static-ize {write,read}tty variables

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@94227 13f79535-47bb-0310-9956-ffa450edef68

move prototype for modssl_session_get_time to ssl_util_ssl.h

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@94226 13f79535-47bb-0310-9956-ffa450edef68

add modssl_dh_configure() function to fold some duplication in
get_dh{512,1024} and provide toolkit compat for sslc 2.x

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@94225 13f79535-47bb-0310-9956-ffa450edef68

add configure checks for ssl functions:
-SSL_set_state: macro in OpenSSL, might be a function in a patched sslc
-SSL_set_cert_store: patch submitted to OpenSSL, might be applied to
OpenSSL or sslc

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@94223 13f79535-47bb-0310-9956-ffa450edef68

fix doofo in last commit

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@94218 13f79535-47bb-0310-9956-ffa450edef68

sslc 1.x does not have an x509v3.h

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@94217 13f79535-47bb-0310-9956-ffa450edef68

sslc does not currently support X509V3_EXT_d2i

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@94216 13f79535-47bb-0310-9956-ffa450edef68

toolkit compat for PEM_read_bio_PrivateKey

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@94215 13f79535-47bb-0310-9956-ffa450edef68

use compat macro for another PEM_read_bio_X509

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@94214 13f79535-47bb-0310-9956-ffa450edef68

toolkit compat for PEM_read_bio_X509

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@94213 13f79535-47bb-0310-9956-ffa450edef68

adjust to another const char vs char mismatch between OpenSSL and sslc

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@94212 13f79535-47bb-0310-9956-ffa450edef68

use SSL_SESSION_ api since SSL_SESSION cannot be dereferenced when using sslc

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@94211 13f79535-47bb-0310-9956-ffa450edef68

typo fix s/EDG/EGD/g

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@94210 13f79535-47bb-0310-9956-ffa450edef68

modssl_set_cipher_list was in the wrong place for OpenSSL

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@94209 13f79535-47bb-0310-9956-ffa450edef68

RAND_status macro was in the wrong place

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@94208 13f79535-47bb-0310-9956-ffa450edef68

sslc does not currently support RAND_egd or RAND_status

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@94207 13f79535-47bb-0310-9956-ffa450edef68

in sslc PEM_F_DEF_CALLBACK == PEM_F_DEF_CB

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@94206 13f79535-47bb-0310-9956-ffa450edef68

2nd arg to SSL_set_cipher_list in sslc is char *

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@94205 13f79535-47bb-0310-9956-ffa450edef68

sslc 1.x SSL_set_verify only takes 2 args

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@94204 13f79535-47bb-0310-9956-ffa450edef68

sslc does not currently implement an SSL_set_state function

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@94203 13f79535-47bb-0310-9956-ffa450edef68

sslc adds a second, unused param to X509_verify_cert

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@94202 13f79535-47bb-0310-9956-ffa450edef68

sslc does not have a safestack.h, implement a minimal subset required
for mod_ssl

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@94201 13f79535-47bb-0310-9956-ffa450edef68

some compat macros for sslc 1.x

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@94200 13f79535-47bb-0310-9956-ffa450edef68

moving OpenSSL+sslc compat foo to ssl_toolkit_compat.h

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@94199 13f79535-47bb-0310-9956-ffa450edef68

3rd arg of BIO callbacks in 'const char' in OpenSSL and 'char' in sslc,
make both happy.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@94198 13f79535-47bb-0310-9956-ffa450edef68

OpenSSL uses void * for callback data, sslc uses char *,
cast to void * to make both happy.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@94197 13f79535-47bb-0310-9956-ffa450edef68

add modssl_session_get_time() function to give mod_ssl what it needs
from SSL_SESSION_get_time() if using OpenSSL or sslc.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@94195 13f79535-47bb-0310-9956-ffa450edef68

another step towards compatiblity with rsa sslc:
define the STACK_OF macro if not already defined.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@94194 13f79535-47bb-0310-9956-ffa450edef68

configure already checks OpenSSL version so dont bother here

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@94193 13f79535-47bb-0310-9956-ffa450edef68

note about the temporary DH keys

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@94181 13f79535-47bb-0310-9956-ffa450edef68

a few updates

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@94180 13f79535-47bb-0310-9956-ffa450edef68

per-dir SSLCACertificate{File,Path} cannot use SSL_CTX_set_cert_store
as the 1.x based module does, since the function is not thread-safe.
a patch has been submitted to OpenSSL to support SSL_set_cert_store
which is thread safe.  this feature is enabled by default in the
current 1.x based module, we only enable it if the SSL_set_cert_store
function is available.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@94179 13f79535-47bb-0310-9956-ffa450edef68

constificationization of some char * config items

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@94177 13f79535-47bb-0310-9956-ffa450edef68

performance enhancement: mod_ssl config directives that can have both
a per-server and per-dir context were configuring the per-dir context
for per-server commands.  this triggered ssl_hook_Access to always
compare the per-server context against per-dir configs that were
exactly the same.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@94176 13f79535-47bb-0310-9956-ffa450edef68

correct comment in previous change

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@94171 13f79535-47bb-0310-9956-ffa450edef68

PR:
Obtained from:
Submitted by:
Reviewed by:
fix bug seen on win32 with netscape client where output filter is run
triggered by lingering_close after ssl_hook_CloseConnection has been called

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@94170 13f79535-47bb-0310-9956-ffa450edef68

the mod_ssl provided with Apache >= 2.0 no longer has an independent
version number

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@94111 13f79535-47bb-0310-9956-ffa450edef68

Fix a possibly-uninitialized warning and a boolean logic bug

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93992 13f79535-47bb-0310-9956-ffa450edef68

Fix some possibly-uninitialized warnings and some incorrect format strings

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93991 13f79535-47bb-0310-9956-ffa450edef68

  Clear up a const warning, and recognize some arrays by changing the
  variable names to the plural [rather than aszFoo, which I hope continues
  to be cleaned up as folks have time.]

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93982 13f79535-47bb-0310-9956-ffa450edef68

  Fix a signedness emit based on session_id_length [unsigned]

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93981 13f79535-47bb-0310-9956-ffa450edef68

  Lost the prior log message ... [this is an empty commit]

  Prior revision fixes the last ap_server_root_relative() NULL return
  code potential segfaults.  It also quits trying to server_root_relative
  a logging pipe, since log pipes generally take arguments.  However, it
  ignores the PassPhraseDialog exec: since the argument to that shell
  mechanism is the server name itself.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93972 13f79535-47bb-0310-9956-ffa450edef68

PR:
Obtained from:
Submitted by:
Reviewed by:

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93971 13f79535-47bb-0310-9956-ffa450edef68

  Silly module, we don't need compat.h :)

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93964 13f79535-47bb-0310-9956-ffa450edef68

get rid of some -Wall warnings

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93947 13f79535-47bb-0310-9956-ffa450edef68

remove stray log message (from madhu)

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93946 13f79535-47bb-0310-9956-ffa450edef68

PR:
Obtained from:
Submitted by:   Madhusudan Mathihalli <madhusudan_mathihalli@hp.com>
Reviewed by: dougm
implement SSLSessionCache shmht and shmcb based on apr_rmm and apr_shm

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93942 13f79535-47bb-0310-9956-ffa450edef68

deal with the rename of kill_after_timeout to APR_KILL_AFTER_TIMEOUT

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93940 13f79535-47bb-0310-9956-ffa450edef68

fix comment

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93932 13f79535-47bb-0310-9956-ffa450edef68

PR:
Obtained from:
Submitted by:
Reviewed by:
fix bug in ssl_io_input_getline():
in most cases we get all the headers on the first SSL_read.
however, in certain cases SSL_read will only get a partial
chunk of the headers, so we now try to read until LF is seen.

bug seen with netscape client (running both on linux and win32) and
server running on win32.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93931 13f79535-47bb-0310-9956-ffa450edef68

Update our copyright for this year.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93918 13f79535-47bb-0310-9956-ffa450edef68

use ssl_asn1_keystr

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93913 13f79535-47bb-0310-9956-ffa450edef68

add ssl_asn1_keystr() util function that returns string representation
(RSA or DSA) of the key index.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93912 13f79535-47bb-0310-9956-ffa450edef68

use ssl_asn1_table_keyfmt() function and only format each (rsa,dsa)
lookup key once, rather than twice.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93911 13f79535-47bb-0310-9956-ffa450edef68

use ssl_asn1_table_keyfmt() function

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93910 13f79535-47bb-0310-9956-ffa450edef68

add ssl_asn1_table_keyfmt() function for clarity

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93909 13f79535-47bb-0310-9956-ffa450edef68

PR:
Obtained from:
Submitted by:   Madhusudan Mathihalli <madhusudan_mathihalli@hp.com>
Reviewed by: dougm
adjust to SSL_SESSION_id2sz() prototype change

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93907 13f79535-47bb-0310-9956-ffa450edef68

generalize session logging into ssl_session_log() function

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93906 13f79535-47bb-0310-9956-ffa450edef68

SSL_SESSION_id2sz() was NOT THREAD SAFE.  it returned a pointer to a
static variable.  fixed.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93899 13f79535-47bb-0310-9956-ffa450edef68

SSL_SESSION_id2sz() is somewhat expensive, make sure we only call it
if SSLLogLevel >= info

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93898 13f79535-47bb-0310-9956-ffa450edef68

cleanup logging of CRL, includes ridding of some malloc/frees

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93897 13f79535-47bb-0310-9956-ffa450edef68

couple o minor style/log fixos

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93896 13f79535-47bb-0310-9956-ffa450edef68

use ptemp in ssl_init_FindCAList() rather than creating a subpool.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93895 13f79535-47bb-0310-9956-ffa450edef68

switch to ptemp pool for ssl_pphrase_Handle

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93894 13f79535-47bb-0310-9956-ffa450edef68

only call: ssl_rand_seed(s, p, SSL_RSCTX_STARTUP, "Init: ");

once at startup.  if there is value in calling it more than once at
startup, it should be done explicitly rather than hidden in
ssl_tmp_keys_init().

switch to ptemp pool when calling ssl_rand_seed() at startup.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93893 13f79535-47bb-0310-9956-ffa450edef68

remove ssl_engine_ds.c

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93892 13f79535-47bb-0310-9956-ffa450edef68

remove obsolete ssl_ds_{table,array} api

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93891 13f79535-47bb-0310-9956-ffa450edef68

replace ssl_ds_array usage with apr_array_header_t

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93890 13f79535-47bb-0310-9956-ffa450edef68

minor ssl_init_CheckServers() enhancements:
- pass the ptemp (temporary pool) so we don't need to create a subpool
  and destroy it ourselves.

- change ssl_ds_table usage to apr_hash_t

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93887 13f79535-47bb-0310-9956-ffa450edef68

folding more duplication in ssl_tmp_keys_init

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93886 13f79535-47bb-0310-9956-ffa450edef68

cleanup tmp key callbacks.  each had assigned the same (1024 bit) value
in 3 different places.  the old code did nothing special in the case
of the export flag either.

add an ssl_log in each to trace when keys are being handed out.

add some XXX comments.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93885 13f79535-47bb-0310-9956-ffa450edef68

for the sake of readablity,
change: SSL_TKPIDX_{DH,RSA}{512,1024}
to:     SSL_TMP_KEY_{DH,RSA}_{512,1024}

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93883 13f79535-47bb-0310-9956-ffa450edef68

split ssl_init_TmpKeysHandle function to init/free functions,
and make them static to ssl_engine_init.c

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93882 13f79535-47bb-0310-9956-ffa450edef68

it is not required that temporary keys survive restarts, since they
are generated and destroyed on every restart.

so get rid of SSLModConfigRec.tTmpKeys table and mess that was
managing it.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93881 13f79535-47bb-0310-9956-ffa450edef68

remove version checks for using EGD

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93879 13f79535-47bb-0310-9956-ffa450edef68

remove call to legacy X509V3_add_standard_extensions() function,
not needed with OpenSSL 0.9.6+

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93878 13f79535-47bb-0310-9956-ffa450edef68

we require OpenSSL 0.9.6+

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93877 13f79535-47bb-0310-9956-ffa450edef68

removing unused ssl_init_ChildKill

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93875 13f79535-47bb-0310-9956-ffa450edef68

making ssl_init_SSLLibrary() static

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93874 13f79535-47bb-0310-9956-ffa450edef68

cleanup version component construction.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93873 13f79535-47bb-0310-9956-ffa450edef68

fold duplication of SSL{Proxy}VerifyDepth directives into
ssl_cmd_verify_depth_parse function.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93872 13f79535-47bb-0310-9956-ffa450edef68

Fixed a type mismatch

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93871 13f79535-47bb-0310-9956-ffa450edef68

moving SSLVerifyClient directive parsing into ssl_cmd_verify_parse
function, which can also be used for SSLProxyVerify directive.

dropping support for undocumented integer form of levels (0..3)

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93870 13f79535-47bb-0310-9956-ffa450edef68

Added NetWare to the ifdef list

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93869 13f79535-47bb-0310-9956-ffa450edef68

fold duplication of SSL{Proxy}Protocol directives into
ssl_cmd_protocol_parse function.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93865 13f79535-47bb-0310-9956-ffa450edef68

fold some duplication of server certs/keys directive checking into
ssl_cmd_check_aidx_max function.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93864 13f79535-47bb-0310-9956-ffa450edef68

folding some command handler duplication into two generic functions:
ssl_cmd_check_file and ssl_cmd_check_dir.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93863 13f79535-47bb-0310-9956-ffa450edef68

get rid of some warnings for currently unused/unprototyped functions.
(we can actually compile mod_ssl with -Werror if -Wstrict-prototypes
is taken out)

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93862 13f79535-47bb-0310-9956-ffa450edef68

minor performance enhancement: no need to use md5 of VHostID for the
session id, just use the VHostID itself.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93861 13f79535-47bb-0310-9956-ffa450edef68

dropping hungarian notation

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93860 13f79535-47bb-0310-9956-ffa450edef68

minor style changes

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93859 13f79535-47bb-0310-9956-ffa450edef68

dropping hungarian notation

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93851 13f79535-47bb-0310-9956-ffa450edef68

various style fixups / general changes to make code more readable.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93848 13f79535-47bb-0310-9956-ffa450edef68

various style fixups / general changes to make code more readable.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93847 13f79535-47bb-0310-9956-ffa450edef68

add SSL_VERIFY_PEER_STRICT shortcut for often used flags

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93846 13f79535-47bb-0310-9956-ffa450edef68

various style fixups / general changes to make code more readable.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93845 13f79535-47bb-0310-9956-ffa450edef68

no need to call SSL_clear() after SSL_new()

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93824 13f79535-47bb-0310-9956-ffa450edef68

don't allocate SSLConnRec unless ssl is enabled on this vhost.
also provides a shorter shortcut for mod_ssl hooks to decline if ssl
is not enabled.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93823 13f79535-47bb-0310-9956-ffa450edef68

support reuse of encrypted DSA keys on restart

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93799 13f79535-47bb-0310-9956-ffa450edef68

remove unused ap_server_ctx member from SSLSrvConfigRec

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@93785 13f79535-47bb-0310-9956-ffa450edef68