diff options
| author | David Sommerseth <dazo@users.sourceforge.net> | 2009-09-28 22:37:10 +0200 |
|---|---|---|
| committer | David Sommerseth <dazo@users.sourceforge.net> | 2009-09-28 22:37:10 +0200 |
| commit | c91da2939d058ff5645f4275f42ece40ed550b8f (patch) | |
| tree | 78cdf1c4d213b999c4f1722be659ac21ae636efc /database | |
| parent | c99768d395f378ab73f1fbd96381b90a51cf6fac (diff) | |
| download | eurephia-c91da2939d058ff5645f4275f42ece40ed550b8f.tar.gz eurephia-c91da2939d058ff5645f4275f42ece40ed550b8f.tar.xz eurephia-c91da2939d058ff5645f4275f42ece40ed550b8f.zip | |
Reworked and unified admin authentication and registration functions to eDBadminAuthenticate()
eDBadminAuth(), eDBadminValidateSession(), eDBadminRegisterLogin() and
eDBadminLogout() are now unfied into one admin function, eDBadminAuthenticate().
This function receives all input as eurephia XML documents.
Diffstat (limited to 'database')
| -rw-r--r-- | database/eurephiadb.c | 7 | ||||
| -rw-r--r-- | database/eurephiadb_driver.h | 88 | ||||
| -rw-r--r-- | database/sqlite/administration/authentication.c | 254 |
3 files changed, 235 insertions, 114 deletions
diff --git a/database/eurephiadb.c b/database/eurephiadb.c index 7fcdfae..05187af 100644 --- a/database/eurephiadb.c +++ b/database/eurephiadb.c @@ -108,12 +108,7 @@ int eDBlink_init(eurephiaCTX *ctx, const char *dbdriver, const int minver) "to upgrade eurephia to take advantage of newer features in the eurephiaDB driver."); case 2: #ifdef ENABLE_EUREPHIADM - eDBadminAuth = eGetSym(ctx, ctx->eurephia_driver, "eDBadminAuth"); - eDBadminValidateSession = eGetSym(ctx, ctx->eurephia_driver, - "eDBadminValidateSession"); - eDBadminRegisterLogin = eGetSym(ctx, ctx->eurephia_driver, "eDBadminRegisterLogin"); - eDBadminLogout = eGetSym(ctx, ctx->eurephia_driver, "eDBadminLogout"); - + eDBadminAuthenticate = eGetSym(ctx, ctx->eurephia_driver, "eDBadminAuthenticate"); eDBadminConfiguration = eGetSym(ctx, ctx->eurephia_driver, "eDBadminConfiguration"); eDBadminUserAccount = eGetSym(ctx, ctx->eurephia_driver, "eDBadminUserAccount"); eDBadminCertificate = eGetSym(ctx, ctx->eurephia_driver, "eDBadminCertificate"); diff --git a/database/eurephiadb_driver.h b/database/eurephiadb_driver.h index 2c8d3b5..ababa06 100644 --- a/database/eurephiadb_driver.h +++ b/database/eurephiadb_driver.h @@ -354,66 +354,58 @@ int (*eDBstore_session_value)(eurephiaCTX *ctx, eurephiaSESSION *session, int mo /* * functions which needs to exists in the API level 2 */ +#ifdef HAVE_LIBXML2 /** - * Authenticate a user for the administration interface. This interface do not - * require any certificate validation and is intended for administration utilities - * for eurephia. The eurephia context type must be either ECTX_ADMIN_CONSOLE or - * ECTX_ADMIN_WEB. + * Authenticate users and sessions for the administration interface. The OpenVPN plug-in + * should never use this API. * * @version API version level 2 - * @param ctx eurephiaCTX - context used for administration task - * @param req_access String (char *) containing the requested administration access level - * @param uname username of the user being authenticated - * @param pwd password from the user - * - * @return Returns users ID (uid) on success, otherwise 0 - */ -int (*eDBadminAuth) (eurephiaCTX *ctx, const char *req_access, const char *uname, const char *pwd); - - -/** - * Validates a session key, to see if it still is valid (not auto-logged out or invalid session key) - * and to check if they have access to a different access level. The eurephia context type must be - * either ECTX_ADMIN_CONSOLE or ECTX_ADMIN_WEB. + * @param ctx eurephiaCTX + * @param qryxml eurephia XML document describing the operation to be done * - * @version API version level 2 - * @param ctx eurephiaCTX - * @param sesskey String (char *) containing the session key to validate - * @param req_access String (char *) containing the required administration access level + * XML document describing authentication of a user account + * @code + * <eurephia format="1"> + * <Authenticate mode="user"> + * <username>{username}</username> + * <password>{password}</password> + * <accesslevel>{accesslevel}</password> + * </Authenticate> + * </eurephia> + * @endcode * - * @return Returns 1 if the session is valid and the user have the needed privileges, - * otherwise 0 is returned. - */ -int (*eDBadminValidateSession) (eurephiaCTX *ctx, const char *sesskey, const char *req_access); - - -/** - * Registers the user as logged in after a successful authentication. The user must - * be registered as logged in to have a valid session. + * XML document for authenticating and validating a user session to a specific access level + * @code + * <eurephia format="1"> + * <Authenticate mode="session"> + * <sessionkey>{session key}</sessionkey> + * <accesslevel>{accesslevel}</password> + * </Authenticate> + * </eurephia> + * @endcode * - * @version API version level 2 - * @param ctx eurephiaCTX - * @param session eurephiaSESSION + * XML docuument to register the user as logged in + * @code + * <eurephia format="1"> + * <Register mode="login" uid="{uid}">{session key}</Register> + * </eurephia> + * @endcode * - * @return Returns 1 on success, otherwise 0 - */ -int (*eDBadminRegisterLogin) (eurephiaCTX *ctx, eurephiaSESSION *session); - - -/** - * Registers a session as logged out. This will require the user to do a new authentication - * on next access via the administration interface + * XML docuument to register the user as logged out + * @code + * <eurephia format="1"> + * <Register mode="logout">{session key}</Register> + * </eurephia> + * @endcode * - * @version API version level 2 - * @param ctx eurephiaCTX - * @param sessionkey String (char *) containing the session key + * @return Returns a valid eurephia ResultMsg XML document with the result. On fatal errors, + * NULL is returned. When a username/password authentication is done, the user id of the + * user will be returned in the details part of the ResultMsg. * - * @return Returns 1 on success, otherwise 0 */ -int (*eDBadminLogout) (eurephiaCTX *ctx, const char *sessionkey); +xmlDoc *(*eDBadminAuthenticate) (eurephiaCTX *ctx, xmlDoc *qryxml); -#ifdef HAVE_LIBXML2 /** * Set or delete configuration parameters in the database. This operation will * also update the in-memory copy of the configuration diff --git a/database/sqlite/administration/authentication.c b/database/sqlite/administration/authentication.c index e8a30f0..75ad991 100644 --- a/database/sqlite/administration/authentication.c +++ b/database/sqlite/administration/authentication.c @@ -20,12 +20,11 @@ */ /** - * @file administration.c + * @file authentication.c * @author David Sommerseth <dazo@users.sourceforge.net> * @date 2008-12-03 * - * @brief Functions needed for the administration interface. This file - * primarily takes care of user authentication via the administration API + * @brief Functions used for authentication of administration sessions. * */ @@ -69,17 +68,30 @@ * */ + /** - * @copydoc eDBadminAuth() + * Authenticate a user for the administration interface. This interface do not + * require any certificate validation and is intended for administration utilities + * for eurephia. The eurephia context type must be either ECTX_ADMIN_CONSOLE or + * ECTX_ADMIN_WEB. + * + * @param ctx eurephiaCTX - context used for administration task + * @param req_access String containing the requested administration access level + * @param uname username of the user being authenticated + * @param pwd password from the user + * + * @return Returns an eurephia ResultMsg XML document with the result. On fatal errors, NULL is returned */ -int eDBadminAuth(eurephiaCTX *ctx, const char *req_access, const char *uname, const char *pwd) { +static xmlDoc *auth_user(eurephiaCTX *ctx, const char *req_access, const char *uname, const char *pwd) { + xmlDoc *res_d = NULL; + xmlNode *info_n = NULL; dbresult *res = NULL; char *crpwd = NULL, *dbpwd = NULL; - char *activated = NULL, *deactivated = NULL, *blid = NULL; - int uid = -1, access = 0; + char *activated = NULL, *deactivated = NULL, *blid = NULL, *uid = NULL; + int access = 0; char interface; - DEBUG(ctx, 20, "Function call: eDBadminAuth(ctx, '%s, '%s', 'xxxxxxxx')", req_access, uname); + DEBUG(ctx, 21, "Function call: auth_user(ctx, '%s, '%s', 'xxxxxxxx')", req_access, uname); assert(ctx != NULL); @@ -92,12 +104,13 @@ int eDBadminAuth(eurephiaCTX *ctx, const char *req_access, const char *uname, co break; default: eurephia_log(ctx, LOG_ERROR, 0, "Wrong eurephia context type (0x%04x)", ctx->context_type); - return 0; + return NULL; } if( (strlen_nullsafe(uname) < 4) || (strlen_nullsafe(pwd) < 4) ) { - eurephia_log(ctx, LOG_WARNING, 0, "User name and/or password is either null or less than 4 bytes"); - return 0; + eurephia_log(ctx, LOG_WARNING, 0, + "Username and/or password is either null or less than 4 bytes"); + return eurephiaXML_ResultMsg(ctx, exmlERROR, NULL, "Username or password is too short"); } // @@ -113,7 +126,7 @@ int eDBadminAuth(eurephiaCTX *ctx, const char *req_access, const char *uname, co if( res == NULL ) { eurephia_log(ctx, LOG_FATAL, 0, "Could not authenticate user against the database"); - return 0; + return eurephiaXML_ResultMsg(ctx, exmlERROR, NULL, "Authentication failed"); } if( sqlite_get_numtuples(res) == 1 ) { @@ -121,31 +134,31 @@ int eDBadminAuth(eurephiaCTX *ctx, const char *req_access, const char *uname, co deactivated = sqlite_get_value(res, 0, 1); blid = sqlite_get_value(res, 0, 2); dbpwd = sqlite_get_value(res, 0, 3); - uid = atoi_nullsafe(sqlite_get_value(res, 0, 4)); + uid = strdup_nullsafe(sqlite_get_value(res, 0, 4)); if( blid != NULL ) { eurephia_log(ctx, LOG_WARNING, 0, - "Your user account is BLACKLISTED. You have no access."); + "User account '%s' is BLACKLISTED. You have no access.", uname); sqlite_free_results(res); - return 0; + return eurephiaXML_ResultMsg(ctx, exmlERROR, NULL, "Authentication failed"); } if( activated == NULL ) { - eurephia_log(ctx, LOG_WARNING, 0, "Your user account is not yet activated."); + eurephia_log(ctx, LOG_WARNING, 0, "User account '%s' is not yet activated.", uname); sqlite_free_results(res); - return 0; + return eurephiaXML_ResultMsg(ctx, exmlERROR, NULL, "Authentication failed"); } if( deactivated != NULL ) { - eurephia_log(ctx, LOG_WARNING, 0, "Your user account is deactivated."); + eurephia_log(ctx, LOG_WARNING, 0, "User account '%s' is deactivated.", uname); sqlite_free_results(res); - return 0; + return eurephiaXML_ResultMsg(ctx, exmlERROR, NULL, "Authentication failed"); } if( dbpwd == NULL ) { eurephia_log(ctx, LOG_WARNING, 0, "Authentication failed. DB error."); sqlite_free_results(res); - return 0; + return eurephiaXML_ResultMsg(ctx, exmlERROR, NULL, "Authentication failed"); } else { int pwdok = 0; // Verify the password @@ -158,7 +171,7 @@ int eDBadminAuth(eurephiaCTX *ctx, const char *req_access, const char *uname, co eurephia_log(ctx, LOG_WARNING, 0, "Authentication failed."); sleep(2); sqlite_free_results(res); - return 0; + return eurephiaXML_ResultMsg(ctx, exmlERROR, NULL, "Authentication failed"); } } sqlite_free_results(res); @@ -169,40 +182,56 @@ int eDBadminAuth(eurephiaCTX *ctx, const char *req_access, const char *uname, co res = sqlite_query(ctx, "SELECT (count(*) = 1) AS access " " FROM eurephia_adminaccess" - " WHERE uid = '%i' AND interface = '%c' AND access = '%q'", + " WHERE uid = '%q' AND interface = '%c' AND access = '%q'", uid, interface, req_access); + if( res == NULL ) { eurephia_log(ctx, LOG_FATAL, 0, "Could not check access level"); - return 0; + return eurephiaXML_ResultMsg(ctx, exmlERROR, NULL,"Failed to validate access level"); } access = atoi_nullsafe(sqlite_get_value(res, 0, 0)); sqlite_free_results(res); if( access == 0 ) { - eurephia_log(ctx, LOG_WARNING, 0, "Your account is lacking privileges for this operation"); - return 0; + eurephia_log(ctx, LOG_WARNING, 0, + "User account '%s' is lacking privileges for this operation", uname); + return eurephiaXML_ResultMsg(ctx, exmlERROR, NULL, "Authentication failed"); } } else { eurephia_log(ctx, LOG_WARNING, 0, "Authentication failed. No unique records found."); sqlite_free_results(res); sleep(2); - return 0; + return eurephiaXML_ResultMsg(ctx, exmlERROR, NULL, "Authentication failed"); } // If we reach this place, authentication was successful. Return users uid - return uid; + info_n = xmlNewNode(NULL, (xmlChar *) "UserAccount"); + assert( info_n != NULL ); + xmlNewProp(info_n, (xmlChar *) "uid", (xmlChar *) uid); + res_d = eurephiaXML_ResultMsg(ctx, exmlRESULT, info_n, "Successful authentication"); + xmlFreeNode(info_n); + free_nullsafe(ctx, uid); + return res_d; } /** - * @copydoc eDBadminValidateSession() + * Validates a session key, to see if it still is valid (not auto-logged out or invalid session key) + * and to check if they have access to a different access level. The eurephia context type must be + * either ECTX_ADMIN_CONSOLE or ECTX_ADMIN_WEB. + * + * @param ctx eurephiaCTX + * @param sesskey String containing the session key to validate + * @param req_access String containing the required administration access level + * + * @return Returns an eurephia ResultMsg XML document with the result. On fatal errors, NULL is returned */ -int eDBadminValidateSession(eurephiaCTX *ctx, const char *sesskey, const char *req_access) { +static xmlDoc *auth_session(eurephiaCTX *ctx, const char *sesskey, const char *req_access) { dbresult *res = NULL; int valid = 0, access = 0, expire_time = 0; char interface; - DEBUG(ctx, 20, "Function call: eDBadminValidateSession(ctx, '%s, '%s')", sesskey, req_access); + DEBUG(ctx, 21, "Function call: auth_session(ctx, '%s, '%s')", sesskey, req_access); assert( (ctx != NULL) && (sesskey != NULL) ); switch( ctx->context_type ) { @@ -214,12 +243,13 @@ int eDBadminValidateSession(eurephiaCTX *ctx, const char *sesskey, const char *r break; default: eurephia_log(ctx, LOG_ERROR, 0, "Wrong eurephia context type (0x%04x)", ctx->context_type); - return 0; + return NULL; } // Check if the session is still valid (not expired) and that this session are allowed to access // the requested access level. - expire_time = (60 * atoi_nullsafe(defaultValue(eGet_value(ctx->dbc->config, "eurephiadmin_autologout"), + expire_time = (60 * atoi_nullsafe(defaultValue(eGet_value(ctx->dbc->config, + "eurephiadmin_autologout"), "10") ) ); @@ -236,7 +266,7 @@ int eDBadminValidateSession(eurephiaCTX *ctx, const char *sesskey, const char *r if( (res == NULL) ) { eurephia_log(ctx, LOG_FATAL, 0, "Could not validate session"); - return 0; + return eurephiaXML_ResultMsg(ctx, exmlERROR, NULL, "Session authentication failed"); } valid = (atoi_nullsafe(sqlite_get_value(res, 0, 0)) == 0); @@ -256,7 +286,6 @@ int eDBadminValidateSession(eurephiaCTX *ctx, const char *sesskey, const char *r } else { // If not valid, register session as auto-logged out - res = sqlite_query(ctx, "UPDATE eurephia_adminlog" " SET logout = CURRENT_TIMESTAMP, status = %i" @@ -273,29 +302,41 @@ int eDBadminValidateSession(eurephiaCTX *ctx, const char *sesskey, const char *r if( res == NULL ) { eurephia_log(ctx, LOG_ERROR, 0, "Could not delete session variables (%s))", sesskey); - return 0; + } else if( !access ) { + eurephia_log(ctx, LOG_WARNING, 0, "User account is lacking privileges"); } sqlite_free_results(res); + } - if( !access ) { - eurephia_log(ctx, LOG_WARNING, 0, "Your user account is lacking privileges"); - } + if (valid && access) { + return eurephiaXML_ResultMsg(ctx, exmlRESULT, NULL, "Session authenticated"); + } else { + return eurephiaXML_ResultMsg(ctx, exmlERROR, NULL, "Session authentication failed"); } - return (valid && access); } /** - * @copydoc eDBadminRegisterLogin() + * Registers the user as logged in after a successful authentication. The user must + * be registered as logged in to have a valid session. + * + * @param ctx eurephiaCTX + * @param uid Numeric value if the user ID the session belongs to + * @param sesskey String containing the session key + * + * @return Returns an eurephia ResultMsg XML document with the result. On fatal errors, NULL is returned */ -int eDBadminRegisterLogin(eurephiaCTX *ctx, eurephiaSESSION *session) { +static xmlDoc *register_login(eurephiaCTX *ctx, const int uid, const char *sesskey) { dbresult *res = NULL; char interface; - int uid; - DEBUG(ctx, 20, "Function call: eDBadminRegisterLogin(ctx, {session}'%s')", session->sessionkey); - assert((ctx != NULL) && (session != NULL)); + DEBUG(ctx, 21, "Function call: register_login(ctx, %i, '%s')", uid, sesskey); + assert( ctx != NULL ); + + if( (sesskey == NULL) || (uid < 1) ) { + return eurephiaXML_ResultMsg(ctx, exmlERROR, NULL, "Invalid data for login registration"); + } switch( ctx->context_type ) { case ECTX_ADMIN_CONSOLE: @@ -304,38 +345,44 @@ int eDBadminRegisterLogin(eurephiaCTX *ctx, eurephiaSESSION *session) { interface = 'W'; break; default: eurephia_log(ctx, LOG_ERROR, 0, "Wrong eurephia context type (0x%04x)", ctx->context_type); - return 0; + return NULL; } // Register login into eurephia_adminlog ... uid, login, interface, sessionkey - uid = atoi_nullsafe(eGet_value(session->sessvals, "uid")); res = sqlite_query(ctx, "INSERT INTO eurephia_adminlog " " (uid, interface, status, login, last_action, sessionkey) " "VALUES ('%i','%c',1,CURRENT_TIMESTAMP, CURRENT_TIMESTAMP, '%q')", - uid, interface, session->sessionkey); + uid, interface, sesskey); if( !res ) { - eurephia_log(ctx, LOG_FATAL, 0, "Could not manage to register the session in the database"); - return 0; + eurephia_log(ctx, LOG_FATAL, 0, "Failed to register the session in the database"); + return eurephiaXML_ResultMsg(ctx, exmlERROR, NULL, + "Failed to register the session in the database"); } sqlite_free_results(res); - return 1; + return eurephiaXML_ResultMsg(ctx, exmlRESULT, NULL, "Session is registered as logged in"); } /** - * @copydoc eDBadminLogout() + * Registers a session as logged out. This will require the user to do a new authentication + * on next access via the administration interface + * + * @param ctx eurephiaCTX + * @param sessionkey String containing the session key + * + * @return Returns an eurephia ResultMsg XML document with the result. On fatal errors, NULL is returned */ -int eDBadminLogout(eurephiaCTX *ctx, const char *sessionkey) { +static xmlDoc *register_logout(eurephiaCTX *ctx, const char *sessionkey) { dbresult *res = NULL; - DEBUG(ctx, 20, "Function call: eDBadminLogout(ctx, '%s')", sessionkey); + DEBUG(ctx, 21, "Function call: register_logout(ctx, '%s')", sessionkey); assert((ctx != NULL) && (sessionkey != NULL)); if( (ctx->context_type != ECTX_ADMIN_CONSOLE) && (ctx->context_type != ECTX_ADMIN_WEB) ) { eurephia_log(ctx, LOG_CRITICAL, 0, "eurephia admin function call attempted with wrong context type"); - return 0; + return NULL; } // Update session as logged out @@ -344,21 +391,108 @@ int eDBadminLogout(eurephiaCTX *ctx, const char *sessionkey) { " SET logout = CURRENT_TIMESTAMP, status = 3" " WHERE sessionkey = '%q'", sessionkey); - if( !res ) { - eurephia_log(ctx, LOG_FATAL, 0, "Could not manage to register the session as logged out"); - return 0; + if( !res || (sqlite_get_affected_rows(res) == 0) ) { + eurephia_log(ctx, LOG_FATAL, 0, + "Failed to register the session as logged out (updated %i rows)", + sqlite_get_affected_rows(res)); + return eurephiaXML_ResultMsg(ctx, exmlERROR, NULL, + "Failed to register the session as logged out"); } sqlite_free_results(res); // Delete session variables res = sqlite_query(ctx, "DELETE FROM openvpn_sessions WHERE sessionkey = '%q'", sessionkey); - if( res == NULL ) { + if( !res || (sqlite_get_affected_rows(res) == 0) ) { eurephia_log(ctx, LOG_ERROR, 0, "Could not delete session variables (%s))", sessionkey); - return 0; + return eurephiaXML_ResultMsg(ctx, exmlERROR, NULL, + "Could not delete session variables (%s))", sessionkey); } sqlite_free_results(res); - return 1; + return eurephiaXML_ResultMsg(ctx, exmlRESULT, NULL, "Session is logged out"); +} + + +/** + * @copydoc eDBadminAuthenticate() + */ +xmlDoc *eDBadminAuthenticate(eurephiaCTX *ctx, xmlDoc *qryxml) { + xmlDoc *res_d = NULL; + xmlNode *qry_n = NULL; + char *mode = NULL; + int type = 0; + + DEBUG(ctx, 20, "Function call: eDBadminAuthenticate(ctx, xmlDoc)"); + assert( (ctx != NULL) && (qryxml != NULL) ); + + if( (ctx->context_type != ECTX_ADMIN_CONSOLE) && (ctx->context_type != ECTX_ADMIN_WEB) ) { + eurephia_log(ctx, LOG_CRITICAL, 0, + "eurephia admin function call attempted with wrong context type"); + return NULL; + } + + qry_n = eurephiaXML_getRoot(ctx, qryxml, "Authenticate", 1); + if( qry_n != NULL ) { + type = 1; + goto accept; + } + + qry_n = eurephiaXML_getRoot(ctx, qryxml, "Register", 1); + if( qry_n != NULL ) { + type = 2; + goto accept; + } + + eurephia_log(ctx, LOG_ERROR, 0, "Could not find a valid XML request for eDBadminAuthenticate()"); + return NULL; + + accept: + mode = xmlGetAttrValue(qry_n->properties, "mode"); + if( mode == NULL ) { + eurephia_log(ctx, LOG_ERROR, 0, "Invalid authentication request"); + return NULL; + } + + switch( type ) { + case 1: // Authenticate tag + if( strcmp(mode, "user") == 0 ) { + // const char *req_access, const char *uname, const char *pwd + const char *reqacc = NULL, *uname = NULL, *pwd = NULL; + uname = xmlGetNodeContent(qry_n, "username"); + pwd = xmlGetNodeContent(qry_n, "password"); + reqacc = xmlGetNodeContent(qry_n, "accesslevel"); + res_d = auth_user(ctx, reqacc, uname, pwd); + } else if ( strcmp(mode, "session") == 0 ) { + const char *sesskey = NULL, *reqacc = NULL; + sesskey = xmlGetNodeContent(qry_n, "sessionkey"); + reqacc = xmlGetNodeContent(qry_n, "accesslevel"); + res_d = auth_session(ctx, sesskey, reqacc); + } + break; + + case 2: // Register tag + if( strcmp(mode, "login") == 0 ) { + const char *sesskey = NULL; + unsigned int uid = 0; + + uid = atoi_nullsafe(xmlGetAttrValue(qry_n->properties, "uid")); + sesskey = xmlExtractContent(qry_n); + res_d = register_login(ctx, uid, sesskey); + } else if( strcmp(mode, "logout") == 0 ) { + const char *sesskey = NULL; + + sesskey = xmlExtractContent(qry_n); + res_d = register_logout(ctx, sesskey); + } + break; + + default: + eurephia_log(ctx, LOG_FATAL, 0, "The unthinkable has just happened (type %i)", type); + res_d = NULL; + break; + } + return res_d; } + #endif |