AzStackHciConnectivity/AzStackHci.Connectivity.Helpers.psm1
class HealthModel { # Attributes for Azure Monitor schema [string]$Name #Name of the individual test/rule/alert that was executed. Unique, not exposed to the customer. [string]$Title #User-facing name; one or more sentences indicating the direct issue. [string]$Severity #Severity of the result (Critical, Warning, Informational, Hidden) – this answers how important the result is. Critical is the only update-blocking severity. [string]$Description #Detailed overview of the issue and what impact the issue has on the stamp. [psobject]$Tags #Key-value pairs that allow grouping/filtering individual tests. For example, "Group": "ReadinessChecks", "UpdateType": "ClusterAware" [string]$Status #The status of the check running (i.e. Failed, Succeeded, In Progress) – this answers whether the check ran, and passed or failed. [string]$Remediation #Set of steps that can be taken to resolve the issue found. [string]$TargetResourceID #The unique identifier for the affected resource (such as a node or drive). [string]$TargetResourceName #The name of the affected resource. [string]$TargetResourceType #The type of resource being referred to (well-known set of nouns in infrastructure, aligning with Monitoring). [datetime]$Timestamp #The Time in which the HealthCheck was called. [psobject]$AdditionalData #Property bag of key value pairs for additional information. [string]$HealthCheckSource #The name of the services called for the HealthCheck (I.E. Test-AzureStack, Test-Cluster). } class AzStackHciConnectivityTarget : HealthModel { # Attribute for performing check [string[]]$EndPoint [string[]]$Protocol # Additional Attributes for end user interaction [string[]]$Service # short cut property to Service from tags [string[]]$OperationType # short cut property to Operation Type from tags [string[]]$Group # short cut property to group from tags [bool]$System # targets for system checks such as proxy traversal } #Create additional classes to help with writing/report results class Diagnostics : HealthModel {} class DnsResult : HealthModel {} class ProxyDiagnostics : HealthModel {} function Get-DnsServer { <# .SYNOPSIS Get DNS Servers .DESCRIPTION Get DNS Servers of network adapter that are up #> param ( [System.Management.Automation.Runspaces.PSSession] $PsSession ) $getDnsServersb = { $dnsServers = @() $netAdapter = Get-NetAdapter | Where-Object Status -EQ Up $dnsServer = Get-DnsClientServerAddress -InterfaceIndex $netAdapter.ifIndex -AddressFamily IPv4 $dnsServers += $dnsServer | ForEach-Object { $PSITEM.Address } | Sort-Object | Get-Unique $dnsServers } $dnsServer = if ($PsSession) { Invoke-Command -Session $PsSession -ScriptBlock $getDnsServersb } else { Invoke-Command -ScriptBlock $getDnsServersb } return $dnsServer } function Test-Dns { <# .SYNOPSIS Test DNS Resolution #> param ( [System.Management.Automation.Runspaces.PSSession] $PsSession ) $dnsServers = Get-DnsServer -PsSession $PsSession Log-Info ("DNS Servers discovered: {0}" -f ($dnsServers -join ',')) # scriptblock to test dns resolution for each dns server $testDnsSb = { $AdditionalData = @() if (-not $dnsServers) { $AdditionalData += @{ Resource = 'Missing DNS Server' Status = 'Failed' TimeStamp = Get-Date Source = $ENV:COMPUTERNAME } } else { foreach ($dnsServer in $dnsServers) { $dnsResult = $false try { $dnsResult = Resolve-DnsName -Name microsoft.com -Server $dnsServer -DnsOnly -ErrorAction SilentlyContinue -QuickTimeout -Type A } catch { $dnsResult = $_.Exception.Message } if ($dnsResult) { if ($dnsResult[0] -is [Microsoft.DnsClient.Commands.DnsRecord]) { $status = 'Succeeded' } else { $status = 'Failed' } } else { $status = 'Failed' } $AdditionalData += @{ Resource = $dnsServer Status = $status TimeStamp = Get-Date Source = $ENV:COMPUTERNAME Detail = $dnsResult } } } $AdditionalData } # run scriptblock $testDnsServer = if ($PsSession) { Invoke-Command -Session $PsSession -ScriptBlock $testDnsSb } else { Invoke-Command -ScriptBlock $testDnsSb } # build result $now = Get-Date $TargetComputerName = if ($PsSession.PSComputerName) { $PsSession.PSComputerName } else { $ENV:COMPUTERNAME } $aggregateStatus = if ($testDnsServer.Status -contains 'Succeeded') { 'Succeeded' } else { 'Failed' } $testDnsResult = New-Object -Type DnsResult -Property @{ Name = 'AzStackHci_Connectivity_Test_Dns' Title = 'Test DNS' Severity = 'Critical' Description = 'Test DNS Resolution' Tags = $null Remediation = 'https://aka.ms/hci-connect-chk' TargetResourceID = 'c644bad4-044d-4066-861d-ceb93b64f046' TargetResourceName = "Test_DNS_$TargetComputerName" TargetResourceType = 'DNS' Timestamp = $now Status = $aggregateStatus AdditionalData = $testDnsServer HealthCheckSource = ((Get-PSCallStack)[-1].Command) } return $testDnsResult } function Get-AzStackHciConnectivityServiceName { <# .SYNOPSIS Retrieve Services from built target packs .DESCRIPTION Retrieve Services from built target packs .EXAMPLE PS C:\> Get-AzStackHciServices Explanation of what the example does .INPUTS Service .OUTPUTS PSObject .NOTES #> [CmdletBinding()] param ( [Parameter(Mandatory = $false)] [string[]] $Service, [Parameter(Mandatory = $false)] [switch] $IncludeSystem ) try { Get-AzStackHciConnectivityTarget -IncludeSystem:$IncludeSystem | Select-Object -ExpandProperty Service | Sort-Object | Get-Unique } catch { throw "Failed to get services names. Error: $($_.Exception.Message)" } } function Get-AzStackHciConnectivityOperationName { <# .SYNOPSIS Retrieve Operation Types from built target packs .DESCRIPTION Retrieve Operation Types from built target packs e.g. Deployment, Update, Secret Rotation. .EXAMPLE PS C:\> Get-AzStackHciConnectivityOperationName Explanation of what the example does .INPUTS Service .OUTPUTS PSObject .NOTES #> [CmdletBinding()] param ( [Parameter(Mandatory = $false)] [string] $OperationType ) try { Get-AzStackHciConnectivityTarget | Select-Object -ExpandProperty OperationType | Sort-Object | Get-Unique } catch { throw "Failed to get services names. Error: $($_.Exception.Message)" } } function Get-AzStackHciConnectivityTarget { <# .SYNOPSIS Retrieve Endpoints from built target packs .DESCRIPTION Retrieve Endpoints from built target packs .EXAMPLE PS> Get-AzStackHciConnectivityTarget Get all connectivity targets .EXAMPLE Get-AzStackHciConnectivityTarget -Service ARC | ft Name, Title, Service, OperationType -AutoSize Get all ARC connectivity targets .EXAMPLE PS> Get-AzStackHciConnectivityTarget -Service ARC -OperationType Workload | ft Name, Title, Service, OperationType -AutoSize Get all ARC targets for workloads .EXAMPLE PS> Get-AzStackHciConnectivityTarget -OperationType Workload | ft Name, Title, Service, OperationType -AutoSize Get all targets for workloads .EXAMPLE PS> Get-AzStackHciConnectivityTarget -OperationType ARC -OperationType Update -Additive | ft Name, Title, Service, OperationType -AutoSize Get all ARC targets and all targets for Update .INPUTS Service - String array OperationType - String array Additive - Switch .OUTPUTS PSObject .NOTES #> [CmdletBinding()] param ( [Parameter(Mandatory = $false)] [string[]] $Service, [Parameter(Mandatory = $false)] [string[]] $OperationType, [Parameter(Mandatory = $false)] [switch] $Additive, [Parameter(Mandatory = $false)] [switch] $IncludeSystem ) try { Import-AzStackHciConnectivityTarget $executionTargets = @() # Additive allows the user to "-OR" their parameter values if ($Additive) { Log-Info -Message "Getting targets additively" if (-not [string]::IsNullOrEmpty($Service)) { Log-Info -Message ("Getting targets by Service: {0}" -f ($Service -join ',')) foreach ($svc in $Service) { $executionTargets += $Script:AzStackHciConnectivityTargets | Where-Object { $svc -in $_.Service } } } if (-not [string]::IsNullOrEmpty($OperationType)) { Log-Info -Message ("Getting targets by Operation Type: {0}" -f ($OperationType -join ',')) foreach ($Op in $OperationType) { $executionTargets += $Script:AzStackHciConnectivityTargets | Where-Object { $Op -in $_.OperationType } } } if ([string]::IsNullOrEmpty($OperationType) -and [string]::IsNullOrEmpty($Service)) { $executionTargets += $Script:AzStackHciConnectivityTargets } } else { if ([string]::IsNullOrEmpty($OperationType) -and [string]::IsNullOrEmpty($Service)) { $executionTargets += $Script:AzStackHciConnectivityTargets } elseif (-not [string]::IsNullOrEmpty($Service) -and [string]::IsNullOrEmpty($OperationType)) { Log-Info -Message ("Getting targets by Service: {0}" -f ($Service -join ',')) foreach ($svc in $Service) { $executionTargets += $Script:AzStackHciConnectivityTargets | Where-Object { $svc -in $_.Service } } } elseif (-not [string]::IsNullOrEmpty($OperationType) -and [string]::IsNullOrEmpty($Service)) { Log-Info -Message ("Getting targets by Operation Type: {0}" -f ($OperationType -join ',')) foreach ($Op in $OperationType) { $executionTargets += $Script:AzStackHciConnectivityTargets | Where-Object { $Op -in $_.OperationType } } } else { Log-Info -Message ("Getting targets by Operation Type: {0} and Service: {1}" -f ($OperationType -join ','), ($Service -join ',')) $executionTargetsByOp = @() foreach ($Op in $OperationType) { $executionTargetsByOp += $Script:AzStackHciConnectivityTargets | Where-Object { $Op -in $_.OperationType } } foreach ($svc in $Service) { $executionTargets += $executionTargetsByOp | Where-Object { $svc -in $_.Service } } } } if ($IncludeSystem) { return $executionTargets } else { return ($executionTargets | Where-Object Service -NotContains 'System') } } catch { throw "Get failed: $($_.exception)" } } function Import-AzStackHciConnectivityTarget { <# .SYNOPSIS Retrieve Endpoints from built target packs .DESCRIPTION Retrieve Endpoints from built target packs .EXAMPLE PS C:\> Import-AzStackHciConnectivityTarget Explanation of what the example does .INPUTS URI .OUTPUTS PSObject .NOTES #> [CmdletBinding()] param () try { $Script:AzStackHciConnectivityTargets = @() $targetFiles = Get-ChildItem -Path "$PSScriptRoot\Targets\*.json" | Select-Object -ExpandProperty FullName Write-Verbose ("Importing {0}" -f ($targetFiles -join ',')) ForEach ($targetFile in $targetFiles) { try { # TO DO - Add validations: # - protocol should not contain :// $targetPackContent = Get-Content -Path $targetFile | ConvertFrom-Json -WarningAction SilentlyContinue foreach ($target in $targetPackContent) { #Set Name of the individual test/rule/alert that was executed. Unique, not exposed to the customer. $target | Add-Member -MemberType NoteProperty -Name Name -Value ("AzStackHci_Connectivity_{0}" -f $Target.TargetResourceName) $target | Add-Member -MemberType NoteProperty -Name HealthCheckSource -Value ((Get-PSCallStack).Command -join '\') $target | Add-Member -MemberType NoteProperty -Name Service -Value $Target.Tags.Service $target | Add-Member -MemberType NoteProperty -Name OperationType -Value $Target.Tags.OperationType $target | Add-Member -MemberType NoteProperty -Name Group -Value $Target.Tags.Group # TO DO: Determine the proper use of TargetResourceID $target.TargetResourceID = (New-Guid).Guid.ToString() $Script:AzStackHciConnectivityTargets += [AzStackHciConnectivityTarget]$target } } catch { Log-Info -Message -Type Warning -Message ("Unable to read {0}. Error: {1}" -f (Split-Path -Path $targetFile -Leaf), $_.Exception.Message) } } } catch { throw "Import failed: $($_.exception)" } } function Get-CloudEndpointFromManifest { <# .SYNOPSIS Retrieve Endpoints to test from Cloud Manifest .DESCRIPTION Retrieve Endpoints to test from Cloud Manifest .EXAMPLE PS C:\> Get-CloudEndpointFromManifest -Uri Explanation of what the example does .INPUTS URI .OUTPUTS Output (if any) .NOTES URL: https://docs.microsoft.com/en-us/javascript/api/@azure/arm-azurestack/cloudmanifestfile?view=azure-node-preview #> [CmdletBinding()] param ( [Parameter()] [System.Uri] $Uri ) throw "Not implemented" } function Get-SystemProxy { <# .SYNOPSIS Get Proxy set on system .DESCRIPTION Get Proxy set on system .EXAMPLE PS C:\> Get-SystemProxy Explanation of what the example does .OUTPUTS Output (if any) .NOTES #> [CmdletBinding()] param () throw "Not implemented" } function Get-SigningRootThumbprint { <# .SYNOPSIS Get signing root for https endpoint .DESCRIPTION Get signing root for https endpoint .EXAMPLE PS C:\> Get-SigningRoot -uri MicrosoftOnline.com Explanation of what the example does .INPUTS URI .OUTPUTS Output (if any) .NOTES #> [CmdletBinding()] param ( [Parameter()] [System.Uri] $Uri, [Parameter()] [System.Management.Automation.Runspaces.PSSession] $PsSession, [Parameter()] [string] $Proxy, [Parameter()] [pscredential] $proxyCredential ) try { $sb = { $uri = $args[0] $proxy = $args[1] $proxyCredential = $args[2] function Get-SslCertificateChain { <# .SYNOPSIS Retrieve remote ssl certificate & chain from https endpoint for Desktop and Core .NOTES Credit: https://github.com/markekraus #> [CmdletBinding()] param ( [system.uri] $url, [Parameter()] [string] $Proxy, [Parameter()] [pscredential] $ProxyCredential ) try { $cs = @' using System; using System.Collections.Generic; using System.Net.Http; using System.Net.Security; using System.Security.Cryptography.X509Certificates; namespace CertificateCapture { public class Utility { public static Func<HttpRequestMessage,X509Certificate2,X509Chain,SslPolicyErrors,Boolean> ValidationCallback = (message, cert, chain, errors) => { CapturedCertificates.Clear(); var newCert = new X509Certificate2(cert); var newChain = new X509Chain(); newChain.Build(newCert); CapturedCertificates.Add(new CapturedCertificate(){ Certificate = newCert, CertificateChain = newChain, PolicyErrors = errors, URI = message.RequestUri }); return true; }; public static List<CapturedCertificate> CapturedCertificates = new List<CapturedCertificate>(); } public class CapturedCertificate { public X509Certificate2 Certificate { get; set; } public X509Chain CertificateChain { get; set; } public SslPolicyErrors PolicyErrors { get; set; } public Uri URI { get; set; } } } '@ if ($PSEdition -ne 'Core') { Add-Type -AssemblyName System.Net.Http Add-Type $cs -ReferencedAssemblies System.Net.Http } else { Add-Type $cs } $Certs = [CertificateCapture.Utility]::CapturedCertificates $Handler = [System.Net.Http.HttpClientHandler]::new() if ($Proxy) { $Handler.Proxy = New-Object System.Net.WebProxy($proxy) if ($proxyCredential) { $Handler.DefaultProxyCredentials = $ProxyCredential } } $Handler.ServerCertificateCustomValidationCallback = [CertificateCapture.Utility]::ValidationCallback $Client = [System.Net.Http.HttpClient]::new($Handler) $null = $Client.GetAsync($url).Result return $Certs.CertificateChain } catch { throw $_ } } $chain = Get-SslCertificateChain -Url $Uri -Proxy $Proxy -ProxyCredential $ProxyCredential if ($chain.ChainElements.Certificate.Count -le 1) { throw ("Unexpected certificate chain in response. Expected 2 or more certificates in chain, found {0}. {1}" -f $chain.ChainElements.Certificate.Count, ` ($chain.ChainElements.Certificate | ForEach-Object { "Thumbprint: {0}, Subject: {1}, Issuer: {2}" -f $_.Thumbprint, $_.Subject, $_.Issuer })) } $Thumbprint = $chain.ChainElements.Certificate | Where-Object { $_.Subject -eq $_.Issuer } | Select-Object -ExpandProperty Thumbprint if ($Thumbprint.Count -ne 1) { throw "Expected 1 thumbprint from Certificate Chain Root" } return $Thumbprint } $thumbprint = if ($PsSession) { Invoke-Command -Session $PsSession -ScriptBlock $sb -ArgumentList $Uri, $Proxy, $ProxyCredential } else { Invoke-Command -ScriptBlock $sb -ArgumentList $Uri, $Proxy, $ProxyCredential } return $thumbprint } catch { throw $_ } } function Test-RootCA { <# .SYNOPSIS Short description .DESCRIPTION Long description .EXAMPLE PS C:\> <example usage> Explanation of what the example does .INPUTS Inputs (if any) .OUTPUTS Output (if any) .NOTES General notes #> param( [Parameter()] [System.Management.Automation.Runspaces.PSSession] $PsSession, [Parameter()] [string] $Proxy, [Parameter()] [pscredential] $ProxyCredential ) try { if ($Script:AzStackHciConnectivityTargets) { $rootCATarget = $Script:AzStackHciConnectivityTargets | Where-Object TargetResourceName -EQ System_RootCA if ($rootCATarget.count -ne 1) { throw "Expected 1 System_RootCA, found $($rootCATarget.count)" } $rootCATargetUrl = ("{0}://{1}" -f ($rootCATarget.Protocol | Select-Object -First 1), ($rootCATarget.EndPoint | Select-Object -First 1)) Log-Info "Testing root CA for $rootCATargetUrl" $thumbprint = Get-SigningRootThumbprint -Uri $rootCATargetUrl -PsSession $PsSession -Proxy $Proxy -ProxyCredential $ProxyCredential if ($thumbprint -in $rootCATarget.Tags.RootCAThumbprint) { $rootCATarget.Status = 'Succeeded' } else { $rootCATarget.Status = 'Failed' Log-Info "Expected (one of) RootCA thumbprint $($rootCATarget.Tags.RootCAThumbprint -join ','). Actual $thumbprint. SSL decryption and re-encryption detected." -Type Error } $rootCATarget.AdditionalData = New-Object -TypeName PSObject -Property @{ Source = if ([string]::IsNullOrEmpty($PsSession.ComputerName)) { [System.Net.Dns]::GetHostName() } else { $PsSession.ComputerName } Resource = $rootCATargetUrl Protocol = $rootCATarget.Protocol Status = $rootCATarget.Status Detail = "Expected RootCA thumbprint $($rootCATarget.Tags.RootCAThumbprint). Actual $thumbprint. SSL decryption and re-encryption detected." TimeStamp = [datetime]::UtcNow } return $rootCATarget } else { throw "No AzStackHciConnectivityTargets" } } catch { Log-Info "Test-RootCA failed with error: $($_.exception.message)" } } function Invoke-WebRequestEx { <# .SYNOPSIS Get Connectivity via Invoke-WebRequest .DESCRIPTION Get Connectivity via Invoke-WebRequest, supporting proxy .EXAMPLE PS C:\> Invoke-WebRequestEx -Target $Target Explanation of what the example does .INPUTS URI .OUTPUTS Output (if any) .NOTES #> [CmdletBinding()] param ( [Parameter()] [psobject] $Target, [Parameter()] [System.Management.Automation.Runspaces.PSSession[]] $PsSession, [Parameter()] [string] $Proxy, [Parameter()] [pscredential] $ProxyCredential ) $ScriptBlock = { $target = $args[0] $Proxy = $args[1] $ProxyCredential = $args[2] $failedTarget = $false $target.TimeStamp = [datetime]::UtcNow $AdditionalData = @() $timeoutSecondsDefault = 10 if ([string]::IsNullOrEmpty($Target.Tags.TimeoutSecs)) { $timeout = $timeoutSecondsDefault } else { $timeout = $Target.Tags.TimeoutSecs } foreach ($uri in $Target.EndPoint) { foreach ($p in $Target.Protocol) { # TO DO handle wildcards $invokeParams = @{ Uri = "{0}://{1}" -f $p, $Uri.Replace('*', 'www') UseBasicParsing = $true Timeout = $timeout ErrorAction = 'SilentlyContinue' } if (-not [string]::IsNullOrEmpty($Proxy)) { $invokeParams += @{ Proxy = $Proxy } } if (-not [string]::IsNullOrEmpty($ProxyCredential)) { $invokeParams += @{ ProxyCredential = $ProxyCredential } } try { $ProgressPreference = 'SilentlyContinue' $stopwatch = [System.Diagnostics.Stopwatch]::new() $Stopwatch.Start() $result = Invoke-WebRequest @invokeParams $Stopwatch.Stop() $StatusCode = $result.StatusCode } catch { $webResponse = $_.Exception.Response if ($webResponse) { try { $StatusCode = $webResponse.StatusCode.value__ $headers = @{} $content = [System.Text.Encoding]::UTF8.GetString($webResponse.GetResponseStream().ToArray()) foreach ($header in $webResponse.Headers) { $headers.$header = $webResponse.GetResponseHeader($header) } if ($webResponse.ContentType -eq 'application/json') { $content = ConvertFrom-Json -InputObject $content -WarningAction SilentlyContinue } } catch {} } else { $statusCode = $_.Exception.Message } # if proxy is not null # check the responseuri matches a proxy set the status code to the exception # so ps5 behaves similar to ps7 $ProxyLookup = [Regex]::Escape($Proxy) if (-not [string]::IsNullOrEmpty($Proxy) -and $webResponse.ResponseUri.OriginalString -match $ProxyLookup) { $statusCode = $_.Exception.Message } } finally { $ProgressPreference = 'Continue' } if ($StatusCode -isnot [int]) { $failedTarget = $true } $source = if ([string]::IsNullOrEmpty($PsSession.ComputerName)) { [System.Net.Dns]::GetHostName() } else { $PsSession.ComputerName } if (-not [string]::IsNullOrEmpty($Proxy)) { $source = $source + "($Proxy)" } $AdditionalData += New-Object -TypeName PSObject -Property @{ Source = $source Resource = $invokeParams.uri Protocol = $p Status = if ($StatusCode -is [int]) { "Succeeded" } else { "Failed" } TimeStamp = [datetime]::UtcNow StatusCode = $StatusCode MilliSeconds = $Stopwatch.Elapsed.Milliseconds } } } if ($failedTarget) { $target.Status = 'Failed' Log-Info "$($target.Title) failed:" } else { $target.Status = 'Succeeded' Log-Info "$($target.Title) succeeded:" } $AdditionalData | ForEach-Object { Log-Info ("Endpoint detail {0}: {1}, {2}" -f $_.Status, $_.Resource, $_.StatusCode) } $Target.AdditionalData = $AdditionalData $Target.HealthCheckSource = ((Get-PSCallStack)[-1].Command) return $Target } $sessionArgs = @() if ($Target) { $sessionArgs += $Target } if ($Proxy) { $sessionArgs += $Proxy } if ($ProxyCredential) { $sessionArgs += $ProxyCredential } if ($PsSession) { Invoke-Command -Session $PsSession -ScriptBlock $ScriptBlock -ArgumentList $sessionArgs } else { Invoke-Command -ScriptBlock $ScriptBlock -ArgumentList $sessionArgs } } function Invoke-TestNetConnection { <# .SYNOPSIS Get endpoint via Test-NetConnection .DESCRIPTION Get endpoint via Test-NetConnection, quicker simplier proxy-less check. .EXAMPLE PS C:\> Invoke-TestNetConnection -Target $Target Explanation of what the example does .INPUTS URI .OUTPUTS Output (if any) .NOTES #> [CmdletBinding()] param ( [Parameter()] [psobject] $Target, [Parameter()] [System.Management.Automation.Runspaces.PSSession[]] $PsSession ) try { $ProgressPreference = 'SilentlyContinue' $target.TimeStamp = [datetime]::UtcNow $Target.HealthCheckSource = ((Get-PSCallStack)[-1].Command) # Create ScriptBlock $scriptBlock = { $Target = $args[0] $AdditionalData = @() $failedTarget = $false foreach ($endPoint in $Target.EndPoint) { foreach ($p in $Target.Protocol) { # Run check # TO DO remove wildcard $uri = [system.uri]("{0}://{1}" -f $p, $endPoint.Replace('*', 'wildcardsdontwork')) $tncParams = @{ ComputerName = $uri.Host Port = $Uri.Port WarningAction = 'SilentlyContinue' WarningVariable = 'warnVar' ErrorAction = 'SilentlyContinue' ErrorVariable = 'ErrorVar' } $tncResult = Test-NetConnection @tncParams # Write/Clean errors $tncResult | Add-Member -NotePropertyName Warnings -NotePropertyValue $warnVar -Force -ErrorAction SilentlyContinue $tncResult | Add-Member -NotePropertyName Errors -NotePropertyValue $errorVar -Force -ErrorAction SilentlyContinue Clear-Variable warnVar, errorVar -Force -ErrorAction SilentlyContinue # Write result $AdditionalData += New-Object -TypeName PSObject -Property @{ Source = [System.Net.Dns]::GetHostName() Resource = $uri.OriginalString Protocol = $p Status = if ($tncResult.TcpTestSucceeded) { "Succeeded" } else { "Failed" } TimeStamp = [datetime]::UtcNow } if ($tncResult.TcpTestSucceeded -eq $false) { $target.Status = 'Failed' $failedTarget = $true } } } $AdditionalData | ForEach-Object { Log-Info ("{0}: {1}" -f $_.Status, $_.Resource) } $target.AdditionalData = $AdditionalData if ($failedTarget) { $target.Status = 'Failed' } else { $target.Status = 'Succeeded' } return $target } # Run Invoke-Command $icmParam = @{ ScriptBlock = $scriptBlock ArgumentList = $Target } if ($PsSession) { $icmParam += @{ Session = $PsSession } } Invoke-Command @icmParam } catch { throw $_ } finally { $ProgressPreference = 'Continue' } } function Get-ProxyDiagnostics { param( [Parameter()] [System.Management.Automation.Runspaces.PSSession] $PsSession, [Parameter()] [string] $Proxy ) Log-Info "Gathering proxy diagnostics" $proxyConfigs = @() if (-not [string]::IsNullOrEmpty($Proxy)) { $proxyConfigs += Test-ProxyServer -PsSession $PsSession -Proxy $Proxy } $proxyConfigs += Get-WinHttp -PsSession $PsSession $proxyConfigs += Get-ProxyEnvironmentVariable -PsSession $PsSession $proxyConfigs += Get-IEProxy -PsSession $PsSession Log-Info ("Proxy details: {0}" -f $(($proxyConfigs | ConvertTo-Json -Depth 20) -replace "`r`n", '')) return $proxyConfigs } function Test-ProxyServer { param( [Parameter()] [System.Management.Automation.Runspaces.PSSession] $PsSession, [Parameter()] [string] $Proxy ) Log-Info "Testing User specified Proxy" $userProxy = $Script:AzStackHciConnectivityTargets | Where-Object TargetResourceName -EQ System_User_Proxy $UserProxyUri = [system.uri]$Proxy $userProxy.EndPoint = "{0}:{1}" -f $UserProxyUri.Host, $UserProxyUri.Port $userProxy.Protocol = $UserProxyUri.Scheme $UserProxyResult = Invoke-WebRequestEx -Target $userProxy -PsSession $PsSession return $UserProxyResult } function Get-WinHttp { param( [Parameter()] [System.Management.Automation.Runspaces.PSSession] $PsSession ) Log-Info "Gathering WinHttp Proxy settings" $netshSb = { #$netsh = netsh winhttp show proxy @{ Source = $ENV:COMPUTERNAME Resource = netsh winhttp show proxy Status = 'Succeeded' } } $netsh = if ($PsSession) { Invoke-Command -Session $PsSession -ScriptBlock $netshSb $TargetResourceName = "WinHttp_Proxy_$($PsSession.ComputerName)" } else { Invoke-Command -ScriptBlock $netshSb $TargetResourceName = "WinHttp_Proxy_$($ENV:COMPUTERNAME)" } $winHttpProxy = New-Object -Type ProxyDiagnostics -Property @{ Name = 'AzStackHci_Connectivity_Collect_Proxy_Diagnostics_winHttp' Title = 'WinHttp Proxy Settings' Severity = 'Informational' Description = 'Collects proxy configuration for WinHttp' Tags = $null TargetResourceID = '767c0b95-a3c9-43dd-b112-76dff50f2c75' TargetResourceName = $TargetResourceName TargetResourceType = 'Proxy_Setting' Timestamp = Get-Date Status = 'Succeeded' AdditionalData = @{ source = $netsh.Source resource = if ($netsh.resource -like '*Direct access (no proxy server)*') { '<Not configured>' } else { [string]$netsh.resource -replace "`r`n", "" -replace 'Current WinHTTP proxy settings:', '' -replace ' ', '' } status = if ([string]::IsNullOrEmpty($netsh.status)) { 'Failed' } else { 'Succeeded' } detail = $netsh.resource } HealthCheckSource = ((Get-PSCallStack)[-1].Command) } return $winHttpProxy } function Get-ProxyEnvironmentVariable { <# .SYNOPSIS Get signing root for https endpoint .DESCRIPTION Get signing root for https endpoint .EXAMPLE PS C:\> Get-SigningRoot -uri MicrosoftOnline.com Explanation of what the example does .INPUTS URI .OUTPUTS Output (if any) .NOTES #> param ( [Parameter()] [System.Management.Automation.Runspaces.PSSession] $PsSession ) Log-Info "Gathering Proxy settings from environment variables" $envProxySb = { Foreach ($num in 0..2) { Foreach ($varName in 'https_proxy', 'http_proxy') { $environmentValue = [System.Environment]::GetEnvironmentVariable("$varName", $num) $scope = switch ($num) { 2 { 'machine' } 1 { 'user' } 0 { 'process' } } @{ Source = "{0}_{1}_{2}" -f $ENV:COMPUTERNAME, $varName, $scope Resource = if ($environmentValue) { $environmentValue } else { '<Not configured>' } Status = 'Succeeded' } } } } $EnvironmentProxyOutput = if ($PsSession) { Invoke-Command -Session $PsSession -ScriptBlock $envProxySb $TargetResourceName = "Environment_Proxy_$($PsSession.ComputerName)" $Source = $PsSession.ComputerName } else { Invoke-Command -ScriptBlock $envProxySb $TargetResourceName = "Environment_Proxy_$($ENV:COMPUTERNAME)" $Source = $ENV:COMPUTERNAME } $EnvProxy = New-Object -Type ProxyDiagnostics -Property @{ Name = 'AzStackHci_Connectivity_Collect_Proxy_Diagnostics_Environment' Title = 'Environment Proxy Settings' Severity = 'Informational' Description = 'Collects proxy configuration from environment variables' Tags = $null TargetResourceID = 'cb019485-676c-4c7d-98a8-fde6e5f35dfb' TargetResourceName = $TargetResourceName TargetResourceType = 'Proxy_Setting' Timestamp = Get-Date Status = 'Succeeded' AdditionalData = $EnvironmentProxyOutput HealthCheckSource = ((Get-PSCallStack)[-1].Command) } return $EnvProxy } function Get-IEProxy { <# .SYNOPSIS Get signing root for https endpoint .DESCRIPTION Get signing root for https endpoint .EXAMPLE PS C:\> Get-SigningRoot -uri MicrosoftOnline.com Explanation of what the example does .INPUTS URI .OUTPUTS Output (if any) .NOTES [System.Net.WebProxy]::GetDefaultProxy() Address : BypassProxyOnLocal : False BypassList : {} Credentials : UseDefaultCredentials : False BypassArrayList : {} #> [CmdletBinding()] param ( [Parameter()] [System.Management.Automation.Runspaces.PSSession] $PsSession ) Log-Info "Gathering IE Proxy settings" $ieProxySb = { $ErrorActionPreference = 'SilentlyContinue' if ($PSVersionTable['Platform'] -eq 'Win32NT' -or $PSVersionTable['PSEdition'] -eq 'Desktop' ) { $IeProxySettings = Get-ItemProperty -Path 'HKCU:\Software\Microsoft\Windows\CurrentVersion\Internet Settings' | Select-Object ProxyServer, ProxyEnable @{ Source = "$($ENV:COMPUTERNAME)" Resource = if ([string]::IsNullOrEmpty($IeProxySettings.ProxyServer) -and $IeProxySettings.ProxyEnable -eq 0) { '<Not configured>' } else { "{0} (Enabled:{1})" -f $IeProxySettings.ProxyServer, $IeProxySettings.ProxyEnable } Detail = $IeProxySettings Status = 'Succeeded' } } } $AdditionalData = if ($PsSession) { Invoke-Command -Session $PsSession -ScriptBlock $ieProxySb $TargetResourceName = "IE_Proxy_$($PsSession.ComputerName)" } else { Invoke-Command -ScriptBlock $ieProxySb $TargetResourceName = "IE_Proxy_$($ENV:COMPUTERNAME)" } if (-not $AdditionalData) { Log-Info "No IE Proxy settings available" return $null } else { $ieProxy = New-Object -Type ProxyDiagnostics -Property @{ Name = 'AzStackHci_Connectivity_Collect_Proxy_Diagnostics_IEProxy' Title = 'IE Proxy Settings' Severity = 'Informational' Description = 'Collects Proxy configuration from IE' Tags = $null TargetResourceID = 'fe961ba6-295d-4880-82aa-2dd7322658d5' TargetResourceName = $TargetResourceName TargetResourceType = 'Proxy_Setting' Timestamp = Get-Date Status = 'Succeeded' AdditionalData = $AdditionalData HealthCheckSource = ((Get-PSCallStack)[-1].Command) } return $ieProxy } } function Write-FailedUrls { [CmdletBinding()] param ( $result ) if (-not [string]::IsNullOrEmpty($Global:AzStackHciEnvironmentLogFile)) { $file = Join-Path -Path (Split-Path $Global:AzStackHciEnvironmentLogFile -Parent) -ChildPath FailedUrls.txt } $failedUrls = $result.AdditionalData | Where-Object Status -NE Succeeded | Select-Object -ExpandProperty Resource if ($failedUrls.count -gt 0) { Log-Info ("[Over]Writing {0} to {1}" -f ($failedUrls -split ','), $file) $failedUrls | Out-File $file -Force Log-Info "`nFailed Urls log: $file" -ConsoleOut } } # SIG # Begin signature block # MIInsQYJKoZIhvcNAQcCoIInojCCJ54CAQExDzANBglghkgBZQMEAgEFADB5Bgor # BgEEAYI3AgEEoGswaTA0BgorBgEEAYI3AgEeMCYCAwEAAAQQH8w7YFlLCE63JNLG # KX7zUQIBAAIBAAIBAAIBAAIBADAxMA0GCWCGSAFlAwQCAQUABCDlBUuMTrRAhvMe # PPjcpFCfu15zbsMSdhIAomB2N/b2aKCCDYUwggYDMIID66ADAgECAhMzAAACzfNk # v/jUTF1RAAAAAALNMA0GCSqGSIb3DQEBCwUAMH4xCzAJBgNVBAYTAlVTMRMwEQYD # VQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNy # b3NvZnQgQ29ycG9yYXRpb24xKDAmBgNVBAMTH01pY3Jvc29mdCBDb2RlIFNpZ25p # bmcgUENBIDIwMTEwHhcNMjIwNTEyMjA0NjAyWhcNMjMwNTExMjA0NjAyWjB0MQsw # CQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9u # ZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMR4wHAYDVQQDExVNaWNy # b3NvZnQgQ29ycG9yYXRpb24wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB # AQDrIzsY62MmKrzergm7Ucnu+DuSHdgzRZVCIGi9CalFrhwtiK+3FIDzlOYbs/zz # HwuLC3hir55wVgHoaC4liQwQ60wVyR17EZPa4BQ28C5ARlxqftdp3H8RrXWbVyvQ # aUnBQVZM73XDyGV1oUPZGHGWtgdqtBUd60VjnFPICSf8pnFiit6hvSxH5IVWI0iO # nfqdXYoPWUtVUMmVqW1yBX0NtbQlSHIU6hlPvo9/uqKvkjFUFA2LbC9AWQbJmH+1 # uM0l4nDSKfCqccvdI5l3zjEk9yUSUmh1IQhDFn+5SL2JmnCF0jZEZ4f5HE7ykDP+ # oiA3Q+fhKCseg+0aEHi+DRPZAgMBAAGjggGCMIIBfjAfBgNVHSUEGDAWBgorBgEE # AYI3TAgBBggrBgEFBQcDAzAdBgNVHQ4EFgQU0WymH4CP7s1+yQktEwbcLQuR9Zww # VAYDVR0RBE0wS6RJMEcxLTArBgNVBAsTJE1pY3Jvc29mdCBJcmVsYW5kIE9wZXJh # dGlvbnMgTGltaXRlZDEWMBQGA1UEBRMNMjMwMDEyKzQ3MDUzMDAfBgNVHSMEGDAW # gBRIbmTlUAXTgqoXNzcitW2oynUClTBUBgNVHR8ETTBLMEmgR6BFhkNodHRwOi8v # d3d3Lm1pY3Jvc29mdC5jb20vcGtpb3BzL2NybC9NaWNDb2RTaWdQQ0EyMDExXzIw # MTEtMDctMDguY3JsMGEGCCsGAQUFBwEBBFUwUzBRBggrBgEFBQcwAoZFaHR0cDov # L3d3dy5taWNyb3NvZnQuY29tL3BraW9wcy9jZXJ0cy9NaWNDb2RTaWdQQ0EyMDEx # XzIwMTEtMDctMDguY3J0MAwGA1UdEwEB/wQCMAAwDQYJKoZIhvcNAQELBQADggIB # AE7LSuuNObCBWYuttxJAgilXJ92GpyV/fTiyXHZ/9LbzXs/MfKnPwRydlmA2ak0r # GWLDFh89zAWHFI8t9JLwpd/VRoVE3+WyzTIskdbBnHbf1yjo/+0tpHlnroFJdcDS # MIsH+T7z3ClY+6WnjSTetpg1Y/pLOLXZpZjYeXQiFwo9G5lzUcSd8YVQNPQAGICl # 2JRSaCNlzAdIFCF5PNKoXbJtEqDcPZ8oDrM9KdO7TqUE5VqeBe6DggY1sZYnQD+/ # LWlz5D0wCriNgGQ/TWWexMwwnEqlIwfkIcNFxo0QND/6Ya9DTAUykk2SKGSPt0kL # tHxNEn2GJvcNtfohVY/b0tuyF05eXE3cdtYZbeGoU1xQixPZAlTdtLmeFNly82uB # VbybAZ4Ut18F//UrugVQ9UUdK1uYmc+2SdRQQCccKwXGOuYgZ1ULW2u5PyfWxzo4 # BR++53OB/tZXQpz4OkgBZeqs9YaYLFfKRlQHVtmQghFHzB5v/WFonxDVlvPxy2go # a0u9Z+ZlIpvooZRvm6OtXxdAjMBcWBAsnBRr/Oj5s356EDdf2l/sLwLFYE61t+ME # iNYdy0pXL6gN3DxTVf2qjJxXFkFfjjTisndudHsguEMk8mEtnvwo9fOSKT6oRHhM # 9sZ4HTg/TTMjUljmN3mBYWAWI5ExdC1inuog0xrKmOWVMIIHejCCBWKgAwIBAgIK # YQ6Q0gAAAAAAAzANBgkqhkiG9w0BAQsFADCBiDELMAkGA1UEBhMCVVMxEzARBgNV # BAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jv # c29mdCBDb3Jwb3JhdGlvbjEyMDAGA1UEAxMpTWljcm9zb2Z0IFJvb3QgQ2VydGlm # aWNhdGUgQXV0aG9yaXR5IDIwMTEwHhcNMTEwNzA4MjA1OTA5WhcNMjYwNzA4MjEw # OTA5WjB+MQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UE # BxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSgwJgYD # VQQDEx9NaWNyb3NvZnQgQ29kZSBTaWduaW5nIFBDQSAyMDExMIICIjANBgkqhkiG # 9w0BAQEFAAOCAg8AMIICCgKCAgEAq/D6chAcLq3YbqqCEE00uvK2WCGfQhsqa+la # UKq4BjgaBEm6f8MMHt03a8YS2AvwOMKZBrDIOdUBFDFC04kNeWSHfpRgJGyvnkmc # 6Whe0t+bU7IKLMOv2akrrnoJr9eWWcpgGgXpZnboMlImEi/nqwhQz7NEt13YxC4D # dato88tt8zpcoRb0RrrgOGSsbmQ1eKagYw8t00CT+OPeBw3VXHmlSSnnDb6gE3e+ # lD3v++MrWhAfTVYoonpy4BI6t0le2O3tQ5GD2Xuye4Yb2T6xjF3oiU+EGvKhL1nk # kDstrjNYxbc+/jLTswM9sbKvkjh+0p2ALPVOVpEhNSXDOW5kf1O6nA+tGSOEy/S6 # A4aN91/w0FK/jJSHvMAhdCVfGCi2zCcoOCWYOUo2z3yxkq4cI6epZuxhH2rhKEmd # X4jiJV3TIUs+UsS1Vz8kA/DRelsv1SPjcF0PUUZ3s/gA4bysAoJf28AVs70b1FVL # 5zmhD+kjSbwYuER8ReTBw3J64HLnJN+/RpnF78IcV9uDjexNSTCnq47f7Fufr/zd # sGbiwZeBe+3W7UvnSSmnEyimp31ngOaKYnhfsi+E11ecXL93KCjx7W3DKI8sj0A3 # T8HhhUSJxAlMxdSlQy90lfdu+HggWCwTXWCVmj5PM4TasIgX3p5O9JawvEagbJjS # 4NaIjAsCAwEAAaOCAe0wggHpMBAGCSsGAQQBgjcVAQQDAgEAMB0GA1UdDgQWBBRI # bmTlUAXTgqoXNzcitW2oynUClTAZBgkrBgEEAYI3FAIEDB4KAFMAdQBiAEMAQTAL # BgNVHQ8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAfBgNVHSMEGDAWgBRyLToCMZBD # uRQFTuHqp8cx0SOJNDBaBgNVHR8EUzBRME+gTaBLhklodHRwOi8vY3JsLm1pY3Jv # c29mdC5jb20vcGtpL2NybC9wcm9kdWN0cy9NaWNSb29DZXJBdXQyMDExXzIwMTFf # MDNfMjIuY3JsMF4GCCsGAQUFBwEBBFIwUDBOBggrBgEFBQcwAoZCaHR0cDovL3d3 # dy5taWNyb3NvZnQuY29tL3BraS9jZXJ0cy9NaWNSb29DZXJBdXQyMDExXzIwMTFf # MDNfMjIuY3J0MIGfBgNVHSAEgZcwgZQwgZEGCSsGAQQBgjcuAzCBgzA/BggrBgEF # BQcCARYzaHR0cDovL3d3dy5taWNyb3NvZnQuY29tL3BraW9wcy9kb2NzL3ByaW1h # cnljcHMuaHRtMEAGCCsGAQUFBwICMDQeMiAdAEwAZQBnAGEAbABfAHAAbwBsAGkA # YwB5AF8AcwB0AGEAdABlAG0AZQBuAHQALiAdMA0GCSqGSIb3DQEBCwUAA4ICAQBn # 8oalmOBUeRou09h0ZyKbC5YR4WOSmUKWfdJ5DJDBZV8uLD74w3LRbYP+vj/oCso7 # v0epo/Np22O/IjWll11lhJB9i0ZQVdgMknzSGksc8zxCi1LQsP1r4z4HLimb5j0b # pdS1HXeUOeLpZMlEPXh6I/MTfaaQdION9MsmAkYqwooQu6SpBQyb7Wj6aC6VoCo/ # KmtYSWMfCWluWpiW5IP0wI/zRive/DvQvTXvbiWu5a8n7dDd8w6vmSiXmE0OPQvy # CInWH8MyGOLwxS3OW560STkKxgrCxq2u5bLZ2xWIUUVYODJxJxp/sfQn+N4sOiBp # mLJZiWhub6e3dMNABQamASooPoI/E01mC8CzTfXhj38cbxV9Rad25UAqZaPDXVJi # hsMdYzaXht/a8/jyFqGaJ+HNpZfQ7l1jQeNbB5yHPgZ3BtEGsXUfFL5hYbXw3MYb # BL7fQccOKO7eZS/sl/ahXJbYANahRr1Z85elCUtIEJmAH9AAKcWxm6U/RXceNcbS # oqKfenoi+kiVH6v7RyOA9Z74v2u3S5fi63V4GuzqN5l5GEv/1rMjaHXmr/r8i+sL # gOppO6/8MO0ETI7f33VtY5E90Z1WTk+/gFcioXgRMiF670EKsT/7qMykXcGhiJtX # cVZOSEXAQsmbdlsKgEhr/Xmfwb1tbWrJUnMTDXpQzTGCGYIwghl+AgEBMIGVMH4x # CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRt # b25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xKDAmBgNVBAMTH01p # Y3Jvc29mdCBDb2RlIFNpZ25pbmcgUENBIDIwMTECEzMAAALN82S/+NRMXVEAAAAA # As0wDQYJYIZIAWUDBAIBBQCgga4wGQYJKoZIhvcNAQkDMQwGCisGAQQBgjcCAQQw # HAYKKwYBBAGCNwIBCzEOMAwGCisGAQQBgjcCARUwLwYJKoZIhvcNAQkEMSIEIKfW # woLLexVeqOfFGJzKpPhKSp1AlW7UIZOyAbtGDQgdMEIGCisGAQQBgjcCAQwxNDAy # oBSAEgBNAGkAYwByAG8AcwBvAGYAdKEagBhodHRwOi8vd3d3Lm1pY3Jvc29mdC5j # b20wDQYJKoZIhvcNAQEBBQAEggEAYv8Od9M7bs4J/dd+SVRRUAeouor3ZmLjjbHx # AD2fQ8NkV7beWM4rcCsE5DiNvTNBjmyoxT2AVr5mX94f55+00rh4u3DFF89/R2E7 # P9n+mBJLV7wyJx/1PzzQY9EcZzwrtPT0N+de4Uclk+KIkMlHYkmOah22RkMhSAWW # Oz45TPK3SXMVSSBOPUt7mxUsuF4FbkIc+tqM4JD+TEmD9ROT2kKEkupxfq4E2QYB # TjMjDrSwJFxOMnqWltA1LvKs3ppi/pYfKJN9SG5RXiJ0wwocYRCds6Dpap8N80L2 # 9bHZSY+V7lRDTokd/3LCEphCGQAsty+bmjnZZII7H5b84jFBUaGCFwwwghcIBgor # BgEEAYI3AwMBMYIW+DCCFvQGCSqGSIb3DQEHAqCCFuUwghbhAgEDMQ8wDQYJYIZI # AWUDBAIBBQAwggFVBgsqhkiG9w0BCRABBKCCAUQEggFAMIIBPAIBAQYKKwYBBAGE # WQoDATAxMA0GCWCGSAFlAwQCAQUABCALKyqaiqfO574TKyScyVtMVTtTyTQWgR7u # JyKkm76QbgIGYv7FWFwnGBMyMDIyMDgzMTExMDAzNS40MjFaMASAAgH0oIHUpIHR # MIHOMQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMH # UmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSkwJwYDVQQL # EyBNaWNyb3NvZnQgT3BlcmF0aW9ucyBQdWVydG8gUmljbzEmMCQGA1UECxMdVGhh # bGVzIFRTUyBFU046ODk3QS1FMzU2LTE3MDExJTAjBgNVBAMTHE1pY3Jvc29mdCBU # aW1lLVN0YW1wIFNlcnZpY2WgghFfMIIHEDCCBPigAwIBAgITMwAAAasJCe+rY9To # qQABAAABqzANBgkqhkiG9w0BAQsFADB8MQswCQYDVQQGEwJVUzETMBEGA1UECBMK # V2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0 # IENvcnBvcmF0aW9uMSYwJAYDVQQDEx1NaWNyb3NvZnQgVGltZS1TdGFtcCBQQ0Eg # MjAxMDAeFw0yMjAzMDIxODUxMjhaFw0yMzA1MTExODUxMjhaMIHOMQswCQYDVQQG # EwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwG # A1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSkwJwYDVQQLEyBNaWNyb3NvZnQg # T3BlcmF0aW9ucyBQdWVydG8gUmljbzEmMCQGA1UECxMdVGhhbGVzIFRTUyBFU046 # ODk3QS1FMzU2LTE3MDExJTAjBgNVBAMTHE1pY3Jvc29mdCBUaW1lLVN0YW1wIFNl # cnZpY2UwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDJnUtaOXXoQElL # LHC6ssdsJv1oqzVH6pBgcpgyLWMxJ6CrZIa3e8DbCbOIPgbjN7gV/NVpztu9JZKw # tHtZpg6kLeNtE5m/JcLI0CjOphGjUCH1w66J61Td2sNZcfWwH+1WRAN5BxapemAD # t5I0Oj37QOIlR19yVb/fJ7Y5G7asyniTGjVnfHQWgA90QpYjKGo0wxm8mDSk78QY # ViC8ifFmHSfzQQ6aj80JfqcZumWVUngUACDrm2Y1NL36RAsRwubyNRK66mqRvtKA # YYTjfoJZVZJTwFmb9or9JoIwk4+2DSl+8i9sdk767x1auRjzWuXzW6ct/beXL4om # KjH9UWVWXHHa/trwKZOYm+WuDvEogID0lMGBqDsG2RtaJx4o9AEzy5IClH4Gj8xX # 3eSWUm0Zdl4N+O/y41kC0fiowMgAhW9Om6ls7x7UCUzQ/GNI+WNkgZ0gqldszR0l # bbOPmlH5FIbCkvhgF0t4+V1IGAO0jDaIO+jZ7LOZdNZxF+7Bw3WMpGIc7kCha0+9 # F1U2Xl9ubUgX8t1WnM2HdSUiP/cDhqmxVOdjcq5bANaopsTobLnbOz8aPozt0Y1f # 5AvgBDqFWlw3Zop7HNz7ZQQlYf7IGJ6PQFMpm5UkZnntYMJZ5WSdLohyiPathxYG # VjNdMjxuYFbdKa15yRYtVsZpoPgR/wIDAQABo4IBNjCCATIwHQYDVR0OBBYEFBRb # zvKNXjXEgiEGTL6hn3TS/qaqMB8GA1UdIwQYMBaAFJ+nFV0AXmJdg/Tl0mWnG1M1 # GelyMF8GA1UdHwRYMFYwVKBSoFCGTmh0dHA6Ly93d3cubWljcm9zb2Z0LmNvbS9w # a2lvcHMvY3JsL01pY3Jvc29mdCUyMFRpbWUtU3RhbXAlMjBQQ0ElMjAyMDEwKDEp # LmNybDBsBggrBgEFBQcBAQRgMF4wXAYIKwYBBQUHMAKGUGh0dHA6Ly93d3cubWlj # cm9zb2Z0LmNvbS9wa2lvcHMvY2VydHMvTWljcm9zb2Z0JTIwVGltZS1TdGFtcCUy # MFBDQSUyMDIwMTAoMSkuY3J0MAwGA1UdEwEB/wQCMAAwEwYDVR0lBAwwCgYIKwYB # BQUHAwgwDQYJKoZIhvcNAQELBQADggIBAMpLlIE3NSjLMzILB24YI4BBr/3QhxX9 # G8vfQuOUke+9P7nQjTXqpU+tdBIc9d8RhVOh3Ivky1D1J4b1J0rs+8ZIlka7uUY2 # WZkqJxFb/J6Wt89UL3lH54LcotCXeqpUspKBFSerQ7kdSsPcVPcr7YWVoULP8psj # sIfpsbdAvcG3iyfdnq9r3PZctdqRcWwjQyfpkO7+dtIQL63lqmdNhjiYcNEeHNYj # 9/YjQcxzqM/g7DtLGI8IWs/R672DBMzg9TCXSz1n1BbGf/4k3d48xMpJNNlo52Tc # yHthDX5kPym5Rlx3knvCWKopkxcZeZHjHy1BC4wIdJoUNbywiWdtAcAuDuexIO8j # v2LgZ6PuEa1dAg9oKeATtdChVtkkPzIb0Viux24Eugc7e9K5CHklLaO6UZBzKq54 # bmyE3F3XZMuhrWbJsDN4b6l7krTHlNVuTTdxwPMqYzy3f26Jnxsfeh7sPDq37XEL # 5O7YXTbuCYQMilF1D+3SjAiX6znaZYNI9bRNGohPqQ00kFZj8xnswi+NrJcjyVV6 # buMcRNIaQAq9rmtCx7/ywekVeQuAjuDLP6X2pf/xdzvoSWXuYsXr8yjZF128Tzmt # UfkiK1v6x2TOkSAy0ycUxhQzNYUA8mnxrvUv2u7ppL4pYARzcWX5NCGBO0UViXBu # 6ImPhRncdXLNMIIHcTCCBVmgAwIBAgITMwAAABXF52ueAptJmQAAAAAAFTANBgkq # hkiG9w0BAQsFADCBiDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24x # EDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlv # bjEyMDAGA1UEAxMpTWljcm9zb2Z0IFJvb3QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5 # IDIwMTAwHhcNMjEwOTMwMTgyMjI1WhcNMzAwOTMwMTgzMjI1WjB8MQswCQYDVQQG # EwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwG # A1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSYwJAYDVQQDEx1NaWNyb3NvZnQg # VGltZS1TdGFtcCBQQ0EgMjAxMDCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoC # ggIBAOThpkzntHIhC3miy9ckeb0O1YLT/e6cBwfSqWxOdcjKNVf2AX9sSuDivbk+ # F2Az/1xPx2b3lVNxWuJ+Slr+uDZnhUYjDLWNE893MsAQGOhgfWpSg0S3po5GawcU # 88V29YZQ3MFEyHFcUTE3oAo4bo3t1w/YJlN8OWECesSq/XJprx2rrPY2vjUmZNqY # O7oaezOtgFt+jBAcnVL+tuhiJdxqD89d9P6OU8/W7IVWTe/dvI2k45GPsjksUZzp # cGkNyjYtcI4xyDUoveO0hyTD4MmPfrVUj9z6BVWYbWg7mka97aSueik3rMvrg0Xn # Rm7KMtXAhjBcTyziYrLNueKNiOSWrAFKu75xqRdbZ2De+JKRHh09/SDPc31BmkZ1 # zcRfNN0Sidb9pSB9fvzZnkXftnIv231fgLrbqn427DZM9ituqBJR6L8FA6PRc6ZN # N3SUHDSCD/AQ8rdHGO2n6Jl8P0zbr17C89XYcz1DTsEzOUyOArxCaC4Q6oRRRuLR # vWoYWmEBc8pnol7XKHYC4jMYctenIPDC+hIK12NvDMk2ZItboKaDIV1fMHSRlJTY # uVD5C4lh8zYGNRiER9vcG9H9stQcxWv2XFJRXRLbJbqvUAV6bMURHXLvjflSxIUX # k8A8FdsaN8cIFRg/eKtFtvUeh17aj54WcmnGrnu3tz5q4i6tAgMBAAGjggHdMIIB # 2TASBgkrBgEEAYI3FQEEBQIDAQABMCMGCSsGAQQBgjcVAgQWBBQqp1L+ZMSavoKR # PEY1Kc8Q/y8E7jAdBgNVHQ4EFgQUn6cVXQBeYl2D9OXSZacbUzUZ6XIwXAYDVR0g # BFUwUzBRBgwrBgEEAYI3TIN9AQEwQTA/BggrBgEFBQcCARYzaHR0cDovL3d3dy5t # aWNyb3NvZnQuY29tL3BraW9wcy9Eb2NzL1JlcG9zaXRvcnkuaHRtMBMGA1UdJQQM # MAoGCCsGAQUFBwMIMBkGCSsGAQQBgjcUAgQMHgoAUwB1AGIAQwBBMAsGA1UdDwQE # AwIBhjAPBgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFNX2VsuP6KJcYmjRPZSQ # W9fOmhjEMFYGA1UdHwRPME0wS6BJoEeGRWh0dHA6Ly9jcmwubWljcm9zb2Z0LmNv # bS9wa2kvY3JsL3Byb2R1Y3RzL01pY1Jvb0NlckF1dF8yMDEwLTA2LTIzLmNybDBa # BggrBgEFBQcBAQROMEwwSgYIKwYBBQUHMAKGPmh0dHA6Ly93d3cubWljcm9zb2Z0 # LmNvbS9wa2kvY2VydHMvTWljUm9vQ2VyQXV0XzIwMTAtMDYtMjMuY3J0MA0GCSqG # SIb3DQEBCwUAA4ICAQCdVX38Kq3hLB9nATEkW+Geckv8qW/qXBS2Pk5HZHixBpOX # PTEztTnXwnE2P9pkbHzQdTltuw8x5MKP+2zRoZQYIu7pZmc6U03dmLq2HnjYNi6c # qYJWAAOwBb6J6Gngugnue99qb74py27YP0h1AdkY3m2CDPVtI1TkeFN1JFe53Z/z # jj3G82jfZfakVqr3lbYoVSfQJL1AoL8ZthISEV09J+BAljis9/kpicO8F7BUhUKz # /AyeixmJ5/ALaoHCgRlCGVJ1ijbCHcNhcy4sa3tuPywJeBTpkbKpW99Jo3QMvOyR # gNI95ko+ZjtPu4b6MhrZlvSP9pEB9s7GdP32THJvEKt1MMU0sHrYUP4KWN1APMdU # bZ1jdEgssU5HLcEUBHG/ZPkkvnNtyo4JvbMBV0lUZNlz138eW0QBjloZkWsNn6Qo # 3GcZKCS6OEuabvshVGtqRRFHqfG3rsjoiV5PndLQTHa1V1QJsWkBRH58oWFsc/4K # u+xBZj1p/cvBQUl+fpO+y/g75LcVv7TOPqUxUYS8vwLBgqJ7Fx0ViY1w/ue10Cga # iQuPNtq6TPmb/wrpNPgkNWcr4A245oyZ1uEi6vAnQj0llOZ0dFtq0Z4+7X6gMTN9 # vMvpe784cETRkPHIqzqKOghif9lwY1NNje6CbaUFEMFxBmoQtB1VM1izoXBm8qGC # AtIwggI7AgEBMIH8oYHUpIHRMIHOMQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2Fz # aGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENv # cnBvcmF0aW9uMSkwJwYDVQQLEyBNaWNyb3NvZnQgT3BlcmF0aW9ucyBQdWVydG8g # UmljbzEmMCQGA1UECxMdVGhhbGVzIFRTUyBFU046ODk3QS1FMzU2LTE3MDExJTAj # BgNVBAMTHE1pY3Jvc29mdCBUaW1lLVN0YW1wIFNlcnZpY2WiIwoBATAHBgUrDgMC # GgMVAFuoev9uFgqO1mc+ghFQHi87XJg+oIGDMIGApH4wfDELMAkGA1UEBhMCVVMx # EzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoT # FU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEmMCQGA1UEAxMdTWljcm9zb2Z0IFRpbWUt # U3RhbXAgUENBIDIwMTAwDQYJKoZIhvcNAQEFBQACBQDmuRWSMCIYDzIwMjIwODMx # MDMwMjQyWhgPMjAyMjA5MDEwMzAyNDJaMHcwPQYKKwYBBAGEWQoEATEvMC0wCgIF # AOa5FZICAQAwCgIBAAICAMsCAf8wBwIBAAICEU4wCgIFAOa6ZxICAQAwNgYKKwYB # BAGEWQoEAjEoMCYwDAYKKwYBBAGEWQoDAqAKMAgCAQACAwehIKEKMAgCAQACAwGG # oDANBgkqhkiG9w0BAQUFAAOBgQClwQKUSTxkME3Y98OE6ggf8yAxiCm5zncsfC0n # xBRBY/KXtR5rdrLsVdzrVOedpOvOBllniMK49F4MR/Zr+1kI7aoQ/g9EWAqHNAjW # PjUr1Lk9bfnb2q2XTPtwqnhOTzDeWgT32b1jK+LYAVOfOJo98np9jnR1c12oS+DX # 2LD2hjGCBA0wggQJAgEBMIGTMHwxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNo # aW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29y # cG9yYXRpb24xJjAkBgNVBAMTHU1pY3Jvc29mdCBUaW1lLVN0YW1wIFBDQSAyMDEw # AhMzAAABqwkJ76tj1OipAAEAAAGrMA0GCWCGSAFlAwQCAQUAoIIBSjAaBgkqhkiG # 9w0BCQMxDQYLKoZIhvcNAQkQAQQwLwYJKoZIhvcNAQkEMSIEID2NnQIk3OS8wlA9 # xgQrkxr0e0zEVtlZpJQU0SDCF77WMIH6BgsqhkiG9w0BCRACLzGB6jCB5zCB5DCB # vQQgDhyv+rCFYBFUlQ9wK75OjskCr0cRRysq2lM2zdfwClcwgZgwgYCkfjB8MQsw # CQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9u # ZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSYwJAYDVQQDEx1NaWNy # b3NvZnQgVGltZS1TdGFtcCBQQ0EgMjAxMAITMwAAAasJCe+rY9ToqQABAAABqzAi # BCBfMWXM0ZEMWo/L/JW1Uz/wyuNmRbkf/+/GeOr8fLZb+jANBgkqhkiG9w0BAQsF # AASCAgDD1mruW7uq3P9ImbWZmFMqasJhOEkYlJAHGNvKyy2F5Tf7WiY7QFCLfnkt # MMf/YrATgg7wg6/Ti6b19inpB7E7eu5m/HQb5tWzWgZ31p9FIGFXEHjHgbmwSvcg # itCce/j8T65phJT5kzQtSCanfTXXOMBM5Q3PTK1c/fVg9a1CJqhBnWM5iqQxqpnz # 6s60rMCS14YIku66wgvKQrAVp1W+UEYtRnZ7D2MEn+Fj3NRDRO821LpE0tK3SOSl # OI4UAK9nXfGcQ6/l+wXgaKWMU/PQ8S7VeQ9M98fg9IxviedW3xYFZdpyVRygtvqe # NvqJvVy7K69zG6EQ226aLKb2z3fYAKVYo8jAn8p6iIOcuINwM62zN1Uiwqc91333 # q1lMci1xJ94rcKoX+k1ml+UtdJLDUj6wS0iZSrPfghAgZPEAPZc0wZc/hqhey/lB # ZTAQd748M25QiFEALg+iA0Etvj7AI0tcl8nK9Jn97QJaY5nMzzwhmKqxbfJfBWie # IsnDWovnAu8JFqxlIN+HgBqGKNS+Zcs/vWbeCnZKLRWUf3BE2HoGfnXVmP1586M8 # PdfkBKFzou58kLW/LxF8rgYlDt7fe8QQgVJNJk8a3Im58HATU92XLgfHmM8Ygjoj # 7jSb8YRC+ibRCmGttMdEO7/hTFRNi3vLPiQfIvt1xvIuHzl8SA== # SIG # End signature block |