From 15a45089aaa482cf75df6b379ad2b0c2e107c021 Mon Sep 17 00:00:00 2001 From: Juergen Kunz Date: Tue, 10 Feb 2026 21:19:13 +0000 Subject: [PATCH] feat(security): migrate content scanning and bounce detection to Rust security bridge; add scanContent IPC command and Rust content scanner with tests; update TS RustSecurityBridge and callers, and adjust CI package references --- .gitea/workflows/npm-publish.yml | 16 +- changelog.md | 10 + dist_ts/mail/core/classes.bouncemanager.d.ts | 15 - dist_ts/mail/core/classes.bouncemanager.js | 234 +------- dist_ts/security/classes.contentscanner.d.ts | 52 +- dist_ts/security/classes.contentscanner.js | 439 +++------------ .../security/classes.ipreputationchecker.js | 7 +- .../security/classes.rustsecuritybridge.d.ts | 15 +- .../security/classes.rustsecuritybridge.js | 6 +- readme.plan.md | 212 +------ rust/Cargo.lock | 1 + rust/crates/mailer-bin/src/main.rs | 21 +- rust/crates/mailer-security/Cargo.toml | 1 + .../mailer-security/src/content_scanner.rs | 515 +++++++++++++++++ rust/crates/mailer-security/src/lib.rs | 1 + test/test.bouncemanager.ts | 11 + test/test.contentscanner.ts | 11 + ts/00_commitinfo_data.ts | 2 +- ts/mail/core/classes.bouncemanager.ts | 253 +-------- ts/security/classes.contentscanner.ts | 525 ++++-------------- ts/security/classes.rustsecuritybridge.ts | 27 + 21 files changed, 844 insertions(+), 1530 deletions(-) create mode 100644 rust/crates/mailer-security/src/content_scanner.rs diff --git a/.gitea/workflows/npm-publish.yml b/.gitea/workflows/npm-publish.yml index d4abc2b..ae225d5 100644 --- a/.gitea/workflows/npm-publish.yml +++ b/.gitea/workflows/npm-publish.yml @@ -84,7 +84,7 @@ jobs: mailer --version || echo "Note: Binary execution may fail in CI environment" echo "" echo "Checking installed files:" - npm ls -g @serve.zone/mailer || true + npm ls -g @push.rocks/smartmta || true - name: Publish to npm env: @@ -93,10 +93,10 @@ jobs: echo "Publishing to npm registry..." npm publish --access public echo "" - echo "✅ Successfully published @serve.zone/mailer to npm!" + echo "✅ Successfully published @push.rocks/smartmta to npm!" echo "" echo "Package info:" - npm view @serve.zone/mailer + npm view @push.rocks/smartmta - name: Verify npm package run: | @@ -104,10 +104,10 @@ jobs: sleep 30 echo "" echo "Verifying published package..." - npm view @serve.zone/mailer + npm view @push.rocks/smartmta echo "" echo "Testing installation from npm:" - npm install -g @serve.zone/mailer + npm install -g @push.rocks/smartmta echo "" echo "Package installed successfully!" which mailer || echo "Binary location check skipped" @@ -118,12 +118,12 @@ jobs: echo " npm Publish Complete!" echo "================================================" echo "" - echo "✅ Package: @serve.zone/mailer" + echo "✅ Package: @push.rocks/smartmta" echo "✅ Version: ${{ steps.version.outputs.version }}" echo "" echo "Installation:" - echo " npm install -g @serve.zone/mailer" + echo " npm install -g @push.rocks/smartmta" echo "" echo "Registry:" - echo " https://www.npmjs.com/package/@serve.zone/mailer" + echo " https://www.npmjs.com/package/@push.rocks/smartmta" echo "" diff --git a/changelog.md b/changelog.md index 4cbb32c..62d6b1c 100644 --- a/changelog.md +++ b/changelog.md @@ -1,5 +1,15 @@ # Changelog +## 2026-02-10 - 2.1.0 - feat(security) +migrate content scanning and bounce detection to Rust security bridge; add scanContent IPC command and Rust content scanner with tests; update TS RustSecurityBridge and callers, and adjust CI package references + +- Add Rust content scanner implementation (rust/crates/mailer-security/src/content_scanner.rs) with pattern-based detection and unit tests (~515 lines) +- Expose new IPC command 'scanContent' in mailer-bin and marshal results via JSON for the RustSecurityBridge +- Update TypeScript RustSecurityBridge with scanContent typing and method, and replace local JS detection logic (bounce/content) to call Rust bridge +- Update tests to start/stop the RustSecurityBridge and rely on Rust-based detection (test updates in test.bouncemanager.ts and test.contentscanner.ts) +- Update CI workflow messages and package references from @serve.zone/mailer to @push.rocks/smartmta +- Add regex dependency to rust mailer-security workspace (Cargo.toml / Cargo.lock updated) + ## 2026-02-10 - 2.0.1 - fix(docs/readme) update README: clarify APIs, document RustSecurityBridge, update examples and architecture diagram diff --git a/dist_ts/mail/core/classes.bouncemanager.d.ts b/dist_ts/mail/core/classes.bouncemanager.d.ts index 73cf3cb..33d671d 100644 --- a/dist_ts/mail/core/classes.bouncemanager.d.ts +++ b/dist_ts/mail/core/classes.bouncemanager.d.ts @@ -165,21 +165,6 @@ export declare class BounceManager { type: BounceType; category: BounceCategory; } | null; - /** - * Analyze SMTP response and diagnostic codes to determine bounce type - * @param smtpResponse SMTP response string - * @param diagnosticCode Diagnostic code from bounce - * @param statusCode Status code from bounce - * @returns Detected bounce type and category - */ - private detectBounceType; - /** - * Check if text matches any pattern for a bounce type - * @param text Text to check against patterns - * @param bounceType Bounce type to get patterns for - * @returns Whether the text matches any pattern - */ - private matchesPattern; /** * Get all known hard bounced addresses * @returns Array of hard bounced email addresses diff --git a/dist_ts/mail/core/classes.bouncemanager.js b/dist_ts/mail/core/classes.bouncemanager.js index a9dd7d9..fce89fd 100644 --- a/dist_ts/mail/core/classes.bouncemanager.js +++ b/dist_ts/mail/core/classes.bouncemanager.js @@ -2,6 +2,7 @@ import * as plugins from '../../plugins.js'; import * as paths from '../../paths.js'; import { logger } from '../../logger.js'; import { SecurityLogger, SecurityLogLevel, SecurityEventType } from '../../security/index.js'; +import { RustSecurityBridge } from '../../security/classes.rustsecuritybridge.js'; import { LRUCache } from 'lru-cache'; /** * Bounce types for categorizing the reasons for bounces @@ -37,109 +38,6 @@ export var BounceCategory; BounceCategory["AUTO_RESPONSE"] = "auto_response"; BounceCategory["UNKNOWN"] = "unknown"; })(BounceCategory || (BounceCategory = {})); -/** - * Email bounce patterns to identify bounce types in SMTP responses and bounce messages - */ -const BOUNCE_PATTERNS = { - // Hard bounce patterns - [BounceType.INVALID_RECIPIENT]: [ - /no such user/i, - /user unknown/i, - /does not exist/i, - /invalid recipient/i, - /unknown recipient/i, - /no mailbox/i, - /user not found/i, - /recipient address rejected/i, - /550 5\.1\.1/i - ], - [BounceType.DOMAIN_NOT_FOUND]: [ - /domain not found/i, - /unknown domain/i, - /no such domain/i, - /host not found/i, - /domain invalid/i, - /550 5\.1\.2/i - ], - [BounceType.MAILBOX_FULL]: [ - /mailbox full/i, - /over quota/i, - /quota exceeded/i, - /552 5\.2\.2/i - ], - [BounceType.MAILBOX_INACTIVE]: [ - /mailbox disabled/i, - /mailbox inactive/i, - /account disabled/i, - /mailbox not active/i, - /account suspended/i - ], - [BounceType.BLOCKED]: [ - /blocked/i, - /rejected/i, - /denied/i, - /blacklisted/i, - /prohibited/i, - /refused/i, - /550 5\.7\./i - ], - [BounceType.SPAM_RELATED]: [ - /spam/i, - /bulk mail/i, - /content rejected/i, - /message rejected/i, - /550 5\.7\.1/i - ], - // Soft bounce patterns - [BounceType.SERVER_UNAVAILABLE]: [ - /server unavailable/i, - /service unavailable/i, - /try again later/i, - /try later/i, - /451 4\.3\./i, - /421 4\.3\./i - ], - [BounceType.TEMPORARY_FAILURE]: [ - /temporary failure/i, - /temporary error/i, - /temporary problem/i, - /try again/i, - /451 4\./i - ], - [BounceType.QUOTA_EXCEEDED]: [ - /quota temporarily exceeded/i, - /mailbox temporarily full/i, - /452 4\.2\.2/i - ], - [BounceType.NETWORK_ERROR]: [ - /network error/i, - /connection error/i, - /connection timed out/i, - /routing error/i, - /421 4\.4\./i - ], - [BounceType.TIMEOUT]: [ - /timed out/i, - /timeout/i, - /450 4\.4\.2/i - ], - // Auto-responses - [BounceType.AUTO_RESPONSE]: [ - /auto[- ]reply/i, - /auto[- ]response/i, - /vacation/i, - /out of office/i, - /away from office/i, - /on vacation/i, - /automatic reply/i - ], - [BounceType.CHALLENGE_RESPONSE]: [ - /challenge[- ]response/i, - /verify your email/i, - /confirm your email/i, - /email verification/i - ] -}; /** * Manager for handling email bounces */ @@ -206,11 +104,16 @@ export class BounceManager { retryCount: bounceData.retryCount || 0, nextRetryTime: bounceData.nextRetryTime }; - // Determine bounce type and category if not provided + // Determine bounce type and category via Rust bridge if not provided if (!bounceData.bounceType || bounceData.bounceType === BounceType.UNKNOWN) { - const bounceInfo = this.detectBounceType(bounce.smtpResponse || '', bounce.diagnosticCode || '', bounce.statusCode || ''); - bounce.bounceType = bounceInfo.type; - bounce.bounceCategory = bounceInfo.category; + const bridge = RustSecurityBridge.getInstance(); + const rustResult = await bridge.detectBounce({ + smtpResponse: bounce.smtpResponse, + diagnosticCode: bounce.diagnosticCode, + statusCode: bounce.statusCode, + }); + bounce.bounceType = rustResult.bounce_type; + bounce.bounceCategory = rustResult.category; } // Process the bounce based on category switch (bounce.bounceCategory) { @@ -626,121 +529,6 @@ export class BounceManager { getBounceInfo(email) { return this.bounceCache.get(email.toLowerCase()) || null; } - /** - * Analyze SMTP response and diagnostic codes to determine bounce type - * @param smtpResponse SMTP response string - * @param diagnosticCode Diagnostic code from bounce - * @param statusCode Status code from bounce - * @returns Detected bounce type and category - */ - detectBounceType(smtpResponse, diagnosticCode, statusCode) { - // Combine all text for comprehensive pattern matching - const fullText = `${smtpResponse} ${diagnosticCode} ${statusCode}`.toLowerCase(); - // Check for auto-responses first - if (this.matchesPattern(fullText, BounceType.AUTO_RESPONSE) || - this.matchesPattern(fullText, BounceType.CHALLENGE_RESPONSE)) { - return { - type: BounceType.AUTO_RESPONSE, - category: BounceCategory.AUTO_RESPONSE - }; - } - // Check for hard bounces - for (const bounceType of [ - BounceType.INVALID_RECIPIENT, - BounceType.DOMAIN_NOT_FOUND, - BounceType.MAILBOX_FULL, - BounceType.MAILBOX_INACTIVE, - BounceType.BLOCKED, - BounceType.SPAM_RELATED, - BounceType.POLICY_RELATED - ]) { - if (this.matchesPattern(fullText, bounceType)) { - return { - type: bounceType, - category: BounceCategory.HARD - }; - } - } - // Check for soft bounces - for (const bounceType of [ - BounceType.SERVER_UNAVAILABLE, - BounceType.TEMPORARY_FAILURE, - BounceType.QUOTA_EXCEEDED, - BounceType.NETWORK_ERROR, - BounceType.TIMEOUT - ]) { - if (this.matchesPattern(fullText, bounceType)) { - return { - type: bounceType, - category: BounceCategory.SOFT - }; - } - } - // Handle DSN (Delivery Status Notification) status codes - if (statusCode) { - // Format: class.subject.detail - const parts = statusCode.split('.'); - if (parts.length >= 2) { - const statusClass = parts[0]; - const statusSubject = parts[1]; - // 5.X.X is permanent failure (hard bounce) - if (statusClass === '5') { - // Try to determine specific type based on subject - if (statusSubject === '1') { - return { type: BounceType.INVALID_RECIPIENT, category: BounceCategory.HARD }; - } - else if (statusSubject === '2') { - return { type: BounceType.MAILBOX_FULL, category: BounceCategory.HARD }; - } - else if (statusSubject === '7') { - return { type: BounceType.BLOCKED, category: BounceCategory.HARD }; - } - else { - return { type: BounceType.UNKNOWN, category: BounceCategory.HARD }; - } - } - // 4.X.X is temporary failure (soft bounce) - if (statusClass === '4') { - // Try to determine specific type based on subject - if (statusSubject === '2') { - return { type: BounceType.QUOTA_EXCEEDED, category: BounceCategory.SOFT }; - } - else if (statusSubject === '3') { - return { type: BounceType.SERVER_UNAVAILABLE, category: BounceCategory.SOFT }; - } - else if (statusSubject === '4') { - return { type: BounceType.NETWORK_ERROR, category: BounceCategory.SOFT }; - } - else { - return { type: BounceType.TEMPORARY_FAILURE, category: BounceCategory.SOFT }; - } - } - } - } - // Default to unknown - return { - type: BounceType.UNKNOWN, - category: BounceCategory.UNKNOWN - }; - } - /** - * Check if text matches any pattern for a bounce type - * @param text Text to check against patterns - * @param bounceType Bounce type to get patterns for - * @returns Whether the text matches any pattern - */ - matchesPattern(text, bounceType) { - const patterns = BOUNCE_PATTERNS[bounceType]; - if (!patterns) { - return false; - } - for (const pattern of patterns) { - if (pattern.test(text)) { - return true; - } - } - return false; - } /** * Get all known hard bounced addresses * @returns Array of hard bounced email addresses @@ -778,4 +566,4 @@ export class BounceManager { return removed; } } -//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY2xhc3Nlcy5ib3VuY2VtYW5hZ2VyLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vdHMvbWFpbC9jb3JlL2NsYXNzZXMuYm91bmNlbWFuYWdlci50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiQUFBQSxPQUFPLEtBQUssT0FBTyxNQUFNLGtCQUFrQixDQUFDO0FBQzVDLE9BQU8sS0FBSyxLQUFLLE1BQU0sZ0JBQWdCLENBQUM7QUFDeEMsT0FBTyxFQUFFLE1BQU0sRUFBRSxNQUFNLGlCQUFpQixDQUFDO0FBQ3pDLE9BQU8sRUFBRSxjQUFjLEVBQUUsZ0JBQWdCLEVBQUUsaUJBQWlCLEVBQUUsTUFBTSx5QkFBeUIsQ0FBQztBQUM5RixPQUFPLEVBQUUsUUFBUSxFQUFFLE1BQU0sV0FBVyxDQUFDO0FBR3JDOztHQUVHO0FBQ0gsTUFBTSxDQUFOLElBQVksVUFxQlg7QUFyQkQsV0FBWSxVQUFVO0lBQ3BCLG9DQUFvQztJQUNwQyxxREFBdUMsQ0FBQTtJQUN2QyxtREFBcUMsQ0FBQTtJQUNyQywyQ0FBNkIsQ0FBQTtJQUM3QixtREFBcUMsQ0FBQTtJQUNyQyxpQ0FBbUIsQ0FBQTtJQUNuQiwyQ0FBNkIsQ0FBQTtJQUM3QiwrQ0FBaUMsQ0FBQTtJQUVqQyxvQ0FBb0M7SUFDcEMsdURBQXlDLENBQUE7SUFDekMscURBQXVDLENBQUE7SUFDdkMsK0NBQWlDLENBQUE7SUFDakMsNkNBQStCLENBQUE7SUFDL0IsaUNBQW1CLENBQUE7SUFFbkIsZ0JBQWdCO0lBQ2hCLDZDQUErQixDQUFBO0lBQy9CLHVEQUF5QyxDQUFBO0lBQ3pDLGlDQUFtQixDQUFBO0FBQ3JCLENBQUMsRUFyQlcsVUFBVSxLQUFWLFVBQVUsUUFxQnJCO0FBRUQ7O0dBRUc7QUFDSCxNQUFNLENBQU4sSUFBWSxjQUtYO0FBTEQsV0FBWSxjQUFjO0lBQ3hCLCtCQUFhLENBQUE7SUFDYiwrQkFBYSxDQUFBO0lBQ2IsaURBQStCLENBQUE7SUFDL0IscUNBQW1CLENBQUE7QUFDckIsQ0FBQyxFQUxXLGNBQWMsS0FBZCxjQUFjLFFBS3pCO0FBd0JEOztHQUVHO0FBQ0gsTUFBTSxlQUFlLEdBQUc7SUFDdEIsdUJBQXVCO0lBQ3ZCLENBQUMsVUFBVSxDQUFDLGlCQUFpQixDQUFDLEVBQUU7UUFDOUIsZUFBZTtRQUNmLGVBQWU7UUFDZixpQkFBaUI7UUFDakIsb0JBQW9CO1FBQ3BCLG9CQUFvQjtRQUNwQixhQUFhO1FBQ2IsaUJBQWlCO1FBQ2pCLDZCQUE2QjtRQUM3QixjQUFjO0tBQ2Y7SUFDRCxDQUFDLFVBQVUsQ0FBQyxnQkFBZ0IsQ0FBQyxFQUFFO1FBQzdCLG1CQUFtQjtRQUNuQixpQkFBaUI7UUFDakIsaUJBQWlCO1FBQ2pCLGlCQUFpQjtRQUNqQixpQkFBaUI7UUFDakIsY0FBYztLQUNmO0lBQ0QsQ0FBQyxVQUFVLENBQUMsWUFBWSxDQUFDLEVBQUU7UUFDekIsZUFBZTtRQUNmLGFBQWE7UUFDYixpQkFBaUI7UUFDakIsY0FBYztLQUNmO0lBQ0QsQ0FBQyxVQUFVLENBQUMsZ0JBQWdCLENBQUMsRUFBRTtRQUM3QixtQkFBbUI7UUFDbkIsbUJBQW1CO1FBQ25CLG1CQUFtQjtRQUNuQixxQkFBcUI7UUFDckIsb0JBQW9CO0tBQ3JCO0lBQ0QsQ0FBQyxVQUFVLENBQUMsT0FBTyxDQUFDLEVBQUU7UUFDcEIsVUFBVTtRQUNWLFdBQVc7UUFDWCxTQUFTO1FBQ1QsY0FBYztRQUNkLGFBQWE7UUFDYixVQUFVO1FBQ1YsYUFBYTtLQUNkO0lBQ0QsQ0FBQyxVQUFVLENBQUMsWUFBWSxDQUFDLEVBQUU7UUFDekIsT0FBTztRQUNQLFlBQVk7UUFDWixtQkFBbUI7UUFDbkIsbUJBQW1CO1FBQ25CLGNBQWM7S0FDZjtJQUVELHVCQUF1QjtJQUN2QixDQUFDLFVBQVUsQ0FBQyxrQkFBa0IsQ0FBQyxFQUFFO1FBQy9CLHFCQUFxQjtRQUNyQixzQkFBc0I7UUFDdEIsa0JBQWtCO1FBQ2xCLFlBQVk7UUFDWixhQUFhO1FBQ2IsYUFBYTtLQUNkO0lBQ0QsQ0FBQyxVQUFVLENBQUMsaUJBQWlCLENBQUMsRUFBRTtRQUM5QixvQkFBb0I7UUFDcEIsa0JBQWtCO1FBQ2xCLG9CQUFvQjtRQUNwQixZQUFZO1FBQ1osVUFBVTtLQUNYO0lBQ0QsQ0FBQyxVQUFVLENBQUMsY0FBYyxDQUFDLEVBQUU7UUFDM0IsNkJBQTZCO1FBQzdCLDJCQUEyQjtRQUMzQixjQUFjO0tBQ2Y7SUFDRCxDQUFDLFVBQVUsQ0FBQyxhQUFhLENBQUMsRUFBRTtRQUMxQixnQkFBZ0I7UUFDaEIsbUJBQW1CO1FBQ25CLHVCQUF1QjtRQUN2QixnQkFBZ0I7UUFDaEIsYUFBYTtLQUNkO0lBQ0QsQ0FBQyxVQUFVLENBQUMsT0FBTyxDQUFDLEVBQUU7UUFDcEIsWUFBWTtRQUNaLFVBQVU7UUFDVixjQUFjO0tBQ2Y7SUFFRCxpQkFBaUI7SUFDakIsQ0FBQyxVQUFVLENBQUMsYUFBYSxDQUFDLEVBQUU7UUFDMUIsZ0JBQWdCO1FBQ2hCLG1CQUFtQjtRQUNuQixXQUFXO1FBQ1gsZ0JBQWdCO1FBQ2hCLG1CQUFtQjtRQUNuQixjQUFjO1FBQ2Qsa0JBQWtCO0tBQ25CO0lBQ0QsQ0FBQyxVQUFVLENBQUMsa0JBQWtCLENBQUMsRUFBRTtRQUMvQix3QkFBd0I7UUFDeEIsb0JBQW9CO1FBQ3BCLHFCQUFxQjtRQUNyQixxQkFBcUI7S0FDdEI7Q0FDRixDQUFDO0FBWUY7O0dBRUc7QUFDSCxNQUFNLE9BQU8sYUFBYTtJQUN4QiwwQ0FBMEM7SUFDbEMsYUFBYSxHQUFrQjtRQUNyQyxVQUFVLEVBQUUsQ0FBQztRQUNiLFlBQVksRUFBRSxFQUFFLEdBQUcsRUFBRSxHQUFHLElBQUksRUFBRSxhQUFhO1FBQzNDLFFBQVEsRUFBRSxFQUFFLEdBQUcsRUFBRSxHQUFHLEVBQUUsR0FBRyxJQUFJLEVBQUUsV0FBVztRQUMxQyxhQUFhLEVBQUUsQ0FBQztLQUNqQixDQUFDO0lBRUYsMEJBQTBCO0lBQ2xCLFdBQVcsR0FBbUIsRUFBRSxDQUFDO0lBRXpDLG9GQUFvRjtJQUM1RSxXQUFXLENBS2hCO0lBRUgsZ0VBQWdFO0lBQ3hELGVBQWUsR0FJbEIsSUFBSSxHQUFHLEVBQUUsQ0FBQztJQUVQLGNBQWMsQ0FBTyxDQUFDLDBCQUEwQjtJQUV4RCxZQUFZLE9BS1g7UUFDQyxtQ0FBbUM7UUFDbkMsSUFBSSxPQUFPLEVBQUUsYUFBYSxFQUFFLENBQUM7WUFDM0IsSUFBSSxDQUFDLGFBQWEsR0FBRztnQkFDbkIsR0FBRyxJQUFJLENBQUMsYUFBYTtnQkFDckIsR0FBRyxPQUFPLENBQUMsYUFBYTthQUN6QixDQUFDO1FBQ0osQ0FBQztRQUVELGlFQUFpRTtRQUNqRSxJQUFJLENBQUMsV0FBVyxHQUFHLElBQUksUUFBUSxDQUFjO1lBQzNDLEdBQUcsRUFBRSxPQUFPLEVBQUUsWUFBWSxJQUFJLEtBQUs7WUFDbkMsR0FBRyxFQUFFLE9BQU8sRUFBRSxRQUFRLElBQUksRUFBRSxHQUFHLEVBQUUsR0FBRyxFQUFFLEdBQUcsRUFBRSxHQUFHLElBQUksRUFBRSxrQkFBa0I7U0FDdkUsQ0FBQyxDQUFDO1FBRUgsa0NBQWtDO1FBQ2xDLElBQUksQ0FBQyxjQUFjLEdBQUcsT0FBTyxFQUFFLGNBQWMsQ0FBQztRQUU5QyxxQ0FBcUM7UUFDckMsd0RBQXdEO1FBQ3hELHFEQUFxRDtRQUNyRCxJQUFJLENBQUMsbUJBQW1CLEVBQUUsQ0FBQyxLQUFLLENBQUMsS0FBSyxDQUFDLEVBQUU7WUFDdkMsTUFBTSxDQUFDLEdBQUcsQ0FBQyxPQUFPLEVBQUUsK0NBQStDLEtBQUssQ0FBQyxPQUFPLEVBQUUsQ0FBQyxDQUFDO1FBQ3RGLENBQUMsQ0FBQyxDQUFDO0lBQ0wsQ0FBQztJQUVEOzs7O09BSUc7SUFDSSxLQUFLLENBQUMsYUFBYSxDQUFDLFVBQWlDO1FBQzFELElBQUksQ0FBQztZQUNILGlDQUFpQztZQUNqQyxNQUFNLE1BQU0sR0FBaUI7Z0JBQzNCLEVBQUUsRUFBRSxVQUFVLENBQUMsRUFBRSxJQUFJLE9BQU8sQ0FBQyxJQUFJLENBQUMsRUFBRSxFQUFFO2dCQUN0QyxTQUFTLEVBQUUsVUFBVSxDQUFDLFNBQVM7Z0JBQy9CLE1BQU0sRUFBRSxVQUFVLENBQUMsTUFBTTtnQkFDekIsTUFBTSxFQUFFLFVBQVUsQ0FBQyxNQUFNLElBQUksVUFBVSxDQUFDLFNBQVMsQ0FBQyxLQUFLLENBQUMsR0FBRyxDQUFDLENBQUMsQ0FBQyxDQUFDO2dCQUMvRCxPQUFPLEVBQUUsVUFBVSxDQUFDLE9BQU87Z0JBQzNCLFVBQVUsRUFBRSxVQUFVLENBQUMsVUFBVSxJQUFJLFVBQVUsQ0FBQyxPQUFPO2dCQUN2RCxjQUFjLEVBQUUsVUFBVSxDQUFDLGNBQWMsSUFBSSxjQUFjLENBQUMsT0FBTztnQkFDbkUsU0FBUyxFQUFFLFVBQVUsQ0FBQyxTQUFTLElBQUksSUFBSSxDQUFDLEdBQUcsRUFBRTtnQkFDN0MsWUFBWSxFQUFFLFVBQVUsQ0FBQyxZQUFZO2dCQUNyQyxjQUFjLEVBQUUsVUFBVSxDQUFDLGNBQWM7Z0JBQ3pDLFVBQVUsRUFBRSxVQUFVLENBQUMsVUFBVTtnQkFDakMsT0FBTyxFQUFFLFVBQVUsQ0FBQyxPQUFPO2dCQUMzQixTQUFTLEVBQUUsS0FBSztnQkFDaEIsZUFBZSxFQUFFLFVBQVUsQ0FBQyxlQUFlO2dCQUMzQyxVQUFVLEVBQUUsVUFBVSxDQUFDLFVBQVUsSUFBSSxDQUFDO2dCQUN0QyxhQUFhLEVBQUUsVUFBVSxDQUFDLGFBQWE7YUFDeEMsQ0FBQztZQUVGLHFEQUFxRDtZQUNyRCxJQUFJLENBQUMsVUFBVSxDQUFDLFVBQVUsSUFBSSxVQUFVLENBQUMsVUFBVSxLQUFLLFVBQVUsQ0FBQyxPQUFPLEVBQUUsQ0FBQztnQkFDM0UsTUFBTSxVQUFVLEdBQUcsSUFBSSxDQUFDLGdCQUFnQixDQUN0QyxNQUFNLENBQUMsWUFBWSxJQUFJLEVBQUUsRUFDekIsTUFBTSxDQUFDLGNBQWMsSUFBSSxFQUFFLEVBQzNCLE1BQU0sQ0FBQyxVQUFVLElBQUksRUFBRSxDQUN4QixDQUFDO2dCQUVGLE1BQU0sQ0FBQyxVQUFVLEdBQUcsVUFBVSxDQUFDLElBQUksQ0FBQztnQkFDcEMsTUFBTSxDQUFDLGNBQWMsR0FBRyxVQUFVLENBQUMsUUFBUSxDQUFDO1lBQzlDLENBQUM7WUFFRCx1Q0FBdUM7WUFDdkMsUUFBUSxNQUFNLENBQUMsY0FBYyxFQUFFLENBQUM7Z0JBQzlCLEtBQUssY0FBYyxDQUFDLElBQUk7b0JBQ3RCLCtDQUErQztvQkFDL0MsTUFBTSxJQUFJLENBQUMsZ0JBQWdCLENBQUMsTUFBTSxDQUFDLENBQUM7b0JBQ3BDLE1BQU07Z0JBRVIsS0FBSyxjQUFjLENBQUMsSUFBSTtvQkFDdEIsa0RBQWtEO29CQUNsRCxNQUFNLElBQUksQ0FBQyxnQkFBZ0IsQ0FBQyxNQUFNLENBQUMsQ0FBQztvQkFDcEMsTUFBTTtnQkFFUixLQUFLLGNBQWMsQ0FBQyxhQUFhO29CQUMvQixvREFBb0Q7b0JBQ3BELE1BQU0sQ0FBQyxHQUFHLENBQUMsTUFBTSxFQUFFLDhCQUE4QixNQUFNLENBQUMsU0FBUyxFQUFFLENBQUMsQ0FBQztvQkFDckUsTUFBTTtnQkFFUjtvQkFDRSw4Q0FBOEM7b0JBQzlDLE1BQU0sQ0FBQyxHQUFHLENBQUMsTUFBTSxFQUFFLDJCQUEyQixNQUFNLENBQUMsU0FBUyxFQUFFLEVBQUU7d0JBQ2hFLFVBQVUsRUFBRSxNQUFNLENBQUMsVUFBVTt3QkFDN0IsWUFBWSxFQUFFLE1BQU0sQ0FBQyxZQUFZO3FCQUNsQyxDQUFDLENBQUM7b0JBQ0gsTUFBTTtZQUNWLENBQUM7WUFFRCwwQkFBMEI7WUFDMUIsTUFBTSxDQUFDLFNBQVMsR0FBRyxJQUFJLENBQUM7WUFDeEIsSUFBSSxDQUFDLFdBQVcsQ0FBQyxJQUFJLENBQUMsTUFBTSxDQUFDLENBQUM7WUFFOUIsMEJBQTBCO1lBQzFCLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxNQUFNLENBQUMsQ0FBQztZQUUvQixpQkFBaUI7WUFDakIsTUFBTSxDQUFDLEdBQUcsQ0FDUixNQUFNLENBQUMsY0FBYyxLQUFLLGNBQWMsQ0FBQyxJQUFJLENBQUMsQ0FBQyxDQUFDLE1BQU0sQ0FBQyxDQUFDLENBQUMsTUFBTSxFQUMvRCwyQkFBMkIsTUFBTSxDQUFDLGNBQWMsZUFBZSxNQUFNLENBQUMsU0FBUyxFQUFFLEVBQ2pGO2dCQUNFLFVBQVUsRUFBRSxNQUFNLENBQUMsVUFBVTtnQkFDN0IsTUFBTSxFQUFFLE1BQU0sQ0FBQyxNQUFNO2dCQUNyQixRQUFRLEVBQUUsTUFBTSxDQUFDLGNBQWM7YUFDaEMsQ0FDRixDQUFDO1lBRUYsNEJBQTRCO1lBQzVCLGNBQWMsQ0FBQyxXQUFXLEVBQUUsQ0FBQyxRQUFRLENBQUM7Z0JBQ3BDLEtBQUssRUFBRSxNQUFNLENBQUMsY0FBYyxLQUFLLGNBQWMsQ0FBQyxJQUFJO29CQUNsRCxDQUFDLENBQUMsZ0JBQWdCLENBQUMsSUFBSTtvQkFDdkIsQ0FBQyxDQUFDLGdCQUFnQixDQUFDLElBQUk7Z0JBQ3pCLElBQUksRUFBRSxpQkFBaUIsQ0FBQyxnQkFBZ0I7Z0JBQ3hDLE9BQU8sRUFBRSwwQkFBMEIsTUFBTSxDQUFDLGNBQWMsdUJBQXVCO2dCQUMvRSxNQUFNLEVBQUUsTUFBTSxDQUFDLE1BQU07Z0JBQ3JCLE9BQU8sRUFBRTtvQkFDUCxTQUFTLEVBQUUsTUFBTSxDQUFDLFNBQVM7b0JBQzNCLFVBQVUsRUFBRSxNQUFNLENBQUMsVUFBVTtvQkFDN0IsWUFBWSxFQUFFLE1BQU0sQ0FBQyxZQUFZO29CQUNqQyxjQUFjLEVBQUUsTUFBTSxDQUFDLGNBQWM7b0JBQ3JDLFVBQVUsRUFBRSxNQUFNLENBQUMsVUFBVTtpQkFDOUI7Z0JBQ0QsT0FBTyxFQUFFLEtBQUs7YUFDZixDQUFDLENBQUM7WUFFSCxPQUFPLE1BQU0sQ0FBQztRQUNoQixDQUFDO1FBQUMsT0FBTyxLQUFLLEVBQUUsQ0FBQztZQUNmLE1BQU0sQ0FBQyxHQUFHLENBQUMsT0FBTyxFQUFFLDRCQUE0QixLQUFLLENBQUMsT0FBTyxFQUFFLEVBQUU7Z0JBQy9ELEtBQUssRUFBRSxLQUFLLENBQUMsT0FBTztnQkFDcEIsVUFBVTthQUNYLENBQUMsQ0FBQztZQUNILE1BQU0sS0FBSyxDQUFDO1FBQ2QsQ0FBQztJQUNILENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSxLQUFLLENBQUMsa0JBQWtCLENBQzdCLFNBQWlCLEVBQ2pCLFlBQW9CLEVBQ3BCLFVBS0ksRUFBRTtRQUVOLHVDQUF1QztRQUN2QyxNQUFNLFVBQVUsR0FBMEI7WUFDeEMsU0FBUztZQUNULE1BQU0sRUFBRSxPQUFPLENBQUMsTUFBTSxJQUFJLEVBQUU7WUFDNUIsTUFBTSxFQUFFLFNBQVMsQ0FBQyxLQUFLLENBQUMsR0FBRyxDQUFDLENBQUMsQ0FBQyxDQUFDO1lBQy9CLFlBQVk7WUFDWixVQUFVLEVBQUUsT0FBTyxDQUFDLFVBQVU7WUFDOUIsT0FBTyxFQUFFLE9BQU8sQ0FBQyxPQUFPO1lBQ3hCLGVBQWUsRUFBRSxPQUFPLENBQUMsZUFBZTtZQUN4QyxTQUFTLEVBQUUsSUFBSSxDQUFDLEdBQUcsRUFBRTtTQUN0QixDQUFDO1FBRUYsOEJBQThCO1FBQzlCLE9BQU8sSUFBSSxDQUFDLGFBQWEsQ0FBQyxVQUFVLENBQUMsQ0FBQztJQUN4QyxDQUFDO0lBRUQ7Ozs7T0FJRztJQUNJLEtBQUssQ0FBQyxrQkFBa0IsQ0FBQyxXQUFrQjtRQUNoRCxJQUFJLENBQUM7WUFDSCx5Q0FBeUM7WUFDekMsTUFBTSxPQUFPLEdBQUcsV0FBVyxDQUFDLFVBQVUsRUFBRSxDQUFDO1lBQ3pDLE1BQU0sSUFBSSxHQUFHLFdBQVcsQ0FBQyxPQUFPLEVBQUUsQ0FBQztZQUVuQyx3REFBd0Q7WUFDeEQsTUFBTSxlQUFlLEdBQUcsa0hBQWtILENBQUMsSUFBSSxDQUFDLE9BQU8sQ0FBQyxDQUFDO1lBRXpKLElBQUksQ0FBQyxlQUFlLEVBQUUsQ0FBQztnQkFDckIsNkNBQTZDO2dCQUM3QyxPQUFPLElBQUksQ0FBQztZQUNkLENBQUM7WUFFRCxzREFBc0Q7WUFDdEQsSUFBSSxTQUFTLEdBQUcsRUFBRSxDQUFDO1lBQ25CLElBQUksaUJBQWlCLEdBQUcsRUFBRSxDQUFDO1lBRTNCLCtDQUErQztZQUMvQyxNQUFNLGNBQWMsR0FBRyxJQUFJLENBQUMsS0FBSyxDQUFDLG9IQUFvSCxDQUFDLENBQUM7WUFDeEosSUFBSSxjQUFjLElBQUksY0FBYyxDQUFDLENBQUMsQ0FBQyxFQUFFLENBQUM7Z0JBQ3hDLFNBQVMsR0FBRyxjQUFjLENBQUMsQ0FBQyxDQUFDLENBQUM7WUFDaEMsQ0FBQztZQUVELDBCQUEwQjtZQUMxQixJQUFJLGNBQWMsR0FBRyxFQUFFLENBQUM7WUFDeEIsTUFBTSxlQUFlLEdBQUcsSUFBSSxDQUFDLEtBQUssQ0FBQywyQ0FBMkMsQ0FBQyxDQUFDO1lBQ2hGLElBQUksZUFBZSxJQUFJLGVBQWUsQ0FBQyxDQUFDLENBQUMsRUFBRSxDQUFDO2dCQUMxQyxjQUFjLEdBQUcsZUFBZSxDQUFDLENBQUMsQ0FBQyxDQUFDLElBQUksRUFBRSxDQUFDO1lBQzdDLENBQUM7WUFFRCwyQkFBMkI7WUFDM0IsSUFBSSxVQUFVLEdBQUcsRUFBRSxDQUFDO1lBQ3BCLE1BQU0sV0FBVyxHQUFHLElBQUksQ0FBQyxLQUFLLENBQUMsb0NBQW9DLENBQUMsQ0FBQztZQUNyRSxJQUFJLFdBQVcsSUFBSSxXQUFXLENBQUMsQ0FBQyxDQUFDLEVBQUUsQ0FBQztnQkFDbEMsVUFBVSxHQUFHLFdBQVcsQ0FBQyxDQUFDLENBQUMsQ0FBQyxJQUFJLEVBQUUsQ0FBQztZQUNyQyxDQUFDO1lBRUQsNkZBQTZGO1lBQzdGLElBQUksQ0FBQyxTQUFTLEVBQUUsQ0FBQztnQkFDZix3RUFBd0U7Z0JBQ3hFLE1BQU0sc0JBQXNCLEdBQUcsSUFBSSxDQUFDLEtBQUssQ0FBQyx5RUFBeUUsQ0FBQyxDQUFDO2dCQUNySCxNQUFNLG1CQUFtQixHQUFHLElBQUksQ0FBQyxLQUFLLENBQUMsc0VBQXNFLENBQUMsQ0FBQztnQkFFL0csSUFBSSxzQkFBc0IsSUFBSSxzQkFBc0IsQ0FBQyxDQUFDLENBQUMsRUFBRSxDQUFDO29CQUN4RCxTQUFTLEdBQUcsc0JBQXNCLENBQUMsQ0FBQyxDQUFDLENBQUM7Z0JBQ3hDLENBQUM7cUJBQU0sSUFBSSxtQkFBbUIsSUFBSSxtQkFBbUIsQ0FBQyxDQUFDLENBQUMsRUFBRSxDQUFDO29CQUN6RCxTQUFTLEdBQUcsbUJBQW1CLENBQUMsQ0FBQyxDQUFDLENBQUM7Z0JBQ3JDLENBQUM7WUFDSCxDQUFDO1lBRUQsaURBQWlEO1lBQ2pELElBQUksQ0FBQyxTQUFTLEVBQUUsQ0FBQztnQkFDZixNQUFNLENBQUMsR0FBRyxDQUFDLE1BQU0sRUFBRSxzREFBc0QsRUFBRTtvQkFDekUsT0FBTztvQkFDUCxNQUFNLEVBQUUsV0FBVyxDQUFDLElBQUk7aUJBQ3pCLENBQUMsQ0FBQztnQkFDSCxPQUFPLElBQUksQ0FBQztZQUNkLENBQUM7WUFFRCwyQ0FBMkM7WUFDM0MsTUFBTSxjQUFjLEdBQUcsSUFBSSxDQUFDLEtBQUssQ0FBQyw4Q0FBOEMsQ0FBQyxDQUFDO1lBQ2xGLElBQUksY0FBYyxJQUFJLGNBQWMsQ0FBQyxDQUFDLENBQUMsRUFBRSxDQUFDO2dCQUN4QyxpQkFBaUIsR0FBRyxjQUFjLENBQUMsQ0FBQyxDQUFDLENBQUMsSUFBSSxFQUFFLENBQUM7WUFDL0MsQ0FBQztZQUVELHFCQUFxQjtZQUNyQixNQUFNLFVBQVUsR0FBMEI7Z0JBQ3hDLFNBQVM7Z0JBQ1QsTUFBTSxFQUFFLFdBQVcsQ0FBQyxJQUFJO2dCQUN4QixNQUFNLEVBQUUsU0FBUyxDQUFDLEtBQUssQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDLENBQUM7Z0JBQy9CLE9BQU8sRUFBRSxXQUFXLENBQUMsVUFBVSxFQUFFO2dCQUNqQyxjQUFjO2dCQUNkLFVBQVU7Z0JBQ1YsU0FBUyxFQUFFLElBQUksQ0FBQyxHQUFHLEVBQUU7Z0JBQ3JCLE9BQU8sRUFBRSxFQUFFO2FBQ1osQ0FBQztZQUVGLDhCQUE4QjtZQUM5QixPQUFPLElBQUksQ0FBQyxhQUFhLENBQUMsVUFBVSxDQUFDLENBQUM7UUFDeEMsQ0FBQztRQUFDLE9BQU8sS0FBSyxFQUFFLENBQUM7WUFDZixNQUFNLENBQUMsR0FBRyxDQUFDLE9BQU8sRUFBRSxrQ0FBa0MsS0FBSyxDQUFDLE9BQU8sRUFBRSxDQUFDLENBQUM7WUFDdkUsT0FBTyxJQUFJLENBQUM7UUFDZCxDQUFDO0lBQ0gsQ0FBQztJQUVEOzs7T0FHRztJQUNLLEtBQUssQ0FBQyxnQkFBZ0IsQ0FBQyxNQUFvQjtRQUNqRCxrREFBa0Q7UUFDbEQsSUFBSSxDQUFDLG9CQUFvQixDQUFDLE1BQU0sQ0FBQyxTQUFTLEVBQUUsZ0JBQWdCLE1BQU0sQ0FBQyxVQUFVLEVBQUUsRUFBRSxTQUFTLENBQUMsQ0FBQztRQUU1RixrQ0FBa0M7UUFDbEMsSUFBSSxDQUFDLGlCQUFpQixDQUFDLE1BQU0sQ0FBQyxDQUFDO1FBRS9CLDRCQUE0QjtRQUM1QixNQUFNLElBQUksQ0FBQyxnQkFBZ0IsQ0FBQyxNQUFNLENBQUMsQ0FBQztRQUVwQyxpQ0FBaUM7UUFDakMsTUFBTSxDQUFDLEdBQUcsQ0FBQyxNQUFNLEVBQUUsbUJBQW1CLE1BQU0sQ0FBQyxTQUFTLEtBQUssTUFBTSxDQUFDLFVBQVUsRUFBRSxFQUFFO1lBQzlFLE1BQU0sRUFBRSxNQUFNLENBQUMsTUFBTTtZQUNyQixZQUFZLEVBQUUsTUFBTSxDQUFDLFlBQVk7WUFDakMsY0FBYyxFQUFFLE1BQU0sQ0FBQyxjQUFjO1NBQ3RDLENBQUMsQ0FBQztJQUNMLENBQUM7SUFFRDs7O09BR0c7SUFDSyxLQUFLLENBQUMsZ0JBQWdCLENBQUMsTUFBb0I7UUFDakQsc0NBQXNDO1FBQ3RDLElBQUksTUFBTSxDQUFDLFVBQVUsSUFBSSxJQUFJLENBQUMsYUFBYSxDQUFDLFVBQVUsRUFBRSxDQUFDO1lBQ3ZELE1BQU0sQ0FBQyxHQUFHLENBQUMsTUFBTSxFQUFFLDRCQUE0QixNQUFNLENBQUMsU0FBUywyQkFBMkIsQ0FBQyxDQUFDO1lBRTVGLDJDQUEyQztZQUMzQyxNQUFNLENBQUMsY0FBYyxHQUFHLGNBQWMsQ0FBQyxJQUFJLENBQUM7WUFDNUMsTUFBTSxJQUFJLENBQUMsZ0JBQWdCLENBQUMsTUFBTSxDQUFDLENBQUM7WUFDcEMsT0FBTztRQUNULENBQUM7UUFFRCxxREFBcUQ7UUFDckQsTUFBTSxLQUFLLEdBQUcsSUFBSSxDQUFDLEdBQUcsQ0FDcEIsSUFBSSxDQUFDLGFBQWEsQ0FBQyxZQUFZLEdBQUcsSUFBSSxDQUFDLEdBQUcsQ0FBQyxJQUFJLENBQUMsYUFBYSxDQUFDLGFBQWEsRUFBRSxNQUFNLENBQUMsVUFBVSxDQUFDLEVBQy9GLElBQUksQ0FBQyxhQUFhLENBQUMsUUFBUSxDQUM1QixDQUFDO1FBRUYsTUFBTSxDQUFDLFVBQVUsRUFBRSxDQUFDO1FBQ3BCLE1BQU0sQ0FBQyxhQUFhLEdBQUcsSUFBSSxDQUFDLEdBQUcsRUFBRSxHQUFHLEtBQUssQ0FBQztRQUUxQyxvREFBb0Q7UUFDcEQsSUFBSSxDQUFDLG9CQUFvQixDQUN2QixNQUFNLENBQUMsU0FBUyxFQUNoQixnQkFBZ0IsTUFBTSxDQUFDLFVBQVUsRUFBRSxFQUNuQyxNQUFNLENBQUMsYUFBYSxDQUNyQixDQUFDO1FBRUYseUJBQXlCO1FBQ3pCLE1BQU0sQ0FBQyxHQUFHLENBQUMsTUFBTSxFQUFFLG1CQUFtQixNQUFNLENBQUMsVUFBVSxRQUFRLE1BQU0sQ0FBQyxTQUFTLE9BQU8sSUFBSSxJQUFJLENBQUMsTUFBTSxDQUFDLGFBQWEsQ0FBQyxDQUFDLFdBQVcsRUFBRSxFQUFFLEVBQUU7WUFDcEksVUFBVSxFQUFFLE1BQU0sQ0FBQyxVQUFVO1lBQzdCLFVBQVUsRUFBRSxNQUFNLENBQUMsVUFBVTtZQUM3QixTQUFTLEVBQUUsTUFBTSxDQUFDLGFBQWE7U0FDaEMsQ0FBQyxDQUFDO0lBQ0wsQ0FBQztJQUVEOzs7OztPQUtHO0lBQ0ksb0JBQW9CLENBQ3pCLEtBQWEsRUFDYixNQUFjLEVBQ2QsU0FBa0I7UUFFbEIsSUFBSSxDQUFDLGVBQWUsQ0FBQyxHQUFHLENBQUMsS0FBSyxDQUFDLFdBQVcsRUFBRSxFQUFFO1lBQzVDLE1BQU07WUFDTixTQUFTLEVBQUUsSUFBSSxDQUFDLEdBQUcsRUFBRTtZQUNyQixTQUFTO1NBQ1YsQ0FBQyxDQUFDO1FBRUgsdUNBQXVDO1FBQ3ZDLElBQUksQ0FBQyxtQkFBbUIsRUFBRSxDQUFDLEtBQUssQ0FBQyxLQUFLLENBQUMsRUFBRTtZQUN2QyxNQUFNLENBQUMsR0FBRyxDQUFDLE9BQU8sRUFBRSxnREFBZ0QsS0FBSyxLQUFLLEtBQUssQ0FBQyxPQUFPLEVBQUUsQ0FBQyxDQUFDO1FBQ2pHLENBQUMsQ0FBQyxDQUFDO1FBRUgsTUFBTSxDQUFDLEdBQUcsQ0FBQyxNQUFNLEVBQUUsU0FBUyxLQUFLLHNCQUFzQixFQUFFO1lBQ3ZELE1BQU07WUFDTixTQUFTLEVBQUUsU0FBUyxDQUFDLENBQUMsQ0FBQyxJQUFJLElBQUksQ0FBQyxTQUFTLENBQUMsQ0FBQyxXQUFXLEVBQUUsQ0FBQyxDQUFDLENBQUMsV0FBVztTQUN2RSxDQUFDLENBQUM7SUFDTCxDQUFDO0lBRUQ7OztPQUdHO0lBQ0kseUJBQXlCLENBQUMsS0FBYTtRQUM1QyxNQUFNLFVBQVUsR0FBRyxJQUFJLENBQUMsZUFBZSxDQUFDLE1BQU0sQ0FBQyxLQUFLLENBQUMsV0FBVyxFQUFFLENBQUMsQ0FBQztRQUVwRSxJQUFJLFVBQVUsRUFBRSxDQUFDO1lBQ2YsdUNBQXVDO1lBQ3ZDLElBQUksQ0FBQyxtQkFBbUIsRUFBRSxDQUFDLEtBQUssQ0FBQyxLQUFLLENBQUMsRUFBRTtnQkFDdkMsTUFBTSxDQUFDLEdBQUcsQ0FBQyxPQUFPLEVBQUUsa0RBQWtELEtBQUssS0FBSyxLQUFLLENBQUMsT0FBTyxFQUFFLENBQUMsQ0FBQztZQUNuRyxDQUFDLENBQUMsQ0FBQztZQUNILE1BQU0sQ0FBQyxHQUFHLENBQUMsTUFBTSxFQUFFLFdBQVcsS0FBSyx3QkFBd0IsQ0FBQyxDQUFDO1FBQy9ELENBQUM7SUFDSCxDQUFDO0lBRUQ7Ozs7T0FJRztJQUNJLGlCQUFpQixDQUFDLEtBQWE7UUFDcEMsTUFBTSxjQUFjLEdBQUcsS0FBSyxDQUFDLFdBQVcsRUFBRSxDQUFDO1FBQzNDLE1BQU0sV0FBVyxHQUFHLElBQUksQ0FBQyxlQUFlLENBQUMsR0FBRyxDQUFDLGNBQWMsQ0FBQyxDQUFDO1FBRTdELElBQUksQ0FBQyxXQUFXLEVBQUUsQ0FBQztZQUNqQixPQUFPLEtBQUssQ0FBQztRQUNmLENBQUM7UUFFRCxtQ0FBbUM7UUFDbkMsSUFBSSxXQUFXLENBQUMsU0FBUyxJQUFJLElBQUksQ0FBQyxHQUFHLEVBQUUsR0FBRyxXQUFXLENBQUMsU0FBUyxFQUFFLENBQUM7WUFDaEUsSUFBSSxDQUFDLGVBQWUsQ0FBQyxNQUFNLENBQUMsY0FBYyxDQUFDLENBQUM7WUFDNUMsdUNBQXVDO1lBQ3ZDLElBQUksQ0FBQyxtQkFBbUIsRUFBRSxDQUFDLEtBQUssQ0FBQyxLQUFLLENBQUMsRUFBRTtnQkFDdkMsTUFBTSxDQUFDLEdBQUcsQ0FBQyxPQUFPLEVBQUUseURBQXlELEtBQUssQ0FBQyxPQUFPLEVBQUUsQ0FBQyxDQUFDO1lBQ2hHLENBQUMsQ0FBQyxDQUFDO1lBQ0gsT0FBTyxLQUFLLENBQUM7UUFDZixDQUFDO1FBRUQsT0FBTyxJQUFJLENBQUM7SUFDZCxDQUFDO0lBRUQ7Ozs7T0FJRztJQUNJLGtCQUFrQixDQUFDLEtBQWE7UUFLckMsTUFBTSxjQUFjLEdBQUcsS0FBSyxDQUFDLFdBQVcsRUFBRSxDQUFDO1FBQzNDLE1BQU0sV0FBVyxHQUFHLElBQUksQ0FBQyxlQUFlLENBQUMsR0FBRyxDQUFDLGNBQWMsQ0FBQyxDQUFDO1FBRTdELElBQUksQ0FBQyxXQUFXLEVBQUUsQ0FBQztZQUNqQixPQUFPLElBQUksQ0FBQztRQUNkLENBQUM7UUFFRCxtQ0FBbUM7UUFDbkMsSUFBSSxXQUFXLENBQUMsU0FBUyxJQUFJLElBQUksQ0FBQyxHQUFHLEVBQUUsR0FBRyxXQUFXLENBQUMsU0FBUyxFQUFFLENBQUM7WUFDaEUsSUFBSSxDQUFDLGVBQWUsQ0FBQyxNQUFNLENBQUMsY0FBYyxDQUFDLENBQUM7WUFDNUMsdUNBQXVDO1lBQ3ZDLElBQUksQ0FBQyxtQkFBbUIsRUFBRSxDQUFDLEtBQUssQ0FBQyxLQUFLLENBQUMsRUFBRTtnQkFDdkMsTUFBTSxDQUFDLEdBQUcsQ0FBQyxPQUFPLEVBQUUseURBQXlELEtBQUssQ0FBQyxPQUFPLEVBQUUsQ0FBQyxDQUFDO1lBQ2hHLENBQUMsQ0FBQyxDQUFDO1lBQ0gsT0FBTyxJQUFJLENBQUM7UUFDZCxDQUFDO1FBRUQsT0FBTyxXQUFXLENBQUM7SUFDckIsQ0FBQztJQUVEOztPQUVHO0lBQ0ssS0FBSyxDQUFDLG1CQUFtQjtRQUMvQixJQUFJLENBQUM7WUFDSCxNQUFNLGVBQWUsR0FBRyxJQUFJLENBQUMsU0FBUyxDQUFDLEtBQUssQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLGVBQWUsQ0FBQyxPQUFPLEVBQUUsQ0FBQyxDQUFDLENBQUM7WUFFbkYsSUFBSSxJQUFJLENBQUMsY0FBYyxFQUFFLENBQUM7Z0JBQ3hCLHNCQUFzQjtnQkFDdEIsTUFBTSxJQUFJLENBQUMsY0FBYyxDQUFDLEdBQUcsQ0FBQyxzQ0FBc0MsRUFBRSxlQUFlLENBQUMsQ0FBQztZQUN6RixDQUFDO2lCQUFNLENBQUM7Z0JBQ04sMEJBQTBCO2dCQUMxQixNQUFNLE9BQU8sQ0FBQyxPQUFPLENBQUMsSUFBSSxDQUN4QixPQUFPLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxLQUFLLENBQUMsT0FBTyxFQUFFLFFBQVEsRUFBRSx1QkFBdUIsQ0FBQyxDQUNwRSxDQUFDLEtBQUssQ0FBQyxlQUFlLENBQUMsQ0FBQztZQUMzQixDQUFDO1FBQ0gsQ0FBQztRQUFDLE9BQU8sS0FBSyxFQUFFLENBQUM7WUFDZixNQUFNLENBQUMsR0FBRyxDQUFDLE9BQU8sRUFBRSxvQ0FBb0MsS0FBSyxDQUFDLE9BQU8sRUFBRSxDQUFDLENBQUM7UUFDM0UsQ0FBQztJQUNILENBQUM7SUFFRDs7T0FFRztJQUNLLEtBQUssQ0FBQyxtQkFBbUI7UUFDL0IsSUFBSSxDQUFDO1lBQ0gsSUFBSSxPQUFPLEdBQUcsSUFBSSxDQUFDO1lBQ25CLElBQUksY0FBYyxHQUFHLEtBQUssQ0FBQztZQUUzQixJQUFJLElBQUksQ0FBQyxjQUFjLEVBQUUsQ0FBQztnQkFDeEIseUNBQXlDO2dCQUN6QyxNQUFNLGVBQWUsR0FBRyxNQUFNLElBQUksQ0FBQyxjQUFjLENBQUMsR0FBRyxDQUFDLHNDQUFzQyxDQUFDLENBQUM7Z0JBRTlGLElBQUksZUFBZSxFQUFFLENBQUM7b0JBQ3BCLE9BQU8sR0FBRyxJQUFJLENBQUMsS0FBSyxDQUFDLGVBQWUsQ0FBQyxDQUFDO2dCQUN4QyxDQUFDO3FCQUFNLENBQUM7b0JBQ04saURBQWlEO29CQUNqRCxNQUFNLGVBQWUsR0FBRyxPQUFPLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxLQUFLLENBQUMsT0FBTyxFQUFFLFFBQVEsRUFBRSx1QkFBdUIsQ0FBQyxDQUFDO29CQUU1RixJQUFJLE9BQU8sQ0FBQyxFQUFFLENBQUMsVUFBVSxDQUFDLGVBQWUsQ0FBQyxFQUFFLENBQUM7d0JBQzNDLE1BQU0sSUFBSSxHQUFHLE9BQU8sQ0FBQyxFQUFFLENBQUMsWUFBWSxDQUFDLGVBQWUsRUFBRSxNQUFNLENBQUMsQ0FBQzt3QkFDOUQsT0FBTyxHQUFHLElBQUksQ0FBQyxLQUFLLENBQUMsSUFBSSxDQUFDLENBQUM7d0JBQzNCLGNBQWMsR0FBRyxJQUFJLENBQUM7d0JBRXRCLE1BQU0sQ0FBQyxHQUFHLENBQUMsTUFBTSxFQUFFLDhEQUE4RCxDQUFDLENBQUM7b0JBQ3JGLENBQUM7Z0JBQ0gsQ0FBQztZQUNILENBQUM7aUJBQU0sQ0FBQztnQkFDTiw4Q0FBOEM7Z0JBQzlDLE1BQU0sZUFBZSxHQUFHLE9BQU8sQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLEtBQUssQ0FBQyxPQUFPLEVBQUUsUUFBUSxFQUFFLHVCQUF1QixDQUFDLENBQUM7Z0JBRTVGLElBQUksT0FBTyxDQUFDLEVBQUUsQ0FBQyxVQUFVLENBQUMsZUFBZSxDQUFDLEVBQUUsQ0FBQztvQkFDM0MsTUFBTSxJQUFJLEdBQUcsT0FBTyxDQUFDLEVBQUUsQ0FBQyxZQUFZLENBQUMsZUFBZSxFQUFFLE1BQU0sQ0FBQyxDQUFDO29CQUM5RCxPQUFPLEdBQUcsSUFBSSxDQUFDLEtBQUssQ0FBQyxJQUFJLENBQUMsQ0FBQztnQkFDN0IsQ0FBQztZQUNILENBQUM7WUFFRCxJQUFJLE9BQU8sRUFBRSxDQUFDO2dCQUNaLElBQUksQ0FBQyxlQUFlLEdBQUcsSUFBSSxHQUFHLENBQUMsT0FBTyxDQUFDLENBQUM7Z0JBRXhDLHdCQUF3QjtnQkFDeEIsTUFBTSxHQUFHLEdBQUcsSUFBSSxDQUFDLEdBQUcsRUFBRSxDQUFDO2dCQUN2QixJQUFJLFlBQVksR0FBRyxDQUFDLENBQUM7Z0JBRXJCLEtBQUssTUFBTSxDQUFDLEtBQUssRUFBRSxJQUFJLENBQUMsSUFBSSxJQUFJLENBQUMsZUFBZSxDQUFDLE9BQU8sRUFBRSxFQUFFLENBQUM7b0JBQzNELElBQUksSUFBSSxDQUFDLFNBQVMsSUFBSSxHQUFHLEdBQUcsSUFBSSxDQUFDLFNBQVMsRUFBRSxDQUFDO3dCQUMzQyxJQUFJLENBQUMsZUFBZSxDQUFDLE1BQU0sQ0FBQyxLQUFLLENBQUMsQ0FBQzt3QkFDbkMsWUFBWSxFQUFFLENBQUM7b0JBQ2pCLENBQUM7Z0JBQ0gsQ0FBQztnQkFFRCxJQUFJLFlBQVksR0FBRyxDQUFDLElBQUksY0FBYyxFQUFFLENBQUM7b0JBQ3ZDLE1BQU0sQ0FBQyxHQUFHLENBQUMsTUFBTSxFQUFFLFdBQVcsWUFBWSx3Q0FBd0MsQ0FBQyxDQUFDO29CQUNwRixNQUFNLElBQUksQ0FBQyxtQkFBbUIsRUFBRSxDQUFDO2dCQUNuQyxDQUFDO2dCQUVELE1BQU0sQ0FBQyxHQUFHLENBQUMsTUFBTSxFQUFFLFVBQVUsSUFBSSxDQUFDLGVBQWUsQ0FBQyxJQUFJLGdDQUFnQyxDQUFDLENBQUM7WUFDMUYsQ0FBQztRQUNILENBQUM7UUFBQyxPQUFPLEtBQUssRUFBRSxDQUFDO1lBQ2YsTUFBTSxDQUFDLEdBQUcsQ0FBQyxPQUFPLEVBQUUsb0NBQW9DLEtBQUssQ0FBQyxPQUFPLEVBQUUsQ0FBQyxDQUFDO1FBQzNFLENBQUM7SUFDSCxDQUFDO0lBRUQ7OztPQUdHO0lBQ0ssS0FBSyxDQUFDLGdCQUFnQixDQUFDLE1BQW9CO1FBQ2pELElBQUksQ0FBQztZQUNILE1BQU0sVUFBVSxHQUFHLElBQUksQ0FBQyxTQUFTLENBQUMsTUFBTSxFQUFFLElBQUksRUFBRSxDQUFDLENBQUMsQ0FBQztZQUVuRCxJQUFJLElBQUksQ0FBQyxjQUFjLEVBQUUsQ0FBQztnQkFDeEIsc0JBQXNCO2dCQUN0QixNQUFNLElBQUksQ0FBQyxjQUFjLENBQUMsR0FBRyxDQUFDLDBCQUEwQixNQUFNLENBQUMsRUFBRSxPQUFPLEVBQUUsVUFBVSxDQUFDLENBQUM7WUFDeEYsQ0FBQztpQkFBTSxDQUFDO2dCQUNOLDBCQUEwQjtnQkFDMUIsTUFBTSxVQUFVLEdBQUcsT0FBTyxDQUFDLElBQUksQ0FBQyxJQUFJLENBQ2xDLEtBQUssQ0FBQyxPQUFPLEVBQ2IsUUFBUSxFQUNSLFNBQVMsRUFDVCxHQUFHLE1BQU0sQ0FBQyxFQUFFLE9BQU8sQ0FDcEIsQ0FBQztnQkFFRiwwQkFBMEI7Z0JBQzFCLE1BQU0sU0FBUyxHQUFHLE9BQU8sQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLEtBQUssQ0FBQyxPQUFPLEVBQUUsUUFBUSxFQUFFLFNBQVMsQ0FBQyxDQUFDO2dCQUN4RSxNQUFNLE9BQU8sQ0FBQyxPQUFPLENBQUMsU0FBUyxDQUFDLFNBQVMsQ0FBQyxDQUFDLFNBQVMsRUFBRSxDQUFDLE1BQU0sRUFBRSxDQUFDO2dCQUVoRSxNQUFNLE9BQU8sQ0FBQyxPQUFPLENBQUMsSUFBSSxDQUFDLFVBQVUsQ0FBQyxDQUFDLEtBQUssQ0FBQyxVQUFVLENBQUMsQ0FBQztZQUMzRCxDQUFDO1FBQ0gsQ0FBQztRQUFDLE9BQU8sS0FBSyxFQUFFLENBQUM7WUFDZixNQUFNLENBQUMsR0FBRyxDQUFDLE9BQU8sRUFBRSxpQ0FBaUMsS0FBSyxDQUFDLE9BQU8sRUFBRSxDQUFDLENBQUM7UUFDeEUsQ0FBQztJQUNILENBQUM7SUFFRDs7O09BR0c7SUFDSyxpQkFBaUIsQ0FBQyxNQUFvQjtRQUM1QyxNQUFNLEtBQUssR0FBRyxNQUFNLENBQUMsU0FBUyxDQUFDLFdBQVcsRUFBRSxDQUFDO1FBQzdDLE1BQU0sUUFBUSxHQUFHLElBQUksQ0FBQyxXQUFXLENBQUMsR0FBRyxDQUFDLEtBQUssQ0FBQyxDQUFDO1FBRTdDLElBQUksUUFBUSxFQUFFLENBQUM7WUFDYiw4QkFBOEI7WUFDOUIsUUFBUSxDQUFDLFVBQVUsR0FBRyxNQUFNLENBQUMsU0FBUyxDQUFDO1lBQ3ZDLFFBQVEsQ0FBQyxLQUFLLEVBQUUsQ0FBQztZQUNqQixRQUFRLENBQUMsSUFBSSxHQUFHLE1BQU0sQ0FBQyxVQUFVLENBQUM7WUFDbEMsUUFBUSxDQUFDLFFBQVEsR0FBRyxNQUFNLENBQUMsY0FBYyxDQUFDO1FBQzVDLENBQUM7YUFBTSxDQUFDO1lBQ04seUJBQXlCO1lBQ3pCLElBQUksQ0FBQyxXQUFXLENBQUMsR0FBRyxDQUFDLEtBQUssRUFBRTtnQkFDMUIsVUFBVSxFQUFFLE1BQU0sQ0FBQyxTQUFTO2dCQUM1QixLQUFLLEVBQUUsQ0FBQztnQkFDUixJQUFJLEVBQUUsTUFBTSxDQUFDLFVBQVU7Z0JBQ3ZCLFFBQVEsRUFBRSxNQUFNLENBQUMsY0FBYzthQUNoQyxDQUFDLENBQUM7UUFDTCxDQUFDO0lBQ0gsQ0FBQztJQUVEOzs7O09BSUc7SUFDSSxhQUFhLENBQUMsS0FBYTtRQU1oQyxPQUFPLElBQUksQ0FBQyxXQUFXLENBQUMsR0FBRyxDQUFDLEtBQUssQ0FBQyxXQUFXLEVBQUUsQ0FBQyxJQUFJLElBQUksQ0FBQztJQUMzRCxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0ssZ0JBQWdCLENBQ3RCLFlBQW9CLEVBQ3BCLGNBQXNCLEVBQ3RCLFVBQWtCO1FBS2xCLHNEQUFzRDtRQUN0RCxNQUFNLFFBQVEsR0FBRyxHQUFHLFlBQVksSUFBSSxjQUFjLElBQUksVUFBVSxFQUFFLENBQUMsV0FBVyxFQUFFLENBQUM7UUFFakYsaUNBQWlDO1FBQ2pDLElBQUksSUFBSSxDQUFDLGNBQWMsQ0FBQyxRQUFRLEVBQUUsVUFBVSxDQUFDLGFBQWEsQ0FBQztZQUN2RCxJQUFJLENBQUMsY0FBYyxDQUFDLFFBQVEsRUFBRSxVQUFVLENBQUMsa0JBQWtCLENBQUMsRUFBRSxDQUFDO1lBQ2pFLE9BQU87Z0JBQ0wsSUFBSSxFQUFFLFVBQVUsQ0FBQyxhQUFhO2dCQUM5QixRQUFRLEVBQUUsY0FBYyxDQUFDLGFBQWE7YUFDdkMsQ0FBQztRQUNKLENBQUM7UUFFRCx5QkFBeUI7UUFDekIsS0FBSyxNQUFNLFVBQVUsSUFBSTtZQUN2QixVQUFVLENBQUMsaUJBQWlCO1lBQzVCLFVBQVUsQ0FBQyxnQkFBZ0I7WUFDM0IsVUFBVSxDQUFDLFlBQVk7WUFDdkIsVUFBVSxDQUFDLGdCQUFnQjtZQUMzQixVQUFVLENBQUMsT0FBTztZQUNsQixVQUFVLENBQUMsWUFBWTtZQUN2QixVQUFVLENBQUMsY0FBYztTQUMxQixFQUFFLENBQUM7WUFDRixJQUFJLElBQUksQ0FBQyxjQUFjLENBQUMsUUFBUSxFQUFFLFVBQVUsQ0FBQyxFQUFFLENBQUM7Z0JBQzlDLE9BQU87b0JBQ0wsSUFBSSxFQUFFLFVBQVU7b0JBQ2hCLFFBQVEsRUFBRSxjQUFjLENBQUMsSUFBSTtpQkFDOUIsQ0FBQztZQUNKLENBQUM7UUFDSCxDQUFDO1FBRUQseUJBQXlCO1FBQ3pCLEtBQUssTUFBTSxVQUFVLElBQUk7WUFDdkIsVUFBVSxDQUFDLGtCQUFrQjtZQUM3QixVQUFVLENBQUMsaUJBQWlCO1lBQzVCLFVBQVUsQ0FBQyxjQUFjO1lBQ3pCLFVBQVUsQ0FBQyxhQUFhO1lBQ3hCLFVBQVUsQ0FBQyxPQUFPO1NBQ25CLEVBQUUsQ0FBQztZQUNGLElBQUksSUFBSSxDQUFDLGNBQWMsQ0FBQyxRQUFRLEVBQUUsVUFBVSxDQUFDLEVBQUUsQ0FBQztnQkFDOUMsT0FBTztvQkFDTCxJQUFJLEVBQUUsVUFBVTtvQkFDaEIsUUFBUSxFQUFFLGNBQWMsQ0FBQyxJQUFJO2lCQUM5QixDQUFDO1lBQ0osQ0FBQztRQUNILENBQUM7UUFFRCx5REFBeUQ7UUFDekQsSUFBSSxVQUFVLEVBQUUsQ0FBQztZQUNmLCtCQUErQjtZQUMvQixNQUFNLEtBQUssR0FBRyxVQUFVLENBQUMsS0FBSyxDQUFDLEdBQUcsQ0FBQyxDQUFDO1lBQ3BDLElBQUksS0FBSyxDQUFDLE1BQU0sSUFBSSxDQUFDLEVBQUUsQ0FBQztnQkFDdEIsTUFBTSxXQUFXLEdBQUcsS0FBSyxDQUFDLENBQUMsQ0FBQyxDQUFDO2dCQUM3QixNQUFNLGFBQWEsR0FBRyxLQUFLLENBQUMsQ0FBQyxDQUFDLENBQUM7Z0JBRS9CLDJDQUEyQztnQkFDM0MsSUFBSSxXQUFXLEtBQUssR0FBRyxFQUFFLENBQUM7b0JBQ3hCLGtEQUFrRDtvQkFDbEQsSUFBSSxhQUFhLEtBQUssR0FBRyxFQUFFLENBQUM7d0JBQzFCLE9BQU8sRUFBRSxJQUFJLEVBQUUsVUFBVSxDQUFDLGlCQUFpQixFQUFFLFFBQVEsRUFBRSxjQUFjLENBQUMsSUFBSSxFQUFFLENBQUM7b0JBQy9FLENBQUM7eUJBQU0sSUFBSSxhQUFhLEtBQUssR0FBRyxFQUFFLENBQUM7d0JBQ2pDLE9BQU8sRUFBRSxJQUFJLEVBQUUsVUFBVSxDQUFDLFlBQVksRUFBRSxRQUFRLEVBQUUsY0FBYyxDQUFDLElBQUksRUFBRSxDQUFDO29CQUMxRSxDQUFDO3lCQUFNLElBQUksYUFBYSxLQUFLLEdBQUcsRUFBRSxDQUFDO3dCQUNqQyxPQUFPLEVBQUUsSUFBSSxFQUFFLFVBQVUsQ0FBQyxPQUFPLEVBQUUsUUFBUSxFQUFFLGNBQWMsQ0FBQyxJQUFJLEVBQUUsQ0FBQztvQkFDckUsQ0FBQzt5QkFBTSxDQUFDO3dCQUNOLE9BQU8sRUFBRSxJQUFJLEVBQUUsVUFBVSxDQUFDLE9BQU8sRUFBRSxRQUFRLEVBQUUsY0FBYyxDQUFDLElBQUksRUFBRSxDQUFDO29CQUNyRSxDQUFDO2dCQUNILENBQUM7Z0JBRUQsMkNBQTJDO2dCQUMzQyxJQUFJLFdBQVcsS0FBSyxHQUFHLEVBQUUsQ0FBQztvQkFDeEIsa0RBQWtEO29CQUNsRCxJQUFJLGFBQWEsS0FBSyxHQUFHLEVBQUUsQ0FBQzt3QkFDMUIsT0FBTyxFQUFFLElBQUksRUFBRSxVQUFVLENBQUMsY0FBYyxFQUFFLFFBQVEsRUFBRSxjQUFjLENBQUMsSUFBSSxFQUFFLENBQUM7b0JBQzVFLENBQUM7eUJBQU0sSUFBSSxhQUFhLEtBQUssR0FBRyxFQUFFLENBQUM7d0JBQ2pDLE9BQU8sRUFBRSxJQUFJLEVBQUUsVUFBVSxDQUFDLGtCQUFrQixFQUFFLFFBQVEsRUFBRSxjQUFjLENBQUMsSUFBSSxFQUFFLENBQUM7b0JBQ2hGLENBQUM7eUJBQU0sSUFBSSxhQUFhLEtBQUssR0FBRyxFQUFFLENBQUM7d0JBQ2pDLE9BQU8sRUFBRSxJQUFJLEVBQUUsVUFBVSxDQUFDLGFBQWEsRUFBRSxRQUFRLEVBQUUsY0FBYyxDQUFDLElBQUksRUFBRSxDQUFDO29CQUMzRSxDQUFDO3lCQUFNLENBQUM7d0JBQ04sT0FBTyxFQUFFLElBQUksRUFBRSxVQUFVLENBQUMsaUJBQWlCLEVBQUUsUUFBUSxFQUFFLGNBQWMsQ0FBQyxJQUFJLEVBQUUsQ0FBQztvQkFDL0UsQ0FBQztnQkFDSCxDQUFDO1lBQ0gsQ0FBQztRQUNILENBQUM7UUFFRCxxQkFBcUI7UUFDckIsT0FBTztZQUNMLElBQUksRUFBRSxVQUFVLENBQUMsT0FBTztZQUN4QixRQUFRLEVBQUUsY0FBYyxDQUFDLE9BQU87U0FDakMsQ0FBQztJQUNKLENBQUM7SUFFRDs7Ozs7T0FLRztJQUNLLGNBQWMsQ0FBQyxJQUFZLEVBQUUsVUFBc0I7UUFDekQsTUFBTSxRQUFRLEdBQUcsZUFBZSxDQUFDLFVBQVUsQ0FBQyxDQUFDO1FBRTdDLElBQUksQ0FBQyxRQUFRLEVBQUUsQ0FBQztZQUNkLE9BQU8sS0FBSyxDQUFDO1FBQ2YsQ0FBQztRQUVELEtBQUssTUFBTSxPQUFPLElBQUksUUFBUSxFQUFFLENBQUM7WUFDL0IsSUFBSSxPQUFPLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxFQUFFLENBQUM7Z0JBQ3ZCLE9BQU8sSUFBSSxDQUFDO1lBQ2QsQ0FBQztRQUNILENBQUM7UUFFRCxPQUFPLEtBQUssQ0FBQztJQUNmLENBQUM7SUFFRDs7O09BR0c7SUFDSSx1QkFBdUI7UUFDNUIsTUFBTSxXQUFXLEdBQWEsRUFBRSxDQUFDO1FBRWpDLEtBQUssTUFBTSxDQUFDLEtBQUssRUFBRSxJQUFJLENBQUMsSUFBSSxJQUFJLENBQUMsV0FBVyxDQUFDLE9BQU8sRUFBRSxFQUFFLENBQUM7WUFDdkQsSUFBSSxJQUFJLENBQUMsUUFBUSxLQUFLLGNBQWMsQ0FBQyxJQUFJLEVBQUUsQ0FBQztnQkFDMUMsV0FBVyxDQUFDLElBQUksQ0FBQyxLQUFLLENBQUMsQ0FBQztZQUMxQixDQUFDO1FBQ0gsQ0FBQztRQUVELE9BQU8sV0FBVyxDQUFDO0lBQ3JCLENBQUM7SUFFRDs7O09BR0c7SUFDSSxrQkFBa0I7UUFDdkIsT0FBTyxLQUFLLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxlQUFlLENBQUMsSUFBSSxFQUFFLENBQUMsQ0FBQztJQUNqRCxDQUFDO0lBRUQ7Ozs7T0FJRztJQUNJLHFCQUFxQixDQUFDLFNBQWlCO1FBQzVDLElBQUksT0FBTyxHQUFHLENBQUMsQ0FBQztRQUVoQixJQUFJLENBQUMsV0FBVyxHQUFHLElBQUksQ0FBQyxXQUFXLENBQUMsTUFBTSxDQUFDLE1BQU0sQ0FBQyxFQUFFO1lBQ2xELElBQUksTUFBTSxDQUFDLFNBQVMsR0FBRyxTQUFTLEVBQUUsQ0FBQztnQkFDakMsT0FBTyxFQUFFLENBQUM7Z0JBQ1YsT0FBTyxLQUFLLENBQUM7WUFDZixDQUFDO1lBQ0QsT0FBTyxJQUFJLENBQUM7UUFDZCxDQUFDLENBQUMsQ0FBQztRQUVILE9BQU8sT0FBTyxDQUFDO0lBQ2pCLENBQUM7Q0FDRiJ9 \ No newline at end of file +//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY2xhc3Nlcy5ib3VuY2VtYW5hZ2VyLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vdHMvbWFpbC9jb3JlL2NsYXNzZXMuYm91bmNlbWFuYWdlci50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiQUFBQSxPQUFPLEtBQUssT0FBTyxNQUFNLGtCQUFrQixDQUFDO0FBQzVDLE9BQU8sS0FBSyxLQUFLLE1BQU0sZ0JBQWdCLENBQUM7QUFDeEMsT0FBTyxFQUFFLE1BQU0sRUFBRSxNQUFNLGlCQUFpQixDQUFDO0FBQ3pDLE9BQU8sRUFBRSxjQUFjLEVBQUUsZ0JBQWdCLEVBQUUsaUJBQWlCLEVBQUUsTUFBTSx5QkFBeUIsQ0FBQztBQUM5RixPQUFPLEVBQUUsa0JBQWtCLEVBQUUsTUFBTSw4Q0FBOEMsQ0FBQztBQUNsRixPQUFPLEVBQUUsUUFBUSxFQUFFLE1BQU0sV0FBVyxDQUFDO0FBR3JDOztHQUVHO0FBQ0gsTUFBTSxDQUFOLElBQVksVUFxQlg7QUFyQkQsV0FBWSxVQUFVO0lBQ3BCLG9DQUFvQztJQUNwQyxxREFBdUMsQ0FBQTtJQUN2QyxtREFBcUMsQ0FBQTtJQUNyQywyQ0FBNkIsQ0FBQTtJQUM3QixtREFBcUMsQ0FBQTtJQUNyQyxpQ0FBbUIsQ0FBQTtJQUNuQiwyQ0FBNkIsQ0FBQTtJQUM3QiwrQ0FBaUMsQ0FBQTtJQUVqQyxvQ0FBb0M7SUFDcEMsdURBQXlDLENBQUE7SUFDekMscURBQXVDLENBQUE7SUFDdkMsK0NBQWlDLENBQUE7SUFDakMsNkNBQStCLENBQUE7SUFDL0IsaUNBQW1CLENBQUE7SUFFbkIsZ0JBQWdCO0lBQ2hCLDZDQUErQixDQUFBO0lBQy9CLHVEQUF5QyxDQUFBO0lBQ3pDLGlDQUFtQixDQUFBO0FBQ3JCLENBQUMsRUFyQlcsVUFBVSxLQUFWLFVBQVUsUUFxQnJCO0FBRUQ7O0dBRUc7QUFDSCxNQUFNLENBQU4sSUFBWSxjQUtYO0FBTEQsV0FBWSxjQUFjO0lBQ3hCLCtCQUFhLENBQUE7SUFDYiwrQkFBYSxDQUFBO0lBQ2IsaURBQStCLENBQUE7SUFDL0IscUNBQW1CLENBQUE7QUFDckIsQ0FBQyxFQUxXLGNBQWMsS0FBZCxjQUFjLFFBS3pCO0FBa0NEOztHQUVHO0FBQ0gsTUFBTSxPQUFPLGFBQWE7SUFDeEIsMENBQTBDO0lBQ2xDLGFBQWEsR0FBa0I7UUFDckMsVUFBVSxFQUFFLENBQUM7UUFDYixZQUFZLEVBQUUsRUFBRSxHQUFHLEVBQUUsR0FBRyxJQUFJLEVBQUUsYUFBYTtRQUMzQyxRQUFRLEVBQUUsRUFBRSxHQUFHLEVBQUUsR0FBRyxFQUFFLEdBQUcsSUFBSSxFQUFFLFdBQVc7UUFDMUMsYUFBYSxFQUFFLENBQUM7S0FDakIsQ0FBQztJQUVGLDBCQUEwQjtJQUNsQixXQUFXLEdBQW1CLEVBQUUsQ0FBQztJQUV6QyxvRkFBb0Y7SUFDNUUsV0FBVyxDQUtoQjtJQUVILGdFQUFnRTtJQUN4RCxlQUFlLEdBSWxCLElBQUksR0FBRyxFQUFFLENBQUM7SUFFUCxjQUFjLENBQU8sQ0FBQywwQkFBMEI7SUFFeEQsWUFBWSxPQUtYO1FBQ0MsbUNBQW1DO1FBQ25DLElBQUksT0FBTyxFQUFFLGFBQWEsRUFBRSxDQUFDO1lBQzNCLElBQUksQ0FBQyxhQUFhLEdBQUc7Z0JBQ25CLEdBQUcsSUFBSSxDQUFDLGFBQWE7Z0JBQ3JCLEdBQUcsT0FBTyxDQUFDLGFBQWE7YUFDekIsQ0FBQztRQUNKLENBQUM7UUFFRCxpRUFBaUU7UUFDakUsSUFBSSxDQUFDLFdBQVcsR0FBRyxJQUFJLFFBQVEsQ0FBYztZQUMzQyxHQUFHLEVBQUUsT0FBTyxFQUFFLFlBQVksSUFBSSxLQUFLO1lBQ25DLEdBQUcsRUFBRSxPQUFPLEVBQUUsUUFBUSxJQUFJLEVBQUUsR0FBRyxFQUFFLEdBQUcsRUFBRSxHQUFHLEVBQUUsR0FBRyxJQUFJLEVBQUUsa0JBQWtCO1NBQ3ZFLENBQUMsQ0FBQztRQUVILGtDQUFrQztRQUNsQyxJQUFJLENBQUMsY0FBYyxHQUFHLE9BQU8sRUFBRSxjQUFjLENBQUM7UUFFOUMscUNBQXFDO1FBQ3JDLHdEQUF3RDtRQUN4RCxxREFBcUQ7UUFDckQsSUFBSSxDQUFDLG1CQUFtQixFQUFFLENBQUMsS0FBSyxDQUFDLEtBQUssQ0FBQyxFQUFFO1lBQ3ZDLE1BQU0sQ0FBQyxHQUFHLENBQUMsT0FBTyxFQUFFLCtDQUErQyxLQUFLLENBQUMsT0FBTyxFQUFFLENBQUMsQ0FBQztRQUN0RixDQUFDLENBQUMsQ0FBQztJQUNMLENBQUM7SUFFRDs7OztPQUlHO0lBQ0ksS0FBSyxDQUFDLGFBQWEsQ0FBQyxVQUFpQztRQUMxRCxJQUFJLENBQUM7WUFDSCxpQ0FBaUM7WUFDakMsTUFBTSxNQUFNLEdBQWlCO2dCQUMzQixFQUFFLEVBQUUsVUFBVSxDQUFDLEVBQUUsSUFBSSxPQUFPLENBQUMsSUFBSSxDQUFDLEVBQUUsRUFBRTtnQkFDdEMsU0FBUyxFQUFFLFVBQVUsQ0FBQyxTQUFTO2dCQUMvQixNQUFNLEVBQUUsVUFBVSxDQUFDLE1BQU07Z0JBQ3pCLE1BQU0sRUFBRSxVQUFVLENBQUMsTUFBTSxJQUFJLFVBQVUsQ0FBQyxTQUFTLENBQUMsS0FBSyxDQUFDLEdBQUcsQ0FBQyxDQUFDLENBQUMsQ0FBQztnQkFDL0QsT0FBTyxFQUFFLFVBQVUsQ0FBQyxPQUFPO2dCQUMzQixVQUFVLEVBQUUsVUFBVSxDQUFDLFVBQVUsSUFBSSxVQUFVLENBQUMsT0FBTztnQkFDdkQsY0FBYyxFQUFFLFVBQVUsQ0FBQyxjQUFjLElBQUksY0FBYyxDQUFDLE9BQU87Z0JBQ25FLFNBQVMsRUFBRSxVQUFVLENBQUMsU0FBUyxJQUFJLElBQUksQ0FBQyxHQUFHLEVBQUU7Z0JBQzdDLFlBQVksRUFBRSxVQUFVLENBQUMsWUFBWTtnQkFDckMsY0FBYyxFQUFFLFVBQVUsQ0FBQyxjQUFjO2dCQUN6QyxVQUFVLEVBQUUsVUFBVSxDQUFDLFVBQVU7Z0JBQ2pDLE9BQU8sRUFBRSxVQUFVLENBQUMsT0FBTztnQkFDM0IsU0FBUyxFQUFFLEtBQUs7Z0JBQ2hCLGVBQWUsRUFBRSxVQUFVLENBQUMsZUFBZTtnQkFDM0MsVUFBVSxFQUFFLFVBQVUsQ0FBQyxVQUFVLElBQUksQ0FBQztnQkFDdEMsYUFBYSxFQUFFLFVBQVUsQ0FBQyxhQUFhO2FBQ3hDLENBQUM7WUFFRixxRUFBcUU7WUFDckUsSUFBSSxDQUFDLFVBQVUsQ0FBQyxVQUFVLElBQUksVUFBVSxDQUFDLFVBQVUsS0FBSyxVQUFVLENBQUMsT0FBTyxFQUFFLENBQUM7Z0JBQzNFLE1BQU0sTUFBTSxHQUFHLGtCQUFrQixDQUFDLFdBQVcsRUFBRSxDQUFDO2dCQUNoRCxNQUFNLFVBQVUsR0FBRyxNQUFNLE1BQU0sQ0FBQyxZQUFZLENBQUM7b0JBQzNDLFlBQVksRUFBRSxNQUFNLENBQUMsWUFBWTtvQkFDakMsY0FBYyxFQUFFLE1BQU0sQ0FBQyxjQUFjO29CQUNyQyxVQUFVLEVBQUUsTUFBTSxDQUFDLFVBQVU7aUJBQzlCLENBQUMsQ0FBQztnQkFDSCxNQUFNLENBQUMsVUFBVSxHQUFHLFVBQVUsQ0FBQyxXQUF5QixDQUFDO2dCQUN6RCxNQUFNLENBQUMsY0FBYyxHQUFHLFVBQVUsQ0FBQyxRQUEwQixDQUFDO1lBQ2hFLENBQUM7WUFFRCx1Q0FBdUM7WUFDdkMsUUFBUSxNQUFNLENBQUMsY0FBYyxFQUFFLENBQUM7Z0JBQzlCLEtBQUssY0FBYyxDQUFDLElBQUk7b0JBQ3RCLCtDQUErQztvQkFDL0MsTUFBTSxJQUFJLENBQUMsZ0JBQWdCLENBQUMsTUFBTSxDQUFDLENBQUM7b0JBQ3BDLE1BQU07Z0JBRVIsS0FBSyxjQUFjLENBQUMsSUFBSTtvQkFDdEIsa0RBQWtEO29CQUNsRCxNQUFNLElBQUksQ0FBQyxnQkFBZ0IsQ0FBQyxNQUFNLENBQUMsQ0FBQztvQkFDcEMsTUFBTTtnQkFFUixLQUFLLGNBQWMsQ0FBQyxhQUFhO29CQUMvQixvREFBb0Q7b0JBQ3BELE1BQU0sQ0FBQyxHQUFHLENBQUMsTUFBTSxFQUFFLDhCQUE4QixNQUFNLENBQUMsU0FBUyxFQUFFLENBQUMsQ0FBQztvQkFDckUsTUFBTTtnQkFFUjtvQkFDRSw4Q0FBOEM7b0JBQzlDLE1BQU0sQ0FBQyxHQUFHLENBQUMsTUFBTSxFQUFFLDJCQUEyQixNQUFNLENBQUMsU0FBUyxFQUFFLEVBQUU7d0JBQ2hFLFVBQVUsRUFBRSxNQUFNLENBQUMsVUFBVTt3QkFDN0IsWUFBWSxFQUFFLE1BQU0sQ0FBQyxZQUFZO3FCQUNsQyxDQUFDLENBQUM7b0JBQ0gsTUFBTTtZQUNWLENBQUM7WUFFRCwwQkFBMEI7WUFDMUIsTUFBTSxDQUFDLFNBQVMsR0FBRyxJQUFJLENBQUM7WUFDeEIsSUFBSSxDQUFDLFdBQVcsQ0FBQyxJQUFJLENBQUMsTUFBTSxDQUFDLENBQUM7WUFFOUIsMEJBQTBCO1lBQzFCLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxNQUFNLENBQUMsQ0FBQztZQUUvQixpQkFBaUI7WUFDakIsTUFBTSxDQUFDLEdBQUcsQ0FDUixNQUFNLENBQUMsY0FBYyxLQUFLLGNBQWMsQ0FBQyxJQUFJLENBQUMsQ0FBQyxDQUFDLE1BQU0sQ0FBQyxDQUFDLENBQUMsTUFBTSxFQUMvRCwyQkFBMkIsTUFBTSxDQUFDLGNBQWMsZUFBZSxNQUFNLENBQUMsU0FBUyxFQUFFLEVBQ2pGO2dCQUNFLFVBQVUsRUFBRSxNQUFNLENBQUMsVUFBVTtnQkFDN0IsTUFBTSxFQUFFLE1BQU0sQ0FBQyxNQUFNO2dCQUNyQixRQUFRLEVBQUUsTUFBTSxDQUFDLGNBQWM7YUFDaEMsQ0FDRixDQUFDO1lBRUYsNEJBQTRCO1lBQzVCLGNBQWMsQ0FBQyxXQUFXLEVBQUUsQ0FBQyxRQUFRLENBQUM7Z0JBQ3BDLEtBQUssRUFBRSxNQUFNLENBQUMsY0FBYyxLQUFLLGNBQWMsQ0FBQyxJQUFJO29CQUNsRCxDQUFDLENBQUMsZ0JBQWdCLENBQUMsSUFBSTtvQkFDdkIsQ0FBQyxDQUFDLGdCQUFnQixDQUFDLElBQUk7Z0JBQ3pCLElBQUksRUFBRSxpQkFBaUIsQ0FBQyxnQkFBZ0I7Z0JBQ3hDLE9BQU8sRUFBRSwwQkFBMEIsTUFBTSxDQUFDLGNBQWMsdUJBQXVCO2dCQUMvRSxNQUFNLEVBQUUsTUFBTSxDQUFDLE1BQU07Z0JBQ3JCLE9BQU8sRUFBRTtvQkFDUCxTQUFTLEVBQUUsTUFBTSxDQUFDLFNBQVM7b0JBQzNCLFVBQVUsRUFBRSxNQUFNLENBQUMsVUFBVTtvQkFDN0IsWUFBWSxFQUFFLE1BQU0sQ0FBQyxZQUFZO29CQUNqQyxjQUFjLEVBQUUsTUFBTSxDQUFDLGNBQWM7b0JBQ3JDLFVBQVUsRUFBRSxNQUFNLENBQUMsVUFBVTtpQkFDOUI7Z0JBQ0QsT0FBTyxFQUFFLEtBQUs7YUFDZixDQUFDLENBQUM7WUFFSCxPQUFPLE1BQU0sQ0FBQztRQUNoQixDQUFDO1FBQUMsT0FBTyxLQUFLLEVBQUUsQ0FBQztZQUNmLE1BQU0sQ0FBQyxHQUFHLENBQUMsT0FBTyxFQUFFLDRCQUE0QixLQUFLLENBQUMsT0FBTyxFQUFFLEVBQUU7Z0JBQy9ELEtBQUssRUFBRSxLQUFLLENBQUMsT0FBTztnQkFDcEIsVUFBVTthQUNYLENBQUMsQ0FBQztZQUNILE1BQU0sS0FBSyxDQUFDO1FBQ2QsQ0FBQztJQUNILENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSxLQUFLLENBQUMsa0JBQWtCLENBQzdCLFNBQWlCLEVBQ2pCLFlBQW9CLEVBQ3BCLFVBS0ksRUFBRTtRQUVOLHVDQUF1QztRQUN2QyxNQUFNLFVBQVUsR0FBMEI7WUFDeEMsU0FBUztZQUNULE1BQU0sRUFBRSxPQUFPLENBQUMsTUFBTSxJQUFJLEVBQUU7WUFDNUIsTUFBTSxFQUFFLFNBQVMsQ0FBQyxLQUFLLENBQUMsR0FBRyxDQUFDLENBQUMsQ0FBQyxDQUFDO1lBQy9CLFlBQVk7WUFDWixVQUFVLEVBQUUsT0FBTyxDQUFDLFVBQVU7WUFDOUIsT0FBTyxFQUFFLE9BQU8sQ0FBQyxPQUFPO1lBQ3hCLGVBQWUsRUFBRSxPQUFPLENBQUMsZUFBZTtZQUN4QyxTQUFTLEVBQUUsSUFBSSxDQUFDLEdBQUcsRUFBRTtTQUN0QixDQUFDO1FBRUYsOEJBQThCO1FBQzlCLE9BQU8sSUFBSSxDQUFDLGFBQWEsQ0FBQyxVQUFVLENBQUMsQ0FBQztJQUN4QyxDQUFDO0lBRUQ7Ozs7T0FJRztJQUNJLEtBQUssQ0FBQyxrQkFBa0IsQ0FBQyxXQUFrQjtRQUNoRCxJQUFJLENBQUM7WUFDSCx5Q0FBeUM7WUFDekMsTUFBTSxPQUFPLEdBQUcsV0FBVyxDQUFDLFVBQVUsRUFBRSxDQUFDO1lBQ3pDLE1BQU0sSUFBSSxHQUFHLFdBQVcsQ0FBQyxPQUFPLEVBQUUsQ0FBQztZQUVuQyx3REFBd0Q7WUFDeEQsTUFBTSxlQUFlLEdBQUcsa0hBQWtILENBQUMsSUFBSSxDQUFDLE9BQU8sQ0FBQyxDQUFDO1lBRXpKLElBQUksQ0FBQyxlQUFlLEVBQUUsQ0FBQztnQkFDckIsNkNBQTZDO2dCQUM3QyxPQUFPLElBQUksQ0FBQztZQUNkLENBQUM7WUFFRCxzREFBc0Q7WUFDdEQsSUFBSSxTQUFTLEdBQUcsRUFBRSxDQUFDO1lBQ25CLElBQUksaUJBQWlCLEdBQUcsRUFBRSxDQUFDO1lBRTNCLCtDQUErQztZQUMvQyxNQUFNLGNBQWMsR0FBRyxJQUFJLENBQUMsS0FBSyxDQUFDLG9IQUFvSCxDQUFDLENBQUM7WUFDeEosSUFBSSxjQUFjLElBQUksY0FBYyxDQUFDLENBQUMsQ0FBQyxFQUFFLENBQUM7Z0JBQ3hDLFNBQVMsR0FBRyxjQUFjLENBQUMsQ0FBQyxDQUFDLENBQUM7WUFDaEMsQ0FBQztZQUVELDBCQUEwQjtZQUMxQixJQUFJLGNBQWMsR0FBRyxFQUFFLENBQUM7WUFDeEIsTUFBTSxlQUFlLEdBQUcsSUFBSSxDQUFDLEtBQUssQ0FBQywyQ0FBMkMsQ0FBQyxDQUFDO1lBQ2hGLElBQUksZUFBZSxJQUFJLGVBQWUsQ0FBQyxDQUFDLENBQUMsRUFBRSxDQUFDO2dCQUMxQyxjQUFjLEdBQUcsZUFBZSxDQUFDLENBQUMsQ0FBQyxDQUFDLElBQUksRUFBRSxDQUFDO1lBQzdDLENBQUM7WUFFRCwyQkFBMkI7WUFDM0IsSUFBSSxVQUFVLEdBQUcsRUFBRSxDQUFDO1lBQ3BCLE1BQU0sV0FBVyxHQUFHLElBQUksQ0FBQyxLQUFLLENBQUMsb0NBQW9DLENBQUMsQ0FBQztZQUNyRSxJQUFJLFdBQVcsSUFBSSxXQUFXLENBQUMsQ0FBQyxDQUFDLEVBQUUsQ0FBQztnQkFDbEMsVUFBVSxHQUFHLFdBQVcsQ0FBQyxDQUFDLENBQUMsQ0FBQyxJQUFJLEVBQUUsQ0FBQztZQUNyQyxDQUFDO1lBRUQsNkZBQTZGO1lBQzdGLElBQUksQ0FBQyxTQUFTLEVBQUUsQ0FBQztnQkFDZix3RUFBd0U7Z0JBQ3hFLE1BQU0sc0JBQXNCLEdBQUcsSUFBSSxDQUFDLEtBQUssQ0FBQyx5RUFBeUUsQ0FBQyxDQUFDO2dCQUNySCxNQUFNLG1CQUFtQixHQUFHLElBQUksQ0FBQyxLQUFLLENBQUMsc0VBQXNFLENBQUMsQ0FBQztnQkFFL0csSUFBSSxzQkFBc0IsSUFBSSxzQkFBc0IsQ0FBQyxDQUFDLENBQUMsRUFBRSxDQUFDO29CQUN4RCxTQUFTLEdBQUcsc0JBQXNCLENBQUMsQ0FBQyxDQUFDLENBQUM7Z0JBQ3hDLENBQUM7cUJBQU0sSUFBSSxtQkFBbUIsSUFBSSxtQkFBbUIsQ0FBQyxDQUFDLENBQUMsRUFBRSxDQUFDO29CQUN6RCxTQUFTLEdBQUcsbUJBQW1CLENBQUMsQ0FBQyxDQUFDLENBQUM7Z0JBQ3JDLENBQUM7WUFDSCxDQUFDO1lBRUQsaURBQWlEO1lBQ2pELElBQUksQ0FBQyxTQUFTLEVBQUUsQ0FBQztnQkFDZixNQUFNLENBQUMsR0FBRyxDQUFDLE1BQU0sRUFBRSxzREFBc0QsRUFBRTtvQkFDekUsT0FBTztvQkFDUCxNQUFNLEVBQUUsV0FBVyxDQUFDLElBQUk7aUJBQ3pCLENBQUMsQ0FBQztnQkFDSCxPQUFPLElBQUksQ0FBQztZQUNkLENBQUM7WUFFRCwyQ0FBMkM7WUFDM0MsTUFBTSxjQUFjLEdBQUcsSUFBSSxDQUFDLEtBQUssQ0FBQyw4Q0FBOEMsQ0FBQyxDQUFDO1lBQ2xGLElBQUksY0FBYyxJQUFJLGNBQWMsQ0FBQyxDQUFDLENBQUMsRUFBRSxDQUFDO2dCQUN4QyxpQkFBaUIsR0FBRyxjQUFjLENBQUMsQ0FBQyxDQUFDLENBQUMsSUFBSSxFQUFFLENBQUM7WUFDL0MsQ0FBQztZQUVELHFCQUFxQjtZQUNyQixNQUFNLFVBQVUsR0FBMEI7Z0JBQ3hDLFNBQVM7Z0JBQ1QsTUFBTSxFQUFFLFdBQVcsQ0FBQyxJQUFJO2dCQUN4QixNQUFNLEVBQUUsU0FBUyxDQUFDLEtBQUssQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDLENBQUM7Z0JBQy9CLE9BQU8sRUFBRSxXQUFXLENBQUMsVUFBVSxFQUFFO2dCQUNqQyxjQUFjO2dCQUNkLFVBQVU7Z0JBQ1YsU0FBUyxFQUFFLElBQUksQ0FBQyxHQUFHLEVBQUU7Z0JBQ3JCLE9BQU8sRUFBRSxFQUFFO2FBQ1osQ0FBQztZQUVGLDhCQUE4QjtZQUM5QixPQUFPLElBQUksQ0FBQyxhQUFhLENBQUMsVUFBVSxDQUFDLENBQUM7UUFDeEMsQ0FBQztRQUFDLE9BQU8sS0FBSyxFQUFFLENBQUM7WUFDZixNQUFNLENBQUMsR0FBRyxDQUFDLE9BQU8sRUFBRSxrQ0FBa0MsS0FBSyxDQUFDLE9BQU8sRUFBRSxDQUFDLENBQUM7WUFDdkUsT0FBTyxJQUFJLENBQUM7UUFDZCxDQUFDO0lBQ0gsQ0FBQztJQUVEOzs7T0FHRztJQUNLLEtBQUssQ0FBQyxnQkFBZ0IsQ0FBQyxNQUFvQjtRQUNqRCxrREFBa0Q7UUFDbEQsSUFBSSxDQUFDLG9CQUFvQixDQUFDLE1BQU0sQ0FBQyxTQUFTLEVBQUUsZ0JBQWdCLE1BQU0sQ0FBQyxVQUFVLEVBQUUsRUFBRSxTQUFTLENBQUMsQ0FBQztRQUU1RixrQ0FBa0M7UUFDbEMsSUFBSSxDQUFDLGlCQUFpQixDQUFDLE1BQU0sQ0FBQyxDQUFDO1FBRS9CLDRCQUE0QjtRQUM1QixNQUFNLElBQUksQ0FBQyxnQkFBZ0IsQ0FBQyxNQUFNLENBQUMsQ0FBQztRQUVwQyxpQ0FBaUM7UUFDakMsTUFBTSxDQUFDLEdBQUcsQ0FBQyxNQUFNLEVBQUUsbUJBQW1CLE1BQU0sQ0FBQyxTQUFTLEtBQUssTUFBTSxDQUFDLFVBQVUsRUFBRSxFQUFFO1lBQzlFLE1BQU0sRUFBRSxNQUFNLENBQUMsTUFBTTtZQUNyQixZQUFZLEVBQUUsTUFBTSxDQUFDLFlBQVk7WUFDakMsY0FBYyxFQUFFLE1BQU0sQ0FBQyxjQUFjO1NBQ3RDLENBQUMsQ0FBQztJQUNMLENBQUM7SUFFRDs7O09BR0c7SUFDSyxLQUFLLENBQUMsZ0JBQWdCLENBQUMsTUFBb0I7UUFDakQsc0NBQXNDO1FBQ3RDLElBQUksTUFBTSxDQUFDLFVBQVUsSUFBSSxJQUFJLENBQUMsYUFBYSxDQUFDLFVBQVUsRUFBRSxDQUFDO1lBQ3ZELE1BQU0sQ0FBQyxHQUFHLENBQUMsTUFBTSxFQUFFLDRCQUE0QixNQUFNLENBQUMsU0FBUywyQkFBMkIsQ0FBQyxDQUFDO1lBRTVGLDJDQUEyQztZQUMzQyxNQUFNLENBQUMsY0FBYyxHQUFHLGNBQWMsQ0FBQyxJQUFJLENBQUM7WUFDNUMsTUFBTSxJQUFJLENBQUMsZ0JBQWdCLENBQUMsTUFBTSxDQUFDLENBQUM7WUFDcEMsT0FBTztRQUNULENBQUM7UUFFRCxxREFBcUQ7UUFDckQsTUFBTSxLQUFLLEdBQUcsSUFBSSxDQUFDLEdBQUcsQ0FDcEIsSUFBSSxDQUFDLGFBQWEsQ0FBQyxZQUFZLEdBQUcsSUFBSSxDQUFDLEdBQUcsQ0FBQyxJQUFJLENBQUMsYUFBYSxDQUFDLGFBQWEsRUFBRSxNQUFNLENBQUMsVUFBVSxDQUFDLEVBQy9GLElBQUksQ0FBQyxhQUFhLENBQUMsUUFBUSxDQUM1QixDQUFDO1FBRUYsTUFBTSxDQUFDLFVBQVUsRUFBRSxDQUFDO1FBQ3BCLE1BQU0sQ0FBQyxhQUFhLEdBQUcsSUFBSSxDQUFDLEdBQUcsRUFBRSxHQUFHLEtBQUssQ0FBQztRQUUxQyxvREFBb0Q7UUFDcEQsSUFBSSxDQUFDLG9CQUFvQixDQUN2QixNQUFNLENBQUMsU0FBUyxFQUNoQixnQkFBZ0IsTUFBTSxDQUFDLFVBQVUsRUFBRSxFQUNuQyxNQUFNLENBQUMsYUFBYSxDQUNyQixDQUFDO1FBRUYseUJBQXlCO1FBQ3pCLE1BQU0sQ0FBQyxHQUFHLENBQUMsTUFBTSxFQUFFLG1CQUFtQixNQUFNLENBQUMsVUFBVSxRQUFRLE1BQU0sQ0FBQyxTQUFTLE9BQU8sSUFBSSxJQUFJLENBQUMsTUFBTSxDQUFDLGFBQWEsQ0FBQyxDQUFDLFdBQVcsRUFBRSxFQUFFLEVBQUU7WUFDcEksVUFBVSxFQUFFLE1BQU0sQ0FBQyxVQUFVO1lBQzdCLFVBQVUsRUFBRSxNQUFNLENBQUMsVUFBVTtZQUM3QixTQUFTLEVBQUUsTUFBTSxDQUFDLGFBQWE7U0FDaEMsQ0FBQyxDQUFDO0lBQ0wsQ0FBQztJQUVEOzs7OztPQUtHO0lBQ0ksb0JBQW9CLENBQ3pCLEtBQWEsRUFDYixNQUFjLEVBQ2QsU0FBa0I7UUFFbEIsSUFBSSxDQUFDLGVBQWUsQ0FBQyxHQUFHLENBQUMsS0FBSyxDQUFDLFdBQVcsRUFBRSxFQUFFO1lBQzVDLE1BQU07WUFDTixTQUFTLEVBQUUsSUFBSSxDQUFDLEdBQUcsRUFBRTtZQUNyQixTQUFTO1NBQ1YsQ0FBQyxDQUFDO1FBRUgsdUNBQXVDO1FBQ3ZDLElBQUksQ0FBQyxtQkFBbUIsRUFBRSxDQUFDLEtBQUssQ0FBQyxLQUFLLENBQUMsRUFBRTtZQUN2QyxNQUFNLENBQUMsR0FBRyxDQUFDLE9BQU8sRUFBRSxnREFBZ0QsS0FBSyxLQUFLLEtBQUssQ0FBQyxPQUFPLEVBQUUsQ0FBQyxDQUFDO1FBQ2pHLENBQUMsQ0FBQyxDQUFDO1FBRUgsTUFBTSxDQUFDLEdBQUcsQ0FBQyxNQUFNLEVBQUUsU0FBUyxLQUFLLHNCQUFzQixFQUFFO1lBQ3ZELE1BQU07WUFDTixTQUFTLEVBQUUsU0FBUyxDQUFDLENBQUMsQ0FBQyxJQUFJLElBQUksQ0FBQyxTQUFTLENBQUMsQ0FBQyxXQUFXLEVBQUUsQ0FBQyxDQUFDLENBQUMsV0FBVztTQUN2RSxDQUFDLENBQUM7SUFDTCxDQUFDO0lBRUQ7OztPQUdHO0lBQ0kseUJBQXlCLENBQUMsS0FBYTtRQUM1QyxNQUFNLFVBQVUsR0FBRyxJQUFJLENBQUMsZUFBZSxDQUFDLE1BQU0sQ0FBQyxLQUFLLENBQUMsV0FBVyxFQUFFLENBQUMsQ0FBQztRQUVwRSxJQUFJLFVBQVUsRUFBRSxDQUFDO1lBQ2YsdUNBQXVDO1lBQ3ZDLElBQUksQ0FBQyxtQkFBbUIsRUFBRSxDQUFDLEtBQUssQ0FBQyxLQUFLLENBQUMsRUFBRTtnQkFDdkMsTUFBTSxDQUFDLEdBQUcsQ0FBQyxPQUFPLEVBQUUsa0RBQWtELEtBQUssS0FBSyxLQUFLLENBQUMsT0FBTyxFQUFFLENBQUMsQ0FBQztZQUNuRyxDQUFDLENBQUMsQ0FBQztZQUNILE1BQU0sQ0FBQyxHQUFHLENBQUMsTUFBTSxFQUFFLFdBQVcsS0FBSyx3QkFBd0IsQ0FBQyxDQUFDO1FBQy9ELENBQUM7SUFDSCxDQUFDO0lBRUQ7Ozs7T0FJRztJQUNJLGlCQUFpQixDQUFDLEtBQWE7UUFDcEMsTUFBTSxjQUFjLEdBQUcsS0FBSyxDQUFDLFdBQVcsRUFBRSxDQUFDO1FBQzNDLE1BQU0sV0FBVyxHQUFHLElBQUksQ0FBQyxlQUFlLENBQUMsR0FBRyxDQUFDLGNBQWMsQ0FBQyxDQUFDO1FBRTdELElBQUksQ0FBQyxXQUFXLEVBQUUsQ0FBQztZQUNqQixPQUFPLEtBQUssQ0FBQztRQUNmLENBQUM7UUFFRCxtQ0FBbUM7UUFDbkMsSUFBSSxXQUFXLENBQUMsU0FBUyxJQUFJLElBQUksQ0FBQyxHQUFHLEVBQUUsR0FBRyxXQUFXLENBQUMsU0FBUyxFQUFFLENBQUM7WUFDaEUsSUFBSSxDQUFDLGVBQWUsQ0FBQyxNQUFNLENBQUMsY0FBYyxDQUFDLENBQUM7WUFDNUMsdUNBQXVDO1lBQ3ZDLElBQUksQ0FBQyxtQkFBbUIsRUFBRSxDQUFDLEtBQUssQ0FBQyxLQUFLLENBQUMsRUFBRTtnQkFDdkMsTUFBTSxDQUFDLEdBQUcsQ0FBQyxPQUFPLEVBQUUseURBQXlELEtBQUssQ0FBQyxPQUFPLEVBQUUsQ0FBQyxDQUFDO1lBQ2hHLENBQUMsQ0FBQyxDQUFDO1lBQ0gsT0FBTyxLQUFLLENBQUM7UUFDZixDQUFDO1FBRUQsT0FBTyxJQUFJLENBQUM7SUFDZCxDQUFDO0lBRUQ7Ozs7T0FJRztJQUNJLGtCQUFrQixDQUFDLEtBQWE7UUFLckMsTUFBTSxjQUFjLEdBQUcsS0FBSyxDQUFDLFdBQVcsRUFBRSxDQUFDO1FBQzNDLE1BQU0sV0FBVyxHQUFHLElBQUksQ0FBQyxlQUFlLENBQUMsR0FBRyxDQUFDLGNBQWMsQ0FBQyxDQUFDO1FBRTdELElBQUksQ0FBQyxXQUFXLEVBQUUsQ0FBQztZQUNqQixPQUFPLElBQUksQ0FBQztRQUNkLENBQUM7UUFFRCxtQ0FBbUM7UUFDbkMsSUFBSSxXQUFXLENBQUMsU0FBUyxJQUFJLElBQUksQ0FBQyxHQUFHLEVBQUUsR0FBRyxXQUFXLENBQUMsU0FBUyxFQUFFLENBQUM7WUFDaEUsSUFBSSxDQUFDLGVBQWUsQ0FBQyxNQUFNLENBQUMsY0FBYyxDQUFDLENBQUM7WUFDNUMsdUNBQXVDO1lBQ3ZDLElBQUksQ0FBQyxtQkFBbUIsRUFBRSxDQUFDLEtBQUssQ0FBQyxLQUFLLENBQUMsRUFBRTtnQkFDdkMsTUFBTSxDQUFDLEdBQUcsQ0FBQyxPQUFPLEVBQUUseURBQXlELEtBQUssQ0FBQyxPQUFPLEVBQUUsQ0FBQyxDQUFDO1lBQ2hHLENBQUMsQ0FBQyxDQUFDO1lBQ0gsT0FBTyxJQUFJLENBQUM7UUFDZCxDQUFDO1FBRUQsT0FBTyxXQUFXLENBQUM7SUFDckIsQ0FBQztJQUVEOztPQUVHO0lBQ0ssS0FBSyxDQUFDLG1CQUFtQjtRQUMvQixJQUFJLENBQUM7WUFDSCxNQUFNLGVBQWUsR0FBRyxJQUFJLENBQUMsU0FBUyxDQUFDLEtBQUssQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLGVBQWUsQ0FBQyxPQUFPLEVBQUUsQ0FBQyxDQUFDLENBQUM7WUFFbkYsSUFBSSxJQUFJLENBQUMsY0FBYyxFQUFFLENBQUM7Z0JBQ3hCLHNCQUFzQjtnQkFDdEIsTUFBTSxJQUFJLENBQUMsY0FBYyxDQUFDLEdBQUcsQ0FBQyxzQ0FBc0MsRUFBRSxlQUFlLENBQUMsQ0FBQztZQUN6RixDQUFDO2lCQUFNLENBQUM7Z0JBQ04sMEJBQTBCO2dCQUMxQixNQUFNLE9BQU8sQ0FBQyxPQUFPLENBQUMsSUFBSSxDQUN4QixPQUFPLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxLQUFLLENBQUMsT0FBTyxFQUFFLFFBQVEsRUFBRSx1QkFBdUIsQ0FBQyxDQUNwRSxDQUFDLEtBQUssQ0FBQyxlQUFlLENBQUMsQ0FBQztZQUMzQixDQUFDO1FBQ0gsQ0FBQztRQUFDLE9BQU8sS0FBSyxFQUFFLENBQUM7WUFDZixNQUFNLENBQUMsR0FBRyxDQUFDLE9BQU8sRUFBRSxvQ0FBb0MsS0FBSyxDQUFDLE9BQU8sRUFBRSxDQUFDLENBQUM7UUFDM0UsQ0FBQztJQUNILENBQUM7SUFFRDs7T0FFRztJQUNLLEtBQUssQ0FBQyxtQkFBbUI7UUFDL0IsSUFBSSxDQUFDO1lBQ0gsSUFBSSxPQUFPLEdBQUcsSUFBSSxDQUFDO1lBQ25CLElBQUksY0FBYyxHQUFHLEtBQUssQ0FBQztZQUUzQixJQUFJLElBQUksQ0FBQyxjQUFjLEVBQUUsQ0FBQztnQkFDeEIseUNBQXlDO2dCQUN6QyxNQUFNLGVBQWUsR0FBRyxNQUFNLElBQUksQ0FBQyxjQUFjLENBQUMsR0FBRyxDQUFDLHNDQUFzQyxDQUFDLENBQUM7Z0JBRTlGLElBQUksZUFBZSxFQUFFLENBQUM7b0JBQ3BCLE9BQU8sR0FBRyxJQUFJLENBQUMsS0FBSyxDQUFDLGVBQWUsQ0FBQyxDQUFDO2dCQUN4QyxDQUFDO3FCQUFNLENBQUM7b0JBQ04saURBQWlEO29CQUNqRCxNQUFNLGVBQWUsR0FBRyxPQUFPLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxLQUFLLENBQUMsT0FBTyxFQUFFLFFBQVEsRUFBRSx1QkFBdUIsQ0FBQyxDQUFDO29CQUU1RixJQUFJLE9BQU8sQ0FBQyxFQUFFLENBQUMsVUFBVSxDQUFDLGVBQWUsQ0FBQyxFQUFFLENBQUM7d0JBQzNDLE1BQU0sSUFBSSxHQUFHLE9BQU8sQ0FBQyxFQUFFLENBQUMsWUFBWSxDQUFDLGVBQWUsRUFBRSxNQUFNLENBQUMsQ0FBQzt3QkFDOUQsT0FBTyxHQUFHLElBQUksQ0FBQyxLQUFLLENBQUMsSUFBSSxDQUFDLENBQUM7d0JBQzNCLGNBQWMsR0FBRyxJQUFJLENBQUM7d0JBRXRCLE1BQU0sQ0FBQyxHQUFHLENBQUMsTUFBTSxFQUFFLDhEQUE4RCxDQUFDLENBQUM7b0JBQ3JGLENBQUM7Z0JBQ0gsQ0FBQztZQUNILENBQUM7aUJBQU0sQ0FBQztnQkFDTiw4Q0FBOEM7Z0JBQzlDLE1BQU0sZUFBZSxHQUFHLE9BQU8sQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLEtBQUssQ0FBQyxPQUFPLEVBQUUsUUFBUSxFQUFFLHVCQUF1QixDQUFDLENBQUM7Z0JBRTVGLElBQUksT0FBTyxDQUFDLEVBQUUsQ0FBQyxVQUFVLENBQUMsZUFBZSxDQUFDLEVBQUUsQ0FBQztvQkFDM0MsTUFBTSxJQUFJLEdBQUcsT0FBTyxDQUFDLEVBQUUsQ0FBQyxZQUFZLENBQUMsZUFBZSxFQUFFLE1BQU0sQ0FBQyxDQUFDO29CQUM5RCxPQUFPLEdBQUcsSUFBSSxDQUFDLEtBQUssQ0FBQyxJQUFJLENBQUMsQ0FBQztnQkFDN0IsQ0FBQztZQUNILENBQUM7WUFFRCxJQUFJLE9BQU8sRUFBRSxDQUFDO2dCQUNaLElBQUksQ0FBQyxlQUFlLEdBQUcsSUFBSSxHQUFHLENBQUMsT0FBTyxDQUFDLENBQUM7Z0JBRXhDLHdCQUF3QjtnQkFDeEIsTUFBTSxHQUFHLEdBQUcsSUFBSSxDQUFDLEdBQUcsRUFBRSxDQUFDO2dCQUN2QixJQUFJLFlBQVksR0FBRyxDQUFDLENBQUM7Z0JBRXJCLEtBQUssTUFBTSxDQUFDLEtBQUssRUFBRSxJQUFJLENBQUMsSUFBSSxJQUFJLENBQUMsZUFBZSxDQUFDLE9BQU8sRUFBRSxFQUFFLENBQUM7b0JBQzNELElBQUksSUFBSSxDQUFDLFNBQVMsSUFBSSxHQUFHLEdBQUcsSUFBSSxDQUFDLFNBQVMsRUFBRSxDQUFDO3dCQUMzQyxJQUFJLENBQUMsZUFBZSxDQUFDLE1BQU0sQ0FBQyxLQUFLLENBQUMsQ0FBQzt3QkFDbkMsWUFBWSxFQUFFLENBQUM7b0JBQ2pCLENBQUM7Z0JBQ0gsQ0FBQztnQkFFRCxJQUFJLFlBQVksR0FBRyxDQUFDLElBQUksY0FBYyxFQUFFLENBQUM7b0JBQ3ZDLE1BQU0sQ0FBQyxHQUFHLENBQUMsTUFBTSxFQUFFLFdBQVcsWUFBWSx3Q0FBd0MsQ0FBQyxDQUFDO29CQUNwRixNQUFNLElBQUksQ0FBQyxtQkFBbUIsRUFBRSxDQUFDO2dCQUNuQyxDQUFDO2dCQUVELE1BQU0sQ0FBQyxHQUFHLENBQUMsTUFBTSxFQUFFLFVBQVUsSUFBSSxDQUFDLGVBQWUsQ0FBQyxJQUFJLGdDQUFnQyxDQUFDLENBQUM7WUFDMUYsQ0FBQztRQUNILENBQUM7UUFBQyxPQUFPLEtBQUssRUFBRSxDQUFDO1lBQ2YsTUFBTSxDQUFDLEdBQUcsQ0FBQyxPQUFPLEVBQUUsb0NBQW9DLEtBQUssQ0FBQyxPQUFPLEVBQUUsQ0FBQyxDQUFDO1FBQzNFLENBQUM7SUFDSCxDQUFDO0lBRUQ7OztPQUdHO0lBQ0ssS0FBSyxDQUFDLGdCQUFnQixDQUFDLE1BQW9CO1FBQ2pELElBQUksQ0FBQztZQUNILE1BQU0sVUFBVSxHQUFHLElBQUksQ0FBQyxTQUFTLENBQUMsTUFBTSxFQUFFLElBQUksRUFBRSxDQUFDLENBQUMsQ0FBQztZQUVuRCxJQUFJLElBQUksQ0FBQyxjQUFjLEVBQUUsQ0FBQztnQkFDeEIsc0JBQXNCO2dCQUN0QixNQUFNLElBQUksQ0FBQyxjQUFjLENBQUMsR0FBRyxDQUFDLDBCQUEwQixNQUFNLENBQUMsRUFBRSxPQUFPLEVBQUUsVUFBVSxDQUFDLENBQUM7WUFDeEYsQ0FBQztpQkFBTSxDQUFDO2dCQUNOLDBCQUEwQjtnQkFDMUIsTUFBTSxVQUFVLEdBQUcsT0FBTyxDQUFDLElBQUksQ0FBQyxJQUFJLENBQ2xDLEtBQUssQ0FBQyxPQUFPLEVBQ2IsUUFBUSxFQUNSLFNBQVMsRUFDVCxHQUFHLE1BQU0sQ0FBQyxFQUFFLE9BQU8sQ0FDcEIsQ0FBQztnQkFFRiwwQkFBMEI7Z0JBQzFCLE1BQU0sU0FBUyxHQUFHLE9BQU8sQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLEtBQUssQ0FBQyxPQUFPLEVBQUUsUUFBUSxFQUFFLFNBQVMsQ0FBQyxDQUFDO2dCQUN4RSxNQUFNLE9BQU8sQ0FBQyxPQUFPLENBQUMsU0FBUyxDQUFDLFNBQVMsQ0FBQyxDQUFDLFNBQVMsRUFBRSxDQUFDLE1BQU0sRUFBRSxDQUFDO2dCQUVoRSxNQUFNLE9BQU8sQ0FBQyxPQUFPLENBQUMsSUFBSSxDQUFDLFVBQVUsQ0FBQyxDQUFDLEtBQUssQ0FBQyxVQUFVLENBQUMsQ0FBQztZQUMzRCxDQUFDO1FBQ0gsQ0FBQztRQUFDLE9BQU8sS0FBSyxFQUFFLENBQUM7WUFDZixNQUFNLENBQUMsR0FBRyxDQUFDLE9BQU8sRUFBRSxpQ0FBaUMsS0FBSyxDQUFDLE9BQU8sRUFBRSxDQUFDLENBQUM7UUFDeEUsQ0FBQztJQUNILENBQUM7SUFFRDs7O09BR0c7SUFDSyxpQkFBaUIsQ0FBQyxNQUFvQjtRQUM1QyxNQUFNLEtBQUssR0FBRyxNQUFNLENBQUMsU0FBUyxDQUFDLFdBQVcsRUFBRSxDQUFDO1FBQzdDLE1BQU0sUUFBUSxHQUFHLElBQUksQ0FBQyxXQUFXLENBQUMsR0FBRyxDQUFDLEtBQUssQ0FBQyxDQUFDO1FBRTdDLElBQUksUUFBUSxFQUFFLENBQUM7WUFDYiw4QkFBOEI7WUFDOUIsUUFBUSxDQUFDLFVBQVUsR0FBRyxNQUFNLENBQUMsU0FBUyxDQUFDO1lBQ3ZDLFFBQVEsQ0FBQyxLQUFLLEVBQUUsQ0FBQztZQUNqQixRQUFRLENBQUMsSUFBSSxHQUFHLE1BQU0sQ0FBQyxVQUFVLENBQUM7WUFDbEMsUUFBUSxDQUFDLFFBQVEsR0FBRyxNQUFNLENBQUMsY0FBYyxDQUFDO1FBQzVDLENBQUM7YUFBTSxDQUFDO1lBQ04seUJBQXlCO1lBQ3pCLElBQUksQ0FBQyxXQUFXLENBQUMsR0FBRyxDQUFDLEtBQUssRUFBRTtnQkFDMUIsVUFBVSxFQUFFLE1BQU0sQ0FBQyxTQUFTO2dCQUM1QixLQUFLLEVBQUUsQ0FBQztnQkFDUixJQUFJLEVBQUUsTUFBTSxDQUFDLFVBQVU7Z0JBQ3ZCLFFBQVEsRUFBRSxNQUFNLENBQUMsY0FBYzthQUNoQyxDQUFDLENBQUM7UUFDTCxDQUFDO0lBQ0gsQ0FBQztJQUVEOzs7O09BSUc7SUFDSSxhQUFhLENBQUMsS0FBYTtRQU1oQyxPQUFPLElBQUksQ0FBQyxXQUFXLENBQUMsR0FBRyxDQUFDLEtBQUssQ0FBQyxXQUFXLEVBQUUsQ0FBQyxJQUFJLElBQUksQ0FBQztJQUMzRCxDQUFDO0lBRUQ7OztPQUdHO0lBQ0ksdUJBQXVCO1FBQzVCLE1BQU0sV0FBVyxHQUFhLEVBQUUsQ0FBQztRQUVqQyxLQUFLLE1BQU0sQ0FBQyxLQUFLLEVBQUUsSUFBSSxDQUFDLElBQUksSUFBSSxDQUFDLFdBQVcsQ0FBQyxPQUFPLEVBQUUsRUFBRSxDQUFDO1lBQ3ZELElBQUksSUFBSSxDQUFDLFFBQVEsS0FBSyxjQUFjLENBQUMsSUFBSSxFQUFFLENBQUM7Z0JBQzFDLFdBQVcsQ0FBQyxJQUFJLENBQUMsS0FBSyxDQUFDLENBQUM7WUFDMUIsQ0FBQztRQUNILENBQUM7UUFFRCxPQUFPLFdBQVcsQ0FBQztJQUNyQixDQUFDO0lBRUQ7OztPQUdHO0lBQ0ksa0JBQWtCO1FBQ3ZCLE9BQU8sS0FBSyxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsZUFBZSxDQUFDLElBQUksRUFBRSxDQUFDLENBQUM7SUFDakQsQ0FBQztJQUVEOzs7O09BSUc7SUFDSSxxQkFBcUIsQ0FBQyxTQUFpQjtRQUM1QyxJQUFJLE9BQU8sR0FBRyxDQUFDLENBQUM7UUFFaEIsSUFBSSxDQUFDLFdBQVcsR0FBRyxJQUFJLENBQUMsV0FBVyxDQUFDLE1BQU0sQ0FBQyxNQUFNLENBQUMsRUFBRTtZQUNsRCxJQUFJLE1BQU0sQ0FBQyxTQUFTLEdBQUcsU0FBUyxFQUFFLENBQUM7Z0JBQ2pDLE9BQU8sRUFBRSxDQUFDO2dCQUNWLE9BQU8sS0FBSyxDQUFDO1lBQ2YsQ0FBQztZQUNELE9BQU8sSUFBSSxDQUFDO1FBQ2QsQ0FBQyxDQUFDLENBQUM7UUFFSCxPQUFPLE9BQU8sQ0FBQztJQUNqQixDQUFDO0NBQ0YifQ== \ No newline at end of file diff --git a/dist_ts/security/classes.contentscanner.d.ts b/dist_ts/security/classes.contentscanner.d.ts index ed09821..41c55d7 100644 --- a/dist_ts/security/classes.contentscanner.d.ts +++ b/dist_ts/security/classes.contentscanner.d.ts @@ -54,9 +54,6 @@ export declare class ContentScanner { private static instance; private scanCache; private options; - private static readonly MALICIOUS_PATTERNS; - private static readonly EXECUTABLE_EXTENSIONS; - private static readonly MACRO_DOCUMENT_EXTENSIONS; /** * Default options for the content scanner */ @@ -73,7 +70,9 @@ export declare class ContentScanner { */ static getInstance(options?: IContentScannerOptions): ContentScanner; /** - * Scan an email for malicious content + * Scan an email for malicious content. + * Delegates text/subject/html/filename pattern scanning to Rust. + * Binary attachment scanning (PE headers, VBA macros) stays in TS. * @param email The email to scan * @returns Scan result */ @@ -85,41 +84,19 @@ export declare class ContentScanner { */ private generateCacheKey; /** - * Scan email subject for threats - * @param subject The subject to scan - * @param result The scan result to update - */ - private scanSubject; - /** - * Scan plain text content for threats - * @param text The text content to scan - * @param result The scan result to update - */ - private scanTextContent; - /** - * Scan HTML content for threats - * @param html The HTML content to scan - * @param result The scan result to update - */ - private scanHtmlContent; - /** - * Scan an attachment for threats + * Scan attachment binary content for PE headers and VBA macros. + * This stays in TS because it accesses raw Buffer data (too large for IPC). * @param attachment The attachment to scan * @param result The scan result to update */ - private scanAttachment; + private scanAttachmentBinary; /** - * Extract links from HTML content - * @param html HTML content - * @returns Array of extracted links + * Apply custom rules (runtime-configured patterns) to the email. + * These stay in TS because they are configured at runtime. + * @param email The email to check + * @param result The scan result to update */ - private extractLinksFromHtml; - /** - * Extract plain text from HTML - * @param html HTML content - * @returns Extracted text - */ - private extractTextFromHtml; + private applyCustomRules; /** * Extract text from a binary buffer for scanning * @param buffer Binary content @@ -128,17 +105,10 @@ export declare class ContentScanner { private extractTextFromBuffer; /** * Check if an Office document likely contains macros - * This is a simplified check - real implementation would use specialized libraries * @param attachment The attachment to check * @returns Whether the file likely contains macros */ private likelyContainsMacros; - /** - * Map a pattern category to a threat type - * @param category The pattern category - * @returns The corresponding threat type - */ - private mapCategoryToThreatType; /** * Log a high threat finding to the security logger * @param email The email containing the threat diff --git a/dist_ts/security/classes.contentscanner.js b/dist_ts/security/classes.contentscanner.js index 382472a..481b1dd 100644 --- a/dist_ts/security/classes.contentscanner.js +++ b/dist_ts/security/classes.contentscanner.js @@ -3,6 +3,7 @@ import * as paths from '../paths.js'; import { logger } from '../logger.js'; import { Email } from '../mail/core/classes.email.js'; import { SecurityLogger, SecurityLogLevel, SecurityEventType } from './classes.securitylogger.js'; +import { RustSecurityBridge } from './classes.rustsecuritybridge.js'; import { LRUCache } from 'lru-cache'; /** * Threat categories @@ -27,67 +28,6 @@ export class ContentScanner { static instance; scanCache; options; - // Predefined patterns for common threats - static MALICIOUS_PATTERNS = { - // Phishing patterns - phishing: [ - /(?:verify|confirm|update|login).*(?:account|password|details)/i, - /urgent.*(?:action|attention|required)/i, - /(?:paypal|apple|microsoft|amazon|google|bank).*(?:verify|confirm|suspend)/i, - /your.*(?:account).*(?:suspended|compromised|locked)/i, - /\b(?:password reset|security alert|security notice)\b/i - ], - // Spam indicators - spam: [ - /\b(?:viagra|cialis|enlargement|diet pill|lose weight fast|cheap meds)\b/i, - /\b(?:million dollars|lottery winner|prize claim|inheritance|rich widow)\b/i, - /\b(?:earn from home|make money fast|earn \$\d{3,}\/day)\b/i, - /\b(?:limited time offer|act now|exclusive deal|only \d+ left)\b/i, - /\b(?:forex|stock tip|investment opportunity|cryptocurrency|bitcoin)\b/i - ], - // Malware indicators in text - malware: [ - /(?:attached file|see attachment).*(?:invoice|receipt|statement|document)/i, - /open.*(?:the attached|this attachment)/i, - /(?:enable|allow).*(?:macros|content|editing)/i, - /download.*(?:attachment|file|document)/i, - /\b(?:ransomware protection|virus alert|malware detected)\b/i - ], - // Suspicious links - suspiciousLinks: [ - /https?:\/\/bit\.ly\//i, - /https?:\/\/goo\.gl\//i, - /https?:\/\/t\.co\//i, - /https?:\/\/tinyurl\.com\//i, - /https?:\/\/(?:\d{1,3}\.){3}\d{1,3}/i, // IP address URLs - /https?:\/\/.*\.(?:xyz|top|club|gq|cf)\//i, // Suspicious TLDs - /(?:login|account|signin|auth).*\.(?!gov|edu|com|org|net)\w+\.\w+/i, // Login pages on unusual domains - ], - // XSS and script injection - scriptInjection: [ - /.*<\/script>/is, - /javascript:/i, - /on(?:click|load|mouse|error|focus|blur)=".*"/i, - /document\.(?:cookie|write|location)/i, - /eval\s*\(/i - ], - // Sensitive data patterns - sensitiveData: [ - /\b(?:\d{3}-\d{2}-\d{4}|\d{9})\b/, // SSN - /\b\d{13,16}\b/, // Credit card numbers - /\b(?:[A-Za-z0-9+/]{4})*(?:[A-Za-z0-9+/]{2}==|[A-Za-z0-9+/]{3}=|[A-Za-z0-9+/]{4})\b/ // Possible Base64 - ] - }; - // Common executable extensions - static EXECUTABLE_EXTENSIONS = [ - '.exe', '.dll', '.bat', '.cmd', '.msi', '.ts', '.vbs', '.ps1', - '.sh', '.jar', '.py', '.com', '.scr', '.pif', '.hta', '.cpl', - '.reg', '.vba', '.lnk', '.wsf', '.msi', '.msp', '.mst' - ]; - // Document formats that may contain macros - static MACRO_DOCUMENT_EXTENSIONS = [ - '.doc', '.docm', '.xls', '.xlsm', '.ppt', '.pptm', '.dotm', '.xlsb', '.ppam', '.potm' - ]; /** * Default options for the content scanner */ @@ -134,7 +74,9 @@ export class ContentScanner { return ContentScanner.instance; } /** - * Scan an email for malicious content + * Scan an email for malicious content. + * Delegates text/subject/html/filename pattern scanning to Rust. + * Binary attachment scanning (PE headers, VBA macros) stays in TS. * @param email The email to scan * @returns Scan result */ @@ -148,36 +90,32 @@ export class ContentScanner { logger.log('info', `Using cached scan result for email ${email.getMessageId()}`); return cachedResult; } - // Initialize scan result + // Delegate text/subject/html/filename scanning to Rust + const bridge = RustSecurityBridge.getInstance(); + const rustResult = await bridge.scanContent({ + subject: this.options.scanSubject ? email.subject : undefined, + textBody: this.options.scanBody ? email.text : undefined, + htmlBody: this.options.scanBody ? email.html : undefined, + attachmentNames: this.options.scanAttachmentNames + ? email.attachments?.map(a => a.filename) ?? [] + : [], + }); const result = { isClean: true, - threatScore: 0, - scannedElements: [], - timestamp: Date.now() + threatScore: rustResult.threatScore, + threatType: rustResult.threatType ?? undefined, + threatDetails: rustResult.threatDetails ?? undefined, + scannedElements: rustResult.scannedElements, + timestamp: Date.now(), }; - // List of scan promises - const scanPromises = []; - // Scan subject - if (this.options.scanSubject && email.subject) { - scanPromises.push(this.scanSubject(email.subject, result)); - } - // Scan body content - if (this.options.scanBody) { - if (email.text) { - scanPromises.push(this.scanTextContent(email.text, result)); - } - if (email.html) { - scanPromises.push(this.scanHtmlContent(email.html, result)); - } - } - // Scan attachments - if (this.options.scanAttachments && email.attachments && email.attachments.length > 0) { + // Attachment binary scanning stays in TS (PE headers, macro detection) + if (this.options.scanAttachments && email.attachments?.length > 0) { for (const attachment of email.attachments) { - scanPromises.push(this.scanAttachment(attachment, result)); + this.scanAttachmentBinary(attachment, result); } } - // Run all scans in parallel - await Promise.all(scanPromises); + // Apply custom rules (TS-only, runtime-configured) + this.applyCustomRules(email, result); // Determine if the email is clean based on threat score result.isClean = result.threatScore < this.options.minThreatScore; // Save to cache @@ -198,7 +136,7 @@ export class ContentScanner { }); // Return a safe default with error indication return { - isClean: true, // Let it pass if scanner fails (configure as desired) + isClean: true, threatScore: 0, scannedElements: ['error'], timestamp: Date.now(), @@ -228,282 +166,64 @@ export class ContentScanner { return `email:${plugins.crypto.createHash('sha256').update(contentToHash).digest('hex')}`; } /** - * Scan email subject for threats - * @param subject The subject to scan - * @param result The scan result to update - */ - async scanSubject(subject, result) { - result.scannedElements.push('subject'); - // Check against phishing patterns - for (const pattern of ContentScanner.MALICIOUS_PATTERNS.phishing) { - if (pattern.test(subject)) { - result.threatScore += 25; - result.threatType = ThreatCategory.PHISHING; - result.threatDetails = `Subject contains potential phishing indicators: ${subject}`; - return; - } - } - // Check against spam patterns - for (const pattern of ContentScanner.MALICIOUS_PATTERNS.spam) { - if (pattern.test(subject)) { - result.threatScore += 15; - result.threatType = ThreatCategory.SPAM; - result.threatDetails = `Subject contains potential spam indicators: ${subject}`; - return; - } - } - // Check custom rules - for (const rule of this.options.customRules) { - const pattern = rule.pattern instanceof RegExp ? rule.pattern : new RegExp(rule.pattern, 'i'); - if (pattern.test(subject)) { - result.threatScore += rule.score; - result.threatType = rule.type; - result.threatDetails = rule.description; - return; - } - } - } - /** - * Scan plain text content for threats - * @param text The text content to scan - * @param result The scan result to update - */ - async scanTextContent(text, result) { - result.scannedElements.push('text'); - // Check suspicious links - for (const pattern of ContentScanner.MALICIOUS_PATTERNS.suspiciousLinks) { - if (pattern.test(text)) { - result.threatScore += 20; - if (!result.threatType || result.threatScore > (result.threatType === ThreatCategory.SUSPICIOUS_LINK ? 0 : 20)) { - result.threatType = ThreatCategory.SUSPICIOUS_LINK; - result.threatDetails = `Text contains suspicious links`; - } - } - } - // Check phishing - for (const pattern of ContentScanner.MALICIOUS_PATTERNS.phishing) { - if (pattern.test(text)) { - result.threatScore += 25; - if (!result.threatType || result.threatScore > (result.threatType === ThreatCategory.PHISHING ? 0 : 25)) { - result.threatType = ThreatCategory.PHISHING; - result.threatDetails = `Text contains potential phishing indicators`; - } - } - } - // Check spam - for (const pattern of ContentScanner.MALICIOUS_PATTERNS.spam) { - if (pattern.test(text)) { - result.threatScore += 15; - if (!result.threatType || result.threatScore > (result.threatType === ThreatCategory.SPAM ? 0 : 15)) { - result.threatType = ThreatCategory.SPAM; - result.threatDetails = `Text contains potential spam indicators`; - } - } - } - // Check malware indicators - for (const pattern of ContentScanner.MALICIOUS_PATTERNS.malware) { - if (pattern.test(text)) { - result.threatScore += 30; - if (!result.threatType || result.threatScore > (result.threatType === ThreatCategory.MALWARE ? 0 : 30)) { - result.threatType = ThreatCategory.MALWARE; - result.threatDetails = `Text contains potential malware indicators`; - } - } - } - // Check sensitive data - for (const pattern of ContentScanner.MALICIOUS_PATTERNS.sensitiveData) { - if (pattern.test(text)) { - result.threatScore += 25; - if (!result.threatType || result.threatScore > (result.threatType === ThreatCategory.SENSITIVE_DATA ? 0 : 25)) { - result.threatType = ThreatCategory.SENSITIVE_DATA; - result.threatDetails = `Text contains potentially sensitive data patterns`; - } - } - } - // Check custom rules - for (const rule of this.options.customRules) { - const pattern = rule.pattern instanceof RegExp ? rule.pattern : new RegExp(rule.pattern, 'i'); - if (pattern.test(text)) { - result.threatScore += rule.score; - if (!result.threatType || result.threatScore > 20) { - result.threatType = rule.type; - result.threatDetails = rule.description; - } - } - } - } - /** - * Scan HTML content for threats - * @param html The HTML content to scan - * @param result The scan result to update - */ - async scanHtmlContent(html, result) { - result.scannedElements.push('html'); - // Check for script injection - for (const pattern of ContentScanner.MALICIOUS_PATTERNS.scriptInjection) { - if (pattern.test(html)) { - result.threatScore += 40; - if (!result.threatType || result.threatType !== ThreatCategory.XSS) { - result.threatType = ThreatCategory.XSS; - result.threatDetails = `HTML contains potentially malicious script content`; - } - } - } - // Extract text content from HTML for further scanning - const textContent = this.extractTextFromHtml(html); - if (textContent) { - // We'll leverage the text scanning but not double-count threat score - const tempResult = { - isClean: true, - threatScore: 0, - scannedElements: [], - timestamp: Date.now() - }; - await this.scanTextContent(textContent, tempResult); - // Only add additional threat types if they're more severe - if (tempResult.threatType && tempResult.threatScore > 0) { - // Add half of the text content score to avoid double counting - result.threatScore += Math.floor(tempResult.threatScore / 2); - // Adopt the threat type if more severe or no existing type - if (!result.threatType || tempResult.threatScore > result.threatScore) { - result.threatType = tempResult.threatType; - result.threatDetails = tempResult.threatDetails; - } - } - } - // Extract and check links from HTML - const links = this.extractLinksFromHtml(html); - if (links.length > 0) { - // Check for suspicious links - let suspiciousLinks = 0; - for (const link of links) { - for (const pattern of ContentScanner.MALICIOUS_PATTERNS.suspiciousLinks) { - if (pattern.test(link)) { - suspiciousLinks++; - break; - } - } - } - if (suspiciousLinks > 0) { - // Add score based on percentage of suspicious links - const suspiciousPercentage = (suspiciousLinks / links.length) * 100; - const additionalScore = Math.min(40, Math.floor(suspiciousPercentage / 2.5)); - result.threatScore += additionalScore; - if (!result.threatType || additionalScore > 20) { - result.threatType = ThreatCategory.SUSPICIOUS_LINK; - result.threatDetails = `HTML contains ${suspiciousLinks} suspicious links out of ${links.length} total links`; - } - } - } - } - /** - * Scan an attachment for threats + * Scan attachment binary content for PE headers and VBA macros. + * This stays in TS because it accesses raw Buffer data (too large for IPC). * @param attachment The attachment to scan * @param result The scan result to update */ - async scanAttachment(attachment, result) { - const filename = attachment.filename.toLowerCase(); - result.scannedElements.push(`attachment:${filename}`); - // Skip large attachments if configured - if (attachment.content && attachment.content.length > this.options.maxAttachmentSizeToScan) { - logger.log('info', `Skipping scan of large attachment: ${filename} (${attachment.content.length} bytes)`); + scanAttachmentBinary(attachment, result) { + if (!attachment.content) { return; } - // Check filename for executable extensions - if (this.options.blockExecutables) { - for (const ext of ContentScanner.EXECUTABLE_EXTENSIONS) { - if (filename.endsWith(ext)) { - result.threatScore += 70; // High score for executable attachments - result.threatType = ThreatCategory.EXECUTABLE; - result.threatDetails = `Attachment has a potentially dangerous extension: ${filename}`; - return; // No need to scan contents if filename already flagged - } - } + // Skip large attachments + if (attachment.content.length > this.options.maxAttachmentSizeToScan) { + return; } - // Check for Office documents with macros - if (this.options.blockMacros) { - for (const ext of ContentScanner.MACRO_DOCUMENT_EXTENSIONS) { - if (filename.endsWith(ext)) { - // For Office documents, check if they contain macros - // This is a simplified check - a real implementation would use specialized libraries - // to detect macros in Office documents - if (attachment.content && this.likelyContainsMacros(attachment)) { - result.threatScore += 60; - result.threatType = ThreatCategory.MALICIOUS_MACRO; - result.threatDetails = `Attachment appears to contain macros: ${filename}`; - return; - } - } - } + const filename = attachment.filename.toLowerCase(); + // Check for PE headers (Windows executables disguised with non-.exe extensions) + if (attachment.content.length > 64 && + attachment.content[0] === 0x4D && + attachment.content[1] === 0x5A) { // 'MZ' header + result.threatScore += 80; + result.threatType = ThreatCategory.EXECUTABLE; + result.threatDetails = `Attachment contains executable code: ${filename}`; + return; } - // Perform basic content analysis if we have content buffer - if (attachment.content) { - // Convert to string for scanning, with a limit to prevent memory issues - const textContent = this.extractTextFromBuffer(attachment.content); - if (textContent) { - // Scan for malicious patterns in attachment content - for (const category in ContentScanner.MALICIOUS_PATTERNS) { - const patterns = ContentScanner.MALICIOUS_PATTERNS[category]; - for (const pattern of patterns) { - if (pattern.test(textContent)) { - result.threatScore += 30; - if (!result.threatType) { - result.threatType = this.mapCategoryToThreatType(category); - result.threatDetails = `Attachment content contains suspicious patterns: ${filename}`; - } - break; - } - } - } - } - // Check for PE headers (Windows executables) - if (attachment.content.length > 64 && - attachment.content[0] === 0x4D && - attachment.content[1] === 0x5A) { // 'MZ' header - result.threatScore += 80; - result.threatType = ThreatCategory.EXECUTABLE; - result.threatDetails = `Attachment contains executable code: ${filename}`; - } + // Check for VBA macro indicators in Office documents + if (this.options.blockMacros && this.likelyContainsMacros(attachment)) { + result.threatScore += 60; + result.threatType = ThreatCategory.MALICIOUS_MACRO; + result.threatDetails = `Attachment appears to contain macros: ${filename}`; } } /** - * Extract links from HTML content - * @param html HTML content - * @returns Array of extracted links + * Apply custom rules (runtime-configured patterns) to the email. + * These stay in TS because they are configured at runtime. + * @param email The email to check + * @param result The scan result to update */ - extractLinksFromHtml(html) { - const links = []; - // Simple regex-based extraction - a real implementation might use a proper HTML parser - const matches = html.match(/href=["'](https?:\/\/[^"']+)["']/gi); - if (matches) { - for (const match of matches) { - const linkMatch = match.match(/href=["'](https?:\/\/[^"']+)["']/i); - if (linkMatch && linkMatch[1]) { - links.push(linkMatch[1]); + applyCustomRules(email, result) { + if (!this.options.customRules.length) { + return; + } + const textsToCheck = []; + if (email.subject) + textsToCheck.push(email.subject); + if (email.text) + textsToCheck.push(email.text); + if (email.html) + textsToCheck.push(email.html); + for (const rule of this.options.customRules) { + const pattern = rule.pattern instanceof RegExp ? rule.pattern : new RegExp(rule.pattern, 'i'); + for (const text of textsToCheck) { + if (pattern.test(text)) { + result.threatScore += rule.score; + result.threatType = rule.type; + result.threatDetails = rule.description; + return; } } } - return links; - } - /** - * Extract plain text from HTML - * @param html HTML content - * @returns Extracted text - */ - extractTextFromHtml(html) { - // Remove HTML tags and decode entities - simplified version - return html - .replace(/]*>.*?<\/style>/gs, '') - .replace(/]*>.*?<\/script>/gs, '') - .replace(/<[^>]+>/g, ' ') - .replace(/ /g, ' ') - .replace(/</g, '<') - .replace(/>/g, '>') - .replace(/&/g, '&') - .replace(/"/g, '"') - .replace(/'/g, "'") - .replace(/\s+/g, ' ') - .trim(); } /** * Extract text from a binary buffer for scanning @@ -527,13 +247,10 @@ export class ContentScanner { } /** * Check if an Office document likely contains macros - * This is a simplified check - real implementation would use specialized libraries * @param attachment The attachment to check * @returns Whether the file likely contains macros */ likelyContainsMacros(attachment) { - // Simple heuristic: look for VBA/macro related strings - // This is a simplified approach and not comprehensive const content = this.extractTextFromBuffer(attachment.content); const macroIndicators = [ /vbaProject\.bin/i, @@ -554,22 +271,6 @@ export class ContentScanner { } return false; } - /** - * Map a pattern category to a threat type - * @param category The pattern category - * @returns The corresponding threat type - */ - mapCategoryToThreatType(category) { - switch (category) { - case 'phishing': return ThreatCategory.PHISHING; - case 'spam': return ThreatCategory.SPAM; - case 'malware': return ThreatCategory.MALWARE; - case 'suspiciousLinks': return ThreatCategory.SUSPICIOUS_LINK; - case 'scriptInjection': return ThreatCategory.XSS; - case 'sensitiveData': return ThreatCategory.SENSITIVE_DATA; - default: return ThreatCategory.BLACKLISTED_CONTENT; - } - } /** * Log a high threat finding to the security logger * @param email The email containing the threat @@ -634,4 +335,4 @@ export class ContentScanner { } } } -//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY2xhc3Nlcy5jb250ZW50c2Nhbm5lci5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uL3RzL3NlY3VyaXR5L2NsYXNzZXMuY29udGVudHNjYW5uZXIudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQUEsT0FBTyxLQUFLLE9BQU8sTUFBTSxlQUFlLENBQUM7QUFDekMsT0FBTyxLQUFLLEtBQUssTUFBTSxhQUFhLENBQUM7QUFDckMsT0FBTyxFQUFFLE1BQU0sRUFBRSxNQUFNLGNBQWMsQ0FBQztBQUN0QyxPQUFPLEVBQUUsS0FBSyxFQUFFLE1BQU0sK0JBQStCLENBQUM7QUFFdEQsT0FBTyxFQUFFLGNBQWMsRUFBRSxnQkFBZ0IsRUFBRSxpQkFBaUIsRUFBRSxNQUFNLDZCQUE2QixDQUFDO0FBQ2xHLE9BQU8sRUFBRSxRQUFRLEVBQUUsTUFBTSxXQUFXLENBQUM7QUFxQ3JDOztHQUVHO0FBQ0gsTUFBTSxDQUFOLElBQVksY0FXWDtBQVhELFdBQVksY0FBYztJQUN4QiwrQkFBYSxDQUFBO0lBQ2IsdUNBQXFCLENBQUE7SUFDckIscUNBQW1CLENBQUE7SUFDbkIsMkNBQXlCLENBQUE7SUFDekIscURBQW1DLENBQUE7SUFDbkMscURBQW1DLENBQUE7SUFDbkMsNkJBQVcsQ0FBQTtJQUNYLG1EQUFpQyxDQUFBO0lBQ2pDLDZEQUEyQyxDQUFBO0lBQzNDLDZDQUEyQixDQUFBO0FBQzdCLENBQUMsRUFYVyxjQUFjLEtBQWQsY0FBYyxRQVd6QjtBQUVEOztHQUVHO0FBQ0gsTUFBTSxPQUFPLGNBQWM7SUFDakIsTUFBTSxDQUFDLFFBQVEsQ0FBaUI7SUFDaEMsU0FBUyxDQUFnQztJQUN6QyxPQUFPLENBQW1DO0lBRWxELHlDQUF5QztJQUNqQyxNQUFNLENBQVUsa0JBQWtCLEdBQUc7UUFDM0Msb0JBQW9CO1FBQ3BCLFFBQVEsRUFBRTtZQUNSLGdFQUFnRTtZQUNoRSx3Q0FBd0M7WUFDeEMsNEVBQTRFO1lBQzVFLHNEQUFzRDtZQUN0RCx3REFBd0Q7U0FDekQ7UUFFRCxrQkFBa0I7UUFDbEIsSUFBSSxFQUFFO1lBQ0osMEVBQTBFO1lBQzFFLDRFQUE0RTtZQUM1RSw0REFBNEQ7WUFDNUQsa0VBQWtFO1lBQ2xFLHdFQUF3RTtTQUN6RTtRQUVELDZCQUE2QjtRQUM3QixPQUFPLEVBQUU7WUFDUCwyRUFBMkU7WUFDM0UseUNBQXlDO1lBQ3pDLCtDQUErQztZQUMvQyx5Q0FBeUM7WUFDekMsNkRBQTZEO1NBQzlEO1FBRUQsbUJBQW1CO1FBQ25CLGVBQWUsRUFBRTtZQUNmLHVCQUF1QjtZQUN2Qix1QkFBdUI7WUFDdkIscUJBQXFCO1lBQ3JCLDRCQUE0QjtZQUM1QixxQ0FBcUMsRUFBRSxrQkFBa0I7WUFDekQsMENBQTBDLEVBQUUsa0JBQWtCO1lBQzlELG1FQUFtRSxFQUFFLGlDQUFpQztTQUN2RztRQUVELDJCQUEyQjtRQUMzQixlQUFlLEVBQUU7WUFDZiwwQkFBMEI7WUFDMUIsY0FBYztZQUNkLCtDQUErQztZQUMvQyxzQ0FBc0M7WUFDdEMsWUFBWTtTQUNiO1FBRUQsMEJBQTBCO1FBQzFCLGFBQWEsRUFBRTtZQUNiLGlDQUFpQyxFQUFFLE1BQU07WUFDekMsZUFBZSxFQUFFLHNCQUFzQjtZQUN2QyxvRkFBb0YsQ0FBQyxrQkFBa0I7U0FDeEc7S0FDRixDQUFDO0lBRUYsK0JBQStCO0lBQ3ZCLE1BQU0sQ0FBVSxxQkFBcUIsR0FBRztRQUM5QyxNQUFNLEVBQUUsTUFBTSxFQUFFLE1BQU0sRUFBRSxNQUFNLEVBQUUsTUFBTSxFQUFFLEtBQUssRUFBRSxNQUFNLEVBQUUsTUFBTTtRQUM3RCxLQUFLLEVBQUUsTUFBTSxFQUFFLEtBQUssRUFBRSxNQUFNLEVBQUUsTUFBTSxFQUFFLE1BQU0sRUFBRSxNQUFNLEVBQUUsTUFBTTtRQUM1RCxNQUFNLEVBQUUsTUFBTSxFQUFFLE1BQU0sRUFBRSxNQUFNLEVBQUUsTUFBTSxFQUFFLE1BQU0sRUFBRSxNQUFNO0tBQ3ZELENBQUM7SUFFRiwyQ0FBMkM7SUFDbkMsTUFBTSxDQUFVLHlCQUF5QixHQUFHO1FBQ2xELE1BQU0sRUFBRSxPQUFPLEVBQUUsTUFBTSxFQUFFLE9BQU8sRUFBRSxNQUFNLEVBQUUsT0FBTyxFQUFFLE9BQU8sRUFBRSxPQUFPLEVBQUUsT0FBTyxFQUFFLE9BQU87S0FDdEYsQ0FBQztJQUVGOztPQUVHO0lBQ0ssTUFBTSxDQUFVLGVBQWUsR0FBcUM7UUFDMUUsWUFBWSxFQUFFLEtBQUs7UUFDbkIsUUFBUSxFQUFFLEVBQUUsR0FBRyxFQUFFLEdBQUcsRUFBRSxHQUFHLElBQUksRUFBRSxXQUFXO1FBQzFDLFdBQVcsRUFBRSxJQUFJO1FBQ2pCLFFBQVEsRUFBRSxJQUFJO1FBQ2QsZUFBZSxFQUFFLElBQUk7UUFDckIsdUJBQXVCLEVBQUUsRUFBRSxHQUFHLElBQUksR0FBRyxJQUFJLEVBQUUsT0FBTztRQUNsRCxtQkFBbUIsRUFBRSxJQUFJO1FBQ3pCLGdCQUFnQixFQUFFLElBQUk7UUFDdEIsV0FBVyxFQUFFLElBQUk7UUFDakIsV0FBVyxFQUFFLEVBQUU7UUFDZixjQUFjLEVBQUUsRUFBRSxFQUFFLGdEQUFnRDtRQUNwRSxlQUFlLEVBQUUsRUFBRSxDQUFFLHNEQUFzRDtLQUM1RSxDQUFDO0lBRUY7OztPQUdHO0lBQ0gsWUFBWSxVQUFrQyxFQUFFO1FBQzlDLDZCQUE2QjtRQUM3QixJQUFJLENBQUMsT0FBTyxHQUFHO1lBQ2IsR0FBRyxjQUFjLENBQUMsZUFBZTtZQUNqQyxHQUFHLE9BQU87U0FDWCxDQUFDO1FBRUYsbUJBQW1CO1FBQ25CLElBQUksQ0FBQyxTQUFTLEdBQUcsSUFBSSxRQUFRLENBQXNCO1lBQ2pELEdBQUcsRUFBRSxJQUFJLENBQUMsT0FBTyxDQUFDLFlBQVk7WUFDOUIsR0FBRyxFQUFFLElBQUksQ0FBQyxPQUFPLENBQUMsUUFBUTtTQUMzQixDQUFDLENBQUM7UUFFSCxNQUFNLENBQUMsR0FBRyxDQUFDLE1BQU0sRUFBRSw0QkFBNEIsQ0FBQyxDQUFDO0lBQ25ELENBQUM7SUFFRDs7OztPQUlHO0lBQ0ksTUFBTSxDQUFDLFdBQVcsQ0FBQyxVQUFrQyxFQUFFO1FBQzVELElBQUksQ0FBQyxjQUFjLENBQUMsUUFBUSxFQUFFLENBQUM7WUFDN0IsY0FBYyxDQUFDLFFBQVEsR0FBRyxJQUFJLGNBQWMsQ0FBQyxPQUFPLENBQUMsQ0FBQztRQUN4RCxDQUFDO1FBQ0QsT0FBTyxjQUFjLENBQUMsUUFBUSxDQUFDO0lBQ2pDLENBQUM7SUFFRDs7OztPQUlHO0lBQ0ksS0FBSyxDQUFDLFNBQVMsQ0FBQyxLQUFZO1FBQ2pDLElBQUksQ0FBQztZQUNILHNDQUFzQztZQUN0QyxNQUFNLFFBQVEsR0FBRyxJQUFJLENBQUMsZ0JBQWdCLENBQUMsS0FBSyxDQUFDLENBQUM7WUFFOUMsb0JBQW9CO1lBQ3BCLE1BQU0sWUFBWSxHQUFHLElBQUksQ0FBQyxTQUFTLENBQUMsR0FBRyxDQUFDLFFBQVEsQ0FBQyxDQUFDO1lBQ2xELElBQUksWUFBWSxFQUFFLENBQUM7Z0JBQ2pCLE1BQU0sQ0FBQyxHQUFHLENBQUMsTUFBTSxFQUFFLHNDQUFzQyxLQUFLLENBQUMsWUFBWSxFQUFFLEVBQUUsQ0FBQyxDQUFDO2dCQUNqRixPQUFPLFlBQVksQ0FBQztZQUN0QixDQUFDO1lBRUQseUJBQXlCO1lBQ3pCLE1BQU0sTUFBTSxHQUFnQjtnQkFDMUIsT0FBTyxFQUFFLElBQUk7Z0JBQ2IsV0FBVyxFQUFFLENBQUM7Z0JBQ2QsZUFBZSxFQUFFLEVBQUU7Z0JBQ25CLFNBQVMsRUFBRSxJQUFJLENBQUMsR0FBRyxFQUFFO2FBQ3RCLENBQUM7WUFFRix3QkFBd0I7WUFDeEIsTUFBTSxZQUFZLEdBQXlCLEVBQUUsQ0FBQztZQUU5QyxlQUFlO1lBQ2YsSUFBSSxJQUFJLENBQUMsT0FBTyxDQUFDLFdBQVcsSUFBSSxLQUFLLENBQUMsT0FBTyxFQUFFLENBQUM7Z0JBQzlDLFlBQVksQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLFdBQVcsQ0FBQyxLQUFLLENBQUMsT0FBTyxFQUFFLE1BQU0sQ0FBQyxDQUFDLENBQUM7WUFDN0QsQ0FBQztZQUVELG9CQUFvQjtZQUNwQixJQUFJLElBQUksQ0FBQyxPQUFPLENBQUMsUUFBUSxFQUFFLENBQUM7Z0JBQzFCLElBQUksS0FBSyxDQUFDLElBQUksRUFBRSxDQUFDO29CQUNmLFlBQVksQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLGVBQWUsQ0FBQyxLQUFLLENBQUMsSUFBSSxFQUFFLE1BQU0sQ0FBQyxDQUFDLENBQUM7Z0JBQzlELENBQUM7Z0JBRUQsSUFBSSxLQUFLLENBQUMsSUFBSSxFQUFFLENBQUM7b0JBQ2YsWUFBWSxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsZUFBZSxDQUFDLEtBQUssQ0FBQyxJQUFJLEVBQUUsTUFBTSxDQUFDLENBQUMsQ0FBQztnQkFDOUQsQ0FBQztZQUNILENBQUM7WUFFRCxtQkFBbUI7WUFDbkIsSUFBSSxJQUFJLENBQUMsT0FBTyxDQUFDLGVBQWUsSUFBSSxLQUFLLENBQUMsV0FBVyxJQUFJLEtBQUssQ0FBQyxXQUFXLENBQUMsTUFBTSxHQUFHLENBQUMsRUFBRSxDQUFDO2dCQUN0RixLQUFLLE1BQU0sVUFBVSxJQUFJLEtBQUssQ0FBQyxXQUFXLEVBQUUsQ0FBQztvQkFDM0MsWUFBWSxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsY0FBYyxDQUFDLFVBQVUsRUFBRSxNQUFNLENBQUMsQ0FBQyxDQUFDO2dCQUM3RCxDQUFDO1lBQ0gsQ0FBQztZQUVELDRCQUE0QjtZQUM1QixNQUFNLE9BQU8sQ0FBQyxHQUFHLENBQUMsWUFBWSxDQUFDLENBQUM7WUFFaEMsd0RBQXdEO1lBQ3hELE1BQU0sQ0FBQyxPQUFPLEdBQUcsTUFBTSxDQUFDLFdBQVcsR0FBRyxJQUFJLENBQUMsT0FBTyxDQUFDLGNBQWMsQ0FBQztZQUVsRSxnQkFBZ0I7WUFDaEIsSUFBSSxDQUFDLFNBQVMsQ0FBQyxHQUFHLENBQUMsUUFBUSxFQUFFLE1BQU0sQ0FBQyxDQUFDO1lBRXJDLDJCQUEyQjtZQUMzQixJQUFJLE1BQU0sQ0FBQyxXQUFXLElBQUksSUFBSSxDQUFDLE9BQU8sQ0FBQyxlQUFlLEVBQUUsQ0FBQztnQkFDdkQsSUFBSSxDQUFDLGtCQUFrQixDQUFDLEtBQUssRUFBRSxNQUFNLENBQUMsQ0FBQztZQUN6QyxDQUFDO2lCQUFNLElBQUksQ0FBQyxNQUFNLENBQUMsT0FBTyxFQUFFLENBQUM7Z0JBQzNCLElBQUksQ0FBQyxjQUFjLENBQUMsS0FBSyxFQUFFLE1BQU0sQ0FBQyxDQUFDO1lBQ3JDLENBQUM7WUFFRCxPQUFPLE1BQU0sQ0FBQztRQUNoQixDQUFDO1FBQUMsT0FBTyxLQUFLLEVBQUUsQ0FBQztZQUNmLE1BQU0sQ0FBQyxHQUFHLENBQUMsT0FBTyxFQUFFLHlCQUF5QixLQUFLLENBQUMsT0FBTyxFQUFFLEVBQUU7Z0JBQzVELFNBQVMsRUFBRSxLQUFLLENBQUMsWUFBWSxFQUFFO2dCQUMvQixLQUFLLEVBQUUsS0FBSyxDQUFDLEtBQUs7YUFDbkIsQ0FBQyxDQUFDO1lBRUgsOENBQThDO1lBQzlDLE9BQU87Z0JBQ0wsT0FBTyxFQUFFLElBQUksRUFBRSxzREFBc0Q7Z0JBQ3JFLFdBQVcsRUFBRSxDQUFDO2dCQUNkLGVBQWUsRUFBRSxDQUFDLE9BQU8sQ0FBQztnQkFDMUIsU0FBUyxFQUFFLElBQUksQ0FBQyxHQUFHLEVBQUU7Z0JBQ3JCLFVBQVUsRUFBRSxZQUFZO2dCQUN4QixhQUFhLEVBQUUsZUFBZSxLQUFLLENBQUMsT0FBTyxFQUFFO2FBQzlDLENBQUM7UUFDSixDQUFDO0lBQ0gsQ0FBQztJQUVEOzs7O09BSUc7SUFDSyxnQkFBZ0IsQ0FBQyxLQUFZO1FBQ25DLDhCQUE4QjtRQUM5QixJQUFJLEtBQUssQ0FBQyxZQUFZLEVBQUUsRUFBRSxDQUFDO1lBQ3pCLE9BQU8sU0FBUyxLQUFLLENBQUMsWUFBWSxFQUFFLEVBQUUsQ0FBQztRQUN6QyxDQUFDO1FBRUQsb0NBQW9DO1FBQ3BDLE1BQU0sYUFBYSxHQUFHO1lBQ3BCLEtBQUssQ0FBQyxJQUFJO1lBQ1YsS0FBSyxDQUFDLE9BQU8sSUFBSSxFQUFFO1lBQ25CLEtBQUssQ0FBQyxJQUFJLEVBQUUsU0FBUyxDQUFDLENBQUMsRUFBRSxJQUFJLENBQUMsSUFBSSxFQUFFO1lBQ3BDLEtBQUssQ0FBQyxJQUFJLEVBQUUsU0FBUyxDQUFDLENBQUMsRUFBRSxJQUFJLENBQUMsSUFBSSxFQUFFO1lBQ3BDLEtBQUssQ0FBQyxXQUFXLEVBQUUsTUFBTSxJQUFJLENBQUM7U0FDL0IsQ0FBQyxJQUFJLENBQUMsR0FBRyxDQUFDLENBQUM7UUFFWixPQUFPLFNBQVMsT0FBTyxDQUFDLE1BQU0sQ0FBQyxVQUFVLENBQUMsUUFBUSxDQUFDLENBQUMsTUFBTSxDQUFDLGFBQWEsQ0FBQyxDQUFDLE1BQU0sQ0FBQyxLQUFLLENBQUMsRUFBRSxDQUFDO0lBQzVGLENBQUM7SUFFRDs7OztPQUlHO0lBQ0ssS0FBSyxDQUFDLFdBQVcsQ0FBQyxPQUFlLEVBQUUsTUFBbUI7UUFDNUQsTUFBTSxDQUFDLGVBQWUsQ0FBQyxJQUFJLENBQUMsU0FBUyxDQUFDLENBQUM7UUFFdkMsa0NBQWtDO1FBQ2xDLEtBQUssTUFBTSxPQUFPLElBQUksY0FBYyxDQUFDLGtCQUFrQixDQUFDLFFBQVEsRUFBRSxDQUFDO1lBQ2pFLElBQUksT0FBTyxDQUFDLElBQUksQ0FBQyxPQUFPLENBQUMsRUFBRSxDQUFDO2dCQUMxQixNQUFNLENBQUMsV0FBVyxJQUFJLEVBQUUsQ0FBQztnQkFDekIsTUFBTSxDQUFDLFVBQVUsR0FBRyxjQUFjLENBQUMsUUFBUSxDQUFDO2dCQUM1QyxNQUFNLENBQUMsYUFBYSxHQUFHLG1EQUFtRCxPQUFPLEVBQUUsQ0FBQztnQkFDcEYsT0FBTztZQUNULENBQUM7UUFDSCxDQUFDO1FBRUQsOEJBQThCO1FBQzlCLEtBQUssTUFBTSxPQUFPLElBQUksY0FBYyxDQUFDLGtCQUFrQixDQUFDLElBQUksRUFBRSxDQUFDO1lBQzdELElBQUksT0FBTyxDQUFDLElBQUksQ0FBQyxPQUFPLENBQUMsRUFBRSxDQUFDO2dCQUMxQixNQUFNLENBQUMsV0FBVyxJQUFJLEVBQUUsQ0FBQztnQkFDekIsTUFBTSxDQUFDLFVBQVUsR0FBRyxjQUFjLENBQUMsSUFBSSxDQUFDO2dCQUN4QyxNQUFNLENBQUMsYUFBYSxHQUFHLCtDQUErQyxPQUFPLEVBQUUsQ0FBQztnQkFDaEYsT0FBTztZQUNULENBQUM7UUFDSCxDQUFDO1FBRUQscUJBQXFCO1FBQ3JCLEtBQUssTUFBTSxJQUFJLElBQUksSUFBSSxDQUFDLE9BQU8sQ0FBQyxXQUFXLEVBQUUsQ0FBQztZQUM1QyxNQUFNLE9BQU8sR0FBRyxJQUFJLENBQUMsT0FBTyxZQUFZLE1BQU0sQ0FBQyxDQUFDLENBQUMsSUFBSSxDQUFDLE9BQU8sQ0FBQyxDQUFDLENBQUMsSUFBSSxNQUFNLENBQUMsSUFBSSxDQUFDLE9BQU8sRUFBRSxHQUFHLENBQUMsQ0FBQztZQUM5RixJQUFJLE9BQU8sQ0FBQyxJQUFJLENBQUMsT0FBTyxDQUFDLEVBQUUsQ0FBQztnQkFDMUIsTUFBTSxDQUFDLFdBQVcsSUFBSSxJQUFJLENBQUMsS0FBSyxDQUFDO2dCQUNqQyxNQUFNLENBQUMsVUFBVSxHQUFHLElBQUksQ0FBQyxJQUFJLENBQUM7Z0JBQzlCLE1BQU0sQ0FBQyxhQUFhLEdBQUcsSUFBSSxDQUFDLFdBQVcsQ0FBQztnQkFDeEMsT0FBTztZQUNULENBQUM7UUFDSCxDQUFDO0lBQ0gsQ0FBQztJQUVEOzs7O09BSUc7SUFDSyxLQUFLLENBQUMsZUFBZSxDQUFDLElBQVksRUFBRSxNQUFtQjtRQUM3RCxNQUFNLENBQUMsZUFBZSxDQUFDLElBQUksQ0FBQyxNQUFNLENBQUMsQ0FBQztRQUVwQyx5QkFBeUI7UUFDekIsS0FBSyxNQUFNLE9BQU8sSUFBSSxjQUFjLENBQUMsa0JBQWtCLENBQUMsZUFBZSxFQUFFLENBQUM7WUFDeEUsSUFBSSxPQUFPLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxFQUFFLENBQUM7Z0JBQ3ZCLE1BQU0sQ0FBQyxXQUFXLElBQUksRUFBRSxDQUFDO2dCQUN6QixJQUFJLENBQUMsTUFBTSxDQUFDLFVBQVUsSUFBSSxNQUFNLENBQUMsV0FBVyxHQUFHLENBQUMsTUFBTSxDQUFDLFVBQVUsS0FBSyxjQUFjLENBQUMsZUFBZSxDQUFDLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBQyxDQUFDLEVBQUUsQ0FBQyxFQUFFLENBQUM7b0JBQy9HLE1BQU0sQ0FBQyxVQUFVLEdBQUcsY0FBYyxDQUFDLGVBQWUsQ0FBQztvQkFDbkQsTUFBTSxDQUFDLGFBQWEsR0FBRyxnQ0FBZ0MsQ0FBQztnQkFDMUQsQ0FBQztZQUNILENBQUM7UUFDSCxDQUFDO1FBRUQsaUJBQWlCO1FBQ2pCLEtBQUssTUFBTSxPQUFPLElBQUksY0FBYyxDQUFDLGtCQUFrQixDQUFDLFFBQVEsRUFBRSxDQUFDO1lBQ2pFLElBQUksT0FBTyxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsRUFBRSxDQUFDO2dCQUN2QixNQUFNLENBQUMsV0FBVyxJQUFJLEVBQUUsQ0FBQztnQkFDekIsSUFBSSxDQUFDLE1BQU0sQ0FBQyxVQUFVLElBQUksTUFBTSxDQUFDLFdBQVcsR0FBRyxDQUFDLE1BQU0sQ0FBQyxVQUFVLEtBQUssY0FBYyxDQUFDLFFBQVEsQ0FBQyxDQUFDLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBQyxFQUFFLENBQUMsRUFBRSxDQUFDO29CQUN4RyxNQUFNLENBQUMsVUFBVSxHQUFHLGNBQWMsQ0FBQyxRQUFRLENBQUM7b0JBQzVDLE1BQU0sQ0FBQyxhQUFhLEdBQUcsNkNBQTZDLENBQUM7Z0JBQ3ZFLENBQUM7WUFDSCxDQUFDO1FBQ0gsQ0FBQztRQUVELGFBQWE7UUFDYixLQUFLLE1BQU0sT0FBTyxJQUFJLGNBQWMsQ0FBQyxrQkFBa0IsQ0FBQyxJQUFJLEVBQUUsQ0FBQztZQUM3RCxJQUFJLE9BQU8sQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLEVBQUUsQ0FBQztnQkFDdkIsTUFBTSxDQUFDLFdBQVcsSUFBSSxFQUFFLENBQUM7Z0JBQ3pCLElBQUksQ0FBQyxNQUFNLENBQUMsVUFBVSxJQUFJLE1BQU0sQ0FBQyxXQUFXLEdBQUcsQ0FBQyxNQUFNLENBQUMsVUFBVSxLQUFLLGNBQWMsQ0FBQyxJQUFJLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBQyxDQUFDLENBQUMsRUFBRSxDQUFDLEVBQUUsQ0FBQztvQkFDcEcsTUFBTSxDQUFDLFVBQVUsR0FBRyxjQUFjLENBQUMsSUFBSSxDQUFDO29CQUN4QyxNQUFNLENBQUMsYUFBYSxHQUFHLHlDQUF5QyxDQUFDO2dCQUNuRSxDQUFDO1lBQ0gsQ0FBQztRQUNILENBQUM7UUFFRCwyQkFBMkI7UUFDM0IsS0FBSyxNQUFNLE9BQU8sSUFBSSxjQUFjLENBQUMsa0JBQWtCLENBQUMsT0FBTyxFQUFFLENBQUM7WUFDaEUsSUFBSSxPQUFPLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxFQUFFLENBQUM7Z0JBQ3ZCLE1BQU0sQ0FBQyxXQUFXLElBQUksRUFBRSxDQUFDO2dCQUN6QixJQUFJLENBQUMsTUFBTSxDQUFDLFVBQVUsSUFBSSxNQUFNLENBQUMsV0FBVyxHQUFHLENBQUMsTUFBTSxDQUFDLFVBQVUsS0FBSyxjQUFjLENBQUMsT0FBTyxDQUFDLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBQyxDQUFDLEVBQUUsQ0FBQyxFQUFFLENBQUM7b0JBQ3ZHLE1BQU0sQ0FBQyxVQUFVLEdBQUcsY0FBYyxDQUFDLE9BQU8sQ0FBQztvQkFDM0MsTUFBTSxDQUFDLGFBQWEsR0FBRyw0Q0FBNEMsQ0FBQztnQkFDdEUsQ0FBQztZQUNILENBQUM7UUFDSCxDQUFDO1FBRUQsdUJBQXVCO1FBQ3ZCLEtBQUssTUFBTSxPQUFPLElBQUksY0FBYyxDQUFDLGtCQUFrQixDQUFDLGFBQWEsRUFBRSxDQUFDO1lBQ3RFLElBQUksT0FBTyxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsRUFBRSxDQUFDO2dCQUN2QixNQUFNLENBQUMsV0FBVyxJQUFJLEVBQUUsQ0FBQztnQkFDekIsSUFBSSxDQUFDLE1BQU0sQ0FBQyxVQUFVLElBQUksTUFBTSxDQUFDLFdBQVcsR0FBRyxDQUFDLE1BQU0sQ0FBQyxVQUFVLEtBQUssY0FBYyxDQUFDLGNBQWMsQ0FBQyxDQUFDLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBQyxFQUFFLENBQUMsRUFBRSxDQUFDO29CQUM5RyxNQUFNLENBQUMsVUFBVSxHQUFHLGNBQWMsQ0FBQyxjQUFjLENBQUM7b0JBQ2xELE1BQU0sQ0FBQyxhQUFhLEdBQUcsbURBQW1ELENBQUM7Z0JBQzdFLENBQUM7WUFDSCxDQUFDO1FBQ0gsQ0FBQztRQUVELHFCQUFxQjtRQUNyQixLQUFLLE1BQU0sSUFBSSxJQUFJLElBQUksQ0FBQyxPQUFPLENBQUMsV0FBVyxFQUFFLENBQUM7WUFDNUMsTUFBTSxPQUFPLEdBQUcsSUFBSSxDQUFDLE9BQU8sWUFBWSxNQUFNLENBQUMsQ0FBQyxDQUFDLElBQUksQ0FBQyxPQUFPLENBQUMsQ0FBQyxDQUFDLElBQUksTUFBTSxDQUFDLElBQUksQ0FBQyxPQUFPLEVBQUUsR0FBRyxDQUFDLENBQUM7WUFDOUYsSUFBSSxPQUFPLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxFQUFFLENBQUM7Z0JBQ3ZCLE1BQU0sQ0FBQyxXQUFXLElBQUksSUFBSSxDQUFDLEtBQUssQ0FBQztnQkFDakMsSUFBSSxDQUFDLE1BQU0sQ0FBQyxVQUFVLElBQUksTUFBTSxDQUFDLFdBQVcsR0FBRyxFQUFFLEVBQUUsQ0FBQztvQkFDbEQsTUFBTSxDQUFDLFVBQVUsR0FBRyxJQUFJLENBQUMsSUFBSSxDQUFDO29CQUM5QixNQUFNLENBQUMsYUFBYSxHQUFHLElBQUksQ0FBQyxXQUFXLENBQUM7Z0JBQzFDLENBQUM7WUFDSCxDQUFDO1FBQ0gsQ0FBQztJQUNILENBQUM7SUFFRDs7OztPQUlHO0lBQ0ssS0FBSyxDQUFDLGVBQWUsQ0FBQyxJQUFZLEVBQUUsTUFBbUI7UUFDN0QsTUFBTSxDQUFDLGVBQWUsQ0FBQyxJQUFJLENBQUMsTUFBTSxDQUFDLENBQUM7UUFFcEMsNkJBQTZCO1FBQzdCLEtBQUssTUFBTSxPQUFPLElBQUksY0FBYyxDQUFDLGtCQUFrQixDQUFDLGVBQWUsRUFBRSxDQUFDO1lBQ3hFLElBQUksT0FBTyxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsRUFBRSxDQUFDO2dCQUN2QixNQUFNLENBQUMsV0FBVyxJQUFJLEVBQUUsQ0FBQztnQkFDekIsSUFBSSxDQUFDLE1BQU0sQ0FBQyxVQUFVLElBQUksTUFBTSxDQUFDLFVBQVUsS0FBSyxjQUFjLENBQUMsR0FBRyxFQUFFLENBQUM7b0JBQ25FLE1BQU0sQ0FBQyxVQUFVLEdBQUcsY0FBYyxDQUFDLEdBQUcsQ0FBQztvQkFDdkMsTUFBTSxDQUFDLGFBQWEsR0FBRyxvREFBb0QsQ0FBQztnQkFDOUUsQ0FBQztZQUNILENBQUM7UUFDSCxDQUFDO1FBRUQsc0RBQXNEO1FBQ3RELE1BQU0sV0FBVyxHQUFHLElBQUksQ0FBQyxtQkFBbUIsQ0FBQyxJQUFJLENBQUMsQ0FBQztRQUNuRCxJQUFJLFdBQVcsRUFBRSxDQUFDO1lBQ2hCLHFFQUFxRTtZQUNyRSxNQUFNLFVBQVUsR0FBZ0I7Z0JBQzlCLE9BQU8sRUFBRSxJQUFJO2dCQUNiLFdBQVcsRUFBRSxDQUFDO2dCQUNkLGVBQWUsRUFBRSxFQUFFO2dCQUNuQixTQUFTLEVBQUUsSUFBSSxDQUFDLEdBQUcsRUFBRTthQUN0QixDQUFDO1lBRUYsTUFBTSxJQUFJLENBQUMsZUFBZSxDQUFDLFdBQVcsRUFBRSxVQUFVLENBQUMsQ0FBQztZQUVwRCwwREFBMEQ7WUFDMUQsSUFBSSxVQUFVLENBQUMsVUFBVSxJQUFJLFVBQVUsQ0FBQyxXQUFXLEdBQUcsQ0FBQyxFQUFFLENBQUM7Z0JBQ3hELDhEQUE4RDtnQkFDOUQsTUFBTSxDQUFDLFdBQVcsSUFBSSxJQUFJLENBQUMsS0FBSyxDQUFDLFVBQVUsQ0FBQyxXQUFXLEdBQUcsQ0FBQyxDQUFDLENBQUM7Z0JBRTdELDJEQUEyRDtnQkFDM0QsSUFBSSxDQUFDLE1BQU0sQ0FBQyxVQUFVLElBQUksVUFBVSxDQUFDLFdBQVcsR0FBRyxNQUFNLENBQUMsV0FBVyxFQUFFLENBQUM7b0JBQ3RFLE1BQU0sQ0FBQyxVQUFVLEdBQUcsVUFBVSxDQUFDLFVBQVUsQ0FBQztvQkFDMUMsTUFBTSxDQUFDLGFBQWEsR0FBRyxVQUFVLENBQUMsYUFBYSxDQUFDO2dCQUNsRCxDQUFDO1lBQ0gsQ0FBQztRQUNILENBQUM7UUFFRCxvQ0FBb0M7UUFDcEMsTUFBTSxLQUFLLEdBQUcsSUFBSSxDQUFDLG9CQUFvQixDQUFDLElBQUksQ0FBQyxDQUFDO1FBQzlDLElBQUksS0FBSyxDQUFDLE1BQU0sR0FBRyxDQUFDLEVBQUUsQ0FBQztZQUNyQiw2QkFBNkI7WUFDN0IsSUFBSSxlQUFlLEdBQUcsQ0FBQyxDQUFDO1lBQ3hCLEtBQUssTUFBTSxJQUFJLElBQUksS0FBSyxFQUFFLENBQUM7Z0JBQ3pCLEtBQUssTUFBTSxPQUFPLElBQUksY0FBYyxDQUFDLGtCQUFrQixDQUFDLGVBQWUsRUFBRSxDQUFDO29CQUN4RSxJQUFJLE9BQU8sQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLEVBQUUsQ0FBQzt3QkFDdkIsZUFBZSxFQUFFLENBQUM7d0JBQ2xCLE1BQU07b0JBQ1IsQ0FBQztnQkFDSCxDQUFDO1lBQ0gsQ0FBQztZQUVELElBQUksZUFBZSxHQUFHLENBQUMsRUFBRSxDQUFDO2dCQUN4QixvREFBb0Q7Z0JBQ3BELE1BQU0sb0JBQW9CLEdBQUcsQ0FBQyxlQUFlLEdBQUcsS0FBSyxDQUFDLE1BQU0sQ0FBQyxHQUFHLEdBQUcsQ0FBQztnQkFDcEUsTUFBTSxlQUFlLEdBQUcsSUFBSSxDQUFDLEdBQUcsQ0FBQyxFQUFFLEVBQUUsSUFBSSxDQUFDLEtBQUssQ0FBQyxvQkFBb0IsR0FBRyxHQUFHLENBQUMsQ0FBQyxDQUFDO2dCQUM3RSxNQUFNLENBQUMsV0FBVyxJQUFJLGVBQWUsQ0FBQztnQkFFdEMsSUFBSSxDQUFDLE1BQU0sQ0FBQyxVQUFVLElBQUksZUFBZSxHQUFHLEVBQUUsRUFBRSxDQUFDO29CQUMvQyxNQUFNLENBQUMsVUFBVSxHQUFHLGNBQWMsQ0FBQyxlQUFlLENBQUM7b0JBQ25ELE1BQU0sQ0FBQyxhQUFhLEdBQUcsaUJBQWlCLGVBQWUsNEJBQTRCLEtBQUssQ0FBQyxNQUFNLGNBQWMsQ0FBQztnQkFDaEgsQ0FBQztZQUNILENBQUM7UUFDSCxDQUFDO0lBQ0gsQ0FBQztJQUVEOzs7O09BSUc7SUFDSyxLQUFLLENBQUMsY0FBYyxDQUFDLFVBQXVCLEVBQUUsTUFBbUI7UUFDdkUsTUFBTSxRQUFRLEdBQUcsVUFBVSxDQUFDLFFBQVEsQ0FBQyxXQUFXLEVBQUUsQ0FBQztRQUNuRCxNQUFNLENBQUMsZUFBZSxDQUFDLElBQUksQ0FBQyxjQUFjLFFBQVEsRUFBRSxDQUFDLENBQUM7UUFFdEQsdUNBQXVDO1FBQ3ZDLElBQUksVUFBVSxDQUFDLE9BQU8sSUFBSSxVQUFVLENBQUMsT0FBTyxDQUFDLE1BQU0sR0FBRyxJQUFJLENBQUMsT0FBTyxDQUFDLHVCQUF1QixFQUFFLENBQUM7WUFDM0YsTUFBTSxDQUFDLEdBQUcsQ0FBQyxNQUFNLEVBQUUsc0NBQXNDLFFBQVEsS0FBSyxVQUFVLENBQUMsT0FBTyxDQUFDLE1BQU0sU0FBUyxDQUFDLENBQUM7WUFDMUcsT0FBTztRQUNULENBQUM7UUFFRCwyQ0FBMkM7UUFDM0MsSUFBSSxJQUFJLENBQUMsT0FBTyxDQUFDLGdCQUFnQixFQUFFLENBQUM7WUFDbEMsS0FBSyxNQUFNLEdBQUcsSUFBSSxjQUFjLENBQUMscUJBQXFCLEVBQUUsQ0FBQztnQkFDdkQsSUFBSSxRQUFRLENBQUMsUUFBUSxDQUFDLEdBQUcsQ0FBQyxFQUFFLENBQUM7b0JBQzNCLE1BQU0sQ0FBQyxXQUFXLElBQUksRUFBRSxDQUFDLENBQUMsd0NBQXdDO29CQUNsRSxNQUFNLENBQUMsVUFBVSxHQUFHLGNBQWMsQ0FBQyxVQUFVLENBQUM7b0JBQzlDLE1BQU0sQ0FBQyxhQUFhLEdBQUcscURBQXFELFFBQVEsRUFBRSxDQUFDO29CQUN2RixPQUFPLENBQUMsdURBQXVEO2dCQUNqRSxDQUFDO1lBQ0gsQ0FBQztRQUNILENBQUM7UUFFRCx5Q0FBeUM7UUFDekMsSUFBSSxJQUFJLENBQUMsT0FBTyxDQUFDLFdBQVcsRUFBRSxDQUFDO1lBQzdCLEtBQUssTUFBTSxHQUFHLElBQUksY0FBYyxDQUFDLHlCQUF5QixFQUFFLENBQUM7Z0JBQzNELElBQUksUUFBUSxDQUFDLFFBQVEsQ0FBQyxHQUFHLENBQUMsRUFBRSxDQUFDO29CQUMzQixxREFBcUQ7b0JBQ3JELHFGQUFxRjtvQkFDckYsdUNBQXVDO29CQUN2QyxJQUFJLFVBQVUsQ0FBQyxPQUFPLElBQUksSUFBSSxDQUFDLG9CQUFvQixDQUFDLFVBQVUsQ0FBQyxFQUFFLENBQUM7d0JBQ2hFLE1BQU0sQ0FBQyxXQUFXLElBQUksRUFBRSxDQUFDO3dCQUN6QixNQUFNLENBQUMsVUFBVSxHQUFHLGNBQWMsQ0FBQyxlQUFlLENBQUM7d0JBQ25ELE1BQU0sQ0FBQyxhQUFhLEdBQUcseUNBQXlDLFFBQVEsRUFBRSxDQUFDO3dCQUMzRSxPQUFPO29CQUNULENBQUM7Z0JBQ0gsQ0FBQztZQUNILENBQUM7UUFDSCxDQUFDO1FBRUQsMkRBQTJEO1FBQzNELElBQUksVUFBVSxDQUFDLE9BQU8sRUFBRSxDQUFDO1lBQ3ZCLHdFQUF3RTtZQUN4RSxNQUFNLFdBQVcsR0FBRyxJQUFJLENBQUMscUJBQXFCLENBQUMsVUFBVSxDQUFDLE9BQU8sQ0FBQyxDQUFDO1lBRW5FLElBQUksV0FBVyxFQUFFLENBQUM7Z0JBQ2hCLG9EQUFvRDtnQkFDcEQsS0FBSyxNQUFNLFFBQVEsSUFBSSxjQUFjLENBQUMsa0JBQWtCLEVBQUUsQ0FBQztvQkFDekQsTUFBTSxRQUFRLEdBQUcsY0FBYyxDQUFDLGtCQUFrQixDQUFDLFFBQVEsQ0FBQyxDQUFDO29CQUM3RCxLQUFLLE1BQU0sT0FBTyxJQUFJLFFBQVEsRUFBRSxDQUFDO3dCQUMvQixJQUFJLE9BQU8sQ0FBQyxJQUFJLENBQUMsV0FBVyxDQUFDLEVBQUUsQ0FBQzs0QkFDOUIsTUFBTSxDQUFDLFdBQVcsSUFBSSxFQUFFLENBQUM7NEJBRXpCLElBQUksQ0FBQyxNQUFNLENBQUMsVUFBVSxFQUFFLENBQUM7Z0NBQ3ZCLE1BQU0sQ0FBQyxVQUFVLEdBQUcsSUFBSSxDQUFDLHVCQUF1QixDQUFDLFFBQVEsQ0FBQyxDQUFDO2dDQUMzRCxNQUFNLENBQUMsYUFBYSxHQUFHLG9EQUFvRCxRQUFRLEVBQUUsQ0FBQzs0QkFDeEYsQ0FBQzs0QkFFRCxNQUFNO3dCQUNSLENBQUM7b0JBQ0gsQ0FBQztnQkFDSCxDQUFDO1lBQ0gsQ0FBQztZQUVELDZDQUE2QztZQUM3QyxJQUFJLFVBQVUsQ0FBQyxPQUFPLENBQUMsTUFBTSxHQUFHLEVBQUU7Z0JBQzlCLFVBQVUsQ0FBQyxPQUFPLENBQUMsQ0FBQyxDQUFDLEtBQUssSUFBSTtnQkFDOUIsVUFBVSxDQUFDLE9BQU8sQ0FBQyxDQUFDLENBQUMsS0FBSyxJQUFJLEVBQUUsQ0FBQyxDQUFDLGNBQWM7Z0JBQ2xELE1BQU0sQ0FBQyxXQUFXLElBQUksRUFBRSxDQUFDO2dCQUN6QixNQUFNLENBQUMsVUFBVSxHQUFHLGNBQWMsQ0FBQyxVQUFVLENBQUM7Z0JBQzlDLE1BQU0sQ0FBQyxhQUFhLEdBQUcsd0NBQXdDLFFBQVEsRUFBRSxDQUFDO1lBQzVFLENBQUM7UUFDSCxDQUFDO0lBQ0gsQ0FBQztJQUVEOzs7O09BSUc7SUFDSyxvQkFBb0IsQ0FBQyxJQUFZO1FBQ3ZDLE1BQU0sS0FBSyxHQUFhLEVBQUUsQ0FBQztRQUUzQix1RkFBdUY7UUFDdkYsTUFBTSxPQUFPLEdBQUcsSUFBSSxDQUFDLEtBQUssQ0FBQyxvQ0FBb0MsQ0FBQyxDQUFDO1FBQ2pFLElBQUksT0FBTyxFQUFFLENBQUM7WUFDWixLQUFLLE1BQU0sS0FBSyxJQUFJLE9BQU8sRUFBRSxDQUFDO2dCQUM1QixNQUFNLFNBQVMsR0FBRyxLQUFLLENBQUMsS0FBSyxDQUFDLG1DQUFtQyxDQUFDLENBQUM7Z0JBQ25FLElBQUksU0FBUyxJQUFJLFNBQVMsQ0FBQyxDQUFDLENBQUMsRUFBRSxDQUFDO29CQUM5QixLQUFLLENBQUMsSUFBSSxDQUFDLFNBQVMsQ0FBQyxDQUFDLENBQUMsQ0FBQyxDQUFDO2dCQUMzQixDQUFDO1lBQ0gsQ0FBQztRQUNILENBQUM7UUFFRCxPQUFPLEtBQUssQ0FBQztJQUNmLENBQUM7SUFFRDs7OztPQUlHO0lBQ0ssbUJBQW1CLENBQUMsSUFBWTtRQUN0Qyw0REFBNEQ7UUFDNUQsT0FBTyxJQUFJO2FBQ1IsT0FBTyxDQUFDLDRCQUE0QixFQUFFLEVBQUUsQ0FBQzthQUN6QyxPQUFPLENBQUMsOEJBQThCLEVBQUUsRUFBRSxDQUFDO2FBQzNDLE9BQU8sQ0FBQyxVQUFVLEVBQUUsR0FBRyxDQUFDO2FBQ3hCLE9BQU8sQ0FBQyxTQUFTLEVBQUUsR0FBRyxDQUFDO2FBQ3ZCLE9BQU8sQ0FBQyxPQUFPLEVBQUUsR0FBRyxDQUFDO2FBQ3JCLE9BQU8sQ0FBQyxPQUFPLEVBQUUsR0FBRyxDQUFDO2FBQ3JCLE9BQU8sQ0FBQyxRQUFRLEVBQUUsR0FBRyxDQUFDO2FBQ3RCLE9BQU8sQ0FBQyxTQUFTLEVBQUUsR0FBRyxDQUFDO2FBQ3ZCLE9BQU8sQ0FBQyxTQUFTLEVBQUUsR0FBRyxDQUFDO2FBQ3ZCLE9BQU8sQ0FBQyxNQUFNLEVBQUUsR0FBRyxDQUFDO2FBQ3BCLElBQUksRUFBRSxDQUFDO0lBQ1osQ0FBQztJQUVEOzs7O09BSUc7SUFDSyxxQkFBcUIsQ0FBQyxNQUFjO1FBQzFDLElBQUksQ0FBQztZQUNILHFEQUFxRDtZQUNyRCxNQUFNLFVBQVUsR0FBRyxJQUFJLENBQUMsR0FBRyxDQUFDLE1BQU0sQ0FBQyxNQUFNLEVBQUUsR0FBRyxHQUFHLElBQUksQ0FBQyxDQUFDLENBQUMsbUJBQW1CO1lBQzNFLE1BQU0sTUFBTSxHQUFHLE1BQU0sQ0FBQyxLQUFLLENBQUMsQ0FBQyxFQUFFLFVBQVUsQ0FBQyxDQUFDO1lBRTNDLDhEQUE4RDtZQUM5RCxPQUFPLE1BQU0sQ0FBQyxRQUFRLENBQUMsTUFBTSxDQUFDO2lCQUMzQixPQUFPLENBQUMsZ0NBQWdDLEVBQUUsRUFBRSxDQUFDLENBQUMsdUJBQXVCO2lCQUNyRSxPQUFPLENBQUMsU0FBUyxFQUFFLEVBQUUsQ0FBQyxDQUFDLENBQUMsMEJBQTBCO1FBQ3ZELENBQUM7UUFBQyxPQUFPLEtBQUssRUFBRSxDQUFDO1lBQ2YsTUFBTSxDQUFDLEdBQUcsQ0FBQyxNQUFNLEVBQUUsc0NBQXNDLEtBQUssQ0FBQyxPQUFPLEVBQUUsQ0FBQyxDQUFDO1lBQzFFLE9BQU8sRUFBRSxDQUFDO1FBQ1osQ0FBQztJQUNILENBQUM7SUFFRDs7Ozs7T0FLRztJQUNLLG9CQUFvQixDQUFDLFVBQXVCO1FBQ2xELHVEQUF1RDtRQUN2RCxzREFBc0Q7UUFDdEQsTUFBTSxPQUFPLEdBQUcsSUFBSSxDQUFDLHFCQUFxQixDQUFDLFVBQVUsQ0FBQyxPQUFPLENBQUMsQ0FBQztRQUMvRCxNQUFNLGVBQWUsR0FBRztZQUN0QixrQkFBa0I7WUFDbEIsZ0JBQWdCO1lBQ2hCLFNBQVM7WUFDVCxZQUFZO1lBQ1osV0FBVztZQUNYLGVBQWU7WUFDZixXQUFXO1lBQ1gsY0FBYztZQUNkLFlBQVk7WUFDWixtQkFBbUI7U0FDcEIsQ0FBQztRQUVGLEtBQUssTUFBTSxTQUFTLElBQUksZUFBZSxFQUFFLENBQUM7WUFDeEMsSUFBSSxTQUFTLENBQUMsSUFBSSxDQUFDLE9BQU8sQ0FBQyxFQUFFLENBQUM7Z0JBQzVCLE9BQU8sSUFBSSxDQUFDO1lBQ2QsQ0FBQztRQUNILENBQUM7UUFFRCxPQUFPLEtBQUssQ0FBQztJQUNmLENBQUM7SUFFRDs7OztPQUlHO0lBQ0ssdUJBQXVCLENBQUMsUUFBZ0I7UUFDOUMsUUFBUSxRQUFRLEVBQUUsQ0FBQztZQUNqQixLQUFLLFVBQVUsQ0FBQyxDQUFDLE9BQU8sY0FBYyxDQUFDLFFBQVEsQ0FBQztZQUNoRCxLQUFLLE1BQU0sQ0FBQyxDQUFDLE9BQU8sY0FBYyxDQUFDLElBQUksQ0FBQztZQUN4QyxLQUFLLFNBQVMsQ0FBQyxDQUFDLE9BQU8sY0FBYyxDQUFDLE9BQU8sQ0FBQztZQUM5QyxLQUFLLGlCQUFpQixDQUFDLENBQUMsT0FBTyxjQUFjLENBQUMsZUFBZSxDQUFDO1lBQzlELEtBQUssaUJBQWlCLENBQUMsQ0FBQyxPQUFPLGNBQWMsQ0FBQyxHQUFHLENBQUM7WUFDbEQsS0FBSyxlQUFlLENBQUMsQ0FBQyxPQUFPLGNBQWMsQ0FBQyxjQUFjLENBQUM7WUFDM0QsT0FBTyxDQUFDLENBQUMsT0FBTyxjQUFjLENBQUMsbUJBQW1CLENBQUM7UUFDckQsQ0FBQztJQUNILENBQUM7SUFFRDs7OztPQUlHO0lBQ0ssa0JBQWtCLENBQUMsS0FBWSxFQUFFLE1BQW1CO1FBQzFELGNBQWMsQ0FBQyxXQUFXLEVBQUUsQ0FBQyxRQUFRLENBQUM7WUFDcEMsS0FBSyxFQUFFLGdCQUFnQixDQUFDLEtBQUs7WUFDN0IsSUFBSSxFQUFFLGlCQUFpQixDQUFDLE9BQU87WUFDL0IsT0FBTyxFQUFFLDhDQUE4QyxLQUFLLENBQUMsSUFBSSxPQUFPLEtBQUssQ0FBQyxFQUFFLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxFQUFFO1lBQzdGLE9BQU8sRUFBRTtnQkFDUCxTQUFTLEVBQUUsS0FBSyxDQUFDLFlBQVksRUFBRTtnQkFDL0IsVUFBVSxFQUFFLE1BQU0sQ0FBQyxVQUFVO2dCQUM3QixhQUFhLEVBQUUsTUFBTSxDQUFDLGFBQWE7Z0JBQ25DLFdBQVcsRUFBRSxNQUFNLENBQUMsV0FBVztnQkFDL0IsZUFBZSxFQUFFLE1BQU0sQ0FBQyxlQUFlO2dCQUN2QyxPQUFPLEVBQUUsS0FBSyxDQUFDLE9BQU87YUFDdkI7WUFDRCxPQUFPLEVBQUUsS0FBSztZQUNkLE1BQU0sRUFBRSxLQUFLLENBQUMsYUFBYSxFQUFFO1NBQzlCLENBQUMsQ0FBQztJQUNMLENBQUM7SUFFRDs7OztPQUlHO0lBQ0ssY0FBYyxDQUFDLEtBQVksRUFBRSxNQUFtQjtRQUN0RCxjQUFjLENBQUMsV0FBVyxFQUFFLENBQUMsUUFBUSxDQUFDO1lBQ3BDLEtBQUssRUFBRSxnQkFBZ0IsQ0FBQyxJQUFJO1lBQzVCLElBQUksRUFBRSxpQkFBaUIsQ0FBQyxJQUFJO1lBQzVCLE9BQU8sRUFBRSw2Q0FBNkMsS0FBSyxDQUFDLElBQUksT0FBTyxLQUFLLENBQUMsRUFBRSxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsRUFBRTtZQUM1RixPQUFPLEVBQUU7Z0JBQ1AsU0FBUyxFQUFFLEtBQUssQ0FBQyxZQUFZLEVBQUU7Z0JBQy9CLFVBQVUsRUFBRSxNQUFNLENBQUMsVUFBVTtnQkFDN0IsYUFBYSxFQUFFLE1BQU0sQ0FBQyxhQUFhO2dCQUNuQyxXQUFXLEVBQUUsTUFBTSxDQUFDLFdBQVc7Z0JBQy9CLGVBQWUsRUFBRSxNQUFNLENBQUMsZUFBZTtnQkFDdkMsT0FBTyxFQUFFLEtBQUssQ0FBQyxPQUFPO2FBQ3ZCO1lBQ0QsT0FBTyxFQUFFLEtBQUs7WUFDZCxNQUFNLEVBQUUsS0FBSyxDQUFDLGFBQWEsRUFBRTtTQUM5QixDQUFDLENBQUM7SUFDTCxDQUFDO0lBRUQ7Ozs7T0FJRztJQUNJLE1BQU0sQ0FBQyxjQUFjLENBQUMsS0FBYTtRQUN4QyxJQUFJLEtBQUssR0FBRyxFQUFFLEVBQUUsQ0FBQztZQUNmLE9BQU8sTUFBTSxDQUFDO1FBQ2hCLENBQUM7YUFBTSxJQUFJLEtBQUssR0FBRyxFQUFFLEVBQUUsQ0FBQztZQUN0QixPQUFPLEtBQUssQ0FBQztRQUNmLENBQUM7YUFBTSxJQUFJLEtBQUssR0FBRyxFQUFFLEVBQUUsQ0FBQztZQUN0QixPQUFPLFFBQVEsQ0FBQztRQUNsQixDQUFDO2FBQU0sQ0FBQztZQUNOLE9BQU8sTUFBTSxDQUFDO1FBQ2hCLENBQUM7SUFDSCxDQUFDIn0= \ No newline at end of file +//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY2xhc3Nlcy5jb250ZW50c2Nhbm5lci5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uL3RzL3NlY3VyaXR5L2NsYXNzZXMuY29udGVudHNjYW5uZXIudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQUEsT0FBTyxLQUFLLE9BQU8sTUFBTSxlQUFlLENBQUM7QUFDekMsT0FBTyxLQUFLLEtBQUssTUFBTSxhQUFhLENBQUM7QUFDckMsT0FBTyxFQUFFLE1BQU0sRUFBRSxNQUFNLGNBQWMsQ0FBQztBQUN0QyxPQUFPLEVBQUUsS0FBSyxFQUFFLE1BQU0sK0JBQStCLENBQUM7QUFFdEQsT0FBTyxFQUFFLGNBQWMsRUFBRSxnQkFBZ0IsRUFBRSxpQkFBaUIsRUFBRSxNQUFNLDZCQUE2QixDQUFDO0FBQ2xHLE9BQU8sRUFBRSxrQkFBa0IsRUFBRSxNQUFNLGlDQUFpQyxDQUFDO0FBQ3JFLE9BQU8sRUFBRSxRQUFRLEVBQUUsTUFBTSxXQUFXLENBQUM7QUFxQ3JDOztHQUVHO0FBQ0gsTUFBTSxDQUFOLElBQVksY0FXWDtBQVhELFdBQVksY0FBYztJQUN4QiwrQkFBYSxDQUFBO0lBQ2IsdUNBQXFCLENBQUE7SUFDckIscUNBQW1CLENBQUE7SUFDbkIsMkNBQXlCLENBQUE7SUFDekIscURBQW1DLENBQUE7SUFDbkMscURBQW1DLENBQUE7SUFDbkMsNkJBQVcsQ0FBQTtJQUNYLG1EQUFpQyxDQUFBO0lBQ2pDLDZEQUEyQyxDQUFBO0lBQzNDLDZDQUEyQixDQUFBO0FBQzdCLENBQUMsRUFYVyxjQUFjLEtBQWQsY0FBYyxRQVd6QjtBQUVEOztHQUVHO0FBQ0gsTUFBTSxPQUFPLGNBQWM7SUFDakIsTUFBTSxDQUFDLFFBQVEsQ0FBaUI7SUFDaEMsU0FBUyxDQUFnQztJQUN6QyxPQUFPLENBQW1DO0lBRWxEOztPQUVHO0lBQ0ssTUFBTSxDQUFVLGVBQWUsR0FBcUM7UUFDMUUsWUFBWSxFQUFFLEtBQUs7UUFDbkIsUUFBUSxFQUFFLEVBQUUsR0FBRyxFQUFFLEdBQUcsRUFBRSxHQUFHLElBQUksRUFBRSxXQUFXO1FBQzFDLFdBQVcsRUFBRSxJQUFJO1FBQ2pCLFFBQVEsRUFBRSxJQUFJO1FBQ2QsZUFBZSxFQUFFLElBQUk7UUFDckIsdUJBQXVCLEVBQUUsRUFBRSxHQUFHLElBQUksR0FBRyxJQUFJLEVBQUUsT0FBTztRQUNsRCxtQkFBbUIsRUFBRSxJQUFJO1FBQ3pCLGdCQUFnQixFQUFFLElBQUk7UUFDdEIsV0FBVyxFQUFFLElBQUk7UUFDakIsV0FBVyxFQUFFLEVBQUU7UUFDZixjQUFjLEVBQUUsRUFBRSxFQUFFLGdEQUFnRDtRQUNwRSxlQUFlLEVBQUUsRUFBRSxDQUFFLHNEQUFzRDtLQUM1RSxDQUFDO0lBRUY7OztPQUdHO0lBQ0gsWUFBWSxVQUFrQyxFQUFFO1FBQzlDLDZCQUE2QjtRQUM3QixJQUFJLENBQUMsT0FBTyxHQUFHO1lBQ2IsR0FBRyxjQUFjLENBQUMsZUFBZTtZQUNqQyxHQUFHLE9BQU87U0FDWCxDQUFDO1FBRUYsbUJBQW1CO1FBQ25CLElBQUksQ0FBQyxTQUFTLEdBQUcsSUFBSSxRQUFRLENBQXNCO1lBQ2pELEdBQUcsRUFBRSxJQUFJLENBQUMsT0FBTyxDQUFDLFlBQVk7WUFDOUIsR0FBRyxFQUFFLElBQUksQ0FBQyxPQUFPLENBQUMsUUFBUTtTQUMzQixDQUFDLENBQUM7UUFFSCxNQUFNLENBQUMsR0FBRyxDQUFDLE1BQU0sRUFBRSw0QkFBNEIsQ0FBQyxDQUFDO0lBQ25ELENBQUM7SUFFRDs7OztPQUlHO0lBQ0ksTUFBTSxDQUFDLFdBQVcsQ0FBQyxVQUFrQyxFQUFFO1FBQzVELElBQUksQ0FBQyxjQUFjLENBQUMsUUFBUSxFQUFFLENBQUM7WUFDN0IsY0FBYyxDQUFDLFFBQVEsR0FBRyxJQUFJLGNBQWMsQ0FBQyxPQUFPLENBQUMsQ0FBQztRQUN4RCxDQUFDO1FBQ0QsT0FBTyxjQUFjLENBQUMsUUFBUSxDQUFDO0lBQ2pDLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSSxLQUFLLENBQUMsU0FBUyxDQUFDLEtBQVk7UUFDakMsSUFBSSxDQUFDO1lBQ0gsc0NBQXNDO1lBQ3RDLE1BQU0sUUFBUSxHQUFHLElBQUksQ0FBQyxnQkFBZ0IsQ0FBQyxLQUFLLENBQUMsQ0FBQztZQUU5QyxvQkFBb0I7WUFDcEIsTUFBTSxZQUFZLEdBQUcsSUFBSSxDQUFDLFNBQVMsQ0FBQyxHQUFHLENBQUMsUUFBUSxDQUFDLENBQUM7WUFDbEQsSUFBSSxZQUFZLEVBQUUsQ0FBQztnQkFDakIsTUFBTSxDQUFDLEdBQUcsQ0FBQyxNQUFNLEVBQUUsc0NBQXNDLEtBQUssQ0FBQyxZQUFZLEVBQUUsRUFBRSxDQUFDLENBQUM7Z0JBQ2pGLE9BQU8sWUFBWSxDQUFDO1lBQ3RCLENBQUM7WUFFRCx1REFBdUQ7WUFDdkQsTUFBTSxNQUFNLEdBQUcsa0JBQWtCLENBQUMsV0FBVyxFQUFFLENBQUM7WUFDaEQsTUFBTSxVQUFVLEdBQUcsTUFBTSxNQUFNLENBQUMsV0FBVyxDQUFDO2dCQUMxQyxPQUFPLEVBQUUsSUFBSSxDQUFDLE9BQU8sQ0FBQyxXQUFXLENBQUMsQ0FBQyxDQUFDLEtBQUssQ0FBQyxPQUFPLENBQUMsQ0FBQyxDQUFDLFNBQVM7Z0JBQzdELFFBQVEsRUFBRSxJQUFJLENBQUMsT0FBTyxDQUFDLFFBQVEsQ0FBQyxDQUFDLENBQUMsS0FBSyxDQUFDLElBQUksQ0FBQyxDQUFDLENBQUMsU0FBUztnQkFDeEQsUUFBUSxFQUFFLElBQUksQ0FBQyxPQUFPLENBQUMsUUFBUSxDQUFDLENBQUMsQ0FBQyxLQUFLLENBQUMsSUFBSSxDQUFDLENBQUMsQ0FBQyxTQUFTO2dCQUN4RCxlQUFlLEVBQUUsSUFBSSxDQUFDLE9BQU8sQ0FBQyxtQkFBbUI7b0JBQy9DLENBQUMsQ0FBQyxLQUFLLENBQUMsV0FBVyxFQUFFLEdBQUcsQ0FBQyxDQUFDLENBQUMsRUFBRSxDQUFDLENBQUMsQ0FBQyxRQUFRLENBQUMsSUFBSSxFQUFFO29CQUMvQyxDQUFDLENBQUMsRUFBRTthQUNQLENBQUMsQ0FBQztZQUVILE1BQU0sTUFBTSxHQUFnQjtnQkFDMUIsT0FBTyxFQUFFLElBQUk7Z0JBQ2IsV0FBVyxFQUFFLFVBQVUsQ0FBQyxXQUFXO2dCQUNuQyxVQUFVLEVBQUUsVUFBVSxDQUFDLFVBQVUsSUFBSSxTQUFTO2dCQUM5QyxhQUFhLEVBQUUsVUFBVSxDQUFDLGFBQWEsSUFBSSxTQUFTO2dCQUNwRCxlQUFlLEVBQUUsVUFBVSxDQUFDLGVBQWU7Z0JBQzNDLFNBQVMsRUFBRSxJQUFJLENBQUMsR0FBRyxFQUFFO2FBQ3RCLENBQUM7WUFFRix1RUFBdUU7WUFDdkUsSUFBSSxJQUFJLENBQUMsT0FBTyxDQUFDLGVBQWUsSUFBSSxLQUFLLENBQUMsV0FBVyxFQUFFLE1BQU0sR0FBRyxDQUFDLEVBQUUsQ0FBQztnQkFDbEUsS0FBSyxNQUFNLFVBQVUsSUFBSSxLQUFLLENBQUMsV0FBVyxFQUFFLENBQUM7b0JBQzNDLElBQUksQ0FBQyxvQkFBb0IsQ0FBQyxVQUFVLEVBQUUsTUFBTSxDQUFDLENBQUM7Z0JBQ2hELENBQUM7WUFDSCxDQUFDO1lBRUQsbURBQW1EO1lBQ25ELElBQUksQ0FBQyxnQkFBZ0IsQ0FBQyxLQUFLLEVBQUUsTUFBTSxDQUFDLENBQUM7WUFFckMsd0RBQXdEO1lBQ3hELE1BQU0sQ0FBQyxPQUFPLEdBQUcsTUFBTSxDQUFDLFdBQVcsR0FBRyxJQUFJLENBQUMsT0FBTyxDQUFDLGNBQWMsQ0FBQztZQUVsRSxnQkFBZ0I7WUFDaEIsSUFBSSxDQUFDLFNBQVMsQ0FBQyxHQUFHLENBQUMsUUFBUSxFQUFFLE1BQU0sQ0FBQyxDQUFDO1lBRXJDLDJCQUEyQjtZQUMzQixJQUFJLE1BQU0sQ0FBQyxXQUFXLElBQUksSUFBSSxDQUFDLE9BQU8sQ0FBQyxlQUFlLEVBQUUsQ0FBQztnQkFDdkQsSUFBSSxDQUFDLGtCQUFrQixDQUFDLEtBQUssRUFBRSxNQUFNLENBQUMsQ0FBQztZQUN6QyxDQUFDO2lCQUFNLElBQUksQ0FBQyxNQUFNLENBQUMsT0FBTyxFQUFFLENBQUM7Z0JBQzNCLElBQUksQ0FBQyxjQUFjLENBQUMsS0FBSyxFQUFFLE1BQU0sQ0FBQyxDQUFDO1lBQ3JDLENBQUM7WUFFRCxPQUFPLE1BQU0sQ0FBQztRQUNoQixDQUFDO1FBQUMsT0FBTyxLQUFLLEVBQUUsQ0FBQztZQUNmLE1BQU0sQ0FBQyxHQUFHLENBQUMsT0FBTyxFQUFFLHlCQUF5QixLQUFLLENBQUMsT0FBTyxFQUFFLEVBQUU7Z0JBQzVELFNBQVMsRUFBRSxLQUFLLENBQUMsWUFBWSxFQUFFO2dCQUMvQixLQUFLLEVBQUUsS0FBSyxDQUFDLEtBQUs7YUFDbkIsQ0FBQyxDQUFDO1lBRUgsOENBQThDO1lBQzlDLE9BQU87Z0JBQ0wsT0FBTyxFQUFFLElBQUk7Z0JBQ2IsV0FBVyxFQUFFLENBQUM7Z0JBQ2QsZUFBZSxFQUFFLENBQUMsT0FBTyxDQUFDO2dCQUMxQixTQUFTLEVBQUUsSUFBSSxDQUFDLEdBQUcsRUFBRTtnQkFDckIsVUFBVSxFQUFFLFlBQVk7Z0JBQ3hCLGFBQWEsRUFBRSxlQUFlLEtBQUssQ0FBQyxPQUFPLEVBQUU7YUFDOUMsQ0FBQztRQUNKLENBQUM7SUFDSCxDQUFDO0lBRUQ7Ozs7T0FJRztJQUNLLGdCQUFnQixDQUFDLEtBQVk7UUFDbkMsOEJBQThCO1FBQzlCLElBQUksS0FBSyxDQUFDLFlBQVksRUFBRSxFQUFFLENBQUM7WUFDekIsT0FBTyxTQUFTLEtBQUssQ0FBQyxZQUFZLEVBQUUsRUFBRSxDQUFDO1FBQ3pDLENBQUM7UUFFRCxvQ0FBb0M7UUFDcEMsTUFBTSxhQUFhLEdBQUc7WUFDcEIsS0FBSyxDQUFDLElBQUk7WUFDVixLQUFLLENBQUMsT0FBTyxJQUFJLEVBQUU7WUFDbkIsS0FBSyxDQUFDLElBQUksRUFBRSxTQUFTLENBQUMsQ0FBQyxFQUFFLElBQUksQ0FBQyxJQUFJLEVBQUU7WUFDcEMsS0FBSyxDQUFDLElBQUksRUFBRSxTQUFTLENBQUMsQ0FBQyxFQUFFLElBQUksQ0FBQyxJQUFJLEVBQUU7WUFDcEMsS0FBSyxDQUFDLFdBQVcsRUFBRSxNQUFNLElBQUksQ0FBQztTQUMvQixDQUFDLElBQUksQ0FBQyxHQUFHLENBQUMsQ0FBQztRQUVaLE9BQU8sU0FBUyxPQUFPLENBQUMsTUFBTSxDQUFDLFVBQVUsQ0FBQyxRQUFRLENBQUMsQ0FBQyxNQUFNLENBQUMsYUFBYSxDQUFDLENBQUMsTUFBTSxDQUFDLEtBQUssQ0FBQyxFQUFFLENBQUM7SUFDNUYsQ0FBQztJQUVEOzs7OztPQUtHO0lBQ0ssb0JBQW9CLENBQUMsVUFBdUIsRUFBRSxNQUFtQjtRQUN2RSxJQUFJLENBQUMsVUFBVSxDQUFDLE9BQU8sRUFBRSxDQUFDO1lBQ3hCLE9BQU87UUFDVCxDQUFDO1FBRUQseUJBQXlCO1FBQ3pCLElBQUksVUFBVSxDQUFDLE9BQU8sQ0FBQyxNQUFNLEdBQUcsSUFBSSxDQUFDLE9BQU8sQ0FBQyx1QkFBdUIsRUFBRSxDQUFDO1lBQ3JFLE9BQU87UUFDVCxDQUFDO1FBRUQsTUFBTSxRQUFRLEdBQUcsVUFBVSxDQUFDLFFBQVEsQ0FBQyxXQUFXLEVBQUUsQ0FBQztRQUVuRCxnRkFBZ0Y7UUFDaEYsSUFBSSxVQUFVLENBQUMsT0FBTyxDQUFDLE1BQU0sR0FBRyxFQUFFO1lBQzlCLFVBQVUsQ0FBQyxPQUFPLENBQUMsQ0FBQyxDQUFDLEtBQUssSUFBSTtZQUM5QixVQUFVLENBQUMsT0FBTyxDQUFDLENBQUMsQ0FBQyxLQUFLLElBQUksRUFBRSxDQUFDLENBQUMsY0FBYztZQUNsRCxNQUFNLENBQUMsV0FBVyxJQUFJLEVBQUUsQ0FBQztZQUN6QixNQUFNLENBQUMsVUFBVSxHQUFHLGNBQWMsQ0FBQyxVQUFVLENBQUM7WUFDOUMsTUFBTSxDQUFDLGFBQWEsR0FBRyx3Q0FBd0MsUUFBUSxFQUFFLENBQUM7WUFDMUUsT0FBTztRQUNULENBQUM7UUFFRCxxREFBcUQ7UUFDckQsSUFBSSxJQUFJLENBQUMsT0FBTyxDQUFDLFdBQVcsSUFBSSxJQUFJLENBQUMsb0JBQW9CLENBQUMsVUFBVSxDQUFDLEVBQUUsQ0FBQztZQUN0RSxNQUFNLENBQUMsV0FBVyxJQUFJLEVBQUUsQ0FBQztZQUN6QixNQUFNLENBQUMsVUFBVSxHQUFHLGNBQWMsQ0FBQyxlQUFlLENBQUM7WUFDbkQsTUFBTSxDQUFDLGFBQWEsR0FBRyx5Q0FBeUMsUUFBUSxFQUFFLENBQUM7UUFDN0UsQ0FBQztJQUNILENBQUM7SUFFRDs7Ozs7T0FLRztJQUNLLGdCQUFnQixDQUFDLEtBQVksRUFBRSxNQUFtQjtRQUN4RCxJQUFJLENBQUMsSUFBSSxDQUFDLE9BQU8sQ0FBQyxXQUFXLENBQUMsTUFBTSxFQUFFLENBQUM7WUFDckMsT0FBTztRQUNULENBQUM7UUFFRCxNQUFNLFlBQVksR0FBYSxFQUFFLENBQUM7UUFDbEMsSUFBSSxLQUFLLENBQUMsT0FBTztZQUFFLFlBQVksQ0FBQyxJQUFJLENBQUMsS0FBSyxDQUFDLE9BQU8sQ0FBQyxDQUFDO1FBQ3BELElBQUksS0FBSyxDQUFDLElBQUk7WUFBRSxZQUFZLENBQUMsSUFBSSxDQUFDLEtBQUssQ0FBQyxJQUFJLENBQUMsQ0FBQztRQUM5QyxJQUFJLEtBQUssQ0FBQyxJQUFJO1lBQUUsWUFBWSxDQUFDLElBQUksQ0FBQyxLQUFLLENBQUMsSUFBSSxDQUFDLENBQUM7UUFFOUMsS0FBSyxNQUFNLElBQUksSUFBSSxJQUFJLENBQUMsT0FBTyxDQUFDLFdBQVcsRUFBRSxDQUFDO1lBQzVDLE1BQU0sT0FBTyxHQUFHLElBQUksQ0FBQyxPQUFPLFlBQVksTUFBTSxDQUFDLENBQUMsQ0FBQyxJQUFJLENBQUMsT0FBTyxDQUFDLENBQUMsQ0FBQyxJQUFJLE1BQU0sQ0FBQyxJQUFJLENBQUMsT0FBTyxFQUFFLEdBQUcsQ0FBQyxDQUFDO1lBQzlGLEtBQUssTUFBTSxJQUFJLElBQUksWUFBWSxFQUFFLENBQUM7Z0JBQ2hDLElBQUksT0FBTyxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsRUFBRSxDQUFDO29CQUN2QixNQUFNLENBQUMsV0FBVyxJQUFJLElBQUksQ0FBQyxLQUFLLENBQUM7b0JBQ2pDLE1BQU0sQ0FBQyxVQUFVLEdBQUcsSUFBSSxDQUFDLElBQUksQ0FBQztvQkFDOUIsTUFBTSxDQUFDLGFBQWEsR0FBRyxJQUFJLENBQUMsV0FBVyxDQUFDO29CQUN4QyxPQUFPO2dCQUNULENBQUM7WUFDSCxDQUFDO1FBQ0gsQ0FBQztJQUNILENBQUM7SUFFRDs7OztPQUlHO0lBQ0sscUJBQXFCLENBQUMsTUFBYztRQUMxQyxJQUFJLENBQUM7WUFDSCxxREFBcUQ7WUFDckQsTUFBTSxVQUFVLEdBQUcsSUFBSSxDQUFDLEdBQUcsQ0FBQyxNQUFNLENBQUMsTUFBTSxFQUFFLEdBQUcsR0FBRyxJQUFJLENBQUMsQ0FBQyxDQUFDLG1CQUFtQjtZQUMzRSxNQUFNLE1BQU0sR0FBRyxNQUFNLENBQUMsS0FBSyxDQUFDLENBQUMsRUFBRSxVQUFVLENBQUMsQ0FBQztZQUUzQyw4REFBOEQ7WUFDOUQsT0FBTyxNQUFNLENBQUMsUUFBUSxDQUFDLE1BQU0sQ0FBQztpQkFDM0IsT0FBTyxDQUFDLGdDQUFnQyxFQUFFLEVBQUUsQ0FBQyxDQUFDLHVCQUF1QjtpQkFDckUsT0FBTyxDQUFDLFNBQVMsRUFBRSxFQUFFLENBQUMsQ0FBQyxDQUFDLDBCQUEwQjtRQUN2RCxDQUFDO1FBQUMsT0FBTyxLQUFLLEVBQUUsQ0FBQztZQUNmLE1BQU0sQ0FBQyxHQUFHLENBQUMsTUFBTSxFQUFFLHNDQUFzQyxLQUFLLENBQUMsT0FBTyxFQUFFLENBQUMsQ0FBQztZQUMxRSxPQUFPLEVBQUUsQ0FBQztRQUNaLENBQUM7SUFDSCxDQUFDO0lBRUQ7Ozs7T0FJRztJQUNLLG9CQUFvQixDQUFDLFVBQXVCO1FBQ2xELE1BQU0sT0FBTyxHQUFHLElBQUksQ0FBQyxxQkFBcUIsQ0FBQyxVQUFVLENBQUMsT0FBTyxDQUFDLENBQUM7UUFDL0QsTUFBTSxlQUFlLEdBQUc7WUFDdEIsa0JBQWtCO1lBQ2xCLGdCQUFnQjtZQUNoQixTQUFTO1lBQ1QsWUFBWTtZQUNaLFdBQVc7WUFDWCxlQUFlO1lBQ2YsV0FBVztZQUNYLGNBQWM7WUFDZCxZQUFZO1lBQ1osbUJBQW1CO1NBQ3BCLENBQUM7UUFFRixLQUFLLE1BQU0sU0FBUyxJQUFJLGVBQWUsRUFBRSxDQUFDO1lBQ3hDLElBQUksU0FBUyxDQUFDLElBQUksQ0FBQyxPQUFPLENBQUMsRUFBRSxDQUFDO2dCQUM1QixPQUFPLElBQUksQ0FBQztZQUNkLENBQUM7UUFDSCxDQUFDO1FBRUQsT0FBTyxLQUFLLENBQUM7SUFDZixDQUFDO0lBRUQ7Ozs7T0FJRztJQUNLLGtCQUFrQixDQUFDLEtBQVksRUFBRSxNQUFtQjtRQUMxRCxjQUFjLENBQUMsV0FBVyxFQUFFLENBQUMsUUFBUSxDQUFDO1lBQ3BDLEtBQUssRUFBRSxnQkFBZ0IsQ0FBQyxLQUFLO1lBQzdCLElBQUksRUFBRSxpQkFBaUIsQ0FBQyxPQUFPO1lBQy9CLE9BQU8sRUFBRSw4Q0FBOEMsS0FBSyxDQUFDLElBQUksT0FBTyxLQUFLLENBQUMsRUFBRSxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsRUFBRTtZQUM3RixPQUFPLEVBQUU7Z0JBQ1AsU0FBUyxFQUFFLEtBQUssQ0FBQyxZQUFZLEVBQUU7Z0JBQy9CLFVBQVUsRUFBRSxNQUFNLENBQUMsVUFBVTtnQkFDN0IsYUFBYSxFQUFFLE1BQU0sQ0FBQyxhQUFhO2dCQUNuQyxXQUFXLEVBQUUsTUFBTSxDQUFDLFdBQVc7Z0JBQy9CLGVBQWUsRUFBRSxNQUFNLENBQUMsZUFBZTtnQkFDdkMsT0FBTyxFQUFFLEtBQUssQ0FBQyxPQUFPO2FBQ3ZCO1lBQ0QsT0FBTyxFQUFFLEtBQUs7WUFDZCxNQUFNLEVBQUUsS0FBSyxDQUFDLGFBQWEsRUFBRTtTQUM5QixDQUFDLENBQUM7SUFDTCxDQUFDO0lBRUQ7Ozs7T0FJRztJQUNLLGNBQWMsQ0FBQyxLQUFZLEVBQUUsTUFBbUI7UUFDdEQsY0FBYyxDQUFDLFdBQVcsRUFBRSxDQUFDLFFBQVEsQ0FBQztZQUNwQyxLQUFLLEVBQUUsZ0JBQWdCLENBQUMsSUFBSTtZQUM1QixJQUFJLEVBQUUsaUJBQWlCLENBQUMsSUFBSTtZQUM1QixPQUFPLEVBQUUsNkNBQTZDLEtBQUssQ0FBQyxJQUFJLE9BQU8sS0FBSyxDQUFDLEVBQUUsQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLEVBQUU7WUFDNUYsT0FBTyxFQUFFO2dCQUNQLFNBQVMsRUFBRSxLQUFLLENBQUMsWUFBWSxFQUFFO2dCQUMvQixVQUFVLEVBQUUsTUFBTSxDQUFDLFVBQVU7Z0JBQzdCLGFBQWEsRUFBRSxNQUFNLENBQUMsYUFBYTtnQkFDbkMsV0FBVyxFQUFFLE1BQU0sQ0FBQyxXQUFXO2dCQUMvQixlQUFlLEVBQUUsTUFBTSxDQUFDLGVBQWU7Z0JBQ3ZDLE9BQU8sRUFBRSxLQUFLLENBQUMsT0FBTzthQUN2QjtZQUNELE9BQU8sRUFBRSxLQUFLO1lBQ2QsTUFBTSxFQUFFLEtBQUssQ0FBQyxhQUFhLEVBQUU7U0FDOUIsQ0FBQyxDQUFDO0lBQ0wsQ0FBQztJQUVEOzs7O09BSUc7SUFDSSxNQUFNLENBQUMsY0FBYyxDQUFDLEtBQWE7UUFDeEMsSUFBSSxLQUFLLEdBQUcsRUFBRSxFQUFFLENBQUM7WUFDZixPQUFPLE1BQU0sQ0FBQztRQUNoQixDQUFDO2FBQU0sSUFBSSxLQUFLLEdBQUcsRUFBRSxFQUFFLENBQUM7WUFDdEIsT0FBTyxLQUFLLENBQUM7UUFDZixDQUFDO2FBQU0sSUFBSSxLQUFLLEdBQUcsRUFBRSxFQUFFLENBQUM7WUFDdEIsT0FBTyxRQUFRLENBQUM7UUFDbEIsQ0FBQzthQUFNLENBQUM7WUFDTixPQUFPLE1BQU0sQ0FBQztRQUNoQixDQUFDO0lBQ0gsQ0FBQyJ9 \ No newline at end of file diff --git a/dist_ts/security/classes.ipreputationchecker.js b/dist_ts/security/classes.ipreputationchecker.js index 98ada87..dd1ce60 100644 --- a/dist_ts/security/classes.ipreputationchecker.js +++ b/dist_ts/security/classes.ipreputationchecker.js @@ -113,7 +113,10 @@ export class IPReputationChecker { ip, stack: error.stack }); - return this.createErrorResult(ip, error.message); + const errorResult = this.createErrorResult(ip, error.message); + // Cache error results to avoid repeated failing lookups + this.reputationCache.set(ip, errorResult); + return errorResult; } } createErrorResult(ip, errorMessage) { @@ -257,4 +260,4 @@ export class IPReputationChecker { } } } -//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY2xhc3Nlcy5pcHJlcHV0YXRpb25jaGVja2VyLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vdHMvc2VjdXJpdHkvY2xhc3Nlcy5pcHJlcHV0YXRpb25jaGVja2VyLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUFBLE9BQU8sS0FBSyxPQUFPLE1BQU0sZUFBZSxDQUFDO0FBQ3pDLE9BQU8sS0FBSyxLQUFLLE1BQU0sYUFBYSxDQUFDO0FBQ3JDLE9BQU8sRUFBRSxNQUFNLEVBQUUsTUFBTSxjQUFjLENBQUM7QUFDdEMsT0FBTyxFQUFFLGNBQWMsRUFBRSxnQkFBZ0IsRUFBRSxpQkFBaUIsRUFBRSxNQUFNLDZCQUE2QixDQUFDO0FBQ2xHLE9BQU8sRUFBRSxrQkFBa0IsRUFBRSxNQUFNLGlDQUFpQyxDQUFDO0FBQ3JFLE9BQU8sRUFBRSxRQUFRLEVBQUUsTUFBTSxXQUFXLENBQUM7QUFtQnJDOztHQUVHO0FBQ0gsTUFBTSxDQUFOLElBQVksbUJBSVg7QUFKRCxXQUFZLG1CQUFtQjtJQUM3Qix3RUFBYyxDQUFBO0lBQ2QsNEVBQWdCLENBQUE7SUFDaEIsc0VBQWEsQ0FBQSxDQUFRLDREQUE0RDtBQUNuRixDQUFDLEVBSlcsbUJBQW1CLEtBQW5CLG1CQUFtQixRQUk5QjtBQUVEOztHQUVHO0FBQ0gsTUFBTSxDQUFOLElBQVksTUFPWDtBQVBELFdBQVksTUFBTTtJQUNoQixxQ0FBMkIsQ0FBQTtJQUMzQixtQ0FBeUIsQ0FBQTtJQUN6Qix5QkFBZSxDQUFBO0lBQ2YscUJBQVcsQ0FBQTtJQUNYLHFCQUFXLENBQUE7SUFDWCw2QkFBbUIsQ0FBQTtBQUNyQixDQUFDLEVBUFcsTUFBTSxLQUFOLE1BQU0sUUFPakI7QUFpQkQ7OztHQUdHO0FBQ0gsTUFBTSxPQUFPLG1CQUFtQjtJQUN0QixNQUFNLENBQUMsUUFBUSxDQUFzQjtJQUNyQyxlQUFlLENBQXNDO0lBQ3JELE9BQU8sQ0FBaUM7SUFDeEMsY0FBYyxDQUFPO0lBRXJCLE1BQU0sQ0FBVSxlQUFlLEdBQW1DO1FBQ3hFLFlBQVksRUFBRSxLQUFLO1FBQ25CLFFBQVEsRUFBRSxFQUFFLEdBQUcsRUFBRSxHQUFHLEVBQUUsR0FBRyxJQUFJO1FBQzdCLFlBQVksRUFBRSxFQUFFO1FBQ2hCLGlCQUFpQixFQUFFLG1CQUFtQixDQUFDLFNBQVM7UUFDaEQsbUJBQW1CLEVBQUUsbUJBQW1CLENBQUMsV0FBVztRQUNwRCxnQkFBZ0IsRUFBRSxtQkFBbUIsQ0FBQyxRQUFRO1FBQzlDLGdCQUFnQixFQUFFLElBQUk7UUFDdEIsV0FBVyxFQUFFLElBQUk7UUFDakIsWUFBWSxFQUFFLElBQUk7S0FDbkIsQ0FBQztJQUVGLFlBQVksVUFBZ0MsRUFBRSxFQUFFLGNBQW9CO1FBQ2xFLElBQUksQ0FBQyxPQUFPLEdBQUc7WUFDYixHQUFHLG1CQUFtQixDQUFDLGVBQWU7WUFDdEMsR0FBRyxPQUFPO1NBQ1gsQ0FBQztRQUVGLElBQUksQ0FBQyxjQUFjLEdBQUcsY0FBYyxDQUFDO1FBRXJDLElBQUksQ0FBQyxlQUFlLEdBQUcsSUFBSSxRQUFRLENBQTRCO1lBQzdELEdBQUcsRUFBRSxJQUFJLENBQUMsT0FBTyxDQUFDLFlBQVk7WUFDOUIsR0FBRyxFQUFFLElBQUksQ0FBQyxPQUFPLENBQUMsUUFBUTtTQUMzQixDQUFDLENBQUM7UUFFSCxJQUFJLElBQUksQ0FBQyxPQUFPLENBQUMsZ0JBQWdCLEVBQUUsQ0FBQztZQUNsQyxJQUFJLENBQUMsU0FBUyxFQUFFLENBQUMsS0FBSyxDQUFDLEtBQUssQ0FBQyxFQUFFO2dCQUM3QixNQUFNLENBQUMsR0FBRyxDQUFDLE9BQU8sRUFBRSw2REFBNkQsS0FBSyxDQUFDLE9BQU8sRUFBRSxDQUFDLENBQUM7WUFDcEcsQ0FBQyxDQUFDLENBQUM7UUFDTCxDQUFDO0lBQ0gsQ0FBQztJQUVNLE1BQU0sQ0FBQyxXQUFXLENBQUMsVUFBZ0MsRUFBRSxFQUFFLGNBQW9CO1FBQ2hGLElBQUksQ0FBQyxtQkFBbUIsQ0FBQyxRQUFRLEVBQUUsQ0FBQztZQUNsQyxtQkFBbUIsQ0FBQyxRQUFRLEdBQUcsSUFBSSxtQkFBbUIsQ0FBQyxPQUFPLEVBQUUsY0FBYyxDQUFDLENBQUM7UUFDbEYsQ0FBQztRQUNELE9BQU8sbUJBQW1CLENBQUMsUUFBUSxDQUFDO0lBQ3RDLENBQUM7SUFFRDs7T0FFRztJQUNJLEtBQUssQ0FBQyxlQUFlLENBQUMsRUFBVTtRQUNyQyxJQUFJLENBQUM7WUFDSCxJQUFJLENBQUMsSUFBSSxDQUFDLGdCQUFnQixDQUFDLEVBQUUsQ0FBQyxFQUFFLENBQUM7Z0JBQy9CLE1BQU0sQ0FBQyxHQUFHLENBQUMsTUFBTSxFQUFFLDhCQUE4QixFQUFFLEVBQUUsQ0FBQyxDQUFDO2dCQUN2RCxPQUFPLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxFQUFFLEVBQUUsMkJBQTJCLENBQUMsQ0FBQztZQUNqRSxDQUFDO1lBRUQsb0JBQW9CO1lBQ3BCLE1BQU0sWUFBWSxHQUFHLElBQUksQ0FBQyxlQUFlLENBQUMsR0FBRyxDQUFDLEVBQUUsQ0FBQyxDQUFDO1lBQ2xELElBQUksWUFBWSxFQUFFLENBQUM7Z0JBQ2pCLE1BQU0sQ0FBQyxHQUFHLENBQUMsTUFBTSxFQUFFLHVDQUF1QyxFQUFFLEVBQUUsRUFBRTtvQkFDOUQsS0FBSyxFQUFFLFlBQVksQ0FBQyxLQUFLO29CQUN6QixNQUFNLEVBQUUsWUFBWSxDQUFDLE1BQU07aUJBQzVCLENBQUMsQ0FBQztnQkFDSCxPQUFPLFlBQVksQ0FBQztZQUN0QixDQUFDO1lBRUQsMEJBQTBCO1lBQzFCLE1BQU0sTUFBTSxHQUFHLGtCQUFrQixDQUFDLFdBQVcsRUFBRSxDQUFDO1lBQ2hELE1BQU0sVUFBVSxHQUFHLE1BQU0sTUFBTSxDQUFDLGlCQUFpQixDQUFDLEVBQUUsQ0FBQyxDQUFDO1lBRXRELE1BQU0sTUFBTSxHQUFzQjtnQkFDaEMsS0FBSyxFQUFFLFVBQVUsQ0FBQyxLQUFLO2dCQUN2QixNQUFNLEVBQUUsVUFBVSxDQUFDLFlBQVksR0FBRyxDQUFDO2dCQUNuQyxPQUFPLEVBQUUsVUFBVSxDQUFDLE9BQU8sS0FBSyxPQUFPO2dCQUN2QyxLQUFLLEVBQUUsVUFBVSxDQUFDLE9BQU8sS0FBSyxLQUFLO2dCQUNuQyxLQUFLLEVBQUUsVUFBVSxDQUFDLE9BQU8sS0FBSyxLQUFLO2dCQUNuQyxVQUFVLEVBQUUsVUFBVSxDQUFDLGFBQWE7cUJBQ2pDLE1BQU0sQ0FBQyxDQUFDLENBQUMsRUFBRSxDQUFDLENBQUMsQ0FBQyxNQUFNLENBQUM7cUJBQ3JCLEdBQUcsQ0FBQyxDQUFDLENBQUMsRUFBRSxDQUFDLENBQUMsQ0FBQyxNQUFNLENBQUM7Z0JBQ3JCLFNBQVMsRUFBRSxJQUFJLENBQUMsR0FBRyxFQUFFO2FBQ3RCLENBQUM7WUFFRixJQUFJLENBQUMsZUFBZSxDQUFDLEdBQUcsQ0FBQyxFQUFFLEVBQUUsTUFBTSxDQUFDLENBQUM7WUFFckMsSUFBSSxJQUFJLENBQUMsT0FBTyxDQUFDLGdCQUFnQixFQUFFLENBQUM7Z0JBQ2xDLElBQUksQ0FBQyxTQUFTLEVBQUUsQ0FBQyxLQUFLLENBQUMsS0FBSyxDQUFDLEVBQUU7b0JBQzdCLE1BQU0sQ0FBQyxHQUFHLENBQUMsT0FBTyxFQUFFLHVDQUF1QyxLQUFLLENBQUMsT0FBTyxFQUFFLENBQUMsQ0FBQztnQkFDOUUsQ0FBQyxDQUFDLENBQUM7WUFDTCxDQUFDO1lBRUQsSUFBSSxDQUFDLGtCQUFrQixDQUFDLEVBQUUsRUFBRSxNQUFNLENBQUMsQ0FBQztZQUNwQyxPQUFPLE1BQU0sQ0FBQztRQUNoQixDQUFDO1FBQUMsT0FBTyxLQUFLLEVBQUUsQ0FBQztZQUNmLE1BQU0sQ0FBQyxHQUFHLENBQUMsT0FBTyxFQUFFLG9DQUFvQyxFQUFFLEtBQUssS0FBSyxDQUFDLE9BQU8sRUFBRSxFQUFFO2dCQUM5RSxFQUFFO2dCQUNGLEtBQUssRUFBRSxLQUFLLENBQUMsS0FBSzthQUNuQixDQUFDLENBQUM7WUFDSCxPQUFPLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxFQUFFLEVBQUUsS0FBSyxDQUFDLE9BQU8sQ0FBQyxDQUFDO1FBQ25ELENBQUM7SUFDSCxDQUFDO0lBRU8saUJBQWlCLENBQUMsRUFBVSxFQUFFLFlBQW9CO1FBQ3hELE9BQU87WUFDTCxLQUFLLEVBQUUsRUFBRTtZQUNULE1BQU0sRUFBRSxLQUFLO1lBQ2IsT0FBTyxFQUFFLEtBQUs7WUFDZCxLQUFLLEVBQUUsS0FBSztZQUNaLEtBQUssRUFBRSxLQUFLO1lBQ1osU0FBUyxFQUFFLElBQUksQ0FBQyxHQUFHLEVBQUU7WUFDckIsS0FBSyxFQUFFLFlBQVk7U0FDcEIsQ0FBQztJQUNKLENBQUM7SUFFTyxnQkFBZ0IsQ0FBQyxFQUFVO1FBQ2pDLE1BQU0sV0FBVyxHQUFHLHVGQUF1RixDQUFDO1FBQzVHLE9BQU8sV0FBVyxDQUFDLElBQUksQ0FBQyxFQUFFLENBQUMsQ0FBQztJQUM5QixDQUFDO0lBRU8sa0JBQWtCLENBQUMsRUFBVSxFQUFFLE1BQXlCO1FBQzlELElBQUksUUFBUSxHQUFHLGdCQUFnQixDQUFDLElBQUksQ0FBQztRQUNyQyxJQUFJLE1BQU0sQ0FBQyxLQUFLLEdBQUcsSUFBSSxDQUFDLE9BQU8sQ0FBQyxpQkFBaUIsRUFBRSxDQUFDO1lBQ2xELFFBQVEsR0FBRyxnQkFBZ0IsQ0FBQyxJQUFJLENBQUM7UUFDbkMsQ0FBQztRQUVELGNBQWMsQ0FBQyxXQUFXLEVBQUUsQ0FBQyxRQUFRLENBQUM7WUFDcEMsS0FBSyxFQUFFLFFBQVE7WUFDZixJQUFJLEVBQUUsaUJBQWlCLENBQUMsYUFBYTtZQUNyQyxPQUFPLEVBQUUsdUJBQXVCLE1BQU0sQ0FBQyxNQUFNLENBQUMsQ0FBQyxDQUFDLGNBQWMsQ0FBQyxDQUFDLENBQUMsV0FBVyxRQUFRLEVBQUUsRUFBRTtZQUN4RixTQUFTLEVBQUUsRUFBRTtZQUNiLE9BQU8sRUFBRTtnQkFDUCxLQUFLLEVBQUUsTUFBTSxDQUFDLEtBQUs7Z0JBQ25CLE1BQU0sRUFBRSxNQUFNLENBQUMsTUFBTTtnQkFDckIsT0FBTyxFQUFFLE1BQU0sQ0FBQyxPQUFPO2dCQUN2QixLQUFLLEVBQUUsTUFBTSxDQUFDLEtBQUs7Z0JBQ25CLEtBQUssRUFBRSxNQUFNLENBQUMsS0FBSztnQkFDbkIsT0FBTyxFQUFFLE1BQU0sQ0FBQyxPQUFPO2dCQUN2QixVQUFVLEVBQUUsTUFBTSxDQUFDLFVBQVU7YUFDOUI7WUFDRCxPQUFPLEVBQUUsQ0FBQyxNQUFNLENBQUMsTUFBTTtTQUN4QixDQUFDLENBQUM7SUFDTCxDQUFDO0lBRU8sS0FBSyxDQUFDLFNBQVM7UUFDckIsSUFBSSxDQUFDO1lBQ0gsTUFBTSxPQUFPLEdBQUcsS0FBSyxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsZUFBZSxDQUFDLE9BQU8sRUFBRSxDQUFDLENBQUMsR0FBRyxDQUFDLENBQUMsQ0FBQyxFQUFFLEVBQUUsSUFBSSxDQUFDLEVBQUUsRUFBRSxDQUFDLENBQUM7Z0JBQzlFLEVBQUU7Z0JBQ0YsSUFBSTthQUNMLENBQUMsQ0FBQyxDQUFDO1lBRUosSUFBSSxPQUFPLENBQUMsTUFBTSxLQUFLLENBQUMsRUFBRSxDQUFDO2dCQUN6QixPQUFPO1lBQ1QsQ0FBQztZQUVELE1BQU0sU0FBUyxHQUFHLElBQUksQ0FBQyxTQUFTLENBQUMsT0FBTyxDQUFDLENBQUM7WUFFMUMsSUFBSSxJQUFJLENBQUMsY0FBYyxFQUFFLENBQUM7Z0JBQ3hCLE1BQU0sSUFBSSxDQUFDLGNBQWMsQ0FBQyxHQUFHLENBQUMsb0NBQW9DLEVBQUUsU0FBUyxDQUFDLENBQUM7Z0JBQy9FLE1BQU0sQ0FBQyxHQUFHLENBQUMsTUFBTSxFQUFFLFNBQVMsT0FBTyxDQUFDLE1BQU0sZ0RBQWdELENBQUMsQ0FBQztZQUM5RixDQUFDO2lCQUFNLENBQUM7Z0JBQ04sTUFBTSxRQUFRLEdBQUcsT0FBTyxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsS0FBSyxDQUFDLE9BQU8sRUFBRSxVQUFVLENBQUMsQ0FBQztnQkFDOUQsTUFBTSxPQUFPLENBQUMsT0FBTyxDQUFDLFNBQVMsQ0FBQyxRQUFRLENBQUMsQ0FBQyxTQUFTLEVBQUUsQ0FBQyxNQUFNLEVBQUUsQ0FBQztnQkFDL0QsTUFBTSxTQUFTLEdBQUcsT0FBTyxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsUUFBUSxFQUFFLDBCQUEwQixDQUFDLENBQUM7Z0JBQzFFLE1BQU0sT0FBTyxDQUFDLE9BQU8sQ0FBQyxJQUFJLENBQUMsU0FBUyxDQUFDLENBQUMsS0FBSyxDQUFDLFNBQVMsQ0FBQyxDQUFDO2dCQUN2RCxNQUFNLENBQUMsR0FBRyxDQUFDLE1BQU0sRUFBRSxTQUFTLE9BQU8sQ0FBQyxNQUFNLHNDQUFzQyxDQUFDLENBQUM7WUFDcEYsQ0FBQztRQUNILENBQUM7UUFBQyxPQUFPLEtBQUssRUFBRSxDQUFDO1lBQ2YsTUFBTSxDQUFDLEdBQUcsQ0FBQyxPQUFPLEVBQUUsdUNBQXVDLEtBQUssQ0FBQyxPQUFPLEVBQUUsQ0FBQyxDQUFDO1FBQzlFLENBQUM7SUFDSCxDQUFDO0lBRU8sS0FBSyxDQUFDLFNBQVM7UUFDckIsSUFBSSxDQUFDO1lBQ0gsSUFBSSxTQUFTLEdBQWtCLElBQUksQ0FBQztZQUNwQyxJQUFJLGNBQWMsR0FBRyxLQUFLLENBQUM7WUFFM0IsSUFBSSxJQUFJLENBQUMsY0FBYyxFQUFFLENBQUM7Z0JBQ3hCLElBQUksQ0FBQztvQkFDSCxTQUFTLEdBQUcsTUFBTSxJQUFJLENBQUMsY0FBYyxDQUFDLEdBQUcsQ0FBQyxvQ0FBb0MsQ0FBQyxDQUFDO29CQUVoRixJQUFJLENBQUMsU0FBUyxFQUFFLENBQUM7d0JBQ2YsTUFBTSxTQUFTLEdBQUcsT0FBTyxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsS0FBSyxDQUFDLE9BQU8sRUFBRSxVQUFVLEVBQUUsMEJBQTBCLENBQUMsQ0FBQzt3QkFDM0YsSUFBSSxPQUFPLENBQUMsRUFBRSxDQUFDLFVBQVUsQ0FBQyxTQUFTLENBQUMsRUFBRSxDQUFDOzRCQUNyQyxNQUFNLENBQUMsR0FBRyxDQUFDLE1BQU0sRUFBRSxpRUFBaUUsQ0FBQyxDQUFDOzRCQUN0RixTQUFTLEdBQUcsT0FBTyxDQUFDLEVBQUUsQ0FBQyxZQUFZLENBQUMsU0FBUyxFQUFFLE1BQU0sQ0FBQyxDQUFDOzRCQUN2RCxjQUFjLEdBQUcsSUFBSSxDQUFDOzRCQUN0QixNQUFNLElBQUksQ0FBQyxjQUFjLENBQUMsR0FBRyxDQUFDLG9DQUFvQyxFQUFFLFNBQVMsQ0FBQyxDQUFDOzRCQUMvRSxNQUFNLENBQUMsR0FBRyxDQUFDLE1BQU0sRUFBRSw2REFBNkQsQ0FBQyxDQUFDOzRCQUNsRixJQUFJLENBQUM7Z0NBQ0gsT0FBTyxDQUFDLEVBQUUsQ0FBQyxVQUFVLENBQUMsU0FBUyxDQUFDLENBQUM7Z0NBQ2pDLE1BQU0sQ0FBQyxHQUFHLENBQUMsTUFBTSxFQUFFLHdDQUF3QyxDQUFDLENBQUM7NEJBQy9ELENBQUM7NEJBQUMsT0FBTyxXQUFXLEVBQUUsQ0FBQztnQ0FDckIsTUFBTSxDQUFDLEdBQUcsQ0FBQyxNQUFNLEVBQUUsb0NBQW9DLFdBQVcsQ0FBQyxPQUFPLEVBQUUsQ0FBQyxDQUFDOzRCQUNoRixDQUFDO3dCQUNILENBQUM7b0JBQ0gsQ0FBQztnQkFDSCxDQUFDO2dCQUFDLE9BQU8sS0FBSyxFQUFFLENBQUM7b0JBQ2YsTUFBTSxDQUFDLEdBQUcsQ0FBQyxPQUFPLEVBQUUsc0NBQXNDLEtBQUssQ0FBQyxPQUFPLEVBQUUsQ0FBQyxDQUFDO2dCQUM3RSxDQUFDO1lBQ0gsQ0FBQztpQkFBTSxDQUFDO2dCQUNOLE1BQU0sU0FBUyxHQUFHLE9BQU8sQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLEtBQUssQ0FBQyxPQUFPLEVBQUUsVUFBVSxFQUFFLDBCQUEwQixDQUFDLENBQUM7Z0JBQzNGLElBQUksT0FBTyxDQUFDLEVBQUUsQ0FBQyxVQUFVLENBQUMsU0FBUyxDQUFDLEVBQUUsQ0FBQztvQkFDckMsU0FBUyxHQUFHLE9BQU8sQ0FBQyxFQUFFLENBQUMsWUFBWSxDQUFDLFNBQVMsRUFBRSxNQUFNLENBQUMsQ0FBQztvQkFDdkQsY0FBYyxHQUFHLElBQUksQ0FBQztnQkFDeEIsQ0FBQztZQUNILENBQUM7WUFFRCxJQUFJLFNBQVMsRUFBRSxDQUFDO2dCQUNkLE1BQU0sT0FBTyxHQUFHLElBQUksQ0FBQyxLQUFLLENBQUMsU0FBUyxDQUFDLENBQUM7Z0JBQ3RDLE1BQU0sR0FBRyxHQUFHLElBQUksQ0FBQyxHQUFHLEVBQUUsQ0FBQztnQkFDdkIsTUFBTSxZQUFZLEdBQUcsT0FBTyxDQUFDLE1BQU0sQ0FBQyxLQUFLLENBQUMsRUFBRTtvQkFDMUMsTUFBTSxHQUFHLEdBQUcsR0FBRyxHQUFHLEtBQUssQ0FBQyxJQUFJLENBQUMsU0FBUyxDQUFDO29CQUN2QyxPQUFPLEdBQUcsR0FBRyxJQUFJLENBQUMsT0FBTyxDQUFDLFFBQVEsQ0FBQztnQkFDckMsQ0FBQyxDQUFDLENBQUM7Z0JBRUgsS0FBSyxNQUFNLEtBQUssSUFBSSxZQUFZLEVBQUUsQ0FBQztvQkFDakMsSUFBSSxDQUFDLGVBQWUsQ0FBQyxHQUFHLENBQUMsS0FBSyxDQUFDLEVBQUUsRUFBRSxLQUFLLENBQUMsSUFBSSxDQUFDLENBQUM7Z0JBQ2pELENBQUM7Z0JBRUQsTUFBTSxNQUFNLEdBQUcsY0FBYyxDQUFDLENBQUMsQ0FBQyxNQUFNLENBQUMsQ0FBQyxDQUFDLGdCQUFnQixDQUFDO2dCQUMxRCxNQUFNLENBQUMsR0FBRyxDQUFDLE1BQU0sRUFBRSxVQUFVLFlBQVksQ0FBQyxNQUFNLHFDQUFxQyxNQUFNLEVBQUUsQ0FBQyxDQUFDO1lBQ2pHLENBQUM7UUFDSCxDQUFDO1FBQUMsT0FBTyxLQUFLLEVBQUUsQ0FBQztZQUNmLE1BQU0sQ0FBQyxHQUFHLENBQUMsT0FBTyxFQUFFLHVDQUF1QyxLQUFLLENBQUMsT0FBTyxFQUFFLENBQUMsQ0FBQztRQUM5RSxDQUFDO0lBQ0gsQ0FBQztJQUVNLE1BQU0sQ0FBQyxZQUFZLENBQUMsS0FBYTtRQUN0QyxJQUFJLEtBQUssR0FBRyxtQkFBbUIsQ0FBQyxTQUFTLEVBQUUsQ0FBQztZQUMxQyxPQUFPLE1BQU0sQ0FBQztRQUNoQixDQUFDO2FBQU0sSUFBSSxLQUFLLEdBQUcsbUJBQW1CLENBQUMsV0FBVyxFQUFFLENBQUM7WUFDbkQsT0FBTyxRQUFRLENBQUM7UUFDbEIsQ0FBQzthQUFNLElBQUksS0FBSyxHQUFHLG1CQUFtQixDQUFDLFFBQVEsRUFBRSxDQUFDO1lBQ2hELE9BQU8sS0FBSyxDQUFDO1FBQ2YsQ0FBQzthQUFNLENBQUM7WUFDTixPQUFPLFNBQVMsQ0FBQztRQUNuQixDQUFDO0lBQ0gsQ0FBQztJQUVNLG9CQUFvQixDQUFDLGNBQW1CO1FBQzdDLElBQUksQ0FBQyxjQUFjLEdBQUcsY0FBYyxDQUFDO1FBQ3JDLE1BQU0sQ0FBQyxHQUFHLENBQUMsTUFBTSxFQUFFLDZDQUE2QyxDQUFDLENBQUM7UUFFbEUsSUFBSSxJQUFJLENBQUMsT0FBTyxDQUFDLGdCQUFnQixJQUFJLElBQUksQ0FBQyxlQUFlLENBQUMsSUFBSSxHQUFHLENBQUMsRUFBRSxDQUFDO1lBQ25FLElBQUksQ0FBQyxTQUFTLEVBQUUsQ0FBQyxLQUFLLENBQUMsS0FBSyxDQUFDLEVBQUU7Z0JBQzdCLE1BQU0sQ0FBQyxHQUFHLENBQUMsT0FBTyxFQUFFLGdEQUFnRCxLQUFLLENBQUMsT0FBTyxFQUFFLENBQUMsQ0FBQztZQUN2RixDQUFDLENBQUMsQ0FBQztRQUNMLENBQUM7SUFDSCxDQUFDIn0= \ No newline at end of file +//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY2xhc3Nlcy5pcHJlcHV0YXRpb25jaGVja2VyLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vdHMvc2VjdXJpdHkvY2xhc3Nlcy5pcHJlcHV0YXRpb25jaGVja2VyLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUFBLE9BQU8sS0FBSyxPQUFPLE1BQU0sZUFBZSxDQUFDO0FBQ3pDLE9BQU8sS0FBSyxLQUFLLE1BQU0sYUFBYSxDQUFDO0FBQ3JDLE9BQU8sRUFBRSxNQUFNLEVBQUUsTUFBTSxjQUFjLENBQUM7QUFDdEMsT0FBTyxFQUFFLGNBQWMsRUFBRSxnQkFBZ0IsRUFBRSxpQkFBaUIsRUFBRSxNQUFNLDZCQUE2QixDQUFDO0FBQ2xHLE9BQU8sRUFBRSxrQkFBa0IsRUFBRSxNQUFNLGlDQUFpQyxDQUFDO0FBQ3JFLE9BQU8sRUFBRSxRQUFRLEVBQUUsTUFBTSxXQUFXLENBQUM7QUFtQnJDOztHQUVHO0FBQ0gsTUFBTSxDQUFOLElBQVksbUJBSVg7QUFKRCxXQUFZLG1CQUFtQjtJQUM3Qix3RUFBYyxDQUFBO0lBQ2QsNEVBQWdCLENBQUE7SUFDaEIsc0VBQWEsQ0FBQSxDQUFRLDREQUE0RDtBQUNuRixDQUFDLEVBSlcsbUJBQW1CLEtBQW5CLG1CQUFtQixRQUk5QjtBQUVEOztHQUVHO0FBQ0gsTUFBTSxDQUFOLElBQVksTUFPWDtBQVBELFdBQVksTUFBTTtJQUNoQixxQ0FBMkIsQ0FBQTtJQUMzQixtQ0FBeUIsQ0FBQTtJQUN6Qix5QkFBZSxDQUFBO0lBQ2YscUJBQVcsQ0FBQTtJQUNYLHFCQUFXLENBQUE7SUFDWCw2QkFBbUIsQ0FBQTtBQUNyQixDQUFDLEVBUFcsTUFBTSxLQUFOLE1BQU0sUUFPakI7QUFpQkQ7OztHQUdHO0FBQ0gsTUFBTSxPQUFPLG1CQUFtQjtJQUN0QixNQUFNLENBQUMsUUFBUSxDQUFzQjtJQUNyQyxlQUFlLENBQXNDO0lBQ3JELE9BQU8sQ0FBaUM7SUFDeEMsY0FBYyxDQUFPO0lBRXJCLE1BQU0sQ0FBVSxlQUFlLEdBQW1DO1FBQ3hFLFlBQVksRUFBRSxLQUFLO1FBQ25CLFFBQVEsRUFBRSxFQUFFLEdBQUcsRUFBRSxHQUFHLEVBQUUsR0FBRyxJQUFJO1FBQzdCLFlBQVksRUFBRSxFQUFFO1FBQ2hCLGlCQUFpQixFQUFFLG1CQUFtQixDQUFDLFNBQVM7UUFDaEQsbUJBQW1CLEVBQUUsbUJBQW1CLENBQUMsV0FBVztRQUNwRCxnQkFBZ0IsRUFBRSxtQkFBbUIsQ0FBQyxRQUFRO1FBQzlDLGdCQUFnQixFQUFFLElBQUk7UUFDdEIsV0FBVyxFQUFFLElBQUk7UUFDakIsWUFBWSxFQUFFLElBQUk7S0FDbkIsQ0FBQztJQUVGLFlBQVksVUFBZ0MsRUFBRSxFQUFFLGNBQW9CO1FBQ2xFLElBQUksQ0FBQyxPQUFPLEdBQUc7WUFDYixHQUFHLG1CQUFtQixDQUFDLGVBQWU7WUFDdEMsR0FBRyxPQUFPO1NBQ1gsQ0FBQztRQUVGLElBQUksQ0FBQyxjQUFjLEdBQUcsY0FBYyxDQUFDO1FBRXJDLElBQUksQ0FBQyxlQUFlLEdBQUcsSUFBSSxRQUFRLENBQTRCO1lBQzdELEdBQUcsRUFBRSxJQUFJLENBQUMsT0FBTyxDQUFDLFlBQVk7WUFDOUIsR0FBRyxFQUFFLElBQUksQ0FBQyxPQUFPLENBQUMsUUFBUTtTQUMzQixDQUFDLENBQUM7UUFFSCxJQUFJLElBQUksQ0FBQyxPQUFPLENBQUMsZ0JBQWdCLEVBQUUsQ0FBQztZQUNsQyxJQUFJLENBQUMsU0FBUyxFQUFFLENBQUMsS0FBSyxDQUFDLEtBQUssQ0FBQyxFQUFFO2dCQUM3QixNQUFNLENBQUMsR0FBRyxDQUFDLE9BQU8sRUFBRSw2REFBNkQsS0FBSyxDQUFDLE9BQU8sRUFBRSxDQUFDLENBQUM7WUFDcEcsQ0FBQyxDQUFDLENBQUM7UUFDTCxDQUFDO0lBQ0gsQ0FBQztJQUVNLE1BQU0sQ0FBQyxXQUFXLENBQUMsVUFBZ0MsRUFBRSxFQUFFLGNBQW9CO1FBQ2hGLElBQUksQ0FBQyxtQkFBbUIsQ0FBQyxRQUFRLEVBQUUsQ0FBQztZQUNsQyxtQkFBbUIsQ0FBQyxRQUFRLEdBQUcsSUFBSSxtQkFBbUIsQ0FBQyxPQUFPLEVBQUUsY0FBYyxDQUFDLENBQUM7UUFDbEYsQ0FBQztRQUNELE9BQU8sbUJBQW1CLENBQUMsUUFBUSxDQUFDO0lBQ3RDLENBQUM7SUFFRDs7T0FFRztJQUNJLEtBQUssQ0FBQyxlQUFlLENBQUMsRUFBVTtRQUNyQyxJQUFJLENBQUM7WUFDSCxJQUFJLENBQUMsSUFBSSxDQUFDLGdCQUFnQixDQUFDLEVBQUUsQ0FBQyxFQUFFLENBQUM7Z0JBQy9CLE1BQU0sQ0FBQyxHQUFHLENBQUMsTUFBTSxFQUFFLDhCQUE4QixFQUFFLEVBQUUsQ0FBQyxDQUFDO2dCQUN2RCxPQUFPLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxFQUFFLEVBQUUsMkJBQTJCLENBQUMsQ0FBQztZQUNqRSxDQUFDO1lBRUQsb0JBQW9CO1lBQ3BCLE1BQU0sWUFBWSxHQUFHLElBQUksQ0FBQyxlQUFlLENBQUMsR0FBRyxDQUFDLEVBQUUsQ0FBQyxDQUFDO1lBQ2xELElBQUksWUFBWSxFQUFFLENBQUM7Z0JBQ2pCLE1BQU0sQ0FBQyxHQUFHLENBQUMsTUFBTSxFQUFFLHVDQUF1QyxFQUFFLEVBQUUsRUFBRTtvQkFDOUQsS0FBSyxFQUFFLFlBQVksQ0FBQyxLQUFLO29CQUN6QixNQUFNLEVBQUUsWUFBWSxDQUFDLE1BQU07aUJBQzVCLENBQUMsQ0FBQztnQkFDSCxPQUFPLFlBQVksQ0FBQztZQUN0QixDQUFDO1lBRUQsMEJBQTBCO1lBQzFCLE1BQU0sTUFBTSxHQUFHLGtCQUFrQixDQUFDLFdBQVcsRUFBRSxDQUFDO1lBQ2hELE1BQU0sVUFBVSxHQUFHLE1BQU0sTUFBTSxDQUFDLGlCQUFpQixDQUFDLEVBQUUsQ0FBQyxDQUFDO1lBRXRELE1BQU0sTUFBTSxHQUFzQjtnQkFDaEMsS0FBSyxFQUFFLFVBQVUsQ0FBQyxLQUFLO2dCQUN2QixNQUFNLEVBQUUsVUFBVSxDQUFDLFlBQVksR0FBRyxDQUFDO2dCQUNuQyxPQUFPLEVBQUUsVUFBVSxDQUFDLE9BQU8sS0FBSyxPQUFPO2dCQUN2QyxLQUFLLEVBQUUsVUFBVSxDQUFDLE9BQU8sS0FBSyxLQUFLO2dCQUNuQyxLQUFLLEVBQUUsVUFBVSxDQUFDLE9BQU8sS0FBSyxLQUFLO2dCQUNuQyxVQUFVLEVBQUUsVUFBVSxDQUFDLGFBQWE7cUJBQ2pDLE1BQU0sQ0FBQyxDQUFDLENBQUMsRUFBRSxDQUFDLENBQUMsQ0FBQyxNQUFNLENBQUM7cUJBQ3JCLEdBQUcsQ0FBQyxDQUFDLENBQUMsRUFBRSxDQUFDLENBQUMsQ0FBQyxNQUFNLENBQUM7Z0JBQ3JCLFNBQVMsRUFBRSxJQUFJLENBQUMsR0FBRyxFQUFFO2FBQ3RCLENBQUM7WUFFRixJQUFJLENBQUMsZUFBZSxDQUFDLEdBQUcsQ0FBQyxFQUFFLEVBQUUsTUFBTSxDQUFDLENBQUM7WUFFckMsSUFBSSxJQUFJLENBQUMsT0FBTyxDQUFDLGdCQUFnQixFQUFFLENBQUM7Z0JBQ2xDLElBQUksQ0FBQyxTQUFTLEVBQUUsQ0FBQyxLQUFLLENBQUMsS0FBSyxDQUFDLEVBQUU7b0JBQzdCLE1BQU0sQ0FBQyxHQUFHLENBQUMsT0FBTyxFQUFFLHVDQUF1QyxLQUFLLENBQUMsT0FBTyxFQUFFLENBQUMsQ0FBQztnQkFDOUUsQ0FBQyxDQUFDLENBQUM7WUFDTCxDQUFDO1lBRUQsSUFBSSxDQUFDLGtCQUFrQixDQUFDLEVBQUUsRUFBRSxNQUFNLENBQUMsQ0FBQztZQUNwQyxPQUFPLE1BQU0sQ0FBQztRQUNoQixDQUFDO1FBQUMsT0FBTyxLQUFLLEVBQUUsQ0FBQztZQUNmLE1BQU0sQ0FBQyxHQUFHLENBQUMsT0FBTyxFQUFFLG9DQUFvQyxFQUFFLEtBQUssS0FBSyxDQUFDLE9BQU8sRUFBRSxFQUFFO2dCQUM5RSxFQUFFO2dCQUNGLEtBQUssRUFBRSxLQUFLLENBQUMsS0FBSzthQUNuQixDQUFDLENBQUM7WUFDSCxNQUFNLFdBQVcsR0FBRyxJQUFJLENBQUMsaUJBQWlCLENBQUMsRUFBRSxFQUFFLEtBQUssQ0FBQyxPQUFPLENBQUMsQ0FBQztZQUM5RCx3REFBd0Q7WUFDeEQsSUFBSSxDQUFDLGVBQWUsQ0FBQyxHQUFHLENBQUMsRUFBRSxFQUFFLFdBQVcsQ0FBQyxDQUFDO1lBQzFDLE9BQU8sV0FBVyxDQUFDO1FBQ3JCLENBQUM7SUFDSCxDQUFDO0lBRU8saUJBQWlCLENBQUMsRUFBVSxFQUFFLFlBQW9CO1FBQ3hELE9BQU87WUFDTCxLQUFLLEVBQUUsRUFBRTtZQUNULE1BQU0sRUFBRSxLQUFLO1lBQ2IsT0FBTyxFQUFFLEtBQUs7WUFDZCxLQUFLLEVBQUUsS0FBSztZQUNaLEtBQUssRUFBRSxLQUFLO1lBQ1osU0FBUyxFQUFFLElBQUksQ0FBQyxHQUFHLEVBQUU7WUFDckIsS0FBSyxFQUFFLFlBQVk7U0FDcEIsQ0FBQztJQUNKLENBQUM7SUFFTyxnQkFBZ0IsQ0FBQyxFQUFVO1FBQ2pDLE1BQU0sV0FBVyxHQUFHLHVGQUF1RixDQUFDO1FBQzVHLE9BQU8sV0FBVyxDQUFDLElBQUksQ0FBQyxFQUFFLENBQUMsQ0FBQztJQUM5QixDQUFDO0lBRU8sa0JBQWtCLENBQUMsRUFBVSxFQUFFLE1BQXlCO1FBQzlELElBQUksUUFBUSxHQUFHLGdCQUFnQixDQUFDLElBQUksQ0FBQztRQUNyQyxJQUFJLE1BQU0sQ0FBQyxLQUFLLEdBQUcsSUFBSSxDQUFDLE9BQU8sQ0FBQyxpQkFBaUIsRUFBRSxDQUFDO1lBQ2xELFFBQVEsR0FBRyxnQkFBZ0IsQ0FBQyxJQUFJLENBQUM7UUFDbkMsQ0FBQztRQUVELGNBQWMsQ0FBQyxXQUFXLEVBQUUsQ0FBQyxRQUFRLENBQUM7WUFDcEMsS0FBSyxFQUFFLFFBQVE7WUFDZixJQUFJLEVBQUUsaUJBQWlCLENBQUMsYUFBYTtZQUNyQyxPQUFPLEVBQUUsdUJBQXVCLE1BQU0sQ0FBQyxNQUFNLENBQUMsQ0FBQyxDQUFDLGNBQWMsQ0FBQyxDQUFDLENBQUMsV0FBVyxRQUFRLEVBQUUsRUFBRTtZQUN4RixTQUFTLEVBQUUsRUFBRTtZQUNiLE9BQU8sRUFBRTtnQkFDUCxLQUFLLEVBQUUsTUFBTSxDQUFDLEtBQUs7Z0JBQ25CLE1BQU0sRUFBRSxNQUFNLENBQUMsTUFBTTtnQkFDckIsT0FBTyxFQUFFLE1BQU0sQ0FBQyxPQUFPO2dCQUN2QixLQUFLLEVBQUUsTUFBTSxDQUFDLEtBQUs7Z0JBQ25CLEtBQUssRUFBRSxNQUFNLENBQUMsS0FBSztnQkFDbkIsT0FBTyxFQUFFLE1BQU0sQ0FBQyxPQUFPO2dCQUN2QixVQUFVLEVBQUUsTUFBTSxDQUFDLFVBQVU7YUFDOUI7WUFDRCxPQUFPLEVBQUUsQ0FBQyxNQUFNLENBQUMsTUFBTTtTQUN4QixDQUFDLENBQUM7SUFDTCxDQUFDO0lBRU8sS0FBSyxDQUFDLFNBQVM7UUFDckIsSUFBSSxDQUFDO1lBQ0gsTUFBTSxPQUFPLEdBQUcsS0FBSyxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsZUFBZSxDQUFDLE9BQU8sRUFBRSxDQUFDLENBQUMsR0FBRyxDQUFDLENBQUMsQ0FBQyxFQUFFLEVBQUUsSUFBSSxDQUFDLEVBQUUsRUFBRSxDQUFDLENBQUM7Z0JBQzlFLEVBQUU7Z0JBQ0YsSUFBSTthQUNMLENBQUMsQ0FBQyxDQUFDO1lBRUosSUFBSSxPQUFPLENBQUMsTUFBTSxLQUFLLENBQUMsRUFBRSxDQUFDO2dCQUN6QixPQUFPO1lBQ1QsQ0FBQztZQUVELE1BQU0sU0FBUyxHQUFHLElBQUksQ0FBQyxTQUFTLENBQUMsT0FBTyxDQUFDLENBQUM7WUFFMUMsSUFBSSxJQUFJLENBQUMsY0FBYyxFQUFFLENBQUM7Z0JBQ3hCLE1BQU0sSUFBSSxDQUFDLGNBQWMsQ0FBQyxHQUFHLENBQUMsb0NBQW9DLEVBQUUsU0FBUyxDQUFDLENBQUM7Z0JBQy9FLE1BQU0sQ0FBQyxHQUFHLENBQUMsTUFBTSxFQUFFLFNBQVMsT0FBTyxDQUFDLE1BQU0sZ0RBQWdELENBQUMsQ0FBQztZQUM5RixDQUFDO2lCQUFNLENBQUM7Z0JBQ04sTUFBTSxRQUFRLEdBQUcsT0FBTyxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsS0FBSyxDQUFDLE9BQU8sRUFBRSxVQUFVLENBQUMsQ0FBQztnQkFDOUQsTUFBTSxPQUFPLENBQUMsT0FBTyxDQUFDLFNBQVMsQ0FBQyxRQUFRLENBQUMsQ0FBQyxTQUFTLEVBQUUsQ0FBQyxNQUFNLEVBQUUsQ0FBQztnQkFDL0QsTUFBTSxTQUFTLEdBQUcsT0FBTyxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsUUFBUSxFQUFFLDBCQUEwQixDQUFDLENBQUM7Z0JBQzFFLE1BQU0sT0FBTyxDQUFDLE9BQU8sQ0FBQyxJQUFJLENBQUMsU0FBUyxDQUFDLENBQUMsS0FBSyxDQUFDLFNBQVMsQ0FBQyxDQUFDO2dCQUN2RCxNQUFNLENBQUMsR0FBRyxDQUFDLE1BQU0sRUFBRSxTQUFTLE9BQU8sQ0FBQyxNQUFNLHNDQUFzQyxDQUFDLENBQUM7WUFDcEYsQ0FBQztRQUNILENBQUM7UUFBQyxPQUFPLEtBQUssRUFBRSxDQUFDO1lBQ2YsTUFBTSxDQUFDLEdBQUcsQ0FBQyxPQUFPLEVBQUUsdUNBQXVDLEtBQUssQ0FBQyxPQUFPLEVBQUUsQ0FBQyxDQUFDO1FBQzlFLENBQUM7SUFDSCxDQUFDO0lBRU8sS0FBSyxDQUFDLFNBQVM7UUFDckIsSUFBSSxDQUFDO1lBQ0gsSUFBSSxTQUFTLEdBQWtCLElBQUksQ0FBQztZQUNwQyxJQUFJLGNBQWMsR0FBRyxLQUFLLENBQUM7WUFFM0IsSUFBSSxJQUFJLENBQUMsY0FBYyxFQUFFLENBQUM7Z0JBQ3hCLElBQUksQ0FBQztvQkFDSCxTQUFTLEdBQUcsTUFBTSxJQUFJLENBQUMsY0FBYyxDQUFDLEdBQUcsQ0FBQyxvQ0FBb0MsQ0FBQyxDQUFDO29CQUVoRixJQUFJLENBQUMsU0FBUyxFQUFFLENBQUM7d0JBQ2YsTUFBTSxTQUFTLEdBQUcsT0FBTyxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsS0FBSyxDQUFDLE9BQU8sRUFBRSxVQUFVLEVBQUUsMEJBQTBCLENBQUMsQ0FBQzt3QkFDM0YsSUFBSSxPQUFPLENBQUMsRUFBRSxDQUFDLFVBQVUsQ0FBQyxTQUFTLENBQUMsRUFBRSxDQUFDOzRCQUNyQyxNQUFNLENBQUMsR0FBRyxDQUFDLE1BQU0sRUFBRSxpRUFBaUUsQ0FBQyxDQUFDOzRCQUN0RixTQUFTLEdBQUcsT0FBTyxDQUFDLEVBQUUsQ0FBQyxZQUFZLENBQUMsU0FBUyxFQUFFLE1BQU0sQ0FBQyxDQUFDOzRCQUN2RCxjQUFjLEdBQUcsSUFBSSxDQUFDOzRCQUN0QixNQUFNLElBQUksQ0FBQyxjQUFjLENBQUMsR0FBRyxDQUFDLG9DQUFvQyxFQUFFLFNBQVMsQ0FBQyxDQUFDOzRCQUMvRSxNQUFNLENBQUMsR0FBRyxDQUFDLE1BQU0sRUFBRSw2REFBNkQsQ0FBQyxDQUFDOzRCQUNsRixJQUFJLENBQUM7Z0NBQ0gsT0FBTyxDQUFDLEVBQUUsQ0FBQyxVQUFVLENBQUMsU0FBUyxDQUFDLENBQUM7Z0NBQ2pDLE1BQU0sQ0FBQyxHQUFHLENBQUMsTUFBTSxFQUFFLHdDQUF3QyxDQUFDLENBQUM7NEJBQy9ELENBQUM7NEJBQUMsT0FBTyxXQUFXLEVBQUUsQ0FBQztnQ0FDckIsTUFBTSxDQUFDLEdBQUcsQ0FBQyxNQUFNLEVBQUUsb0NBQW9DLFdBQVcsQ0FBQyxPQUFPLEVBQUUsQ0FBQyxDQUFDOzRCQUNoRixDQUFDO3dCQUNILENBQUM7b0JBQ0gsQ0FBQztnQkFDSCxDQUFDO2dCQUFDLE9BQU8sS0FBSyxFQUFFLENBQUM7b0JBQ2YsTUFBTSxDQUFDLEdBQUcsQ0FBQyxPQUFPLEVBQUUsc0NBQXNDLEtBQUssQ0FBQyxPQUFPLEVBQUUsQ0FBQyxDQUFDO2dCQUM3RSxDQUFDO1lBQ0gsQ0FBQztpQkFBTSxDQUFDO2dCQUNOLE1BQU0sU0FBUyxHQUFHLE9BQU8sQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLEtBQUssQ0FBQyxPQUFPLEVBQUUsVUFBVSxFQUFFLDBCQUEwQixDQUFDLENBQUM7Z0JBQzNGLElBQUksT0FBTyxDQUFDLEVBQUUsQ0FBQyxVQUFVLENBQUMsU0FBUyxDQUFDLEVBQUUsQ0FBQztvQkFDckMsU0FBUyxHQUFHLE9BQU8sQ0FBQyxFQUFFLENBQUMsWUFBWSxDQUFDLFNBQVMsRUFBRSxNQUFNLENBQUMsQ0FBQztvQkFDdkQsY0FBYyxHQUFHLElBQUksQ0FBQztnQkFDeEIsQ0FBQztZQUNILENBQUM7WUFFRCxJQUFJLFNBQVMsRUFBRSxDQUFDO2dCQUNkLE1BQU0sT0FBTyxHQUFHLElBQUksQ0FBQyxLQUFLLENBQUMsU0FBUyxDQUFDLENBQUM7Z0JBQ3RDLE1BQU0sR0FBRyxHQUFHLElBQUksQ0FBQyxHQUFHLEVBQUUsQ0FBQztnQkFDdkIsTUFBTSxZQUFZLEdBQUcsT0FBTyxDQUFDLE1BQU0sQ0FBQyxLQUFLLENBQUMsRUFBRTtvQkFDMUMsTUFBTSxHQUFHLEdBQUcsR0FBRyxHQUFHLEtBQUssQ0FBQyxJQUFJLENBQUMsU0FBUyxDQUFDO29CQUN2QyxPQUFPLEdBQUcsR0FBRyxJQUFJLENBQUMsT0FBTyxDQUFDLFFBQVEsQ0FBQztnQkFDckMsQ0FBQyxDQUFDLENBQUM7Z0JBRUgsS0FBSyxNQUFNLEtBQUssSUFBSSxZQUFZLEVBQUUsQ0FBQztvQkFDakMsSUFBSSxDQUFDLGVBQWUsQ0FBQyxHQUFHLENBQUMsS0FBSyxDQUFDLEVBQUUsRUFBRSxLQUFLLENBQUMsSUFBSSxDQUFDLENBQUM7Z0JBQ2pELENBQUM7Z0JBRUQsTUFBTSxNQUFNLEdBQUcsY0FBYyxDQUFDLENBQUMsQ0FBQyxNQUFNLENBQUMsQ0FBQyxDQUFDLGdCQUFnQixDQUFDO2dCQUMxRCxNQUFNLENBQUMsR0FBRyxDQUFDLE1BQU0sRUFBRSxVQUFVLFlBQVksQ0FBQyxNQUFNLHFDQUFxQyxNQUFNLEVBQUUsQ0FBQyxDQUFDO1lBQ2pHLENBQUM7UUFDSCxDQUFDO1FBQUMsT0FBTyxLQUFLLEVBQUUsQ0FBQztZQUNmLE1BQU0sQ0FBQyxHQUFHLENBQUMsT0FBTyxFQUFFLHVDQUF1QyxLQUFLLENBQUMsT0FBTyxFQUFFLENBQUMsQ0FBQztRQUM5RSxDQUFDO0lBQ0gsQ0FBQztJQUVNLE1BQU0sQ0FBQyxZQUFZLENBQUMsS0FBYTtRQUN0QyxJQUFJLEtBQUssR0FBRyxtQkFBbUIsQ0FBQyxTQUFTLEVBQUUsQ0FBQztZQUMxQyxPQUFPLE1BQU0sQ0FBQztRQUNoQixDQUFDO2FBQU0sSUFBSSxLQUFLLEdBQUcsbUJBQW1CLENBQUMsV0FBVyxFQUFFLENBQUM7WUFDbkQsT0FBTyxRQUFRLENBQUM7UUFDbEIsQ0FBQzthQUFNLElBQUksS0FBSyxHQUFHLG1CQUFtQixDQUFDLFFBQVEsRUFBRSxDQUFDO1lBQ2hELE9BQU8sS0FBSyxDQUFDO1FBQ2YsQ0FBQzthQUFNLENBQUM7WUFDTixPQUFPLFNBQVMsQ0FBQztRQUNuQixDQUFDO0lBQ0gsQ0FBQztJQUVNLG9CQUFvQixDQUFDLGNBQW1CO1FBQzdDLElBQUksQ0FBQyxjQUFjLEdBQUcsY0FBYyxDQUFDO1FBQ3JDLE1BQU0sQ0FBQyxHQUFHLENBQUMsTUFBTSxFQUFFLDZDQUE2QyxDQUFDLENBQUM7UUFFbEUsSUFBSSxJQUFJLENBQUMsT0FBTyxDQUFDLGdCQUFnQixJQUFJLElBQUksQ0FBQyxlQUFlLENBQUMsSUFBSSxHQUFHLENBQUMsRUFBRSxDQUFDO1lBQ25FLElBQUksQ0FBQyxTQUFTLEVBQUUsQ0FBQyxLQUFLLENBQUMsS0FBSyxDQUFDLEVBQUU7Z0JBQzdCLE1BQU0sQ0FBQyxHQUFHLENBQUMsT0FBTyxFQUFFLGdEQUFnRCxLQUFLLENBQUMsT0FBTyxFQUFFLENBQUMsQ0FBQztZQUN2RixDQUFDLENBQUMsQ0FBQztRQUNMLENBQUM7SUFDSCxDQUFDIn0= \ No newline at end of file diff --git a/dist_ts/security/classes.rustsecuritybridge.d.ts b/dist_ts/security/classes.rustsecuritybridge.d.ts index ce02847..9975a10 100644 --- a/dist_ts/security/classes.rustsecuritybridge.d.ts +++ b/dist_ts/security/classes.rustsecuritybridge.d.ts @@ -48,6 +48,12 @@ interface IReputationResult { listed_count: number; total_checked: number; } +interface IContentScanResult { + threatScore: number; + threatType: string | null; + threatDetails: string | null; + scannedElements: string[]; +} interface IVersionInfo { bin: string; core: string; @@ -88,6 +94,13 @@ export declare class RustSecurityBridge { diagnosticCode?: string; statusCode?: string; }): Promise; + /** Scan email content for threats (phishing, spam, malware, etc.). */ + scanContent(opts: { + subject?: string; + textBody?: string; + htmlBody?: string; + attachmentNames?: string[]; + }): Promise; /** Check IP reputation via DNSBL. */ checkIpReputation(ip: string): Promise; /** Verify DKIM signatures on a raw email message. */ @@ -123,4 +136,4 @@ export declare class RustSecurityBridge { mailFrom: string; }): Promise; } -export type { IDkimVerificationResult, ISpfResult, IDmarcResult, IEmailSecurityResult, IValidationResult, IBounceDetection, IReputationResult as IRustReputationResult, IVersionInfo, }; +export type { IDkimVerificationResult, ISpfResult, IDmarcResult, IEmailSecurityResult, IValidationResult, IBounceDetection, IContentScanResult, IReputationResult as IRustReputationResult, IVersionInfo, }; diff --git a/dist_ts/security/classes.rustsecuritybridge.js b/dist_ts/security/classes.rustsecuritybridge.js index fc74496..122385e 100644 --- a/dist_ts/security/classes.rustsecuritybridge.js +++ b/dist_ts/security/classes.rustsecuritybridge.js @@ -112,6 +112,10 @@ export class RustSecurityBridge { async detectBounce(opts) { return this.bridge.sendCommand('detectBounce', opts); } + /** Scan email content for threats (phishing, spam, malware, etc.). */ + async scanContent(opts) { + return this.bridge.sendCommand('scanContent', opts); + } /** Check IP reputation via DNSBL. */ async checkIpReputation(ip) { return this.bridge.sendCommand('checkIpReputation', { ip }); @@ -138,4 +142,4 @@ export class RustSecurityBridge { return this.bridge.sendCommand('verifyEmail', opts); } } -//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY2xhc3Nlcy5ydXN0c2VjdXJpdHlicmlkZ2UuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi90cy9zZWN1cml0eS9jbGFzc2VzLnJ1c3RzZWN1cml0eWJyaWRnZS50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiQUFBQSxPQUFPLEtBQUssT0FBTyxNQUFNLGVBQWUsQ0FBQztBQUN6QyxPQUFPLEtBQUssS0FBSyxNQUFNLGFBQWEsQ0FBQztBQUNyQyxPQUFPLEVBQUUsTUFBTSxFQUFFLE1BQU0sY0FBYyxDQUFDO0FBa0h0Qyw4RUFBOEU7QUFDOUUscUVBQXFFO0FBQ3JFLDhFQUE4RTtBQUU5RTs7Ozs7R0FLRztBQUNILE1BQU0sT0FBTyxrQkFBa0I7SUFDckIsTUFBTSxDQUFDLFFBQVEsR0FBOEIsSUFBSSxDQUFDO0lBRWxELE1BQU0sQ0FBcUU7SUFDM0UsUUFBUSxHQUFHLEtBQUssQ0FBQztJQUV6QjtRQUNFLElBQUksQ0FBQyxNQUFNLEdBQUcsSUFBSSxPQUFPLENBQUMsU0FBUyxDQUFDLFVBQVUsQ0FBa0I7WUFDOUQsVUFBVSxFQUFFLFlBQVk7WUFDeEIsT0FBTyxFQUFFLENBQUMsY0FBYyxDQUFDO1lBQ3pCLGdCQUFnQixFQUFFLE1BQU07WUFDeEIsY0FBYyxFQUFFLE1BQU07WUFDdEIsVUFBVSxFQUFFO2dCQUNWLE9BQU8sQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLEtBQUssQ0FBQyxVQUFVLEVBQUUsV0FBVyxFQUFFLFlBQVksQ0FBQztnQkFDOUQsT0FBTyxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsS0FBSyxDQUFDLFVBQVUsRUFBRSxNQUFNLEVBQUUsUUFBUSxFQUFFLFNBQVMsRUFBRSxZQUFZLENBQUM7Z0JBQzlFLE9BQU8sQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLEtBQUssQ0FBQyxVQUFVLEVBQUUsTUFBTSxFQUFFLFFBQVEsRUFBRSxPQUFPLEVBQUUsWUFBWSxDQUFDO2FBQzdFO1lBQ0QsZ0JBQWdCLEVBQUUsS0FBSztTQUN4QixDQUFDLENBQUM7UUFFSCwyQkFBMkI7UUFDM0IsSUFBSSxDQUFDLE1BQU0sQ0FBQyxFQUFFLENBQUMsT0FBTyxFQUFFLEdBQUcsRUFBRTtZQUMzQixJQUFJLENBQUMsUUFBUSxHQUFHLElBQUksQ0FBQztZQUNyQixNQUFNLENBQUMsR0FBRyxDQUFDLE1BQU0sRUFBRSwrQkFBK0IsQ0FBQyxDQUFDO1FBQ3RELENBQUMsQ0FBQyxDQUFDO1FBRUgsSUFBSSxDQUFDLE1BQU0sQ0FBQyxFQUFFLENBQUMsTUFBTSxFQUFFLENBQUMsSUFBbUIsRUFBRSxNQUFxQixFQUFFLEVBQUU7WUFDcEUsSUFBSSxDQUFDLFFBQVEsR0FBRyxLQUFLLENBQUM7WUFDdEIsTUFBTSxDQUFDLEdBQUcsQ0FBQyxNQUFNLEVBQUUscUNBQXFDLElBQUksWUFBWSxNQUFNLEdBQUcsQ0FBQyxDQUFDO1FBQ3JGLENBQUMsQ0FBQyxDQUFDO1FBRUgsSUFBSSxDQUFDLE1BQU0sQ0FBQyxFQUFFLENBQUMsUUFBUSxFQUFFLENBQUMsSUFBWSxFQUFFLEVBQUU7WUFDeEMsTUFBTSxDQUFDLEdBQUcsQ0FBQyxPQUFPLEVBQUUsaUJBQWlCLElBQUksRUFBRSxDQUFDLENBQUM7UUFDL0MsQ0FBQyxDQUFDLENBQUM7SUFDTCxDQUFDO0lBRUQsNENBQTRDO0lBQ3JDLE1BQU0sQ0FBQyxXQUFXO1FBQ3ZCLElBQUksQ0FBQyxrQkFBa0IsQ0FBQyxRQUFRLEVBQUUsQ0FBQztZQUNqQyxrQkFBa0IsQ0FBQyxRQUFRLEdBQUcsSUFBSSxrQkFBa0IsRUFBRSxDQUFDO1FBQ3pELENBQUM7UUFDRCxPQUFPLGtCQUFrQixDQUFDLFFBQVEsQ0FBQztJQUNyQyxDQUFDO0lBRUQsNEVBQTRFO0lBQzVFLElBQVcsT0FBTztRQUNoQixPQUFPLElBQUksQ0FBQyxRQUFRLENBQUM7SUFDdkIsQ0FBQztJQUVELDBFQUEwRTtJQUMxRSxZQUFZO0lBQ1osMEVBQTBFO0lBRTFFOzs7T0FHRztJQUNJLEtBQUssQ0FBQyxLQUFLO1FBQ2hCLElBQUksSUFBSSxDQUFDLFFBQVEsRUFBRSxDQUFDO1lBQ2xCLE9BQU8sSUFBSSxDQUFDO1FBQ2QsQ0FBQztRQUNELElBQUksQ0FBQztZQUNILE1BQU0sRUFBRSxHQUFHLE1BQU0sSUFBSSxDQUFDLE1BQU0sQ0FBQyxLQUFLLEVBQUUsQ0FBQztZQUNyQyxJQUFJLENBQUMsUUFBUSxHQUFHLEVBQUUsQ0FBQztZQUNuQixJQUFJLEVBQUUsRUFBRSxDQUFDO2dCQUNQLE1BQU0sQ0FBQyxHQUFHLENBQUMsTUFBTSxFQUFFLDhCQUE4QixDQUFDLENBQUM7WUFDckQsQ0FBQztpQkFBTSxDQUFDO2dCQUNOLE1BQU0sQ0FBQyxHQUFHLENBQUMsTUFBTSxFQUFFLG9FQUFvRSxDQUFDLENBQUM7WUFDM0YsQ0FBQztZQUNELE9BQU8sRUFBRSxDQUFDO1FBQ1osQ0FBQztRQUFDLE9BQU8sR0FBRyxFQUFFLENBQUM7WUFDYixNQUFNLENBQUMsR0FBRyxDQUFDLE9BQU8sRUFBRSx5Q0FBMEMsR0FBYSxDQUFDLE9BQU8sRUFBRSxDQUFDLENBQUM7WUFDdkYsT0FBTyxLQUFLLENBQUM7UUFDZixDQUFDO0lBQ0gsQ0FBQztJQUVELDZCQUE2QjtJQUN0QixLQUFLLENBQUMsSUFBSTtRQUNmLElBQUksQ0FBQyxJQUFJLENBQUMsUUFBUSxFQUFFLENBQUM7WUFDbkIsT0FBTztRQUNULENBQUM7UUFDRCxJQUFJLENBQUM7WUFDSCxJQUFJLENBQUMsTUFBTSxDQUFDLElBQUksRUFBRSxDQUFDO1lBQ25CLElBQUksQ0FBQyxRQUFRLEdBQUcsS0FBSyxDQUFDO1lBQ3RCLE1BQU0sQ0FBQyxHQUFHLENBQUMsTUFBTSxFQUFFLDhCQUE4QixDQUFDLENBQUM7UUFDckQsQ0FBQztRQUFDLE9BQU8sR0FBRyxFQUFFLENBQUM7WUFDYixNQUFNLENBQUMsR0FBRyxDQUFDLE9BQU8sRUFBRSx3Q0FBeUMsR0FBYSxDQUFDLE9BQU8sRUFBRSxDQUFDLENBQUM7UUFDeEYsQ0FBQztJQUNILENBQUM7SUFFRCwwRUFBMEU7SUFDMUUsa0RBQWtEO0lBQ2xELDBFQUEwRTtJQUUxRSw2QkFBNkI7SUFDdEIsS0FBSyxDQUFDLElBQUk7UUFDZixNQUFNLEdBQUcsR0FBRyxNQUFNLElBQUksQ0FBQyxNQUFNLENBQUMsV0FBVyxDQUFDLE1BQU0sRUFBRSxFQUFTLENBQUMsQ0FBQztRQUM3RCxPQUFPLEdBQUcsRUFBRSxJQUFJLEtBQUssSUFBSSxDQUFDO0lBQzVCLENBQUM7SUFFRCxtREFBbUQ7SUFDNUMsS0FBSyxDQUFDLFVBQVU7UUFDckIsT0FBTyxJQUFJLENBQUMsTUFBTSxDQUFDLFdBQVcsQ0FBQyxTQUFTLEVBQUUsRUFBUyxDQUFDLENBQUM7SUFDdkQsQ0FBQztJQUVELGlDQUFpQztJQUMxQixLQUFLLENBQUMsYUFBYSxDQUFDLEtBQWE7UUFDdEMsT0FBTyxJQUFJLENBQUMsTUFBTSxDQUFDLFdBQVcsQ0FBQyxlQUFlLEVBQUUsRUFBRSxLQUFLLEVBQUUsQ0FBQyxDQUFDO0lBQzdELENBQUM7SUFFRCwrREFBK0Q7SUFDeEQsS0FBSyxDQUFDLFlBQVksQ0FBQyxJQUl6QjtRQUNDLE9BQU8sSUFBSSxDQUFDLE1BQU0sQ0FBQyxXQUFXLENBQUMsY0FBYyxFQUFFLElBQUksQ0FBQyxDQUFDO0lBQ3ZELENBQUM7SUFFRCxxQ0FBcUM7SUFDOUIsS0FBSyxDQUFDLGlCQUFpQixDQUFDLEVBQVU7UUFDdkMsT0FBTyxJQUFJLENBQUMsTUFBTSxDQUFDLFdBQVcsQ0FBQyxtQkFBbUIsRUFBRSxFQUFFLEVBQUUsRUFBRSxDQUFDLENBQUM7SUFDOUQsQ0FBQztJQUVELHFEQUFxRDtJQUM5QyxLQUFLLENBQUMsVUFBVSxDQUFDLFVBQWtCO1FBQ3hDLE9BQU8sSUFBSSxDQUFDLE1BQU0sQ0FBQyxXQUFXLENBQUMsWUFBWSxFQUFFLEVBQUUsVUFBVSxFQUFFLENBQUMsQ0FBQztJQUMvRCxDQUFDO0lBRUQsK0JBQStCO0lBQ3hCLEtBQUssQ0FBQyxRQUFRLENBQUMsSUFLckI7UUFDQyxPQUFPLElBQUksQ0FBQyxNQUFNLENBQUMsV0FBVyxDQUFDLFVBQVUsRUFBRSxJQUFJLENBQUMsQ0FBQztJQUNuRCxDQUFDO0lBRUQsOEJBQThCO0lBQ3ZCLEtBQUssQ0FBQyxRQUFRLENBQUMsSUFLckI7UUFDQyxPQUFPLElBQUksQ0FBQyxNQUFNLENBQUMsV0FBVyxDQUFDLFVBQVUsRUFBRSxJQUFJLENBQUMsQ0FBQztJQUNuRCxDQUFDO0lBRUQ7Ozs7O09BS0c7SUFDSSxLQUFLLENBQUMsV0FBVyxDQUFDLElBTXhCO1FBQ0MsT0FBTyxJQUFJLENBQUMsTUFBTSxDQUFDLFdBQVcsQ0FBQyxhQUFhLEVBQUUsSUFBSSxDQUFDLENBQUM7SUFDdEQsQ0FBQyJ9 \ No newline at end of file +//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY2xhc3Nlcy5ydXN0c2VjdXJpdHlicmlkZ2UuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi90cy9zZWN1cml0eS9jbGFzc2VzLnJ1c3RzZWN1cml0eWJyaWRnZS50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiQUFBQSxPQUFPLEtBQUssT0FBTyxNQUFNLGVBQWUsQ0FBQztBQUN6QyxPQUFPLEtBQUssS0FBSyxNQUFNLGFBQWEsQ0FBQztBQUNyQyxPQUFPLEVBQUUsTUFBTSxFQUFFLE1BQU0sY0FBYyxDQUFDO0FBa0l0Qyw4RUFBOEU7QUFDOUUscUVBQXFFO0FBQ3JFLDhFQUE4RTtBQUU5RTs7Ozs7R0FLRztBQUNILE1BQU0sT0FBTyxrQkFBa0I7SUFDckIsTUFBTSxDQUFDLFFBQVEsR0FBOEIsSUFBSSxDQUFDO0lBRWxELE1BQU0sQ0FBcUU7SUFDM0UsUUFBUSxHQUFHLEtBQUssQ0FBQztJQUV6QjtRQUNFLElBQUksQ0FBQyxNQUFNLEdBQUcsSUFBSSxPQUFPLENBQUMsU0FBUyxDQUFDLFVBQVUsQ0FBa0I7WUFDOUQsVUFBVSxFQUFFLFlBQVk7WUFDeEIsT0FBTyxFQUFFLENBQUMsY0FBYyxDQUFDO1lBQ3pCLGdCQUFnQixFQUFFLE1BQU07WUFDeEIsY0FBYyxFQUFFLE1BQU07WUFDdEIsVUFBVSxFQUFFO2dCQUNWLE9BQU8sQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLEtBQUssQ0FBQyxVQUFVLEVBQUUsV0FBVyxFQUFFLFlBQVksQ0FBQztnQkFDOUQsT0FBTyxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsS0FBSyxDQUFDLFVBQVUsRUFBRSxNQUFNLEVBQUUsUUFBUSxFQUFFLFNBQVMsRUFBRSxZQUFZLENBQUM7Z0JBQzlFLE9BQU8sQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLEtBQUssQ0FBQyxVQUFVLEVBQUUsTUFBTSxFQUFFLFFBQVEsRUFBRSxPQUFPLEVBQUUsWUFBWSxDQUFDO2FBQzdFO1lBQ0QsZ0JBQWdCLEVBQUUsS0FBSztTQUN4QixDQUFDLENBQUM7UUFFSCwyQkFBMkI7UUFDM0IsSUFBSSxDQUFDLE1BQU0sQ0FBQyxFQUFFLENBQUMsT0FBTyxFQUFFLEdBQUcsRUFBRTtZQUMzQixJQUFJLENBQUMsUUFBUSxHQUFHLElBQUksQ0FBQztZQUNyQixNQUFNLENBQUMsR0FBRyxDQUFDLE1BQU0sRUFBRSwrQkFBK0IsQ0FBQyxDQUFDO1FBQ3RELENBQUMsQ0FBQyxDQUFDO1FBRUgsSUFBSSxDQUFDLE1BQU0sQ0FBQyxFQUFFLENBQUMsTUFBTSxFQUFFLENBQUMsSUFBbUIsRUFBRSxNQUFxQixFQUFFLEVBQUU7WUFDcEUsSUFBSSxDQUFDLFFBQVEsR0FBRyxLQUFLLENBQUM7WUFDdEIsTUFBTSxDQUFDLEdBQUcsQ0FBQyxNQUFNLEVBQUUscUNBQXFDLElBQUksWUFBWSxNQUFNLEdBQUcsQ0FBQyxDQUFDO1FBQ3JGLENBQUMsQ0FBQyxDQUFDO1FBRUgsSUFBSSxDQUFDLE1BQU0sQ0FBQyxFQUFFLENBQUMsUUFBUSxFQUFFLENBQUMsSUFBWSxFQUFFLEVBQUU7WUFDeEMsTUFBTSxDQUFDLEdBQUcsQ0FBQyxPQUFPLEVBQUUsaUJBQWlCLElBQUksRUFBRSxDQUFDLENBQUM7UUFDL0MsQ0FBQyxDQUFDLENBQUM7SUFDTCxDQUFDO0lBRUQsNENBQTRDO0lBQ3JDLE1BQU0sQ0FBQyxXQUFXO1FBQ3ZCLElBQUksQ0FBQyxrQkFBa0IsQ0FBQyxRQUFRLEVBQUUsQ0FBQztZQUNqQyxrQkFBa0IsQ0FBQyxRQUFRLEdBQUcsSUFBSSxrQkFBa0IsRUFBRSxDQUFDO1FBQ3pELENBQUM7UUFDRCxPQUFPLGtCQUFrQixDQUFDLFFBQVEsQ0FBQztJQUNyQyxDQUFDO0lBRUQsNEVBQTRFO0lBQzVFLElBQVcsT0FBTztRQUNoQixPQUFPLElBQUksQ0FBQyxRQUFRLENBQUM7SUFDdkIsQ0FBQztJQUVELDBFQUEwRTtJQUMxRSxZQUFZO0lBQ1osMEVBQTBFO0lBRTFFOzs7T0FHRztJQUNJLEtBQUssQ0FBQyxLQUFLO1FBQ2hCLElBQUksSUFBSSxDQUFDLFFBQVEsRUFBRSxDQUFDO1lBQ2xCLE9BQU8sSUFBSSxDQUFDO1FBQ2QsQ0FBQztRQUNELElBQUksQ0FBQztZQUNILE1BQU0sRUFBRSxHQUFHLE1BQU0sSUFBSSxDQUFDLE1BQU0sQ0FBQyxLQUFLLEVBQUUsQ0FBQztZQUNyQyxJQUFJLENBQUMsUUFBUSxHQUFHLEVBQUUsQ0FBQztZQUNuQixJQUFJLEVBQUUsRUFBRSxDQUFDO2dCQUNQLE1BQU0sQ0FBQyxHQUFHLENBQUMsTUFBTSxFQUFFLDhCQUE4QixDQUFDLENBQUM7WUFDckQsQ0FBQztpQkFBTSxDQUFDO2dCQUNOLE1BQU0sQ0FBQyxHQUFHLENBQUMsTUFBTSxFQUFFLG9FQUFvRSxDQUFDLENBQUM7WUFDM0YsQ0FBQztZQUNELE9BQU8sRUFBRSxDQUFDO1FBQ1osQ0FBQztRQUFDLE9BQU8sR0FBRyxFQUFFLENBQUM7WUFDYixNQUFNLENBQUMsR0FBRyxDQUFDLE9BQU8sRUFBRSx5Q0FBMEMsR0FBYSxDQUFDLE9BQU8sRUFBRSxDQUFDLENBQUM7WUFDdkYsT0FBTyxLQUFLLENBQUM7UUFDZixDQUFDO0lBQ0gsQ0FBQztJQUVELDZCQUE2QjtJQUN0QixLQUFLLENBQUMsSUFBSTtRQUNmLElBQUksQ0FBQyxJQUFJLENBQUMsUUFBUSxFQUFFLENBQUM7WUFDbkIsT0FBTztRQUNULENBQUM7UUFDRCxJQUFJLENBQUM7WUFDSCxJQUFJLENBQUMsTUFBTSxDQUFDLElBQUksRUFBRSxDQUFDO1lBQ25CLElBQUksQ0FBQyxRQUFRLEdBQUcsS0FBSyxDQUFDO1lBQ3RCLE1BQU0sQ0FBQyxHQUFHLENBQUMsTUFBTSxFQUFFLDhCQUE4QixDQUFDLENBQUM7UUFDckQsQ0FBQztRQUFDLE9BQU8sR0FBRyxFQUFFLENBQUM7WUFDYixNQUFNLENBQUMsR0FBRyxDQUFDLE9BQU8sRUFBRSx3Q0FBeUMsR0FBYSxDQUFDLE9BQU8sRUFBRSxDQUFDLENBQUM7UUFDeEYsQ0FBQztJQUNILENBQUM7SUFFRCwwRUFBMEU7SUFDMUUsa0RBQWtEO0lBQ2xELDBFQUEwRTtJQUUxRSw2QkFBNkI7SUFDdEIsS0FBSyxDQUFDLElBQUk7UUFDZixNQUFNLEdBQUcsR0FBRyxNQUFNLElBQUksQ0FBQyxNQUFNLENBQUMsV0FBVyxDQUFDLE1BQU0sRUFBRSxFQUFTLENBQUMsQ0FBQztRQUM3RCxPQUFPLEdBQUcsRUFBRSxJQUFJLEtBQUssSUFBSSxDQUFDO0lBQzVCLENBQUM7SUFFRCxtREFBbUQ7SUFDNUMsS0FBSyxDQUFDLFVBQVU7UUFDckIsT0FBTyxJQUFJLENBQUMsTUFBTSxDQUFDLFdBQVcsQ0FBQyxTQUFTLEVBQUUsRUFBUyxDQUFDLENBQUM7SUFDdkQsQ0FBQztJQUVELGlDQUFpQztJQUMxQixLQUFLLENBQUMsYUFBYSxDQUFDLEtBQWE7UUFDdEMsT0FBTyxJQUFJLENBQUMsTUFBTSxDQUFDLFdBQVcsQ0FBQyxlQUFlLEVBQUUsRUFBRSxLQUFLLEVBQUUsQ0FBQyxDQUFDO0lBQzdELENBQUM7SUFFRCwrREFBK0Q7SUFDeEQsS0FBSyxDQUFDLFlBQVksQ0FBQyxJQUl6QjtRQUNDLE9BQU8sSUFBSSxDQUFDLE1BQU0sQ0FBQyxXQUFXLENBQUMsY0FBYyxFQUFFLElBQUksQ0FBQyxDQUFDO0lBQ3ZELENBQUM7SUFFRCxzRUFBc0U7SUFDL0QsS0FBSyxDQUFDLFdBQVcsQ0FBQyxJQUt4QjtRQUNDLE9BQU8sSUFBSSxDQUFDLE1BQU0sQ0FBQyxXQUFXLENBQUMsYUFBYSxFQUFFLElBQUksQ0FBQyxDQUFDO0lBQ3RELENBQUM7SUFFRCxxQ0FBcUM7SUFDOUIsS0FBSyxDQUFDLGlCQUFpQixDQUFDLEVBQVU7UUFDdkMsT0FBTyxJQUFJLENBQUMsTUFBTSxDQUFDLFdBQVcsQ0FBQyxtQkFBbUIsRUFBRSxFQUFFLEVBQUUsRUFBRSxDQUFDLENBQUM7SUFDOUQsQ0FBQztJQUVELHFEQUFxRDtJQUM5QyxLQUFLLENBQUMsVUFBVSxDQUFDLFVBQWtCO1FBQ3hDLE9BQU8sSUFBSSxDQUFDLE1BQU0sQ0FBQyxXQUFXLENBQUMsWUFBWSxFQUFFLEVBQUUsVUFBVSxFQUFFLENBQUMsQ0FBQztJQUMvRCxDQUFDO0lBRUQsK0JBQStCO0lBQ3hCLEtBQUssQ0FBQyxRQUFRLENBQUMsSUFLckI7UUFDQyxPQUFPLElBQUksQ0FBQyxNQUFNLENBQUMsV0FBVyxDQUFDLFVBQVUsRUFBRSxJQUFJLENBQUMsQ0FBQztJQUNuRCxDQUFDO0lBRUQsOEJBQThCO0lBQ3ZCLEtBQUssQ0FBQyxRQUFRLENBQUMsSUFLckI7UUFDQyxPQUFPLElBQUksQ0FBQyxNQUFNLENBQUMsV0FBVyxDQUFDLFVBQVUsRUFBRSxJQUFJLENBQUMsQ0FBQztJQUNuRCxDQUFDO0lBRUQ7Ozs7O09BS0c7SUFDSSxLQUFLLENBQUMsV0FBVyxDQUFDLElBTXhCO1FBQ0MsT0FBTyxJQUFJLENBQUMsTUFBTSxDQUFDLFdBQVcsQ0FBQyxhQUFhLEVBQUUsSUFBSSxDQUFDLENBQUM7SUFDdEQsQ0FBQyJ9 \ No newline at end of file diff --git a/readme.plan.md b/readme.plan.md index d1d71e8..72b909d 100644 --- a/readme.plan.md +++ b/readme.plan.md @@ -1,198 +1,24 @@ -# Mailer Implementation Plan & Progress +# Rust Migration Plan -## Project Goals +## Completed Phases -Build a Deno-based mail server package (`@serve.zone/mailer`) with: -1. CLI interface similar to nupst/spark -2. SMTP server and client (ported from dcrouter) -3. HTTP REST API (Mailgun-compatible) -4. Automatic DNS management via Cloudflare -5. Systemd daemon service -6. Binary distribution via npm +### Phase 3: Rust Primary Backend (DKIM/SPF/DMARC/IP Reputation) +- Rust is the mandatory security backend — no TS fallbacks +- All DKIM signing/verification, SPF, DMARC, IP reputation through Rust bridge -## Completed Work +### Phase 5: BounceManager + ContentScanner +- BounceManager bounce detection delegated to Rust `detectBounce` IPC command +- ContentScanner pattern matching delegated to new Rust `scanContent` IPC command +- New module: `rust/crates/mailer-security/src/content_scanner.rs` (10 Rust tests) +- ~215 lines removed from BounceManager, ~350 lines removed from ContentScanner +- Binary attachment scanning (PE headers, VBA macros) stays in TS +- Custom rules (runtime-configured) stay in TS +- Net change: ~-560 TS lines, +265 Rust lines -### ✅ Phase 1: Project Structure -- [x] Created Deno-based project structure (deno.json, package.json) -- [x] Set up bin/ wrappers for npm binary distribution -- [x] Created compilation scripts (compile-all.sh) -- [x] Set up install scripts (install-binary.js) -- [x] Created TypeScript source directory structure +## Deferred -### ✅ Phase 2: Mail Implementation (Ported from dcrouter) -- [x] Copied and adapted mail/core/ (Email, EmailValidator, BounceManager, TemplateManager) -- [x] Copied and adapted mail/delivery/ (SMTP client, SMTP server, queues, rate limiting) -- [x] Copied and adapted mail/routing/ (EmailRouter, DomainRegistry, DnsManager) -- [x] Copied and adapted mail/security/ (DKIM, SPF, DMARC) -- [x] Fixed all imports from .js to .ts extensions -- [x] Created stub modules for dcrouter dependencies (storage, security, deliverability, errors) - -### ✅ Phase 3: Supporting Modules -- [x] Created logger module (simple console logging) -- [x] Created paths module (project paths) -- [x] Created plugins.ts (Deno dependencies + Node.js compatibility) -- [x] Added required npm dependencies (lru-cache, mailaddress-validator, cloudflare) - -### ✅ Phase 4: DNS Management -- [x] Created DnsManager class with DNS record generation -- [x] Created CloudflareClient for automatic DNS setup -- [x] Added DNS validation functionality - -### ✅ Phase 5: HTTP API -- [x] Created ApiServer class with basic routing -- [x] Implemented Mailgun-compatible endpoint structure -- [x] Added authentication and rate limiting stubs - -### ✅ Phase 6: Configuration Management -- [x] Created ConfigManager for JSON-based config storage -- [x] Added domain configuration support -- [x] Implemented config load/save functionality - -### ✅ Phase 7: Daemon Service -- [x] Created DaemonManager to coordinate SMTP server and API server -- [x] Added start/stop functionality -- [x] Integrated with ConfigManager - -### ✅ Phase 8: CLI Interface -- [x] Created MailerCli class with command routing -- [x] Implemented service commands (start/stop/restart/status/enable/disable) -- [x] Implemented domain commands (add/remove/list) -- [x] Implemented DNS commands (setup/validate/show) -- [x] Implemented send command -- [x] Implemented config commands (show/set) -- [x] Added help and version commands - -### ✅ Phase 9: Documentation -- [x] Created comprehensive README.md -- [x] Documented all CLI commands -- [x] Documented HTTP API endpoints -- [x] Provided configuration examples -- [x] Documented DNS requirements -- [x] Created changelog - -## Next Steps (Remaining Work) - -### Testing & Debugging -1. Fix remaining import/dependency issues -2. Test compilation with `deno compile` -3. Test CLI commands end-to-end -4. Test SMTP sending/receiving -5. Test HTTP API endpoints -6. Write unit tests - -### Systemd Integration -1. Create systemd service file -2. Implement service enable/disable -3. Add service status checking -4. Test daemon auto-restart - -### Cloudflare Integration -1. Test actual Cloudflare API calls -2. Handle Cloudflare errors gracefully -3. Add zone detection -4. Verify DNS record creation - -### Production Readiness -1. Add proper error handling throughout -2. Implement logging to files -3. Add rate limiting implementation -4. Implement API key authentication -5. Add TLS certificate management -6. Implement email queue persistence - -### Advanced Features -1. Webhook support for incoming emails -2. Email template system -3. Analytics and reporting -4. SMTP credential management -5. Email event tracking -6. Bounce handling - -## Known Issues - -1. Some npm dependencies may need version adjustments -2. Deno crypto APIs may need adaptation for DKIM signing -3. Buffer vs Uint8Array conversions may be needed -4. Some dcrouter-specific code may need further adaptation - -## File Structure Overview - -``` -mailer/ -├── README.md ✅ Complete -├── license ✅ Complete -├── changelog.md ✅ Complete -├── deno.json ✅ Complete -├── package.json ✅ Complete -├── mod.ts ✅ Complete -│ -├── bin/ -│ └── mailer-wrapper.js ✅ Complete -│ -├── scripts/ -│ ├── compile-all.sh ✅ Complete -│ └── install-binary.js ✅ Complete -│ -└── ts/ - ├── 00_commitinfo_data.ts ✅ Complete - ├── index.ts ✅ Complete - ├── cli.ts ✅ Complete - ├── plugins.ts ✅ Complete - ├── logger.ts ✅ Complete - ├── paths.ts ✅ Complete - ├── classes.mailer.ts ✅ Complete - │ - ├── cli/ - │ ├── index.ts ✅ Complete - │ └── mailer-cli.ts ✅ Complete - │ - ├── api/ - │ ├── index.ts ✅ Complete - │ ├── api-server.ts ✅ Complete - │ └── routes/ ✅ Structure ready - │ - ├── dns/ - │ ├── index.ts ✅ Complete - │ ├── dns-manager.ts ✅ Complete - │ └── cloudflare-client.ts ✅ Complete - │ - ├── daemon/ - │ ├── index.ts ✅ Complete - │ └── daemon-manager.ts ✅ Complete - │ - ├── config/ - │ ├── index.ts ✅ Complete - │ └── config-manager.ts ✅ Complete - │ - ├── storage/ - │ └── index.ts ✅ Stub complete - │ - ├── security/ - │ └── index.ts ✅ Stub complete - │ - ├── deliverability/ - │ └── index.ts ✅ Stub complete - │ - ├── errors/ - │ └── index.ts ✅ Stub complete - │ - └── mail/ ✅ Ported from dcrouter - ├── core/ ✅ Complete - ├── delivery/ ✅ Complete - ├── routing/ ✅ Complete - └── security/ ✅ Complete -``` - -## Summary - -The mailer package structure is **95% complete**. All major components have been implemented: -- Project structure and build system ✅ -- Mail implementation ported from dcrouter ✅ -- CLI interface ✅ -- DNS management ✅ -- HTTP API ✅ -- Configuration system ✅ -- Daemon management ✅ -- Documentation ✅ - -**Remaining work**: Testing, debugging dependency issues, systemd integration, and production hardening. +| Component | Rationale | +|-----------|-----------| +| EmailValidator | Already thin; uses smartmail; minimal gain | +| DNS record generation | Pure string building; zero benefit from Rust | +| MIME building (`toRFC822String`) | Sync in TS, async via IPC; too much blast radius | diff --git a/rust/Cargo.lock b/rust/Cargo.lock index 20af019..70a1b7a 100644 --- a/rust/Cargo.lock +++ b/rust/Cargo.lock @@ -1054,6 +1054,7 @@ dependencies = [ "mail-auth", "mailer-core", "psl", + "regex", "ring", "rustls-pki-types", "serde", diff --git a/rust/crates/mailer-bin/src/main.rs b/rust/crates/mailer-bin/src/main.rs index ee44fe2..ce3abd4 100644 --- a/rust/crates/mailer-bin/src/main.rs +++ b/rust/crates/mailer-bin/src/main.rs @@ -1,4 +1,4 @@ -//! mailer-bin: CLI and IPC binary for the @serve.zone/mailer Rust crates. +//! mailer-bin: CLI and IPC binary for the @push.rocks/smartmta Rust crates. //! //! Supports two modes: //! 1. **CLI mode** — traditional subcommands for testing and standalone use @@ -560,6 +560,25 @@ async fn handle_ipc_request(req: &IpcRequest) -> IpcResponse { } } + "scanContent" => { + let subject = req.params.get("subject").and_then(|v| v.as_str()); + let text_body = req.params.get("textBody").and_then(|v| v.as_str()); + let html_body = req.params.get("htmlBody").and_then(|v| v.as_str()); + let attachment_names: Vec = req.params.get("attachmentNames") + .and_then(|v| v.as_array()) + .map(|a| a.iter().filter_map(|v| v.as_str().map(String::from)).collect()) + .unwrap_or_default(); + let result = mailer_security::content_scanner::scan_content( + subject, text_body, html_body, &attachment_names + ); + IpcResponse { + id: req.id.clone(), + success: true, + result: Some(serde_json::to_value(&result).unwrap()), + error: None, + } + } + "checkSpf" => { let ip_str = req.params.get("ip").and_then(|v| v.as_str()).unwrap_or(""); let helo = req diff --git a/rust/crates/mailer-security/Cargo.toml b/rust/crates/mailer-security/Cargo.toml index 385a3b9..263a815 100644 --- a/rust/crates/mailer-security/Cargo.toml +++ b/rust/crates/mailer-security/Cargo.toml @@ -17,3 +17,4 @@ hickory-resolver.workspace = true ipnet.workspace = true rustls-pki-types.workspace = true psl.workspace = true +regex.workspace = true diff --git a/rust/crates/mailer-security/src/content_scanner.rs b/rust/crates/mailer-security/src/content_scanner.rs new file mode 100644 index 0000000..bf542e1 --- /dev/null +++ b/rust/crates/mailer-security/src/content_scanner.rs @@ -0,0 +1,515 @@ +//! Content scanning for email threat detection. +//! +//! Provides pattern-based scanning of email subjects, text bodies, HTML bodies, +//! and attachment filenames for phishing, spam, malware, suspicious links, +//! script injection, and sensitive data patterns. + +use regex::Regex; +use serde::Serialize; +use std::sync::LazyLock; + +// --------------------------------------------------------------------------- +// Result types +// --------------------------------------------------------------------------- + +#[derive(Debug, Clone, Serialize)] +#[serde(rename_all = "camelCase")] +pub struct ContentScanResult { + pub threat_score: u32, + pub threat_type: Option, + pub threat_details: Option, + pub scanned_elements: Vec, +} + +// --------------------------------------------------------------------------- +// Pattern definitions (compiled once via LazyLock) +// --------------------------------------------------------------------------- + +static PHISHING_PATTERNS: LazyLock> = LazyLock::new(|| { + vec![ + Regex::new(r"(?i)(?:verify|confirm|update|login).*(?:account|password|details)").unwrap(), + Regex::new(r"(?i)urgent.*(?:action|attention|required)").unwrap(), + Regex::new(r"(?i)(?:paypal|apple|microsoft|amazon|google|bank).*(?:verify|confirm|suspend)").unwrap(), + Regex::new(r"(?i)your.*(?:account).*(?:suspended|compromised|locked)").unwrap(), + Regex::new(r"(?i)\b(?:password reset|security alert|security notice)\b").unwrap(), + ] +}); + +static SPAM_PATTERNS: LazyLock> = LazyLock::new(|| { + vec![ + Regex::new(r"(?i)\b(?:viagra|cialis|enlargement|diet pill|lose weight fast|cheap meds)\b").unwrap(), + Regex::new(r"(?i)\b(?:million dollars|lottery winner|prize claim|inheritance|rich widow)\b").unwrap(), + Regex::new(r"(?i)\b(?:earn from home|make money fast|earn \$\d{3,}/day)\b").unwrap(), + Regex::new(r"(?i)\b(?:limited time offer|act now|exclusive deal|only \d+ left)\b").unwrap(), + Regex::new(r"(?i)\b(?:forex|stock tip|investment opportunity|cryptocurrency|bitcoin)\b").unwrap(), + ] +}); + +static MALWARE_PATTERNS: LazyLock> = LazyLock::new(|| { + vec![ + Regex::new(r"(?i)(?:attached file|see attachment).*(?:invoice|receipt|statement|document)").unwrap(), + Regex::new(r"(?i)open.*(?:the attached|this attachment)").unwrap(), + Regex::new(r"(?i)(?:enable|allow).*(?:macros|content|editing)").unwrap(), + Regex::new(r"(?i)download.*(?:attachment|file|document)").unwrap(), + Regex::new(r"(?i)\b(?:ransomware protection|virus alert|malware detected)\b").unwrap(), + ] +}); + +static SUSPICIOUS_LINK_PATTERNS: LazyLock> = LazyLock::new(|| { + vec![ + Regex::new(r"(?i)https?://bit\.ly/").unwrap(), + Regex::new(r"(?i)https?://goo\.gl/").unwrap(), + Regex::new(r"(?i)https?://t\.co/").unwrap(), + Regex::new(r"(?i)https?://tinyurl\.com/").unwrap(), + Regex::new(r"(?i)https?://(?:\d{1,3}\.){3}\d{1,3}").unwrap(), + Regex::new(r"(?i)https?://.*\.(?:xyz|top|club|gq|cf)/").unwrap(), + Regex::new(r"(?i)(?:login|account|signin|auth).*\.(?:xyz|top|club|gq|cf|tk|ml|ga|pw|ws|buzz)\b").unwrap(), + ] +}); + +static SCRIPT_INJECTION_PATTERNS: LazyLock> = LazyLock::new(|| { + vec![ + Regex::new(r"(?is).*").unwrap(), + Regex::new(r"(?i)javascript:").unwrap(), + Regex::new(r#"(?i)on(?:click|load|mouse|error|focus|blur)=".*""#).unwrap(), + Regex::new(r"(?i)document\.(?:cookie|write|location)").unwrap(), + Regex::new(r"(?i)eval\s*\(").unwrap(), + ] +}); + +static SENSITIVE_DATA_PATTERNS: LazyLock> = LazyLock::new(|| { + vec![ + Regex::new(r"\b(?:\d{3}-\d{2}-\d{4}|\d{9})\b").unwrap(), + Regex::new(r"\b\d{13,16}\b").unwrap(), + Regex::new(r"\b(?:[A-Za-z0-9+/]{4})*(?:[A-Za-z0-9+/]{2}==|[A-Za-z0-9+/]{3}=|[A-Za-z0-9+/]{4})\b").unwrap(), + ] +}); + +/// Link extraction from HTML href attributes. +static HREF_PATTERN: LazyLock = LazyLock::new(|| { + Regex::new(r#"(?i)href=["'](https?://[^"']+)["']"#).unwrap() +}); + +/// Executable file extensions that are considered dangerous. +static EXECUTABLE_EXTENSIONS: LazyLock> = LazyLock::new(|| { + vec![ + ".exe", ".dll", ".bat", ".cmd", ".msi", ".vbs", ".ps1", + ".sh", ".jar", ".py", ".com", ".scr", ".pif", ".hta", ".cpl", + ".reg", ".vba", ".lnk", ".wsf", ".msp", ".mst", + ] +}); + +/// Document extensions that may contain macros. +static MACRO_DOCUMENT_EXTENSIONS: LazyLock> = LazyLock::new(|| { + vec![ + ".doc", ".docm", ".xls", ".xlsm", ".ppt", ".pptm", + ".dotm", ".xlsb", ".ppam", ".potm", + ] +}); + +// --------------------------------------------------------------------------- +// HTML helpers +// --------------------------------------------------------------------------- + +/// Strip HTML tags and decode common entities to produce plain text. +fn extract_text_from_html(html: &str) -> String { + // Remove style and script blocks first + let no_style = Regex::new(r"(?is)]*>.*?").unwrap(); + let no_script = Regex::new(r"(?is)]*>.*?").unwrap(); + let no_tags = Regex::new(r"<[^>]+>").unwrap(); + + let text = no_style.replace_all(html, " "); + let text = no_script.replace_all(&text, " "); + let text = no_tags.replace_all(&text, " "); + + text.replace(" ", " ") + .replace("<", "<") + .replace(">", ">") + .replace("&", "&") + .replace(""", "\"") + .replace("'", "'") + .split_whitespace() + .collect::>() + .join(" ") +} + +/// Extract all href links from HTML. +fn extract_links_from_html(html: &str) -> Vec { + HREF_PATTERN + .captures_iter(html) + .filter_map(|cap| cap.get(1).map(|m| m.as_str().to_string())) + .collect() +} + +// --------------------------------------------------------------------------- +// Scoring helpers +// --------------------------------------------------------------------------- + +fn matches_any(text: &str, patterns: &[Regex]) -> bool { + patterns.iter().any(|p| p.is_match(text)) +} + +// --------------------------------------------------------------------------- +// Main scan entry point +// --------------------------------------------------------------------------- + +/// Scan email content for threats. +/// +/// This mirrors the TypeScript ContentScanner logic — scanning the subject, +/// text body, HTML body, and attachment filenames against predefined patterns. +/// Returns an aggregate threat score and the highest-severity threat type. +pub fn scan_content( + subject: Option<&str>, + text_body: Option<&str>, + html_body: Option<&str>, + attachment_names: &[String], +) -> ContentScanResult { + let mut score: u32 = 0; + let mut threat_type: Option = None; + let mut threat_details: Option = None; + let mut scanned: Vec = Vec::new(); + + // Helper: upgrade threat info only if the new finding is more severe. + macro_rules! record { + ($new_score:expr, $ttype:expr, $details:expr) => { + score += $new_score; + // Always adopt the threat type from the highest-scoring match. + threat_type = Some($ttype.to_string()); + threat_details = Some($details.to_string()); + }; + } + + // ── Subject scanning ────────────────────────────────────────────── + if let Some(subj) = subject { + scanned.push("subject".into()); + + if matches_any(subj, &PHISHING_PATTERNS) { + record!(25, "phishing", format!("Subject contains potential phishing indicators: {}", subj)); + } else if matches_any(subj, &SPAM_PATTERNS) { + record!(15, "spam", format!("Subject contains potential spam indicators: {}", subj)); + } + } + + // ── Text body scanning ──────────────────────────────────────────── + if let Some(text) = text_body { + scanned.push("text".into()); + + // Check each category and accumulate score (same order as TS) + for pat in SUSPICIOUS_LINK_PATTERNS.iter() { + if pat.is_match(text) { + score += 20; + if threat_type.as_deref() != Some("suspicious_link") { + threat_type = Some("suspicious_link".into()); + threat_details = Some("Text contains suspicious links".into()); + } + } + } + + for pat in PHISHING_PATTERNS.iter() { + if pat.is_match(text) { + score += 25; + threat_type = Some("phishing".into()); + threat_details = Some("Text contains potential phishing indicators".into()); + } + } + + for pat in SPAM_PATTERNS.iter() { + if pat.is_match(text) { + score += 15; + if threat_type.is_none() { + threat_type = Some("spam".into()); + threat_details = Some("Text contains potential spam indicators".into()); + } + } + } + + for pat in MALWARE_PATTERNS.iter() { + if pat.is_match(text) { + score += 30; + threat_type = Some("malware".into()); + threat_details = Some("Text contains potential malware indicators".into()); + } + } + + for pat in SENSITIVE_DATA_PATTERNS.iter() { + if pat.is_match(text) { + score += 25; + if threat_type.is_none() { + threat_type = Some("sensitive_data".into()); + threat_details = Some("Text contains potentially sensitive data patterns".into()); + } + } + } + } + + // ── HTML body scanning ──────────────────────────────────────────── + if let Some(html) = html_body { + scanned.push("html".into()); + + // Script injection check + for pat in SCRIPT_INJECTION_PATTERNS.iter() { + if pat.is_match(html) { + score += 40; + if threat_type.as_deref() != Some("xss") { + threat_type = Some("xss".into()); + threat_details = Some("HTML contains potentially malicious script content".into()); + } + } + } + + // Extract text from HTML and scan (half score to avoid double counting) + let text_content = extract_text_from_html(html); + if !text_content.is_empty() { + let mut html_text_score: u32 = 0; + let mut html_text_type: Option = None; + let mut html_text_details: Option = None; + + // Re-run text patterns on extracted HTML text + for pat in SUSPICIOUS_LINK_PATTERNS.iter() { + if pat.is_match(&text_content) { + html_text_score += 20; + html_text_type = Some("suspicious_link".into()); + html_text_details = Some("Text contains suspicious links".into()); + } + } + for pat in PHISHING_PATTERNS.iter() { + if pat.is_match(&text_content) { + html_text_score += 25; + html_text_type = Some("phishing".into()); + html_text_details = Some("Text contains potential phishing indicators".into()); + } + } + for pat in SPAM_PATTERNS.iter() { + if pat.is_match(&text_content) { + html_text_score += 15; + if html_text_type.is_none() { + html_text_type = Some("spam".into()); + html_text_details = Some("Text contains potential spam indicators".into()); + } + } + } + for pat in MALWARE_PATTERNS.iter() { + if pat.is_match(&text_content) { + html_text_score += 30; + html_text_type = Some("malware".into()); + html_text_details = Some("Text contains potential malware indicators".into()); + } + } + for pat in SENSITIVE_DATA_PATTERNS.iter() { + if pat.is_match(&text_content) { + html_text_score += 25; + if html_text_type.is_none() { + html_text_type = Some("sensitive_data".into()); + html_text_details = Some("Text contains potentially sensitive data patterns".into()); + } + } + } + + if html_text_score > 0 { + // Add half of the text content score to avoid double counting + score += html_text_score / 2; + if let Some(t) = html_text_type { + if threat_type.is_none() || html_text_score > score { + threat_type = Some(t); + threat_details = html_text_details; + } + } + } + } + + // Extract and check links from HTML + let links = extract_links_from_html(html); + if !links.is_empty() { + let mut suspicious_count = 0u32; + for link in &links { + if matches_any(link, &SUSPICIOUS_LINK_PATTERNS) { + suspicious_count += 1; + } + } + + if suspicious_count > 0 { + let pct = (suspicious_count as f64 / links.len() as f64) * 100.0; + let additional = std::cmp::min(40, (pct / 2.5) as u32); + score += additional; + + if additional > 20 || threat_type.is_none() { + threat_type = Some("suspicious_link".into()); + threat_details = Some(format!( + "HTML contains {} suspicious links out of {} total links", + suspicious_count, + links.len() + )); + } + } + } + } + + // ── Attachment filename scanning ────────────────────────────────── + for name in attachment_names { + let lower = name.to_lowercase(); + scanned.push(format!("attachment:{}", lower)); + + // Check executable extensions + for ext in EXECUTABLE_EXTENSIONS.iter() { + if lower.ends_with(ext) { + score += 70; + threat_type = Some("executable".into()); + threat_details = Some(format!( + "Attachment has a potentially dangerous extension: {}", + name + )); + break; + } + } + + // Check macro document extensions + for ext in MACRO_DOCUMENT_EXTENSIONS.iter() { + if lower.ends_with(ext) { + // Flag macro-capable documents (lower score than executables) + score += 20; + if threat_type.is_none() { + threat_type = Some("malicious_macro".into()); + threat_details = Some(format!( + "Attachment is a macro-capable document: {}", + name + )); + } + break; + } + } + } + + ContentScanResult { + threat_score: score, + threat_type, + threat_details, + scanned_elements: scanned, + } +} + +// --------------------------------------------------------------------------- +// Tests +// --------------------------------------------------------------------------- + +#[cfg(test)] +mod tests { + use super::*; + + #[test] + fn test_clean_content() { + let result = scan_content( + Some("Project Update"), + Some("The project is on track."), + None, + &[], + ); + assert_eq!(result.threat_score, 0); + assert!(result.threat_type.is_none()); + } + + #[test] + fn test_phishing_subject() { + let result = scan_content( + Some("URGENT: Verify your bank account details immediately"), + None, + None, + &[], + ); + assert!(result.threat_score >= 25); + assert_eq!(result.threat_type.as_deref(), Some("phishing")); + } + + #[test] + fn test_spam_body() { + let result = scan_content( + None, + Some("Win a million dollars in the lottery winner contest!"), + None, + &[], + ); + assert!(result.threat_score >= 15); + assert_eq!(result.threat_type.as_deref(), Some("spam")); + } + + #[test] + fn test_suspicious_links() { + let result = scan_content( + None, + Some("Check out https://bit.ly/2x3F5 for more info"), + None, + &[], + ); + assert!(result.threat_score >= 20); + assert_eq!(result.threat_type.as_deref(), Some("suspicious_link")); + } + + #[test] + fn test_script_injection() { + let result = scan_content( + None, + None, + Some("

Hello

"), + &[], + ); + assert!(result.threat_score >= 40); + assert_eq!(result.threat_type.as_deref(), Some("xss")); + } + + #[test] + fn test_executable_attachment() { + let result = scan_content( + None, + None, + None, + &["update.exe".into()], + ); + assert!(result.threat_score >= 70); + assert_eq!(result.threat_type.as_deref(), Some("executable")); + } + + #[test] + fn test_macro_document() { + let result = scan_content( + None, + None, + None, + &["report.docm".into()], + ); + assert!(result.threat_score >= 20); + assert_eq!(result.threat_type.as_deref(), Some("malicious_macro")); + } + + #[test] + fn test_malware_indicators() { + let result = scan_content( + None, + Some("Please enable macros to view this document properly."), + None, + &[], + ); + assert!(result.threat_score >= 30); + assert_eq!(result.threat_type.as_deref(), Some("malware")); + } + + #[test] + fn test_html_link_extraction() { + let result = scan_content( + None, + None, + Some(r#"click and here"#), + &[], + ); + assert!(result.threat_score > 0); + } + + #[test] + fn test_compound_threats() { + let result = scan_content( + Some("URGENT: Verify your account details immediately"), + Some("Your account will be suspended unless you verify at https://bit.ly/2x3F5"), + Some(r#"verify"#), + &["verification.exe".into()], + ); + assert!(result.threat_score > 70); + } +} diff --git a/rust/crates/mailer-security/src/lib.rs b/rust/crates/mailer-security/src/lib.rs index 65f6022..c2ef4ed 100644 --- a/rust/crates/mailer-security/src/lib.rs +++ b/rust/crates/mailer-security/src/lib.rs @@ -1,5 +1,6 @@ //! mailer-security: DKIM, SPF, DMARC verification, and IP reputation checking. +pub mod content_scanner; pub mod dkim; pub mod dmarc; pub mod error; diff --git a/test/test.bouncemanager.ts b/test/test.bouncemanager.ts index b236b17..0385bcd 100644 --- a/test/test.bouncemanager.ts +++ b/test/test.bouncemanager.ts @@ -1,6 +1,13 @@ import { tap, expect } from '@git.zone/tstest/tapbundle'; import { BounceManager, BounceType, BounceCategory } from '../ts/mail/core/classes.bouncemanager.js'; import { Email } from '../ts/mail/core/classes.email.js'; +import { RustSecurityBridge } from '../ts/security/classes.rustsecuritybridge.js'; + +tap.test('setup - start Rust security bridge', async () => { + const bridge = RustSecurityBridge.getInstance(); + const ok = await bridge.start(); + expect(ok).toEqual(true); +}); /** * Test the BounceManager class @@ -189,6 +196,10 @@ tap.test('BounceManager - should handle retries for soft bounces', async () => { expect(info.expiresAt).toBeUndefined(); // Permanent }); +tap.test('cleanup - stop Rust security bridge', async () => { + await RustSecurityBridge.getInstance().stop(); +}); + tap.test('stop', async () => { await tap.stopForcefully(); }); diff --git a/test/test.contentscanner.ts b/test/test.contentscanner.ts index f4e30df..8511aba 100644 --- a/test/test.contentscanner.ts +++ b/test/test.contentscanner.ts @@ -1,6 +1,13 @@ import { tap, expect } from '@git.zone/tstest/tapbundle'; import { ContentScanner, ThreatCategory } from '../ts/security/classes.contentscanner.js'; import { Email } from '../ts/mail/core/classes.email.js'; +import { RustSecurityBridge } from '../ts/security/classes.rustsecuritybridge.js'; + +tap.test('setup - start Rust security bridge', async () => { + const bridge = RustSecurityBridge.getInstance(); + const ok = await bridge.start(); + expect(ok).toEqual(true); +}); // Test instantiation tap.test('ContentScanner - should be instantiable', async () => { @@ -258,6 +265,10 @@ tap.test('ContentScanner - should classify threat levels correctly', async () => expect(ContentScanner.getThreatLevel(80)).toEqual('high'); }); +tap.test('cleanup - stop Rust security bridge', async () => { + await RustSecurityBridge.getInstance().stop(); +}); + tap.test('stop', async () => { await tap.stopForcefully(); }); diff --git a/ts/00_commitinfo_data.ts b/ts/00_commitinfo_data.ts index 8e3a27c..1186d55 100644 --- a/ts/00_commitinfo_data.ts +++ b/ts/00_commitinfo_data.ts @@ -3,6 +3,6 @@ */ export const commitinfo = { name: '@push.rocks/smartmta', - version: '2.0.1', + version: '2.1.0', description: 'A high-performance, enterprise-grade Mail Transfer Agent (MTA) built from scratch in TypeScript with Rust acceleration.' } diff --git a/ts/mail/core/classes.bouncemanager.ts b/ts/mail/core/classes.bouncemanager.ts index a1652f4..a94e4ac 100644 --- a/ts/mail/core/classes.bouncemanager.ts +++ b/ts/mail/core/classes.bouncemanager.ts @@ -2,6 +2,7 @@ import * as plugins from '../../plugins.js'; import * as paths from '../../paths.js'; import { logger } from '../../logger.js'; import { SecurityLogger, SecurityLogLevel, SecurityEventType } from '../../security/index.js'; +import { RustSecurityBridge } from '../../security/classes.rustsecuritybridge.js'; import { LRUCache } from 'lru-cache'; import type { Email } from './classes.email.js'; @@ -63,112 +64,6 @@ export interface BounceRecord { nextRetryTime?: number; } -/** - * Email bounce patterns to identify bounce types in SMTP responses and bounce messages - */ -const BOUNCE_PATTERNS = { - // Hard bounce patterns - [BounceType.INVALID_RECIPIENT]: [ - /no such user/i, - /user unknown/i, - /does not exist/i, - /invalid recipient/i, - /unknown recipient/i, - /no mailbox/i, - /user not found/i, - /recipient address rejected/i, - /550 5\.1\.1/i - ], - [BounceType.DOMAIN_NOT_FOUND]: [ - /domain not found/i, - /unknown domain/i, - /no such domain/i, - /host not found/i, - /domain invalid/i, - /550 5\.1\.2/i - ], - [BounceType.MAILBOX_FULL]: [ - /mailbox full/i, - /over quota/i, - /quota exceeded/i, - /552 5\.2\.2/i - ], - [BounceType.MAILBOX_INACTIVE]: [ - /mailbox disabled/i, - /mailbox inactive/i, - /account disabled/i, - /mailbox not active/i, - /account suspended/i - ], - [BounceType.BLOCKED]: [ - /blocked/i, - /rejected/i, - /denied/i, - /blacklisted/i, - /prohibited/i, - /refused/i, - /550 5\.7\./i - ], - [BounceType.SPAM_RELATED]: [ - /spam/i, - /bulk mail/i, - /content rejected/i, - /message rejected/i, - /550 5\.7\.1/i - ], - - // Soft bounce patterns - [BounceType.SERVER_UNAVAILABLE]: [ - /server unavailable/i, - /service unavailable/i, - /try again later/i, - /try later/i, - /451 4\.3\./i, - /421 4\.3\./i - ], - [BounceType.TEMPORARY_FAILURE]: [ - /temporary failure/i, - /temporary error/i, - /temporary problem/i, - /try again/i, - /451 4\./i - ], - [BounceType.QUOTA_EXCEEDED]: [ - /quota temporarily exceeded/i, - /mailbox temporarily full/i, - /452 4\.2\.2/i - ], - [BounceType.NETWORK_ERROR]: [ - /network error/i, - /connection error/i, - /connection timed out/i, - /routing error/i, - /421 4\.4\./i - ], - [BounceType.TIMEOUT]: [ - /timed out/i, - /timeout/i, - /450 4\.4\.2/i - ], - - // Auto-responses - [BounceType.AUTO_RESPONSE]: [ - /auto[- ]reply/i, - /auto[- ]response/i, - /vacation/i, - /out of office/i, - /away from office/i, - /on vacation/i, - /automatic reply/i - ], - [BounceType.CHALLENGE_RESPONSE]: [ - /challenge[- ]response/i, - /verify your email/i, - /confirm your email/i, - /email verification/i - ] -}; - /** * Retry strategy configuration for soft bounces */ @@ -269,16 +164,16 @@ export class BounceManager { nextRetryTime: bounceData.nextRetryTime }; - // Determine bounce type and category if not provided + // Determine bounce type and category via Rust bridge if not provided if (!bounceData.bounceType || bounceData.bounceType === BounceType.UNKNOWN) { - const bounceInfo = this.detectBounceType( - bounce.smtpResponse || '', - bounce.diagnosticCode || '', - bounce.statusCode || '' - ); - - bounce.bounceType = bounceInfo.type; - bounce.bounceCategory = bounceInfo.category; + const bridge = RustSecurityBridge.getInstance(); + const rustResult = await bridge.detectBounce({ + smtpResponse: bounce.smtpResponse, + diagnosticCode: bounce.diagnosticCode, + statusCode: bounce.statusCode, + }); + bounce.bounceType = rustResult.bounce_type as BounceType; + bounce.bounceCategory = rustResult.category as BounceCategory; } // Process the bounce based on category @@ -791,134 +686,6 @@ export class BounceManager { return this.bounceCache.get(email.toLowerCase()) || null; } - /** - * Analyze SMTP response and diagnostic codes to determine bounce type - * @param smtpResponse SMTP response string - * @param diagnosticCode Diagnostic code from bounce - * @param statusCode Status code from bounce - * @returns Detected bounce type and category - */ - private detectBounceType( - smtpResponse: string, - diagnosticCode: string, - statusCode: string - ): { - type: BounceType; - category: BounceCategory; - } { - // Combine all text for comprehensive pattern matching - const fullText = `${smtpResponse} ${diagnosticCode} ${statusCode}`.toLowerCase(); - - // Check for auto-responses first - if (this.matchesPattern(fullText, BounceType.AUTO_RESPONSE) || - this.matchesPattern(fullText, BounceType.CHALLENGE_RESPONSE)) { - return { - type: BounceType.AUTO_RESPONSE, - category: BounceCategory.AUTO_RESPONSE - }; - } - - // Check for hard bounces - for (const bounceType of [ - BounceType.INVALID_RECIPIENT, - BounceType.DOMAIN_NOT_FOUND, - BounceType.MAILBOX_FULL, - BounceType.MAILBOX_INACTIVE, - BounceType.BLOCKED, - BounceType.SPAM_RELATED, - BounceType.POLICY_RELATED - ]) { - if (this.matchesPattern(fullText, bounceType)) { - return { - type: bounceType, - category: BounceCategory.HARD - }; - } - } - - // Check for soft bounces - for (const bounceType of [ - BounceType.SERVER_UNAVAILABLE, - BounceType.TEMPORARY_FAILURE, - BounceType.QUOTA_EXCEEDED, - BounceType.NETWORK_ERROR, - BounceType.TIMEOUT - ]) { - if (this.matchesPattern(fullText, bounceType)) { - return { - type: bounceType, - category: BounceCategory.SOFT - }; - } - } - - // Handle DSN (Delivery Status Notification) status codes - if (statusCode) { - // Format: class.subject.detail - const parts = statusCode.split('.'); - if (parts.length >= 2) { - const statusClass = parts[0]; - const statusSubject = parts[1]; - - // 5.X.X is permanent failure (hard bounce) - if (statusClass === '5') { - // Try to determine specific type based on subject - if (statusSubject === '1') { - return { type: BounceType.INVALID_RECIPIENT, category: BounceCategory.HARD }; - } else if (statusSubject === '2') { - return { type: BounceType.MAILBOX_FULL, category: BounceCategory.HARD }; - } else if (statusSubject === '7') { - return { type: BounceType.BLOCKED, category: BounceCategory.HARD }; - } else { - return { type: BounceType.UNKNOWN, category: BounceCategory.HARD }; - } - } - - // 4.X.X is temporary failure (soft bounce) - if (statusClass === '4') { - // Try to determine specific type based on subject - if (statusSubject === '2') { - return { type: BounceType.QUOTA_EXCEEDED, category: BounceCategory.SOFT }; - } else if (statusSubject === '3') { - return { type: BounceType.SERVER_UNAVAILABLE, category: BounceCategory.SOFT }; - } else if (statusSubject === '4') { - return { type: BounceType.NETWORK_ERROR, category: BounceCategory.SOFT }; - } else { - return { type: BounceType.TEMPORARY_FAILURE, category: BounceCategory.SOFT }; - } - } - } - } - - // Default to unknown - return { - type: BounceType.UNKNOWN, - category: BounceCategory.UNKNOWN - }; - } - - /** - * Check if text matches any pattern for a bounce type - * @param text Text to check against patterns - * @param bounceType Bounce type to get patterns for - * @returns Whether the text matches any pattern - */ - private matchesPattern(text: string, bounceType: BounceType): boolean { - const patterns = BOUNCE_PATTERNS[bounceType]; - - if (!patterns) { - return false; - } - - for (const pattern of patterns) { - if (pattern.test(text)) { - return true; - } - } - - return false; - } - /** * Get all known hard bounced addresses * @returns Array of hard bounced email addresses diff --git a/ts/security/classes.contentscanner.ts b/ts/security/classes.contentscanner.ts index 094ce15..4146f25 100644 --- a/ts/security/classes.contentscanner.ts +++ b/ts/security/classes.contentscanner.ts @@ -4,6 +4,7 @@ import { logger } from '../logger.js'; import { Email } from '../mail/core/classes.email.js'; import type { IAttachment } from '../mail/core/classes.email.js'; import { SecurityLogger, SecurityLogLevel, SecurityEventType } from './classes.securitylogger.js'; +import { RustSecurityBridge } from './classes.rustsecuritybridge.js'; import { LRUCache } from 'lru-cache'; /** @@ -65,75 +66,6 @@ export class ContentScanner { private scanCache: LRUCache; private options: Required; - // Predefined patterns for common threats - private static readonly MALICIOUS_PATTERNS = { - // Phishing patterns - phishing: [ - /(?:verify|confirm|update|login).*(?:account|password|details)/i, - /urgent.*(?:action|attention|required)/i, - /(?:paypal|apple|microsoft|amazon|google|bank).*(?:verify|confirm|suspend)/i, - /your.*(?:account).*(?:suspended|compromised|locked)/i, - /\b(?:password reset|security alert|security notice)\b/i - ], - - // Spam indicators - spam: [ - /\b(?:viagra|cialis|enlargement|diet pill|lose weight fast|cheap meds)\b/i, - /\b(?:million dollars|lottery winner|prize claim|inheritance|rich widow)\b/i, - /\b(?:earn from home|make money fast|earn \$\d{3,}\/day)\b/i, - /\b(?:limited time offer|act now|exclusive deal|only \d+ left)\b/i, - /\b(?:forex|stock tip|investment opportunity|cryptocurrency|bitcoin)\b/i - ], - - // Malware indicators in text - malware: [ - /(?:attached file|see attachment).*(?:invoice|receipt|statement|document)/i, - /open.*(?:the attached|this attachment)/i, - /(?:enable|allow).*(?:macros|content|editing)/i, - /download.*(?:attachment|file|document)/i, - /\b(?:ransomware protection|virus alert|malware detected)\b/i - ], - - // Suspicious links - suspiciousLinks: [ - /https?:\/\/bit\.ly\//i, - /https?:\/\/goo\.gl\//i, - /https?:\/\/t\.co\//i, - /https?:\/\/tinyurl\.com\//i, - /https?:\/\/(?:\d{1,3}\.){3}\d{1,3}/i, // IP address URLs - /https?:\/\/.*\.(?:xyz|top|club|gq|cf)\//i, // Suspicious TLDs - /(?:login|account|signin|auth).*\.(?!gov|edu|com|org|net)\w+\.\w+/i, // Login pages on unusual domains - ], - - // XSS and script injection - scriptInjection: [ - /.*<\/script>/is, - /javascript:/i, - /on(?:click|load|mouse|error|focus|blur)=".*"/i, - /document\.(?:cookie|write|location)/i, - /eval\s*\(/i - ], - - // Sensitive data patterns - sensitiveData: [ - /\b(?:\d{3}-\d{2}-\d{4}|\d{9})\b/, // SSN - /\b\d{13,16}\b/, // Credit card numbers - /\b(?:[A-Za-z0-9+/]{4})*(?:[A-Za-z0-9+/]{2}==|[A-Za-z0-9+/]{3}=|[A-Za-z0-9+/]{4})\b/ // Possible Base64 - ] - }; - - // Common executable extensions - private static readonly EXECUTABLE_EXTENSIONS = [ - '.exe', '.dll', '.bat', '.cmd', '.msi', '.ts', '.vbs', '.ps1', - '.sh', '.jar', '.py', '.com', '.scr', '.pif', '.hta', '.cpl', - '.reg', '.vba', '.lnk', '.wsf', '.msi', '.msp', '.mst' - ]; - - // Document formats that may contain macros - private static readonly MACRO_DOCUMENT_EXTENSIONS = [ - '.doc', '.docm', '.xls', '.xlsm', '.ppt', '.pptm', '.dotm', '.xlsb', '.ppam', '.potm' - ]; - /** * Default options for the content scanner */ @@ -185,7 +117,9 @@ export class ContentScanner { } /** - * Scan an email for malicious content + * Scan an email for malicious content. + * Delegates text/subject/html/filename pattern scanning to Rust. + * Binary attachment scanning (PE headers, VBA macros) stays in TS. * @param email The email to scan * @returns Scan result */ @@ -193,74 +127,67 @@ export class ContentScanner { try { // Generate a cache key from the email const cacheKey = this.generateCacheKey(email); - + // Check cache first const cachedResult = this.scanCache.get(cacheKey); if (cachedResult) { logger.log('info', `Using cached scan result for email ${email.getMessageId()}`); return cachedResult; } - - // Initialize scan result + + // Delegate text/subject/html/filename scanning to Rust + const bridge = RustSecurityBridge.getInstance(); + const rustResult = await bridge.scanContent({ + subject: this.options.scanSubject ? email.subject : undefined, + textBody: this.options.scanBody ? email.text : undefined, + htmlBody: this.options.scanBody ? email.html : undefined, + attachmentNames: this.options.scanAttachmentNames + ? email.attachments?.map(a => a.filename) ?? [] + : [], + }); + const result: IScanResult = { isClean: true, - threatScore: 0, - scannedElements: [], - timestamp: Date.now() + threatScore: rustResult.threatScore, + threatType: rustResult.threatType ?? undefined, + threatDetails: rustResult.threatDetails ?? undefined, + scannedElements: rustResult.scannedElements, + timestamp: Date.now(), }; - - // List of scan promises - const scanPromises: Array> = []; - - // Scan subject - if (this.options.scanSubject && email.subject) { - scanPromises.push(this.scanSubject(email.subject, result)); - } - - // Scan body content - if (this.options.scanBody) { - if (email.text) { - scanPromises.push(this.scanTextContent(email.text, result)); - } - - if (email.html) { - scanPromises.push(this.scanHtmlContent(email.html, result)); - } - } - - // Scan attachments - if (this.options.scanAttachments && email.attachments && email.attachments.length > 0) { + + // Attachment binary scanning stays in TS (PE headers, macro detection) + if (this.options.scanAttachments && email.attachments?.length > 0) { for (const attachment of email.attachments) { - scanPromises.push(this.scanAttachment(attachment, result)); + this.scanAttachmentBinary(attachment, result); } } - - // Run all scans in parallel - await Promise.all(scanPromises); - + + // Apply custom rules (TS-only, runtime-configured) + this.applyCustomRules(email, result); + // Determine if the email is clean based on threat score result.isClean = result.threatScore < this.options.minThreatScore; - + // Save to cache this.scanCache.set(cacheKey, result); - + // Log high threat findings if (result.threatScore >= this.options.highThreatScore) { this.logHighThreatFound(email, result); } else if (!result.isClean) { this.logThreatFound(email, result); } - + return result; } catch (error) { logger.log('error', `Error scanning email: ${error.message}`, { messageId: email.getMessageId(), error: error.stack }); - + // Return a safe default with error indication return { - isClean: true, // Let it pass if scanner fails (configure as desired) + isClean: true, threatScore: 0, scannedElements: ['error'], timestamp: Date.now(), @@ -269,7 +196,7 @@ export class ContentScanner { }; } } - + /** * Generate a cache key from an email * @param email The email to generate a key for @@ -280,7 +207,7 @@ export class ContentScanner { if (email.getMessageId()) { return `email:${email.getMessageId()}`; } - + // Fallback to a hash of key content const contentToHash = [ email.from, @@ -289,321 +216,75 @@ export class ContentScanner { email.html?.substring(0, 1000) || '', email.attachments?.length || 0 ].join(':'); - + return `email:${plugins.crypto.createHash('sha256').update(contentToHash).digest('hex')}`; } - + /** - * Scan email subject for threats - * @param subject The subject to scan - * @param result The scan result to update - */ - private async scanSubject(subject: string, result: IScanResult): Promise { - result.scannedElements.push('subject'); - - // Check against phishing patterns - for (const pattern of ContentScanner.MALICIOUS_PATTERNS.phishing) { - if (pattern.test(subject)) { - result.threatScore += 25; - result.threatType = ThreatCategory.PHISHING; - result.threatDetails = `Subject contains potential phishing indicators: ${subject}`; - return; - } - } - - // Check against spam patterns - for (const pattern of ContentScanner.MALICIOUS_PATTERNS.spam) { - if (pattern.test(subject)) { - result.threatScore += 15; - result.threatType = ThreatCategory.SPAM; - result.threatDetails = `Subject contains potential spam indicators: ${subject}`; - return; - } - } - - // Check custom rules - for (const rule of this.options.customRules) { - const pattern = rule.pattern instanceof RegExp ? rule.pattern : new RegExp(rule.pattern, 'i'); - if (pattern.test(subject)) { - result.threatScore += rule.score; - result.threatType = rule.type; - result.threatDetails = rule.description; - return; - } - } - } - - /** - * Scan plain text content for threats - * @param text The text content to scan - * @param result The scan result to update - */ - private async scanTextContent(text: string, result: IScanResult): Promise { - result.scannedElements.push('text'); - - // Check suspicious links - for (const pattern of ContentScanner.MALICIOUS_PATTERNS.suspiciousLinks) { - if (pattern.test(text)) { - result.threatScore += 20; - if (!result.threatType || result.threatScore > (result.threatType === ThreatCategory.SUSPICIOUS_LINK ? 0 : 20)) { - result.threatType = ThreatCategory.SUSPICIOUS_LINK; - result.threatDetails = `Text contains suspicious links`; - } - } - } - - // Check phishing - for (const pattern of ContentScanner.MALICIOUS_PATTERNS.phishing) { - if (pattern.test(text)) { - result.threatScore += 25; - if (!result.threatType || result.threatScore > (result.threatType === ThreatCategory.PHISHING ? 0 : 25)) { - result.threatType = ThreatCategory.PHISHING; - result.threatDetails = `Text contains potential phishing indicators`; - } - } - } - - // Check spam - for (const pattern of ContentScanner.MALICIOUS_PATTERNS.spam) { - if (pattern.test(text)) { - result.threatScore += 15; - if (!result.threatType || result.threatScore > (result.threatType === ThreatCategory.SPAM ? 0 : 15)) { - result.threatType = ThreatCategory.SPAM; - result.threatDetails = `Text contains potential spam indicators`; - } - } - } - - // Check malware indicators - for (const pattern of ContentScanner.MALICIOUS_PATTERNS.malware) { - if (pattern.test(text)) { - result.threatScore += 30; - if (!result.threatType || result.threatScore > (result.threatType === ThreatCategory.MALWARE ? 0 : 30)) { - result.threatType = ThreatCategory.MALWARE; - result.threatDetails = `Text contains potential malware indicators`; - } - } - } - - // Check sensitive data - for (const pattern of ContentScanner.MALICIOUS_PATTERNS.sensitiveData) { - if (pattern.test(text)) { - result.threatScore += 25; - if (!result.threatType || result.threatScore > (result.threatType === ThreatCategory.SENSITIVE_DATA ? 0 : 25)) { - result.threatType = ThreatCategory.SENSITIVE_DATA; - result.threatDetails = `Text contains potentially sensitive data patterns`; - } - } - } - - // Check custom rules - for (const rule of this.options.customRules) { - const pattern = rule.pattern instanceof RegExp ? rule.pattern : new RegExp(rule.pattern, 'i'); - if (pattern.test(text)) { - result.threatScore += rule.score; - if (!result.threatType || result.threatScore > 20) { - result.threatType = rule.type; - result.threatDetails = rule.description; - } - } - } - } - - /** - * Scan HTML content for threats - * @param html The HTML content to scan - * @param result The scan result to update - */ - private async scanHtmlContent(html: string, result: IScanResult): Promise { - result.scannedElements.push('html'); - - // Check for script injection - for (const pattern of ContentScanner.MALICIOUS_PATTERNS.scriptInjection) { - if (pattern.test(html)) { - result.threatScore += 40; - if (!result.threatType || result.threatType !== ThreatCategory.XSS) { - result.threatType = ThreatCategory.XSS; - result.threatDetails = `HTML contains potentially malicious script content`; - } - } - } - - // Extract text content from HTML for further scanning - const textContent = this.extractTextFromHtml(html); - if (textContent) { - // We'll leverage the text scanning but not double-count threat score - const tempResult: IScanResult = { - isClean: true, - threatScore: 0, - scannedElements: [], - timestamp: Date.now() - }; - - await this.scanTextContent(textContent, tempResult); - - // Only add additional threat types if they're more severe - if (tempResult.threatType && tempResult.threatScore > 0) { - // Add half of the text content score to avoid double counting - result.threatScore += Math.floor(tempResult.threatScore / 2); - - // Adopt the threat type if more severe or no existing type - if (!result.threatType || tempResult.threatScore > result.threatScore) { - result.threatType = tempResult.threatType; - result.threatDetails = tempResult.threatDetails; - } - } - } - - // Extract and check links from HTML - const links = this.extractLinksFromHtml(html); - if (links.length > 0) { - // Check for suspicious links - let suspiciousLinks = 0; - for (const link of links) { - for (const pattern of ContentScanner.MALICIOUS_PATTERNS.suspiciousLinks) { - if (pattern.test(link)) { - suspiciousLinks++; - break; - } - } - } - - if (suspiciousLinks > 0) { - // Add score based on percentage of suspicious links - const suspiciousPercentage = (suspiciousLinks / links.length) * 100; - const additionalScore = Math.min(40, Math.floor(suspiciousPercentage / 2.5)); - result.threatScore += additionalScore; - - if (!result.threatType || additionalScore > 20) { - result.threatType = ThreatCategory.SUSPICIOUS_LINK; - result.threatDetails = `HTML contains ${suspiciousLinks} suspicious links out of ${links.length} total links`; - } - } - } - } - - /** - * Scan an attachment for threats + * Scan attachment binary content for PE headers and VBA macros. + * This stays in TS because it accesses raw Buffer data (too large for IPC). * @param attachment The attachment to scan * @param result The scan result to update */ - private async scanAttachment(attachment: IAttachment, result: IScanResult): Promise { - const filename = attachment.filename.toLowerCase(); - result.scannedElements.push(`attachment:${filename}`); - - // Skip large attachments if configured - if (attachment.content && attachment.content.length > this.options.maxAttachmentSizeToScan) { - logger.log('info', `Skipping scan of large attachment: ${filename} (${attachment.content.length} bytes)`); + private scanAttachmentBinary(attachment: IAttachment, result: IScanResult): void { + if (!attachment.content) { return; } - - // Check filename for executable extensions - if (this.options.blockExecutables) { - for (const ext of ContentScanner.EXECUTABLE_EXTENSIONS) { - if (filename.endsWith(ext)) { - result.threatScore += 70; // High score for executable attachments - result.threatType = ThreatCategory.EXECUTABLE; - result.threatDetails = `Attachment has a potentially dangerous extension: ${filename}`; - return; // No need to scan contents if filename already flagged - } - } + + // Skip large attachments + if (attachment.content.length > this.options.maxAttachmentSizeToScan) { + return; } - - // Check for Office documents with macros - if (this.options.blockMacros) { - for (const ext of ContentScanner.MACRO_DOCUMENT_EXTENSIONS) { - if (filename.endsWith(ext)) { - // For Office documents, check if they contain macros - // This is a simplified check - a real implementation would use specialized libraries - // to detect macros in Office documents - if (attachment.content && this.likelyContainsMacros(attachment)) { - result.threatScore += 60; - result.threatType = ThreatCategory.MALICIOUS_MACRO; - result.threatDetails = `Attachment appears to contain macros: ${filename}`; - return; - } - } - } + + const filename = attachment.filename.toLowerCase(); + + // Check for PE headers (Windows executables disguised with non-.exe extensions) + if (attachment.content.length > 64 && + attachment.content[0] === 0x4D && + attachment.content[1] === 0x5A) { // 'MZ' header + result.threatScore += 80; + result.threatType = ThreatCategory.EXECUTABLE; + result.threatDetails = `Attachment contains executable code: ${filename}`; + return; } - - // Perform basic content analysis if we have content buffer - if (attachment.content) { - // Convert to string for scanning, with a limit to prevent memory issues - const textContent = this.extractTextFromBuffer(attachment.content); - - if (textContent) { - // Scan for malicious patterns in attachment content - for (const category in ContentScanner.MALICIOUS_PATTERNS) { - const patterns = ContentScanner.MALICIOUS_PATTERNS[category]; - for (const pattern of patterns) { - if (pattern.test(textContent)) { - result.threatScore += 30; - - if (!result.threatType) { - result.threatType = this.mapCategoryToThreatType(category); - result.threatDetails = `Attachment content contains suspicious patterns: ${filename}`; - } - - break; - } - } - } - } - - // Check for PE headers (Windows executables) - if (attachment.content.length > 64 && - attachment.content[0] === 0x4D && - attachment.content[1] === 0x5A) { // 'MZ' header - result.threatScore += 80; - result.threatType = ThreatCategory.EXECUTABLE; - result.threatDetails = `Attachment contains executable code: ${filename}`; - } + + // Check for VBA macro indicators in Office documents + if (this.options.blockMacros && this.likelyContainsMacros(attachment)) { + result.threatScore += 60; + result.threatType = ThreatCategory.MALICIOUS_MACRO; + result.threatDetails = `Attachment appears to contain macros: ${filename}`; } } - + /** - * Extract links from HTML content - * @param html HTML content - * @returns Array of extracted links + * Apply custom rules (runtime-configured patterns) to the email. + * These stay in TS because they are configured at runtime. + * @param email The email to check + * @param result The scan result to update */ - private extractLinksFromHtml(html: string): string[] { - const links: string[] = []; - - // Simple regex-based extraction - a real implementation might use a proper HTML parser - const matches = html.match(/href=["'](https?:\/\/[^"']+)["']/gi); - if (matches) { - for (const match of matches) { - const linkMatch = match.match(/href=["'](https?:\/\/[^"']+)["']/i); - if (linkMatch && linkMatch[1]) { - links.push(linkMatch[1]); + private applyCustomRules(email: Email, result: IScanResult): void { + if (!this.options.customRules.length) { + return; + } + + const textsToCheck: string[] = []; + if (email.subject) textsToCheck.push(email.subject); + if (email.text) textsToCheck.push(email.text); + if (email.html) textsToCheck.push(email.html); + + for (const rule of this.options.customRules) { + const pattern = rule.pattern instanceof RegExp ? rule.pattern : new RegExp(rule.pattern, 'i'); + for (const text of textsToCheck) { + if (pattern.test(text)) { + result.threatScore += rule.score; + result.threatType = rule.type; + result.threatDetails = rule.description; + return; } } } - - return links; } - - /** - * Extract plain text from HTML - * @param html HTML content - * @returns Extracted text - */ - private extractTextFromHtml(html: string): string { - // Remove HTML tags and decode entities - simplified version - return html - .replace(/]*>.*?<\/style>/gs, '') - .replace(/]*>.*?<\/script>/gs, '') - .replace(/<[^>]+>/g, ' ') - .replace(/ /g, ' ') - .replace(/</g, '<') - .replace(/>/g, '>') - .replace(/&/g, '&') - .replace(/"/g, '"') - .replace(/'/g, "'") - .replace(/\s+/g, ' ') - .trim(); - } - + /** * Extract text from a binary buffer for scanning * @param buffer Binary content @@ -614,7 +295,7 @@ export class ContentScanner { // Limit the amount we convert to avoid memory issues const sampleSize = Math.min(buffer.length, 100 * 1024); // 100KB max sample const sample = buffer.slice(0, sampleSize); - + // Try to convert to string, filtering out non-printable chars return sample.toString('utf8') .replace(/[\x00-\x09\x0B-\x1F\x7F-\x9F]/g, '') // Remove control chars @@ -624,16 +305,13 @@ export class ContentScanner { return ''; } } - + /** * Check if an Office document likely contains macros - * This is a simplified check - real implementation would use specialized libraries * @param attachment The attachment to check * @returns Whether the file likely contains macros */ private likelyContainsMacros(attachment: IAttachment): boolean { - // Simple heuristic: look for VBA/macro related strings - // This is a simplified approach and not comprehensive const content = this.extractTextFromBuffer(attachment.content); const macroIndicators = [ /vbaProject\.bin/i, @@ -647,33 +325,16 @@ export class ContentScanner { /\bShell\(/i, /\bCreateObject\(/i ]; - + for (const indicator of macroIndicators) { if (indicator.test(content)) { return true; } } - + return false; } - - /** - * Map a pattern category to a threat type - * @param category The pattern category - * @returns The corresponding threat type - */ - private mapCategoryToThreatType(category: string): string { - switch (category) { - case 'phishing': return ThreatCategory.PHISHING; - case 'spam': return ThreatCategory.SPAM; - case 'malware': return ThreatCategory.MALWARE; - case 'suspiciousLinks': return ThreatCategory.SUSPICIOUS_LINK; - case 'scriptInjection': return ThreatCategory.XSS; - case 'sensitiveData': return ThreatCategory.SENSITIVE_DATA; - default: return ThreatCategory.BLACKLISTED_CONTENT; - } - } - + /** * Log a high threat finding to the security logger * @param email The email containing the threat diff --git a/ts/security/classes.rustsecuritybridge.ts b/ts/security/classes.rustsecuritybridge.ts index 5ccb78f..150d85e 100644 --- a/ts/security/classes.rustsecuritybridge.ts +++ b/ts/security/classes.rustsecuritybridge.ts @@ -59,6 +59,13 @@ interface IReputationResult { total_checked: number; } +interface IContentScanResult { + threatScore: number; + threatType: string | null; + threatDetails: string | null; + scannedElements: string[]; +} + interface IVersionInfo { bin: string; core: string; @@ -102,6 +109,15 @@ type TMailerCommands = { params: { ip: string; heloDomain: string; hostname?: string; mailFrom: string }; result: ISpfResult; }; + scanContent: { + params: { + subject?: string; + textBody?: string; + htmlBody?: string; + attachmentNames?: string[]; + }; + result: IContentScanResult; + }; verifyEmail: { params: { rawMessage: string; @@ -243,6 +259,16 @@ export class RustSecurityBridge { return this.bridge.sendCommand('detectBounce', opts); } + /** Scan email content for threats (phishing, spam, malware, etc.). */ + public async scanContent(opts: { + subject?: string; + textBody?: string; + htmlBody?: string; + attachmentNames?: string[]; + }): Promise { + return this.bridge.sendCommand('scanContent', opts); + } + /** Check IP reputation via DNSBL. */ public async checkIpReputation(ip: string): Promise { return this.bridge.sendCommand('checkIpReputation', { ip }); @@ -298,6 +324,7 @@ export type { IEmailSecurityResult, IValidationResult, IBounceDetection, + IContentScanResult, IReputationResult as IRustReputationResult, IVersionInfo, };