Re: Performance related queries for SSL based client server model
Hi, Thanks all for your update. But functionality wise it is working fine. I can remove the inner loop but that will require packet size to be of 1K. I tried with that also but did not find any improvement in performance. In my setup there are 8 routers between source destination. Can anyone share me sample SSL based client server programme which I could use to measure performance. Regards, Alok On Tue, Sep 9, 2014 at 3:54 AM, Iñaki Baz Castillo i...@aliax.net wrote: 2014-09-08 19:46 GMT+02:00 Alok Sharma alokonm...@gmail.com: One thing I observerd by looking into scp code that it does not use SSL provided APIs (i.e.SSL_Read or SSL_Write) but they use it differenly i.e. might be directly calling encryption APIs and writing data to sockets. But I don't have much understanding what SSL_Write or SSL_read does internally. It has been already replied above. SSH is not SSL so don't look for SSL_ methods on openssh. Said that, AFAIK openssh uses the crypto library from openssl, but that is not SSL/TLS at all. So wanted to understand if there is any way to improve performance of SSL_Read or SSL_write to achive high performance. Following are my client server programmes. Here client writes file on server machine in hardcoded location and name. You have lot of errors in your program. I suggest that you first properly learn openssl, then measure your code if you need. -- Iñaki Baz Castillo i...@aliax.net __ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Performance related queries for SSL based client server model
int OpenListener(int port)
{ int sd;
struct sockaddr_in addr;
sd = socket(PF_INET, SOCK_STREAM, 0);
bzero(addr, sizeof(addr));
addr.sin_family = AF_INET;
addr.sin_port = htons(port);
addr.sin_addr.s_addr = INADDR_ANY;
if ( bind(sd, (struct sockaddr*)addr, sizeof(addr)) != 0 )
{
perror(can't bind port);
abort();
}
if ( listen(sd, 10) != 0 )
{
perror(Can't configure listening port);
abort();
}
return sd;
}
SSL_CTX* InitServerCTX(void)
{ SSL_METHOD *method;
SSL_CTX *ctx;
OpenSSL_add_all_algorithms(); /* load register all cryptos, etc. */
SSL_load_error_strings(); /* load all error messages */
method = SSLv2_server_method(); /* create new server-method instance */
ctx = SSL_CTX_new(method); /* create new context from method */
if ( ctx == NULL )
{
ERR_print_errors_fp(stderr);
abort();
}
return ctx;
}
void LoadCertificates(SSL_CTX* ctx, char* CertFile, char* KeyFile)
{
/* set the local certificate from CertFile */
if ( SSL_CTX_use_certificate_file(ctx, CertFile, SSL_FILETYPE_PEM) = 0
)
{
ERR_print_errors_fp(stderr);
abort();
}
/* set the private key from KeyFile (may be the same as CertFile) */
if ( SSL_CTX_use_PrivateKey_file(ctx, KeyFile, SSL_FILETYPE_PEM) = 0 )
{
ERR_print_errors_fp(stderr);
abort();
}
/* verify private key */
if ( !SSL_CTX_check_private_key(ctx) )
{
fprintf(stderr, Private key does not match the public
certificate\n);
abort();
}
}
void ShowCerts(SSL* ssl)
{ X509 *cert;
char *line;
cert = SSL_get_peer_certificate(ssl); /* Get certificates (if
available) */
if ( cert != NULL )
{
printf(Server certificates:\n);
line = X509_NAME_oneline(X509_get_subject_name(cert), 0, 0);
printf(Subject: %s\n, line);
free(line);
line = X509_NAME_oneline(X509_get_issuer_name(cert), 0, 0);
printf(Issuer: %s\n, line);
free(line);
X509_free(cert);
}
else
printf(No certificates.\n);
}
void Servlet(SSL* ssl) /* Serve the connection -- threadable */
{ char buf[1024*16];
char reply[1024];
int sd, bytes;
int fd=0;
int mode,len,len1;
const char* HTMLecho=htmlbodypre%s/pre/body/html\n\n;
if ( SSL_accept(ssl) == FAIL ) /* do SSL-protocol accept */
ERR_print_errors_fp(stderr);
else
{
ShowCerts(ssl);/* get any certificates */
fd=open(/tmp/test1,O_WRONLY | O_CREAT, 0644);
while(1)
{
bytes = SSL_read(ssl, buf, sizeof(buf)); /* get request */
if ( bytes 0 )
{
// printf(Client msg: \%s\\n, buf);
//sprintf(reply, HTMLecho, buf); /* construct reply */
//SSL_write(ssl, reply, strlen(reply)); /* send reply */
len=bytes;
mode=len;
while(mode0)
{
len1=write(fd,buf,len);
mode=mode-len1;
len-=len1;
}
}
else {
ERR_print_errors_fp(stderr);
break;
}
}
}
sd = SSL_get_fd(ssl); /* get socket connection */
SSL_free(ssl); /* release SSL state */
close(sd); /* close connection */
}
int main(int count, char *strings[])
{ SSL_CTX *ctx;
int server;
char *portnum;
if ( count != 2 )
{
printf(Usage: %s portnum\n, strings[0]);
exit(0);
}
SSL_library_init();
portnum = strings[1];
ctx = InitServerCTX();/* initialize SSL */
LoadCertificates(ctx, mycert.pem, mycert.pem); /* load certs */
server = OpenListener(atoi(portnum));/* create server socket */
while (1)
{ struct sockaddr_in addr;
socklen_t len = sizeof(addr);
SSL *ssl;
int client = accept(server, (struct sockaddr*)addr, len); /*
accept connection as usual */
printf(Connection: %s:%d\n,inet_ntoa(addr.sin_addr),
ntohs(addr.sin_port));
ssl = SSL_new(ctx); /* get new SSL state with context
*/
SSL_set_fd(ssl, client); /* set connection socket to SSL state
*/
Servlet(ssl); /* service connection */
}
close(server); /* close server socket */
SSL_CTX_free(ctx); /* release context */
}
On Sun, Sep 7, 2014 at 8:11 PM, Viktor Dukhovni openssl-us...@dukhovni.org
wrote:
On Sun, Sep 07, 2014 at 01:00:17PM +0530, Alok Sharma wrote:
I am writing one sample ssl based client server model which uses
SSL_Read SSL_Write API provided by openssl.
If you transfering each block of data as an RPC, with a round-trip
acknowledgement before sending the next block, and the blocks are
small enough, you're going to severely limit throughput.
In bulk data transfer applications that stream data, TLS typically
outperforms SSH, but a lot depends
Performance related queries for SSL based client server model
Hi, I am writing one sample ssl based client server model which uses SSL_Read SSL_Write API provided by openssl. But I found that my application is very slow it takes around 40 mins to copy 700MB file. While same file using scp finishes in 10 mins. So my query is that is there an alternative way to use open ssl read or write to improve performance. I searched in scp code and found it does not use SSL_read/SSL_write. So if there is another set of APIs which I can use or any idea how I can meet the same performance as scp. Regards, Alok
Re: Fwd: How to tweak openSSL vulnerabilities CVE-2013-0169
Hi Steve, I am also seeing AES along with GCM and RC4 in my search if I disable CBC. So can it guarantee that still client and server can communicate. Also if I use both end points as having same version of openssl than also there can be any problem. Regards, Alok On Tue, Nov 12, 2013 at 8:23 PM, Dr. Stephen Henson st...@openssl.orgwrote: On Tue, Nov 12, 2013, Alok Sharma wrote: One of the openSSL vulnerabilities is: CVE-2013-0169: The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, , do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the Lucky Thirteen issue. All versions of OpenSSL are affected including 1.0.1c, 1.0.0j and 0.9.8x Affected users should upgrade to OpenSSL 1.0.1d, 1.0.0k or 0.9.8y we use DTLS 1.0 protocol. Does anyone know of any setting in openssl configuration that can be tweaked to mitigate this vulnerability? E.g. a setting to not allow use of algorithms with CBC etc.? The vulnerability is addressed in the latest OpenSSL releases. If you disable CBC ciphers then you're only left with GCM and RC4. RC4 can't be used with DTLS and GCM is only supported in DTLS 1.2. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
How CBC based ciphers can be disabled from openssl
Hi, I am using 0.9.8.s openssl and due to some limitation I cann't upgrade to latest versions to tackle CVE-201300169. So is there any easy process to disable CBC based ciphers. Also is there a way to know which ciphers client and servers are using? Regards, Alok
Re: Fwd: How to tweak openSSL vulnerabilities CVE-2013-0169
Hi Steve, Thanks for reply. Do you have idea how CBC ciphers can be disabled? Regards, Alok On Tue, Nov 12, 2013 at 8:23 PM, Dr. Stephen Henson st...@openssl.orgwrote: On Tue, Nov 12, 2013, Alok Sharma wrote: One of the openSSL vulnerabilities is: CVE-2013-0169: The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, , do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the Lucky Thirteen issue. All versions of OpenSSL are affected including 1.0.1c, 1.0.0j and 0.9.8x Affected users should upgrade to OpenSSL 1.0.1d, 1.0.0k or 0.9.8y we use DTLS 1.0 protocol. Does anyone know of any setting in openssl configuration that can be tweaked to mitigate this vulnerability? E.g. a setting to not allow use of algorithms with CBC etc.? The vulnerability is addressed in the latest OpenSSL releases. If you disable CBC ciphers then you're only left with GCM and RC4. RC4 can't be used with DTLS and GCM is only supported in DTLS 1.2. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Fwd: How to tweak openSSL vulnerabilities CVE-2013-0169
One of the openSSL vulnerabilities is: CVE-2013-0169: The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, , do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the Lucky Thirteen issue. All versions of OpenSSL are affected including 1.0.1c, 1.0.0j and 0.9.8x Affected users should upgrade to OpenSSL 1.0.1d, 1.0.0k or 0.9.8y we use DTLS 1.0 protocol. Does anyone know of any setting in openssl configuration that can be tweaked to mitigate this vulnerability? E.g. a setting to not allow use of algorithms with CBC etc.? Regards, Alok
Re: Issue With continous PRNG test with Fips module of openssl
Hi, Thanks for the help, it resolved my problem. Regards, Alok On Fri, Sep 23, 2011 at 5:59 PM, Dr. Stephen Henson st...@openssl.orgwrote: On Fri, Sep 23, 2011, alok sharma wrote: Hi, Ok I got your point. I think it will be helpful.Do you have any link or precedure to setup these call backs or these are just function pointers which needs to be initialized at ssl initialization time. See the FAQ: http://www.openssl.org/support/faq.html#PROG1 The manual page here: http://www.openssl.org/docs/crypto/threads.html and a simple example in crypto\threads\mttest.c Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Issue With continous PRNG test with Fips module of openssl
Hi, So is there any method on Windows to generate non-predictable randomnumbers. I think mostly FileSytem time is used to seed randomness which is failing in my case. Regards, Alok On Mon, Sep 19, 2011 at 4:52 PM, Dr. Stephen Henson st...@openssl.orgwrote: On Mon, Sep 19, 2011, alok sharma wrote: Hi Jacob, Thanks for such a detailed reply. But I am having one concern that how an application can know whether it si secure or not. Fips uses GetSystemTimeAsFileTime() for PRNG test which is having granuality of 1 ns, but my application is running even at faster rate so same value is being generated for current as well as for last request. Is there any provision inside Openssl which ensures that unique randon numbers will be generated or application need to add some delay for each new connection request. Regards, OpenSSL uses more than just GetSystemTimeAsFileTime it also makes use of a counter value which is incremented on each use. This is all done under a lock so the values should never repeat even if the time value does. If you are getting continuous PRNG test failures then I suspect your locking callbacks aren't functioning correctly and you are getting race conditions. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Issue With continous PRNG test with Fips module of openssl
I am using the openssl fips version for my application.So, I have not made
any change in openssl or Fips code. Just enabling fips and using SSL API
exposed for client server model. But through debugger I have found that my
application is crashing giving error message inside Fips_rand() at following
line.
fips_rand()
{
.
if (!ctx-test_mode)
fips_get_dt(ctx);
AES_encrypt(ctx-DT, I, ctx-ks);
for (i = 0; i AES_BLOCK_LENGTH; i++)
tmp[i] = I[i] ^ ctx-V[i];
AES_encrypt(tmp, R, ctx-ks);
for (i = 0; i AES_BLOCK_LENGTH; i++)
tmp[i] = R[i] ^ I[i];
AES_encrypt(tmp, ctx-V, ctx-ks);
/* Continuous PRNG test */
if (ctx-second)
{
if (fips_prng_fail){
memcpy(ctx-last, R, AES_BLOCK_LENGTH);
RANDerr(RAND_F_FIPS_RAND,RAND_R_PRNG_STUCK);
}
if (!memcmp(R, ctx-last, AES_BLOCK_LENGTH))
-
-- The check is failing as the current encrypted and last one
are same
{
RANDerr(RAND_F_FIPS_RAND,RAND_R_PRNG_STUCK);
ctx-error = 1;
fips_set_selftest_fail();
return 0;
}
}
memcpy(ctx-last, R, AES_BLOCK_LENGTH);
Regards,
Alok
On Fri, Sep 23, 2011 at 4:46 PM, Dr. Stephen Henson st...@openssl.orgwrote:
On Fri, Sep 23, 2011, alok sharma wrote:
Hi,
So is there any method on Windows to generate non-predictable
randomnumbers. I think mostly FileSytem time is used to seed randomness
which is failing in my case.
As I indicated this shouldn't be happening if you've set up locking
callbacks
correctly. Have you set up any locking callbacks?
Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager majord...@openssl.org
Re: Issue With continous PRNG test with Fips module of openssl
Hi, Ok I got your point. I think it will be helpful.Do you have any link or precedure to setup these call backs or these are just function pointers which needs to be initialized at ssl initialization time. Regards, Alok On Fri, Sep 23, 2011 at 5:22 PM, Dr. Stephen Henson st...@openssl.orgwrote: On Fri, Sep 23, 2011, alok sharma wrote: Hi, The error message comes when we invoke SSL_accept() API. But taking lock on it will affect performance as it performs network operation inside this API (like client hello message and other). So if network is overloaded then mutex hold time will be too large. I have observed that in worst case it holds lock for around 5-6 mins. You don't lock the SSL_accept API. In an multithreaded application OpenSSL needs to use locks internally to avoid race conditions. In order to do this an application needs to supply a set of locking callbacks which OpenSSL makes use of internally. The locking times should always be very short for these cases: they are typically used to ensure reference counts are incremented and decremented properly. If you don't set these up OpenSSL will be unstable in multithreaded applications: one symptom of this is how the FIPS PRNG behaves. For more details see the archives and documentation. For example: the threads manual page. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Issue With continous PRNG test with Fips module of openssl
Hi Jacob,
Thanks for such a detailed reply. But I am having one concern that how
an application can know whether it si secure or not. Fips uses
GetSystemTimeAsFileTime() for PRNG test which is having granuality of 1 ns,
but my application is running even at faster rate so same value is being
generated for current as well as for last request. Is there any provision
inside Openssl which ensures that unique randon numbers will be generated or
application need to add some delay for each new connection request.
Regards,
Alok
On Thu, Sep 15, 2011 at 6:02 PM, Jakob Bohm jb-open...@wisemo.com wrote:
On 9/14/2011 6:33 PM, alok sharma wrote:
Hi,
I am having my client server on Windows. The server is concurrent
and
having each thread for each connection. When the number of connection
increases to 400-500 i.e having high thread load, my server crashes. I
debuged it and found that it gives error (“random number
generator:FIPS_RAND:prng error) when it tries to invoke SSL_accept(). My
server is Fips compliant. I looked furthur inside openssl code and found
issue with fips_rand() method (fips/rand/fips_rand.c). Following is my
observation.
The error is generated at following point
fips_rand()
{
.
if (!ctx-test_mode)
fips_get_dt(ctx);
AES_encrypt(ctx-DT, I,ctx-ks);
for (i = 0; i AES_BLOCK_LENGTH; i++)
tmp[i] = I[i] ^ ctx-V[i];
AES_encrypt(tmp, R,ctx-ks);
for (i = 0; i AES_BLOCK_LENGTH; i++)
tmp[i] = R[i] ^ I[i];
AES_encrypt(tmp, ctx-V,ctx-ks);
/* Continuous PRNG test */
if (ctx-second)
{
if (fips_prng_fail){
memcpy(ctx-last, R, AES_BLOCK_LENGTH);
The above line may cause the next test to fail too if fips_prng_fail was
set by something else.
RANDerr(RAND_F_FIPS_RAND,RAND_
R_PRNG_STUCK);
}
if (!memcmp(R, ctx-last, AES_BLOCK_LENGTH))
-**-- The check is failing as
the
current encrypted and last one are same
{
RANDerr(RAND_F_FIPS_RAND,RAND_**R_PRNG_STUCK);
ctx-error = 1;
fips_set_selftest_fail();
return 0;
}
}
memcpy(ctx-last, R, AES_BLOCK_LENGTH);
..**..**
...
..**..**
..
}
I think under heavy load openssl continous PRNG test is failing. It might
be
generating the same values as it applies AES encryption over the data
taken
from fips_get_dt(ctx).
Yes, that is (technically) how the code tests if the RNG is failing badly.
This is a symptom, not a cause.
The chance of this happening if the RNG is good for anything is
1 in 2**128 per test run, thus very unlikely, the chance of this happening
more
than once on the same (working) computer is astronomically small.
So the real problem is that this self-test seems to have found an actual
security problem. Running this kind of test to discover such security
problems is a FIPS requirement.
What the error is apparently saying is that the PRNG as running on your
machine is *not* FIPS quality and must not be used for any government
work (and probably not for anything else either!).
For windows platform this function takes
GetSystemTimeAsFileTime(). like
..
.
#ifdef OPENSSL_SYS_WIN32
GetSystemTimeAsFileTime(ft);
buf[0] = (unsigned char) (ft.dwHighDateTime 0xff);
buf[1] = (unsigned char) ((ft.dwHighDateTime 8) 0xff);
buf[2] = (unsigned char) ((ft.dwHighDateTime 16) 0xff);
buf[3] = (unsigned char) ((ft.dwHighDateTime 24) 0xff);
buf[4] = (unsigned char) (ft.dwLowDateTime 0xff);
buf[5] = (unsigned char) ((ft.dwLowDateTime 8) 0xff);
buf[6] = (unsigned char) ((ft.dwLowDateTime 16) 0xff);
buf[7] = (unsigned char) ((ft.dwLowDateTime 24) 0xff);
.
.
If this is the only PRNG seeding used on your machine, then your setup
is very insecure. As a bare minimum you should make sure the code that
grabs entropy from the Windows CryptoAPI PRNG (which is also FIPS
certified) is also enabled.
This seeding source is not very random at all, and it is only a (short)
matter
of time before it will produce something so predictable it should not pass
any
quality tests, including FIPS tests.
Please help in this regard. I am using openssl version 0.9.8o.
Regards,
Alok
__**__**__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager majord
Issue With continous PRNG test with Fips module of openssl
Hi,
I am having my client server on Windows. The server is concurrent and
having each thread for each connection. When the number of connection
increases to 400-500 i.e having high thread load, my server crashes. I
debuged it and found that it gives error (“random number
generator:FIPS_RAND:prng error) when it tries to invoke SSL_accept(). My
server is Fips compliant. I looked furthur inside openssl code and found
issue with fips_rand() method (fips/rand/fips_rand.c). Following is my
observation.
The error is generated at following point
fips_rand()
{
.
if (!ctx-test_mode)
fips_get_dt(ctx);
AES_encrypt(ctx-DT, I, ctx-ks);
for (i = 0; i AES_BLOCK_LENGTH; i++)
tmp[i] = I[i] ^ ctx-V[i];
AES_encrypt(tmp, R, ctx-ks);
for (i = 0; i AES_BLOCK_LENGTH; i++)
tmp[i] = R[i] ^ I[i];
AES_encrypt(tmp, ctx-V, ctx-ks);
/* Continuous PRNG test */
if (ctx-second)
{
if (fips_prng_fail){
memcpy(ctx-last, R, AES_BLOCK_LENGTH);
RANDerr(RAND_F_FIPS_RAND,RAND_
R_PRNG_STUCK);
}
if (!memcmp(R, ctx-last, AES_BLOCK_LENGTH))
--- The check is failing as the
current encrypted and last one are same
{
RANDerr(RAND_F_FIPS_RAND,RAND_R_PRNG_STUCK);
ctx-error = 1;
fips_set_selftest_fail();
return 0;
}
}
memcpy(ctx-last, R, AES_BLOCK_LENGTH);
...
..
}
I think under heavy load openssl continous PRNG test is failing. It might be
generating the same values as it applies AES encryption over the data taken
from fips_get_dt(ctx). For windows platform this function takes
GetSystemTimeAsFileTime(). like
..
.
#ifdef OPENSSL_SYS_WIN32
GetSystemTimeAsFileTime(ft);
buf[0] = (unsigned char) (ft.dwHighDateTime 0xff);
buf[1] = (unsigned char) ((ft.dwHighDateTime 8) 0xff);
buf[2] = (unsigned char) ((ft.dwHighDateTime 16) 0xff);
buf[3] = (unsigned char) ((ft.dwHighDateTime 24) 0xff);
buf[4] = (unsigned char) (ft.dwLowDateTime 0xff);
buf[5] = (unsigned char) ((ft.dwLowDateTime 8) 0xff);
buf[6] = (unsigned char) ((ft.dwLowDateTime 16) 0xff);
buf[7] = (unsigned char) ((ft.dwLowDateTime 24) 0xff);
.
.
Please help in this regard. I am using openssl version 0.9.8o.
Regards,
Alok
Query regarding pseudo number generation error in OpenSSL
Hi, I am using openssl to one of my application. The application has support of multithreading and runs on Windows platform. This application uses openssl 0.9.8.0 version and has support of fips. The application listens on a particular port and for each new connection it creates a separate threads. Each thread separately invokes SSL APIs like SSL_accept()__ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
