38170 2020-03-02 11:09:33 +0300 There is no supported cipher suites for archive.apache.org 2021-02-02 15:39:23 +0300 1 1 4 Development Sisyphus java-1.8.0-openjdk unstable x86_64 Linux CLOSED FIXED P5 normal --- 1 blitzkrieg cas cas enp glebfm grenka mike qa-sisyphus oldest_to_newest 188262 0 8643 blitzkrieg 2020-03-02 11:09:33 +0300 Created attachment 8643 java code to get list of available cipher suites in the system I discovered that there is know supported cipher suites in any of Alt Linux docker container. I use attached java code to get list of supported cipher suites. You can compile it with javac Ciphers.java and run with java Ciphers This is the list of available cipher suites in alt:p9 Default Cipher * TLS_DHE_DSS_WITH_AES_128_CBC_SHA * TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 * TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 * TLS_DHE_DSS_WITH_AES_256_CBC_SHA * TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 * TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 * TLS_DHE_RSA_WITH_AES_128_CBC_SHA * TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 * TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 * TLS_DHE_RSA_WITH_AES_256_CBC_SHA * TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 * TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 * TLS_EMPTY_RENEGOTIATION_INFO_SCSV * TLS_RSA_WITH_AES_128_CBC_SHA * TLS_RSA_WITH_AES_128_CBC_SHA256 * TLS_RSA_WITH_AES_128_GCM_SHA256 * TLS_RSA_WITH_AES_256_CBC_SHA * TLS_RSA_WITH_AES_256_CBC_SHA256 * TLS_RSA_WITH_AES_256_GCM_SHA384 And this is the list of available cipher suites from Centos 7 Default Cipher * TLS_DHE_DSS_WITH_AES_128_CBC_SHA * TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 * TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 * TLS_DHE_DSS_WITH_AES_256_CBC_SHA * TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 * TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 * TLS_DHE_RSA_WITH_AES_128_CBC_SHA * TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 * TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 * TLS_DHE_RSA_WITH_AES_256_CBC_SHA * TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 * TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 * TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA * TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 * TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 * TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA * TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 * TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 * TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA * TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 * TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 * TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA * TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 * TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 * TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA * TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 * TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 * TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA * TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 * TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 * TLS_ECDH_RSA_WITH_AES_128_CBC_SHA * TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 * TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 * TLS_ECDH_RSA_WITH_AES_256_CBC_SHA * TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 * TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 * TLS_EMPTY_RENEGOTIATION_INFO_SCSV * TLS_RSA_WITH_AES_128_CBC_SHA * TLS_RSA_WITH_AES_128_CBC_SHA256 * TLS_RSA_WITH_AES_128_GCM_SHA256 * TLS_RSA_WITH_AES_256_CBC_SHA * TLS_RSA_WITH_AES_256_CBC_SHA256 * TLS_RSA_WITH_AES_256_GCM_SHA384 This is the list of archive.apache.org server TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (rsa 2048) - A TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 (rsa 2048) - A TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (rsa 2048) - A TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (rsa 2048) - A TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (rsa 2048) - A 188263 1 8644 blitzkrieg 2020-03-02 11:14:00 +0300 Created attachment 8644 Java code to check SSL socket 188268 2 obirvalger 2020-03-02 16:21:34 +0300 What version of Java was used? 188269 3 blitzkrieg 2020-03-02 16:31:50 +0300 I don't think that this problem related to java version. I've tried lower and greater versions of java in Centos. openjdk version "1.8.0_212" OpenJDK Runtime Environment (build 1.8.0_212-b04) OpenJDK 64-Bit Server VM (build 25.212-b04, mixed mode) 188270 4 blitzkrieg 2020-03-02 16:32:51 +0300 java-1.8.0-openjdk-1.8.0.212.b04-alt2_0jpp8.x86_64 188271 5 obirvalger 2020-03-02 16:34:08 +0300 Java was installed from our repository? 188272 6 blitzkrieg 2020-03-02 16:45:35 +0300 I installed it in docker container, I don't change anything in it. docker run -it --rm alt:p9 It has this repositories enabled: rpm [p9] http://mirror.yandex.ru/altlinux p9/branch/x86_64 classic rpm [p9] http://mirror.yandex.ru/altlinux p9/branch/x86_64-i586 classic rpm [p9] http://mirror.yandex.ru/altlinux p9/branch/noarch classic 188525 7 blitzkrieg 2020-03-13 13:10:44 +0300 Another problem occurs related to this issue. Could not HEAD 'http://repo.maven.apache.org/maven2/org/apache/thrift/libthrift/0.9.3/libthrift-0.9.3.pom'. Received status code 501 from server: HTTPS Required If I change maven repo URL to https:// following error occurs: > javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure 195949 8 repository-robot 2021-02-02 15:39:23 +0300 java-1.8.0-openjdk-0:1.8.0.272.b10-alt3_0.3.eajpp8 -> sisyphus: Tue Feb 02 2021 Andrey Cherepanov <cas@altlinux> 0:1.8.0.272.b10-alt3_0.3.eajpp8 - Remove crypto policy support that disable TLS1.3 (ALT #38170) 8643 2020-03-02 11:09:33 +0300 2020-03-02 11:09:33 +0300 java code to get list of available cipher suites in the system Ciphers.java text/x-java 1143 blitzkrieg aW1wb3J0IGphdmEudXRpbC5JdGVyYXRvcjsKaW1wb3J0IGphdmEudXRpbC5NYXA7CmltcG9ydCBq YXZhLnV0aWwuVHJlZU1hcDsKaW1wb3J0IGphdmF4Lm5ldC5zc2wuU1NMU2VydmVyU29ja2V0RmFj dG9yeTsKCnB1YmxpYyBjbGFzcyBDaXBoZXJzCnsKICAgIHB1YmxpYyBzdGF0aWMgdm9pZCBtYWlu KFN0cmluZ1tdIGFyZ3MpCiAgICAgICAgdGhyb3dzIEV4Y2VwdGlvbgogICAgewogICAgICAgIFNT TFNlcnZlclNvY2tldEZhY3Rvcnkgc3NmID0gKFNTTFNlcnZlclNvY2tldEZhY3RvcnkpU1NMU2Vy dmVyU29ja2V0RmFjdG9yeS5nZXREZWZhdWx0KCk7CgogICAgICAgIFN0cmluZ1tdIGRlZmF1bHRD aXBoZXJzID0gc3NmLmdldERlZmF1bHRDaXBoZXJTdWl0ZXMoKTsKICAgICAgICBTdHJpbmdbXSBh dmFpbGFibGVDaXBoZXJzID0gc3NmLmdldFN1cHBvcnRlZENpcGhlclN1aXRlcygpOwoKICAgICAg ICBUcmVlTWFwIGNpcGhlcnMgPSBuZXcgVHJlZU1hcCgpOwoKICAgICAgICBmb3IoaW50IGk9MDsg aTxhdmFpbGFibGVDaXBoZXJzLmxlbmd0aDsgKytpICkKICAgICAgICAgICAgY2lwaGVycy5wdXQo YXZhaWxhYmxlQ2lwaGVyc1tpXSwgQm9vbGVhbi5GQUxTRSk7CgogICAgICAgIGZvcihpbnQgaT0w OyBpPGRlZmF1bHRDaXBoZXJzLmxlbmd0aDsgKytpICkKICAgICAgICAgICAgY2lwaGVycy5wdXQo ZGVmYXVsdENpcGhlcnNbaV0sIEJvb2xlYW4uVFJVRSk7CgogICAgICAgIFN5c3RlbS5vdXQucHJp bnRsbigiRGVmYXVsdFx0Q2lwaGVyIik7CiAgICAgICAgZm9yKEl0ZXJhdG9yIGkgPSBjaXBoZXJz LmVudHJ5U2V0KCkuaXRlcmF0b3IoKTsgaS5oYXNOZXh0KCk7ICkgewogICAgICAgICAgICBNYXAu RW50cnkgY2lwaGVyPShNYXAuRW50cnkpaS5uZXh0KCk7CgogICAgICAgICAgICBpZihCb29sZWFu LlRSVUUuZXF1YWxzKGNpcGhlci5nZXRWYWx1ZSgpKSkKICAgICAgICAgICAgICAgIFN5c3RlbS5v dXQucHJpbnQoJyonKTsKICAgICAgICAgICAgZWxzZQogICAgICAgICAgICAgICAgU3lzdGVtLm91 dC5wcmludCgnICcpOwoKICAgICAgICAgICAgU3lzdGVtLm91dC5wcmludCgnXHQnKTsKICAgICAg ICAgICAgU3lzdGVtLm91dC5wcmludGxuKGNpcGhlci5nZXRLZXkoKSk7CiAgICAgICAgfQogICAg fQp9 8644 2020-03-02 11:14:00 +0300 2020-03-02 11:14:00 +0300 Java code to check SSL socket SSLSocketClient.java text/x-java 4394 blitzkrieg LyoKICoKICogQ29weXJpZ2h0IChjKSAxOTk0LCAyMDA0LCBPcmFjbGUgYW5kL29yIGl0cyBhZmZp bGlhdGVzLiBBbGwgcmlnaHRzIHJlc2VydmVkLgogKgogKiBSZWRpc3RyaWJ1dGlvbiBhbmQgdXNl IGluIHNvdXJjZSBhbmQgYmluYXJ5IGZvcm1zLCB3aXRoIG9yCiAqIHdpdGhvdXQgbW9kaWZpY2F0 aW9uLCBhcmUgcGVybWl0dGVkIHByb3ZpZGVkIHRoYXQgdGhlIGZvbGxvd2luZwogKiBjb25kaXRp b25zIGFyZSBtZXQ6CiAqCiAqIC1SZWRpc3RyaWJ1dGlvbiBvZiBzb3VyY2UgY29kZSBtdXN0IHJl dGFpbiB0aGUgYWJvdmUgY29weXJpZ2h0CiAqIG5vdGljZSwgdGhpcyBsaXN0IG9mIGNvbmRpdGlv bnMgYW5kIHRoZSBmb2xsb3dpbmcgZGlzY2xhaW1lci4KICoKICogUmVkaXN0cmlidXRpb24gaW4g YmluYXJ5IGZvcm0gbXVzdCByZXByb2R1Y2UgdGhlIGFib3ZlIGNvcHlyaWdodAogKiBub3RpY2Us IHRoaXMgbGlzdCBvZiBjb25kaXRpb25zIGFuZCB0aGUgZm9sbG93aW5nIGRpc2NsYWltZXIgaW4K ICogdGhlIGRvY3VtZW50YXRpb24gYW5kL29yIG90aGVyIG1hdGVyaWFscyBwcm92aWRlZCB3aXRo IHRoZQogKiBkaXN0cmlidXRpb24uCiAqCiAqIE5laXRoZXIgdGhlIG5hbWUgb2YgT3JhY2xlIG5v ciB0aGUgbmFtZXMgb2YKICogY29udHJpYnV0b3JzIG1heSBiZSB1c2VkIHRvIGVuZG9yc2Ugb3Ig cHJvbW90ZSBwcm9kdWN0cyBkZXJpdmVkCiAqIGZyb20gdGhpcyBzb2Z0d2FyZSB3aXRob3V0IHNw ZWNpZmljIHByaW9yIHdyaXR0ZW4gcGVybWlzc2lvbi4KICoKICogVGhpcyBzb2Z0d2FyZSBpcyBw cm92aWRlZCAiQVMgSVMsIiB3aXRob3V0IGEgd2FycmFudHkgb2YgYW55CiAqIGtpbmQuIEFMTCBF WFBSRVNTIE9SIElNUExJRUQgQ09ORElUSU9OUywgUkVQUkVTRU5UQVRJT05TIEFORAogKiBXQVJS QU5USUVTLCBJTkNMVURJTkcgQU5ZIElNUExJRUQgV0FSUkFOVFkgT0YgTUVSQ0hBTlRBQklMSVRZ LAogKiBGSVRORVNTIEZPUiBBIFBBUlRJQ1VMQVIgUFVSUE9TRSBPUiBOT04tSU5GUklOR0VNRU5U LCBBUkUgSEVSRUJZCiAqIEVYQ0xVREVELiBTVU4gTUlDUk9TWVNURU1TLCBJTkMuICgiU1VOIikg QU5EIElUUyBMSUNFTlNPUlMgU0hBTEwKICogTk9UIEJFIExJQUJMRSBGT1IgQU5ZIERBTUFHRVMg U1VGRkVSRUQgQlkgTElDRU5TRUUgQVMgQSBSRVNVTFQKICogT0YgVVNJTkcsIE1PRElGWUlORyBP UiBESVNUUklCVVRJTkcgVEhJUyBTT0ZUV0FSRSBPUiBJVFMKICogREVSSVZBVElWRVMuIElOIE5P IEVWRU5UIFdJTEwgU1VOIE9SIElUUyBMSUNFTlNPUlMgQkUgTElBQkxFIEZPUgogKiBBTlkgTE9T VCBSRVZFTlVFLCBQUk9GSVQgT1IgREFUQSwgT1IgRk9SIERJUkVDVCwgSU5ESVJFQ1QsCiAqIFNQ RUNJQUwsIENPTlNFUVVFTlRJQUwsIElOQ0lERU5UQUwgT1IgUFVOSVRJVkUgREFNQUdFUywgSE9X RVZFUgogKiBDQVVTRUQgQU5EIFJFR0FSRExFU1MgT0YgVEhFIFRIRU9SWSBPRiBMSUFCSUxJVFks IEFSSVNJTkcgT1VUIE9GCiAqIFRIRSBVU0UgT0YgT1IgSU5BQklMSVRZIFRPIFVTRSBUSElTIFNP RlRXQVJFLCBFVkVOIElGIFNVTiBIQVMKICogQkVFTiBBRFZJU0VEIE9GIFRIRSBQT1NTSUJJTElU WSBPRiBTVUNIIERBTUFHRVMuCiAqCiAqIFlvdSBhY2tub3dsZWRnZSB0aGF0IHRoaXMgc29mdHdh cmUgaXMgbm90IGRlc2lnbmVkLCBsaWNlbnNlZCBvcgogKiBpbnRlbmRlZCBmb3IgdXNlIGluIHRo ZSBkZXNpZ24sIGNvbnN0cnVjdGlvbiwgb3BlcmF0aW9uIG9yCiAqIG1haW50ZW5hbmNlIG9mIGFu eSBudWNsZWFyIGZhY2lsaXR5LgogKi8KCmltcG9ydCBqYXZhLm5ldC4qOwppbXBvcnQgamF2YS5p by4qOwppbXBvcnQgamF2YXgubmV0LnNzbC4qOwoKLyoKICogVGhpcyBleGFtcGxlIGRlbW9zdHJh dGVzIGhvdyB0byB1c2UgYSBTU0xTb2NrZXQgYXMgY2xpZW50IHRvCiAqIHNlbmQgYSBIVFRQIHJl cXVlc3QgYW5kIGdldCByZXNwb25zZSBmcm9tIGFuIEhUVFBTIHNlcnZlci4KICogSXQgYXNzdW1l cyB0aGF0IHRoZSBjbGllbnQgaXMgbm90IGJlaGluZCBhIGZpcmV3YWxsCiAqLwoKcHVibGljIGNs YXNzIFNTTFNvY2tldENsaWVudCB7CgogICAgcHVibGljIHN0YXRpYyB2b2lkIG1haW4oU3RyaW5n W10gYXJncykgdGhyb3dzIEV4Y2VwdGlvbiB7CiAgICAgICAgdHJ5IHsKICAgICAgICAgICAgU1NM U29ja2V0RmFjdG9yeSBmYWN0b3J5ID0KICAgICAgICAgICAgICAgIChTU0xTb2NrZXRGYWN0b3J5 KVNTTFNvY2tldEZhY3RvcnkuZ2V0RGVmYXVsdCgpOwogICAgICAgICAgICBTU0xTb2NrZXQgc29j a2V0ID0KICAgICAgICAgICAgICAgIChTU0xTb2NrZXQpZmFjdG9yeS5jcmVhdGVTb2NrZXQoImFy Y2hpdmUuYXBhY2hlLm9yZyIsIDQ0Myk7CgogICAgICAgICAgICAvKgogICAgICAgICAgICAgKiBz ZW5kIGh0dHAgcmVxdWVzdAogICAgICAgICAgICAgKgogICAgICAgICAgICAgKiBCZWZvcmUgYW55 IGFwcGxpY2F0aW9uIGRhdGEgaXMgc2VudCBvciByZWNlaXZlZCwgdGhlCiAgICAgICAgICAgICAq IFNTTCBzb2NrZXQgd2lsbCBkbyBTU0wgaGFuZHNoYWtpbmcgZmlyc3QgdG8gc2V0IHVwCiAgICAg ICAgICAgICAqIHRoZSBzZWN1cml0eSBhdHRyaWJ1dGVzLgogICAgICAgICAgICAgKgogICAgICAg ICAgICAgKiBTU0wgaGFuZHNoYWtpbmcgY2FuIGJlIGluaXRpYXRlZCBieSBlaXRoZXIgZmx1c2hp bmcgZGF0YQogICAgICAgICAgICAgKiBkb3duIHRoZSBwaXBlLCBvciBieSBzdGFydGluZyB0aGUg aGFuZHNoYWtpbmcgYnkgaGFuZC4KICAgICAgICAgICAgICoKICAgICAgICAgICAgICogSGFuZHNo YWtpbmcgaXMgc3RhcnRlZCBtYW51YWxseSBpbiB0aGlzIGV4YW1wbGUgYmVjYXVzZQogICAgICAg ICAgICAgKiBQcmludFdyaXRlciBjYXRjaGVzIGFsbCBJT0V4Y2VwdGlvbnMgKGluY2x1ZGluZwog ICAgICAgICAgICAgKiBTU0xFeGNlcHRpb25zKSwgc2V0cyBhbiBpbnRlcm5hbCBlcnJvciBmbGFn LCBhbmQgdGhlbgogICAgICAgICAgICAgKiByZXR1cm5zIHdpdGhvdXQgcmV0aHJvd2luZyB0aGUg ZXhjZXB0aW9uLgogICAgICAgICAgICAgKgogICAgICAgICAgICAgKiBVbmZvcnR1bmF0ZWx5LCB0 aGlzIG1lYW5zIGFueSBlcnJvciBtZXNzYWdlcyBhcmUgbG9zdCwKICAgICAgICAgICAgICogd2hp Y2ggY2F1c2VkIGxvdHMgb2YgY29uZnVzaW9uIGZvciBvdGhlcnMgdXNpbmcgdGhpcwogICAgICAg ICAgICAgKiBjb2RlLiAgVGhlIG9ubHkgd2F5IHRvIHRlbGwgdGhlcmUgd2FzIGFuIGVycm9yIGlz IHRvIGNhbGwKICAgICAgICAgICAgICogUHJpbnRXcml0ZXIuY2hlY2tFcnJvcigpLgogICAgICAg ICAgICAgKi8KICAgICAgICAgICAgc29ja2V0LnN0YXJ0SGFuZHNoYWtlKCk7CgogICAgICAgICAg ICBQcmludFdyaXRlciBvdXQgPSBuZXcgUHJpbnRXcml0ZXIoCiAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICBuZXcgQnVmZmVyZWRXcml0ZXIoCiAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICBuZXcgT3V0cHV0U3RyZWFtV3JpdGVyKAogICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgc29ja2V0LmdldE91dHB1dFN0cmVhbSgpKSkpOwoKICAgICAgICAgICAgb3V0 LnByaW50bG4oIkdFVCAvIEhUVFAvMS4wIik7CiAgICAgICAgICAgIG91dC5wcmludGxuKCk7CiAg ICAgICAgICAgIG91dC5mbHVzaCgpOwoKICAgICAgICAgICAgLyoKICAgICAgICAgICAgICogTWFr ZSBzdXJlIHRoZXJlIHdlcmUgbm8gc3VycHJpc2VzCiAgICAgICAgICAgICAqLwogICAgICAgICAg ICBpZiAob3V0LmNoZWNrRXJyb3IoKSkKICAgICAgICAgICAgICAgIFN5c3RlbS5vdXQucHJpbnRs bigKICAgICAgICAgICAgICAgICAgICAiU1NMU29ja2V0Q2xpZW50OiAgamF2YS5pby5QcmludFdy aXRlciBlcnJvciIpOwoKICAgICAgICAgICAgLyogcmVhZCByZXNwb25zZSAqLwogICAgICAgICAg ICBCdWZmZXJlZFJlYWRlciBpbiA9IG5ldyBCdWZmZXJlZFJlYWRlcigKICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgbmV3IElucHV0U3RyZWFtUmVhZGVyKAogICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICBzb2NrZXQuZ2V0SW5wdXRTdHJlYW0oKSkpOwoKICAgICAg ICAgICAgU3RyaW5nIGlucHV0TGluZTsKICAgICAgICAgICAgd2hpbGUgKChpbnB1dExpbmUgPSBp bi5yZWFkTGluZSgpKSAhPSBudWxsKQogICAgICAgICAgICAgICAgU3lzdGVtLm91dC5wcmludGxu KGlucHV0TGluZSk7CgogICAgICAgICAgICBpbi5jbG9zZSgpOwogICAgICAgICAgICBvdXQuY2xv c2UoKTsKICAgICAgICAgICAgc29ja2V0LmNsb3NlKCk7CgogICAgICAgIH0gY2F0Y2ggKEV4Y2Vw dGlvbiBlKSB7CiAgICAgICAgICAgIGUucHJpbnRTdGFja1RyYWNlKCk7CiAgICAgICAgfQogICAg fQp9Cgo=