HCoop / hcoop / zz_old / modwaklog.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Removed most #if 0's. Removed k4 code. Changed waklog_aklog so it doesn't segfault...
[hcoop/zz_old/modwaklog.git] / mod_waklog.c
1 #include "httpd.h"
2 #include "http_config.h"
3 #include "http_conf_globals.h"
4 #include "http_log.h"
5 #include "http_protocol.h"
6 #include "http_request.h"
7 #include "http_core.h"
8 #include "ap_config.h"
9 #include <krb5.h>
10
11 #if defined(sun)
12 #include <sys/ioccom.h>
13 #endif /* sun */
14 #include <stropts.h>
15 #include <afs/venus.h>
16 #include <afs/auth.h>
17 #include <rx/rxkad.h>
18
19 #define KEYTAB "/etc/keytab.default"
20 #define KEYTAB_PRINCIPAL "defaultprinc"
21 #define AFS_CELL "someplace.edu" /* NB: lower case */
22
23 #define TKT_LIFE 10*60*60
24 #define SLEEP_TIME TKT_LIFE - 5*60
25
26
27 #define K5PATH "FILE:/tmp/waklog.creds.k5"
28
29 module waklog_module;
30
31 typedef struct {
32 int configured;
33 int protect;
34 char *keytab;
35 char *keytab_principal;
36 char *afs_cell;
37 } waklog_host_config;
38
39 typedef struct {
40 struct ktc_token token;
41 } waklog_child_config;
42 waklog_child_config child;
43
44 #if 0
45 static void *
46 waklog_create_dir_config( pool *p, char *path )
47 {
48 waklog_host_config *cfg;
49
50 cfg = (waklog_host_config *)ap_pcalloc( p, sizeof( waklog_host_config ));
51 cfg->configured = 0;
52 cfg->protect = 0;
53 cfg->keytab = KEYTAB;
54 cfg->keytab_principal = KEYTAB_PRINCIPAL;
55 cfg->afs_cell = AFS_CELL;
56
57 return( cfg );
58 }
59 #endif /* 0 */
60
61
62 static void *
63 waklog_create_server_config( pool *p, server_rec *s )
64 {
65 waklog_host_config *cfg;
66
67 cfg = (waklog_host_config *)ap_pcalloc( p, sizeof( waklog_host_config ));
68 cfg->configured = 0;
69 cfg->protect = 0;
70 cfg->keytab = KEYTAB;
71 cfg->keytab_principal = KEYTAB_PRINCIPAL;
72 cfg->afs_cell = AFS_CELL;
73
74
75 ap_log_error( APLOG_MARK, APLOG_NOERRNO|APLOG_DEBUG, s, "mod_waklog: server config created" );
76
77 return( cfg );
78 }
79
80
81 static const char *
82 set_waklog_protect( cmd_parms *params, void *mconfig, int flag )
83 {
84 waklog_host_config *cfg;
85
86 cfg = (waklog_host_config *) ap_get_module_config(
87 params->server->module_config, &waklog_module );
88
89 cfg->protect = flag;
90 cfg->configured = 1;
91 ap_log_error( APLOG_MARK, APLOG_NOERRNO|APLOG_INFO, params->server, "mod_waklog: waklog_protect set" );
92 return( NULL );
93 }
94
95
96 static const char *
97 set_waklog_keytab( cmd_parms *params, void *mconfig, char *file )
98 {
99 waklog_host_config *cfg;
100
101 cfg = (waklog_host_config *) ap_get_module_config(
102 params->server->module_config, &waklog_module );
103
104 ap_log_error( APLOG_MARK, APLOG_INFO|APLOG_NOERRNO, params->server,
105 "mod_waklog: will use keytab: %s", file );
106
107 cfg->keytab = ap_pstrdup ( params->pool, file );
108 cfg->configured = 1;
109 return( NULL );
110 }
111
112
113 static const char *
114 set_waklog_use_keytab_principal( cmd_parms *params, void *mconfig, char *file )
115 {
116 waklog_host_config *cfg;
117
118 cfg = (waklog_host_config *) ap_get_module_config(
119 params->server->module_config, &waklog_module );
120
121 ap_log_error( APLOG_MARK, APLOG_INFO|APLOG_NOERRNO, params->server,
122 "mod_waklog: will use keytab_principal: %s", file );
123
124 cfg->keytab_principal = ap_pstrdup ( params->pool, file );
125 cfg->configured = 1;
126 return( NULL );
127 }
128
129
130 static const char *
131 set_waklog_use_afs_cell( cmd_parms *params, void *mconfig, char *file )
132 {
133 waklog_host_config *cfg;
134
135 cfg = (waklog_host_config *) ap_get_module_config(
136 params->server->module_config, &waklog_module );
137
138 ap_log_error( APLOG_MARK, APLOG_INFO|APLOG_NOERRNO, params->server,
139 "mod_waklog: will use afs_cell: %s", file );
140
141 cfg->afs_cell = ap_pstrdup( params->pool, file );
142 cfg->configured = 1;
143 return( NULL );
144 }
145
146
147 static void
148 waklog_child_init( server_rec *s, pool *p )
149 {
150
151 memset( &child.token, 0, sizeof( struct ktc_token ) );
152
153 setpag();
154
155 return;
156 }
157
158
159 command_rec waklog_cmds[ ] =
160 {
161 { "WaklogProtected", set_waklog_protect,
162 NULL, RSRC_CONF | ACCESS_CONF, FLAG,
163 "enable waklog on a location or directory basis" },
164
165 { "WaklogKeytab", set_waklog_keytab,
166 NULL, RSRC_CONF | ACCESS_CONF, TAKE1,
167 "Use the supplied keytab rather than the default" },
168
169 { "WaklogUseKeytabPrincipal", set_waklog_use_keytab_principal,
170 NULL, RSRC_CONF | ACCESS_CONF, TAKE1,
171 "Use the supplied keytab principal rather than the default" },
172
173 { "WaklogUseAFSCell", set_waklog_use_afs_cell,
174 NULL, RSRC_CONF | ACCESS_CONF, TAKE1,
175 "Use the supplied AFS cell rather than the default" },
176
177 { NULL }
178 };
179
180
181 static void
182 token_cleanup( void *data )
183 {
184 request_rec *r = (request_rec *)data;
185
186 if ( child.token.ticketLen ) {
187 memset( &child.token, 0, sizeof( struct ktc_token ) );
188
189 ktc_ForgetAllTokens();
190
191 ap_log_error( APLOG_MARK, APLOG_NOERRNO|APLOG_DEBUG, r->server,
192 "mod_waklog: ktc_ForgetAllTokens succeeded: pid: %d", getpid() );
193 }
194 return;
195 }
196
197
198 static int
199 waklog_kinit( server_rec *s )
200 {
201 krb5_error_code kerror;
202 krb5_context kcontext = NULL;
203 krb5_principal kprinc = NULL;
204 krb5_get_init_creds_opt kopts;
205 krb5_creds v5creds;
206 krb5_ccache kccache = NULL;
207 krb5_keytab keytab = NULL;
208 char ktbuf[ MAX_KEYTAB_NAME_LEN + 1 ];
209 waklog_host_config *cfg;
210 int i;
211
212 ap_log_error( APLOG_MARK, APLOG_NOERRNO|APLOG_DEBUG, s,
213 "mod_waklog: waklog_kinit called: pid: %d", getpid() );
214
215 cfg = (waklog_host_config *) ap_get_module_config( s->module_config,
216 &waklog_module );
217
218 if (( kerror = krb5_init_context( &kcontext ))) {
219 ap_log_error( APLOG_MARK, APLOG_ERR, s,
220 "mod_waklog: %s", (char *)error_message( kerror ));
221
222 goto cleanup;
223 }
224
225 /* use the path */
226 if (( kerror = krb5_cc_resolve( kcontext, K5PATH, &kccache )) != 0 ) {
227 ap_log_error( APLOG_MARK, APLOG_ERR, s,
228 "mod_waklog: %s", (char *)error_message( kerror ));
229
230 goto cleanup;
231 }
232
233 ap_log_error( APLOG_MARK, APLOG_NOERRNO|APLOG_DEBUG, s,
234 "mod_waklog: keytab_principal: %s", cfg->keytab_principal );
235
236 if (( kerror = krb5_parse_name( kcontext, cfg->keytab_principal, &kprinc ))) {
237 ap_log_error( APLOG_MARK, APLOG_ERR, s,
238 "mod_waklog: %s", (char *)error_message( kerror ));
239
240 goto cleanup;
241 }
242
243 krb5_get_init_creds_opt_init( &kopts );
244 krb5_get_init_creds_opt_set_tkt_life( &kopts, TKT_LIFE );
245 krb5_get_init_creds_opt_set_renew_life( &kopts, 0 );
246 krb5_get_init_creds_opt_set_forwardable( &kopts, 1 );
247 krb5_get_init_creds_opt_set_proxiable( &kopts, 0 );
248
249 /* keytab from config */
250 strncpy( ktbuf, cfg->keytab, sizeof( ktbuf ) - 1 );
251
252 ap_log_error( APLOG_MARK, APLOG_NOERRNO|APLOG_DEBUG, s,
253 "mod_waklog: waklog_kinit using: %s", ktbuf );
254
255 if (( kerror = krb5_kt_resolve( kcontext, ktbuf, &keytab )) != 0 ) {
256 ap_log_error( APLOG_MARK, APLOG_ERR, s,
257 "mod_waklog:krb5_kt_resolve %s", (char *)error_message( kerror ));
258
259 goto cleanup;
260 }
261
262 memset( (char *)&v5creds, 0, sizeof(v5creds));
263
264 /* get the krbtgt */
265 if (( kerror = krb5_get_init_creds_keytab( kcontext, &v5creds,
266 kprinc, keytab, 0, NULL, &kopts ))) {
267
268 ap_log_error( APLOG_MARK, APLOG_ERR, s,
269 "mod_waklog:krb5_get_init_creds_keytab %s", (char *)error_message( kerror ));
270
271 goto cleanup;
272 }
273
274
275
276 if (( kerror = krb5_cc_initialize( kcontext, kccache, kprinc )) != 0 ) {
277 ap_log_error( APLOG_MARK, APLOG_ERR, s,
278 "mod_waklog:krb5_cc_initialize %s", (char *)error_message( kerror ));
279
280 goto cleanup;
281 }
282
283 kerror = krb5_cc_store_cred( kcontext, kccache, &v5creds );
284 krb5_free_cred_contents( kcontext, &v5creds );
285 if ( kerror != 0 ) {
286 ap_log_error( APLOG_MARK, APLOG_ERR, s,
287 "mod_waklog: %s", (char *)error_message( kerror ));
288
289 goto cleanup;
290 }
291
292 ap_log_error( APLOG_MARK, APLOG_NOERRNO|APLOG_DEBUG, s,
293 "mod_waklog: waklog_kinit success" );
294
295 cleanup:
296 if ( keytab )
297 (void)krb5_kt_close( kcontext, keytab );
298 if ( kprinc )
299 krb5_free_principal( kcontext, kprinc );
300 if ( kccache )
301 krb5_cc_close( kcontext, kccache );
302 if ( kcontext )
303 krb5_free_context( kcontext );
304
305 ap_log_error( APLOG_MARK, APLOG_NOERRNO|APLOG_DEBUG, s,
306 "mod_waklog: waklog_kinit: exiting" );
307
308 return( 0 );
309 }
310
311
312 static void
313 waklog_aklog( request_rec *r )
314 {
315 int rc;
316 char buf[ MAXKTCTICKETLEN ];
317 const char *k5path = NULL;
318 krb5_error_code kerror;
319 krb5_context kcontext = NULL;
320 krb5_creds increds;
321 krb5_creds *v5credsp = NULL;
322 krb5_ccache kccache = NULL;
323 struct ktc_principal server = { "afs", "", "" };
324 struct ktc_principal client;
325 struct ktc_token token;
326 waklog_host_config *cfg;
327 int buflen;
328
329 k5path = ap_table_get( r->subprocess_env, "KRB5CCNAME" );
330
331 ap_log_error( APLOG_MARK, APLOG_NOERRNO|APLOG_INFO, r->server,
332 "mod_waklog: waklog_aklog called: k5path: %s", k5path );
333
334 if ( k5path == NULL ) {
335 ap_log_error( APLOG_MARK, APLOG_NOERRNO|APLOG_DEBUG, r->server,
336 "mod_waklog: waklog_aklog giving up" );
337 goto cleanup;
338 }
339
340 /*
341 ** Get/build creds from file/tgs, then see if we need to SetToken
342 */
343
344 if (( kerror = krb5_init_context( &kcontext ))) {
345 /* Authentication Required ( kerberos error ) */
346 ap_log_error( APLOG_MARK, APLOG_ERR, r->server,
347 (char *)error_message( kerror ));
348
349 goto cleanup;
350 }
351
352 memset( (char *)&increds, 0, sizeof(increds));
353
354 cfg = (waklog_host_config *) ap_get_module_config(
355 r->server->module_config, &waklog_module );
356
357 /* afs/<cell> or afs */
358 strncpy( buf, "afs", sizeof( buf ) - 1 );
359 if ( strcmp( cfg->afs_cell, AFS_CELL ) ) {
360 strncat( buf, "/" , sizeof( buf ) - strlen( buf ) - 1 );
361 strncat( buf, cfg->afs_cell, sizeof( buf ) - strlen( buf ) - 1 );
362 }
363
364 /* set server part */
365 if (( kerror = krb5_parse_name( kcontext, buf, &increds.server ))) {
366 ap_log_error( APLOG_MARK, APLOG_ERR, r->server,
367 (char *)error_message( kerror ));
368
369 goto cleanup;
370 }
371
372 if (( kerror = krb5_cc_resolve( kcontext, k5path, &kccache )) != 0 ) {
373 ap_log_error( APLOG_MARK, APLOG_ERR, r->server,
374 (char *)error_message( kerror ));
375
376 goto cleanup;
377 }
378
379 /* set client part */
380 krb5_cc_get_principal( kcontext, kccache, &increds.client );
381
382 increds.times.endtime = 0;
383 /* Ask for DES since that is what V4 understands */
384 increds.keyblock.enctype = ENCTYPE_DES_CBC_CRC;
385
386 /* get the V5 credentials */
387 if (( kerror = krb5_get_credentials( kcontext, 0, kccache,
388 &increds, &v5credsp ) ) ) {
389 ap_log_error( APLOG_MARK, APLOG_ERR, r->server,
390 "mod_waklog: krb5_get_credentials: %s", error_message( kerror ));
391 goto cleanup;
392 }
393
394 /* don't overflow */
395 if ( v5credsp->ticket.length >= MAXKTCTICKETLEN ) { /* from krb524d.c */
396 ap_log_error( APLOG_MARK, APLOG_ERR, r->server,
397 "mod_waklog: ticket size (%d) too big to fake", v5credsp->ticket.length );
398 goto cleanup;
399 }
400
401 /* assemble the token */
402 memset( &token, 0, sizeof( struct ktc_token ) );
403
404 token.startTime = v5credsp->times.starttime ? v5credsp->times.starttime : v5credsp->times.authtime;
405 token.endTime = v5credsp->times.endtime;
406 memmove( &token.sessionKey, v5credsp->keyblock.contents, v5credsp->keyblock.length );
407 token.kvno = RXKAD_TKT_TYPE_KERBEROS_V5;
408 token.ticketLen = v5credsp->ticket.length;
409 memmove( token.ticket, v5credsp->ticket.data, token.ticketLen );
410
411 /* make sure we have to do this */
412 if ( child.token.kvno != token.kvno ||
413 child.token.ticketLen != token.ticketLen ||
414 (memcmp( &child.token.sessionKey, &token.sessionKey,
415 sizeof( token.sessionKey ) )) ||
416 (memcmp( child.token.ticket, token.ticket, token.ticketLen )) ) {
417
418 ap_log_error( APLOG_MARK, APLOG_NOERRNO|APLOG_DEBUG, r->server,
419 "mod_waklog: client: %s", buf );
420
421 /* build the name */
422 memmove( buf, v5credsp->client->data[0].data,
423 min( v5credsp->client->data[0].length, MAXKTCNAMELEN - 1 ) );
424 buf[ v5credsp->client->data[0].length ] = '\0';
425 if ( v5credsp->client->length > 1 ) {
426 strncat( buf, ".", sizeof( buf ) - strlen( buf ) - 1 );
427 buflen = strlen( buf );
428 memmove( buf + buflen, v5credsp->client->data[1].data,
429 min( v5credsp->client->data[1].length, MAXKTCNAMELEN - strlen( buf ) - 1 ) );
430 buf[ buflen + v5credsp->client->data[1].length ] = '\0';
431 }
432
433 /* assemble the client */
434 strncpy( client.name, buf, sizeof( client.name ) - 1 );
435 strncpy( client.instance, "", sizeof( client.instance) - 1 );
436 memmove( buf, v5credsp->client->realm.data,
437 min( v5credsp->client->realm.length, MAXKTCNAMELEN - 1 ) );
438 buf[ v5credsp->client->realm.length ] = '\0';
439 strncpy( client.cell, buf, sizeof( client.cell ) - 1 );
440
441 /* assemble the server's cell */
442 strncpy( server.cell, cfg->afs_cell , sizeof( server.cell ) - 1 );
443
444 ap_log_error( APLOG_MARK, APLOG_NOERRNO|APLOG_DEBUG, r->server,
445 "mod_waklog: server: name=%s, instance=%s, cell=%s",
446 server.name, server.instance, server.cell );
447
448 ap_log_error( APLOG_MARK, APLOG_NOERRNO|APLOG_DEBUG, r->server,
449 "mod_waklog: client: name=%s, instance=%s, cell=%s",
450 client.name, client.instance, client.cell );
451
452 /* use the path */
453
454 /* rumor: we have to do this for AIX 4.1.4 with AFS 3.4+ */
455 write( 2, "", 0 );
456
457 if ( ( rc = ktc_SetToken( &server, &token, &client, 0 ) ) ) {
458 ap_log_error( APLOG_MARK, APLOG_ERR, r->server,
459 "mod_waklog: settoken returned %d", rc );
460 goto cleanup;
461 }
462
463 /* save this */
464 memmove( &child.token, &token, sizeof( struct ktc_token ) );
465
466 /* we'll need to unlog when this connection is done. */
467 ap_register_cleanup( r->pool, (void *)r, token_cleanup, ap_null_cleanup );
468 }
469
470 cleanup:
471 if ( v5credsp )
472 krb5_free_cred_contents( kcontext, v5credsp );
473 if ( increds.client )
474 krb5_free_principal( kcontext, increds.client );
475 if ( increds.server )
476 krb5_free_principal( kcontext, increds.server );
477 if ( kccache )
478 krb5_cc_close( kcontext, kccache );
479 if ( kcontext )
480 krb5_free_context( kcontext );
481
482 ap_log_error( APLOG_MARK, APLOG_NOERRNO|APLOG_DEBUG, r->server,
483 "mod_waklog: finished with waklog_aklog" );
484
485 return;
486
487 }
488
489 static int
490 waklog_child_routine( void *s, child_info *pinfo )
491 {
492 if ( !getuid() ) {
493 ap_log_error( APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, s,
494 "mod_waklog: waklog_child_routine called as root" );
495
496 /* this was causing the credential file to get owned by root */
497 setgid(ap_group_id);
498 setuid(ap_user_id);
499 }
500
501 while( 1 ) {
502 waklog_kinit( s );
503 sleep( SLEEP_TIME );
504 }
505
506 }
507
508
509 static void
510 waklog_init( server_rec *s, pool *p )
511 {
512 extern char *version;
513 int pid;
514
515 ap_log_error( APLOG_MARK, APLOG_INFO|APLOG_NOERRNO, s,
516 "mod_waklog: version %s initialized.", version );
517
518 pid = ap_bspawn_child( p, waklog_child_routine, s, kill_always,
519 NULL, NULL, NULL );
520
521 ap_log_error( APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, s,
522 "mod_waklog: ap_bspawn_child: %d.", pid );
523 }
524
525
526 static int
527 waklog_phase0( request_rec *r )
528 {
529 waklog_host_config *cfg;
530
531 ap_log_error( APLOG_MARK, APLOG_NOERRNO|APLOG_DEBUG, r->server,
532 "mod_waklog: phase0 called" );
533
534 cfg = (waklog_host_config *)ap_get_module_config(
535 r->server->module_config, &waklog_module);
536
537 if ( !cfg->protect ) {
538 ap_log_error( APLOG_MARK, APLOG_NOERRNO|APLOG_DEBUG, r->server,
539 "mod_waklog: phase0 declining" );
540 return( DECLINED );
541 }
542
543 /* set our environment variables */
544 ap_table_set( r->subprocess_env, "KRB5CCNAME", K5PATH );
545
546 /* do this only if we are still unauthenticated */
547 if ( !child.token.ticketLen ) {
548
549 /* stuff the credentials into the kernel */
550 waklog_aklog( r );
551 }
552
553 ap_log_error( APLOG_MARK, APLOG_NOERRNO|APLOG_DEBUG, r->server,
554 "mod_waklog: phase0 returning" );
555 return DECLINED;
556 }
557
558
559 static int
560 waklog_phase7( request_rec *r )
561 {
562 waklog_host_config *cfg;
563
564 ap_log_error( APLOG_MARK, APLOG_NOERRNO|APLOG_DEBUG, r->server,
565 "mod_waklog: phase7 called" );
566
567 cfg = (waklog_host_config *)ap_get_module_config(
568 r->server->module_config, &waklog_module);
569
570 if ( !cfg->protect ) {
571 return( DECLINED );
572 }
573
574 /* stuff the credentials into the kernel */
575 waklog_aklog( r );
576
577 ap_log_error( APLOG_MARK, APLOG_NOERRNO|APLOG_DEBUG, r->server,
578 "mod_waklog: phase7 returning" );
579
580 return DECLINED;
581 }
582
583 static void
584 waklog_new_connection( conn_rec *c ) {
585 ap_log_error( APLOG_MARK, APLOG_NOERRNO|APLOG_DEBUG, c->server,
586 "mod_waklog: new_connection called: pid: %d", getpid() );
587 return;
588 }
589
590
591 /*
592 ** Here's a quick explaination for phase0 and phase2:
593 ** Apache does a stat() on the path between phase0 and
594 ** phase2, and must by ACLed rl to succeed. So, at
595 ** phase0 we acquire credentials for umweb:servers from
596 ** a keytab, and at phase2 we must ensure we remove them.
597 **
598 ** Failure to "unlog" would be a security risk.
599 */
600 static int
601 waklog_phase2( request_rec *r )
602 {
603
604 ap_log_error( APLOG_MARK, APLOG_NOERRNO|APLOG_DEBUG, r->server,
605 "mod_waklog: phase2 called" );
606
607 if ( child.token.ticketLen ) {
608 memset( &child.token, 0, sizeof( struct ktc_token ) );
609
610 ktc_ForgetAllTokens();
611
612 ap_log_error( APLOG_MARK, APLOG_NOERRNO|APLOG_DEBUG, r->server,
613 "mod_waklog: ktc_ForgetAllTokens succeeded: pid: %d", getpid() );
614 }
615
616 ap_log_error( APLOG_MARK, APLOG_NOERRNO|APLOG_DEBUG, r->server,
617 "mod_waklog: phase2 returning" );
618
619 return DECLINED;
620 }
621
622 module MODULE_VAR_EXPORT waklog_module = {
623 STANDARD_MODULE_STUFF,
624 waklog_init, /* module initializer */
625 #if 0
626 waklog_create_dir_config, /* create per-dir config structures */
627 #else /* 0 */
628 NULL, /* create per-dir config structures */
629 #endif /* 0 */
630 NULL, /* merge per-dir config structures */
631 waklog_create_server_config, /* create per-server config structures */
632 NULL, /* merge per-server config structures */
633 waklog_cmds, /* table of config file commands */
634 NULL, /* [#8] MIME-typed-dispatched handlers */
635 NULL, /* [#1] URI to filename translation */
636 NULL, /* [#4] validate user id from request */
637 NULL, /* [#5] check if the user is ok _here_ */
638 NULL, /* [#3] check access by host address */
639 NULL, /* [#6] determine MIME type */
640 waklog_phase7, /* [#7] pre-run fixups */
641 NULL, /* [#9] log a transaction */
642 waklog_phase2, /* [#2] header parser */
643 waklog_child_init, /* child_init */
644 NULL, /* child_exit */
645 waklog_phase0 /* [#0] post read-request */
646 #ifdef EAPI
647 ,NULL, /* EAPI: add_module */
648 NULL, /* EAPI: remove_module */
649 NULL, /* EAPI: rewrite_command */
650 waklog_new_connection /* EAPI: new_connection */
651 #endif
652 };
653
Unnamed repository; edit this file 'description' to name the repository.