X-Git-Url: http://git.openwrt.org/?a=blobdiff_plain;f=libopkg%2Fopkg_download.c;h=af91f12a429ff33994c6da37d55cee45bcef97af;hb=HEAD;hp=7dc965b3ac97c8c319ea7904e0c68073ac7b7f16;hpb=26e659c660b69b5ecdd1bd6f6bf85520211b810e;p=project%2Fopkg-lede.git diff --git a/libopkg/opkg_download.c b/libopkg/opkg_download.c index 7dc965b..af91f12 100644 --- a/libopkg/opkg_download.c +++ b/libopkg/opkg_download.c @@ -16,508 +16,376 @@ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. */ -#include "config.h" -#ifdef HAVE_CURL -#include -#endif -#if defined(HAVE_GPGME) -#include -#elif defined(HAVE_OPENSSL) -#include -#include -#include -#include -#include -#include -#include -#endif +#include +#include +#include -#include "includes.h" #include "opkg_download.h" #include "opkg_message.h" -#include "opkg_state.h" #include "sprintf_alloc.h" #include "xsystem.h" #include "file_util.h" -#include "str_util.h" #include "opkg_defines.h" +#include "libbb/libbb.h" +static int str_starts_with(const char *str, const char *prefix) +{ + return (strncmp(str, prefix, strlen(prefix)) == 0); +} -#ifdef HAVE_OPENSSL -static X509_STORE *setup_verify(opkg_conf_t *conf, char *CAfile, char *CApath); -static void init_openssl(void); -#endif +int opkg_verify_integrity(pkg_t *pkg, const char *filename) +{ + int err = 0; + char *file_md5, *pkg_md5; + char *file_sha256, *pkg_sha256; + struct stat pkg_stat; + long long int pkg_expected_size; + + /* Check file size */ + err = lstat(filename, &pkg_stat); + + if (err) { + opkg_msg(ERROR, "Failed to stat %s: %s\n", + filename, strerror(errno)); + return err; + } + + pkg_expected_size = pkg_get_int(pkg, PKG_SIZE); + + if (pkg_expected_size > 0 && pkg_stat.st_size != pkg_expected_size) { + opkg_msg(INFO, + "Package size mismatch: %s is %lld bytes, expecting %lld bytes\n", + pkg->name, (long long int)pkg_stat.st_size, pkg_expected_size); + err = -1; + goto out; + } + + /* Check for md5 values */ + pkg_md5 = pkg_get_md5(pkg); + if (pkg_md5) { + file_md5 = file_md5sum_alloc(filename); + if (file_md5 && strcmp(file_md5, pkg_md5)) { + opkg_msg(INFO, "Package %s md5sum mismatch.\n", + pkg->name); + err = -1; + free(file_md5); + goto out; + } + if (file_md5) + free(file_md5); + } + + /* Check for sha256 value */ + pkg_sha256 = pkg_get_sha256(pkg); + if (pkg_sha256) { + file_sha256 = file_sha256sum_alloc(filename); + if (file_sha256 && strcmp(file_sha256, pkg_sha256)) { + opkg_msg(INFO, "Package %s sha256sum mismatch.\n", + pkg->name); + err = -1; + free(file_sha256); + goto out; + } + if (file_sha256) + free(file_sha256); + } -int opkg_download(opkg_conf_t *conf, const char *src, - const char *dest_file_name, curl_progress_func cb, void *data) +out: + return err; +} + +int +opkg_download(const char *src, const char *dest_file_name, + const short hide_error) { - int err = 0; - - char *src_basec = strdup(src); - char *src_base = basename(src_basec); - char *tmp_file_location; - - opkg_message(conf,OPKG_NOTICE,"Downloading %s\n", src); - - if (str_starts_with(src, "file:")) { - int ret; - const char *file_src = src + 5; - opkg_message(conf,OPKG_INFO,"Copying %s to %s...", file_src, dest_file_name); - ret = file_copy(src + 5, dest_file_name); - opkg_message(conf,OPKG_INFO,"Done\n"); - free(src_basec); - return ret; - } - - sprintf_alloc(&tmp_file_location, "%s/%s", conf->tmp_dir, src_base); - err = unlink(tmp_file_location); - if (err && errno != ENOENT) { - opkg_message(conf,OPKG_ERROR, "%s: ERROR: failed to unlink %s: %s\n", - __FUNCTION__, tmp_file_location, strerror(errno)); - free(tmp_file_location); - free(src_basec); - return errno; - } - - if (conf->http_proxy) { - opkg_message(conf,OPKG_DEBUG,"Setting environment variable: http_proxy = %s\n", conf->http_proxy); - setenv("http_proxy", conf->http_proxy, 1); - } - if (conf->ftp_proxy) { - opkg_message(conf,OPKG_DEBUG,"Setting environment variable: ftp_proxy = %s\n", conf->ftp_proxy); - setenv("ftp_proxy", conf->ftp_proxy, 1); - } - if (conf->no_proxy) { - opkg_message(conf,OPKG_DEBUG,"Setting environment variable: no_proxy = %s\n", conf->no_proxy); - setenv("no_proxy", conf->no_proxy, 1); - } - -#ifdef HAVE_CURL - CURL *curl; - CURLcode res; - FILE * file = fopen (tmp_file_location, "w"); - - curl = curl_easy_init (); - if (curl) - { - curl_easy_setopt (curl, CURLOPT_URL, src); - curl_easy_setopt (curl, CURLOPT_WRITEDATA, file); - curl_easy_setopt (curl, CURLOPT_NOPROGRESS, (cb == NULL)); - if (cb) - { - curl_easy_setopt (curl, CURLOPT_PROGRESSDATA, data); - curl_easy_setopt (curl, CURLOPT_PROGRESSFUNCTION, cb); + int err = 0; + + char *src_basec = xstrdup(src); + char *src_base = basename(src_basec); + char *tmp_file_location; + + opkg_msg(NOTICE, "Downloading %s\n", src); + + if (str_starts_with(src, "file:")) { + char *file_src = urldecode_path(src + 5); + opkg_msg(INFO, "Copying %s to %s...", file_src, dest_file_name); + err = file_copy(file_src, dest_file_name); + opkg_msg(INFO, "Done.\n"); + free(src_basec); + free(file_src); + return err; } - curl_easy_setopt (curl, CURLOPT_FOLLOWLOCATION, 1); - curl_easy_setopt (curl, CURLOPT_FAILONERROR, 1); - if (conf->http_proxy || conf->ftp_proxy) - { - char *userpwd; - sprintf_alloc (&userpwd, "%s:%s", conf->proxy_user, - conf->proxy_passwd); - curl_easy_setopt(curl, CURLOPT_PROXYUSERPWD, userpwd); - free (userpwd); + + sprintf_alloc(&tmp_file_location, "%s/%s", conf->tmp_dir, src_base); + free(src_basec); + err = unlink(tmp_file_location); + if (err && errno != ENOENT) { + opkg_perror(ERROR, "Failed to unlink %s", tmp_file_location); + free(tmp_file_location); + return -1; } - res = curl_easy_perform (curl); - fclose (file); - if (res) - { - long error_code; - curl_easy_getinfo(curl, CURLINFO_RESPONSE_CODE, &error_code); - opkg_message(conf, OPKG_ERROR, "Failed to download %s. \nerror detail: %s\n", src, curl_easy_strerror(res)); - free(tmp_file_location); - free(src_basec); - curl_easy_cleanup (curl); - return res; + + if (conf->http_proxy) { + opkg_msg(DEBUG, + "Setting environment variable: http_proxy = %s.\n", + conf->http_proxy); + setenv("http_proxy", conf->http_proxy, 1); + } + if (conf->https_proxy) { + opkg_msg(DEBUG, + "Setting environment variable: https_proxy = %s.\n", + conf->https_proxy); + setenv("https_proxy", conf->https_proxy, 1); + } + if (conf->ftp_proxy) { + opkg_msg(DEBUG, + "Setting environment variable: ftp_proxy = %s.\n", + conf->ftp_proxy); + setenv("ftp_proxy", conf->ftp_proxy, 1); + } + if (conf->no_proxy) { + opkg_msg(DEBUG, + "Setting environment variable: no_proxy = %s.\n", + conf->no_proxy); + setenv("no_proxy", conf->no_proxy, 1); } - curl_easy_cleanup (curl); - } - else - { - free(tmp_file_location); - free(src_basec); - return -1; - } -#else - { - int res; - char *wgetcmd; - char *wgetopts; - wgetopts = getenv("OPKG_WGETOPTS"); - sprintf_alloc(&wgetcmd, "wget -q %s%s -O \"%s\" \"%s\"", - (conf->http_proxy || conf->ftp_proxy) ? "-Y on " : "", - (wgetopts!=NULL) ? wgetopts : "", - tmp_file_location, src); - opkg_message(conf, OPKG_INFO, "Executing: %s\n", wgetcmd); - res = xsystem(wgetcmd); - free(wgetcmd); - if (res) { - opkg_message(conf, OPKG_ERROR, "Failed to download %s, error %d\n", src, res); - free(tmp_file_location); - free(src_basec); - return res; - } - } -#endif + { + int res; + const char *argv[11]; + int i = 0; + + argv[i++] = "wget"; + argv[i++] = "-q"; + if (conf->no_check_certificate) { + argv[i++] = "--no-check-certificate"; + } + if (conf->http_timeout) { + argv[i++] = "--timeout"; + argv[i++] = conf->http_timeout; + } + if (conf->http_proxy || conf->https_proxy || conf->ftp_proxy) { + argv[i++] = "-Y"; + argv[i++] = "on"; + } + argv[i++] = "-O"; + argv[i++] = tmp_file_location; + argv[i++] = src; + argv[i++] = NULL; + res = xsystem(argv); + + if (res) { + opkg_msg(ERROR, + "Failed to download %s, wget returned %d.\n", + src, res); + if (res == 4) + opkg_msg(ERROR, + "Check your network settings and connectivity.\n\n"); + free(tmp_file_location); + return -1; + } + } - err = file_move(tmp_file_location, dest_file_name); + err = file_move(tmp_file_location, dest_file_name); - free(tmp_file_location); - free(src_basec); + free(tmp_file_location); - if (err) { return err; - } +} - return 0; +static char* get_cache_filename(const char *dest_file_name) +{ + char *cache_name; + char *filename = strrchr(dest_file_name, '/'); + if (filename) + cache_name = xstrdup(filename + 1); // strip leading '/' + else + cache_name = xstrdup(dest_file_name); + return cache_name; } -static int opkg_download_cache(opkg_conf_t *conf, const char *src, - const char *dest_file_name, curl_progress_func cb, void *data) +static int +opkg_download_cache(const char *src, const char *dest_file_name) { - char *cache_name = strdup(src); - char *cache_location, *p; - int err = 0; - - if (!conf->cache || str_starts_with(src, "file:")) { - err = opkg_download(conf, src, dest_file_name, cb, data); - goto out1; - } - - for (p = cache_name; *p; p++) - if (*p == '/') - *p = ','; /* looks nicer than | or # */ - - sprintf_alloc(&cache_location, "%s/%s", conf->cache, cache_name); - if (file_exists(cache_location)) - opkg_message(conf, OPKG_NOTICE, "Copying %s\n", cache_location); - else { - err = opkg_download(conf, src, cache_location, cb, data); - if (err) { - (void) unlink(cache_location); - goto out2; + char *cache_name, *cache_location; + int err = 0; + + if (!conf->cache || str_starts_with(src, "file:")) { + err = opkg_download(src, dest_file_name, 0); + goto out1; } - } - err = file_copy(cache_location, dest_file_name); + if (!file_is_dir(conf->cache)) { + opkg_msg(ERROR, "%s is not a directory.\n", conf->cache); + err = 1; + goto out1; + } + cache_name = get_cache_filename(dest_file_name); + sprintf_alloc(&cache_location, "%s/%s", conf->cache, cache_name); + if (file_exists(cache_location)) + opkg_msg(NOTICE, "Copying %s.\n", cache_location); + else { + err = opkg_download(src, cache_location, 0); + if (err) { + (void)unlink(cache_location); + goto out2; + } + } + + err = file_copy(cache_location, dest_file_name); out2: - free(cache_location); + free(cache_location); + free(cache_name); out1: - free(cache_name); - return err; + return err; } -int opkg_download_pkg(opkg_conf_t *conf, pkg_t *pkg, const char *dir) +int opkg_download_pkg(pkg_t * pkg, const char *dir) { - int err; - char *url; - char *pkgid; - char *stripped_filename; - - if (pkg->src == NULL) { - opkg_message(conf,OPKG_ERROR, "ERROR: Package %s (parent %s) is not available from any configured src.\n", - pkg->name, pkg->parent->name); - return -1; - } - if (pkg->filename == NULL) { - opkg_message(conf,OPKG_ERROR, "ERROR: Package %s (parent %s) does not have a valid filename field.\n",pkg->name, pkg->parent->name); - return -1; - } - - sprintf_alloc (&pkgid, "%s;%s;%s;", pkg->name, pkg->version, pkg->architecture); - opkg_set_current_state (conf, OPKG_STATE_DOWNLOADING_PKG, pkgid); - free (pkgid); - - sprintf_alloc(&url, "%s/%s", pkg->src->value, pkg->filename); - - /* XXX: BUG: The pkg->filename might be something like - "../../foo.opk". While this is correct, and exactly what we - want to use to construct url above, here we actually need to - use just the filename part, without any directory. */ - - stripped_filename = strrchr(pkg->filename, '/'); - if ( ! stripped_filename ) - stripped_filename = pkg->filename; - - sprintf_alloc(&pkg->local_filename, "%s/%s", dir, stripped_filename); - - err = opkg_download_cache(conf, url, pkg->local_filename, NULL, NULL); - free(url); - - opkg_set_current_state (conf, OPKG_STATE_NONE, NULL); - return err; + int err; + char *url; + char *local_filename; + char *stripped_filename; + char *urlencoded_path; + char *filename; + char *cache_name; + char *cache_location; + + if (pkg->src == NULL) { + opkg_msg(ERROR, + "Package %s is not available from any configured src.\n", + pkg->name); + return -1; + } + + filename = pkg_get_string(pkg, PKG_FILENAME); + + if (filename == NULL) { + opkg_msg(ERROR, + "Package %s does not have a valid filename field.\n", + pkg->name); + return -1; + } + + urlencoded_path = urlencode_path(filename); + sprintf_alloc(&url, "%s/%s", pkg->src->value, urlencoded_path); + free(urlencoded_path); + + /* The filename might be something like + "../../foo.opk". While this is correct, and exactly what we + want to use to construct url above, here we actually need to + use just the filename part, without any directory. */ + + stripped_filename = strrchr(filename, '/'); + if (!stripped_filename) + stripped_filename = filename; + + sprintf_alloc(&local_filename, "%s/%s", dir, stripped_filename); + pkg_set_string(pkg, PKG_LOCAL_FILENAME, local_filename); + + /* Invalidate/remove cached package if it has an incorrect checksum. */ + if (conf->cache) { + cache_name = get_cache_filename(local_filename); + sprintf_alloc(&cache_location, "%s/%s", conf->cache, cache_name); + free(cache_name); + if (file_exists(cache_location)) { + err = opkg_verify_integrity(pkg, cache_location); + if (err) { + opkg_msg(NOTICE, + "Removing %s from cache because it has incorrect checksum.\n", + pkg->name); + unlink(cache_location); + } + } + free(cache_location); + } + + err = opkg_download_cache(url, local_filename); + free(url); + + return err; } /* - * Downloads file from url, installs in package database, return package name. + * Downloads file from url, installs in package database, return package name. */ -int opkg_prepare_url_for_install(opkg_conf_t *conf, const char *url, char **namep) +int opkg_prepare_url_for_install(const char *url, char **namep) { - int err = 0; - pkg_t *pkg; - pkg = pkg_new(); - if (pkg == NULL) - return ENOMEM; - - if (str_starts_with(url, "http://") - || str_starts_with(url, "ftp://")) { - char *tmp_file; - char *file_basec = strdup(url); - char *file_base = basename(file_basec); - - sprintf_alloc(&tmp_file, "%s/%s", conf->tmp_dir, file_base); - err = opkg_download(conf, url, tmp_file, NULL, NULL); - if (err) - return err; - - err = pkg_init_from_file(pkg, tmp_file); - if (err) - return err; - pkg->local_filename = strdup(tmp_file); - - free(tmp_file); - free(file_basec); - - } else if (strcmp(&url[strlen(url) - 4], OPKG_PKG_EXTENSION) == 0 - || strcmp(&url[strlen(url) - 4], IPKG_PKG_EXTENSION) == 0 - || strcmp(&url[strlen(url) - 4], DPKG_PKG_EXTENSION) == 0) { - - err = pkg_init_from_file(pkg, url); - if (err) - return err; - pkg->local_filename = strdup(url); - opkg_message(conf, OPKG_DEBUG2, "Package %s provided by hand (%s).\n", pkg->name,pkg->local_filename); - pkg->provided_by_hand = 1; - - } else { - pkg_deinit(pkg); - free(pkg); - return 0; - } - - if (!pkg->architecture) { - opkg_message(conf, OPKG_ERROR, "Package %s has no Architecture defined.\n", pkg->name); - return -EINVAL; - } - - pkg->dest = conf->default_dest; - pkg->state_want = SW_INSTALL; - pkg->state_flag |= SF_PREFER; - pkg = hash_insert_pkg(&conf->pkg_hash, pkg, 1,conf); - if ( pkg == NULL ){ - fprintf(stderr, "%s : This should never happen. Report this Bug in bugzilla please \n ",__FUNCTION__); - return 0; - } - if (namep) { - *namep = strdup(pkg->name); - } - return 0; -} - -int -opkg_verify_file (opkg_conf_t *conf, char *text_file, char *sig_file) -{ -#if defined HAVE_GPGME - if (conf->check_signature == 0 ) - return 0; - int status = -1; - gpgme_ctx_t ctx; - gpgme_data_t sig, text, key; - gpgme_error_t err = -1; - gpgme_verify_result_t result; - gpgme_signature_t s; - char *trusted_path = NULL; - - err = gpgme_new (&ctx); - - if (err) - return -1; - - sprintf_alloc(&trusted_path, "%s/%s", conf->offline_root, "/etc/opkg/trusted.gpg"); - err = gpgme_data_new_from_file (&key, trusted_path, 1); - free (trusted_path); - if (err) - { - return -1; - } - err = gpgme_op_import (ctx, key); - if (err) - { - gpgme_data_release (key); - return -1; - } - gpgme_data_release (key); - - err = gpgme_data_new_from_file (&sig, sig_file, 1); - if (err) - { - gpgme_release (ctx); - return -1; - } - - err = gpgme_data_new_from_file (&text, text_file, 1); - if (err) - { - gpgme_data_release (sig); - gpgme_release (ctx); - return -1; - } - - err = gpgme_op_verify (ctx, sig, text, NULL); - - result = gpgme_op_verify_result (ctx); - if (!result) - return -1; - - /* see if any of the signitures matched */ - s = result->signatures; - while (s) - { - status = gpg_err_code (s->status); - if (status == GPG_ERR_NO_ERROR) - break; - s = s->next; - } - - - gpgme_data_release (sig); - gpgme_data_release (text); - gpgme_release (ctx); - - return status; -#elif defined HAVE_OPENSSL - X509_STORE *store = NULL; - PKCS7 *p7 = NULL; - BIO *in = NULL, *indata = NULL; - - // Sig check failed by default ! - int status = -1; - - init_openssl(); - - // Set-up the key store - if(!(store = setup_verify(conf, conf->signature_ca_file, conf->signature_ca_path))){ - opkg_message(conf, OPKG_ERROR, - "Can't open CA certificates\n"); - goto verify_file_end; - } - - // Open a BIO to read the sig file - if (!(in = BIO_new_file(sig_file, "rb"))){ - opkg_message(conf, OPKG_ERROR, - "Can't open signature file %s\n", sig_file); - goto verify_file_end; - } - - // Read the PKCS7 block contained in the sig file - p7 = PEM_read_bio_PKCS7(in, NULL, NULL, NULL); - if(!p7){ - opkg_message(conf, OPKG_ERROR, - "Can't read signature file (Corrupted ?)\n"); - goto verify_file_end; - } - - // Open the Package file to authenticate - if (!(indata = BIO_new_file(text_file, "rb"))){ - opkg_message(conf, OPKG_ERROR, - "Can't open file %s\n", text_file); - goto verify_file_end; - } - - // Let's verify the autenticity ! - if (PKCS7_verify(p7, NULL, store, indata, NULL, PKCS7_BINARY) != 1){ - // Get Off My Lawn! - opkg_message(conf, OPKG_ERROR, - "Verification failure\n"); - }else{ - // Victory ! - status = 0; - } - -verify_file_end: - BIO_free(in); - BIO_free(indata); - PKCS7_free(p7); - X509_STORE_free(store); - - return status; -#else - /* mute `unused variable' warnings. */ - (void) sig_file; - (void) text_file; - (void) conf; - return 0; -#endif -} - + int err = 0; + pkg_t *pkg; + abstract_pkg_t *ab_pkg; + + pkg = pkg_new(); + + if (str_starts_with(url, "http://") + || str_starts_with(url, "ftp://")) { + char *tmp_file; + char *file_basec = xstrdup(url); + char *file_base = basename(file_basec); + + sprintf_alloc(&tmp_file, "%s/%s", conf->tmp_dir, file_base); + err = opkg_download(url, tmp_file, 0); + if (err) + return err; + + err = pkg_init_from_file(pkg, tmp_file); + if (err) + return err; + + free(tmp_file); + free(file_basec); + + } else if (strcmp(&url[strlen(url) - 4], OPKG_PKG_EXTENSION) == 0 + || strcmp(&url[strlen(url) - 4], IPKG_PKG_EXTENSION) == 0 + || strcmp(&url[strlen(url) - 4], DPKG_PKG_EXTENSION) == 0) { + + err = pkg_init_from_file(pkg, url); + if (err) + return err; + opkg_msg(DEBUG2, "Package %s provided by hand (%s).\n", + pkg->name, pkg_get_string(pkg, PKG_LOCAL_FILENAME)); + pkg->provided_by_hand = 1; + + } else { + ab_pkg = ensure_abstract_pkg_by_name(url); + + if (!(ab_pkg->state_flag & SF_NEED_DETAIL)) { + opkg_msg(DEBUG, "applying abpkg flag to %s\n", ab_pkg->name); + ab_pkg->state_flag |= SF_NEED_DETAIL; + } + + pkg_deinit(pkg); + free(pkg); + return 0; + } -#if defined HAVE_OPENSSL -static X509_STORE *setup_verify(opkg_conf_t *conf, char *CAfile, char *CApath){ - X509_STORE *store = NULL; - X509_LOOKUP *lookup = NULL; - - if(!(store = X509_STORE_new())){ - // Something bad is happening... - goto end; - } - - // adds the X509 file lookup method - lookup = X509_STORE_add_lookup(store,X509_LOOKUP_file()); - if (lookup == NULL){ - goto end; - } - - // Autenticating against one CA file - if (CAfile) { - if(!X509_LOOKUP_load_file(lookup,CAfile,X509_FILETYPE_PEM)) { - // Invalid CA => Bye bye - opkg_message(conf, OPKG_ERROR, - "Error loading file %s\n", CAfile); - goto end; - } - } else { - X509_LOOKUP_load_file(lookup,NULL,X509_FILETYPE_DEFAULT); - } - - // Now look into CApath directory if supplied - lookup = X509_STORE_add_lookup(store,X509_LOOKUP_hash_dir()); - if (lookup == NULL){ - goto end; - } - - if (CApath) { - if(!X509_LOOKUP_add_dir(lookup,CApath,X509_FILETYPE_PEM)) { - opkg_message(conf, OPKG_ERROR, - "Error loading directory %s\n", CApath); - goto end; - } - } else { - X509_LOOKUP_add_dir(lookup,NULL,X509_FILETYPE_DEFAULT); - } - - // All right ! - ERR_clear_error(); - return store; - -end: - - X509_STORE_free(store); - return NULL; + pkg->dest = conf->default_dest; + pkg->state_want = SW_INSTALL; + pkg->state_flag |= SF_PREFER; + hash_insert_pkg(pkg, 1); + if (namep) { + *namep = xstrdup(pkg->name); + } + return 0; } -static void init_openssl(void){ - static int init = 0; +int opkg_verify_file(char *text_file, char *sig_file) +{ +#if defined HAVE_USIGN + const char *argv[] = { conf->verify_program, "verify", sig_file, + text_file, NULL }; - if(!init){ - OpenSSL_add_all_algorithms(); - ERR_load_crypto_strings(); - init = 1; - } -} + return xsystem(argv) ? -1 : 0; +#else + /* mute `unused variable' warnings. */ + (void)sig_file; + (void)text_file; + (void)conf; + return 0; #endif +}