Merge pull request #36542 from Random-Liu/clarify-cri-user

Automatic merge from submit-queue

CRI: Clarify User in CRI.

Addressed https://github.com/kubernetes/kubernetes/pull/36423#issuecomment-259343135.

This PR clarifies the user related fields in CRI.

One question is that:
What is the meaning of the `run_as_user` field in `LinuxSandboxSecurityContext`?
* **Is it user on the host?** Then it doesn't make sense, user shouldn't care about what users are on the host.
* **Is it user inside the infra container image?** This is how the field is currently used. However, Infra container is docker specific, I'm not sure whether we should expose this in CRI.
* **Is it the default user inside the pod?** It tells runtime that if there is a container (infra container, or some other helper containers like streaming container etc.), if their `user` is not specified, use the default "sandbox user". Then how can we guarantee that infra or helper container image have the `user`?
* **It doesn't make sense?** If we remove it, we are relying on the shim to set right user (maybe always root) for infra or helper containers (if there will be any in the future), I'm not sure whether this is what we expect.

@yujuhong @feiskyer @jonboulle @yifan-gu 
/cc @kubernetes/sig-node

pkg/kubelet/api/v1alpha1/runtime/api.pb.go

@@ -475,9 +475,8 @@ type LinuxSandboxSecurityContext struct {
 	NamespaceOptions *NamespaceOption `protobuf:"bytes,1,opt,name=namespace_options,json=namespaceOptions" json:"namespace_options,omitempty"`
 	// Optional SELinux context to be applied.
 	SelinuxOptions *SELinuxOption `protobuf:"bytes,2,opt,name=selinux_options,json=selinuxOptions" json:"selinux_options,omitempty"`
-	// User to run the entrypoint of the sandbox process. Can be either UID or
+	// UID to run sandbox processes as, when applicable.
-	// user name.
+	RunAsUser *int64 `protobuf:"varint,3,opt,name=run_as_user,json=runAsUser" json:"run_as_user,omitempty"`
-	RunAsUser *string `protobuf:"bytes,3,opt,name=run_as_user,json=runAsUser" json:"run_as_user,omitempty"`
 	// If set, the root filesystem of the sandbox is read-only.
 	ReadonlyRootfs *bool `protobuf:"varint,4,opt,name=readonly_rootfs,json=readonlyRootfs" json:"readonly_rootfs,omitempty"`
 	// List of groups applied to the first process run in the sandbox, in
@@ -505,11 +504,11 @@ func (m *LinuxSandboxSecurityContext) GetSelinuxOptions() *SELinuxOption {
 	return nil
 }
 
-func (m *LinuxSandboxSecurityContext) GetRunAsUser() string {
+func (m *LinuxSandboxSecurityContext) GetRunAsUser() int64 {
 	if m != nil && m.RunAsUser != nil {
 		return *m.RunAsUser
 	}
-	return ""
+	return 0
 }
 
 func (m *LinuxSandboxSecurityContext) GetReadonlyRootfs() bool {
@@ -1336,15 +1335,18 @@ type LinuxContainerSecurityContext struct {
 	NamespaceOptions *NamespaceOption `protobuf:"bytes,3,opt,name=namespace_options,json=namespaceOptions" json:"namespace_options,omitempty"`
 	// SELinux context to be optionally applied.
 	SelinuxOptions *SELinuxOption `protobuf:"bytes,4,opt,name=selinux_options,json=selinuxOptions" json:"selinux_options,omitempty"`
-	// The user to run the the container process as. Can be either UID or user
+	// UID to run the container process as. Only one of run_as_user and
-	// name.
+	// run_as_username can be specified at a time.
-	// Defaults to user specified in image metadata if unspecified.
+	RunAsUser *int64 `protobuf:"varint,5,opt,name=run_as_user,json=runAsUser" json:"run_as_user,omitempty"`
-	RunAsUser *string `protobuf:"bytes,5,opt,name=run_as_user,json=runAsUser" json:"run_as_user,omitempty"`
+	// User name to run the container process as. If specified, the user MUST
+	// exist in the container image (i.e. in the /etc/passwd inside the image),
+	// and be resolved there by the runtime; otherwise, the runtime MUST error.
+	RunAsUsername *string `protobuf:"bytes,6,opt,name=run_as_username,json=runAsUsername" json:"run_as_username,omitempty"`
 	// If set, the root filesystem of the container is read-only.
-	ReadonlyRootfs *bool `protobuf:"varint,6,opt,name=readonly_rootfs,json=readonlyRootfs" json:"readonly_rootfs,omitempty"`
+	ReadonlyRootfs *bool `protobuf:"varint,7,opt,name=readonly_rootfs,json=readonlyRootfs" json:"readonly_rootfs,omitempty"`
 	// List of groups applied to the first process run in the container, in
 	// addition to the container's primary GID.
-	SupplementalGroups []int64 `protobuf:"varint,7,rep,name=supplemental_groups,json=supplementalGroups" json:"supplemental_groups,omitempty"`
+	SupplementalGroups []int64 `protobuf:"varint,8,rep,name=supplemental_groups,json=supplementalGroups" json:"supplemental_groups,omitempty"`
 	XXX_unrecognized   []byte  `json:"-"`
 }
 
@@ -1383,10 +1385,17 @@ func (m *LinuxContainerSecurityContext) GetSelinuxOptions() *SELinuxOption {
 	return nil
 }
 
-func (m *LinuxContainerSecurityContext) GetRunAsUser() string {
+func (m *LinuxContainerSecurityContext) GetRunAsUser() int64 {
 	if m != nil && m.RunAsUser != nil {
 		return *m.RunAsUser
 	}
+	return 0
+}
+
+func (m *LinuxContainerSecurityContext) GetRunAsUsername() string {
+	if m != nil && m.RunAsUsername != nil {
+		return *m.RunAsUsername
+	}
 	return ""
 }
 
@@ -2441,8 +2450,13 @@ type Image struct {
 	RepoDigests []string `protobuf:"bytes,3,rep,name=repo_digests,json=repoDigests" json:"repo_digests,omitempty"`
 	// Size of the image in bytes.
 	Size_ *uint64 `protobuf:"varint,4,opt,name=size" json:"size,omitempty"`
-	// User that will run the command(s).
+	// UID that will run the command(s). This is used as a default if no user is
-	User             *string `protobuf:"bytes,5,opt,name=user" json:"user,omitempty"`
+	// specified when creating the container. UID and the following user name
+	// are mutually exclusive.
+	Uid *int64 `protobuf:"varint,5,opt,name=uid" json:"uid,omitempty"`
+	// User name that will run the command(s). This is used if UID is not set
+	// and no user is specified when creating container.
+	Username         *string `protobuf:"bytes,6,opt,name=username" json:"username,omitempty"`
 	XXX_unrecognized []byte  `json:"-"`
 }
 
@@ -2479,9 +2493,16 @@ func (m *Image) GetSize_() uint64 {
 	return 0
 }
 
-func (m *Image) GetUser() string {
+func (m *Image) GetUid() int64 {
-	if m != nil && m.User != nil {
+	if m != nil && m.Uid != nil {
-		return *m.User
+		return *m.Uid
+	}
+	return 0
+}
+
+func (m *Image) GetUsername() string {
+	if m != nil && m.Username != nil {
+		return *m.Username
 	}
 	return ""
 }
@@ -3805,214 +3826,216 @@ var _ImageService_serviceDesc = grpc.ServiceDesc{
 }
 
 var fileDescriptorApi = []byte{
-	// 3336 bytes of a gzipped FileDescriptorProto
+	// 3365 bytes of a gzipped FileDescriptorProto
-	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x09, 0x6e, 0x88, 0x02, 0xff, 0xcc, 0x3a, 0xcd, 0x72, 0x1b, 0xc7,
+	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x09, 0x6e, 0x88, 0x02, 0xff, 0xcc, 0x3a, 0xdb, 0x72, 0x1b, 0xc7,
-	0xd1, 0x04, 0x40, 0x80, 0x40, 0x83, 0x00, 0xc1, 0x21, 0x45, 0x42, 0xa0, 0x25, 0x51, 0x6b, 0xc9,
+	0xb1, 0x04, 0x40, 0x82, 0x40, 0x83, 0x00, 0xc1, 0x21, 0x45, 0x42, 0xa0, 0x25, 0x51, 0x6b, 0x49,
-	0x96, 0x64, 0x5b, 0x9f, 0xc5, 0x2f, 0xb1, 0x62, 0xd9, 0x92, 0x0d, 0x93, 0xb4, 0x43, 0x4b, 0x82,
+	0x96, 0x64, 0x5b, 0xc7, 0xe2, 0x39, 0xc7, 0x3a, 0x96, 0x2d, 0xd9, 0x30, 0x49, 0xfb, 0xd0, 0x92,
-	0xe8, 0x85, 0xe4, 0xd8, 0xe5, 0xc3, 0x66, 0x85, 0x1d, 0x81, 0x2b, 0x01, 0xbb, 0xeb, 0xdd, 0x81,
+	0x20, 0x7a, 0x21, 0x39, 0x76, 0xf9, 0x61, 0xb3, 0xc2, 0x0e, 0xc1, 0x95, 0x80, 0xdd, 0xf5, 0xee,
-	0x2c, 0xe6, 0x92, 0x6b, 0x0e, 0x49, 0x55, 0xae, 0x39, 0x25, 0x87, 0x54, 0xb9, 0x92, 0xdc, 0x52,
+	0x80, 0x16, 0xf3, 0x05, 0x79, 0x48, 0xaa, 0xf2, 0xea, 0xa7, 0xa4, 0x52, 0xa9, 0x72, 0x25, 0x79,
-	0x95, 0xaa, 0xbc, 0x43, 0x2a, 0x0f, 0x90, 0x47, 0xc8, 0x2b, 0xe4, 0x94, 0x9a, 0xdf, 0x9d, 0xfd,
+	0x4b, 0x55, 0xaa, 0xf2, 0x0f, 0xa9, 0x7c, 0x40, 0x3e, 0x21, 0x7f, 0x91, 0x9a, 0xdb, 0xee, 0xcc,
-	0xa3, 0x48, 0xd9, 0x15, 0xeb, 0xb6, 0xd3, 0xd3, 0xd3, 0xd3, 0xd3, 0xdd, 0xd3, 0x7f, 0x3b, 0xd0,
+	0x5e, 0x28, 0x52, 0x76, 0xc5, 0x7a, 0xdb, 0xe9, 0xe9, 0xe9, 0xe9, 0xdb, 0xf4, 0x74, 0xf7, 0x2c,
-	0xb0, 0x03, 0xf7, 0x6a, 0x10, 0xfa, 0xc4, 0x47, 0x0b, 0xe1, 0xcc, 0x23, 0xee, 0x14, 0x1b, 0x57,
+	0xd4, 0xed, 0xc0, 0xbd, 0x11, 0x84, 0x3e, 0xf1, 0xd1, 0x7c, 0x38, 0xf5, 0x88, 0x3b, 0xc1, 0xc6,
-	0xa0, 0xfd, 0x39, 0x0e, 0x23, 0xd7, 0xf7, 0x4c, 0xfc, 0xf5, 0x0c, 0x47, 0x04, 0x75, 0x61, 0xe1,
+	0x75, 0x68, 0x7d, 0x81, 0xc3, 0xc8, 0xf5, 0x3d, 0x13, 0x7f, 0x33, 0xc5, 0x11, 0x41, 0x1d, 0x98,
-	0x29, 0x87, 0x74, 0x4b, 0x9b, 0xa5, 0x4b, 0x0d, 0x53, 0x0e, 0x8d, 0x6f, 0x4b, 0xb0, 0xa4, 0x90,
+	0x3f, 0xe4, 0x90, 0x4e, 0x69, 0xa3, 0x74, 0xb5, 0x6e, 0xca, 0xa1, 0xf1, 0x7d, 0x09, 0x16, 0x63,
-	0xa3, 0xc0, 0xf7, 0x22, 0x5c, 0x8c, 0x8d, 0xce, 0xc3, 0xa2, 0xd8, 0xc4, 0xf2, 0xec, 0x29, 0xee,
+	0xe4, 0x28, 0xf0, 0xbd, 0x08, 0x17, 0x63, 0xa3, 0x8b, 0xb0, 0x20, 0x36, 0xb1, 0x3c, 0x7b, 0x82,
-	0x96, 0xd9, 0x74, 0x53, 0xc0, 0x06, 0xf6, 0x14, 0xa3, 0xd7, 0x61, 0x49, 0xa2, 0x48, 0x22, 0x15,
+	0x3b, 0x65, 0x36, 0xdd, 0x10, 0xb0, 0xbe, 0x3d, 0xc1, 0xe8, 0x0d, 0x58, 0x94, 0x28, 0x92, 0x48,
-	0x86, 0xd5, 0x16, 0x60, 0xb1, 0x1b, 0xba, 0x0a, 0x2b, 0x12, 0xd1, 0x0e, 0x5c, 0x85, 0x3c, 0xcf,
+	0x85, 0x61, 0xb5, 0x04, 0x58, 0xec, 0x86, 0x6e, 0xc0, 0xb2, 0x44, 0xb4, 0x03, 0x37, 0x46, 0x9e,
-	0x90, 0x97, 0xc5, 0x54, 0x3f, 0x70, 0x05, 0xbe, 0xf1, 0x15, 0x34, 0x76, 0x06, 0xc3, 0x6d, 0xdf,
+	0x65, 0xc8, 0x4b, 0x62, 0xaa, 0x17, 0xb8, 0x02, 0xdf, 0xf8, 0x1a, 0xea, 0xdb, 0xfd, 0xc1, 0x96,
-	0x7b, 0xe4, 0x8e, 0x29, 0x8b, 0x11, 0x0e, 0xe9, 0x9a, 0x6e, 0x69, 0xb3, 0x42, 0x59, 0x14, 0x43,
+	0xef, 0xed, 0xbb, 0x23, 0xca, 0x62, 0x84, 0x43, 0xba, 0xa6, 0x53, 0xda, 0xa8, 0x50, 0x16, 0xc5,
-	0xd4, 0x83, 0x7a, 0x84, 0xed, 0x70, 0x74, 0x80, 0xa3, 0x6e, 0x99, 0x4d, 0xa9, 0x31, 0x5d, 0xe5,
+	0x10, 0x75, 0xa1, 0x16, 0x61, 0x3b, 0x1c, 0x1e, 0xe0, 0xa8, 0x53, 0x66, 0x53, 0xf1, 0x98, 0xae,
-	0x07, 0xc4, 0xf5, 0xbd, 0xa8, 0x5b, 0xe1, 0xab, 0xc4, 0xd0, 0xf8, 0x5d, 0x09, 0x9a, 0xfb, 0x7e,
+	0xf2, 0x03, 0xe2, 0xfa, 0x5e, 0xd4, 0xa9, 0xf0, 0x55, 0x62, 0x68, 0x7c, 0x57, 0x82, 0xc6, 0x9e,
-	0x48, 0xee, 0xda, 0x41, 0xe0, 0x7a, 0x63, 0xf4, 0x16, 0xd4, 0x99, 0x50, 0x47, 0xfe, 0x84, 0xc9,
+	0x1f, 0x92, 0x07, 0x76, 0x10, 0xb8, 0xde, 0x08, 0xbd, 0x0d, 0x35, 0xa6, 0xd4, 0xa1, 0x3f, 0x66,
-	0xa0, 0xbd, 0xb5, 0x7c, 0x55, 0xb0, 0x74, 0x75, 0x5f, 0x4c, 0x98, 0x0a, 0x05, 0x5d, 0x84, 0xf6,
+	0x3a, 0x68, 0x6d, 0x2e, 0xdd, 0x10, 0x2c, 0xdd, 0xd8, 0x13, 0x13, 0x66, 0x8c, 0x82, 0x2e, 0x43,
-	0xc8, 0xf7, 0x88, 0xed, 0x7a, 0x38, 0xb4, 0x02, 0x3f, 0x24, 0x4c, 0x32, 0x55, 0xb3, 0xa5, 0xa0,
+	0x6b, 0xe8, 0x7b, 0xc4, 0x76, 0x3d, 0x1c, 0x5a, 0x81, 0x1f, 0x12, 0xa6, 0x99, 0x39, 0xb3, 0x19,
-	0x94, 0x38, 0xda, 0x80, 0xc6, 0x81, 0x1f, 0x11, 0x8e, 0x51, 0x61, 0x18, 0x75, 0x0a, 0x60, 0x93,
+	0x43, 0x29, 0x71, 0xb4, 0x0e, 0xf5, 0x03, 0x3f, 0x22, 0x1c, 0xa3, 0xc2, 0x30, 0x6a, 0x14, 0xc0,
-	0xeb, 0xb0, 0xc0, 0x26, 0xdd, 0x40, 0xc8, 0xa0, 0x46, 0x87, 0x7b, 0x81, 0xf1, 0xdb, 0x12, 0x54,
+	0x26, 0xd7, 0x60, 0x9e, 0x4d, 0xba, 0x81, 0xd0, 0x41, 0x95, 0x0e, 0x77, 0x03, 0xe3, 0x37, 0x25,
-	0xef, 0xfa, 0x33, 0x8f, 0xa4, 0xb6, 0xb1, 0xc9, 0x81, 0xd0, 0x8f, 0xb6, 0x8d, 0x4d, 0x0e, 0xe2,
+	0x98, 0x7b, 0xe0, 0x4f, 0x3d, 0x92, 0xda, 0xc6, 0x26, 0x07, 0xc2, 0x3e, 0xca, 0x36, 0x36, 0x39,
-	0x6d, 0x28, 0x06, 0x57, 0x11, 0xdf, 0x86, 0x4e, 0xf6, 0xa0, 0x1e, 0x62, 0xdb, 0xf1, 0xbd, 0xc9,
+	0x48, 0xb6, 0xa1, 0x18, 0xdc, 0x44, 0x7c, 0x1b, 0x3a, 0xd9, 0x85, 0x5a, 0x88, 0x6d, 0xc7, 0xf7,
-	0x21, 0x63, 0xa1, 0x6e, 0xaa, 0x31, 0xd5, 0x5d, 0x84, 0x27, 0xae, 0x37, 0x7b, 0x66, 0x85, 0x78,
+	0xc6, 0x47, 0x8c, 0x85, 0x9a, 0x19, 0x8f, 0xa9, 0xed, 0x22, 0x3c, 0x76, 0xbd, 0xe9, 0x73, 0x2b,
-	0x62, 0x3f, 0xc4, 0x13, 0xc6, 0x4a, 0xdd, 0x6c, 0x0b, 0xb0, 0xc9, 0xa1, 0xc6, 0x63, 0x58, 0xa2,
+	0xc4, 0x63, 0xfb, 0x09, 0x1e, 0x33, 0x56, 0x6a, 0x66, 0x4b, 0x80, 0x4d, 0x0e, 0x35, 0x9e, 0xc2,
-	0xca, 0x8e, 0x02, 0x7b, 0x84, 0xef, 0x31, 0x11, 0x52, 0xd3, 0x60, 0x9b, 0x7a, 0x98, 0x7c, 0xe3,
+	0x22, 0x35, 0x76, 0x14, 0xd8, 0x43, 0xfc, 0x90, 0xa9, 0x90, 0xba, 0x06, 0xdb, 0xd4, 0xc3, 0xe4,
-	0x87, 0x4f, 0x18, 0x67, 0x75, 0xb3, 0x49, 0x61, 0x03, 0x0e, 0x42, 0xa7, 0xa1, 0xce, 0xf9, 0x72,
+	0x5b, 0x3f, 0x7c, 0xc6, 0x38, 0xab, 0x99, 0x0d, 0x0a, 0xeb, 0x73, 0x10, 0x3a, 0x0b, 0x35, 0xce,
-	0x1d, 0xc6, 0x56, 0xdd, 0x64, 0x27, 0xde, 0x77, 0x1d, 0x35, 0xe5, 0x06, 0x23, 0xc1, 0xd5, 0x02,
+	0x97, 0xeb, 0x30, 0xb6, 0x6a, 0x26, 0x93, 0x78, 0xcf, 0x75, 0xe2, 0x29, 0x37, 0x18, 0x0a, 0xae,
-	0x3f, 0xfd, 0xc8, 0xf8, 0x7d, 0x19, 0x36, 0xee, 0xd0, 0xcd, 0x87, 0xb6, 0xe7, 0x3c, 0xf4, 0x9f,
+	0xe6, 0xb9, 0xf4, 0x43, 0xe3, 0xb7, 0x65, 0x58, 0xbf, 0x4f, 0x37, 0x1f, 0xd8, 0x9e, 0xf3, 0xc4,
-	0x0d, 0xf1, 0x68, 0x16, 0xba, 0xe4, 0x70, 0xdb, 0xf7, 0x08, 0x7e, 0x46, 0xd0, 0x2e, 0x2c, 0x7b,
+	0x7f, 0x3e, 0xc0, 0xc3, 0x69, 0xe8, 0x92, 0xa3, 0x2d, 0xdf, 0x23, 0xf8, 0x39, 0x41, 0x3b, 0xb0,
-	0x92, 0x17, 0x4b, 0xaa, 0x97, 0xee, 0xde, 0xdc, 0xea, 0x2a, 0x9d, 0xa5, 0xb8, 0x35, 0x3b, 0x5e,
+	0xe4, 0x49, 0x5e, 0x2c, 0x69, 0x5e, 0xba, 0x7b, 0x63, 0xb3, 0x13, 0xdb, 0x2c, 0xc5, 0xad, 0xd9,
-	0x12, 0x10, 0xa1, 0x0f, 0xe2, 0xb3, 0x4b, 0x22, 0x65, 0x46, 0x64, 0x4d, 0x11, 0x19, 0xee, 0x32,
+	0xf6, 0x74, 0x40, 0x84, 0x3e, 0x4c, 0x64, 0x97, 0x44, 0xca, 0x8c, 0xc8, 0x6a, 0x4c, 0x64, 0xb0,
-	0x3e, 0x04, 0x09, 0x29, 0x13, 0x49, 0xe0, 0x2c, 0xd0, 0x7b, 0x60, 0xd9, 0x91, 0x35, 0x8b, 0x70,
+	0xc3, 0xf8, 0x10, 0x24, 0xa4, 0x4e, 0x24, 0x81, 0xf3, 0x40, 0xcf, 0x81, 0x65, 0x47, 0xd6, 0x34,
-	0x28, 0x8c, 0xbe, 0x11, 0xce, 0xbc, 0x7e, 0xf4, 0x20, 0xc2, 0x21, 0xbb, 0x18, 0x42, 0xd0, 0x56,
+	0xc2, 0x21, 0x93, 0xa2, 0x62, 0xd6, 0xc3, 0xa9, 0xd7, 0x8b, 0x1e, 0x47, 0x38, 0x64, 0x07, 0x43,
-	0xe8, 0xfb, 0xe4, 0x51, 0x24, 0x85, 0x2b, 0xc1, 0x26, 0x83, 0xa2, 0xff, 0x83, 0x95, 0x68, 0x16,
+	0x28, 0xda, 0x0a, 0x7d, 0x9f, 0xec, 0x47, 0x52, 0xb9, 0x12, 0x6c, 0x32, 0x28, 0xfa, 0x2f, 0x58,
-	0x04, 0x13, 0x3c, 0xc5, 0x1e, 0xb1, 0x27, 0xd6, 0x38, 0xf4, 0x67, 0x41, 0xd4, 0xad, 0x6e, 0x56,
+	0x8e, 0xa6, 0x41, 0x30, 0xc6, 0x13, 0xec, 0x11, 0x7b, 0x6c, 0x8d, 0x42, 0x7f, 0x1a, 0x44, 0x9d,
-	0x2e, 0x55, 0x4c, 0xa4, 0x4f, 0x7d, 0xc2, 0x66, 0x8c, 0xdf, 0x94, 0xe0, 0x14, 0xe3, 0x6c, 0xdf,
+	0xb9, 0x8d, 0xca, 0xd5, 0x8a, 0x89, 0xd4, 0xa9, 0x4f, 0xd9, 0x8c, 0xf1, 0xeb, 0x12, 0x9c, 0x61,
-	0x77, 0x84, 0x90, 0xc4, 0x35, 0x79, 0x15, 0x5a, 0x23, 0xb6, 0xdc, 0x0a, 0xec, 0x10, 0x7b, 0x44,
+	0x9c, 0xed, 0xf9, 0x8e, 0x50, 0x92, 0x38, 0x26, 0xaf, 0x43, 0x73, 0xc8, 0x96, 0x5b, 0x81, 0x1d,
-	0xd8, 0xcb, 0x22, 0x07, 0xee, 0x33, 0x18, 0xba, 0x07, 0x9d, 0x48, 0xc8, 0xd4, 0x1a, 0x71, 0xa1,
+	0x62, 0x8f, 0x08, 0x7f, 0x59, 0xe0, 0xc0, 0x3d, 0x06, 0x43, 0x0f, 0xa1, 0x1d, 0x09, 0x9d, 0x5a,
-	0x8a, 0xa3, 0x5f, 0x50, 0x47, 0x3f, 0x42, 0x01, 0xe6, 0x52, 0x94, 0x04, 0x18, 0x21, 0xa0, 0x98,
+	0x43, 0xae, 0x54, 0x21, 0xfa, 0xa5, 0x58, 0xf4, 0x63, 0x0c, 0x60, 0x2e, 0x46, 0x3a, 0xc0, 0x08,
-	0x93, 0xbb, 0x98, 0xd8, 0x8e, 0x4d, 0x6c, 0x84, 0x60, 0x9e, 0xf9, 0x0c, 0xce, 0x02, 0xfb, 0x46,
+	0x01, 0x25, 0x9c, 0x3c, 0xc0, 0xc4, 0x76, 0x6c, 0x62, 0x23, 0x04, 0xb3, 0x2c, 0x66, 0x70, 0x16,
-	0x1d, 0xa8, 0xcc, 0x84, 0x31, 0x34, 0x4c, 0xfa, 0x89, 0x5e, 0x81, 0x86, 0x52, 0x8d, 0x94, 0xa1,
+	0xd8, 0x37, 0x6a, 0x43, 0x65, 0x2a, 0x9c, 0xa1, 0x6e, 0xd2, 0x4f, 0xf4, 0x1a, 0xd4, 0x63, 0xd3,
-	0x02, 0xd0, 0x0b, 0x6c, 0x13, 0x82, 0xa7, 0x01, 0x61, 0xb2, 0x6b, 0x99, 0x72, 0x68, 0xfc, 0x7d,
+	0x88, 0xc0, 0x91, 0x00, 0xe8, 0x01, 0xb6, 0x09, 0xc1, 0x93, 0x80, 0x30, 0xdd, 0x35, 0x4d, 0x39,
-	0x1e, 0x3a, 0x99, 0xe3, 0x5f, 0x87, 0xfa, 0x54, 0x6c, 0x2f, 0x2c, 0x62, 0x23, 0xbe, 0xc5, 0x19,
+	0x34, 0xfe, 0x36, 0x0b, 0xed, 0x8c, 0xf8, 0xb7, 0xa0, 0x36, 0x11, 0xdb, 0x0b, 0x8f, 0x58, 0x4f,
-	0x0e, 0x4d, 0x85, 0x4c, 0x2f, 0x09, 0x35, 0x3f, 0xcd, 0xc7, 0xa9, 0x31, 0x95, 0xe9, 0xc4, 0x1f,
+	0x4e, 0x71, 0x86, 0x43, 0x33, 0x46, 0xa6, 0x87, 0x84, 0xba, 0x9f, 0x12, 0xe3, 0xe2, 0x31, 0xd5,
-	0x5b, 0x8e, 0x1b, 0xe2, 0x11, 0xf1, 0xc3, 0x43, 0xc1, 0xe5, 0xe2, 0xc4, 0x1f, 0xef, 0x48, 0x18,
+	0xe9, 0xd8, 0x1f, 0x59, 0x8e, 0x1b, 0xe2, 0x21, 0xf1, 0xc3, 0x23, 0xc1, 0xe5, 0xc2, 0xd8, 0x1f,
-	0xba, 0x06, 0xe0, 0x78, 0x11, 0x15, 0xe7, 0x23, 0x77, 0xcc, 0x78, 0x6d, 0x6e, 0x21, 0xb5, 0xb7,
+	0x6d, 0x4b, 0x18, 0xba, 0x09, 0xe0, 0x78, 0x11, 0x55, 0xe7, 0xbe, 0x3b, 0x62, 0xbc, 0x36, 0x36,
-	0xf2, 0x63, 0x66, 0xc3, 0xf1, 0x22, 0xc1, 0xec, 0xbb, 0xd0, 0xa2, 0x7e, 0xc1, 0x9a, 0x72, 0x17,
+	0x51, 0xbc, 0x77, 0x1c, 0xc7, 0xcc, 0xba, 0xe3, 0x45, 0x82, 0xd9, 0xf7, 0xa0, 0x49, 0xe3, 0x82,
-	0xc4, 0x15, 0xde, 0xdc, 0x5a, 0xd5, 0x38, 0x56, 0xfe, 0xc9, 0x5c, 0x0c, 0xe2, 0x41, 0x84, 0x6e,
+	0x35, 0xe1, 0x21, 0x88, 0x1b, 0xbc, 0xb1, 0xb9, 0xa2, 0x70, 0x1c, 0xc7, 0x27, 0x73, 0x21, 0x48,
-	0x42, 0x8d, 0xdd, 0xcb, 0xa8, 0x5b, 0x63, 0x6b, 0x2e, 0xe6, 0x9c, 0x92, 0xef, 0x72, 0xf5, 0x0e,
+	0x06, 0x11, 0xba, 0x03, 0x55, 0x76, 0x2e, 0xa3, 0x4e, 0x95, 0xad, 0xb9, 0x9c, 0x23, 0x25, 0xdf,
-	0xc3, 0xdb, 0xf5, 0x48, 0x78, 0x68, 0x8a, 0x45, 0xe8, 0x0e, 0x34, 0x6d, 0xcf, 0xf3, 0x89, 0xcd,
+	0xe5, 0xc6, 0x7d, 0x86, 0xb7, 0xe3, 0x91, 0xf0, 0xc8, 0x14, 0x8b, 0xd0, 0x7d, 0x68, 0xd8, 0x9e,
-	0xcd, 0x7e, 0x81, 0xd1, 0xb8, 0x52, 0x4c, 0xa3, 0x1f, 0x23, 0x73, 0x42, 0xfa, 0x72, 0xf4, 0x23,
+	0xe7, 0x13, 0x9b, 0xbb, 0xfd, 0x3c, 0xa3, 0x71, 0xbd, 0x98, 0x46, 0x2f, 0x41, 0xe6, 0x84, 0xd4,
-	0xa8, 0xb2, 0x7b, 0xd1, 0xad, 0xb3, 0x53, 0x9f, 0x4d, 0xda, 0x50, 0x9a, 0x98, 0xc9, 0x91, 0x7b,
+	0xe5, 0xe8, 0x7f, 0x60, 0x8e, 0x9d, 0x8b, 0x4e, 0x8d, 0x49, 0x7d, 0x5e, 0xf7, 0xa1, 0x34, 0x31,
-	0xef, 0x42, 0x53, 0x63, 0x8d, 0x1a, 0xc6, 0x13, 0x7c, 0x28, 0x6c, 0x85, 0x7e, 0xa2, 0x55, 0xa8,
+	0x93, 0x23, 0x77, 0xdf, 0x83, 0x86, 0xc2, 0x1a, 0x75, 0x8c, 0x67, 0xf8, 0x48, 0xf8, 0x0a, 0xfd,
-	0x3e, 0xb5, 0x27, 0x33, 0xa9, 0x0f, 0x3e, 0xb8, 0x51, 0xfe, 0x49, 0xa9, 0x77, 0x0b, 0x3a, 0x69,
+	0x44, 0x2b, 0x30, 0x77, 0x68, 0x8f, 0xa7, 0xd2, 0x1e, 0x7c, 0x70, 0xbb, 0xfc, 0x7f, 0xa5, 0xee,
-	0x8e, 0x4e, 0xb2, 0xde, 0xd8, 0x83, 0x55, 0x73, 0xe6, 0xc5, 0x8c, 0xc9, 0xa0, 0x79, 0x0d, 0x6a,
+	0x5d, 0x68, 0xa7, 0x39, 0x3a, 0xcd, 0x7a, 0x63, 0x17, 0x56, 0xcc, 0xa9, 0x97, 0x30, 0x26, 0x2f,
-	0x42, 0x7f, 0xdc, 0x76, 0x4e, 0x17, 0x4a, 0xc4, 0x14, 0x88, 0xc6, 0x4d, 0x38, 0x95, 0x22, 0x25,
+	0xcd, 0x9b, 0x50, 0x15, 0xf6, 0xe3, 0xbe, 0x73, 0xb6, 0x50, 0x23, 0xa6, 0x40, 0x34, 0xee, 0xc0,
-	0x42, 0xea, 0x05, 0x68, 0x07, 0xbe, 0x63, 0x45, 0x1c, 0x6c, 0xb9, 0x8e, 0xbc, 0x89, 0x81, 0xc2,
+	0x99, 0x14, 0x29, 0x71, 0xa5, 0x5e, 0x82, 0x56, 0xe0, 0x3b, 0x56, 0xc4, 0xc1, 0x96, 0xeb, 0xc8,
-	0xdd, 0x73, 0xe8, 0xf2, 0x21, 0xf1, 0x83, 0x2c, 0x2b, 0xc7, 0x5b, 0xde, 0x85, 0xb5, 0xf4, 0x72,
+	0x93, 0x18, 0xc4, 0xb8, 0xbb, 0x0e, 0x5d, 0x3e, 0x20, 0x7e, 0x90, 0x65, 0xe5, 0x64, 0xcb, 0x3b,
-	0xbe, 0xbd, 0xf1, 0x01, 0xac, 0x9b, 0x78, 0xea, 0x3f, 0xc5, 0x2f, 0x4a, 0xba, 0x07, 0xdd, 0x2c,
+	0xb0, 0x9a, 0x5e, 0xce, 0xb7, 0x37, 0x3e, 0x84, 0x35, 0x13, 0x4f, 0xfc, 0x43, 0xfc, 0xb2, 0xa4,
-	0x81, 0x98, 0x78, 0x0c, 0x1d, 0x12, 0x9b, 0xcc, 0xa2, 0x93, 0x11, 0xbf, 0xac, 0x13, 0x10, 0xc1,
+	0xbb, 0xd0, 0xc9, 0x12, 0x48, 0x88, 0x27, 0xd0, 0x01, 0xb1, 0xc9, 0x34, 0x3a, 0x1d, 0xf1, 0x6b,
-	0x82, 0xd3, 0x41, 0x6d, 0x28, 0xbb, 0x81, 0x58, 0x54, 0x76, 0x03, 0xe3, 0x4b, 0x68, 0x0c, 0x74,
+	0x2a, 0x01, 0x71, 0x59, 0x70, 0x3a, 0xa8, 0x05, 0x65, 0x37, 0x10, 0x8b, 0xca, 0x6e, 0x60, 0x7c,
-	0x6f, 0xa0, 0x47, 0x9b, 0x86, 0x29, 0x87, 0x68, 0x2b, 0x0e, 0xf4, 0xe5, 0xe7, 0x44, 0x02, 0x95,
+	0x05, 0xf5, 0xbe, 0x1a, 0x0d, 0xd4, 0xdb, 0xa6, 0x6e, 0xca, 0x21, 0xda, 0x4c, 0x2e, 0xfa, 0xf2,
-	0x02, 0xdc, 0xce, 0x38, 0x51, 0xc1, 0xc3, 0x16, 0x80, 0xf2, 0x40, 0x32, 0xb2, 0xa0, 0x2c, 0x3d,
+	0x0b, 0x6e, 0x82, 0x38, 0x05, 0xb8, 0x97, 0x09, 0xa2, 0x82, 0x87, 0x4d, 0x80, 0x38, 0x02, 0xc9,
-	0x53, 0xc3, 0x32, 0xfe, 0x98, 0x70, 0x47, 0xda, 0x61, 0x1c, 0x75, 0x18, 0x27, 0xe1, 0x9e, 0xca,
+	0x9b, 0x05, 0x65, 0xe9, 0x99, 0x0a, 0x96, 0xf1, 0x07, 0x2d, 0x1c, 0x29, 0xc2, 0x38, 0xb1, 0x30,
-	0x27, 0x71, 0x4f, 0x57, 0xa1, 0x1a, 0x11, 0x9b, 0x70, 0x07, 0xd9, 0xd6, 0x0e, 0x97, 0xdc, 0x12,
+	0x8e, 0x16, 0x9e, 0xca, 0xa7, 0x09, 0x4f, 0x37, 0x60, 0x2e, 0x22, 0x36, 0xe1, 0x01, 0xb2, 0xa5,
-	0x9b, 0x1c, 0x0d, 0x9d, 0x01, 0x18, 0x85, 0xd8, 0x26, 0xd8, 0xb1, 0x6c, 0xee, 0x39, 0x2b, 0x66,
+	0x08, 0xa7, 0x6f, 0x89, 0x4d, 0x8e, 0x86, 0xce, 0x01, 0x0c, 0x43, 0x6c, 0x13, 0xec, 0x58, 0x36,
-	0x43, 0x40, 0xfa, 0x04, 0xdd, 0x88, 0xe5, 0x58, 0x65, 0x6c, 0x6c, 0xe6, 0x10, 0x4c, 0xe8, 0x25,
+	0x8f, 0x9c, 0x15, 0xb3, 0x2e, 0x20, 0x3d, 0x82, 0x6e, 0x27, 0x7a, 0x9c, 0x63, 0x6c, 0x6c, 0xe4,
-	0x96, 0xb4, 0xba, 0xed, 0xb5, 0xa3, 0x6f, 0xbb, 0x58, 0xc7, 0x91, 0x35, 0x87, 0xb5, 0x50, 0xe8,
+	0x10, 0xd4, 0xec, 0x92, 0x68, 0x3a, 0x3e, 0xed, 0xd5, 0xe3, 0x4f, 0xbb, 0x58, 0xc7, 0x91, 0x95,
-	0xb0, 0xf8, 0x8a, 0xe3, 0x38, 0xac, 0x7a, 0xa1, 0xc3, 0x12, 0x34, 0x8e, 0x74, 0x58, 0x3f, 0xa4,
+	0x80, 0x35, 0x5f, 0x18, 0xb0, 0xf8, 0x8a, 0x93, 0x04, 0xac, 0x5a, 0x61, 0xc0, 0x12, 0x34, 0x8e,
-	0xeb, 0xb9, 0x0b, 0xdd, 0xec, 0xd5, 0x11, 0x2e, 0xe3, 0x1a, 0xd4, 0x22, 0x06, 0x39, 0xc2, 0xfd,
+	0x0d, 0x58, 0x3f, 0x65, 0xe8, 0x79, 0x00, 0x9d, 0xec, 0xd1, 0x11, 0x21, 0xe3, 0x26, 0x54, 0x23,
-	0x88, 0x25, 0x02, 0xd1, 0xf8, 0x77, 0x49, 0xb7, 0xba, 0x8f, 0xdd, 0x09, 0xc1, 0x61, 0xc6, 0xea,
+	0x06, 0x39, 0x26, 0xfc, 0x88, 0x25, 0x02, 0xd1, 0xf8, 0x57, 0x49, 0xf5, 0xba, 0x4f, 0xdc, 0x31,
-	0x94, 0xf1, 0x94, 0x8f, 0x67, 0x3c, 0x43, 0x68, 0x33, 0xb1, 0x5b, 0x11, 0x9e, 0xb0, 0xe8, 0xc6,
+	0xc1, 0x61, 0xc6, 0xeb, 0x62, 0xe7, 0x29, 0x9f, 0xcc, 0x79, 0x06, 0xd0, 0x62, 0x6a, 0xb7, 0x22,
-	0x72, 0xe7, 0xe6, 0xd6, 0x9b, 0x39, 0x0b, 0xf9, 0x96, 0x5c, 0x67, 0x43, 0x81, 0xce, 0x25, 0xde,
+	0x3c, 0x66, 0xb7, 0x1b, 0xcb, 0x9d, 0x1b, 0x9b, 0x6f, 0xe5, 0x2c, 0xe4, 0x5b, 0x72, 0x9b, 0x0d,
-	0x9a, 0xe8, 0xb0, 0xde, 0x87, 0x80, 0xb2, 0x48, 0x27, 0x12, 0xdd, 0xa7, 0xf4, 0xba, 0xd2, 0xd4,
+	0x04, 0x3a, 0xd7, 0x78, 0x73, 0xac, 0xc2, 0xba, 0x1f, 0x01, 0xca, 0x22, 0x9d, 0x4a, 0x75, 0x9f,
-	0x39, 0xc7, 0x6d, 0x3f, 0x62, 0x6c, 0x1c, 0x21, 0x37, 0xce, 0xa7, 0x29, 0x10, 0x8d, 0x3f, 0x54,
+	0xd1, 0xe3, 0x4a, 0x53, 0xe7, 0x9c, 0xb0, 0xbd, 0xcf, 0xd8, 0x38, 0x46, 0x6f, 0x9c, 0x4f, 0x53,
-	0x00, 0xe2, 0xc9, 0x97, 0xf6, 0x9e, 0x5e, 0x57, 0xb7, 0x86, 0xa7, 0x06, 0xe7, 0x72, 0xe8, 0xe5,
+	0x20, 0x1a, 0xbf, 0xab, 0x00, 0x24, 0x93, 0xaf, 0xec, 0x39, 0xbd, 0x15, 0x9f, 0x1a, 0x9e, 0x1a,
-	0xde, 0x97, 0x8f, 0x93, 0xf7, 0x85, 0x27, 0x09, 0x17, 0xf2, 0x56, 0xbf, 0xb4, 0x37, 0x65, 0x1b,
+	0x5c, 0xc8, 0xa1, 0x97, 0x7b, 0x5e, 0x3e, 0xd1, 0xcf, 0x0b, 0x4f, 0x12, 0x2e, 0xe5, 0xad, 0x7e,
-	0xd6, 0xd2, 0xea, 0x16, 0xf7, 0xe4, 0x32, 0x54, 0x5d, 0x82, 0xa7, 0xbc, 0x10, 0x6c, 0x6e, 0xad,
+	0x65, 0x4f, 0xca, 0x16, 0xac, 0xa6, 0xcd, 0x2d, 0xce, 0xc9, 0x35, 0x98, 0x73, 0x09, 0x9e, 0xf0,
-	0xe4, 0x1c, 0xcb, 0xe4, 0x18, 0xc6, 0x79, 0x68, 0xec, 0x4d, 0xed, 0x31, 0x1e, 0x06, 0x78, 0x44,
+	0x42, 0xb0, 0xb1, 0xb9, 0x9c, 0x23, 0x96, 0xc9, 0x31, 0x8c, 0x8b, 0x50, 0xdf, 0x9d, 0xd8, 0x23,
-	0xf7, 0x72, 0xe9, 0x40, 0xec, 0xcf, 0x07, 0xc6, 0x16, 0xd4, 0x6f, 0xe3, 0xc3, 0xcf, 0xe9, 0xbe,
+	0x3c, 0x08, 0xf0, 0x90, 0xee, 0xe5, 0xd2, 0x81, 0xd8, 0x9f, 0x0f, 0x8c, 0x4d, 0xa8, 0xdd, 0xc3,
-	0xc7, 0xe5, 0xcf, 0xf8, 0x47, 0x09, 0xd6, 0x99, 0xbb, 0xdb, 0x96, 0x65, 0x98, 0x89, 0x23, 0x7f,
+	0x47, 0x5f, 0xd0, 0x7d, 0x4f, 0xca, 0x9f, 0xf1, 0xf7, 0x12, 0xac, 0xb1, 0x70, 0xb7, 0x25, 0xcb,
-	0x16, 0x8e, 0x70, 0xc4, 0x54, 0x1a, 0xcc, 0xac, 0x00, 0x87, 0xae, 0xcf, 0x6d, 0x8a, 0xaa, 0x34,
+	0x30, 0x13, 0x47, 0xfe, 0x34, 0x1c, 0xe2, 0x88, 0x99, 0x34, 0x98, 0x5a, 0x01, 0x0e, 0x5d, 0x9f,
-	0x98, 0xed, 0x33, 0x00, 0x2d, 0xd5, 0xe8, 0xf4, 0xd7, 0x33, 0x5f, 0xd8, 0x56, 0xc5, 0xac, 0x8f,
+	0xfb, 0x14, 0x35, 0x69, 0x30, 0xdd, 0x63, 0x00, 0x5a, 0xaa, 0xd1, 0xe9, 0x6f, 0xa6, 0xbe, 0xf0,
-	0x82, 0xd9, 0x67, 0x74, 0x2c, 0xd7, 0x46, 0x07, 0x76, 0x88, 0x23, 0x66, 0x43, 0x7c, 0xed, 0x90,
+	0xad, 0x8a, 0x59, 0x1b, 0x06, 0xd3, 0xcf, 0xe9, 0x58, 0xae, 0x8d, 0x0e, 0xec, 0x10, 0x47, 0xb2,
-	0x01, 0xd0, 0x35, 0x38, 0x35, 0xc5, 0x53, 0x3f, 0x3c, 0xb4, 0x26, 0xee, 0xd4, 0x25, 0x96, 0xeb,
+	0xa0, 0x18, 0x06, 0xd3, 0x01, 0x03, 0xa0, 0x9b, 0x70, 0x66, 0x82, 0x27, 0x7e, 0x78, 0x64, 0x8d,
-	0x59, 0x0f, 0x0f, 0x09, 0x8e, 0x84, 0xe1, 0x20, 0x3e, 0x79, 0x87, 0xce, 0xed, 0x79, 0x1f, 0xd1,
+	0xdd, 0x89, 0x4b, 0x2c, 0xd7, 0xb3, 0x9e, 0x1c, 0x11, 0x1c, 0x09, 0xc7, 0x41, 0x7c, 0xf2, 0x3e,
-	0x19, 0x64, 0x40, 0xcb, 0xf7, 0xa7, 0x56, 0x34, 0xf2, 0x43, 0x6c, 0xd9, 0xce, 0x63, 0xe6, 0xef,
+	0x9d, 0xdb, 0xf5, 0x3e, 0xa6, 0x33, 0xc8, 0x80, 0xa6, 0xef, 0x4f, 0xac, 0x68, 0xe8, 0x87, 0xd8,
-	0x2b, 0x66, 0xd3, 0xf7, 0xa7, 0x43, 0x0a, 0xeb, 0x3b, 0x8f, 0x0d, 0x1b, 0x5a, 0x89, 0x42, 0x87,
+	0xb2, 0x9d, 0xa7, 0x2c, 0xde, 0x57, 0xcc, 0x86, 0xef, 0x4f, 0x06, 0x14, 0xd6, 0x73, 0x9e, 0x1a,
-	0x26, 0xee, 0xac, 0xa2, 0x11, 0x89, 0x3b, 0xfd, 0xa6, 0xb0, 0xd0, 0x9f, 0x48, 0x39, 0xb0, 0x6f,
+	0x36, 0x34, 0xb5, 0x42, 0x87, 0x26, 0xee, 0xac, 0xa2, 0x11, 0x89, 0x3b, 0xfd, 0xa6, 0xb0, 0xd0,
-	0x0a, 0x23, 0x87, 0x81, 0xcc, 0xda, 0xd9, 0x37, 0x15, 0xd8, 0x04, 0x3f, 0x15, 0x75, 0x64, 0xc3,
+	0x1f, 0x4b, 0x3d, 0xb0, 0x6f, 0x0a, 0x23, 0x47, 0x81, 0xcc, 0xda, 0xd9, 0x37, 0x55, 0xd8, 0x18,
-	0xe4, 0x03, 0xc3, 0x01, 0xd8, 0xb6, 0x03, 0xfb, 0xa1, 0x3b, 0x71, 0xc9, 0x21, 0xba, 0x0c, 0x1d,
+	0x1f, 0x8a, 0x3a, 0xb2, 0x6e, 0xf2, 0x81, 0xe1, 0x00, 0x6c, 0xd9, 0x81, 0xfd, 0xc4, 0x1d, 0xbb,
-	0xdb, 0x71, 0xac, 0x91, 0x84, 0xb8, 0x58, 0x16, 0xf5, 0x4b, 0xb6, 0xe3, 0x6c, 0x6b, 0x60, 0xf4,
+	0xe4, 0x08, 0x5d, 0x83, 0xb6, 0xed, 0x38, 0xd6, 0x50, 0x42, 0x5c, 0x2c, 0x8b, 0xfa, 0x45, 0xdb,
-	0x06, 0x2c, 0x3b, 0xa1, 0x1f, 0x24, 0x71, 0x79, 0x95, 0xdf, 0xa1, 0x13, 0x3a, 0xb2, 0xf1, 0x9f,
+	0x71, 0xb6, 0x14, 0x30, 0x7a, 0x13, 0x96, 0x9c, 0xd0, 0x0f, 0x74, 0x5c, 0x5e, 0xe5, 0xb7, 0xe9,
-	0x32, 0x9c, 0x49, 0xaa, 0x25, 0x5d, 0x3a, 0x5e, 0x87, 0xc5, 0xd4, 0xae, 0xa5, 0x84, 0x05, 0xc5,
+	0x84, 0x8a, 0x6c, 0xfc, 0xbe, 0x02, 0xe7, 0x74, 0xb3, 0xa4, 0x4b, 0xc7, 0x5b, 0xb0, 0x90, 0xda,
-	0x4c, 0x9a, 0x09, 0x44, 0x74, 0x16, 0x20, 0x08, 0xdd, 0xa7, 0xee, 0x04, 0x8f, 0xb1, 0xac, 0x65,
+	0xb5, 0xa4, 0x79, 0x50, 0xc2, 0xa4, 0xa9, 0x21, 0xa2, 0xf3, 0x00, 0x41, 0xe8, 0x1e, 0xba, 0x63,
-	0x35, 0x48, 0x7e, 0x4d, 0x5a, 0xf9, 0x3e, 0x6a, 0xd2, 0xf9, 0xef, 0x52, 0x93, 0x56, 0x8f, 0x51,
+	0x3c, 0xc2, 0xb2, 0x96, 0x55, 0x20, 0xf9, 0x35, 0x69, 0xe5, 0xc7, 0xa8, 0x49, 0x67, 0x7f, 0x48,
-	0x93, 0xd6, 0x4e, 0x52, 0x93, 0x2e, 0x14, 0xd6, 0xa4, 0x7f, 0x2a, 0xc1, 0x6a, 0x52, 0xf8, 0xa2,
+	0x4d, 0x3a, 0x97, 0xae, 0x49, 0xaf, 0xb0, 0x66, 0x8d, 0x9c, 0x67, 0xe5, 0x4e, 0x95, 0x77, 0x14,
-	0xcc, 0xb9, 0x05, 0x8d, 0x50, 0xde, 0x0e, 0x21, 0xf0, 0xcd, 0x64, 0xd2, 0x90, 0xbd, 0x45, 0x66,
+	0x62, 0x1c, 0x4f, 0x36, 0x75, 0x52, 0xb5, 0xeb, 0xfc, 0x69, 0x6a, 0xd7, 0x5a, 0x61, 0xed, 0xfa,
-	0xbc, 0x04, 0x7d, 0x56, 0x58, 0xad, 0xbe, 0x56, 0x40, 0xe6, 0xb9, 0xf5, 0x6a, 0x1f, 0x96, 0x15,
+	0xc7, 0x12, 0xac, 0xe8, 0x46, 0x12, 0xe5, 0xd0, 0x5d, 0xa8, 0x87, 0xf2, 0x14, 0x09, 0xc3, 0x6c,
-	0xf2, 0x91, 0xe5, 0xaa, 0x56, 0x7e, 0x96, 0x93, 0xe5, 0xa7, 0x07, 0xb5, 0x1d, 0xfc, 0xd4, 0x1d,
+	0xe8, 0xc9, 0x45, 0xf6, 0xb4, 0x99, 0xc9, 0x12, 0xf4, 0x79, 0x61, 0x55, 0x7b, 0xa5, 0x80, 0xcc,
-	0xe1, 0xef, 0xa5, 0x47, 0xb3, 0x09, 0xcd, 0x00, 0x87, 0x53, 0x37, 0x8a, 0x94, 0xe1, 0x34, 0x4c,
+	0x0b, 0xeb, 0xda, 0x1e, 0x2c, 0xc5, 0xc8, 0xc7, 0x96, 0xb5, 0x4a, 0x99, 0x5a, 0xd6, 0xcb, 0x54,
-	0x1d, 0x64, 0xfc, 0xab, 0x0a, 0x4b, 0x69, 0xc9, 0xbe, 0x93, 0xa9, 0x76, 0x7b, 0xb1, 0x25, 0xa7,
+	0x0f, 0xaa, 0xdb, 0xf8, 0xd0, 0x1d, 0xe2, 0x1f, 0xa5, 0x97, 0xb3, 0x01, 0x8d, 0x00, 0x87, 0x13,
-	0xcf, 0xa7, 0x45, 0xa9, 0x4b, 0xd2, 0x11, 0x96, 0x53, 0xa9, 0xad, 0xf2, 0x95, 0xc2, 0x39, 0xd2,
+	0x37, 0x8a, 0x62, 0x07, 0xab, 0x9b, 0x2a, 0xc8, 0xf8, 0xe7, 0x1c, 0x2c, 0xa6, 0x35, 0xfb, 0x6e,
-	0xf3, 0x8f, 0xfc, 0xe9, 0xd4, 0xf6, 0x1c, 0xd9, 0x3f, 0x13, 0x43, 0x2a, 0x2d, 0x3b, 0x1c, 0x53,
+	0xa6, 0x2a, 0xee, 0x26, 0x1e, 0x9f, 0x96, 0x4f, 0xb9, 0xcd, 0xae, 0xca, 0x80, 0x59, 0x4e, 0xa5,
-	0xf3, 0xa4, 0x60, 0xf6, 0x8d, 0xce, 0x41, 0x93, 0xa6, 0x88, 0xae, 0xc7, 0x8a, 0x65, 0x61, 0x7c,
+	0xc0, 0x71, 0x4c, 0x15, 0x41, 0x94, 0xca, 0x3f, 0xf4, 0x27, 0x13, 0xdb, 0x73, 0x64, 0x9f, 0x4d,
-	0x20, 0x40, 0x3b, 0x6e, 0x88, 0x2e, 0xc2, 0x3c, 0xf6, 0x9e, 0xca, 0x78, 0x14, 0x37, 0xd8, 0xa4,
+	0x0c, 0xa9, 0xb6, 0xec, 0x70, 0x44, 0xdd, 0x98, 0x82, 0xd9, 0x37, 0xba, 0x00, 0x0d, 0x9a, 0x4a,
-	0x03, 0x36, 0xd9, 0x34, 0x7a, 0x0d, 0x6a, 0x53, 0x7f, 0xe6, 0x11, 0x99, 0x2c, 0xb6, 0x15, 0x22,
+	0xba, 0x1e, 0x2b, 0xaa, 0x99, 0x93, 0xd6, 0x4d, 0x10, 0xa0, 0x6d, 0x37, 0x44, 0x97, 0x61, 0x16,
-	0xeb, 0x8a, 0x99, 0x62, 0x16, 0x5d, 0x86, 0x05, 0x87, 0xe9, 0x40, 0x66, 0x84, 0x4b, 0x71, 0xc1,
+	0x7b, 0x87, 0xf2, 0xde, 0x4a, 0x1a, 0x71, 0x32, 0x50, 0x9b, 0x6c, 0x1a, 0x5d, 0x81, 0xea, 0xc4,
-	0xcd, 0xe0, 0xa6, 0x9c, 0x47, 0xef, 0xab, 0x48, 0xda, 0x48, 0xc5, 0xc2, 0x94, 0x50, 0x73, 0xc3,
+	0x9f, 0x7a, 0x44, 0x26, 0x95, 0xad, 0x18, 0x91, 0x75, 0xcf, 0x4c, 0x31, 0x8b, 0xae, 0xc1, 0xbc,
-	0xe9, 0xed, 0x64, 0x38, 0x05, 0x46, 0xe2, 0x72, 0x21, 0x89, 0xa3, 0xcb, 0xe5, 0xd3, 0x50, 0x9f,
+	0xc3, 0x6c, 0x20, 0x33, 0xc7, 0xc5, 0xa4, 0x30, 0x67, 0x70, 0x53, 0xce, 0xa3, 0x0f, 0xe2, 0x1b,
-	0xf8, 0x63, 0x6e, 0x07, 0x4d, 0x5e, 0xc5, 0x4c, 0xfc, 0x31, 0x33, 0x83, 0x55, 0x9a, 0x3e, 0x38,
+	0xb7, 0x9e, 0xba, 0x33, 0x53, 0x4a, 0xcd, 0xbd, 0x76, 0xef, 0xe9, 0xd7, 0x2e, 0x30, 0x12, 0xd7,
-	0xae, 0xd7, 0x5d, 0x64, 0x77, 0x92, 0x0f, 0x68, 0x54, 0x60, 0x1f, 0x96, 0xef, 0x8d, 0x70, 0xb7,
+	0x0a, 0x49, 0x1c, 0x5f, 0x56, 0x9f, 0x85, 0xda, 0xd8, 0x1f, 0x71, 0x3f, 0x68, 0xf0, 0x6a, 0x67,
-	0xc5, 0xa6, 0x1a, 0x0c, 0x72, 0xcf, 0x1b, 0xb1, 0xa0, 0x45, 0xc8, 0x61, 0xb7, 0xcd, 0xe0, 0xf4,
+	0xec, 0x8f, 0x98, 0x1b, 0xac, 0xd0, 0x34, 0xc3, 0x71, 0xbd, 0xce, 0x02, 0x3b, 0x93, 0x7c, 0x40,
-	0x13, 0xfd, 0xbf, 0x4c, 0xd1, 0x97, 0x98, 0x7e, 0xcf, 0x14, 0x5c, 0x93, 0x97, 0xa6, 0x1e, 0xff,
+	0x6f, 0x0f, 0xf6, 0x61, 0xf9, 0xde, 0x10, 0x77, 0x9a, 0x6c, 0xaa, 0xce, 0x20, 0x0f, 0xbd, 0x21,
-	0x6b, 0x09, 0xd6, 0xb6, 0x59, 0xd2, 0xa3, 0x79, 0x82, 0x13, 0xd4, 0x93, 0xe8, 0x6d, 0x55, 0xb8,
+	0xbb, 0xdc, 0x08, 0x39, 0xea, 0xb4, 0x18, 0x9c, 0x7e, 0xa2, 0xff, 0x96, 0xa9, 0xfc, 0x22, 0xb3,
-	0xa7, 0x8b, 0xbf, 0xf4, 0x61, 0x05, 0x1e, 0xfa, 0x10, 0xda, 0x92, 0xa6, 0x58, 0x59, 0x79, 0x5e,
+	0xef, 0xb9, 0x82, 0x63, 0xf2, 0xca, 0xd4, 0xed, 0x7f, 0x29, 0xc1, 0xea, 0x16, 0x4b, 0x8e, 0x94,
-	0xc9, 0xdf, 0x8a, 0xf4, 0xa1, 0xf1, 0x3e, 0xac, 0x67, 0x78, 0x16, 0x09, 0xca, 0x79, 0x58, 0x8c,
+	0x48, 0x70, 0x8a, 0xba, 0x13, 0xbd, 0x13, 0x17, 0xf8, 0xe9, 0x22, 0x31, 0x2d, 0xac, 0xc0, 0x43,
-	0x3d, 0x82, 0x62, 0xb9, 0xa9, 0x60, 0x7b, 0x8e, 0x71, 0x83, 0x16, 0xfe, 0x76, 0x48, 0x32, 0x07,
+	0x1f, 0x41, 0x4b, 0xd2, 0x14, 0x2b, 0x2b, 0x2f, 0x6a, 0x0d, 0x34, 0x23, 0x75, 0x68, 0x7c, 0x00,
-	0x3e, 0xc6, 0x5a, 0x56, 0xf5, 0x27, 0xd7, 0x8a, 0xc2, 0x7c, 0x08, 0xab, 0x43, 0xe2, 0x07, 0x2f,
+	0x6b, 0x19, 0x9e, 0x45, 0x22, 0x73, 0x11, 0x16, 0x92, 0x88, 0x10, 0xb3, 0xdc, 0x88, 0x61, 0xbb,
-	0x40, 0x94, 0xde, 0x74, 0x7a, 0x6c, 0x7f, 0x46, 0x44, 0x56, 0x22, 0x87, 0xc6, 0x3a, 0xef, 0x51,
+	0x8e, 0x71, 0x1b, 0xce, 0x0c, 0x88, 0x1d, 0x92, 0x8c, 0xc0, 0x27, 0x58, 0xcb, 0xba, 0x03, 0xfa,
-	0x64, 0x77, 0x7b, 0x0f, 0xd6, 0x78, 0x8b, 0xe0, 0x45, 0x0e, 0x71, 0x5a, 0x36, 0x28, 0xb2, 0x74,
+	0x5a, 0x51, 0xc0, 0x0f, 0x60, 0x65, 0x40, 0xfc, 0xe0, 0x25, 0x88, 0xd2, 0x93, 0x4e, 0xc5, 0xf6,
-	0x7f, 0x5d, 0xd6, 0x5c, 0x5d, 0x41, 0x4d, 0xf3, 0x56, 0xb2, 0xa6, 0x59, 0xcf, 0x2a, 0x3c, 0x91,
+	0xa7, 0x44, 0x64, 0x2f, 0x72, 0x68, 0xac, 0xf1, 0x5e, 0x46, 0x76, 0xb7, 0xf7, 0x61, 0x95, 0xb7,
-	0x67, 0x67, 0xcd, 0xa8, 0x92, 0x63, 0x46, 0x66, 0xa6, 0xf0, 0x99, 0x67, 0x37, 0xfd, 0x8d, 0x2c,
+	0x12, 0x5e, 0x46, 0x88, 0xb3, 0xb2, 0x91, 0x91, 0xa5, 0xfb, 0xab, 0xb2, 0x12, 0xea, 0x0a, 0x6a,
-	0xf5, 0xff, 0x61, 0xdd, 0xb3, 0xc7, 0xeb, 0x1e, 0xb5, 0xb5, 0xea, 0xb5, 0xbc, 0x9d, 0xaa, 0x7b,
+	0x9f, 0xb7, 0xf5, 0xda, 0x67, 0x2d, 0x6b, 0x70, 0x2d, 0x1f, 0xcf, 0xba, 0x51, 0x25, 0xc7, 0x8d,
-	0xba, 0x45, 0x6c, 0xaa, 0xb2, 0xe7, 0x57, 0xf3, 0xd0, 0x50, 0x73, 0x19, 0x99, 0x66, 0x85, 0x54,
+	0xcc, 0x4c, 0x81, 0x34, 0xcb, 0x4e, 0xfa, 0x9b, 0x59, 0xea, 0xff, 0xc1, 0xfa, 0x68, 0x97, 0xd7,
-	0xce, 0x11, 0x92, 0x1e, 0x74, 0x2a, 0x2f, 0x12, 0x74, 0xe6, 0x9f, 0x17, 0x74, 0x36, 0xa0, 0xc1,
+	0x47, 0xf1, 0xd6, 0x71, 0x4f, 0xe6, 0x9d, 0x54, 0x7d, 0xd4, 0x29, 0x62, 0x33, 0x2e, 0x8f, 0x7e,
-	0x3e, 0xac, 0x10, 0x3f, 0x12, 0x41, 0xa4, 0xce, 0x00, 0x26, 0x7e, 0x14, 0x2b, 0xbe, 0x76, 0x2c,
+	0x39, 0x0b, 0xf5, 0x78, 0x2e, 0xa3, 0xd3, 0xac, 0x92, 0xca, 0x39, 0x4a, 0x52, 0x2f, 0x9d, 0xca,
-	0xc5, 0x27, 0x0b, 0xac, 0x85, 0x74, 0x81, 0xf5, 0x8e, 0x0a, 0x0b, 0x3c, 0x80, 0x9c, 0xcd, 0x92,
+	0xcb, 0x5c, 0x3a, 0xb3, 0x2f, 0xba, 0x74, 0xd6, 0xa1, 0xce, 0x3e, 0xac, 0x10, 0xef, 0x8b, 0x4b,
-	0xcb, 0x0d, 0x08, 0xbb, 0xc9, 0x80, 0xc0, 0x63, 0xca, 0xab, 0x39, 0x8b, 0x5f, 0xda, 0xf2, 0xea,
+	0xa4, 0xc6, 0x00, 0x26, 0xde, 0x4f, 0x0c, 0x5f, 0x3d, 0x91, 0xe1, 0xf5, 0x42, 0x6c, 0x3e, 0x5d,
-	0x0e, 0x2f, 0xaf, 0x74, 0xab, 0x12, 0xde, 0x6b, 0x0b, 0x40, 0x5d, 0x54, 0x59, 0x63, 0xa1, 0xec,
+	0x88, 0xbd, 0x1b, 0x5f, 0x0b, 0xfc, 0x02, 0x39, 0x9f, 0x25, 0x97, 0x7b, 0x21, 0xec, 0xe8, 0x17,
-	0xd1, 0x4c, 0x0d, 0x8b, 0xba, 0x82, 0x84, 0xfc, 0xe3, 0x86, 0xe0, 0x31, 0x5c, 0xc1, 0x5f, 0xf4,
+	0x02, 0xbf, 0x53, 0x5e, 0xcf, 0x59, 0xfc, 0xca, 0x96, 0x61, 0xf7, 0x79, 0x19, 0xa6, 0x7a, 0x95,
-	0xd4, 0xa6, 0xa0, 0x73, 0xf6, 0x4e, 0xa6, 0x22, 0x3f, 0x9e, 0xd5, 0xbd, 0x95, 0x2c, 0xc8, 0x4f,
+	0x88, 0x5e, 0x9b, 0x00, 0xf1, 0x41, 0x95, 0xb5, 0x18, 0xca, 0x8a, 0x66, 0x2a, 0x58, 0x34, 0x14,
-	0x66, 0x2e, 0x99, 0x7a, 0x9c, 0x45, 0x62, 0x3b, 0x14, 0xd3, 0xbc, 0x94, 0x6a, 0x08, 0x48, 0x9f,
+	0x68, 0xfa, 0x4f, 0x1a, 0x87, 0x27, 0x08, 0x05, 0x7f, 0x56, 0x53, 0x9b, 0x82, 0x0e, 0xdb, 0xbb,
-	0xd0, 0xfc, 0xe7, 0x91, 0xeb, 0xb9, 0xd1, 0x01, 0x9f, 0xaf, 0xb1, 0x79, 0x90, 0xa0, 0x3e, 0xfb,
+	0x99, 0xca, 0xfd, 0x64, 0x5e, 0xf7, 0xb6, 0x5e, 0xb8, 0x9f, 0xce, 0x5d, 0x32, 0x75, 0x3b, 0xbb,
-	0x1d, 0x88, 0x9f, 0xb9, 0xc4, 0x1a, 0xf9, 0x0e, 0x66, 0xc6, 0x58, 0x35, 0xeb, 0x14, 0xb0, 0xed,
+	0x89, 0xed, 0x50, 0x4c, 0x8b, 0x24, 0x5c, 0x40, 0x7a, 0x84, 0xe6, 0x3f, 0xfb, 0xae, 0xe7, 0x46,
-	0x3b, 0x38, 0xbe, 0x20, 0xf5, 0x13, 0x5d, 0x90, 0x46, 0xea, 0x82, 0xac, 0x41, 0x2d, 0xc4, 0x76,
+	0x07, 0x7c, 0xbe, 0xca, 0xe6, 0x41, 0x82, 0x7a, 0xec, 0xd9, 0x10, 0x3f, 0x77, 0x89, 0x35, 0xf4,
-	0xe4, 0x7b, 0x5d, 0xe0, 0x3f, 0x15, 0xf9, 0x88, 0x3a, 0xf8, 0x29, 0x8e, 0x22, 0xba, 0x81, 0xc8,
+	0x1d, 0xcc, 0x9c, 0x71, 0xce, 0xac, 0x51, 0xc0, 0x96, 0xef, 0xe0, 0xe4, 0x80, 0xd4, 0x4e, 0x75,
-	0x3a, 0xc4, 0x50, 0xcb, 0x8d, 0x16, 0x8b, 0x72, 0xa3, 0x23, 0x5a, 0x73, 0xa9, 0xdc, 0xa8, 0x55,
+	0x40, 0xea, 0xa9, 0x03, 0xb2, 0x0a, 0xd5, 0x10, 0xdb, 0x91, 0xef, 0x75, 0x80, 0x3f, 0x3e, 0xf2,
-	0x94, 0x1b, 0x1d, 0xa7, 0x33, 0xa7, 0x65, 0x7e, 0xed, 0xa3, 0x32, 0xbf, 0x1f, 0xf2, 0xe2, 0xdc,
+	0x11, 0x0d, 0xf0, 0x13, 0x1c, 0x45, 0x74, 0x03, 0x91, 0x75, 0x88, 0xa1, 0x92, 0x1b, 0x2d, 0x14,
-	0x86, 0xf5, 0x8c, 0xa9, 0x8b, 0x9b, 0xf3, 0x76, 0xaa, 0x81, 0xd7, 0x2d, 0x92, 0x82, 0xea, 0xdf,
+	0xe5, 0x46, 0xc7, 0xb4, 0xf0, 0x52, 0xb9, 0x51, 0xb3, 0x28, 0x37, 0x3a, 0x49, 0x07, 0x4f, 0xc9,
-	0xfd, 0x1c, 0x96, 0x76, 0x9f, 0xe1, 0xd1, 0xf0, 0xd0, 0x1b, 0x9d, 0x20, 0x56, 0x77, 0xa0, 0x32,
+	0xfc, 0x5a, 0xc7, 0x65, 0x7e, 0x3f, 0xe5, 0xc1, 0xb9, 0x07, 0x6b, 0x19, 0x57, 0x17, 0x27, 0xe7,
-	0x9a, 0x3a, 0xa2, 0x0c, 0xa6, 0x9f, 0x7a, 0xf4, 0xae, 0x24, 0xa3, 0xb7, 0x05, 0x9d, 0x78, 0x07,
+	0x9d, 0x54, 0xa3, 0xaf, 0x53, 0xa4, 0x85, 0xb8, 0xcf, 0xf7, 0x73, 0x58, 0xdc, 0x79, 0x8e, 0x87,
-	0xc1, 0xe7, 0x1a, 0xe5, 0xd3, 0xa1, 0xc8, 0x94, 0xf8, 0xa2, 0x29, 0x46, 0x02, 0x8e, 0xc3, 0x90,
+	0x83, 0x23, 0x6f, 0x78, 0x8a, 0xbb, 0xba, 0x0d, 0x95, 0xe1, 0xc4, 0x11, 0xe5, 0x32, 0xfd, 0x54,
-	0x9d, 0x9a, 0xc3, 0x71, 0x18, 0x26, 0xcd, 0xb6, 0x92, 0x34, 0x5b, 0xe3, 0x31, 0x34, 0xe9, 0x06,
+	0x6f, 0xef, 0x8a, 0x7e, 0x7b, 0x5b, 0xd0, 0x4e, 0x76, 0x10, 0x7c, 0xae, 0x52, 0x3e, 0x1d, 0x8a,
-	0xdf, 0x89, 0x7d, 0x91, 0xc2, 0x56, 0xe2, 0x14, 0x56, 0x65, 0xc2, 0xf3, 0x5a, 0x26, 0x6c, 0x6c,
+	0x4c, 0x89, 0x2f, 0x98, 0x62, 0x24, 0xe0, 0x38, 0x0c, 0x99, 0xd4, 0x1c, 0x8e, 0xc3, 0x50, 0x77,
-	0xc2, 0x22, 0xdf, 0x4b, 0x1c, 0xa4, 0x03, 0x95, 0x59, 0x38, 0x91, 0x7a, 0x9b, 0x85, 0x13, 0xe3,
+	0xdb, 0x8a, 0xee, 0xb6, 0xc6, 0x53, 0x68, 0xd0, 0x0d, 0x7e, 0x10, 0xfb, 0x22, 0x85, 0xad, 0x24,
-	0xa7, 0xd0, 0xea, 0x13, 0x62, 0x8f, 0x0e, 0x4e, 0xc0, 0x8f, 0xda, 0xab, 0xac, 0xef, 0x65, 0x40,
+	0x29, 0x6c, 0x9c, 0x09, 0xcf, 0x2a, 0x99, 0xb0, 0xb1, 0x01, 0x0b, 0x7c, 0x2f, 0x21, 0x48, 0x1b,
-	0x5b, 0x52, 0x2a, 0xdc, 0x6d, 0x00, 0x68, 0xdf, 0x0f, 0xc9, 0xc7, 0x7e, 0xf8, 0x8d, 0x1d, 0x3a,
+	0x2a, 0xd3, 0x70, 0x2c, 0xed, 0x36, 0x0d, 0xc7, 0xc6, 0xff, 0x43, 0xb3, 0x47, 0x88, 0x3d, 0x3c,
-	0x27, 0xcb, 0x59, 0x11, 0xcc, 0x8b, 0x77, 0x03, 0x95, 0x4b, 0x55, 0x93, 0x7d, 0x1b, 0xaf, 0xc3,
+	0x38, 0x05, 0x3f, 0xf1, 0x5e, 0x65, 0x75, 0x2f, 0x03, 0x5a, 0x92, 0x52, 0xe1, 0x6e, 0x7d, 0x40,
-	0x4a, 0x82, 0x5e, 0xe1, 0xc6, 0xd7, 0xa1, 0xc9, 0xbc, 0x82, 0xc8, 0x8e, 0x2e, 0xe9, 0x9d, 0xad,
+	0x7b, 0x7e, 0x48, 0x3e, 0xf1, 0xc3, 0x6f, 0xed, 0xd0, 0x39, 0x5d, 0xce, 0x8a, 0x60, 0x56, 0xfc,
-	0xa3, 0x5c, 0x07, 0xad, 0x7c, 0xa9, 0xdb, 0x67, 0x70, 0xe5, 0xa3, 0xdf, 0x4c, 0x25, 0x12, 0xab,
+	0x5f, 0x50, 0xb9, 0x3a, 0x67, 0xb2, 0x6f, 0xe3, 0x0d, 0x58, 0xd6, 0xe8, 0x15, 0x6e, 0x7c, 0x0b,
-	0xc9, 0xf5, 0xa9, 0x24, 0xe2, 0x97, 0x50, 0x65, 0xe0, 0x8c, 0x8f, 0xde, 0xa0, 0x85, 0x7e, 0xe0,
+	0x1a, 0x2c, 0x2a, 0x88, 0xec, 0xe8, 0xaa, 0xda, 0x01, 0x3b, 0x2e, 0x74, 0xd0, 0xca, 0x97, 0x86,
-	0x5b, 0xc4, 0x1e, 0xab, 0x97, 0x18, 0x14, 0x70, 0xdf, 0x1e, 0x47, 0xec, 0x21, 0x09, 0x9d, 0x74,
+	0x7d, 0x06, 0x8f, 0x63, 0xf4, 0x5b, 0xa9, 0x44, 0x62, 0x45, 0x5f, 0x9f, 0x4a, 0x22, 0xbe, 0x2b,
-	0xdc, 0x31, 0x8e, 0x88, 0x7c, 0x8e, 0xd1, 0xa4, 0xb0, 0x1d, 0x0e, 0xa2, 0x12, 0x89, 0xdc, 0x5f,
+	0xc1, 0x1c, 0x83, 0x67, 0x82, 0xf4, 0x3a, 0xad, 0xf4, 0x03, 0xdf, 0x22, 0xf6, 0x28, 0xfe, 0x65,
-	0xf0, 0x04, 0x61, 0xde, 0x64, 0xdf, 0xaa, 0x15, 0x55, 0x8d, 0x5b, 0x51, 0xc6, 0xfb, 0x80, 0xf4,
+	0x83, 0x02, 0x1e, 0xd9, 0xa3, 0x88, 0xfd, 0x71, 0x42, 0x27, 0x1d, 0x77, 0x84, 0x23, 0x22, 0xff,
-	0x33, 0x08, 0x21, 0xbd, 0x06, 0x35, 0x76, 0x44, 0x19, 0xb2, 0xda, 0xc9, 0x43, 0x98, 0x62, 0xd6,
+	0xdb, 0x68, 0x50, 0xd8, 0x36, 0x07, 0x51, 0x95, 0x44, 0xee, 0x2f, 0x78, 0x86, 0x30, 0x6b, 0xb2,
-	0xb8, 0x05, 0x88, 0x4b, 0x25, 0x11, 0xa6, 0x8e, 0x2f, 0xc1, 0xf7, 0x60, 0x25, 0xb1, 0x5e, 0xfd,
+	0x6f, 0xf9, 0xb0, 0xcc, 0x63, 0x2d, 0x7b, 0x58, 0xee, 0x42, 0x2d, 0xd5, 0xe3, 0x88, 0xc7, 0xc6,
-	0xef, 0x4b, 0x10, 0x48, 0xef, 0x2e, 0x16, 0xff, 0xb3, 0x04, 0xd0, 0x9f, 0x91, 0x03, 0x51, 0xc0,
+	0x07, 0x80, 0x54, 0xf1, 0x84, 0xfe, 0xae, 0x40, 0x95, 0x49, 0x2f, 0x6f, 0xb3, 0x96, 0x2e, 0x9f,
-	0xf7, 0xa0, 0x4e, 0x4f, 0xa4, 0xb5, 0x1d, 0xd4, 0x98, 0xce, 0x05, 0x76, 0x14, 0x7d, 0xe3, 0x87,
+	0x29, 0x66, 0x8d, 0xbb, 0x80, 0xb8, 0xc2, 0xb4, 0x1b, 0xec, 0xe4, 0xca, 0x7d, 0x1f, 0x96, 0xb5,
-	0x32, 0x0f, 0x53, 0x63, 0x56, 0x7c, 0xcf, 0xc8, 0x81, 0x6c, 0xbc, 0xd1, 0x6f, 0x74, 0x11, 0xda,
+	0xf5, 0xf1, 0x93, 0xa1, 0x46, 0x20, 0xbd, 0xbb, 0x58, 0xfc, 0x8f, 0x12, 0x40, 0x6f, 0x4a, 0x0e,
-	0xfc, 0x45, 0x8c, 0x65, 0x3b, 0x4e, 0x88, 0xa3, 0x48, 0x74, 0xe0, 0x5a, 0x1c, 0xda, 0xe7, 0x40,
+	0x44, 0x6d, 0xaf, 0x4a, 0x59, 0xd2, 0xa5, 0xa4, 0x73, 0x81, 0x1d, 0x45, 0xdf, 0xfa, 0xa1, 0x4c,
-	0x8a, 0xe6, 0x3a, 0xd8, 0x23, 0x2e, 0x39, 0xb4, 0x88, 0xff, 0x04, 0x7b, 0x42, 0xb4, 0x2d, 0x09,
+	0xd1, 0xe2, 0x31, 0xab, 0xcb, 0xa7, 0xe4, 0x40, 0xf6, 0xee, 0xe8, 0x37, 0xba, 0x0c, 0x2d, 0xfe,
-	0xbd, 0x4f, 0x81, 0x14, 0x2d, 0xc4, 0x63, 0x37, 0x22, 0xa1, 0x44, 0xab, 0x71, 0x34, 0x09, 0x65,
+	0x53, 0x8d, 0x65, 0x3b, 0x4e, 0x88, 0xa3, 0x48, 0x34, 0xf1, 0x9a, 0x1c, 0xda, 0xe3, 0x40, 0x8a,
-	0x68, 0xc6, 0xb7, 0x25, 0xe8, 0xec, 0xcf, 0x26, 0x13, 0x7e, 0xc8, 0x93, 0xca, 0x12, 0xbd, 0x2e,
+	0xe6, 0x3a, 0xd8, 0x23, 0x2e, 0x39, 0xb2, 0x88, 0xff, 0x0c, 0x7b, 0x22, 0xf9, 0x6a, 0x4a, 0xe8,
-	0xce, 0x51, 0x4e, 0xb5, 0xe1, 0x62, 0x11, 0x89, 0xc3, 0x7d, 0xf7, 0x72, 0x6d, 0x05, 0x96, 0x35,
+	0x23, 0x0a, 0xa4, 0x68, 0x21, 0x1e, 0xb9, 0x11, 0x09, 0x25, 0x9a, 0xec, 0x34, 0x09, 0x28, 0x43,
-	0x46, 0x45, 0xa5, 0x71, 0x0b, 0x10, 0x2f, 0x42, 0x5e, 0x8c, 0x7f, 0xe3, 0x14, 0xac, 0x24, 0xd6,
+	0x33, 0xbe, 0x2f, 0x41, 0x7b, 0x6f, 0x3a, 0x1e, 0x73, 0x21, 0x4f, 0xab, 0x4b, 0xf4, 0x86, 0x90,
-	0x0b, 0xb2, 0x57, 0xa0, 0x25, 0x7e, 0x9e, 0x09, 0x3d, 0x9f, 0x86, 0x3a, 0xf5, 0x08, 0x23, 0xd7,
+	0xa3, 0x9c, 0xea, 0xe4, 0x25, 0x2a, 0x12, 0xc2, 0xfd, 0xf0, 0x4a, 0x6e, 0x19, 0x96, 0x14, 0x46,
-	0x91, 0x4d, 0xd5, 0x85, 0xc0, 0x77, 0xb6, 0x5d, 0x27, 0x34, 0x06, 0xd0, 0x32, 0x39, 0x79, 0x81,
+	0x45, 0x11, 0x72, 0x17, 0x10, 0xaf, 0x4f, 0x5e, 0x8e, 0x7f, 0xe3, 0x0c, 0x2c, 0x6b, 0xeb, 0x05,
-	0x7b, 0x13, 0xda, 0xe2, 0x57, 0x9b, 0x95, 0xf8, 0x19, 0x1d, 0x77, 0x00, 0x13, 0xb4, 0xcd, 0x96,
+	0xd9, 0xeb, 0xd0, 0x14, 0xef, 0x6f, 0xc2, 0xce, 0x67, 0xa1, 0x46, 0x83, 0xc5, 0xd0, 0x75, 0x64,
-	0xa7, 0x0f, 0x8d, 0xaf, 0xa0, 0xf7, 0x20, 0x70, 0x68, 0x4a, 0xa3, 0x53, 0x95, 0x47, 0xbb, 0x09,
+	0x5f, 0x76, 0x3e, 0xf0, 0x9d, 0x2d, 0xd7, 0x09, 0x8d, 0x3e, 0x34, 0x4d, 0x4e, 0x5e, 0xe0, 0xde,
-	0xf2, 0x51, 0x56, 0x11, 0xf1, 0xe4, 0xb2, 0x56, 0xa8, 0x0f, 0x8d, 0x33, 0xb0, 0x91, 0x4b, 0x5c,
+	0x81, 0x96, 0x78, 0xad, 0xb3, 0xb4, 0xf7, 0xec, 0xa4, 0x89, 0xa8, 0xd1, 0x36, 0x9b, 0x9e, 0x3a,
-	0x9c, 0x3b, 0x80, 0x4e, 0x3c, 0xe1, 0xb8, 0xb2, 0x97, 0xcc, 0x7a, 0xc4, 0x25, 0xad, 0x47, 0xbc,
+	0x34, 0xbe, 0x86, 0xee, 0xe3, 0xc0, 0xa1, 0xd9, 0x8e, 0x4a, 0x55, 0x8a, 0x76, 0x07, 0xe4, 0x7f,
-	0xa6, 0xe2, 0x24, 0xf7, 0xb8, 0x62, 0xa4, 0xa5, 0x2e, 0x95, 0xa2, 0xd4, 0x65, 0x3e, 0x91, 0xba,
+	0x5d, 0x45, 0xc4, 0xf5, 0x65, 0xcd, 0x50, 0x1d, 0x1a, 0xe7, 0x60, 0x3d, 0x97, 0xb8, 0x90, 0x3b,
-	0x18, 0x9f, 0x2a, 0xe9, 0x89, 0xbc, 0xf1, 0x5d, 0x96, 0xbc, 0xf2, 0xbd, 0xa5, 0x27, 0x38, 0x9d,
+	0x80, 0x76, 0x32, 0xe1, 0xb8, 0xb2, 0x1d, 0xcd, 0xda, 0xcc, 0x25, 0xa5, 0xcd, 0xbc, 0x1a, 0x5f,
-	0x73, 0x38, 0x8e, 0x61, 0x6a, 0xc8, 0xc6, 0x12, 0xb4, 0x12, 0x3e, 0xc1, 0xf8, 0x10, 0xda, 0xa9,
+	0xa1, 0x3c, 0x18, 0x8b, 0x91, 0x92, 0xd5, 0x54, 0x8a, 0xb2, 0x9a, 0x59, 0x2d, 0xab, 0x31, 0x3e,
-	0x4b, 0x7e, 0x35, 0x15, 0xe0, 0x33, 0x62, 0x4b, 0x86, 0xf7, 0x2b, 0xaf, 0x40, 0x5d, 0xbe, 0x1d,
+	0x8b, 0xb5, 0x27, 0x52, 0xca, 0xf7, 0x58, 0x5e, 0xcb, 0xf7, 0x96, 0x91, 0xe0, 0x6c, 0x8e, 0x70,
-	0x43, 0x0b, 0x50, 0xb9, 0xbf, 0xbd, 0xdf, 0x99, 0xa3, 0x1f, 0x0f, 0x76, 0xf6, 0x3b, 0xa5, 0x2b,
+	0x1c, 0xc3, 0x54, 0x90, 0x8d, 0x45, 0x68, 0x6a, 0x31, 0xc1, 0xf8, 0x08, 0x5a, 0xa9, 0x43, 0x7e,
-	0x37, 0x60, 0x29, 0xf5, 0x5b, 0x08, 0x2d, 0x43, 0x6b, 0xd8, 0x1f, 0xec, 0x7c, 0x74, 0xef, 0x0b,
+	0x23, 0x75, 0xf7, 0x67, 0xd4, 0xa6, 0xdf, 0xfc, 0xd7, 0x5f, 0x83, 0x9a, 0xfc, 0xfd, 0x0c, 0xcd,
-	0xcb, 0xdc, 0xed, 0xef, 0x7c, 0xd9, 0x99, 0x43, 0xab, 0xd0, 0x91, 0xa0, 0xc1, 0xbd, 0xfb, 0x1c,
+	0x43, 0xe5, 0xd1, 0xd6, 0x5e, 0x7b, 0x86, 0x7e, 0x3c, 0xde, 0xde, 0x6b, 0x97, 0xae, 0xdf, 0x86,
-	0x5a, 0xba, 0xf2, 0x04, 0xda, 0xc9, 0x0c, 0x16, 0x9d, 0x82, 0xe5, 0xed, 0x7b, 0x83, 0xfb, 0xfd,
+	0xc5, 0xd4, 0xcb, 0x12, 0x5a, 0x82, 0xe6, 0xa0, 0xd7, 0xdf, 0xfe, 0xf8, 0xe1, 0x97, 0x96, 0xb9,
-	0xbd, 0xc1, 0xae, 0x69, 0x6d, 0x9b, 0xbb, 0xfd, 0xfb, 0xbb, 0x3b, 0x9d, 0xb9, 0x24, 0xd8, 0x7c,
+	0xd3, 0xdb, 0xfe, 0xaa, 0x3d, 0x83, 0x56, 0xa0, 0x2d, 0x41, 0xfd, 0x87, 0x8f, 0x38, 0xb4, 0x74,
-	0x30, 0x18, 0xec, 0x0d, 0x3e, 0xe9, 0x94, 0x28, 0xd5, 0x18, 0xbc, 0xfb, 0xc5, 0x1e, 0x45, 0x2e,
+	0xfd, 0x19, 0xb4, 0xf4, 0xe4, 0x16, 0x9d, 0x81, 0xa5, 0xad, 0x87, 0xfd, 0x47, 0xbd, 0xdd, 0xfe,
-	0x27, 0x91, 0x1f, 0x0c, 0x6e, 0x0f, 0xee, 0xfd, 0x6c, 0xd0, 0xa9, 0x6c, 0xfd, 0xb9, 0x09, 0x6d,
+	0x8e, 0x69, 0x6d, 0x99, 0x3b, 0xbd, 0x47, 0x3b, 0xdb, 0xed, 0x19, 0x1d, 0x6c, 0x3e, 0xee, 0xf7,
-	0x79, 0x40, 0x1c, 0xb2, 0xa6, 0xe7, 0x2d, 0x58, 0x90, 0xcf, 0xfa, 0xe2, 0x9c, 0x3a, 0xf9, 0x06,
+	0x77, 0xfb, 0x9f, 0xb6, 0x4b, 0x94, 0x6a, 0x02, 0xde, 0xf9, 0x72, 0x97, 0x22, 0x97, 0x75, 0xe4,
-	0xb1, 0xd7, 0xcd, 0x4e, 0x08, 0x43, 0x99, 0x43, 0xfb, 0x4c, 0x71, 0xda, 0x2f, 0xb8, 0x33, 0xba,
+	0xc7, 0xfd, 0x7b, 0xfd, 0x87, 0x3f, 0xeb, 0xb7, 0x2b, 0x9b, 0x7f, 0x6a, 0x40, 0x4b, 0x0a, 0x88,
-	0x28, 0x33, 0xff, 0xf8, 0x7a, 0x67, 0x8b, 0xa6, 0x15, 0xc5, 0x21, 0xd5, 0x96, 0xfe, 0x16, 0x02,
+	0x43, 0xd6, 0x0f, 0xbd, 0x0b, 0xf3, 0xf2, 0xcf, 0xc0, 0x24, 0xdd, 0xd6, 0x7f, 0x63, 0xec, 0x76,
-	0xc5, 0x6b, 0x72, 0xdf, 0x58, 0xf4, 0xce, 0x15, 0xce, 0x2b, 0xa2, 0x5f, 0x42, 0x27, 0xfd, 0x0a,
+	0xb2, 0x13, 0xc2, 0x51, 0x66, 0xd0, 0x1e, 0x33, 0x9c, 0xf2, 0x8a, 0x77, 0x4e, 0x55, 0x65, 0xe6,
-	0x02, 0xc5, 0xcd, 0xeb, 0x82, 0x17, 0x16, 0xbd, 0xf3, 0x47, 0x60, 0xe8, 0xa4, 0x33, 0xef, 0x05,
+	0x99, 0xb0, 0x7b, 0xbe, 0x68, 0x3a, 0xa6, 0x38, 0xa0, 0xd6, 0x52, 0x7f, 0xa7, 0x40, 0xc9, 0x9a,
-	0x36, 0x8b, 0xff, 0xf8, 0x66, 0x48, 0x17, 0xfd, 0x46, 0xe6, 0xa2, 0x48, 0xfe, 0x3a, 0x43, 0xfa,
+	0xdc, 0xdf, 0x34, 0xba, 0x17, 0x0a, 0xe7, 0x63, 0xa2, 0x5f, 0x41, 0x3b, 0xfd, 0x23, 0x05, 0x4a,
-	0x5f, 0xfa, 0x9c, 0x5f, 0xa8, 0x9a, 0x28, 0xf2, 0xff, 0xb9, 0x19, 0x73, 0xe8, 0x73, 0x58, 0x4a,
+	0xfa, 0xda, 0x05, 0x3f, 0x69, 0x74, 0x2f, 0x1e, 0x83, 0xa1, 0x92, 0xce, 0xfc, 0x72, 0xb0, 0x51,
-	0xf5, 0xbb, 0x50, 0xbc, 0x2a, 0xbf, 0x7b, 0xd7, 0xdb, 0x2c, 0x46, 0x48, 0xea, 0x4d, 0xef, 0x66,
+	0xfc, 0x68, 0x9c, 0x21, 0x5d, 0xf4, 0x12, 0xcd, 0x55, 0xa1, 0xbf, 0xbe, 0x21, 0xf5, 0xa1, 0x3f,
-	0x25, 0xf4, 0x96, 0xd3, 0x22, 0x4b, 0xe8, 0x2d, 0xb7, 0x0d, 0xc6, 0xcc, 0x2b, 0xd1, 0xb3, 0xd2,
+	0xe7, 0x15, 0x56, 0x51, 0x45, 0xfe, 0xb3, 0x9d, 0x31, 0x83, 0xbe, 0x80, 0xc5, 0x54, 0x2b, 0x0c,
-	0xcc, 0x2b, 0xaf, 0x41, 0xd6, 0x3b, 0x5b, 0x34, 0xad, 0x1f, 0x3f, 0xd5, 0xaf, 0xd2, 0x8e, 0x9f,
+	0x25, 0xab, 0xf2, 0x1b, 0x7b, 0xdd, 0x8d, 0x62, 0x04, 0xdd, 0x6e, 0x6a, 0xa3, 0x4b, 0xb3, 0x5b,
-	0xdf, 0x06, 0xeb, 0x6d, 0x16, 0x23, 0xa4, 0x75, 0x15, 0xd7, 0xe1, 0x29, 0x5d, 0x65, 0xda, 0x3e,
+	0x4e, 0xf7, 0x4c, 0xb3, 0x5b, 0x6e, 0x87, 0x8c, 0xb9, 0x97, 0xd6, 0xce, 0x52, 0xdc, 0x2b, 0xaf,
-	0x29, 0x5d, 0x65, 0x0b, 0x78, 0xa1, 0xab, 0x54, 0x41, 0x7d, 0xae, 0xb0, 0x16, 0xc9, 0xea, 0x2a,
+	0x77, 0xd6, 0x3d, 0x5f, 0x34, 0xad, 0x8a, 0x9f, 0x6a, 0x65, 0x29, 0xe2, 0xe7, 0x77, 0xc8, 0xba,
-	0xbf, 0xbc, 0x31, 0xe6, 0x50, 0x1f, 0xea, 0xb2, 0x98, 0x40, 0xf1, 0xed, 0x4e, 0x55, 0x30, 0xbd,
+	0x1b, 0xc5, 0x08, 0x69, 0x5b, 0x25, 0x25, 0x7a, 0xca, 0x56, 0x99, 0x8e, 0x50, 0xca, 0x56, 0xd9,
-	0xd3, 0x39, 0x33, 0x8a, 0xc4, 0x8f, 0x61, 0x9e, 0x42, 0xd1, 0x6a, 0x02, 0x49, 0x2e, 0x3d, 0x95,
+	0xda, 0x5e, 0xd8, 0x2a, 0x55, 0x6b, 0x5f, 0x28, 0x2c, 0x53, 0xb2, 0xb6, 0xca, 0xaf, 0x7c, 0x8c,
-	0x82, 0xaa, 0x65, 0xef, 0x41, 0x8d, 0x67, 0xe3, 0x28, 0xf6, 0xb9, 0x89, 0x44, 0xbf, 0xb7, 0x9e,
+	0x19, 0xd4, 0x83, 0x9a, 0xac, 0x33, 0x50, 0x72, 0xba, 0x53, 0xc5, 0x4d, 0xf7, 0x6c, 0xce, 0x4c,
-	0x81, 0xab, 0xc5, 0x9f, 0xf2, 0xa7, 0xbe, 0x22, 0xad, 0x46, 0x1b, 0x89, 0x07, 0x76, 0xc9, 0xe4,
+	0x4c, 0xe2, 0x7f, 0x61, 0x96, 0x42, 0xd1, 0x8a, 0x86, 0x24, 0x97, 0x9e, 0x49, 0x41, 0xe3, 0x65,
-	0xbd, 0xf7, 0x4a, 0xfe, 0xa4, 0xa2, 0xf5, 0x10, 0x56, 0x72, 0x42, 0x20, 0x8a, 0x7b, 0x3f, 0xc5,
+	0xef, 0x43, 0x95, 0x27, 0xea, 0x28, 0x89, 0xb9, 0x5a, 0x0d, 0xd0, 0x5d, 0xcb, 0xc0, 0xe3, 0xc5,
-	0xd1, 0xb7, 0x77, 0xe1, 0x68, 0x24, 0xfd, 0xb0, 0x42, 0x6b, 0x6b, 0xba, 0xa9, 0x6b, 0xca, 0x5a,
+	0x9f, 0xf1, 0xbf, 0x85, 0x45, 0xc6, 0x8d, 0xd6, 0xb5, 0x7f, 0xf4, 0xf4, 0xbc, 0xbe, 0xfb, 0x5a,
-	0xcf, 0xc0, 0xe5, 0xe2, 0xad, 0xbf, 0x95, 0x61, 0x91, 0x27, 0x2a, 0xc2, 0x55, 0x7f, 0x02, 0x10,
+	0xfe, 0x64, 0x4c, 0xeb, 0x09, 0x2c, 0xe7, 0x5c, 0x81, 0x28, 0x69, 0x0b, 0x15, 0xdf, 0xbe, 0xdd,
-	0xa7, 0xcb, 0xa8, 0x97, 0xb0, 0x9e, 0x44, 0x1d, 0xd0, 0xdb, 0xc8, 0x9d, 0xd3, 0xc5, 0xa8, 0x65,
+	0x4b, 0xc7, 0x23, 0xa9, 0xc2, 0x0a, 0xab, 0xad, 0xaa, 0xae, 0xae, 0x18, 0x6b, 0x2d, 0x03, 0x97,
-	0xbe, 0x9a, 0x18, 0xb3, 0xf9, 0xb4, 0x26, 0xc6, 0x9c, 0x64, 0xd9, 0x98, 0x43, 0x3b, 0xd0, 0x50,
+	0x8b, 0x37, 0xff, 0x5a, 0x86, 0x05, 0x9e, 0xa8, 0x88, 0x50, 0xfd, 0x29, 0x40, 0x92, 0x2e, 0xa3,
-	0xe9, 0x18, 0xd2, 0xb2, 0xb8, 0x54, 0x2e, 0xd9, 0xeb, 0xe5, 0x4d, 0xe9, 0x1c, 0x69, 0xf9, 0x97,
+	0xae, 0xe6, 0x3d, 0x5a, 0x89, 0xd0, 0x5d, 0xcf, 0x9d, 0x53, 0xd5, 0xa8, 0x64, 0xbe, 0x8a, 0x1a,
-	0xc6, 0x51, 0x36, 0xab, 0xd3, 0x38, 0xca, 0x4b, 0xd9, 0xe6, 0xfe, 0x1b, 0x00, 0x00, 0xff, 0xff,
+	0xb3, 0xf9, 0xb4, 0xa2, 0xc6, 0x9c, 0x64, 0xd9, 0x98, 0x41, 0xdb, 0x50, 0x8f, 0xd3, 0x31, 0xa4,
-	0xce, 0x7b, 0x46, 0x5c, 0x58, 0x2f, 0x00, 0x00,
+	0x64, 0x71, 0xa9, 0x5c, 0xb2, 0xdb, 0xcd, 0x9b, 0x52, 0x39, 0x52, 0xf2, 0x2f, 0x85, 0xa3, 0x6c,
+	0x56, 0xa7, 0x70, 0x94, 0x97, 0xb2, 0xcd, 0xfc, 0x3b, 0x00, 0x00, 0xff, 0xff, 0x6b, 0xf3, 0x7c,
+	0x10, 0x9b, 0x2f, 0x00, 0x00,
 }

pkg/kubelet/api/v1alpha1/runtime/api.proto

@@ -160,9 +160,8 @@ message LinuxSandboxSecurityContext {
     optional NamespaceOption namespace_options = 1;
     // Optional SELinux context to be applied.
     optional SELinuxOption selinux_options = 2;
-    // User to run the entrypoint of the sandbox process. Can be either UID or
+    // UID to run sandbox processes as, when applicable.
-    // user name.
+    optional int64 run_as_user = 3;
-    optional string run_as_user = 3;
     // If set, the root filesystem of the sandbox is read-only.
     optional bool readonly_rootfs = 4;
     // List of groups applied to the first process run in the sandbox, in
@@ -441,15 +440,18 @@ message LinuxContainerSecurityContext {
     optional NamespaceOption namespace_options = 3;
     // SELinux context to be optionally applied.
     optional SELinuxOption selinux_options = 4;
-    // The user to run the the container process as. Can be either UID or user
+    // UID to run the container process as. Only one of run_as_user and
-    // name.
+    // run_as_username can be specified at a time.
-    // Defaults to user specified in image metadata if unspecified.
+    optional int64 run_as_user = 5;
-    optional string run_as_user = 5;
+    // User name to run the container process as. If specified, the user MUST
+    // exist in the container image (i.e. in the /etc/passwd inside the image),
+    // and be resolved there by the runtime; otherwise, the runtime MUST error.
+    optional string run_as_username = 6;
     // If set, the root filesystem of the container is read-only.
-    optional bool readonly_rootfs = 6;
+    optional bool readonly_rootfs = 7;
     // List of groups applied to the first process run in the container, in
     // addition to the container's primary GID.
-    repeated int64 supplemental_groups = 7;
+    repeated int64 supplemental_groups = 8;
 }
 
 // LinuxContainerConfig contains platform-specific configuration for
@@ -761,8 +763,13 @@ message Image {
     repeated string repo_digests = 3;
     // Size of the image in bytes.
     optional uint64 size = 4;
-    // User that will run the command(s).
+    // UID that will run the command(s). This is used as a default if no user is
-    optional string user = 5;
+    // specified when creating the container. UID and the following user name
+    // are mutually exclusive.
+    optional int64 uid = 5;
+    // User name that will run the command(s). This is used if UID is not set
+    // and no user is specified when creating container.
+    optional string username = 6;
 }
 
 message ListImagesResponse {

pkg/kubelet/dockershim/convert.go

@@ -24,7 +24,6 @@ import (
 	dockertypes "github.com/docker/engine-api/types"
 
 	runtimeApi "k8s.io/kubernetes/pkg/kubelet/api/v1alpha1/runtime"
-	"k8s.io/kubernetes/pkg/kubelet/dockertools"
 )
 
 // This file contains helper functions to convert docker API types to runtime
@@ -57,14 +56,15 @@ func imageInspectToRuntimeAPIImage(image *dockertypes.ImageInspect) (*runtimeApi
 	}
 
 	size := uint64(image.VirtualSize)
-	user := dockertools.GetUserFromImageUser(image.Config.User)
+	runtimeImage := &runtimeApi.Image{
-	return &runtimeApi.Image{
 		Id:          &image.ID,
 		RepoTags:    image.RepoTags,
 		RepoDigests: image.RepoDigests,
 		Size_:       &size,
-		User:        &user,
+	}
-	}, nil
+
+	runtimeImage.Uid, runtimeImage.Username = getUserFromImageUser(image.Config.User)
+	return runtimeImage, nil
 }
 
 func toPullableImageID(id string, image *dockertypes.ImageInspect) string {

pkg/kubelet/dockershim/helpers.go

@@ -264,3 +264,21 @@ func (f *dockerFilter) Add(key, value string) {
 func (f *dockerFilter) AddLabel(key, value string) {
 	f.Add("label", fmt.Sprintf("%s=%s", key, value))
 }
+
+// getUserFromImageUser gets uid or user name of the image user.
+// If user is numeric, it will be treated as uid; or else, it is treated as user name.
+func getUserFromImageUser(imageUser string) (*int64, *string) {
+	user := dockertools.GetUserFromImageUser(imageUser)
+	// return both nil if user is not specified in the image.
+	if user == "" {
+		return nil, nil
+	}
+	// user could be either uid or user name. Try to interpret as numeric uid.
+	uid, err := strconv.ParseInt(user, 10, 64)
+	if err != nil {
+		// If user is non numeric, assume it's user name.
+		return nil, &user
+	}
+	// If user is a numeric uid.
+	return &uid, nil
+}

pkg/kubelet/dockershim/helpers_test.go

@@ -187,3 +187,43 @@ func TestGetSystclsFromAnnotations(t *testing.T) {
 		assert.Equal(t, test.expectedSysctls, actual, "TestCase[%d]", i)
 	}
 }
+
+// TestGetUserFromImageUser tests the logic of getting image uid or user name of image user.
+func TestGetUserFromImageUser(t *testing.T) {
+	newI64 := func(i int64) *int64 { return &i }
+	newStr := func(s string) *string { return &s }
+	for c, test := range map[string]struct {
+		user string
+		uid  *int64
+		name *string
+	}{
+		"no gid": {
+			user: "0",
+			uid:  newI64(0),
+		},
+		"uid/gid": {
+			user: "0:1",
+			uid:  newI64(0),
+		},
+		"empty user": {
+			user: "",
+		},
+		"multiple spearators": {
+			user: "1:2:3",
+			uid:  newI64(1),
+		},
+		"root username": {
+			user: "root:root",
+			name: newStr("root"),
+		},
+		"username": {
+			user: "test:test",
+			name: newStr("test"),
+		},
+	} {
+		t.Logf("TestCase - %q", c)
+		actualUID, actualName := getUserFromImageUser(test.user)
+		assert.Equal(t, test.uid, actualUID)
+		assert.Equal(t, test.name, actualName)
+	}
+}

pkg/kubelet/dockershim/security_context.go

@@ -61,7 +61,15 @@ func applyContainerSecurityContext(lc *runtimeapi.LinuxContainerConfig, sandboxI
 
 // modifyContainerConfig applies container security context config to dockercontainer.Config.
 func modifyContainerConfig(sc *runtimeapi.LinuxContainerSecurityContext, config *dockercontainer.Config) {
-	config.User = sc.GetRunAsUser()
+	if sc == nil {
+		return
+	}
+	if sc.RunAsUser != nil {
+		config.User = strconv.FormatInt(sc.GetRunAsUser(), 10)
+	}
+	if sc.RunAsUsername != nil {
+		config.User = sc.GetRunAsUsername()
+	}
 }
 
 // modifyHostConfig applies security context config to dockercontainer.HostConfig.

pkg/kubelet/dockershim/security_context_test.go

@@ -18,6 +18,7 @@ package dockershim
 
 import (
 	"fmt"
+	"strconv"
 	"testing"
 
 	dockercontainer "github.com/docker/engine-api/types/container"
@@ -28,7 +29,8 @@ import (
 )
 
 func TestModifyContainerConfig(t *testing.T) {
-	var uid string = "123"
+	var uid int64 = 123
+	var username string = "testuser"
 
 	cases := []struct {
 		name     string
@@ -41,7 +43,16 @@ func TestModifyContainerConfig(t *testing.T) {
 				RunAsUser: &uid,
 			},
 			expected: &dockercontainer.Config{
-				User: uid,
+				User: strconv.FormatInt(uid, 10),
+			},
+		},
+		{
+			name: "container.SecurityContext.RunAsUsername set",
+			sc: &runtimeapi.LinuxContainerSecurityContext{
+				RunAsUsername: &username,
+			},
+			expected: &dockercontainer.Config{
+				User: username,
 			},
 		},
 		{

pkg/kubelet/kuberuntime/BUILD

@@ -58,7 +58,6 @@ go_library(
         "//vendor:github.com/coreos/go-semver/semver",
         "//vendor:github.com/docker/docker/pkg/jsonlog",
         "//vendor:github.com/fsnotify/fsnotify",
-        "//vendor:github.com/gogo/protobuf/proto",
         "//vendor:github.com/golang/glog",
         "//vendor:github.com/google/cadvisor/info/v1",
     ],

pkg/kubelet/kuberuntime/helpers.go

@@ -146,19 +146,24 @@ func getContainerSpec(pod *api.Pod, containerName string) *api.Container {
 	return nil
 }
 
-// getImageUID gets uid that will run the command(s) from image.
+// getImageUser gets uid or user name that will run the command(s) from image. The function
-func (m *kubeGenericRuntimeManager) getImageUser(image string) (string, error) {
+// guarantees that only one of them is set.
+func (m *kubeGenericRuntimeManager) getImageUser(image string) (*int64, *string, error) {
 	imageStatus, err := m.imageService.ImageStatus(&runtimeApi.ImageSpec{Image: &image})
 	if err != nil {
-		return "", err
+		return nil, nil, err
 	}
 
-	user := imageStatus.GetUser()
+	if imageStatus != nil && imageStatus.Uid != nil {
-	// kuberuntime treats empty user as root.
+		// If uid is set, return uid.
-	if user == "" {
+		return imageStatus.Uid, nil, nil
-		return "0", nil
 	}
-	return user, nil
+	if imageStatus != nil && imageStatus.Username != nil {
+		// If uid is not set, but user name is set, return user name.
+		return nil, imageStatus.Username, nil
+	}
+	// If non of them is set, treat it as root.
+	return new(int64), nil, nil
 }
 
 // isContainerFailed returns true if container has exited and exitcode is not zero.

pkg/kubelet/kuberuntime/kuberuntime_container.go

@@ -135,14 +135,18 @@ func (m *kubeGenericRuntimeManager) generateContainerConfig(container *api.Conta
 		return nil, err
 	}
 
-	// Verify RunAsNonRoot.
+	uid, username, err := m.getImageUser(container.Image)
-	imageUser, err := m.getImageUser(container.Image)
 	if err != nil {
 		return nil, err
 	}
-	if err := verifyRunAsNonRoot(pod, container, imageUser); err != nil {
+	if uid != nil {
+		// Verify RunAsNonRoot. Non-root verification only supports numeric user.
+		if err := verifyRunAsNonRoot(pod, container, *uid); err != nil {
 			return nil, err
 		}
+	} else {
+		glog.Warningf("Non-root verification doesn't support non-numeric user (%s)", *username)
+	}
 
 	command, args := kubecontainer.ExpandContainerCommandAndArgs(container, opts.Envs)
 	containerLogsPath := buildContainerLogsPath(container.Name, restartCount)
@@ -164,7 +168,7 @@ func (m *kubeGenericRuntimeManager) generateContainerConfig(container *api.Conta
 		Stdin:       &container.Stdin,
 		StdinOnce:   &container.StdinOnce,
 		Tty:         &container.TTY,
-		Linux:       m.generateLinuxContainerConfig(container, pod, imageUser),
+		Linux:       m.generateLinuxContainerConfig(container, pod, uid, username),
 	}
 
 	// set environment variables
@@ -182,10 +186,10 @@ func (m *kubeGenericRuntimeManager) generateContainerConfig(container *api.Conta
 }
 
 // generateLinuxContainerConfig generates linux container config for kubelet runtime api.
-func (m *kubeGenericRuntimeManager) generateLinuxContainerConfig(container *api.Container, pod *api.Pod, imageUser string) *runtimeApi.LinuxContainerConfig {
+func (m *kubeGenericRuntimeManager) generateLinuxContainerConfig(container *api.Container, pod *api.Pod, uid *int64, username *string) *runtimeApi.LinuxContainerConfig {
 	lc := &runtimeApi.LinuxContainerConfig{
 		Resources:       &runtimeApi.LinuxContainerResources{},
-		SecurityContext: m.determineEffectiveSecurityContext(pod, container, imageUser),
+		SecurityContext: m.determineEffectiveSecurityContext(pod, container, uid, username),
 	}
 
 	// set linux container resources

pkg/kubelet/kuberuntime/kuberuntime_sandbox.go

@@ -146,7 +146,7 @@ func (m *kubeGenericRuntimeManager) generatePodSandboxLinuxConfig(pod *api.Pod,
 				HostIpc:     &sc.HostIPC,
 				HostPid:     &sc.HostPID,
 			},
-			RunAsUser: convertToRuntimeRunAsUser(sc.RunAsUser),
+			RunAsUser: sc.RunAsUser,
 		}
 
 		if sc.FSGroup != nil {

pkg/kubelet/kuberuntime/security_context.go

@@ -18,10 +18,6 @@ package kuberuntime
 
 import (
 	"fmt"
-	"strconv"
-
-	"github.com/gogo/protobuf/proto"
-	"github.com/golang/glog"
 
 	"k8s.io/kubernetes/pkg/api"
 	runtimeapi "k8s.io/kubernetes/pkg/kubelet/api/v1alpha1/runtime"
@@ -29,7 +25,7 @@ import (
 )
 
 // determineEffectiveSecurityContext gets container's security context from api.Pod and api.Container.
-func (m *kubeGenericRuntimeManager) determineEffectiveSecurityContext(pod *api.Pod, container *api.Container, imageUser string) *runtimeapi.LinuxContainerSecurityContext {
+func (m *kubeGenericRuntimeManager) determineEffectiveSecurityContext(pod *api.Pod, container *api.Container, uid *int64, username *string) *runtimeapi.LinuxContainerSecurityContext {
 	effectiveSc := securitycontext.DetermineEffectiveSecurityContext(pod, container)
 	synthesized := convertToRuntimeSecurityContext(effectiveSc)
 	if synthesized == nil {
@@ -38,7 +34,8 @@ func (m *kubeGenericRuntimeManager) determineEffectiveSecurityContext(pod *api.P
 
 	// set RunAsUser.
 	if synthesized.RunAsUser == nil {
-		synthesized.RunAsUser = &imageUser
+		synthesized.RunAsUser = uid
+		synthesized.RunAsUsername = username
 	}
 
 	// set namespace options and supplemental groups.
@@ -65,7 +62,7 @@ func (m *kubeGenericRuntimeManager) determineEffectiveSecurityContext(pod *api.P
 }
 
 // verifyRunAsNonRoot verifies RunAsNonRoot.
-func verifyRunAsNonRoot(pod *api.Pod, container *api.Container, imageUser string) error {
+func verifyRunAsNonRoot(pod *api.Pod, container *api.Container, uid int64) error {
 	effectiveSc := securitycontext.DetermineEffectiveSecurityContext(pod, container)
 	if effectiveSc == nil || effectiveSc.RunAsNonRoot == nil {
 		return nil
@@ -78,15 +75,6 @@ func verifyRunAsNonRoot(pod *api.Pod, container *api.Container, imageUser string
 		return nil
 	}
 
-	// Non-root verification only supports numeric user now. For non-numeric user,
-	// just return nil to by-pass the verfication.
-	// TODO: Support non-numeric user.
-	uid, err := strconv.ParseInt(imageUser, 10, 64)
-	if err != nil {
-		glog.Warningf("Non-root verification doesn't support non-numeric user (%s)", imageUser)
-		return nil
-	}
-
 	if uid == 0 {
 		return fmt.Errorf("container has runAsNonRoot and image will run as root")
 	}
@@ -101,7 +89,7 @@ func convertToRuntimeSecurityContext(securityContext *api.SecurityContext) *runt
 	}
 
 	return &runtimeapi.LinuxContainerSecurityContext{
-		RunAsUser:      convertToRuntimeRunAsUser(securityContext.RunAsUser),
+		RunAsUser:      securityContext.RunAsUser,
 		Privileged:     securityContext.Privileged,
 		ReadonlyRootfs: securityContext.ReadOnlyRootFilesystem,
 		Capabilities:   convertToRuntimeCapabilities(securityContext.Capabilities),
@@ -109,14 +97,6 @@ func convertToRuntimeSecurityContext(securityContext *api.SecurityContext) *runt
 	}
 }
 
-// convertToRuntimeRunAsUser converts RunAsUser from *int64 to *string.
-func convertToRuntimeRunAsUser(runAsUser *int64) *string {
-	if runAsUser == nil {
-		return nil
-	}
-	return proto.String(strconv.FormatInt(*runAsUser, 10))
-}
-
 // convertToRuntimeSELinuxOption converts api.SELinuxOptions to runtimeapi.SELinuxOption.
 func convertToRuntimeSELinuxOption(opts *api.SELinuxOptions) *runtimeapi.SELinuxOption {
 	if opts == nil {