Mercurial > hg > nginx
annotate src/core/ngx_inet.h @ 7360:8f25a44d9add
SSL: logging level of "no suitable key share".
The "no suitable key share" errors are reported by OpenSSL 1.1.1 when
using TLSv1.3 if there are no shared groups (that is, elliptic curves).
In particular, it is easy enough to trigger by using only a single
curve in ssl_ecdh_curve:
ssl_ecdh_curve secp384r1;
and using a different curve in the client:
openssl s_client -connect 127.0.0.1:443 -curves prime256v1
On the client side it is seen as "sslv3 alert handshake failure",
"SSL alert number 40":
0:error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure:ssl/record/rec_layer_s3.c:1528:SSL alert number 40
It can be also triggered with default ssl_ecdh_curve by using a curve
which is not in the default list (X25519, prime256v1, X448, secp521r1,
secp384r1):
openssl s_client -connect 127.0.0.1:8443 -curves brainpoolP512r1
Given that many clients hardcode prime256v1, these errors might become
a common problem with TLSv1.3 if ssl_ecdh_curve is redefined. Previously
this resulted in not using ECDH with such clients, but with TLSv1.3 it
is no longer possible and will result in a handshake failure.
The SSL_R_NO_SHARED_GROUP error is what BoringSSL returns in the same
situation.
Seen at:
https://serverfault.com/questions/932102/nginx-ssl-handshake-error-no-suitable-key-share
| author | Maxim Dounin <mdounin@mdounin.ru> |
|---|---|
| date | Tue, 25 Sep 2018 13:59:53 +0300 |
| parents | beeac3302e45 |
| children | 4f9b72a229c1 |
| rev | line source |
|---|---|
|
441
da8c5707af39
nginx-0.1.0-2004-09-28-12:34:51 import; set copyright and remove unused files
Igor Sysoev <igor@sysoev.ru>
parents:
340
diff
changeset
|
1 |
|
da8c5707af39
nginx-0.1.0-2004-09-28-12:34:51 import; set copyright and remove unused files
Igor Sysoev <igor@sysoev.ru>
parents:
340
diff
changeset
|
2 /* |
|
444
42d11f017717
nginx-0.1.0-2004-09-29-20:00:49 import; remove years from copyright
Igor Sysoev <igor@sysoev.ru>
parents:
441
diff
changeset
|
3 * Copyright (C) Igor Sysoev |
| 4412 | 4 * Copyright (C) Nginx, Inc. |
|
441
da8c5707af39
nginx-0.1.0-2004-09-28-12:34:51 import; set copyright and remove unused files
Igor Sysoev <igor@sysoev.ru>
parents:
340
diff
changeset
|
5 */ |
|
da8c5707af39
nginx-0.1.0-2004-09-28-12:34:51 import; set copyright and remove unused files
Igor Sysoev <igor@sysoev.ru>
parents:
340
diff
changeset
|
6 |
|
da8c5707af39
nginx-0.1.0-2004-09-28-12:34:51 import; set copyright and remove unused files
Igor Sysoev <igor@sysoev.ru>
parents:
340
diff
changeset
|
7 |
|
26
53cb81681040
nginx-0.0.1-2002-12-15-09:25:09 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
8 #ifndef _NGX_INET_H_INCLUDED_ |
|
53cb81681040
nginx-0.0.1-2002-12-15-09:25:09 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
9 #define _NGX_INET_H_INCLUDED_ |
|
53cb81681040
nginx-0.0.1-2002-12-15-09:25:09 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
10 |
|
53cb81681040
nginx-0.0.1-2002-12-15-09:25:09 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
11 |
| 479 | 12 #include <ngx_config.h> |
| 13 #include <ngx_core.h> | |
| 14 | |
| 15 | |
|
3230
a7491af45540
http listen unix domain sockets
Igor Sysoev <igor@sysoev.ru>
parents:
2856
diff
changeset
|
16 #define NGX_INET_ADDRSTRLEN (sizeof("255.255.255.255") - 1) |
|
a7491af45540
http listen unix domain sockets
Igor Sysoev <igor@sysoev.ru>
parents:
2856
diff
changeset
|
17 #define NGX_INET6_ADDRSTRLEN \ |
|
a7491af45540
http listen unix domain sockets
Igor Sysoev <igor@sysoev.ru>
parents:
2856
diff
changeset
|
18 (sizeof("ffff:ffff:ffff:ffff:ffff:ffff:255.255.255.255") - 1) |
|
a7491af45540
http listen unix domain sockets
Igor Sysoev <igor@sysoev.ru>
parents:
2856
diff
changeset
|
19 #define NGX_UNIX_ADDRSTRLEN \ |
|
7113
beeac3302e45
Fixed the NGX_UNIX_ADDRSTRLEN macro.
Ruslan Ermilov <ru@nginx.com>
parents:
6683
diff
changeset
|
20 (sizeof("unix:") - 1 + \ |
|
beeac3302e45
Fixed the NGX_UNIX_ADDRSTRLEN macro.
Ruslan Ermilov <ru@nginx.com>
parents:
6683
diff
changeset
|
21 sizeof(struct sockaddr_un) - offsetof(struct sockaddr_un, sun_path)) |
|
3230
a7491af45540
http listen unix domain sockets
Igor Sysoev <igor@sysoev.ru>
parents:
2856
diff
changeset
|
22 |
|
a7491af45540
http listen unix domain sockets
Igor Sysoev <igor@sysoev.ru>
parents:
2856
diff
changeset
|
23 #if (NGX_HAVE_UNIX_DOMAIN) |
|
7113
beeac3302e45
Fixed the NGX_UNIX_ADDRSTRLEN macro.
Ruslan Ermilov <ru@nginx.com>
parents:
6683
diff
changeset
|
24 #define NGX_SOCKADDR_STRLEN NGX_UNIX_ADDRSTRLEN |
|
6559
adf25b8d0431
Introduced the ngx_sockaddr_t type.
Ruslan Ermilov <ru@nginx.com>
parents:
6527
diff
changeset
|
25 #elif (NGX_HAVE_INET6) |
|
adf25b8d0431
Introduced the ngx_sockaddr_t type.
Ruslan Ermilov <ru@nginx.com>
parents:
6527
diff
changeset
|
26 #define NGX_SOCKADDR_STRLEN (NGX_INET6_ADDRSTRLEN + sizeof("[]:65535") - 1) |
|
3230
a7491af45540
http listen unix domain sockets
Igor Sysoev <igor@sysoev.ru>
parents:
2856
diff
changeset
|
27 #else |
|
6559
adf25b8d0431
Introduced the ngx_sockaddr_t type.
Ruslan Ermilov <ru@nginx.com>
parents:
6527
diff
changeset
|
28 #define NGX_SOCKADDR_STRLEN (NGX_INET_ADDRSTRLEN + sizeof(":65535") - 1) |
|
3230
a7491af45540
http listen unix domain sockets
Igor Sysoev <igor@sysoev.ru>
parents:
2856
diff
changeset
|
29 #endif |
|
a7491af45540
http listen unix domain sockets
Igor Sysoev <igor@sysoev.ru>
parents:
2856
diff
changeset
|
30 |
|
6559
adf25b8d0431
Introduced the ngx_sockaddr_t type.
Ruslan Ermilov <ru@nginx.com>
parents:
6527
diff
changeset
|
31 /* compatibility */ |
|
adf25b8d0431
Introduced the ngx_sockaddr_t type.
Ruslan Ermilov <ru@nginx.com>
parents:
6527
diff
changeset
|
32 #define NGX_SOCKADDRLEN sizeof(ngx_sockaddr_t) |
|
adf25b8d0431
Introduced the ngx_sockaddr_t type.
Ruslan Ermilov <ru@nginx.com>
parents:
6527
diff
changeset
|
33 |
|
adf25b8d0431
Introduced the ngx_sockaddr_t type.
Ruslan Ermilov <ru@nginx.com>
parents:
6527
diff
changeset
|
34 |
|
adf25b8d0431
Introduced the ngx_sockaddr_t type.
Ruslan Ermilov <ru@nginx.com>
parents:
6527
diff
changeset
|
35 typedef union { |
|
adf25b8d0431
Introduced the ngx_sockaddr_t type.
Ruslan Ermilov <ru@nginx.com>
parents:
6527
diff
changeset
|
36 struct sockaddr sockaddr; |
|
adf25b8d0431
Introduced the ngx_sockaddr_t type.
Ruslan Ermilov <ru@nginx.com>
parents:
6527
diff
changeset
|
37 struct sockaddr_in sockaddr_in; |
|
adf25b8d0431
Introduced the ngx_sockaddr_t type.
Ruslan Ermilov <ru@nginx.com>
parents:
6527
diff
changeset
|
38 #if (NGX_HAVE_INET6) |
|
adf25b8d0431
Introduced the ngx_sockaddr_t type.
Ruslan Ermilov <ru@nginx.com>
parents:
6527
diff
changeset
|
39 struct sockaddr_in6 sockaddr_in6; |
|
adf25b8d0431
Introduced the ngx_sockaddr_t type.
Ruslan Ermilov <ru@nginx.com>
parents:
6527
diff
changeset
|
40 #endif |
|
2521
119ab57ffaa1
fix NGX_SOCKADDRLEN, introduced in r2513
Igor Sysoev <igor@sysoev.ru>
parents:
2512
diff
changeset
|
41 #if (NGX_HAVE_UNIX_DOMAIN) |
|
6559
adf25b8d0431
Introduced the ngx_sockaddr_t type.
Ruslan Ermilov <ru@nginx.com>
parents:
6527
diff
changeset
|
42 struct sockaddr_un sockaddr_un; |
|
2512
2e91aecb9e57
a prelimiary IPv6 support, HTTP listen
Igor Sysoev <igor@sysoev.ru>
parents:
2203
diff
changeset
|
43 #endif |
|
6559
adf25b8d0431
Introduced the ngx_sockaddr_t type.
Ruslan Ermilov <ru@nginx.com>
parents:
6527
diff
changeset
|
44 } ngx_sockaddr_t; |
|
2197
74477ea8074f
*) remove zero termination in ngx_inet_ntop() and ngx_sock_ntop()
Igor Sysoev <igor@sysoev.ru>
parents:
1671
diff
changeset
|
45 |
|
74477ea8074f
*) remove zero termination in ngx_inet_ntop() and ngx_sock_ntop()
Igor Sysoev <igor@sysoev.ru>
parents:
1671
diff
changeset
|
46 |
|
340
0bf903191ceb
nginx-0.0.3-2004-05-25-19:28:46 import
Igor Sysoev <igor@sysoev.ru>
parents:
291
diff
changeset
|
47 typedef struct { |
| 2538 | 48 in_addr_t addr; |
| 49 in_addr_t mask; | |
| 50 } ngx_in_cidr_t; | |
|
2537
a472d954c534
prepare ngx_ptocidr() for IPv6
Igor Sysoev <igor@sysoev.ru>
parents:
2521
diff
changeset
|
51 |
|
a472d954c534
prepare ngx_ptocidr() for IPv6
Igor Sysoev <igor@sysoev.ru>
parents:
2521
diff
changeset
|
52 |
|
a472d954c534
prepare ngx_ptocidr() for IPv6
Igor Sysoev <igor@sysoev.ru>
parents:
2521
diff
changeset
|
53 #if (NGX_HAVE_INET6) |
|
a472d954c534
prepare ngx_ptocidr() for IPv6
Igor Sysoev <igor@sysoev.ru>
parents:
2521
diff
changeset
|
54 |
|
a472d954c534
prepare ngx_ptocidr() for IPv6
Igor Sysoev <igor@sysoev.ru>
parents:
2521
diff
changeset
|
55 typedef struct { |
| 2538 | 56 struct in6_addr addr; |
| 57 struct in6_addr mask; | |
| 58 } ngx_in6_cidr_t; | |
|
2537
a472d954c534
prepare ngx_ptocidr() for IPv6
Igor Sysoev <igor@sysoev.ru>
parents:
2521
diff
changeset
|
59 |
|
a472d954c534
prepare ngx_ptocidr() for IPv6
Igor Sysoev <igor@sysoev.ru>
parents:
2521
diff
changeset
|
60 #endif |
|
a472d954c534
prepare ngx_ptocidr() for IPv6
Igor Sysoev <igor@sysoev.ru>
parents:
2521
diff
changeset
|
61 |
|
a472d954c534
prepare ngx_ptocidr() for IPv6
Igor Sysoev <igor@sysoev.ru>
parents:
2521
diff
changeset
|
62 |
|
a472d954c534
prepare ngx_ptocidr() for IPv6
Igor Sysoev <igor@sysoev.ru>
parents:
2521
diff
changeset
|
63 typedef struct { |
|
a472d954c534
prepare ngx_ptocidr() for IPv6
Igor Sysoev <igor@sysoev.ru>
parents:
2521
diff
changeset
|
64 ngx_uint_t family; |
|
a472d954c534
prepare ngx_ptocidr() for IPv6
Igor Sysoev <igor@sysoev.ru>
parents:
2521
diff
changeset
|
65 union { |
|
a472d954c534
prepare ngx_ptocidr() for IPv6
Igor Sysoev <igor@sysoev.ru>
parents:
2521
diff
changeset
|
66 ngx_in_cidr_t in; |
|
a472d954c534
prepare ngx_ptocidr() for IPv6
Igor Sysoev <igor@sysoev.ru>
parents:
2521
diff
changeset
|
67 #if (NGX_HAVE_INET6) |
|
a472d954c534
prepare ngx_ptocidr() for IPv6
Igor Sysoev <igor@sysoev.ru>
parents:
2521
diff
changeset
|
68 ngx_in6_cidr_t in6; |
|
a472d954c534
prepare ngx_ptocidr() for IPv6
Igor Sysoev <igor@sysoev.ru>
parents:
2521
diff
changeset
|
69 #endif |
|
a472d954c534
prepare ngx_ptocidr() for IPv6
Igor Sysoev <igor@sysoev.ru>
parents:
2521
diff
changeset
|
70 } u; |
|
a472d954c534
prepare ngx_ptocidr() for IPv6
Igor Sysoev <igor@sysoev.ru>
parents:
2521
diff
changeset
|
71 } ngx_cidr_t; |
|
340
0bf903191ceb
nginx-0.0.3-2004-05-25-19:28:46 import
Igor Sysoev <igor@sysoev.ru>
parents:
291
diff
changeset
|
72 |
|
0bf903191ceb
nginx-0.0.3-2004-05-25-19:28:46 import
Igor Sysoev <igor@sysoev.ru>
parents:
291
diff
changeset
|
73 |
|
804
472cd9768ac2
now the "listen" directives use ngx_parse_url()
Igor Sysoev <igor@sysoev.ru>
parents:
663
diff
changeset
|
74 typedef struct { |
|
2537
a472d954c534
prepare ngx_ptocidr() for IPv6
Igor Sysoev <igor@sysoev.ru>
parents:
2521
diff
changeset
|
75 struct sockaddr *sockaddr; |
|
a472d954c534
prepare ngx_ptocidr() for IPv6
Igor Sysoev <igor@sysoev.ru>
parents:
2521
diff
changeset
|
76 socklen_t socklen; |
|
a472d954c534
prepare ngx_ptocidr() for IPv6
Igor Sysoev <igor@sysoev.ru>
parents:
2521
diff
changeset
|
77 ngx_str_t name; |
|
3269
f0d596e84634
rename ngx_peer_addr_t to ngx_addr_t
Igor Sysoev <igor@sysoev.ru>
parents:
3265
diff
changeset
|
78 } ngx_addr_t; |
|
804
472cd9768ac2
now the "listen" directives use ngx_parse_url()
Igor Sysoev <igor@sysoev.ru>
parents:
663
diff
changeset
|
79 |
| 651 | 80 |
| 884 | 81 typedef struct { |
|
2537
a472d954c534
prepare ngx_ptocidr() for IPv6
Igor Sysoev <igor@sysoev.ru>
parents:
2521
diff
changeset
|
82 ngx_str_t url; |
|
a472d954c534
prepare ngx_ptocidr() for IPv6
Igor Sysoev <igor@sysoev.ru>
parents:
2521
diff
changeset
|
83 ngx_str_t host; |
|
a472d954c534
prepare ngx_ptocidr() for IPv6
Igor Sysoev <igor@sysoev.ru>
parents:
2521
diff
changeset
|
84 ngx_str_t port_text; |
|
a472d954c534
prepare ngx_ptocidr() for IPv6
Igor Sysoev <igor@sysoev.ru>
parents:
2521
diff
changeset
|
85 ngx_str_t uri; |
|
804
472cd9768ac2
now the "listen" directives use ngx_parse_url()
Igor Sysoev <igor@sysoev.ru>
parents:
663
diff
changeset
|
86 |
|
2537
a472d954c534
prepare ngx_ptocidr() for IPv6
Igor Sysoev <igor@sysoev.ru>
parents:
2521
diff
changeset
|
87 in_port_t port; |
|
a472d954c534
prepare ngx_ptocidr() for IPv6
Igor Sysoev <igor@sysoev.ru>
parents:
2521
diff
changeset
|
88 in_port_t default_port; |
|
a472d954c534
prepare ngx_ptocidr() for IPv6
Igor Sysoev <igor@sysoev.ru>
parents:
2521
diff
changeset
|
89 int family; |
| 651 | 90 |
|
2537
a472d954c534
prepare ngx_ptocidr() for IPv6
Igor Sysoev <igor@sysoev.ru>
parents:
2521
diff
changeset
|
91 unsigned listen:1; |
|
a472d954c534
prepare ngx_ptocidr() for IPv6
Igor Sysoev <igor@sysoev.ru>
parents:
2521
diff
changeset
|
92 unsigned uri_part:1; |
|
a472d954c534
prepare ngx_ptocidr() for IPv6
Igor Sysoev <igor@sysoev.ru>
parents:
2521
diff
changeset
|
93 unsigned no_resolve:1; |
| 651 | 94 |
|
2537
a472d954c534
prepare ngx_ptocidr() for IPv6
Igor Sysoev <igor@sysoev.ru>
parents:
2521
diff
changeset
|
95 unsigned no_port:1; |
|
a472d954c534
prepare ngx_ptocidr() for IPv6
Igor Sysoev <igor@sysoev.ru>
parents:
2521
diff
changeset
|
96 unsigned wildcard:1; |
| 884 | 97 |
|
2537
a472d954c534
prepare ngx_ptocidr() for IPv6
Igor Sysoev <igor@sysoev.ru>
parents:
2521
diff
changeset
|
98 socklen_t socklen; |
|
6559
adf25b8d0431
Introduced the ngx_sockaddr_t type.
Ruslan Ermilov <ru@nginx.com>
parents:
6527
diff
changeset
|
99 ngx_sockaddr_t sockaddr; |
|
2512
2e91aecb9e57
a prelimiary IPv6 support, HTTP listen
Igor Sysoev <igor@sysoev.ru>
parents:
2203
diff
changeset
|
100 |
|
3269
f0d596e84634
rename ngx_peer_addr_t to ngx_addr_t
Igor Sysoev <igor@sysoev.ru>
parents:
3265
diff
changeset
|
101 ngx_addr_t *addrs; |
|
2537
a472d954c534
prepare ngx_ptocidr() for IPv6
Igor Sysoev <igor@sysoev.ru>
parents:
2521
diff
changeset
|
102 ngx_uint_t naddrs; |
|
804
472cd9768ac2
now the "listen" directives use ngx_parse_url()
Igor Sysoev <igor@sysoev.ru>
parents:
663
diff
changeset
|
103 |
|
2537
a472d954c534
prepare ngx_ptocidr() for IPv6
Igor Sysoev <igor@sysoev.ru>
parents:
2521
diff
changeset
|
104 char *err; |
| 651 | 105 } ngx_url_t; |
| 106 | |
| 107 | |
| 1647 | 108 in_addr_t ngx_inet_addr(u_char *text, size_t len); |
| 3265 | 109 #if (NGX_HAVE_INET6) |
| 110 ngx_int_t ngx_inet6_addr(u_char *p, size_t len, u_char *addr); | |
|
3276
beaf94f2f265
make ngx_inet6_ntop() non-static
Igor Sysoev <igor@sysoev.ru>
parents:
3272
diff
changeset
|
111 size_t ngx_inet6_ntop(u_char *p, u_char *text, size_t len); |
| 3265 | 112 #endif |
|
5263
05ba5bce31e0
Core: extended ngx_sock_ntop() with socklen parameter.
Vladimir Homutov <vl@nginx.com>
parents:
4971
diff
changeset
|
113 size_t ngx_sock_ntop(struct sockaddr *sa, socklen_t socklen, u_char *text, |
|
05ba5bce31e0
Core: extended ngx_sock_ntop() with socklen parameter.
Vladimir Homutov <vl@nginx.com>
parents:
4971
diff
changeset
|
114 size_t len, ngx_uint_t port); |
|
291
117ccc7c4055
nginx-0.0.3-2004-03-16-16:35:20 import
Igor Sysoev <igor@sysoev.ru>
parents:
290
diff
changeset
|
115 size_t ngx_inet_ntop(int family, void *addr, u_char *text, size_t len); |
|
2537
a472d954c534
prepare ngx_ptocidr() for IPv6
Igor Sysoev <igor@sysoev.ru>
parents:
2521
diff
changeset
|
116 ngx_int_t ngx_ptocidr(ngx_str_t *text, ngx_cidr_t *cidr); |
|
6683
b802b7e1d9bc
Core: introduced ngx_cidr_match() function.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6593
diff
changeset
|
117 ngx_int_t ngx_cidr_match(struct sockaddr *sa, ngx_array_t *cidrs); |
|
3272
98f49b2bcae8
change ngx_parse_addr() interface
Igor Sysoev <igor@sysoev.ru>
parents:
3270
diff
changeset
|
118 ngx_int_t ngx_parse_addr(ngx_pool_t *pool, ngx_addr_t *addr, u_char *text, |
|
98f49b2bcae8
change ngx_parse_addr() interface
Igor Sysoev <igor@sysoev.ru>
parents:
3270
diff
changeset
|
119 size_t len); |
|
6564
19db5a6bc34e
Realip: port support in X-Real-IP and X-Forwarded-For.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6559
diff
changeset
|
120 ngx_int_t ngx_parse_addr_port(ngx_pool_t *pool, ngx_addr_t *addr, |
|
19db5a6bc34e
Realip: port support in X-Real-IP and X-Forwarded-For.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6559
diff
changeset
|
121 u_char *text, size_t len); |
|
1559
fe11e2a3946d
use pool instead of ngx_conf_t
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
122 ngx_int_t ngx_parse_url(ngx_pool_t *pool, ngx_url_t *u); |
|
fe11e2a3946d
use pool instead of ngx_conf_t
Igor Sysoev <igor@sysoev.ru>
parents:
906
diff
changeset
|
123 ngx_int_t ngx_inet_resolve_host(ngx_pool_t *pool, ngx_url_t *u); |
|
5473
d39ef821d03e
Core: externalized ngx_cmp_sockaddr().
Ruslan Ermilov <ru@nginx.com>
parents:
5263
diff
changeset
|
124 ngx_int_t ngx_cmp_sockaddr(struct sockaddr *sa1, socklen_t slen1, |
|
d39ef821d03e
Core: externalized ngx_cmp_sockaddr().
Ruslan Ermilov <ru@nginx.com>
parents:
5263
diff
changeset
|
125 struct sockaddr *sa2, socklen_t slen2, ngx_uint_t cmp_port); |
|
6593
b3b7e33083ac
Introduced ngx_inet_get_port() and ngx_inet_set_port() functions.
Roman Arutyunyan <arut@nginx.com>
parents:
6564
diff
changeset
|
126 in_port_t ngx_inet_get_port(struct sockaddr *sa); |
|
b3b7e33083ac
Introduced ngx_inet_get_port() and ngx_inet_set_port() functions.
Roman Arutyunyan <arut@nginx.com>
parents:
6564
diff
changeset
|
127 void ngx_inet_set_port(struct sockaddr *sa, in_port_t port); |
| 884 | 128 |
| 479 | 129 |
|
26
53cb81681040
nginx-0.0.1-2002-12-15-09:25:09 import
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
130 #endif /* _NGX_INET_H_INCLUDED_ */ |