI5owwvIvA.TnrJMqwfnT5DXCrsIU9SVFwYoHH8RCA/tdV4mDyTRTxMN.ulKwVwQGh.EEu0mLJxhl.JL6QnTiiAxG95YbKfAVJgVyFc.VTOtdyYp1z9P1z9A2146zmGdmpXZuW/oJwfh4mKCcWheSMsU.sCXX5IfVbIgCtF6yu2kDa.WC4Jpf/YvAoacobukPgCNw8nftzUV61DHCV6wfZLOIbDJtgmOKCigukzpiDbdUPFPIPUQv/5z6XvknVCD9auK/.QzV",
+	  "5",
+	  NULL, NULL },
+	{ "1.q8YBPWg1ZnNbzsf/A/4CcTT1ATe4H6nW4MoSW0K11WkA/mTTpWm8pltsbKGERnRypR1ZMT20xsBMI5owwvIvA.TnrJMqwfnT5DXCrsIU9SVFwYoHH8RCA/tdV4mDyTRTxMN.ulKwVwQGh.EEu0mLJxhl.JL6QnTiiAxG95YbKfAVJgVyFc.VTOtdyYp1z9P1z9A2146zmGdmpXZuW/oJwfh4mKCcWheSMsU.sCXX5IfVbIgCtF6yu2kDa.WC4Jpf/YvAoacobukPgCNw8nftzUV61DHCV6wfZLOIbDJtgmOKCigukzpiDbdUPFPIPUQv/5z6XvknVCD9auL0JZCB",
+	  "2",
+	  NULL, NULL },
+	{ "1.q8YBPWg1ZnNbzsf/A/4CcTT1ATe4H6nW4MoSW0K11WkA/mTTpWm8pltsbKGERnRypR1ZMT20xsBMI5owwvIvA.TnrJMqwfnT5DXCrsIU9SVFwYoHH8RCA/tdV4mDyTRTxMN.ulKwVwQGh.EEu0mLJxhl.JL6QnTiiAxG95YbKfAVJgVyFc.VTOtdyYp1z9P1z9A2146zmGdmpXZuW/oJwfh4mKCcWheSMsU.sCXX5IfVbIgCtF6yu2kDa.WC4Jpf/YvAoacobukPgCNw8nftzUV61DHCV6wfZLOIbDJtgmOKCigukzpiDbdUPFPIPUQv/5z6XvknVCD9auL0PoqV",
+	  "5",
+	  NULL, NULL },
+	{ "1.q8YBPWg1ZnNbzsf/A/4CcTT1ATe4H6nW4MoSW0K11WkA/mTTpWm8pltsbKGERnRypR1ZMT20xsBMI5owwvIvA.TnrJMqwfnT5DXCrsIU9SVFwYoHH8RCA/tdV4mDyTRTxMN.ulKwVwQGh.EEu0mLJxhl.JL6QnTiiAxG95YbKfAVJgVyFc.VTOtdyYp1z9P1z9A2146zmGdmpXZuW/oJwfh4mKCcWheSMsU.sCXX5IfVbIgCtF6yu2kDa.WC4Jpf/YvAoacobukPgCNw8nftzUV61DHCV6wfZLOIbDJtgmOKCigukzpiDbdUPFPIPUQv/5z6XvknVCD9auL0vB8J",
+	  "2",
+	  NULL, NULL },
+	{ "1.q8YBPWg1ZnNbzsf/A/4CcTT1ATe4H6nW4MoSW0K11WkA/mTTpWm8pltsbKGERnRypR1ZMT20xsBMI5owwvIvA.TnrJMqwfnT5DXCrsIU9SVFwYoHH8RCA/tdV4mDyTRTxMN.ulKwVwQGh.EEu0mLJxhl.JL6QnTiiAxG95YbKfAVJgVyFc.VTOtdyYp1z9P1z9A2146zmGdmpXZuW/oJwfh4mKCcWheSMsU.sCXX5IfVbIgCtF6yu2kDa.WC4Jpf/YvAoacobukPgCNw8nftzUV61DHCV6wfZLOIbDJtgmOKCigukzpiDbdUPFPIPUQv/5z6XvknVCD9auL1H9H/",
+	  "5",
+	  NULL, NULL },
+	{ "1.q8YBPWg1ZnNbzsf/A/4CcTT1ATe4H6nW4MoSW0K11WkA/mTTpWm8pltsbKGERnRypR1ZMT20xsBMI5owwvIvA.TnrJMqwfnT5DXCrsIU9SVFwYoHH8RCA/tdV4mDyTRTxMN.ulKwVwQGh.EEu0mLJxhl.JL6QnTiiAxG95YbKfAVJgVyFc.VTOtdyYp1z9P1z9A2146zmGdmpXZuW/oJwfh4mKCcWheSMsU.sCXX5IfVbIgCtF6yu2kDa.WC4Jpf/YvAoacobukPgCNw8nftzUV61DHCV6wfZLOIbDJtgmOKCigukzpiDbdUPFPIPUQv/5z6XvknVCD9auL1Jo8x",
+	  "2",
+	  NULL, NULL },
+	{ "1.q8YBPWg1ZnNbzsf/A/4CcTT1ATe4H6nW4MoSW0K11WkA/mTTpWm8pltsbKGERnRypR1ZMT20xsBMI5owwvIvA.TnrJMqwfnT5DXCrsIU9SVFwYoHH8RCA/tdV4mDyTRTxMN.ulKwVwQGh.EEu0mLJxhl.JL6QnTiiAxG95YbKfAVJgVyFc.VTOtdyYp1z9P1z9A2146zmGdmpXZuW/oJwfh4mKCcWheSMsU.sCXX5IfVbIgCtF6yu2kDa.WC4Jpf/YvAoacobukPgCNw8nftzUV61DHCV6wfZLOIbDJtgmOKCigukzpiDbdUPFPIPUQv/5z6XvknVCD9auL1KY1p",
+	  "2",
+	  NULL, NULL },
+	{ "1.q8YBPWg1ZnNbzsf/A/4CcTT1ATe4H6nW4MoSW0K11WkA/mTTpWm8pltsbKGERnRypR1ZMT20xsBMI5owwvIvA.TnrJMqwfnT5DXCrsIU9SVFwYoHH8RCA/tdV4mDyTRTxMN.ulKwVwQGh.EEu0mLJxhl.JL6QnTiiAxG95YbKfAVJgVyFc.VTOtdyYp1z9P1z9A2146zmGdmpXZuW/oJwfh4mKCcWheSMsU.sCXX5IfVbIgCtF6yu2kDa.WC4Jpf/YvAoacobukPgCNw8nftzUV61DHCV6wfZLOIbDJtgmOKCigukzpiDbdUPFPIPUQv/5z6XvknVCD9auL1V8vJ",
+	  "2",
+	  NULL, NULL },
+	{ "1.q8YBPWg1ZnNbzsf/A/4CcTT1ATe4H6nW4MoSW0K11WkA/mTTpWm8pltsbKGERnRypR1ZMT20xsBMI5owwvIvA.TnrJMqwfnT5DXCrsIU9SVFwYoHH8RCA/tdV4mDyTRTxMN.ulKwVwQGh.EEu0mLJxhl.JL6QnTiiAxG95YbKfAVJgVyFc.VTOtdyYp1z9P1z9A2146zmGdmpXZuW/oJwfh4mKCcWheSMsU.sCXX5IfVbIgCtF6yu2kDa.WC4Jpf/YvAoacobukPgCNw8nftzUV61DHCV6wfZLOIbDJtgmOKCigukzpiDbdUPFPIPUQv/5z6XvknVCD9auL2Ba6h",
+	  "2",
+	  NULL, NULL },
+	{ "1.q8YBPWg1ZnNbzsf/A/4CcTT1ATe4H6nW4MoSW0K11WkA/mTTpWm8pltsbKGERnRypR1ZMT20xsBMI5owwvIvA.TnrJMqwfnT5DXCrsIU9SVFwYoHH8RCA/tdV4mDyTRTxMN.ulKwVwQGh.EEu0mLJxhl.JL6QnTiiAxG95YbKfAVJgVyFc.VTOtdyYp1z9P1z9A2146zmGdmpXZuW/oJwfh4mKCcWheSMsU.sCXX5IfVbIgCtF6yu2kDa.WC4Jpf/YvAoacobukPgCNw8nftzUV61DHCV6wfZLOIbDJtgmOKCigukzpiDbdUPFPIPUQv/5z6XvknVCD9auL2VTF/",
+	  "5",
+	  NULL, NULL },
+	{ "1.q8YBPWg1ZnNbzsf/A/4CcTT1ATe4H6nW4MoSW0K11WkA/mTTpWm8pltsbKGERnRypR1ZMT20xsBMI5owwvIvA.TnrJMqwfnT5DXCrsIU9SVFwYoHH8RCA/tdV4mDyTRTxMN.ulKwVwQGh.EEu0mLJxhl.JL6QnTiiAxG95YbKfAVJgVyFc.VTOtdyYp1z9P1z9A2146zmGdmpXZuW/oJwfh4mKCcWheSMsU.sCXX5IfVbIgCtF6yu2kDa.WC4Jpf/YvAoacobukPgCNw8nftzUV61DHCV6wfZLOIbDJtgmOKCigukzpiDbdUPFPIPUQv/5z6XvknVCD9auL2hwBN",
+	  "5",
+	  NULL, NULL },
+	{ "1.q8YBPWg1ZnNbzsf/A/4CcTT1ATe4H6nW4MoSW0K11WkA/mTTpWm8pltsbKGERnRypR1ZMT20xsBMI5owwvIvA.TnrJMqwfnT5DXCrsIU9SVFwYoHH8RCA/tdV4mDyTRTxMN.ulKwVwQGh.EEu0mLJxhl.JL6QnTiiAxG95YbKfAVJgVyFc.VTOtdyYp1z9P1z9A2146zmGdmpXZuW/oJwfh4mKCcWheSMsU.sCXX5IfVbIgCtF6yu2kDa.WC4Jpf/YvAoacobukPgCNw8nftzUV61DHCV6wfZLOIbDJtgmOKCigukzpiDbdUPFPIPUQv/5z6XvknVCD9auL2m4et",
+	  "5",
+	  NULL, NULL },
+	{ "PfkZxMOV8ce92.LaIYkq89Dnju/3veIA2LWXcJzP24obxX85BvTz0V1cRmFsLpiPdVx9gvHOZ2nWtZi.VFK9HOUHdym/j0fXmc7eaQ3v7P/yZp3A4i.0dTWf3TU6.ei47/h5UJmuyuTNwcUGHoh2QI65jLIm16wC1boOF0hCZI.5gqljzyuZC0aXZ9QH/aGc5O3K59yTH76mjTzvuYGb97JhmxUrIGbGkqEBz9ZdduUKIOiwEr.xGeASExwa1dyemZla0tUvXhrKGypF0a1RZCog2UWNdm5er9QPb1SQQjcFWG5Ro4uGf4uU/Iu8OiNHglwP0KSLesW0szccnHm29io2fb7QvFSzLCJH0y4z71NFZCfdrSivy3ncyxT6Vu/zp51qpGmR9JZx.LQN6/EJ5CxT8E6n3U5jXk4Bv/fR6d1gwqmrRqc0UY87BD05MQyAXZU8bMPHaPucenNgqT9kV9ZyJFereF1Dr02YcHeV/bid7.tbGtM9QYdvQBuTKHkaPgagm.Dt9mdyWLiAiMsl",
+	  "5",
+	  NULL, NULL },
+	{ "PfkZxMOV8ce92.LaIYkq89Dnju/3veIA2LWXcJzP24obxX85BvTz0V1cRmFsLpiPdVx9gvHOZ2nWtZi.VFK9HOUHdym/j0fXmc7eaQ3v7P/yZp3A4i.0dTWf3TU6.ei47/h5UJmuyuTNwcUGHoh2QI65jLIm16wC1boOF0hCZI.5gqljzyuZC0aXZ9QH/aGc5O3K59yTH76mjTzvuYGb97JhmxUrIGbGkqEBz9ZdduUKIOiwEr.xGeASExwa1dyemZla0tUvXhrKGypF0a1RZCog2UWNdm5er9QPb1SQQjcFWG5Ro4uGf4uU/Iu8OiNHglwP0KSLesW0szccnHm29io2fb7QvFSzLCJH0y4z71NFZCfdrSivy3ncyxT6Vu/zp51qpGmR9JZx.LQN6/EJ5CxT8E6n3U5jXk4Bv/fR6d1gwqmrRqc0UY87BD05MQyAXZU8bMPHaPucenNgqT9kV9ZyJFereF1Dr02YcHeV/bid7.tbGtM9QYdvQBuTKHkaPgagm.Dt9mdyWLiAnMp/",
+	  "5",
+	  NULL, NULL },
+	{ "PfkZxMOV8ce92.LaIYkq89Dnju/3veIA2LWXcJzP24obxX85BvTz0V1cRmFsLpiPdVx9gvHOZ2nWtZi.VFK9HOUHdym/j0fXmc7eaQ3v7P/yZp3A4i.0dTWf3TU6.ei47/h5UJmuyuTNwcUGHoh2QI65jLIm16wC1boOF0hCZI.5gqljzyuZC0aXZ9QH/aGc5O3K59yTH76mjTzvuYGb97JhmxUrIGbGkqEBz9ZdduUKIOiwEr.xGeASExwa1dyemZla0tUvXhrKGypF0a1RZCog2UWNdm5er9QPb1SQQjcFWG5Ro4uGf4uU/Iu8OiNHglwP0KSLesW0szccnHm29io2fb7QvFSzLCJH0y4z71NFZCfdrSivy3ncyxT6Vu/zp51qpGmR9JZx.LQN6/EJ5CxT8E6n3U5jXk4Bv/fR6d1gwqmrRqc0UY87BD05MQyAXZU8bMPHaPucenNgqT9kV9ZyJFereF1Dr02YcHeV/bid7.tbGtM9QYdvQBuTKHkaPgagm.Dt9mdyWLiCBqj/",
+	  "5",
+	  NULL, NULL },
+	{ "PfkZxMOV8ce92.LaIYkq89Dnju/3veIA2LWXcJzP24obxX85BvTz0V1cRmFsLpiPdVx9gvHOZ2nWtZi.VFK9HOUHdym/j0fXmc7eaQ3v7P/yZp3A4i.0dTWf3TU6.ei47/h5UJmuyuTNwcUGHoh2QI65jLIm16wC1boOF0hCZI.5gqljzyuZC0aXZ9QH/aGc5O3K59yTH76mjTzvuYGb97JhmxUrIGbGkqEBz9ZdduUKIOiwEr.xGeASExwa1dyemZla0tUvXhrKGypF0a1RZCog2UWNdm5er9QPb1SQQjcFWG5Ro4uGf4uU/Iu8OiNHglwP0KSLesW0szccnHm29io2fb7QvFSzLCJH0y4z71NFZCfdrSivy3ncyxT6Vu/zp51qpGmR9JZx.LQN6/EJ5CxT8E6n3U5jXk4Bv/fR6d1gwqmrRqc0UY87BD05MQyAXZU8bMPHaPucenNgqT9kV9ZyJFereF1Dr02YcHeV/bid7.tbGtM9QYdvQBuTKHkaPgagm.Dt9mdyWLiD1EVt",
+	  "5",
+	  NULL, NULL },
+	{ "PfkZxMOV8ce92.LaIYkq89Dnju/3veIA2LWXcJzP24obxX85BvTz0V1cRmFsLpiPdVx9gvHOZ2nWtZi.VFK9HOUHdym/j0fXmc7eaQ3v7P/yZp3A4i.0dTWf3TU6.ei47/h5UJmuyuTNwcUGHoh2QI65jLIm16wC1boOF0hCZI.5gqljzyuZC0aXZ9QH/aGc5O3K59yTH76mjTzvuYGb97JhmxUrIGbGkqEBz9ZdduUKIOiwEr.xGeASExwa1dyemZla0tUvXhrKGypF0a1RZCog2UWNdm5er9QPb1SQQjcFWG5Ro4uGf4uU/Iu8OiNHglwP0KSLesW0szccnHm29io2fb7QvFSzLCJH0y4z71NFZCfdrSivy3ncyxT6Vu/zp51qpGmR9JZx.LQN6/EJ5CxT8E6n3U5jXk4Bv/fR6d1gwqmrRqc0UY87BD05MQyAXZU8bMPHaPucenNgqT9kV9ZyJFereF1Dr02YcHeV/bid7.tbGtM9QYdvQBuTKHkaPgagm.Dt9mdyWLiD1tbB",
+	  "2",
+	  NULL, NULL },
+	{ "PfkZxMOV8ce92.LaIYkq89Dnju/3veIA2LWXcJzP24obxX85BvTz0V1cRmFsLpiPdVx9gvHOZ2nWtZi.VFK9HOUHdym/j0fXmc7eaQ3v7P/yZp3A4i.0dTWf3TU6.ei47/h5UJmuyuTNwcUGHoh2QI65jLIm16wC1boOF0hCZI.5gqljzyuZC0aXZ9QH/aGc5O3K59yTH76mjTzvuYGb97JhmxUrIGbGkqEBz9ZdduUKIOiwEr.xGeASExwa1dyemZla0tUvXhrKGypF0a1RZCog2UWNdm5er9QPb1SQQjcFWG5Ro4uGf4uU/Iu8OiNHglwP0KSLesW0szccnHm29io2fb7QvFSzLCJH0y4z71NFZCfdrSivy3ncyxT6Vu/zp51qpGmR9JZx.LQN6/EJ5CxT8E6n3U5jXk4Bv/fR6d1gwqmrRqc0UY87BD05MQyAXZU8bMPHaPucenNgqT9kV9ZyJFereF1Dr02YcHeV/bid7.tbGtM9QYdvQBuTKHkaPgagm.Dt9mdyWLiDA.ZF",
+	  "5",
+	  NULL, NULL },
+	{ "PfkZxMOV8ce92.LaIYkq89Dnju/3veIA2LWXcJzP24obxX85BvTz0V1cRmFsLpiPdVx9gvHOZ2nWtZi.VFK9HOUHdym/j0fXmc7eaQ3v7P/yZp3A4i.0dTWf3TU6.ei47/h5UJmuyuTNwcUGHoh2QI65jLIm16wC1boOF0hCZI.5gqljzyuZC0aXZ9QH/aGc5O3K59yTH76mjTzvuYGb97JhmxUrIGbGkqEBz9ZdduUKIOiwEr.xGeASExwa1dyemZla0tUvXhrKGypF0a1RZCog2UWNdm5er9QPb1SQQjcFWG5Ro4uGf4uU/Iu8OiNHglwP0KSLesW0szccnHm29io2fb7QvFSzLCJH0y4z71NFZCfdrSivy3ncyxT6Vu/zp51qpGmR9JZx.LQN6/EJ5CxT8E6n3U5jXk4Bv/fR6d1gwqmrRqc0UY87BD05MQyAXZU8bMPHaPucenNgqT9kV9ZyJFereF1Dr02YcHeV/bid7.tbGtM9QYdvQBuTKHkaPgagm.Dt9mdyWLiDNG4h",
+	  "2",
+	  NULL, NULL },
+	{ "PfkZxMOV8ce92.LaIYkq89Dnju/3veIA2LWXcJzP24obxX85BvTz0V1cRmFsLpiPdVx9gvHOZ2nWtZi.VFK9HOUHdym/j0fXmc7eaQ3v7P/yZp3A4i.0dTWf3TU6.ei47/h5UJmuyuTNwcUGHoh2QI65jLIm16wC1boOF0hCZI.5gqljzyuZC0aXZ9QH/aGc5O3K59yTH76mjTzvuYGb97JhmxUrIGbGkqEBz9ZdduUKIOiwEr.xGeASExwa1dyemZla0tUvXhrKGypF0a1RZCog2UWNdm5er9QPb1SQQjcFWG5Ro4uGf4uU/Iu8OiNHglwP0KSLesW0szccnHm29io2fb7QvFSzLCJH0y4z71NFZCfdrSivy3ncyxT6Vu/zp51qpGmR9JZx.LQN6/EJ5CxT8E6n3U5jXk4Bv/fR6d1gwqmrRqc0UY87BD05MQyAXZU8bMPHaPucenNgqT9kV9ZyJFereF1Dr02YcHeV/bid7.tbGtM9QYdvQBuTKHkaPgagm.Dt9mdyWLiEfPuN",
+	  "5",
+	  NULL, NULL },
+	{ "PfkZxMOV8ce92.LaIYkq89Dnju/3veIA2LWXcJzP24obxX85BvTz0V1cRmFsLpiPdVx9gvHOZ2nWtZi.VFK9HOUHdym/j0fXmc7eaQ3v7P/yZp3A4i.0dTWf3TU6.ei47/h5UJmuyuTNwcUGHoh2QI65jLIm16wC1boOF0hCZI.5gqljzyuZC0aXZ9QH/aGc5O3K59yTH76mjTzvuYGb97JhmxUrIGbGkqEBz9ZdduUKIOiwEr.xGeASExwa1dyemZla0tUvXhrKGypF0a1RZCog2UWNdm5er9QPb1SQQjcFWG5Ro4uGf4uU/Iu8OiNHglwP0KSLesW0szccnHm29io2fb7QvFSzLCJH0y4z71NFZCfdrSivy3ncyxT6Vu/zp51qpGmR9JZx.LQN6/EJ5CxT8E6n3U5jXk4Bv/fR6d1gwqmrRqc0UY87BD05MQyAXZU8bMPHaPucenNgqT9kV9ZyJFereF1Dr02YcHeV/bid7.tbGtM9QYdvQBuTKHkaPgagm.Dt9mdyWLiErjfF",
+	  "5",
+	  NULL, NULL },
+	{ "PfkZxMOV8ce92.LaIYkq89Dnju/3veIA2LWXcJzP24obxX85BvTz0V1cRmFsLpiPdVx9gvHOZ2nWtZi.VFK9HOUHdym/j0fXmc7eaQ3v7P/yZp3A4i.0dTWf3TU6.ei47/h5UJmuyuTNwcUGHoh2QI65jLIm16wC1boOF0hCZI.5gqljzyuZC0aXZ9QH/aGc5O3K59yTH76mjTzvuYGb97JhmxUrIGbGkqEBz9ZdduUKIOiwEr.xGeASExwa1dyemZla0tUvXhrKGypF0a1RZCog2UWNdm5er9QPb1SQQjcFWG5Ro4uGf4uU/Iu8OiNHglwP0KSLesW0szccnHm29io2fb7QvFSzLCJH0y4z71NFZCfdrSivy3ncyxT6Vu/zp51qpGmR9JZx.LQN6/EJ5CxT8E6n3U5jXk4Bv/fR6d1gwqmrRqc0UY87BD05MQyAXZU8bMPHaPucenNgqT9kV9ZyJFereF1Dr02YcHeV/bid7.tbGtM9QYdvQBuTKHkaPgagm.Dt9mdyWLiE.pcp",
+	  "2",
+	  NULL, NULL },
+	{ "PfkZxMOV8ce92.LaIYkq89Dnju/3veIA2LWXcJzP24obxX85BvTz0V1cRmFsLpiPdVx9gvHOZ2nWtZi.VFK9HOUHdym/j0fXmc7eaQ3v7P/yZp3A4i.0dTWf3TU6.ei47/h5UJmuyuTNwcUGHoh2QI65jLIm16wC1boOF0hCZI.5gqljzyuZC0aXZ9QH/aGc5O3K59yTH76mjTzvuYGb97JhmxUrIGbGkqEBz9ZdduUKIOiwEr.xGeASExwa1dyemZla0tUvXhrKGypF0a1RZCog2UWNdm5er9QPb1SQQjcFWG5Ro4uGf4uU/Iu8OiNHglwP0KSLesW0szccnHm29io2fb7QvFSzLCJH0y4z71NFZCfdrSivy3ncyxT6Vu/zp51qpGmR9JZx.LQN6/EJ5CxT8E6n3U5jXk4Bv/fR6d1gwqmrRqc0UY87BD05MQyAXZU8bMPHaPucenNgqT9kV9ZyJFereF1Dr02YcHeV/bid7.tbGtM9QYdvQBuTKHkaPgagm.Dt9mdyWLiFi7mR",
+	  "2",
+	  NULL, NULL },
+	{ "PfkZxMOV8ce92.LaIYkq89Dnju/3veIA2LWXcJzP24obxX85BvTz0V1cRmFsLpiPdVx9gvHOZ2nWtZi.VFK9HOUHdym/j0fXmc7eaQ3v7P/yZp3A4i.0dTWf3TU6.ei47/h5UJmuyuTNwcUGHoh2QI65jLIm16wC1boOF0hCZI.5gqljzyuZC0aXZ9QH/aGc5O3K59yTH76mjTzvuYGb97JhmxUrIGbGkqEBz9ZdduUKIOiwEr.xGeASExwa1dyemZla0tUvXhrKGypF0a1RZCog2UWNdm5er9QPb1SQQjcFWG5Ro4uGf4uU/Iu8OiNHglwP0KSLesW0szccnHm29io2fb7QvFSzLCJH0y4z71NFZCfdrSivy3ncyxT6Vu/zp51qpGmR9JZx.LQN6/EJ5CxT8E6n3U5jXk4Bv/fR6d1gwqmrRqc0UY87BD05MQyAXZU8bMPHaPucenNgqT9kV9ZyJFereF1Dr02YcHeV/bid7.tbGtM9QYdvQBuTKHkaPgagm.Dt9mdyWLiGtP/3",
+	  "2",
+	  NULL, NULL },
+	{ "PfkZxMOV8ce92.LaIYkq89Dnju/3veIA2LWXcJzP24obxX85BvTz0V1cRmFsLpiPdVx9gvHOZ2nWtZi.VFK9HOUHdym/j0fXmc7eaQ3v7P/yZp3A4i.0dTWf3TU6.ei47/h5UJmuyuTNwcUGHoh2QI65jLIm16wC1boOF0hCZI.5gqljzyuZC0aXZ9QH/aGc5O3K59yTH76mjTzvuYGb97JhmxUrIGbGkqEBz9ZdduUKIOiwEr.xGeASExwa1dyemZla0tUvXhrKGypF0a1RZCog2UWNdm5er9QPb1SQQjcFWG5Ro4uGf4uU/Iu8OiNHglwP0KSLesW0szccnHm29io2fb7QvFSzLCJH0y4z71NFZCfdrSivy3ncyxT6Vu/zp51qpGmR9JZx.LQN6/EJ5CxT8E6n3U5jXk4Bv/fR6d1gwqmrRqc0UY87BD05MQyAXZU8bMPHaPucenNgqT9kV9ZyJFereF1Dr02YcHeV/bid7.tbGtM9QYdvQBuTKHkaPgagm.Dt9mdyWLiH0uSt",
+	  "5",
+	  NULL, NULL },
+	{ "PfkZxMOV8ce92.LaIYkq89Dnju/3veIA2LWXcJzP24obxX85BvTz0V1cRmFsLpiPdVx9gvHOZ2nWtZi.VFK9HOUHdym/j0fXmc7eaQ3v7P/yZp3A4i.0dTWf3TU6.ei47/h5UJmuyuTNwcUGHoh2QI65jLIm16wC1boOF0hCZI.5gqljzyuZC0aXZ9QH/aGc5O3K59yTH76mjTzvuYGb97JhmxUrIGbGkqEBz9ZdduUKIOiwEr.xGeASExwa1dyemZla0tUvXhrKGypF0a1RZCog2UWNdm5er9QPb1SQQjcFWG5Ro4uGf4uU/Iu8OiNHglwP0KSLesW0szccnHm29io2fb7QvFSzLCJH0y4z71NFZCfdrSivy3ncyxT6Vu/zp51qpGmR9JZx.LQN6/EJ5CxT8E6n3U5jXk4Bv/fR6d1gwqmrRqc0UY87BD05MQyAXZU8bMPHaPucenNgqT9kV9ZyJFereF1Dr02YcHeV/bid7.tbGtM9QYdvQBuTKHkaPgagm.Dt9mdyWLiHBYJd",
+	  "5",
+	  NULL, NULL },
+	{ "PfkZxMOV8ce92.LaIYkq89Dnju/3veIA2LWXcJzP24obxX85BvTz0V1cRmFsLpiPdVx9gvHOZ2nWtZi.VFK9HOUHdym/j0fXmc7eaQ3v7P/yZp3A4i.0dTWf3TU6.ei47/h5UJmuyuTNwcUGHoh2QI65jLIm16wC1boOF0hCZI.5gqljzyuZC0aXZ9QH/aGc5O3K59yTH76mjTzvuYGb97JhmxUrIGbGkqEBz9ZdduUKIOiwEr.xGeASExwa1dyemZla0tUvXhrKGypF0a1RZCog2UWNdm5er9QPb1SQQjcFWG5Ro4uGf4uU/Iu8OiNHglwP0KSLesW0szccnHm29io2fb7QvFSzLCJH0y4z71NFZCfdrSivy3ncyxT6Vu/zp51qpGmR9JZx.LQN6/EJ5CxT8E6n3U5jXk4Bv/fR6d1gwqmrRqc0UY87BD05MQyAXZU8bMPHaPucenNgqT9kV9ZyJFereF1Dr02YcHeV/bid7.tbGtM9QYdvQBuTKHkaPgagm.Dt9mdyWLiHoUdx",
+	  "2",
+	  NULL, NULL },
+	{ "PfkZxMOV8ce92.LaIYkq89Dnju/3veIA2LWXcJzP24obxX85BvTz0V1cRmFsLpiPdVx9gvHOZ2nWtZi.VFK9HOUHdym/j0fXmc7eaQ3v7P/yZp3A4i.0dTWf3TU6.ei47/h5UJmuyuTNwcUGHoh2QI65jLIm16wC1boOF0hCZI.5gqljzyuZC0aXZ9QH/aGc5O3K59yTH76mjTzvuYGb97JhmxUrIGbGkqEBz9ZdduUKIOiwEr.xGeASExwa1dyemZla0tUvXhrKGypF0a1RZCog2UWNdm5er9QPb1SQQjcFWG5Ro4uGf4uU/Iu8OiNHglwP0KSLesW0szccnHm29io2fb7QvFSzLCJH0y4z71NFZCfdrSivy3ncyxT6Vu/zp51qpGmR9JZx.LQN6/EJ5CxT8E6n3U5jXk4Bv/fR6d1gwqmrRqc0UY87BD05MQyAXZU8bMPHaPucenNgqT9kV9ZyJFereF1Dr02YcHeV/bid7.tbGtM9QYdvQBuTKHkaPgagm.Dt9mdyWLiIE0Fh",
+	  "2",
+	  NULL, NULL },
+	{ "PfkZxMOV8ce92.LaIYkq89Dnju/3veIA2LWXcJzP24obxX85BvTz0V1cRmFsLpiPdVx9gvHOZ2nWtZi.VFK9HOUHdym/j0fXmc7eaQ3v7P/yZp3A4i.0dTWf3TU6.ei47/h5UJmuyuTNwcUGHoh2QI65jLIm16wC1boOF0hCZI.5gqljzyuZC0aXZ9QH/aGc5O3K59yTH76mjTzvuYGb97JhmxUrIGbGkqEBz9ZdduUKIOiwEr.xGeASExwa1dyemZla0tUvXhrKGypF0a1RZCog2UWNdm5er9QPb1SQQjcFWG5Ro4uGf4uU/Iu8OiNHglwP0KSLesW0szccnHm29io2fb7QvFSzLCJH0y4z71NFZCfdrSivy3ncyxT6Vu/zp51qpGmR9JZx.LQN6/EJ5CxT8E6n3U5jXk4Bv/fR6d1gwqmrRqc0UY87BD05MQyAXZU8bMPHaPucenNgqT9kV9ZyJFereF1Dr02YcHeV/bid7.tbGtM9QYdvQBuTKHkaPgagm.Dt9mdyWLiIOIxJ",
+	  "2",
+	  NULL, NULL },
+	{ "PfkZxMOV8ce92.LaIYkq89Dnju/3veIA2LWXcJzP24obxX85BvTz0V1cRmFsLpiPdVx9gvHOZ2nWtZi.VFK9HOUHdym/j0fXmc7eaQ3v7P/yZp3A4i.0dTWf3TU6.ei47/h5UJmuyuTNwcUGHoh2QI65jLIm16wC1boOF0hCZI.5gqljzyuZC0aXZ9QH/aGc5O3K59yTH76mjTzvuYGb97JhmxUrIGbGkqEBz9ZdduUKIOiwEr.xGeASExwa1dyemZla0tUvXhrKGypF0a1RZCog2UWNdm5er9QPb1SQQjcFWG5Ro4uGf4uU/Iu8OiNHglwP0KSLesW0szccnHm29io2fb7QvFSzLCJH0y4z71NFZCfdrSivy3ncyxT6Vu/zp51qpGmR9JZx.LQN6/EJ5CxT8E6n3U5jXk4Bv/fR6d1gwqmrRqc0UY87BD05MQyAXZU8bMPHaPucenNgqT9kV9ZyJFereF1Dr02YcHeV/bid7.tbGtM9QYdvQBuTKHkaPgagm.Dt9mdyWLiJeb27",
+	  "5",
+	  NULL, NULL },
+	{ "PfkZxMOV8ce92.LaIYkq89Dnju/3veIA2LWXcJzP24obxX85BvTz0V1cRmFsLpiPdVx9gvHOZ2nWtZi.VFK9HOUHdym/j0fXmc7eaQ3v7P/yZp3A4i.0dTWf3TU6.ei47/h5UJmuyuTNwcUGHoh2QI65jLIm16wC1boOF0hCZI.5gqljzyuZC0aXZ9QH/aGc5O3K59yTH76mjTzvuYGb97JhmxUrIGbGkqEBz9ZdduUKIOiwEr.xGeASExwa1dyemZla0tUvXhrKGypF0a1RZCog2UWNdm5er9QPb1SQQjcFWG5Ro4uGf4uU/Iu8OiNHglwP0KSLesW0szccnHm29io2fb7QvFSzLCJH0y4z71NFZCfdrSivy3ncyxT6Vu/zp51qpGmR9JZx.LQN6/EJ5CxT8E6n3U5jXk4Bv/fR6d1gwqmrRqc0UY87BD05MQyAXZU8bMPHaPucenNgqT9kV9ZyJFereF1Dr02YcHeV/bid7.tbGtM9QYdvQBuTKHkaPgagm.Dt9mdyWLiKB4uZ",
+	  "2",
+	  NULL, NULL },
+	{ "PfkZxMOV8ce92.LaIYkq89Dnju/3veIA2LWXcJzP24obxX85BvTz0V1cRmFsLpiPdVx9gvHOZ2nWtZi.VFK9HOUHdym/j0fXmc7eaQ3v7P/yZp3A4i.0dTWf3TU6.ei47/h5UJmuyuTNwcUGHoh2QI65jLIm16wC1boOF0hCZI.5gqljzyuZC0aXZ9QH/aGc5O3K59yTH76mjTzvuYGb97JhmxUrIGbGkqEBz9ZdduUKIOiwEr.xGeASExwa1dyemZla0tUvXhrKGypF0a1RZCog2UWNdm5er9QPb1SQQjcFWG5Ro4uGf4uU/Iu8OiNHglwP0KSLesW0szccnHm29io2fb7QvFSzLCJH0y4z71NFZCfdrSivy3ncyxT6Vu/zp51qpGmR9JZx.LQN6/EJ5CxT8E6n3U5jXk4Bv/fR6d1gwqmrRqc0UY87BD05MQyAXZU8bMPHaPucenNgqT9kV9ZyJFereF1Dr02YcHeV/bid7.tbGtM9QYdvQBuTKHkaPgagm.Dt9mdyWLiKM7Zp",
+	  "2",
+	  NULL, NULL },
+	{ "PfkZxMOV8ce92.LaIYkq89Dnju/3veIA2LWXcJzP24obxX85BvTz0V1cRmFsLpiPdVx9gvHOZ2nWtZi.VFK9HOUHdym/j0fXmc7eaQ3v7P/yZp3A4i.0dTWf3TU6.ei47/h5UJmuyuTNwcUGHoh2QI65jLIm16wC1boOF0hCZI.5gqljzyuZC0aXZ9QH/aGc5O3K59yTH76mjTzvuYGb97JhmxUrIGbGkqEBz9ZdduUKIOiwEr.xGeASExwa1dyemZla0tUvXhrKGypF0a1RZCog2UWNdm5er9QPb1SQQjcFWG5Ro4uGf4uU/Iu8OiNHglwP0KSLesW0szccnHm29io2fb7QvFSzLCJH0y4z71NFZCfdrSivy3ncyxT6Vu/zp51qpGmR9JZx.LQN6/EJ5CxT8E6n3U5jXk4Bv/fR6d1gwqmrRqc0UY87BD05MQyAXZU8bMPHaPucenNgqT9kV9ZyJFereF1Dr02YcHeV/bid7.tbGtM9QYdvQBuTKHkaPgagm.Dt9mdyWLiLAlQh",
+	  "2",
+	  NULL, NULL },
+	{ "PfkZxMOV8ce92.LaIYkq89Dnju/3veIA2LWXcJzP24obxX85BvTz0V1cRmFsLpiPdVx9gvHOZ2nWtZi.VFK9HOUHdym/j0fXmc7eaQ3v7P/yZp3A4i.0dTWf3TU6.ei47/h5UJmuyuTNwcUGHoh2QI65jLIm16wC1boOF0hCZI.5gqljzyuZC0aXZ9QH/aGc5O3K59yTH76mjTzvuYGb97JhmxUrIGbGkqEBz9ZdduUKIOiwEr.xGeASExwa1dyemZla0tUvXhrKGypF0a1RZCog2UWNdm5er9QPb1SQQjcFWG5Ro4uGf4uU/Iu8OiNHglwP0KSLesW0szccnHm29io2fb7QvFSzLCJH0y4z71NFZCfdrSivy3ncyxT6Vu/zp51qpGmR9JZx.LQN6/EJ5CxT8E6n3U5jXk4Bv/fR6d1gwqmrRqc0UY87BD05MQyAXZU8bMPHaPucenNgqT9kV9ZyJFereF1Dr02YcHeV/bid7.tbGtM9QYdvQBuTKHkaPgagm.Dt9mdyWLiLvuoB",
+	  "2",
+	  NULL, NULL },
+	{ "PfkZxMOV8ce92.LaIYkq89Dnju/3veIA2LWXcJzP24obxX85BvTz0V1cRmFsLpiPdVx9gvHOZ2nWtZi.VFK9HOUHdym/j0fXmc7eaQ3v7P/yZp3A4i.0dTWf3TU6.ei47/h5UJmuyuTNwcUGHoh2QI65jLIm16wC1boOF0hCZI.5gqljzyuZC0aXZ9QH/aGc5O3K59yTH76mjTzvuYGb97JhmxUrIGbGkqEBz9ZdduUKIOiwEr.xGeASExwa1dyemZla0tUvXhrKGypF0a1RZCog2UWNdm5er9QPb1SQQjcFWG5Ro4uGf4uU/Iu8OiNHglwP0KSLesW0szccnHm29io2fb7QvFSzLCJH0y4z71NFZCfdrSivy3ncyxT6Vu/zp51qpGmR9JZx.LQN6/EJ5CxT8E6n3U5jXk4Bv/fR6d1gwqmrRqc0UY87BD05MQyAXZU8bMPHaPucenNgqT9kV9ZyJFereF1Dr02YcHeV/bid7.tbGtM9QYdvQBuTKHkaPgagm.Dt9mdyWLiMIR/l",
+	  "5",
+	  NULL, NULL },
+	{ "PfkZxMOV8ce92.LaIYkq89Dnju/3veIA2LWXcJzP24obxX85BvTz0V1cRmFsLpiPdVx9gvHOZ2nWtZi.VFK9HOUHdym/j0fXmc7eaQ3v7P/yZp3A4i.0dTWf3TU6.ei47/h5UJmuyuTNwcUGHoh2QI65jLIm16wC1boOF0hCZI.5gqljzyuZC0aXZ9QH/aGc5O3K59yTH76mjTzvuYGb97JhmxUrIGbGkqEBz9ZdduUKIOiwEr.xGeASExwa1dyemZla0tUvXhrKGypF0a1RZCog2UWNdm5er9QPb1SQQjcFWG5Ro4uGf4uU/Iu8OiNHglwP0KSLesW0szccnHm29io2fb7QvFSzLCJH0y4z71NFZCfdrSivy3ncyxT6Vu/zp51qpGmR9JZx.LQN6/EJ5CxT8E6n3U5jXk4Bv/fR6d1gwqmrRqc0UY87BD05MQyAXZU8bMPHaPucenNgqT9kV9ZyJFereF1Dr02YcHeV/bid7.tbGtM9QYdvQBuTKHkaPgagm.Dt9mdyWLiMJKu/",
+	  "5",
+	  NULL, NULL },
+	{ "PfkZxMOV8ce92.LaIYkq89Dnju/3veIA2LWXcJzP24obxX85BvTz0V1cRmFsLpiPdVx9gvHOZ2nWtZi.VFK9HOUHdym/j0fXmc7eaQ3v7P/yZp3A4i.0dTWf3TU6.ei47/h5UJmuyuTNwcUGHoh2QI65jLIm16wC1boOF0hCZI.5gqljzyuZC0aXZ9QH/aGc5O3K59yTH76mjTzvuYGb97JhmxUrIGbGkqEBz9ZdduUKIOiwEr.xGeASExwa1dyemZla0tUvXhrKGypF0a1RZCog2UWNdm5er9QPb1SQQjcFWG5Ro4uGf4uU/Iu8OiNHglwP0KSLesW0szccnHm29io2fb7QvFSzLCJH0y4z71NFZCfdrSivy3ncyxT6Vu/zp51qpGmR9JZx.LQN6/EJ5CxT8E6n3U5jXk4Bv/fR6d1gwqmrRqc0UY87BD05MQyAXZU8bMPHaPucenNgqT9kV9ZyJFereF1Dr02YcHeV/bid7.tbGtM9QYdvQBuTKHkaPgagm.Dt9mdyWLiMu7ip",
+	  "2",
+	  NULL, NULL },
+	{ "PfkZxMOV8ce92.LaIYkq89Dnju/3veIA2LWXcJzP24obxX85BvTz0V1cRmFsLpiPdVx9gvHOZ2nWtZi.VFK9HOUHdym/j0fXmc7eaQ3v7P/yZp3A4i.0dTWf3TU6.ei47/h5UJmuyuTNwcUGHoh2QI65jLIm16wC1boOF0hCZI.5gqljzyuZC0aXZ9QH/aGc5O3K59yTH76mjTzvuYGb97JhmxUrIGbGkqEBz9ZdduUKIOiwEr.xGeASExwa1dyemZla0tUvXhrKGypF0a1RZCog2UWNdm5er9QPb1SQQjcFWG5Ro4uGf4uU/Iu8OiNHglwP0KSLesW0szccnHm29io2fb7QvFSzLCJH0y4z71NFZCfdrSivy3ncyxT6Vu/zp51qpGmR9JZx.LQN6/EJ5CxT8E6n3U5jXk4Bv/fR6d1gwqmrRqc0UY87BD05MQyAXZU8bMPHaPucenNgqT9kV9ZyJFereF1Dr02YcHeV/bid7.tbGtM9QYdvQBuTKHkaPgagm.Dt9mdyWLiNS693",
+	  "2",
+	  NULL, NULL },
+	{ "PfkZxMOV8ce92.LaIYkq89Dnju/3veIA2LWXcJzP24obxX85BvTz0V1cRmFsLpiPdVx9gvHOZ2nWtZi.VFK9HOUHdym/j0fXmc7eaQ3v7P/yZp3A4i.0dTWf3TU6.ei47/h5UJmuyuTNwcUGHoh2QI65jLIm16wC1boOF0hCZI.5gqljzyuZC0aXZ9QH/aGc5O3K59yTH76mjTzvuYGb97JhmxUrIGbGkqEBz9ZdduUKIOiwEr.xGeASExwa1dyemZla0tUvXhrKGypF0a1RZCog2UWNdm5er9QPb1SQQjcFWG5Ro4uGf4uU/Iu8OiNHglwP0KSLesW0szccnHm29io2fb7QvFSzLCJH0y4z71NFZCfdrSivy3ncyxT6Vu/zp51qpGmR9JZx.LQN6/EJ5CxT8E6n3U5jXk4Bv/fR6d1gwqmrRqc0UY87BD05MQyAXZU8bMPHaPucenNgqT9kV9ZyJFereF1Dr02YcHeV/bid7.tbGtM9QYdvQBuTKHkaPgagm.Dt9mdyWLiOBzbN",
+	  "5",
+	  NULL, NULL },
+	{ "PfkZxMOV8ce92.LaIYkq89Dnju/3veIA2LWXcJzP24obxX85BvTz0V1cRmFsLpiPdVx9gvHOZ2nWtZi.VFK9HOUHdym/j0fXmc7eaQ3v7P/yZp3A4i.0dTWf3TU6.ei47/h5UJmuyuTNwcUGHoh2QI65jLIm16wC1boOF0hCZI.5gqljzyuZC0aXZ9QH/aGc5O3K59yTH76mjTzvuYGb97JhmxUrIGbGkqEBz9ZdduUKIOiwEr.xGeASExwa1dyemZla0tUvXhrKGypF0a1RZCog2UWNdm5er9QPb1SQQjcFWG5Ro4uGf4uU/Iu8OiNHglwP0KSLesW0szccnHm29io2fb7QvFSzLCJH0y4z71NFZCfdrSivy3ncyxT6Vu/zp51qpGmR9JZx.LQN6/EJ5CxT8E6n3U5jXk4Bv/fR6d1gwqmrRqc0UY87BD05MQyAXZU8bMPHaPucenNgqT9kV9ZyJFereF1Dr02YcHeV/bid7.tbGtM9QYdvQBuTKHkaPgagm.Dt9mdyWLiOTea3",
+	  "2",
+	  NULL, NULL },
+	{ "PfkZxMOV8ce92.LaIYkq89Dnju/3veIA2LWXcJzP24obxX85BvTz0V1cRmFsLpiPdVx9gvHOZ2nWtZi.VFK9HOUHdym/j0fXmc7eaQ3v7P/yZp3A4i.0dTWf3TU6.ei47/h5UJmuyuTNwcUGHoh2QI65jLIm16wC1boOF0hCZI.5gqljzyuZC0aXZ9QH/aGc5O3K59yTH76mjTzvuYGb97JhmxUrIGbGkqEBz9ZdduUKIOiwEr.xGeASExwa1dyemZla0tUvXhrKGypF0a1RZCog2UWNdm5er9QPb1SQQjcFWG5Ro4uGf4uU/Iu8OiNHglwP0KSLesW0szccnHm29io2fb7QvFSzLCJH0y4z71NFZCfdrSivy3ncyxT6Vu/zp51qpGmR9JZx.LQN6/EJ5CxT8E6n3U5jXk4Bv/fR6d1gwqmrRqc0UY87BD05MQyAXZU8bMPHaPucenNgqT9kV9ZyJFereF1Dr02YcHeV/bid7.tbGtM9QYdvQBuTKHkaPgagm.Dt9mdyWLiOtFmx",
+	  "2",
+	  NULL, NULL },
+	{ "PfkZxMOV8ce92.LaIYkq89Dnju/3veIA2LWXcJzP24obxX85BvTz0V1cRmFsLpiPdVx9gvHOZ2nWtZi.VFK9HOUHdym/j0fXmc7eaQ3v7P/yZp3A4i.0dTWf3TU6.ei47/h5UJmuyuTNwcUGHoh2QI65jLIm16wC1boOF0hCZI.5gqljzyuZC0aXZ9QH/aGc5O3K59yTH76mjTzvuYGb97JhmxUrIGbGkqEBz9ZdduUKIOiwEr.xGeASExwa1dyemZla0tUvXhrKGypF0a1RZCog2UWNdm5er9QPb1SQQjcFWG5Ro4uGf4uU/Iu8OiNHglwP0KSLesW0szccnHm29io2fb7QvFSzLCJH0y4z71NFZCfdrSivy3ncyxT6Vu/zp51qpGmR9JZx.LQN6/EJ5CxT8E6n3U5jXk4Bv/fR6d1gwqmrRqc0UY87BD05MQyAXZU8bMPHaPucenNgqT9kV9ZyJFereF1Dr02YcHeV/bid7.tbGtM9QYdvQBuTKHkaPgagm.Dt9mdyWLiQ6lUN",
+	  "5",
+	  NULL, NULL },
+	{ "PfkZxMOV8ce92.LaIYkq89Dnju/3veIA2LWXcJzP24obxX85BvTz0V1cRmFsLpiPdVx9gvHOZ2nWtZi.VFK9HOUHdym/j0fXmc7eaQ3v7P/yZp3A4i.0dTWf3TU6.ei47/h5UJmuyuTNwcUGHoh2QI65jLIm16wC1boOF0hCZI.5gqljzyuZC0aXZ9QH/aGc5O3K59yTH76mjTzvuYGb97JhmxUrIGbGkqEBz9ZdduUKIOiwEr.xGeASExwa1dyemZla0tUvXhrKGypF0a1RZCog2UWNdm5er9QPb1SQQjcFWG5Ro4uGf4uU/Iu8OiNHglwP0KSLesW0szccnHm29io2fb7QvFSzLCJH0y4z71NFZCfdrSivy3ncyxT6Vu/zp51qpGmR9JZx.LQN6/EJ5CxT8E6n3U5jXk4Bv/fR6d1gwqmrRqc0UY87BD05MQyAXZU8bMPHaPucenNgqT9kV9ZyJFereF1Dr02YcHeV/bid7.tbGtM9QYdvQBuTKHkaPgagm.Dt9mdyWLiR5L7d",
+	  "5",
+	  NULL, NULL },
+	{ "PfkZxMOV8ce92.LaIYkq89Dnju/3veIA2LWXcJzP24obxX85BvTz0V1cRmFsLpiPdVx9gvHOZ2nWtZi.VFK9HOUHdym/j0fXmc7eaQ3v7P/yZp3A4i.0dTWf3TU6.ei47/h5UJmuyuTNwcUGHoh2QI65jLIm16wC1boOF0hCZI.5gqljzyuZC0aXZ9QH/aGc5O3K59yTH76mjTzvuYGb97JhmxUrIGbGkqEBz9ZdduUKIOiwEr.xGeASExwa1dyemZla0tUvXhrKGypF0a1RZCog2UWNdm5er9QPb1SQQjcFWG5Ro4uGf4uU/Iu8OiNHglwP0KSLesW0szccnHm29io2fb7QvFSzLCJH0y4z71NFZCfdrSivy3ncyxT6Vu/zp51qpGmR9JZx.LQN6/EJ5CxT8E6n3U5jXk4Bv/fR6d1gwqmrRqc0UY87BD05MQyAXZU8bMPHaPucenNgqT9kV9ZyJFereF1Dr02YcHeV/bid7.tbGtM9QYdvQBuTKHkaPgagm.Dt9mdyWLiRzux7",
+	  "5",
+	  NULL, NULL },
+	{ "PfkZxMOV8ce92.LaIYkq89Dnju/3veIA2LWXcJzP24obxX85BvTz0V1cRmFsLpiPdVx9gvHOZ2nWtZi.VFK9HOUHdym/j0fXmc7eaQ3v7P/yZp3A4i.0dTWf3TU6.ei47/h5UJmuyuTNwcUGHoh2QI65jLIm16wC1boOF0hCZI.5gqljzyuZC0aXZ9QH/aGc5O3K59yTH76mjTzvuYGb97JhmxUrIGbGkqEBz9ZdduUKIOiwEr.xGeASExwa1dyemZla0tUvXhrKGypF0a1RZCog2UWNdm5er9QPb1SQQjcFWG5Ro4uGf4uU/Iu8OiNHglwP0KSLesW0szccnHm29io2fb7QvFSzLCJH0y4z71NFZCfdrSivy3ncyxT6Vu/zp51qpGmR9JZx.LQN6/EJ5CxT8E6n3U5jXk4Bv/fR6d1gwqmrRqc0UY87BD05MQyAXZU8bMPHaPucenNgqT9kV9ZyJFereF1Dr02YcHeV/bid7.tbGtM9QYdvQBuTKHkaPgagm.Dt9mdyWLiSC08R",
+	  "2",
+	  NULL, NULL },
+	{ "PfkZxMOV8ce92.LaIYkq89Dnju/3veIA2LWXcJzP24obxX85BvTz0V1cRmFsLpiPdVx9gvHOZ2nWtZi.VFK9HOUHdym/j0fXmc7eaQ3v7P/yZp3A4i.0dTWf3TU6.ei47/h5UJmuyuTNwcUGHoh2QI65jLIm16wC1boOF0hCZI.5gqljzyuZC0aXZ9QH/aGc5O3K59yTH76mjTzvuYGb97JhmxUrIGbGkqEBz9ZdduUKIOiwEr.xGeASExwa1dyemZla0tUvXhrKGypF0a1RZCog2UWNdm5er9QPb1SQQjcFWG5Ro4uGf4uU/Iu8OiNHglwP0KSLesW0szccnHm29io2fb7QvFSzLCJH0y4z71NFZCfdrSivy3ncyxT6Vu/zp51qpGmR9JZx.LQN6/EJ5CxT8E6n3U5jXk4Bv/fR6d1gwqmrRqc0UY87BD05MQyAXZU8bMPHaPucenNgqT9kV9ZyJFereF1Dr02YcHeV/bid7.tbGtM9QYdvQBuTKHkaPgagm.Dt9mdyWLiSydT3",
+	  "2",
+	  NULL, NULL },
+	{ "PfkZxMOV8ce92.LaIYkq89Dnju/3veIA2LWXcJzP24obxX85BvTz0V1cRmFsLpiPdVx9gvHOZ2nWtZi.VFK9HOUHdym/j0fXmc7eaQ3v7P/yZp3A4i.0dTWf3TU6.ei47/h5UJmuyuTNwcUGHoh2QI65jLIm16wC1boOF0hCZI.5gqljzyuZC0aXZ9QH/aGc5O3K59yTH76mjTzvuYGb97JhmxUrIGbGkqEBz9ZdduUKIOiwEr.xGeASExwa1dyemZla0tUvXhrKGypF0a1RZCog2UWNdm5er9QPb1SQQjcFWG5Ro4uGf4uU/Iu8OiNHglwP0KSLesW0szccnHm29io2fb7QvFSzLCJH0y4z71NFZCfdrSivy3ncyxT6Vu/zp51qpGmR9JZx.LQN6/EJ5CxT8E6n3U5jXk4Bv/fR6d1gwqmrRqc0UY87BD05MQyAXZU8bMPHaPucenNgqT9kV9ZyJFereF1Dr02YcHeV/bid7.tbGtM9QYdvQBuTKHkaPgagm.Dt9mdyWLiT9VhN",
+	  "5",
+	  NULL, NULL },
+	{ "PfkZxMOV8ce92.LaIYkq89Dnju/3veIA2LWXcJzP24obxX85BvTz0V1cRmFsLpiPdVx9gvHOZ2nWtZi.VFK9HOUHdym/j0fXmc7eaQ3v7P/yZp3A4i.0dTWf3TU6.ei47/h5UJmuyuTNwcUGHoh2QI65jLIm16wC1boOF0hCZI.5gqljzyuZC0aXZ9QH/aGc5O3K59yTH76mjTzvuYGb97JhmxUrIGbGkqEBz9ZdduUKIOiwEr.xGeASExwa1dyemZla0tUvXhrKGypF0a1RZCog2UWNdm5er9QPb1SQQjcFWG5Ro4uGf4uU/Iu8OiNHglwP0KSLesW0szccnHm29io2fb7QvFSzLCJH0y4z71NFZCfdrSivy3ncyxT6Vu/zp51qpGmR9JZx.LQN6/EJ5CxT8E6n3U5jXk4Bv/fR6d1gwqmrRqc0UY87BD05MQyAXZU8bMPHaPucenNgqT9kV9ZyJFereF1Dr02YcHeV/bid7.tbGtM9QYdvQBuTKHkaPgagm.Dt9mdyWLiTZ2TJ",
+	  "2",
+	  NULL, NULL },
+	{ "6MrkVNi.jjCopZHl8b30kbRI4Cf3nfwG5UTy.B/cC7JsfyX25V7X4CzyohVdWo04X8HQGuV.q6usqw6h.E8e9oRiicEt5WSBcNLVs6xaWmz6ti5Yr.j/sNM1zh/H3kBeQpXewUnRg1nFs9JV6Q9uyIWzX6Oyx1K/F50pwtOOYmETY6PWp7bdQRtBfrWZGvOzIRfNqXSVACAGMONsZpFzoAxWZOc1YWz1Kiqk3xDjCaRguDPH04ElbwVfx0MxOc97TLJp76rptRjig64itVsSDQl6HTZxlqNNaZgD.uOkUHEBG5zX5n4J84HWMWPXcv92rBt.7cWnlG1ptXPPq.JumGsNqwCkCCIxxSbSof6ryyCdIavhk9VGeploGbPs/YjrXBpG..R/ABxfXlKlvFXvKOcqYVzg1BXZGSLUQjEwicG7QiOEyiDdqXpBPBEPhE6wkNO8IoVqLRSFmcnSRLWFXUaQD94yxQ83hpQ69kfuZvAJ6mfbQpoPFZEdLIoSnOqF0l1aY7tNcegne0HT1QLvPdtD62te4BWHXsnYStE8Zj0Cslo9HhZisCLcM39zZj7xyGtaDHqshkQQ6sl8U3TTbCtIVofyKJwd2GyxnDanvsO7jWTn6DSSxVua8kXaAgI3jDm.1MyBvizAEs7lZIW59Y3OYB1Ut32Hi0yeS4C7WZp",
+	  "2",
+	  NULL, NULL },
+	{ "6MrkVNi.jjCopZHl8b30kbRI4Cf3nfwG5UTy.B/cC7JsfyX25V7X4CzyohVdWo04X8HQGuV.q6usqw6h.E8e9oRiicEt5WSBcNLVs6xaWmz6ti5Yr.j/sNM1zh/H3kBeQpXewUnRg1nFs9JV6Q9uyIWzX6Oyx1K/F50pwtOOYmETY6PWp7bdQRtBfrWZGvOzIRfNqXSVACAGMONsZpFzoAxWZOc1YWz1Kiqk3xDjCaRguDPH04ElbwVfx0MxOc97TLJp76rptRjig64itVsSDQl6HTZxlqNNaZgD.uOkUHEBG5zX5n4J84HWMWPXcv92rBt.7cWnlG1ptXPPq.JumGsNqwCkCCIxxSbSof6ryyCdIavhk9VGeploGbPs/YjrXBpG..R/ABxfXlKlvFXvKOcqYVzg1BXZGSLUQjEwicG7QiOEyiDdqXpBPBEPhE6wkNO8IoVqLRSFmcnSRLWFXUaQD94yxQ83hpQ69kfuZvAJ6mfbQpoPFZEdLIoSnOqF0l1aY7tNcegne0HT1QLvPdtD62te4BWHXsnYStE8Zj0Cslo9HhZisCLcM39zZj7xyGtaDHqshkQQ6sl8U3TTbCtIVofyKJwd2GyxnDanvsO7jWTn6DSSxVua8kXaAgI3jDm.1MyBvizAEs7lZIW59Y3OYB1Ut32Hi0yeS4C8P.p",
+	  "2",
+	  NULL, NULL },
+	{ "6MrkVNi.jjCopZHl8b30kbRI4Cf3nfwG5UTy.B/cC7JsfyX25V7X4CzyohVdWo04X8HQGuV.q6usqw6h.E8e9oRiicEt5WSBcNLVs6xaWmz6ti5Yr.j/sNM1zh/H3kBeQpXewUnRg1nFs9JV6Q9uyIWzX6Oyx1K/F50pwtOOYmETY6PWp7bdQRtBfrWZGvOzIRfNqXSVACAGMONsZpFzoAxWZOc1YWz1Kiqk3xDjCaRguDPH04ElbwVfx0MxOc97TLJp76rptRjig64itVsSDQl6HTZxlqNNaZgD.uOkUHEBG5zX5n4J84HWMWPXcv92rBt.7cWnlG1ptXPPq.JumGsNqwCkCCIxxSbSof6ryyCdIavhk9VGeploGbPs/YjrXBpG..R/ABxfXlKlvFXvKOcqYVzg1BXZGSLUQjEwicG7QiOEyiDdqXpBPBEPhE6wkNO8IoVqLRSFmcnSRLWFXUaQD94yxQ83hpQ69kfuZvAJ6mfbQpoPFZEdLIoSnOqF0l1aY7tNcegne0HT1QLvPdtD62te4BWHXsnYStE8Zj0Cslo9HhZisCLcM39zZj7xyGtaDHqshkQQ6sl8U3TTbCtIVofyKJwd2GyxnDanvsO7jWTn6DSSxVua8kXaAgI3jDm.1MyBvizAEs7lZIW59Y3OYB1Ut32Hi0yeS4CPWi/",
+	  "5",
+	  NULL, NULL },
+	{ "6MrkVNi.jjCopZHl8b30kbRI4Cf3nfwG5UTy.B/cC7JsfyX25V7X4CzyohVdWo04X8HQGuV.q6usqw6h.E8e9oRiicEt5WSBcNLVs6xaWmz6ti5Yr.j/sNM1zh/H3kBeQpXewUnRg1nFs9JV6Q9uyIWzX6Oyx1K/F50pwtOOYmETY6PWp7bdQRtBfrWZGvOzIRfNqXSVACAGMONsZpFzoAxWZOc1YWz1Kiqk3xDjCaRguDPH04ElbwVfx0MxOc97TLJp76rptRjig64itVsSDQl6HTZxlqNNaZgD.uOkUHEBG5zX5n4J84HWMWPXcv92rBt.7cWnlG1ptXPPq.JumGsNqwCkCCIxxSbSof6ryyCdIavhk9VGeploGbPs/YjrXBpG..R/ABxfXlKlvFXvKOcqYVzg1BXZGSLUQjEwicG7QiOEyiDdqXpBPBEPhE6wkNO8IoVqLRSFmcnSRLWFXUaQD94yxQ83hpQ69kfuZvAJ6mfbQpoPFZEdLIoSnOqF0l1aY7tNcegne0HT1QLvPdtD62te4BWHXsnYStE8Zj0Cslo9HhZisCLcM39zZj7xyGtaDHqshkQQ6sl8U3TTbCtIVofyKJwd2GyxnDanvsO7jWTn6DSSxVua8kXaAgI3jDm.1MyBvizAEs7lZIW59Y3OYB1Ut32Hi0yeS4DT1CJ",
+	  "2",
+	  NULL, NULL },
+	{ "6MrkVNi.jjCopZHl8b30kbRI4Cf3nfwG5UTy.B/cC7JsfyX25V7X4CzyohVdWo04X8HQGuV.q6usqw6h.E8e9oRiicEt5WSBcNLVs6xaWmz6ti5Yr.j/sNM1zh/H3kBeQpXewUnRg1nFs9JV6Q9uyIWzX6Oyx1K/F50pwtOOYmETY6PWp7bdQRtBfrWZGvOzIRfNqXSVACAGMONsZpFzoAxWZOc1YWz1Kiqk3xDjCaRguDPH04ElbwVfx0MxOc97TLJp76rptRjig64itVsSDQl6HTZxlqNNaZgD.uOkUHEBG5zX5n4J84HWMWPXcv92rBt.7cWnlG1ptXPPq.JumGsNqwCkCCIxxSbSof6ryyCdIavhk9VGeploGbPs/YjrXBpG..R/ABxfXlKlvFXvKOcqYVzg1BXZGSLUQjEwicG7QiOEyiDdqXpBPBEPhE6wkNO8IoVqLRSFmcnSRLWFXUaQD94yxQ83hpQ69kfuZvAJ6mfbQpoPFZEdLIoSnOqF0l1aY7tNcegne0HT1QLvPdtD62te4BWHXsnYStE8Zj0Cslo9HhZisCLcM39zZj7xyGtaDHqshkQQ6sl8U3TTbCtIVofyKJwd2GyxnDanvsO7jWTn6DSSxVua8kXaAgI3jDm.1MyBvizAEs7lZIW59Y3OYB1Ut32Hi0yeS4Dr16J",
+	  "2",
+	  NULL, NULL },
+	{ "6MrkVNi.jjCopZHl8b30kbRI4Cf3nfwG5UTy.B/cC7JsfyX25V7X4CzyohVdWo04X8HQGuV.q6usqw6h.E8e9oRiicEt5WSBcNLVs6xaWmz6ti5Yr.j/sNM1zh/H3kBeQpXewUnRg1nFs9JV6Q9uyIWzX6Oyx1K/F50pwtOOYmETY6PWp7bdQRtBfrWZGvOzIRfNqXSVACAGMONsZpFzoAxWZOc1YWz1Kiqk3xDjCaRguDPH04ElbwVfx0MxOc97TLJp76rptRjig64itVsSDQl6HTZxlqNNaZgD.uOkUHEBG5zX5n4J84HWMWPXcv92rBt.7cWnlG1ptXPPq.JumGsNqwCkCCIxxSbSof6ryyCdIavhk9VGeploGbPs/YjrXBpG..R/ABxfXlKlvFXvKOcqYVzg1BXZGSLUQjEwicG7QiOEyiDdqXpBPBEPhE6wkNO8IoVqLRSFmcnSRLWFXUaQD94yxQ83hpQ69kfuZvAJ6mfbQpoPFZEdLIoSnOqF0l1aY7tNcegne0HT1QLvPdtD62te4BWHXsnYStE8Zj0Cslo9HhZisCLcM39zZj7xyGtaDHqshkQQ6sl8U3TTbCtIVofyKJwd2GyxnDanvsO7jWTn6DSSxVua8kXaAgI3jDm.1MyBvizAEs7lZIW59Y3OYB1Ut32Hi0yeS4E2hJl",
+	  "5",
+	  NULL, NULL },
+	{ "6MrkVNi.jjCopZHl8b30kbRI4Cf3nfwG5UTy.B/cC7JsfyX25V7X4CzyohVdWo04X8HQGuV.q6usqw6h.E8e9oRiicEt5WSBcNLVs6xaWmz6ti5Yr.j/sNM1zh/H3kBeQpXewUnRg1nFs9JV6Q9uyIWzX6Oyx1K/F50pwtOOYmETY6PWp7bdQRtBfrWZGvOzIRfNqXSVACAGMONsZpFzoAxWZOc1YWz1Kiqk3xDjCaRguDPH04ElbwVfx0MxOc97TLJp76rptRjig64itVsSDQl6HTZxlqNNaZgD.uOkUHEBG5zX5n4J84HWMWPXcv92rBt.7cWnlG1ptXPPq.JumGsNqwCkCCIxxSbSof6ryyCdIavhk9VGeploGbPs/YjrXBpG..R/ABxfXlKlvFXvKOcqYVzg1BXZGSLUQjEwicG7QiOEyiDdqXpBPBEPhE6wkNO8IoVqLRSFmcnSRLWFXUaQD94yxQ83hpQ69kfuZvAJ6mfbQpoPFZEdLIoSnOqF0l1aY7tNcegne0HT1QLvPdtD62te4BWHXsnYStE8Zj0Cslo9HhZisCLcM39zZj7xyGtaDHqshkQQ6sl8U3TTbCtIVofyKJwd2GyxnDanvsO7jWTn6DSSxVua8kXaAgI3jDm.1MyBvizAEs7lZIW59Y3OYB1Ut32Hi0yeS4E8lXN",
+	  "5",
+	  NULL, NULL },
+	{ "6MrkVNi.jjCopZHl8b30kbRI4Cf3nfwG5UTy.B/cC7JsfyX25V7X4CzyohVdWo04X8HQGuV.q6usqw6h.E8e9oRiicEt5WSBcNLVs6xaWmz6ti5Yr.j/sNM1zh/H3kBeQpXewUnRg1nFs9JV6Q9uyIWzX6Oyx1K/F50pwtOOYmETY6PWp7bdQRtBfrWZGvOzIRfNqXSVACAGMONsZpFzoAxWZOc1YWz1Kiqk3xDjCaRguDPH04ElbwVfx0MxOc97TLJp76rptRjig64itVsSDQl6HTZxlqNNaZgD.uOkUHEBG5zX5n4J84HWMWPXcv92rBt.7cWnlG1ptXPPq.JumGsNqwCkCCIxxSbSof6ryyCdIavhk9VGeploGbPs/YjrXBpG..R/ABxfXlKlvFXvKOcqYVzg1BXZGSLUQjEwicG7QiOEyiDdqXpBPBEPhE6wkNO8IoVqLRSFmcnSRLWFXUaQD94yxQ83hpQ69kfuZvAJ6mfbQpoPFZEdLIoSnOqF0l1aY7tNcegne0HT1QLvPdtD62te4BWHXsnYStE8Zj0Cslo9HhZisCLcM39zZj7xyGtaDHqshkQQ6sl8U3TTbCtIVofyKJwd2GyxnDanvsO7jWTn6DSSxVua8kXaAgI3jDm.1MyBvizAEs7lZIW59Y3OYB1Ut32Hi0yeS4ECOAB",
+	  "2",
+	  NULL, NULL },
+	{ "6MrkVNi.jjCopZHl8b30kbRI4Cf3nfwG5UTy.B/cC7JsfyX25V7X4CzyohVdWo04X8HQGuV.q6usqw6h.E8e9oRiicEt5WSBcNLVs6xaWmz6ti5Yr.j/sNM1zh/H3kBeQpXewUnRg1nFs9JV6Q9uyIWzX6Oyx1K/F50pwtOOYmETY6PWp7bdQRtBfrWZGvOzIRfNqXSVACAGMONsZpFzoAxWZOc1YWz1Kiqk3xDjCaRguDPH04ElbwVfx0MxOc97TLJp76rptRjig64itVsSDQl6HTZxlqNNaZgD.uOkUHEBG5zX5n4J84HWMWPXcv92rBt.7cWnlG1ptXPPq.JumGsNqwCkCCIxxSbSof6ryyCdIavhk9VGeploGbPs/YjrXBpG..R/ABxfXlKlvFXvKOcqYVzg1BXZGSLUQjEwicG7QiOEyiDdqXpBPBEPhE6wkNO8IoVqLRSFmcnSRLWFXUaQD94yxQ83hpQ69kfuZvAJ6mfbQpoPFZEdLIoSnOqF0l1aY7tNcegne0HT1QLvPdtD62te4BWHXsnYStE8Zj0Cslo9HhZisCLcM39zZj7xyGtaDHqshkQQ6sl8U3TTbCtIVofyKJwd2GyxnDanvsO7jWTn6DSSxVua8kXaAgI3jDm.1MyBvizAEs7lZIW59Y3OYB1Ut32Hi0yeS4Eueih",
+	  "2",
+	  NULL, NULL },
+	{ "6MrkVNi.jjCopZHl8b30kbRI4Cf3nfwG5UTy.B/cC7JsfyX25V7X4CzyohVdWo04X8HQGuV.q6usqw6h.E8e9oRiicEt5WSBcNLVs6xaWmz6ti5Yr.j/sNM1zh/H3kBeQpXewUnRg1nFs9JV6Q9uyIWzX6Oyx1K/F50pwtOOYmETY6PWp7bdQRtBfrWZGvOzIRfNqXSVACAGMONsZpFzoAxWZOc1YWz1Kiqk3xDjCaRguDPH04ElbwVfx0MxOc97TLJp76rptRjig64itVsSDQl6HTZxlqNNaZgD.uOkUHEBG5zX5n4J84HWMWPXcv92rBt.7cWnlG1ptXPPq.JumGsNqwCkCCIxxSbSof6ryyCdIavhk9VGeploGbPs/YjrXBpG..R/ABxfXlKlvFXvKOcqYVzg1BXZGSLUQjEwicG7QiOEyiDdqXpBPBEPhE6wkNO8IoVqLRSFmcnSRLWFXUaQD94yxQ83hpQ69kfuZvAJ6mfbQpoPFZEdLIoSnOqF0l1aY7tNcegne0HT1QLvPdtD62te4BWHXsnYStE8Zj0Cslo9HhZisCLcM39zZj7xyGtaDHqshkQQ6sl8U3TTbCtIVofyKJwd2GyxnDanvsO7jWTn6DSSxVua8kXaAgI3jDm.1MyBvizAEs7lZIW59Y3OYB1Ut32Hi0yeS4EwNex",
+	  "2",
+	  NULL, NULL },
+	{ "6MrkVNi.jjCopZHl8b30kbRI4Cf3nfwG5UTy.B/cC7JsfyX25V7X4CzyohVdWo04X8HQGuV.q6usqw6h.E8e9oRiicEt5WSBcNLVs6xaWmz6ti5Yr.j/sNM1zh/H3kBeQpXewUnRg1nFs9JV6Q9uyIWzX6Oyx1K/F50pwtOOYmETY6PWp7bdQRtBfrWZGvOzIRfNqXSVACAGMONsZpFzoAxWZOc1YWz1Kiqk3xDjCaRguDPH04ElbwVfx0MxOc97TLJp76rptRjig64itVsSDQl6HTZxlqNNaZgD.uOkUHEBG5zX5n4J84HWMWPXcv92rBt.7cWnlG1ptXPPq.JumGsNqwCkCCIxxSbSof6ryyCdIavhk9VGeploGbPs/YjrXBpG..R/ABxfXlKlvFXvKOcqYVzg1BXZGSLUQjEwicG7QiOEyiDdqXpBPBEPhE6wkNO8IoVqLRSFmcnSRLWFXUaQD94yxQ83hpQ69kfuZvAJ6mfbQpoPFZEdLIoSnOqF0l1aY7tNcegne0HT1QLvPdtD62te4BWHXsnYStE8Zj0Cslo9HhZisCLcM39zZj7xyGtaDHqshkQQ6sl8U3TTbCtIVofyKJwd2GyxnDanvsO7jWTn6DSSxVua8kXaAgI3jDm.1MyBvizAEs7lZIW59Y3OYB1Ut32Hi0yeS4FKiHZ",
+	  "2",
+	  NULL, NULL },
+	{ "6MrkVNi.jjCopZHl8b30kbRI4Cf3nfwG5UTy.B/cC7JsfyX25V7X4CzyohVdWo04X8HQGuV.q6usqw6h.E8e9oRiicEt5WSBcNLVs6xaWmz6ti5Yr.j/sNM1zh/H3kBeQpXewUnRg1nFs9JV6Q9uyIWzX6Oyx1K/F50pwtOOYmETY6PWp7bdQRtBfrWZGvOzIRfNqXSVACAGMONsZpFzoAxWZOc1YWz1Kiqk3xDjCaRguDPH04ElbwVfx0MxOc97TLJp76rptRjig64itVsSDQl6HTZxlqNNaZgD.uOkUHEBG5zX5n4J84HWMWPXcv92rBt.7cWnlG1ptXPPq.JumGsNqwCkCCIxxSbSof6ryyCdIavhk9VGeploGbPs/YjrXBpG..R/ABxfXlKlvFXvKOcqYVzg1BXZGSLUQjEwicG7QiOEyiDdqXpBPBEPhE6wkNO8IoVqLRSFmcnSRLWFXUaQD94yxQ83hpQ69kfuZvAJ6mfbQpoPFZEdLIoSnOqF0l1aY7tNcegne0HT1QLvPdtD62te4BWHXsnYStE8Zj0Cslo9HhZisCLcM39zZj7xyGtaDHqshkQQ6sl8U3TTbCtIVofyKJwd2GyxnDanvsO7jWTn6DSSxVua8kXaAgI3jDm.1MyBvizAEs7lZIW59Y3OYB1Ut32Hi0yeS4GOdhp",
+	  "2",
+	  NULL, NULL },
+	{ "6MrkVNi.jjCopZHl8b30kbRI4Cf3nfwG5UTy.B/cC7JsfyX25V7X4CzyohVdWo04X8HQGuV.q6usqw6h.E8e9oRiicEt5WSBcNLVs6xaWmz6ti5Yr.j/sNM1zh/H3kBeQpXewUnRg1nFs9JV6Q9uyIWzX6Oyx1K/F50pwtOOYmETY6PWp7bdQRtBfrWZGvOzIRfNqXSVACAGMONsZpFzoAxWZOc1YWz1Kiqk3xDjCaRguDPH04ElbwVfx0MxOc97TLJp76rptRjig64itVsSDQl6HTZxlqNNaZgD.uOkUHEBG5zX5n4J84HWMWPXcv92rBt.7cWnlG1ptXPPq.JumGsNqwCkCCIxxSbSof6ryyCdIavhk9VGeploGbPs/YjrXBpG..R/ABxfXlKlvFXvKOcqYVzg1BXZGSLUQjEwicG7QiOEyiDdqXpBPBEPhE6wkNO8IoVqLRSFmcnSRLWFXUaQD94yxQ83hpQ69kfuZvAJ6mfbQpoPFZEdLIoSnOqF0l1aY7tNcegne0HT1QLvPdtD62te4BWHXsnYStE8Zj0Cslo9HhZisCLcM39zZj7xyGtaDHqshkQQ6sl8U3TTbCtIVofyKJwd2GyxnDanvsO7jWTn6DSSxVua8kXaAgI3jDm.1MyBvizAEs7lZIW59Y3OYB1Ut32Hi0yeS4GfvEp",
+	  "2",
+	  NULL, NULL },
+	{ "6MrkVNi.jjCopZHl8b30kbRI4Cf3nfwG5UTy.B/cC7JsfyX25V7X4CzyohVdWo04X8HQGuV.q6usqw6h.E8e9oRiicEt5WSBcNLVs6xaWmz6ti5Yr.j/sNM1zh/H3kBeQpXewUnRg1nFs9JV6Q9uyIWzX6Oyx1K/F50pwtOOYmETY6PWp7bdQRtBfrWZGvOzIRfNqXSVACAGMONsZpFzoAxWZOc1YWz1Kiqk3xDjCaRguDPH04ElbwVfx0MxOc97TLJp76rptRjig64itVsSDQl6HTZxlqNNaZgD.uOkUHEBG5zX5n4J84HWMWPXcv92rBt.7cWnlG1ptXPPq.JumGsNqwCkCCIxxSbSof6ryyCdIavhk9VGeploGbPs/YjrXBpG..R/ABxfXlKlvFXvKOcqYVzg1BXZGSLUQjEwicG7QiOEyiDdqXpBPBEPhE6wkNO8IoVqLRSFmcnSRLWFXUaQD94yxQ83hpQ69kfuZvAJ6mfbQpoPFZEdLIoSnOqF0l1aY7tNcegne0HT1QLvPdtD62te4BWHXsnYStE8Zj0Cslo9HhZisCLcM39zZj7xyGtaDHqshkQQ6sl8U3TTbCtIVofyKJwd2GyxnDanvsO7jWTn6DSSxVua8kXaAgI3jDm.1MyBvizAEs7lZIW59Y3OYB1Ut32Hi0yeS4Hqg8d",
+	  "5",
+	  NULL, NULL },
+};
+
+int SRP_nparams = 228;
diff -burN openssh-3.7.1p2/srp-util.c openssh/srp-util.c
--- openssh-3.7.1p2/srp-util.c	1969-12-31 16:00:00.000000000 -0800
+++ openssh/srp-util.c	2004-02-08 01:42:06.000000000 -0800
@@ -0,0 +1,833 @@
+/* SRP implementation for OpenSSH by Dr. Tom <tomh@kurage.nimh.nih.gov>. */
+
+#include "includes.h"
+
+#include <openssl/bn.h>
+#include <openssl/err.h>
+#include <openssl/evp.h>
+#include <openssl/hmac.h>
+
+#include "xmalloc.h"
+#include "buffer.h"
+#include "bufaux.h"
+#include "pathnames.h"
+#include "log.h"
+#include "ssh2.h"
+#include "srp.h"
+
+extern u_char *session_id2;
+extern int session_id2_len;
+
+/*
+ * The following routines deal with the files that store verifier
+ * entries and prime groups.  This version handles two types of files:
+ * "verifier" files and libsrp format "tpasswd" files (also known as
+ * EPS files -- Exponential Password Suite).
+ *
+ * The verifier files store the prime and generator explicitly, while
+ * the tpasswd files use an index into a global configuration file.
+ *
+ * User verifier entries have the following format (one long line
+ * per entry):
+ *         u:v:s::p:g
+ * where u is the username, v is the verifier, s is the salt, p is
+ * the prime, and g is the generator.  The username is a string, the
+ * salt is a binary string, and the rest are bignums.  The bignums and
+ * salt are stored in libsrp base64.  User verifier entries are stored
+ * either in $HOME/.ssh/verifier or SSHDIR/verifier, where the latter
+ * would normally have many entries, one for each user.
+ *
+ * The libsrp /etc/tpasswd file stores many entries, which have the
+ * format:
+ *         u:v:s:i
+ * where i is a numeric identifier that points into /etc/tpasswd.conf,
+ * whose entries have the format:
+ *         i:p:g
+ * The bignums and salt are stored in libsrp base64 format.
+ *
+ * A file called SSHDIR/verifier.conf is also allowed which stores
+ * entries with the format:
+ *         :p:g
+ *
+ * SSHDIR/verifier.conf and /etc/tpasswd.conf store trusted SRP parameters.
+ * You should never add an entry to either of these files unless you know
+ * that the parameters are safe.  Normally you don't need to do anything,
+ * because there is a built-in set of parameters (stored in SRP_param[])
+ * that are used by default.
+ *
+ * During group exchange, the SRP_param[] table and these two files
+ * are searched to quickly verify that a (p, g) pair sent during group
+ * exchange is valid.  If the parameters are not found, an expensive
+ * primality test is necessary.  Thus if a non-default group is ever
+ * used, adding it as an entry in SSHDIR/verifier.conf makes this check
+ * run much faster.
+ */
+
+/* This is handy. */
+
+void
+fatal_bignum_error(void)
+{
+	fatal("BIGNUM error: %s", ERR_error_string(ERR_get_error(), NULL));
+}
+
+/*
+ * If the owner and mode are correct, open the file for reading.
+ * The owner must match exactly, and the modemask bits must be zero.
+ * Return the open FILE * if OK, or NULL if error or bad owner or mode.
+ * XXX: this doesn't check the containing dir.
+ */
+static FILE *
+fopen_owner_mode(const char *name, int owner, int modemask)
+{
+	struct stat st;
+
+	if (stat(name, &st) < 0)
+		return NULL;
+
+	if (st.st_uid != owner || (st.st_mode & modemask) != 0) {
+		error("Bad ownership(%d) or mode(0%3.3o) for '%s'.",
+		    st.st_uid, st.st_mode & 0777, name);
+		return NULL;
+	}
+
+	return fopen(name, "r");
+}
+
+/*
+ * Find and open the conf file.  '*try' must be zero the first time this
+ * routine is called (for each group).  It is incremented here after
+ * each open, so if the group wasn't found subsequent calls can keep
+ * going.  It is the caller's responsibility to close the file.
+ * Return the FILE * or NULL on error.
+ */
+static FILE *
+open_conf(int *try)
+{
+	FILE *infile;
+
+	/*
+	 * Try, in order,
+	 *      SSHDIR/verifier.conf
+	 *      /etc/tpasswd.conf
+	 */
+
+	if (*try == 0) {
+		infile = fopen_owner_mode(_PATH_SSH_SYSTEM_SRPGROUPS, 0, 033);
+		(*try)++;
+		if (infile != NULL)
+			return infile;
+	}
+
+	if (*try == 1) {    /* This has to be try #1 for get_tconf_entry(). */
+		infile = fopen_owner_mode(_PATH_SSH_LIBSRP_TPASSWD_CONF, 0, 033);
+		(*try)++;
+		if (infile != NULL)
+			return infile;
+	}
+
+	/* Not found. */
+
+	return NULL;
+}
+
+/*
+ * This routine gets the next prime & generator from the conf file.  The
+ * id is set to zero for verifier.conf and the real id for tpasswd.conf.
+ * Return 1 for success, 0 for error (including EOF).
+ */
+static int
+parse_conf(FILE *infile, BIGNUM *p, BIGNUM *g, int *id)
+{
+	char *s, *iptr, *pptr, *gptr;
+	char buf[8 * 1024];
+	int c, n;
+
+	/* Get the next non-comment line. */
+
+	s = buf;
+	n = 0;
+	while ((c = getc(infile)) != EOF && c != '\n') {
+		if (n == 0 && c == '#') {
+			while ((c = getc(infile)) != EOF && c != '\n')
+				;
+			if (c == EOF)
+				break;
+			continue;
+		}
+		*s++ = c;
+		n++;
+		if (n == sizeof(buf))
+			goto parse_err;
+	}
+	*s = '\0';
+
+	if (n == 0 && c == EOF)
+		return 0;
+
+	/* Carve. [i]:p:g */
+
+	s = buf;
+	if ((iptr = strsep(&s, ":")) == NULL)
+		goto parse_err;
+	if ((pptr = strsep(&s, ":")) == NULL)
+		goto parse_err;
+	if ((gptr = strsep(&s, ":")) == NULL)
+		goto parse_err;
+	if (s != NULL)
+		goto parse_err;
+
+	/* Convert to BIGNUMs. */
+
+	*id = 0;
+	if (*iptr)
+		*id = atoi(iptr);
+	if (!srp_tfmt2bn(p, pptr))
+		goto err;
+	if (!srp_tfmt2bn(g, gptr))
+		goto err;
+
+	return 1;
+
+err:
+	fatal_bignum_error();
+	/* NOT REACHED */
+
+parse_err:
+	error("SRP conf file parse error");
+	return 0;
+}
+
+/*
+ * This routine searches /etc/tpasswd.conf for the entry with id id, and
+ * gets the (preallocated) prime and generator.  Return 1 for success,
+ * 0 for error.
+ */
+static int
+get_tconf_entry(int id, BIGNUM *p, BIGNUM *g)
+{
+	int try, n, ret;
+	FILE *infile;
+
+	try = 1;
+	if ((infile = open_conf(&try)) == NULL)
+		return 0;
+	ret = 0;
+	while (parse_conf(infile, p, g, &n))
+		if (n == id) {
+			ret = 1;
+			break;
+		}
+	fclose(infile);
+	return ret;
+}
+
+/*
+ * Return the ith built-in parameter.  If p and g are not NULL, copy the
+ * values to them.
+ */
+void
+srp_get_param(int i, BIGNUM *p, BIGNUM *g)
+{
+	SRP_PARAM *pp;
+
+	if (i < 0 || i >= SRP_nparams)
+		fatal("invalid call to srp_get_param");
+	pp = &SRP_param[i];
+
+	/*
+	 * The values start out life as base64 strings.  The server
+	 * converts them all up front via srp_param_init(), but the
+	 * client converts them on demand.  This routine is used in
+	 * either case to do the actual conversion.
+	 */
+	if (pp->p == NULL) {
+		if ((pp->p = BN_new()) == NULL)
+			goto err;
+		if (!srp_tfmt2bn(pp->p, pp->prime_tfmt))
+			goto err;
+		if ((pp->g = BN_new()) == NULL)
+			goto err;
+		if (!srp_tfmt2bn(pp->g, pp->gen_tfmt))
+			goto err;
+	}
+
+	if (p != NULL && BN_copy(p, pp->p) == NULL)
+		goto err;
+	if (g != NULL && BN_copy(g, pp->g) == NULL)
+		goto err;
+
+	return;
+
+err:
+	fatal_bignum_error();
+}
+
+/* Convert all the built-in SRP parameters to BIGNUMs. */
+
+void
+srp_param_init()
+{
+	int i;
+
+	for (i = 0; i < SRP_nparams; i++)
+		srp_get_param(i, NULL, NULL);
+}
+
+/*
+ * Find and open the verifier file.  '*try' must be zero the first time
+ * this routine is called (for each user) and it is incremented here after
+ * each open, so if the username wasn't found subsequent calls can keep
+ * keep going.  It is the caller's responsibility to close the file.
+ * Return the FILE * or NULL on error.
+ */
+static FILE *
+open_verifier(const struct passwd *pw, int *try)
+{
+	char *name, *home;
+	int namelen;
+	FILE *infile;
+
+	/*
+	 * Try, in order,
+	 *      $HOME/.ssh/verifier
+	 *      SSHDIR/verifier
+	 *      /etc/tpasswd
+	 */
+	if (*try == 0) {
+		home = pw->pw_dir;
+		namelen =
+		    strlen(home) + strlen(_PATH_SSH_USER_VERIFIER) + 2;
+		name = xmalloc(namelen);
+		snprintf(name, namelen, "%s/%s", home, _PATH_SSH_USER_VERIFIER);
+		infile = fopen_owner_mode(name, pw->pw_uid, 077);
+		xfree(name);
+		(*try)++;
+		if (infile != NULL)
+			return infile;
+	}
+
+	if (*try == 1) {
+		infile = fopen_owner_mode(_PATH_SSH_SYSTEM_VERIFIER, 0, 077);
+		(*try)++;
+		if (infile != NULL)
+			return infile;
+	}
+
+	if (*try == 2) {
+		infile = fopen_owner_mode(_PATH_SSH_LIBSRP_TPASSWD, 0, 077);
+		(*try)++;
+		if (infile != NULL)
+			return infile;
+	}
+
+	/* Not found. */
+
+	return NULL;
+}
+
+/*
+ * Parse a verifier line and check for the username.  If it looks like
+ *      u:v:s::p:g
+ * then we've got everything, but if it looks like
+ *      u:v:s:i
+ * then it's a tpasswd file so we need to get the rest from the .conf
+ * file.  This updates the SRP context with the found values.
+ * Set found to 1 if we found the username, otherwise set it to 0.
+ * Return 0 on EOF or parse error, 1 otherwise.
+ */
+static int
+parse_verifier(FILE *infile, const char *name, int *found, SRP_CTX *srp)
+{
+	char *s, *uptr, *vptr, *sptr, *iptr, *pptr = NULL, *gptr = NULL;
+	char buf[8 * 1024];
+	int c, n;
+
+	/*
+	 * Get the next line.  It's probably long, and the 8K buffer is
+	 * enough to read some very very large numbers.  Normal use with
+	 * 1024 bit numbers is less than 1K.
+	 */
+	*found = 0;
+	s = buf;
+	n = 0;
+	while ((c = getc(infile)) != EOF && c != '\n') {
+		*s++ = c;
+		n++;
+		if (n == sizeof(buf))
+			goto parse_err;
+	}
+	*s = '\0';
+
+	if (n == 0 && c == EOF)
+		return 0;
+
+	/* Allow comment lines. */
+
+	if (buf[0] == '#')
+		return 1;
+
+	/* Return if the first field isn't the username we want. */
+
+	s = buf;
+	if ((uptr = strsep(&s, ":")) == NULL)
+		goto parse_err;
+	if (strcmp(uptr, name) != 0)
+		return 1;
+	*found = 1;
+
+	/* Found it.  Carve up the rest of the buffer. v:s:[i|:p:g] */
+
+	iptr = NULL;
+	if ((vptr = strsep(&s, ":")) == NULL)
+		goto parse_err;
+	if ((sptr = strsep(&s, ":")) == NULL)
+		goto parse_err;
+	if (*s != ':') {
+		if ((iptr = strsep(&s, ":")) == NULL)
+			goto parse_err;
+	} else {
+		s++;
+		if ((pptr = strsep(&s, ":")) == NULL)
+			goto parse_err;
+		if ((gptr = strsep(&s, ":")) == NULL)
+			goto parse_err;
+	}
+	if (s != NULL)
+		goto parse_err;
+
+	/* Now get p and g (if necessary) and convert from base64. */
+
+	if (iptr) {
+
+		/* tpasswd format.  Get p and g from the tpasswd.conf file. */
+
+		n = atoi(iptr);
+		if (!get_tconf_entry(n, srp->p, srp->g))
+			goto parse_err;
+	} else {
+
+		/* verifier format.  We got 'em, so convert 'em. */
+
+		if (!srp_tfmt2bn(srp->p, pptr))
+			goto err;
+		if (!srp_tfmt2bn(srp->g, gptr))
+			goto err;
+	}
+
+	/*
+	 * Convert verifier and salt, save the converted salt in new
+	 * storage, and return success.
+	 */
+	if (!srp_tfmt2bn(srp->v, vptr))
+		goto err;
+	srp->slen = srp_tfmt2bin(sptr, sptr);
+	srp->salt = xmalloc(srp->slen);
+	memcpy(srp->salt, sptr, srp->slen);
+	return 1;
+
+parse_err:
+	error("SRP verifier file parse error");
+	return 0;
+
+err:
+	fatal_bignum_error();
+	return 0;               /* mu */
+}
+
+/*
+ * If the username wasn't found in the verifier files, make up some
+ * fake values so the authentication procedure can continue, wasting
+ * time for a brute-force attacker.
+ */
+static void
+fake_verifier(SRP_CTX *srp)
+{
+	int i;
+	BIGNUM *x;
+
+	/* Make sure the prime is valid. */
+
+	i = arc4random() % SRP_nparams;
+	srp_get_param(i, srp->p, srp->g);
+
+	if ((x = BN_new()) == NULL)
+		goto err;
+	if (!BN_rand(x, SALTLEN, 0, 0))         /* salt */
+		goto err;
+	srp->slen = BN_num_bytes(x);
+	srp->salt = xmalloc(srp->slen);
+	if (!BN_bn2bin(x, srp->salt))
+		goto err;
+
+	/* Make the fake v from a fake x for added realism. */
+
+	if (!BN_rand(x, EVP_MAX_MD_SIZE * 8, 0, 0))
+		goto err;
+	if (!BN_mod_exp(srp->v, srp->g, x, srp->p, srp->ctx))
+		goto err;
+	BN_clear_free(x);
+
+	return;
+
+err:
+	fatal_bignum_error();
+}
+
+/*
+ * Locate the user's verifier entry and update the SRP context.  If the
+ * user doesn't exist, return fake parameters.  This allocates the salt
+ * with xmalloc().
+ */
+void
+srp_find_verifier(const struct passwd *pw, SRP_CTX *srp)
+{
+	int found, try;
+	char *username;
+	FILE *infile;
+
+	/* pw is NULL if the username wasn't found. */
+
+	if (pw == NULL) {
+		logit("SRP request for unknown user, making random parameters");
+		fake_verifier(srp);
+		return;
+	}
+	username = pw->pw_name;
+
+	/*
+	 * Open the files one by one and search for the first entry that
+	 * matches the username.
+	 */
+	try = 0;
+	while ((infile = open_verifier(pw, &try)) != NULL) {
+
+		/*
+		 * Search for the username in this file.  If it's found,
+		 * parse_verifier() fills in the context.  Otherwise we
+		 * keep looking.
+		 */
+		while (parse_verifier(infile, username, &found, srp))
+			if (found) {
+				fclose(infile);
+				return;
+			}
+		fclose(infile);
+	}
+
+	/* Ran out of files.  Fake it. */
+
+	logit("no verifier for user %s, making random parameters", username);
+	fake_verifier(srp);
+}
+
+/*
+ * This is called by both client and server to determine whether or
+ * not 1) the prime p is safe and 2) the generator g is primitive.
+ * Returns true if both 1 and 2 are true, false otherwise.
+ */
+int
+is_safe_group(const BIGNUM *p, const BIGNUM *g)
+{
+	int try, i, safe;
+	FILE *infile;
+	BIGNUM *prime, *gen;
+#ifdef SRP_PRIMALITY_TEST
+	BIGNUM *q, *r;
+	BN_CTX *ctx;
+	BN_ULONG l;
+#endif
+
+	if ((prime = BN_new()) == NULL)
+		goto err;
+	if ((gen = BN_new()) == NULL)
+		goto err;
+
+	/*
+	 * Search the tables of known safe groups and generators.
+	 * Embedded tables first.
+	 */
+	safe = 0;
+	for (i = 0; i < SRP_nparams; i++) {
+		srp_get_param(i, prime, gen);
+		if (BN_cmp(p, prime) == 0 && BN_cmp(g, gen) == 0) {
+			safe = 1;
+			break;
+		}
+	}
+
+	/* Now the external tables, if any. */
+
+	try = 0;
+	while (!safe && (infile = open_conf(&try)) != NULL) {
+		while (parse_conf(infile, prime, gen, &i))
+			if (BN_cmp(p, prime) == 0 && BN_cmp(g, gen) == 0) {
+				safe = 1;
+				break;
+			}
+		fclose(infile);
+	}
+
+	BN_free(prime);
+	BN_free(gen);
+
+	if (safe)
+		return safe;
+
+	/*
+	 * If we can't find p and g in the tables, we do the expensive
+	 * primality and generator tests.
+	 *
+	 * It's somewhat questionable whether to allow users to generate
+	 * their own groups or not, so for the moment this feature
+	 * is disabled.  It's also very slow.
+	 */
+#ifdef SRP_PRIMALITY_TEST
+	verbose("performing SRP parameter check");
+
+	if ((ctx = BN_CTX_new()) == NULL)
+		goto err;
+	if ((q = BN_new()) == NULL)
+		goto err;
+	if ((r = BN_new()) == NULL)
+		goto err;
+
+	if (BN_is_prime(p, 50, NULL, ctx, NULL) != 1)
+		goto unsafe;
+	if (!BN_rshift1(q, p))
+		goto err;
+	if (BN_is_prime(q, 50, NULL, ctx, NULL) != 1)
+		goto unsafe;
+
+	if (BN_is_word(g, 2)) {
+		if (BN_mod_word(p, 24) != 11)
+			goto unsafe;
+	} else if (BN_is_word(g, 5)) {
+		l = BN_mod_word(p, 10);
+		if (l != 3 && l != 7)
+			goto unsafe;
+	} else {
+
+		/*
+		 * Do it the slow way; g is a generator if
+		 *      g^((p-1)/f) mod p != 1
+		 * for all f which are factors of p-1.  That's 2 and q,
+		 * so check them.
+		 */
+		if (!BN_mod_exp(r, g, q, p, ctx))
+			goto err;
+		if (BN_is_one(r))
+			goto unsafe;
+		if (!BN_set_word(q, 2))
+			goto err;
+		if (!BN_mod_exp(r, g, q, p, ctx))
+			goto err;
+		if (BN_is_one(r))
+			goto unsafe;
+	}
+	safe = 1;
+
+	/* fall through */
+unsafe:
+	BN_free(r);
+	BN_free(q);
+	BN_CTX_free(ctx);
+#endif /* SRP_PRIMALITY_TEST */
+
+	return safe;
+
+err:
+	fatal_bignum_error();
+	return 0;       /* mu */
+}
+
+/*
+ * The next few routines are used during calculation of the values used
+ * by the SRP protocol that have to be done the same way on both sides,
+ * or during verifier creation.
+ */
+
+/* Make a new SRP context.  The salt is not allocated. */
+
+SRP_CTX *
+SRP_CTX_new()
+{
+	SRP_CTX *srp;
+
+	srp = xmalloc(sizeof(SRP_CTX));
+
+	srp->salt = NULL;
+	if ((srp->ctx = BN_CTX_new()) == NULL)
+		goto err;
+	if ((srp->p = BN_new()) == NULL)
+		goto err;
+	if ((srp->g = BN_new()) == NULL)
+		goto err;
+	if ((srp->a = BN_new()) == NULL)
+		goto err;
+	if ((srp->e = BN_new()) == NULL)
+		goto err;
+	if ((srp->f = BN_new()) == NULL)
+		goto err;
+	if ((srp->v = BN_new()) == NULL)
+		goto err;
+	if ((srp->pm1 = BN_new()) == NULL)
+		goto err;
+
+	return srp;
+
+err:
+	fatal_bignum_error();
+	return NULL;    /* mu */
+}
+
+/* Free an SRP context, including the salt. */
+
+void
+SRP_CTX_free(SRP_CTX *srp)
+{
+	if (srp == NULL)
+		return;
+
+	/* BN_CTX_free() clears all its BIGNUMs before freeing them. */
+
+	if (srp->salt != NULL)
+		xfree(srp->salt);
+	BN_CTX_free(srp->ctx);
+	BN_free(srp->p);
+	BN_free(srp->g);
+	BN_clear_free(srp->a);
+	BN_free(srp->e);
+	BN_free(srp->f);
+	BN_clear_free(srp->v);
+	BN_free(srp->pm1);
+	xfree(srp);
+}
+
+/*
+ * Calculate x = HASH(salt | HASH(username | passphrase)).  This
+ * calculation is used both in verifier generation and in the client.
+ * Sets x, which must be allocated.
+ */
+void
+srp_x_calc(const char *salt, int slen, const char *username,
+    const char *passphrase, BIGNUM *x)
+{
+	int dlen;
+	u_char digest[EVP_MAX_MD_SIZE];
+	EVP_MD *evp_md = EVP_sha1();
+	EVP_MD_CTX md;
+
+	EVP_DigestInit(&md, evp_md);
+	EVP_DigestUpdate(&md, username, strlen(username));
+	EVP_DigestUpdate(&md, ":", 1);
+	EVP_DigestUpdate(&md, passphrase, strlen(passphrase));
+	EVP_DigestFinal(&md, digest, &dlen);
+
+	EVP_DigestInit(&md, evp_md);
+	EVP_DigestUpdate(&md, salt, slen);
+	EVP_DigestUpdate(&md, digest, dlen);
+	EVP_DigestFinal(&md, digest, &dlen);
+
+	if (BN_bin2bn(digest, dlen, x) == NULL)
+		fatal_bignum_error();
+	memset(digest, 0, dlen);
+}
+
+/* This routine calculates the value of u given f.  Returns u. */
+
+BN_ULONG
+srp_u_calc(const BIGNUM *f)
+{
+	int len;
+	u_char *buf, digest[EVP_MAX_MD_SIZE];
+	BN_ULONG u;
+	EVP_MD *evp_md = EVP_sha1();
+	EVP_MD_CTX md;
+
+	/* u is the first 32 bits of HASH(f). */
+
+	len = BN_num_bytes(f);
+	buf = xmalloc(len);
+	if (!BN_bn2bin(f, buf))
+		fatal_bignum_error();
+	EVP_DigestInit(&md, evp_md);
+	EVP_DigestUpdate(&md, buf, len);
+	EVP_DigestFinal(&md, digest, &len);
+	xfree(buf);
+
+	u = ((u_int32_t)digest[0] << 24) |
+	    ((u_int32_t)digest[1] << 16) |
+	    ((u_int32_t)digest[2] << 8) |
+	    ((u_int32_t)digest[3]);
+
+	return u;
+}
+
+/*
+ * This routine calculates the exchange hash and HMACs for the client
+ * and server proofs, and updates the SRP context.
+ */
+void
+srp_hash_calc(const char *username, const char *service, const char *method,
+    SRP_CTX *srp, const BIGNUM *K)
+{
+	int klen, hlen;
+	u_char *kbuf, hash[EVP_MAX_MD_SIZE];
+	Buffer buf;
+	EVP_MD *evp_md = EVP_sha1();
+	EVP_MD_CTX md;
+	HMAC_CTX hmac;
+
+	/*
+	 * Make a hash H of values used during the computation, including
+	 * the session id.
+	 */
+	buffer_init(&buf);
+
+	buffer_append(&buf, session_id2, session_id2_len);
+	buffer_put_char(&buf, SSH2_MSG_USERAUTH_REQUEST);
+	buffer_put_cstring(&buf, username);
+	buffer_put_cstring(&buf, service);
+	buffer_put_cstring(&buf, method);
+	buffer_put_string(&buf, srp->salt, srp->slen);
+	buffer_put_bignum2(&buf, srp->p);
+	buffer_put_bignum2(&buf, srp->g);
+	buffer_put_bignum2(&buf, srp->e);
+	buffer_put_bignum2(&buf, srp->f);
+
+	EVP_DigestInit(&md, evp_md);
+	EVP_DigestUpdate(&md, buffer_ptr(&buf), buffer_len(&buf));
+	EVP_DigestFinal(&md, hash, &hlen);
+
+	/* Calculate the client authenticator m1 = HMAC(K, H). */
+
+	klen = BN_num_bytes(K);
+	kbuf = xmalloc(klen);
+	if (!BN_bn2bin(K, kbuf))
+		fatal_bignum_error();
+
+	HMAC_Init(&hmac, kbuf, klen, evp_md);
+	HMAC_Update(&hmac, hash, hlen);
+	HMAC_Final(&hmac, srp->m1, &srp->m1len);
+	HMAC_cleanup(&hmac);
+
+	/* Calculate the server authenticator HMAC(K, e | m1 | H). */
+
+	buffer_clear(&buf);
+	buffer_put_bignum2(&buf, srp->e);
+	buffer_put_string(&buf, srp->m1, srp->m1len);
+	buffer_put_string(&buf, hash, hlen);
+
+	HMAC_Init(&hmac, kbuf, klen, evp_md);
+	HMAC_Update(&hmac, buffer_ptr(&buf), buffer_len(&buf));
+	HMAC_Final(&hmac, srp->m2, &srp->m2len);
+	HMAC_cleanup(&hmac);
+
+	/* Cleanup and return. */
+
+	memset(hash, 0, hlen);
+	memset(kbuf, 0, klen);
+	xfree(kbuf);
+	buffer_free(&buf);
+}
diff -burN openssh-3.7.1p2/srp.h openssh/srp.h
--- openssh-3.7.1p2/srp.h	1969-12-31 16:00:00.000000000 -0800
+++ openssh/srp.h	2004-02-08 01:42:06.000000000 -0800
@@ -0,0 +1,130 @@
+/* SRP implementation for OpenSSH by Dr. Tom <tomh@kurage.nimh.nih.gov>. */
+
+#ifndef SRP_H
+#define SRP_H
+
+#include <openssl/bn.h>
+#include <openssl/evp.h>
+
+/* The name of the supported authentication method. */
+#define SRP_GEX_SHA1 "srp-gex-sha1"
+
+/* The length of the random exponents, in bits. */
+#define ALEN 256
+
+/* The default length of the salt, in bits. */
+#define SALTLEN 80
+
+/* Embedded SRP parameters are stored in this structure. */
+typedef struct srp_param {
+	char *prime_tfmt;       /* the safe prime in libsrp base64 */
+	char *gen_tfmt;         /* the generator in libsrp base64 */
+	BIGNUM *p;              /* the prime as a BIGNUM */
+	BIGNUM *g;              /* the generator as a BIGNUM */
+} SRP_PARAM;
+
+extern SRP_PARAM SRP_param[];
+extern int SRP_nparams;
+
+/* SRP authentication context. */
+typedef struct {
+	u_char *salt;           /* salt */
+	u_int slen;             /* number of bytes in salt */
+	BN_CTX *ctx;            /* BIGNUM context used during calculations */
+	BIGNUM *p;              /* safe prime */
+	BIGNUM *g;              /* primitive generator */
+	BIGNUM *a;              /* secret exponent (one on each side) */
+	BIGNUM *e;              /* public value sent by client */
+	BIGNUM *f;              /* public value sent by server */
+	BIGNUM *v;              /* verifier */
+	BIGNUM *pm1;            /* p - 1, for convenience */
+	BN_ULONG u;             /* SRP mixing parameter */
+	u_char m1[EVP_MAX_MD_SIZE]; /* proof hashes */
+	u_char m2[EVP_MAX_MD_SIZE];
+	u_int m1len;            /* proof hash lengths */
+	u_int m2len;
+} SRP_CTX;
+
+/*
+ * Return the ith built-in parameter.  If p and g are not NULL, copy the
+ * values to them.
+ */
+void
+srp_get_param(int i, BIGNUM *p, BIGNUM *g);
+
+/* Convert all the built-in SRP parameters to BIGNUMs. */
+
+void
+srp_param_init();
+
+/*
+ * Locate the user's verifier entry and update the SRP context.  If the
+ * user doesn't exist, return fake parameters.  This allocates the salt
+ * with xmalloc().
+ */
+void
+srp_find_verifier(const struct passwd *pw, SRP_CTX *srp);
+
+/*
+ * This is called by both client and server to determine whether or
+ * not 1) the prime p is safe and 2) the generator g is primitive.
+ * Returns true if both 1 and 2 are true, false otherwise.
+ */
+int
+is_safe_group(const BIGNUM *p, const BIGNUM *g);
+
+/* Make a new SRP context.  The salt is not allocated. */
+
+SRP_CTX *
+SRP_CTX_new();
+
+/* Free an SRP context, including the salt. */
+
+void
+SRP_CTX_free(SRP_CTX *srp);
+
+/*
+ * Calculate x = HASH(salt | HASH(username | passphrase)).  This
+ * calculation is used both in verifier generation and in the client.
+ * Sets x, which must be allocated.
+ */
+void
+srp_x_calc(const char *salt, int slen, const char *username,
+    const char *passphrase, BIGNUM *x);
+
+/* This routine calculates the value of u given f.  Returns u. */
+
+BN_ULONG
+srp_u_calc(const BIGNUM *f);
+
+/*
+ * This routine calculates the exchange hash and HMACs for the client
+ * and server proofs, and updates the SRP context.
+ */
+void
+srp_hash_calc(const char *username, const char *service, const char *method,
+    SRP_CTX *srp, const BIGNUM *K);
+
+/*
+ * Convert a libsrp base64 string into a BIGNUM, which must be
+ * preallocated.  Returns 1 for success, 0 for error.
+ */
+int
+srp_tfmt2bn(BIGNUM *dst, const char *src);
+
+/*
+ * Convert a libsrp base64 string into raw byte array representation.
+ * dst must already be allocated, and must be large enough.  Returns the
+ * length of the converted src.  XXX Fails for empty fields.
+ */
+int
+srp_tfmt2bin(char *dst, const char *src);
+
+/*
+ * Convert a BIGNUM into a null-terminated libsrp base64 ASCII string.
+ * Returns dst, which must be preallocated and big enough.
+ */
+char *
+srp_bn2tfmt(char *dst, const BIGNUM *src);
+
+#endif  /* SRP_H */
diff -burN openssh-3.7.1p2/ssh2.h openssh/ssh2.h
--- openssh-3.7.1p2/ssh2.h	2003-05-13 20:46:53.000000000 -0700
+++ openssh/ssh2.h	2004-02-08 01:42:17.000000000 -0800
@@ -111,6 +111,9 @@
 #define SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ		60
 #define SSH2_MSG_USERAUTH_INFO_REQUEST			60
 #define SSH2_MSG_USERAUTH_INFO_RESPONSE			61
+#define SSH2_MSG_USERAUTH_SRP_REPLY			60
+#define SSH2_MSG_USERAUTH_SRP_VALUE			61
+#define SSH2_MSG_USERAUTH_SRP_PROOF			62
 
 /* connection protocol: generic */
 
diff -burN openssh-3.7.1p2/ssh_config openssh/ssh_config
--- openssh-3.7.1p2/ssh_config	2003-08-13 03:37:05.000000000 -0700
+++ openssh/ssh_config	2004-02-08 01:42:17.000000000 -0800
@@ -21,6 +21,7 @@
 #   RhostsRSAAuthentication no
 #   RSAAuthentication yes
 #   PasswordAuthentication yes
+#   SRPAuthentication yes
 #   HostbasedAuthentication no
 #   BatchMode no
 #   CheckHostIP yes
diff -burN openssh-3.7.1p2/ssh_config.0 openssh/ssh_config.0
--- openssh-3.7.1p2/ssh_config.0	2003-09-23 02:55:19.000000000 -0700
+++ openssh/ssh_config.0	2004-02-08 01:42:17.000000000 -0800
@@ -278,6 +278,11 @@
              to this keyword must be ``yes'' or ``no''.  The default is
              ``yes''.
 
+     SRPAuthentication
+             Specifies whether to try SRP authentication.  The argument to
+	     this keyword must be ``yes'' or ``no''.  The default is ``yes''.
+	     Note that this option applies to protocol version 2 only.
+
      Port    Specifies the port number to connect on the remote host.  Default
              is 22.
 
diff -burN openssh-3.7.1p2/ssh_config.5 openssh/ssh_config.5
--- openssh-3.7.1p2/ssh_config.5	2003-09-02 19:13:30.000000000 -0700
+++ openssh/ssh_config.5	2004-02-08 01:42:17.000000000 -0800
@@ -455,6 +455,15 @@
 .Dq no .
 The default is
 .Dq yes .
+.It Cm SRPAuthentication
+Specifies whether to try SRP authentication.
+The argument to this keyword must be
+.Dq yes
+or
+.Dq no .
+The default is
+.Dq yes .
+Note that this option applies to protocol version 2 only.
 .It Cm Port
 Specifies the port number to connect on the remote host.
 Default is 22.
@@ -466,7 +475,7 @@
 over another method (e.g.
 .Cm password )
 The default for this option is:
-.Dq hostbased,publickey,keyboard-interactive,password .
+.Dq hostbased,publickey,keyboard-interactive,password,srp-gex-sha1 .
 .It Cm Protocol
 Specifies the protocol versions
 .Nm ssh
diff -burN openssh-3.7.1p2/sshconnect2.c openssh/sshconnect2.c
--- openssh-3.7.1p2/sshconnect2.c	2003-08-25 19:14:05.000000000 -0700
+++ openssh/sshconnect2.c	2004-02-08 01:42:35.000000000 -0800
@@ -49,6 +49,7 @@
 #include "canohost.h"
 #include "msg.h"
 #include "pathnames.h"
+#include "srp.h"
 
 #ifdef GSSAPI
 #include "ssh-gss.h"
@@ -175,6 +176,10 @@
 	Sensitive *sensitive;
 	/* kbd-interactive */
 	int info_req_seen;
+	int server_auth;        /* SRP authenticates _both_ sides;
+				 * this is set when the client
+				 * authenticates the server. */
+	SRP_CTX *srp;
 	/* generic */
 	void *methoddata;
 };
@@ -199,6 +204,7 @@
 int	userauth_kbdint(Authctxt *);
 int	userauth_hostbased(Authctxt *);
 int	userauth_kerberos(Authctxt *);
+int     userauth_srp(Authctxt *);
 
 #ifdef GSSAPI
 int	userauth_gssapi(Authctxt *authctxt);
@@ -235,6 +241,10 @@
 		userauth_pubkey,
 		&options.pubkey_authentication,
 		NULL},
+	{SRP_GEX_SHA1,
+		userauth_srp,
+		&options.srp_authentication,
+		&options.batch_mode},
 	{"keyboard-interactive",
 		userauth_kbdint,
 		&options.kbd_interactive_authentication,
@@ -372,6 +382,10 @@
 	Authctxt *authctxt = ctxt;
 	if (authctxt == NULL)
 		fatal("input_userauth_success: no authentication context");
+	if (strcmp(authctxt->method->name, SRP_GEX_SHA1) == 0 &&
+	    !authctxt->server_auth) {
+	    	fatal("SRP unauthenticated server sent a SUCCESS packet");
+	}
 	if (authctxt->authlist)
 		xfree(authctxt->authlist);
 	if (authctxt->methoddata)
@@ -1362,6 +1376,283 @@
 	return 1;
 }
 
+void fatal_bignum_error();
+static void input_userauth_srp_reply(int type, u_int32_t seq, void *ctxt);
+static void input_userauth_srp_value(int type, u_int32_t seq, void *ctxt);
+static void input_userauth_srp_proof(int type, u_int32_t seq, void *ctxt);
+
+int
+userauth_srp(Authctxt *authctxt)
+{
+       static int attempt = 0;
+
+       if (attempt++ >= options.number_of_password_prompts)
+               return 0;
+
+       if (attempt != 1)
+               error("Permission denied, please try again.");
+
+       /* Allocate an SRP context and update the authentication context. */
+
+       authctxt->srp = SRP_CTX_new();
+       authctxt->server_auth = 0;
+
+       /* We begin by sending an authorization request for the method. */
+
+       packet_start(SSH2_MSG_USERAUTH_REQUEST);
+       packet_put_cstring(authctxt->server_user);
+       packet_put_cstring(authctxt->service);
+       packet_put_cstring(authctxt->method->name);
+       packet_send();
+
+       /* Round 1 begins when we get the reply from the server. */
+
+       dispatch_set(SSH2_MSG_USERAUTH_SRP_REPLY, &input_userauth_srp_reply);
+       return 1;
+}
+
+/* Round 1: get the SRP parameters and send the public value e. */
+
+static void
+input_userauth_srp_reply(int type, u_int32_t seq, void *ctxt)
+{
+       int i, plen;
+       BIGNUM *tmp;
+       Authctxt *authctxt;
+       SRP_CTX *srp;
+
+       /* Make sure we're where we're supposed to be. */
+
+       authctxt = ctxt;
+       if (authctxt == NULL || authctxt->srp == NULL)
+               fatal("input_userauth_srp_reply: no context");
+       srp = authctxt->srp;
+       dispatch_set(SSH2_MSG_USERAUTH_SRP_REPLY, NULL);
+
+       /* The server sent us the prime p, generator g, and salt. */
+
+       packet_get_bignum2(srp->p);
+       packet_get_bignum2(srp->g);
+       srp->salt = packet_get_string(&srp->slen);
+       packet_check_eom();
+
+       /*
+        * Make sure the group is OK.  XXX note that there is no check
+        * that this is really the group that the user chose when
+        * he or she created the verifier (that requires persistent
+        * client state).
+        */
+       if (!is_safe_group(srp->p, srp->g))
+               packet_disconnect("unknown/unsafe SRP group for user %s",
+                   authctxt->server_user);
+
+       /* We'll need p-1 later. */
+
+       if (!BN_sub(srp->pm1, srp->p, BN_value_one()))
+               goto err;
+
+       /*
+        * The random exponent a is ALEN bits long, or the size of p,
+        * whichever is less.
+        */
+       plen = BN_num_bits(srp->p);
+       i = ALEN;
+       if (plen < ALEN)
+               i = plen;
+
+       /*
+        * Generate the random exponent a.  Loop until lg(p) < a < p-1.
+        * This guarantees that 1 < e < p-1 and that e isn't some
+        * obvious power of g.
+        */
+       if ((tmp = BN_new()) == NULL)
+               goto err;
+       if (!BN_set_word(tmp, plen))
+               goto err;
+       for (;;) {
+               if (!BN_rand(srp->a, i, 0, 0))
+                       goto err;
+               if (BN_ucmp(srp->a, tmp) > 0 && BN_ucmp(srp->a, srp->pm1) < 0)
+                       break;
+       }
+       BN_free(tmp);
+
+       /* Generate the public value e = g^a mod p. */
+
+       if (!BN_mod_exp(srp->e, srp->g, srp->a, srp->p, srp->ctx))
+               goto err;
+
+       /* Send it. */
+
+       packet_start(SSH2_MSG_USERAUTH_SRP_VALUE);
+       packet_put_bignum2(srp->e);
+       packet_send();
+
+       /* Round 2 begins when we get the server's public value. */
+
+       dispatch_set(SSH2_MSG_USERAUTH_SRP_VALUE, &input_userauth_srp_value);
+       return;
+
+err:
+       fatal_bignum_error();
+}
+
+static void
+input_userauth_srp_value(int type, u_int32_t seq, void *ctxt)
+{
+       int plen;
+       char *passphrase, prompt[100];
+       BIGNUM *x, *K;
+       Authctxt *authctxt;
+       SRP_CTX *srp;
+
+       /* Make sure we're where we're supposed to be. */
+
+       authctxt = ctxt;
+       if (authctxt == NULL || authctxt->srp == NULL)
+               fatal("input_userauth_srp_value: no context");
+       srp = authctxt->srp;
+       dispatch_set(SSH2_MSG_USERAUTH_SRP_VALUE, NULL);
+
+       /*
+        * The server sent f = (v + g^b) mod p, where v is the
+        * user's verifier and b is another random number.
+        */
+       packet_get_bignum2(srp->f);
+       packet_check_eom();
+
+       /* Sanity check f.  Abort if f is not in (1, p-1). */
+
+       if (BN_cmp(srp->f, BN_value_one()) <= 0 ||
+           BN_ucmp(srp->f, srp->pm1) >= 0)
+               packet_disconnect("bad SRP f value");
+
+       /* Calculate u from f. */
+
+       srp->u = srp_u_calc(srp->f);
+       if (srp->u == 0)
+               packet_disconnect("bad SRP u value");
+
+       /* Get the passphrase from the user. */
+
+       /*
+        * XXX it would actually be nice if we could display the prompt
+        * and set no-echo mode earlier, and read the passphrase here,
+        * since the calculations above can be lengthy and could happen
+        * while the user is typing (we only need the passphrase in
+        * memory at this point), but the cli_* routines don't have an
+        * API for that.  :-(
+        */
+       snprintf(prompt, sizeof(prompt), "Enter %.30s@%.128s's SRP passphrase: ",
+           authctxt->server_user, authctxt->host);
+       passphrase = read_passphrase(prompt, 0);
+       plen = strlen(passphrase);
+
+       /* Calculate x = HASH(salt | HASH(username | passphrase)). */
+
+       if ((x = BN_new()) == NULL)
+               goto err;
+       srp_x_calc(srp->salt, srp->slen, authctxt->server_user, passphrase, x);
+
+       memset(passphrase, 0, plen);
+       xfree(passphrase);
+
+       /* Calculate v = g^x mod p. */
+
+       if (!BN_mod_exp(srp->v, srp->g, x, srp->p, srp->ctx))
+               goto err;
+
+       /* Now the shared secret K = (f - v) ^ (a + u * x) mod p. */
+
+       if (!BN_mul_word(x, srp->u))
+               goto err;
+       if (!BN_add(x, srp->a, x))              /* x = (a + u * x) */
+               goto err;
+
+       if ((K = BN_new()) == NULL)
+               goto err;
+       if (BN_copy(K, srp->f) == NULL)         /* use K as temp */
+               goto err;
+       if (BN_cmp(K, srp->v) < 0) {
+               if (!BN_add(K, K, srp->p))
+                       goto err;
+       }
+       if (!BN_sub(srp->a, K, srp->v))         /* a = (f - v) */
+               goto err;
+
+       if (!BN_mod_exp(K, srp->a, x, srp->p, srp->ctx))
+               goto err;
+       BN_clear_free(x);
+
+       /* Calculate the exchange hash and proofs. */
+
+       srp_hash_calc(authctxt->server_user, authctxt->service,
+           authctxt->method->name, srp, K);
+       BN_clear_free(K);
+
+       /* Send the client authenticator. */
+
+       packet_start(SSH2_MSG_USERAUTH_SRP_PROOF);
+       packet_put_string(srp->m1, srp->m1len);
+       packet_send();
+
+       /* Wait for the server's authenticator. */
+
+       dispatch_set(SSH2_MSG_USERAUTH_SRP_PROOF, &input_userauth_srp_proof);
+       return;
+
+err:
+       fatal_bignum_error();
+}
+
+/* Round 3: check the proofs. */
+
+static void
+input_userauth_srp_proof(int type, u_int32_t seq, void *ctxt)
+{
+       int i;
+       u_int mlen;
+       u_char *mbuf;
+       Authctxt *authctxt;
+       SRP_CTX *srp;
+
+       /* Make sure we're where we're supposed to be. */
+
+       authctxt = ctxt;
+       if (authctxt == NULL || authctxt->srp == NULL)
+               fatal("input_userauth_srp_proof: no context");
+       srp = authctxt->srp;
+       dispatch_set(SSH2_MSG_USERAUTH_SRP_PROOF, NULL);
+
+       /* Get the server's version. */
+
+       i = packet_get_char();
+       mbuf = NULL;
+       if (i)
+               mbuf = packet_get_string(&mlen);
+       packet_check_eom();
+
+       /* If the flag is set, we were OK; check the server. */
+
+       if (i) {
+               /*
+                * If we were authenticated, but the server was not,
+                * there is likely to be a serious problem.
+                */
+               if (mlen != srp->m2len || memcmp(mbuf, srp->m2, mlen) != 0)
+                       packet_disconnect("SRP server authentication failure!");
+
+               authctxt->server_auth = 1;
+               xfree(mbuf);
+       }
+
+       /*
+        * Done.  Free the SRP context, and return to await the server's
+        * reply packet.
+        */
+       SRP_CTX_free(srp);
+}
+
 /* find auth method */
 
 /*
diff -burN openssh-3.7.1p2/sshd.0 openssh/sshd.0
--- openssh-3.7.1p2/sshd.0	2003-09-23 02:55:18.000000000 -0700
+++ openssh/sshd.0	2004-02-08 01:42:35.000000000 -0800
@@ -77,6 +77,8 @@
      tion) or client host (HostbasedAuthentication) authentication method,
      conventional password authentication and challenge response based meth-
      ods.
+     SRP-based password authentication, conventional password authentication
+     and challenge response based methods.
 
    Command execution and data forwarding
 
diff -burN openssh-3.7.1p2/sshd.8 openssh/sshd.8
--- openssh-3.7.1p2/sshd.8	2003-08-24 18:51:19.000000000 -0700
+++ openssh/sshd.8	2004-02-08 01:42:35.000000000 -0800
@@ -170,6 +170,7 @@
 Protocol version 2 provides a public key based
 user (PubkeyAuthentication) or
 client host (HostbasedAuthentication) authentication method,
+SRP-based password authentication,
 conventional password authentication and challenge response based methods.
 .Pp
 .Ss Command execution and data forwarding
diff -burN openssh-3.7.1p2/sshd.c openssh/sshd.c
--- openssh-3.7.1p2/sshd.c	2003-09-02 05:51:17.000000000 -0700
+++ openssh/sshd.c	2004-02-08 01:42:35.000000000 -0800
@@ -84,6 +84,7 @@
 #include "monitor.h"
 #include "monitor_wrap.h"
 #include "monitor_fdpass.h"
+#include "srp.h"
 
 #ifdef LIBWRAP
 #include <tcpd.h>
@@ -1009,6 +1010,8 @@
 		exit(1);
 	}
 
+	srp_param_init();
+
 	/* Check certain values for sanity. */
 	if (options.protocol & SSH_PROTO_1) {
 		if (options.server_key_bits < 512 ||
diff -burN openssh-3.7.1p2/sshd_config openssh/sshd_config
--- openssh-3.7.1p2/sshd_config	2003-09-02 05:51:18.000000000 -0700
+++ openssh/sshd_config	2004-02-08 01:42:35.000000000 -0800
@@ -50,6 +50,9 @@
 # Don't read the user's ~/.rhosts and ~/.shosts files
 #IgnoreRhosts yes
 
+# The default is to use SRP.
+#SRPAuthentication yes
+
 # To disable tunneled clear text passwords, change to no here!
 #PasswordAuthentication yes
 #PermitEmptyPasswords no
diff -burN openssh-3.7.1p2/sshd_config.0 openssh/sshd_config.0
--- openssh-3.7.1p2/sshd_config.0	2003-09-23 02:55:19.000000000 -0700
+++ openssh/sshd_config.0	2004-02-08 01:42:35.000000000 -0800
@@ -324,6 +324,11 @@
              fault is ``yes''.  This option applies to protocol version 1 on-
              ly.
 
+     SRPAuthentication
+             Specifies whether SRP authentication is allowed.  The default is
+	     ``yes''.  Note that this option applies to protocol version 2
+	     only.
+
      ServerKeyBits
              Defines the number of bits in the ephemeral protocol version 1
              server key.  The minimum value is 512, and the default is 768.
diff -burN openssh-3.7.1p2/sshd_config.5 openssh/sshd_config.5
--- openssh-3.7.1p2/sshd_config.5	2003-09-02 05:57:05.000000000 -0700
+++ openssh/sshd_config.5	2004-02-08 01:42:35.000000000 -0800
@@ -551,6 +551,11 @@
 The default is
 .Dq yes .
 This option applies to protocol version 1 only.
+.It Cm SRPAuthentication
+Specifies whether SRP authentication is allowed.
+The default is
+.Dq yes .
+Note that this option applies to protocol version 2 only.
 .It Cm ServerKeyBits
 Defines the number of bits in the ephemeral protocol version 1 server key.
 The minimum value is 512, and the default is 768.
diff -burN openssh-3.7.1p2/tconf2embed.c openssh/tconf2embed.c
--- openssh-3.7.1p2/tconf2embed.c	1969-12-31 16:00:00.000000000 -0800
+++ openssh/tconf2embed.c	2004-02-08 01:42:35.000000000 -0800
@@ -0,0 +1,244 @@
+/* SRP implementation for OpenSSH by Dr. Tom <tomh@kurage.nimh.nih.gov>. */
+
+#include "includes.h"
+
+#include <openssl/bn.h>
+
+#include "xmalloc.h"
+#include "log.h"
+#include "srp.h"
+
+#define USAGE() fprintf(stderr, "usage: %s [-f] <tconf file> ...\n", __progname)
+
+/* argv0 */
+#ifdef HAVE___PROGNAME
+extern char *__progname;
+#else
+char *__progname;
+#endif
+
+int Fastmode;
+
+int parse_tconf(char *buf, BIGNUM *p, BIGNUM *g);
+int is_safe(BIGNUM *p, BIGNUM *g);
+
+/*
+ * Read tpasswd.conf files in the format used by libsrp and output the
+ * entries as an external C module meant to be linked with ssh and sshd.
+ */
+int
+main(int argc, char **argv)
+{
+	int i, c, n;
+	char *s, buf[8 * 1024];
+	time_t t;
+	struct passwd *pw;
+	FILE *infile;
+	BIGNUM *p, *g;
+	extern int optind;
+
+	__progname = ssh_get_progname(*argv);
+
+	Fastmode = 0;
+	while ((c = getopt(argc, argv, "f")) != EOF) {
+		switch (c) {
+		case 'f':
+			Fastmode = 1;
+			break;
+
+		default:
+			USAGE();
+			exit(1);
+		}
+	}
+	argc -= optind;
+	argv += optind;
+
+	if (argc < 1) {
+		USAGE();
+		exit(1);
+	}
+
+	if ((p = BN_new()) == NULL || (g = BN_new()) == NULL) {
+		fprintf(stderr, "can't allocate BIGNUMs\n");
+		exit(1);
+	}
+
+	/* Get some values for the header. */
+
+	time(&t);
+	s = ctime(&t);
+	s[strlen(s) - 1] = '\0';
+
+	pw = getpwuid(getuid());
+	if (pw == NULL) {
+		fprintf(stderr, "no such user\n");
+		exit(1);
+	}
+
+	printf("/* This file was created by tconf2embed.  Do not edit. */\n");
+	printf("/* Converted by %s on %s. */\n\n", pw->pw_name, s);
+
+	printf("#include \"includes.h\"\n");
+	printf("#include <openssl/bn.h>\n");
+	printf("#include \"srp.h\"\n\n");
+
+	n = 0;
+	printf("SRP_PARAM SRP_param[] = {\n");
+
+	if (!Fastmode)
+		fprintf(stderr,
+		    "%s: checking SRP parameters for safety -- "
+		    "this may take a while\n",
+		    __progname);
+
+	for (i = 0; i < argc; i++) {
+		if (strcmp(argv[i], "-") == 0)
+			infile = stdin;
+		else if ((infile = fopen(argv[i], "r")) == NULL) {
+			fprintf(stderr, "file '%s' not found\n", argv[i]);
+			exit(1);
+		}
+
+		while (fgets(buf, sizeof(buf), infile) != NULL) {
+			buf[strlen(buf) - 1] = '\0';
+			if (buf[0] == '#')
+				printf("\t/*%s */\n", buf + 1);
+			else {
+				fprintf(stderr, ".");
+				if (parse_tconf(buf, p, g))
+					n++;
+			}
+		}
+
+		fclose(infile);
+	}
+	printf("};\n\n");
+	printf("int SRP_nparams = %d;\n", n);
+
+	fprintf(stderr, "\n%d groups\n", n);
+
+	return 0;
+}
+
+char Fieldsep[] = { ':', '\0' };
+
+/*
+ * Get the parameters from buf and test them for safety.  If they are
+ * safe, output them and return 1, otherwise return 0.
+ */
+int
+parse_tconf(char *buf, BIGNUM *p, BIGNUM *g)
+{
+	char *s, *prime, *gen;
+	static int lineno = 0;
+
+	/* Carve. [i]:p:g */
+
+	s = buf;
+	if (strsep(&s, Fieldsep) == NULL)               /* index - ignore */
+		goto err;
+	if ((prime = strsep(&s, Fieldsep)) == NULL)     /* prime */
+		goto err;
+	if ((gen = strsep(&s, Fieldsep)) == NULL)       /* gen */
+		goto err;
+	if (s != NULL)
+		goto err;
+	lineno++;
+
+	/* Convert to BIGNUMs. */
+
+	if (!srp_tfmt2bn(p, prime))
+		goto err;
+	if (!srp_tfmt2bn(g, gen))
+		goto err;
+
+	/* Check for safety. */
+
+	if (!Fastmode)
+		if (!is_safe(p, g)) {
+			fprintf(stderr,
+			    "unsafe entry skipped on line %d!\n", lineno);
+			return 0;
+		}
+
+	printf("\t{ \"%s\",\n", prime);
+	printf("\t  \"%s\",\n", gen);
+	printf("\t  NULL, NULL },\n");
+
+	return 1;
+
+err:
+	fprintf(stderr, "parse error on line %d\n", lineno);
+	exit(1);
+
+	return 0;       /* mu */
+}
+
+/* This is the test code from is_safe_group(). */
+
+int
+is_safe(BIGNUM *p, BIGNUM *g)
+{
+	int safe;
+	BIGNUM *q, *r;
+	BN_CTX *ctx;
+	BN_ULONG l;
+
+	safe = 0;
+
+	if ((ctx = BN_CTX_new()) == NULL)
+		goto err;
+	if ((q = BN_new()) == NULL)
+		goto err;
+	if ((r = BN_new()) == NULL)
+		goto err;
+
+	if (BN_is_prime(p, 50, NULL, ctx, NULL) != 1)
+		goto unsafe;
+	if (!BN_rshift1(q, p))
+		goto err;
+	if (BN_is_prime(q, 50, NULL, ctx, NULL) != 1)
+		goto unsafe;
+
+	if (BN_is_word(g, 2)) {
+		if (BN_mod_word(p, 24) != 11)
+			goto unsafe;
+	} else if (BN_is_word(g, 5)) {
+		l = BN_mod_word(p, 10);
+		if (l != 3 && l != 7)
+			goto unsafe;
+	} else {
+
+		/*
+		 * Do it the slow way; g is a generator if
+		 *      g^((p-1)/f) mod p != 1
+		 * for all f which are factors of p-1.  That's 2 and q,
+		 * so check them.
+		 */
+		if (!BN_mod_exp(r, g, q, p, ctx))
+			goto err;
+		if (BN_is_one(r))
+			goto unsafe;
+		if (!BN_set_word(q, 2))
+			goto err;
+		if (!BN_mod_exp(r, g, q, p, ctx))
+			goto err;
+		if (BN_is_one(r))
+			goto unsafe;
+	}
+	safe = 1;
+
+unsafe:
+	BN_free(r);
+	BN_free(q);
+	BN_CTX_free(ctx);
+
+	return safe;
+
+err:
+	fprintf(stderr, "BIGNUM error\n");
+	exit(1);
+
+	return 0;       /* mu */
+}
diff -burN openssh-3.7.1p2/tpasswd-util.c openssh/tpasswd-util.c
--- openssh-3.7.1p2/tpasswd-util.c	1969-12-31 16:00:00.000000000 -0800
+++ openssh/tpasswd-util.c	2004-02-08 01:42:35.000000000 -0800
@@ -0,0 +1,164 @@
+/* SRP implementation for OpenSSH by Dr. Tom <tomh@kurage.nimh.nih.gov>. */
+
+#include "includes.h"
+
+#include <openssl/bn.h>
+
+#include "xmalloc.h"
+#include "srp.h"
+
+/*
+ * These routines convert BIGNUMS to and from the base64 format used
+ * by the Stanford distribution of libsrp.  They were taken from srp-1.7.1
+ * and modified a bit.
+ */
+
+static char b64table[] =
+    "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz./";
+
+/*
+ * Convert a libsrp base64 string into a BIGNUM, which must be
+ * preallocated.  Returns 1 for success, 0 for error.
+ */
+int
+srp_tfmt2bn(BIGNUM *dst, const char *src)
+{
+	char *a;
+	int i, ret;
+
+	i = strlen(src) + 1;
+	a = xmalloc(i);
+
+	i = srp_tfmt2bin(a, src);
+	ret = 1;
+	if (BN_bin2bn(a, i, dst) == NULL)
+		ret = 0;
+
+	xfree(a);
+	return ret;
+}
+
+/*
+ * Convert a libsrp base64 string into raw byte array representation.
+ * dst must already be allocated, and must be large enough.  Returns the
+ * length of the converted src.
+ */
+int
+srp_tfmt2bin(char *dst, const char *src)
+{
+	char *loc;
+	u_char *a;
+	int i, j, size;
+
+	while (*src && (*src == ' ' || *src == '\t' || *src == '\n'))
+		++src;
+	size = strlen(src);
+	if (size == 0)
+		return size;
+
+	a = xmalloc((size + 1) * sizeof(u_char));
+	i = 0;
+	while (i < size) {
+		loc = strchr(b64table, src[i]);
+		if (loc == (char *) 0)
+			break;
+		else
+			a[i] = loc - b64table;
+		++i;
+	}
+	size = i;
+
+	i = size - 1;
+	j = size;
+	for (;;) {
+		a[j] = a[i];
+		if (--i < 0)
+			break;
+		a[j] |= (a[i] & 3) << 6;
+		--j;
+		a[j] = (u_char) ((a[i] & 0x3c) >> 2);
+		if (--i < 0)
+			break;
+		a[j] |= (a[i] & 0xf) << 4;
+		--j;
+		a[j] = (u_char) ((a[i] & 0x30) >> 4);
+		if (--i < 0)
+			break;
+		a[j] |= (a[i] << 2);
+
+		a[--j] = 0;
+		if (--i < 0)
+			break;
+	}
+
+	while (a[j] == 0 && j <= size)
+		++j;
+
+	memcpy(dst, a + j, size - j + 1);
+	xfree(a);
+	return size - j + 1;
+}
+
+/*
+ * Convert a BIGNUM into a null-terminated libsrp base64 ASCII string.
+ * Returns dst, which must be preallocated and big enough.
+ * This is only used by the utilities srp-keygen and primes2tconf.
+ */
+char *
+srp_bn2tfmt(char *dst, const BIGNUM *src0)
+{
+	char *olddst = dst;
+	u_char b0 = 0, b1 = 0, b2 = 0, notleading = 0;
+	u_char *src;
+	int c, size, pos;
+
+	size = BN_num_bytes(src0);
+	src = xmalloc(size);
+	BN_bn2bin(src0, src);
+
+	pos = size % 3;
+
+	switch (pos) {
+	case 1:
+		b2 = src[0];
+		break;
+	case 2:
+		b1 = src[0];
+		b2 = src[1];
+		break;
+	}
+
+	for (;;) {
+		c = (b0 & 0xfc) >> 2;
+		if (notleading || c != 0) {
+			*dst++ = b64table[c];
+			notleading = 1;
+		}
+		c = ((b0 & 3) << 4) | ((b1 & 0xf0) >> 4);
+		if (notleading || c != 0) {
+			*dst++ = b64table[c];
+			notleading = 1;
+		}
+		c = ((b1 & 0xf) << 2) | ((b2 & 0xc0) >> 6);
+		if (notleading || c != 0) {
+			*dst++ = b64table[c];
+			notleading = 1;
+		}
+		c = b2 & 0x3f;
+		if (notleading || c != 0) {
+			*dst++ = b64table[c];
+			notleading = 1;
+		}
+		if (pos >= size)
+			break;
+		else {
+			b0 = src[pos++];
+			b1 = src[pos++];
+			b2 = src[pos++];
+		}
+	}
+
+	*dst = '\0';
+	xfree(src);
+	return olddst;
+}
