From fe89a521d1f1623652b250b6f3e748c2ee50d911 Mon Sep 17 00:00:00 2001 From: Arne Welzel Date: Wed, 30 Apr 2025 15:48:17 +0200 Subject: [PATCH] QUIC: Use initial destination conn_id for decryption Ensure the client side also uses the initial destination connection ID for decryption purposes instead of the one from the current long header packet. PCAP from local WiFi hotspot. --- src/analyzer/protocol/quic/QUIC.spicy | 15 ++++++++------- .../conn.log.cut | 3 +++ .../quic.log.cut | 3 +++ .../ssl.log.cut | 3 +++ .../quic/quic-decrypt-fail-google-de-51833.pcap | Bin 0 -> 26858 bytes .../quic/decrypt-fail-google-de-51833.zeek | 12 ++++++++++++ 6 files changed, 29 insertions(+), 7 deletions(-) create mode 100644 testing/btest/Baseline/scripts.base.protocols.quic.decrypt-fail-google-de-51833/conn.log.cut create mode 100644 testing/btest/Baseline/scripts.base.protocols.quic.decrypt-fail-google-de-51833/quic.log.cut create mode 100644 testing/btest/Baseline/scripts.base.protocols.quic.decrypt-fail-google-de-51833/ssl.log.cut create mode 100644 testing/btest/Traces/quic/quic-decrypt-fail-google-de-51833.pcap create mode 100644 testing/btest/scripts/base/protocols/quic/decrypt-fail-google-de-51833.zeek diff --git a/src/analyzer/protocol/quic/QUIC.spicy b/src/analyzer/protocol/quic/QUIC.spicy index 3954a80977..0198ba9b3b 100644 --- a/src/analyzer/protocol/quic/QUIC.spicy +++ b/src/analyzer/protocol/quic/QUIC.spicy @@ -567,23 +567,24 @@ type Packet = unit(from_client: bool, context: ConnectionIDInfo&) { context.server_cid_len = self.long_header.dest_conn_id_len; context.client_cid_len = self.long_header.src_conn_id_len; + # This is the first INITIAL packet we attempt to decrypt and it is + # coming from the client. Use its destination connection ID for + # decryption purposes. + if ( |context.initial_destination_conn_id| == 0 ) { + context.initial_destination_conn_id = self.long_header.dest_conn_id; + } + # This means that here, we can try to decrypt the initial packet! # All data is accessible via the `long_header` unit self.decrypted_data = decrypt_crypto_payload( self.long_header.version, self.packet_data, - self.long_header.dest_conn_id, + context.initial_destination_conn_id, self.long_header.encrypted_offset, self.long_header.payload_length, from_client ); - # Assuming that the client set up the connection, this can be considered the first - # received Initial from the client. So disable change of ConnectionID's afterwards - if ( |context.initial_destination_conn_id| == 0 ) { - context.initial_destination_conn_id = self.long_header.dest_conn_id; - } - } else { context.server_cid_len = self.long_header.src_conn_id_len; context.client_cid_len = self.long_header.dest_conn_id_len; diff --git a/testing/btest/Baseline/scripts.base.protocols.quic.decrypt-fail-google-de-51833/conn.log.cut b/testing/btest/Baseline/scripts.base.protocols.quic.decrypt-fail-google-de-51833/conn.log.cut new file mode 100644 index 0000000000..46d72b1541 --- /dev/null +++ b/testing/btest/Baseline/scripts.base.protocols.quic.decrypt-fail-google-de-51833/conn.log.cut @@ -0,0 +1,3 @@ +### BTest baseline data generated by btest-diff. Do not edit. Use "btest -U/-u" to update. Requires BTest >= 0.63. +ts uid history service +XXXXXXXXXX.XXXXXX CHhAvVGS1DHFjwGM9 Dd quic,ssl diff --git a/testing/btest/Baseline/scripts.base.protocols.quic.decrypt-fail-google-de-51833/quic.log.cut b/testing/btest/Baseline/scripts.base.protocols.quic.decrypt-fail-google-de-51833/quic.log.cut new file mode 100644 index 0000000000..6199e7117b --- /dev/null +++ b/testing/btest/Baseline/scripts.base.protocols.quic.decrypt-fail-google-de-51833/quic.log.cut @@ -0,0 +1,3 @@ +### BTest baseline data generated by btest-diff. Do not edit. Use "btest -U/-u" to update. Requires BTest >= 0.63. +ts uid server_name history +XXXXXXXXXX.XXXXXX CHhAvVGS1DHFjwGM9 www.google.de ZZZIiIIIISiIIIiiiiiishIIHH diff --git a/testing/btest/Baseline/scripts.base.protocols.quic.decrypt-fail-google-de-51833/ssl.log.cut b/testing/btest/Baseline/scripts.base.protocols.quic.decrypt-fail-google-de-51833/ssl.log.cut new file mode 100644 index 0000000000..e72550284a --- /dev/null +++ b/testing/btest/Baseline/scripts.base.protocols.quic.decrypt-fail-google-de-51833/ssl.log.cut @@ -0,0 +1,3 @@ +### BTest baseline data generated by btest-diff. Do not edit. Use "btest -U/-u" to update. Requires BTest >= 0.63. +ts uid version cipher curve server_name resumed last_alert next_protocol established ssl_history +XXXXXXXXXX.XXXXXX CHhAvVGS1DHFjwGM9 TLSv13 TLS_AES_128_GCM_SHA256 X25519MLKEM768 www.google.de T - - F Cs diff --git a/testing/btest/Traces/quic/quic-decrypt-fail-google-de-51833.pcap b/testing/btest/Traces/quic/quic-decrypt-fail-google-de-51833.pcap new file mode 100644 index 0000000000000000000000000000000000000000..cc7d2fec1a6e0543e3d9b8f8268e7225062e4e24 GIT binary patch literal 26858 zcmcH9Q?P8?mM-9F+qP}nwr$(CZQI70)|$4>HEr9td!LH9Rp-`ysE1t{(IPTOWaQ{C z{mb^Z(U%5)6#@Z(0Q~0*1OV`_4_zGa7LrL|0C9i4|GOfN1v&%J{k+88AwI(X7yx9q z0B9fzP(g`?6EHxan_7RUE0RveQvskT2mnGb{>QHo08dl{b^&Na9W4EI0T5!+IxT~i zSYH7^fZw0s3#^t`9TrF7Zn&oJ&gfmZR@wu)3@$5jeUb{8`O5px?FVh!;&1E3NIjO$ zTo&)3gj5r;q229Jevj}r!w z?s%iR>4p6Q5in+Fq`<#~-mpp+#8gGd!C-wab1A3o_3aFNUhzQRM+>tB(Fk4F_f-t) z_Bbw0;}ESh6OaDG-e6^8mji=Ixrow99M(0`LKV8Zvn!ZhsaeE>5{TNvbxa9^%efOk zOr0}aK0mTc$Q6DrD8<&6QGj1xf%A#uz&Op>C>}*C<6N%RIjV|d=;(PdCvpJIuT53S zdggMtlE_)C3^f9>MllrxDqc)YOVj`>5|TrBgoQqM)f1B4kDwqvv%6UT6F|01{9HQS zmJ*gi;R(M+bAm0#_rdZ$s47H9?*7w9S;@ib zs1y99M-OtJ(taB!xnx9cSkMD%!7ke>wn^@aglU@Ax|wKySrb~5QB)1i>}$q9)j{9` zra9jjzewhJVkx5G(#ptGTG%-2-}%-Ph(Rh$6NYwS;?=I6N)(|9iOAvjXVY^5k*&>P zy~RSPp*bAf^c?H_UYPmE{DrnhKGfg1&E+X5_C6m2OZ7Tg86D~45>Lm7DR4(OwW<-1 zsz^J~yT+&;egTeVd!GPreh<0Bf_=KtHyMY|D5X}=RTt@ix(M=Q>lPnWWC%|1_*yQJ zn}Was%$7L&(_COotPrFJuMGEEqZk3n(|>EFTZ&8?gtftG2b+}_hZ*8>2mLq#EmSiZT?K&tJcsrh)BAO%H z;3p|3Dt4s1#`aMzNA<}+XQ3<^62`1NT?Mr!6k)E+usDE9D{}tux9sc3!96}M0!6GwTCkbJ|>_>jTvGjijU?A&voK#)XD>QA-8!mJh z7+#yH*6YzM`=)d7#j7eN%V?9}5;TD@lj^5C){DNsYe zs&Eoe)hrp`=I71n^seEIHwCT7N(<BQ8t!H3Gl?HG;$I&^oS~)?QxmR8O_;gj zK?zv5DGf|}=9nKXHi}|UQ(A8EUmU5nN88AxScr$8X4*8Q5`SgXJuJy_#;Z`dYcplN z_%qSKG~n#)TRqh^XtHTRb{Bqnid6)wzuh9I$^ZOOp8oRbvs>^cdrZctf;>UXIl12l zItZ95xFgJeGH7z&xg4;0|IX8+RT#B2Y=oK|x&?+=Fw z`}A3EK=k29v-EO8RBR3AsPYsz>3R5?1vN7HXy+GLts;)klhmyLHaot^RXcOyd{64v z)M>z6=-HdT^S6tbe2@V0zySZM|L!6%=Kst^V9eQq?SFSs7@!)=JqbJ44$P&rli1Tb z)a)a@gTaF@sW|izYkb-DIes#KscJdVCS80?nB-AtUBfY&^S7b5&MM8XHcIMhpi?Ti zHSo8NHRJR(g1Bh`(4e_>N%#Z|0$Wqd4XO;9B`^{`vKO_Sxw>a%ll^ARAU1czQYiT# zm24UV0qNxlrKO$dMZy{{P4a6k<2!RDJchDQw9s<26$81XYRv>lD*zpQqlUX+rv&%8x zjLC;Od0$*4kS2=6qDoXDpxOiHpR~|wHqhrjGB`15TLXI1@#F1#V*&}QMf=S~zJ*(k z2%12Rf~^G|!rb}9We#x#g&D3Sw4Gb7=|M3r14c2;FqRy7L$spT2sgnzn+Lp-rM;E9R@}&Nr&Rt;I!7>G*giZN#+z(Fz6zGuOck5B>a%MCBV&GdkEY>x(ceTAqj`Q z*X&Wi@FANEO|QnQT;R{%K9nz_2uV-vO^qKqB`dOd*BmhWcG1AKdZN0)oO=UHwu!1V|QlsqNt)GOIUhQ zx^>Alz(OfHcE!bKSF9j9??x9MAZb@bdf*Ku254ay8@>cR%ez{noj&`NrD1b5u@&DW zr2RNT>b`kF>i^VoyJbJoS0vP{z^ZG*9NZ9^KM@H~+KF*^UK_`D&d7sfS1c$lKMJre zHEth}plwBWr$G7Vr%5rcqJV&7>| zkiHjYon1OP*-YXP@AkmmwGhTFG#VAAWc3@(zs+nkhwTJn>rxqEt%FG1LBscq;F7iP zMAd4r70nJXyc9%FF$6}X-1tnyNR?(Ud;Qh@*Y>iF0S18itL^x^{`>XY}846bsG77saf*FmY#kqgH<*)*yR+l z&?_U=ShPTJ%>12%DF%!51~&z7M6Nwdq(&kxG<4ex46!Z#)p-4yh0ImoX>)4RS3Hp@ zgR?~R2dJgz8>=fp4aDEO(=uwrOr}>6@Z@l5#oz`0;{zUpd&YEPn=+~p`06+Eb5<-w>I>Cp;30f#hy$;Cuq}trkjDKq9Oy`O z9%a0_Q>&>zl8!dkOXKvMel~|qb~lk$Ct>xlRA6y^bme-C?pCtzK_7a=ed30F$VV2X z=_eg8=E9#Qm9l)7dy)&c5!kSNSTDUY{zSWfJ0I|TQt!5nesE7r^6$-Yqyo)l447p5 zi6&10Jayr;5KrM%tuLa~9!<{*J;_A5)jqjRWo}tHUYLLOnVWAnibxM|+Xkf^&^sT8 z&X8%}{4C&D&LUCIYL6Q^7f12O51)o!VC$o(Lilg}DvAx>gSgL9_OP=NokUsf8kaas zC9%vRLv|V@f3eCumRN7iNESPFc_8>y+LJ;7S5t}(wP6WLm8oy5C|%t;(r(P%mki=M zB=C?;!`4XmcK1wfx*mg@b}c|p7@LvsH-}p8HTsP{HBqA}y3NjYaw(nyKc;u{O|Yuy$F!|qBDqppAEz!Fg^2&8QCTkY|M ze-POzisUp|90@-U(S(NKo^^W2;#+41)W%6AKfWJS{s;mDfn2X%4)07JGAE>HrEc-6>Bz~v zXbH5n(G75;!7?U)yk6gw&~8o2ToO!F6sQK@w5J6X5{Xj8K3#`G{1%dMZ$Bw)zrEk- zY8(jxsWZib-Om(8Pe|_6p7%(${ic!fY}NgE>np7f@vCkZR_ku~>9*PR8LUM(mMM*A zNCYO|q~G?3=g2Yw)h?vF88<~v!e1~iuA}bl@m$NYEb`!5`gw!-AQB4extqh#*piGe z*FC2bG0!nGzS-hb{zaAHG^)eI&Q&FWGTOfD{>LKZkSEZ+V0MVIW==t(t@zrAtPx=k zQu1y^v?yCuofrFjBiJ*1Y!y{p6Gv&}zIT&3ov@?1V+0k)C(jGwA*%Ag;g=@NPwlmG?Qj3Dm`)CrI-(5S;A4|LyuWSK^8*1e`%AUI>p!C6e+U`&$KtOm01Sw1 z|8GG2e*+|7*F-e{!}#FnUtb3VfVlX-i4mx*{;+^dp9wMkN~M4&h1aSd`xy++7%w2w z&fk31k-z5QmIQ@1aOJ+WqR;j8=;72(KqB{+(j;SAF zNAf8)qlstQJzc#WdXL;Os2deKj4LHIKq zK|up;U|+;`^x-5~f7-lTO$Ummw3av8++4dBp%&&%Ho0I=X({l)ELRtf5eu<9t3e6r z1-q}o(cBmc_4N7e3O8sNZWYaGJ1iA=zS8SIf}%wVS>o!=FBLBdh{${VEtkhDD#Pdf zz=b4+iY}C+hMuaNU-1;mqrY-@s~&#muD#SgNGQDa`QszXvRddwhek(H1kO_zj5P0& z!wDPoYK4mgzf9S%-@J}nC;|(W;lZZ-6z-ZuAboNJU}uX4ICu<2iXPN}XOElQNQj{{ zHHk+%%wBh&B((NWI;c3b62(i5bB+Vn-Ce>YfH)Ti+m*xtbhystD|kmnDmTYq*jN+( zr&3pm72C<4S=wGEvBomUKcJ$rJIC2-RmivrL}%e%r))|*Zn24`;H5qdBcZRhP*45P zCrC$6E(94@?NlQIX<#!P(A+|Smn?+8_buVujul)B6Wp(!w`HZ2S@0OLkq)*z+p{Va z2)Qn!ccrLIN{8EDkTmwx2g-hVm2m{Dz2P`$?Fvl_H!PftDGBS(K}xoc(HU;E7u7vb zULS_D#d|gKll&SGaRwDF9ROp4H72Qxch3VdrZw1h1; zIkZHHsXkkLU&ah+z;EG%pzeWB@GpVZ(HbGce)SeRI@7l97-IvRFyXe`$x8U>myc-A zd`HT+V$|e+>MwG=`5vvLJUq&5FrtALijI+iK{8`)6=G>#4zY=1_)fJZLm_{)d~+m2 zkA;$wOWw)eRE20J-#aNmDp%Rnz|9v&^ zJi;kOdIJ)Jpe)AFUYxT_jtxl=qwBlk&@RH!f|ywWiddocg=#MZh_wjSuXUPx*pv)i z1a@2Sc^X8|NB=1fp<4_jF%&$qHv;74P@BDFp-alv#4eHlXC;!YlL~{#5~-Y|!?~iD zYrm=u!97@VD@-cX@7{FrkT!`h=t<(hBSEYa%$jnOuh zior4v%)r|A;>ORT$MyJc8*lpm85xncwVOnOcwb~zLhg-j3} ztpnywqoLUHVl)*9D#bE2+mc=_1x1$w&y(`G7;56c?)Iav9jup;f!2oT}|6mE>n|2e!gO3VYCexxpK&uTd%1b9QBGgJ($YAOYYNRp23FJ zdsXyIsq(^Q*n}^ziM30}yBH{gosU1bWR?@ZQv*4BoBW~6VoX%e*9|QYhgFcM{Y-Hd z8|md-MwxmsYqtQp6qNW_^>R9TKCtlB1F-mN%l|q0Fnfvn2GMglI9vm#ctIzbr3q;P zkh;*Kdu0`fs+sD2zTB&UDb}RqFQ+)^q5!)u6Vz5;6>*YragMC9mOIM)p<-ve<|wRG z66T=$h2RaYcw-ebC89tb8Va6`C~hzyCGsJur8l0L)I{JxN-VVKrt+dH4762eWDhd$ zF0UxxBNi8@RssY_Nhk?~odE&eaa1?Mr%5@cNxB;!)S(A@^Mlqxud+VT^J1xlErgtq z$lU#Ni6D<(WyvvZ-m*E=_>8;2^UK8>%5V{!Dk?i=t_^qgqN)iTI%HRIuYb}=DN^^l_s&= zg!0CB=d}I=-u?HZOHNXCHfUcWSan(UsINX?eCFoPyc3_)lj=d)Bu>bzy!`<$3vaR! z*6@8LrR(B8Ovum$hs1mg_AY8|uywR#mhnO*k#MEQ^8iE=Om zc?tAh08QUc0hhuGcOB1#aT?IJCvejH?d-iP_~~rv;lO0Qp7bNE)2b~+?FTnP=7pTK z_YJgil(gg+T&|jpyfApP%j>6D&2nD8rB5b5iy-$J@<@=DtfR$#<$8<{OfIkSWTi?P z5`14Isx6fHbxc^;?6^iFXOXV^@^`n<38Mvw*NZDW@DD-{Nh-ewQpE1Z5y#Io60wYn zpxeeV`dTJc!=fytgXb^kPc210gerLW%)r-*ZRc|LRdhnEItfW*nS*6Ls^7B%h$((Y zU-IG{h-R`$Ry;RspM#~@Icliu(%v8YPWw(x(qp!eAy}UFVBWh7s}*550$n!47m}%7 z6;Li(80nK@QC>&8wRb01N@c)sVWtk(7@OUSpNh2a+)G2qbK1}x^#BpYTsBtO`U?;I zYetKn`<17lT)doT4&{&W zkY~l#dxq!~M)YBz7`FFo*In=p=Es%&xc;_rR08ZD=^NYO|HH=rY*zodzOnBCqY09q zI|%EYv}1c`9JRveHHU;`PO}*Hx%^pb!hPHR>BKzq!oLvo`D}&A312?qEmg?v6P~wbd(ec8-3!l6q;ox@F8*)7`l=1;;hA zl!EP%P*3Oii=4V_jSzI?vDYVLGc8rv27d67RS!TE7j-M;PS*h=ci0yk6ekhtlAB^I z3*cs11Sl9uP0C9gegC)BKt<>Vr!rZuk|ec6kz8e4O5IeeSUtWz8BG>I561f)P*Q(N z=AUmKb{<=839tU#*;FahsUvPy69DFD|a4Qnc5?`iddLCW8>+p+>Z42y4M_#?*=m$ z>DQN;Y)0e{Q2uo$$qqWgo4cLOiEM|@4<62;!*@vhA(c?V*G~z)Yzj=g9eE`YrM;OG z??48_?yp&bJFB=xpze8N8=7BvF$?~A*BuQBa1R{MSQFX&St6O)*Un}-^y}isA1k+$ z`0J$TIDry8y+q#MpEa+Q!@G4IN)E?{y~?L zi_1~GFJPSzdD!(?j=xj&ek3#GM$seNKzv z#b2Nb2Fg$}q;!fMXSFV1Z>#{TL15Xv8gp|bu+<2yD=4?0k<&}uTy3bUPq#{%+4ezd za*fe=Sz`C`Wg*QPy(4Y$T0HUiCClKJktMz6R`sPHf5gPGahZL;Aa-@y^bpO0oWqXB zpN*f5kUK(*Piavu8sRd_dyq7*zB{k|Tw-#D2!rviYVXVpvJIn;<{5l8^x>j{;k`bp z!)(-4)txxvPj5(ck2bSIbuy~hYq-}^+=Q1AGEN1Jqf@4S^{kbKUq%HUGrB&3Og_eI z5f;&`w253~SjH9YuIBJH3KqJ&t(%`=ZyR3+C}S1ut-jg-f=NgUox!qHc4CdZEVO1{ ze;j}WRIm^N6Xpt?k=F=4BHwN?@pG*WN zRU59dA*8C{LO?dYv$nVg1 z!GHCQ{~I=%l_$ZHPS4h}b=~RzAtawQ@*~CLyFl>E!!~NE_@NfwzmbMI%N~;uQ|v}$ zHqL#LC-|W*7P*IdYM5q3j}CwT{8B90gCzn!(bZ`9gR*pTb0cHlOeJaF_9>727`lrQ zH}cu>QBcEy1VAWee5i0`sp97HtB<8R=f|YJP!p^G;*RMPj1>2Z!|Yd3yOI%Km?+{t zGcsN-GjUq*Je|%bZPR-D2V}EnftB8ac^&e+v*_49Bo9~e4Oy&h9*7i6=ZmwqIU_3{ zeEEt)rOMQBJiZ~H&%gHIT{=|%aaBlAuaIY4!6Ir%7LL z?0^fc9uUDw(-}XxoOWV*3B9NZSc`(afMrgd2*4`_&AfJR4tj^6fBl(fSGncrdYV^W zUwh*rcG$qnnj)BMJOuqR7_pQOeFB5y;Y7&G;Ry5pVt_#WdNIBV=1Oi1CPW0rc0a2l zyo0ZXo0Lf}!~2R;Xhjp}wV%cao$2#`$QLRk3@IUNr%`g@bzmW8|Ne!AeHVhMX6(&< z%4adJQ$z4%ESh zQ&LfW$b#T*YfBh^=Z@j~zyh3H!DUeX0NB1eck|CGSoB~|IXhBJcFgPM!x?+%Y! z@ZF1Qd7Xd)CFTt!E%CtENa;$mu8oyEP3-Ygadb_YZ$>V($j?upc8GG}1oETAN^$;t6G)r&l9aLK?POm?*lkrgo*!IWFT#7K>Gnt|9gVmo1$PfmB3z$@(WAnaEbQSU*rI@bSbrZT~ z*&Ej#5P#d~V+scF_dN6O`u|Khnf`}UPA2lEfxm71uTxHpuRQ70o|3G02+ykG#GO50 z1)uTHZBQ73zwhg94)u@pt5BJf|7#{gmk6=X^c%-Ev1_qNFoKPf|GG?BGO4arOQmOQ z1}*PY<1hGY-dA#g`b<;2CqXSU0pG{WaOB)z^m4bVU!@^2YgDaIH8g20IJ_e}LRZul z!dwL>UK>RS3k*WKSG`m8sI0_+XR!d^j5ya#E}08?>ZIz$PlDhp91N#Y->i$T!Yp}a zEc~#_#Y6qO@r+Gfp?rlrvH;dutT(DHMtVJq@dMU+(p9Wm-~(CiEydTp67W5cPRgT? z&fN?nbEut;im)%AI_M^`@H!{`mSQf$&-5xP)IAjXV<9O5*N##C^v35q-up@CJ}sWw z$T)h%@wC)shC&+)y(R7u3)eGEo^$X*Ut3-gOpcA->CQUqsK;v$m_$CZ=6$?1?gNO= zL>93Zt-WZ*+vtfJ&&$Xbsr@|!51*|@ie-^I*D4Zk>ZezcTrHFOKDN*iHfw2^hpft2 zLz&Mc<^`#<>LhYAtBMx8{JFrZp=oOn<^ohy~=HZi_IBiM=fPcM`v-TbbC zlXp(?LvEN<>Njbz$6Hw=&t{(&&KfW|Kx%0lgqcC&Lo$I1R|v(G*iz8pl8{j+c31b>$Sg!U4UbR0iYZQe8ae$)6C5>EtoWKPG;?v$>D@v zlBHIj@CRi2Ttj`-E@I_Z{E-8c1|Vfu!8pj|bp~aoejg_mGuj0Wy{S~^&ZfVD>YTw(pi;1>XJA|D z7+0A5{xTcwg^bgRS`6ViZvFw1V&6C)B&91yY4dBfYA*GuaTVJ<=?bukentp1u1c&tymUO?r_%AxqF41o*v~*xd z6iwWg((CLB44n|8U^=QO2Kz7}_}S-DRrSnlA?q}iT)YU@1AQ@m%&$q0J4?qFbO(k3 zC(9SPg7-HOIM{_VYhGE~Ht(LR$p@WqUm~L@eAe$POiOj3nk9!H-~zXHMJQ=g9?82h z<(+)N?!GGs;iQ&=TA)Bfpr|UbDlETgc4dlK^40jrU6{ARK<2vl!d}fZa~JHa;|_f&oxEGt@pSP17wQ%FU{>ht5!is&(5HrUM*wLKfEPs-3A;fl zEniZX>{0yI)w{+%1F+zg19aUo5O%j zR>0@Dq}slImV}N(zm1F;4iGw$WSeRQ=Q6HXX_ce~; zk-Lw@WTUTov_@UV#tRuw3QH+I`EZ3O_^-F7yvSD|I**T~3d$>U1+iGXA_f*}7iVoa zZr;J+pC{%|P!C&=lHV^I+}qGT)V$kYVOv$!tKB{|Tup9U8J8RzP1ahm`jC}?Qul@r z8nQ7NvHwo>;X(laen3ttpxvo3KzV)fa=3~|!a}s*NA6o~*A5NJBc?)IY&KkLa?^iq zFRi0?<}1`h#_~m5k~{V@afg^^p@wkpfbdJoIGvryLfwS*gw$S5CE2k{@QKunEK3di z%Gl|$010F-n}Q}ewngBAo7?q(xvNFW57?N7W~rPqzq{K7@B+kIh&|!sS}&vP-p+c zWX_*!s6}F;yY1-iK7S5%9@r_R_zf8Z>udgN!TiTOyWj(K;(H(m*v?4=Z3Cmv+g1&} zw5GQ0=ZW4G4&$D5S_Dsj{&*zV9wQXBGeQlxjWZ5X-MCx!qKo`PVU(WV{rQ=Df~fAV zPac{`$R`5w>@=xQ88Hv@#BDu8BO=)xFfB3n6fGIRq)N z^H?V;k+9WvW)jbQzH9}#SqYvSNBDyMq9jSlhX>hxuC$#sg_@@3xy1koLU!}hvfJyv z3gmlF+T3j6+=a6l9b+_BG3}tQuE=ik2n>yZ{VC~ITsj=MG8-G78kCk&De5hQ=Rl%~ zl`22WPxSTuW)717yJ#GUUri1I0}q$&T+&6rmZ>e#j+uyRrD*xjGPZ~V0fQTfNZ~5E zEnHM>zDppJFeDUQfWIu$0j~{SCZ^L{6`XBtgA0w&xWT=WA(sI|MS_r-&zlb=dvuN7 z%eIuahpkn{mp{X(dT;eR6T-A z#tahM6AuE$_Zi|C8+xHa`FPz=#bVG}XICa4u^u}MYwBpH&!ZxOjNVXF7GJX0)@o({ za4ZhiN|MVu%rviI)rhUs8p}#^&~BV{Uq6(`u3CqECa)W08X`PoHja_@fCVCg@Yw{dZd8Fx3?+bTU0=3nR8CO@%`bL+KQ zgORC67rG;Z8;zv;=CV<&ZQ^(6ok?+sHvKNN?0mwka-Y2+HQn4}n@>Jwsd{h%LPRd= zO+zYr)z@AO1Z=&uGjQP0 zhMLuoW_$(~72dQRh6V<(Oa0BF?z+zgFs*|`W3~oRy&LBdZg4ZvG0)Eb2>c_nOvmx$ zTH_ieY2osC3ttyF?(BOj$Fn@9b$*+jvH?}eggddJw4o$g0Va9XP+Cx^1QYMqB-0Y+ zm4)8UE|(*cT@VoSxXLg&+v+3PAfpne((ZCNPRIW?%;hD-G^9uti!s!NyXO<7)G3|ne_pAdWGQp zX5j1h!D)Lanfp!7gK^Mcb=H`sXgYOcq4cm}n{-J>$MuzIroDD-Nq_M2L*Q!P2-pHH zzGNrX)>~Y(O_ODmqJ_=IqtA%+`~J8tWag3(zcSwfc6NO%C9$RJrM;2h{xwd+A&VIn9Xu+28!uG^Wow)52ou)1Ou<{Z_o7gnv4 z$wg`--sm^KTaL30cPZFBqj9N8`vf)^K|Wib%r_Sq2&iV56GXT4ltW3(B60a84-Qb8 z!qNJ5bOQ{~ch48C+khI1E=Aq!ZYs(%5m{Z*pAD-Qzh)zlLWWUUzCboE(XNdlG>)+CN^Ub-?@>2x%)VtU?AHQp-BL$EywWhT;kmm$!poI$}3E z^NEe+7aN!LryUHua}S>6{vjO(y8mX=-J(|2(hY>_gXZ=oH)+V7nBr`;GMEdzLEES( z#+We8r`@a6uI-Njer{0YB(*fy=I!Syp#9^L`VS4lRv6w0UK72Dk&SgB0HM0n@?w^P)lyAPe72Af%foJCT*sl#876>wX0(oydr ziHZ7OKud)Tv3|B6h6z~%v}=0H6yBk*nr%G1Q?%yYlgq?X870kqGzbyh<7oc25wQ0^ z`^NvC<^MX(`9C_b1hR67@UKk$U$VSNH&L-eMIR@ZMDZ*b$hZWQ%yf&@we87wt9HV{oHnO%-C2$1V z+b%!eVW2YSZ`5IxXS9TcUSm$7&PzZv4V5&o<*oX#$I)%uKY;UtFS!==MhC7{l5VVfa&Cbl#m%oWJ0An z#`?WfZw7Xcho%AAW&rH9(~b@)lzmGkx=}sxz9?^oj2~Zu)@Twj96=GeS{rLjacqJJ zs}s=W1wT}W>G3$JI!T6PM+6Y`9`h#AZ&iD$XD0-W;bjxZzKX>AaaxgCw9}o?LRy*j zv*v8QdXt$4&VQT$Z=e{ldy#-8gH1T+ajl`OuhTKXDLap_k0gF`auXnaB)ma1Q>l{D z$3sxge*)cuNQsdd&=_P!=~vyXbGDngy`oRG2lGvG@3MGvzHzk7_%AA%qE=x}(jW50 z5HTRHj$H~r`ZGcsvMq^{zT3nw;Ep6xhBFGcb|sSakD^9BtVRja*x;D4u`w7<8G@x; z?a8tCakY7xti{dsxI-7K&)NtelH@3uPt{jpAx%_sumFQjy)K)YTH?Uw0Xa%t-+#00O3-=UyTofN+q?C; zg%`enlRU5xnJ#&up!|`%*<)QIK@+e%X7ho(%`kTpcc-XbQ*9#P3&ib)n)=KMdA9Zq z<44HCf^gtj0Dea&Wl%VPW=}BkK`7`kx?obj+dDpy$JONd<+&r+TPYG2?trf;zyr|R zqedS_sE&vj#k$Ms+Qt(qJEMS4ybBMF9e*v8O3k@};k@T&GK)%{$?}-ExWfVS)$2Wk z(dH0f>%p4-v(ssbv){QKokMF%x6170ozT3rdDgS7qDpm(Dc~Pgw%WvPUT=umiShW0 z<|M>f$h#ItJ}s=6qmlqOessvu7|F~?3wKpa+MyTh5b+YXwo4J`*>$_1O75%KEqP8x ziZdxHqm}mYUbQ3j(rXGDmK$j)aq2fh&sTf@c70{OlASobnLahD=ESa#&~v0NCnL!i zWgKfh_RTX&mk>|B1ZQ7kvs?bgQQL9eiwz@20g5xJp>XF#hd1$t5SbID5qn4_@q0OC zSXLm1eGaN9pwe)v8xax8@5k@)wvdXolVEy%ca^yeiJBwbK@48+OM)? zUyDJ;cx$DGk20&q#;jlIb3nd~qlJMF2A{k8iRe;YoBmBgiOXgi=9IrJya$Ep{3R$3f<1$f~ZdY)e?VXo7&={1x=Yk-0V^}aP4`+0eKWrzBGkC z%&wL~d($~h^FvSl$gXb^Hnh#*9}#Z&2w?MWiqT;Vo3LQ3xRz3WX)^z9V{G3)V5^rC$5_maC1jk#QR^bV1x(^y2Dvld(5oh1U#IWu5D~YYhJfTf#iV4y75AifG|K4DZKq>#$ttbe$7l4j zed}IoUotE*Dz|+cxs|3GkNm!Fqh}-zGvhsF9Z}(#rRMg|ukf;o$7jE_x$t&WQ;xJJ z`W@oT+f0^%q%`91$^T29J77!DwkbBEjP8C5O5wrSg1WCNZ9PX9Z%*zF0{7r!Qv~*9 z+)W{fk@M8dM7=av!07`ijWvACQumMvn_U)UBvyZwbA?*XP{lTs0nH0_o0&8E;#bJr zpNdf0>QuM;t*t4gd1NVXf&1!%u?y?wU%2XTk5WG~lLiLbtQ&^lpabVC%Ip+^F?y6_ z-ulTqsqPU(Vv~_}&#nc_&v`0~bA?DoLgm$)(4~Y@>;aa3wF#T3N>@X#8JpZs05}>0 z`M)zl;blU;#P|S!BV)!0Nso98w(WmZ~rvbgdFE zA_9e9LZTP0G{@a4tdXxzD5BAxaxES$RY?u-x5x63udgpKaJgu6Q@Hn9Ml!D3Gf#E& zW9?8xn$KsVz&!vw(vEln>pXJ=2|+#zX48?B%gv!&2-yK#Go86*=vx*(U49SWBmuEp zh+aBUKR>J)vAe`5MW7Q?QTh|`VdPVXLsBq{5<3kT`c&c5&8bWE?0Q}NwDp84j*l_@ zRzSmW@m&1^OB~$!I(zL0NUZ35%8%j zb2WzZS#|74x;@pT?gCgwbBqJ^nMxn8Z)v_+tc&O^=j@iz^^1K3#o6VgZ}4)hnSB_q zhiPvSc6j~-SkZqbXIRyT;DT|#>7>(Lq#bEXj6@vHD#u^14Z0ENYjw*HKA@}czhRN2 z95`It&@Tti2sI`e+0__4=!3$|*IalOb%Ou0g;ANhvW?l=@K{rtN`bA1sKv97l|u1_k^SJ8ffGaeNYnV`_|*31UY||@ zGJ3zZc@z|W7Seadz z9Bh;1YN1E2MgK7XvVWt9{thqaGyJd)ncSGW0}nZUAbY8Bz?orYI7H;z7gx;G#H3b0 zSbq2(G(@EjDLDXY1b~IBF5X`mXyel^lm|kFu@Fey3T73l!yj{jqSK-aEG_9#rgrAv zhwEjvg44P7t-4lGJh=HlRG0Je!yVD9o^X&wWrpjQa2UiUT>wa}b8^Q&^7irmHA3b_ z@OsDsl;B)H#G##7(57JK1`=QCVkOinQA`gqi~I565$=`FW>dn2vX?U809(hH zcqP0#h3Oc7b|Fk@R3aSn>_4f`B|H^IoC6Av!m`a7E}b|MhF2a}`!cemmD&SRs3I&d zTO-$sGRw&z`{$B4FsO0ZipJ4O6!`{wTv@$My_#4;GJm$3f^4BtPHYHZx`kNr5@HY2 zfo>p$<*%oc_=cOEi8UHdx18B0mGZ>}%z!PQ_rIuS-8=oMPkRv-I{kF`CvBDyWV3_s zD~BfikEEpI(tb^%95`{zptk`%nFDkz<^+$NId3880w)x#O5M<$?y{Gpnl?nZB_ z_evIAmIWWdMLUQ5(J@gft?8IjH8Ny;&7UC-aM?>TCeS7=sq6`l*DVa4nMv+xsH;0U z%XSwj%ks6QIsFmGrNF3@mgIIph*eEqv$nikymQNHe+9$vY~;DhF35V=hK1PIxMi?` z+jgPHgBqL(THi6wlTJ|DAaQ4#P3-q@>=LFcFtvWYq`iB6yiy}C5nAJ)yl+|pXkLi^ zIVX1pn4mLJPklyJG__}YjAy9$cvV;#m_acBPD*(+DLi`|RhA|4Xdau&QiAcmyyqK} z-P63?E+q@$?zd23c3_oNPC4&Bniy|=F<2};(>1>tYHmVQ*6`c`G*HrMQ=1mAmd z=X-3vrq&r{V!k}dV79&D9f9CRcx4b~U9G=elE(QlSJ*ls7R2xIwOGD4$432j{tI|~ zh@iY*i&wW%7p>vwOuy;2rVJ1t^M=Fi=BY^{1AeFZm~a_1?*>w__5m>|8P*Uo9z z@dU3Jo6+0V1q^QcJ0&)WuAdnB32T@A99p*`4-QvD!7)2NaSq9bPdK*kn>>w=kE4nL zPu+FRCt{uZtu6qJL2YNvtxqCY57{wu`c~X=-P7_zY*F-?ver53@+3{NIr$>1hd3QVhrpZfO41f7O*B|w+xu&u zaKGpQ{HY)KKnOHY3?|~RO z7BZcfIhR1Tg$I2h*XEz|9ZWhK=E^0507f~hMq~@P+HegNUFDwfdczqW3B|$3?!#yA zqR5Q|a#EG1NA>Sd6_38~qSEVP+D^27%w|! zT>1*$gK9OJuREI5Cq=P?Ibi+vD1$*C7k}ut2=~Blyn-fg!_dGtRajmTxBMMI^8sEp zfc+;}1oMr@=(`!q>q9m4I|oNJ z3W<68k@Lxnxq4}wdtp(7(ofxBDxIa3`lgfUxvtSn`|r_T?Is`2;@IizyLxbU%}t2A zQ{Bqt<}m1&4F~J+eIaU~iR9X``uA`BHR(`h`pqD36!WZ5!JvYGxl%+}9JqP{>kCOU zswwBpJ)+=mB5S`C8lSGv`tjoSQF=Ho$tJ zQ*X5*7$*V5((gJ8ol@Ysh`iAb6wmCEkOyR;2(eynkz{rCg?X6l-C%(Uy6arPac|LutaG-xV0p5?8Fx>ctRX!KCZfEt!;;0O$$D=Krd(Ll_ z7t&Ds9i3IS&5%Ae)6#P)>^>`U!w zOS>KuIV6>!%?hfEzUQ!a4kpcY&`=uA9lBH}Uv*7{yy#FJ5|ZJ`Afi6iqfA2h0^ zS7_}ZR=b{oTwaI5bH?wN*G|BD5-#x{X7t+}VubRYldcY}tdm zyW2s7yK8WFcXxLPIrzcdg3EyrBuEHu2@)KF2G@|_?$GdhyzUZOXTCeFzYQvqX;j`3JLx?tyErbDqeL@5JcF zXBx$%aiqYXNTv?Fn)m&9ztLY36UwJuzw!Z%->CXK#n_ZE>KwwONNe4IT61?TuqWO7VV zSTlI5H3ISq!SwHMgfGjFnY{6lWlT$x&pQa#c9@Tcu4~maI8#ZlAX?gn1mR2C#%n5s z*dVe3g&|Bf)hu59pG%z5BEY~0!OKMaGH7v54Vn{Ek1Ogb7uh@1H9Bi3Dmemqs#0IY zDP>WfgD|Z#8xD~*#k3<4PL-!y|FU+L>P!*b!3k8Rr>9FK7uOyC{A)jCf=#_33=KtF zw=#ra7016~k}2 zT(r$k-7NU{4!IA_9Po0yC9NWGZ@XzsJsi8lUcD}ie=`-`6xtencW1`({v2wdxRcL{ zUNZIC3w4yqL7CU&f#oMA1Ghqy^jQh$_r{aI2`?oWU`i{UbQzg_b{Kb~P6qTtH)(En z#i+nxC%{B(=*dJM1CML+r+y(LU-X1i{2jEaQCsU9k3(0JZD)7_1*{`jS<)CVB*$kg zYn>ms%q?&*d+ZIHLz1dFwbb}Lgz3>>h?vw~-f`1- zZ0S;VT}#MtgvEp+VUf~pGkJ34_gnHW244bziH4rEt8C;=b&hdq@BFwNfdg~QJIbFpDfiB?}>H%Oc4O24|OD&EfE8f0WQ>Ali6${L6Uy(FL zJw-fohPjYwno$a{QD*CuGh%58VkkRkJf?j0cA+i<^C~}!xoo;E(=hp*1B0_M#IAW{ zmN!D1uC7y^7u;K~#s(V6hbkj}?JhRihlW7_FEraZL-;}Hoz}2v2kU2Q2DK^Uyc@kO zpUYb=pbv$cN-uIe%HxDAGL-TBAw?McN*dibM0&6v2jb+&j9ZXCuDHQxoWFb0+KauN zc#vMk08)O0|AKlZ2FMVZ%G`r@;o%Uj=5l6ZkT@>b)DNZtbxLM{$iHq$K-=rl46^^A zsQ2M;LhN*A|4?WdMiS;QD5~A5*X}-$NYf{n_X{NU zd^S?tG86QRPrV%q7cuj;}jMP?y1r23i3hH|N~+f9Fau z4mh1@WKjn16_w-}>t?e0>RyNuB?>_6fFBB_frTR4!R(=} z(0b?7tjP}TqTT^BHR=NJ#|FC~rzym{ItX{kjzHzY+c#4~>at$dZ`JPH6E?i_EQST# z0))0_CNmwRi4Nd&cvbmS6El*nw^1bL#*-2(;v2M$DTeNPdSb_N_xZpoL4bgYK05xe z1n-(sCH)wu6%IRZ4$y$l2BYQRWX-UEdzP_#KJXzuu?FMI1W~jBE2E-;a4NOx#3QEJfRZ9704a) zld&TrZry@-rU)WDh<&g#sF*C5K!Rab%?)49Uw3tpDgRkGOkJFV> z3TFdO5DQgAe;j0y7ayqNu%VBgDOFog6?P;Z)M(Op?<&FY1?>_Si!E2|!m#XH%p3l@g*OjS&E&!|(t$^^RX~^G48M_=xX>o|zD8t>Y1C*CMoBB@WA+wJhwd zHCNKtN{baPyjeTH(x2Ur>l1rMOJY$Waj{by1tuBSEl(%UolFY&>XuxkEYYBXbyEeS zDQsw5s=1LqpG%&z@Jp#VYkN-LVBg*n2PvHN#3H$VOgY=0h^osEiMr}u_t10dlyK>B zsv`D@ns0`CkGF2~gR6J7PqGAtN@wD5hiaZkduG^=#Oigma)?8n>{+09Og9c#AI2hG zbPe4JD_*VlHEQ7P1|zR~XT*XR4^r%grKCkWX*o(~oBO^7bIgaX<#{xSZ(pjM^GSzJ zNUMiXhr0o=*LBD5Ux)Jinvl zjEGbR+}F_6Su-5rpYAF*o{-(^G-eEc=>WWBoluWT`IB3B(B>hIBr%_}0r%l@td(|6 zVC~kJBncrumPSjRAac^=)6U;CYBsvFFj@Vs7(rZayV)Y;>o;mYw<5%@711fK#?z75V_? zQa-d175l(-Y6q5`)}>V^BSEyOF~`jFo#qtYK#=Fg{n2;=D_wmJ$J{~|4b0~Lp#DbF zCi!=P&A5QPTD=eHq};7(bB~D)%=d1YNv~Lt1Fin=(O+&19|iKwE=pt1?nu+|m9XToZDkbigu-uf@`xF~48lcLKFk_?uQ{@$d?^K%TlKcYDfhId=!J zDKFy1y^3U*9?WwFF=0Qxd3xjw*M#~|$nsU5sr&LCt*^WU>ya?11j)M--q?_S(f=wm zH~LW%ofSzm$?ww;k*1UMhLq(33ex8mhoL-@v?{uH-UIXRqK|C9!tJH;Gt;n&WT*>U z?jZv|xE-KXPt599$C@Hlk1$zcmM{*$iVcNlXB}&BIo%kJv78z-{u*3B15|hDNLGuh z5irHx+|rIWr6P&viN9o{@Gv64;khs43;ude4aNOu=hRT#sydr5|M2{8y-|Fj#z3{B zb#hhmXE?fGVmmf>d-y!pCkdRj@UG%P5NX;w248g@GTpT~^ez4&(v9lxOdlfMR`Ssp zRCbPDE5@x@8xwijt}RhV8cGmL)6XmxE-Tg#+MlB9;)zZK^UR3W+FmfPf=!qdfpEpI z*{Zd?DD(Cum+%b{CddygyyacG(_sa8Stc`t&Z)do(f0cvDmozSeJ;5av5&hEl#L7V^(y3t<$IGFxG^V z#@jCFC!H_bTkPE_P2RAm3c}_gI^+eF*J}oqu7+k?76xT`C4SJ9agjh1E++FEIbJ8{ zuG|eF3PA<89kPkV;oZu#LwUh}?bt^U0c$XTf8npr!&Ls6^DvdZvqmX2vRA0SiR}?& zD-NvI@vNp>smjq`Qsjm`R+_FL`^Uq}&Napy^u;oUmq>jFB(D-a{d^>5o`x1eGtyE^ zlIn@&&NUsmNs4x{c>8+wu!T+d(rqCOgWsEgk79}I3ARfzmj(bT24l%qpWS)fQaf=W zFKm9lhHt#PTGafGW0<^Bzc$`VmsaATQ4gm)xPKj}kBJryZ;QuT$YYADQ@3 zj=xj&D5bVkgb-*JZcx2&OKkooEKH@+&ZLteK*5-}vV?yujxSe|l^smMy~!7o#Ky!V zh8IpaD{029lD{_tgHU~TtF}WAk4W}VL&UkJ0AR7DM^rAt&34g}h;)@KVGbvVykP#M z{Ih^&J~7>HeV5+a&xL<)8in>snV^6Qly7Z1YdZ;=rSB%PFE&t%Ap%vK+98G1p;_u=K|Hp}zk0gtQf=M` zwZwcg^HNRnk{aG8@qKNJGhPgL7*`S@eSC-=pjOeXtpNo}P4Ih~IYHsFq#M{*T$r}F-b6nbud+_)O8aUX9W zVRmr>6Zb4i`R;(67FmP4Wp4}=);j+pZZ)h{GsgRto|=ZPJ^THEaFw4*v~(*i=`TuW z#}EN}&njQ=H%h7hP$@P4k*p8~boV|ix5bq4wSw1U$}Mu`3|I&&X`$$aXJ!Hskn+s& zg1_N0`a>S0iGG<~8v2w(EO%+da@p0Zyf}51la{TN22tGZ1Y~x0t+j!vBI0&~A8_I@ zLYy>X(sb7QTo#se4$8l>6C5T-Q5Dm%%o=kx(Rclnb1Qwi>NNF}wYgsu3QQpaw4T+y z;BOR?|Di(iWF#YW0dCK&ybS2tmeB#2Ey$TfgA)7o3x}>E%0F_$AUUe%StZo}X>Ik- zbqmOp=vo$gg}=;+*)PkFR7qpoN6Mg6l0sZuEN7 zf|<8*OD1g4JKe?T)z5vkjeNlOw2f`TLh4Tc4t(BeWYU^8eC1*xx2fiyx*dK>dk0y>dWW=*II}F}D4d-W={!Gp*)&lh#y2YRy$IR=Sy@HLmKk?+zPMs;PF*2!;@)CY1K|ck_iaHW1_wBi&bFVKA zu4w>0CY$>VlUoue+OJlcyt?ZSei)(DEPT78k!wdBAYwp-v#4;PaOpum-W9}%pUdS_ zWvTx;vR${~X2N&n6w+B^Hy2**A<}z4dz^+}^r7|Sn3(n8;SLK;zhlPS1!HgZOV`kD zYF2sYstL_c+S%f{o6OnzIrx1dI-lbmC7IQ1#^`%Q`76*xwywi;gk?hS0~Sad@T1Ur z49Um7-v-Iv_O}QT-B3ARn}Jk4NX%)Ke?tkq>B2_I$3K7rbs9Q;7H=DR0DPNQX-m0% z*BE};mtzfHB?xIkBukB1b7ENcBy{rK_QuBR6;N9sRD1|Oq)tU*GywAez1P<{Hl5S` zL~VXGQt6Irj>e0I)RN`ARWev!HIsroMMjbX779%W-e6ihv>6{mTt;25Y3c!z2iT`8%4rDatcd;OA?IO5xIuUZ&aQ~Uhov{3mmveL zibUx-Jb)Zmz8tggiXdx}n>FIAm$hEwTheV1)mT0Gl(tF3<=R|07ZS551XEp7bW@dIEIRjcC?ooevlgm5mr@3M0GR>wlUeQr}hHwrn9RjnxD=QKb#t8>g*CGwbtfdUrP}6lvk!%f$QK) z<4ZOIvC;mKY=o)&@1CgtAKe06YNd&(!voQRp_+-77c4pmy|cC6uS*|$6jgsCX7SEk zu=Vt%s`lJdzl_(6OJ4)2SRZOt@rVbv{ zM*vPS_--Sa&GV;-k#E#)o&+b>01H|0`R-TE0%{K1w{5~1Y{U|Cp%2C=L8%T+Y2nmp znWtyCUG^cT$XbM$TM2kc4DXD^V0o&Pa0s;R>CM|Pb!(EikAgm!VAk}W^=dtwMJ7>d&> z$yNBv_)|RYLh=YnxV0~$HyLk#`P$n;yX_wUQg*SGv#2Ca;Fb-#8&&%`X;Ml>=Vxv& zLZ`?l<#A_rwn-|kJ!zZJgEXZsVi-WoHf!Rq<(r%M=BNh&QgUmW#&h4Kd^WWM%t?gs zVe>+0Cg@IcN$j4-5DP2EM9^^;@nf(+yY%Ln22boreT)jeX{|0{?#JNsq)Jr=XUm;{ zDcljSTJ;v%;YMa}n)!IjR=bZ_3GF07U zYO7oa&rPJo4HjRE5i4u#sML~UZ)oE__%AEbJ8La-3ux4pKUUj6PC-`JR3i2i?8esk z(Nw7StS6QwqlF`_M|N_Lt|%l^eyzWgMmN@kC*1%6&AF9Fu|uQJ;dcbk_V!m(i!RCK z?@`Il6(qj}CgX|O?W3!dzP|UzDxei^mUvB=wu=LOoxJ8ESU{J-0A{+ z`wg+9E*`KYM|6fW6Lf4pv&hk9e*uz0tlMb7VQ?Jch5P;T-J8Xx;rmV%K^yB7jSXAPIl z{2=FvVg;6}>lB;>gq+OLVq$5zHIv`Ew~j3f_tYwyC7R&l7ne{-wIj*9lyr2eUQxY< zR<7__3QOO;!n+en@i037*PmiN&)I1FyyJVpU;9M^=>M!=G=TmXLF3=CNbM0}bm31d z87r$r-z)Mhe9jd!K@#RAh~;q5{-*)!-;lBYAsKu0+0K7#QVCq6f&LZTLynYnv=20g zxIY|69?O1cPra~?J+nqVKmUTiVO9S_R`nX2qyJ##H<&a(_hemMSO-CEuzELx9%h5d zUio?bT0ta{5&_Tj_HmR??PM^=Pr# zA7Q>*MgP9Qen{1c`4BEzm|e1}ggK=5oqL}2UH7f#ZeKy%tU^{VA=E$vk(g-Nct(7( zkk5z@yd17DRkm^HCuj0Qe+g(UH3p|$2iKMg0;|sFZ-rFmSvO*d_iUUZY5$g zMXpRrt#YDNjG9g==X^Wdb`BpuwWvNqO+>Vn>46|rldz_w5sS31Hms6*O#zVoe>N-tkgtl~3{9-La2^kahi`=TsF`W167zTM2c}u6bQQ!0x}OOZ%%A}J t&txz78{cUD&^H>4IW-3>xLZkVZh?3F^1m*0Z8}iLfQ>~;B?6Z${{=ZDM2i3b literal 0 HcmV?d00001 diff --git a/testing/btest/scripts/base/protocols/quic/decrypt-fail-google-de-51833.zeek b/testing/btest/scripts/base/protocols/quic/decrypt-fail-google-de-51833.zeek new file mode 100644 index 0000000000..23c9cdaf0e --- /dev/null +++ b/testing/btest/scripts/base/protocols/quic/decrypt-fail-google-de-51833.zeek @@ -0,0 +1,12 @@ +# @TEST-DOC: PCAP for which decryption failed due to not using the initial destination connection ID consistently. + +# @TEST-REQUIRES: ${SCRIPTS}/have-spicy +# @TEST-EXEC: zeek -Cr $TRACES/quic/quic-decrypt-fail-google-de-51833.pcap base/protocols/quic +# @TEST-EXEC: test ! -f analyzer.log +# @TEST-EXEC: test ! -f dpd.log +# @TEST-EXEC: zeek-cut -m ts uid history service < conn.log > conn.log.cut +# @TEST-EXEC: btest-diff conn.log.cut +# @TEST-EXEC: zeek-cut -m ts uid server_name history < quic.log > quic.log.cut +# @TEST-EXEC: btest-diff quic.log.cut +# @TEST-EXEC: zeek-cut -m ts uid version cipher curve server_name resumed last_alert next_protocol established ssl_history < ssl.log > ssl.log.cut +# @TEST-EXEC: btest-diff ssl.log.cut