path: root/ext/openssl/ossl_asn1.c
AgeCommit message (Collapse)Author
11 days[ruby/openssl] Suppress cast-function-type warningsNobuyoshi Nakada
2021-03-31Enclose the code that was accidentally a link in "tt"aycabta
2020-02-16Import openssl-2.2.0 (#2693)Hiroshi SHIBATA
Import the master branch of ruby/openssl for preparing to release openssl-2.2.0 Notes: Merged-By: hsbt <>
2019-10-10Prefer rb_gc_register_mark_objectNobuyoshi Nakada
* ext/openssl/ossl_asn1.c (Init_ossl_asn1): prefer `rb_gc_register_mark_object`, which is better for constant objects, over `rb_gc_register_address` for global/static variables which can be re-assigned at runtime. [Bug #16196]
2019-10-10Guard static variable firstNobuyoshi Nakada
* ext/openssl/ossl_asn1.c (Init_ossl_asn1): register the static variable to grab an internal object, before creating the object. otherwise the just-created object could get collected during the global variable list allocation. [Bug #16196]
2018-08-08openssl: sync with upstream repositoryrhe
Sync with the current tip of master branch, 62436385306c of ruby/openssl.git. Changes can be found at: ---------------------------------------------------------------- Brian Cunnie (1): Correctly verify abbreviated IPv6 SANs Janko Marohnić (1): Reduce memory allocation when writing to SSLSocket Jeremy Evans (1): Move rb_global_variable call to directly after assignment Kazuki Yamaguchi (7): pkcs7: allow recipient's certificate to be omitted for PKCS7#decrypt pkey: resume key generation after interrupt tool/ruby-openssl-docker: update to latest versions test/test_ssl: fix test failure with TLS 1.3 test/test_x509name: change script encoding to ASCII-8BIT x509name: refactor OpenSSL::X509::Name#to_s x509name: fix handling of X509_NAME_{oneline,print_ex}() return value ahadc (1): Update nobu (6): no ID cache in Init functions search winsock libraries explicitly openssl: search winsock openssl_missing.h: constified reduce LibreSSL warnings openssl/buffering.rb: no RS when output git-svn-id: svn+ssh:// b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2018-02-16no ID cache in Init functionsnobu
Init functions are called only once, cache is useless. git-svn-id: svn+ssh:// b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2017-12-14openssl: import v2.1.0rhe
Import Ruby/OpenSSL 2.1.0. Commits since v2.1.0.beta2 can be found at: ---------------------------------------------------------------- Kazuki Yamaguchi (8): test/test_ssl: prevent changing default internal encoding ssl: remove a misleading comment pkey/ec: rearrange PKey::EC::Point#initialize ssl: remove unreachable code asn1: fix docs pkey/ec: add support for octet string encoding of EC point Ruby/OpenSSL 2.0.7 Ruby/OpenSSL 2.1.0 eregon (1): Fix test-all tests to avoid creating report_on_exception warnings git-svn-id: svn+ssh:// b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2017-09-03openssl: import v2.1.0.beta1rhe
Import Ruby/OpenSSL 2.1.0.beta1. The full commit log since v2.0.5 (imported by r59567) can be found at: ---------------------------------------------------------------- Antonio Terceiro (1): test/test_ssl: explicitly accept TLS 1.1 in corresponding test Colby Swandale (1): document using secure protocol to fetch git master in Bundler Colton Jenkins (1): Add fips_mode_get to return fips_mode Kazuki Yamaguchi (85): Start preparing for 2.1.0 Remove support for OpenSSL 0.9.8 and 1.0.0 bn: refine tests bn: implement unary {plus,minus} operators for OpenSSL::BN bn: implement OpenSSL::BN#negative? Don't define main() when built with --enable-debug test: let OpenSSL::TestCase include OpenSSL::TestUtils test: prepare test PKey instances on demand Add OpenSSL.print_mem_leaks Enable OSSL_MDEBUG on CI builds ssl: move default DH parameters from OpenSSL::PKey::DH Make exceptions with the same format regardless of OpenSSL.debug ssl: show reason of 'certificate verify error' in exception message ssl: remove OpenSSL::ExtConfig::TLS_DH_anon_WITH_AES_256_GCM_SHA384 ssl: do not confuse different ex_data index registries ssl: assume SSL/SSL_CTX always have a valid reference to the Ruby object Fix RDoc markup ssl: suppress compiler warning ext/openssl/deprecation.rb: remove broken-apple-openssl extconf.rb: print informative message if OpenSSL can't be found Rakefile: compile the extension before test kdf: introduce OpenSSL::KDF module ossl.h: add NUM2UINT64T() macro kdf: add scrypt Expand rb_define_copy_func() macro Expand FPTR_TO_FD() macro Remove SafeGet*() macros cipher: rename GetCipherPtr() to ossl_evp_get_cipherbyname() digest: rename GetDigestPtr() to ossl_evp_get_digestbyname() Add ossl_str_new(), an exception-safe rb_str_new() bio: simplify ossl_membio2str() using ossl_str_new() Remove unused functions and macros Drop support for LibreSSL 2.3 ocsp: add OpenSSL::OCSP::Request#signed? asn1: infinite length -> indefinite length asn1: rearrange tests ssl: remove a needless NULL check in SSL::SSLContext#ciphers ssl: return nil in SSL::SSLSocket#cipher if session is not started asn1: remove an unnecessary function prototype asn1: require tag information when instantiating generic type asn1: initialize 'unused_bits' attribute of BitString with 0 asn1: check for illegal 'unused_bits' value of BitString asn1: disallow NULL to be passed to asn1time_to_time() asn1: avoid truncating OID in OpenSSL::ASN1::ObjectId#oid asn1: allow constructed encoding with definite length form asn1: prohibit indefinite length form for primitive encoding asn1: allow tag number to be >= 32 for universal tag class asn1: use ossl_asn1_tag() asn1: clean up OpenSSL::ASN1::Constructive#to_der asn1: harmonize OpenSSL::ASN1::*#to_der asn1: prevent EOC octets from being in the middle of the content asn1: do not treat EOC octets as part of content octets x509name: add 'loc' and 'set' kwargs to OpenSSL::X509::Name#add_entry ssl: do not call session_remove_cb during GC Backport "Merge branch 'topic/test-memory-leak'" to maint cipher: update the documentation for Cipher#auth_tag= Rakefile: let sync:to_ruby know about test/openssl/fixtures test: fix formatting test/utils: remove OpenSSL::TestUtils.silent test/utils: add SSLTestCase#tls12_supported? test/utils: have start_server yield only the port number test/utils: do not set ecdh_curves in start_server test/utils: let server_loop close socket test/utils: improve error handling in start_server test/utils: add OpenSSL::TestUtils.openssl? and .libressl? test/utils: do not use DSA certificates in SSL tests test/test_ssl: remove test_invalid_shutdown_by_gc test/test_ssl: move test_multibyte_read_write to test_pair test/test_ssl_session: rearrange tests test/test_pair, test/test_ssl: fix for TLS 1.3 ssl: remove useless call to rb_thread_wait_fd() ssl: fix NPN support ssl: mark OpenSSL::SSL::SSLContext::DEFAULT_{1024,2048} as private ssl: use 2048-bit group in the default tmp_dh_cb ssl: ensure that SSL option flags are non-negative ssl: update OpenSSL::SSL::OP_* flags ssl: prefer TLS_method() over SSLv23_method() ssl: add SSLContext#min_version= and #max_version= ssl: rework SSLContext#ssl_version= test/test_x509name: change script encoding to ASCII-8BIT x509name: refactor OpenSSL::X509::Name#to_s x509name: add OpenSSL::X509::Name#to_utf8 x509name: add OpenSSL::X509::Name#inspect x509name: update regexp in OpenSSL::X509::Name.parse Ruby/OpenSSL 2.1.0.beta1 Marcus Stollsteimer (1): Fix rdoc for core Integer class nobu (4): [DOC] {read,write}_nonblock with exception: false [DOC] keyword argument _exception_ [DOC] mark up literals Revert r57690 except for read_nonblock git-svn-id: svn+ssh:// b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2017-01-31openssl: import v2.0.3rhe
Import Ruby/OpenSSL 2.0.3. Only bugfixes. The full commit log since 2.0.2 (imported at r57146) can be found at: ---------------------------------------------------------------- Corey Bonnell (1): Fix for ASN1::Constructive 'each' implementation Kazuki Yamaguchi (10): Fix build with static OpenSSL libraries on Windows ([ruby-core:78878] [Bug #13080]) Merge pull request #96 from CBonnell/master Merge branch 'topic/windows-static-linking-without-pkg-config' into maint appveyor.yml: update OpenSSL version to 1.0.2j buffering: fix typo in doc test/envutil: fix assert_raise_with_message x509: fix OpenSSL::X509::Name#eql? ([ruby-core:79310] [Bug #13170]) ruby-openssl-docker: update versions of Ruby and OpenSSL .travis.yml: test with Ruby 2.4 Ruby/OpenSSL 2.0.3 git-svn-id: svn+ssh:// b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2016-12-10openssl: import v2.0.1rhe
Import Ruby/OpenSSL 2.0.1. The full commit history since 2.0.0 (imported at r56946) can be found at: This release contains only bug fixes. Note, the first two commits since v2.0.0 are already imported at r56953 to make Travis and RubyCI green. git-svn-id: svn+ssh:// b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2016-11-30openssl: import v2.0.0rhe
Import Ruby/OpenSSL 2.0.0. The full commit history since 2.0.0 beta.2 (imported at r56098) can be found at: git-svn-id: svn+ssh:// b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2016-08-29import Ruby/OpenSSL 2.0.0.beta.1rhe
* NEWS, {ext,test,sample}/openssl: Import Ruby/OpenSSL 2.0.0.beta.1. ext/openssl is now converted into a default gem. The full commit history since r55538 can be found at: [Feature #9612] git-svn-id: svn+ssh:// b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2016-06-09openssl: use ASN1_ENUMERATED_to_BN() if neededrhe
* ext/openssl/ossl_asn1.c (asn1integer_to_num): Use ASN1_ENUMERATED_to_BN() to convert an ASN1_ENUMERATED to a BN. Starting from OpenSSL 1.1.0, ASN1_INTEGER_to_BN() rejects non-ASN1_INTEGER objects. The format of INTEGER and ENUMERATED are almost identical so they behaved in the same way in OpenSSL <= 1.0.2. [ruby-core:75225] [Feature #12324] * test/openssl/test_asn1.rb (test_decode_enumerated): Test that it works. git-svn-id: svn+ssh:// b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2016-06-05openssl: avoid d2i_ASN1_BOOLEAN()rhe
* ext/openssl/ossl_asn1.c (decode_bool): Do the same thing as d2i_ASN1_BOOLEAN() does by ourselves. This function is removed in OpenSSL 1.1.0. [ruby-core:75225] [Feature #12324] git-svn-id: svn+ssh:// b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2016-06-01ossl_asn1.c: check overflownobu
* ext/openssl/ossl_asn1.c (ossl_time_split): check overflow and reorder for optimization. git-svn-id: svn+ssh:// b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2016-06-01openssl: fix the Year 2038 problemrhe
r55219 didn't fix the entire issue. It only fixed the issue on environment with sizeof(time_t) == 8 && sizeof(long) == 4. * ext/openssl/extconf.rb: Check existence of ASN1_TIME_adj(). The old ASN1_TIME_set() is not Year 2038 ready on sizeof(time_t) == 4 environment. This function was added in OpenSSL 1.0.0. [ruby-core:45552] [Bug #6571] * ext/openssl/ossl_asn1.c (ossl_time_split): Added. Split the argument (Time) into the number of days elapsed since the epoch and the remainder seconds to conform to ASN1_TIME_adj(). (obj_to_asn1utime, obj_to_asn1gtime): Use ossl_time_split() and ASN1_*TIME_adj(). * ext/openssl/ossl_asn1.h: Add the function prototype for ossl_time_split(). * ext/openssl/ossl_x509.[ch]: Add ossl_x509_time_adjust(). Similarly to obj_to_asn1*time(), use X509_time_adj_ex() instead of X509_time_adj(). * ext/openssl/ossl_x509cert.c, ext/openssl/ossl_x509crl.c, ext/openssl/ossl_x509revoked.c: Use ossl_x509_time_adjust(). git-svn-id: svn+ssh:// b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2016-05-30openssl: use NUM2TIMET() to convert Integer to time_trhe
* ext/openssl/ossl_asn1.c (time_to_time_t): Use NUM2TIMET() instead of NUM2LONG(). time_t may be larger than long. [ruby-core:45552] [Bug #6571] git-svn-id: svn+ssh:// b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2016-05-25openssl: drop OpenSSL 0.9.6/0.9.7 supportrhe
* ext/openssl, test/openssl: Drop OpenSSL < 0.9.8 support. git-svn-id: svn+ssh:// b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2016-05-23openssl: use StringValueCStr() where NUL-terminated string is expectedrhe
* ext/openssl/ossl_asn1.c, ext/openssl/ossl_bn.c, ext/openssl/ossl_cipher.c, ext/openssl/ossl_digest.c ext/openssl/ossl_engine.c, ext/openssl/ossl_ns_spki.c ext/openssl/ossl_pkcs12.c, ext/openssl/ossl_pkcs7.c ext/openssl/ossl_pkey.c, ext/openssl/ossl_pkey_ec.c ext/openssl/ossl_rand.c, ext/openssl/ossl_ssl.c ext/openssl/ossl_x509attr.c, ext/openssl/ossl_x509cert.c ext/openssl/ossl_x509ext.c, ext/openssl/ossl_x509store.c: Use StringValueCStr() where NUL-terminated string is expected. git-svn-id: svn+ssh:// b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2015-09-22* ext/openssl/*: Remove svn commit id macros to make sync easierzzak
git-svn-id: svn+ssh:// b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2015-05-27openssl: use RB_GC_GUARD instead of volatilenormal
From doc/extension.rdoc: > > Using the RB_GC_GUARD macro is preferable to using the "volatile" > keyword in C. RB_GC_GUARD has the following advantages: > > 1) the intent of the macro use is clear > > 2) RB_GC_GUARD only affects its call site, "volatile" generates some > extra code every time the variable is used, hurting optimization. > > 3) "volatile" implementations may be buggy/inconsistent in some > compilers and architectures. RB_GC_GUARD is customizable for broken > systems/compilers without those without negatively affecting other > systems. * ext/openssl/ossl_asn1.c (ossl_asn1_traverse, ossl_asn1_decode, ossl_asn1_decode_all): use RB_GC_GUARD instead of volatile [ruby-core:69371] [Bug #11185] git-svn-id: svn+ssh:// b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2015-05-27ossl_asn1.c: [DOC] Fix typo [skip ci]nobu
* ext/openssl/ossl_asn1.c (Init_ossl_asn1): [DOC] Fix typo "recieved" to "received". [Fix GH-913] git-svn-id: svn+ssh:// b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2015-04-20* ext/openssl/*: use license instead of licence.hsbt
[fix GH-876][ci skip] Patch by @davydovanton * lib/net/https.rb: ditto. git-svn-id: svn+ssh:// b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2015-02-21ossl_asn1.c: fix docnobu
* ext/openssl/ossl_asn1.c (ossl_asn1obj_get_oid): [DOC] fix notation, an instance method but not a class method. git-svn-id: svn+ssh:// b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2015-02-21[DOC] Backport ruby/openssl@86eb721 [ci skip]zzak
git-svn-id: svn+ssh:// b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2014-09-30protoize no-arguments functionsnobu
git-svn-id: svn+ssh:// b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2014-08-03openssl: constifynobu
* ext/openssl/ossl_asn1.c (ossl_asn1_info): constify. * ext/openssl/ossl_pkcs7.c (ossl_pkcs7_sym2typeid): constify and remove sentinel as the count is used. * ext/openssl/ossl_ssl.c (ossl_ssl_method_tab): constify. git-svn-id: svn+ssh:// b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2014-04-24ossl_asn1.c: fix undefined behaviornobu
* ext/openssl/ossl_asn1.c (ossl_asn1_initialize): SYMID on a value other than Symbol is an undefined behavior. fix up r31699. [ruby-core:62142] [Bug #9771] git-svn-id: svn+ssh:// b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2014-01-13ext: use PRIsVALUE for rb_raise and rb_warnnobu
* ext/bigdecimal/bigdecimal.c (BigDecimal_new): use PRIsVALUE for rb_raise() and rb_warn(). * ext/openssl/ossl_cipher.c (ossl_cipher_init): ditto. * ext/racc/cparse/cparse.c (extract_user_token): ditto. * ext/syslog/syslog.c (mSyslog_log): ditto. * ext/openssl/ossl.h (OSSL_Check_Kind, OSSL_Check_Instance): now ossl_raise() also accepts PRIsVALUE. * ext/openssl/ossl_asn1.c (ossl_asn1_default_tag): git-svn-id: svn+ssh:// b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2013-12-11* ext/win32ole/sample/olegen.rb: Fix typoa_matsuda
* ext/openssl/ossl_asn1.c: [DOC] Fix typo * lib/webrick/accesslog.rb: ditto * template/yarvarch.ja: ditto s/recieve/receive/ git-svn-id: svn+ssh:// b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2013-11-29ruby/ruby.h: RB_BLOCK_CALL_FUNC_ARGLISTnobu
* include/ruby/ruby.h (RB_BLOCK_CALL_FUNC_ARGLIST): for declaration argument list of rb_block_call_func. git-svn-id: svn+ssh:// b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2013-11-13Squashed commit of the following:nagachika
commit 6895f38bfc3c0ad6bd212b8f9acc3c71384dfcb7 Author: Chikanaga Tomoyuki <> Date: Thu Nov 14 00:14:00 2013 +0900 * ChangeLog: fix a typo at r43666 * ext/openssl/ossl_asn1.c: ditto. git-svn-id: svn+ssh:// b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2013-11-13* ext/openssl/ossl_asn1.c: [DOC] Document parts ofzzak
OpenSSL::ASN1::ObjectId included a fix for the class overview, which previously showed the documentation for Constructive due to missing ObjectId overview. This patch also includes a note for Primative. Based on a patch by @vbatts via GH-436 git-svn-id: svn+ssh:// b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2013-07-22* ext/openssl/ossl_asn1.c (asn1time_to_time): Implement YYMMDDhhmmZdrbrain
format for ASN.1 UTCTime. [ruby-trunk - Bug #8664] * test/openssl/test_asn1.rb: Test for the above. git-svn-id: svn+ssh:// b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2012-09-04remove trailing spaces.nobu
git-svn-id: svn+ssh:// b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2012-03-28* ext/openssl/ossl_asn1.c: raise TypeError when trying to encode nilemboss
values for Primitive instances. * test/openssl/test_asn1.rb: Assert consistent behavior when encoding nil values: Primitives raise TypeError, Constructives raise NoMethodError. Fixes [ruby-core:43009][Bug #6102] -This line, and those below, will be ignored-- M test/openssl/test_asn1.rb M ext/openssl/ossl_asn1.c M ChangeLog git-svn-id: svn+ssh:// b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2012-02-25avoid rdoc's warnings.naruse
git-svn-id: svn+ssh:// b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2012-02-08* ext/openssl/ossl_asn1.c: Call INT2NUM only once for GeneralString.emboss
Thanks to Mantas Mikulenas for noticing and providing a patch! [ruby-core:42358] [Bug #5972] git-svn-id: svn+ssh:// b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2011-11-15* ext/openssl/ossl_asn1.c: get rid of potential overflow.nobu
git-svn-id: svn+ssh:// b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2011-11-04* whitespace cleanup.nobu
git-svn-id: svn+ssh:// b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2011-09-25* ext/openssl/ossl_asn1.c: fix int_ossl_asn1_decode0_cons when beingemboss
fed arbitrary string values. Clearly distinguish between the cases "universal, infinite and not a SEQUENCE or SET" and "universal SEQUENCE or SET, possibly infinite". Raise error for universal tags that are not infinite. * test/openssl/test_asn1.rb: add a test for this. Thanks to Hiroshi Yoshida for reporting this bug. [Bug #5363] [ruby-dev:44542] git-svn-id: svn+ssh:// b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2011-09-23* ext/openssl/ossl_asn1.c: remove unused variable.emboss
git-svn-id: svn+ssh:// b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2011-08-07* ext/openssl/ossl_asn1.c (decode_eoc): remove unused variables.kosaki
Patch by Eric Wong. [Feature #5157] [ruby-core:38798] * ext/openssl/ossl_asn1.c (ossl_asn1_decode): ditto. * ext/openssl/ossl_pkey.c (ossl_pkey_new_from_data): ditto. git-svn-id: svn+ssh:// b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2011-06-30* sytle fixes.nobu
git-svn-id: svn+ssh:// b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2011-06-26* ext/openssl/extconf.rbemboss
* ext/openssl/ossl_missing.h/.c: add ASN1_put_eoc if missing. * ext/openssl/ossl_asn1.c: introduce ossl_asn1_object_size and ossl_asn1_put_object to wrap functionality depending on OpenSSL version in use. Fixes [ Ruby 1.9 - Bug #4916 ] reported by Hiroshi Nakamura. [ruby-core:37286] git-svn-id: svn+ssh:// b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2011-05-23* ext/openssl/ossl_asn1.c: Do not parse zero-tagged values as EOC. Doemboss
not let current length become negative for infinite length constructed values. Support constructed values of length zero. Added tests. git-svn-id: svn+ssh:// b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2011-05-22* ext/openssl/ossl_asn1.c: Forbid Constructives whose value is not anemboss
Array to prevent segfault. Added test. git-svn-id: svn+ssh:// b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2011-05-22* ext/openssl/ossl_asn1.c: Forbid Constructive without infiniteemboss
length. This also prevents a segfault. Added test and improved documentation. git-svn-id: svn+ssh:// b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2011-05-22* ext/openssl/ossl_asn1.c: Fix decoding of infinite length values.emboss
Simplified ossl_asn1_decode0 by splitting it into three separate functions. Add tests. [Ruby 1.9 - Bug #4374][ruby-core:35123] git-svn-id: svn+ssh:// b2dd03c8-39d4-4d8f-98ff-823fe69b080e