summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--.gitignore127
-rw-r--r--.gitmodules3
-rw-r--r--ABOUT-NLS1379
-rw-r--r--AUTHORS3
-rw-r--r--COPYING661
-rw-r--r--COPYING.AGPL661
-rw-r--r--ChangeLog8
-rw-r--r--INSTALL368
-rw-r--r--Makefile.am25
-rw-r--r--NEWS0
-rw-r--r--README42
-rwxr-xr-xbootstrap35
-rwxr-xr-xconfig.rpath684
-rw-r--r--configure.ac349
-rw-r--r--contrib/Makefile.am31
m---------contrib/gana0
-rwxr-xr-xcontrib/gana-update.sh11
-rwxr-xr-xcontrib/gana.sh10
-rw-r--r--contrib/gnunet.tag235
-rw-r--r--contrib/microhttpd.tag122
-rwxr-xr-xcontrib/pogen.sh3
-rw-r--r--contrib/provider-list.json22
-rw-r--r--contrib/redux.al.json33
-rw-r--r--contrib/redux.be.json39
-rw-r--r--contrib/redux.ch.json40
-rw-r--r--contrib/redux.countries.json166
-rw-r--r--contrib/redux.cz.json33
-rw-r--r--contrib/redux.de.json54
-rw-r--r--contrib/redux.dk.json32
-rw-r--r--contrib/redux.in.json39
-rw-r--r--contrib/redux.it.json33
-rw-r--r--contrib/redux.jp.json39
-rw-r--r--contrib/redux.sk.json33
-rw-r--r--contrib/redux.us.json38
-rw-r--r--contrib/redux.xx.json29
-rw-r--r--contrib/redux.xy.json29
-rw-r--r--contrib/uncrustify.cfg95
-rwxr-xr-xcontrib/uncrustify_precommit35
-rw-r--r--debian/.gitignore13
-rw-r--r--debian/anastasis-cli.install2
-rw-r--r--debian/anastasis-httpd.README.Debian10
-rw-r--r--debian/anastasis-httpd.config38
-rw-r--r--debian/anastasis-httpd.install13
-rw-r--r--debian/anastasis-httpd.postinst93
-rw-r--r--debian/anastasis-httpd.postrm72
-rw-r--r--debian/anastasis-httpd.prerm16
-rw-r--r--debian/anastasis-httpd.service8
-rw-r--r--debian/anastasis-httpd.templates7
-rw-r--r--debian/changelog37
-rw-r--r--debian/conf/apache.conf11
-rw-r--r--debian/conf/nginx.conf8
-rw-r--r--debian/control77
-rw-r--r--debian/copyright699
-rwxr-xr-xdebian/db/install/pgsql78
-rw-r--r--debian/etc/taler/conf.d/anastasis.conf2
-rw-r--r--debian/libanastasis-dev.install2
-rw-r--r--debian/libanastasis.docs1
-rw-r--r--debian/libanastasis.install4
-rw-r--r--debian/po/POTFILES.in1
-rwxr-xr-xdebian/rules39
-rw-r--r--debian/source/format1
-rw-r--r--debian/source/options3
-rw-r--r--debian/upstream/metadata4
-rw-r--r--debian/upstream/signing-key.asc637
-rw-r--r--debian/watch3
-rw-r--r--doc/.gitignore8
-rw-r--r--doc/Makefile.am23
-rw-r--r--doc/agpl.texi698
-rw-r--r--doc/anastasis-config.1123
-rw-r--r--doc/anastasis-figures/anastasis-db.pngbin0 -> 38801 bytes
-rw-r--r--doc/anastasis-figures/anastasis_challenge_payment.pngbin0 -> 20331 bytes
-rw-r--r--doc/anastasis-figures/anastasis_challengecode.pngbin0 -> 17678 bytes
-rw-r--r--doc/anastasis-figures/anastasis_reducer_backup.pngbin0 -> 59981 bytes
-rw-r--r--doc/anastasis-figures/anastasis_reducer_recovery.pngbin0 -> 52610 bytes
-rw-r--r--doc/anastasis-figures/anastasis_truth.pngbin0 -> 19493 bytes
-rw-r--r--doc/anastasis-figures/anastasis_truth_payment.pngbin0 -> 13430 bytes
-rw-r--r--doc/anastasis-httpd.178
-rw-r--r--doc/anastasis-reducer.193
-rw-r--r--doc/anastasis.conf.5151
-rw-r--r--doc/anastasis.texi6093
-rw-r--r--doc/brown-paper.css63
-rwxr-xr-xdoc/config.sh116
-rw-r--r--doc/docstyle.css76
-rw-r--r--doc/doxygen/.gitignore2
-rw-r--r--doc/doxygen/Makefile.am18
-rw-r--r--doc/doxygen/anastasis.doxy247
-rw-r--r--doc/doxygen/taler-exchange.tag0
-rw-r--r--doc/doxygen/taler-merchant.tag0
-rw-r--r--doc/fdl-1.3.texi506
-rw-r--r--doc/highlight.pack.js2
-rw-r--r--doc/lgpl.texi549
-rw-r--r--doc/manual.infobin0 -> 140832 bytes
-rwxr-xr-xdoc/mdate-sh228
-rw-r--r--doc/sphinx/.gitignore1
-rw-r--r--doc/sphinx/Makefile179
-rw-r--r--doc/sphinx/README10
-rw-r--r--doc/sphinx/_exts/__pycache__/typescriptdomain.cpython-39.pycbin0 -> 15399 bytes
-rw-r--r--doc/sphinx/_exts/httpdomain/__init__.py14
-rw-r--r--doc/sphinx/_exts/httpdomain/__pycache__/__init__.cpython-37.pycbin0 -> 514 bytes
-rw-r--r--doc/sphinx/_exts/httpdomain/__pycache__/__init__.cpython-38.pycbin0 -> 518 bytes
-rw-r--r--doc/sphinx/_exts/httpdomain/__pycache__/__init__.cpython-39.pycbin0 -> 520 bytes
-rw-r--r--doc/sphinx/_exts/httpdomain/__pycache__/httpdomain.cpython-37.pycbin0 -> 24431 bytes
-rw-r--r--doc/sphinx/_exts/httpdomain/__pycache__/httpdomain.cpython-38.pycbin0 -> 24436 bytes
-rw-r--r--doc/sphinx/_exts/httpdomain/__pycache__/httpdomain.cpython-39.pycbin0 -> 24344 bytes
-rw-r--r--doc/sphinx/_exts/httpdomain/autohttp/__init__.py11
-rw-r--r--doc/sphinx/_exts/httpdomain/autohttp/bottle.py114
-rw-r--r--doc/sphinx/_exts/httpdomain/autohttp/common.py36
-rw-r--r--doc/sphinx/_exts/httpdomain/autohttp/flask.py48
-rw-r--r--doc/sphinx/_exts/httpdomain/autohttp/flask_base.py215
-rw-r--r--doc/sphinx/_exts/httpdomain/autohttp/flaskqref.py80
-rw-r--r--doc/sphinx/_exts/httpdomain/autohttp/tornado.py128
-rw-r--r--doc/sphinx/_exts/httpdomain/httpdomain.py772
-rw-r--r--doc/sphinx/_exts/taler_sphinx_theme/__init__.py166
-rw-r--r--doc/sphinx/_exts/taler_sphinx_theme/__pycache__/__init__.cpython-37.pycbin0 -> 6508 bytes
-rw-r--r--doc/sphinx/_exts/taler_sphinx_theme/__pycache__/__init__.cpython-38.pycbin0 -> 6560 bytes
-rw-r--r--doc/sphinx/_exts/taler_sphinx_theme/__pycache__/__init__.cpython-39.pycbin0 -> 6548 bytes
-rw-r--r--doc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/comments.html16
-rw-r--r--doc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/globaltoc.html14
-rw-r--r--doc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/layout.html172
-rw-r--r--doc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/localtoc.html10
-rw-r--r--doc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/logo-text.html1
-rw-r--r--doc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/search.html48
-rw-r--r--doc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/searchbox.html15
-rwxr-xr-xdoc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/static/css/bootstrap-theme.min.css7
-rwxr-xr-xdoc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/static/css/bootstrap.min.css7
-rwxr-xr-xdoc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/static/fonts/glyphicons-halflings-regular.eotbin0 -> 20290 bytes
-rwxr-xr-xdoc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/static/fonts/glyphicons-halflings-regular.svg229
-rwxr-xr-xdoc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/static/fonts/glyphicons-halflings-regular.ttfbin0 -> 41236 bytes
-rwxr-xr-xdoc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/static/fonts/glyphicons-halflings-regular.woffbin0 -> 23292 bytes
-rwxr-xr-xdoc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/static/fonts/open-sans/fonts/OpenSans-Bold-webfont.eotbin0 -> 30858 bytes
-rwxr-xr-xdoc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/static/fonts/open-sans/fonts/OpenSans-Bold-webfont.svg251
-rwxr-xr-xdoc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/static/fonts/open-sans/fonts/OpenSans-Bold-webfont.ttfbin0 -> 30680 bytes
-rwxr-xr-xdoc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/static/fonts/open-sans/fonts/OpenSans-Bold-webfont.woffbin0 -> 19788 bytes
-rwxr-xr-xdoc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/static/fonts/open-sans/fonts/OpenSans-BoldItalic-webfont.eotbin0 -> 34166 bytes
-rwxr-xr-xdoc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/static/fonts/open-sans/fonts/OpenSans-BoldItalic-webfont.svg251
-rwxr-xr-xdoc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/static/fonts/open-sans/fonts/OpenSans-BoldItalic-webfont.ttfbin0 -> 33960 bytes
-rwxr-xr-xdoc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/static/fonts/open-sans/fonts/OpenSans-BoldItalic-webfont.woffbin0 -> 21940 bytes
-rwxr-xr-xdoc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/static/fonts/open-sans/fonts/OpenSans-ExtraBold-webfont.eotbin0 -> 30602 bytes
-rwxr-xr-xdoc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/static/fonts/open-sans/fonts/OpenSans-ExtraBold-webfont.svg251
-rwxr-xr-xdoc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/static/fonts/open-sans/fonts/OpenSans-ExtraBold-webfont.ttfbin0 -> 30404 bytes
-rwxr-xr-xdoc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/static/fonts/open-sans/fonts/OpenSans-ExtraBold-webfont.woffbin0 -> 19972 bytes
-rwxr-xr-xdoc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/static/fonts/open-sans/fonts/OpenSans-ExtraBoldItalic-webfont.eotbin0 -> 33758 bytes
-rwxr-xr-xdoc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/static/fonts/open-sans/fonts/OpenSans-ExtraBoldItalic-webfont.svg251
-rwxr-xr-xdoc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/static/fonts/open-sans/fonts/OpenSans-ExtraBoldItalic-webfont.ttfbin0 -> 33532 bytes
-rwxr-xr-xdoc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/static/fonts/open-sans/fonts/OpenSans-ExtraBoldItalic-webfont.woffbin0 -> 21824 bytes
-rwxr-xr-xdoc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/static/fonts/open-sans/fonts/OpenSans-Italic-webfont.eotbin0 -> 34798 bytes
-rwxr-xr-xdoc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/static/fonts/open-sans/fonts/OpenSans-Italic-webfont.svg251
-rwxr-xr-xdoc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/static/fonts/open-sans/fonts/OpenSans-Italic-webfont.ttfbin0 -> 34612 bytes
-rwxr-xr-xdoc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/static/fonts/open-sans/fonts/OpenSans-Italic-webfont.woffbin0 -> 22416 bytes
-rwxr-xr-xdoc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/static/fonts/open-sans/fonts/OpenSans-Light-webfont.eotbin0 -> 29794 bytes
-rwxr-xr-xdoc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/static/fonts/open-sans/fonts/OpenSans-Light-webfont.svg252
-rwxr-xr-xdoc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/static/fonts/open-sans/fonts/OpenSans-Light-webfont.ttfbin0 -> 29612 bytes
-rwxr-xr-xdoc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/static/fonts/open-sans/fonts/OpenSans-Light-webfont.woffbin0 -> 19396 bytes
-rwxr-xr-xdoc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/static/fonts/open-sans/fonts/OpenSans-LightItalic-webfont.eotbin0 -> 34578 bytes
-rwxr-xr-xdoc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/static/fonts/open-sans/fonts/OpenSans-LightItalic-webfont.svg252
-rwxr-xr-xdoc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/static/fonts/open-sans/fonts/OpenSans-LightItalic-webfont.ttfbin0 -> 34368 bytes
-rwxr-xr-xdoc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/static/fonts/open-sans/fonts/OpenSans-LightItalic-webfont.woffbin0 -> 22444 bytes
-rwxr-xr-xdoc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/static/fonts/open-sans/fonts/OpenSans-Regular-webfont.eotbin0 -> 29934 bytes
-rwxr-xr-xdoc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/static/fonts/open-sans/fonts/OpenSans-Regular-webfont.svg252
-rwxr-xr-xdoc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/static/fonts/open-sans/fonts/OpenSans-Regular-webfont.ttfbin0 -> 29744 bytes
-rwxr-xr-xdoc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/static/fonts/open-sans/fonts/OpenSans-Regular-webfont.woffbin0 -> 19624 bytes
-rwxr-xr-xdoc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/static/fonts/open-sans/fonts/OpenSans-Semibold-webfont.eotbin0 -> 30350 bytes
-rwxr-xr-xdoc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/static/fonts/open-sans/fonts/OpenSans-Semibold-webfont.svg251
-rwxr-xr-xdoc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/static/fonts/open-sans/fonts/OpenSans-Semibold-webfont.ttfbin0 -> 30156 bytes
-rwxr-xr-xdoc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/static/fonts/open-sans/fonts/OpenSans-Semibold-webfont.woffbin0 -> 19736 bytes
-rwxr-xr-xdoc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/static/fonts/open-sans/fonts/OpenSans-SemiboldItalic-webfont.eotbin0 -> 34866 bytes
-rwxr-xr-xdoc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/static/fonts/open-sans/fonts/OpenSans-SemiboldItalic-webfont.svg251
-rwxr-xr-xdoc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/static/fonts/open-sans/fonts/OpenSans-SemiboldItalic-webfont.ttfbin0 -> 34644 bytes
-rwxr-xr-xdoc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/static/fonts/open-sans/fonts/OpenSans-SemiboldItalic-webfont.woffbin0 -> 22332 bytes
-rwxr-xr-xdoc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/static/fonts/open-sans/stylesheet.css136
-rwxr-xr-xdoc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/static/fonts/source-serif-pro/EOT/SourceSerifPro-Black.eotbin0 -> 111902 bytes
-rwxr-xr-xdoc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/static/fonts/source-serif-pro/EOT/SourceSerifPro-Bold.eotbin0 -> 113630 bytes
-rwxr-xr-xdoc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/static/fonts/source-serif-pro/EOT/SourceSerifPro-ExtraLight.eotbin0 -> 112362 bytes
-rwxr-xr-xdoc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/static/fonts/source-serif-pro/EOT/SourceSerifPro-Light.eotbin0 -> 112866 bytes
-rwxr-xr-xdoc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/static/fonts/source-serif-pro/EOT/SourceSerifPro-Regular.eotbin0 -> 112354 bytes
-rwxr-xr-xdoc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/static/fonts/source-serif-pro/EOT/SourceSerifPro-Semibold.eotbin0 -> 113510 bytes
-rwxr-xr-xdoc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/static/fonts/source-serif-pro/LICENSE.txt93
-rwxr-xr-xdoc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/static/fonts/source-serif-pro/OTF/SourceSerifPro-Black.otfbin0 -> 91216 bytes
-rwxr-xr-xdoc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/static/fonts/source-serif-pro/OTF/SourceSerifPro-Bold.otfbin0 -> 92760 bytes
-rwxr-xr-xdoc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/static/fonts/source-serif-pro/OTF/SourceSerifPro-ExtraLight.otfbin0 -> 89720 bytes
-rwxr-xr-xdoc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/static/fonts/source-serif-pro/OTF/SourceSerifPro-Light.otfbin0 -> 91424 bytes
-rwxr-xr-xdoc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/static/fonts/source-serif-pro/OTF/SourceSerifPro-Regular.otfbin0 -> 91276 bytes
-rwxr-xr-xdoc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/static/fonts/source-serif-pro/OTF/SourceSerifPro-Semibold.otfbin0 -> 93144 bytes
-rwxr-xr-xdoc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/static/fonts/source-serif-pro/README.md18
-rwxr-xr-xdoc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/static/fonts/source-serif-pro/ReadMe.html72
-rwxr-xr-xdoc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/static/fonts/source-serif-pro/SourceSerifProReadMe.html189
-rwxr-xr-xdoc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/static/fonts/source-serif-pro/TTF/SourceSerifPro-Black.ttfbin0 -> 111572 bytes
-rwxr-xr-xdoc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/static/fonts/source-serif-pro/TTF/SourceSerifPro-Bold.ttfbin0 -> 113320 bytes
-rwxr-xr-xdoc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/static/fonts/source-serif-pro/TTF/SourceSerifPro-ExtraLight.ttfbin0 -> 112004 bytes
-rwxr-xr-xdoc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/static/fonts/source-serif-pro/TTF/SourceSerifPro-Light.ttfbin0 -> 112528 bytes
-rwxr-xr-xdoc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/static/fonts/source-serif-pro/TTF/SourceSerifPro-Regular.ttfbin0 -> 112048 bytes
-rwxr-xr-xdoc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/static/fonts/source-serif-pro/TTF/SourceSerifPro-Semibold.ttfbin0 -> 113168 bytes
-rwxr-xr-xdoc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/static/fonts/source-serif-pro/WOFF/OTF/SourceSerifPro-Black.otf.woffbin0 -> 48788 bytes
-rwxr-xr-xdoc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/static/fonts/source-serif-pro/WOFF/OTF/SourceSerifPro-Bold.otf.woffbin0 -> 51188 bytes
-rwxr-xr-xdoc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/static/fonts/source-serif-pro/WOFF/OTF/SourceSerifPro-ExtraLight.otf.woffbin0 -> 47136 bytes
-rwxr-xr-xdoc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/static/fonts/source-serif-pro/WOFF/OTF/SourceSerifPro-Light.otf.woffbin0 -> 49672 bytes
-rwxr-xr-xdoc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/static/fonts/source-serif-pro/WOFF/OTF/SourceSerifPro-Regular.otf.woffbin0 -> 48972 bytes
-rwxr-xr-xdoc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/static/fonts/source-serif-pro/WOFF/OTF/SourceSerifPro-Semibold.otf.woffbin0 -> 51272 bytes
-rwxr-xr-xdoc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/static/fonts/source-serif-pro/WOFF/TTF/SourceSerifPro-Black.ttf.woffbin0 -> 49496 bytes
-rwxr-xr-xdoc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/static/fonts/source-serif-pro/WOFF/TTF/SourceSerifPro-Bold.ttf.woffbin0 -> 51924 bytes
-rwxr-xr-xdoc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/static/fonts/source-serif-pro/WOFF/TTF/SourceSerifPro-ExtraLight.ttf.woffbin0 -> 48784 bytes
-rwxr-xr-xdoc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/static/fonts/source-serif-pro/WOFF/TTF/SourceSerifPro-Light.ttf.woffbin0 -> 50792 bytes
-rwxr-xr-xdoc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/static/fonts/source-serif-pro/WOFF/TTF/SourceSerifPro-Regular.ttf.woffbin0 -> 49604 bytes
-rwxr-xr-xdoc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/static/fonts/source-serif-pro/WOFF/TTF/SourceSerifPro-Semibold.ttf.woffbin0 -> 51772 bytes
-rwxr-xr-xdoc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/static/fonts/source-serif-pro/bower.json15
-rwxr-xr-xdoc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/static/fonts/source-serif-pro/source-serif-pro.css65
-rw-r--r--doc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/static/guzzle.css_t1037
-rw-r--r--doc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/static/jquery.js5
-rwxr-xr-xdoc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/static/jquery.min.map1
-rw-r--r--doc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/static/js/bootstrap.js1951
-rwxr-xr-xdoc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/static/js/bootstrap.min.js6
-rw-r--r--doc/sphinx/_exts/taler_sphinx_theme/guzzle_sphinx_theme/theme.conf40
-rw-r--r--doc/sphinx/_exts/typescriptdomain.py587
-rw-r--r--doc/sphinx/_static/.gitignore0
-rw-r--r--doc/sphinx/anastasis-db.pngbin0 -> 38801 bytes
-rw-r--r--doc/sphinx/anastasis_challenge_payment.pngbin0 -> 20331 bytes
-rw-r--r--doc/sphinx/anastasis_challengecode.pngbin0 -> 17678 bytes
-rw-r--r--doc/sphinx/anastasis_reducer_backup.drawio1
-rw-r--r--doc/sphinx/anastasis_reducer_backup.pngbin0 -> 59981 bytes
-rw-r--r--doc/sphinx/anastasis_reducer_backup.svg3
-rw-r--r--doc/sphinx/anastasis_reducer_recovery.drawio1
-rw-r--r--doc/sphinx/anastasis_reducer_recovery.pngbin0 -> 52610 bytes
-rw-r--r--doc/sphinx/anastasis_reducer_recovery.svg3
-rw-r--r--doc/sphinx/anastasis_truth.pngbin0 -> 19493 bytes
-rw-r--r--doc/sphinx/anastasis_truth_payment.pngbin0 -> 13430 bytes
-rw-r--r--doc/sphinx/authentication.rst110
-rw-r--r--doc/sphinx/conf.py304
-rw-r--r--doc/sphinx/configuration.rst30
-rw-r--r--doc/sphinx/core/api-common.rst360
-rw-r--r--doc/sphinx/cryptography.rst298
-rw-r--r--doc/sphinx/db.rst28
-rw-r--r--doc/sphinx/design-documents/001-anastasis-ux.rst318
-rw-r--r--doc/sphinx/design-documents/999-template.rst25
-rw-r--r--doc/sphinx/design-documents/index.rst13
-rw-r--r--doc/sphinx/fdl-1.3.rst453
-rw-r--r--doc/sphinx/frags/README.md18
-rw-r--r--doc/sphinx/frags/configuration-format.rst69
-rw-r--r--doc/sphinx/frags/installing-anastasis-gtk.rst31
-rw-r--r--doc/sphinx/frags/installing-anastasis.rst30
-rw-r--r--doc/sphinx/frags/installing-debian.rst59
-rw-r--r--doc/sphinx/frags/installing-gnunet-gtk.rst28
-rw-r--r--doc/sphinx/frags/installing-gnunet.rst21
-rw-r--r--doc/sphinx/frags/installing-taler-exchange.rst16
-rw-r--r--doc/sphinx/frags/installing-taler-merchant.rst34
-rw-r--r--doc/sphinx/frags/installing-ubuntu.rst27
-rw-r--r--doc/sphinx/frags/list-of-dependencies.rst21
-rw-r--r--doc/sphinx/frags/using-anastasis-config.rst50
-rw-r--r--doc/sphinx/genindex.rst2
-rw-r--r--doc/sphinx/global-licensing.rst64
-rw-r--r--doc/sphinx/index.rst74
-rw-r--r--doc/sphinx/installation.rst175
-rw-r--r--doc/sphinx/introduction.rst77
-rw-r--r--doc/sphinx/manindex.rst9
-rw-r--r--doc/sphinx/manpages/anastasis-config.1.rst101
-rw-r--r--doc/sphinx/manpages/anastasis-gtk.1.rst54
-rw-r--r--doc/sphinx/manpages/anastasis-httpd.1.rst58
-rw-r--r--doc/sphinx/manpages/anastasis-reducer.1.rst71
-rw-r--r--doc/sphinx/manpages/anastasis.conf.5.rst133
-rw-r--r--doc/sphinx/reducer.rst1656
-rw-r--r--doc/sphinx/rest.rst508
-rw-r--r--doc/stamp-14
-rw-r--r--doc/stamp-24
-rw-r--r--doc/stamp-34
-rw-r--r--doc/stamp-vti4
-rw-r--r--doc/syntax.texi44
-rw-r--r--doc/system-documentation/.gitignore7
-rw-r--r--doc/system-documentation/bibliothek.bib407
-rw-r--r--doc/system-documentation/client_architecture.tex309
-rw-r--r--doc/system-documentation/design.tex466
-rw-r--r--doc/system-documentation/glossary.tex19
-rw-r--r--doc/system-documentation/images/SD_truthupload.jpegbin0 -> 72655 bytes
-rw-r--r--doc/system-documentation/images/anastasis-db.pngbin0 -> 58761 bytes
-rw-r--r--doc/system-documentation/images/bitcoin-keys.pngbin0 -> 166153 bytes
-rw-r--r--doc/system-documentation/images/client_api.pngbin0 -> 17388 bytes
-rw-r--r--doc/system-documentation/images/keys_anastasis.pngbin0 -> 128275 bytes
-rw-r--r--doc/system-documentation/images/legend_keys_anastasis.pngbin0 -> 33015 bytes
-rw-r--r--doc/system-documentation/images/recovery_process.pngbin0 -> 56690 bytes
-rw-r--r--doc/system-documentation/images/secret_split.pngbin0 -> 71801 bytes
-rw-r--r--doc/system-documentation/images/server_api.pngbin0 -> 32112 bytes
-rw-r--r--doc/system-documentation/images/system-architecture.pngbin0 -> 139182 bytes
-rw-r--r--doc/system-documentation/images/system-architecture_2.pngbin0 -> 76910 bytes
-rw-r--r--doc/system-documentation/images/system_design.pngbin0 -> 57272 bytes
-rw-r--r--doc/system-documentation/images/truth_anastasis.pngbin0 -> 29767 bytes
-rw-r--r--doc/system-documentation/images/user_id.pngbin0 -> 44157 bytes
-rw-r--r--doc/system-documentation/implementation.tex421
-rw-r--r--doc/system-documentation/introduction.tex224
-rw-r--r--doc/system-documentation/related_work.tex484
-rw-r--r--doc/system-documentation/server_architecture.tex134
-rw-r--r--doc/system-documentation/thesis.bbl1412
-rw-r--r--doc/system-documentation/thesis.pdfbin0 -> 859824 bytes
-rw-r--r--doc/system-documentation/thesis.tex64
-rw-r--r--doc/texinfo.tex11772
-rw-r--r--doc/version-manual.texi4
-rw-r--r--doc/visualization/anastasis_visualisation.odgbin0 -> 23703 bytes
-rw-r--r--doc/visualization/anastasis_visualisation.pdfbin0 -> 48288 bytes
-rw-r--r--doc/wireframe/logo-2018-dold.svg87
-rw-r--r--doc/wireframe/menu-items.pngbin0 -> 3475 bytes
-rw-r--r--doc/wireframe/png-export/addpolicy.pngbin0 -> 29531 bytes
-rw-r--r--doc/wireframe/png-export/addpolicymethod.pngbin0 -> 32358 bytes
-rw-r--r--doc/wireframe/png-export/addtruth.pngbin0 -> 34171 bytes
-rw-r--r--doc/wireframe/png-export/addtruthmail.pngbin0 -> 40073 bytes
-rw-r--r--doc/wireframe/png-export/backupsettings.pngbin0 -> 35877 bytes
-rw-r--r--doc/wireframe/png-export/menu.pngbin0 -> 20556 bytes
-rw-r--r--doc/wireframe/png-export/policy.pngbin0 -> 40257 bytes
-rw-r--r--doc/wireframe/png-export/settings.pngbin0 -> 64908 bytes
-rw-r--r--doc/wireframe/png-export/truth.pngbin0 -> 43449 bytes
-rw-r--r--doc/wireframe/png-export/userid.pngbin0 -> 46595 bytes
-rw-r--r--doc/wireframe/settings.pngbin0 -> 32191 bytes
-rw-r--r--doc/wireframe/wireframes.epgzbin0 -> 91005 bytes
-rw-r--r--m4/ax_lib_postgresql.m4155
-rw-r--r--m4/ax_prog_doxygen.m4586
-rw-r--r--m4/gettext.m4420
-rw-r--r--m4/iconv.m4271
-rw-r--r--m4/lib-ld.m4119
-rw-r--r--m4/lib-link.m4777
-rw-r--r--m4/lib-prefix.m4224
-rw-r--r--m4/libcurl.m4251
-rw-r--r--m4/libgnurl.m4250
-rw-r--r--m4/nls.m432
-rw-r--r--m4/po.m4453
-rw-r--r--m4/progtest.m491
-rw-r--r--po/ChangeLog12
-rw-r--r--po/Makefile.in.in483
-rw-r--r--po/Makevars78
-rw-r--r--po/POTFILES.in2
-rw-r--r--po/Rules-quot58
-rw-r--r--po/boldquot.sed10
-rw-r--r--po/en@boldquot.header25
-rw-r--r--po/en@quot.header22
-rw-r--r--po/insert-header.sin23
-rw-r--r--po/quot.sed6
-rw-r--r--po/remove-potcdate.sin19
-rw-r--r--src/Makefile.am3
-rw-r--r--src/authorization/Makefile.am98
-rw-r--r--src/authorization/anastasis_authorization_plugin.c239
-rw-r--r--src/authorization/anastasis_authorization_plugin_email.c616
-rw-r--r--src/authorization/anastasis_authorization_plugin_file.c302
-rw-r--r--src/authorization/anastasis_authorization_plugin_post.c655
-rw-r--r--src/authorization/anastasis_authorization_plugin_sms.c607
-rw-r--r--src/authorization/authorization-email-messages.json10
-rw-r--r--src/authorization/authorization-post-messages.json7
-rw-r--r--src/authorization/authorization-sms-messages.json6
-rw-r--r--src/backend/Makefile.am45
-rw-r--r--src/backend/anastasis-httpd.c943
-rw-r--r--src/backend/anastasis-httpd.h225
-rw-r--r--src/backend/anastasis-httpd_config.c132
-rw-r--r--src/backend/anastasis-httpd_config.h41
-rw-r--r--src/backend/anastasis-httpd_mhd.c70
-rw-r--r--src/backend/anastasis-httpd_mhd.h61
-rw-r--r--src/backend/anastasis-httpd_policy.c252
-rw-r--r--src/backend/anastasis-httpd_policy.h66
-rw-r--r--src/backend/anastasis-httpd_policy_upload.c1211
-rw-r--r--src/backend/anastasis-httpd_terms.c98
-rw-r--r--src/backend/anastasis-httpd_terms.h62
-rw-r--r--src/backend/anastasis-httpd_truth.c1428
-rw-r--r--src/backend/anastasis-httpd_truth.h75
-rw-r--r--src/backend/anastasis-httpd_truth_upload.c855
-rw-r--r--src/backend/anastasis.conf77
-rw-r--r--src/cli/.gitignore6
-rw-r--r--src/cli/Makefile.am56
-rw-r--r--src/cli/anastasis-cli-redux.c366
-rw-r--r--src/cli/resources/00-backup.json8
-rw-r--r--src/cli/resources/00-recovery.json8
-rw-r--r--src/cli/resources/01-backup.json41
-rw-r--r--src/cli/resources/01-recovery.json41
-rw-r--r--src/cli/resources/02-backup.json83
-rw-r--r--src/cli/resources/02-recovery.json83
-rw-r--r--src/cli/resources/03-backup.json155
-rw-r--r--src/cli/resources/04-backup.json172
-rw-r--r--src/cli/resources/05-backup.json213
-rw-r--r--src/cli/resources/06-backup.json223
-rw-r--r--src/cli/test_anastasis_reducer_1.conf9
-rw-r--r--src/cli/test_anastasis_reducer_2.conf9
-rw-r--r--src/cli/test_anastasis_reducer_3.conf9
-rw-r--r--src/cli/test_anastasis_reducer_4.conf9
-rwxr-xr-xsrc/cli/test_anastasis_reducer_add_authentication.sh134
-rwxr-xr-xsrc/cli/test_anastasis_reducer_backup_enter_user_attributes.sh140
-rwxr-xr-xsrc/cli/test_anastasis_reducer_done_authentication.sh65
-rwxr-xr-xsrc/cli/test_anastasis_reducer_done_policy_review.sh105
-rwxr-xr-xsrc/cli/test_anastasis_reducer_enter_secret.sh417
-rwxr-xr-xsrc/cli/test_anastasis_reducer_initialize_state.sh64
-rwxr-xr-xsrc/cli/test_anastasis_reducer_recovery_enter_user_attributes.sh516
-rwxr-xr-xsrc/cli/test_anastasis_reducer_select_continent.sh116
-rwxr-xr-xsrc/cli/test_anastasis_reducer_select_country.sh144
-rw-r--r--src/cli/test_reducer.conf197
-rw-r--r--src/cli/user-details-example.json6
-rw-r--r--src/include/Makefile.am15
-rw-r--r--src/include/anastasis.h986
-rw-r--r--src/include/anastasis_authorization_lib.h52
-rw-r--r--src/include/anastasis_authorization_plugin.h183
-rw-r--r--src/include/anastasis_crypto_lib.h533
-rw-r--r--src/include/anastasis_database_lib.h49
-rw-r--r--src/include/anastasis_database_plugin.h655
-rw-r--r--src/include/anastasis_json.h410
-rw-r--r--src/include/anastasis_redux.h127
-rw-r--r--src/include/anastasis_service.h703
-rw-r--r--src/include/anastasis_testing_lib.h884
-rw-r--r--src/include/anastasis_util_lib.h82
-rw-r--r--src/include/gettext.h71
-rw-r--r--src/include/platform.h60
-rw-r--r--src/lib/Makefile.am27
-rw-r--r--src/lib/anastasis_backup.c979
-rw-r--r--src/lib/anastasis_recovery.c1425
-rw-r--r--src/lib/test_merchant.priv1
-rw-r--r--src/reducer/Makefile.am45
-rw-r--r--src/reducer/anastasis_api_backup_redux.c4893
-rw-r--r--src/reducer/anastasis_api_recovery_redux.c2558
-rw-r--r--src/reducer/anastasis_api_redux.c1730
-rw-r--r--src/reducer/anastasis_api_redux.h347
-rw-r--r--src/reducer/validation_CH_AHV.c57
-rw-r--r--src/reducer/validation_CZ_BN.c59
-rw-r--r--src/reducer/validation_DE_SVN.c98
-rw-r--r--src/reducer/validation_DE_TIN.c57
-rw-r--r--src/reducer/validation_IN_AADHAR.c113
-rw-r--r--src/reducer/validation_IT_CF.c198
-rw-r--r--src/reducer/validation_XX_SQUARE.c48
-rw-r--r--src/reducer/validation_XY_PRIME.c53
-rw-r--r--src/restclient/Makefile.am42
-rw-r--r--src/restclient/anastasis_api_config.c317
-rw-r--r--src/restclient/anastasis_api_curl_defaults.c46
-rw-r--r--src/restclient/anastasis_api_curl_defaults.h38
-rw-r--r--src/restclient/anastasis_api_keyshare_lookup.c508
-rw-r--r--src/restclient/anastasis_api_policy_lookup.c356
-rw-r--r--src/restclient/anastasis_api_policy_store.c527
-rw-r--r--src/restclient/anastasis_api_truth_store.c354
-rw-r--r--src/stasis/Datenbank-Schema.xml1
-rw-r--r--src/stasis/Makefile.am95
-rw-r--r--src/stasis/anastasis-dbinit.c112
-rw-r--r--src/stasis/anastasis_db_plugin.c146
-rw-r--r--src/stasis/anastasis_db_postgres.conf7
-rw-r--r--src/stasis/drop0001.sql37
-rw-r--r--src/stasis/plugin_anastasis_postgres.c2301
-rw-r--r--src/stasis/stasis-0000.sql293
-rw-r--r--src/stasis/stasis-0001.sql194
-rw-r--r--src/stasis/stasis-postgres.conf6
-rw-r--r--src/stasis/test_anastasis_db.c344
-rw-r--r--src/stasis/test_anastasis_db_postgres.conf10
-rw-r--r--src/testing/.gitignore3
-rw-r--r--src/testing/Makefile.am91
-rwxr-xr-xsrc/testing/sms_authentication.sh10
-rw-r--r--src/testing/test_anastasis.c464
-rw-r--r--src/testing/test_anastasis_api.c421
-rw-r--r--src/testing/test_anastasis_api.conf264
-rw-r--r--src/testing/test_anastasis_api_home/.config/taler/exchange/account-2.json3
-rw-r--r--src/testing/test_anastasis_api_home/.config/taler/merchant/account-3.json1
-rw-r--r--src/testing/test_anastasis_api_home/.config/taler/merchant/default.priv1
-rw-r--r--src/testing/test_anastasis_api_home/.config/taler/merchant/dtip.priv1
-rw-r--r--src/testing/test_anastasis_api_home/.config/taler/merchant/nulltip.priv1
-rw-r--r--src/testing/test_anastasis_api_home/.config/taler/merchant/reserve/dtip.priv1
-rw-r--r--src/testing/test_anastasis_api_home/.config/taler/merchant/reserve/nulltip.priv1
-rw-r--r--src/testing/test_anastasis_api_home/.config/taler/merchant/reserve/tip.priv1
-rw-r--r--src/testing/test_anastasis_api_home/.config/taler/merchant/tip.privbin0 -> 32 bytes
-rw-r--r--src/testing/test_anastasis_api_home/.config/taler/merchant/tor.privbin0 -> 32 bytes
-rw-r--r--src/testing/test_anastasis_api_home/.config/taler/test.json8
-rw-r--r--src/testing/test_anastasis_api_home/.local/share/taler/exchange/offline-keys/master.priv1
-rw-r--r--src/testing/test_anastasis_api_home/.local/share/taler/merchant/merchant.priv1
-rw-r--r--src/testing/testing_api_cmd_config.c206
-rw-r--r--src/testing/testing_api_cmd_keyshare_lookup.c465
-rw-r--r--src/testing/testing_api_cmd_policy_lookup.c267
-rw-r--r--src/testing/testing_api_cmd_policy_store.c397
-rw-r--r--src/testing/testing_api_cmd_truth_store.c436
-rw-r--r--src/testing/testing_api_helpers.c173
-rw-r--r--src/testing/testing_api_trait_account_priv.c72
-rw-r--r--src/testing/testing_api_trait_account_pub.c72
-rw-r--r--src/testing/testing_api_trait_code.c73
-rw-r--r--src/testing/testing_api_trait_eks.c58
-rw-r--r--src/testing/testing_api_trait_hash.c72
-rw-r--r--src/testing/testing_api_trait_payment_secret.c73
-rw-r--r--src/testing/testing_api_trait_salt.c74
-rw-r--r--src/testing/testing_api_trait_truth_key.c58
-rw-r--r--src/testing/testing_api_trait_truth_uuid.c74
-rw-r--r--src/testing/testing_cmd_challenge_answer.c584
-rw-r--r--src/testing/testing_cmd_policy_create.c208
-rw-r--r--src/testing/testing_cmd_recover_secret.c518
-rw-r--r--src/testing/testing_cmd_secret_share.c441
-rw-r--r--src/testing/testing_cmd_truth_upload.c383
-rw-r--r--src/testing/testing_trait_challenge.c72
-rw-r--r--src/testing/testing_trait_core_secret.c74
-rw-r--r--src/testing/testing_trait_policy.c73
-rw-r--r--src/testing/testing_trait_truth.c73
-rw-r--r--src/util/Makefile.am57
-rw-r--r--src/util/anastasis-config.in12
-rw-r--r--src/util/anastasis_crypto.c637
-rw-r--r--src/util/os_installation.c71
-rw-r--r--src/util/paths.conf29
-rw-r--r--src/util/test_anastasis_crypto.c346
486 files changed, 93322 insertions, 0 deletions
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..f10bbe4
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,127 @@
+*~
+Makefile
+Makefile.in
+aclocal.m4
+anastasis_config.h
+anastasis_config.h.in
+anastasis_config.h.in~
+autom4te.cache/
+compile
+config.guess
+config.log
+config.status
+config.sub
+configure
+contrib/uncrustify.sh
+depcomp
+doc/Makefile
+install-sh
+libtool
+ltmain.sh
+missing
+src/Makefile
+src/Makefile.in
+m4/*.m4
+po/POTFILES
+po/Makevars.template
+po/anastasis.pot
+po/remove-potcdate.sed
+po/stamp-po
+**/.deps/
+**/.libs/
+src/stasis/Makefile
+src/stasis/Makefile.in
+src/stasis/libanastasis_plugin_db_postgres.la
+src/stasis/plugin_anastasis_postgres.lo
+src/stasis/plugin_anastasis_postgres.o
+src/stasis/.deps/
+src/backend/Makefile
+src/backend/Makefile.in
+src/include/Makefile
+src/include/Makefile.in
+src/testing/test_anastasis_api_home/.local/share/taler/exchange/live-keys/
+src/testing/test_anastasis_api_home/.local/share/taler/exchange/revocations/
+src/testing/test_anastasis_api_home/.local/share/taler/exchange/wirefees/
+src/testing/test_anastasis_api_home/.local/share/taler/auditors/
+src/testing/test_anastasis_api_home/.local/share/taler/auditor/
+src/testing/test_anastasis_api_home/.local/share/taler/taler-exchange-secmod-*/
+src/testing/test_anastasis_api_home/.local/share/taler/exchange/offline-keys/*.pub
+src/util/child_management_test.txt
+**/*.log
+src/lib/*.in
+**/*.o
+**/*.la
+**/*.lo
+**/*.trs
+**/Makefile
+**/Makefile.in
+stamp-h1
+test-driver
+uncrustify.cfg
+doc/Makefile.in
+m4/libtool.m4
+m4/ltoptions.m4
+m4/ltsugar.m4
+m4/ltversion.m4
+m4/lt~obsolete.m4
+*.swp
+src/lib/.libs
+*.lo
+*.o
+*.la
+src/util/.deps/
+src/backend/.deps/
+src/backend/.idea/
+src/backend/.libs/
+src/stasis/.libs/
+src/backend/anastasis-httpd
+doc/Makefile.in
+src/include/Makefile.in
+
+A
+A
+
+src/stasis/anastasis-dbinit
+src/stasis/test_anastasis_db-postgres
+src/stasis/test_anastasis_db-postgres.log
+src/stasis/test_anastasis_db-postgres.trs
+src/stasis/test-suite.log
+src/util/test-suite.log
+src/util/test_anastasis_crypto.log
+src/util/test_anastasis_crypto
+src/util/test_anastasis_crypto.trs
+src/lib/test_anastasisrest_api
+src/lib/vgcore.*
+src/util/vgcore.*
+src/statis/vgcore.*
+src/lib/valgrind*.txt
+src/stasis/valgrind*.txt
+src/util/valgrind*.txt
+src/lib/test_anastasis
+src/cli/anastasis-splitter
+src/cli/anastasis-assembler
+src/cli/.deps/
+src/cli/.deps/anastasis-cli-splitter.Po
+src/cli/.deps/anastasis-cli-assembler.Po
+src/cli/.libs/
+src/cli/.libs/anastasis-assembler
+src/cli/.libs/anastasis-splitter
+
+doc/thesis/*.aux
+doc/thesis/*.bcf
+doc/thesis/*.log
+doc/thesis/*.xml
+doc/thesis/*.toc
+doc/thesis/*.pdf
+doc/thesis/*.blg
+doc/thesis/*.lot
+doc/thesis/*.lof
+doc/thesis/*.blg
+doc/thesis/*.bbl
+doc/thesis/*.gzsrc/cli/anastasis-reducer
+contrib/anastasis.tag
+src/util/anastasis-config
+src/util/test_anastasis_child_management
+src/include/anastasis_error_codes.h
+src/lib/test_anastasis_api_home/
+doc/anastasis.info
diff --git a/.gitmodules b/.gitmodules
new file mode 100644
index 0000000..16d1fe5
--- /dev/null
+++ b/.gitmodules
@@ -0,0 +1,3 @@
+[submodule "contrib/gana"]
+ path = contrib/gana
+ url = git://git.gnunet.org/gana
diff --git a/ABOUT-NLS b/ABOUT-NLS
new file mode 100644
index 0000000..3cc8286
--- /dev/null
+++ b/ABOUT-NLS
@@ -0,0 +1,1379 @@
+1 Notes on the Free Translation Project
+***************************************
+
+Free software is going international! The Free Translation Project is a
+way to get maintainers of free software, translators, and users all
+together, so that free software will gradually become able to speak many
+languages. A few packages already provide translations for their
+messages.
+
+ If you found this 'ABOUT-NLS' file inside a distribution, you may
+assume that the distributed package does use GNU 'gettext' internally,
+itself available at your nearest GNU archive site. But you do _not_
+need to install GNU 'gettext' prior to configuring, installing or using
+this package with messages translated.
+
+ Installers will find here some useful hints. These notes also
+explain how users should proceed for getting the programs to use the
+available translations. They tell how people wanting to contribute and
+work on translations can contact the appropriate team.
+
+1.1 INSTALL Matters
+===================
+
+Some packages are "localizable" when properly installed; the programs
+they contain can be made to speak your own native language. Most such
+packages use GNU 'gettext'. Other packages have their own ways to
+internationalization, predating GNU 'gettext'.
+
+ By default, this package will be installed to allow translation of
+messages. It will automatically detect whether the system already
+provides the GNU 'gettext' functions. Installers may use special
+options at configuration time for changing the default behaviour. The
+command:
+
+ ./configure --disable-nls
+
+will _totally_ disable translation of messages.
+
+ When you already have GNU 'gettext' installed on your system and run
+configure without an option for your new package, 'configure' will
+probably detect the previously built and installed 'libintl' library and
+will decide to use it. If not, you may have to to use the
+'--with-libintl-prefix' option to tell 'configure' where to look for it.
+
+ Internationalized packages usually have many 'po/LL.po' files, where
+LL gives an ISO 639 two-letter code identifying the language. Unless
+translations have been forbidden at 'configure' time by using the
+'--disable-nls' switch, all available translations are installed
+together with the package. However, the environment variable 'LINGUAS'
+may be set, prior to configuration, to limit the installed set.
+'LINGUAS' should then contain a space separated list of two-letter
+codes, stating which languages are allowed.
+
+1.2 Using This Package
+======================
+
+As a user, if your language has been installed for this package, you
+only have to set the 'LANG' environment variable to the appropriate
+'LL_CC' combination. If you happen to have the 'LC_ALL' or some other
+'LC_xxx' environment variables set, you should unset them before setting
+'LANG', otherwise the setting of 'LANG' will not have the desired
+effect. Here 'LL' is an ISO 639 two-letter language code, and 'CC' is
+an ISO 3166 two-letter country code. For example, let's suppose that
+you speak German and live in Germany. At the shell prompt, merely
+execute 'setenv LANG de_DE' (in 'csh'), 'export LANG; LANG=de_DE' (in
+'sh') or 'export LANG=de_DE' (in 'bash'). This can be done from your
+'.login' or '.profile' file, once and for all.
+
+ You might think that the country code specification is redundant.
+But in fact, some languages have dialects in different countries. For
+example, 'de_AT' is used for Austria, and 'pt_BR' for Brazil. The
+country code serves to distinguish the dialects.
+
+ The locale naming convention of 'LL_CC', with 'LL' denoting the
+language and 'CC' denoting the country, is the one use on systems based
+on GNU libc. On other systems, some variations of this scheme are used,
+such as 'LL' or 'LL_CC.ENCODING'. You can get the list of locales
+supported by your system for your language by running the command
+'locale -a | grep '^LL''.
+
+ Not all programs have translations for all languages. By default, an
+English message is shown in place of a nonexistent translation. If you
+understand other languages, you can set up a priority list of languages.
+This is done through a different environment variable, called
+'LANGUAGE'. GNU 'gettext' gives preference to 'LANGUAGE' over 'LANG'
+for the purpose of message handling, but you still need to have 'LANG'
+set to the primary language; this is required by other parts of the
+system libraries. For example, some Swedish users who would rather read
+translations in German than English for when Swedish is not available,
+set 'LANGUAGE' to 'sv:de' while leaving 'LANG' to 'sv_SE'.
+
+ Special advice for Norwegian users: The language code for Norwegian
+bokma*l changed from 'no' to 'nb' recently (in 2003). During the
+transition period, while some message catalogs for this language are
+installed under 'nb' and some older ones under 'no', it's recommended
+for Norwegian users to set 'LANGUAGE' to 'nb:no' so that both newer and
+older translations are used.
+
+ In the 'LANGUAGE' environment variable, but not in the 'LANG'
+environment variable, 'LL_CC' combinations can be abbreviated as 'LL' to
+denote the language's main dialect. For example, 'de' is equivalent to
+'de_DE' (German as spoken in Germany), and 'pt' to 'pt_PT' (Portuguese
+as spoken in Portugal) in this context.
+
+1.3 Translating Teams
+=====================
+
+For the Free Translation Project to be a success, we need interested
+people who like their own language and write it well, and who are also
+able to synergize with other translators speaking the same language.
+Each translation team has its own mailing list. The up-to-date list of
+teams can be found at the Free Translation Project's homepage,
+'http://translationproject.org/', in the "Teams" area.
+
+ If you'd like to volunteer to _work_ at translating messages, you
+should become a member of the translating team for your own language.
+The subscribing address is _not_ the same as the list itself, it has
+'-request' appended. For example, speakers of Swedish can send a
+message to 'sv-request@li.org', having this message body:
+
+ subscribe
+
+ Keep in mind that team members are expected to participate _actively_
+in translations, or at solving translational difficulties, rather than
+merely lurking around. If your team does not exist yet and you want to
+start one, or if you are unsure about what to do or how to get started,
+please write to 'coordinator@translationproject.org' to reach the
+coordinator for all translator teams.
+
+ The English team is special. It works at improving and uniformizing
+the terminology in use. Proven linguistic skills are praised more than
+programming skills, here.
+
+1.4 Available Packages
+======================
+
+Languages are not equally supported in all packages. The following
+matrix shows the current state of internationalization, as of Jun 2014.
+The matrix shows, in regard of each package, for which languages PO
+files have been submitted to translation coordination, with a
+translation percentage of at least 50%.
+
+ Ready PO files af am an ar as ast az be bg bn bn_IN bs ca crh cs
+ +---------------------------------------------------+
+ a2ps | [] [] [] |
+ aegis | |
+ anubis | |
+ aspell | [] [] [] |
+ bash | [] [] [] |
+ bfd | |
+ binutils | [] |
+ bison | |
+ bison-runtime | [] |
+ buzztrax | [] |
+ ccd2cue | |
+ ccide | |
+ cflow | |
+ clisp | |
+ coreutils | [] [] |
+ cpio | |
+ cppi | |
+ cpplib | [] |
+ cryptsetup | [] |
+ datamash | |
+ denemo | [] [] |
+ dfarc | [] |
+ dialog | [] [] [] |
+ dico | |
+ diffutils | [] |
+ dink | [] |
+ direvent | |
+ doodle | [] |
+ dos2unix | |
+ dos2unix-man | |
+ e2fsprogs | [] [] |
+ enscript | [] |
+ exif | [] |
+ fetchmail | [] [] |
+ findutils | [] |
+ flex | [] |
+ freedink | [] [] |
+ fusionforge | |
+ gas | |
+ gawk | [] |
+ gcal | [] |
+ gcc | |
+ gdbm | |
+ gettext-examples | [] [] [] [] [] |
+ gettext-runtime | [] [] [] |
+ gettext-tools | [] [] |
+ gjay | |
+ glunarclock | [] [] [] |
+ gnubiff | [] |
+ gnubik | [] |
+ gnucash | () () [] |
+ gnuchess | |
+ gnulib | [] |
+ gnunet | |
+ gnunet-gtk | |
+ gold | |
+ gphoto2 | [] |
+ gprof | [] |
+ gramadoir | |
+ grep | [] [] [] |
+ grub | [] |
+ gsasl | |
+ gss | |
+ gst-plugins-bad | [] [] |
+ gst-plugins-base | [] [] [] |
+ gst-plugins-good | [] [] [] |
+ gst-plugins-ugly | [] [] [] |
+ gstreamer | [] [] [] [] |
+ gtick | [] |
+ gtkam | [] [] |
+ gtkspell | [] [] [] [] [] |
+ guix | |
+ guix-packages | |
+ gutenprint | [] |
+ hello | [] |
+ help2man | |
+ help2man-texi | |
+ hylafax | |
+ idutils | |
+ iso_15924 | [] |
+ iso_3166 | [] [] [] [] [] [] [] [] [] [] |
+ iso_3166_2 | |
+ iso_4217 | [] |
+ iso_639 | [] [] [] [] [] [] [] [] [] |
+ iso_639_3 | [] [] |
+ iso_639_5 | |
+ jwhois | |
+ kbd | [] |
+ klavaro | [] [] [] [] [] |
+ ld | [] |
+ leafpad | [] [] [] [] |
+ libc | [] [] [] |
+ libexif | () |
+ libextractor | |
+ libgnutls | [] |
+ libgphoto2 | [] |
+ libgphoto2_port | [] |
+ libgsasl | |
+ libiconv | [] [] |
+ libidn | [] |
+ liferea | [] [] [] [] |
+ lilypond | [] [] |
+ lordsawar | [] |
+ lprng | |
+ lynx | [] [] |
+ m4 | [] |
+ mailfromd | |
+ mailutils | |
+ make | [] |
+ man-db | [] [] |
+ man-db-manpages | |
+ midi-instruments | [] [] [] |
+ minicom | [] |
+ mkisofs | [] |
+ myserver | [] |
+ nano | [] [] [] |
+ opcodes | |
+ parted | [] |
+ pies | |
+ pnmixer | |
+ popt | [] |
+ procps-ng | |
+ procps-ng-man | |
+ psmisc | [] |
+ pspp | [] |
+ pushover | [] |
+ pwdutils | |
+ pyspread | |
+ radius | [] |
+ recode | [] [] [] |
+ recutils | |
+ rpm | |
+ rush | |
+ sarg | |
+ sed | [] [] [] [] |
+ sharutils | [] |
+ shishi | |
+ skribilo | |
+ solfege | [] [] |
+ solfege-manual | |
+ spotmachine | |
+ sudo | [] [] |
+ sudoers | [] [] |
+ sysstat | [] |
+ tar | [] [] [] |
+ texinfo | [] [] |
+ texinfo_document | [] [] |
+ tigervnc | [] |
+ tin | |
+ tin-man | |
+ tracgoogleappsa... | |
+ trader | |
+ util-linux | [] |
+ ve | |
+ vice | |
+ vmm | |
+ vorbis-tools | [] |
+ wastesedge | |
+ wcd | |
+ wcd-man | |
+ wdiff | [] [] |
+ wget | [] |
+ wyslij-po | |
+ xboard | |
+ xdg-user-dirs | [] [] [] [] [] [] [] [] [] [] |
+ xkeyboard-config | [] [] [] |
+ +---------------------------------------------------+
+ af am an ar as ast az be bg bn bn_IN bs ca crh cs
+ 4 0 2 5 3 11 0 8 25 3 3 1 55 4 74
+
+ da de el en en_GB en_ZA eo es et eu fa fi fr
+ +--------------------------------------------------+
+ a2ps | [] [] [] [] [] [] [] [] [] |
+ aegis | [] [] [] [] |
+ anubis | [] [] [] [] [] |
+ aspell | [] [] [] [] [] [] [] |
+ bash | [] [] [] |
+ bfd | [] [] [] [] |
+ binutils | [] [] [] |
+ bison | [] [] [] [] [] [] [] [] |
+ bison-runtime | [] [] [] [] [] [] [] [] |
+ buzztrax | [] [] [] [] |
+ ccd2cue | [] [] [] [] |
+ ccide | [] [] [] [] [] [] |
+ cflow | [] [] [] [] [] |
+ clisp | [] [] [] [] [] |
+ coreutils | [] [] [] [] [] |
+ cpio | [] [] [] [] [] |
+ cppi | [] [] [] [] [] |
+ cpplib | [] [] [] [] [] [] |
+ cryptsetup | [] [] [] [] [] |
+ datamash | [] [] [] [] |
+ denemo | [] |
+ dfarc | [] [] [] [] [] [] |
+ dialog | [] [] [] [] [] [] [] [] [] |
+ dico | [] [] [] [] |
+ diffutils | [] [] [] [] [] [] |
+ dink | [] [] [] [] [] [] |
+ direvent | [] [] [] [] |
+ doodle | [] [] [] [] |
+ dos2unix | [] [] [] [] [] |
+ dos2unix-man | [] [] [] |
+ e2fsprogs | [] [] [] [] [] |
+ enscript | [] [] [] [] [] [] |
+ exif | [] [] [] [] [] [] |
+ fetchmail | [] () [] [] [] [] [] |
+ findutils | [] [] [] [] [] [] [] [] |
+ flex | [] [] [] [] [] [] |
+ freedink | [] [] [] [] [] [] [] [] |
+ fusionforge | [] [] [] |
+ gas | [] [] [] |
+ gawk | [] [] [] [] [] |
+ gcal | [] [] [] [] |
+ gcc | [] |
+ gdbm | [] [] [] [] [] |
+ gettext-examples | [] [] [] [] [] [] [] |
+ gettext-runtime | [] [] [] [] [] [] |
+ gettext-tools | [] [] [] [] [] |
+ gjay | [] [] [] [] |
+ glunarclock | [] [] [] [] [] |
+ gnubiff | () [] [] () |
+ gnubik | [] [] [] [] [] |
+ gnucash | [] () () () () () () |
+ gnuchess | [] [] [] [] |
+ gnulib | [] [] [] [] [] [] [] |
+ gnunet | [] |
+ gnunet-gtk | [] |
+ gold | [] [] [] |
+ gphoto2 | [] () [] [] |
+ gprof | [] [] [] [] [] [] |
+ gramadoir | [] [] [] [] [] |
+ grep | [] [] [] [] [] [] [] |
+ grub | [] [] [] [] [] |
+ gsasl | [] [] [] [] [] |
+ gss | [] [] [] [] [] |
+ gst-plugins-bad | [] [] [] |
+ gst-plugins-base | [] [] [] [] [] [] |
+ gst-plugins-good | [] [] [] [] [] [] [] |
+ gst-plugins-ugly | [] [] [] [] [] [] [] [] |
+ gstreamer | [] [] [] [] [] [] [] |
+ gtick | [] () [] [] [] |
+ gtkam | [] () [] [] [] [] |
+ gtkspell | [] [] [] [] [] [] [] [] |
+ guix | [] [] |
+ guix-packages | |
+ gutenprint | [] [] [] [] |
+ hello | [] [] [] [] [] [] [] [] |
+ help2man | [] [] [] [] [] [] [] |
+ help2man-texi | [] [] [] |
+ hylafax | [] [] |
+ idutils | [] [] [] [] [] |
+ iso_15924 | [] () [] [] () [] () |
+ iso_3166 | [] () [] [] [] [] () [] () |
+ iso_3166_2 | [] () () () |
+ iso_4217 | [] () [] [] [] () [] () |
+ iso_639 | [] () [] [] () [] () |
+ iso_639_3 | () () () |
+ iso_639_5 | () () () |
+ jwhois | [] [] [] [] [] |
+ kbd | [] [] [] [] [] [] |
+ klavaro | [] [] [] [] [] [] [] |
+ ld | [] [] [] [] |
+ leafpad | [] [] [] [] [] [] [] [] |
+ libc | [] [] [] [] [] |
+ libexif | [] [] () [] [] |
+ libextractor | [] |
+ libgnutls | [] [] [] [] |
+ libgphoto2 | [] () [] |
+ libgphoto2_port | [] () [] [] [] [] |
+ libgsasl | [] [] [] [] [] |
+ libiconv | [] [] [] [] [] [] [] |
+ libidn | [] [] [] [] [] |
+ liferea | [] () [] [] [] [] [] |
+ lilypond | [] [] [] [] [] [] |
+ lordsawar | [] [] |
+ lprng | |
+ lynx | [] [] [] [] [] [] |
+ m4 | [] [] [] [] [] [] |
+ mailfromd | [] |
+ mailutils | [] [] [] [] |
+ make | [] [] [] [] [] |
+ man-db | [] [] [] [] |
+ man-db-manpages | [] [] |
+ midi-instruments | [] [] [] [] [] [] [] [] [] |
+ minicom | [] [] [] [] [] |
+ mkisofs | [] [] [] |
+ myserver | [] [] [] [] |
+ nano | [] [] [] [] [] [] [] |
+ opcodes | [] [] [] [] [] |
+ parted | [] [] [] |
+ pies | [] |
+ pnmixer | [] [] |
+ popt | [] [] [] [] [] [] |
+ procps-ng | [] [] |
+ procps-ng-man | [] [] |
+ psmisc | [] [] [] [] [] [] [] |
+ pspp | [] [] [] |
+ pushover | () [] [] [] |
+ pwdutils | [] [] [] |
+ pyspread | [] [] [] |
+ radius | [] [] |
+ recode | [] [] [] [] [] [] [] |
+ recutils | [] [] [] [] |
+ rpm | [] [] [] [] [] |
+ rush | [] [] [] |
+ sarg | [] [] |
+ sed | [] [] [] [] [] [] [] [] |
+ sharutils | [] [] [] [] |
+ shishi | [] [] [] |
+ skribilo | [] [] [] |
+ solfege | [] [] [] [] [] [] [] [] |
+ solfege-manual | [] [] [] [] [] |
+ spotmachine | [] [] [] [] [] |
+ sudo | [] [] [] [] [] [] |
+ sudoers | [] [] [] [] [] [] |
+ sysstat | [] [] [] [] [] [] |
+ tar | [] [] [] [] [] [] [] |
+ texinfo | [] [] [] [] [] |
+ texinfo_document | [] [] [] [] |
+ tigervnc | [] [] [] [] [] [] |
+ tin | [] [] [] [] |
+ tin-man | [] |
+ tracgoogleappsa... | [] [] [] [] [] |
+ trader | [] [] [] [] [] [] |
+ util-linux | [] [] [] [] |
+ ve | [] [] [] [] [] |
+ vice | () () () |
+ vmm | [] [] |
+ vorbis-tools | [] [] [] [] |
+ wastesedge | [] |
+ wcd | [] [] [] [] |
+ wcd-man | [] |
+ wdiff | [] [] [] [] [] [] [] |
+ wget | [] [] [] [] [] [] |
+ wyslij-po | [] [] [] [] |
+ xboard | [] [] [] [] |
+ xdg-user-dirs | [] [] [] [] [] [] [] [] [] [] |
+ xkeyboard-config | [] [] [] [] [] [] [] |
+ +--------------------------------------------------+
+ da de el en en_GB en_ZA eo es et eu fa fi fr
+ 119 131 32 1 6 0 94 95 22 13 4 102 139
+
+ ga gd gl gu he hi hr hu hy ia id is it ja ka kk
+ +-------------------------------------------------+
+ a2ps | [] [] [] [] |
+ aegis | [] |
+ anubis | [] [] [] [] |
+ aspell | [] [] [] [] [] |
+ bash | [] [] [] [] |
+ bfd | [] [] |
+ binutils | [] [] [] |
+ bison | [] |
+ bison-runtime | [] [] [] [] [] [] [] [] |
+ buzztrax | |
+ ccd2cue | [] |
+ ccide | [] [] |
+ cflow | [] [] [] |
+ clisp | |
+ coreutils | [] [] |
+ cpio | [] [] [] [] [] [] |
+ cppi | [] [] [] [] [] |
+ cpplib | [] [] |
+ cryptsetup | [] |
+ datamash | |
+ denemo | [] |
+ dfarc | [] [] [] |
+ dialog | [] [] [] [] [] [] [] [] [] [] |
+ dico | |
+ diffutils | [] [] [] [] |
+ dink | [] |
+ direvent | [] |
+ doodle | [] [] |
+ dos2unix | [] [] |
+ dos2unix-man | |
+ e2fsprogs | [] [] |
+ enscript | [] [] [] |
+ exif | [] [] [] [] [] [] |
+ fetchmail | [] [] [] |
+ findutils | [] [] [] [] [] [] [] |
+ flex | [] |
+ freedink | [] [] [] [] |
+ fusionforge | |
+ gas | [] |
+ gawk | [] () [] |
+ gcal | |
+ gcc | |
+ gdbm | |
+ gettext-examples | [] [] [] [] [] [] [] |
+ gettext-runtime | [] [] [] [] [] [] [] |
+ gettext-tools | [] [] [] |
+ gjay | [] |
+ glunarclock | [] [] [] [] [] [] |
+ gnubiff | [] [] () |
+ gnubik | [] [] [] |
+ gnucash | () () () () () |
+ gnuchess | |
+ gnulib | [] [] [] [] [] |
+ gnunet | |
+ gnunet-gtk | |
+ gold | [] [] |
+ gphoto2 | [] [] [] [] |
+ gprof | [] [] [] [] |
+ gramadoir | [] [] [] |
+ grep | [] [] [] [] [] [] [] |
+ grub | [] [] [] |
+ gsasl | [] [] [] [] [] |
+ gss | [] [] [] [] [] |
+ gst-plugins-bad | [] [] [] |
+ gst-plugins-base | [] [] [] [] |
+ gst-plugins-good | [] [] [] [] [] [] |
+ gst-plugins-ugly | [] [] [] [] [] [] |
+ gstreamer | [] [] [] [] [] |
+ gtick | [] [] [] [] [] |
+ gtkam | [] [] [] [] [] |
+ gtkspell | [] [] [] [] [] [] [] [] [] [] |
+ guix | |
+ guix-packages | |
+ gutenprint | [] [] [] |
+ hello | [] [] [] [] [] |
+ help2man | [] [] [] |
+ help2man-texi | |
+ hylafax | [] |
+ idutils | [] [] |
+ iso_15924 | [] [] [] [] [] [] |
+ iso_3166 | [] [] [] [] [] [] [] [] [] [] [] [] [] |
+ iso_3166_2 | [] [] |
+ iso_4217 | [] [] [] [] [] [] |
+ iso_639 | [] [] [] [] [] [] [] [] [] |
+ iso_639_3 | [] [] |
+ iso_639_5 | |
+ jwhois | [] [] [] [] |
+ kbd | [] [] [] |
+ klavaro | [] [] [] [] [] |
+ ld | [] [] [] [] |
+ leafpad | [] [] [] [] [] [] [] () |
+ libc | [] [] [] [] [] |
+ libexif | [] |
+ libextractor | |
+ libgnutls | [] |
+ libgphoto2 | [] [] |
+ libgphoto2_port | [] [] |
+ libgsasl | [] [] [] [] |
+ libiconv | [] [] [] [] [] [] [] |
+ libidn | [] [] [] [] |
+ liferea | [] [] [] [] [] |
+ lilypond | [] |
+ lordsawar | |
+ lprng | [] |
+ lynx | [] [] [] [] |
+ m4 | [] [] [] [] [] |
+ mailfromd | |
+ mailutils | |
+ make | [] [] [] [] |
+ man-db | [] [] |
+ man-db-manpages | [] [] |
+ midi-instruments | [] [] [] [] [] [] [] [] [] |
+ minicom | [] [] [] |
+ mkisofs | [] [] |
+ myserver | [] |
+ nano | [] [] [] [] [] [] |
+ opcodes | [] [] [] |
+ parted | [] [] [] [] [] |
+ pies | |
+ pnmixer | [] [] |
+ popt | [] [] [] [] [] [] [] [] [] [] |
+ procps-ng | |
+ procps-ng-man | |
+ psmisc | [] [] [] [] |
+ pspp | [] [] |
+ pushover | [] |
+ pwdutils | [] |
+ pyspread | |
+ radius | [] |
+ recode | [] [] [] [] [] [] [] |
+ recutils | |
+ rpm | [] |
+ rush | [] |
+ sarg | |
+ sed | [] [] [] [] [] [] [] |
+ sharutils | |
+ shishi | |
+ skribilo | [] |
+ solfege | [] [] |
+ solfege-manual | |
+ spotmachine | |
+ sudo | [] [] [] [] |
+ sudoers | [] [] [] |
+ sysstat | [] [] [] [] |
+ tar | [] [] [] [] [] [] |
+ texinfo | [] [] [] |
+ texinfo_document | [] [] [] |
+ tigervnc | |
+ tin | |
+ tin-man | |
+ tracgoogleappsa... | [] [] [] [] |
+ trader | [] [] |
+ util-linux | [] |
+ ve | [] |
+ vice | () () |
+ vmm | |
+ vorbis-tools | [] [] |
+ wastesedge | [] |
+ wcd | |
+ wcd-man | |
+ wdiff | [] [] [] |
+ wget | [] [] [] [] |
+ wyslij-po | [] [] [] |
+ xboard | |
+ xdg-user-dirs | [] [] [] [] [] [] [] [] [] [] [] [] [] [] |
+ xkeyboard-config | [] [] [] [] [] [] |
+ +-------------------------------------------------+
+ ga gd gl gu he hi hr hu hy ia id is it ja ka kk
+ 35 2 47 4 8 2 60 71 2 6 81 11 87 57 0 3
+
+ kn ko ku ky lg lt lv mk ml mn mr ms mt nb ne nl
+ +--------------------------------------------------+
+ a2ps | [] [] |
+ aegis | [] |
+ anubis | [] [] [] |
+ aspell | [] [] |
+ bash | [] [] |
+ bfd | |
+ binutils | |
+ bison | [] |
+ bison-runtime | [] [] [] [] [] [] |
+ buzztrax | |
+ ccd2cue | |
+ ccide | [] [] |
+ cflow | [] |
+ clisp | [] |
+ coreutils | [] [] |
+ cpio | [] |
+ cppi | |
+ cpplib | [] |
+ cryptsetup | [] |
+ datamash | [] [] |
+ denemo | |
+ dfarc | [] [] |
+ dialog | [] [] [] [] [] [] |
+ dico | |
+ diffutils | [] [] [] |
+ dink | [] |
+ direvent | [] |
+ doodle | [] |
+ dos2unix | [] [] |
+ dos2unix-man | [] |
+ e2fsprogs | [] |
+ enscript | [] |
+ exif | [] [] [] |
+ fetchmail | [] |
+ findutils | [] [] |
+ flex | [] |
+ freedink | [] [] |
+ fusionforge | |
+ gas | |
+ gawk | [] |
+ gcal | |
+ gcc | |
+ gdbm | |
+ gettext-examples | [] [] [] [] [] [] |
+ gettext-runtime | [] [] [] |
+ gettext-tools | [] |
+ gjay | |
+ glunarclock | [] [] |
+ gnubiff | [] |
+ gnubik | [] [] |
+ gnucash | () () () () () () () [] |
+ gnuchess | [] [] |
+ gnulib | [] |
+ gnunet | |
+ gnunet-gtk | |
+ gold | |
+ gphoto2 | [] |
+ gprof | [] [] |
+ gramadoir | [] |
+ grep | [] [] |
+ grub | [] [] [] |
+ gsasl | [] |
+ gss | |
+ gst-plugins-bad | [] [] [] |
+ gst-plugins-base | [] [] [] |
+ gst-plugins-good | [] [] [] [] |
+ gst-plugins-ugly | [] [] [] [] [] |
+ gstreamer | [] [] [] |
+ gtick | [] |
+ gtkam | [] [] |
+ gtkspell | [] [] [] [] [] [] [] |
+ guix | |
+ guix-packages | |
+ gutenprint | [] |
+ hello | [] [] [] |
+ help2man | [] |
+ help2man-texi | |
+ hylafax | [] |
+ idutils | [] |
+ iso_15924 | () [] [] |
+ iso_3166 | [] [] [] () [] [] [] [] [] [] |
+ iso_3166_2 | () [] |
+ iso_4217 | () [] [] [] |
+ iso_639 | [] [] () [] [] [] [] |
+ iso_639_3 | [] () [] |
+ iso_639_5 | () |
+ jwhois | [] [] |
+ kbd | [] |
+ klavaro | [] [] |
+ ld | |
+ leafpad | [] [] [] [] [] |
+ libc | [] [] |
+ libexif | [] |
+ libextractor | [] |
+ libgnutls | [] [] |
+ libgphoto2 | [] |
+ libgphoto2_port | [] |
+ libgsasl | [] |
+ libiconv | [] [] |
+ libidn | [] |
+ liferea | [] [] [] |
+ lilypond | [] |
+ lordsawar | |
+ lprng | |
+ lynx | [] |
+ m4 | [] |
+ mailfromd | |
+ mailutils | |
+ make | [] [] |
+ man-db | [] |
+ man-db-manpages | [] |
+ midi-instruments | [] [] [] [] [] [] [] |
+ minicom | [] |
+ mkisofs | [] |
+ myserver | |
+ nano | [] [] [] |
+ opcodes | [] |
+ parted | [] [] |
+ pies | |
+ pnmixer | [] |
+ popt | [] [] [] [] [] |
+ procps-ng | |
+ procps-ng-man | |
+ psmisc | [] |
+ pspp | [] [] |
+ pushover | |
+ pwdutils | [] |
+ pyspread | |
+ radius | [] |
+ recode | [] [] |
+ recutils | [] |
+ rpm | [] |
+ rush | [] |
+ sarg | |
+ sed | [] [] |
+ sharutils | [] |
+ shishi | |
+ skribilo | |
+ solfege | [] [] |
+ solfege-manual | [] |
+ spotmachine | [] |
+ sudo | [] [] [] |
+ sudoers | [] [] [] |
+ sysstat | [] [] |
+ tar | [] [] [] |
+ texinfo | [] |
+ texinfo_document | [] |
+ tigervnc | [] |
+ tin | |
+ tin-man | |
+ tracgoogleappsa... | [] [] [] |
+ trader | [] |
+ util-linux | [] |
+ ve | [] |
+ vice | [] |
+ vmm | [] |
+ vorbis-tools | [] |
+ wastesedge | [] |
+ wcd | [] |
+ wcd-man | [] |
+ wdiff | [] |
+ wget | [] [] |
+ wyslij-po | [] |
+ xboard | [] |
+ xdg-user-dirs | [] [] [] [] [] [] [] [] [] [] [] |
+ xkeyboard-config | [] [] [] |
+ +--------------------------------------------------+
+ kn ko ku ky lg lt lv mk ml mn mr ms mt nb ne nl
+ 5 15 4 6 0 13 23 3 3 3 4 11 2 42 1 125
+
+ nn or pa pl ps pt pt_BR ro ru rw sk sl sq sr
+ +------------------------------------------------+
+ a2ps | [] [] [] [] [] [] [] |
+ aegis | [] [] |
+ anubis | [] [] [] |
+ aspell | [] [] [] [] [] [] [] |
+ bash | [] [] [] [] [] [] |
+ bfd | [] [] |
+ binutils | [] [] |
+ bison | [] [] [] |
+ bison-runtime | [] [] [] [] [] [] [] [] |
+ buzztrax | [] |
+ ccd2cue | [] [] |
+ ccide | [] [] [] |
+ cflow | [] [] [] |
+ clisp | [] |
+ coreutils | [] [] [] [] |
+ cpio | [] [] [] |
+ cppi | [] [] [] |
+ cpplib | [] [] [] |
+ cryptsetup | [] [] [] |
+ datamash | [] [] |
+ denemo | |
+ dfarc | [] [] [] |
+ dialog | [] [] [] [] [] [] [] |
+ dico | [] |
+ diffutils | [] [] [] |
+ dink | |
+ direvent | [] [] [] |
+ doodle | [] [] |
+ dos2unix | [] [] [] [] |
+ dos2unix-man | [] [] |
+ e2fsprogs | [] |
+ enscript | [] [] [] [] [] [] |
+ exif | [] [] [] [] [] [] |
+ fetchmail | [] [] [] |
+ findutils | [] [] [] [] [] [] |
+ flex | [] [] [] [] [] |
+ freedink | [] [] [] [] [] |
+ fusionforge | |
+ gas | |
+ gawk | [] |
+ gcal | |
+ gcc | |
+ gdbm | [] [] [] |
+ gettext-examples | [] [] [] [] [] [] [] [] |
+ gettext-runtime | [] [] [] [] [] [] [] [] [] |
+ gettext-tools | [] [] [] [] [] [] [] |
+ gjay | [] |
+ glunarclock | [] [] [] [] [] [] |
+ gnubiff | [] |
+ gnubik | [] [] [] [] |
+ gnucash | () () () () () [] |
+ gnuchess | [] [] |
+ gnulib | [] [] [] [] [] |
+ gnunet | |
+ gnunet-gtk | |
+ gold | |
+ gphoto2 | [] [] [] [] [] |
+ gprof | [] [] [] [] |
+ gramadoir | [] [] |
+ grep | [] [] [] [] [] [] |
+ grub | [] [] [] [] [] |
+ gsasl | [] [] [] |
+ gss | [] [] [] [] |
+ gst-plugins-bad | [] [] [] [] [] |
+ gst-plugins-base | [] [] [] [] [] [] |
+ gst-plugins-good | [] [] [] [] [] [] [] |
+ gst-plugins-ugly | [] [] [] [] [] [] [] |
+ gstreamer | [] [] [] [] [] [] [] |
+ gtick | [] [] [] [] [] |
+ gtkam | [] [] [] [] [] [] |
+ gtkspell | [] [] [] [] [] [] [] [] [] |
+ guix | |
+ guix-packages | |
+ gutenprint | [] [] |
+ hello | [] [] [] [] [] [] |
+ help2man | [] [] [] [] |
+ help2man-texi | [] |
+ hylafax | |
+ idutils | [] [] [] |
+ iso_15924 | [] () [] [] [] [] |
+ iso_3166 | [] [] [] [] () [] [] [] [] [] [] [] [] |
+ iso_3166_2 | [] () [] |
+ iso_4217 | [] [] () [] [] [] [] [] |
+ iso_639 | [] [] [] () [] [] [] [] [] [] |
+ iso_639_3 | [] () |
+ iso_639_5 | () [] |
+ jwhois | [] [] [] [] |
+ kbd | [] [] |
+ klavaro | [] [] [] [] [] |
+ ld | |
+ leafpad | [] [] [] [] [] [] [] [] |
+ libc | [] [] [] |
+ libexif | [] () [] |
+ libextractor | [] |
+ libgnutls | [] |
+ libgphoto2 | [] |
+ libgphoto2_port | [] [] [] [] [] |
+ libgsasl | [] [] [] [] |
+ libiconv | [] [] [] [] [] |
+ libidn | [] [] [] |
+ liferea | [] [] [] [] () [] [] |
+ lilypond | |
+ lordsawar | |
+ lprng | [] |
+ lynx | [] [] |
+ m4 | [] [] [] [] [] |
+ mailfromd | [] |
+ mailutils | [] |
+ make | [] [] [] |
+ man-db | [] [] [] |
+ man-db-manpages | [] [] [] |
+ midi-instruments | [] [] [] [] [] [] [] [] |
+ minicom | [] [] [] [] |
+ mkisofs | [] [] [] |
+ myserver | [] [] |
+ nano | [] [] [] [] [] [] |
+ opcodes | |
+ parted | [] [] [] [] [] [] |
+ pies | [] |
+ pnmixer | [] |
+ popt | [] [] [] [] [] [] |
+ procps-ng | [] |
+ procps-ng-man | [] |
+ psmisc | [] [] [] [] |
+ pspp | [] [] |
+ pushover | |
+ pwdutils | [] |
+ pyspread | [] [] |
+ radius | [] [] |
+ recode | [] [] [] [] [] [] [] [] |
+ recutils | [] [] |
+ rpm | [] |
+ rush | [] [] [] |
+ sarg | [] [] |
+ sed | [] [] [] [] [] [] [] [] |
+ sharutils | [] [] [] |
+ shishi | [] [] |
+ skribilo | [] |
+ solfege | [] [] [] |
+ solfege-manual | [] [] |
+ spotmachine | [] [] |
+ sudo | [] [] [] [] [] [] |
+ sudoers | [] [] [] [] |
+ sysstat | [] [] [] [] [] |
+ tar | [] [] [] [] [] |
+ texinfo | [] [] [] |
+ texinfo_document | [] [] |
+ tigervnc | [] [] [] |
+ tin | [] |
+ tin-man | |
+ tracgoogleappsa... | [] [] [] [] |
+ trader | [] [] |
+ util-linux | [] [] |
+ ve | [] [] [] |
+ vice | |
+ vmm | |
+ vorbis-tools | [] [] [] |
+ wastesedge | |
+ wcd | |
+ wcd-man | |
+ wdiff | [] [] [] [] [] |
+ wget | [] [] [] [] [] |
+ wyslij-po | [] [] [] [] |
+ xboard | [] [] [] |
+ xdg-user-dirs | [] [] [] [] [] [] [] [] [] [] [] [] [] |
+ xkeyboard-config | [] [] [] [] |
+ +------------------------------------------------+
+ nn or pa pl ps pt pt_BR ro ru rw sk sl sq sr
+ 7 3 6 114 1 12 88 32 82 3 40 45 7 101
+
+ sv sw ta te tg th tr uk ur vi wa wo zh_CN
+ +----------------------------------------------+
+ a2ps | [] [] [] [] [] |
+ aegis | [] |
+ anubis | [] [] [] [] |
+ aspell | [] [] [] [] [] |
+ bash | [] [] [] [] |
+ bfd | [] [] [] |
+ binutils | [] [] [] |
+ bison | [] [] [] [] |
+ bison-runtime | [] [] [] [] [] [] |
+ buzztrax | [] [] [] |
+ ccd2cue | [] [] [] |
+ ccide | [] [] [] [] |
+ cflow | [] [] [] [] |
+ clisp | |
+ coreutils | [] [] [] |
+ cpio | [] [] [] [] [] |
+ cppi | [] [] [] [] |
+ cpplib | [] [] [] [] [] |
+ cryptsetup | [] [] [] |
+ datamash | [] [] [] |
+ denemo | [] |
+ dfarc | [] [] |
+ dialog | [] [] [] [] [] [] |
+ dico | [] |
+ diffutils | [] [] [] [] [] |
+ dink | [] |
+ direvent | [] [] |
+ doodle | [] [] |
+ dos2unix | [] [] [] [] |
+ dos2unix-man | [] [] [] |
+ e2fsprogs | [] [] [] [] |
+ enscript | [] [] [] [] |
+ exif | [] [] [] [] [] |
+ fetchmail | [] [] [] [] |
+ findutils | [] [] [] [] [] |
+ flex | [] [] [] [] |
+ freedink | [] [] [] |
+ fusionforge | |
+ gas | [] |
+ gawk | [] [] [] |
+ gcal | [] [] [] |
+ gcc | [] |
+ gdbm | [] [] |
+ gettext-examples | [] [] [] [] [] |
+ gettext-runtime | [] [] [] [] [] |
+ gettext-tools | [] [] [] [] [] |
+ gjay | [] [] [] |
+ glunarclock | [] [] [] [] |
+ gnubiff | [] [] |
+ gnubik | [] [] [] [] |
+ gnucash | () () () () [] |
+ gnuchess | [] [] [] |
+ gnulib | [] [] [] [] |
+ gnunet | |
+ gnunet-gtk | |
+ gold | [] [] |
+ gphoto2 | [] [] [] [] |
+ gprof | [] [] [] [] |
+ gramadoir | [] [] [] |
+ grep | [] [] [] [] [] |
+ grub | [] [] [] [] |
+ gsasl | [] [] [] [] |
+ gss | [] [] [] |
+ gst-plugins-bad | [] [] [] [] [] |
+ gst-plugins-base | [] [] [] [] [] |
+ gst-plugins-good | [] [] [] [] [] |
+ gst-plugins-ugly | [] [] [] [] [] |
+ gstreamer | [] [] [] [] [] |
+ gtick | [] [] [] |
+ gtkam | [] [] [] [] |
+ gtkspell | [] [] [] [] [] [] [] |
+ guix | |
+ guix-packages | |
+ gutenprint | [] [] [] [] |
+ hello | [] [] [] [] [] [] |
+ help2man | [] [] [] |
+ help2man-texi | [] |
+ hylafax | [] |
+ idutils | [] [] [] |
+ iso_15924 | [] () [] [] () [] |
+ iso_3166 | [] [] () [] [] () [] [] |
+ iso_3166_2 | () [] [] () [] |
+ iso_4217 | [] () [] [] () [] |
+ iso_639 | [] [] [] () [] [] () [] [] |
+ iso_639_3 | [] () [] [] () |
+ iso_639_5 | () [] () |
+ jwhois | [] [] [] [] |
+ kbd | [] [] [] [] |
+ klavaro | [] [] [] [] [] [] |
+ ld | [] [] [] [] [] |
+ leafpad | [] [] [] [] [] [] |
+ libc | [] [] [] [] [] |
+ libexif | [] [] () |
+ libextractor | [] [] |
+ libgnutls | [] [] [] [] |
+ libgphoto2 | [] [] [] |
+ libgphoto2_port | [] [] [] [] |
+ libgsasl | [] [] [] [] |
+ libiconv | [] [] [] [] [] |
+ libidn | () [] [] [] |
+ liferea | [] [] [] [] [] |
+ lilypond | [] |
+ lordsawar | |
+ lprng | [] |
+ lynx | [] [] [] [] |
+ m4 | [] [] [] |
+ mailfromd | [] [] |
+ mailutils | [] |
+ make | [] [] [] [] |
+ man-db | [] [] [] |
+ man-db-manpages | [] [] |
+ midi-instruments | [] [] [] [] [] [] |
+ minicom | [] [] |
+ mkisofs | [] [] [] |
+ myserver | [] |
+ nano | [] [] [] [] |
+ opcodes | [] [] [] |
+ parted | [] [] [] [] [] |
+ pies | [] [] |
+ pnmixer | [] [] [] |
+ popt | [] [] [] [] [] [] [] |
+ procps-ng | [] [] |
+ procps-ng-man | [] |
+ psmisc | [] [] [] [] |
+ pspp | [] [] [] |
+ pushover | [] |
+ pwdutils | [] [] |
+ pyspread | [] |
+ radius | [] [] |
+ recode | [] [] [] [] |
+ recutils | [] [] [] |
+ rpm | [] [] [] [] |
+ rush | [] [] |
+ sarg | |
+ sed | [] [] [] [] [] |
+ sharutils | [] [] [] [] |
+ shishi | [] [] |
+ skribilo | [] [] |
+ solfege | [] [] [] [] |
+ solfege-manual | [] |
+ spotmachine | [] [] [] |
+ sudo | [] [] [] [] [] |
+ sudoers | [] [] [] [] |
+ sysstat | [] [] [] [] [] |
+ tar | [] [] [] [] [] |
+ texinfo | [] [] [] |
+ texinfo_document | [] |
+ tigervnc | [] [] [] |
+ tin | [] |
+ tin-man | |
+ tracgoogleappsa... | [] [] [] [] [] |
+ trader | [] |
+ util-linux | [] [] [] [] |
+ ve | [] [] [] [] |
+ vice | () () |
+ vmm | |
+ vorbis-tools | [] [] |
+ wastesedge | |
+ wcd | [] [] [] |
+ wcd-man | [] |
+ wdiff | [] [] [] [] |
+ wget | [] [] [] |
+ wyslij-po | [] [] |
+ xboard | [] [] |
+ xdg-user-dirs | [] [] [] [] [] [] [] [] |
+ xkeyboard-config | [] [] [] [] |
+ +----------------------------------------------+
+ sv sw ta te tg th tr uk ur vi wa wo zh_CN
+ 106 1 4 3 0 13 51 115 1 125 7 1 100
+
+ zh_HK zh_TW
+ +-------------+
+ a2ps | | 30
+ aegis | | 9
+ anubis | | 19
+ aspell | | 29
+ bash | [] | 23
+ bfd | | 11
+ binutils | | 12
+ bison | [] | 18
+ bison-runtime | [] | 38
+ buzztrax | | 9
+ ccd2cue | | 10
+ ccide | | 17
+ cflow | | 16
+ clisp | | 10
+ coreutils | | 18
+ cpio | | 20
+ cppi | | 17
+ cpplib | [] | 19
+ cryptsetup | | 14
+ datamash | | 11
+ denemo | | 5
+ dfarc | | 17
+ dialog | [] | 42
+ dico | | 6
+ diffutils | | 22
+ dink | | 10
+ direvent | | 11
+ doodle | | 12
+ dos2unix | [] | 18
+ dos2unix-man | | 9
+ e2fsprogs | | 15
+ enscript | | 21
+ exif | | 27
+ fetchmail | | 19
+ findutils | | 29
+ flex | [] | 19
+ freedink | | 24
+ fusionforge | | 3
+ gas | | 5
+ gawk | | 13
+ gcal | | 8
+ gcc | | 2
+ gdbm | | 10
+ gettext-examples | [] [] | 40
+ gettext-runtime | [] [] | 35
+ gettext-tools | [] | 24
+ gjay | | 9
+ glunarclock | [] | 27
+ gnubiff | | 9
+ gnubik | | 19
+ gnucash | () | 6
+ gnuchess | | 11
+ gnulib | | 23
+ gnunet | | 1
+ gnunet-gtk | | 1
+ gold | | 7
+ gphoto2 | [] | 19
+ gprof | | 21
+ gramadoir | | 14
+ grep | [] | 31
+ grub | | 21
+ gsasl | [] | 19
+ gss | | 17
+ gst-plugins-bad | | 21
+ gst-plugins-base | | 27
+ gst-plugins-good | | 32
+ gst-plugins-ugly | | 34
+ gstreamer | [] | 32
+ gtick | | 19
+ gtkam | | 24
+ gtkspell | [] [] | 48
+ guix | | 2
+ guix-packages | | 0
+ gutenprint | | 15
+ hello | [] | 30
+ help2man | | 18
+ help2man-texi | | 5
+ hylafax | | 5
+ idutils | | 14
+ iso_15924 | [] | 23
+ iso_3166 | [] [] | 58
+ iso_3166_2 | | 9
+ iso_4217 | [] [] | 28
+ iso_639 | [] [] | 46
+ iso_639_3 | | 10
+ iso_639_5 | | 2
+ jwhois | [] | 20
+ kbd | | 17
+ klavaro | | 30
+ ld | [] | 15
+ leafpad | [] | 39
+ libc | [] | 24
+ libexif | | 10
+ libextractor | | 5
+ libgnutls | | 13
+ libgphoto2 | | 10
+ libgphoto2_port | [] | 19
+ libgsasl | | 18
+ libiconv | [] | 29
+ libidn | | 17
+ liferea | | 29
+ lilypond | | 11
+ lordsawar | | 3
+ lprng | | 3
+ lynx | | 19
+ m4 | [] | 22
+ mailfromd | | 4
+ mailutils | | 6
+ make | | 19
+ man-db | | 15
+ man-db-manpages | | 10
+ midi-instruments | [] | 43
+ minicom | [] | 17
+ mkisofs | | 13
+ myserver | | 9
+ nano | [] | 30
+ opcodes | | 12
+ parted | [] | 23
+ pies | | 4
+ pnmixer | | 9
+ popt | [] | 36
+ procps-ng | | 5
+ procps-ng-man | | 4
+ psmisc | [] | 22
+ pspp | | 13
+ pushover | | 6
+ pwdutils | | 8
+ pyspread | | 6
+ radius | | 9
+ recode | | 31
+ recutils | | 10
+ rpm | [] | 13
+ rush | | 10
+ sarg | | 4
+ sed | [] | 35
+ sharutils | | 13
+ shishi | | 7
+ skribilo | | 7
+ solfege | | 21
+ solfege-manual | | 9
+ spotmachine | | 11
+ sudo | | 26
+ sudoers | | 22
+ sysstat | | 23
+ tar | [] | 30
+ texinfo | | 17
+ texinfo_document | | 13
+ tigervnc | | 14
+ tin | [] | 7
+ tin-man | | 1
+ tracgoogleappsa... | [] | 22
+ trader | | 12
+ util-linux | | 13
+ ve | | 14
+ vice | | 1
+ vmm | | 3
+ vorbis-tools | | 13
+ wastesedge | | 3
+ wcd | | 8
+ wcd-man | | 3
+ wdiff | [] | 23
+ wget | | 21
+ wyslij-po | | 14
+ xboard | | 10
+ xdg-user-dirs | [] [] | 68
+ xkeyboard-config | [] | 28
+ +-------------+
+ 89 teams zh_HK zh_TW
+ 166 domains 7 42 2809
+
+ Some counters in the preceding matrix are higher than the number of
+visible blocks let us expect. This is because a few extra PO files are
+used for implementing regional variants of languages, or language
+dialects.
+
+ For a PO file in the matrix above to be effective, the package to
+which it applies should also have been internationalized and distributed
+as such by its maintainer. There might be an observable lag between the
+mere existence a PO file and its wide availability in a distribution.
+
+ If Jun 2014 seems to be old, you may fetch a more recent copy of this
+'ABOUT-NLS' file on most GNU archive sites. The most up-to-date matrix
+with full percentage details can be found at
+'http://translationproject.org/extra/matrix.html'.
+
+1.5 Using 'gettext' in new packages
+===================================
+
+If you are writing a freely available program and want to
+internationalize it you are welcome to use GNU 'gettext' in your
+package. Of course you have to respect the GNU Lesser General Public
+License which covers the use of the GNU 'gettext' library. This means
+in particular that even non-free programs can use 'libintl' as a shared
+library, whereas only free software can use 'libintl' as a static
+library or use modified versions of 'libintl'.
+
+ Once the sources are changed appropriately and the setup can handle
+the use of 'gettext' the only thing missing are the translations. The
+Free Translation Project is also available for packages which are not
+developed inside the GNU project. Therefore the information given above
+applies also for every other Free Software Project. Contact
+'coordinator@translationproject.org' to make the '.pot' files available
+to the translation teams.
diff --git a/AUTHORS b/AUTHORS
new file mode 100644
index 0000000..32bb59b
--- /dev/null
+++ b/AUTHORS
@@ -0,0 +1,3 @@
+Christian Grothoff
+Dennis Neufeld
+Dominik Meister
diff --git a/COPYING b/COPYING
new file mode 100644
index 0000000..dba13ed
--- /dev/null
+++ b/COPYING
@@ -0,0 +1,661 @@
+ GNU AFFERO GENERAL PUBLIC LICENSE
+ Version 3, 19 November 2007
+
+ Copyright (C) 2007 Free Software Foundation, Inc. <http://fsf.org/>
+ Everyone is permitted to copy and distribute verbatim copies
+ of this license document, but changing it is not allowed.
+
+ Preamble
+
+ The GNU Affero General Public License is a free, copyleft license for
+software and other kinds of works, specifically designed to ensure
+cooperation with the community in the case of network server software.
+
+ The licenses for most software and other practical works are designed
+to take away your freedom to share and change the works. By contrast,
+our General Public Licenses are intended to guarantee your freedom to
+share and change all versions of a program--to make sure it remains free
+software for all its users.
+
+ When we speak of free software, we are referring to freedom, not
+price. Our General Public Licenses are designed to make sure that you
+have the freedom to distribute copies of free software (and charge for
+them if you wish), that you receive source code or can get it if you
+want it, that you can change the software or use pieces of it in new
+free programs, and that you know you can do these things.
+
+ Developers that use our General Public Licenses protect your rights
+with two steps: (1) assert copyright on the software, and (2) offer
+you this License which gives you legal permission to copy, distribute
+and/or modify the software.
+
+ A secondary benefit of defending all users' freedom is that
+improvements made in alternate versions of the program, if they
+receive widespread use, become available for other developers to
+incorporate. Many developers of free software are heartened and
+encouraged by the resulting cooperation. However, in the case of
+software used on network servers, this result may fail to come about.
+The GNU General Public License permits making a modified version and
+letting the public access it on a server without ever releasing its
+source code to the public.
+
+ The GNU Affero General Public License is designed specifically to
+ensure that, in such cases, the modified source code becomes available
+to the community. It requires the operator of a network server to
+provide the source code of the modified version running there to the
+users of that server. Therefore, public use of a modified version, on
+a publicly accessible server, gives the public access to the source
+code of the modified version.
+
+ An older license, called the Affero General Public License and
+published by Affero, was designed to accomplish similar goals. This is
+a different license, not a version of the Affero GPL, but Affero has
+released a new version of the Affero GPL which permits relicensing under
+this license.
+
+ The precise terms and conditions for copying, distribution and
+modification follow.
+
+ TERMS AND CONDITIONS
+
+ 0. Definitions.
+
+ "This License" refers to version 3 of the GNU Affero General Public License.
+
+ "Copyright" also means copyright-like laws that apply to other kinds of
+works, such as semiconductor masks.
+
+ "The Program" refers to any copyrightable work licensed under this
+License. Each licensee is addressed as "you". "Licensees" and
+"recipients" may be individuals or organizations.
+
+ To "modify" a work means to copy from or adapt all or part of the work
+in a fashion requiring copyright permission, other than the making of an
+exact copy. The resulting work is called a "modified version" of the
+earlier work or a work "based on" the earlier work.
+
+ A "covered work" means either the unmodified Program or a work based
+on the Program.
+
+ To "propagate" a work means to do anything with it that, without
+permission, would make you directly or secondarily liable for
+infringement under applicable copyright law, except executing it on a
+computer or modifying a private copy. Propagation includes copying,
+distribution (with or without modification), making available to the
+public, and in some countries other activities as well.
+
+ To "convey" a work means any kind of propagation that enables other
+parties to make or receive copies. Mere interaction with a user through
+a computer network, with no transfer of a copy, is not conveying.
+
+ An interactive user interface displays "Appropriate Legal Notices"
+to the extent that it includes a convenient and prominently visible
+feature that (1) displays an appropriate copyright notice, and (2)
+tells the user that there is no warranty for the work (except to the
+extent that warranties are provided), that licensees may convey the
+work under this License, and how to view a copy of this License. If
+the interface presents a list of user commands or options, such as a
+menu, a prominent item in the list meets this criterion.
+
+ 1. Source Code.
+
+ The "source code" for a work means the preferred form of the work
+for making modifications to it. "Object code" means any non-source
+form of a work.
+
+ A "Standard Interface" means an interface that either is an official
+standard defined by a recognized standards body, or, in the case of
+interfaces specified for a particular programming language, one that
+is widely used among developers working in that language.
+
+ The "System Libraries" of an executable work include anything, other
+than the work as a whole, that (a) is included in the normal form of
+packaging a Major Component, but which is not part of that Major
+Component, and (b) serves only to enable use of the work with that
+Major Component, or to implement a Standard Interface for which an
+implementation is available to the public in source code form. A
+"Major Component", in this context, means a major essential component
+(kernel, window system, and so on) of the specific operating system
+(if any) on which the executable work runs, or a compiler used to
+produce the work, or an object code interpreter used to run it.
+
+ The "Corresponding Source" for a work in object code form means all
+the source code needed to generate, install, and (for an executable
+work) run the object code and to modify the work, including scripts to
+control those activities. However, it does not include the work's
+System Libraries, or general-purpose tools or generally available free
+programs which are used unmodified in performing those activities but
+which are not part of the work. For example, Corresponding Source
+includes interface definition files associated with source files for
+the work, and the source code for shared libraries and dynamically
+linked subprograms that the work is specifically designed to require,
+such as by intimate data communication or control flow between those
+subprograms and other parts of the work.
+
+ The Corresponding Source need not include anything that users
+can regenerate automatically from other parts of the Corresponding
+Source.
+
+ The Corresponding Source for a work in source code form is that
+same work.
+
+ 2. Basic Permissions.
+
+ All rights granted under this License are granted for the term of
+copyright on the Program, and are irrevocable provided the stated
+conditions are met. This License explicitly affirms your unlimited
+permission to run the unmodified Program. The output from running a
+covered work is covered by this License only if the output, given its
+content, constitutes a covered work. This License acknowledges your
+rights of fair use or other equivalent, as provided by copyright law.
+
+ You may make, run and propagate covered works that you do not
+convey, without conditions so long as your license otherwise remains
+in force. You may convey covered works to others for the sole purpose
+of having them make modifications exclusively for you, or provide you
+with facilities for running those works, provided that you comply with
+the terms of this License in conveying all material for which you do
+not control copyright. Those thus making or running the covered works
+for you must do so exclusively on your behalf, under your direction
+and control, on terms that prohibit them from making any copies of
+your copyrighted material outside their relationship with you.
+
+ Conveying under any other circumstances is permitted solely under
+the conditions stated below. Sublicensing is not allowed; section 10
+makes it unnecessary.
+
+ 3. Protecting Users' Legal Rights From Anti-Circumvention Law.
+
+ No covered work shall be deemed part of an effective technological
+measure under any applicable law fulfilling obligations under article
+11 of the WIPO copyright treaty adopted on 20 December 1996, or
+similar laws prohibiting or restricting circumvention of such
+measures.
+
+ When you convey a covered work, you waive any legal power to forbid
+circumvention of technological measures to the extent such circumvention
+is effected by exercising rights under this License with respect to
+the covered work, and you disclaim any intention to limit operation or
+modification of the work as a means of enforcing, against the work's
+users, your or third parties' legal rights to forbid circumvention of
+technological measures.
+
+ 4. Conveying Verbatim Copies.
+
+ You may convey verbatim copies of the Program's source code as you
+receive it, in any medium, provided that you conspicuously and
+appropriately publish on each copy an appropriate copyright notice;
+keep intact all notices stating that this License and any
+non-permissive terms added in accord with section 7 apply to the code;
+keep intact all notices of the absence of any warranty; and give all
+recipients a copy of this License along with the Program.
+
+ You may charge any price or no price for each copy that you convey,
+and you may offer support or warranty protection for a fee.
+
+ 5. Conveying Modified Source Versions.
+
+ You may convey a work based on the Program, or the modifications to
+produce it from the Program, in the form of source code under the
+terms of section 4, provided that you also meet all of these conditions:
+
+ a) The work must carry prominent notices stating that you modified
+ it, and giving a relevant date.
+
+ b) The work must carry prominent notices stating that it is
+ released under this License and any conditions added under section
+ 7. This requirement modifies the requirement in section 4 to
+ "keep intact all notices".
+
+ c) You must license the entire work, as a whole, under this
+ License to anyone who comes into possession of a copy. This
+ License will therefore apply, along with any applicable section 7
+ additional terms, to the whole of the work, and all its parts,
+ regardless of how they are packaged. This License gives no
+ permission to license the work in any other way, but it does not
+ invalidate such permission if you have separately received it.
+
+ d) If the work has interactive user interfaces, each must display
+ Appropriate Legal Notices; however, if the Program has interactive
+ interfaces that do not display Appropriate Legal Notices, your
+ work need not make them do so.
+
+ A compilation of a covered work with other separate and independent
+works, which are not by their nature extensions of the covered work,
+and which are not combined with it such as to form a larger program,
+in or on a volume of a storage or distribution medium, is called an
+"aggregate" if the compilation and its resulting copyright are not
+used to limit the access or legal rights of the compilation's users
+beyond what the individual works permit. Inclusion of a covered work
+in an aggregate does not cause this License to apply to the other
+parts of the aggregate.
+
+ 6. Conveying Non-Source Forms.
+
+ You may convey a covered work in object code form under the terms
+of sections 4 and 5, provided that you also convey the
+machine-readable Corresponding Source under the terms of this License,
+in one of these ways:
+
+ a) Convey the object code in, or embodied in, a physical product
+ (including a physical distribution medium), accompanied by the
+ Corresponding Source fixed on a durable physical medium
+ customarily used for software interchange.
+
+ b) Convey the object code in, or embodied in, a physical product
+ (including a physical distribution medium), accompanied by a
+ written offer, valid for at least three years and valid for as
+ long as you offer spare parts or customer support for that product
+ model, to give anyone who possesses the object code either (1) a
+ copy of the Corresponding Source for all the software in the
+ product that is covered by this License, on a durable physical
+ medium customarily used for software interchange, for a price no
+ more than your reasonable cost of physically performing this
+ conveying of source, or (2) access to copy the
+ Corresponding Source from a network server at no charge.
+
+ c) Convey individual copies of the object code with a copy of the
+ written offer to provide the Corresponding Source. This
+ alternative is allowed only occasionally and noncommercially, and
+ only if you received the object code with such an offer, in accord
+ with subsection 6b.
+
+ d) Convey the object code by offering access from a designated
+ place (gratis or for a charge), and offer equivalent access to the
+ Corresponding Source in the same way through the same place at no
+ further charge. You need not require recipients to copy the
+ Corresponding Source along with the object code. If the place to
+ copy the object code is a network server, the Corresponding Source
+ may be on a different server (operated by you or a third party)
+ that supports equivalent copying facilities, provided you maintain
+ clear directions next to the object code saying where to find the
+ Corresponding Source. Regardless of what server hosts the
+ Corresponding Source, you remain obligated to ensure that it is
+ available for as long as needed to satisfy these requirements.
+
+ e) Convey the object code using peer-to-peer transmission, provided
+ you inform other peers where the object code and Corresponding
+ Source of the work are being offered to the general public at no
+ charge under subsection 6d.
+
+ A separable portion of the object code, whose source code is excluded
+from the Corresponding Source as a System Library, need not be
+included in conveying the object code work.
+
+ A "User Product" is either (1) a "consumer product", which means any
+tangible personal property which is normally used for personal, family,
+or household purposes, or (2) anything designed or sold for incorporation
+into a dwelling. In determining whether a product is a consumer product,
+doubtful cases shall be resolved in favor of coverage. For a particular
+product received by a particular user, "normally used" refers to a
+typical or common use of that class of product, regardless of the status
+of the particular user or of the way in which the particular user
+actually uses, or expects or is expected to use, the product. A product
+is a consumer product regardless of whether the product has substantial
+commercial, industrial or non-consumer uses, unless such uses represent
+the only significant mode of use of the product.
+
+ "Installation Information" for a User Product means any methods,
+procedures, authorization keys, or other information required to install
+and execute modified versions of a covered work in that User Product from
+a modified version of its Corresponding Source. The information must
+suffice to ensure that the continued functioning of the modified object
+code is in no case prevented or interfered with solely because
+modification has been made.
+
+ If you convey an object code work under this section in, or with, or
+specifically for use in, a User Product, and the conveying occurs as
+part of a transaction in which the right of possession and use of the
+User Product is transferred to the recipient in perpetuity or for a
+fixed term (regardless of how the transaction is characterized), the
+Corresponding Source conveyed under this section must be accompanied
+by the Installation Information. But this requirement does not apply
+if neither you nor any third party retains the ability to install
+modified object code on the User Product (for example, the work has
+been installed in ROM).
+
+ The requirement to provide Installation Information does not include a
+requirement to continue to provide support service, warranty, or updates
+for a work that has been modified or installed by the recipient, or for
+the User Product in which it has been modified or installed. Access to a
+network may be denied when the modification itself materially and
+adversely affects the operation of the network or violates the rules and
+protocols for communication across the network.
+
+ Corresponding Source conveyed, and Installation Information provided,
+in accord with this section must be in a format that is publicly
+documented (and with an implementation available to the public in
+source code form), and must require no special password or key for
+unpacking, reading or copying.
+
+ 7. Additional Terms.
+
+ "Additional permissions" are terms that supplement the terms of this
+License by making exceptions from one or more of its conditions.
+Additional permissions that are applicable to the entire Program shall
+be treated as though they were included in this License, to the extent
+that they are valid under applicable law. If additional permissions
+apply only to part of the Program, that part may be used separately
+under those permissions, but the entire Program remains governed by
+this License without regard to the additional permissions.
+
+ When you convey a copy of a covered work, you may at your option
+remove any additional permissions from that copy, or from any part of
+it. (Additional permissions may be written to require their own
+removal in certain cases when you modify the work.) You may place
+additional permissions on material, added by you to a covered work,
+for which you have or can give appropriate copyright permission.
+
+ Notwithstanding any other provision of this License, for material you
+add to a covered work, you may (if authorized by the copyright holders of
+that material) supplement the terms of this License with terms:
+
+ a) Disclaiming warranty or limiting liability differently from the
+ terms of sections 15 and 16 of this License; or
+
+ b) Requiring preservation of specified reasonable legal notices or
+ author attributions in that material or in the Appropriate Legal
+ Notices displayed by works containing it; or
+
+ c) Prohibiting misrepresentation of the origin of that material, or
+ requiring that modified versions of such material be marked in
+ reasonable ways as different from the original version; or
+
+ d) Limiting the use for publicity purposes of names of licensors or
+ authors of the material; or
+
+ e) Declining to grant rights under trademark law for use of some
+ trade names, trademarks, or service marks; or
+
+ f) Requiring indemnification of licensors and authors of that
+ material by anyone who conveys the material (or modified versions of
+ it) with contractual assumptions of liability to the recipient, for
+ any liability that these contractual assumptions directly impose on
+ those licensors and authors.
+
+ All other non-permissive additional terms are considered "further
+restrictions" within the meaning of section 10. If the Program as you
+received it, or any part of it, contains a notice stating that it is
+governed by this License along with a term that is a further
+restriction, you may remove that term. If a license document contains
+a further restriction but permits relicensing or conveying under this
+License, you may add to a covered work material governed by the terms
+of that license document, provided that the further restriction does
+not survive such relicensing or conveying.
+
+ If you add terms to a covered work in accord with this section, you
+must place, in the relevant source files, a statement of the
+additional terms that apply to those files, or a notice indicating
+where to find the applicable terms.
+
+ Additional terms, permissive or non-permissive, may be stated in the
+form of a separately written license, or stated as exceptions;
+the above requirements apply either way.
+
+ 8. Termination.
+
+ You may not propagate or modify a covered work except as expressly
+provided under this License. Any attempt otherwise to propagate or
+modify it is void, and will automatically terminate your rights under
+this License (including any patent licenses granted under the third
+paragraph of section 11).
+
+ However, if you cease all violation of this License, then your
+license from a particular copyright holder is reinstated (a)
+provisionally, unless and until the copyright holder explicitly and
+finally terminates your license, and (b) permanently, if the copyright
+holder fails to notify you of the violation by some reasonable means
+prior to 60 days after the cessation.
+
+ Moreover, your license from a particular copyright holder is
+reinstated permanently if the copyright holder notifies you of the
+violation by some reasonable means, this is the first time you have
+received notice of violation of this License (for any work) from that
+copyright holder, and you cure the violation prior to 30 days after
+your receipt of the notice.
+
+ Termination of your rights under this section does not terminate the
+licenses of parties who have received copies or rights from you under
+this License. If your rights have been terminated and not permanently
+reinstated, you do not qualify to receive new licenses for the same
+material under section 10.
+
+ 9. Acceptance Not Required for Having Copies.
+
+ You are not required to accept this License in order to receive or
+run a copy of the Program. Ancillary propagation of a covered work
+occurring solely as a consequence of using peer-to-peer transmission
+to receive a copy likewise does not require acceptance. However,
+nothing other than this License grants you permission to propagate or
+modify any covered work. These actions infringe copyright if you do
+not accept this License. Therefore, by modifying or propagating a
+covered work, you indicate your acceptance of this License to do so.
+
+ 10. Automatic Licensing of Downstream Recipients.
+
+ Each time you convey a covered work, the recipient automatically
+receives a license from the original licensors, to run, modify and
+propagate that work, subject to this License. You are not responsible
+for enforcing compliance by third parties with this License.
+
+ An "entity transaction" is a transaction transferring control of an
+organization, or substantially all assets of one, or subdividing an
+organization, or merging organizations. If propagation of a covered
+work results from an entity transaction, each party to that
+transaction who receives a copy of the work also receives whatever
+licenses to the work the party's predecessor in interest had or could
+give under the previous paragraph, plus a right to possession of the
+Corresponding Source of the work from the predecessor in interest, if
+the predecessor has it or can get it with reasonable efforts.
+
+ You may not impose any further restrictions on the exercise of the
+rights granted or affirmed under this License. For example, you may
+not impose a license fee, royalty, or other charge for exercise of
+rights granted under this License, and you may not initiate litigation
+(including a cross-claim or counterclaim in a lawsuit) alleging that
+any patent claim is infringed by making, using, selling, offering for
+sale, or importing the Program or any portion of it.
+
+ 11. Patents.
+
+ A "contributor" is a copyright holder who authorizes use under this
+License of the Program or a work on which the Program is based. The
+work thus licensed is called the contributor's "contributor version".
+
+ A contributor's "essential patent claims" are all patent claims
+owned or controlled by the contributor, whether already acquired or
+hereafter acquired, that would be infringed by some manner, permitted
+by this License, of making, using, or selling its contributor version,
+but do not include claims that would be infringed only as a
+consequence of further modification of the contributor version. For
+purposes of this definition, "control" includes the right to grant
+patent sublicenses in a manner consistent with the requirements of
+this License.
+
+ Each contributor grants you a non-exclusive, worldwide, royalty-free
+patent license under the contributor's essential patent claims, to
+make, use, sell, offer for sale, import and otherwise run, modify and
+propagate the contents of its contributor version.
+
+ In the following three paragraphs, a "patent license" is any express
+agreement or commitment, however denominated, not to enforce a patent
+(such as an express permission to practice a patent or covenant not to
+sue for patent infringement). To "grant" such a patent license to a
+party means to make such an agreement or commitment not to enforce a
+patent against the party.
+
+ If you convey a covered work, knowingly relying on a patent license,
+and the Corresponding Source of the work is not available for anyone
+to copy, free of charge and under the terms of this License, through a
+publicly available network server or other readily accessible means,
+then you must either (1) cause the Corresponding Source to be so
+available, or (2) arrange to deprive yourself of the benefit of the
+patent license for this particular work, or (3) arrange, in a manner
+consistent with the requirements of this License, to extend the patent
+license to downstream recipients. "Knowingly relying" means you have
+actual knowledge that, but for the patent license, your conveying the
+covered work in a country, or your recipient's use of the covered work
+in a country, would infringe one or more identifiable patents in that
+country that you have reason to believe are valid.
+
+ If, pursuant to or in connection with a single transaction or
+arrangement, you convey, or propagate by procuring conveyance of, a
+covered work, and grant a patent license to some of the parties
+receiving the covered work authorizing them to use, propagate, modify
+or convey a specific copy of the covered work, then the patent license
+you grant is automatically extended to all recipients of the covered
+work and works based on it.
+
+ A patent license is "discriminatory" if it does not include within
+the scope of its coverage, prohibits the exercise of, or is
+conditioned on the non-exercise of one or more of the rights that are
+specifically granted under this License. You may not convey a covered
+work if you are a party to an arrangement with a third party that is
+in the business of distributing software, under which you make payment
+to the third party based on the extent of your activity of conveying
+the work, and under which the third party grants, to any of the
+parties who would receive the covered work from you, a discriminatory
+patent license (a) in connection with copies of the covered work
+conveyed by you (or copies made from those copies), or (b) primarily
+for and in connection with specific products or compilations that
+contain the covered work, unless you entered into that arrangement,
+or that patent license was granted, prior to 28 March 2007.
+
+ Nothing in this License shall be construed as excluding or limiting
+any implied license or other defenses to infringement that may
+otherwise be available to you under applicable patent law.
+
+ 12. No Surrender of Others' Freedom.
+
+ If conditions are imposed on you (whether by court order, agreement or
+otherwise) that contradict the conditions of this License, they do not
+excuse you from the conditions of this License. If you cannot convey a
+covered work so as to satisfy simultaneously your obligations under this
+License and any other pertinent obligations, then as a consequence you may
+not convey it at all. For example, if you agree to terms that obligate you
+to collect a royalty for further conveying from those to whom you convey
+the Program, the only way you could satisfy both those terms and this
+License would be to refrain entirely from conveying the Program.
+
+ 13. Remote Network Interaction; Use with the GNU General Public License.
+
+ Notwithstanding any other provision of this License, if you modify the
+Program, your modified version must prominently offer all users
+interacting with it remotely through a computer network (if your version
+supports such interaction) an opportunity to receive the Corresponding
+Source of your version by providing access to the Corresponding Source
+from a network server at no charge, through some standard or customary
+means of facilitating copying of software. This Corresponding Source
+shall include the Corresponding Source for any work covered by version 3
+of the GNU General Public License that is incorporated pursuant to the
+following paragraph.
+
+ Notwithstanding any other provision of this License, you have
+permission to link or combine any covered work with a work licensed
+under version 3 of the GNU General Public License into a single
+combined work, and to convey the resulting work. The terms of this
+License will continue to apply to the part which is the covered work,
+but the work with which it is combined will remain governed by version
+3 of the GNU General Public License.
+
+ 14. Revised Versions of this License.
+
+ The Free Software Foundation may publish revised and/or new versions of
+the GNU Affero General Public License from time to time. Such new versions
+will be similar in spirit to the present version, but may differ in detail to
+address new problems or concerns.
+
+ Each version is given a distinguishing version number. If the
+Program specifies that a certain numbered version of the GNU Affero General
+Public License "or any later version" applies to it, you have the
+option of following the terms and conditions either of that numbered
+version or of any later version published by the Free Software
+Foundation. If the Program does not specify a version number of the
+GNU Affero General Public License, you may choose any version ever published
+by the Free Software Foundation.
+
+ If the Program specifies that a proxy can decide which future
+versions of the GNU Affero General Public License can be used, that proxy's
+public statement of acceptance of a version permanently authorizes you
+to choose that version for the Program.
+
+ Later license versions may give you additional or different
+permissions. However, no additional obligations are imposed on any
+author or copyright holder as a result of your choosing to follow a
+later version.
+
+ 15. Disclaimer of Warranty.
+
+ THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY
+APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT
+HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY
+OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO,
+THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM
+IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF
+ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
+
+ 16. Limitation of Liability.
+
+ IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
+WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS
+THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY
+GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE
+USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF
+DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD
+PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS),
+EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF
+SUCH DAMAGES.
+
+ 17. Interpretation of Sections 15 and 16.
+
+ If the disclaimer of warranty and limitation of liability provided
+above cannot be given local legal effect according to their terms,
+reviewing courts shall apply local law that most closely approximates
+an absolute waiver of all civil liability in connection with the
+Program, unless a warranty or assumption of liability accompanies a
+copy of the Program in return for a fee.
+
+ END OF TERMS AND CONDITIONS
+
+ How to Apply These Terms to Your New Programs
+
+ If you develop a new program, and you want it to be of the greatest
+possible use to the public, the best way to achieve this is to make it
+free software which everyone can redistribute and change under these terms.
+
+ To do so, attach the following notices to the program. It is safest
+to attach them to the start of each source file to most effectively
+state the exclusion of warranty; and each file should have at least
+the "copyright" line and a pointer to where the full notice is found.
+
+ <one line to give the program's name and a brief idea of what it does.>
+ Copyright (C) <year> <name of author>
+
+ This program is free software: you can redistribute it and/or modify
+ it under the terms of the GNU Affero General Public License as published by
+ the Free Software Foundation, either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU Affero General Public License for more details.
+
+ You should have received a copy of the GNU Affero General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+Also add information on how to contact you by electronic and paper mail.
+
+ If your software can interact with users remotely through a computer
+network, you should also make sure that it provides a way for users to
+get its source. For example, if your program is a web application, its
+interface could display a "Source" link that leads users to an archive
+of the code. There are many ways you could offer source, and different
+solutions will be better for different programs; see section 13 for the
+specific requirements.
+
+ You should also get your employer (if you work as a programmer) or school,
+if any, to sign a "copyright disclaimer" for the program, if necessary.
+For more information on this, and how to apply and follow the GNU AGPL, see
+<http://www.gnu.org/licenses/>.
diff --git a/COPYING.AGPL b/COPYING.AGPL
new file mode 100644
index 0000000..dba13ed
--- /dev/null
+++ b/COPYING.AGPL
@@ -0,0 +1,661 @@
+ GNU AFFERO GENERAL PUBLIC LICENSE
+ Version 3, 19 November 2007
+
+ Copyright (C) 2007 Free Software Foundation, Inc. <http://fsf.org/>
+ Everyone is permitted to copy and distribute verbatim copies
+ of this license document, but changing it is not allowed.
+
+ Preamble
+
+ The GNU Affero General Public License is a free, copyleft license for
+software and other kinds of works, specifically designed to ensure
+cooperation with the community in the case of network server software.
+
+ The licenses for most software and other practical works are designed
+to take away your freedom to share and change the works. By contrast,
+our General Public Licenses are intended to guarantee your freedom to
+share and change all versions of a program--to make sure it remains free
+software for all its users.
+
+ When we speak of free software, we are referring to freedom, not
+price. Our General Public Licenses are designed to make sure that you
+have the freedom to distribute copies of free software (and charge for
+them if you wish), that you receive source code or can get it if you
+want it, that you can change the software or use pieces of it in new
+free programs, and that you know you can do these things.
+
+ Developers that use our General Public Licenses protect your rights
+with two steps: (1) assert copyright on the software, and (2) offer
+you this License which gives you legal permission to copy, distribute
+and/or modify the software.
+
+ A secondary benefit of defending all users' freedom is that
+improvements made in alternate versions of the program, if they
+receive widespread use, become available for other developers to
+incorporate. Many developers of free software are heartened and
+encouraged by the resulting cooperation. However, in the case of
+software used on network servers, this result may fail to come about.
+The GNU General Public License permits making a modified version and
+letting the public access it on a server without ever releasing its
+source code to the public.
+
+ The GNU Affero General Public License is designed specifically to
+ensure that, in such cases, the modified source code becomes available
+to the community. It requires the operator of a network server to
+provide the source code of the modified version running there to the
+users of that server. Therefore, public use of a modified version, on
+a publicly accessible server, gives the public access to the source
+code of the modified version.
+
+ An older license, called the Affero General Public License and
+published by Affero, was designed to accomplish similar goals. This is
+a different license, not a version of the Affero GPL, but Affero has
+released a new version of the Affero GPL which permits relicensing under
+this license.
+
+ The precise terms and conditions for copying, distribution and
+modification follow.
+
+ TERMS AND CONDITIONS
+
+ 0. Definitions.
+
+ "This License" refers to version 3 of the GNU Affero General Public License.
+
+ "Copyright" also means copyright-like laws that apply to other kinds of
+works, such as semiconductor masks.
+
+ "The Program" refers to any copyrightable work licensed under this
+License. Each licensee is addressed as "you". "Licensees" and
+"recipients" may be individuals or organizations.
+
+ To "modify" a work means to copy from or adapt all or part of the work
+in a fashion requiring copyright permission, other than the making of an
+exact copy. The resulting work is called a "modified version" of the
+earlier work or a work "based on" the earlier work.
+
+ A "covered work" means either the unmodified Program or a work based
+on the Program.
+
+ To "propagate" a work means to do anything with it that, without
+permission, would make you directly or secondarily liable for
+infringement under applicable copyright law, except executing it on a
+computer or modifying a private copy. Propagation includes copying,
+distribution (with or without modification), making available to the
+public, and in some countries other activities as well.
+
+ To "convey" a work means any kind of propagation that enables other
+parties to make or receive copies. Mere interaction with a user through
+a computer network, with no transfer of a copy, is not conveying.
+
+ An interactive user interface displays "Appropriate Legal Notices"
+to the extent that it includes a convenient and prominently visible
+feature that (1) displays an appropriate copyright notice, and (2)
+tells the user that there is no warranty for the work (except to the
+extent that warranties are provided), that licensees may convey the
+work under this License, and how to view a copy of this License. If
+the interface presents a list of user commands or options, such as a
+menu, a prominent item in the list meets this criterion.
+
+ 1. Source Code.
+
+ The "source code" for a work means the preferred form of the work
+for making modifications to it. "Object code" means any non-source
+form of a work.
+
+ A "Standard Interface" means an interface that either is an official
+standard defined by a recognized standards body, or, in the case of
+interfaces specified for a particular programming language, one that
+is widely used among developers working in that language.
+
+ The "System Libraries" of an executable work include anything, other
+than the work as a whole, that (a) is included in the normal form of
+packaging a Major Component, but which is not part of that Major
+Component, and (b) serves only to enable use of the work with that
+Major Component, or to implement a Standard Interface for which an
+implementation is available to the public in source code form. A
+"Major Component", in this context, means a major essential component
+(kernel, window system, and so on) of the specific operating system
+(if any) on which the executable work runs, or a compiler used to
+produce the work, or an object code interpreter used to run it.
+
+ The "Corresponding Source" for a work in object code form means all
+the source code needed to generate, install, and (for an executable
+work) run the object code and to modify the work, including scripts to
+control those activities. However, it does not include the work's
+System Libraries, or general-purpose tools or generally available free
+programs which are used unmodified in performing those activities but
+which are not part of the work. For example, Corresponding Source
+includes interface definition files associated with source files for
+the work, and the source code for shared libraries and dynamically
+linked subprograms that the work is specifically designed to require,
+such as by intimate data communication or control flow between those
+subprograms and other parts of the work.
+
+ The Corresponding Source need not include anything that users
+can regenerate automatically from other parts of the Corresponding
+Source.
+
+ The Corresponding Source for a work in source code form is that
+same work.
+
+ 2. Basic Permissions.
+
+ All rights granted under this License are granted for the term of
+copyright on the Program, and are irrevocable provided the stated
+conditions are met. This License explicitly affirms your unlimited
+permission to run the unmodified Program. The output from running a
+covered work is covered by this License only if the output, given its
+content, constitutes a covered work. This License acknowledges your
+rights of fair use or other equivalent, as provided by copyright law.
+
+ You may make, run and propagate covered works that you do not
+convey, without conditions so long as your license otherwise remains
+in force. You may convey covered works to others for the sole purpose
+of having them make modifications exclusively for you, or provide you
+with facilities for running those works, provided that you comply with
+the terms of this License in conveying all material for which you do
+not control copyright. Those thus making or running the covered works
+for you must do so exclusively on your behalf, under your direction
+and control, on terms that prohibit them from making any copies of
+your copyrighted material outside their relationship with you.
+
+ Conveying under any other circumstances is permitted solely under
+the conditions stated below. Sublicensing is not allowed; section 10
+makes it unnecessary.
+
+ 3. Protecting Users' Legal Rights From Anti-Circumvention Law.
+
+ No covered work shall be deemed part of an effective technological
+measure under any applicable law fulfilling obligations under article
+11 of the WIPO copyright treaty adopted on 20 December 1996, or
+similar laws prohibiting or restricting circumvention of such
+measures.
+
+ When you convey a covered work, you waive any legal power to forbid
+circumvention of technological measures to the extent such circumvention
+is effected by exercising rights under this License with respect to
+the covered work, and you disclaim any intention to limit operation or
+modification of the work as a means of enforcing, against the work's
+users, your or third parties' legal rights to forbid circumvention of
+technological measures.
+
+ 4. Conveying Verbatim Copies.
+
+ You may convey verbatim copies of the Program's source code as you
+receive it, in any medium, provided that you conspicuously and
+appropriately publish on each copy an appropriate copyright notice;
+keep intact all notices stating that this License and any
+non-permissive terms added in accord with section 7 apply to the code;
+keep intact all notices of the absence of any warranty; and give all
+recipients a copy of this License along with the Program.
+
+ You may charge any price or no price for each copy that you convey,
+and you may offer support or warranty protection for a fee.
+
+ 5. Conveying Modified Source Versions.
+
+ You may convey a work based on the Program, or the modifications to
+produce it from the Program, in the form of source code under the
+terms of section 4, provided that you also meet all of these conditions:
+
+ a) The work must carry prominent notices stating that you modified
+ it, and giving a relevant date.
+
+ b) The work must carry prominent notices stating that it is
+ released under this License and any conditions added under section
+ 7. This requirement modifies the requirement in section 4 to
+ "keep intact all notices".
+
+ c) You must license the entire work, as a whole, under this
+ License to anyone who comes into possession of a copy. This
+ License will therefore apply, along with any applicable section 7
+ additional terms, to the whole of the work, and all its parts,
+ regardless of how they are packaged. This License gives no
+ permission to license the work in any other way, but it does not
+ invalidate such permission if you have separately received it.
+
+ d) If the work has interactive user interfaces, each must display
+ Appropriate Legal Notices; however, if the Program has interactive
+ interfaces that do not display Appropriate Legal Notices, your
+ work need not make them do so.
+
+ A compilation of a covered work with other separate and independent
+works, which are not by their nature extensions of the covered work,
+and which are not combined with it such as to form a larger program,
+in or on a volume of a storage or distribution medium, is called an
+"aggregate" if the compilation and its resulting copyright are not
+used to limit the access or legal rights of the compilation's users
+beyond what the individual works permit. Inclusion of a covered work
+in an aggregate does not cause this License to apply to the other
+parts of the aggregate.
+
+ 6. Conveying Non-Source Forms.
+
+ You may convey a covered work in object code form under the terms
+of sections 4 and 5, provided that you also convey the
+machine-readable Corresponding Source under the terms of this License,
+in one of these ways:
+
+ a) Convey the object code in, or embodied in, a physical product
+ (including a physical distribution medium), accompanied by the
+ Corresponding Source fixed on a durable physical medium
+ customarily used for software interchange.
+
+ b) Convey the object code in, or embodied in, a physical product
+ (including a physical distribution medium), accompanied by a
+ written offer, valid for at least three years and valid for as
+ long as you offer spare parts or customer support for that product
+ model, to give anyone who possesses the object code either (1) a
+ copy of the Corresponding Source for all the software in the
+ product that is covered by this License, on a durable physical
+ medium customarily used for software interchange, for a price no
+ more than your reasonable cost of physically performing this
+ conveying of source, or (2) access to copy the
+ Corresponding Source from a network server at no charge.
+
+ c) Convey individual copies of the object code with a copy of the
+ written offer to provide the Corresponding Source. This
+ alternative is allowed only occasionally and noncommercially, and
+ only if you received the object code with such an offer, in accord
+ with subsection 6b.
+
+ d) Convey the object code by offering access from a designated
+ place (gratis or for a charge), and offer equivalent access to the
+ Corresponding Source in the same way through the same place at no
+ further charge. You need not require recipients to copy the
+ Corresponding Source along with the object code. If the place to
+ copy the object code is a network server, the Corresponding Source
+ may be on a different server (operated by you or a third party)
+ that supports equivalent copying facilities, provided you maintain
+ clear directions next to the object code saying where to find the
+ Corresponding Source. Regardless of what server hosts the
+ Corresponding Source, you remain obligated to ensure that it is
+ available for as long as needed to satisfy these requirements.
+
+ e) Convey the object code using peer-to-peer transmission, provided
+ you inform other peers where the object code and Corresponding
+ Source of the work are being offered to the general public at no
+ charge under subsection 6d.
+
+ A separable portion of the object code, whose source code is excluded
+from the Corresponding Source as a System Library, need not be
+included in conveying the object code work.
+
+ A "User Product" is either (1) a "consumer product", which means any
+tangible personal property which is normally used for personal, family,
+or household purposes, or (2) anything designed or sold for incorporation
+into a dwelling. In determining whether a product is a consumer product,
+doubtful cases shall be resolved in favor of coverage. For a particular
+product received by a particular user, "normally used" refers to a
+typical or common use of that class of product, regardless of the status
+of the particular user or of the way in which the particular user
+actually uses, or expects or is expected to use, the product. A product
+is a consumer product regardless of whether the product has substantial
+commercial, industrial or non-consumer uses, unless such uses represent
+the only significant mode of use of the product.
+
+ "Installation Information" for a User Product means any methods,
+procedures, authorization keys, or other information required to install
+and execute modified versions of a covered work in that User Product from
+a modified version of its Corresponding Source. The information must
+suffice to ensure that the continued functioning of the modified object
+code is in no case prevented or interfered with solely because
+modification has been made.
+
+ If you convey an object code work under this section in, or with, or
+specifically for use in, a User Product, and the conveying occurs as
+part of a transaction in which the right of possession and use of the
+User Product is transferred to the recipient in perpetuity or for a
+fixed term (regardless of how the transaction is characterized), the
+Corresponding Source conveyed under this section must be accompanied
+by the Installation Information. But this requirement does not apply
+if neither you nor any third party retains the ability to install
+modified object code on the User Product (for example, the work has
+been installed in ROM).
+
+ The requirement to provide Installation Information does not include a
+requirement to continue to provide support service, warranty, or updates
+for a work that has been modified or installed by the recipient, or for
+the User Product in which it has been modified or installed. Access to a
+network may be denied when the modification itself materially and
+adversely affects the operation of the network or violates the rules and
+protocols for communication across the network.
+
+ Corresponding Source conveyed, and Installation Information provided,
+in accord with this section must be in a format that is publicly
+documented (and with an implementation available to the public in
+source code form), and must require no special password or key for
+unpacking, reading or copying.
+
+ 7. Additional Terms.
+
+ "Additional permissions" are terms that supplement the terms of this
+License by making exceptions from one or more of its conditions.
+Additional permissions that are applicable to the entire Program shall
+be treated as though they were included in this License, to the extent
+that they are valid under applicable law. If additional permissions
+apply only to part of the Program, that part may be used separately
+under those permissions, but the entire Program remains governed by
+this License without regard to the additional permissions.
+
+ When you convey a copy of a covered work, you may at your option
+remove any additional permissions from that copy, or from any part of
+it. (Additional permissions may be written to require their own
+removal in certain cases when you modify the work.) You may place
+additional permissions on material, added by you to a covered work,
+for which you have or can give appropriate copyright permission.
+
+ Notwithstanding any other provision of this License, for material you
+add to a covered work, you may (if authorized by the copyright holders of
+that material) supplement the terms of this License with terms:
+
+ a) Disclaiming warranty or limiting liability differently from the
+ terms of sections 15 and 16 of this License; or
+
+ b) Requiring preservation of specified reasonable legal notices or
+ author attributions in that material or in the Appropriate Legal
+ Notices displayed by works containing it; or
+
+ c) Prohibiting misrepresentation of the origin of that material, or
+ requiring that modified versions of such material be marked in
+ reasonable ways as different from the original version; or
+
+ d) Limiting the use for publicity purposes of names of licensors or
+ authors of the material; or
+
+ e) Declining to grant rights under trademark law for use of some
+ trade names, trademarks, or service marks; or
+
+ f) Requiring indemnification of licensors and authors of that
+ material by anyone who conveys the material (or modified versions of
+ it) with contractual assumptions of liability to the recipient, for
+ any liability that these contractual assumptions directly impose on
+ those licensors and authors.
+
+ All other non-permissive additional terms are considered "further
+restrictions" within the meaning of section 10. If the Program as you
+received it, or any part of it, contains a notice stating that it is
+governed by this License along with a term that is a further
+restriction, you may remove that term. If a license document contains
+a further restriction but permits relicensing or conveying under this
+License, you may add to a covered work material governed by the terms
+of that license document, provided that the further restriction does
+not survive such relicensing or conveying.
+
+ If you add terms to a covered work in accord with this section, you
+must place, in the relevant source files, a statement of the
+additional terms that apply to those files, or a notice indicating
+where to find the applicable terms.
+
+ Additional terms, permissive or non-permissive, may be stated in the
+form of a separately written license, or stated as exceptions;
+the above requirements apply either way.
+
+ 8. Termination.
+
+ You may not propagate or modify a covered work except as expressly
+provided under this License. Any attempt otherwise to propagate or
+modify it is void, and will automatically terminate your rights under
+this License (including any patent licenses granted under the third
+paragraph of section 11).
+
+ However, if you cease all violation of this License, then your
+license from a particular copyright holder is reinstated (a)
+provisionally, unless and until the copyright holder explicitly and
+finally terminates your license, and (b) permanently, if the copyright
+holder fails to notify you of the violation by some reasonable means
+prior to 60 days after the cessation.
+
+ Moreover, your license from a particular copyright holder is
+reinstated permanently if the copyright holder notifies you of the
+violation by some reasonable means, this is the first time you have
+received notice of violation of this License (for any work) from that
+copyright holder, and you cure the violation prior to 30 days after
+your receipt of the notice.
+
+ Termination of your rights under this section does not terminate the
+licenses of parties who have received copies or rights from you under
+this License. If your rights have been terminated and not permanently
+reinstated, you do not qualify to receive new licenses for the same
+material under section 10.
+
+ 9. Acceptance Not Required for Having Copies.
+
+ You are not required to accept this License in order to receive or
+run a copy of the Program. Ancillary propagation of a covered work
+occurring solely as a consequence of using peer-to-peer transmission
+to receive a copy likewise does not require acceptance. However,
+nothing other than this License grants you permission to propagate or
+modify any covered work. These actions infringe copyright if you do
+not accept this License. Therefore, by modifying or propagating a
+covered work, you indicate your acceptance of this License to do so.
+
+ 10. Automatic Licensing of Downstream Recipients.
+
+ Each time you convey a covered work, the recipient automatically
+receives a license from the original licensors, to run, modify and
+propagate that work, subject to this License. You are not responsible
+for enforcing compliance by third parties with this License.
+
+ An "entity transaction" is a transaction transferring control of an
+organization, or substantially all assets of one, or subdividing an
+organization, or merging organizations. If propagation of a covered
+work results from an entity transaction, each party to that
+transaction who receives a copy of the work also receives whatever
+licenses to the work the party's predecessor in interest had or could
+give under the previous paragraph, plus a right to possession of the
+Corresponding Source of the work from the predecessor in interest, if
+the predecessor has it or can get it with reasonable efforts.
+
+ You may not impose any further restrictions on the exercise of the
+rights granted or affirmed under this License. For example, you may
+not impose a license fee, royalty, or other charge for exercise of
+rights granted under this License, and you may not initiate litigation
+(including a cross-claim or counterclaim in a lawsuit) alleging that
+any patent claim is infringed by making, using, selling, offering for
+sale, or importing the Program or any portion of it.
+
+ 11. Patents.
+
+ A "contributor" is a copyright holder who authorizes use under this
+License of the Program or a work on which the Program is based. The
+work thus licensed is called the contributor's "contributor version".
+
+ A contributor's "essential patent claims" are all patent claims
+owned or controlled by the contributor, whether already acquired or
+hereafter acquired, that would be infringed by some manner, permitted
+by this License, of making, using, or selling its contributor version,
+but do not include claims that would be infringed only as a
+consequence of further modification of the contributor version. For
+purposes of this definition, "control" includes the right to grant
+patent sublicenses in a manner consistent with the requirements of
+this License.
+
+ Each contributor grants you a non-exclusive, worldwide, royalty-free
+patent license under the contributor's essential patent claims, to
+make, use, sell, offer for sale, import and otherwise run, modify and
+propagate the contents of its contributor version.
+
+ In the following three paragraphs, a "patent license" is any express
+agreement or commitment, however denominated, not to enforce a patent
+(such as an express permission to practice a patent or covenant not to
+sue for patent infringement). To "grant" such a patent license to a
+party means to make such an agreement or commitment not to enforce a
+patent against the party.
+
+ If you convey a covered work, knowingly relying on a patent license,
+and the Corresponding Source of the work is not available for anyone
+to copy, free of charge and under the terms of this License, through a
+publicly available network server or other readily accessible means,
+then you must either (1) cause the Corresponding Source to be so
+available, or (2) arrange to deprive yourself of the benefit of the
+patent license for this particular work, or (3) arrange, in a manner
+consistent with the requirements of this License, to extend the patent
+license to downstream recipients. "Knowingly relying" means you have
+actual knowledge that, but for the patent license, your conveying the
+covered work in a country, or your recipient's use of the covered work
+in a country, would infringe one or more identifiable patents in that
+country that you have reason to believe are valid.
+
+ If, pursuant to or in connection with a single transaction or
+arrangement, you convey, or propagate by procuring conveyance of, a
+covered work, and grant a patent license to some of the parties
+receiving the covered work authorizing them to use, propagate, modify
+or convey a specific copy of the covered work, then the patent license
+you grant is automatically extended to all recipients of the covered
+work and works based on it.
+
+ A patent license is "discriminatory" if it does not include within
+the scope of its coverage, prohibits the exercise of, or is
+conditioned on the non-exercise of one or more of the rights that are
+specifically granted under this License. You may not convey a covered
+work if you are a party to an arrangement with a third party that is
+in the business of distributing software, under which you make payment
+to the third party based on the extent of your activity of conveying
+the work, and under which the third party grants, to any of the
+parties who would receive the covered work from you, a discriminatory
+patent license (a) in connection with copies of the covered work
+conveyed by you (or copies made from those copies), or (b) primarily
+for and in connection with specific products or compilations that
+contain the covered work, unless you entered into that arrangement,
+or that patent license was granted, prior to 28 March 2007.
+
+ Nothing in this License shall be construed as excluding or limiting
+any implied license or other defenses to infringement that may
+otherwise be available to you under applicable patent law.
+
+ 12. No Surrender of Others' Freedom.
+
+ If conditions are imposed on you (whether by court order, agreement or
+otherwise) that contradict the conditions of this License, they do not
+excuse you from the conditions of this License. If you cannot convey a
+covered work so as to satisfy simultaneously your obligations under this
+License and any other pertinent obligations, then as a consequence you may
+not convey it at all. For example, if you agree to terms that obligate you
+to collect a royalty for further conveying from those to whom you convey
+the Program, the only way you could satisfy both those terms and this
+License would be to refrain entirely from conveying the Program.
+
+ 13. Remote Network Interaction; Use with the GNU General Public License.
+
+ Notwithstanding any other provision of this License, if you modify the
+Program, your modified version must prominently offer all users
+interacting with it remotely through a computer network (if your version
+supports such interaction) an opportunity to receive the Corresponding
+Source of your version by providing access to the Corresponding Source
+from a network server at no charge, through some standard or customary
+means of facilitating copying of software. This Corresponding Source
+shall include the Corresponding Source for any work covered by version 3
+of the GNU General Public License that is incorporated pursuant to the
+following paragraph.
+
+ Notwithstanding any other provision of this License, you have
+permission to link or combine any covered work with a work licensed
+under version 3 of the GNU General Public License into a single
+combined work, and to convey the resulting work. The terms of this
+License will continue to apply to the part which is the covered work,
+but the work with which it is combined will remain governed by version
+3 of the GNU General Public License.
+
+ 14. Revised Versions of this License.
+
+ The Free Software Foundation may publish revised and/or new versions of
+the GNU Affero General Public License from time to time. Such new versions
+will be similar in spirit to the present version, but may differ in detail to
+address new problems or concerns.
+
+ Each version is given a distinguishing version number. If the
+Program specifies that a certain numbered version of the GNU Affero General
+Public License "or any later version" applies to it, you have the
+option of following the terms and conditions either of that numbered
+version or of any later version published by the Free Software
+Foundation. If the Program does not specify a version number of the
+GNU Affero General Public License, you may choose any version ever published
+by the Free Software Foundation.
+
+ If the Program specifies that a proxy can decide which future
+versions of the GNU Affero General Public License can be used, that proxy's
+public statement of acceptance of a version permanently authorizes you
+to choose that version for the Program.
+
+ Later license versions may give you additional or different
+permissions. However, no additional obligations are imposed on any
+author or copyright holder as a result of your choosing to follow a
+later version.
+
+ 15. Disclaimer of Warranty.
+
+ THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY
+APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT
+HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY
+OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO,
+THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM
+IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF
+ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
+
+ 16. Limitation of Liability.
+
+ IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
+WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS
+THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY
+GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE
+USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF
+DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD
+PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS),
+EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF
+SUCH DAMAGES.
+
+ 17. Interpretation of Sections 15 and 16.
+
+ If the disclaimer of warranty and limitation of liability provided
+above cannot be given local legal effect according to their terms,
+reviewing courts shall apply local law that most closely approximates
+an absolute waiver of all civil liability in connection with the
+Program, unless a warranty or assumption of liability accompanies a
+copy of the Program in return for a fee.
+
+ END OF TERMS AND CONDITIONS
+
+ How to Apply These Terms to Your New Programs
+
+ If you develop a new program, and you want it to be of the greatest
+possible use to the public, the best way to achieve this is to make it
+free software which everyone can redistribute and change under these terms.
+
+ To do so, attach the following notices to the program. It is safest
+to attach them to the start of each source file to most effectively
+state the exclusion of warranty; and each file should have at least
+the "copyright" line and a pointer to where the full notice is found.
+
+ <one line to give the program's name and a brief idea of what it does.>
+ Copyright (C) <year> <name of author>
+
+ This program is free software: you can redistribute it and/or modify
+ it under the terms of the GNU Affero General Public License as published by
+ the Free Software Foundation, either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU Affero General Public License for more details.
+
+ You should have received a copy of the GNU Affero General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+Also add information on how to contact you by electronic and paper mail.
+
+ If your software can interact with users remotely through a computer
+network, you should also make sure that it provides a way for users to
+get its source. For example, if your program is a web application, its
+interface could display a "Source" link that leads users to an archive
+of the code. There are many ways you could offer source, and different
+solutions will be better for different programs; see section 13 for the
+specific requirements.
+
+ You should also get your employer (if you work as a programmer) or school,
+if any, to sign a "copyright disclaimer" for the program, if necessary.
+For more information on this, and how to apply and follow the GNU AGPL, see
+<http://www.gnu.org/licenses/>.
diff --git a/ChangeLog b/ChangeLog
new file mode 100644
index 0000000..1c4cf10
--- /dev/null
+++ b/ChangeLog
@@ -0,0 +1,8 @@
+Fri 30 Jul 2021 09:56:51 AM CEST
+ Preparing for first release. -CG
+
+Mon 05 Apr 2021 08:09:30 PM CEST
+ Add gettext support to build system. -CG
+
+Tue 18 Jun 2019 04:19:29 PM CEST
+ Initial project setup. -CG
diff --git a/INSTALL b/INSTALL
new file mode 100644
index 0000000..8865734
--- /dev/null
+++ b/INSTALL
@@ -0,0 +1,368 @@
+Installation Instructions
+*************************
+
+ Copyright (C) 1994-1996, 1999-2002, 2004-2016 Free Software
+Foundation, Inc.
+
+ Copying and distribution of this file, with or without modification,
+are permitted in any medium without royalty provided the copyright
+notice and this notice are preserved. This file is offered as-is,
+without warranty of any kind.
+
+Basic Installation
+==================
+
+ Briefly, the shell command './configure && make && make install'
+should configure, build, and install this package. The following
+more-detailed instructions are generic; see the 'README' file for
+instructions specific to this package. Some packages provide this
+'INSTALL' file but do not implement all of the features documented
+below. The lack of an optional feature in a given package is not
+necessarily a bug. More recommendations for GNU packages can be found
+in *note Makefile Conventions: (standards)Makefile Conventions.
+
+ The 'configure' shell script attempts to guess correct values for
+various system-dependent variables used during compilation. It uses
+those values to create a 'Makefile' in each directory of the package.
+It may also create one or more '.h' files containing system-dependent
+definitions. Finally, it creates a shell script 'config.status' that
+you can run in the future to recreate the current configuration, and a
+file 'config.log' containing compiler output (useful mainly for
+debugging 'configure').
+
+ It can also use an optional file (typically called 'config.cache' and
+enabled with '--cache-file=config.cache' or simply '-C') that saves the
+results of its tests to speed up reconfiguring. Caching is disabled by
+default to prevent problems with accidental use of stale cache files.
+
+ If you need to do unusual things to compile the package, please try
+to figure out how 'configure' could check whether to do them, and mail
+diffs or instructions to the address given in the 'README' so they can
+be considered for the next release. If you are using the cache, and at
+some point 'config.cache' contains results you don't want to keep, you
+may remove or edit it.
+
+ The file 'configure.ac' (or 'configure.in') is used to create
+'configure' by a program called 'autoconf'. You need 'configure.ac' if
+you want to change it or regenerate 'configure' using a newer version of
+'autoconf'.
+
+ The simplest way to compile this package is:
+
+ 1. 'cd' to the directory containing the package's source code and type
+ './configure' to configure the package for your system.
+
+ Running 'configure' might take a while. While running, it prints
+ some messages telling which features it is checking for.
+
+ 2. Type 'make' to compile the package.
+
+ 3. Optionally, type 'make check' to run any self-tests that come with
+ the package, generally using the just-built uninstalled binaries.
+
+ 4. Type 'make install' to install the programs and any data files and
+ documentation. When installing into a prefix owned by root, it is
+ recommended that the package be configured and built as a regular
+ user, and only the 'make install' phase executed with root
+ privileges.
+
+ 5. Optionally, type 'make installcheck' to repeat any self-tests, but
+ this time using the binaries in their final installed location.
+ This target does not install anything. Running this target as a
+ regular user, particularly if the prior 'make install' required
+ root privileges, verifies that the installation completed
+ correctly.
+
+ 6. You can remove the program binaries and object files from the
+ source code directory by typing 'make clean'. To also remove the
+ files that 'configure' created (so you can compile the package for
+ a different kind of computer), type 'make distclean'. There is
+ also a 'make maintainer-clean' target, but that is intended mainly
+ for the package's developers. If you use it, you may have to get
+ all sorts of other programs in order to regenerate files that came
+ with the distribution.
+
+ 7. Often, you can also type 'make uninstall' to remove the installed
+ files again. In practice, not all packages have tested that
+ uninstallation works correctly, even though it is required by the
+ GNU Coding Standards.
+
+ 8. Some packages, particularly those that use Automake, provide 'make
+ distcheck', which can by used by developers to test that all other
+ targets like 'make install' and 'make uninstall' work correctly.
+ This target is generally not run by end users.
+
+Compilers and Options
+=====================
+
+ Some systems require unusual options for compilation or linking that
+the 'configure' script does not know about. Run './configure --help'
+for details on some of the pertinent environment variables.
+
+ You can give 'configure' initial values for configuration parameters
+by setting variables in the command line or in the environment. Here is
+an example:
+
+ ./configure CC=c99 CFLAGS=-g LIBS=-lposix
+
+ *Note Defining Variables::, for more details.
+
+Compiling For Multiple Architectures
+====================================
+
+ You can compile the package for more than one kind of computer at the
+same time, by placing the object files for each architecture in their
+own directory. To do this, you can use GNU 'make'. 'cd' to the
+directory where you want the object files and executables to go and run
+the 'configure' script. 'configure' automatically checks for the source
+code in the directory that 'configure' is in and in '..'. This is known
+as a "VPATH" build.
+
+ With a non-GNU 'make', it is safer to compile the package for one
+architecture at a time in the source code directory. After you have
+installed the package for one architecture, use 'make distclean' before
+reconfiguring for another architecture.
+
+ On MacOS X 10.5 and later systems, you can create libraries and
+executables that work on multiple system types--known as "fat" or
+"universal" binaries--by specifying multiple '-arch' options to the
+compiler but only a single '-arch' option to the preprocessor. Like
+this:
+
+ ./configure CC="gcc -arch i386 -arch x86_64 -arch ppc -arch ppc64" \
+ CXX="g++ -arch i386 -arch x86_64 -arch ppc -arch ppc64" \
+ CPP="gcc -E" CXXCPP="g++ -E"
+
+ This is not guaranteed to produce working output in all cases, you
+may have to build one architecture at a time and combine the results
+using the 'lipo' tool if you have problems.
+
+Installation Names
+==================
+
+ By default, 'make install' installs the package's commands under
+'/usr/local/bin', include files under '/usr/local/include', etc. You
+can specify an installation prefix other than '/usr/local' by giving
+'configure' the option '--prefix=PREFIX', where PREFIX must be an
+absolute file name.
+
+ You can specify separate installation prefixes for
+architecture-specific files and architecture-independent files. If you
+pass the option '--exec-prefix=PREFIX' to 'configure', the package uses
+PREFIX as the prefix for installing programs and libraries.
+Documentation and other data files still use the regular prefix.
+
+ In addition, if you use an unusual directory layout you can give
+options like '--bindir=DIR' to specify different values for particular
+kinds of files. Run 'configure --help' for a list of the directories
+you can set and what kinds of files go in them. In general, the default
+for these options is expressed in terms of '${prefix}', so that
+specifying just '--prefix' will affect all of the other directory
+specifications that were not explicitly provided.
+
+ The most portable way to affect installation locations is to pass the
+correct locations to 'configure'; however, many packages provide one or
+both of the following shortcuts of passing variable assignments to the
+'make install' command line to change installation locations without
+having to reconfigure or recompile.
+
+ The first method involves providing an override variable for each
+affected directory. For example, 'make install
+prefix=/alternate/directory' will choose an alternate location for all
+directory configuration variables that were expressed in terms of
+'${prefix}'. Any directories that were specified during 'configure',
+but not in terms of '${prefix}', must each be overridden at install time
+for the entire installation to be relocated. The approach of makefile
+variable overrides for each directory variable is required by the GNU
+Coding Standards, and ideally causes no recompilation. However, some
+platforms have known limitations with the semantics of shared libraries
+that end up requiring recompilation when using this method, particularly
+noticeable in packages that use GNU Libtool.
+
+ The second method involves providing the 'DESTDIR' variable. For
+example, 'make install DESTDIR=/alternate/directory' will prepend
+'/alternate/directory' before all installation names. The approach of
+'DESTDIR' overrides is not required by the GNU Coding Standards, and
+does not work on platforms that have drive letters. On the other hand,
+it does better at avoiding recompilation issues, and works well even
+when some directory options were not specified in terms of '${prefix}'
+at 'configure' time.
+
+Optional Features
+=================
+
+ If the package supports it, you can cause programs to be installed
+with an extra prefix or suffix on their names by giving 'configure' the
+option '--program-prefix=PREFIX' or '--program-suffix=SUFFIX'.
+
+ Some packages pay attention to '--enable-FEATURE' options to
+'configure', where FEATURE indicates an optional part of the package.
+They may also pay attention to '--with-PACKAGE' options, where PACKAGE
+is something like 'gnu-as' or 'x' (for the X Window System). The
+'README' should mention any '--enable-' and '--with-' options that the
+package recognizes.
+
+ For packages that use the X Window System, 'configure' can usually
+find the X include and library files automatically, but if it doesn't,
+you can use the 'configure' options '--x-includes=DIR' and
+'--x-libraries=DIR' to specify their locations.
+
+ Some packages offer the ability to configure how verbose the
+execution of 'make' will be. For these packages, running './configure
+--enable-silent-rules' sets the default to minimal output, which can be
+overridden with 'make V=1'; while running './configure
+--disable-silent-rules' sets the default to verbose, which can be
+overridden with 'make V=0'.
+
+Particular systems
+==================
+
+ On HP-UX, the default C compiler is not ANSI C compatible. If GNU CC
+is not installed, it is recommended to use the following options in
+order to use an ANSI C compiler:
+
+ ./configure CC="cc -Ae -D_XOPEN_SOURCE=500"
+
+and if that doesn't work, install pre-built binaries of GCC for HP-UX.
+
+ HP-UX 'make' updates targets which have the same time stamps as their
+prerequisites, which makes it generally unusable when shipped generated
+files such as 'configure' are involved. Use GNU 'make' instead.
+
+ On OSF/1 a.k.a. Tru64, some versions of the default C compiler cannot
+parse its '<wchar.h>' header file. The option '-nodtk' can be used as a
+workaround. If GNU CC is not installed, it is therefore recommended to
+try
+
+ ./configure CC="cc"
+
+and if that doesn't work, try
+
+ ./configure CC="cc -nodtk"
+
+ On Solaris, don't put '/usr/ucb' early in your 'PATH'. This
+directory contains several dysfunctional programs; working variants of
+these programs are available in '/usr/bin'. So, if you need '/usr/ucb'
+in your 'PATH', put it _after_ '/usr/bin'.
+
+ On Haiku, software installed for all users goes in '/boot/common',
+not '/usr/local'. It is recommended to use the following options:
+
+ ./configure --prefix=/boot/common
+
+Specifying the System Type
+==========================
+
+ There may be some features 'configure' cannot figure out
+automatically, but needs to determine by the type of machine the package
+will run on. Usually, assuming the package is built to be run on the
+_same_ architectures, 'configure' can figure that out, but if it prints
+a message saying it cannot guess the machine type, give it the
+'--build=TYPE' option. TYPE can either be a short name for the system
+type, such as 'sun4', or a canonical name which has the form:
+
+ CPU-COMPANY-SYSTEM
+
+where SYSTEM can have one of these forms:
+
+ OS
+ KERNEL-OS
+
+ See the file 'config.sub' for the possible values of each field. If
+'config.sub' isn't included in this package, then this package doesn't
+need to know the machine type.
+
+ If you are _building_ compiler tools for cross-compiling, you should
+use the option '--target=TYPE' to select the type of system they will
+produce code for.
+
+ If you want to _use_ a cross compiler, that generates code for a
+platform different from the build platform, you should specify the
+"host" platform (i.e., that on which the generated programs will
+eventually be run) with '--host=TYPE'.
+
+Sharing Defaults
+================
+
+ If you want to set default values for 'configure' scripts to share,
+you can create a site shell script called 'config.site' that gives
+default values for variables like 'CC', 'cache_file', and 'prefix'.
+'configure' looks for 'PREFIX/share/config.site' if it exists, then
+'PREFIX/etc/config.site' if it exists. Or, you can set the
+'CONFIG_SITE' environment variable to the location of the site script.
+A warning: not all 'configure' scripts look for a site script.
+
+Defining Variables
+==================
+
+ Variables not defined in a site shell script can be set in the
+environment passed to 'configure'. However, some packages may run
+configure again during the build, and the customized values of these
+variables may be lost. In order to avoid this problem, you should set
+them in the 'configure' command line, using 'VAR=value'. For example:
+
+ ./configure CC=/usr/local2/bin/gcc
+
+causes the specified 'gcc' to be used as the C compiler (unless it is
+overridden in the site shell script).
+
+Unfortunately, this technique does not work for 'CONFIG_SHELL' due to an
+Autoconf limitation. Until the limitation is lifted, you can use this
+workaround:
+
+ CONFIG_SHELL=/bin/bash ./configure CONFIG_SHELL=/bin/bash
+
+'configure' Invocation
+======================
+
+ 'configure' recognizes the following options to control how it
+operates.
+
+'--help'
+'-h'
+ Print a summary of all of the options to 'configure', and exit.
+
+'--help=short'
+'--help=recursive'
+ Print a summary of the options unique to this package's
+ 'configure', and exit. The 'short' variant lists options used only
+ in the top level, while the 'recursive' variant lists options also
+ present in any nested packages.
+
+'--version'
+'-V'
+ Print the version of Autoconf used to generate the 'configure'
+ script, and exit.
+
+'--cache-file=FILE'
+ Enable the cache: use and save the results of the tests in FILE,
+ traditionally 'config.cache'. FILE defaults to '/dev/null' to
+ disable caching.
+
+'--config-cache'
+'-C'
+ Alias for '--cache-file=config.cache'.
+
+'--quiet'
+'--silent'
+'-q'
+ Do not print messages saying which checks are being made. To
+ suppress all normal output, redirect it to '/dev/null' (any error
+ messages will still be shown).
+
+'--srcdir=DIR'
+ Look for the package's source code in directory DIR. Usually
+ 'configure' can determine that directory automatically.
+
+'--prefix=DIR'
+ Use DIR as the installation prefix. *note Installation Names:: for
+ more details, including other options available for fine-tuning the
+ installation locations.
+
+'--no-create'
+'-n'
+ Run the configure checks, but stop before creating any output
+ files.
+
+'configure' also accepts some other, not widely useful, options. Run
+'configure --help' for more details.
diff --git a/Makefile.am b/Makefile.am
new file mode 100644
index 0000000..9d2a8f8
--- /dev/null
+++ b/Makefile.am
@@ -0,0 +1,25 @@
+# This Makefile is in the public domain
+
+if DOC_ONLY
+if ENABLE_DOC
+ SUBDIRS = . doc po
+else
+ SUBDIRS = . po
+endif
+else
+if ENABLE_DOC
+ SUBDIRS = . contrib src doc po
+else
+ SUBDIRS = . contrib src doc po
+endif
+endif
+
+@DX_RULES@
+
+ACLOCAL_AMFLAGS = -I m4
+EXTRA_DIST = config.rpath \
+ AUTHORS \
+ COPYING.AGPL \
+ contrib/gnunet.tag \
+ contrib/uncrustify.cfg \
+ contrib/uncrustify_precommit
diff --git a/NEWS b/NEWS
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/NEWS
diff --git a/README b/README
new file mode 100644
index 0000000..7a09d7b
--- /dev/null
+++ b/README
@@ -0,0 +1,42 @@
+=============
+GNU ANASTASIS
+=============
+
+This package includes the Anastasis core logic. The code is released
+under the GNU Affero General Public License (v3 or later). See
+COPYING for details.
+
+Description
+===========
+
+GNU Anastasis is a key backup and recovery tool from the GNU project.
+This package includes the backend run by the Anastasis providers as
+well as libraries for clients and a command-line interface.
+
+Dependencies
+============
+
+libjansson : MIT License
+libgcrypt : LGPL
+postgresql : PostgreSQL License
+libgnunet* : GPLv3+,
+libtaler* : GPLv3+
+GNU recutils: GPLv3+ (when building from Git)
+
+
+Directory structure
+===================
+
+src/include/ includes installed (public) headers
+src/util/ implements helper and crypto routines
+src/backend/ contains the REST service
+src/stasis/ implements the database logic for the backend
+src/authorization/ contains various authorization plugins
+src/restclient/ implements a REST client for the backend
+src/lib/ implements the main client-side backup and recovery logic
+src/testing/ contains test cases for 'src/restclient/' and 'src/lib/'
+src/reducer/ implements a reducer API on top of 'src/lib/'
+src/cli/ includes a reducer-based command-line interface
+contrib/ contains resource files, like what identity attributes to ask for
+doc/ contains documentation files, like TeXinfo
+po/ internationalization via GNU gettext
diff --git a/bootstrap b/bootstrap
new file mode 100755
index 0000000..a7414cd
--- /dev/null
+++ b/bootstrap
@@ -0,0 +1,35 @@
+#!/bin/sh
+
+if ! git --version >/dev/null; then
+ echo "git not installed"
+ exit 1
+fi
+
+echo "$0: Updating submodules"
+echo | git submodule update --init
+
+git submodule update --init
+
+./contrib/gana-update.sh
+
+# This is more portable than `which' but comes with
+# the caveat of not(?) properly working on busybox's ash:
+existence()
+{
+ command -v "$1" >/dev/null 2>&1
+}
+
+
+if existence uncrustify; then
+ echo "Installing uncrustify hook and configuration"
+ # Install uncrustify format symlink (if possible)
+ ln -s contrib/uncrustify.cfg uncrustify.cfg 2> /dev/null
+ # Install pre-commit hook (if possible)
+ ln -s ../../contrib/uncrustify_precommit .git/hooks/pre-commit 2> /dev/null
+else
+ echo "Uncrustify not detected, hook not installed. Please install uncrustify if you plan on doing development"
+fi
+
+
+echo "$0: Running autoreconf"
+autoreconf -if
diff --git a/config.rpath b/config.rpath
new file mode 100755
index 0000000..98183ff
--- /dev/null
+++ b/config.rpath
@@ -0,0 +1,684 @@
+#! /bin/sh
+# Output a system dependent set of variables, describing how to set the
+# run time search path of shared libraries in an executable.
+#
+# Copyright 1996-2016 Free Software Foundation, Inc.
+# Taken from GNU libtool, 2001
+# Originally by Gordon Matzigkeit <gord@gnu.ai.mit.edu>, 1996
+#
+# This file is free software; the Free Software Foundation gives
+# unlimited permission to copy and/or distribute it, with or without
+# modifications, as long as this notice is preserved.
+#
+# The first argument passed to this file is the canonical host specification,
+# CPU_TYPE-MANUFACTURER-OPERATING_SYSTEM
+# or
+# CPU_TYPE-MANUFACTURER-KERNEL-OPERATING_SYSTEM
+# The environment variables CC, GCC, LDFLAGS, LD, with_gnu_ld
+# should be set by the caller.
+#
+# The set of defined variables is at the end of this script.
+
+# Known limitations:
+# - On IRIX 6.5 with CC="cc", the run time search patch must not be longer
+# than 256 bytes, otherwise the compiler driver will dump core. The only
+# known workaround is to choose shorter directory names for the build
+# directory and/or the installation directory.
+
+# All known linkers require a '.a' archive for static linking (except MSVC,
+# which needs '.lib').
+libext=a
+shrext=.so
+
+host="$1"
+host_cpu=`echo "$host" | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\1/'`
+host_vendor=`echo "$host" | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\2/'`
+host_os=`echo "$host" | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\3/'`
+
+# Code taken from libtool.m4's _LT_CC_BASENAME.
+
+for cc_temp in $CC""; do
+ case $cc_temp in
+ compile | *[\\/]compile | ccache | *[\\/]ccache ) ;;
+ distcc | *[\\/]distcc | purify | *[\\/]purify ) ;;
+ \-*) ;;
+ *) break;;
+ esac
+done
+cc_basename=`echo "$cc_temp" | sed -e 's%^.*/%%'`
+
+# Code taken from libtool.m4's _LT_COMPILER_PIC.
+
+wl=
+if test "$GCC" = yes; then
+ wl='-Wl,'
+else
+ case "$host_os" in
+ aix*)
+ wl='-Wl,'
+ ;;
+ mingw* | cygwin* | pw32* | os2* | cegcc*)
+ ;;
+ hpux9* | hpux10* | hpux11*)
+ wl='-Wl,'
+ ;;
+ irix5* | irix6* | nonstopux*)
+ wl='-Wl,'
+ ;;
+ linux* | k*bsd*-gnu | kopensolaris*-gnu)
+ case $cc_basename in
+ ecc*)
+ wl='-Wl,'
+ ;;
+ icc* | ifort*)
+ wl='-Wl,'
+ ;;
+ lf95*)
+ wl='-Wl,'
+ ;;
+ nagfor*)
+ wl='-Wl,-Wl,,'
+ ;;
+ pgcc* | pgf77* | pgf90* | pgf95* | pgfortran*)
+ wl='-Wl,'
+ ;;
+ ccc*)
+ wl='-Wl,'
+ ;;
+ xl* | bgxl* | bgf* | mpixl*)
+ wl='-Wl,'
+ ;;
+ como)
+ wl='-lopt='
+ ;;
+ *)
+ case `$CC -V 2>&1 | sed 5q` in
+ *Sun\ F* | *Sun*Fortran*)
+ wl=
+ ;;
+ *Sun\ C*)
+ wl='-Wl,'
+ ;;
+ esac
+ ;;
+ esac
+ ;;
+ newsos6)
+ ;;
+ *nto* | *qnx*)
+ ;;
+ osf3* | osf4* | osf5*)
+ wl='-Wl,'
+ ;;
+ rdos*)
+ ;;
+ solaris*)
+ case $cc_basename in
+ f77* | f90* | f95* | sunf77* | sunf90* | sunf95*)
+ wl='-Qoption ld '
+ ;;
+ *)
+ wl='-Wl,'
+ ;;
+ esac
+ ;;
+ sunos4*)
+ wl='-Qoption ld '
+ ;;
+ sysv4 | sysv4.2uw2* | sysv4.3*)
+ wl='-Wl,'
+ ;;
+ sysv4*MP*)
+ ;;
+ sysv5* | unixware* | sco3.2v5* | sco5v6* | OpenUNIX*)
+ wl='-Wl,'
+ ;;
+ unicos*)
+ wl='-Wl,'
+ ;;
+ uts4*)
+ ;;
+ esac
+fi
+
+# Code taken from libtool.m4's _LT_LINKER_SHLIBS.
+
+hardcode_libdir_flag_spec=
+hardcode_libdir_separator=
+hardcode_direct=no
+hardcode_minus_L=no
+
+case "$host_os" in
+ cygwin* | mingw* | pw32* | cegcc*)
+ # FIXME: the MSVC++ port hasn't been tested in a loooong time
+ # When not using gcc, we currently assume that we are using
+ # Microsoft Visual C++.
+ if test "$GCC" != yes; then
+ with_gnu_ld=no
+ fi
+ ;;
+ interix*)
+ # we just hope/assume this is gcc and not c89 (= MSVC++)
+ with_gnu_ld=yes
+ ;;
+ openbsd*)
+ with_gnu_ld=no
+ ;;
+esac
+
+ld_shlibs=yes
+if test "$with_gnu_ld" = yes; then
+ # Set some defaults for GNU ld with shared library support. These
+ # are reset later if shared libraries are not supported. Putting them
+ # here allows them to be overridden if necessary.
+ # Unlike libtool, we use -rpath here, not --rpath, since the documented
+ # option of GNU ld is called -rpath, not --rpath.
+ hardcode_libdir_flag_spec='${wl}-rpath ${wl}$libdir'
+ case "$host_os" in
+ aix[3-9]*)
+ # On AIX/PPC, the GNU linker is very broken
+ if test "$host_cpu" != ia64; then
+ ld_shlibs=no
+ fi
+ ;;
+ amigaos*)
+ case "$host_cpu" in
+ powerpc)
+ ;;
+ m68k)
+ hardcode_libdir_flag_spec='-L$libdir'
+ hardcode_minus_L=yes
+ ;;
+ esac
+ ;;
+ beos*)
+ if $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then
+ :
+ else
+ ld_shlibs=no
+ fi
+ ;;
+ cygwin* | mingw* | pw32* | cegcc*)
+ # hardcode_libdir_flag_spec is actually meaningless, as there is
+ # no search path for DLLs.
+ hardcode_libdir_flag_spec='-L$libdir'
+ if $LD --help 2>&1 | grep 'auto-import' > /dev/null; then
+ :
+ else
+ ld_shlibs=no
+ fi
+ ;;
+ haiku*)
+ ;;
+ interix[3-9]*)
+ hardcode_direct=no
+ hardcode_libdir_flag_spec='${wl}-rpath,$libdir'
+ ;;
+ gnu* | linux* | tpf* | k*bsd*-gnu | kopensolaris*-gnu)
+ if $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then
+ :
+ else
+ ld_shlibs=no
+ fi
+ ;;
+ netbsd*)
+ ;;
+ solaris*)
+ if $LD -v 2>&1 | grep 'BFD 2\.8' > /dev/null; then
+ ld_shlibs=no
+ elif $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then
+ :
+ else
+ ld_shlibs=no
+ fi
+ ;;
+ sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX*)
+ case `$LD -v 2>&1` in
+ *\ [01].* | *\ 2.[0-9].* | *\ 2.1[0-5].*)
+ ld_shlibs=no
+ ;;
+ *)
+ if $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then
+ hardcode_libdir_flag_spec='`test -z "$SCOABSPATH" && echo ${wl}-rpath,$libdir`'
+ else
+ ld_shlibs=no
+ fi
+ ;;
+ esac
+ ;;
+ sunos4*)
+ hardcode_direct=yes
+ ;;
+ *)
+ if $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then
+ :
+ else
+ ld_shlibs=no
+ fi
+ ;;
+ esac
+ if test "$ld_shlibs" = no; then
+ hardcode_libdir_flag_spec=
+ fi
+else
+ case "$host_os" in
+ aix3*)
+ # Note: this linker hardcodes the directories in LIBPATH if there
+ # are no directories specified by -L.
+ hardcode_minus_L=yes
+ if test "$GCC" = yes; then
+ # Neither direct hardcoding nor static linking is supported with a
+ # broken collect2.
+ hardcode_direct=unsupported
+ fi
+ ;;
+ aix[4-9]*)
+ if test "$host_cpu" = ia64; then
+ # On IA64, the linker does run time linking by default, so we don't
+ # have to do anything special.
+ aix_use_runtimelinking=no
+ else
+ aix_use_runtimelinking=no
+ # Test if we are trying to use run time linking or normal
+ # AIX style linking. If -brtl is somewhere in LDFLAGS, we
+ # need to do runtime linking.
+ case $host_os in aix4.[23]|aix4.[23].*|aix[5-9]*)
+ for ld_flag in $LDFLAGS; do
+ if (test $ld_flag = "-brtl" || test $ld_flag = "-Wl,-brtl"); then
+ aix_use_runtimelinking=yes
+ break
+ fi
+ done
+ ;;
+ esac
+ fi
+ hardcode_direct=yes
+ hardcode_libdir_separator=':'
+ if test "$GCC" = yes; then
+ case $host_os in aix4.[012]|aix4.[012].*)
+ collect2name=`${CC} -print-prog-name=collect2`
+ if test -f "$collect2name" && \
+ strings "$collect2name" | grep resolve_lib_name >/dev/null
+ then
+ # We have reworked collect2
+ :
+ else
+ # We have old collect2
+ hardcode_direct=unsupported
+ hardcode_minus_L=yes
+ hardcode_libdir_flag_spec='-L$libdir'
+ hardcode_libdir_separator=
+ fi
+ ;;
+ esac
+ fi
+ # Begin _LT_AC_SYS_LIBPATH_AIX.
+ echo 'int main () { return 0; }' > conftest.c
+ ${CC} ${LDFLAGS} conftest.c -o conftest
+ aix_libpath=`dump -H conftest 2>/dev/null | sed -n -e '/Import File Strings/,/^$/ { /^0/ { s/^0 *\(.*\)$/\1/; p; }
+}'`
+ if test -z "$aix_libpath"; then
+ aix_libpath=`dump -HX64 conftest 2>/dev/null | sed -n -e '/Import File Strings/,/^$/ { /^0/ { s/^0 *\(.*\)$/\1/; p; }
+}'`
+ fi
+ if test -z "$aix_libpath"; then
+ aix_libpath="/usr/lib:/lib"
+ fi
+ rm -f conftest.c conftest
+ # End _LT_AC_SYS_LIBPATH_AIX.
+ if test "$aix_use_runtimelinking" = yes; then
+ hardcode_libdir_flag_spec='${wl}-blibpath:$libdir:'"$aix_libpath"
+ else
+ if test "$host_cpu" = ia64; then
+ hardcode_libdir_flag_spec='${wl}-R $libdir:/usr/lib:/lib'
+ else
+ hardcode_libdir_flag_spec='${wl}-blibpath:$libdir:'"$aix_libpath"
+ fi
+ fi
+ ;;
+ amigaos*)
+ case "$host_cpu" in
+ powerpc)
+ ;;
+ m68k)
+ hardcode_libdir_flag_spec='-L$libdir'
+ hardcode_minus_L=yes
+ ;;
+ esac
+ ;;
+ bsdi[45]*)
+ ;;
+ cygwin* | mingw* | pw32* | cegcc*)
+ # When not using gcc, we currently assume that we are using
+ # Microsoft Visual C++.
+ # hardcode_libdir_flag_spec is actually meaningless, as there is
+ # no search path for DLLs.
+ hardcode_libdir_flag_spec=' '
+ libext=lib
+ ;;
+ darwin* | rhapsody*)
+ hardcode_direct=no
+ if { case $cc_basename in ifort*) true;; *) test "$GCC" = yes;; esac; }; then
+ :
+ else
+ ld_shlibs=no
+ fi
+ ;;
+ dgux*)
+ hardcode_libdir_flag_spec='-L$libdir'
+ ;;
+ freebsd2.[01]*)
+ hardcode_direct=yes
+ hardcode_minus_L=yes
+ ;;
+ freebsd* | dragonfly*)
+ hardcode_libdir_flag_spec='-R$libdir'
+ hardcode_direct=yes
+ ;;
+ hpux9*)
+ hardcode_libdir_flag_spec='${wl}+b ${wl}$libdir'
+ hardcode_libdir_separator=:
+ hardcode_direct=yes
+ # hardcode_minus_L: Not really in the search PATH,
+ # but as the default location of the library.
+ hardcode_minus_L=yes
+ ;;
+ hpux10*)
+ if test "$with_gnu_ld" = no; then
+ hardcode_libdir_flag_spec='${wl}+b ${wl}$libdir'
+ hardcode_libdir_separator=:
+ hardcode_direct=yes
+ # hardcode_minus_L: Not really in the search PATH,
+ # but as the default location of the library.
+ hardcode_minus_L=yes
+ fi
+ ;;
+ hpux11*)
+ if test "$with_gnu_ld" = no; then
+ hardcode_libdir_flag_spec='${wl}+b ${wl}$libdir'
+ hardcode_libdir_separator=:
+ case $host_cpu in
+ hppa*64*|ia64*)
+ hardcode_direct=no
+ ;;
+ *)
+ hardcode_direct=yes
+ # hardcode_minus_L: Not really in the search PATH,
+ # but as the default location of the library.
+ hardcode_minus_L=yes
+ ;;
+ esac
+ fi
+ ;;
+ irix5* | irix6* | nonstopux*)
+ hardcode_libdir_flag_spec='${wl}-rpath ${wl}$libdir'
+ hardcode_libdir_separator=:
+ ;;
+ netbsd*)
+ hardcode_libdir_flag_spec='-R$libdir'
+ hardcode_direct=yes
+ ;;
+ newsos6)
+ hardcode_direct=yes
+ hardcode_libdir_flag_spec='${wl}-rpath ${wl}$libdir'
+ hardcode_libdir_separator=:
+ ;;
+ *nto* | *qnx*)
+ ;;
+ openbsd*)
+ if test -f /usr/libexec/ld.so; then
+ hardcode_direct=yes
+ if test -z "`echo __ELF__ | $CC -E - | grep __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then
+ hardcode_libdir_flag_spec='${wl}-rpath,$libdir'
+ else
+ case "$host_os" in
+ openbsd[01].* | openbsd2.[0-7] | openbsd2.[0-7].*)
+ hardcode_libdir_flag_spec='-R$libdir'
+ ;;
+ *)
+ hardcode_libdir_flag_spec='${wl}-rpath,$libdir'
+ ;;
+ esac
+ fi
+ else
+ ld_shlibs=no
+ fi
+ ;;
+ os2*)
+ hardcode_libdir_flag_spec='-L$libdir'
+ hardcode_minus_L=yes
+ ;;
+ osf3*)
+ hardcode_libdir_flag_spec='${wl}-rpath ${wl}$libdir'
+ hardcode_libdir_separator=:
+ ;;
+ osf4* | osf5*)
+ if test "$GCC" = yes; then
+ hardcode_libdir_flag_spec='${wl}-rpath ${wl}$libdir'
+ else
+ # Both cc and cxx compiler support -rpath directly
+ hardcode_libdir_flag_spec='-rpath $libdir'
+ fi
+ hardcode_libdir_separator=:
+ ;;
+ solaris*)
+ hardcode_libdir_flag_spec='-R$libdir'
+ ;;
+ sunos4*)
+ hardcode_libdir_flag_spec='-L$libdir'
+ hardcode_direct=yes
+ hardcode_minus_L=yes
+ ;;
+ sysv4)
+ case $host_vendor in
+ sni)
+ hardcode_direct=yes # is this really true???
+ ;;
+ siemens)
+ hardcode_direct=no
+ ;;
+ motorola)
+ hardcode_direct=no #Motorola manual says yes, but my tests say they lie
+ ;;
+ esac
+ ;;
+ sysv4.3*)
+ ;;
+ sysv4*MP*)
+ if test -d /usr/nec; then
+ ld_shlibs=yes
+ fi
+ ;;
+ sysv4*uw2* | sysv5OpenUNIX* | sysv5UnixWare7.[01].[10]* | unixware7* | sco3.2v5.0.[024]*)
+ ;;
+ sysv5* | sco3.2v5* | sco5v6*)
+ hardcode_libdir_flag_spec='`test -z "$SCOABSPATH" && echo ${wl}-R,$libdir`'
+ hardcode_libdir_separator=':'
+ ;;
+ uts4*)
+ hardcode_libdir_flag_spec='-L$libdir'
+ ;;
+ *)
+ ld_shlibs=no
+ ;;
+ esac
+fi
+
+# Check dynamic linker characteristics
+# Code taken from libtool.m4's _LT_SYS_DYNAMIC_LINKER.
+# Unlike libtool.m4, here we don't care about _all_ names of the library, but
+# only about the one the linker finds when passed -lNAME. This is the last
+# element of library_names_spec in libtool.m4, or possibly two of them if the
+# linker has special search rules.
+library_names_spec= # the last element of library_names_spec in libtool.m4
+libname_spec='lib$name'
+case "$host_os" in
+ aix3*)
+ library_names_spec='$libname.a'
+ ;;
+ aix[4-9]*)
+ library_names_spec='$libname$shrext'
+ ;;
+ amigaos*)
+ case "$host_cpu" in
+ powerpc*)
+ library_names_spec='$libname$shrext' ;;
+ m68k)
+ library_names_spec='$libname.a' ;;
+ esac
+ ;;
+ beos*)
+ library_names_spec='$libname$shrext'
+ ;;
+ bsdi[45]*)
+ library_names_spec='$libname$shrext'
+ ;;
+ cygwin* | mingw* | pw32* | cegcc*)
+ shrext=.dll
+ library_names_spec='$libname.dll.a $libname.lib'
+ ;;
+ darwin* | rhapsody*)
+ shrext=.dylib
+ library_names_spec='$libname$shrext'
+ ;;
+ dgux*)
+ library_names_spec='$libname$shrext'
+ ;;
+ freebsd[23].*)
+ library_names_spec='$libname$shrext$versuffix'
+ ;;
+ freebsd* | dragonfly*)
+ library_names_spec='$libname$shrext'
+ ;;
+ gnu*)
+ library_names_spec='$libname$shrext'
+ ;;
+ haiku*)
+ library_names_spec='$libname$shrext'
+ ;;
+ hpux9* | hpux10* | hpux11*)
+ case $host_cpu in
+ ia64*)
+ shrext=.so
+ ;;
+ hppa*64*)
+ shrext=.sl
+ ;;
+ *)
+ shrext=.sl
+ ;;
+ esac
+ library_names_spec='$libname$shrext'
+ ;;
+ interix[3-9]*)
+ library_names_spec='$libname$shrext'
+ ;;
+ irix5* | irix6* | nonstopux*)
+ library_names_spec='$libname$shrext'
+ case "$host_os" in
+ irix5* | nonstopux*)
+ libsuff= shlibsuff=
+ ;;
+ *)
+ case $LD in
+ *-32|*"-32 "|*-melf32bsmip|*"-melf32bsmip ") libsuff= shlibsuff= ;;
+ *-n32|*"-n32 "|*-melf32bmipn32|*"-melf32bmipn32 ") libsuff=32 shlibsuff=N32 ;;
+ *-64|*"-64 "|*-melf64bmip|*"-melf64bmip ") libsuff=64 shlibsuff=64 ;;
+ *) libsuff= shlibsuff= ;;
+ esac
+ ;;
+ esac
+ ;;
+ linux*oldld* | linux*aout* | linux*coff*)
+ ;;
+ linux* | k*bsd*-gnu | kopensolaris*-gnu)
+ library_names_spec='$libname$shrext'
+ ;;
+ knetbsd*-gnu)
+ library_names_spec='$libname$shrext'
+ ;;
+ netbsd*)
+ library_names_spec='$libname$shrext'
+ ;;
+ newsos6)
+ library_names_spec='$libname$shrext'
+ ;;
+ *nto* | *qnx*)
+ library_names_spec='$libname$shrext'
+ ;;
+ openbsd*)
+ library_names_spec='$libname$shrext$versuffix'
+ ;;
+ os2*)
+ libname_spec='$name'
+ shrext=.dll
+ library_names_spec='$libname.a'
+ ;;
+ osf3* | osf4* | osf5*)
+ library_names_spec='$libname$shrext'
+ ;;
+ rdos*)
+ ;;
+ solaris*)
+ library_names_spec='$libname$shrext'
+ ;;
+ sunos4*)
+ library_names_spec='$libname$shrext$versuffix'
+ ;;
+ sysv4 | sysv4.3*)
+ library_names_spec='$libname$shrext'
+ ;;
+ sysv4*MP*)
+ library_names_spec='$libname$shrext'
+ ;;
+ sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX* | sysv4*uw2*)
+ library_names_spec='$libname$shrext'
+ ;;
+ tpf*)
+ library_names_spec='$libname$shrext'
+ ;;
+ uts4*)
+ library_names_spec='$libname$shrext'
+ ;;
+esac
+
+sed_quote_subst='s/\(["`$\\]\)/\\\1/g'
+escaped_wl=`echo "X$wl" | sed -e 's/^X//' -e "$sed_quote_subst"`
+shlibext=`echo "$shrext" | sed -e 's,^\.,,'`
+escaped_libname_spec=`echo "X$libname_spec" | sed -e 's/^X//' -e "$sed_quote_subst"`
+escaped_library_names_spec=`echo "X$library_names_spec" | sed -e 's/^X//' -e "$sed_quote_subst"`
+escaped_hardcode_libdir_flag_spec=`echo "X$hardcode_libdir_flag_spec" | sed -e 's/^X//' -e "$sed_quote_subst"`
+
+LC_ALL=C sed -e 's/^\([a-zA-Z0-9_]*\)=/acl_cv_\1=/' <<EOF
+
+# How to pass a linker flag through the compiler.
+wl="$escaped_wl"
+
+# Static library suffix (normally "a").
+libext="$libext"
+
+# Shared library suffix (normally "so").
+shlibext="$shlibext"
+
+# Format of library name prefix.
+libname_spec="$escaped_libname_spec"
+
+# Library names that the linker finds when passed -lNAME.
+library_names_spec="$escaped_library_names_spec"
+
+# Flag to hardcode \$libdir into a binary during linking.
+# This must work even if \$libdir does not exist.
+hardcode_libdir_flag_spec="$escaped_hardcode_libdir_flag_spec"
+
+# Whether we need a single -rpath flag with a separated argument.
+hardcode_libdir_separator="$hardcode_libdir_separator"
+
+# Set to yes if using DIR/libNAME.so during linking hardcodes DIR into the
+# resulting binary.
+hardcode_direct="$hardcode_direct"
+
+# Set to yes if using the -LDIR flag during linking hardcodes DIR into the
+# resulting binary.
+hardcode_minus_L="$hardcode_minus_L"
+
+EOF
diff --git a/configure.ac b/configure.ac
new file mode 100644
index 0000000..65ae2c8
--- /dev/null
+++ b/configure.ac
@@ -0,0 +1,349 @@
+# -*- Autoconf -*-
+# Process this file with autoconf to produce a configure script.
+#
+# This configure file is in the public domain
+
+AC_PREREQ([2.69])
+AC_INIT([anastasis], [0.0.0], [taler-bug@gnu.org])
+AC_CONFIG_SRCDIR([src/backend/anastasis-httpd.c])
+AC_CONFIG_HEADERS([anastasis_config.h])
+# support for non-recursive builds
+AM_INIT_AUTOMAKE([subdir-objects 1.9 tar-pax])
+
+# pretty build rules
+AM_SILENT_RULES([yes])
+
+AC_CONFIG_MACRO_DIR([m4])
+
+AC_PROG_AWK
+AC_PROG_CC_C99
+AC_PROG_OBJC
+AC_PROG_INSTALL
+AC_PROG_LN_S
+AC_PROG_MAKE_SET
+AM_PROG_CC_C_O
+
+LT_INIT([disable-static dlopen])
+
+DX_INIT_DOXYGEN([anastasis],,,
+DX_PS_FEATURE(OFF),
+DX_PDF_FEATURE(OFF),
+DX_RTF_FEATURE(OFF),
+DX_CHI_FEATURE(OFF),
+DX_XML_FEATURE(OFF))
+
+AC_MSG_CHECKING([whether to compile documentation ONLY])
+AC_ARG_ENABLE([only-doc],
+ [AS_HELP_STRING([--enable-only-doc], [only compile Taler documentation])],
+ [doc_only=${enableval}],
+ [doc_only=no])
+AC_MSG_RESULT($doc_only)
+AM_CONDITIONAL([DOC_ONLY], [test "$doc_only" = "yes"])
+
+
+# Not indented as it covers most of the file...
+AS_IF([test "x$doc_only" != xyes],[
+
+
+# Checks for programs.
+AC_PROG_CC
+AC_PROG_CC_C99
+
+# check for gettext
+AM_GNU_GETTEXT([external])
+AM_GNU_GETTEXT_VERSION([0.19.8])
+
+
+CFLAGS="-Wall $CFLAGS"
+
+# Checks for header files.
+AC_CHECK_HEADERS([stdint.h stdlib.h string.h unistd.h])
+
+ANASTASIS_LIB_LDFLAGS="-export-dynamic -no-undefined"
+ANASTASIS_PLUGIN_LDFLAGS="-export-dynamic -avoid-version -module -no-undefined"
+
+AC_SUBST(TALER_LIB_LDFLAGS)
+AC_SUBST(TALER_PLUGIN_LDFLAGS)
+
+
+# check for libgnurl
+# libgnurl
+LIBGNURL_CHECK_CONFIG(,7.34.0,gnurl=1,gnurl=0)
+AS_IF([test "x$gnurl" = x1],[
+ AM_CONDITIONAL(HAVE_LIBGNURL, true)
+ AC_DEFINE([HAVE_LIBGNURL],[1],[Have libgnurl])
+],[
+ AM_CONDITIONAL(HAVE_LIBGNURL, false)
+])
+
+# libcurl-gnutls
+LIBCURL_CHECK_CONFIG(,7.34.0,[curl=true],[curl=false])
+AS_IF([test "x$curl" = xtrue],
+ [LDFLAGS="-L$with_libcurl/lib $LDFLAGS"
+ CPPFLAGS="-I$with_libcurl/include $CPPFLAGS"
+ AC_CHECK_HEADERS([curl/curl.h],
+ [AC_CHECK_DECLS(CURLINFO_TLS_SESSION,
+ [curl=true],
+ [curl=false],
+ [[#include <curl/curl.h>]])],
+ [curl=false])
+ # need libcurl-gnutls.so, everything else is not acceptable
+ AC_CHECK_LIB([curl-gnutls],
+ [curl_easy_getinfo],,
+ [curl=false])])
+ # cURL must support CURLINFO_TLS_SESSION, version >= 7.34
+
+# Check for curl/curl.h and gnurl/curl.h so we can use #ifdef
+# HAVE_CURL_CURL_H later (the above LIBCURL_CHECK_CONFIG accepted
+# *either* header set).
+AC_CHECK_HEADERS([curl/curl.h],,
+ curl=false
+ AC_CHECK_HEADERS([gnurl/curl.h],,
+ gnurl=false))
+
+# libgnurl
+AS_IF([test "x$gnurl" = "x0"],
+ [AS_IF([test "x$curl" = "x0"],
+ [AC_MSG_NOTICE([NOTICE: libgnurl not found. taler-bank support will not be compiled.])],
+ [AC_MSG_NOTICE([WARNING: libgnurl not found, trying to use libcurl-gnutls instead.])])])
+
+AS_IF([test x$curl = xfalse],
+ [AM_CONDITIONAL(HAVE_LIBCURL, false)
+ AS_IF([test "x$gnurl" = "x0"],
+ [AC_MSG_WARN([GNU Taler requires libcurl-gnutls >= 7.34])])],
+ [AM_CONDITIONAL(HAVE_LIBCURL, true)
+ AC_DEFINE([HAVE_LIBCURL],[1],[Have CURL])])
+
+# gcov compilation
+AC_MSG_CHECKING(whether to compile with support for code coverage analysis)
+AC_ARG_ENABLE([coverage],
+ AS_HELP_STRING([--enable-coverage],
+ [compile the library with code coverage support]),
+ [use_gcov=${enableval}],
+ [use_gcov=no])
+AC_MSG_RESULT($use_gcov)
+AM_CONDITIONAL([USE_COVERAGE], [test "x$use_gcov" = "xyes"])
+
+
+# Check for GNUnet's libgnunetutil.
+libgnunetutil=0
+AC_MSG_CHECKING([for libgnunetutil])
+AC_ARG_WITH(gnunet,
+ [AS_HELP_STRING([--with-gnunet=PFX], [base of GNUnet installation])],
+ [AC_MSG_RESULT([given as $with_gnunet])],
+ [AC_MSG_RESULT(not given)
+ with_gnunet=yes])
+AS_CASE([$with_gnunet],
+ [yes], [],
+ [no], [AC_MSG_ERROR([--with-gnunet is required])],
+ [LDFLAGS="-L$with_gnunet/lib $LDFLAGS"
+ CPPFLAGS="-I$with_gnunet/include $CPPFLAGS"])
+AC_CHECK_HEADERS([gnunet/platform.h gnunet/gnunet_util_lib.h],
+ [AC_CHECK_LIB([gnunetutil],
+ [GNUNET_SCHEDULER_run],
+ [libgnunetutil=1])],
+ [],
+ [#ifdef HAVE_GNUNET_PLATFORM_H
+ #include <gnunet/platform.h>
+ #endif])
+AS_IF([test $libgnunetutil != 1],
+ [AC_MSG_ERROR([[
+***
+*** You need libgnunetutil to build this program.
+*** This library is part of GNUnet, available at
+*** https://gnunet.org
+*** ]])])
+
+
+# test for postgres
+AX_LIB_POSTGRESQL([9.3])
+AS_IF([test "x$found_postgresql" = "xyes"],[postgres=true])
+AM_CONDITIONAL(HAVE_POSTGRESQL, test x$postgres = xtrue)
+
+
+
+
+# Check for Taler's libtalerutil
+libtalerutil=0
+AC_MSG_CHECKING([for libtalerutil])
+AC_ARG_WITH(exchange,
+ [AS_HELP_STRING([--with-exchange=PFX], [base of Taler EXCHANGE installation])],
+ [AC_MSG_RESULT([given as $with_exchange])],
+ [AC_MSG_RESULT(not given)
+ with_exchange=yes])
+AS_CASE([$with_exchange],
+ [yes], [],
+ [no], [AC_MSG_ERROR([--with-exchange is required])],
+ [LDFLAGS="-L$with_exchange/lib $LDFLAGS"
+ CPPFLAGS="-I$with_exchange/include $CPPFLAGS $POSTGRESQL_CPPFLAGS"])
+
+CPPFLAGS="$CPPFLAGS $POSTGRESQL_CPPFLAGS"
+LDFLAGS="$LDFLAGS -L/usr/local/lib"
+
+AC_CHECK_HEADERS([taler/taler_util.h],
+ [AC_CHECK_LIB([talerutil],
+ [TALER_b2s],
+ [libtalerutil=1],
+ [AC_MSG_ERROR([libtalerutil not found])])],
+ [AC_MSG_ERROR([taler/taler_util.h not found])],
+ [#include <taler/platform.h>])
+
+# Check for Taler's libtalermerchant
+libtalermerchant=0
+AC_MSG_CHECKING([for libtalermerchant])
+AC_ARG_WITH(merchant,
+ [AS_HELP_STRING([--with-merchant=PFX], [base of Taler MERCHANT installation])],
+ [AC_MSG_RESULT([given as $with_merchant])],
+ [AC_MSG_RESULT(not given)
+ with_merchant=yes])
+AS_CASE([$with_merchant],
+ [yes], [],
+ [no], [AC_MSG_ERROR([--with-merchant is required])],
+ [LDFLAGS="-L$with_merchant/lib $LDFLAGS"
+ CPPFLAGS="-I$with_merchant/include $CPPFLAGS $POSTGRESQL_CPPFLAGS"])
+
+AC_CHECK_HEADERS([taler/taler_merchant_service.h],
+ [AC_CHECK_LIB([talermerchant],
+ [TALER_MERCHANT_parse_pay_uri],
+ [libtalermerchant=1],
+ [AC_MSG_ERROR([libtalermerchant not found])])],
+ [AC_MSG_ERROR([taler/taler_merchant_service.h found])],
+ [#include <taler/platform.h>])
+
+
+
+
+# check for libmicrohttpd
+microhttpd=0
+AC_MSG_CHECKING([for microhttpd])
+AC_ARG_WITH([microhttpd],
+ [AS_HELP_STRING([--with-microhttpd=PFX], [base of microhttpd installation])],
+ [AC_MSG_RESULT([given as $with_microhttpd])],
+ [AC_MSG_RESULT([not given])
+ with_microhttpd=yes])
+AS_CASE([$with_microhttpd],
+ [yes], [],
+ [no], [AC_MSG_ERROR([--with-microhttpd is required])],
+ [LDFLAGS="-L$with_microhttpd/lib $LDFLAGS"
+ CPPFLAGS="-I$with_microhttpd/include $CPPFLAGS"])
+AC_CHECK_LIB(microhttpd,MHD_start_daemon,
+ [AC_CHECK_HEADER([microhttpd.h],[microhttpd=1])])
+AS_IF([test $microhttpd = 0],
+ [AC_MSG_ERROR([[
+***
+*** You need libmicrohttpd to build this program.
+*** ]])])
+
+jansson=0
+PKG_CHECK_MODULES([JANSSON], [jansson >= 2.3],
+ [LDFLAGS="$JANSSON_LIBS $LDFLAGS"
+ CPPFLAGS="$JANSSON_CFLAGS $CPPFLAGS"],
+ [AC_MSG_ERROR([[
+***
+*** You need libjansson to build this program.
+***]])])
+
+
+# Require minimum libgcrypt version
+need_libgcrypt_version=1.6.1
+AC_DEFINE_UNQUOTED([NEED_LIBGCRYPT_VERSION], ["$need_libgcrypt_version"],
+ [minimum version of libgcrypt required])
+AM_PATH_LIBGCRYPT([$need_libgcrypt_version])
+
+# logging
+extra_logging=0
+AC_ARG_ENABLE([logging],
+ AS_HELP_STRING([--enable-logging@<:@=value@:>@],[Enable logging calls. Possible values: yes,no,verbose ('yes' is the default)]),
+ [AS_IF([test "x$enableval" = "xyes"], [],
+ [test "x$enableval" = "xno"], [AC_DEFINE([GNUNET_CULL_LOGGING],[],[Define to cull all logging calls])],
+ [test "x$enableval" = "xverbose"], [extra_logging=1]
+ [test "x$enableval" = "xveryverbose"], [extra_logging=2])
+ ], [])
+AC_DEFINE_UNQUOTED([GNUNET_EXTRA_LOGGING],[$extra_logging],[1 if extra logging is enabled, 2 for very verbose extra logging, 0 otherwise])
+
+# version info
+AC_PATH_PROG(gitcommand, git)
+AC_MSG_CHECKING(for source being under a VCS)
+git_version=
+AS_IF([test ! "X$gitcommand" = "X"],
+[
+ git_version=$(cd $srcdir ; git rev-list --full-history --all --abbrev-commit | head -n 1 2>/dev/null)
+])
+AS_IF([test "X$git_version" = "X"],
+ [
+ vcs_name="no"
+ vcs_version="\"release\""
+ ],
+ [
+ vcs_name="yes, git-svn"
+ vcs_version="\"git-$git_version\""
+ ])
+AC_MSG_RESULT($vcs_name)
+
+AC_MSG_CHECKING(VCS version)
+AC_MSG_RESULT($vcs_version)
+AC_DEFINE_UNQUOTED(VCS_VERSION, [$vcs_version], [VCS revision/hash or tarball version])
+
+# Checks for typedefs, structures, and compiler characteristics.
+AC_TYPE_PID_T
+AC_TYPE_SIZE_T
+AC_TYPE_UINT16_T
+AC_TYPE_UINT32_T
+AC_TYPE_UINT64_T
+AC_TYPE_INTMAX_T
+AC_TYPE_UINTMAX_T
+
+# Checks for library functions.
+AC_CHECK_FUNCS([strdup])
+
+
+AC_ARG_ENABLE([[doc]],
+ [AS_HELP_STRING([[--disable-doc]], [do not build any documentation])], ,
+ [enable_doc=yes])
+test "x$enable_doc" = "xno" || enable_doc=yes
+AM_CONDITIONAL([ENABLE_DOC], [test "x$enable_doc" = "xyes"])
+
+
+],[ # this is about the doc-only if on top of the file
+
+# logic if doc_only is set, make sure conditionals are still defined
+AM_CONDITIONAL([HAVE_POSTGRESQL], [false])
+AM_CONDITIONAL([HAVE_LIBCURL], [false])
+AM_CONDITIONAL([HAVE_LIBGNURL], [false])
+AM_CONDITIONAL([USE_COVERAGE], [false])
+AM_CONDITIONAL([ENABLE_DOC], [true])
+
+
+# end of 'doc_only'
+])
+
+
+# should experimental code be compiled (code that may not yet compile / have passing test cases)?
+AC_MSG_CHECKING(whether to compile experimental code)
+AC_ARG_ENABLE([experimental],
+ [AS_HELP_STRING([--enable-experimental], [enable compiling experimental code])],
+ [enable_experimental=${enableval}],
+ [enable_experimental=no])
+AC_MSG_RESULT($enable_experimental)
+AM_CONDITIONAL([HAVE_EXPERIMENTAL], [test "x$enable_experimental" = "xyes"])
+
+
+AC_CONFIG_FILES([
+Makefile
+contrib/Makefile
+doc/Makefile
+doc/doxygen/Makefile
+po/Makefile.in
+src/Makefile
+src/authorization/Makefile
+src/backend/Makefile
+src/cli/Makefile
+src/include/Makefile
+src/lib/Makefile
+src/util/Makefile
+src/reducer/Makefile
+src/restclient/Makefile
+src/stasis/Makefile
+src/testing/Makefile
+])
+AC_OUTPUT
diff --git a/contrib/Makefile.am b/contrib/Makefile.am
new file mode 100644
index 0000000..4304bcf
--- /dev/null
+++ b/contrib/Makefile.am
@@ -0,0 +1,31 @@
+# This Makefile.am is in the public domain
+# Process this file with automake to produce Makefile.in
+
+SUBDIRS = .
+
+pkgdatadir= $(prefix)/share/anastasis/
+
+EXTRA_DIST = \
+ $(pkgdata_DATA) \
+ pogen.sh \
+ gana.sh \
+ gana-update.sh \
+ gnunet.tag \
+ microhttpd.tag
+
+pkgdata_DATA = \
+ redux.al.json \
+ redux.be.json \
+ redux.ch.json \
+ redux.cz.json \
+ redux.de.json \
+ redux.dk.json \
+ redux.in.json \
+ redux.it.json \
+ redux.jp.json \
+ redux.sk.json \
+ redux.us.json \
+ redux.xx.json \
+ redux.xy.json \
+ redux.countries.json \
+ provider-list.json
diff --git a/contrib/gana b/contrib/gana
new file mode 160000
+Subproject 0f1eb8555b89056fe62e093211e53a1f9ba85d5
diff --git a/contrib/gana-update.sh b/contrib/gana-update.sh
new file mode 100755
index 0000000..94b2719
--- /dev/null
+++ b/contrib/gana-update.sh
@@ -0,0 +1,11 @@
+#!/bin/sh
+# Helper script to recompute error codes based on submodule
+# Run from exchange/ main directory.
+set -eu
+
+# Generate taler-error-codes.h in gana and copy it to
+# src/include/taler_error_codes.h
+cd contrib/gana/gnu-taler-error-codes
+make
+cd ../../..
+cat contrib/gana/gnu-taler-error-codes/taler_error_codes.h | sed -e "s/GNU_TALER_ERROR_CODES_H/GNU_ANASTASIS_ERROR_CODES_H/" -e "s/taler_error_codes.h/anastasis_error_codes.h/" > src/include/anastasis_error_codes.h
diff --git a/contrib/gana.sh b/contrib/gana.sh
new file mode 100755
index 0000000..30dc799
--- /dev/null
+++ b/contrib/gana.sh
@@ -0,0 +1,10 @@
+#!/bin/sh
+# Helper script to update to latest GANA
+# Run from exchange/ main directory.
+set -eu
+
+cd contrib/gana
+git pull origin master
+cd ../..
+
+exec ./contrib/gana-update.sh
diff --git a/contrib/gnunet.tag b/contrib/gnunet.tag
new file mode 100644
index 0000000..f270ba5
--- /dev/null
+++ b/contrib/gnunet.tag
@@ -0,0 +1,235 @@
+<?xml version='1.0' encoding='UTF-8' standalone='yes' ?>
+<tagfile>
+ <compound kind="file">
+ <name>gnunet_util_lib.h</name>
+ <path></path>
+ <filename>gnunet_util_lib.h</filename>
+ <member kind="define">
+ <type>#define</type>
+ <name>GNUNET_YES</name>
+ <anchorfile>gnunet_util_lib.h</anchorfile>
+ <arglist></arglist>
+ </member>
+ <member kind="define">
+ <type>#define</type>
+ <name>GNUNET_OK</name>
+ <anchorfile>gnunet_util_lib.h</anchorfile>
+ <arglist></arglist>
+ </member>
+ <member kind="define">
+ <type>#define</type>
+ <name>GNUNET_NO</name>
+ <anchorfile>gnunet_util_lib.h</anchorfile>
+ <arglist></arglist>
+ </member>
+ <member kind="define">
+ <type>#define</type>
+ <name>GNUNET_SYSERR</name>
+ <anchorfile>gnunet_util_lib.h</anchorfile>
+ <arglist></arglist>
+ </member>
+ <member kind="define">
+ <type>#define</type>
+ <name>GNUNET_TIME_UNIT_FOREVER_ABS</name>
+ <anchorfile>gnunet_util_lib.h</anchorfile>
+ <arglist></arglist>
+ </member>
+ </compound>
+
+ <compound kind="file">
+ <name>gnunet_common.h</name>
+ <path></path>
+ <filename>gnunet_db_lib.h</filename>
+ <member kind="define">
+ <type>#define</type>
+ <name>GNUNET_free</name>
+ <anchorfile>gnunet_common.h</anchorfile>
+ <arglist>(ptr)</arglist>
+ </member>
+ <member kind="define">
+ <type>#define</type>
+ <name>GNUNET_free_non_null</name>
+ <anchorfile>gnunet_common.h</anchorfile>
+ <arglist>(ptr)</arglist>
+ </member>
+ <member kind="define">
+ <type>#define</type>
+ <name>GNUNET_malloc_large</name>
+ <anchorfile>gnunet_common.h</anchorfile>
+ <arglist>(size)</arglist>
+ </member>
+ <member kind="define">
+ <type>#define</type>
+ <name>GNUNET_realloc</name>
+ <anchorfile>gnunet_common.h</anchorfile>
+ <arglist>(ptr, size)</arglist>
+ </member>
+ <member kind="define">
+ <type>#define</type>
+ <name>GNUNET_new</name>
+ <anchorfile>gnunet_common.h</anchorfile>
+ <arglist>(type)</arglist>
+ </member>
+ <member kind="define">
+ <type>#define</type>
+ <name>GNUNET_malloc</name>
+ <anchorfile>gnunet_common.h</anchorfile>
+ <arglist>(size)</arglist>
+ </member>
+ <member kind="define">
+ <type>#define</type>
+ <name>GNUNET_new_array</name>
+ <anchorfile>gnunet_common.h</anchorfile>
+ <arglist>(n, type)</arglist>
+ </member>
+ </compound>
+
+ <compound kind="file">
+ <name>gnunet_strings_lib.h</name>
+ <path></path>
+ <filename>gnunet_strings_lib.h</filename>
+ <member kind="function">
+ <type>#define</type>
+ <name>GNUNET_STRINGS_filename_expand</name>
+ <anchorfile>gnunet_strings_lib.h</anchorfile>
+ <arglist>(const char *name)</arglist>
+ </member>
+ </compound>
+
+ <compound kind="file">
+ <name>gnunet_db_lib.h</name>
+ <path></path>
+ <filename>gnunet_db_lib.h</filename>
+ <member kind="define">
+ <type>#define</type>
+ <name>GNUNET_DB_STATUS_SUCCESS_ONE_RESULT</name>
+ <anchorfile>gnunet_db_lib.h</anchorfile>
+ <arglist></arglist>
+ </member>
+ <member kind="define">
+ <type>#define</type>
+ <name>GNUNET_DB_STATUS_SUCCESS_NO_RESULTS</name>
+ <anchorfile>gnunet_db_lib.h</anchorfile>
+ <arglist></arglist>
+ </member>
+ <member kind="define">
+ <type>#define</type>
+ <name>GNUNET_DB_STATUS_HARD_ERROR</name>
+ <anchorfile>gnunet_db_lib.h</anchorfile>
+ <arglist></arglist>
+ </member>
+ <member kind="define">
+ <type>#define</type>
+ <name>GNUNET_DB_STATUS_SOFT_ERROR</name>
+ <anchorfile>gnunet_db_lib.h</anchorfile>
+ <arglist></arglist>
+ </member>
+ </compound>
+ <compound kind="file">
+ <name>gnunet_pq_lib.h</name>
+ <path></path>
+ <filename>gnunet_pq_lib.h</filename>
+ <member kind="define">
+ <type>#define</type>
+ <name>GNUNET_PQ_query_param_auto_from_type</name>
+ <anchorfile>gnunet_pq_lib.h</anchorfile>
+ <arglist>(x)</arglist>
+ </member>
+ <member kind="define">
+ <type>#define</type>
+ <anchorfile>gnunet_pq_lib.h</anchorfile>
+ <name>GNUNET_PQ_result_spec_end</name>
+ <arglist></arglist>
+ </member>
+ <member kind="define">
+ <type>#define</type>
+ <anchorfile>gnunet_sq_lib.h</anchorfile>
+ <name>GNUNET_SQ_result_spec_absolute_time_nbo</name>
+ <arglist></arglist>
+ </member>
+ <member kind="define">
+ <type>#define</type>
+ <anchorfile>gnunet_pq_lib.h</anchorfile>
+ <name>GNUNET_PQ_result_spec_auto_from_type</name>
+ <arglist>(name, dst)</arglist>
+ </member>
+ <member kind="function">
+ <type>struct GNUNET_PQ_ResultSpec</type>
+ <name>GNUNET_PQ_result_spec_absolute_time</name>
+ <anchorfile>gnunet_pq_lib.h</anchorfile>
+ <arglist>(const char *name, struct GNUNET_TIME_Absolute *at)</arglist>
+ </member>
+ <member kind="function">
+ <type>struct GNUNET_PQ_ResultSpec</type>
+ <name>GNUNET_PQ_result_spec_absolute_time_nbo</name>
+ <anchorfile>gnunet_pq_lib.h</anchorfile>
+ <arglist>(const char *name, struct GNUNET_TIME_AbsoluteNBO *at)</arglist>
+ </member>
+ <member kind="define">
+ <type>#define</type>
+ <anchorfile>gnunet_pq_lib.h</anchorfile>
+ <name>GNUNET_PQ_PREPARED_STATEMENT_END</name>
+ <arglist></arglist>
+ </member>
+ <member kind="define">
+ <type>#define</type>
+ <anchorfile>gnunet_pq_lib.h</anchorfile>
+ <name>GNUNET_PQ_EXECUTE_STATEMENT_END</name>
+ <arglist></arglist>
+ </member>
+ <member kind="function">
+ <type>struct GNUNET_PQ_QueryParam</type>
+ <name>GNUNET_PQ_query_param_absolute_time</name>
+ <anchorfile>gnunet_pq_lib.h</anchorfile>
+ <arglist>(const struct GNUNET_TIME_Absolute *x)</arglist>
+ </member>
+ <member kind="function">
+ <type>struct GNUNET_PQ_QueryParam</type>
+ <name>GNUNET_PQ_query_param_absolute_time_nbo</name>
+ <anchorfile>gnunet_pq_lib.h</anchorfile>
+ <arglist>(const struct GNUNET_TIME_AbsoluteNBO *x)</arglist>
+ </member>
+ <member kind="function">
+ <type>struct GNUNET_SQ_QueryParam</type>
+ <name>GNUNET_SQ_query_param_absolute_time</name>
+ <anchorfile>gnunet_sq_lib.h</anchorfile>
+ <arglist>(const struct GNUNET_TIME_Absolute *x)</arglist>
+ </member>
+ <member kind="function">
+ <type>struct GNUNET_SQ_QueryParam</type>
+ <name>GNUNET_SQ_query_param_absolute_time_nbo</name>
+ <anchorfile>gnunet_sq_lib.h</anchorfile>
+ <arglist>(const struct GNUNET_TIME_Absolute *x)</arglist>
+ </member>
+ <member kind="function">
+ <type>struct GNUNET_SQ_QueryParam</type>
+ <name>GNUNET_PQ_query_param_absolute_time_nbo</name>
+ <anchorfile>gnunet_sq_lib.h</anchorfile>
+ <arglist>(const struct GNUNET_TIME_AbsoluteNBO *x)</arglist>
+ </member>
+ <member kind="define">
+ <type>#define</type>
+ <name>GNUNET_PQ_query_param_end</name>
+ <anchorfile>gnunet_pq_lib.h</anchorfile>
+ <arglist></arglist>
+ </member>
+ <member kind="define">
+ <type>#define</type>
+ <name>GNUNET_SQ_query_param_end</name>
+ <anchorfile>gnunet_sq_lib.h</anchorfile>
+ <arglist></arglist>
+ </member>
+ <member kind="typedef">
+ <type>int</type>
+ <name>GNUNET_PQ_ResultConverter</name>
+ <anchorfile>gnunet_pq_lib.h</anchorfile>
+ <arglist>)(void *cls, PGresult *result, int row, const char *fname, size_t *dst_size, void *dst)</arglist>
+ </member>
+ <member kind="typedef">
+ <type>int</type>
+ <name>GNUNET_SQ_ResultConverter</name>
+ <anchorfile>gnunet_sq_lib.h</anchorfile>
+ <arglist>)(void *cls, sqlite3_stmt *result, unsigned int column, size_t *dst_size, void *dst)</arglist>
+ </member>
+ </compound>
+</tagfile>
diff --git a/contrib/microhttpd.tag b/contrib/microhttpd.tag
new file mode 100644
index 0000000..5ae125e
--- /dev/null
+++ b/contrib/microhttpd.tag
@@ -0,0 +1,122 @@
+<?xml version='1.0' encoding='UTF-8' standalone='yes' ?>
+<tagfile>
+ <compound kind="file">
+ <name>microhttpd_lib.h</name>
+ <path></path>
+ <filename>microhttpd.h</filename>
+ <member kind="define">
+ <type>#define</type>
+ <name>MHD_YES</name>
+ <anchorfile>microhttpd.h</anchorfile>
+ <arglist></arglist>
+ </member>
+ <member kind="define">
+ <type>#define</type>
+ <name>MHD_NO</name>
+ <anchorfile>microhttpd.h</anchorfile>
+ <arglist></arglist>
+ </member>
+ <member kind="define">
+ <type>#define</type>
+ <name>MHD_HTTP_OK</name>
+ <anchorfile>microhttpd.h</anchorfile>
+ <arglist></arglist>
+ </member>
+ <member kind="define">
+ <type>#define</type>
+ <name>MHD_HTTP_BAD_REQUEST</name>
+ <anchorfile>microhttpd.h</anchorfile>
+ <arglist></arglist>
+ </member>
+ <member kind="define">
+ <type>#define</type>
+ <name>MHD_HTTP_URI_TOO_LONG</name>
+ <anchorfile>microhttpd.h</anchorfile>
+ <arglist></arglist>
+ </member>
+ <member kind="define">
+ <type>#define</type>
+ <name>MHD_HTTP_PAYLOAD_TOO_LARGE</name>
+ <anchorfile>microhttpd.h</anchorfile>
+ <arglist></arglist>
+ </member>
+ <member kind="define">
+ <type>#define</type>
+ <name>MHD_HTTP_REQUEST_TIMEOUT</name>
+ <anchorfile>microhttpd.h</anchorfile>
+ <arglist></arglist>
+ </member>
+ <member kind="define">
+ <type>#define</type>
+ <name>MHD_HTTP_ACCEPTED</name>
+ <anchorfile>microhttpd.h</anchorfile>
+ <arglist></arglist>
+ </member>
+ <member kind="define">
+ <type>#define</type>
+ <name>MHD_HTTP_NOT_FOUND</name>
+ <anchorfile>microhttpd.h</anchorfile>
+ <arglist></arglist>
+ </member>
+ <member kind="define">
+ <type>#define</type>
+ <name>MHD_HTTP_NO_CONTENT</name>
+ <anchorfile>microhttpd.h</anchorfile>
+ <arglist></arglist>
+ </member>
+ <member kind="define">
+ <type>#define</type>
+ <name>MHD_HTTP_GONE</name>
+ <anchorfile>microhttpd.h</anchorfile>
+ <arglist></arglist>
+ </member>
+ <member kind="define">
+ <type>#define</type>
+ <name>MHD_HTTP_PRECONDITION_FAILED</name>
+ <anchorfile>microhttpd.h</anchorfile>
+ <arglist></arglist>
+ </member>
+ <member kind="define">
+ <type>#define</type>
+ <name>MHD_HTTP_CONFLICT</name>
+ <anchorfile>microhttpd.h</anchorfile>
+ <arglist></arglist>
+ </member>
+ <member kind="define">
+ <type>#define</type>
+ <name>MHD_HTTP_FORBIDDEN</name>
+ <anchorfile>microhttpd.h</anchorfile>
+ <arglist></arglist>
+ </member>
+ <member kind="define">
+ <type>#define</type>
+ <name>MHD_HTTP_SERVICE_UNAVAILABLE</name>
+ <anchorfile>microhttpd.h</anchorfile>
+ <arglist></arglist>
+ </member>
+ <member kind="define">
+ <type>#define</type>
+ <name>MHD_HTTP_FAILED_DEPENDENCY</name>
+ <anchorfile>microhttpd.h</anchorfile>
+ <arglist></arglist>
+ </member>
+ <member kind="define">
+ <type>#define</type>
+ <name>MHD_HTTP_INTERNAL_SERVER_ERROR</name>
+ <anchorfile>microhttpd.h</anchorfile>
+ <arglist></arglist>
+ </member>
+ <member kind="define">
+ <type>#define</type>
+ <name>MHD_OPTION_NOTIFY_COMPLETED</name>
+ <anchorfile>microhttpd.h</anchorfile>
+ <arglist></arglist>
+ </member>
+ <member kind="typedef">
+ <type>int</type>
+ <name>MHD_AccessHandlerCallback</name>
+ <anchorfile>microhttpd.h</anchorfile>
+ <arglist>)(void *cls, struct MHD_Connection *connection, const char *url, const char *method, const char *version, const char *upload_data, size_t *upload_data_size, void **con_cls)</arglist>
+ </member>
+ </compound>
+</tagfile>
diff --git a/contrib/pogen.sh b/contrib/pogen.sh
new file mode 100755
index 0000000..89140ea
--- /dev/null
+++ b/contrib/pogen.sh
@@ -0,0 +1,3 @@
+#!/bin/sh
+find src -name "*.c" | sort > po/POTFILES.in
+find contrib -name "*.json" | sort >> po/POTFILES.in
diff --git a/contrib/provider-list.json b/contrib/provider-list.json
new file mode 100644
index 0000000..37200a4
--- /dev/null
+++ b/contrib/provider-list.json
@@ -0,0 +1,22 @@
+{
+ "license": "GPLv3+",
+ "SPDX-License-Identifier": "GPL3.0-or-later",
+ "anastasis_provider": [
+ {
+ "url" : "http://localhost:8086/",
+ "currency" : "TESTKUDOS"
+ },
+ {
+ "url" : "http://localhost:8087/",
+ "currency" : "TESTKUDOS"
+ },
+ {
+ "url" : "http://localhost:8088/",
+ "currency" : "TESTKUDOS"
+ },
+ {
+ "url" : "http://localhost:8089/",
+ "currency" : "TESTKUDOS"
+ }
+ ]
+}
diff --git a/contrib/redux.al.json b/contrib/redux.al.json
new file mode 100644
index 0000000..bb4360e
--- /dev/null
+++ b/contrib/redux.al.json
@@ -0,0 +1,33 @@
+{
+ "license": "GPLv3+",
+ "SPDX-License-Identifier": "GPL3.0-or-later",
+ "required_attributes": [
+ {
+ "type": "string",
+ "name": "full_name",
+ "label": "Full name",
+ "widget": "anastasis_gtk_ia_full_name",
+ "uuid" : "9e8f463f-575f-42cb-85f3-759559997331"
+ },
+ {
+ "type": "string",
+ "name": "birthplace",
+ "label": "Birthplace",
+ "widget": "anastasis_gtk_ia_birthplace",
+ "uuid" : "4c822e8e-89c6-11eb-95c4-8b077ad8489f"
+ },
+ {
+ "type": "string",
+ "name": "nid_number",
+ "label": "Numri i Identitetit",
+ "label_i18n":{
+ "en": "Identity Number",
+ "al": "Numri i Identitetit"
+ },
+ "widget": "anastasis_gtk_ia_nid_al",
+ "uuid": "256e5d30-d65e-481b-9ac4-55f5ac03b24a",
+ "validation-regex": "^[0-9A-T][0-9](((0|5)[0-9])|10|11|51|52)[0-9]{3}[A-W]$",
+ "validation-logic": "AL_NID_check"
+ }
+ ]
+}
diff --git a/contrib/redux.be.json b/contrib/redux.be.json
new file mode 100644
index 0000000..821a3eb
--- /dev/null
+++ b/contrib/redux.be.json
@@ -0,0 +1,39 @@
+{
+ "license": "GPLv3+",
+ "SPDX-License-Identifier": "GPL3.0-or-later",
+ "required_attributes": [
+ {
+ "type": "string",
+ "name": "full_name",
+ "label": "Full name",
+ "widget": "anastasis_gtk_ia_full_name",
+ "uuid" : "9e8f463f-575f-42cb-85f3-759559997331"
+ },
+ {
+ "type": "date",
+ "name": "birthdate",
+ "label": "Birthdate",
+ "widget": "anastasis_gtk_ia_birthdate",
+ "uuid" : "83d655c7-bdb6-484d-904e-80c1058c8854"
+ },
+ {
+ "type": "string",
+ "name": "birthplace",
+ "label": "Birthplace",
+ "widget": "anastasis_gtk_ia_birthplace",
+ "uuid" : "4c822e8e-89c6-11eb-95c4-8b077ad8489f"
+ },
+ {
+ "type": "string",
+ "name": "nrn_number",
+ "label": "National Register Number",
+ "label_i18n":{
+ "en": "National Register Number"
+ },
+ "widget": "anastasis_gtk_ia_nid_be",
+ "uuid": "0452f99a-06f7-48bd-8ac0-2e4ed9a24560",
+ "validation-regex": "^[0-9]{11}$",
+ "validation-logic": "BE_NRN_check"
+ }
+ ]
+}
diff --git a/contrib/redux.ch.json b/contrib/redux.ch.json
new file mode 100644
index 0000000..48e8e7a
--- /dev/null
+++ b/contrib/redux.ch.json
@@ -0,0 +1,40 @@
+{
+ "license": "GPLv3+",
+ "SPDX-License-Identifier": "GPL3.0-or-later",
+ "required_attributes": [
+ {
+ "type": "string",
+ "name": "full_name",
+ "label": "Full name",
+ "widget": "anastasis_gtk_ia_full_name",
+ "uuid" : "9e8f463f-575f-42cb-85f3-759559997331"
+ },
+ {
+ "type": "date",
+ "name": "birthdate",
+ "label": "Birthdate",
+ "widget": "anastasis_gtk_ia_birthdate",
+ "uuid" : "83d655c7-bdb6-484d-904e-80c1058c8854"
+ },
+ {
+ "type": "string",
+ "name": "birthplace",
+ "label": "Birthplace",
+ "widget": "anastasis_gtk_ia_birthplace",
+ "uuid" : "4c822e8e-89c6-11eb-95c4-8b077ad8489f"
+ },
+ {
+ "type": "string",
+ "name": "ahv_number",
+ "label": "AHV number",
+ "label_i18n":{
+ "de_DE":"AHV-Nummer",
+ "de_CH":"AHV-Nummer"
+ },
+ "widget": "anastasis_gtk_ia_ahv",
+ "uuid" : "1da87570-ba16-4f62-8a7e-cbda92f51591",
+ "validation-regex": "^(756).[0-9]{4}.[0-9]{4}.[0-9]{2}|(756)[0-9]{10}$",
+ "validation-logic": "CH_AHV_check"
+ }
+ ]
+}
diff --git a/contrib/redux.countries.json b/contrib/redux.countries.json
new file mode 100644
index 0000000..aaaf134
--- /dev/null
+++ b/contrib/redux.countries.json
@@ -0,0 +1,166 @@
+{
+ "license": "GPLv3+",
+ "SPDX-License-Identifier": "GPL3.0-or-later",
+ "countries": [
+ {
+ "code" : "al",
+ "name" : "Albania",
+ "continent" : "Europe",
+ "name_i18n" : {
+ "de_DE": "Albanien",
+ "en_UK": "Albania"
+ },
+ "currency": "ALL",
+ "call_code" : "+355"
+ },
+ {
+ "code" : "be",
+ "name" : "Belgium",
+ "continent" : "Europe",
+ "name_i18n" : {
+ "de_DE": "Belgien",
+ "en_UK": "Belgium"
+ },
+ "currency": "EUR",
+ "call_code" : "+32"
+ },
+ {
+ "code" : "ch",
+ "name" : "Switzerland",
+ "continent" : "Europe",
+ "name_i18n" : {
+ "de_DE": "Schweiz",
+ "de_CH": "Schwiiz",
+ "fr_FR": "Suisse",
+ "en_UK": "Swiss"
+ },
+ "currency": "CHF",
+ "call_code" : "+41"
+ },
+ {
+ "code" : "cz",
+ "name" : "Czech Republic",
+ "continent" : "Europe",
+ "name_i18n" : {
+ "en_UK": "Czech Republic"
+ },
+ "currency": "CZK",
+ "call_code" : "+420"
+ },
+ {
+ "code" : "de",
+ "name" : "Germany",
+ "continent" : "Europe",
+ "continent_i18n" : { "de_DE" : "Europa" },
+ "name_i18n" : {
+ "de_DE": "Deutschland",
+ "de_CH": "Deutschland",
+ "fr_FR": "Allemagne",
+ "en_UK": "Germany"
+ },
+ "currency": "EUR",
+ "call_code" : "+49"
+ },
+ {
+ "code" : "dk",
+ "name" : "Denmark",
+ "continent" : "Europe",
+ "continent_i18n" : { "de_DE" : "Europa" },
+ "name_i18n" : {
+ "en_UK": "Denmark"
+ },
+ "currency": "DKK",
+ "call_code" : "+45"
+ },
+ {
+ "code" : "in",
+ "name" : "India",
+ "continent" : "India",
+ "continent_i18n" : { "en_EN" : "India" },
+ "name_i18n" : {
+ "de_DE": "Indien",
+ "de_CH": "Indien",
+ "fr_FR": "l'Inde",
+ "en_UK": "India"
+ },
+ "currency": "INR",
+ "call_code" : "+91"
+ },
+ {
+ "code" : "it",
+ "name" : "Italy",
+ "continent" : "Europe",
+ "name_i18n" : {
+ "de_DE": "Italien",
+ "en_UK": "Italy"
+ },
+ "currency": "EUR",
+ "call_code" : "+39"
+ },
+ {
+ "code" : "jp",
+ "name" : "Japan",
+ "continent" : "Asia",
+ "continent_i18n" : { "en_EN" : "Japan" },
+ "name_i18n" : {
+ "de_DE": "Japan",
+ "de_CH": "Japan",
+ "en_UK": "Japan"
+ },
+ "currency": "JPY",
+ "call_code" : "+81"
+ },
+ {
+ "code" : "sl",
+ "name" : "Slovakia",
+ "continent" : "Europe",
+ "name_i18n" : {
+ "en_UK": "Slovakia"
+ },
+ "currency": "EUR",
+ "call_code" : "+421"
+ },
+ {
+ "code" : "us",
+ "name" : "United States of America (USA)",
+ "continent" : "North America",
+ "continent_i18n" : { "de_DE" : "Nordamerika" },
+ "name_i18n" : {
+ "de_DE": "Vereinigte Staaten von Amerika (USA)",
+ "de_CH": "Vereinigte Staaten von Amerika (USA)",
+ "fr_FR": "États-Unis d'Amérique (USA)",
+ "en_UK": "United States of America (USA)"
+ },
+ "currency": "USD",
+ "call_code" : "+1"
+ },
+ {
+ "code" : "xx",
+ "name" : "Testland",
+ "continent" : "Testcontinent",
+ "continent_i18n" : { "de_DE" : "Testkontinent" },
+ "name_i18n" : {
+ "de_DE": "Testlandt",
+ "de_CH": "Testlandi",
+ "fr_FR": "Testpais",
+ "en_UK": "Testland"
+ },
+ "currency": "TESTKUDOS",
+ "call_code" : "+00"
+ },
+ {
+ "code" : "xy",
+ "name" : "Demoland",
+ "continent" : "Testcontinent",
+ "continent_i18n" : { "de_DE" : "Testkontinent" },
+ "name_i18n" : {
+ "de_DE":"Demolandt",
+ "de_CH":"Demolandi",
+ "fr_FR": "Demopais",
+ "en_UK": "Demoland"
+ },
+ "currency": "KUDOS",
+ "call_code" : "+01"
+ }
+ ]
+}
diff --git a/contrib/redux.cz.json b/contrib/redux.cz.json
new file mode 100644
index 0000000..e7118a8
--- /dev/null
+++ b/contrib/redux.cz.json
@@ -0,0 +1,33 @@
+{
+ "license": "GPLv3+",
+ "SPDX-License-Identifier": "GPL3.0-or-later",
+ "required_attributes": [
+ {
+ "type": "string",
+ "name": "full_name",
+ "label": "Full name",
+ "widget": "anastasis_gtk_ia_full_name",
+ "uuid" : "9e8f463f-575f-42cb-85f3-759559997331"
+ },
+ {
+ "type": "string",
+ "name": "birthplace",
+ "label": "Birthplace",
+ "widget": "anastasis_gtk_ia_birthplace",
+ "uuid" : "4c822e8e-89c6-11eb-95c4-8b077ad8489f"
+ },
+ {
+ "type": "string",
+ "name": "birth_number",
+ "label": "Birth Number",
+ "label_i18n":{
+ "en": "Birth Number",
+ "cz": "rodné číslo"
+ },
+ "widget": "anastasis_gtk_ia_birthnumber_cz",
+ "uuid": "03e3a05b-1192-44f1-ac36-7425512eee1a",
+ "validation-regex": "^[0-9]{2}(((0|2|5|7)[0-9])|10|11|31|32|51|52|81|82)/[0-9]{3}[0-9]?$",
+ "validation-logic": "CZ_BN_check"
+ }
+ ]
+}
diff --git a/contrib/redux.de.json b/contrib/redux.de.json
new file mode 100644
index 0000000..862a463
--- /dev/null
+++ b/contrib/redux.de.json
@@ -0,0 +1,54 @@
+{
+ "license": "GPLv3+",
+ "SPDX-License-Identifier": "GPL3.0-or-later",
+ "required_attributes": [
+ {
+ "type": "string",
+ "name": "full_name",
+ "label": "Full name",
+ "widget": "anastasis_gtk_ia_full_name",
+ "uuid" : "9e8f463f-575f-42cb-85f3-759559997331"
+ },
+ {
+ "type": "date",
+ "name": "birthdate",
+ "label": "Birthdate",
+ "widget": "anastasis_gtk_ia_birthdate",
+ "uuid" : "83d655c7-bdb6-484d-904e-80c1058c8854"
+ },
+ {
+ "type": "string",
+ "name": "birthplace",
+ "label": "Birthplace",
+ "widget": "anastasis_gtk_ia_birthplace",
+ "uuid" : "4c822e8e-89c6-11eb-95c4-8b077ad8489f"
+ },
+ {
+ "type": "string",
+ "name": "tax_number",
+ "label": "Taxpayer identification number",
+ "label_i18n":{
+ "de_DE": "Steuerliche Identifikationsnummer",
+ "en": "German taxpayer identification number"
+ },
+ "widget": "anastasis_gtk_ia_tax_de",
+ "uuid": "dae48f85-e3ff-47a4-a4a3-ed981ed8c3c6",
+ "validation-regex": "^[0-9]{11}$",
+ "validation-logic": "DE_TIN_check"
+ },
+ {
+ "type": "string",
+ "name": "social_security_number",
+ "label": "Social security number",
+ "label_i18n":{
+ "de_DE": "Deutsche Sozialversicherungsnummer",
+ "en": "German Social security number"
+ },
+ "widget": "anastasis_gtk_ia_ssn_de",
+ "uuid": "d5e2aa79-1c88-4cf4-a4d2-252508b38e05",
+ "validation-regex": "^[0-9]{8}[[:upper:]][0-9]{3}$",
+ "validation-logic": "DE_SVN_check",
+ "optional" : true
+ }
+ ]
+}
diff --git a/contrib/redux.dk.json b/contrib/redux.dk.json
new file mode 100644
index 0000000..29c7c6c
--- /dev/null
+++ b/contrib/redux.dk.json
@@ -0,0 +1,32 @@
+{
+ "license": "GPLv3+",
+ "SPDX-License-Identifier": "GPL3.0-or-later",
+ "required_attributes": [
+ {
+ "type": "string",
+ "name": "full_name",
+ "label": "Full name",
+ "widget": "anastasis_gtk_ia_full_name",
+ "uuid" : "9e8f463f-575f-42cb-85f3-759559997331"
+ },
+ {
+ "type": "string",
+ "name": "birthplace",
+ "label": "Birthplace",
+ "widget": "anastasis_gtk_ia_birthplace",
+ "uuid" : "4c822e8e-89c6-11eb-95c4-8b077ad8489f"
+ },
+ {
+ "type": "string",
+ "name": "cpr_number",
+ "label": "CPR-nummer",
+ "label_i18n":{
+ "en": "CPR Number",
+ "dk": "CPR-nummer"
+ },
+ "widget": "anastasis_gtk_ia_cpr_dk",
+ "uuid": "38f13a4d-4302-4ada-ada1-c3ff4a8ff689",
+ "validation-regex": "^(0[1-9]|[1-2][0-9]|30|31)((0[1-9]|10|11|12))[0-9]{2}-[0-9A-Z]{4}$"
+ }
+ ]
+}
diff --git a/contrib/redux.in.json b/contrib/redux.in.json
new file mode 100644
index 0000000..a53035c
--- /dev/null
+++ b/contrib/redux.in.json
@@ -0,0 +1,39 @@
+{
+ "license": "GPLv3+",
+ "SPDX-License-Identifier": "GPL3.0-or-later",
+ "required_attributes": [
+ {
+ "type": "string",
+ "name": "full_name",
+ "label": "Full name",
+ "widget": "anastasis_gtk_ia_full_name",
+ "uuid" : "9e8f463f-575f-42cb-85f3-759559997331"
+ },
+ {
+ "type": "date",
+ "name": "birthdate",
+ "label": "Birthdate",
+ "widget": "anastasis_gtk_ia_birthdate",
+ "uuid" : "83d655c7-bdb6-484d-904e-80c1058c8854"
+ },
+ {
+ "type": "string",
+ "name": "birthplace",
+ "label": "Birthplace",
+ "widget": "anastasis_gtk_ia_birthplace",
+ "uuid" : "4c822e8e-89c6-11eb-95c4-8b077ad8489f"
+ },
+ {
+ "type": "string",
+ "name": "aadhar_number",
+ "label": "Aadhar number",
+ "label_i18n":{
+ "en": "Aadhar number"
+ },
+ "widget": "anastasis_gtk_ia_aadhar_in",
+ "uuid": "55afe97a-98bc-48d1-bb37-a9658be3fdc9",
+ "validation-regex": "^[2-9]{1}[0-9]{3}\\s[0-9]{4}\\s[0-9]{4}$",
+ "validation-logic": "IN_AADHAR_check"
+ }
+ ]
+}
diff --git a/contrib/redux.it.json b/contrib/redux.it.json
new file mode 100644
index 0000000..f744497
--- /dev/null
+++ b/contrib/redux.it.json
@@ -0,0 +1,33 @@
+{
+ "license": "GPLv3+",
+ "SPDX-License-Identifier": "GPL3.0-or-later",
+ "required_attributes": [
+ {
+ "type": "string",
+ "name": "full_name",
+ "label": "Full name",
+ "widget": "anastasis_gtk_ia_full_name",
+ "uuid" : "9e8f463f-575f-42cb-85f3-759559997331"
+ },
+ {
+ "type": "string",
+ "name": "birthplace",
+ "label": "Birthplace",
+ "widget": "anastasis_gtk_ia_birthplace",
+ "uuid" : "4c822e8e-89c6-11eb-95c4-8b077ad8489f"
+ },
+ {
+ "type": "string",
+ "name": "fiscal_code",
+ "label": "Codice fiscale",
+ "label_i18n":{
+ "it": "Codice fiscale",
+ "en": "Fiscal code"
+ },
+ "widget": "anastasis_gtk_ia_cf_it",
+ "uuid": "88f53c51-52ad-4d63-a163-ec042589f925",
+ "validation-regex": "^[[:upper:]]{6}[0-9]{2}[A-EHLMPRT](([0-24-6][0-9])|(30|31|70|71))[A-MZ][0-9]{3}[A-Z]$",
+ "validation-logic": "IT_CF_check"
+ }
+ ]
+}
diff --git a/contrib/redux.jp.json b/contrib/redux.jp.json
new file mode 100644
index 0000000..2a80cdf
--- /dev/null
+++ b/contrib/redux.jp.json
@@ -0,0 +1,39 @@
+{
+ "license": "GPLv3+",
+ "SPDX-License-Identifier": "GPL3.0-or-later",
+ "required_attributes": [
+ {
+ "type": "string",
+ "name": "full_name",
+ "label": "Full name",
+ "widget": "anastasis_gtk_ia_full_name",
+ "uuid" : "9e8f463f-575f-42cb-85f3-759559997331"
+ },
+ {
+ "type": "date",
+ "name": "birthdate",
+ "label": "Birthdate",
+ "widget": "anastasis_gtk_ia_birthdate",
+ "uuid" : "83d655c7-bdb6-484d-904e-80c1058c8854"
+ },
+ {
+ "type": "string",
+ "name": "birthplace",
+ "label": "Birthplace",
+ "widget": "anastasis_gtk_ia_birthplace",
+ "uuid" : "4c822e8e-89c6-11eb-95c4-8b077ad8489f"
+ },
+ {
+ "type": "string",
+ "name": "my_number",
+ "label": "My number",
+ "label_i18n":{
+ "en": "My number",
+ "jp": "マイナンバー"
+ },
+ "widget": "anastasis_gtk_ia_my_jp",
+ "uuid": "90848f42-a83e-4226-8186-329696c14152",
+ "validation-regex": "^[0-9]{12}$"
+ }
+ ]
+}
diff --git a/contrib/redux.sk.json b/contrib/redux.sk.json
new file mode 100644
index 0000000..e2acef7
--- /dev/null
+++ b/contrib/redux.sk.json
@@ -0,0 +1,33 @@
+{
+ "license": "GPLv3+",
+ "SPDX-License-Identifier": "GPL3.0-or-later",
+ "required_attributes": [
+ {
+ "type": "string",
+ "name": "full_name",
+ "label": "Full name",
+ "widget": "anastasis_gtk_ia_full_name",
+ "uuid" : "9e8f463f-575f-42cb-85f3-759559997331"
+ },
+ {
+ "type": "string",
+ "name": "birthplace",
+ "label": "Birthplace",
+ "widget": "anastasis_gtk_ia_birthplace",
+ "uuid" : "4c822e8e-89c6-11eb-95c4-8b077ad8489f"
+ },
+ {
+ "type": "string",
+ "name": "birth_number",
+ "label": "Birth Number",
+ "label_i18n":{
+ "en": "Birth Number",
+ "sk": "rodné číslo"
+ },
+ "widget": "anastasis_gtk_ia_birthnumber_sk",
+ "uuid": "1cd372fe-2cea-4928-9f29-66f2bdd8555c",
+ "validation-regex": "^[0-9]{2}(((0|2|5|7)[0-9])|10|11|31|32|51|52|81|82)/[0-9]{3}[0-9]?$",
+ "validation-logic": "CZ_BN_check"
+ }
+ ]
+}
diff --git a/contrib/redux.us.json b/contrib/redux.us.json
new file mode 100644
index 0000000..17e7556
--- /dev/null
+++ b/contrib/redux.us.json
@@ -0,0 +1,38 @@
+{
+ "license": "GPLv3+",
+ "SPDX-License-Identifier": "GPL3.0-or-later",
+ "required_attributes": [
+ {
+ "type": "string",
+ "name": "full_name",
+ "label": "Full name",
+ "widget": "anastasis_gtk_ia_full_name",
+ "uuid" : "9e8f463f-575f-42cb-85f3-759559997331"
+ },
+ {
+ "type": "date",
+ "name": "birthdate",
+ "label": "Birthdate",
+ "widget": "anastasis_gtk_ia_birthdate",
+ "uuid" : "83d655c7-bdb6-484d-904e-80c1058c8854"
+ },
+ {
+ "type": "string",
+ "name": "birthplace",
+ "label": "Birthplace",
+ "widget": "anastasis_gtk_ia_birthplace",
+ "uuid" : "4c822e8e-89c6-11eb-95c4-8b077ad8489f"
+ },
+ {
+ "type": "string",
+ "name": "social_security_number",
+ "label": "Social security number",
+ "label_i18n":{
+ "en": "US Social security number"
+ },
+ "widget": "anastasis_gtk_ia_ssn_us",
+ "uuid": "310a138c-b0b7-4985-b8b8-d00e765e9f9b",
+ "validation-regex": "^d{3}-d{2}-d{4}$"
+ }
+ ]
+}
diff --git a/contrib/redux.xx.json b/contrib/redux.xx.json
new file mode 100644
index 0000000..b28af81
--- /dev/null
+++ b/contrib/redux.xx.json
@@ -0,0 +1,29 @@
+{
+ "license": "GPLv3+",
+ "SPDX-License-Identifier": "GPL3.0-or-later",
+ "required_attributes": [
+ {
+ "type": "string",
+ "name": "full_name",
+ "label": "Full name",
+ "widget": "anastasis_gtk_ia_full_name",
+ "uuid" : "9e8f463f-575f-42cb-85f3-759559997331"
+ },
+ {
+ "type": "date",
+ "name": "birthdate",
+ "label": "Birthdate",
+ "widget": "anastasis_gtk_ia_birthdate",
+ "uuid" : "83d655c7-bdb6-484d-904e-80c1058c8854"
+ },
+ {
+ "type": "string",
+ "name": "sq_number",
+ "label": "Square number",
+ "widget": "anastasis_gtk_xx_square",
+ "uuid" : "ed790bca-89bf-11eb-96f2-233996cf644e",
+ "validation-regex": "^[0-9]+$",
+ "validation-logic": "XX_SQUARE_check"
+ }
+ ]
+}
diff --git a/contrib/redux.xy.json b/contrib/redux.xy.json
new file mode 100644
index 0000000..2091d9a
--- /dev/null
+++ b/contrib/redux.xy.json
@@ -0,0 +1,29 @@
+{
+ "license": "GPLv3+",
+ "SPDX-License-Identifier": "GPL3.0-or-later",
+ "required_attributes": [
+ {
+ "type": "string",
+ "name": "full_name",
+ "label": "Full name",
+ "widget": "anastasis_gtk_ia_full_name",
+ "uuid" : "9e8f463f-575f-42cb-85f3-759559997331"
+ },
+ {
+ "type": "date",
+ "name": "birthdate",
+ "label": "Birthdate",
+ "widget": "anastasis_gtk_ia_birthdate",
+ "uuid" : "83d655c7-bdb6-484d-904e-80c1058c8854"
+ },
+ {
+ "type": "string",
+ "name": "prime_number",
+ "label": "Prime number",
+ "widget": "anastasis_gtk_xx_prime",
+ "uuid" : "39190a95-cacb-4412-8bae-1f7da3f980b4",
+ "validation-regex": "^[0-9]+$",
+ "validation-logic": "XY_PRIME_check"
+ }
+ ]
+}
diff --git a/contrib/uncrustify.cfg b/contrib/uncrustify.cfg
new file mode 100644
index 0000000..8c9df2c
--- /dev/null
+++ b/contrib/uncrustify.cfg
@@ -0,0 +1,95 @@
+input_tab_size = 2
+output_tab_size = 2
+
+indent_columns = 2
+indent_with_tabs = 0
+indent_case_brace = 2
+indent_label=-16
+
+code_width=80
+#cmd_width=80
+
+# Leave most comments alone for now
+cmt_indent_multi=false
+sp_cmt_cpp_start=add
+
+sp_not=add
+
+sp_func_call_user_paren_paren=remove
+sp_inside_fparen=remove
+sp_after_cast=add
+
+ls_for_split_full=true
+ls_func_split_full=true
+ls_code_width=true
+
+# Arithmetic operations in wrapped expressions should be at the start
+# of the line.
+pos_arith=lead
+
+# Fully parenthesize boolean exprs
+mod_full_paren_if_bool=true
+
+# Braces should be on their own line
+nl_fdef_brace=add
+nl_enum_brace=add
+nl_struct_brace=add
+nl_union_brace=add
+nl_if_brace=add
+nl_brace_else=add
+nl_elseif_brace=add
+nl_while_brace=add
+nl_switch_brace=add
+
+# no newline between "else" and "if"
+nl_else_if=remove
+
+nl_func_paren=remove
+nl_assign_brace=remove
+
+# No extra newlines that cause noisy diffs
+nl_start_of_file=remove
+nl_after_func_proto = 2
+nl_after_func_body = 3
+# If there's no new line, it's not a text file!
+nl_end_of_file=add
+nl_max_blank_in_func = 3
+nl_max = 3
+
+sp_inside_paren = remove
+
+sp_arith = add
+sp_arith_additive = add
+
+# We want spaces before and after "="
+sp_before_assign = add
+sp_after_assign = add
+
+# we want "char *foo;"
+sp_after_ptr_star = remove
+sp_between_ptr_star = remove
+
+# we want "if (foo) { ... }"
+sp_before_sparen = add
+
+sp_inside_fparen = remove
+sp_inside_sparen = remove
+
+# add space before function call and decl: "foo (x)"
+sp_func_call_paren = add
+sp_func_proto_paren = add
+sp_func_proto_paren_empty = add
+sp_func_def_paren = add
+sp_func_def_paren_empty = add
+
+# We'd want it for "if ( (foo) || (bar) )", but not for "if (m())",
+# so as uncrustify doesn't give exactly what we want => ignore
+sp_paren_paren = ignore
+sp_inside_paren = remove
+sp_bool = force
+
+nl_func_type_name = force
+#nl_branch_else = add
+nl_else_brace = add
+nl_elseif_brace = add
+nl_for_brace = add
diff --git a/contrib/uncrustify_precommit b/contrib/uncrustify_precommit
new file mode 100755
index 0000000..2487333
--- /dev/null
+++ b/contrib/uncrustify_precommit
@@ -0,0 +1,35 @@
+#!/bin/sh
+
+# use as .git/hooks/pre-commit
+
+exec 1>&2
+
+RET=0
+changed=$(git diff --cached --name-only)
+crustified=""
+
+for f in $changed;
+do
+ if echo $f | grep \\.[c,h]\$ > /dev/null
+ then
+ # compare result of uncrustify with changes
+ #
+ # only change any of the invocations here if
+ # they are portable across all cmp and shell
+ # implementations !
+ uncrustify -q -c uncrustify.cfg -f $f | cmp -s $f -
+ if test $? = 1 ;
+ then
+ crustified=" $crustified $f"
+ RET=1
+ fi
+ fi
+done
+
+if [ $RET = 1 ];
+then
+ echo "Run"
+ echo "uncrustify --no-backup -c uncrustify.cfg ${crustified}"
+ echo "before committing."
+fi
+exit $RET
diff --git a/debian/.gitignore b/debian/.gitignore
new file mode 100644
index 0000000..7dcd9f0
--- /dev/null
+++ b/debian/.gitignore
@@ -0,0 +1,13 @@
+.debhelper/
+*.substvars
+*.log
+libanastasis/
+libanastasis-dev/
+anastasis-httpd/
+anastasis-cli/
+*.debhelper
+autoreconf.after
+autoreconf.before
+debhelper-build-stamp
+files
+tmp/ \ No newline at end of file
diff --git a/debian/anastasis-cli.install b/debian/anastasis-cli.install
new file mode 100644
index 0000000..6921bea
--- /dev/null
+++ b/debian/anastasis-cli.install
@@ -0,0 +1,2 @@
+usr/bin/anastasis-reducer
+usr/share/man/man1/anastasis-reducer.1
diff --git a/debian/anastasis-httpd.README.Debian b/debian/anastasis-httpd.README.Debian
new file mode 100644
index 0000000..f2e608c
--- /dev/null
+++ b/debian/anastasis-httpd.README.Debian
@@ -0,0 +1,10 @@
+anastasis
+--------------
+
+This package is a backend to operate an Anastasis provider.
+
+This package is integrated with Apache or Nginx, automatically
+deploying a configuration for the backend to the respective
+Web server at the "/anastasis/" endpoint.
+
+ -- Christian Grothoff <grothoff@gnu.org> Fri 01 Apr 2021 11:37:14 AM CET
diff --git a/debian/anastasis-httpd.config b/debian/anastasis-httpd.config
new file mode 100644
index 0000000..7ea8a7b
--- /dev/null
+++ b/debian/anastasis-httpd.config
@@ -0,0 +1,38 @@
+#!/bin/sh
+
+set -e
+
+. /usr/share/debconf/confmodule
+
+_USERNAME=anastasis-httpd
+_GROUPNAME=www-data
+
+db_input low anastasis/reconfigure-webserver || true
+db_go
+
+# Set permissions for sqlite3 file
+# (for when we support sqlite3 in the future)
+dbc_dbfile_owner="${_USERNAME}:${_GROUPNAME}"
+dbc_dbfile_perms="0600"
+
+dbc_psql_createdb_encoding="UTF8"
+
+# Set MySQL encoding to UTF8, just in case MySQL
+# support is added in the future.
+dbc_mysql_createdb_encoding="UTF8"
+
+# Try to get it to use UNIX domain sockets, if possible.
+# (Note: doesn't seem to do much, still uses username+PW+TCP
+# on my system :-( dbconfig documentation sucks.).
+dbc_authmethod_user=ident
+dbc_authmethod_admin=ident
+
+dbc_dbuser=${_USERNAME}
+
+
+if [ -f /usr/share/dbconfig-common/dpkg/config.pgsql ]; then
+ . /usr/share/dbconfig-common/dpkg/config.pgsql
+ dbc_go anastasis "$@"
+fi
+
+db_stop
diff --git a/debian/anastasis-httpd.install b/debian/anastasis-httpd.install
new file mode 100644
index 0000000..a97180b
--- /dev/null
+++ b/debian/anastasis-httpd.install
@@ -0,0 +1,13 @@
+usr/bin/
+usr/lib/*/anastasis/
+usr/lib/*/libanastasisauthorization.*
+usr/lib/*/libanastasisdb.*
+usr/share/man/man5/*
+usr/share/man/man1/anastasis-httpd.1
+usr/share/man/man1/anastasis-config.1
+usr/share/anastasis/*
+usr/share/anastasis/sql/*
+usr/share/anastasis/config.d/*
+debian/etc/* /etc/
+debian/conf/* etc/anastasis/
+debian/db/install/* usr/share/dbconfig-common/scripts/anastasis/install/
diff --git a/debian/anastasis-httpd.postinst b/debian/anastasis-httpd.postinst
new file mode 100644
index 0000000..77acf49
--- /dev/null
+++ b/debian/anastasis-httpd.postinst
@@ -0,0 +1,93 @@
+#!/bin/bash
+
+set -e
+
+_USERNAME=anastasis-httpd
+_GROUPNAME=www-data
+
+# Set permissions for sqlite3 file
+# (for when we support sqlite3 in the future)
+dbc_dbfile_owner="${_USERNAME}:${_GROUPNAME}"
+dbc_dbfile_perms="0600"
+
+# 1st argument will be the SECURITYTOKEN to use.
+apache_install() {
+ echo -n "Starting Apache setup..."
+ mkdir -p /etc/apache2/conf-available
+ if [ ! -f /etc/apache2/conf-available/anastasis.conf ]; then
+ echo -n "..."
+ cat /etc/anastasis/apache.conf | sed -e "s/%SECURITYTOKEN%/$1/" >/etc/apache2/conf-available/anastasis.conf
+ fi
+ echo "Done"
+}
+
+# 1st argument will be the SECURITYTOKEN to use.
+nginx_install() {
+ echo -n "Starting Nginx setup..."
+ mkdir -p /etc/nginx/conf-available
+ if [ ! -f /etc/nginx/conf-available/anastasis.conf ]; then
+ echo -n "..."
+ cat /etc/anastasis/nginx.conf | sed -e "s/%SECURITYTOKEN%/$1/" >/etc/nginx/conf-available/anastasis.conf
+ fi
+ echo "Done"
+}
+
+. /usr/share/debconf/confmodule
+
+case "${1}" in
+configure)
+ db_start
+ db_version 2.0
+
+ # Read default values
+ CONFIG_FILE="/etc/default/anastasis"
+ TALER_HOME="/var/lib/taler/"
+
+ echo " User setup"
+ # Creating taler users if needed
+ if ! getent passwd ${_USERNAME} >/dev/null; then
+ adduser --quiet --system --ingroup ${_GROUPNAME} --home ${TALER_HOME} ${_USERNAME}
+ fi
+
+ # Setup postgres database (needs dbconfig-pgsql package)
+ if [ -f /usr/share/dbconfig-common/dpkg/postinst.pgsql ]; then
+ . /usr/share/dbconfig-common/dpkg/postinst.pgsql
+ dbc_pgsql_createdb_encoding="UTF8"
+ dbc_go anastasis "$@"
+ fi
+
+ cat >"/etc/systemd/system/anastasis-httpd.service" <<EOF
+EOF
+
+ # Configure Webserver
+ echo " Configuring Webserver"
+ db_get anastasis/reconfigure-webserver
+ webservers="$RET"
+ for webserver in $webservers; do
+ webserver=${webserver%,}
+ if [ "$webserver" = "nginx" ]; then
+ nginx_install "$SECRET"
+ else
+ apache_install "$SECRET"
+ fi
+ done
+ echo "Done."
+
+ db_stop
+
+ # Cleaning
+ echo "All done."
+
+ ;;
+
+abort-upgrade | abort-remove | abort-deconfigure) ;;
+
+ *)
+ echo "postinst called with unknown argument \`${1}'" >&2
+ exit 1
+ ;;
+esac
+
+#DEBHELPER#
+
+exit 0
diff --git a/debian/anastasis-httpd.postrm b/debian/anastasis-httpd.postrm
new file mode 100644
index 0000000..fc96f0e
--- /dev/null
+++ b/debian/anastasis-httpd.postrm
@@ -0,0 +1,72 @@
+#!/bin/sh
+
+set -e
+
+pathfind() {
+ OLDIFS="$IFS"
+ IFS=:
+ for p in $PATH; do
+ if [ -x "$p/$*" ]; then
+ IFS="$OLDIFS"
+ return 0
+ fi
+ done
+ IFS="$OLDIFS"
+ return 1
+}
+
+apache_remove() {
+ if [ diff /etc/anastasis/apache.conf /etc/apache2/conf-available/anastasis.conf ] >/dev/null 2>&1; then
+ rm -f /etc/apache2/conf-available/anastasis.conf
+ fi
+}
+
+nginx_remove() {
+ if [ diff /etc/taler-exchange/nginx.conf /etc/apache2/conf-available/taler-exchange.conf ] >/dev/null 2>&1; then
+ rm -f /etc/nginx/conf-available/anastasis.conf
+ fi
+}
+
+if [ -f /usr/share/debconf/confmodule ]; then
+ . /usr/share/debconf/confmodule
+fi
+
+if [ -f /usr/share/dbconfig-common/dpkg/postrm.pgsql ]; then
+ . /usr/share/dbconfig-common/dpkg/postrm.pgsql
+ dbc_go anastasis "$@"
+fi
+
+if [ "$1" = "remove" ] || [ "$1" = "purge" ]; then
+ if [ -f /usr/share/debconf/confmodule ]; then
+ . /usr/share/debconf/confmodule
+ db_version 2.0
+ db_get anastasis/reconfigure-webserver
+ webservers="$RET"
+ for webserver in $webservers; do
+ webserver=${webserver%,}
+ if [ "$webserver" = "nginx" ]; then
+ nginx_remove
+ else
+ apache_remove
+ fi
+ done
+ fi
+fi
+
+case "${1}" in
+purge)
+ rm -f /var/lib/anastasis/master-api-key.txt
+ rm -rf /var/lib/anastasis/httpd/
+ ;;
+remove | upgrade | failed-upgrade | abort-install | abort-upgrade | disappear) ;;
+
+\
+ *)
+ echo "postrm called with unknown argument \`${1}'" >&2
+ exit 1
+ ;;
+esac
+
+#DEBHELPER#
+
+exit 0
diff --git a/debian/anastasis-httpd.prerm b/debian/anastasis-httpd.prerm
new file mode 100644
index 0000000..570b20f
--- /dev/null
+++ b/debian/anastasis-httpd.prerm
@@ -0,0 +1,16 @@
+#!/bin/sh
+
+set -e
+
+if [ -f /usr/share/debconf/confmodule ]; then
+ . /usr/share/debconf/confmodule
+fi
+. /usr/share/dbconfig-common/dpkg/prerm
+
+if [ -f /usr/share/dbconfig-common/dpkg/prerm.pgsql ]; then
+ . /usr/share/dbconfig-common/dpkg/prerm.pgsql
+ dbc_go anastasis "$@"
+fi
+
+db_stop
+exit 0
diff --git a/debian/anastasis-httpd.service b/debian/anastasis-httpd.service
new file mode 100644
index 0000000..ab764cc
--- /dev/null
+++ b/debian/anastasis-httpd.service
@@ -0,0 +1,8 @@
+[Unit]
+Description=Anastasis key recovery backend
+
+[Service]
+User=anastasis-httpd
+Type=simple
+Restart=on-failure
+ExecStart=/usr/bin/anastasis-httpd -c /etc/taler/taler.conf
diff --git a/debian/anastasis-httpd.templates b/debian/anastasis-httpd.templates
new file mode 100644
index 0000000..1b1db15
--- /dev/null
+++ b/debian/anastasis-httpd.templates
@@ -0,0 +1,7 @@
+Template: anastasis/reconfigure-webserver
+Type: multiselect
+Choices: apache2, nginx
+Default: apache2, nginx
+_Description: Web server to reconfigure automatically:
+ Please choose the web server that should be automatically configured
+ as a frontend for anastasis-httpd.
diff --git a/debian/changelog b/debian/changelog
new file mode 100644
index 0000000..ea5ab8a
--- /dev/null
+++ b/debian/changelog
@@ -0,0 +1,37 @@
+anastasis (0.0.0-5) unstable; urgency=low
+
+ * Fixes in packaging files.
+
+ -- Florian Dold <dold@taler.net> Mon, 26 Jul 2021 11:16:02 +0200
+
+anastasis (0.0.0-4) unstable; urgency=low
+
+ * Fix quoting bug.
+
+ -- Christian Grothoff <grothoff@gnu.org> Wed, 21 Jul 2021 14:02:10 +0100
+
+anastasis (0.0.0-3) unstable; urgency=low
+
+ * Update to latest upstream code with minor design improvements.
+
+ -- Christian Grothoff <grothoff@gnu.org> Tue, 20 Jul 2021 14:02:10 +0100
+
+anastasis (0.0.0-2) unstable; urgency=low
+
+ * Improved reducer structure to address UX issues.
+ * Added ability to name secrets.
+ * Modified API to allow applications to more easily control expiration.
+
+ -- Christian Grothoff <grothoff@gnu.org> Wed, 14 Jul 2021 00:00:00 +0000
+
+anastasis (0.0.0-1) unstable; urgency=low
+
+ * Various fixes in packaging and code logic.
+
+ -- Christian Grothoff <grothoff@gnu.org> Thu, 24 Jun 2021 00:00:00 +0000
+
+anastasis (0.0.0-0) unstable; urgency=medium
+
+ * Initial Release.
+
+ -- Christian Grothoff <grothoff@gnu.org> Fri, 01 Apr 2021 00:00:00 +0000
diff --git a/debian/conf/apache.conf b/debian/conf/apache.conf
new file mode 100644
index 0000000..1d73ed1
--- /dev/null
+++ b/debian/conf/apache.conf
@@ -0,0 +1,11 @@
+<!--
+ Make sure to enable the following Apache modules before
+ integrating this into your configuration:
+
+ # a2enmod proxy
+ # a2enmod proxy_http
+-->
+
+<Location "/anastasis/">
+ProxyPass "unix:/var/lib/anastasis/httpd/anastasis.sock|http://example.com/"
+</Location>
diff --git a/debian/conf/nginx.conf b/debian/conf/nginx.conf
new file mode 100644
index 0000000..6828f0b
--- /dev/null
+++ b/debian/conf/nginx.conf
@@ -0,0 +1,8 @@
+location /anastasis/ {
+ proxy_pass http://unix:/var/lib/anastasis/httpd/anastasis.sock;
+ proxy_redirect off;
+ proxy_set_header Host $host;
+ proxy_set_header X-Forwarded-Host "example.com";
+ proxy_set_header X-Forwarded-Proto "https";
+
+} \ No newline at end of file
diff --git a/debian/control b/debian/control
new file mode 100644
index 0000000..532c623
--- /dev/null
+++ b/debian/control
@@ -0,0 +1,77 @@
+Source: anastasis
+Section: net
+Priority: optional
+Maintainer: Christian Grothoff <grothoff@gnu.org>
+Build-Depends:
+ autoconf (>=2.59),
+ automake (>=1.11.1),
+ autopoint,
+ debhelper-compat (= 13),
+ gettext,
+ libgnunet-dev,
+ libtalerexchange-dev,
+ libtalermerchant-dev,
+ libpq-dev (>=9.5),
+ libsqlite3-dev (>=3.8),
+ pkg-config,
+ po-debconf,
+ libqrencode-dev,
+ uuid-dev,
+ zlib1g-dev
+Build-Conflicts:
+ autoconf2.13,
+ automake1.4
+Standards-Version: 4.5.0
+Vcs-Git: https://salsa.debian.org/debian/anastasis.git
+Vcs-browser: https://salsa.debian.org/debian/anastasis
+Homepage: https://anastasis.lu/
+
+Package: libanastasis
+Architecture: any
+Pre-Depends:
+ ${misc:Pre-Depends}
+Depends:
+ lsb-base,
+ netbase,
+ ${misc:Depends},
+ ${shlibs:Depends}
+Description: libraries to talk to an Anastasis provider.
+
+Package: anastasis-httpd
+Architecture: any
+Pre-Depends:
+ ${misc:Pre-Depends}
+Depends:
+ libtalerexchange (>= 0.9.0),
+ adduser,
+ lsb-base,
+ netbase,
+ apache2 | nginx | httpd,
+ postgresql,
+ dbconfig-pgsql | dbconfig-no-thanks,
+ ${misc:Depends},
+ ${shlibs:Depends}
+Description: GNU's key escrow provider.
+
+Package: anastasis-cli
+Architecture: any
+Pre-Depends:
+ ${misc:Pre-Depends}
+Depends:
+ libanastasis (>= 0.0.0),
+ ${misc:Depends},
+ ${shlibs:Depends}
+Description: Command-line interface for the Anastasis key escrow provider service.
+
+Package: libanastasis-dev
+Section: libdevel
+Architecture: any
+Depends:
+ libtalermerchant-dev (>= 0.9.0),
+ libtalerexchange-dev (>= 0.9.0),
+ libgnunet-dev (>=0.14.0),
+ ${misc:Depends},
+ ${shlibs:Depends}
+Description: libraries to talk to a GNU Anastasis provider (development)
+ .
+ This package contains the development files.
diff --git a/debian/copyright b/debian/copyright
new file mode 100644
index 0000000..555d608
--- /dev/null
+++ b/debian/copyright
@@ -0,0 +1,699 @@
+Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
+Upstream-Name: GNU Taler
+Upstream-Contact: Christian Grothoff <christian@grothoff.org>
+Source: https://taler.net/
+
+Files: *
+Copyright:
+ (C) 2013-2020 Taler Systems SA
+License: AGPL-3+
+Comment: Many contributors are mentioned in AUTHORS
+
+Files: debian/*
+Copyright:
+ (C) 2020 Christian Grothoff <grothoff@gnu.org>
+License: GPL-3+
+
+Files: debian/po/*
+Copyright:
+License: GPL-3+
+
+License: GPL-3+
+ This program is free software: you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation, either version 3 of the License, or
+ (at your option) any later version.
+ .
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+ .
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+ .
+ The complete text of the GNU General Public License
+ can be found in /usr/share/common-licenses/GPL-3 file.
+
+License: AGPL-3+
+ GNU AFFERO GENERAL PUBLIC LICENSE
+ Version 3, 19 November 2007
+ .
+ Copyright (C) 2007 Free Software Foundation, Inc. <http://fsf.org/>
+ Everyone is permitted to copy and distribute verbatim copies
+ of this license document, but changing it is not allowed.
+ .
+ Preamble
+ .
+ The GNU Affero General Public License is a free, copyleft license for
+ software and other kinds of works, specifically designed to ensure
+ cooperation with the community in the case of network server software.
+ .
+ The licenses for most software and other practical works are designed
+ to take away your freedom to share and change the works. By contrast,
+ our General Public Licenses are intended to guarantee your freedom to
+ share and change all versions of a program--to make sure it remains free
+ software for all its users.
+ .
+ When we speak of free software, we are referring to freedom, not
+ price. Our General Public Licenses are designed to make sure that you
+ have the freedom to distribute copies of free software (and charge for
+ them if you wish), that you receive source code or can get it if you
+ want it, that you can change the software or use pieces of it in new
+ free programs, and that you know you can do these things.
+ .
+ Developers that use our General Public Licenses protect your rights
+ with two steps: (1) assert copyright on the software, and (2) offer
+ you this License which gives you legal permission to copy, distribute
+ and/or modify the software.
+ .
+ A secondary benefit of defending all users' freedom is that
+ improvements made in alternate versions of the program, if they
+ receive widespread use, become available for other developers to
+ incorporate. Many developers of free software are heartened and
+ encouraged by the resulting cooperation. However, in the case of
+ software used on network servers, this result may fail to come about.
+ The GNU General Public License permits making a modified version and
+ letting the public access it on a server without ever releasing its
+ source code to the public.
+ .
+ The GNU Affero General Public License is designed specifically to
+ ensure that, in such cases, the modified source code becomes available
+ to the community. It requires the operator of a network server to
+ provide the source code of the modified version running there to the
+ users of that server. Therefore, public use of a modified version, on
+ a publicly accessible server, gives the public access to the source
+ code of the modified version.
+ .
+ An older license, called the Affero General Public License and
+ published by Affero, was designed to accomplish similar goals. This is
+ a different license, not a version of the Affero GPL, but Affero has
+ released a new version of the Affero GPL which permits relicensing under
+ this license.
+ .
+ The precise terms and conditions for copying, distribution and
+ modification follow.
+ .
+ TERMS AND CONDITIONS
+ .
+ 0. Definitions.
+ .
+ "This License" refers to version 3 of the GNU Affero General Public License.
+ .
+ "Copyright" also means copyright-like laws that apply to other kinds of
+ works, such as semiconductor masks.
+ .
+ "The Program" refers to any copyrightable work licensed under this
+ License. Each licensee is addressed as "you". "Licensees" and
+ "recipients" may be individuals or organizations.
+ .
+ To "modify" a work means to copy from or adapt all or part of the work
+ in a fashion requiring copyright permission, other than the making of an
+ exact copy. The resulting work is called a "modified version" of the
+ earlier work or a work "based on" the earlier work.
+ .
+ A "covered work" means either the unmodified Program or a work based
+ on the Program.
+ .
+ To "propagate" a work means to do anything with it that, without
+ permission, would make you directly or secondarily liable for
+ infringement under applicable copyright law, except executing it on a
+ computer or modifying a private copy. Propagation includes copying,
+ distribution (with or without modification), making available to the
+ public, and in some countries other activities as well.
+ .
+ To "convey" a work means any kind of propagation that enables other
+ parties to make or receive copies. Mere interaction with a user through
+ a computer network, with no transfer of a copy, is not conveying.
+ .
+ An interactive user interface displays "Appropriate Legal Notices"
+ to the extent that it includes a convenient and prominently visible
+ feature that (1) displays an appropriate copyright notice, and (2)
+ tells the user that there is no warranty for the work (except to the
+ extent that warranties are provided), that licensees may convey the
+ work under this License, and how to view a copy of this License. If
+ the interface presents a list of user commands or options, such as a
+ menu, a prominent item in the list meets this criterion.
+ .
+ 1. Source Code.
+ .
+ The "source code" for a work means the preferred form of the work
+ for making modifications to it. "Object code" means any non-source
+ form of a work.
+ .
+ A "Standard Interface" means an interface that either is an official
+ standard defined by a recognized standards body, or, in the case of
+ interfaces specified for a particular programming language, one that
+ is widely used among developers working in that language.
+ .
+ The "System Libraries" of an executable work include anything, other
+ than the work as a whole, that (a) is included in the normal form of
+ packaging a Major Component, but which is not part of that Major
+ Component, and (b) serves only to enable use of the work with that
+ Major Component, or to implement a Standard Interface for which an
+ implementation is available to the public in source code form. A
+ "Major Component", in this context, means a major essential component
+ (kernel, window system, and so on) of the specific operating system
+ (if any) on which the executable work runs, or a compiler used to
+ produce the work, or an object code interpreter used to run it.
+ .
+ The "Corresponding Source" for a work in object code form means all
+ the source code needed to generate, install, and (for an executable
+ work) run the object code and to modify the work, including scripts to
+ control those activities. However, it does not include the work's
+ System Libraries, or general-purpose tools or generally available free
+ programs which are used unmodified in performing those activities but
+ which are not part of the work. For example, Corresponding Source
+ includes interface definition files associated with source files for
+ the work, and the source code for shared libraries and dynamically
+ linked subprograms that the work is specifically designed to require,
+ such as by intimate data communication or control flow between those
+ subprograms and other parts of the work.
+ .
+ The Corresponding Source need not include anything that users
+ can regenerate automatically from other parts of the Corresponding
+ Source.
+ .
+ The Corresponding Source for a work in source code form is that
+ same work.
+ .
+ 2. Basic Permissions.
+ .
+ All rights granted under this License are granted for the term of
+ copyright on the Program, and are irrevocable provided the stated
+ conditions are met. This License explicitly affirms your unlimited
+ permission to run the unmodified Program. The output from running a
+ covered work is covered by this License only if the output, given its
+ content, constitutes a covered work. This License acknowledges your
+ rights of fair use or other equivalent, as provided by copyright law.
+ .
+ You may make, run and propagate covered works that you do not
+ convey, without conditions so long as your license otherwise remains
+ in force. You may convey covered works to others for the sole purpose
+ of having them make modifications exclusively for you, or provide you
+ with facilities for running those works, provided that you comply with
+ the terms of this License in conveying all material for which you do
+ not control copyright. Those thus making or running the covered works
+ for you must do so exclusively on your behalf, under your direction
+ and control, on terms that prohibit them from making any copies of
+ your copyrighted material outside their relationship with you.
+ .
+ Conveying under any other circumstances is permitted solely under
+ the conditions stated below. Sublicensing is not allowed; section 10
+ makes it unnecessary.
+ .
+ 3. Protecting Users' Legal Rights From Anti-Circumvention Law.
+ .
+ No covered work shall be deemed part of an effective technological
+ measure under any applicable law fulfilling obligations under article
+ 11 of the WIPO copyright treaty adopted on 20 December 1996, or
+ similar laws prohibiting or restricting circumvention of such
+ measures.
+ .
+ When you convey a covered work, you waive any legal power to forbid
+ circumvention of technological measures to the extent such circumvention
+ is effected by exercising rights under this License with respect to
+ the covered work, and you disclaim any intention to limit operation or
+ modification of the work as a means of enforcing, against the work's
+ users, your or third parties' legal rights to forbid circumvention of
+ technological measures.
+ .
+ 4. Conveying Verbatim Copies.
+ .
+ You may convey verbatim copies of the Program's source code as you
+ receive it, in any medium, provided that you conspicuously and
+ appropriately publish on each copy an appropriate copyright notice;
+ keep intact all notices stating that this License and any
+ non-permissive terms added in accord with section 7 apply to the code;
+ keep intact all notices of the absence of any warranty; and give all
+ recipients a copy of this License along with the Program.
+ .
+ You may charge any price or no price for each copy that you convey,
+ and you may offer support or warranty protection for a fee.
+ .
+ 5. Conveying Modified Source Versions.
+ .
+ You may convey a work based on the Program, or the modifications to
+ produce it from the Program, in the form of source code under the
+ terms of section 4, provided that you also meet all of these conditions:
+ .
+ a) The work must carry prominent notices stating that you modified
+ it, and giving a relevant date.
+ .
+ b) The work must carry prominent notices stating that it is
+ released under this License and any conditions added under section
+ 7. This requirement modifies the requirement in section 4 to
+ "keep intact all notices".
+ .
+ c) You must license the entire work, as a whole, under this
+ License to anyone who comes into possession of a copy. This
+ License will therefore apply, along with any applicable section 7
+ additional terms, to the whole of the work, and all its parts,
+ regardless of how they are packaged. This License gives no
+ permission to license the work in any other way, but it does not
+ invalidate such permission if you have separately received it.
+ .
+ d) If the work has interactive user interfaces, each must display
+ Appropriate Legal Notices; however, if the Program has interactive
+ interfaces that do not display Appropriate Legal Notices, your
+ work need not make them do so.
+ .
+ A compilation of a covered work with other separate and independent
+ works, which are not by their nature extensions of the covered work,
+ and which are not combined with it such as to form a larger program,
+ in or on a volume of a storage or distribution medium, is called an
+ "aggregate" if the compilation and its resulting copyright are not
+ used to limit the access or legal rights of the compilation's users
+ beyond what the individual works permit. Inclusion of a covered work
+ in an aggregate does not cause this License to apply to the other
+ parts of the aggregate.
+ .
+ 6. Conveying Non-Source Forms.
+ .
+ You may convey a covered work in object code form under the terms
+ of sections 4 and 5, provided that you also convey the
+ machine-readable Corresponding Source under the terms of this License,
+ in one of these ways:
+ .
+ a) Convey the object code in, or embodied in, a physical product
+ (including a physical distribution medium), accompanied by the
+ Corresponding Source fixed on a durable physical medium
+ customarily used for software interchange.
+ .
+ b) Convey the object code in, or embodied in, a physical product
+ (including a physical distribution medium), accompanied by a
+ written offer, valid for at least three years and valid for as
+ long as you offer spare parts or customer support for that product
+ model, to give anyone who possesses the object code either (1) a
+ copy of the Corresponding Source for all the software in the
+ product that is covered by this License, on a durable physical
+ medium customarily used for software interchange, for a price no
+ more than your reasonable cost of physically performing this
+ conveying of source, or (2) access to copy the
+ Corresponding Source from a network server at no charge.
+ .
+ c) Convey individual copies of the object code with a copy of the
+ written offer to provide the Corresponding Source. This
+ alternative is allowed only occasionally and noncommercially, and
+ only if you received the object code with such an offer, in accord
+ with subsection 6b.
+ .
+ d) Convey the object code by offering access from a designated
+ place (gratis or for a charge), and offer equivalent access to the
+ Corresponding Source in the same way through the same place at no
+ further charge. You need not require recipients to copy the
+ Corresponding Source along with the object code. If the place to
+ copy the object code is a network server, the Corresponding Source
+ may be on a different server (operated by you or a third party)
+ that supports equivalent copying facilities, provided you maintain
+ clear directions next to the object code saying where to find the
+ Corresponding Source. Regardless of what server hosts the
+ Corresponding Source, you remain obligated to ensure that it is
+ available for as long as needed to satisfy these requirements.
+ .
+ e) Convey the object code using peer-to-peer transmission, provided
+ you inform other peers where the object code and Corresponding
+ Source of the work are being offered to the general public at no
+ charge under subsection 6d.
+ .
+ A separable portion of the object code, whose source code is excluded
+ from the Corresponding Source as a System Library, need not be
+ included in conveying the object code work.
+ .
+ A "User Product" is either (1) a "consumer product", which means any
+ tangible personal property which is normally used for personal, family,
+ or household purposes, or (2) anything designed or sold for incorporation
+ into a dwelling. In determining whether a product is a consumer product,
+ doubtful cases shall be resolved in favor of coverage. For a particular
+ product received by a particular user, "normally used" refers to a
+ typical or common use of that class of product, regardless of the status
+ of the particular user or of the way in which the particular user
+ actually uses, or expects or is expected to use, the product. A product
+ is a consumer product regardless of whether the product has substantial
+ commercial, industrial or non-consumer uses, unless such uses represent
+ the only significant mode of use of the product.
+ .
+ "Installation Information" for a User Product means any methods,
+ procedures, authorization keys, or other information required to install
+ and execute modified versions of a covered work in that User Product from
+ a modified version of its Corresponding Source. The information must
+ suffice to ensure that the continued functioning of the modified object
+ code is in no case prevented or interfered with solely because
+ modification has been made.
+ .
+ If you convey an object code work under this section in, or with, or
+ specifically for use in, a User Product, and the conveying occurs as
+ part of a transaction in which the right of possession and use of the
+ User Product is transferred to the recipient in perpetuity or for a
+ fixed term (regardless of how the transaction is characterized), the
+ Corresponding Source conveyed under this section must be accompanied
+ by the Installation Information. But this requirement does not apply
+ if neither you nor any third party retains the ability to install
+ modified object code on the User Product (for example, the work has
+ been installed in ROM).
+ .
+ The requirement to provide Installation Information does not include a
+ requirement to continue to provide support service, warranty, or updates
+ for a work that has been modified or installed by the recipient, or for
+ the User Product in which it has been modified or installed. Access to a
+ network may be denied when the modification itself materially and
+ adversely affects the operation of the network or violates the rules and
+ protocols for communication across the network.
+ .
+ Corresponding Source conveyed, and Installation Information provided,
+ in accord with this section must be in a format that is publicly
+ documented (and with an implementation available to the public in
+ source code form), and must require no special password or key for
+ unpacking, reading or copying.
+ .
+ 7. Additional Terms.
+ .
+ "Additional permissions" are terms that supplement the terms of this
+ License by making exceptions from one or more of its conditions.
+ Additional permissions that are applicable to the entire Program shall
+ be treated as though they were included in this License, to the extent
+ that they are valid under applicable law. If additional permissions
+ apply only to part of the Program, that part may be used separately
+ under those permissions, but the entire Program remains governed by
+ this License without regard to the additional permissions.
+ .
+ When you convey a copy of a covered work, you may at your option
+ remove any additional permissions from that copy, or from any part of
+ it. (Additional permissions may be written to require their own
+ removal in certain cases when you modify the work.) You may place
+ additional permissions on material, added by you to a covered work,
+ for which you have or can give appropriate copyright permission.
+ .
+ Notwithstanding any other provision of this License, for material you
+ add to a covered work, you may (if authorized by the copyright holders of
+ that material) supplement the terms of this License with terms:
+ .
+ a) Disclaiming warranty or limiting liability differently from the
+ terms of sections 15 and 16 of this License; or
+ .
+ b) Requiring preservation of specified reasonable legal notices or
+ author attributions in that material or in the Appropriate Legal
+ Notices displayed by works containing it; or
+ .
+ c) Prohibiting misrepresentation of the origin of that material, or
+ requiring that modified versions of such material be marked in
+ reasonable ways as different from the original version; or
+ .
+ d) Limiting the use for publicity purposes of names of licensors or
+ authors of the material; or
+ .
+ e) Declining to grant rights under trademark law for use of some
+ trade names, trademarks, or service marks; or
+ .
+ f) Requiring indemnification of licensors and authors of that
+ material by anyone who conveys the material (or modified versions of
+ it) with contractual assumptions of liability to the recipient, for
+ any liability that these contractual assumptions directly impose on
+ those licensors and authors.
+ .
+ All other non-permissive additional terms are considered "further
+ restrictions" within the meaning of section 10. If the Program as you
+ received it, or any part of it, contains a notice stating that it is
+ governed by this License along with a term that is a further
+ restriction, you may remove that term. If a license document contains
+ a further restriction but permits relicensing or conveying under this
+ License, you may add to a covered work material governed by the terms
+ of that license document, provided that the further restriction does
+ not survive such relicensing or conveying.
+ .
+ If you add terms to a covered work in accord with this section, you
+ must place, in the relevant source files, a statement of the
+ additional terms that apply to those files, or a notice indicating
+ where to find the applicable terms.
+ .
+ Additional terms, permissive or non-permissive, may be stated in the
+ form of a separately written license, or stated as exceptions;
+ the above requirements apply either way.
+ .
+ 8. Termination.
+ .
+ You may not propagate or modify a covered work except as expressly
+ provided under this License. Any attempt otherwise to propagate or
+ modify it is void, and will automatically terminate your rights under
+ this License (including any patent licenses granted under the third
+ paragraph of section 11).
+ .
+ However, if you cease all violation of this License, then your
+ license from a particular copyright holder is reinstated (a)
+ provisionally, unless and until the copyright holder explicitly and
+ finally terminates your license, and (b) permanently, if the copyright
+ holder fails to notify you of the violation by some reasonable means
+ prior to 60 days after the cessation.
+ .
+ Moreover, your license from a particular copyright holder is
+ reinstated permanently if the copyright holder notifies you of the
+ violation by some reasonable means, this is the first time you have
+ received notice of violation of this License (for any work) from that
+ copyright holder, and you cure the violation prior to 30 days after
+ your receipt of the notice.
+ .
+ Termination of your rights under this section does not terminate the
+ licenses of parties who have received copies or rights from you under
+ this License. If your rights have been terminated and not permanently
+ reinstated, you do not qualify to receive new licenses for the same
+ material under section 10.
+ .
+ 9. Acceptance Not Required for Having Copies.
+ .
+ You are not required to accept this License in order to receive or
+ run a copy of the Program. Ancillary propagation of a covered work
+ occurring solely as a consequence of using peer-to-peer transmission
+ to receive a copy likewise does not require acceptance. However,
+ nothing other than this License grants you permission to propagate or
+ modify any covered work. These actions infringe copyright if you do
+ not accept this License. Therefore, by modifying or propagating a
+ covered work, you indicate your acceptance of this License to do so.
+ .
+ 10. Automatic Licensing of Downstream Recipients.
+ .
+ Each time you convey a covered work, the recipient automatically
+ receives a license from the original licensors, to run, modify and
+ propagate that work, subject to this License. You are not responsible
+ for enforcing compliance by third parties with this License.
+ .
+ An "entity transaction" is a transaction transferring control of an
+ organization, or substantially all assets of one, or subdividing an
+ organization, or merging organizations. If propagation of a covered
+ work results from an entity transaction, each party to that
+ transaction who receives a copy of the work also receives whatever
+ licenses to the work the party's predecessor in interest had or could
+ give under the previous paragraph, plus a right to possession of the
+ Corresponding Source of the work from the predecessor in interest, if
+ the predecessor has it or can get it with reasonable efforts.
+ .
+ You may not impose any further restrictions on the exercise of the
+ rights granted or affirmed under this License. For example, you may
+ not impose a license fee, royalty, or other charge for exercise of
+ rights granted under this License, and you may not initiate litigation
+ (including a cross-claim or counterclaim in a lawsuit) alleging that
+ any patent claim is infringed by making, using, selling, offering for
+ sale, or importing the Program or any portion of it.
+ .
+ 11. Patents.
+ .
+ A "contributor" is a copyright holder who authorizes use under this
+ License of the Program or a work on which the Program is based. The
+ work thus licensed is called the contributor's "contributor version".
+ .
+ A contributor's "essential patent claims" are all patent claims
+ owned or controlled by the contributor, whether already acquired or
+ hereafter acquired, that would be infringed by some manner, permitted
+ by this License, of making, using, or selling its contributor version,
+ but do not include claims that would be infringed only as a
+ consequence of further modification of the contributor version. For
+ purposes of this definition, "control" includes the right to grant
+ patent sublicenses in a manner consistent with the requirements of
+ this License.
+ .
+ Each contributor grants you a non-exclusive, worldwide, royalty-free
+ patent license under the contributor's essential patent claims, to
+ make, use, sell, offer for sale, import and otherwise run, modify and
+ propagate the contents of its contributor version.
+ .
+ In the following three paragraphs, a "patent license" is any express
+ agreement or commitment, however denominated, not to enforce a patent
+ (such as an express permission to practice a patent or covenant not to
+ sue for patent infringement). To "grant" such a patent license to a
+ party means to make such an agreement or commitment not to enforce a
+ patent against the party.
+ .
+ If you convey a covered work, knowingly relying on a patent license,
+ and the Corresponding Source of the work is not available for anyone
+ to copy, free of charge and under the terms of this License, through a
+ publicly available network server or other readily accessible means,
+ then you must either (1) cause the Corresponding Source to be so
+ available, or (2) arrange to deprive yourself of the benefit of the
+ patent license for this particular work, or (3) arrange, in a manner
+ consistent with the requirements of this License, to extend the patent
+ license to downstream recipients. "Knowingly relying" means you have
+ actual knowledge that, but for the patent license, your conveying the
+ covered work in a country, or your recipient's use of the covered work
+ in a country, would infringe one or more identifiable patents in that
+ country that you have reason to believe are valid.
+ .
+ If, pursuant to or in connection with a single transaction or
+ arrangement, you convey, or propagate by procuring conveyance of, a
+ covered work, and grant a patent license to some of the parties
+ receiving the covered work authorizing them to use, propagate, modify
+ or convey a specific copy of the covered work, then the patent license
+ you grant is automatically extended to all recipients of the covered
+ work and works based on it.
+ .
+ A patent license is "discriminatory" if it does not include within
+ the scope of its coverage, prohibits the exercise of, or is
+ conditioned on the non-exercise of one or more of the rights that are
+ specifically granted under this License. You may not convey a covered
+ work if you are a party to an arrangement with a third party that is
+ in the business of distributing software, under which you make payment
+ to the third party based on the extent of your activity of conveying
+ the work, and under which the third party grants, to any of the
+ parties who would receive the covered work from you, a discriminatory
+ patent license (a) in connection with copies of the covered work
+ conveyed by you (or copies made from those copies), or (b) primarily
+ for and in connection with specific products or compilations that
+ contain the covered work, unless you entered into that arrangement,
+ or that patent license was granted, prior to 28 March 2007.
+ .
+ Nothing in this License shall be construed as excluding or limiting
+ any implied license or other defenses to infringement that may
+ otherwise be available to you under applicable patent law.
+ .
+ 12. No Surrender of Others' Freedom.
+ .
+ If conditions are imposed on you (whether by court order, agreement or
+ otherwise) that contradict the conditions of this License, they do not
+ excuse you from the conditions of this License. If you cannot convey a
+ covered work so as to satisfy simultaneously your obligations under this
+ License and any other pertinent obligations, then as a consequence you may
+ not convey it at all. For example, if you agree to terms that obligate you
+ to collect a royalty for further conveying from those to whom you convey
+ the Program, the only way you could satisfy both those terms and this
+ License would be to refrain entirely from conveying the Program.
+ .
+ 13. Remote Network Interaction; Use with the GNU General Public License.
+ .
+ Notwithstanding any other provision of this License, if you modify the
+ Program, your modified version must prominently offer all users
+ interacting with it remotely through a computer network (if your version
+ supports such interaction) an opportunity to receive the Corresponding
+ Source of your version by providing access to the Corresponding Source
+ from a network server at no charge, through some standard or customary
+ means of facilitating copying of software. This Corresponding Source
+ shall include the Corresponding Source for any work covered by version 3
+ of the GNU General Public License that is incorporated pursuant to the
+ following paragraph.
+ .
+ Notwithstanding any other provision of this License, you have
+ permission to link or combine any covered work with a work licensed
+ under version 3 of the GNU General Public License into a single
+ combined work, and to convey the resulting work. The terms of this
+ License will continue to apply to the part which is the covered work,
+ but the work with which it is combined will remain governed by version
+ 3 of the GNU General Public License.
+ .
+ 14. Revised Versions of this License.
+ .
+ The Free Software Foundation may publish revised and/or new versions of
+ the GNU Affero General Public License from time to time. Such new versions
+ will be similar in spirit to the present version, but may differ in detail to
+ address new problems or concerns.
+ .
+ Each version is given a distinguishing version number. If the
+ Program specifies that a certain numbered version of the GNU Affero General
+ Public License "or any later version" applies to it, you have the
+ option of following the terms and conditions either of that numbered
+ version or of any later version published by the Free Software
+ Foundation. If the Program does not specify a version number of the
+ GNU Affero General Public License, you may choose any version ever published
+ by the Free Software Foundation.
+ .
+ If the Program specifies that a proxy can decide which future
+ versions of the GNU Affero General Public License can be used, that proxy's
+ public statement of acceptance of a version permanently authorizes you
+ to choose that version for the Program.
+ .
+ Later license versions may give you additional or different
+ permissions. However, no additional obligations are imposed on any
+ author or copyright holder as a result of your choosing to follow a
+ later version.
+ .
+ 15. Disclaimer of Warranty.
+ .
+ THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY
+ APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT
+ HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY
+ OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO,
+ THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM
+ IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF
+ ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
+ .
+ 16. Limitation of Liability.
+ .
+ IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
+ WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS
+ THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY
+ GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE
+ USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF
+ DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD
+ PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS),
+ EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF
+ SUCH DAMAGES.
+ .
+ 17. Interpretation of Sections 15 and 16.
+ .
+ If the disclaimer of warranty and limitation of liability provided
+ above cannot be given local legal effect according to their terms,
+ reviewing courts shall apply local law that most closely approximates
+ an absolute waiver of all civil liability in connection with the
+ Program, unless a warranty or assumption of liability accompanies a
+ copy of the Program in return for a fee.
+ .
+ END OF TERMS AND CONDITIONS
+ .
+ How to Apply These Terms to Your New Programs
+ .
+ If you develop a new program, and you want it to be of the greatest
+ possible use to the public, the best way to achieve this is to make it
+ free software which everyone can redistribute and change under these terms.
+ .
+ To do so, attach the following notices to the program. It is safest
+ to attach them to the start of each source file to most effectively
+ state the exclusion of warranty; and each file should have at least
+ the "copyright" line and a pointer to where the full notice is found.
+ .
+ <one line to give the program's name and a brief idea of what it does.>
+ Copyright (C) <year> <name of author>
+ .
+ This program is free software: you can redistribute it and/or modify
+ it under the terms of the GNU Affero General Public License as published by
+ the Free Software Foundation, either version 3 of the License, or
+ (at your option) any later version.
+ .
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU Affero General Public License for more details.
+ .
+ You should have received a copy of the GNU Affero General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+ .
+ Also add information on how to contact you by electronic and paper mail.
+ .
+ If your software can interact with users remotely through a computer
+ network, you should also make sure that it provides a way for users to
+ get its source. For example, if your program is a web application, its
+ interface could display a "Source" link that leads users to an archive
+ of the code. There are many ways you could offer source, and different
+ solutions will be better for different programs; see section 13 for the
+ specific requirements.
+ .
+ You should also get your employer (if you work as a programmer) or school,
+ if any, to sign a "copyright disclaimer" for the program, if necessary.
+ For more information on this, and how to apply and follow the GNU AGPL, see
+ <http://www.gnu.org/licenses/>.
diff --git a/debian/db/install/pgsql b/debian/db/install/pgsql
new file mode 100755
index 0000000..d61008c
--- /dev/null
+++ b/debian/db/install/pgsql
@@ -0,0 +1,78 @@
+#!/bin/sh
+
+set -eu
+
+# get database settings from dbconfig-common and configure
+# for ADMINISTRATIVE access
+if [ -f /etc/dbconfig-common/anastasis.conf ]; then
+ . /etc/dbconfig-common/anastasis.conf
+ case "$dbc_dbtype" in
+ pgsql)
+ anastasis-config -w \
+ -c /etc/anastasis.conf \
+ -s "stasis-postgres" \
+ -o "CONFIG" \
+ -V "postgres:///$dbc_dbname"
+ anastasis-config -w \
+ -c /etc/anastasis.conf \
+ -s "anastasis" \
+ -o "DB" \
+ -V "postgres"
+ ;;
+ sqlite3)
+ # Later: use something like:
+ # sqlite:///$DATA_DIR/merchant.db
+ # But for now, sqlite is unsupported:
+ echo "Unsupported database type $dbc_type."
+ exit 1
+ ;;
+ "")
+ ;;
+ *)
+ echo "Unsupported database type $dbc_type."
+ exit 1
+ ;;
+ esac
+fi
+
+# Run database initialization logic
+sudo -u postgres anastasis-dbinit -c /etc/anastasis.conf
+
+
+# get database settings from dbconfig-common and configure
+# for service access!
+if [ -f /etc/dbconfig-common/anastasis.conf ]; then
+ . /etc/dbconfig-common/anastasis.conf
+ case "$dbc_dbtype" in
+ pgsql)
+ echo "GRANT INSERT, SELECT, UPDATE, DELETE ON ALL TABLES IN SCHEMA public TO \"$dbc_dbuser\";" \
+ | sudo -u postgres psql "postgres:///$dbc_dbname"
+ echo "GRANT SELECT, UPDATE ON ALL SEQUENCES IN SCHEMA public TO \"$dbc_dbuser\";" \
+ | sudo -u postgres psql "postgres:///$dbc_dbname"
+
+ anastasis-config -w \
+ -c /etc/anastasis.conf \
+ -s "stasis-postgres" \
+ -o "CONFIG" \
+ -V "postgres://$dbc_dbuser:$dbc_dbpass@$dbc_dbserver/$dbc_dbname"
+ anastasis-config -w \
+ -c /etc/anastasis.conf \
+ -s "anastasis" \
+ -o "DB" \
+ -V "postgres"
+ ;;
+ sqlite3)
+ # Later: use something like:
+ # sqlite:///$DATA_DIR/merchant.db
+ # But for now, sqlite is unsupported:
+ echo "Unsupported database type $dbc_type."
+ exit 1
+ ;;
+ "")
+ ;;
+ *)
+ echo "Unsupported database type $dbc_type."
+ exit 1
+ ;;
+ esac
+fi
diff --git a/debian/etc/taler/conf.d/anastasis.conf b/debian/etc/taler/conf.d/anastasis.conf
new file mode 100644
index 0000000..96b66b3
--- /dev/null
+++ b/debian/etc/taler/conf.d/anastasis.conf
@@ -0,0 +1,2 @@
+[anastasis]
+DATABASE = postgres
diff --git a/debian/libanastasis-dev.install b/debian/libanastasis-dev.install
new file mode 100644
index 0000000..38d21e9
--- /dev/null
+++ b/debian/libanastasis-dev.install
@@ -0,0 +1,2 @@
+usr/include
+usr/lib/*/libanastasistesting.* \ No newline at end of file
diff --git a/debian/libanastasis.docs b/debian/libanastasis.docs
new file mode 100644
index 0000000..62deb04
--- /dev/null
+++ b/debian/libanastasis.docs
@@ -0,0 +1 @@
+AUTHORS
diff --git a/debian/libanastasis.install b/debian/libanastasis.install
new file mode 100644
index 0000000..482c865
--- /dev/null
+++ b/debian/libanastasis.install
@@ -0,0 +1,4 @@
+usr/lib/*/libanastasis.so*
+usr/lib/*/libanastasis*.so*
+usr/share/anastasis/redux.*
+usr/share/info/anastasis*
diff --git a/debian/po/POTFILES.in b/debian/po/POTFILES.in
new file mode 100644
index 0000000..c70621f
--- /dev/null
+++ b/debian/po/POTFILES.in
@@ -0,0 +1 @@
+[type: gettext/rfc822deb] anastasis.templates
diff --git a/debian/rules b/debian/rules
new file mode 100755
index 0000000..6d2058a
--- /dev/null
+++ b/debian/rules
@@ -0,0 +1,39 @@
+#!/usr/bin/make -f
+
+SHELL := sh -e
+
+include /usr/share/dpkg/architecture.mk
+
+%:
+ dh ${@}
+
+override_dh_auto_configure-arch:
+ dh_auto_configure -- --disable-rpath --with-microhttpd=yes $(shell dpkg-buildflags --export=configure)
+
+override_dh_auto_configure-indep:
+
+override_dh_auto_build-indep:
+
+override_dh_auto_test:
+ # Disabling test suite, incomplete
+
+override_dh_auto_install-arch:
+ dh_auto_install
+
+ # Removing useless files
+ rm -f debian/tmp/usr/lib/$(DEB_HOST_MULTIARCH)/*.la \
+ debian/tmp/usr/lib/$(DEB_HOST_MULTIARCH)/anastasis/*.la \
+ debian/tmp/usr/share/doc/anastasis/COPYING
+
+override_dh_auto_install-indep:
+
+override_dh_auto_clean:
+ dh_auto_clean
+
+# Remove files already present in libtalerexchange from main taler-exchange package
+override_dh_install:
+ dh_install
+ cd debian/libanastasis-dev; find . -type f,l -exec rm -f ../anastasis-httpd/{} \;
+ cd debian/anastasis-cli; find . -type f -exec rm -f ../anastasis-httpd/{} \;
+ cd debian/libanastasis-dev; find . -type f,l -exec rm -f ../libanastasis/{} \;
+ cd debian/libanastasis; find . -type f,l -exec rm -f ../anastasis-httpd/{} \;
diff --git a/debian/source/format b/debian/source/format
new file mode 100644
index 0000000..163aaf8
--- /dev/null
+++ b/debian/source/format
@@ -0,0 +1 @@
+3.0 (quilt)
diff --git a/debian/source/options b/debian/source/options
new file mode 100644
index 0000000..e928a91
--- /dev/null
+++ b/debian/source/options
@@ -0,0 +1,3 @@
+extend-diff-ignore = "^(config\.sub|config\.guess|Makefile)$"
+
+
diff --git a/debian/upstream/metadata b/debian/upstream/metadata
new file mode 100644
index 0000000..be7ec13
--- /dev/null
+++ b/debian/upstream/metadata
@@ -0,0 +1,4 @@
+Bug-Submit: https://bugs.taler.net/
+Documentation: https://docs.taler.net/
+Repository: git.taler.net/anastasis.git
+Repository-Browse: https://git.taler.net/anastasis.git
diff --git a/debian/upstream/signing-key.asc b/debian/upstream/signing-key.asc
new file mode 100644
index 0000000..d70f731
--- /dev/null
+++ b/debian/upstream/signing-key.asc
@@ -0,0 +1,637 @@
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+
+mQINBFSG/g0BEADfUtc2WA8+OWiNVuNuaU5CIFB/6Netaem0tXAc5VF8c/Dr/Bbt
+eSG4ZAWgCGioO/sqQ08XbYSdot1/zybFqAaD2Tlz99+GFLDYSMSDv6SkaAww0cGb
+objkAO3h1ojeR8gwj2+V2DuM9VLsmB0ITH3zXlLg1wbDUeIpOtk12DWqOTFN0v6x
+hV3JVdFsMmiM21iyo14FIxZmRTJulrwQFi/LcrUR7kDSjuwv3GzmVy6KSArri6fS
+Zec4os6WJM69+N3kV3SwoWxjikfUodaF+kOMXRyfEDX2ebyvveIvMl2BxNu7JUnF
+Y0AHXnxeNbfkpLCuFnH4cVvK14I+hHOa/JTnF77f7sWb+E0588YLL7geWucJfw94
+OzM1z4l/BLSyYiY3PJWRUHwkY7FV3cQGgTfrvbX3afa9Vi2bKHbgsgnOpe55FFJT
+RhZlGJMrgeNsoRKeivFaSa3HLhkV56VG268IM7iao+soVfeWKTOOSQGVeG6VrY7M
+UjhNfBbYfuSOW9CdF3p3XbI8DF68id0OQRUIihS42+kSGCZVY31Mx8+bZj+7+Qhs
+hZrARdrdmDg5IvJykEpn7aKpfyhf1sCfu/gwrpZ90IcaYoeafk6qWcf8JL+5VYHe
+wWjfZ7pFtlurt+hlrdNbqDQ9oHtIsevbgsPlh40BZ0kv2vLK5b+hQ5gd3QARAQAB
+tCtDaHJpc3RpYW4gR3JvdGhvZmYgPGNocmlzdGlhbkBncm90aG9mZi5vcmc+iQI4
+BBMBAgAiBQJUhv4NAhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRCTnmvh
+4p/DzBgKEACH0CAulDnMvk5hh9Ndu2QvHDAfKWtoj2NsMFw8YCC+Jb5PqmDL8Ddn
+ddRWrVxEfYf2DnHQI/wiy0HUJaZQstyHUbENtC2kC+HtQAiQlZyb6qL2ByuQfg8Z
+bSJYc7hdwSPRt52qXTMh6TPAzoHEWeEWUmYtQTsRna55A6Zo8HnKzLmspq03kx8w
+MjO/xtfRzToQNNTNh3Yg5F59sMUqiycrJxuF+y2L3jQLphEWg+yXjak3ruX3Rc4H
+pBqdPV36LQ5K+BZp8bzb0Ph2BDZ3t7SFI3SzCAlPl+R+lBtElwe367db+rRo4YPA
+bPchWXgZ7GIq+t7mVr4dffePEkdFVP8obR8mRtnnhx9Jvsi+6HYSsiBZ/csj1kRO
+XdtTrY56nc0maWLqVdvrwDlfrWNZxc7doUWBz0nB7VenzDIuBPCiV+jbafXNtNlu
+drjt0RYGvmnad3TMXxQbJsSmpDjSPAeZfaPtZC77BKt4yY2TvQJL9ZuPh7v59UXB
+wjJAiEP1YacANHExTqk1ShTVy6QNALN0eGifWkogmCtve5rQ1gkqN9TmqnCPGeyZ
+NVzz4j1W/imMRq7+MOVJcpBv0SWDpeFt13efnajdy4xFPUNXVhuIzE2CzcwdAq4f
+KG8QLvFnMN5yUo7kcjxAf4WMFkeuo8ofQNHMcFFvBaqMFWR1I0b347QoQ2hyaXN0
+aWFuIEdyb3Rob2ZmIDxncm90aG9mZkBnbnVuZXQub3JnPokCOAQTAQIAIgUCVIcH
+1gIbAwYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AACgkQk55r4eKfw8y6NxAAwzuB
+TvWUsBtnVjFas0n5SRdhtUnTUtAJ8z9Qe2Ab+ljao7cA4WG6OLcWYs/kd3tEUoLo
+XFERwmtRFbExKwVPcx1ffqdJhid9dK4bLd0OeKV3UElQFPMLXio4IUaF/k59HZXV
+X6MEXWDR2G/oNUXrg3Ole8mVd/093UDDoODE42W2RgBeammE5gfE6H7r+cbbKqF5
+I9Ie9ahDBGwW5HpI2cGFt+WsJaBXyBFxQDOnemQRw0PkyaE2TfkRgL0s4qxkyoYU
+vdbw7CfeA2qD4lramkJueXAcWGWP1DA0nxpbL5GQ6hnk/mi/7gZ7yztyop2DwrWE
+W1c2hLWida/grGZJwfXg7hu5Ls1RzCPB5Mqg/wmkynOapOWtvLz73G5LqWc7K6iQ
+7v3twg9enCUrcISzO/fglaf4oQ1EvMhogUu+kTn8DqiOp4lsPqLYu6Bonm90CMZ0
+amMQ1G+lDntJrxnK8MXa4p9Urb3FvR1YIa7zeDMfhHNVLO0jnK8m3S+iC4LvczCU
+xSXpj4ri+gBmS5syd5t7k7tdFpKphukY+H1Obe7wczbRXY9xOt+40jB9hYJM9wLY
+a2nePvbTAZbyV6czSb2GdhMwCFyzWDgiOQo4c+Q4LkiASWHNRM04MAj0L+MNEIOW
+opPQ3tuAx2oIbHV6yNy9ZO/JvPJI3bwc7t35hM20MENocmlzdGlhbiBHcm90aG9m
+ZiA8Y2hyaXN0aWFuLmdyb3Rob2ZmQGlucmlhLmZyPokCNgQwAQgAIBYhBNhCO8sy
+bHkHAzkpx5Oea+Hin8PMBQJZpUuHAh0AAAoJEJOea+Hin8PMyskP/jTGxVE4/9Yx
+BbqbfDlm399nP7JPdMK4rD8ERx87mlxoFWHKaRoyOf6pjHWfEGGOFReuDtVlmb5o
+RYflLjo224ehMur+Xudc65X5b5FExqv8maDXKRor2QI7X/JIB8wGxiXWQop3COiL
+lCqmI8a6RtMaoM3n+cxKcDumDNpckDgnWgtUolGsaJx8NmbeS/p4o1TYVsXwf2Du
+gdeoxEJSYUr7gZBxzI2VW0auG89sQ0/iuE5MvXthoYeECMyFazBBhkJWTtLCU+UE
+ZggLa7r1bBFVT0W87cXZ8dWYkWISJos+h70kwnjk9EFTqGlzaCgNG6GX8QqBnhOm
+zIEo7sp+i8PGsv5G0vnQeE8oVg3wxeY1xrUU5f6JBeLmIIoeG5ivC6rFzBGcV1qL
+uQ/mnhuo6SiP6kWXtKKsF2QuJHsDBnnDyLDJX9IVqumXeoTsqM18PJrv4JDOjeBJ
+wSny33ms6vOcub5CEmjrhDWLp7pgTWzIcH0fPqVxS9qop7HtMZOw0lGkyBHQLMjn
+o1/EDDE/FyUCzYhAlkvV0/3kgDSpXWRzKHb5MJmct0Z4HwfD6io4ZWkJUKqrNun9
+oDms16tKqfc3e+bylHHzM3io2rh0BfVgzot9uub8q9WWoeiRh4hwl5OUzs/+f0yA
+ab/9D4yGDi0fFO2tt8zz76UW+tTTRDqdtCVDaHJpc3RpYW4gR3JvdGhvZmYgPGdy
+b3Rob2ZmQGdudS5vcmc+iQJOBBMBCAA4FiEE2EI7yzJseQcDOSnHk55r4eKfw8wF
+AljtD1oCGwMFCwkIBwIGFQgJCgsCBBYCAwECHgECF4AACgkQk55r4eKfw8ybEBAA
+ooVs3RYP9sPdDUNdgDXtB6DxlR0kchRlWWr/HR1bRztKiV52atrAextg3PCDcKdB
+G+tdHyCkdLdtFH+wmfPXTfsmr8KiCYdZq3xq/siFSN2jARNShk46fZinosvvieNg
++NOUJXg0QKy5LdgCgWKJzqwK7rS3k/BvEeXsVUGsgJVWF1757cHJPQs/eSs4LjEk
+XT+ga1HuFhM2G9LePbsBVi87Unh2uv+uQuD+Ya8FHlXW2+IMdupTODQdqxtlYO7l
+iPK76h9yxjeCPJ26WZ1UHrG8h1a2wwyTxrpcbMYbMOZW2TjLzLB9H/lGcWN+VomU
+eymr1w9HuUPEMrKn1jNmk7LXWJOS1okvEOyV7NT7EBEJbQpzrdCLP9wUNZTciUsO
+51OO82JlnznWtzQ5DN+XeReTR2rxh/utUZszy8aqyAytkwpxO7dXBr8EOMMjZ62G
+44svOHrDuORfzgozlcRR3EQ9a0uR7nLkF2PM2pSr025ds1OneSKhxXXo2UGRhiaN
+5IqbfpwhHlVywrrCjZYjvvou+O9BWvslcqzBkUsQrU/Umu/XaTx3hRf+UFqmDBdW
+fd2u6nQEP8YR7kL9b/KhA9CH6QDOCo+0RJwj6TRA22R8qvbXXGB3XlQ3X5gvHo7U
+L+HKDhM7RLGfKWEtKGmH+glrWlG/hBdAnj1iadjOp7G0LkNocmlzdGlhbiBHcm90
+aG9mZiA8Y2hyaXN0aWFuLmdyb3Rob2ZmQGJmaC5jaD6JAk4EEwEIADgWIQTYQjvL
+Mmx5BwM5KceTnmvh4p/DzAUCWaVLdAIbAwULCQgHAgYVCAkKCwIEFgIDAQIeAQIX
+gAAKCRCTnmvh4p/DzLdBEACnbI7USar/n5GHIVVu+nA8rw5fs3qHhSVUv7zQiCkC
+kwZS5yGYC4/wo0B6IdEXnEFmijnLhCzcLlwWPqoqzI7ZLbrhxg9duPT+ntBIIuYH
+/+Nr9DIZub5MsKuwSCFcSopch9VFojauBPOnXYfxZr0UI+bY0DpLUu9tgrA6nmJe
+x9Mre5RYS0pxIMv3ZlHXsW+PkJ1dVJisqJ7sr5XfkADTBm+Q94L1F4Jq30ftkan9
+C2zjj8jHurwnKaP+8/bHDQTHxGHpAUc7clw/dS3iuFo79rRerlLdEdLnmziBu1YL
+VwU9CRS5H9GkGbC4XWrobBHaLu12GXZQLgLFiO4JETxkh428yAyXOcPV8YDVORU7
+49xgx+gWSIGAdv4qwjH/xov6JMYGacmzfxWUHmNlW5CBJ7P5Rc6ktKqXffCdiSRw
+NX0F16LeiFxFNeSFFXK3jQfrIDdh2qmcv3bELmgJtMSorBBMecx4XZINXixLT+NO
+Qh8B/pKUXbS9+jvngQORIuDcZxtc81DJP1V7jOU+X9ywpSoX8bJoFDAA36Zn57/Y
+wTxo++6kM4i1WX4XF9NCH5HVlWHDcwQuAOkpEIGV5p0cNbm17VSPrMorr0W4IHeW
+OUoFyOlBGWSmXBRwI0iF+nE1XUj8iKirQ3TaUZrWTZPgt4/+mdCUNqqooj5jytR2
+wLkCDQRUhv4NARAAoi0SvMUnd5XSZVSmbwfge2p9KeGVVcaz99fgrUTgCwfovVd1
+MEXh8FCtxja4xZiuwSGUARuPAXpzhcK1L9vai25GV+y4SALp3wg1/GrsHtEsm+wm
+7AeIq0utXnjfnUzfliIIKwt0aGW/zGp/8rHNKh7JVUo0mPSMQfe+6tE2XOnuGDHj
+1ZyZalmBjVLJYMwsI0tfAzU1fa0MOSnhvyP5TFFj6PWKSajEOsFuIR/zceZFtJbN
+24lbXYwohBDBY2Ajb0y8uYBi/h350UY2mwjKHYM3mxJD3AogWIBz5HD+ueWGUTBp
+KwLYmN7zVxDMdL7FqGonSw9NV1XxJ3IN1DYPPdFKStRIUiSMzyj/pp6410ms+N1M
+tPXDIDdcOcmNHqcnkWqBYHXGi+sYyFpe+825N75dotpEipCnIcTCBjn3RdqFOzT4
++airtL7eOkzmooqtPwvNO+4Uza8+W1PLibXqXWqD0uyi1Wn29asF+uOEfNA4TpTX
+T6Df5B1X88eoHccCpPUhiNqs7dX1ye78m9oicD9IoXj3PZ0le2tHXuFclXjuffpO
+W6Wt+rbqMrFp4LA4H4UXafai9B5F1JMp+xdK+V0YUT0aQSZwdHyvNsGReRnuuZKH
+be0xokpVM+ndra2EpsV0C3csoDOWyu7yjUyFeTfAlYBb8rn8WuLnT8xzSJEAEQEA
+AYkCHwQYAQIACQUCVIb+DQIbDAAKCRCTnmvh4p/DzKGQD/wLhO70IEI06MqaP41i
+m4X7suk4zGOAcBXAcsZONq450CA/WHvoMKFoCPHfoC4e1jsoifG8+emfTQhWKwW3
+a5G/H90a8lY8pH9tqkVUPds5m6fbWf16xkWUQpH8QQyLwhBIF8onclrDWAHPflpn
+Wp+wso1vxN+WRh5vL1k8dpQLUkOBmE1ovl79/z1zzOYDkOWdQ1crU2EbOXalCmOA
+SmiFhWiYk2aosBxbzGX0JKX5NyIUzz56i9vDYqjkDFYcMMx1Z9YXsvTjglMwnIfw
+PmvBBgQlwqg+LOts7XF0ZoBZ3NBLpIES0wheVjXtG/T7kZey7XABVbxK2B4mIRFI
+vXnHbTEGzSyY7hLCshyCMQTDCoHDOKiNZmteqhHU4zXVgyhrxkYG9iIDj9yb6PCj
+aFwgp42rz0lLqTgmpDEIrz1MaCglhTB68wTsHYx3SH+ClNGmgWTa8dS+l/s0hgE+
+WknVGn6ShMkdyYLn3QxTRhZSmRv2hG7AYSemtLxi4lLoJ3kDHLMYAponhzxLYOtc
+8IyNrrRU4Tj4keG2ssHSkC9kDIMqzX53ObGkVWN6Rvu+pmZ9iumrNqI/4PyrPi3m
+OE7ooIkh1L/MEu2cLNWaTG5QmOK0VtYN+3G2qzcjKEpQPIDgRdZ6i7fO6jgb0iy1
+UJUbAoLQgUTaX99KUKeyCuiGUA==
+=17vI
+-----END PGP PUBLIC KEY BLOCK-----
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+
+mQINBFj7l1QBEAC7WLUVNL9eQM9EpD4eTTBxs9W8IvCnZs3nT8cNm/a0rMBx4Vfk
++TKtI4tPbJRoM0GPMEUy0cyIztm7kSCcxJTgm8OIjIqloH0kL3YKqryQ0d1NHdgI
+z6zgBKLvbldG8+vQensMQm9D2xCDeBQGWACyyvtXsU35PeTmbW7GmYc9d2bwDWLH
+poO7GdMOQYETP8VOPUxtRoyJ2oSTPkHt/TFIAKEIEuVwPb4e+0XoRNdkdEebcjKv
+FW9hLJG4Cy5ur0GrQs21KlT/Yoz65MgK3jNrb9WJG8XBVAYxUq95FjD88ECIskRY
+KU8PM117MujSCOARh+jYUwG/m4Cz2atP3UOVkBGor21T9GF+KACiO/FTQboout0Y
++mwxyJkWQC+dZyg6oeZDa0mxCj1TO/1o9E/drgrxya3i9P5WVp8Ab6vAV9tk0jtd
+O7gqqqJGwW4hSBbcaYcZrST14EE7Xhc90f4lI8wYB1opC9lNstIbCF/5WPZBr3JQ
+/VQTdqk+b6W2XtpPqrPN9D43/aAlr7phgLlQWoUQYsYTjkx/CvrxK2davLtuvlov
+yzNZzsA/tm7+CBquY1rnaZfy+d61gsPj+9VXYc0edUPCCGPKI5m7XztFCAYRG6av
+yJT0vVsZDaXYwkSrx54D/rLGF/1dBavWApikLQER+CVyzO4dAJ9oGh+XNQARAQAB
+tAxuZzBAZnNmZS5vcmeJAlQEEwEKAD4CGwMFCwkIBwMFFQoJCAsFFgMCAQACHgEC
+F4AWIQSojIrdEpgo1+rALlLiL5u/7jSFiAUCWnZKwAUJBVOD6wAKCRDiL5u/7jSF
+iHgoD/49sgbWjXHVCa2O/bs5OWb0QaF1WMS+4fJkemkuvb4HqyzreSYPim6yIbx8
+/X2MaNeSvOZCMAvLKFfkqWm2B6Jngvxf+ZtVWrK895QXQoOZd5E91qb/zR0g/T5H
+K0GviRWAvL52+P2yfj7tswOq1Txdes+azwd6+yYUC1Fue50q/psoxXhfKib5NjPp
+4OGnx2YotAAdYrMBSQXDd5xYEt2OtzqwlQ8tsU+zeymzicPMEK2HdqBWRub4Y1O2
+bYmQ983iak/mrXBxOx6kbjXZBoMrYG/27JF/W8nrxLLIBqWvuWmnQcjs+5AQETdq
+be5+wsu2hiLtyi576vsvlR3kz4XYntD2Uhe7xJ7uR970suk5/fYSr5XpF0Cj0NCu
+9iFr/VTyFLKW2Wb9oiUbriE4jvlfIgw7JeT1C/3aRkbjyqDd9zwDHIFPQwBca0BL
+pAKyjGjx4QNDiTTZLvj0JL88Deikc/RVqn8AgjsuviVX/5xiQ8wX54UKiz4WpfY7
+ENgBkogg0WF8raxSHihBRlrcA2otlw+UUz64Uw6R4yMmemUEBl6/VMr/vB7+KykP
+Jxek8hb53fHEpCDcmniiwLK3ZaQz/VQ4HarCVVucc/oFB3XZuR55P1zhfcXf9JpS
+I5wvCmpkInPqav1aSKVLFdZY3eOlew7p/1aQNeF+ZaftGdLLX7QObmcwQGtyb3Nv
+cy5vcmeJAkQEMAEKAC4WIQSojIrdEpgo1+rALlLiL5u/7jSFiAUCWyLJ/RAdIGRv
+bWFpbiBleHBpcmVkAAoJEOIvm7/uNIWINNIP/1mJWlL6HfVJUy5L2mzsvdJZ3B/7
+9FZqb0YnP13HzPkPHjPKYgSAHRa8rGqn9UY/1nA5wYqXbnAqZJahO/zik9vd607Q
+kKZuYahqnymQOihNI4eWB99uSIdxrMGwh/HzJVzE8fhZld19az9KcVGf9KOl7Pl8
+be87mP6qkInrEt6QoyvrXwcZU6fOpEDRje4GGGRFry9FyLFE1UcICMpU2thSukym
+ziaamww7HjWtrw55cU7PaY+qWqH+MwLuyqt5jHGEsMaQHhkZCGHJn6sQ7Ci6DyhY
+JpOUgPgDzeTCzLIJrxrAiK6lwGel4aj6JhoXvQaYUZId27l/W9ItrhCRp9kDXza7
+yYoLO0ekqtpN/WpBWuXatwTaLk/zeJFdYdpQ+Hk7dlgTWhTPWhwQaUTbP8jqtjzG
+I7/Gq5EIG6r+6j/WFcKg7D4MrYQel9q9Sgx9oGLEtZgteK0wo+A3U2oIPugXWQeE
+5alpSIurNcsEAFowrGf/qd2JzImoI1zaJQbz0o/h5cxTOuWH3CbbPQ3BBSrM8Sqy
+evMFsfaAOpIqL3n69rlHaxn1cHaRYM8JcazFlp89pbqZ1Q4ZRFp7+8oO+KPThg5g
+sqizrOxKjXnWJX78qczBIEzD+KHGn4avsRgIsT1Ciz+ctjUiJvAZ4bcHpLwY3SFW
+jxpvlruI/XlZm6FjtA9uZzBAbGliZXJ0YWQucHeJAmcEMAEKAFEWIQSojIrdEpgo
+1+rALlLiL5u/7jSFiAUCWUKqDjMdIFRoaXMgZG9tYWluIGlzIHNjaGVkdWxlZCBm
+b3IgdGVybWluYXRpb24gaW4gMjAxOC4ACgkQ4i+bv+40hYiREA//SsIg/4Gfl4B/
+346bW5Gezh/Y0VqinNqFu/XG9HAuQ0AWNxr5hbFWNAZWEb2NUMiy+lMhNtJQYqpY
+Vsxmfcv1lM1xd+kyeOAjEdLI/TnnxrKI+eN8RgWNvtnfDoukOFm+aDP9DiyMdciS
+1GYgy/SrPnp+jxAMvjZ48prZPy8zEAiU0uBvYYlSHt4YqEr2XfJr1Sh2gs/ZYLE0
+2/8HKkEPAWYPk6dqeh1HITA4WOGPq4k+nTK/uHmm8WPVbsz8syOXGudn+vP6X4Lw
+7adoufVTbbr/0KP1N0f5kzk2WVL1y7l24W14ixQWQSH1GwcItj1Oin42JJ2ezHkr
+FVMCCbR8QhJxOlg+VCQkfHsY+gnbQGLW3bcMfQSXpLR8w/octEgOSkDHUTw93aNy
+IBZyZy6IlUVgjsUq+G9naQr2Jj44B7LaRYyanQFbuDT/vZ3nx1k4VvjzIXpMcLGr
+Jiq6keOSqVgVeBdSRcqVKwJEzmwmVVPPWsw1efaOID/CINAHvhe2h13CPFWQCGPS
+pk64NN1vEqxi1uGP4QdBrlLbVweusLNOHo9wksriSbs+Xj47n+Tr1gx1XezRYf13
+VhaaHYolbKYMR8fheCzMNgNw2VuP0RnYgIpVkk3p0roAqoWzlPIUjQnKxVoA9ITY
+MAPefuhM4qhRnW92egjSbHqOMj0PPS60Em5nQHByYWdtYXRpcXVlLnh5eokCVQQw
+AQoAPxYhBKiMit0SmCjX6sAuUuIvm7/uNIWIBQJZQqpNIR0gVGhpcyBkb21haW4g
+aXMgYmVpbmcgZmFkZWQgb3V0LgAKCRDiL5u/7jSFiNxrD/4n75Ymlm0fLwG4B8U8
+w3xidcxS6yewOyZJKYrVtd7MDFrOHf89FytCvXDj4LbGP/KfCyHTvUBaQEFUYM9g
+1sx7v5m5V5SijHMCg3zJ63Lrxe5/lWM/O6Y5jiRtilOqzDI5CGqEHDohVbzfULZd
+9izyWQcZ3CGye7yrdp6LYDw/cMqgh1d56kuMXYyLcXgrUXeH9wQkaw1TJfWPSCvI
+JfESu/PJQ4TviBXZRfBuvDnjjbdYXvOCR3vQhSSuU8SX7f6wYNEBkWEj4Maj/HWJ
+x+442yzCzYb+Ix4ChJfjCLRtXs9OYcu4jT/9gxkPQISmjpjLGfSG5XcNcHirqxcs
+poT23LkSxB2pvtCw1MwAJHtk2o155Q2ZB+Kfu0fL74A/EpsilOHSym62ELkrude3
+Cy3x3kGFbRkwZd2tXbVlhgbnsl+YznXV+Mmx+pAoPvPtuzy/17yAbqhR5N5u3rC6
+hbZME/YCkoMns4+Dcab8iCxJl/UYYeCGwllbPMlzzvZ2SjRofNJ/5hydGg+dcPN/
+f7Nuh7bwN57vUSEatHdpqehi7avC7v1l6Xgijf1cN7nCM2JvDg9tR5G+fTOnQaU4
+0tpWYQNSpsYdLTs+M7QEzfH+jfS7tEhtdmyUkwWWudzKLPmSIVKYqWNytiJuFXdK
+j5+3tSfFLiCd3/piKn240L+GDbQTbmcwQHByYWdtYXRpcXVlLnh5eokCWAQwAQoA
+QhYhBKiMit0SmCjX6sAuUuIvm7/uNIWIBQJZUuYtJB0gYWRkcmVzc2VzIHdpbGwg
+YmUgbm8gbG9uZ2VyIGFjdGl2ZQAKCRDiL5u/7jSFiCDvEACM2rM9zS7DUPHQ+dCF
+hH9c6ZcfdFQ0lzCT6DEZJs/PKhX0Ofgm/7BZm5zNotWaPyphHNspFrIv90EwPpBu
+XZfPbmewDpYxOuUMTCnHVMLzIXCmKqro1K6ofi9CvAm1kx0k/xKjB3c7XITnABy6
+sUhEKVojI6f4IgwkSYFZgT6E/GOV5jJYRyVUB49cXYQx5vvWj5yVTmTTDf1IUEsk
+ZpW74+zFt3WA4TJUugAarXPiEPPrcgkHDLAa9oPatyqAd4QU+0oaQuJC4GYfkIHk
+6fxZg0Mw+oKUjJEE0+o/WGv3SWSmd66urRcVxHASI6okeffz5ufGaYJNZTaHMmy6
+ztJJWfplhMe3wxLxZ1S7L3l947GbHgWXrC31kDY1D2LY5/7pr7R38B94CXbX2EIf
+ORWg4eUWvVfuPZ5Ew1TmUwcDS2w4EeS2psGfmUDbne5m4nn0iPPykXtw28ZbH7bN
+n9rTwW3yVIdyiDUvGlV63Os4tHVtbrFADKd1meFaMmg1gagdYof4lB50Vh5ChD6o
+7GkSvOshY7f4KNEfZLqCPTXmJKd3XLfb0eNY1APCYm8GI30K8OT8cdJwy3+zA7Oj
+/Duvo95pCyXx0+4xpo2eM2XPDdeVdMOkpGyFnKo3ApRMW5HHkw7sdpaNDwmtV9Wk
+RMBRAKXkvjnirKO6ZxTaIBUDIrQUa3Jvc29zQGF1dGlzdGljaS5vcmeJAlQEEwEK
+AD4CGwMFCwkIBwMFFQoJCAsFFgMCAQACHgECF4AWIQSojIrdEpgo1+rALlLiL5u/
+7jSFiAUCWnZKwAUJBVOD6wAKCRDiL5u/7jSFiHKcEACK34todRbyC37pvOGKYSU0
+WJGtVGSCxE6fOQzUb+G5n8oq/mLg50IiQL+BPd6flRBABrJ9RDi/z4i6tmgoE8u4
+t7oTj6vuF0XLhzbQ8wUS2CgWMuf7S4s9UN9yUG+zbATPpdYXo+m6hDYJxulmv9VA
+Xwc2k9acspsk9TCRgooHucpj/iTvFO4Qlg8AiVvLRsNd1dB0FMBMOs/Pa0LoZvOr
+oJZlFZdtVKZ7IMsgTfmLpRKrVR3LxJ7S1+7TGI96KGSBmB90QSBSWxwm4nsV5R5S
+q8vEPyb92XLJc1+j5GALcwhzX5gZ6bLqKFAO9OcFhB9ETSuujf4ksmLdntAj+DEI
+I2d+s8bFapg5p9/fVfrT4BExTh3yScOxG1UPAJNTQ/bXGFYKxh2cNzaYdbxli+xe
+nGwZivmpspM594I5dE3GfPdmiTQ7Mm0BTFa7A5xi/ftGICm0xS07UJ5eDWP3gVz/
+XmfVPhh8RUAGJgoOShDOO0CMG8+oYI4SRLMYI0pRB+ujCwRJnROOw4u9ATBVnLgQ
+H134ZNx0P+PIPHHQcotmjtYrko5Wg4hOvVGVjBkD8CCiPn4VhdcgM5RiKBnYe10D
+cEtLpjxTHD81X3X4hziuq70UiW9myBjsyPY5KgozeICN+GmXXdZTJYs6WWudAwgD
+9BA7vpBDKk7JYqdwKTJVU7QUbmcwQGluZm90cm9waXF1ZS5vcmeJAlQEEwEKAD4C
+GwMFCwkIBwMFFQoJCAsFFgMCAQACHgECF4AWIQSojIrdEpgo1+rALlLiL5u/7jSF
+iAUCWnZKwAUJBVOD6wAKCRDiL5u/7jSFiAH1D/0f9ocmx5BsIiQL7j/o0zQrOpi7
+vL7RIT3ZT/UOlOiqBHlvgTAa6FyIfjxrvBDwQp6PiEnCikWmCJcHbYnEeiJoXSui
+TigmzgEbgQ7nzrZGWozwvVsmdH5XpcdGTuR2mJaUYJyNHSvPKL9pneIMGmxI7VIy
+blO8IXGXO+TMre4bGXqTmYCYMPmfqWCTBSorXWsdBth2S23Rum5d2RWK7alVrw5+
+uAgnAo7xz7e/o8P/+UuaFaJixgbyCpf8MC4FTYIU+rayjGbAN80lr1khMrXYvhfM
+9KS5CADrqncBBUZwHA4Bk+Rs9ZEm+q4EJl0lXFf3m+FSN1K4KXAxQQMrDUf/YxD7
+FNqUS9T6KloGZOdRYhZmzz4b1zXT9dCuHjtO2V809M+kpLJbIYu0PKMzyB6Lizli
+1Un0yFKb9CbZ/pVWOMLppKfZ9Sngkz+6Ppng8PMBFwO9eEwNaPP8wFH8IO7PMvqH
+MaoiMnNMeIFfSd1jIYvKdsFb33jcXFG+C4sYi066a83oxTmd9euKs+9jKzQDKqAX
++TxK+UK7W9KVbgx/9jrQ9UrGnucV50fcG2gowZrKaKvYj2jKKiGTCspKufL1fsM+
+WXjKH3M4uNeGKLyfo0c55ACBV1/C7mzHcJNuLYgfFYAgstdSiFZb6T/oN2DA8kp3
+IVirL3252Iw6mTgm/LQXam9icy5uZ0BwcmFnbWF0aXF1ZS54eXqJAloEMAEKAEQW
+IQSojIrdEpgo1+rALlLiL5u/7jSFiAUCWUKpXiYdIFRoaXMgZW1haWwgYWRkcmVz
+cyBoYXMgYmVlbiByZXZva2VkLgAKCRDiL5u/7jSFiH7OD/0T9sIrJiH9/JC3QGzU
+a2iYvMwcHulbODqP+dugZzG0o+GrUWTF41KCpNxsSBaKJhXvpKmzTMArw29Z4fhi
+gMVkW+E459httukG+L4AMGmfr+xQ97wsp8bTDGq6Hi/ifhICCCDI9PKsxTCmdJZQ
+EVkwZqxq/mvpg112rYaDr4TvX6kFIi8mEGt/bNSxRY6WK+NMetr/QLtsWlcDsRB2
+/vuVCo7B7/KdEG4vFPpavaK9BSW9pJhzyjuUEAa2pPj8aXC/TlnhyArRoJxEWyWl
+Tc+Z4w6W4pXGedhFt6aqDbkyWvl3IXuA63nTCRqC0FD5h66Nn0ilfD2XQOBshBrP
+DN8xw5Dddty0b3pFCVrzS6l/mgBumZumLJYGHNCcvEZJO8IlIdhQcGVGwNxqiOLA
+EeCvTEwnRdopwGUHEsqi8x5N4+oTdbeUMlapotIC/wZLNHhUINySj1SW4TAS38/M
+s7wNm2ytXbM3ZHtkKSYaqrh/WfG1YXOhUtexRvajIh+JfNve0B6Z9mv1IQ3xx7t7
+ihzPjQxFJakDT42IudEcrreRYPAIQVtD4KnDyfowHnj6U++d8BZS7F3XrtsvEbN9
+/hL7NmmMUSUd7WO0v+kuCXRNM4tujv/+d9X96UgY5IXGC80KFzkfrXPIm79Grbzl
+AxGw/pIyClyb0dYbg5qfJQMdQrQZY29udGFjdC5uZzBAY3J5cHRvbGFiLm5ldIkC
+VAQTAQoAPgIbAwULCQgHAwUVCgkICwUWAwIBAAIeAQIXgBYhBKiMit0SmCjX6sAu
+UuIvm7/uNIWIBQJadkrABQkFU4PrAAoJEOIvm7/uNIWILaYP/jng5jmn273qBGR5
+UktjTB/K6MDUXPXlL60yfgpgO65Qw1LdfgpuM+sKeukFS/z/tUo2BRiUdJcLoeMY
+Fwcx/5bV4/ZsaYV9++8EZTEgCFazEi6HGcou254QXvisRP0Ig6F2yAoU2UHvvebs
+1UPJXt0KTV3C+CNVA4Tb/sZiVxDCuxnomlIzvtYjM+sw5qjyuj8AO50qDYEBBLxI
+fUVq98bXwV/wE+SNoVxZsPGQIYbd6SNNZ3rOU7rAW6l5GlvMBT/uZ2BleZsbVs5r
+OaGmb8HN63D67eqDR8wIUeCmXv1iokq7qabtI1TJslJ+Ip7cMrglTRS9qmPfPobZ
+syx7wjZ0BPNGUercbRzc8zG9jdAxW4CNxuLBVGhZYV9bjUJKVABET8zao3h4lIpq
+gFJCnh3DTnlm0BQ2wOZj8qHQmrnZo8d9Wc6xwmVegbOAfN26ituwW/wcd6wWqbhs
+AmlpHWjmiFF9shpJK2N6ouwK6r9llMzlXQsP1ysXJhb9xus95vkNW7u1/u9PRGwH
+www0hM0x4c9UheF+pn1nsLfQQPlUeFQxXxrY+dx8eVlPsDvJTAKaY4zPlGdrkBBf
+Yp7u8PL6PxZPwgEXKDrgjanqtQUsQjseyZPbqWZticcWx2cWTQak83MkEat39nIA
+fU+cctUoxdFKCsk95JOwxFl9eIgDtBxuZzBAbm8tcmVwbHkucHJhZ21hdGlxdWUu
+eHl6iQJYBDABCgBCFiEEqIyK3RKYKNfqwC5S4i+bv+40hYgFAllS5i0kHSBhZGRy
+ZXNzZXMgd2lsbCBiZSBubyBsb25nZXIgYWN0aXZlAAoJEOIvm7/uNIWIK5wP/Aja
+q+jDthUY6ODVc3RGgu07oIwBVbcXRn1OPv1gxRDXTSz/8+g5fJL+vq75GxHW3kFj
+mhXZ8VcR3OjzkuBWXeY6bfI3CDg7QcS2rdUHq+fSjJyZVQpVpQOmoCrhV4lm8Cub
+KVbD8mk0H5kJCHEkp2mIBnosTc/7zwVO/oa7qNuMkgVsffzwe5hsA9fTSu1htEUd
+W8t+5Sv3VO/Lg31dxnQFhgZ1BuRQjP/vCjRt+pGC3gpxV28tWwzyj+2xz2iTkOUB
+9UWKPAOzxHdbPgsOMSe4fi2csk5FOSA+UJXlCmq13reBC5t0XfaRG5BoK6bWKRzR
+DPnwoZUKI2Vf8MXIJITC0tk4RzHnWCkArtZCKfOz5QjBPtf1hO1NLr69xULUk1ir
+yq5P9h4VL4k8LY45e+NW7CpITZSuquCfn6+Bs9zIyW/czFppaxWHq/9Q/Z7+IpwV
+IKywfbrJP0cm9OPTyxzLp1TyCLKCpMP2iPUdxLSfM+IIvkLZMPTU+1MCJR8S99Ny
+hXM0jI8W22adumYZtCYWsGveEFCrWmGu6xFRpmkF+5d0YBXnUYToyOPgTQydpDfi
+2OMB82U7ow8wkOBDhN7Ky8+2pfNli/p0/XXacNSQShqNmiZ5kkUpX26Y/ErDmR3l
+DVDQ7A+nEzh0ISXCMRYrHdGtl6KSNhgEQLhCc/C7tB1uZzBAbm8tcmVwbHkuaW5m
+b3Ryb3BpcXVlLm9yZ4kCNgQwAQoAIBYhBKiMit0SmCjX6sAuUuIvm7/uNIWIBQJa
+QQajAh0gAAoJEOIvm7/uNIWINdYQALg1RmGkiKGeEcun2srGci96rFmE5HiAqfkr
+K+QeDHuX8nUd/uqtVF9L3jYDqyuSyPHRE4JAbT/XmZaXy5rzlJ3LJcJ+EqumeWKh
+1ee1+UXvC6ONH1WASSFmAnX2VySmuzLvTK+L7M0aCyZ/NSGfETSvAD4R3I+LqdPm
+jv/X3SwiO+aiZbuaSw38Kp/E64QOhvj2n0/Z4mcyeMZBw2h+kc4uan6+2P74sfE8
+8dnV9L0eWI8f9MZ/0cN0s/Yey+WfHhSxEjUz8nRwaZk87rJ38kyzUpZUL+EZJavD
+MsT3GvALsspDwsvXUw53hBt/bdql7l68wfV7/A/Rc7JqlvRk1DHNaCTj33Jea/ca
+jTLxwvRTRoK9oc92wdFhChagbztSO/YozNwEUC+qqYhR6n7vVkhq+onCuaL67tIM
+E8HZhdvC4d330026n01FwmC+tDt61QiFugsON8xp+KLulLm0eTZL0NM9e9jPLXlz
+RwcpXzSw2dhz8nRmXgAXKWuKRTO5MXFygXpXnAT0eC7gkpNOBhSnauAiHVXBpGKf
+HdiosfXT4KcslB+GvCsqRnWltXbzowAnW2HZkenRnR03RGUNm4igNmmcfG89QiKr
+tAQURVZ0FytKuRrRNC1zKGz5s/qNdjSU6pm5xHUWz4XBOxIWjf8tXxvgv/WVvpvR
+uXioD2M7tAluZzBAbjAuaXOJAlQEEwEKAD4CGwMFCwkIBwMFFQoJCAsFFgMCAQAC
+HgECF4AWIQSojIrdEpgo1+rALlLiL5u/7jSFiAUCWnZKwAUJBVOD6wAKCRDiL5u/
+7jSFiJUpD/9Ym/U03uqoJX724xdaeXd123dIzbpPlPUA99Apst0KrtE4uBOHJCO0
+1LyJyLz/cDneOJR9Xko8s9qGnhVfjfEJmDxP3ynAsFRQDd1gZWdjqJt8aQB8MlEf
+DvrK3Z85f+oU94nZxhTkUhpWbh3mifhxim4aVidfsZQTWMd3Akz/W09j5UPR+VzO
+APdoqPahb2GSBvsSMeN9G9wCKAsoHOAzw7fIz+CCdRBheJh7SfH8D66RKZVNL334
+DdgLXtlhYkPxhNBhqcJD8oFsu7/p0efRME11YKPT2yqrXkYbv5gSMMpbmvW7YNez
+SGnux0qmGKpw/oCvvEyNuDwmrR9DDXNFtq1hOpf1ii7XZZAyaQHaB+iShVdfIWpP
+q6lkLl4UThoN5ZbEsJuYGiZA05vyw6oWr5x51Ii+keicidGtlljtv2c6HIL942QP
+3vVcOIYtRKAWX3g83MIupHxB68kfXt70l5a+QHxB/rNRnt+CJdi3dcrKOVIWeBUO
+tasPKkNmPUOcHUtKQE9Yd45YKi78QCrmxflsIbbkQBdOkeqPCXN5bC+N+ocPLYXX
+GFi00yjwTTh4XEJDjbPSarXCVtOt1cm/9164WStI5da0DPxqaJdiRgGYxJs94YsF
+QnoG84NqQ4mFWGHXxp3aPpRp+xpFOmy89PPJXd/aE13R7VONGzLtqbQMbmcwQGNy
+YXNoLmN4iQJUBBMBCgA+FiEEqIyK3RKYKNfqwC5S4i+bv+40hYgFAlp6NKACGwMF
+CQVTg+sFCwkIBwMFFQoJCAsFFgMCAQACHgECF4AACgkQ4i+bv+40hYgK5A/7Bwi7
+jwlSEPbsO5FXXb46SdLuQSNV5yscV+HH4i8vrbDXuPNnSgci7eJ4nMvLvx5TNiju
+8f+NFfczv0q3AttTdHNy9qgUI0pUGDktMt5L4ZFJLFCKXYNzjFukAjkm8ynX/MbX
+SLvu1qvZsgZGykcT77qkEVext3QaUOcv8rNJy7kZMF0tvxY+h3wFTdwisg4YRrIZ
+6XWHsbmCvmPCwqxWPIzKZGqlRr7nQyb8rYdnk4Lam+shG8UtJt+2Gk5ZPI0XDB2z
+TkZ14uqFyQV1foIQAhIzwcbjpBWAGUo4Ppo1RSgN/ixShyEwNM5uWUbfdtYUawkT
+pcVnRe74AUCTCHBl7A9FzbWwn8+4xPrfAEfkvZ89GYKq0JxDAXgCjmzmwShcTZjP
+Jc3vBpZLEOTnnNEipseL9Shb4kdK6WUeIlSTkuxYomgidcLRcOYK8+Pze3A1zwOE
+5LSKpDMucvq9bGCveRONQeHCQE+zzY7lUBPohXj0HT215+YX2r4dqz5KYSWjRAXO
+hM7ZfUK7sRlqsnye5iLUVNQj9LJM+LcXHOOiFVpqyHk4iqVYDNsdhjsMu6Xl/uOJ
+j0kHED43ResOMZa4n60bYNSmj8p7ar3eNdTRR6FEYkz9EeWdw0GMVEwceJo7bX1o
+D/VxpTIYX3IYVvna2vX1r23ERN5V3lLx2DrjpzC0Dm5nMEBnbnVuZXQub3JniQJU
+BBMBCgA+AhsDBQsJCAcDBRUKCQgLBRYDAgEAAh4BAheAFiEEqIyK3RKYKNfqwC5S
+4i+bv+40hYgFAlp2SsAFCQVTg+sACgkQ4i+bv+40hYiiYQ//UnNfHDFJ0YwJVmKe
+xyhkt5VX/Sjs79c83d64ULQJSCWNlZYvmozZNitAzNs9lwSLIL3Bz7+uxXe1RlFV
+pPXTZMHNT2ONP9o8bmrSr0tx52RW/8ZcAgdXR9GUCBbYfJkda45qk5mP3igExb4i
+EQ5DjW1yQBe3GTOUjgpClKsgfXd0x4SFDnJYh4NEsT8VTAaAMuFLF+O4rz00woGq
+BXO10P77Vh1XW3b5YGaMmh2JemoaG+9qKHZ6wyk2E8mh582AtBMYXMgMAwtRyCty
+WUlQhDdRNzo7oyspZuWOK0NARouWF3t3JjfNDqTyF2sN06Es+EwG0H9+NiQxcDWD
+WveQG0J7Ny1a0dPiVT//HmTakgFBC6ErPB0r5Z+gHx876EORLw3YBOZzxatbdD+y
+2Dvho9i4WVmh53bB5gLrcmtWsIvHC9L34CrQDi9M5XLNrIcrRnkWttiNsH3LgCZT
+C6PTaXyN99shpRUcuaeK5sIpyf7yEiUBD6Tg2ctF+SifwAoKccTW51wCzfuqFCNg
+BGO98cjdpo//oMMXrQgEFBFEJggrjWX92bMVoS8yBKRyygwoFRadb9VtdE9E3252
+HPxbL9WThhHB79qoYWoDlPVbeyi98sVpr+/rvo/Td4Mj+Zh2BZ+ZVfVQwcMx712T
+cwXQrflzKtg2Zz+gINqFwaM0giu0Dm5nMEByaXNldXAubmV0iQJUBBMBCgA+FiEE
+qIyK3RKYKNfqwC5S4i+bv+40hYgFAlqINbgCGwMFCQVTg+sFCwkIBwMFFQoJCAsF
+FgMCAQACHgECF4AACgkQ4i+bv+40hYhsnA/+OQEYgEwAhmmSx84vUPLyCzDuJNPw
+qjNRH0EjRDWM4ea/iAhnTdYN4GQoJcIS7jZdD0saVCzteWn2cP8Mu68IzcSjOq0t
+jdNSuyM5aCNpd/BV08RM00sOAxGdBiG68cJ2FlYqHYZ47BzxlRtxSKHaC4GxQMtR
+lNIcYdSq1++y26Fb0L8/DhiRmzCCxG76Aklg2zV10Zj7ao0Bk9I/sO3HdWPyxZRQ
+ST0a26bOOonqKT9AQJuupI9qTL2o212KrVTm/pBQBrBG1TFVm25F4vNg13qvVqNo
+nl7f+tWDIo8hh4/+mFP1SSiwop6agO7suRA4GaBRuklaTeYsc2wle5SpZ4dBCYPZ
+OC5wAiBPnNKfr2CZxk7NyPji447UfbMj6SFYhLBfQVvnqCazx6G8YOyjWFFqerbv
+4U61ODscpG5Ri03qkHv2z1roTo+GhvEhf5ru+UgGXh8A4Iu57YOcmqpM85qiwwDQ
++xCRm3xWrqk21q4svxS25Z4DsuXdRGb9qskYdQTFwh57TQ+f1EWdBEDsQAUAA/po
+ZWM7pQ9s4f2HhwdrBy/qvlDSk7GjfVquuKKu2/JzX6L7YIkFZPiQmPBfKmPVK7GX
+fVvyQs5RpPXr+vcoRFHDWx9GfB9OFJzpsKbkMsFw1RgyQ1d5YAoWbIb9XzCJBFmU
+pwTVHO/GxAPdIce0EXg2ZTY3MzBAZ21haWwuY29tiQJFBDABCgAvFiEEqIyK3RKY
+KNfqwC5S4i+bv+40hYgFAltyhdkRHSBhZGRyZXNzIGRlbGV0ZWQACgkQ4i+bv+40
+hYhT4g//Yqu0cvNTgdxvbZ9ckmQvLDAQOiNTkjmMO3C9jMSJRWXYFyz7FXbrutzg
+AZmEW/CkM4zOlXra1A8BrWsAnV5b/j6X91F69TsVbMne1YScftHEs4V8K213XHwk
+J5+4BKLG+IGf3+Hjgx2Tz4tj1jX6TzDJ3+W3nJpCmOO5JDWnQlNweYcv4YjU01aq
+zI3HMuULKYsHvv6XJpcnFiu/MY4+zcJCbDHxmB77itxHaeayTCbXinSTrblvsuzG
+DHornawq53NAGh6YF/9/RljoAqx55AZCUN0crfR5gNOKEx0QTEF7NenifiFxxS8c
+QoR77rPTG19EVP1wQFC44brPeKNphDRKCAa7Mst1gMeWfPFm6Uz4osxYye2dhlNc
+Ho1pU0fCRTE8cHPNmrSyRBQ4Tvfd7gXX7/KnfwGDQZ2Dcmjb167Er1InAho8eYqX
+8xye0kj3pRJAk3VaYPARzPRalEX3rix+BcQTRqm4H11or8e2nMRXrt/B1x1sAYYu
+Tn/x+ut1Atk4NpLrNapDdB+byQt2l0vRqv10zV9ZnQh1AU1wXiaZEwFcSn+KxQVX
+9zsY/LV4kn26RngPreeveXFIXW5FCKNVbNVhJCHR3K0z/egyTU0l5CgsrqbMoW7K
+8ZM/AxSQaNY2b7LmujBbSpLigqPpcfULpZaClp5D5NDPreunQA+0GG5nMEB3ZS5t
+YWtlLnJpdHVhbC5uMC5pc4kCVAQTAQoAPgIbAwULCQgHAwUVCgkICwUWAwIBAAIe
+AQIXgBYhBKiMit0SmCjX6sAuUuIvm7/uNIWIBQJadkrABQkFU4PrAAoJEOIvm7/u
+NIWIF+kP/RpsEcwAdvWsUi70Eu+ME18bWnH9Io9p3mxz/wDoaTh/Ej+J549hKCMz
+BZAubB8ud189JyYzQv0CUqDbD+1STa3Da8LCz2uAN3Kuo5+gR8m0vCxE7pRjoemM
+f+HYYGoTsUCVKtN54Voar/3htjMq2sQ8bh1HKdkgKSys169Pz20Fo1auz8t0Y05u
+JRJbMMHWplbXEA9aX/VRelIMWjvUOtAFu8Rp/dngAVcwGG+xqb7vm1AM0Mdhm0He
+a08v8HtvdHKHRc3SkHmrVO4WYBHJALSRn/7oTt2DxTARHe6Qp7QBIXN1u7Ajja00
+4K7hmhJixVBZjWolDFg6i2viqkVe+6n0GUcqOs0AEjnkDJKMg2AXzIggo9c3qZmg
+VbcO4xYB2acbusHYSEP+B8tugpNxREWydOU6w18hoVPth0oD7v/gWfY7PmYZnQAu
+CUOKbwz/jT0s69VXqwtaaCi6TjkzYIOFy8zl08stEsgwN0bXujk6X6vZu6u6tkyT
+QJIjObYi1NoFqDtH1UQG3IsQLJ0zN3KoBOB7JjfofF3Ytz4uKdAuA9hVaaAJ/QWn
+EUAAWHKH4KV0arRlYT/GVf0cqkt62NaDxql72u1Fh9B1zx8FCufgLrVlbhyX6RP3
+x9K+Ax9qjLvbCW1+ch1Kl9K4qVLF5MpgorZt1SA/c/UH6Y8e+xiytBlOaWxzIEdp
+bGxtYW5uIDxuZzBAbjAucG0+iQI2BDABCgAgFiEEqIyK3RKYKNfqwC5S4i+bv+40
+hYgFAl0sdMUCHSAACgkQ4i+bv+40hYj9mA//SstcJPuIznSOzxBOncaG2iNTl+8Y
+8OAuXovLF9RIBSz6LCszjdgXdXRuXrTOLKonZFrnCC4T9gPLyu+Mp2GKrwNhN2/s
+bcHJzrWJ3Yr4eaDSHEaiLZHsFQUgAKfZUMWMXT/ATVLsWDPhhB6jGVTk8jjXvoMx
+7ylGDpux4QNl19YSJ6mqFRv46qWkZBlUwKDXBb3QwaLG68rMRRba9phYcKpQVCHf
+7lIXYh1Ds8JoEQcyBkpWolBxl24f9CUgYvPd6ZACNXrodTBr3bGXiCAlceWggKwK
+tbjwoWYCA1OgQpt7F+OeQ3S8i5yHwFpJx8d7/d3fd2lArMRGJ6wliBwuh6fhN4tZ
+T278HqRaHNfXwWt3N2nUGBbYIiurJNSKqTRV5EQykCh06Du36FSfAguq3OAA+Q7/
+uQMBP4eYanhiP1TpPt4HQVIEFV3N914o8DXnifBOhTieW9Uwa+ltUegyiVhTvmH+
+RwHwcp70rWJ+xrV3jS5B8HV8yybx/c7sJioygYhiIQ1SSzuWb1yJT+etYZ4P6D1X
+WdvDFA3zxt7DxrxHarSQGNzbxYSkwkWmQ0LtaZLmEdkgdETZbTgn8xfvdV2g6uQM
+mJizGZvP/u4jD9sLR3nVnFXlL/WrC6lBR3UkHNiMAp3FT0W/HNZBof2KDMHhmhWn
+Q0pOSoRW2XMXvUm0Hk5pbHMgR2lsbG1hbm4gPGdpbGxtYW5uQG4wLmlzPokCNgQw
+AQoAIBYhBKiMit0SmCjX6sAuUuIvm7/uNIWIBQJdLHTFAh0gAAoJEOIvm7/uNIWI
+7vYP/R/Ds5wvuIXk5d4rgvr5OIJAwDUdYu8NbFITt6wE8o8G1eJFajE6t05xqp7N
+blYqLykQUH4LEajn8B5qDrepgOQEpYlzhFhASWSzE2yh7H6fiynFpDeXGeh1bLsR
+9fswKOAg7Ch4UrN+K3Fx2rt7ivOaRcsMhSK9TLFyR8gcSIUSWE4s+YgGtGGD/IzC
+LL5i36AulJotVfI67N+RxTJieW9y5KPXYzNo/04Yn+aQrQWVn0Hxf1+QWNEGo1c5
+AO2L09Wzy3bpEw4VlckE27YiKcxnqXt5PtoStbhIw7GtRl2CpMZHj6OXJnlzTntx
+/J6A7Ys4MFcjJEu5VhjVDYnKKe1ksxvp9QOONzz3t2VoC443V54QLV9qY1UNxXTZ
+C2zGJ9YgOIfIfIP55kc/x051++rBAWianmIyFs3MqVAPXoIdOXm436TfrI3Uk5b6
++RH08dpkCYbUEoh1y4fjFHj4MUuWyxo1ByghHfn6J0BEF6hfqvL/WfQPhtvUY+K1
+OikdiwGYh/lzjiSuTT+W68ltzM0J4sF35XELAvL/7QutCCBFKXHfto/LtlUjnxnw
+FRoLg1Kq2LuXrKFoeCcbhzJuMF88dKD1Rf2r6hwqmZDLjupP7CsSvN5iC9vtaGz0
+33HkfiKNCh6lQ41UBy57n/iquiHZLZh1Pr4OgadnQIwHhlcFtB5OaWxzIEdpbGxt
+YW5uIDxnaWxsbWFubkBuMC5wbT6JAjYEMAEKACAWIQSojIrdEpgo1+rALlLiL5u/
+7jSFiAUCXSx0xQIdIAAKCRDiL5u/7jSFiP+IEACuGt+Fmo//CdHBB5HM1KSkGtHC
+9VuQAVMCE6RxGHcDrG4vCAeSeUTF/s64F9D2zLEJdBg1WUZbDSEKdsz33CCxEiMp
+XcvWCjI+SSwPs78kKoIhYTwYW9dWE5exfJ7878pMCQMCq/UReZyQptiICW1AwOuM
+7xp3Qbk/VcTYtxC0UJ8VGhr6sEzjgO6JOxKBhCNcLFOD+3O96MXFYuitu/v8Awm4
+Z+XeDe0FH0IALx5+3yWVbj/sPoMx3kgf09BZ59a0KgDrmDPlrdAjavk54DSXfuOm
+GXAOJgBMCRc30rHsGnB2UiiTNZu0BG34s7yc+s1Wdv65i9CJ1OhcmGcLRjNDq13N
+IY7lyRaKsE5XMrj5e6gIr7I8wKONRQZBt8bE2nI8xUkdHBshTfmna1pXkBDO3qRK
+3zK1iyyVYirm6zPjT9KNiQ8AFQquQayYxEqR9RbQOUhcTtz12mopY3+FEz71hvte
+dogldkuPq9hMBpeBNWw2IYYtXPvbuf9soyvn2JhPlY+T5BO1m1Ys9rrAueUUIRb5
+3jZSWCX+sHGatrt7WdV00QxZF57zfeB0axKKLToAE85R1imNEZF1TyRqMzxsQbWO
+HJ4WgA4J3NpdbFpWe+Al47qoLxT6pPJbWiNZpj4p0189itQNEA7g2nfz47LBjZYv
+lyyIXMIlZe4t6rkpO7QjTmlscyBHaWxsbWFubiA8Z2lsbG1hbm5AZ251bmV0Lm9y
+Zz6JAjYEMAEKACAWIQSojIrdEpgo1+rALlLiL5u/7jSFiAUCXSx0xQIdIAAKCRDi
+L5u/7jSFiJBcD/4ilWSQRaxbgWms9PXZ4HTvfrFEb2TTn86BYiYxEN3aT7xk1Tor
+6bzEmLVkhraN2NKgaYgCFt1/Wzzo9N4o9Ojtq6ES3SFx0ZSpnlIU6YaLB++710gj
+mP9KW8sBcGrNBYa0eisZuwqM68GApGDxbdzqo9K7O3alYdf6UsmTal7iWHCRCz4d
+RShxFYWJbOk842rL8e1AWkF6nvWIq+7/eKLYyD5XAIXKw/ZB/hlcdgd8m0eO4pZ7
+s+fhuaVPFryVzAlAnLQRdMStUo8VeGbOqFCfS0ZB2cPt/D5d8xRvnaCeSae3xMLp
+sytCjDFz53fSTx62ZiwqOZoncPmjZDzw26vOaX4Y3fVB6cQKYRGke7V7pagIeH5N
+W60mruk2IVoA/lgOSZmNT7/iVojHpYQnbaIZZRx0a+VjfgtNjcVouo9Hkll14397
+vPRMLszDHmpvG6/WAcFkG8uJjRihqwVzY+gsAKP5r94IQpQ6rKVCJYxmko5xpYOD
+g+FRnt21GQ3XzUnOjdD+9ayPULA8sm3/IYraP6k2hB3SCKhMpEjno8otabv9h0M3
+FlN8qxJbXKWmMS3Ttq1DxpK5JwJ5jaBE9WfeDtXM1cnCju+qzlYSXogje9dc508s
+wSIO1PLzTYFCanCDUKqNaNX5OqvjtUWslKc/hUPdqtptolGvrXiGhnrc1bQpTmls
+cyBHaWxsbWFubiA8Z2lsbG1hbm5AaW5mb3Ryb3BpcXVlLm9yZz6JAjYEMAEKACAW
+IQSojIrdEpgo1+rALlLiL5u/7jSFiAUCXSx0xQIdIAAKCRDiL5u/7jSFiInyD/9m
+/qoOIXFmAKlGjNVs2nYaP6vQCCAzcOm1WrwP6DYoeG1JWjNlFr0kKhJa/mzR0hFY
+b2+49+Er06l7N0txPRcUhoD/8kKTIx8ljX27icd7BpD52XBqLfnX3Th3OHJA5CtZ
+epQ4/bgUqXkHqUPsmVQHyjlq7liYIlZWwMBfA+L6eLF4MQhcnIoHkfVLyHvJ3B07
+VpJAH5wBBC3NEaPTCAeHbXdSY7vVea3kSZZ+dHcmcIcpBcFFTggruGlPdBfUlt8/
+aeRdfAause3xkQ3/n7wTXugYPRcIM1MsDmHuFaADWEx9eEEg0WY+Fb9TD02iwTyj
+n2zISITI4k/FGIW+8bG+qrE5EDxVxeuociVNi76byaPN3Wx2JhDq8nKtfVWLCbZN
+NN0HYpgfoHYUtFR7SCDbHvL0MVW607Alyubxo5n/WN6RC6jxmFaE1CZpl1jVp5cx
+/Uw5NBv5OwQzd/OqLiTXisM0Jou20c777XRL8nTrFniW2ym38xDkC7q17yhDPesU
++00TR0PWO7RFpw1mzxggGXxmuxA+OZeR/fHdc6CpGmEj8YlpeOOoRw/58/w1LwQr
++zKUzuNo0wKvcn+K0rHoSVOX5O3XAxTg2FRpa48YCY2U4kUH6RITHZRg+Eh5LHHs
+Yj4ow1BsIfW9VAzHkt7b0MxdWsUwqFuXtsaMAg2HGLQObmcwQE5ldEJTRC5vcmeJ
+AlcEEwEKAEECGwMFCQVTg+sFCwkIBwMFFQoJCAsFFgMCAQACHgECF4AWIQSojIrd
+Epgo1+rALlLiL5u/7jSFiAUCXSx1iQIZAQAKCRDiL5u/7jSFiIP0D/4i40WiFeRM
+E3l9El3UOE/AsoldFGSfzXtkfad5X9arry4C4UFRFcQ3OtJnGvfW3Nr/mMNa6w+x
+3z4KnQRqhx8hw3dvQXHZQUjOEAQMg2K5ns38Wixk0OD5Mmqv9qyImwm5A7MOZt5p
+uZqGv21YS8BXQsMw+CLXRsapNAqI4N454bDBoA+l34tOiN4jPgG0jBy9aPZKWh+7
+nLHIn/DJ7xxT9Z3P7gSPcv8cwEumiBA4x79Ac9YszhafMiqwkk3b20DGjAyXZmEK
+l2annmwce/u3P8oQd/+hmcprQZMgh1vxA0wm9yQZ2zUZXAYZASVew9v4KdNVJE+g
+wKfJd4TiPrOkKoll91ikGCY38PPfLCyvGobdrE2LW+6ApQtcTrKu8nzkCGdZiyZ/
+SE2gHMOrYAmCpDH6ujD0z76ywo3a3Ta3njId3S+LTPtpBJNq7jRgXJPTw2OVjt23
+7QrM0QbNTvbjy5OR60BSFhvd4F7LCzhM1b/T9P8oFf+uO2hQxtLnNqdYR4idIRFP
+gXjD5dYpEfTOp1dZviiWqXm6jJFsLJy3FtRvtICLzram0nSO3xA0bB0QH6MqDp4c
+4kcZ8JEunBvsOkIVlzT83CGrBCOaydw+1d3wheFQItPOydVrqVtH+0rGHUTpapL7
+BXttYTzl6n7YIpNDqBufZcWhmqBF2FPTWLQWdGVrLm5vLmthdHplQGdtYWlsLmNv
+bYkCVAQTAQoAPhYhBKiMit0SmCjX6sAuUuIvm7/uNIWIBQJc3Zx9AhsDBQkFU4Pr
+BQsJCAcDBRUKCQgLBRYDAgEAAh4BAheAAAoJEOIvm7/uNIWIZ0YP/RM+jV5mCCf9
+Yj4KIZ7u4FTUQ4k9KqfvEw134efgZAR5n3+3MvG09glEunMaeoGQDZ3E7qHJs9MT
+cSA8RSfXT/Xp5+dDDpobV7TKzV5heTK6+PjsKH1KlvT3mTDcnRFnwRMQaK6BP1KB
+bLTpxW6kDFD50OChVC+iEBunkgplVl593KLLkqeAmuIzThKIbZLOT6H+bGthSu+V
+IGLp8MfVtjw4dflK0TbvyIVQRVxqQPv/egKIaLAQwah+21svfXib2tJ5kxKlFVbC
+K9IpTcBXljiS7ZQo7/Ok1Z4IyySMeA9CpRZjL0zSygNpHwk8Ml8UcNmcvd1Jbe94
+jUOJk6YIOhAs2LkzxoZdzuxx2RrB4kTHBkM+zMKSJGMXspIdelTOYfjOPvS+wb55
+QobWo6tey4z5LEWt1ymeGTs3pCnAY6Y9FNV2x3+MExhFK9AumKXgfTa9H0ew36wf
+Iju4oAMVWHk6nz+Mv5IwwcFGiH4QZNLZj0r0F0dAelngphersaPZLK3sjqlZNY0L
+atQn8BOZoY8n9JN++JPIwq0LZH5k8Fp5mcGcOVNukXghj59kpXDLJTxnlzdqAQ+R
+9ank2vf9K6aEkzfg+7zjd2r/gkaluTfELmu2SE2zOPKQqwPI3+k+LU7TGAMOVFQv
+wnqwjo4JWx53R2sfHzJiLIeefZ2dGtDRtAluZzBAbjAucG2JAlQEEwEKAD4WIQSo
+jIrdEpgo1+rALlLiL5u/7jSFiAUCXSx09AIbAwUJBVOD6wULCQgHAwUVCgkICwUW
+AwIBAAIeAQIXgAAKCRDiL5u/7jSFiH+hD/9Cp3c2QVCVfEF+eKIPwyKB5jgbmY15
+rsBb75xcNAYK73O4DrYn69a0GdiazxYghafQeg8FOLmxF5XB5e1vvzXOTe0cEOaO
+nnsr/0JhTU9CHIaLeOtgNI6XTF3RQ/r4pxmZ/kIpsHzjrc5t5SlOnGdcElkhT5mi
+YpeLywJyBjwJvnTQr6ks8QF4RGgUpp8V04we2vCkdsuSGzcCDm40NyDfEeLa8tCp
+h93almEtDFI3gcXHr7JiAxj0yxVWi0KaejwphwnudxWu8kyfQUEAKmn+J9gOkOXs
+vTMvRc1f3z12QRSWd6DnZzL9EctDbYXgG7F55me1zLBSCuZP7rj3gw1VfW5+XFEH
+Giq8hqf/V/e7Gq6Dtx5NpAj7TCmBOUOAL80Z5jjOaPSBhALlE0RLuFF4OMQm+hg7
+2tZC06AUJQKmEtdxWt96DKe2lD3pNdsb54T3mxjdgHyO6sxDYHeMGu+D6OhP+L1Q
+WnPnkv4hrsjEnbbHUp98nbiGA53NWTLllsHXmWIkeokau1VmF6ad45z+d2Dtjgo4
+kphux0lYAOqHV6zL0DfTT2MyCpm38dHpHEKzAQVaeppeCetg8HXOMdvbe7b5Tsk4
+HQNryD5B2PD3elvD09amc5SAske2z5ZSYKdjDnrNjUhOESRb5eDEE0b9f5wYzQxW
+qV10dXdgccCIfbQNbmcwQHRhbGVyLm5ldIkCVAQTAQoAPhYhBKiMit0SmCjX6sAu
+UuIvm7/uNIWIBQJdLHbsAhsDBQkFU4PrBQsJCAcDBRUKCQgLBRYDAgEAAh4BAheA
+AAoJEOIvm7/uNIWIbAsQALJNb8HvAPNySloMN8tkBy6jjfzndJGq0JkA5rhT4Zu0
+U3rolSXoo3RC4uXK9vWQXAzE0H9csmC0+4JquXOIJ6Rbm5oRRwtX51MdLJKxb+L5
+kuqkkIbFgnqjWNCqAKB5IRnI4nHroqBwi7ZUWAvR9SXsFT7jNFv/DK0stTf7OEs0
+XsZfwnVZlGzn26JSeFrQEYyJB0/ecrcKZVohge0/FMi6LddjfiJqR8dREiW/mNZS
+lzxWyteluxd1CzIhPUCoJfLJu9g1BFZv5kjurVUsoXcNomYvQksT4mNEVj/wwIPk
+yJZZ6vAQHts3kDy1rRSiJCOShG305m+jc98wRBKhr+YJf+bZzBtMf+Rgfgav1ywx
+3fh8kzds+hFCektsPzGp4CgyT4jdn4Rh3QdqjMH5ah5rWbwxA8G0q8duXc7UUsog
+lMmmXiNiUD7Bg/TJoQPmL1Pj+RPgqH2xeVwnSSwDCfr/U2tHxBpgB55KfrH92U18
+EfW4oW+w2UUhaBEZyrruKdaPUhv8gtx8YEEarWKi6w0e31KXmyPvqS5GnjOZ9PX3
+RtBHQkqg7iiUBBPz9TM+kMX5oHuKymv9w7aVMNPmnT6jKlFJur/hkBn9yxfAWWyV
+yEBAuMW04YjSYRbxjbvH+0Bh0cDpK9bTp6maCLnP15IIOmz6a8uH3M3y00wf5elA
+tA5naWxsbWFubkBuMC5pc4kCVAQTAQoAPhYhBKiMit0SmCjX6sAuUuIvm7/uNIWI
+BQJdLHTXAhsDBQkFU4PrBQsJCAcDBRUKCQgLBRYDAgEAAh4BAheAAAoJEOIvm7/u
+NIWI7Q8P/3IB/0RHO/oRz/1bclxGuCJYFZ/xa+SEnnE/XjAYvQAUn1jSfkdC8yRX
+3Lq2s321hjo0xQXgst0zV4adPOfSyGKFoodnO5mFY6a5pYq2CdFGmuQ6pQD+/OvQ
+O4PLLbtC3z6EtA2GGSlXgNTz0krqjaUX9FwBlbzgNoycFQrhVwx9PpXKDlORjgYU
+4m/VjOi0f0yLzZ7BWDrenw45Brv6zZuFjfqxSHV+u6ecGpnEx4GjB7o0w8MGV/v2
+XZm2p591cJ4agmewjQhfBLP6D+fw20ENsTxgvYYCX+k7dTeFRSrKyariSy702ryu
+QYsh3c9+0EDomQOA0PH5/063f7msXNNwn9MsGqXQJ8umHDRnmC0aMdzQG5m8Orsg
+ZnPBRhvQmDuQRUVworotAqqEfoQ2WWFedNxRUgd3dClaDts5Uc65Tzzd8JA+zYIo
+byKqE9fP3vtPhO1y3+BV2W3YLsmgQtVInzPJq0HBjPXuulFN73eA1PJanRT0n8Al
+730Y10CKmxAMP+pQ416OrYUHwFSCAD5v8EL6AET/NgnI4d19imyoAcjR/W4MyNTx
+YXRlQ8v38Av1B6pvNC3/9ktPtyf6RRY8GVhMVQ7DUSLm2JOVx9vQj2jYM9a79i1+
+sx5OfDGnSnFfQgg+koqyiR82KSqwIZImiDhWWyDkVfnWxY9TvuaxtA5naWxsbWFu
+bkBuMC5wbYkCVAQTAQoAPhYhBKiMit0SmCjX6sAuUuIvm7/uNIWIBQJdLHUDAhsD
+BQkFU4PrBQsJCAcDBRUKCQgLBRYDAgEAAh4BAheAAAoJEOIvm7/uNIWI6ykQALBm
+K4s0xRE8T+MzxoeSV0gM+bQPqcBJW0FzTFHMOw8U0iJU3kDd/DolliEj2qSnyzxW
+Wp5WJVAp9UVyDxRb9MVp5l1qsniAkyeOVknFD6xbMOohY+5AYgwb6TzwIXXyKxCq
+O3nLE/qzTQE8WI4uLU+PXFQW2KkWY1+XzSGDGtP7c25mA+Rsy46Q9KskEe2S5m/j
+/Xt44pTU1AeMMdN4b4PzM8X60tlHAa/mLg06RT838cQEtJvYJn4nUj595f1aNmqW
+2OQ8AYa9AWBTaQRZls+zSQ3pDp0vEn7pvAn4gJ0cC2CLE86HaloIgBYUeXfc78u3
+XXn9RGdvgNJ9wKI541YLaH+GS+tezXP7qHtVeoLjqYve840Oj/D0fA+HqfnR0AjY
+h4aYc034ShiVUlEfWv2JjvRLIn7QegT1GSW17CftVmp7Na9UyYtizYra4bTVTaUJ
+fh2oKAfLwQRaAxq0knboBkFbXlvLBLgLks6o0hok39VWcaikd9veT8c1QlGID7FU
+Inleo/RAMaI1uJyZgCoXtlmCBz2/cOolTn+YeVfa26x4Yemy+habFkKoeVobwl/8
+1LN1q1L2CJn0sPB6xfNwIKEyab3Nx5CeQIuXZIk4Zi+wwkD8Y1K5SlNW/shEpQCd
+/bPrxvf32IOIfTSOnwK93MQc01r1Z2R3BRc664/dtBNnaWxsbWFubkBnbnVuZXQu
+b3JniQJUBBMBCgA+FiEEqIyK3RKYKNfqwC5S4i+bv+40hYgFAl0sdSECGwMFCQVT
+g+sFCwkIBwMFFQoJCAsFFgMCAQACHgECF4AACgkQ4i+bv+40hYgRXBAAm9A7Go5a
+2PINqMnVob2qJ+uwe+CXnvCnAkIagshn/MXZ3s0+SEyDsK8+zpSXw9IZ62kYPaqG
+Ao9FrB2sQXPfrhWw74OKcHG5GcT3ep49PUV2CcmyGzFV+YoJm7lsy4wbrl4i4PpY
+ijrkT6mICwXFjWaKakEbFKlnKDvGHEWvPLCJhWCszsfnfbqcRKwUykmEmwiD/Te+
+B2H4iavQbgzY1y2UPxCKZFWEhp9IMVGaZFW5H/H6XwzAGNWiOBLSsEQenN1C8TQR
+UgLN64oAuFtt2KY5SQCVnI+cHnHZzBq0Mpi5WdLhQfhXZh7lr+EzMuOlvqQg0zTz
+yH9jgXuh0Hi92Hx7ctzFtCK4DPNatMLlxQbo4TAseqBIy0ltQaIqrn0V1Qp0Tvnj
+jIT/maKfcJZrmCQQT5vsEgPNlsaK5R2pNDWjg3QtvK2+AtavSf3/d08fDIlneNlC
+/8E6XfZ0+0jJdEw2axyFymNhD3uDPEZ9Zo9ZCQQ/lwP1fqjVQhxrWLcSWdpGnhlu
+VWd4pJ9VB2HdXdbKYmyNakmFTbmTeu1CwePcS65mzEs4Eoq2CRxf3t8t3525cQWT
+MG6CPm8pRC7iueDVS6O+qnlV6BARr7wBinp9X2+uG2M9+P7JIBioFc7DCG0DIjDE
+ykq8ZGR5E4+Zv1cUBTWsw2N9EjF5rxvDbnO0GWdpbGxtYW5uQGluZm90cm9waXF1
+ZS5vcmeJAlQEEwEKAD4WIQSojIrdEpgo1+rALlLiL5u/7jSFiAUCXSx1VQIbAwUJ
+BVOD6wULCQgHAwUVCgkICwUWAwIBAAIeAQIXgAAKCRDiL5u/7jSFiIO+D/9foiQJ
+w9fpkXQQD6gP5fPZmgKuM0OHRuw6pEF26JgJFxtrDSx5SPbQxs4PlqavmXk0fbtz
+jWHd8w9X661yf890XxnzSSRZNItCfc7P/DZYTK48YN/13qv30zl5UlZv9p7Zca/f
+2C8VKICIJrSgbWNhW9Ctgh8r3pWCHA1rwtOWvwiKoyrQmG1/L9juOH4SlXtbeT/B
+/xxZxwq3EILVZl5rA0zVI9Qf326ElbDfLwxzpFCaSNVPB1HNSyBRSEdMe3s30IQ6
+LYBDM2ZqQJW1LOUhJIiiEyYTMfTpQROmAQ8k7GuGVPt1YekPjPdn7kyZdW/kbJAE
+CLT4isHgdi+O3PVIUUZn2ZZG2abUnPEdDPuT5lKS5FUfBUcWlHX0jtmtMsQwOwJo
+isNo9fS+8TRsWyGrNxO3L9KEu8ZSZK6frGMvJ+y6nJW0F6yTFVikUEMxYoHRZ+A0
+krenG9/ypHEAi54tSAhKLg/t0yae01M9rZn4YuztWdgu8uIEW9JA4tWDXyqJj7r8
+YZ8/A3oK9qiFRXdZ7oS8njnQzmi8fjFTWiTp7l3z9MHn6+DFwYJMN9adx2lgUvHg
+1Cc9fVOuYt6rSTEwURzJSOc+3uFxH1Cc6MI6b6CiZDe2ulHBh726ng+/8rFKhk4o
+z5BtRWCYPwDrkYok5VeAkdOgFvPrxvZXOKuvq7kCDQRY+5dUARAAvoopO5WMdMk0
+DY5su+KR4V3fR2byaCSoZjbirSZanAUj7PYa4qM8EcJ3zj4FsZDPymKPo/J5XIa5
+Cn2mj9K9n9Y3vVf+tUIl6/lKuJxkBsPSqzM/6gltWb0oA5QkBFX7+pZTW2pURbWo
+vpv6H1aMQJoYyBdbSx+Zu5d/6cVPwO1ZXPiNDcWiHdLVeFMNqL4LHdgMk+igzfQP
+22XTOMUB1CCF8umaR3qkrmyZsJZe4XyJQC709QENHqsUQwfz2grGA8pvKo/ZPImT
+sjDydc9EsHzwwTkD0t08b1ft7aseuYjrY7/cP8vWwYUaNTrLwZHcEv91gV0aIjE0
+U2tpV21Vm4p3f15kqRUPfP8lUiI0inFTp3pu/+4cTBJCmASSQyvoSTlwtGdmDgWF
+L+x7Db//xtvIvfmibVcazcL4eoaI9FKqZvMyxySLYXbibBO+G/g4aQHDCycyFOp8
+dtJ/skOb1ADufFHXnzkEUKJ+5H4YN1Qklw9WT9YwvY/vWcOI2chVD+L8x4+H/LMg
+7OBjVQIySlYHK1qvFSFgM2nNhMwxbtUMSpzXrfpJRdUZ76LZu3IqcV+WHCrCwxIZ
+n6CJ5QXC1423B38GsUterRzI7K9ug5Wvq4yuRrAK2MjgcgpOjsVv9wMwxQ4APtR/
+hQbXN4rLAXhrj0QcUMnEP4W7gqBXTVMAEQEAAYkCNgQYAQoAIAIbDBYhBKiMit0S
+mCjX6sAuUuIvm7/uNIWIBQJZOVxvAAoJEOIvm7/uNIWIWsIP/jAYpQcV/fn/DVs2
+vBfGTgFVKyaYIQJvXxVpapcytKWngWwb01K6r7x1d4vIrUbmAhDbA6n9Tv+NWgIY
+H1O67431TZPOP+iXRTSJyRLopcJXY8xrNFd2tviQ4sglo2sH4l8gar9zXOSh68a2
+foSzLb9ZCsaNnvwFagnNXLwzBFGM+v/U0xkwU2xU65sh/TiyQ1DKgG6JQ4v0TtGb
+ae/B0wJlOHtRXyCtrmmTshGLXQsJc8iduHyRo0we+rneG2yhy1BMig8MjQXY+8bR
+P0wVW4WqRrwfykXjAtW6Qx8wU6fz46q+ve2Qhq/Ok9KpHzlGMgP6c6mThAZLW+3c
+GIdQBZlFsZ2KL62C6s8ynbab7C6yCNT7k9zHAstoDNgPORx5m/mArmvUqMdXycLl
+XPwlTAuA8YUsOGxEkmrZW+GGgq53uy+TQGmWqkSeO5uyWSs5yXbRf292PC6ZzAQX
+xHsVFXScqibBU49ELWTqUvDUV7zMOwjQy+8VBSMrXGGsLE5tj5On+HPHi26vri5W
+e5QzYrai384FSRSpdtnqqCysIQGPb+D6AgLJHdtnp+C6/0OULRrRIHF7JfVeuTde
+sc2h5G07wqj7SCNBRZC5VP/0JvpdGUHfa4WGEDUCXEZiMXiIVLMblfS04pAr4qzB
+1vCWqzb8xCxA+wTd8lTDFobV/pV1uQINBFk4U2wBEADgRM0G+Dnl/wlrHNb9sr3/
+yW9tHA8weIbwvfly/NRW6LHSLIPvsLksabVQsYbUH6i2aK2ZlE3Oo+H/R2wrs7dm
+VCo57O4MbZk8Kb0fatN3qhq6g/+bNobVIexS5XN6g5JcmXM4ZzR8Q0rEd46oaxFW
+y8nDSw4RR1d+OU5/Z/LHR1VUTCQKU0Q1Jv//4YFVq/BEf6oj4SU9+/Li9kUo9f++
+i4PaiWyrQDm1FAYtMGW5MBKH3ohO1dlPgqNjdeqTjZfgvCMPdbyV6Xwtz7KVkCR0
++r9u7JefCCKUXL3Ap4VPtjhyCLoRuqJ+ZIp9XR2wf3rVGR6KRcLWPEXLkGfAPCs+
+7uAnfReBxNiWYt+FHuQpeyUld8u8E0G8u9FSf/l25A85QrQK0EUrVHdFc1q8tcCe
+q0EomoIPl7GnwtDIwYmkWtViCz0ivVRvNBUTXvq0XtI/9kLgcBgKfzap8dLeVSXJ
+rUhYlbcOZNnstzkmut1ce8my5TwSRzr2dxgUF8563cM3cdLu+C9bdMWvR/s4xwu6
+Q5opbehdFHd2Hj/Lnqv+xwNKNFkhZCHiyum8L/VKQAsboXgJ7/sB7CHsEcBif73R
+Wj3bFcMnPHHlJgxXB1aOH4kM+y6fF8wW/bGC/9gGiYXzovdbopv3B89oyuT73aoX
+g4TIPz6gv6Bg1OiGpfseGwARAQABiQI2BBgBCgAgAhsgFiEEqIyK3RKYKNfqwC5S
+4i+bv+40hYgFAlk5XBkACgkQ4i+bv+40hYiyTA//XnNjay+uK31lmven3gLQ/BRu
+liydFotXRugBMExTNhBmv279krSpREbvZfFLSXshMcTDclzCY4SrjOgrXfFS8Eqd
+RCnxmqVxBQsS7T2ObAMQQLp1yyFdupT2M7no5bnDWetH9c/CBZP0bZa4Ar3oFZXn
+CKvs2ACef1BJ8f5vgx7noi8bpggUP6uDZF1gyyB2yLZEvlV8AWz3hN1otzkSmVgx
+bvD9d+ugcqOgAMv6JpbxxiNvqMX2CVjjoBeQC5/uKCkJW51NnZzHXtDHqcKKKlbp
++WrkwxjoF05uqRDFXnnCTTC3PUrg1stYkn7M+52dAG8HAFBtReuTZoZ3AL1kdtsp
+XoG8PtWHGzu1NNrPrxCL6KLn5jzjLGkWR17uGhmflKwdvRgrbWO97XhZoHaocaTE
+1pbRBRhJ8bhmkw08Yaatt9qcUqJLPyj0cEeNIU0I5h9n7n1CpTyns3Ow28H4k1p9
+8Sf19UqEOaUIeGtU/Gf/7qbD8q6lmpgZ5/0/7wNoBYM5MdvfMDU0NJJ3qESLiEm6
+lCGq4nq+GsLyFmIXyTeFbsyO/Ion1WJdtrGvEgkQRuVUB8HqsFQ1b4+EJAiBTMsF
+z+yxUcZJNEngQegSMaNyXFptrFrXzZHOXFADYmuTgtk5SbF0V5am4IfineWNSmM+
+nlBNsWyazlZNA3vuAvc=
+=bioM
+-----END PGP PUBLIC KEY BLOCK-----
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+
+mQINBFZlTN8BEADIXdWebdUepgP8YkULGh2EClt/q2Nkh5QB+V88ZtWVdEfz6ELb
+KeKE/39yllXso20H56OfWGgcU2SF6EKdT+FDir5pDxM+RQiIjrYHLMj9MG87LBcW
+65PHny6hmXtrfrWISXq7x2Si5G9pMz33jp5Dsx/IMTbTPbdK09b34S9aqIjTkpQ4
+yqByi07nkRcYgSOzx1Dr/7oatKn5/tTRQm9CQ2pqcYYD5Rqg1jcNpKRUWFX/m+LR
+d3iQ6ZF/F2W9hR6BYWRUi3eJOFYX/ngWrSj3q3c3zQgPy7R/4weZRT/WYjwccHyv
+LHbw3YFVLDgM2RAu2q765+3iWrH4RvYxS0eMDan7uK6q3+83KB83ofnH8IEt6PWK
+3tmmQJ1vYbQDSqeLxiptPlOgoQuaJCCAFJaBIwamLZJq0BPmncDzZ3bGksROgV31
+qqFYsdKfyUnKQZZpEVsdpOz1oMK0RSlqW2j759C8E4DrsqCBoBm63lZPQsYp94s4
+gT5W2D3vfPqF3dOht6nByGVYvwh3ildcBtKcU8vctlms+izbb0p94pviM10/vIuu
+AzerB4Pb8qMN8+KuSfIUtTWprD/D0NAPRBpc7Uiv8sSufldNhN+A4GdkkXe409+A
+WGusKMlZO9fP3BYf+J3jDxlbRoVoEyl67dioT0QbFdhOqQt1EjJH9XT77QARAQAB
+tC1NYXJ0aW4gU2NoYW56ZW5iYWNoIDxtc2NoYW56ZW5iYWNoQHBvc3Rlby5kZT6J
+AlcEEwEIAEECGwMFCwkIBwIGFQgJCgsCBBYCAwECHgECF4ACGQEWIQQ9EQY8EPmN
+FL0k0UcLCZjvhvWbagUCXkKjswUJHDOYZAAKCRALCZjvhvWbakZOEACqn3cj7vG+
+jjzbnWsohTwN9kJnvpRAtWwFw2mPYLRdFkYgBwP7AroDUS9nESzajx/sK4wUrfYk
+C3hK020Bx+Elg48mdSAy9O1/gUDY24rANTnfisqtO2IILsEyd6tJJXa0XHziH3Tz
+dggsCOEEICCOxLOkDi3Syk3P5yUL/OHDkLJ8nv4QJBGjjuuX09CErX2NYQnkqa0Z
+MOecfTtv++jO/jAXGR6Hl3c4lf2udt6fYV9zrtSkcv/NPFvJ7P0GcxA1Xws4OftN
+z/8rgz1TfVuho9mBIvvUKVT17Z80wQCTfaBNkChbHccDzaQPSDRkoG2ohvYrJveP
+lKM9NfMpPqrjceaO+rx+Ft5mBU9uSL8Oo8lJ2sMsxqmEbym1Xxdm96P3D+GNjZ0H
+Gnl26DprWTBHjpGSotV5rzncRh+9oTcvmzkO7hvgUGICHCGeyS3wM7qiiY2M1wHl
+5ChlOv5Ske2oA+EHoMKxJQ2iJpkfeP6rHckHkVD7vDDCaiXUYrfjCb17CSOUHuPq
+sdGbfHyItTM0cWpB5Jq/P6Mi9xymnxVpCeIkB2v05gszzGcF3+hLmRtdTzExilAC
+zmWKXLL/mD2SvnENXLOJ5lzJCD7yQ+KkzMDPqkg4JPeinyT/MX8q2uWKa7pcOHJJ
+9Hb4fMNwvUSsx01JCHrUS96JSssGiroaFLQpTWFydGluIFNjaGFuemVuYmFjaCA8
+c2NoYW56ZW5AZ251bmV0Lm9yZz6JAlQEEwEIAD4WIQQ9EQY8EPmNFL0k0UcLCZjv
+hvWbagUCXJn9KQIbAwUJDSYvygULCQgHAgYVCgkICwIEFgIDAQIeAQIXgAAKCRAL
+CZjvhvWbaqPbD/sGcPJJKK9siqY2o7w8zh5joKypSsJh2GZEpFMMIsIeVa1EW+ZO
+fXp9YQkO9ezBKxHgtZQxZ9dHIbB8Tn3+VnLJHd9wY0aE0OTPO6GNtADJWbzx6Cec
+75Ddg+WkCiTdn4MpMbF2jQKvy6nPfk7ZSbSL352VNVwrraLBjBJ3aXE+cPzXe76X
+oUc8kkNICvPkMSMljR2ayGk/wd8u8O78GW/8LUMVz2cwHsnbJrEQu5WeI6LVoK/+
+kWpHDjiNhFwIg0ZjgoOl42QOEAYz2lmGAhyBhrKd7qZ0NpSoPfU1InMy9j2AoStE
+hIOgdwepgXp8b71vzJEQiYMDvg6LJiANzohlJjzXQblzdu/gYaRjSNY1Rm3LV1ze
+MrPMqYeFeiQEY6Hic9VrKiXczIYhbHv4lBefwUJkuTk2y237G4CyIvBvXyA0lHDU
+5yumD4GDc66Rvyl9tZqKX+5Hss2dEO86QL+OcTYlPsGWq676c/T8mbdvfz+ENzy1
+iBa77WYFQkDSR1ND1f/GBE1fu7U1PuIDSo7uQarU6WJq3cQ+mtw3ncw9RfOpwqeF
+GTf/2eHAW980zhyo7BIhBYxn+SMvBV96gYVS3f+Ye6vV8C6eWNaOzouIe4+dLOFx
+kZAHkqCD8DaU5XalXwmeRTa5y1rzN9HMxNjfYeFrZu392myFjG55VYYG37kCDQRW
+ZUzfARAAsHyOwNqnALHCpk9i+5BkyiS0tLMpgzN5LC3RzN3Dm2CEyQPWISNrr43a
+FuoTMPEFkqsg0FX6LzVGZvqEtcS2E5DdvuVWJWBK+gLMxUWnm/p21ouhvLNcglYE
+FlvIscYmwVwggwJYm9TBru872gTT7s6NDVSLFXxkPf3hPDWCYeaooKcRzuXZWb85
+E1HFgUOR0uZCfBtPGG/tniyqP64g40gAV88WuyN4vkF9Nh3jfpjgQ8eYzhmWAAso
+EC6pBn8kjek6GnplYqkuy97FR87nXcb4d8zameC8rynlquNk9B4fsAVe36upQPJb
+GMF/VYjc1ubPQeawMrpYWPZboOK+oulSPaH7AQNixBpqSxdVNw9jHNZPSGPq2yPp
+pGTgI1wLWlGQlAEjBcPgEWWzWgW5os4oULn2D8i8S9pi8OhSQiteKZiojRD0q9D7
+TfSXA4XSZ75+uYxi5T3DTSSRa+pEufl5BMphVyJKvqjX+Ek6dCodUzfGE69qfKTM
+Vi3peEUMVMrsM2FoB7BA4l8Z/1UhoF9jD2yrW/+oJEWsWbJcGxsskzHNGr1ntk31
+u/MC+O8O6VFuuTjfpjpbS7rsbZZRtl1u/rhoCRpURz7AillX2hhl+5U4MOnYgZQ3
+c5Xh+5+mD8C0nMGz9pg5+6XK3fRfiN6ajHLcJJeN6bXKN8Pr06MAEQEAAYkCPAQY
+AQgAJgIbDBYhBD0RBjwQ+Y0UvSTRRwsJmO+G9ZtqBQJck7EABQkNHkaxAAoJEAsJ
+mO+G9ZtqMt4QAJznYvhb1P2TXkq4eJ+wt0E5SWilT6+tjIooYA4p8oIDi8nl+nHH
+MIo5IllAYnWXGkaxARVSzA3Ci8CoETX4hGdKnHy7hRvYR2psATapfVts1Ouj9vqu
+0zDpBATJhkom5xgTjWkT1ZgVIEbVHZiNIpSgA2OI4FqpL5rDw7uvMmttyR855s3/
+ufyhAjIXJMC6/8/7JG7Cu4d2pY/tumoeLjks69hUlqsM4RptZij/sC2m0BH5JOY+
+rj8YKGlliBciUbSkoTjOTExQoipLjpwgADmKu85TAL0X0PIqvM23n4K1IjiZjmNl
+9vjOwdtugOH7AYJV3RNjGLRxy4gJP+jlXL7rWEFFvL2WxSRuy1EqMRNzDlx/5xM3
+1PJsmcc6wIhyLDq40m0gdyh43Lk6EeaLjf6+QJrn2+AwTGAc3k0KOu50hLnSHPKZ
+0dYfhqD6iJOkByAc+usyfHNQ2+IQWy/F+AQc+ST0p/A+xiC3D7OHbaZJM+Mmqepc
+aUIt5jJ2IylxPet7yZBfV8f+6NUGGbNJy0Xd6qv2EE3osBMd0XyaEHPSxnSvGJfx
+a7KJQLOr/WpfSJeZglW3fQPWwhAjeEFFBibwso/D6vXxK6x/N8axUyRiJHOmLKNp
+UFEhZpET3FoAMnC3vxYynv3ooYw3oLxl1V2TVHN4s4zlDS7dkAokPX63uQINBFob
+JskBEAC9bcDtSKWB85zmXbIztVQF/73mSJQBZiPfNpQqTiClsQ56qMHIUsqLw2qG
+cgDj2cv8U5NPxoLQc2w6HMqcD9ASmSa6DePUPpADp7HVPZB4GnBcSu4IEjO6dlif
+rH098eBoEIZzU4ghvpDzIBmfBQ5pveUGqvqt/2e2xtJug0FmpuWXYlQlV9Sj4Xar
+s3sPhLekXaRZ7fDULnS14DZRuBMdRNwyhOPz5xFCK1JiahfZ6pALS9xvWyaD1Wa0
+/IhJzIA3vDGR96KJVX/EtnggWuC9csoq8QoIqwxbcbKwlceE5EGSJTpceB63z3s+
+nM2OECGlQlg1oktfLdw37QFyh5uHqEi9kJVconb1Z0vt0WtZmarzYRIJDwoIE2aC
+EM1bmXijQIl/W8elcLDCL7o4m9v2fdYTk+xqJ5x165E6N4xKKL+B5zKTcOocg2rr
+s1hFV/LIRUl/rYB+58WTzvorym14ZdcLiu2/xWa4M4Qc7sIu8Hk69g+zKTS22eRD
+Mo0q96jNGfa/5Qu20Iz8eKK4lDsGpbbRnA7+U1ayxzTV36fxI0L5Ru7spq0rHJ3h
+c88v5IG9RCyxJIug0ZbLX4+P/M0yKNDj73o1nbL81TI1tPsuUFsygN2PN+RowoVN
+vmDoXlKWbT4eMfMiCbw/PCm3ZEVz/m9M3VjoRrb1T6S7DalqXQARAQABiQI8BBgB
+CAAmAhsgFiEEPREGPBD5jRS9JNFHCwmY74b1m2oFAlyTsQoFCQlobNEACgkQCwmY
+74b1m2qDBhAAnIyHlZGTgbiVTVBgjrIEYasPWn+59I/zULVGGe0yEvHzUoAeWoKE
+MudtfIUMb6Ypcoxwo8AHVvSsCSuLWiMDysu6Y3+p9B/iNDVlCU/3eA/BjCpD5ofU
+482Dyv5hpqdfv8nLehBjSnlfLnIf9b4kIAuTI1hM2kQFkM3/Eh4mfB2XJBFQxzS3
+gedWLrZoUp3qUp/BOkIroRPeu2N96d+6a9b35S17GJxWehgVjEwLZyhKCHliOYTk
+k4ibMc964iDSIdjpTAszHj/dMkt82Ovv2Q7IpFB6dhd6Mb3Les02f6lNyTBixud6
+/1ADj4LzyUwYyrlF8Mhjg/vJn++gAPFRqSrY5pwwsqci4Wr1/mgrM9WQd1wnkGZp
+0eM2q598b9fBgNvDnk5N8rCLqxRaxfUrvVEnCb5KbWtAwzp6GJ447KGHQRpfGN2B
+yXXtekurH2tuixSWSVnCwN7oN5hqXxhA60puyVSQlRZ5oqq/DTY5Gl+8HO/6qjaa
+iRD6frB32eB3/eIUHE+HhqMkVKcvoz1PUdjDO+YArRdkdREpQ7OBgqdI5/WkmDez
+DZ8s/8LH7NmWyaDiYmQwZzDJw/286pTn+U0JvAvMU98tSQKD163iYcUprdkMEgWB
+bm9msTujYyUbqJg/epAVjJahjtYwnCFhuJKvoIAlOXAqNksqPDoPwfU=
+=tbKl
+-----END PGP PUBLIC KEY BLOCK-----
diff --git a/debian/watch b/debian/watch
new file mode 100644
index 0000000..10ca7c1
--- /dev/null
+++ b/debian/watch
@@ -0,0 +1,3 @@
+version=4
+opts="pgpmode=auto, uversionmangle=s/pre/~pre/;s/rc/~rc/" \
+ https://ftp.gnu.org/gnu/@PACKAGE@/@PACKAGE@@ANY_VERSION@@ARCHIVE_EXT@
diff --git a/doc/.gitignore b/doc/.gitignore
new file mode 100644
index 0000000..3b7342f
--- /dev/null
+++ b/doc/.gitignore
@@ -0,0 +1,8 @@
+business.aux
+business.log
+business.nav
+business.out
+business.pdf
+business.snm
+business.toc
+business.vrb
diff --git a/doc/Makefile.am b/doc/Makefile.am
new file mode 100644
index 0000000..90f6797
--- /dev/null
+++ b/doc/Makefile.am
@@ -0,0 +1,23 @@
+# This Makefile.am is in the public domain
+
+SUBDIRS = . doxygen
+
+man_MANS = \
+ anastasis-httpd.1 \
+ anastasis-reducer.1 \
+ anastasis.conf.5 \
+ anastasis-config.1
+
+info_TEXINFOS = \
+ anastasis.texi
+
+EXTRA_DIST = \
+ $(info_TEXINFOS) \
+ $(man_MANS) \
+ anastasis-figures/anastasis-db.png \
+ anastasis-figures/anastasis_reducer_backup.png \
+ anastasis-figures/anastasis_truth_payment.png \
+ anastasis-figures/anastasis_challenge_payment.png \
+ anastasis-figures/anastasis_reducer_recovery.png \
+ anastasis-figures/anastasis_challengecode.png \
+ anastasis-figures/anastasis_truth.png
diff --git a/doc/agpl.texi b/doc/agpl.texi
new file mode 100644
index 0000000..e6ee662
--- /dev/null
+++ b/doc/agpl.texi
@@ -0,0 +1,698 @@
+@c The GNU Affero General Public License.
+@center Version 3, 19 November 2007
+
+@c This file is intended to be included within another document,
+@c hence no sectioning command or @node.
+
+@display
+Copyright @copyright{} 2007 Free Software Foundation, Inc. @url{http://fsf.org/}
+
+Everyone is permitted to copy and distribute verbatim copies of this
+license document, but changing it is not allowed.
+@end display
+
+@heading Preamble
+
+The GNU Affero General Public License is a free, copyleft license
+for software and other kinds of works, specifically designed to ensure
+cooperation with the community in the case of network server software.
+
+The licenses for most software and other practical works are
+designed to take away your freedom to share and change the works. By
+contrast, our General Public Licenses are intended to guarantee your
+freedom to share and change all versions of a program--to make sure it
+remains free software for all its users.
+
+When we speak of free software, we are referring to freedom, not
+price. Our General Public Licenses are designed to make sure that you
+have the freedom to distribute copies of free software (and charge for
+them if you wish), that you receive source code or can get it if you
+want it, that you can change the software or use pieces of it in new
+free programs, and that you know you can do these things.
+
+Developers that use our General Public Licenses protect your rights
+with two steps: (1) assert copyright on the software, and (2) offer
+you this License which gives you legal permission to copy, distribute
+and/or modify the software.
+
+A secondary benefit of defending all users' freedom is that
+improvements made in alternate versions of the program, if they
+receive widespread use, become available for other developers to
+incorporate. Many developers of free software are heartened and
+encouraged by the resulting cooperation. However, in the case of
+software used on network servers, this result may fail to come about.
+The GNU General Public License permits making a modified version and
+letting the public access it on a server without ever releasing its
+source code to the public.
+
+The GNU Affero General Public License is designed specifically to
+ensure that, in such cases, the modified source code becomes available
+to the community. It requires the operator of a network server to
+provide the source code of the modified version running there to the
+users of that server. Therefore, public use of a modified version, on
+a publicly accessible server, gives the public access to the source
+code of the modified version.
+
+An older license, called the Affero General Public License and
+published by Affero, was designed to accomplish similar goals. This is
+a different license, not a version of the Affero GPL, but Affero has
+released a new version of the Affero GPL which permits relicensing under
+this license.
+
+The precise terms and conditions for copying, distribution and
+modification follow.
+
+@heading TERMS AND CONDITIONS
+
+@enumerate 0
+@item Definitions.
+
+``This License'' refers to version 3 of the GNU Affero General Public License.
+
+``Copyright'' also means copyright-like laws that apply to other kinds
+of works, such as semiconductor masks.
+
+``The Program'' refers to any copyrightable work licensed under this
+License. Each licensee is addressed as ``you''. ``Licensees'' and
+``recipients'' may be individuals or organizations.
+
+To ``modify'' a work means to copy from or adapt all or part of the work
+in a fashion requiring copyright permission, other than the making of
+an exact copy. The resulting work is called a ``modified version'' of
+the earlier work or a work ``based on'' the earlier work.
+
+A ``covered work'' means either the unmodified Program or a work based
+on the Program.
+
+To ``propagate'' a work means to do anything with it that, without
+permission, would make you directly or secondarily liable for
+infringement under applicable copyright law, except executing it on a
+computer or modifying a private copy. Propagation includes copying,
+distribution (with or without modification), making available to the
+public, and in some countries other activities as well.
+
+To ``convey'' a work means any kind of propagation that enables other
+parties to make or receive copies. Mere interaction with a user
+through a computer network, with no transfer of a copy, is not
+conveying.
+
+An interactive user interface displays ``Appropriate Legal Notices'' to
+the extent that it includes a convenient and prominently visible
+feature that (1) displays an appropriate copyright notice, and (2)
+tells the user that there is no warranty for the work (except to the
+extent that warranties are provided), that licensees may convey the
+work under this License, and how to view a copy of this License. If
+the interface presents a list of user commands or options, such as a
+menu, a prominent item in the list meets this criterion.
+
+@item Source Code.
+
+The ``source code'' for a work means the preferred form of the work for
+making modifications to it. ``Object code'' means any non-source form
+of a work.
+
+A ``Standard Interface'' means an interface that either is an official
+standard defined by a recognized standards body, or, in the case of
+interfaces specified for a particular programming language, one that
+is widely used among developers working in that language.
+
+The ``System Libraries'' of an executable work include anything, other
+than the work as a whole, that (a) is included in the normal form of
+packaging a Major Component, but which is not part of that Major
+Component, and (b) serves only to enable use of the work with that
+Major Component, or to implement a Standard Interface for which an
+implementation is available to the public in source code form. A
+``Major Component'', in this context, means a major essential component
+(kernel, window system, and so on) of the specific operating system
+(if any) on which the executable work runs, or a compiler used to
+produce the work, or an object code interpreter used to run it.
+
+The ``Corresponding Source'' for a work in object code form means all
+the source code needed to generate, install, and (for an executable
+work) run the object code and to modify the work, including scripts to
+control those activities. However, it does not include the work's
+System Libraries, or general-purpose tools or generally available free
+programs which are used unmodified in performing those activities but
+which are not part of the work. For example, Corresponding Source
+includes interface definition files associated with source files for
+the work, and the source code for shared libraries and dynamically
+linked subprograms that the work is specifically designed to require,
+such as by intimate data communication or control flow between those
+subprograms and other parts of the work.
+
+The Corresponding Source need not include anything that users can
+regenerate automatically from other parts of the Corresponding Source.
+
+The Corresponding Source for a work in source code form is that same
+work.
+
+@item Basic Permissions.
+
+All rights granted under this License are granted for the term of
+copyright on the Program, and are irrevocable provided the stated
+conditions are met. This License explicitly affirms your unlimited
+permission to run the unmodified Program. The output from running a
+covered work is covered by this License only if the output, given its
+content, constitutes a covered work. This License acknowledges your
+rights of fair use or other equivalent, as provided by copyright law.
+
+You may make, run and propagate covered works that you do not convey,
+without conditions so long as your license otherwise remains in force.
+You may convey covered works to others for the sole purpose of having
+them make modifications exclusively for you, or provide you with
+facilities for running those works, provided that you comply with the
+terms of this License in conveying all material for which you do not
+control copyright. Those thus making or running the covered works for
+you must do so exclusively on your behalf, under your direction and
+control, on terms that prohibit them from making any copies of your
+copyrighted material outside their relationship with you.
+
+Conveying under any other circumstances is permitted solely under the
+conditions stated below. Sublicensing is not allowed; section 10
+makes it unnecessary.
+
+@item Protecting Users' Legal Rights From Anti-Circumvention Law.
+
+No covered work shall be deemed part of an effective technological
+measure under any applicable law fulfilling obligations under article
+11 of the WIPO copyright treaty adopted on 20 December 1996, or
+similar laws prohibiting or restricting circumvention of such
+measures.
+
+When you convey a covered work, you waive any legal power to forbid
+circumvention of technological measures to the extent such
+circumvention is effected by exercising rights under this License with
+respect to the covered work, and you disclaim any intention to limit
+operation or modification of the work as a means of enforcing, against
+the work's users, your or third parties' legal rights to forbid
+circumvention of technological measures.
+
+@item Conveying Verbatim Copies.
+
+You may convey verbatim copies of the Program's source code as you
+receive it, in any medium, provided that you conspicuously and
+appropriately publish on each copy an appropriate copyright notice;
+keep intact all notices stating that this License and any
+non-permissive terms added in accord with section 7 apply to the code;
+keep intact all notices of the absence of any warranty; and give all
+recipients a copy of this License along with the Program.
+
+You may charge any price or no price for each copy that you convey,
+and you may offer support or warranty protection for a fee.
+
+@item Conveying Modified Source Versions.
+
+You may convey a work based on the Program, or the modifications to
+produce it from the Program, in the form of source code under the
+terms of section 4, provided that you also meet all of these
+conditions:
+
+@enumerate a
+@item
+The work must carry prominent notices stating that you modified it,
+and giving a relevant date.
+
+@item
+The work must carry prominent notices stating that it is released
+under this License and any conditions added under section 7. This
+requirement modifies the requirement in section 4 to ``keep intact all
+notices''.
+
+@item
+You must license the entire work, as a whole, under this License to
+anyone who comes into possession of a copy. This License will
+therefore apply, along with any applicable section 7 additional terms,
+to the whole of the work, and all its parts, regardless of how they
+are packaged. This License gives no permission to license the work in
+any other way, but it does not invalidate such permission if you have
+separately received it.
+
+@item
+If the work has interactive user interfaces, each must display
+Appropriate Legal Notices; however, if the Program has interactive
+interfaces that do not display Appropriate Legal Notices, your work
+need not make them do so.
+@end enumerate
+
+A compilation of a covered work with other separate and independent
+works, which are not by their nature extensions of the covered work,
+and which are not combined with it such as to form a larger program,
+in or on a volume of a storage or distribution medium, is called an
+``aggregate'' if the compilation and its resulting copyright are not
+used to limit the access or legal rights of the compilation's users
+beyond what the individual works permit. Inclusion of a covered work
+in an aggregate does not cause this License to apply to the other
+parts of the aggregate.
+
+@item Conveying Non-Source Forms.
+
+You may convey a covered work in object code form under the terms of
+sections 4 and 5, provided that you also convey the machine-readable
+Corresponding Source under the terms of this License, in one of these
+ways:
+
+@enumerate a
+@item
+Convey the object code in, or embodied in, a physical product
+(including a physical distribution medium), accompanied by the
+Corresponding Source fixed on a durable physical medium customarily
+used for software interchange.
+
+@item
+Convey the object code in, or embodied in, a physical product
+(including a physical distribution medium), accompanied by a written
+offer, valid for at least three years and valid for as long as you
+offer spare parts or customer support for that product model, to give
+anyone who possesses the object code either (1) a copy of the
+Corresponding Source for all the software in the product that is
+covered by this License, on a durable physical medium customarily used
+for software interchange, for a price no more than your reasonable
+cost of physically performing this conveying of source, or (2) access
+to copy the Corresponding Source from a network server at no charge.
+
+@item
+Convey individual copies of the object code with a copy of the written
+offer to provide the Corresponding Source. This alternative is
+allowed only occasionally and noncommercially, and only if you
+received the object code with such an offer, in accord with subsection
+6b.
+
+@item
+Convey the object code by offering access from a designated place
+(gratis or for a charge), and offer equivalent access to the
+Corresponding Source in the same way through the same place at no
+further charge. You need not require recipients to copy the
+Corresponding Source along with the object code. If the place to copy
+the object code is a network server, the Corresponding Source may be
+on a different server (operated by you or a third party) that supports
+equivalent copying facilities, provided you maintain clear directions
+next to the object code saying where to find the Corresponding Source.
+Regardless of what server hosts the Corresponding Source, you remain
+obligated to ensure that it is available for as long as needed to
+satisfy these requirements.
+
+@item
+Convey the object code using peer-to-peer transmission, provided you
+inform other peers where the object code and Corresponding Source of
+the work are being offered to the general public at no charge under
+subsection 6d.
+
+@end enumerate
+
+A separable portion of the object code, whose source code is excluded
+from the Corresponding Source as a System Library, need not be
+included in conveying the object code work.
+
+A ``User Product'' is either (1) a ``consumer product'', which means any
+tangible personal property which is normally used for personal,
+family, or household purposes, or (2) anything designed or sold for
+incorporation into a dwelling. In determining whether a product is a
+consumer product, doubtful cases shall be resolved in favor of
+coverage. For a particular product received by a particular user,
+``normally used'' refers to a typical or common use of that class of
+product, regardless of the status of the particular user or of the way
+in which the particular user actually uses, or expects or is expected
+to use, the product. A product is a consumer product regardless of
+whether the product has substantial commercial, industrial or
+non-consumer uses, unless such uses represent the only significant
+mode of use of the product.
+
+``Installation Information'' for a User Product means any methods,
+procedures, authorization keys, or other information required to
+install and execute modified versions of a covered work in that User
+Product from a modified version of its Corresponding Source. The
+information must suffice to ensure that the continued functioning of
+the modified object code is in no case prevented or interfered with
+solely because modification has been made.
+
+If you convey an object code work under this section in, or with, or
+specifically for use in, a User Product, and the conveying occurs as
+part of a transaction in which the right of possession and use of the
+User Product is transferred to the recipient in perpetuity or for a
+fixed term (regardless of how the transaction is characterized), the
+Corresponding Source conveyed under this section must be accompanied
+by the Installation Information. But this requirement does not apply
+if neither you nor any third party retains the ability to install
+modified object code on the User Product (for example, the work has
+been installed in ROM).
+
+The requirement to provide Installation Information does not include a
+requirement to continue to provide support service, warranty, or
+updates for a work that has been modified or installed by the
+recipient, or for the User Product in which it has been modified or
+installed. Access to a network may be denied when the modification
+itself materially and adversely affects the operation of the network
+or violates the rules and protocols for communication across the
+network.
+
+Corresponding Source conveyed, and Installation Information provided,
+in accord with this section must be in a format that is publicly
+documented (and with an implementation available to the public in
+source code form), and must require no special password or key for
+unpacking, reading or copying.
+
+@item Additional Terms.
+
+``Additional permissions'' are terms that supplement the terms of this
+License by making exceptions from one or more of its conditions.
+Additional permissions that are applicable to the entire Program shall
+be treated as though they were included in this License, to the extent
+that they are valid under applicable law. If additional permissions
+apply only to part of the Program, that part may be used separately
+under those permissions, but the entire Program remains governed by
+this License without regard to the additional permissions.
+
+When you convey a copy of a covered work, you may at your option
+remove any additional permissions from that copy, or from any part of
+it. (Additional permissions may be written to require their own
+removal in certain cases when you modify the work.) You may place
+additional permissions on material, added by you to a covered work,
+for which you have or can give appropriate copyright permission.
+
+Notwithstanding any other provision of this License, for material you
+add to a covered work, you may (if authorized by the copyright holders
+of that material) supplement the terms of this License with terms:
+
+@enumerate a
+@item
+Disclaiming warranty or limiting liability differently from the terms
+of sections 15 and 16 of this License; or
+
+@item
+Requiring preservation of specified reasonable legal notices or author
+attributions in that material or in the Appropriate Legal Notices
+displayed by works containing it; or
+
+@item
+Prohibiting misrepresentation of the origin of that material, or
+requiring that modified versions of such material be marked in
+reasonable ways as different from the original version; or
+
+@item
+Limiting the use for publicity purposes of names of licensors or
+authors of the material; or
+
+@item
+Declining to grant rights under trademark law for use of some trade
+names, trademarks, or service marks; or
+
+@item
+Requiring indemnification of licensors and authors of that material by
+anyone who conveys the material (or modified versions of it) with
+contractual assumptions of liability to the recipient, for any
+liability that these contractual assumptions directly impose on those
+licensors and authors.
+@end enumerate
+
+All other non-permissive additional terms are considered ``further
+restrictions'' within the meaning of section 10. If the Program as you
+received it, or any part of it, contains a notice stating that it is
+governed by this License along with a term that is a further
+restriction, you may remove that term. If a license document contains
+a further restriction but permits relicensing or conveying under this
+License, you may add to a covered work material governed by the terms
+of that license document, provided that the further restriction does
+not survive such relicensing or conveying.
+
+If you add terms to a covered work in accord with this section, you
+must place, in the relevant source files, a statement of the
+additional terms that apply to those files, or a notice indicating
+where to find the applicable terms.
+
+Additional terms, permissive or non-permissive, may be stated in the
+form of a separately written license, or stated as exceptions; the
+above requirements apply either way.
+
+@item Termination.
+
+You may not propagate or modify a covered work except as expressly
+provided under this License. Any attempt otherwise to propagate or
+modify it is void, and will automatically terminate your rights under
+this License (including any patent licenses granted under the third
+paragraph of section 11).
+
+However, if you cease all violation of this License, then your license
+from a particular copyright holder is reinstated (a) provisionally,
+unless and until the copyright holder explicitly and finally
+terminates your license, and (b) permanently, if the copyright holder
+fails to notify you of the violation by some reasonable means prior to
+60 days after the cessation.
+
+Moreover, your license from a particular copyright holder is
+reinstated permanently if the copyright holder notifies you of the
+violation by some reasonable means, this is the first time you have
+received notice of violation of this License (for any work) from that
+copyright holder, and you cure the violation prior to 30 days after
+your receipt of the notice.
+
+Termination of your rights under this section does not terminate the
+licenses of parties who have received copies or rights from you under
+this License. If your rights have been terminated and not permanently
+reinstated, you do not qualify to receive new licenses for the same
+material under section 10.
+
+@item Acceptance Not Required for Having Copies.
+
+You are not required to accept this License in order to receive or run
+a copy of the Program. Ancillary propagation of a covered work
+occurring solely as a consequence of using peer-to-peer transmission
+to receive a copy likewise does not require acceptance. However,
+nothing other than this License grants you permission to propagate or
+modify any covered work. These actions infringe copyright if you do
+not accept this License. Therefore, by modifying or propagating a
+covered work, you indicate your acceptance of this License to do so.
+
+@item Automatic Licensing of Downstream Recipients.
+
+Each time you convey a covered work, the recipient automatically
+receives a license from the original licensors, to run, modify and
+propagate that work, subject to this License. You are not responsible
+for enforcing compliance by third parties with this License.
+
+An ``entity transaction'' is a transaction transferring control of an
+organization, or substantially all assets of one, or subdividing an
+organization, or merging organizations. If propagation of a covered
+work results from an entity transaction, each party to that
+transaction who receives a copy of the work also receives whatever
+licenses to the work the party's predecessor in interest had or could
+give under the previous paragraph, plus a right to possession of the
+Corresponding Source of the work from the predecessor in interest, if
+the predecessor has it or can get it with reasonable efforts.
+
+You may not impose any further restrictions on the exercise of the
+rights granted or affirmed under this License. For example, you may
+not impose a license fee, royalty, or other charge for exercise of
+rights granted under this License, and you may not initiate litigation
+(including a cross-claim or counterclaim in a lawsuit) alleging that
+any patent claim is infringed by making, using, selling, offering for
+sale, or importing the Program or any portion of it.
+
+@item Patents.
+
+A ``contributor'' is a copyright holder who authorizes use under this
+License of the Program or a work on which the Program is based. The
+work thus licensed is called the contributor's ``contributor version''.
+
+A contributor's ``essential patent claims'' are all patent claims owned
+or controlled by the contributor, whether already acquired or
+hereafter acquired, that would be infringed by some manner, permitted
+by this License, of making, using, or selling its contributor version,
+but do not include claims that would be infringed only as a
+consequence of further modification of the contributor version. For
+purposes of this definition, ``control'' includes the right to grant
+patent sublicenses in a manner consistent with the requirements of
+this License.
+
+Each contributor grants you a non-exclusive, worldwide, royalty-free
+patent license under the contributor's essential patent claims, to
+make, use, sell, offer for sale, import and otherwise run, modify and
+propagate the contents of its contributor version.
+
+In the following three paragraphs, a ``patent license'' is any express
+agreement or commitment, however denominated, not to enforce a patent
+(such as an express permission to practice a patent or covenant not to
+sue for patent infringement). To ``grant'' such a patent license to a
+party means to make such an agreement or commitment not to enforce a
+patent against the party.
+
+If you convey a covered work, knowingly relying on a patent license,
+and the Corresponding Source of the work is not available for anyone
+to copy, free of charge and under the terms of this License, through a
+publicly available network server or other readily accessible means,
+then you must either (1) cause the Corresponding Source to be so
+available, or (2) arrange to deprive yourself of the benefit of the
+patent license for this particular work, or (3) arrange, in a manner
+consistent with the requirements of this License, to extend the patent
+license to downstream recipients. ``Knowingly relying'' means you have
+actual knowledge that, but for the patent license, your conveying the
+covered work in a country, or your recipient's use of the covered work
+in a country, would infringe one or more identifiable patents in that
+country that you have reason to believe are valid.
+
+If, pursuant to or in connection with a single transaction or
+arrangement, you convey, or propagate by procuring conveyance of, a
+covered work, and grant a patent license to some of the parties
+receiving the covered work authorizing them to use, propagate, modify
+or convey a specific copy of the covered work, then the patent license
+you grant is automatically extended to all recipients of the covered
+work and works based on it.
+
+A patent license is ``discriminatory'' if it does not include within the
+scope of its coverage, prohibits the exercise of, or is conditioned on
+the non-exercise of one or more of the rights that are specifically
+granted under this License. You may not convey a covered work if you
+are a party to an arrangement with a third party that is in the
+business of distributing software, under which you make payment to the
+third party based on the extent of your activity of conveying the
+work, and under which the third party grants, to any of the parties
+who would receive the covered work from you, a discriminatory patent
+license (a) in connection with copies of the covered work conveyed by
+you (or copies made from those copies), or (b) primarily for and in
+connection with specific products or compilations that contain the
+covered work, unless you entered into that arrangement, or that patent
+license was granted, prior to 28 March 2007.
+
+Nothing in this License shall be construed as excluding or limiting
+any implied license or other defenses to infringement that may
+otherwise be available to you under applicable patent law.
+
+@item No Surrender of Others' Freedom.
+
+If conditions are imposed on you (whether by court order, agreement or
+otherwise) that contradict the conditions of this License, they do not
+excuse you from the conditions of this License. If you cannot convey
+a covered work so as to satisfy simultaneously your obligations under
+this License and any other pertinent obligations, then as a
+consequence you may not convey it at all. For example, if you agree
+to terms that obligate you to collect a royalty for further conveying
+from those to whom you convey the Program, the only way you could
+satisfy both those terms and this License would be to refrain entirely
+from conveying the Program.
+
+@item Remote Network Interaction; Use with the GNU General Public License.
+
+Notwithstanding any other provision of this License, if you modify the
+Program, your modified version must prominently offer all users interacting
+with it remotely through a computer network (if your version supports such
+interaction) an opportunity to receive the Corresponding Source of your
+version by providing access to the Corresponding Source from a network
+server at no charge, through some standard or customary means of
+facilitating copying of software. This Corresponding Source shall include
+the Corresponding Source for any work covered by version 3 of the GNU
+General Public License that is incorporated pursuant to the following
+paragraph.
+
+Notwithstanding any other provision of this License, you have permission to
+link or combine any covered work with a work licensed under version 3 of
+the GNU General Public License into a single combined work, and to convey
+the resulting work. The terms of this License will continue to apply to
+the part which is the covered work, but the work with which it is combined
+will remain governed by version 3 of the GNU General Public License.
+
+@item Revised Versions of this License.
+
+The Free Software Foundation may publish revised and/or new versions
+of the GNU Affero General Public License from time to time. Such new
+versions will be similar in spirit to the present version, but may
+differ in detail to address new problems or concerns.
+
+Each version is given a distinguishing version number. If the Program
+specifies that a certain numbered version of the GNU Affero General Public
+License ``or any later version'' applies to it, you have the option of
+following the terms and conditions either of that numbered version or
+of any later version published by the Free Software Foundation. If
+the Program does not specify a version number of the GNU Affero General
+Public License, you may choose any version ever published by the Free
+Software Foundation.
+
+If the Program specifies that a proxy can decide which future versions
+of the GNU Affero General Public License can be used, that proxy's public
+statement of acceptance of a version permanently authorizes you to
+choose that version for the Program.
+
+Later license versions may give you additional or different
+permissions. However, no additional obligations are imposed on any
+author or copyright holder as a result of your choosing to follow a
+later version.
+
+@item Disclaimer of Warranty.
+
+THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY
+APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT
+HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM ``AS IS'' WITHOUT
+WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT
+LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND
+PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE
+DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR
+CORRECTION.
+
+@item Limitation of Liability.
+
+IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
+WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR
+CONVEYS THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
+INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES
+ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT
+NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR
+LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM
+TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER
+PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
+
+@item Interpretation of Sections 15 and 16.
+
+If the disclaimer of warranty and limitation of liability provided
+above cannot be given local legal effect according to their terms,
+reviewing courts shall apply local law that most closely approximates
+an absolute waiver of all civil liability in connection with the
+Program, unless a warranty or assumption of liability accompanies a
+copy of the Program in return for a fee.
+
+@end enumerate
+
+@heading END OF TERMS AND CONDITIONS
+
+@heading How to Apply These Terms to Your New Programs
+
+If you develop a new program, and you want it to be of the greatest
+possible use to the public, the best way to achieve this is to make it
+free software which everyone can redistribute and change under these
+terms.
+
+To do so, attach the following notices to the program. It is safest
+to attach them to the start of each source file to most effectively
+state the exclusion of warranty; and each file should have at least
+the ``copyright'' line and a pointer to where the full notice is found.
+
+@smallexample
+@var{one line to give the program's name and a brief idea of what it does.}
+Copyright (C) @var{year} @var{name of author}
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU Affero General Public License as published by
+the Free Software Foundation, either version 3 of the License, or (at
+your option) any later version.
+
+This program is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+Affero General Public License for more details.
+
+You should have received a copy of the GNU Affero General Public License
+along with this program. If not, see @url{http://www.gnu.org/licenses/}.
+@end smallexample
+
+Also add information on how to contact you by electronic and paper mail.
+
+If your software can interact with users remotely through a computer
+network, you should also make sure that it provides a way for users to
+get its source. For example, if your program is a web application, its
+interface could display a ``Source'' link that leads users to an archive
+of the code. There are many ways you could offer source, and different
+solutions will be better for different programs; see section 13 for the
+specific requirements.
+
+You should also get your employer (if you work as a programmer) or school,
+if any, to sign a ``copyright disclaimer'' for the program, if necessary.
+For more information on this, and how to apply and follow the GNU AGPL, see
+@url{http://www.gnu.org/licenses/}.
diff --git a/doc/anastasis-config.1 b/doc/anastasis-config.1
new file mode 100644
index 0000000..bb1512d
--- /dev/null
+++ b/doc/anastasis-config.1
@@ -0,0 +1,123 @@
+.\" Man page generated from reStructuredText.
+.
+.TH "ANASTASIS-CONFIG" "1" "Jul 18, 2021" "0.0" "Anastasis"
+.SH NAME
+anastasis-config \- anastasis configuration file manipulation
+.
+.nr rst2man-indent-level 0
+.
+.de1 rstReportMargin
+\\$1 \\n[an-margin]
+level \\n[rst2man-indent-level]
+level margin: \\n[rst2man-indent\\n[rst2man-indent-level]]
+-
+\\n[rst2man-indent0]
+\\n[rst2man-indent1]
+\\n[rst2man-indent2]
+..
+.de1 INDENT
+.\" .rstReportMargin pre:
+. RS \\$1
+. nr rst2man-indent\\n[rst2man-indent-level] \\n[an-margin]
+. nr rst2man-indent-level +1
+.\" .rstReportMargin post:
+..
+.de UNINDENT
+. RE
+.\" indent \\n[an-margin]
+.\" old: \\n[rst2man-indent\\n[rst2man-indent-level]]
+.nr rst2man-indent-level -1
+.\" new: \\n[rst2man-indent\\n[rst2man-indent-level]]
+.in \\n[rst2man-indent\\n[rst2man-indent-level]]u
+..
+.SH SYNOPSIS
+.sp
+\fBanastasis\-config\fP
+[\fB\-b\fP\ \fIbackend\fP\ |\ \fB––supported\-backend=\fP\fIbackend\fP]
+[\fB\-c\fP\ \fIfilename\fP\ |\ \fB––config=\fP\fIfilename\fP]
+[\fB\-f\fP\ |\ \fB––filename\fP]
+[\fB\-F\fP\ |\ \fB––full\fP]
+[\fB\-h\fP\ |\ \fB––help\fP]
+[\fB\-L\fP\ \fIloglevel\fP\ |\ \fB––loglevel=\fP\fIloglevel\fP]
+[\fB\-l\fP\ \fIfilename\fP\ |\ \fB––logfile=\fP‌\fIfilename\fP]
+[\fB\-o\fP\ \fIoption\fP\ |\ \fB––option=\fP\fIoption\fP]
+[\fB\-r\fP\ |\ \fB––rewrite\fP]
+[\fB\-S\fP\ |\ \fB––list\-sections\fP]
+[\fB\-s\fP\ \fIsection\fP\ |\ \fB––section=\fP\fIsection\fP]
+[\fB\-V\fP\ \fIvalue\fP\ |\ \fB––value=\fP\fIvalue\fP]
+[\fB\-v\fP\ |\ \fB––version\fP]
+.SH DESCRIPTION
+.sp
+\fBanastasis\-config\fP can be used to read or modify Anastasis configuration files.
+.INDENT 0.0
+.TP
+\fB\-b\fP \fIBACKEND\fP | \fB––supported\-backend=\fP\fIBACKEND\fP
+Tests whether the specified \fIBACKEND\fP is supported by the current installation.
+The backend must match the name of a plugin, i.e. “namestore_postgres” for
+the Postgres database backend of the “NAMESTORE” service. If \fIBACKEND\fP is
+supported, anastasis\-config will return a status code of 0 (success), otherwise
+77 (unsupported). When this option is specified, no other options may be
+specified. Specifying this option together with other options will cause
+anastasis\-config to return a status code of 1 (error).
+.TP
+\fB\-c\fP \fIFILENAME\fP | \fB––config=\fP\fIFILENAME\fP
+Use the configuration file \fIFILENAME\fP\&.
+.TP
+\fB\-f\fP | \fB––filename\fP
+Try to perform expansions as if the option values represent filenames (will
+also be applied even if the option is not really a filename).
+.TP
+\fB\-F\fP | \fB––full\fP
+Write the full configuration file, not just the differences to the defaults.
+.TP
+\fB\-h\fP | \fB––help\fP
+Print short help on options.
+.TP
+\fB\-L\fP \fILOGLEVEL\fP | \fB––loglevel=\fP\fILOGLEVEL\fP
+Use \fILOGLEVEL\fP for logging.
+Valid values are \fBDEBUG\fP, \fBINFO\fP, \fBWARNING\fP, and \fBERROR\fP\&.
+.TP
+\fB\-l\fP \fIFILENAME\fP | \fB––logfile=\fP‌\fIFILENAME\fP
+Send logging output to \fIFILENAME\fP\&.
+.TP
+\fB\-o\fP \fIOPTION\fP | \fB––option=\fP\fIOPTION\fP
+Which configuration option should be accessed or edited. Required to set a
+value. If not given, all values of a given section will be printed in the
+format “OPTION = VALUE”.
+.TP
+\fB\-r\fP | \fB––rewrite\fP
+Write the configuration file even if nothing changed. Will remove all comments!
+.TP
+\fB\-S\fP | \fB––list\-sections\fP
+List available configuration sections for use with \fB\-\-section\fP\&.
+.TP
+\fB\-s\fP \fISECTION\fP | \fB––section=\fP\fISECTION\fP
+Which configuration section should be accessed or edited.
+Required option.
+.TP
+\fB\-V\fP \fIVALUE\fP | \fB––value=\fP\fIVALUE\fP
+Configuration value to store in the given section under the given option.
+Must only be given together with \fB\-s\fP and \fB\-o\fP options.
+.INDENT 7.0
+.TP
+.B Note:
+Changing the configuration file with \fB\-V\fP will remove comments
+and may reorder sections and remove \fB@INLINE@\fP directives.
+.UNINDENT
+.TP
+\fB\-v\fP | \fB––version\fP
+Print Anastasis version number.
+.UNINDENT
+.SH SEE ALSO
+.sp
+anastasis.conf(5)
+.SH BUGS
+.sp
+Report bugs by using \fI\%https://bugs.anastasis.lu\fP or by sending electronic
+mail to <\fI\%contact@anastasis.lu\fP>.
+.SH AUTHOR
+Anastasis SARL
+.SH COPYRIGHT
+2020-2021 Anastasis SARL (AGPLv3+ or GFDL 1.3+)
+.\" Generated by docutils manpage writer.
+.
diff --git a/doc/anastasis-figures/anastasis-db.png b/doc/anastasis-figures/anastasis-db.png
new file mode 100644
index 0000000..03eed9d
--- /dev/null
+++ b/doc/anastasis-figures/anastasis-db.png
Binary files differ
diff --git a/doc/anastasis-figures/anastasis_challenge_payment.png b/doc/anastasis-figures/anastasis_challenge_payment.png
new file mode 100644
index 0000000..a0593eb
--- /dev/null
+++ b/doc/anastasis-figures/anastasis_challenge_payment.png
Binary files differ
diff --git a/doc/anastasis-figures/anastasis_challengecode.png b/doc/anastasis-figures/anastasis_challengecode.png
new file mode 100644
index 0000000..fc30f4f
--- /dev/null
+++ b/doc/anastasis-figures/anastasis_challengecode.png
Binary files differ
diff --git a/doc/anastasis-figures/anastasis_reducer_backup.png b/doc/anastasis-figures/anastasis_reducer_backup.png
new file mode 100644
index 0000000..53daf7c
--- /dev/null
+++ b/doc/anastasis-figures/anastasis_reducer_backup.png
Binary files differ
diff --git a/doc/anastasis-figures/anastasis_reducer_recovery.png b/doc/anastasis-figures/anastasis_reducer_recovery.png
new file mode 100644
index 0000000..b08c763
--- /dev/null
+++ b/doc/anastasis-figures/anastasis_reducer_recovery.png
Binary files differ
diff --git a/doc/anastasis-figures/anastasis_truth.png b/doc/anastasis-figures/anastasis_truth.png
new file mode 100644
index 0000000..7f23fa2
--- /dev/null
+++ b/doc/anastasis-figures/anastasis_truth.png
Binary files differ
diff --git a/doc/anastasis-figures/anastasis_truth_payment.png b/doc/anastasis-figures/anastasis_truth_payment.png
new file mode 100644
index 0000000..70a6b3d
--- /dev/null
+++ b/doc/anastasis-figures/anastasis_truth_payment.png
Binary files differ
diff --git a/doc/anastasis-httpd.1 b/doc/anastasis-httpd.1
new file mode 100644
index 0000000..131be44
--- /dev/null
+++ b/doc/anastasis-httpd.1
@@ -0,0 +1,78 @@
+.\" Man page generated from reStructuredText.
+.
+.TH "ANASTASIS-HTTPD" "1" "Jul 18, 2021" "0.0" "Anastasis"
+.SH NAME
+anastasis-httpd \- anastasis HTTP backend
+.
+.nr rst2man-indent-level 0
+.
+.de1 rstReportMargin
+\\$1 \\n[an-margin]
+level \\n[rst2man-indent-level]
+level margin: \\n[rst2man-indent\\n[rst2man-indent-level]]
+-
+\\n[rst2man-indent0]
+\\n[rst2man-indent1]
+\\n[rst2man-indent2]
+..
+.de1 INDENT
+.\" .rstReportMargin pre:
+. RS \\$1
+. nr rst2man-indent\\n[rst2man-indent-level] \\n[an-margin]
+. nr rst2man-indent-level +1
+.\" .rstReportMargin post:
+..
+.de UNINDENT
+. RE
+.\" indent \\n[an-margin]
+.\" old: \\n[rst2man-indent\\n[rst2man-indent-level]]
+.nr rst2man-indent-level -1
+.\" new: \\n[rst2man-indent\\n[rst2man-indent-level]]
+.in \\n[rst2man-indent\\n[rst2man-indent-level]]u
+..
+.SH SYNOPSIS
+.sp
+\fBanastasis\-httpd\fP
+.SH DESCRIPTION
+.sp
+Banastasis\-httpd is a command line tool to run the Anastasis (HTTP
+backend). The required configuration and database must exist before
+running this command.
+.sp
+Its options are as follows:
+.INDENT 0.0
+.TP
+\fB\-C\fP | \fB–connection\-close\fP
+Force each HTTP connection to be closed after each request.
+.TP
+\fB\-c\fP \fIFILENAME\fP | \fB––config=\fP‌\fIFILENAME\fP
+Use the configuration and other resources for the merchant to operate
+from FILENAME.
+.TP
+\fB\-h\fP | \fB––help\fP
+Print short help on options.
+.TP
+\fB\-v\fP | \fB––version\fP
+Print version information.
+.UNINDENT
+.SH SIGNALS
+.sp
+\fBanastasis\-httpd\fP responds to the following signals:
+.INDENT 0.0
+.TP
+.B \fBSIGTERM\fP
+Sending a SIGTERM to the process will cause it to shutdown cleanly.
+.UNINDENT
+.SH SEE ALSO
+.sp
+anastasis\-dbinit(1), anastasis\-config(1), anastasis\-gtk(1), anastasis\-reducer(1)
+.SH BUGS
+.sp
+Report bugs by using \fI\%https://bugs.anastasis.lu\fP or by sending
+electronic mail to <\fI\%contact@anastasis.lu\fP>.
+.SH AUTHOR
+Anastasis SARL
+.SH COPYRIGHT
+2020-2021 Anastasis SARL (AGPLv3+ or GFDL 1.3+)
+.\" Generated by docutils manpage writer.
+.
diff --git a/doc/anastasis-reducer.1 b/doc/anastasis-reducer.1
new file mode 100644
index 0000000..8a79075
--- /dev/null
+++ b/doc/anastasis-reducer.1
@@ -0,0 +1,93 @@
+.\" Man page generated from reStructuredText.
+.
+.TH "ANASTASIS-REDUCER" "1" "Jul 18, 2021" "0.0" "Anastasis"
+.SH NAME
+anastasis-reducer \- anastasis CLI frontend
+.
+.nr rst2man-indent-level 0
+.
+.de1 rstReportMargin
+\\$1 \\n[an-margin]
+level \\n[rst2man-indent-level]
+level margin: \\n[rst2man-indent\\n[rst2man-indent-level]]
+-
+\\n[rst2man-indent0]
+\\n[rst2man-indent1]
+\\n[rst2man-indent2]
+..
+.de1 INDENT
+.\" .rstReportMargin pre:
+. RS \\$1
+. nr rst2man-indent\\n[rst2man-indent-level] \\n[an-margin]
+. nr rst2man-indent-level +1
+.\" .rstReportMargin post:
+..
+.de UNINDENT
+. RE
+.\" indent \\n[an-margin]
+.\" old: \\n[rst2man-indent\\n[rst2man-indent-level]]
+.nr rst2man-indent-level -1
+.\" new: \\n[rst2man-indent\\n[rst2man-indent-level]]
+.in \\n[rst2man-indent\\n[rst2man-indent-level]]u
+..
+.SH SYNOPSIS
+.sp
+\fBanastasis\-reducer\fP
+[\fB\-a**_*JSON*_|_\fP–arguments=\fIJSON\fP]
+[\fB\-b**_|_\fP–backup]
+[\fB\-c\fP\ \fIFILENAME\fP\ |\ \fB––config=\fP‌\fIFILENAME\fP]
+[\fB\-h\fP\ |\ \fB––help\fP]
+[\fB\-L\fP\ \fILOGLEVEL\fP\ |\ \fB––loglevel=\fP‌\fILOGLEVEL\fP]
+[\fB\-l\fP\ \fIFILENAME\fP\ |\ \fB––logfile=\fP‌\fIFILENAME\fP]
+[\fB\-r**_|_\fP–restore]
+[\fB\-v\fP\ |\ \fB––version\fP] COMMAND
+.SH DESCRIPTION
+.sp
+\fBanastasis\-reducer\fP is a command\-line tool to run Anastasis
+key recover and backup operations using a reducer\-style interface.
+The reducer will read the current state from standard input and
+write the resulting state to standard output. A COMMAND must
+be given on the command line. The arguments (if any) are to
+be given in JSON format to the \fB\-a\fP option. A list of
+commands can be found in the \&../reducer
+chapter.
+.INDENT 0.0
+.TP
+\fB\-a\fP \fIJSON\fP | \fB––arguments=\fP\fIJSON\fP
+Provide JSON inputs for the given command.
+.TP
+\fB\-b\fP | \fB–backup\fP
+Begin fresh reducer operation for a back up operation.
+.TP
+\fB\-c\fP \fIFILENAME\fP | \fB––config=\fP‌\fIFILENAME\fP
+Use the configuration from \fIFILENAME\fP\&.
+.TP
+\fB\-h\fP | \fB––help\fP
+Print short help on options.
+.TP
+\fB\-L\fP \fILOGLEVEL\fP | \fB––loglevel=\fP‌\fILOGLEVEL\fP
+Specifies the log level to use. Accepted values are: \fBDEBUG\fP, \fBINFO\fP,
+\fBWARNING\fP, \fBERROR\fP\&.
+.TP
+\fB\-l\fP \fIFILENAME\fP | \fB––logfile=\fP‌\fIFILENAME\fP
+Send logging output to \fIFILENAME\fP\&.
+.TP
+\fB\-r\fP | \fB–restore\fP
+Begin fresh reducer operation for a restore operation.
+.TP
+\fB\-v\fP | \fB––version\fP
+Print version information.
+.UNINDENT
+.SH SEE ALSO
+.sp
+anastasis\-gtk(1), anastasis\-httpd(1), anastasis.conf(5).
+.SH BUGS
+.sp
+Report bugs by using \fI\%https://bugs.anastasis.lu/\fP or by sending electronic
+mail to <\fI\%contact@anastasis.lu\fP>.
+.SH AUTHOR
+Anastasis SARL
+.SH COPYRIGHT
+2020-2021 Anastasis SARL (AGPLv3+ or GFDL 1.3+)
+.\" Generated by docutils manpage writer.
+.
diff --git a/doc/anastasis.conf.5 b/doc/anastasis.conf.5
new file mode 100644
index 0000000..446531a
--- /dev/null
+++ b/doc/anastasis.conf.5
@@ -0,0 +1,151 @@
+.\" Man page generated from reStructuredText.
+.
+.TH "ANASTASIS.CONF" "5" "Jul 18, 2021" "0.0" "Anastasis"
+.SH NAME
+anastasis.conf \- anastasis configuration file
+.
+.nr rst2man-indent-level 0
+.
+.de1 rstReportMargin
+\\$1 \\n[an-margin]
+level \\n[rst2man-indent-level]
+level margin: \\n[rst2man-indent\\n[rst2man-indent-level]]
+-
+\\n[rst2man-indent0]
+\\n[rst2man-indent1]
+\\n[rst2man-indent2]
+..
+.de1 INDENT
+.\" .rstReportMargin pre:
+. RS \\$1
+. nr rst2man-indent\\n[rst2man-indent-level] \\n[an-margin]
+. nr rst2man-indent-level +1
+.\" .rstReportMargin post:
+..
+.de UNINDENT
+. RE
+.\" indent \\n[an-margin]
+.\" old: \\n[rst2man-indent\\n[rst2man-indent-level]]
+.nr rst2man-indent-level -1
+.\" new: \\n[rst2man-indent\\n[rst2man-indent-level]]
+.in \\n[rst2man-indent\\n[rst2man-indent-level]]u
+..
+.SH DESCRIPTION
+.sp
+The configuration file is line\-oriented.
+Blank lines and whitespace at the beginning and end of a line are ignored.
+Comments start with \fB#\fP or \fB%\fP in the first column
+(after any beginning\-of\-line whitespace) and go to the end of the line.
+.sp
+The file is split into sections.
+Every section begins with “[SECTIONNAME]” and
+contains a number of options of the form “OPTION=VALUE”.
+There may be whitespace around the \fB=\fP (equal sign).
+Section names and options are \fIcase\-insensitive\fP\&.
+.sp
+The values, however, are \fIcase\-sensitive\fP\&.
+In particular, boolean values are one of \fBYES\fP or \fBNO\fP\&.
+Values can include whitespace by surrounding
+the entire value with \fB"\fP (double quote).
+Note, however, that there are no escape characters in such strings;
+all characters between the double quotes (including other double quotes)
+are taken verbatim.
+.sp
+Values that represent filenames can begin with a \fB/bin/sh\fP\-like
+variable reference.
+This can be simple, such as \fB$TMPDIR/foo\fP, or complex,
+such as \fB${TMPDIR:\-${TMP:\-/tmp}}/foo\fP\&.
+See \fB[PATHS]\fP (below).
+.sp
+Values that represent a time duration are represented as a series of one or
+more \fBNUMBER UNIT\fP pairs, e.g. \fB60 s\fP, \fB4 weeks 1 day\fP, \fB5 years 2 minutes\fP\&.
+.sp
+Values that represent an amount are in the usual amount syntax:
+\fBCURRENCY:VALUE.FRACTION\fP, e.g. \fBEUR:1.50\fP\&.
+The \fBFRACTION\fP portion may extend up to 8 places.
+.sp
+Files containing default values for many of the options described below
+are installed under \fB$ANASTASIS_PREFIX/share/taler/config.d/\fP\&.
+The configuration file given with \fB\-c\fP to Anastasis binaries
+overrides these defaults.
+.sp
+A configuration file may include another, by using the \fB@INLINE@\fP directive,
+for example, in \fBmain.conf\fP, you could write \fB@INLINE@ sub.conf\fP to
+include the entirety of \fBsub.conf\fP at that point in \fBmain.conf\fP\&.
+.. TODO: Document ‘anastasis\-config \-V’ in light of ‘@INLINE@’ in taler\-config(1).
+.SS GLOBAL OPTIONS
+.sp
+The following options are from the \fB[anastasis]\fP section and used by
+the \fBanastasis\-httpd\fP service.
+.INDENT 0.0
+.TP
+.B PAYMENT_BACKEND_URL
+Base\-URL of the Taler merchant backend instance to use for payments.
+FIXME: How do we pass the access token?
+.TP
+.B ANNUAL_FEE
+Annual fee to be paid for policy uploads, i.e. “EUR:1.5”.
+.TP
+.B TRUTH_UPLOAD_FEE
+Annual fee to be paid for truth uploads, i.e. “EUR:1.5”.
+.TP
+.B DB
+Database backend to use, only \fBpostgres\fP is supported right now.
+.TP
+.B UPLOAD_LIMIT_MB
+Maximum upload size for policy uploads in megabytes. Default is 1.
+.TP
+.B ANNUAL_POLICY_UPLOAD_LIMIT
+Maximum number of policies uploaded per year of service. Default is 42.
+.TP
+.B BUSINESS_NAME
+Name of the business.
+.TP
+.B SERVER_SALT
+Must be set to a high\-entropy random server salt that the provider must never
+change after the initial configuration.
+.TP
+.B PORT
+TCP port on which the HTTP service should listen on.
+.UNINDENT
+.SS Authorization options
+.sp
+For each active authorization plugin, options must be configured in
+a section called \fB[authorization\-$PLUGIN]\fP where \fB$PLUGIN\fP is
+the name of the authorization plugin.
+.INDENT 0.0
+.TP
+.B COST
+Fee the user has to pay to obtain a challenge from this
+authorization plugin during recovery.
+.TP
+.B ENABLED
+\fByes\fP to enable this plugin, \fBno\fP to disable.
+.TP
+.B COMMAND
+Helper command to run (only relevant for some plugins).
+.UNINDENT
+.SS Postgres database configuration
+.sp
+The following options must be in the section \fB[statis\-postgres]\fP if
+\fBpostgress\fP was used for the database under \fBDB\fP in the
+\fB[anastasis]\fP section.
+.INDENT 0.0
+.TP
+.B CONFIG
+Path under which the Postgres database is that the service
+should use, i.e. \fBpostgres://anastasis\fP\&.
+.UNINDENT
+.SH SEE ALSO
+.sp
+anastasis\-httpd(1), anastasis\-config(1)
+.SH BUGS
+.sp
+Report bugs by using \fI\%https://bugs.anastasis.lu/\fP or by sending electronic
+mail to <\fI\%contact@anastasis.lu\fP>.
+.SH AUTHOR
+Anastasis SARL
+.SH COPYRIGHT
+2020-2021 Anastasis SARL (AGPLv3+ or GFDL 1.3+)
+.\" Generated by docutils manpage writer.
+.
diff --git a/doc/anastasis.texi b/doc/anastasis.texi
new file mode 100644
index 0000000..a5d8b11
--- /dev/null
+++ b/doc/anastasis.texi
@@ -0,0 +1,6093 @@
+\input texinfo @c -*-texinfo-*-
+@c %**start of header
+@setfilename anastasis.info
+@documentencoding UTF-8
+@ifinfo
+@*Generated by Sphinx 3.4.3.@*
+@end ifinfo
+@settitle Anastasis Manual
+@defindex ge
+@paragraphindent 0
+@exampleindent 4
+@finalout
+@dircategory CATEGORY
+@direntry
+* MENU ENTRY: (anastasis.info). DESCRIPTION
+@end direntry
+
+@definfoenclose strong,`,'
+@definfoenclose emph,`,'
+@c %**end of header
+
+@copying
+@quotation
+GNU Anastasis 0.0.0, Jul 30, 2021
+
+Anastasis SARL
+
+Copyright @copyright{} 2020-2021 Anastasis SARL (AGPLv3+ or GFDL 1.3+)
+@end quotation
+
+@end copying
+
+@titlepage
+@title Anastasis Manual
+@insertcopying
+@end titlepage
+@contents
+
+@c %** start of user preamble
+
+@c %** end of user preamble
+
+@ifnottex
+@node Top
+@top Anastasis Manual
+@insertcopying
+@end ifnottex
+
+@c %**start of body
+@anchor{index doc}@anchor{0}
+@c This file is part of GNU Anastasis.
+@c Copyright (C) 2020-2021 Anastasis SARL
+@c
+@c Anastasis is free software; you can redistribute it and/or modify it under the
+@c terms of the GNU Affero General Public License as published by the Free Software
+@c Foundation; either version 2.1, or (at your option) any later version.
+@c
+@c Anastasis is distributed in the hope that it will be useful, but WITHOUT ANY
+@c WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
+@c A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
+@c
+@c You should have received a copy of the GNU Affero General Public License along with
+@c Anastasis; see the file COPYING. If not, see <http://www.gnu.org/licenses/>
+@c
+@c @author Christian Grothoff
+
+GNU Anastasis is Free Software protocol and implementation that allows
+users to securely deposit @strong{core secrets} with an open set of escrow
+providers and to recover these secrets if their original copies are
+lost.
+
+Anastasis is intended for users that want to make backups of key
+material, such as OpenPGP encryption keys, hard disk encryption keys
+or master keys of electronic wallets. Anastasis is NOT intended to
+store large amounts of secret data, it is only designed to safeguard
+key material.
+
+Anastasis solves the issue of keeping key material both available
+to the authorized user(s), and confidential from anyone else.
+
+With Anastasis, the @strong{core secrets} are protected from the Anastasis
+escrow providers by encrypting each with a @strong{master key}. The
+@strong{master key} can be split and distributed across the escrow
+providers to ensure that no single escrow provider can recover the
+@strong{master key} on its own. Which subset(s) of Anastasis providers
+must be contacted to recover a @strong{master key} is freely configurable.
+
+With Anastasis, users can reliably recover their @strong{core secret},
+while Anastasis makes this difficult for everyone else. This is even
+true if the user is unable to reliably remember any secret with
+sufficiently high entropy: Anastasis does not simply reduce the
+problem to encrypting the @strong{core secret} using some other key
+material in possession of the user.
+
+@menu
+* Documentation Overview::
+
+@detailmenu
+ --- The Detailed Node Listing ---
+
+Documentation Overview
+
+* Introduction::
+* Installation::
+* Configuration::
+* Cryptography::
+* REST API::
+* Reducer API::
+* Authentication Methods::
+* DB Schema::
+* Design Documents::
+* Anastasis licensing information::
+* Man Pages::
+* Complete Index::
+* GNU Free Documentation License::
+
+Introduction
+
+* User Identifiers::
+* Adversary models::
+* The recovery document::
+
+Installation
+
+* Installing from source::
+* Installing Anastasis binary packages on Debian::
+* Installing Anastasis binary packages on Ubuntu::
+
+Installing from source
+
+* Installing GNUnet::
+* Installing the Taler Exchange::
+* Installing the Taler Merchant::
+* Installing Anastasis::
+* Installing GNUnet-gtk::
+* Installing Anastasis-gtk::
+
+Installing Anastasis binary packages on Debian
+
+* Installing the graphical front-end::
+* Installing the backend::
+
+Installing Anastasis binary packages on Ubuntu
+
+* Installing the graphical front-end: Installing the graphical front-end<2>.
+* Installing the backend: Installing the backend<2>.
+
+Configuration
+
+* Configuration format::
+* Using anastasis-config::
+
+Cryptography
+
+* Key derivations::
+* Key Usage::
+* Availability Considerations::
+
+Key derivations
+
+* Verification::
+* Encryption::
+
+Key Usage
+
+* Encryption: Encryption<2>.
+* Signatures::
+
+REST API
+
+* HTTP Request and Response::
+* Protocol Version Ranges::
+* Common encodings::
+
+Common encodings
+
+* Binary Data::
+* Hash codes::
+* Large numbers::
+* Timestamps::
+* Integers::
+* Objects::
+* Keys::
+* Signatures: Signatures<2>.
+* Amounts::
+* Time::
+* Cryptographic primitives::
+* Signatures: Signatures<3>.
+* Receiving Configuration::
+* Receiving Terms of Service::
+* Manage policy::
+* Managing truth::
+
+Reducer API
+
+* States::
+* Backup Reducer::
+* Recovery Reducer::
+* Reducer transitions::
+
+Reducer transitions
+
+* Initial state::
+* Common transitions::
+* Backup transitions::
+* Recovery transitions::
+
+Authentication Methods
+
+* SMS (sms): SMS sms.
+* Email verification (email): Email verification email.
+* Video identification (vid): Video identification vid.
+* Security question (qa): Security question qa.
+* Snail mail verification (post): Snail mail verification post.
+
+Design Documents
+
+* Design Doc 001; Anastasis User Experience: Design Doc 001 Anastasis User Experience.
+* Template::
+
+Design Doc 001: Anastasis User Experience
+
+* Summary::
+* Motivation::
+* Setup Steps::
+* Show Service Status After Setup::
+* Recovery Steps::
+
+Setup Steps
+
+* Entry point; Settings: Entry point Settings.
+* Providing Identification::
+* Add Authentication Methods::
+* Confirm/Change Service Providers::
+* Defining Recovery Options::
+* Pay for Setup::
+
+Recovery Steps
+
+* Entry point; Settings: Entry point Settings<2>.
+* Providing Identification: Providing Identification<2>.
+* Select Authentication Challenge::
+* Payment::
+* Enter Challenge Response::
+* Success::
+
+Template
+
+* Summary: Summary<2>.
+* Motivation: Motivation<2>.
+* Requirements::
+* Proposed Solution::
+* Alternatives::
+* Drawbacks::
+* Discussion / Q&A::
+
+Anastasis licensing information
+
+* Anastasis (git;//git.taler.net/anastasis): Anastasis git //git taler net/anastasis.
+* Anastasis-gtk (git;//git.taler.net/anastasis-gtk): Anastasis-gtk git //git taler net/anastasis-gtk.
+* Documentation::
+
+Anastasis (git://git.taler.net/anastasis)
+
+* Runtime dependencies::
+
+Anastasis-gtk (git://git.taler.net/anastasis-gtk)
+
+* Runtime dependencies: Runtime dependencies<2>.
+
+Man Pages
+
+* anastasis-config(1): anastasis-config 1.
+* anastasis-gtk(1): anastasis-gtk 1.
+* anastasis-httpd(1): anastasis-httpd 1.
+* anastasis-reducer(1): anastasis-reducer 1.
+* anastasis.conf(5): anastasis conf 5.
+
+anastasis-config(1)
+
+* Synopsis::
+* Description::
+* See Also::
+* Bugs::
+
+anastasis-gtk(1)
+
+* Synopsis: Synopsis<2>.
+* Description: Description<2>.
+* See Also: See Also<2>.
+* Bugs: Bugs<2>.
+
+anastasis-httpd(1)
+
+* Synopsis: Synopsis<3>.
+* Description: Description<3>.
+* Signals::
+* See also::
+* Bugs: Bugs<3>.
+
+anastasis-reducer(1)
+
+* Synopsis: Synopsis<4>.
+* Description: Description<4>.
+* See Also: See Also<3>.
+* Bugs: Bugs<4>.
+
+anastasis.conf(5)
+
+* Description: Description<5>.
+* SEE ALSO::
+* BUGS::
+
+Description
+
+* GLOBAL OPTIONS::
+* Authorization options::
+* Postgres database configuration::
+
+GNU Free Documentation License
+
+* 0. PREAMBLE: 0 PREAMBLE.
+* 1. APPLICABILITY AND DEFINITIONS: 1 APPLICABILITY AND DEFINITIONS.
+* 2. VERBATIM COPYING: 2 VERBATIM COPYING.
+* 3. COPYING IN QUANTITY: 3 COPYING IN QUANTITY.
+* 4. MODIFICATIONS: 4 MODIFICATIONS.
+* 5. COMBINING DOCUMENTS: 5 COMBINING DOCUMENTS.
+* 6. COLLECTIONS OF DOCUMENTS: 6 COLLECTIONS OF DOCUMENTS.
+* 7. AGGREGATION WITH INDEPENDENT WORKS: 7 AGGREGATION WITH INDEPENDENT WORKS.
+* 8. TRANSLATION: 8 TRANSLATION.
+* 9. TERMINATION: 9 TERMINATION.
+* 10. FUTURE REVISIONS OF THIS LICENSE: 10 FUTURE REVISIONS OF THIS LICENSE.
+* 11. RELICENSING: 11 RELICENSING.
+* ADDENDUM; How to use this License for your documents: ADDENDUM How to use this License for your documents.
+
+@end detailmenu
+@end menu
+
+@node Documentation Overview,,Top,Top
+@anchor{index anastasis-documentation}@anchor{1}@anchor{index documentation-overview}@anchor{2}
+@chapter Documentation Overview
+
+
+@c This file is part of Anastasis
+@c Copyright (C) 2019-2021 Anastasis SARL
+@c
+@c Anastasis is free software; you can redistribute it and/or modify it under the
+@c terms of the GNU Affero General Public License as published by the Free Software
+@c Foundation; either version 2.1, or (at your option) any later version.
+@c
+@c Anastasis is distributed in the hope that it will be useful, but WITHOUT ANY
+@c WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
+@c A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details.
+@c
+@c You should have received a copy of the GNU Affero General Public License along with
+@c Anastasis; see the file COPYING. If not, see <http://www.gnu.org/licenses/>
+@c
+@c @author Christian Grothoff
+@c @author Dominik Meister
+@c @author Dennis Neufeld
+
+@menu
+* Introduction::
+* Installation::
+* Configuration::
+* Cryptography::
+* REST API::
+* Reducer API::
+* Authentication Methods::
+* DB Schema::
+* Design Documents::
+* Anastasis licensing information::
+* Man Pages::
+* Complete Index::
+* GNU Free Documentation License::
+
+@end menu
+
+@node Introduction,Installation,,Documentation Overview
+@anchor{introduction doc}@anchor{3}@anchor{introduction introduction}@anchor{4}
+@section Introduction
+
+
+To understand how Anastasis works, you need to understand three key
+concepts: user identifiers, our adversary model and the role of the
+recovery document.
+
+@menu
+* User Identifiers::
+* Adversary models::
+* The recovery document::
+
+@end menu
+
+@node User Identifiers,Adversary models,,Introduction
+@anchor{introduction user-identifiers}@anchor{5}
+@subsection User Identifiers
+
+
+To uniquely identify users, an “unforgettable” @strong{identifier} is used. This
+identifier should be difficult to guess for anybody but the user. However, the
+@strong{identifier} is not expected to have sufficient entropy or secrecy to be
+cryptographically secure. Examples for such identifier would be a
+concatenation of the full name of the user and their social security or
+passport number(s). For Swiss citizens, the AHV number could also be used.
+
+@node Adversary models,The recovery document,User Identifiers,Introduction
+@anchor{introduction adversary-models}@anchor{6}
+@subsection Adversary models
+
+
+The adversary model of Anastasis has two types of adversaries: weak
+adversaries which do not know the user’s @strong{identifier}, and strong
+adversaries which somehow do know a user’s @strong{identifier}. For weak
+adversaries the system guarantees full confidentiality. For strong
+adversaries, breaking confidentiality additionally requires that Anastasis
+escrow providers must have colluded. The user is able to specify a set of
+@strong{policies} which determine which Anastasis escrow providers would need to
+collude to break confidentiality. These policies also set the bar for the user
+to recover their core secret.
+
+@node The recovery document,,Adversary models,Introduction
+@anchor{introduction the-recovery-document}@anchor{7}
+@subsection The recovery document
+
+
+A @strong{recovery document} includes all of the information a user needs to
+recover access to their core secret. It specifies a set of @strong{escrow
+methods}, which specify how the user should convince the Anastasis server
+that they are “real”. Escrow methods can for example include SMS-based
+verification, video identification or a security question. For each escrow
+method, the Anastasis server is provided with @strong{truth}, that is data the
+Anastasis operator may learn during the recovery process to authenticate the
+user. Examples for truth would be a phone number (for SMS), a picture of the
+user (for video identification), or the (hash of) a security answer. A strong
+adversary is assumed to be able to learn the truth, while weak adversaries
+must not. In addition to a set of escrow methods and associated Anastasis
+server operators, the @strong{recovery document} also specifies @strong{policies}, which
+describe the combination(s) of the escrow methods that suffice to obtain
+access to the core secret. For example, a @strong{policy} could say that the
+escrow methods (A and B) suffice, and a second policy may permit (A and C). A
+different user may choose to use the policy that (A and B and C) are all
+required. Anastasis imposes no limit on the number of policies in a
+@strong{recovery document}, or the set of providers or escrow methods involved in
+guarding a user’s secret. Weak adversaries must not be able to deduce
+information about a user’s @strong{recovery document} (except for its length, which
+may be exposed to an adversary which monitors the user’s network traffic).
+
+@c This file is part of Anastasis
+@c Copyright (C) 2019-2021 Anastasis SARL
+@c
+@c Anastasis is free software; you can redistribute it and/or modify it under the
+@c terms of the GNU Affero General Public License as published by the Free Software
+@c Foundation; either version 2.1, or (at your option) any later version.
+@c
+@c Anastasis is distributed in the hope that it will be useful, but WITHOUT ANY
+@c WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
+@c A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details.
+@c
+@c You should have received a copy of the GNU Affero General Public License along with
+@c Anastasis; see the file COPYING. If not, see <http://www.gnu.org/licenses/>
+@c
+@c @author Christian Grothoff
+@c @author Dominik Meister
+@c @author Dennis Neufeld
+
+@node Installation,Configuration,Introduction,Documentation Overview
+@anchor{installation doc}@anchor{8}@anchor{installation installation}@anchor{9}
+@section Installation
+
+
+Please install the following packages before proceeding with the
+exchange compilation.
+
+
+@itemize -
+
+@item
+libsqlite3 >= 3.16.2
+
+@item
+GNU libunistring >= 0.9.3
+
+@item
+libcurl >= 7.26 (or libgnurl >= 7.26)
+
+@item
+libqrencode >= 4.0.0
+
+@item
+GNU libgcrypt >= 1.6
+
+@item
+libsodium >= 1.0
+
+@item
+libargon2 >= 20171227
+
+@item
+libjansson >= 2.7
+
+@item
+Postgres >= 9.6, including libpq
+
+@item
+GNU libmicrohttpd >= 0.9.71
+
+@item
+GNUnet >= 0.14.0 (from source tarball@footnote{http://ftpmirror.gnu.org/gnunet/})
+
+@item
+GNU Taler exchange
+
+@item
+GNU Taler merchant backend
+@end itemize
+
+Except for the last two, these are available in most GNU/Linux distributions
+and should just be installed using the respective package manager.
+
+@menu
+* Installing from source::
+* Installing Anastasis binary packages on Debian::
+* Installing Anastasis binary packages on Ubuntu::
+
+@end menu
+
+@node Installing from source,Installing Anastasis binary packages on Debian,,Installation
+@anchor{installation installing-from-source}@anchor{a}
+@subsection Installing from source
+
+
+The following instructions will show how to install libgnunetutil and
+the GNU Taler exchange from source.
+
+@menu
+* Installing GNUnet::
+* Installing the Taler Exchange::
+* Installing the Taler Merchant::
+* Installing Anastasis::
+* Installing GNUnet-gtk::
+* Installing Anastasis-gtk::
+
+@end menu
+
+@node Installing GNUnet,Installing the Taler Exchange,,Installing from source
+@anchor{installation installing-gnunet}@anchor{b}
+@subsubsection Installing GNUnet
+
+
+Before you install GNUnet, you must download and install the dependencies
+mentioned in the previous section, otherwise the build may succeed, but could
+fail to export some of the tooling required by GNU Taler.
+
+To install GNUnet, unpack the tarball and change
+into the resulting directory, then proceed as follows:
+
+@example
+$ ./configure [--prefix=GNUNETPFX]
+$ # Each dependency can be fetched from non standard locations via
+$ # the '--with-<LIBNAME>' option. See './configure --help'.
+$ make
+# make install
+# ldconfig
+@end example
+
+If you did not specify a prefix, GNUnet will install to @code{/usr/local},
+which requires you to run the last step as @code{root}.
+The @code{ldconfig} command (also run as @code{root}) makes the
+shared object libraries (@code{.so} files)
+visible to the various installed programs.
+
+@node Installing the Taler Exchange,Installing the Taler Merchant,Installing GNUnet,Installing from source
+@anchor{installation installing-the-taler-exchange}@anchor{c}
+@subsubsection Installing the Taler Exchange
+
+
+After installing GNUnet, unpack the GNU Taler exchange tarball,
+change into the resulting directory, and proceed as follows:
+
+@example
+$ ./configure [--prefix=EXCHANGEPFX] \
+ [--with-gnunet=GNUNETPFX]
+$ # Each dependency can be fetched from non standard locations via
+$ # the '--with-<LIBNAME>' option. See './configure --help'.
+$ make
+# make install
+@end example
+
+If you did not specify a prefix, the exchange will install to @code{/usr/local},
+which requires you to run the last step as @code{root}. You have to specify
+@code{--with-gnunet=/usr/local} if you installed GNUnet to @code{/usr/local} in the
+previous step.
+
+@node Installing the Taler Merchant,Installing Anastasis,Installing the Taler Exchange,Installing from source
+@anchor{installation installing-the-taler-merchant}@anchor{d}
+@subsubsection Installing the Taler Merchant
+
+
+GNU Taler merchant has these additional dependencies:
+
+
+@itemize -
+
+@item
+libqrencode >= 4.0.0
+@end itemize
+
+The following steps assume all dependencies are installed.
+
+First, unpack the GNU Taler merchant tarball and change into
+the resulting directory.
+Then, use the following commands to build and install the merchant backend:
+
+@example
+$ ./configure [--prefix=PFX] \
+ [--with-gnunet=GNUNETPFX] \
+ [--with-exchange=EXCHANGEPFX]
+$ # Each dependency can be fetched from non standard locations via
+$ # the '--with-<LIBNAME>' option. See './configure --help'.
+$ make
+# make install
+@end example
+
+If you did not specify a prefix, the exchange will install to
+@code{/usr/local}, which requires you to run the last step as @code{root}.
+
+You have to specify @code{--with-exchange=/usr/local} and/or
+@code{--with-gnunet=/usr/local} if you installed the exchange and/or
+GNUnet to @code{/usr/local} in the previous steps.
+
+Depending on the prefixes you specified for the installation and the
+distribution you are using, you may have to edit @code{/etc/ld.so.conf}, adding
+lines for @code{GNUNETPFX/lib/} and @code{EXCHANGEPFX/lib/} and @code{PFX/lib/}
+(replace the prefixes with the actual paths you used). Afterwards, you should
+run @code{ldconfig}. Without this step, it is possible that the linker may not
+find the installed libraries and launching the Taler merchant backend would
+then fail.
+
+@node Installing Anastasis,Installing GNUnet-gtk,Installing the Taler Merchant,Installing from source
+@anchor{installation installing-anastasis}@anchor{e}
+@subsubsection Installing Anastasis
+
+
+The following steps assume all dependencies are installed.
+
+First, unpack the Anastasis tarball and change into
+the resulting directory.
+Then, use the following commands to build and install Anastasis:
+
+@example
+$ ./configure [--prefix=PFX] \
+ [--with-gnunet=GNUNETPFX] \
+ [--with-exchange=EXCHANGEPFX]
+$ # Each dependency can be fetched from non standard locations via
+$ # the '--with-<LIBNAME>' option. See './configure --help'.
+$ make
+# make install
+@end example
+
+If you did not specify a prefix, Anastasis will be installed to
+@code{/usr/local}, which requires you to run the last step as @code{root}.
+
+You have to specify @code{--with-exchange=/usr/local} and/or
+@code{--with-gnunet=/usr/local} if you installed the exchange and/or
+GNUnet to @code{/usr/local} in the previous steps.
+
+Depending on the prefixes you specified for the installation and the
+distribution you are using, you may have to edit @code{/etc/ld.so.conf}, adding
+lines for @code{GNUNETPFX/lib/} and @code{EXCHANGEPFX/lib/} and @code{PFX/lib/}
+(replace the prefixes with the actual paths you used). Afterwards, you should
+run @code{ldconfig}. Without this step, it is possible that the linker may not
+find the installed libraries and launching the Anastasis backend would
+then fail.
+
+@node Installing GNUnet-gtk,Installing Anastasis-gtk,Installing Anastasis,Installing from source
+@anchor{installation installing-gnunet-gtk}@anchor{f}
+@subsubsection Installing GNUnet-gtk
+
+
+The following steps assume at least the GNUnet and Gtk+ dependencies are installed.
+
+First, unpack the gnunet-gtk tarball and change into the resulting directory.
+Then, use the following commands to build and install gnunet-gtk:
+
+@example
+$ ./configure [--prefix=$PFX] \
+ [--with-gnunet=$GNUNETPFX]
+$ # Each dependency can be fetched from non standard locations via
+$ # the '--with-<LIBNAME>' option. See './configure --help'.
+$ make
+# make install
+@end example
+
+It is highly recommended to use the same prefix ($PFX) for gnunet-gtk that was
+used for GNUnet ($GNUNETPFX). If you did not specify a prefix, gnunet-gtk
+will be installed to @code{/usr/local}, which requires you to run the last step
+as @code{root}.
+
+You have to specify @code{--with-gnunet=/usr/local} if you installed
+GNUnet to @code{/usr/local} in the previous steps.
+
+Depending on the prefixes you specified for the installation and the
+distribution you are using, you may have to edit @code{/etc/ld.so.conf}, adding
+lines for @code{$GNUNETPFX/lib/} and @code{$PFX/lib/} (replace the prefixes with the
+actual paths you used). Afterwards, you should run @code{ldconfig}. Without this
+step, it is possible that the linker may not find the installed libraries and
+launching gnunet-gtk would then fail.
+
+@node Installing Anastasis-gtk,,Installing GNUnet-gtk,Installing from source
+@anchor{installation installing-anastasis-gtk}@anchor{10}
+@subsubsection Installing Anastasis-gtk
+
+
+The following steps assume at least the GNUnet, gnunet-gtk and Anastasis
+dependencies are installed.
+
+First, unpack the anastasis-gtk tarball and change into the resulting
+directory. Then, use the following commands to build and install
+anastasis-gtk:
+
+@example
+$ ./configure [--prefix=PFX] \
+ [--with-gnunet=GNUNETPFX] \
+ [--with-exchange=EXCHANGEPFX] \
+ [--with-anastasis=ANASTASISPFX]
+$ # Each dependency can be fetched from non standard locations via
+$ # the '--with-<LIBNAME>' option. See './configure --help'.
+$ make
+# make install
+@end example
+
+If you did not specify a prefix, anastasis-gtk will be installed to
+@code{/usr/local}, which requires you to run the last step as @code{root}.
+
+You have to specify @code{-with-anastasis=/usr/local}, @code{--with-exchange=/usr/local} and/or
+@code{--with-gnunet=/usr/local} if you installed the exchange and/or
+GNUnet to @code{/usr/local} in the previous steps.
+
+Depending on the prefixes you specified for the installation and the
+distribution you are using, you may have to edit @code{/etc/ld.so.conf}, adding
+lines for @code{GNUNETPFX/lib/} and @code{EXCHANGEPFX/lib/} and @code{PFX/lib/}
+(replace the prefixes with the actual paths you used). Afterwards, you should
+run @code{ldconfig}. Without this step, it is possible that the linker may not
+find the installed libraries and launching anastasis-gtk would then fail.
+
+@node Installing Anastasis binary packages on Debian,Installing Anastasis binary packages on Ubuntu,Installing from source,Installation
+@anchor{installation installing-anastasis-binary-packages-on-debian}@anchor{11}
+@subsection Installing Anastasis binary packages on Debian
+
+
+To install the GNU Taler Debian packages, first ensure that you have
+the right Debian distribution. At this time, the packages are built for
+Sid, which means you should use a system which at least includes
+unstable packages in its source list. We recommend using APT pinning
+to limit unstable packages to those explicitly requested. To do this,
+set your @code{/etc/apt/preferences} as follows:
+
+@example
+Package: *
+Pin: release a=stable
+Pin-Priority: 700
+
+Package: *
+Pin: release a=testing
+Pin-Priority: 650
+
+Package: *
+Pin: release a=unstable
+Pin-Priority: 600
+
+Package: *
+Pin: release l=Debian-Security
+Pin-Priority: 1000
+@end example
+
+A typical @code{/etc/apt/sources.list} file for this setup
+which combines Debian stable with more recent packages
+from testing and unstable would look like this:
+
+@example
+deb http://ftp.ch.debian.org/debian/ buster main
+deb http://security.debian.org/debian-security buster/updates main
+deb http://ftp.ch.debian.org/debian/ testing main
+deb http://ftp.ch.debian.org/debian/ unstable main
+@end example
+
+Naturally, you may want to use different mirrors depending on your region.
+Additionally, you must add a file to import the GNU Taler packages. Typically,
+this is done by adding a file @code{/etc/apt/sources.list.d/taler.list} that
+looks like this:
+
+@example
+deb https://deb.taler.net/apt/debian sid main
+@end example
+
+Next, you must import the Taler Systems SA public package signing key
+into your keyring and update the package lists:
+
+@example
+# wget -O - https://taler.net/taler-systems.gpg.key | apt-key add -
+# apt update
+@end example
+
+@cartouche
+@quotation Note
+You may want to verify the correctness of the Taler Systems key out-of-band.
+@end quotation
+@end cartouche
+
+Now your system is ready to install the official GNU Taler binary packages
+using apt.
+
+@menu
+* Installing the graphical front-end::
+* Installing the backend::
+
+@end menu
+
+@node Installing the graphical front-end,Installing the backend,,Installing Anastasis binary packages on Debian
+@anchor{installation installing-the-graphical-front-end}@anchor{12}
+@subsubsection Installing the graphical front-end
+
+
+To install the Anastasis Gtk+ frontend, you can simply run:
+
+@example
+# apt install anastasis-gtk
+@end example
+
+To use @code{anastasis-gtk}, you can simply run:
+
+@example
+$ anastasis-gtk
+@end example
+
+@node Installing the backend,,Installing the graphical front-end,Installing Anastasis binary packages on Debian
+@anchor{installation installing-the-backend}@anchor{13}
+@subsubsection Installing the backend
+
+
+If you want to install the Anastasis backend-end (which normal users do not
+need), you should run:
+
+@example
+# apt install -t sid anastasis-httpd
+@end example
+
+Note that the latter package does not perform all of the configuration work.
+It does setup the user users and the systemd service scripts, but you still
+must configure the database backup, HTTP reverse proxy (typically with TLS
+certificates), Taler merchant backend for payments, authentication services,
+prices and the terms of service.
+
+Sample configuration files for the HTTP reverse proxy can be found in
+@code{/etc/anastasis.conf}.
+
+Note that the package does not complete the integration of the backend
+with the HTTP reverse proxy (typically with TLS certificates). A
+configuration fragment for Nginx or Apache will be placed in
+@code{/etc/@{apache,nginx@}/conf-available/anastasis.conf}.
+
+To operate an Anastasis backend with payments, you additionally
+need to install a Taler merchant backend via:
+
+@example
+# apt install -t sid taler-merchant-httpd
+@end example
+
+@node Installing Anastasis binary packages on Ubuntu,,Installing Anastasis binary packages on Debian,Installation
+@anchor{installation installing-anastasis-binary-packages-on-ubuntu}@anchor{14}
+@subsection Installing Anastasis binary packages on Ubuntu
+
+
+To install the GNU Taler Ubuntu packages, first ensure that you have
+the right Ubuntu distribution. At this time, the packages are built for
+Ubuntu 20.04 LTS (Focal Fossa).
+
+A typical @code{/etc/apt/sources.list.d/taler.list} file for this setup
+would look like this:
+
+@example
+deb https://deb.taler.net/apt/ubuntu/ focal-fossa main
+@end example
+
+The last line is crucial, as it adds the GNU Taler packages.
+
+Next, you must import the Taler Systems SA public package signing key
+into your keyring and update the package lists:
+
+@example
+# wget -O - https://taler.net/taler-systems.gpg.key | apt-key add -
+# apt update
+@end example
+
+@cartouche
+@quotation Note
+You may want to verify the correctness of the Taler Systems key out-of-band.
+@end quotation
+@end cartouche
+
+Now your system is ready to install the official GNU Taler binary packages
+using apt.
+
+@menu
+* Installing the graphical front-end: Installing the graphical front-end<2>.
+* Installing the backend: Installing the backend<2>.
+
+@end menu
+
+@node Installing the graphical front-end<2>,Installing the backend<2>,,Installing Anastasis binary packages on Ubuntu
+@anchor{installation id1}@anchor{15}
+@subsubsection Installing the graphical front-end
+
+
+To install the Anastasis front-end, you can now simply run:
+
+@example
+# apt install -t focal-fossa anastasis-gtk
+@end example
+
+To use @code{anastasis-gtk}, you can simply run:
+
+@example
+$ anastasis-gtk
+@end example
+
+@node Installing the backend<2>,,Installing the graphical front-end<2>,Installing Anastasis binary packages on Ubuntu
+@anchor{installation id2}@anchor{16}
+@subsubsection Installing the backend
+
+
+If you want to install the Anastasis backend-end (which normal users do not
+need), you should run:
+
+@example
+# apt install -t focal-fossa anastasis-httpd
+@end example
+
+Note that the latter package does not perform all of the configuration work.
+It does setup the user users and the systemd service scripts, but you still
+must configure the database backup, HTTP reverse proxy (typically with TLS
+certificates), Taler merchant backend for payments, authentication services,
+prices and the terms of service.
+
+Sample configuration files for the HTTP reverse proxy can be found in
+@code{/etc/anastasis.conf}.
+
+To operate an Anastasis backend with payments, you additionally
+need to install a Taler merchant backend via:
+
+@example
+# apt install -t sid taler-merchant-httpd
+@end example
+
+@c This file is part of Anastasis
+@c Copyright (C) 2019-2021 Anastasis SARL
+@c
+@c Anastasis is free software; you can redistribute it and/or modify it under the
+@c terms of the GNU Affero General Public License as published by the Free Software
+@c Foundation; either version 2.1, or (at your option) any later version.
+@c
+@c Anastasis is distributed in the hope that it will be useful, but WITHOUT ANY
+@c WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
+@c A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details.
+@c
+@c You should have received a copy of the GNU Affero General Public License along with
+@c Anastasis; see the file COPYING. If not, see <http://www.gnu.org/licenses/>
+@c
+@c @author Christian Grothoff
+@c @author Dominik Meister
+@c @author Dennis Neufeld
+
+@node Configuration,Cryptography,Installation,Documentation Overview
+@anchor{configuration doc}@anchor{17}@anchor{configuration configuration}@anchor{18}
+@section Configuration
+
+
+Details about the contents of the configuration file are describe in
+the @code{anastasis.conf(5)} chapter. This chapter only describes the
+configuration format.
+
+@menu
+* Configuration format::
+* Using anastasis-config::
+
+@end menu
+
+@node Configuration format,Using anastasis-config,,Configuration
+@anchor{configuration configuration-format}@anchor{19}
+@subsection Configuration format
+
+
+In Taler realm, any component obeys to the same pattern to get
+configuration values. According to this pattern, once the component has
+been installed, the installation deploys default values in
+$@{prefix@}/share/taler/config.d/, in .conf files. In order to override
+these defaults, the user can write a custom .conf file and either pass
+it to the component at execution time, or name it taler.conf and place
+it under $HOME/.config/.
+
+A config file is a text file containing sections, and each section
+contains its values. The right format follows:
+
+@example
+[section1]
+value1 = string
+value2 = 23
+
+[section2]
+value21 = string
+value22 = /path22
+@end example
+
+Throughout any configuration file, it is possible to use @code{$}-prefixed
+variables, like @code{$VAR}, especially when they represent filesystem
+paths. It is also possible to provide defaults values for those
+variables that are unset, by using the following syntax:
+@code{$@{VAR:-default@}}. However, there are two ways a user can set
+@code{$}-prefixable variables:
+
+by defining them under a @code{[paths]} section, see example below,
+
+@example
+[paths]
+TALER_DEPLOYMENT_SHARED = $@{HOME@}/shared-data
+..
+[section-x]
+path-x = $@{TALER_DEPLOYMENT_SHARED@}/x
+@end example
+
+or by setting them in the environment:
+
+@example
+$ export VAR=/x
+@end example
+
+The configuration loader will give precedence to variables set under
+@code{[path]}, though.
+
+The utility @code{taler-config}, which gets installed along with the
+exchange, serves to get and set configuration values without directly
+editing the .conf. The option @code{-f} is particularly useful to resolve
+pathnames, when they use several levels of @code{$}-expanded variables. See
+@code{taler-config --help}.
+
+Note that, in this stage of development, the file
+@code{$HOME/.config/taler.conf} can contain sections for @emph{all} the
+component. For example, both an exchange and a bank can read values from
+it.
+
+The repository @code{git://taler.net/deployment} contains examples of
+configuration file used in our demos. See under @code{deployment/config}.
+
+@quotation
+
+@strong{Note}
+
+Expectably, some components will not work just by using default
+values, as their work is often interdependent. For example, a
+merchant needs to know an exchange URL, or a database name.
+@end quotation
+
+@node Using anastasis-config,,Configuration format,Configuration
+@anchor{configuration using-anastasis-config}@anchor{1a}
+@subsection Using anastasis-config
+
+
+The tool @code{anastasis-config} can be used to extract or manipulate
+configuration values; however, the configuration use the well-known INI
+file format and can also be edited by hand.
+
+Run
+
+@example
+$ anastasis-config -s $SECTION
+@end example
+
+to list all of the configuration values in section @code{$SECTION}.
+
+Run
+
+@example
+$ anastasis-config -s $section -o $option
+@end example
+
+to extract the respective configuration value for option @code{$option} in
+section @code{$section}.
+
+Finally, to change a setting, run
+
+@example
+$ anastasis-config -s $section -o $option -V $value
+@end example
+
+to set the respective configuration value to @code{$value}. Note that you
+have to manually restart the Taler backend after you change the
+configuration to make the new configuration go into effect.
+
+Some default options will use $-variables, such as @code{$DATADIR} within
+their value. To expand the @code{$DATADIR} or other $-variables in the
+configuration, pass the @code{-f} option to @code{anastasis-config}. For example,
+compare:
+
+@example
+$ anastasis-config -s ACCOUNT-bank \
+ -o WIRE_RESPONSE
+$ anastasis-config -f -s ACCOUNT-bank \
+ -o WIRE_RESPONSE
+@end example
+
+While the configuration file is typically located at
+@code{$HOME/.config/taler.conf}, an alternative location can be specified
+to @code{taler-merchant-httpd} and @code{anastasis-config} using the @code{-c}
+option.
+
+@c This file is part of Anastasis
+@c Copyright (C) 2019-2021 Anastasis SARL
+@c
+@c Anastasis is free software; you can redistribute it and/or modify it under the
+@c terms of the GNU Affero General Public License as published by the Free Software
+@c Foundation; either version 2.1, or (at your option) any later version.
+@c
+@c Anastasis is distributed in the hope that it will be useful, but WITHOUT ANY
+@c WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
+@c A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details.
+@c
+@c You should have received a copy of the GNU Affero General Public License along with
+@c Anastasis; see the file COPYING. If not, see <http://www.gnu.org/licenses/>
+@c
+@c @author Christian Grothoff
+@c @author Dominik Meister
+@c @author Dennis Neufeld
+
+@node Cryptography,REST API,Configuration,Documentation Overview
+@anchor{cryptography doc}@anchor{1b}@anchor{cryptography cryptography}@anchor{1c}
+@section Cryptography
+
+
+When a user needs to interact with Anastasis, the system first derives some key
+material, but not the master secret, from the user’s @strong{identifier} using
+different HKDFs. These HKDFs are salted using the respective escrow
+provider’s @strong{server salt}, which ensures that the accounts for the same user
+cannot be easily correlated across the various Anastasis servers.
+
+Each Anastasis server uses an EdDSA @strong{account key} to identify the account of
+the user. The account private key is derived from the user’s @strong{identifier} using
+a computationally expensive cryptographic hash function. Using an
+expensive hash algorithm is assumed to make it infeasible for a weak adversary to
+determine account keys by brute force (without knowing the user’s identifier).
+However, it is assumed that a strong adversary performing a targeted attack can
+compute the account key pair.
+
+The public account key is Crockford base32-encoded in the URI to identify the
+account, and used to sign requests. These signatures are also provided in
+base32-encoding and transmitted using the HTTP header
+@code{Anastasis-Account-Signature}.
+
+When confidential data is uploaded to an Anastasis server, the respective
+payload is encrypted using AES-GCM with a symmetric key and initialization
+vector derived from the @strong{identifier} and a high-entropy @strong{nonce}. The
+nonce and the GCM tag are prepended to the ciphertext before being uploaded to
+the Anastasis server. This is done whenever confidential data is stored with
+the server.
+
+The @strong{core secret} of the user is (AES) encrypted using a symmetric @strong{master
+key}. Recovering this master key requires the user to satisfy a particular
+@strong{policy}. Policies specify a set of @strong{escrow methods}, each of which leads
+the user to a @strong{key share}. Combining those key shares (by hashing) allows
+the user to obtain a @strong{policy key}, which can be used to decrypt the @strong{master
+key}. There can be many policies, satisfying any of these will allow the
+user to recover the master key. A @strong{recovery document} contains the
+encrypted @strong{core secret}, a set of escrow methods and a set of policies.
+
+@menu
+* Key derivations::
+* Key Usage::
+* Availability Considerations::
+
+@end menu
+
+@node Key derivations,Key Usage,,Cryptography
+@anchor{cryptography key-derivations}@anchor{1d}
+@subsection Key derivations
+
+
+EdDSA and ECDHE public keys are always points on Curve25519 and represented
+using the standard 256 bit Ed25519 compact format. The binary representation
+is converted to Crockford Base32 when transmitted inside JSON or as part of
+URLs.
+
+To start, a user provides their private, unique and unforgettable
+@strong{identifier} as a seed to identify their account. For example, this could
+be a social security number together with their full name. Specifics may
+depend on the cultural context, in this document we will simply refer to this
+information as the @strong{identifier}.
+
+This identifier will be first hashed with Argon2, to provide a @strong{kdf_id}
+which will be used to derive other keys later. The Hash must also include the
+respective @strong{server_salt}. This also ensures that the @strong{kdf_id} is different
+on each server. The use of Argon2 and the respective @strong{server_salt} is intended
+to make it difficult to brute-force @strong{kdf_id} values and help protect the user’s
+privacy. Also this ensures that the @strong{kdf_id}s on every server differs. However,
+we do not assume that the @strong{identifier} or the @strong{kdf_id} cannot be
+determined by an adversary performing a targeted attack, as a user’s
+@strong{identifier} is likely to always be known to state actors and may
+likely also be available to other actors.
+
+@example
+kdf_id := Argon2( identifier, server_salt, keysize )
+@end example
+
+@strong{identifier}: The secret defined from the user beforehand.
+
+@strong{server_salt}: The salt from the Server.
+
+@strong{keysize}: The desired output size of the KDF, here 32 bytes.
+
+@menu
+* Verification::
+* Encryption::
+
+@end menu
+
+@node Verification,Encryption,,Key derivations
+@anchor{cryptography verification}@anchor{1e}
+@subsubsection Verification
+
+
+For users to authorize “policy” operations we need an EdDSA key pair. As we
+cannot assure that the corresponding private key is truly secret, such policy
+operations must never be destructive: Should an adversary learn the private
+key, they could access (and with the @strong{kdf_id}, decrypt) the user’s policy (but
+not the core secret), or upload a new version of the
+@strong{encrypted recovery document} (but not delete an existing version).
+
+For the generation of the private key we use the @strong{kdf_id} as the entropy source,
+hash it to derive a base secret which will then be processed to fit the
+requirements for EdDSA private keys. From the private key we can then
+generate the corresponding public key. Here, “ver” is used as a salt for the
+HKDF to ensure that the result differs from other cases where we hash
+@strong{kdf_id}.
+
+@example
+ver_secret := HKDF(kdf_id, "ver", keysize)
+eddsa_priv := eddsa_d_to_a(ver_secret)
+eddsa_pub := get_EdDSA_Pub(eddsa_priv)
+@end example
+
+@strong{HKDF()}: The HKDF-function uses two phases: First we use HMAC-SHA512 for the extraction phase, then HMAC-SHA256 is used for expansion phase.
+
+@strong{kdf_id}: Hashed identifier.
+
+@strong{key_size}: Size of the output, here 32 bytes.
+
+@strong{ver_secret}: Derived key from the @code{kdf_id}, serves as intermediate step for the generation of the private key.
+
+@strong{eddsa_d_to_a()}: Function which converts the ver_key to a valid EdDSA private key. Specifically, assuming the value @code{eddsa_priv} is in a 32-byte array “digest”, the function clears and sets certain bits as follows:
+
+@example
+digest[0] = (digest[0] & 0x7f) | 0x40;
+digest[31] &= 0xf8;
+@end example
+
+@strong{eddsa_priv}: The generated EdDSA private key.
+
+@strong{eddsa_pub}: The generated EdDSA public key.
+
+@node Encryption,,Verification,Key derivations
+@anchor{cryptography encryption}@anchor{1f}
+@subsubsection Encryption
+
+
+For symmetric encryption of data we use AES256-GCM. For this we need a
+symmetric key and an initialization vector (IV). To ensure that the
+symmetric key changes for each encryption operation, we compute the
+key material using an HKDF over a @code{nonce} and the @code{kdf_id}.
+
+@example
+(iv,key) := HKDF(kdf_id, nonce, keysize + ivsize)
+@end example
+
+@strong{HKDF()}: The HKDF-function uses two phases: First we use HMAC-SHA512 for the extraction phase, then HMAC-SHA256 is used for expansion phase.
+
+@strong{kdf_id}: Hashed identifier.
+
+@strong{keysize}: Size of the AES symmetric key, here 32 bytes.
+
+@strong{ivsize}: Size of the AES GCM IV, here 12 bytes.
+
+@strong{prekey}: Original key material.
+
+@strong{nonce}: 32-byte nonce, must never match “ver” (which it cannot as the length is different). Of course, we must
+avoid key reuse. So, we have to use different nonces to get different keys and IVs (see below).
+
+@strong{key}: Symmetric key which is later used to encrypt the documents with AES256-GCM.
+
+@strong{iv}: IV which will be used for AES-GCM.
+
+@node Key Usage,Availability Considerations,Key derivations,Cryptography
+@anchor{cryptography key-usage}@anchor{20}
+@subsection Key Usage
+
+
+The keys we have generated are then used to encrypt the @strong{recovery document} and
+the @strong{key_share} of the user.
+
+@menu
+* Encryption: Encryption<2>.
+* Signatures::
+
+@end menu
+
+@node Encryption<2>,Signatures,,Key Usage
+@anchor{cryptography id1}@anchor{21}
+@subsubsection Encryption
+
+
+Before every encryption a 32-byte nonce is generated.
+From this the symmetric key is computed as described above.
+We use AES256-GCM for the encryption of the @strong{recovery document} and
+the @strong{key_share}. To ensure that the key derivation for the encryption
+of the @strong{recovery document} differs fundamentally from that of an
+individual @strong{key share}, we use different salts (“erd” and “eks”, respectively).
+
+@example
+(iv0, key0) := HKDF(key_id, nonce0, "erd", keysize + ivsize)
+(encrypted_recovery_document, aes_gcm_tag) := AES256_GCM(recovery_document, key0, iv0)
+(iv_i, key_i) := HKDF(key_id, nonce_i, "eks", [optional data], keysize + ivsize)
+(encrypted_key_share_i, aes_gcm_tag_i) := AES256_GCM(key_share_i, key_i, iv_i)
+@end example
+
+@strong{encrypted_recovery_document}: The encrypted @strong{recovery document} which contains the escrow methods, policies
+and the encrypted @strong{core secret}.
+
+@strong{nonce0}: Nonce which is used to generate @emph{key0} and @emph{iv0} which are used for the encryption of the @emph{recovery document}.
+Nonce must contain the string “ERD”.
+
+@strong{optional data}: Key material that optionally is contributed from the authentication method to further obfuscate the key share from the escrow provider.
+
+@strong{encrypted_key_share_i}: The encrypted @strong{key_share} which the escrow provider must release upon successful authentication.
+Here, @strong{i} must be a positive number used to iterate over the various @strong{key shares} used for the various @strong{escrow methods}
+at the various providers.
+
+@strong{nonce_i}: Nonce which is used to generate @emph{key_i} and @emph{iv_i} which are used for the encryption of the @strong{key share}. @strong{i} must be
+the same number as specified above for @emph{encrypted_key_share_i}. Nonce must contain the string “EKS” plus the according @emph{i}.
+
+As a special rule, when a @strong{security question} is used to authorize access to an
+@strong{encrypted_key_share_i}, then the salt “eks” is replaced with an (expensive) hash
+of the answer to the security question as an additional way to make the key share
+inaccessible to those who do not have the answer:
+
+@example
+powh := POW_HASH (qsalt, answer)
+ekss := HKDF("Anastasis-secure-question-uuid-salting",
+ powh,
+ uuid);
+(iv_i, key_i) := HKDF(key_id, nonce_i, ekss, [optional data], keysize + ivsize)
+@end example
+
+@strong{qsalt}: Salt value used to hash answer to satisfy the challenge to prevent the provider from determining the answer via guessing.
+
+@strong{answer}: Answer to the security question, in UTF-8, as entered by the user.
+
+@strong{powh}: Result of the (expensive, proof-of-work) hash algorithm.
+
+@strong{uuid}: UUID of the challenge associated with the security question and the encrypted key share.
+
+@strong{ekss}: Replacement salt to be used instead of “eks” when deriving the key to encrypt/decrypt the key share.
+
+@node Signatures,,Encryption<2>,Key Usage
+@anchor{cryptography signatures}@anchor{22}
+@subsubsection Signatures
+
+
+The EdDSA keys are used to sign the data sent from the client to the
+server. Everything the client sends to server is signed. The following
+algorithm is equivalent for @strong{Anastasis-Policy-Signature}.
+
+@example
+(anastasis-account-signature) := eddsa_sign(h_body, eddsa_priv)
+ver_res := eddsa_verifiy(h_body, anastasis-account-signature, eddsa_pub)
+@end example
+
+@strong{anastasis-account-signature}: Signature over the SHA-512 hash of the body using the purpose code @code{TALER_SIGNATURE_ANASTASIS_POLICY_UPLOAD} (1400) (see GNUnet EdDSA signature API for the use of purpose).
+
+@strong{h_body}: The hashed body.
+
+@strong{ver_res}: A boolean value. True: Signature verification passed, False: Signature verification failed.
+
+When requesting policy downloads, the client must also provide a signature:
+
+@example
+(anastasis-account-signature) := eddsa_sign(version, eddsa_priv)
+ver_res := eddsa_verifiy(version, anastasis-account-signature, eddsa_pub)
+@end example
+
+@strong{anastasis-account-signature}: Signature over the SHA-512 hash of the body using the purpose code @code{TALER_SIGNATURE_ANASTASIS_POLICY_DOWNLOAD} (1401) (see GNUnet EdDSA signature API for the use of purpose).
+
+@strong{version}: The version requested as a 64-bit integer, 2^64-1 for the “latest version”.
+
+@strong{ver_res}: A boolean value. True: Signature verification passed, False: Signature verification failed.
+
+@node Availability Considerations,,Key Usage,Cryptography
+@anchor{cryptography availability-considerations}@anchor{23}
+@subsection Availability Considerations
+
+
+Anastasis considers two main threats against availability. First, the
+Anastasis server operators must be protected against denial-of-service attacks
+where an adversary attempts to exhaust the operator’s resources. The API protects
+against these attacks by allowing operators to set fees for all
+operations. Furthermore, all data stored comes with an expiration logic, so an
+attacker cannot force servers to store data indefinitely.
+
+A second availability issue arises from strong adversaries that may be able to
+compute the account keys of some user. While we assume that such an adversary
+cannot successfully authenticate against the truth, the account key does
+inherently enable these adversaries to upload a new policy for the account.
+This cannot be prevented, as the legitimate user must be able to set or change
+a policy using only the account key. To ensure that an adversary cannot
+exploit this, policy uploads first of all never delete existing policies, but
+merely create another version. This way, even if an adversary uploads a
+malicious policy, a user can still retrieve an older version of the policy to
+recover access to their data. This append-only storage for policies still
+leaves a strong adversary with the option of uploading many policies to
+exhaust the Anastasis server’s capacity. We limit this attack by requiring a
+policy upload to include a reference to a @strong{payment identifier} from a payment
+made by the user. Thus, a policy upload requires both knowledge of the
+@strong{identity} and making a payment. This effectively prevents an adversary
+from using the append-only policy storage from exhausting Anastasis server
+capacity.
+
+@c This file is part of Anastasis
+@c Copyright (C) 2019-2021 Anastasis SARL
+@c
+@c Anastasis is free software; you can redistribute it and/or modify it under the
+@c terms of the GNU Affero General Public License as published by the Free Software
+@c Foundation; either version 2.1, or (at your option) any later version.
+@c
+@c Anastasis is distributed in the hope that it will be useful, but WITHOUT ANY
+@c WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
+@c A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details.
+@c
+@c You should have received a copy of the GNU Affero General Public License along with
+@c Anastasis; see the file COPYING. If not, see <http://www.gnu.org/licenses/>
+@c
+@c @author Christian Grothoff
+@c @author Dominik Meister
+@c @author Dennis Neufeld
+
+@node REST API,Reducer API,Cryptography,Documentation Overview
+@anchor{rest doc}@anchor{24}@anchor{rest rest-api}@anchor{25}
+@section REST API
+
+
+@c This file is part of Anastasis
+@c
+@c Copyright (C) 2014-2021 Anastasis SARL
+@c
+@c Anastasis is free software; you can redistribute it and/or modify it under the
+@c terms of the GNU Affero Public License as published by the Free Software
+@c Foundation; either version 2.1, or (at your option) any later version.
+@c
+@c Anastasis is distributed in the hope that it will be useful, but WITHOUT ANY
+@c WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
+@c A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details.
+@c
+@c You should have received a copy of the GNU Affero General Public License along with
+@c Anastasis; see the file COPYING. If not, see <http://www.gnu.org/licenses/>
+@c
+@c @author Christian Grothoff
+
+@menu
+* HTTP Request and Response::
+* Protocol Version Ranges::
+* Common encodings::
+
+@end menu
+
+@node HTTP Request and Response,Protocol Version Ranges,,REST API
+@anchor{rest http-common}@anchor{26}@anchor{rest http-request-and-response}@anchor{27}
+@subsection HTTP Request and Response
+
+
+Certain response formats are common for all requests. They are documented here
+instead of with each individual request. Furthermore, we note that clients may
+theoretically fail to receive any response. In this case, the client should
+verify that the Internet connection is working properly, and then proceed to
+handle the error as if an internal error (500) had been returned.
+
+@anchor{rest any--*}@anchor{28}
+@deffn {HTTP Any} ANY /*
+
+@strong{Request:}
+
+Unless specified otherwise, HTTP requests that carry a message body must
+have the content type @code{application/json}.
+
+@*Request Headers:
+
+@itemize *
+
+@item
+Content-Type@footnote{https://tools.ietf.org/html/rfc7231#section-3.1.1.5} – application/json
+@end itemize
+
+
+@strong{Response:}
+
+@*Response Headers:
+
+@itemize *
+
+@item
+Content-Type@footnote{https://tools.ietf.org/html/rfc7231#section-3.1.1.5} – application/json
+@end itemize
+
+
+
+@table @asis
+
+@item 200 Ok@footnote{http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.2.1}:
+
+The request was successful.
+
+@item 400 Bad request@footnote{http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1}:
+
+One of the arguments to the request is missing or malformed.
+
+@item 500 Internal server error@footnote{http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.5.1}:
+
+This always indicates some serious internal operational error of the Anastasis
+provider, such as a program bug, database problems, etc., and must not be used for
+client-side problems. When facing an internal server error, clients should
+retry their request after some delay. We recommended initially trying after
+1s, twice more at randomized times within 1 minute, then the user should be
+informed and another three retries should be scheduled within the next 24h.
+If the error persists, a report should ultimately be made to the auditor,
+although the auditor API for this is not yet specified. However, as internal
+server errors are always reported to the exchange operator, a good operator
+should naturally be able to address them in a timely fashion, especially
+within 24h.
+@end table
+
+Unless specified otherwise, all error status codes (4xx and 5xx) have a message
+body with an @ref{29,,ErrorDetail} JSON object.
+
+@strong{Details:}
+
+@example
+interface ErrorDetail @{
+
+ // Numeric error code unique to the condition, see `@w{`}gnu-taler-error-codes`@w{`} in GANA.
+ // The other arguments are specific to the error value reported here.
+ code: number;
+
+ // Human-readable description of the error, i.e. "missing parameter", "commitment violation", ...
+ // Should give a human-readable hint about the error's nature. Optional, may change without notice!
+ hint?: string;
+
+@}
+@end example
+@end deffn
+
+@node Protocol Version Ranges,Common encodings,HTTP Request and Response,REST API
+@anchor{rest protocol-version-ranges}@anchor{2a}
+@subsection Protocol Version Ranges
+
+
+Anastasis services expose the range of API versions they support. Clients in
+turn have an API version range they support. These version ranges are written
+down in the libtool version format@footnote{https://www.gnu.org/software/libtool/manual/html_node/Libtool-versioning.html}.
+
+A protocol version is a positive, non-zero integer. A protocol version range consists of three components:
+
+
+@enumerate
+
+@item
+The @code{current} version. This is the latest version of the protocol supported by the client or service.
+
+@item
+The @code{revision} number. This value should usually not be interpreted by the client/server, but serves
+purely as a comment. Each time a service/client for a protocol is updated while supporting the same
+set of protocol versions, the revision should be increased.
+In rare cases, the revision number can be used to work around unintended breakage in deployed
+versions of a service. This is discouraged and should only be used in exceptional situations.
+
+@item
+The @code{age} number. This non-zero integer identifies with how many previous protocol versions this
+implementation is compatible. An @code{age} of 0 implies that the implementation only supports
+the @code{current} protocol version. The @code{age} must be less or equal than the @code{current} protocol version.
+@end enumerate
+
+To avoid confusion with semantic versions, the protocol version range is written down in the following format:
+
+@example
+current[:revision[:age]]
+@end example
+
+The angle brackets mark optional components. If either @code{revision} or @code{age} are omitted, they default to 0.
+
+Examples:
+
+
+@itemize *
+
+@item
+“1” and “1” are compatible
+
+@item
+“1” and “2” are @strong{incompatible}
+
+@item
+“2:0:1” and “1:0:0” are compatible
+
+@item
+“2:5:1” and “1:10:0” are compatible
+
+@item
+“4:0:1” and “2:0:0” are @strong{incompatible}
+
+@item
+“4:0:1” and “3:0:0” are compatible
+@end itemize
+
+@cartouche
+@quotation Note
+Semantic versions@footnote{https://semver.org/} are not a good tool for this job, as we concisely want to express
+that the client/server supports the last @code{n} versions of the protocol.
+Semantic versions don’t support this, and semantic version ranges are too complex for this.
+@end quotation
+@end cartouche
+
+@cartouche
+@quotation Warning
+A client doesn’t have one single protocol version range. Instead, it has
+a protocol version range for each type of service it talks to.
+@end quotation
+@end cartouche
+
+@cartouche
+@quotation Warning
+For privacy reasons, the protocol version range of a client should not be
+sent to the service. Instead, the client should just use the two version ranges
+to decide whether it will talk to the service.
+@end quotation
+@end cartouche
+
+@node Common encodings,,Protocol Version Ranges,REST API
+@anchor{rest common-encodings}@anchor{2b}@anchor{rest encodings-ref}@anchor{2c}
+@subsection Common encodings
+
+
+This section describes how certain types of values are represented throughout the API.
+
+@menu
+* Binary Data::
+* Hash codes::
+* Large numbers::
+* Timestamps::
+* Integers::
+* Objects::
+* Keys::
+* Signatures: Signatures<2>.
+* Amounts::
+* Time::
+* Cryptographic primitives::
+* Signatures: Signatures<3>.
+* Receiving Configuration::
+* Receiving Terms of Service::
+* Manage policy::
+* Managing truth::
+
+@end menu
+
+@node Binary Data,Hash codes,,Common encodings
+@anchor{rest base32}@anchor{2d}@anchor{rest binary-data}@anchor{2e}
+@subsubsection Binary Data
+
+
+@example
+type Base32 = string;
+@end example
+
+Binary data is generally encoded using Crockford’s variant of Base32
+(@indicateurl{http://www.crockford.com/wrmg/base32.html}), except that “U” is not excluded
+but also decodes to “V” to make OCR easy. We will still simply use the JSON
+type “base32” and the term “Crockford Base32” in the text to refer to the
+resulting encoding.
+
+@node Hash codes,Large numbers,Binary Data,Common encodings
+@anchor{rest hash-codes}@anchor{2f}
+@subsubsection Hash codes
+
+
+Hash codes are strings representing base32 encoding of the respective
+hashed data. See @ref{2d,,base32}.
+
+@example
+// 64-byte hash code.
+type HashCode = string;
+@end example
+
+@example
+// 32-byte hash code.
+type ShortHashCode = string;
+@end example
+
+@node Large numbers,Timestamps,Hash codes,Common encodings
+@anchor{rest large-numbers}@anchor{30}
+@subsubsection Large numbers
+
+
+Large numbers such as 256 bit keys, are transmitted as other binary data in
+Crockford Base32 encoding.
+
+@node Timestamps,Integers,Large numbers,Common encodings
+@anchor{rest timestamps}@anchor{31}
+@subsubsection Timestamps
+
+
+Timestamps are represented by the following structure:
+
+@example
+interface Timestamp @{
+ // Milliseconds since epoch, or the special
+ // value "never" to represent an event that will
+ // never happen.
+ t_ms: number | "never";
+@}
+@end example
+
+@example
+interface Duration @{
+ // Duration in milliseconds or "forever"
+ // to represent an infinite duration.
+ d_ms: number | "forever";
+@}
+@end example
+
+@node Integers,Objects,Timestamps,Common encodings
+@anchor{rest integers}@anchor{32}@anchor{rest publickey}@anchor{33}
+@subsubsection Integers
+
+
+@example
+// JavaScript numbers restricted to integers.
+type Integer = number;
+@end example
+
+@node Objects,Keys,Integers,Common encodings
+@anchor{rest objects}@anchor{34}
+@subsubsection Objects
+
+
+@example
+// JavaScript objects, no further restrictions.
+type Object = object;
+@end example
+
+@node Keys,Signatures<2>,Objects,Common encodings
+@anchor{rest keys}@anchor{35}
+@subsubsection Keys
+
+
+@example
+// EdDSA and ECDHE public keys always point on Curve25519
+// and represented using the standard 256 bits Ed25519 compact format,
+// converted to Crockford `Base32`.
+type EddsaPublicKey = string;
+@end example
+
+@example
+// EdDSA and ECDHE public keys always point on Curve25519
+// and represented using the standard 256 bits Ed25519 compact format,
+// converted to Crockford `Base32`.
+type EddsaPrivateKey = string;
+@end example
+
+@node Signatures<2>,Amounts,Keys,Common encodings
+@anchor{rest signature}@anchor{36}@anchor{rest signatures}@anchor{37}
+@subsubsection Signatures
+
+
+@example
+// EdDSA signatures are transmitted as 64-bytes `base32`
+// binary-encoded objects with just the R and S values (base32_ binary-only).
+type EddsaSignature = string;
+@end example
+
+@node Amounts,Time,Signatures<2>,Common encodings
+@anchor{rest amount}@anchor{38}@anchor{rest amounts}@anchor{39}
+@subsubsection Amounts
+
+
+@example
+type Amount = string;
+@end example
+
+Amounts of currency are serialized as a string of the format
+@code{<Currency>:<DecimalAmount>}. Taler treats monetary amounts as
+fixed-precision numbers, with 8 decimal places. Unlike floating point numbers,
+this allows accurate representation of monetary amounts.
+
+The following constrains apply for a valid amount:
+
+
+@enumerate
+
+@item
+The @code{<Currency>} part must be at most 11 characters long and may only consist
+of ASCII letters (@code{a-zA-Z}).
+
+@item
+The integer part of @code{<DecimalAmount>} may be at most 2^52.
+
+@item
+The fractional part of @code{<DecimalAmount>} may contain at most 8 decimal digits.
+@end enumerate
+
+@cartouche
+@quotation Note
+“EUR:1.50” and “EUR:10” are valid amounts. These are all invalid amounts: “A:B:1.5”, “EUR:4503599627370501.0”, “EUR:1.”, “EUR:.1”.
+@end quotation
+@end cartouche
+
+An amount that is prefixed with a @code{+} or @code{-} character is also used in certain contexts.
+When no sign is present, the amount is assumed to be positive.
+
+@node Time,Cryptographic primitives,Amounts,Common encodings
+@anchor{rest time}@anchor{3a}
+@subsubsection Time
+
+
+In signed messages, time is represented using 64-bit big-endian values,
+denoting microseconds since the UNIX Epoch. @code{UINT64_MAX} represents “never”.
+
+@example
+struct GNUNET_TIME_Absolute @{
+ uint64_t timestamp_us;
+@};
+struct GNUNET_TIME_AbsoluteNBO @{
+ uint64_t abs_value_us__; // in network byte order
+@};
+@end example
+
+@node Cryptographic primitives,Signatures<3>,Time,Common encodings
+@anchor{rest cryptographic-primitives}@anchor{3b}
+@subsubsection Cryptographic primitives
+
+
+All elliptic curve operations are on Curve25519. Public and private keys are
+thus 32 bytes, and signatures 64 bytes. For hashing, including HKDFs, Taler
+uses 512-bit hash codes (64 bytes).
+
+@example
+struct GNUNET_HashCode @{
+ uint8_t hash[64]; // usually SHA-512
+@};
+@end example
+@anchor{rest taler-ecdhephemeralpublickeyp}@anchor{3c}
+@example
+struct TALER_EcdhEphemeralPublicKeyP @{
+ uint8_t ecdh_pub[32];
+@};
+@end example
+
+@example
+struct UUID @{
+ uint32_t value[4];
+@};
+@end example
+
+@node Signatures<3>,Receiving Configuration,Cryptographic primitives,Common encodings
+@anchor{rest id1}@anchor{3d}@anchor{rest id2}@anchor{3e}
+@subsubsection Signatures
+
+
+Any piece of signed data, complies to the abstract data structure given below.
+
+@example
+struct Data @{
+ struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
+ type1_t payload1;
+ type2_t payload2;
+ ...
+@};
+
+/*From gnunet_crypto_lib.h*/
+struct GNUNET_CRYPTO_EccSignaturePurpose @{
+ /**
+
+ The following constraints apply for a valid amount:
+
+ * This field is used to express the context in
+ * which the signature is made, ensuring that a
+ * signature cannot be lifted from one part of the protocol
+ * to another. See `src/include/taler_signatures.h` within the
+ * exchange's codebase (git://taler.net/exchange).
+ */
+ uint32_t purpose;
+ /**
+ * This field equals the number of bytes being signed,
+ * namely 'sizeof (struct Data)'.
+ */
+ uint32_t size;
+@};
+@end example
+@anchor{rest salt}@anchor{3f}
+@node Receiving Configuration,Receiving Terms of Service,Signatures<3>,Common encodings
+@anchor{rest config}@anchor{40}@anchor{rest receiving-configuration}@anchor{41}
+@subsubsection Receiving Configuration
+
+
+@anchor{rest get--config}@anchor{42}
+@deffn {HTTP Get} GET /config
+
+Obtain the configuration details of the escrow provider.
+
+@strong{Response:}
+
+Returns an @ref{43,,EscrowConfigurationResponse}.
+@anchor{rest escrowconfigurationresponse}@anchor{43}
+@example
+interface EscrowConfigurationResponse @{
+
+ // Protocol identifier, clarifies that this is an Anastasis provider.
+ name: "anastasis";
+
+ // libtool-style representation of the Exchange protocol version, see
+ // https://www.gnu.org/software/libtool/manual/html_node/Versioning.html#Versioning
+ // The format is "current:revision:age".
+ version: string;
+
+ // Currency in which this provider processes payments.
+ currency: string;
+
+ // Supported authorization methods.
+ methods: AuthorizationMethodConfig[];
+
+ // Maximum policy upload size supported.
+ storage_limit_in_megabytes: number;
+
+ // Payment required to maintain an account to store policy documents for a year.
+ // Users can pay more, in which case the storage time will go up proportionally.
+ annual_fee: Amount;
+
+ // Payment required to upload truth. To be paid per upload.
+ truth_upload_fee: Amount;
+
+ // Limit on the liability that the provider is offering with
+ // respect to the services provided.
+ liability_limit: Amount;
+
+ // Salt value with 128 bits of entropy.
+ // Different providers
+ // will use different high-entropy salt values. The resulting
+ // **provider salt** is then used in various operations to ensure
+ // cryptographic operations differ by provider. A provider must
+ // never change its salt value.
+ server_salt: string;
+
+@}
+@end example
+@anchor{rest authorizationmethodconfig}@anchor{44}
+@example
+interface AuthorizationMethodConfig @{
+ // Name of the authorization method.
+ type: string;
+
+ // Fee for accessing key share using this method.
+ cost: Amount;
+
+@}
+@end example
+@end deffn
+
+@node Receiving Terms of Service,Manage policy,Receiving Configuration,Common encodings
+@anchor{rest receiving-terms-of-service}@anchor{45}@anchor{rest terms}@anchor{46}
+@subsubsection Receiving Terms of Service
+
+
+@anchor{rest get--terms}@anchor{47}
+@deffn {HTTP Get} GET /terms
+
+Obtain the terms of service provided by the escrow provider.
+
+@strong{Response:}
+
+Returns the terms of service of the provider, in the best language
+and format available based on the client’s request.
+@end deffn
+
+@anchor{rest get--privacy}@anchor{48}
+@deffn {HTTP Get} GET /privacy
+
+Obtain the privacy policy of the service provided by the escrow provider.
+
+@strong{Response:}
+
+Returns the privacy policy of the provider, in the best language
+and format available based on the client’s request.
+@end deffn
+
+@node Manage policy,Managing truth,Receiving Terms of Service,Common encodings
+@anchor{rest id3}@anchor{49}@anchor{rest manage-policy}@anchor{4a}
+@subsubsection Manage policy
+
+
+This API is used by the Anastasis client to deposit or request encrypted
+recovery documents with the escrow provider. Generally, a client will deposit
+the same encrypted recovery document with each escrow provider, but provide
+a different truth to each escrow provider.
+
+Operations by the client are identified and authorized by @code{$ACCOUNT_PUB}, which
+should be kept secret from third parties. @code{$ACCOUNT_PUB} should be an account
+public key using the Crockford base32-encoding.
+
+In the following, UUID is always defined and used according to RFC 4122@footnote{https://tools.ietf.org/html/rfc4122}.
+
+@anchor{rest get--policy-$ACCOUNT_PUB[?version=$NUMBER]}@anchor{4b}
+@deffn {HTTP Get} GET /policy/$ACCOUNT_PUB[?version=$NUMBER]
+
+Get the customer’s encrypted recovery document. If @code{version}
+is not specified, the server returns the latest available version. If
+@code{version} is specified, returns the policy with the respective
+@code{version}. The response must begin with the nonce and
+an AES-GCM tag and continue with the ciphertext. Once decrypted, the
+plaintext is expected to contain:
+
+
+@itemize *
+
+@item
+the escrow policy
+
+@item
+the separately encrypted master public key
+@end itemize
+
+Note that the key shares required to decrypt the master public key are
+not included, as for this the client needs to obtain authorization.
+The policy does provide sufficient information for the client to determine
+how to authorize requests for @strong{truth}.
+
+The client MAY provide an @code{If-None-Match} header with an Etag.
+In that case, the server MUST additionally respond with an @code{304} status
+code in case the resource matches the provided Etag.
+
+@strong{Response}:
+
+
+@table @asis
+
+@item 200 OK@footnote{http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.2.1}:
+
+The escrow provider responds with an @ref{4c,,EncryptedRecoveryDocument} object.
+
+@item 304 Not modified@footnote{http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.3.5}:
+
+The client requested the same resource it already knows.
+
+@item 400 Bad request@footnote{http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1}:
+
+The @code{$ACCOUNT_PUB} is not an EdDSA public key.
+
+@item 402 Payment Required@footnote{http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.3}:
+
+The account’s balance is too low for the specified operation.
+See the Taler payment protocol specification for how to pay.
+
+@item 403 Forbidden@footnote{http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.4}:
+
+The required account signature was invalid.
+
+@item 404 Not found@footnote{http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.5}:
+
+The requested resource was not found.
+@end table
+
+@emph{Anastasis-Version}: $NUMBER — The server must return actual version of the encrypted recovery document via this header.
+If the client specified a version number in the header of the request, the server must return that version. If the client
+did not specify a version in the request, the server returns latest version of the @ref{4c,,EncryptedRecoveryDocument}.
+
+@emph{Etag}: Set by the server to the Base32-encoded SHA512 hash of the body. Used for caching and to prevent redundancies. The server MUST send the Etag if the status code is @code{200 OK}.
+
+@emph{If-None-Match}: If this is not the very first request of the client, this contains the Etag-value which the client has received before from the server.
+The client SHOULD send this header with every request (except for the first request) to avoid unnecessary downloads.
+
+@emph{Anastasis-Account-Signature}: The client must provide Base-32 encoded EdDSA signature over hash of body with @code{$ACCOUNT_PRIV}, affirming desire to download the requested encrypted recovery document. The purpose used MUST be @code{TALER_SIGNATURE_ANASTASIS_POLICY_DOWNLOAD} (1401).
+@end deffn
+
+@anchor{rest post--policy-$ACCOUNT_PUB}@anchor{4d}
+@deffn {HTTP Post} POST /policy/$ACCOUNT_PUB
+
+Upload a new version of the customer’s encrypted recovery document.
+While the document’s structure is described in JSON below, the upload
+should just be the bytestream of the raw data (i.e. 32-byte nonce followed
+by 16-byte tag followed by the encrypted document).
+If the request has been seen before, the server should do nothing, and otherwise store the new version.
+The body must begin with a nonce, an AES-GCM tag and continue with the ciphertext. The format
+is the same as specified for the response of the GET method. The
+Anastasis server cannot fully validate the format, but MAY impose
+minimum and maximum size limits.
+
+@strong{Request}:
+
+@*Query Parameters:
+
+@itemize *
+
+@item
+@code{storage_duration=YEARS} – For how many years from now would the client like us to
+store the recovery document? Defaults to 0 (that is, do
+not extend / prolong existing storage contract).
+The server will respond with a @code{402 Payment required}, but only
+if the rest of the request is well-formed (account
+signature must match). Clients that do not actually
+intend to make a new upload but that only want to pay
+may attempt to upload the latest backup again, as this
+option will be checked before the @code{304 Not modified}
+case.
+
+@item
+@code{timeout_ms=NUMBER} – @emph{Optional.} If specified, the Anastasis server will
+wait up to @code{timeout_ms} milliseconds for completion of the payment before
+sending the HTTP response. A client must never rely on this behavior, as the
+backend may return a response immediately.
+@end itemize
+
+
+@emph{If-None-Match}: This header MUST be present and set to the SHA512 hash (Etag) of the body by the client.
+The client SHOULD also set the @code{Expect: 100-Continue} header and wait for @code{100 continue}
+before uploading the body. The server MUST
+use the Etag to check whether it already knows the encrypted recovery document that is about to be uploaded.
+The server MUST refuse the upload with a @code{304} status code if the Etag matches
+the latest version already known to the server.
+
+@emph{Anastasis-Policy-Signature}: The client must provide Base-32 encoded EdDSA signature over hash of body with @code{$ACCOUNT_PRIV}, affirming desire to upload an encrypted recovery document.
+
+@emph{Payment-Identifier}: Base-32 encoded 32-byte payment identifier that was included in a previous payment (see @code{402} status code). Used to allow the server to check that the client paid for the upload (to protect the server against DoS attacks) and that the client knows a real secret of financial value (as the @strong{kdf_id} might be known to an attacker). If this header is missing in the client’s request (or the associated payment has exceeded the upload limit), the server must return a @code{402} response. When making payments, the server must include a fresh, randomly-generated payment-identifier in the payment request.
+
+@strong{Response}:
+
+
+@table @asis
+
+@item 204 No content@footnote{http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.2.5}:
+
+The encrypted recovery document was accepted and stored. @code{Anastasis-Version} and @code{Anastasis-UUID} headers
+indicate what version and UUID was assigned to this encrypted recovery document upload by the server.
+
+@item 304 Not modified@footnote{http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.3.5}:
+
+The same encrypted recovery document was previously accepted and stored. @code{Anastasis-Version} header
+indicates what version was previously assigned to this encrypted recovery document.
+
+@item 400 Bad request@footnote{http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1}:
+
+The @code{$ACCOUNT_PUB} is not an EdDSA public key or mandatory headers are missing.
+The response body MUST elaborate on the error using a Taler error code in the typical JSON encoding.
+
+@item 402 Payment required@footnote{http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.3}:
+
+The account’s balance is too low for the specified operation.
+See the Taler payment protocol specification for how to pay.
+The response body MAY provide alternative means for payment.
+
+@item 403 Forbidden@footnote{http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.4}:
+
+The required account signature was invalid. The response body may elaborate on the error.
+
+@item 413 Request entity too large@footnote{http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.14}:
+
+The upload is too large @emph{or} too small. The response body may elaborate on the error.
+@end table
+
+@strong{Details:}
+@anchor{rest encryptedrecoverydocument}@anchor{4c}
+@example
+interface EncryptedRecoveryDocument @{
+ // Nonce used to compute the (iv,key) pair for encryption of the
+ // encrypted_compressed_recovery_document.
+ nonce: [32]; //bytearray
+
+ // Authentication tag.
+ aes_gcm_tag: [16]; //bytearray
+
+ // Variable-size encrypted recovery document. After decryption,
+ // this contains a gzip compressed JSON-encoded `RecoveryDocument`.
+ // The nonce of the HKDF for this encryption must include the
+ // string "ERD".
+ encrypted_compressed_recovery_document: []; //bytearray of undefined length
+
+@}
+@end example
+@anchor{rest recoverydocument}@anchor{4e}
+@example
+interface RecoveryDocument @{
+ // Account identifier at backup provider, AES-encrypted with
+ // the (symmetric) master_key, i.e. an URL
+ // https://sync.taler.net/$BACKUP_ID and
+ // a private key to decrypt the backup. Anastasis is oblivious
+ // to the details of how this is ultimately encoded.
+ backup_account: []; //bytearray of undefined length
+
+ // List of escrow providers and selected authentication method.
+ methods: EscrowMethod[];
+
+ // List of possible decryption policies.
+ policy: DecryptionPolicy[];
+
+@}
+@end example
+@anchor{rest escrowmethod}@anchor{4f}
+@example
+interface EscrowMethod @{
+ // URL of the escrow provider (including possibly this Anastasis server).
+ provider_url : string;
+
+ // Type of the escrow method (e.g. security question, SMS etc.).
+ escrow_type: string;
+
+ // UUID of the escrow method (see /truth/ API below).
+ uuid: string;
+
+ // Key used to encrypt the `Truth` this `EscrowMethod` is related to.
+ // Client has to provide this key to the server when using `@w{`}/truth/`@w{`}.
+ truth_encryption_key: [32]; //bytearray
+
+ // Salt used to encrypt the truth on the Anastasis server.
+ truth_salt: [32]; //bytearray
+
+ // The challenge to give to the user (i.e. the security question
+ // if this is challenge-response).
+ // (Q: as string in base32 encoding?)
+ // (Q: what is the mime-type of this value?)
+ //
+ // For some methods, this value may be absent.
+ //
+ // The plaintext challenge is not revealed to the
+ // Anastasis server.
+ challenge: []; //bytearray of undefined length
+
+@}
+@end example
+@anchor{rest decryptionpolicy}@anchor{50}
+@example
+interface DecryptionPolicy @{
+ // Salt included to encrypt master key share when
+ // using this decryption policy.
+ policy_salt: [32]; //bytearray
+
+ // Master key, AES-encrypted with key derived from
+ // salt and keyshares revealed by the following list of
+ // escrow methods identified by UUID.
+ encrypted_master_key: [32]; //bytearray
+
+ // List of escrow methods identified by their UUID.
+ uuid: string[];
+
+@}
+@end example
+@end deffn
+
+@node Managing truth,,Manage policy,Common encodings
+@anchor{rest managing-truth}@anchor{51}@anchor{rest truth}@anchor{52}
+@subsubsection Managing truth
+
+
+This API is used by the Anastasis client to deposit @strong{truth} or request a (encrypted) @strong{key share} with
+the escrow provider.
+
+An @strong{escrow method} specifies an Anastasis provider and how the user should
+authorize themself. The @strong{truth} API allows the user to provide the
+(encrypted) key share to the respective escrow provider, as well as auxiliary
+data required for such a respective escrow method.
+
+An Anastasis-server may store truth for free for a certain time period, or
+charge per truth operation using GNU Taler.
+
+@anchor{rest post--truth-$UUID}@anchor{53}
+@deffn {HTTP Post} POST /truth/$UUID
+
+Upload a @ref{54,,TruthUploadRequest}-Object according to the policy the client created before (see @ref{4e,,RecoveryDocument}).
+If request has been seen before, the server should do nothing, and otherwise store the new object.
+
+@strong{Request:}
+
+@*Query Parameters:
+
+@itemize *
+
+@item
+@code{timeout_ms=NUMBER} – @emph{Optional.} If specified, the Anastasis server will
+wait up to @code{timeout_ms} milliseconds for completion of the payment before
+sending the HTTP response. A client must never rely on this behavior, as the
+backend may return a response immediately.
+@end itemize
+
+
+@strong{Response:}
+
+
+@table @asis
+
+@item 204 No content@footnote{http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.2.5}:
+
+Truth stored successfully.
+
+@item 304 Not modified@footnote{http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.3.5}:
+
+The same truth was previously accepted and stored under this UUID. The
+Anastasis server must still update the expiration time for the truth when returning
+this response code.
+
+@item 402 Payment required@footnote{http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.3}:
+
+This server requires payment to store truth per item.
+See the Taler payment protocol specification for how to pay.
+The response body MAY provide alternative means for payment.
+
+@item 409 Conflict@footnote{http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.10}:
+
+The server already has some truth stored under this UUID. The client should check that it
+is generating UUIDs with enough entropy.
+
+@item 412 Precondition failed@footnote{http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.13}:
+
+The selected authentication method is not supported on this provider.
+@end table
+
+@strong{Details:}
+@anchor{rest truthuploadrequest}@anchor{54}
+@example
+interface TruthUploadRequest @{
+ // Contains the information of an interface `EncryptedKeyShare`, but simply
+ // as one binary block (in Crockford Base32 encoding for JSON).
+ key_share_data: []; //bytearray
+
+ // Key share method, i.e. "security question", "SMS", "e-mail", ...
+ type: string;
+
+ // Nonce used to compute the (iv,key) pair for encryption of the
+ // encrypted_truth.
+ nonce: [32]; //bytearray
+
+ // Authentication tag of `@w{`}encrypted_truth`@w{`}.
+ aes_gcm_tag: [16]; //bytearray
+
+ // Variable-size truth. After decryption,
+ // this contains the ground truth, i.e. H(challenge answer),
+ // phone number, e-mail address, picture, fingerprint, ...
+ // **base32 encoded**.
+ //
+ // The nonce of the HKDF for this encryption must include the
+ // string "ECT".
+ encrypted_truth: [80]; //bytearray
+
+ // MIME type of truth, i.e. text/ascii, image/jpeg, etc.
+ truth_mime: string;
+
+ // For how many years from now would the client like us to
+ // store the truth?
+ storage_duration_years: Integer;
+
+@}
+@end example
+@end deffn
+
+@anchor{rest get--truth-$UUID[?response=$H_RESPONSE]}@anchor{55}
+@deffn {HTTP Get} GET /truth/$UUID[?response=$H_RESPONSE]
+
+Get the stored encrypted key share. If @code{$H_RESPONSE} is specified by the client, the server checks
+if @code{$H_RESPONSE} matches the expected response specified before within the @ref{54,,TruthUploadRequest} (see @code{encrypted_truth}).
+Also, the user has to provide the correct @emph{truth_encryption_key} with every get request (see below).
+When @code{$H_RESPONSE} is correct, the server responds with the encrypted key share.
+The encrypted key share is returned simply as a byte array and not in JSON format.
+
+@strong{Response}:
+
+
+@table @asis
+
+@item 200 OK@footnote{http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.2.1}:
+
+@ref{56,,EncryptedKeyShare} is returned in body (in binary).
+
+@item 202 Accepted@footnote{http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.2.3}:
+
+The escrow provider will respond out-of-band (i.e. SMS).
+The body may contain human-readable instructions on next steps.
+
+@item >>208 Already Reported<<:
+
+An authentication challenge was recently send, client should
+simply respond to the pending challenge.
+
+@item 303 See other@footnote{http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.3.4}:
+
+The provider redirects for authentication (i.e. video identification/WebRTC).
+If the client is not a browser, it should launch a browser at the URL
+given in the @code{Location} header and allow the user to re-try the operation
+after successful authorization.
+
+@item 402 Payment required@footnote{http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.3}:
+
+The service requires payment for access to truth.
+See the Taler payment protocol specification for how to pay.
+The response body MAY provide alternative means for payment.
+
+@item 403 Forbidden@footnote{http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.4}:
+
+The server requires a valid “response” to the challenge associated with the UUID.
+
+@item 404 Not found@footnote{http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.5}:
+
+The server does not know any truth under the given UUID.
+
+@item 410 Gone@footnote{http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.11}:
+
+The server has not (recently) issued a challenge under the given UUID,
+but a reply was provided. (This does not apply for secure question.)
+
+@item 417 Expectation Failed@footnote{http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.18}:
+
+The decrypted @code{truth} does not match the expectations of the authentication
+backend, i.e. a phone number for sending an SMS is not a number, or
+an e-mail address for sending an E-mail is not a valid e-mail address.
+
+@item 503 Service Unavailable@footnote{http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.5.4}:
+
+Server is out of Service.
+@end table
+
+@emph{Truth-Decryption-Key}: Key used to encrypt the @strong{truth} (see encrypted_truth within @ref{54,,TruthUploadRequest}) and which has to provided by the user. The key is stored with
+the according @ref{4f,,EscrowMethod}. The server needs this key to get the info out of @ref{54,,TruthUploadRequest} needed to verify the @code{$RESPONSE}.
+
+@strong{Details:}
+@anchor{rest encryptedkeyshare}@anchor{56}
+@example
+interface EncryptedKeyShare @{
+ // Nonce used to compute the decryption (iv,key) pair.
+ nonce_i: [32]; //bytearray
+
+ // Authentication tag.
+ aes_gcm_tag_i: [16]; //bytearray
+
+ // Encrypted key-share in base32 encoding.
+ // After decryption, this yields a `KeyShare`. Note that
+ // the `KeyShare` MUST be encoded as a fixed-size binary
+ // block (instead of in JSON encoding).
+ //
+ // HKDF for the key generation must include the
+ // string "eks" as salt.
+ // Depending on the method,
+ // the HKDF may additionally include
+ // bits from the response (i.e. some hash over the
+ // answer to the security question).
+ encrypted_key_share_i: [32]; //bytearray
+
+@}
+@end example
+@anchor{rest keyshare}@anchor{57}
+@example
+interface KeyShare @{
+ // Key material to concatenate with policy_salt and KDF to derive
+ // the key to decrypt the master key.
+ key_share: [32]; //bytearray
+
+ // Signature over method, UUID, and `@w{`}key_share`@w{`}.
+ account_sig: EddsaSignature;
+
+@}
+@end example
+@end deffn
+
+@c This file is part of Anastasis
+@c Copyright (C) 2019-2021 Anastasis SARL
+@c
+@c Anastasis is free software; you can redistribute it and/or modify it under the
+@c terms of the GNU Affero General Public License as published by the Free Software
+@c Foundation; either version 2.1, or (at your option) any later version.
+@c
+@c Anastasis is distributed in the hope that it will be useful, but WITHOUT ANY
+@c WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
+@c A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details.
+@c
+@c You should have received a copy of the GNU Affero General Public License along with
+@c Anastasis; see the file COPYING. If not, see <http://www.gnu.org/licenses/>
+@c
+@c @author Christian Grothoff
+@c @author Dominik Meister
+@c @author Dennis Neufeld
+
+@node Reducer API,Authentication Methods,REST API,Documentation Overview
+@anchor{reducer doc}@anchor{58}@anchor{reducer reducer-api}@anchor{59}
+@section Reducer API
+
+
+This section describes the Anastasis Reducer API which is used by client applications
+to store or load the different states the client application can have.
+The reducer takes a @ref{5a,,state} in JSON syntax and returns the new state in JSON syntax.
+
+For example a @strong{state} may take the following structure:
+
+@example
+@{
+ "backup_state": "CONTINENT_SELECTING",
+ "continents": [
+ "Europe",
+ "North_America"
+ ]
+@}
+@end example
+
+The new state depends on the previous one and on the transition @ref{5b,,action} with its
+arguments given to the reducer. A @strong{transition argument} also is a statement in JSON syntax:
+
+@example
+@{
+ "continent": "Europe"
+@}
+@end example
+
+The new state returned by the reducer with the state and transition argument defined
+above would look like following for the transition @ref{5b,,action} @code{select_continent}:
+
+@example
+@{
+ "backup_state": "COUNTRY_SELECTING",
+ "continents": [
+ "Europe",
+ "North_America"
+ ],
+ "selected_continent": "Europe",
+ "countries": [
+ @{
+ "code": "ch",
+ "name": "Switzerland",
+ "continent": "Europe",
+ "name_i18n": @{
+ "de_DE": "Schweiz",
+ "de_CH": "Schwiiz",
+ "fr": "Suisse",
+ "en": "Swiss"
+ @},
+ "currency": "CHF"
+ @},
+ @{
+ "code": "de",
+ "name": "Germany",
+ "continent": "Europe",
+ "continent_i18n": @{
+ "de": "Europa"
+ @},
+ "name_i18n": @{
+ "de_DE": "Deutschland",
+ "de_CH": "Deutschland",
+ "fr": "Allemagne",
+ "en": "Germany"
+ @},
+ "currency": "EUR"
+ @}
+ ]
+@}
+@end example
+
+@menu
+* States::
+* Backup Reducer::
+* Recovery Reducer::
+* Reducer transitions::
+
+@end menu
+
+@node States,Backup Reducer,,Reducer API
+@anchor{reducer states}@anchor{5c}
+@subsection States
+
+
+Overall, the reducer knows the following states:
+
+@quotation
+
+
+@itemize -
+
+@item
+
+@table @asis
+
+@item @strong{ERROR}: The transition led to an error. No further transitions are possible from
+
+this state, but the client may want to continue from a previous state.
+@end table
+
+@item
+
+@table @asis
+
+@item @strong{CONTINENT_SELECTING}: The user should specify the continent where they are living,
+
+so that we can show a list of countries to choose from.
+@end table
+
+@item
+
+@table @asis
+
+@item @strong{COUNTRY_SELECTING}: The user should specify the country where they are living,
+
+so that we can determine appropriate attributes, currencies and Anastasis
+providers.
+@end table
+
+@item
+
+@table @asis
+
+@item @strong{USER_ATTRIBUTES_COLLECTING}: The user should provide the country-specific personal
+
+attributes.
+@end table
+
+@item
+
+@table @asis
+
+@item @strong{AUTHENTICATIONS_EDITING}: The user should add authentication methods to be used
+
+during recovery.
+@end table
+
+@item
+@strong{POLICIES_REVIEWING}: The user should review the recovery policies.
+
+@item
+@strong{SECRET_EDITING}: The user should edit the secret to be backed up.
+
+@item
+
+@table @asis
+
+@item @strong{TRUTHS_PAYING}: The user needs to pay for one or more uploads of data associated
+
+with an authentication method.
+@end table
+
+@item
+@strong{POLICIES_PAYING}: The user needs to pay for storing the recovery policy document.
+
+@item
+@strong{BACKUP_FINISHED}: A backup has been successfully generated.
+
+@item
+
+@table @asis
+
+@item @strong{SECRET_SELECTING}: The user needs to select a recovery policy document with
+
+the secret that is to be recovered.
+@end table
+
+@item
+
+@table @asis
+
+@item @strong{CHALLENGE_SELECTING}: The user needs to select an authorization challenge to
+
+proceed with recovery.
+@end table
+
+@item
+@strong{CHALLENGE_PAYING}: The user needs to pay to proceed with the authorization challenge.
+
+@item
+@strong{CHALLENGE_SOLVING}: The user needs to solve the authorization challenge.
+
+@item
+@strong{RECOVERY_FINISHED}: The secret of the user has been recovered.
+@end itemize
+@end quotation
+
+State names:
+
+@quotation
+
+
+@itemize -
+
+@item
+In SELECTING-states, the user has to choose one value out of a predefined set of values (for example a continent out of a set of continents).
+
+@item
+In COLLECTING-states, the user has to give certain values.
+
+@item
+In EDITING-states, the user is free to choose which values he wants to give.
+
+@item
+In REVEIWING-states, the user may make a few choices, but primarily is expected to affirm something.
+
+@item
+in PAYING-states, the user must make a payment.
+
+@item
+in FINISHED-states, the operation has definitively concluded.
+@end itemize
+@end quotation
+
+@node Backup Reducer,Recovery Reducer,States,Reducer API
+@anchor{reducer backup-reducer}@anchor{5d}
+@subsection Backup Reducer
+
+@anchor{reducer state}@anchor{5a}@anchor{reducer action}@anchor{5b}
+
+@float Figure
+
+@image{anastasis-figures/anastasis_reducer_backup,,,fig-anastasis_reducer_backup,png}
+
+@caption{Backup states and their transitions.}
+
+@end float
+
+
+The illustration above shows the different states the reducer can have during a backup
+process.
+
+@node Recovery Reducer,Reducer transitions,Backup Reducer,Reducer API
+@anchor{reducer recovery-reducer}@anchor{5e}
+@subsection Recovery Reducer
+
+
+
+@float Figure
+
+@image{anastasis-figures/anastasis_reducer_recovery,,,fig-anastasis_reducer_recovery,png}
+
+@caption{Recovery states and their transitions.}
+
+@end float
+
+
+The illustration above shows the different states the reducer can have during a recovery
+process.
+
+@node Reducer transitions,,Recovery Reducer,Reducer API
+@anchor{reducer reducer-transitions}@anchor{5f}
+@subsection Reducer transitions
+
+
+In the following, the individual transitions will be specified in more detail.
+Note that we only show fields added by the reducer, typically the previous
+state is preserved to enable “back” transitions to function smoothly.
+
+@menu
+* Initial state::
+* Common transitions::
+* Backup transitions::
+* Recovery transitions::
+
+@end menu
+
+@node Initial state,Common transitions,,Reducer transitions
+@anchor{reducer initial-state}@anchor{60}
+@subsubsection Initial state
+
+
+The initial states for backup and recovery processes are:
+
+@strong{Initial backup state:}
+
+@example
+@{
+ "backup_state": "CONTINENT_SELECTING",
+ "continents": [
+ "Europe",
+ "North America"
+ ]
+@}
+@end example
+
+@strong{Initial recovery state:}
+
+@example
+@{
+ "recovery_state": "CONTINENT_SELECTING",
+ "continents": [
+ "Europe",
+ "North America"
+ ]
+@}
+@end example
+
+Here, “continents” is an array of English strings with the names of the
+continents which contain countries for which Anastasis could function (based
+on having providers that are known to operate and rules being provided for
+user attributes from those countries).
+
+For internationalization, another field @code{continents_i18n} may be present.
+This field would be a map of language names to arrays of translated
+continent names:
+
+@example
+@{
+ "recovery_state": "CONTINENT_SELECTING",
+ "continents": [
+ "Europe",
+ "North America"
+ ]
+ "continents_i18n":
+ @{
+ "de_DE" : [
+ "Europa",
+ "Nordamerika"
+ ],
+ "de_CH" : [
+ "Europa",
+ "Nordamerika"
+ ]
+ @}
+@}
+@end example
+
+Translations must be given in the same order as the main English array.
+
+@node Common transitions,Backup transitions,Initial state,Reducer transitions
+@anchor{reducer common-transitions}@anchor{61}
+@subsubsection Common transitions
+
+
+@strong{select_continent:}
+
+Here the user specifies the continent they live on. Arguments (example):
+
+@example
+@{
+ "continent": "Europe"
+@}
+@end example
+
+The continent must be given using the English name from the @code{continents} array.
+Using a translated continent name is invalid and may result in failure.
+
+The reducer returns an updated state with a list of countries to choose from,
+for example:
+
+@example
+@{
+ "backup_state": "COUNTRY_SELECTING",
+ "selected_continent": "Europe",
+ "countries": [
+ @{
+ "code": "ch",
+ "name": "Switzerland",
+ "continent": "Europe",
+ "name_i18n": @{
+ "de_DE": "Schweiz",
+ "de_CH": "Schwiiz",
+ "fr": "Suisse",
+ "en": "Swiss"
+ @},
+ "currency": "CHF"
+ @},
+ @{
+ "code": "de",
+ "name": "Germany",
+ "continent": "Europe",
+ "continent_i18n": @{
+ "de": "Europa"
+ @},
+ "name_i18n": @{
+ "de_DE": "Deutschland",
+ "de_CH": "Deutschland",
+ "fr": "Allemagne",
+ "en": "Germany"
+ @},
+ "currency": "EUR"
+ @}
+ ]
+@}
+@end example
+
+Here @code{countries} is an array of countries on the @code{selected_continent}. For
+each country, the @code{code} is the ISO 3166-1 alpha-2 country code. The
+@code{continent} is only present because some countries span continents, the
+information is redundant and will always match @code{selected_continent}. The
+@code{name} is the name of the country in English, internationalizations of the
+name may be provided in @code{name_i18n}. The @code{currency} is @strong{an} official
+currency of the country, if a country has multiple currencies, it may appear
+multiple times in the list. In this case, the user should select the entry
+with the currency they intend to pay with. It is also possible for users
+to select a currency that does not match their country, but user interfaces
+should by default try to use currencies that match the user’s residence.
+
+@strong{select_country:}
+
+Selects the country (via the country code) and specifies the currency.
+The latter is needed as some countries have more than one currency,
+and some use-cases may also involve users insisting on paying with
+foreign currency.
+
+Arguments (example):
+
+@example
+@{
+ "country_code": "de",
+ "currency": "EUR"
+@}
+@end example
+
+The @code{country_code} must be an ISO 3166-1 alpha-2 country code from
+the array of @code{countries} of the reducer’s state. The @code{currency}
+field must be a valid currency accepted by the Taler payment system.
+
+The reducer returns a new state with the list of attributes the
+user is expected to provide, as well as possible authentication
+providers that accept payments in the selected currency:
+
+@example
+@{
+ "backup_state": "USER_ATTRIBUTES_COLLECTING",
+ "selected_country": "de",
+ "currency": "EUR",
+ "required_attributes": [
+ @{
+ "type": "string",
+ "name": "full_name",
+ "label": "Full name",
+ "label_i18n": @{
+ "de_DE": "Vollstaendiger Name",
+ "de_CH": "Vollstaendiger. Name",
+ "fr": "Nom complet",
+ "en": "Full name"
+ @},
+ "widget": "anastasis_gtk_ia_full_name",
+ "uuid" : "9e8f463f-575f-42cb-85f3-759559997331"
+ @},
+ @{
+ "type": "date",
+ "name": "birthdate",
+ "label": "Birthdate",
+ "label_i18n": @{
+ "de_DE": "Geburtsdatum",
+ "de_CH": "Geburtsdatum",
+ "fr": "Date de naissance",
+ "en": "Birthdate"
+ @},
+ "uuid" : "83d655c7-bdb6-484d-904e-80c1058c8854"
+ "widget": "anastasis_gtk_ia_birthdate"
+ @},
+ @{
+ "type": "string",
+ "name": "tax_number",
+ "label": "Taxpayer identification number",
+ "label_i18n":@{
+ "de_DE": "Steuerliche Identifikationsnummer",
+ "de_CH": "Steuerliche Identifikationsnummer",
+ "en": "German taxpayer identification number"
+ @},
+ "widget": "anastasis_gtk_ia_tax_de",
+ "uuid": "dae48f85-e3ff-47a4-a4a3-ed981ed8c3c6",
+ "validation-regex": "^[0-9]@{11@}$",
+ "validation-logic": "DE_TIN_check"
+ @},
+ @{
+ "type": "string",
+ "name": "social_security_number",
+ "label": "Social security number",
+ "label_i18n": @{
+ "de_DE": "Sozialversicherungsnummer",
+ "de_CH": "Sozialversicherungsnummer",
+ "fr": "Numéro de sécurité sociale",
+ "en": "Social security number"
+ @},
+ "widget": "anastasis_gtk_ia_ssn",
+ "validation-regex": "^[0-9]@{8@}[[:upper:]][0-9]@{3@}$",
+ "validation-logic": "DE_SVN_check"
+ "optional" : true
+ @}
+ ],
+ "authentication_providers": @{
+ "http://localhost:8089/": @{
+ "http_status": 200,
+ "methods": [
+ @{ "type" : "question",
+ "usage_fee" : "EUR:0.0" @},
+ @{ "type" : "sms",
+ "usage_fee" : "EUR:0.5" @}
+ ],
+ "annual_fee": "EUR:4.99",
+ "truth_upload_fee": "EUR:4.99",
+ "liability_limit": "EUR:1",
+ "currency": "EUR",
+ "truth_lifetime": @{ "d_ms" : 50000000 @},
+ "storage_limit_in_megabytes": 1,
+ "provider_name": "Anastasis 4",
+ "salt": "CXAPCKSH9D3MYJTS9536RHJHCW"
+ @},
+ "http://localhost:8088/": @{
+ "http_status": 200,
+ "methods": [
+ @{ "type" : "question",
+ "usage_fee" : "EUR:0.01" @},
+ @{ "type" : "sms",
+ "usage_fee" : "EUR:0.55" @}
+ ],
+ "annual_fee": "EUR:0.99",
+ "truth_upload_fee": "EUR:3.99",
+ "liability_limit": "EUR:1",
+ "currency": "EUR",
+ "truth_lifetime": @{ "d_ms" : 50000000 @},
+ "storage_limit_in_megabytes": 1,
+ "provider_name": "Anastasis 4",
+ "salt": "CXAPCKSH9D3MYJTS9536RHJHCW"
+ @}
+ @}
+@}
+@end example
+
+The array of @code{required_attributes} contains attributes about the user
+that must be provided includes:
+
+@quotation
+
+
+@itemize -
+
+@item
+@strong{type}: The type of the attribute, for now only @code{string} and @code{date} are
+supported.
+
+@item
+@strong{name}: The name of the attribute, this is the key under which the
+attribute value must be provided later. The name must be unique per response.
+
+@item
+@strong{label}: A human-readable description of the attribute in English.
+Translated descriptions may be provided under @strong{label_i18n}.
+
+@item
+@strong{uuid}: A UUID that uniquely identifies identical attributes across
+different countries. Useful to preserve values should the user enter
+some attributes, and then switch to another country. Note that
+attributes must not be preserved if they merely have the same @strong{name},
+only the @strong{uuid} will be identical if the semantics is identical.
+
+@item
+@strong{widget}: An optional name of a widget that is known to nicely render
+the attribute entry in user interfaces where named widgets are
+supported.
+
+@item
+@strong{validation-regex}: An optional extended POSIX regular expression
+that is to be used to validate (string) inputs to ensure they are
+well-formed.
+
+@item
+@strong{validation-logic}: Optional name of a function that should be called
+to validate the input. If the function is not known to the particular
+client, the respective validation can be skipped (at the expense of
+typos by users not being detected, possibly rendering secrets
+irrecoverable).
+
+@item
+@strong{optional}: Optional boolean field that, if @code{true}, indicates that
+this attribute is not actually required but optional and users MAY leave
+it blank in case they do not have the requested information. Used for
+common fields that apply to some large part of the population but are
+not sufficiently universal to be actually required.
+@end itemize
+@end quotation
+
+The authentication providers are listed under a key that is the
+base URL of the service. For each provider, the following
+information is provided if the provider was successfully contacted:
+
+@quotation
+
+
+@itemize -
+
+@item
+@strong{http_status}: HTTP status code, always @code{200} on success.
+
+@item
+@strong{methods}: Array of authentication methods supported by this
+provider. Includes the @strong{type} of the authentication method
+and the @strong{usage_fee} (how much the user must pay for authorization
+using this method during recovery).
+
+@item
+@strong{annual_fee}: Fee the provider charges to store the recovery
+policy for one year.
+
+@item
+@strong{truth_upload_fee}: Fee the provider charges to store a key share.
+
+@item
+@strong{liability_limit}: Amount the provider can be held liable for in
+case a key share or recovery document cannot be recovered due to
+provider failures.
+
+@item
+@strong{currency}: Currency in which the provider wants to be paid,
+will match all of the fees.
+
+@item
+@strong{storage_limit_in_megabytes}: Maximum size of an upload (for
+both recovery document and truth data) in megabytes.
+
+@item
+@strong{provider_name}: Human-readable name of the provider’s business.
+
+@item
+@strong{salt}: Salt value used by the provider, used to derive the
+user’s identity at this provider. Should be unique per provider,
+and must never change for a given provider. The salt is
+base32 encoded.
+@end itemize
+@end quotation
+
+If contacting the provider failed, the information returned is:
+
+@quotation
+
+
+@itemize -
+
+@item
+@strong{http_status}: HTTP status code (if available, possibly 0 if
+we did not even obtain an HTTP response).
+
+@item
+@strong{error_code}: Taler error code, never 0.
+@end itemize
+@end quotation
+
+@strong{add_provider}:
+
+This operation can be performed in state @code{USER_ATTRIBUTES_COLLECTING}. It
+adds one or more Anastasis providers to the list of providers the reducer
+should henceforth consider. Note that removing providers is not possible at
+this time.
+
+Here, the client must provide an array with the base URLs of the
+providers to add, for example:
+
+@example
+@{
+ "urls": [
+ "http://localhost:8888/",
+ "http://localhost:8089/"
+ ]
+@}
+@end example
+
+Note that existing providers will remain in the state. The following is an
+example for an expected new state where the service on port 8089 is
+unreachable, the service on port 8088 was previously known, and service on
+port 8888 was now added:
+
+@example
+@{
+ "backup_state": "USER_ATTRIBUTES_COLLECTING",
+ "authentication_providers": @{
+ "http://localhost:8089/": @{
+ "error_code": 11,
+ "http_status": 0
+ @},
+ "http://localhost:8088/": @{
+ "http_status": 200,
+ "methods": [
+ @{ "type" : "question",
+ "usage_fee" : "EUR:0.01" @},
+ @{ "type" : "sms",
+ "usage_fee" : "EUR:0.55" @}
+ ],
+ "annual_fee": "EUR:0.99",
+ "truth_upload_fee": "EUR:3.99",
+ "liability_limit": "EUR:1",
+ "currency": "EUR",
+ "truth_lifetime": @{ "d_ms" : 50000000 @},
+ "storage_limit_in_megabytes": 1,
+ "provider_name": "Anastasis 4",
+ "salt": "CXAPCKSH9D3MYJTS9536RHJHCW"
+ @}
+ "http://localhost:8888/": @{
+ "methods": [
+ @{ "type" : "question",
+ "usage_fee" : "EUR:0.01" @},
+ @{ "type" : "sms",
+ "usage_fee" : "EUR:0.55" @}
+ ],
+ "annual_fee": "EUR:0.99",
+ "truth_upload_fee": "EUR:3.99",
+ "liability_limit": "EUR:1",
+ "currency": "EUR",
+ "truth_lifetime": @{ "d_ms" : 50000000 @},
+ "storage_limit_in_megabytes": 1,
+ "provider_name": "Anastasis 42",
+ "salt": "BXAPCKSH9D3MYJTS9536RHJHCX"
+ @}
+ @}
+@}
+@end example
+
+@node Backup transitions,Recovery transitions,Common transitions,Reducer transitions
+@anchor{reducer backup-transitions}@anchor{62}
+@subsubsection Backup transitions
+
+
+@strong{enter_user_attributes:}
+
+This transition provides the user’s personal attributes. The specific set of
+attributes required depends on the country of residence of the user. Some
+attributes may be optional, in which case they should be omitted entirely
+(that is, not simply be set to @code{null} or an empty string). Example
+arguments would be:
+
+@example
+@{
+ "identity_attributes": @{
+ "full_name": "Max Musterman",
+ "social_security_number": "123456789",
+ "birthdate": "2000-01-01",
+ "birthplace": "Earth"
+ @}
+@}
+@end example
+
+Note that at this stage, the state machines between backup and
+recovery diverge and the @code{recovery_state} will begin to look
+very different from the @code{backup_state}.
+
+For backups, if all required attributes are present, the reducer will
+transition to an @code{AUTHENTICATIONS_EDITING} state with the attributes added
+to it:
+
+@example
+@{
+ "backup_state": "AUTHENTICATIONS_EDITING",
+ "identity_attributes": @{
+ "full_name": "Max Musterman",
+ "social_security_number": "123456789",
+ "birthdate": "2000-01-01",
+ "birthplace": "Earth"
+ @}
+@}
+@end example
+
+If required attributes are missing, do not match the required regular
+expression, or fail the custom validation logic, the reducer SHOULD transition
+to an error state indicating what was wrong about the input. A reducer that
+does not support some specific validation logic MAY accept the invalid input
+and proceed anyway. The error state will include a Taler error code that
+is specific to the failure, and optional details. Example:
+
+@example
+@{
+ "backup_state": "ERROR",
+ "code": 8404,
+ "hint": "An input did not match the regular expression.",
+ "detail": "social_security_number"
+@}
+@end example
+
+Clients may safely repeat this transition to validate the user’s inputs
+until they satisfy all of the constraints. This way, the user interface
+does not have to perform the input validation directly.
+
+@strong{add_authentication}:
+
+This transition adds an authentication method. The method must be supported
+by one or more providers that are included in the current state. Adding an
+authentication method requires specifying the @code{type} and @code{instructions} to
+be given to the user. The @code{challenge} is encrypted and stored at the
+Anastasis provider. The specific semantics of the value depend on the
+@code{type}. Typical challenges values are a phone number (to send an SMS to),
+an e-mail address (to send a PIN code to) or the answer to a security
+question. Note that these challenge values will still be encrypted (and
+possibly hashed) before being given to the Anastasis providers.
+
+Note that the @code{challenge} must be given in Crockford Base32 encoding, as it
+MAY include binary data (such as a photograph of the user). In the latter
+case, the optional @code{mime_type} field must be provided to give the MIME type
+of the value encoded in @code{challenge}.
+
+@example
+@{
+ "authentication_method":
+ @{
+ "type": "question",
+ "mime_type" : "text/plain",
+ "instructions" : "What is your favorite GNU package?",
+ "challenge" : "E1QPPS8A",
+ @}
+@}
+@end example
+
+If the information provided is valid, the reducer will add the new
+authentication method to the array of authentication methods:
+
+@example
+@{
+ "backup_state": "AUTHENTICATIONS_EDITING",
+ "authentication_methods": [
+ @{
+ "type": "question",
+ "mime_type" : "text/plain",
+ "instructions" : "What is your favorite GNU package?",
+ "challenge" : "E1QPPS8A",
+ @},
+ @{
+ "type": "email",
+ "instructions" : "E-mail to user@@*le.com",
+ "challenge": "ENSPAWJ0CNW62VBGDHJJWRVFDM50"
+ @}
+ ]
+@}
+@end example
+
+@strong{delete_authentication}:
+
+This transition can be used to remove an authentication method from the
+array of authentication methods. It simply requires the index of the
+authentication method to remove. Note that the array is 0-indexed:
+
+@example
+@{
+ "authentication_method": 1
+@}
+@end example
+
+Assuming we begin with the state from the example above, this would
+remove the @code{email} authentication method, resulting in the following
+response:
+
+@example
+@{
+ "backup_state": "AUTHENTICATIONS_EDITING",
+ "authentication_methods": [
+ @{
+ "type": "question",
+ "mime_type" : "text/plain",
+ "instructions" : "What is your favorite GNU package?",
+ "challenge" : "gdb",
+ @}
+ ]
+@}
+@end example
+
+If the index is invalid, the reducer will instead
+transition into an @code{ERROR} state.
+
+@strong{next} (from @code{AUTHENTICATIONS_EDITING}):
+
+This transition confirms that the user has finished adding (or removing)
+authentication methods, and that the system should now automatically compute
+a set of reasonable recovery policies.
+
+This transition does not take any mandatory arguments. Optional arguments can
+be provided to upload the recovery document only to a specific subset of the
+providers:
+
+@example
+@{
+ "providers": [
+ "http://localhost:8088/",
+ "http://localhost:8089/"
+ ]
+@}
+@end example
+
+The resulting state provides the suggested recovery policies in a way suitable
+for presentation to the user:
+
+@example
+@{
+ "backup_state": "POLICIES_REVIEWING",
+ "policy_providers" : [
+ @{ "provider_url" : "http://localhost:8088/" @},
+ @{ "provider_url" : "http://localhost:8089/" @}
+ ],
+ "policies": [
+ @{
+ "methods": [
+ @{
+ "authentication_method": 0,
+ "provider": "http://localhost:8088/"
+ @},
+ @{
+ "authentication_method": 1,
+ "provider": "http://localhost:8089/"
+ @},
+ @{
+ "authentication_method": 2,
+ "provider": "http://localhost:8087/"
+ @}
+ ]
+ @},
+ @{
+ "methods": [
+ @{
+ "authentication_method": 0,
+ "provider": "http://localhost:8088/"
+ @},
+ @{
+ "authentication_method": 1,
+ "provider": "http://localhost:8089/"
+ @},
+ @{
+ "authentication_method": 3,
+ "provider": "http://localhost:8089/"
+ @}
+ ]
+ @}
+ ]
+@}
+@end example
+
+For each recovery policy, the state includes the specific details of which
+authentication @code{methods} must be solved to recovery the secret using this
+policy. The @code{methods} array specifies the index of the
+@code{authentication_method} in the @code{authentication_methods} array, as well as
+the provider that was selected to supervise this authentication.
+
+If no authentication method was provided, the reducer will transition into an
+@code{ERROR} state instead of suggesting policies.
+
+@strong{add_policy}:
+
+Using this transition, the user can add an additional recovery policy to the
+state. The argument format is the same that is used in the existing state.
+An example for a possible argument would thus be:
+
+@example
+@{
+ "policy": [
+ @{
+ "authentication_method": 1,
+ "provider": "http://localhost:8088/"
+ @},
+ @{
+ "authentication_method": 3,
+ "provider": "http://localhost:8089/"
+ @}
+ ]
+@}
+@end example
+
+Note that the specified providers must already be in the
+@code{authentication_providers} of the state. You cannot add new providers at
+this stage. The reducer will simply attempt to append the suggested policy to
+the “policies” array, returning an updated state:
+
+@example
+@{
+ "backup_state": "POLICIES_REVIEWING",
+ "policies": [
+ @{
+ "methods": [
+ @{
+ "authentication_method": 0,
+ "provider": "http://localhost:8089/"
+ @},
+ @{
+ "authentication_method": 1,
+ "provider": "http://localhost:8088/"
+ @}
+ ]
+ @},
+ @{
+ "methods": [
+ @{
+ "authentication_method": 0,
+ "provider": "http://localhost:8089/"
+ @},
+ @{
+ "authentication_method": 2,
+ "provider": "http://localhost:8088/"
+ @}
+ ]
+ @},
+ @{
+ "methods": [
+ @{
+ "authentication_method": 1,
+ "provider": "http://localhost:8089/"
+ @},
+ @{
+ "authentication_method": 2,
+ "provider": "http://localhost:8088/"
+ @}
+ ]
+ @},
+ @{
+ "methods": [
+ @{
+ "authentication_method": 1,
+ "provider": "http://localhost:8088/"
+ @},
+ @{
+ "authentication_method": 3,
+ "provider": "http://localhost:8089/"
+ @}
+ ]
+ @}
+ ]
+@}
+@end example
+
+If the new policy is invalid, for example because it adds an unknown
+authentication method, or the selected provider does not support the type of
+authentication, the reducer will transition into an @code{ERROR} state instead of
+adding the new policy.
+
+@strong{update_policy}:
+
+Using this transition, the user can modify an existing recovery policy
+in the state.
+The argument format is the same that is used in @strong{add_policy},
+except there is an additional key @code{policy_index} which
+identifies the policy to modify.
+An example for a possible argument would thus be:
+
+@example
+@{
+ "policy_index" : 1,
+ "policy": [
+ @{
+ "authentication_method": 1,
+ "provider": "http://localhost:8088/"
+ @},
+ @{
+ "authentication_method": 3,
+ "provider": "http://localhost:8089/"
+ @}
+ ]
+@}
+@end example
+
+If the new policy is invalid, for example because it adds an unknown
+authentication method, or the selected provider does not support the type of
+authentication, the reducer will transition into an @code{ERROR} state instead of
+modifying the policy.
+
+@strong{delete_policy:}
+
+This transition allows the deletion of a recovery policy. The argument
+simply specifies the index of the policy to delete, for example:
+
+@example
+@{
+ "policy_index": 3
+@}
+@end example
+
+Given as input the state from the example above, the expected new state would
+be:
+
+@example
+@{
+ "backup_state": "POLICIES_REVIEWING",
+ "policies": [
+ @{
+ "methods": [
+ @{
+ "authentication_method": 0,
+ "provider": "http://localhost:8089/"
+ @},
+ @{
+ "authentication_method": 1,
+ "provider": "http://localhost:8088/"
+ @}
+ ]
+ @},
+ @{
+ "methods": [
+ @{
+ "authentication_method": 0,
+ "provider": "http://localhost:8089/"
+ @},
+ @{
+ "authentication_method": 2,
+ "provider": "http://localhost:8088/"
+ @}
+ ]
+ @},
+ @{
+ "methods": [
+ @{
+ "authentication_method": 1,
+ "provider": "http://localhost:8089/"
+ @},
+ @{
+ "authentication_method": 2,
+ "provider": "http://localhost:8088/"
+ @}
+ ]
+ @}
+ ]
+@}
+@end example
+
+If the index given is invalid, the reducer will transition into an @code{ERROR} state
+instead of deleting a policy.
+
+@strong{delete_challenge:}
+
+This transition allows the deletion of an individual
+challenge from a recovery policy. The argument
+simply specifies the index of the policy and challenge
+to delete, for example:
+
+@example
+@{
+ "policy_index": 1,
+ "challenge_index" : 1
+@}
+@end example
+
+Given as input the state from the example above, the expected new state would
+be:
+
+@example
+@{
+ "backup_state": "POLICIES_REVIEWING",
+ "policies": [
+ @{
+ "methods": [
+ @{
+ "authentication_method": 0,
+ "provider": "http://localhost:8089/"
+ @},
+ @{
+ "authentication_method": 1,
+ "provider": "http://localhost:8088/"
+ @}
+ ]
+ @},
+ @{
+ "methods": [
+ @{
+ "authentication_method": 0,
+ "provider": "http://localhost:8089/"
+ @}
+ ]
+ @},
+ @{
+ "methods": [
+ @{
+ "authentication_method": 1,
+ "provider": "http://localhost:8089/"
+ @},
+ @{
+ "authentication_method": 2,
+ "provider": "http://localhost:8088/"
+ @}
+ ]
+ @}
+ ]
+@}
+@end example
+
+If the index given is invalid, the reducer will transition into an @code{ERROR} state
+instead of deleting a challenge.
+
+@strong{next} (from @code{POLICIES_REVIEWING}):
+
+Using this transition, the user confirms that the policies in the current
+state are acceptable. The transition does not take any arguments.
+
+The reducer will simply transition to the @code{SECRET_EDITING} state:
+
+@example
+@{
+ "backup_state": "SECRET_EDITING",
+ "upload_fees" : [ "KUDOS:42" ],
+ "expiration" : @{ "t_ms" : 1245362362 @}
+@}
+@end example
+
+Here, @code{upload_fees} is an array of applicable upload fees for the
+given policy expiration time. This is an array because fees could
+be in different currencies. The final cost may be lower if the
+user already paid for some of the time.
+
+If the array of @code{policies} is currently empty, the reducer will transition
+into an @code{ERROR} state instead of allowing the user to continue.
+
+@strong{enter_secret:}
+
+This transition provides the reducer with the actual core @code{secret} of the user
+that Anastasis is supposed to backup (and possibly recover). The argument is
+simply the Crockford-Base32 encoded @code{value} together with its @code{mime} type, or a @code{text} field with a human-readable secret text.
+For example:
+
+@example
+@{
+ "secret": @{
+ "value": "EDJP6WK5EG50",
+ "mime" : "text/plain"
+ @},
+ "expiration" : @{ "t_ms" : 1245362362 @}
+@}
+@end example
+
+If the application is unaware of the format, it set the @code{mime} field to @code{null}.
+The @code{expiration} field is optional.
+
+The reducer remains in the @code{SECRET_EDITING} state, but now the secret and
+updated expiration time are part of the state and the cost calculations will
+be updated.
+
+@example
+@{
+ "backup_state": "SECRET_EDITING",
+ "core_secret" : @{
+ "value": "EDJP6WK5EG50",
+ "mime" : "text/plain"
+ @},
+ "expiration" : @{ "t_ms" : 1245362362 @},
+ "upload_fees" : [ "KUDOS:42" ]
+@}
+@end example
+
+@strong{clear_secret:}
+
+This transition removes the core secret from the state. It is simply a
+convenience function to undo @code{enter_secret} without providing a new value
+immediately. The transition takes no arguments. The resuting state will no
+longer have the @code{core_secret} field, and be otherwise unchanged. Calling
+@strong{clear_secret} on a state without a @code{core_secret} will result in an error.
+
+@strong{enter_secret_name:}
+
+This transition provides the reducer with a name for the core @code{secret} of the user. This name will be given to the user as a hint when seleting a recovery policy document during recovery, prior to satisfying any of the challenges. The argument simply contains the name for the secret.
+Applications that have built-in support for Anastasis MUST prefix the
+secret name with an underscore and an application-specific identifier
+registered in GANA so that they can use recognize their own backups.
+An example argument would be:
+
+@example
+@{
+ "name": "_TALERWALLET_MyPinePhone",
+@}
+@end example
+
+Here, @code{MyPinePhone} might be chosen by the user to identify the
+device that was being backed up.
+
+The reducer remains in the @code{SECRET_EDITING} state, but now the
+secret name is updated:
+
+@example
+@{
+ "secret_name" : "_TALERWALLET_MyPinePhone"
+@}
+@end example
+
+@strong{update_expiration:}
+
+This transition asks the reducer to change the desired expiration time
+and to update the associated cost. For example:
+
+@example
+@{
+ "expiration" : @{ "t_ms" : 1245362362 @}
+@}
+@end example
+
+The reducer remains in the @code{SECRET_EDITING} state, but the
+expiration time and cost calculation will be updated.
+
+@example
+@{
+ "backup_state": "SECRET_EDITING",
+ "expiration" : @{ "t_ms" : 1245362362 @},
+ "upload_fees" : [ @{ "fee": "KUDOS:43" @} ]
+@}
+@end example
+
+@strong{next} (from @code{SECRET_EDITING}):
+
+Using this transition, the user confirms that the secret and expiration
+settings in the current state are acceptable. The transition does not take any
+arguments.
+
+If the secret is currently empty, the reducer will transition into an
+@code{ERROR} state instead of allowing the user to continue.
+
+After adding a secret, the reducer may transition into different states
+depending on whether payment(s) are necessary. If payments are needed, the
+@code{secret} will be stored in the state under @code{core_secret}. Applications
+should be careful when persisting the resulting state, as the @code{core_secret}
+is not protected in the @code{PAYING} states. The @code{PAYING} states only differ
+in terms of what the payments are for (key shares or the recovery document),
+in all cases the state simply includes an array of Taler URIs that refer to
+payments that need to be made with the Taler wallet.
+
+If all payments are complete, the reducer will transition into the
+@code{BACKUP_FINISHED} state and (if applicable) delete the @code{core_secret} as an
+additional safety measure.
+
+Example results are thus:
+
+@example
+@{
+ "backup_state": "TRUTHS_PAYING",
+ "secret_name" : "$NAME",
+ "core_secret" : @{ "$anything":"$anything" @},
+ "payments": [
+ "taler://pay/...",
+ "taler://pay/..."
+ ]
+@}
+@end example
+
+@example
+@{
+ "backup_state": "POLICIES_PAYING",
+ "secret_name" : "$NAME",
+ "core_secret" : @{ "$anything":"$anything" @},
+ "payments": [
+ "taler://pay/...",
+ "taler://pay/..."
+ ]
+@}
+@end example
+
+@example
+@{
+ "backup_state": "BACKUP_FINISHED",
+@}
+@end example
+
+@strong{pay:}
+
+This transition suggests to the reducer that a payment may have been made or
+is immanent, and that the reducer should check with the Anastasis service
+provider to see if the operation is now possible. The operation takes one
+optional argument, which is a @code{timeout} value that specifies how long the
+reducer may wait (in long polling) for the payment to complete:
+
+@example
+@{
+ "timeout": @{ "d_ms" : 5000 @},
+@}
+@end example
+
+The specified timeout is passed on to the Anastasis service provider(s), which
+will wait this long before giving up. If no timeout is given, the check is
+done as quickly as possible without additional delays. The reducer will continue
+to either an updated state with the remaining payment requests, to the
+@code{BACKUP_FINISHED} state (if all payments have been completed and the backup
+finished), or into an @code{ERROR} state in case there was an irrecoverable error,
+indicating the specific provider and how it failed. An example for this
+final error state would be:
+
+@example
+@{
+ "backup_state": "ERROR",
+ "http_status" : 500,
+ "upload_status" : 52,
+ "provider_url" : "https://bad.example.com/",
+@}
+@end example
+
+Here, the fields have the following meaning:
+
+@quotation
+
+
+@itemize -
+
+@item
+@strong{http_status} is the HTTP status returned by the Anastasis provider.
+
+@item
+@strong{upload_status} is the Taler error code return by the provider.
+
+@item
+@strong{provider_url} is the base URL of the failing provider.
+@end itemize
+@end quotation
+
+In the above example, 52 would thus imply that the Anastasis provider failed to
+store information into its database.
+
+@node Recovery transitions,,Backup transitions,Reducer transitions
+@anchor{reducer recovery-transitions}@anchor{63}
+@subsubsection Recovery transitions
+
+
+@strong{enter_user_attributes:}
+
+This transition provides the user’s personal attributes. The specific set of
+attributes required depends on the country of residence of the user. Some
+attributes may be optional, in which case they should be omitted entirely
+(that is, not simply be set to @code{null} or an empty string). The
+arguments are identical to the @strong{enter_user_attributes} transition from
+the backup process. Example arguments would thus be:
+
+@example
+@{
+ "identity_attributes": @{
+ "full_name": "Max Musterman",
+ "social_security_number": "123456789",
+ "birthdate": "2000-01-01",
+ "birthplace": "Earth"
+ @}
+@}
+@end example
+
+However, in contrast to the backup process, the reducer will attempt to
+retrieve the latest recovery document from all known providers for the
+selected currency given the above inputs. If a recovery document was found
+by any provider, the reducer will attempt to load it and transition to
+a state where the user can choose which challenges to satisfy:
+
+@example
+@{
+ "recovery_state": "CHALLENGE_SELECTING",
+ "recovery_information": @{
+ "challenges": [
+ @{
+ "uuid": "MW2R3RCBZPHNC78AW8AKWRCHF9KV3Y82EN62T831ZP54S3K5599G",
+ "cost": "TESTKUDOS:0",
+ "type": "question",
+ "instructions": "q1"
+ @},
+ @{
+ "uuid": "TXYKGE1SJZHJ4M2FKSV1P2RZVNTHZFB9E3A79QE956D3SCAWXPK0",
+ "cost": "TESTKUDOS:0",
+ "type": "email",
+ "instructions": "e-mail address m?il@@f*.bar"
+ @},
+ ],
+ "policies": [
+ [
+ @{
+ "uuid": "MW2R3RCBZPHNC78AW8AKWRCHF9KV3Y82EN62T831ZP54S3K5599G"
+ @},
+ @{
+ "uuid": "TXYKGE1SJZHJ4M2FKSV1P2RZVNTHZFB9E3A79QE956D3SCAWXPK0"
+ @},
+ ],
+ ],
+ "provider_url": "http://localhost:8088/",
+ "version": 1,
+ @},
+ "recovery_document": @{
+ "...": "..."
+ @}
+@}
+@end example
+
+The @code{recovery_document} is an internal representation of the recovery
+information and of no concern to the user interface. The pertinent information
+is in the @code{recovery_information}. Here, the @code{challenges} array is a list
+of possible challenges the user could attempt to solve next, while @code{policies}
+is an array of policies, with each policy being an array of challenges.
+Satisfying all of the challenges of one of the policies will enable the secret
+to be recovered. The @code{provider_url} from where the recovery document was
+obtained and its @code{version} are also provided. Each challenge comes with
+four mandatory fields:
+
+@quotation
+
+
+@itemize -
+
+@item
+@strong{uuid}: A unique identifier of the challenge; this is what the
+UUIDs in the policies array refer to, but also this UUID may be
+included in messages sent to the user. They allow the user to
+distinguish different PIN/TANs should say the same phone number be
+used for SMS-authentication with different providers.
+
+@item
+@strong{cost}: This is the amount the Anastasis provider will charge
+to allow the user to pass the challenge.
+
+@item
+@strong{type}: This is the type of the challenge, as a string.
+
+@item
+@strong{instructions}: Contains additional important hints for the user
+to allow the user to satisfy the challenge. It typically includes
+an abbreviated form of the contact information or the security
+question. Details depend on @code{type}.
+@end itemize
+@end quotation
+
+If a recovery document was not found, either the user never performed
+a backup, entered incorrect attributes, or used a provider not yet in
+the list of Anastasis providers. Hence, the user must now either
+select a different provider, or go @code{back} and update the identity
+attributes. In the case a recovery document was not found, the
+transition fails, returning the error code and a human-readable error
+message together with a transition failure:
+
+@example
+@{
+ "recovery_state": "ERROR",
+ "error_message": "account unknown to Anastasis server",
+ "error_code": 9,
+@}
+@end example
+
+Here, the @code{error_code} is from the @code{enum ANASTASIS_RecoveryStatus}
+and describes precisely what failed about the download, while the
+@code{error_message} is a human-readable (English) explanation of the code.
+Applications may want to translate the message using GNU gettext;
+translations should be available in the @code{anastasis} text domain.
+However, in general it should be sufficient to display the slightly
+more generic Taler error code that is returned with the new state.
+
+@strong{change_version:}
+
+Even if a recovery document was found, it is possible that the user
+intended to recover a different version, or recover a backup where
+the recovery document is stored at a different provider. Thus, the
+reducer allows the user to explicitly switch to a different provider
+or recovery document version using the @code{change_version} transition,
+which takes a provider URL and policy version as arguments:
+
+@example
+@{
+ "provider_url": "https://localhost:8080/",
+ "version": 2
+@}
+@end example
+
+Note that using a version of 0 implies fetching “the latest version”. The
+resulting states are the same as those of the @code{enter_user_attributes}
+transition, except that the recovery document version is not necessarily the
+latest available version at the provider.
+
+@strong{select_challenge:}
+
+Selecting a challenge takes different, depending on the state of the payment.
+A comprehensive example for @code{select_challenge} would be:
+
+@example
+@{
+ "uuid": "80H646H5ZBR453C02Y5RT55VQSJZGM5REWFXVY0SWXY1TNE8CT30"
+ "timeout" : @{ "d_ms" : 5000 @},
+ "payment_secret": "3P4561HAMHRRYEYD6CM6J7TS5VTD5SR2K2EXJDZEFSX92XKHR4KG"
+@}
+@end example
+
+The @code{uuid} field is mandatory and specifies the selected challenge.
+The other fields are optional, and are needed in case the user has
+previously been requested to pay for the challenge. In this case,
+the @code{payment_secret} identifies the previous payment request, and
+@code{timeout} says how long the Anastasis service should wait for the
+payment to be completed before giving up (long polling).
+
+Depending on the type of the challenge and the need for payment, the
+reducer may transition into @code{CHALLENGE_SOLVING} or @code{CHALLENGE_PAYING}
+states. In @code{CHALLENGE_SOLVING}, the new state will primarily specify
+the sel