Chromium Code Reviews| OLD | NEW |
|---|---|
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/net/certificate_error_reporter.h" | 5 #include "chrome/browser/net/certificate_error_reporter.h" |
| 6 | 6 |
| 7 #include <set> | 7 #include <set> |
| 8 #include <string> | 8 #include <string> |
| 9 | 9 |
| 10 #include "base/bind.h" | 10 #include "base/bind.h" |
| 11 #include "base/bind_helpers.h" | 11 #include "base/bind_helpers.h" |
| 12 #include "base/files/file_path.h" | 12 #include "base/files/file_path.h" |
| 13 #include "base/files/file_util.h" | 13 #include "base/files/file_util.h" |
| 14 #include "base/macros.h" | 14 #include "base/macros.h" |
| 15 #include "base/message_loop/message_loop.h" | 15 #include "base/message_loop/message_loop.h" |
| 16 #include "base/path_service.h" | 16 #include "base/path_service.h" |
| 17 #include "base/run_loop.h" | 17 #include "base/run_loop.h" |
| 18 #include "base/thread_task_runner_handle.h" | 18 #include "base/thread_task_runner_handle.h" |
| 19 #include "chrome/browser/net/cert_logger.pb.h" | 19 #include "chrome/browser/net/cert_logger.pb.h" |
| 20 #include "chrome/common/chrome_paths.h" | 20 #include "chrome/common/chrome_paths.h" |
| 21 #include "content/public/browser/browser_thread.h" | 21 #include "content/public/browser/browser_thread.h" |
| 22 #include "crypto/curve25519.h" | |
| 22 #include "net/base/load_flags.h" | 23 #include "net/base/load_flags.h" |
| 23 #include "net/base/network_delegate_impl.h" | 24 #include "net/base/network_delegate_impl.h" |
| 24 #include "net/base/test_data_directory.h" | 25 #include "net/base/test_data_directory.h" |
| 25 #include "net/base/upload_bytes_element_reader.h" | 26 #include "net/base/upload_bytes_element_reader.h" |
| 26 #include "net/base/upload_data_stream.h" | 27 #include "net/base/upload_data_stream.h" |
| 27 #include "net/base/upload_element_reader.h" | 28 #include "net/base/upload_element_reader.h" |
| 28 #include "net/test/cert_test_util.h" | 29 #include "net/test/cert_test_util.h" |
| 29 #include "net/test/url_request/url_request_failed_job.h" | 30 #include "net/test/url_request/url_request_failed_job.h" |
| 30 #include "net/test/url_request/url_request_mock_data_job.h" | 31 #include "net/test/url_request/url_request_mock_data_job.h" |
| 31 #include "net/test/url_request/url_request_mock_http_job.h" | 32 #include "net/test/url_request/url_request_mock_http_job.h" |
| 32 #include "net/url_request/url_request_filter.h" | 33 #include "net/url_request/url_request_filter.h" |
| 33 #include "net/url_request/url_request_test_util.h" | 34 #include "net/url_request/url_request_test_util.h" |
| 34 #include "testing/gtest/include/gtest/gtest.h" | 35 #include "testing/gtest/include/gtest/gtest.h" |
| 35 | 36 |
| 36 using chrome_browser_net::CertificateErrorReporter; | 37 using chrome_browser_net::CertificateErrorReporter; |
| 37 using content::BrowserThread; | 38 using content::BrowserThread; |
| 38 using net::CompletionCallback; | 39 using net::CompletionCallback; |
| 39 using net::SSLInfo; | 40 using net::SSLInfo; |
| 40 using net::NetworkDelegateImpl; | 41 using net::NetworkDelegateImpl; |
| 41 using net::TestURLRequestContext; | 42 using net::TestURLRequestContext; |
| 42 using net::URLRequest; | 43 using net::URLRequest; |
| 43 | 44 |
| 44 namespace { | 45 namespace { |
| 45 | 46 |
| 46 const char kHostname[] = "test.mail.google.com"; | 47 const char kHostname[] = "test.mail.google.com"; |
| 47 const char kSecondRequestHostname[] = "test2.mail.google.com"; | 48 const char kSecondRequestHostname[] = "test2.mail.google.com"; |
| 48 const char kDummyFailureLog[] = "dummy failure log"; | 49 const char kDummyFailureLog[] = "dummy failure log"; |
| 49 const char kTestCertFilename[] = "test_mail_google_com.pem"; | 50 const char kTestCertFilename[] = "test_mail_google_com.pem"; |
| 51 const uint32 kServerPublicKeyVersion = 1; | |
| 50 | 52 |
| 51 SSLInfo GetTestSSLInfo() { | 53 SSLInfo GetTestSSLInfo() { |
| 52 SSLInfo info; | 54 SSLInfo info; |
| 53 info.cert = | 55 info.cert = |
| 54 net::ImportCertFromFile(net::GetTestCertsDirectory(), kTestCertFilename); | 56 net::ImportCertFromFile(net::GetTestCertsDirectory(), kTestCertFilename); |
| 55 info.is_issued_by_known_root = true; | 57 info.is_issued_by_known_root = true; |
| 56 info.pinning_failure_log = kDummyFailureLog; | 58 info.pinning_failure_log = kDummyFailureLog; |
| 57 return info; | 59 return info; |
| 58 } | 60 } |
| 59 | 61 |
| (...skipping 16 matching lines...) Expand all Loading... | |
| 76 net::URLRequestMockHTTPJob::AddUrlHandlers(root_http, | 78 net::URLRequestMockHTTPJob::AddUrlHandlers(root_http, |
| 77 BrowserThread::GetBlockingPool()); | 79 BrowserThread::GetBlockingPool()); |
| 78 net::URLRequestMockDataJob::AddUrlHandler(); | 80 net::URLRequestMockDataJob::AddUrlHandler(); |
| 79 } | 81 } |
| 80 | 82 |
| 81 // Check that data uploaded in the request matches the test data (an SSL | 83 // Check that data uploaded in the request matches the test data (an SSL |
| 82 // report for one of the given hostnames, with the info returned by | 84 // report for one of the given hostnames, with the info returned by |
| 83 // |GetTestSSLInfo()|). The hostname sent in the report will be erased | 85 // |GetTestSSLInfo()|). The hostname sent in the report will be erased |
| 84 // from |expect_hostnames|. | 86 // from |expect_hostnames|. |
| 85 void CheckUploadData(URLRequest* request, | 87 void CheckUploadData(URLRequest* request, |
| 86 std::set<std::string>* expect_hostnames) { | 88 std::set<std::string>* expect_hostnames, |
| 89 bool encrypted, | |
| 90 const uint8* server_private_key) { | |
| 87 const net::UploadDataStream* upload = request->get_upload(); | 91 const net::UploadDataStream* upload = request->get_upload(); |
| 88 ASSERT_TRUE(upload); | 92 ASSERT_TRUE(upload); |
| 89 ASSERT_TRUE(upload->GetElementReaders()); | 93 ASSERT_TRUE(upload->GetElementReaders()); |
| 90 EXPECT_EQ(1u, upload->GetElementReaders()->size()); | 94 EXPECT_EQ(1u, upload->GetElementReaders()->size()); |
| 91 | 95 |
| 92 const net::UploadBytesElementReader* reader = | 96 const net::UploadBytesElementReader* reader = |
| 93 (*upload->GetElementReaders())[0]->AsBytesReader(); | 97 (*upload->GetElementReaders())[0]->AsBytesReader(); |
| 94 ASSERT_TRUE(reader); | 98 ASSERT_TRUE(reader); |
| 95 std::string upload_data(reader->bytes(), reader->length()); | 99 std::string upload_data(reader->bytes(), reader->length()); |
| 100 | |
| 96 chrome_browser_net::CertLoggerRequest uploaded_request; | 101 chrome_browser_net::CertLoggerRequest uploaded_request; |
| 97 | 102 #if defined(USE_OPENSSL) |
| 103 if (encrypted) { | |
| 104 chrome_browser_net::EncryptedCertLoggerRequest encrypted_request; | |
| 105 encrypted_request.ParseFromString(upload_data); | |
| 106 EXPECT_EQ(kServerPublicKeyVersion, | |
| 107 encrypted_request.server_public_key_version()); | |
| 108 EXPECT_EQ(chrome_browser_net::EncryptedCertLoggerRequest:: | |
| 109 AEAD_ECDH_AES_128_CTR_HMAC_SHA256, | |
| 110 encrypted_request.algorithm()); | |
| 111 ASSERT_TRUE(chrome_browser_net::DecryptCertificateErrorReport( | |
| 112 server_private_key, encrypted_request, &uploaded_request)); | |
| 113 } else { | |
| 114 uploaded_request.ParseFromString(upload_data); | |
|
agl
2015/04/21 20:28:25
check return value?
estark
2015/04/22 03:55:30
Done (and line 117)
| |
| 115 } | |
| 116 #else | |
| 98 uploaded_request.ParseFromString(upload_data); | 117 uploaded_request.ParseFromString(upload_data); |
| 118 #endif | |
| 99 | 119 |
| 100 EXPECT_EQ(1u, expect_hostnames->count(uploaded_request.hostname())); | 120 EXPECT_EQ(1u, expect_hostnames->count(uploaded_request.hostname())); |
| 101 expect_hostnames->erase(uploaded_request.hostname()); | 121 expect_hostnames->erase(uploaded_request.hostname()); |
| 102 | 122 |
| 103 EXPECT_EQ(GetPEMEncodedChain(), uploaded_request.cert_chain()); | 123 EXPECT_EQ(GetPEMEncodedChain(), uploaded_request.cert_chain()); |
| 104 EXPECT_EQ(1, uploaded_request.pin().size()); | 124 EXPECT_EQ(1, uploaded_request.pin().size()); |
| 105 EXPECT_EQ(kDummyFailureLog, uploaded_request.pin().Get(0)); | 125 EXPECT_EQ(kDummyFailureLog, uploaded_request.pin().Get(0)); |
| 106 } | 126 } |
| 107 | 127 |
| 108 // A network delegate that lets tests check that a certificate error | 128 // A network delegate that lets tests check that a certificate error |
| 109 // report was sent. It counts the number of requests and lets tests | 129 // report was sent. It counts the number of requests and lets tests |
| 110 // register a callback to run when the request is destroyed. It also | 130 // register a callback to run when the request is destroyed. It also |
| 111 // checks that the uploaded data is as expected (a report for | 131 // checks that the uploaded data is as expected (a report for |
| 112 // |kHostname| and |GetTestSSLInfo()|). | 132 // |kHostname| and |GetTestSSLInfo()|). |
| 113 class TestCertificateErrorReporterNetworkDelegate : public NetworkDelegateImpl { | 133 class TestCertificateErrorReporterNetworkDelegate : public NetworkDelegateImpl { |
| 114 public: | 134 public: |
| 115 TestCertificateErrorReporterNetworkDelegate() | 135 TestCertificateErrorReporterNetworkDelegate() |
| 116 : url_request_destroyed_callback_(base::Bind(&base::DoNothing)), | 136 : url_request_destroyed_callback_(base::Bind(&base::DoNothing)), |
| 117 all_url_requests_destroyed_callback_(base::Bind(&base::DoNothing)), | 137 all_url_requests_destroyed_callback_(base::Bind(&base::DoNothing)), |
| 118 num_requests_(0), | 138 num_requests_(0), |
| 119 expect_cookies_(false) {} | 139 expect_cookies_(false), |
| 140 expect_request_encrypted_(false) { | |
| 141 memset(server_private_key_, 1, sizeof(server_private_key_)); | |
| 142 crypto::curve25519::ScalarBaseMult(server_private_key_, server_public_key_); | |
| 143 } | |
| 120 | 144 |
| 121 ~TestCertificateErrorReporterNetworkDelegate() override {} | 145 ~TestCertificateErrorReporterNetworkDelegate() override {} |
| 122 | 146 |
| 123 void ExpectHostname(const std::string& hostname) { | 147 void ExpectHostname(const std::string& hostname) { |
| 124 expect_hostnames_.insert(hostname); | 148 expect_hostnames_.insert(hostname); |
| 125 } | 149 } |
| 126 | 150 |
| 127 void set_all_url_requests_destroyed_callback( | 151 void set_all_url_requests_destroyed_callback( |
| 128 const base::Closure& all_url_requests_destroyed_callback) { | 152 const base::Closure& all_url_requests_destroyed_callback) { |
| 129 all_url_requests_destroyed_callback_ = all_url_requests_destroyed_callback; | 153 all_url_requests_destroyed_callback_ = all_url_requests_destroyed_callback; |
| 130 } | 154 } |
| 131 | 155 |
| 132 void set_url_request_destroyed_callback( | 156 void set_url_request_destroyed_callback( |
| 133 const base::Closure& url_request_destroyed_callback) { | 157 const base::Closure& url_request_destroyed_callback) { |
| 134 url_request_destroyed_callback_ = url_request_destroyed_callback; | 158 url_request_destroyed_callback_ = url_request_destroyed_callback; |
| 135 } | 159 } |
| 136 | 160 |
| 137 void set_expect_url(const GURL& expect_url) { expect_url_ = expect_url; } | 161 void set_expect_url(const GURL& expect_url) { expect_url_ = expect_url; } |
| 138 | 162 |
| 139 int num_requests() const { return num_requests_; } | 163 int num_requests() const { return num_requests_; } |
| 140 | 164 |
| 141 // Sets whether cookies are expected to be sent on requests. If set to | 165 // Sets whether cookies are expected to be sent on requests. If set to |
| 142 // true, then |OnHeadersReceived| will expect a cookie | 166 // true, then |OnHeadersReceived| will expect a cookie |
| 143 // "cookie_name=cookie_value". | 167 // "cookie_name=cookie_value". |
| 144 void set_expect_cookies(bool expect_cookies) { | 168 void set_expect_cookies(bool expect_cookies) { |
| 145 expect_cookies_ = expect_cookies; | 169 expect_cookies_ = expect_cookies; |
| 146 } | 170 } |
| 147 | 171 |
| 172 void set_expect_request_encrypted(bool expect_request_encrypted) { | |
| 173 expect_request_encrypted_ = expect_request_encrypted; | |
| 174 } | |
| 175 | |
| 148 // NetworkDelegateImpl implementation | 176 // NetworkDelegateImpl implementation |
| 149 int OnBeforeURLRequest(URLRequest* request, | 177 int OnBeforeURLRequest(URLRequest* request, |
| 150 const CompletionCallback& callback, | 178 const CompletionCallback& callback, |
| 151 GURL* new_url) override { | 179 GURL* new_url) override { |
| 152 num_requests_++; | 180 num_requests_++; |
| 153 EXPECT_EQ(expect_url_, request->url()); | 181 EXPECT_EQ(expect_url_, request->url()); |
| 154 EXPECT_EQ("POST", request->method()); | 182 EXPECT_EQ("POST", request->method()); |
| 155 | 183 |
| 156 if (expect_cookies_) { | 184 if (expect_cookies_) { |
| 157 EXPECT_FALSE(request->load_flags() & net::LOAD_DO_NOT_SEND_COOKIES); | 185 EXPECT_FALSE(request->load_flags() & net::LOAD_DO_NOT_SEND_COOKIES); |
| 158 EXPECT_FALSE(request->load_flags() & net::LOAD_DO_NOT_SAVE_COOKIES); | 186 EXPECT_FALSE(request->load_flags() & net::LOAD_DO_NOT_SAVE_COOKIES); |
| 159 } else { | 187 } else { |
| 160 EXPECT_TRUE(request->load_flags() & net::LOAD_DO_NOT_SEND_COOKIES); | 188 EXPECT_TRUE(request->load_flags() & net::LOAD_DO_NOT_SEND_COOKIES); |
| 161 EXPECT_TRUE(request->load_flags() & net::LOAD_DO_NOT_SAVE_COOKIES); | 189 EXPECT_TRUE(request->load_flags() & net::LOAD_DO_NOT_SAVE_COOKIES); |
| 162 } | 190 } |
| 163 | 191 |
| 164 std::string uploaded_request_hostname; | 192 std::string uploaded_request_hostname; |
| 165 CheckUploadData(request, &expect_hostnames_); | 193 CheckUploadData(request, &expect_hostnames_, expect_request_encrypted_, |
| 194 server_private_key_); | |
| 166 expect_hostnames_.erase(uploaded_request_hostname); | 195 expect_hostnames_.erase(uploaded_request_hostname); |
| 167 return net::OK; | 196 return net::OK; |
| 168 } | 197 } |
| 169 | 198 |
| 170 void OnURLRequestDestroyed(URLRequest* request) override { | 199 void OnURLRequestDestroyed(URLRequest* request) override { |
| 171 url_request_destroyed_callback_.Run(); | 200 url_request_destroyed_callback_.Run(); |
| 172 if (expect_hostnames_.empty()) | 201 if (expect_hostnames_.empty()) |
| 173 all_url_requests_destroyed_callback_.Run(); | 202 all_url_requests_destroyed_callback_.Run(); |
| 174 } | 203 } |
| 175 | 204 |
| 205 const uint8* server_public_key() { return server_public_key_; } | |
| 206 | |
| 176 private: | 207 private: |
| 177 base::Closure url_request_destroyed_callback_; | 208 base::Closure url_request_destroyed_callback_; |
| 178 base::Closure all_url_requests_destroyed_callback_; | 209 base::Closure all_url_requests_destroyed_callback_; |
| 179 int num_requests_; | 210 int num_requests_; |
| 180 GURL expect_url_; | 211 GURL expect_url_; |
| 181 std::set<std::string> expect_hostnames_; | 212 std::set<std::string> expect_hostnames_; |
| 182 bool expect_cookies_; | 213 bool expect_cookies_; |
| 214 bool expect_request_encrypted_; | |
| 215 | |
| 216 uint8 server_public_key_[32]; | |
| 217 uint8 server_private_key_[32]; | |
| 183 | 218 |
| 184 DISALLOW_COPY_AND_ASSIGN(TestCertificateErrorReporterNetworkDelegate); | 219 DISALLOW_COPY_AND_ASSIGN(TestCertificateErrorReporterNetworkDelegate); |
| 185 }; | 220 }; |
| 186 | 221 |
| 187 class CertificateErrorReporterTest : public ::testing::Test { | 222 class CertificateErrorReporterTest : public ::testing::Test { |
| 188 public: | 223 public: |
| 189 CertificateErrorReporterTest() : context_(true) { | 224 CertificateErrorReporterTest() : context_(true) { |
| 190 EnableUrlRequestMocks(true); | 225 EnableUrlRequestMocks(true); |
| 191 context_.set_network_delegate(&network_delegate_); | 226 context_.set_network_delegate(&network_delegate_); |
| 192 context_.Init(); | 227 context_.Init(); |
| (...skipping 37 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 230 // for the endpoint and sends the expected data. | 265 // for the endpoint and sends the expected data. |
| 231 TEST_F(CertificateErrorReporterTest, PinningViolationSendReportSendsRequest) { | 266 TEST_F(CertificateErrorReporterTest, PinningViolationSendReportSendsRequest) { |
| 232 GURL url = net::URLRequestMockDataJob::GetMockHttpsUrl("dummy data", 1); | 267 GURL url = net::URLRequestMockDataJob::GetMockHttpsUrl("dummy data", 1); |
| 233 CertificateErrorReporter reporter( | 268 CertificateErrorReporter reporter( |
| 234 context(), url, CertificateErrorReporter::DO_NOT_SEND_COOKIES); | 269 context(), url, CertificateErrorReporter::DO_NOT_SEND_COOKIES); |
| 235 SendReport(&reporter, network_delegate(), kHostname, url, 0, | 270 SendReport(&reporter, network_delegate(), kHostname, url, 0, |
| 236 CertificateErrorReporter::REPORT_TYPE_PINNING_VIOLATION); | 271 CertificateErrorReporter::REPORT_TYPE_PINNING_VIOLATION); |
| 237 } | 272 } |
| 238 | 273 |
| 239 TEST_F(CertificateErrorReporterTest, ExtendedReportingSendReportSendsRequest) { | 274 TEST_F(CertificateErrorReporterTest, ExtendedReportingSendReportSendsRequest) { |
| 240 GURL url = net::URLRequestMockDataJob::GetMockHttpsUrl("dummy data", 1); | 275 // Data should not be encrypted when sent to an HTTPS URL. |
| 241 CertificateErrorReporter reporter( | 276 GURL https_url = net::URLRequestMockDataJob::GetMockHttpsUrl("dummy data", 1); |
| 242 context(), url, CertificateErrorReporter::DO_NOT_SEND_COOKIES); | 277 CertificateErrorReporter https_reporter( |
| 243 SendReport(&reporter, network_delegate(), kHostname, url, 0, | 278 context(), https_url, CertificateErrorReporter::DO_NOT_SEND_COOKIES); |
| 279 network_delegate()->set_expect_request_encrypted(false); | |
| 280 SendReport(&https_reporter, network_delegate(), kHostname, https_url, 0, | |
| 244 CertificateErrorReporter::REPORT_TYPE_EXTENDED_REPORTING); | 281 CertificateErrorReporter::REPORT_TYPE_EXTENDED_REPORTING); |
| 282 | |
| 283 // Data should be encrypted when sent to an HTTP URL. | |
| 284 if (CertificateErrorReporter::IsHttpUploadUrlSupported()) { | |
| 285 GURL http_url = net::URLRequestMockDataJob::GetMockHttpUrl("dummy data", 1); | |
| 286 CertificateErrorReporter http_reporter( | |
| 287 context(), http_url, CertificateErrorReporter::DO_NOT_SEND_COOKIES, | |
| 288 network_delegate()->server_public_key(), kServerPublicKeyVersion); | |
| 289 network_delegate()->set_expect_request_encrypted(true); | |
| 290 SendReport(&http_reporter, network_delegate(), kHostname, http_url, 1, | |
| 291 CertificateErrorReporter::REPORT_TYPE_EXTENDED_REPORTING); | |
| 292 } | |
| 245 } | 293 } |
| 246 | 294 |
| 247 TEST_F(CertificateErrorReporterTest, SendMultipleReportsSequentially) { | 295 TEST_F(CertificateErrorReporterTest, SendMultipleReportsSequentially) { |
| 248 GURL url = net::URLRequestMockDataJob::GetMockHttpsUrl("dummy data", 1); | 296 GURL url = net::URLRequestMockDataJob::GetMockHttpsUrl("dummy data", 1); |
| 249 CertificateErrorReporter reporter( | 297 CertificateErrorReporter reporter( |
| 250 context(), url, CertificateErrorReporter::DO_NOT_SEND_COOKIES); | 298 context(), url, CertificateErrorReporter::DO_NOT_SEND_COOKIES); |
| 251 SendReport(&reporter, network_delegate(), kHostname, url, 0, | 299 SendReport(&reporter, network_delegate(), kHostname, url, 0, |
| 252 CertificateErrorReporter::REPORT_TYPE_PINNING_VIOLATION); | 300 CertificateErrorReporter::REPORT_TYPE_PINNING_VIOLATION); |
| 253 SendReport(&reporter, network_delegate(), kSecondRequestHostname, url, 1, | 301 SendReport(&reporter, network_delegate(), kSecondRequestHostname, url, 1, |
| 254 CertificateErrorReporter::REPORT_TYPE_PINNING_VIOLATION); | 302 CertificateErrorReporter::REPORT_TYPE_PINNING_VIOLATION); |
| (...skipping 76 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 331 GURL url = net::URLRequestMockDataJob::GetMockHttpsUrl("dummy data", 1); | 379 GURL url = net::URLRequestMockDataJob::GetMockHttpsUrl("dummy data", 1); |
| 332 CertificateErrorReporter reporter( | 380 CertificateErrorReporter reporter( |
| 333 context(), url, CertificateErrorReporter::DO_NOT_SEND_COOKIES); | 381 context(), url, CertificateErrorReporter::DO_NOT_SEND_COOKIES); |
| 334 | 382 |
| 335 network_delegate()->set_expect_cookies(false); | 383 network_delegate()->set_expect_cookies(false); |
| 336 SendReport(&reporter, network_delegate(), kHostname, url, 0, | 384 SendReport(&reporter, network_delegate(), kHostname, url, 0, |
| 337 CertificateErrorReporter::REPORT_TYPE_PINNING_VIOLATION); | 385 CertificateErrorReporter::REPORT_TYPE_PINNING_VIOLATION); |
| 338 } | 386 } |
| 339 | 387 |
| 340 } // namespace | 388 } // namespace |
| OLD | NEW |