| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
|
| |
ticket: 5798
tags: pullup
target_version: 1.6.3
component: windows
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20035 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The Network Identity Manager notification icon can display a tooltip
when the user hovers the mouse cursor over it. It is currently used
to indicate the default identity (if one is found). However, when
retrieving the name of the default identity, the size of the buffer
was left unspecified. This patch specifies the correct buffer size.
The function called with the incorrect buffer size was
kcdb_identity_get_name(). That function does not write more than
KCDB_IDENT_MAXCCH_NAME characters regardless of the size of the buffer
specified, and the buffer that was passed in is allocated to be this
size. No buffer overrun was present in the existing code, although
the behavior was incorrect.
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20034 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
enumerates known identities and displays them if necessary. However,
as plug-ins load and the list of known identities, their properties
and credentials change, the order of the displayed list will also
change.
The existing code does not deal well in respect to tracking the
current selection when the list of identities and credentials change.
This results in inconsistent behavior where the identity that was
originally at the top of the list maintains its selection state while
the identity at the top of the list after all the plug-ins have loaded
will receive focus.
This patch fixes this problem by explicitly setting focus and
selection to the identity or credential at the current cursor location
following a change in the credentials list.
ticket: 5782
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20033 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
background of identity headings based on the expiration state of the
credentials that belong to the identity.
This patch changes the behavior to color these headings based on the
existence and expiration state of identity credentials. With this
change, only identities that have valid identity credentials will
appear in green.
The same logic is used when drawing the menu items in the "Set
default" sub-menu in the notification icon.
ticket: 5783
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20032 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently, the notification icon that is created by Network Identity
Manager indicates the status of all the known credentials. If any
credential belonging to any identity is expired or in a critical
state, the icon will change color to indicate this.
This patch changes the behavior to only indicate the status of
credentials belonging to the default identity. The expiration state
of credentials that do not belong to the default identity no longer
affect the appearance of the notification icon.
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20031 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
The credentials display in Network Identity Manager uses a cached set
of properties for each identity that has credentials. The existing
code used the wrong field of the khui_credwnd_identity structure to
store the credentials type name associated with an identity, resulting
in a corrupt data structure.
This patch fixes the code to use the correct field.
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20030 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
| |
Change "View columns" to "Select columns" in the "View" menu of
Network Identity Manager to be consistent with other Windows
applications.
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20029 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
The Kerberos v5 plug-in for Network Identity Manager was not clearing
the list of prompts properly when a user changes the active identity
in the new credentials dialog. The stale prompts would be visible to
the user if the newly selected identity is invalid or the new identity
cannot be validated.
This patch clears the prompts if there is an identity change.
ticket: new
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20028 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
|
|
| |
update screen shots
add credits to Fermilabs and Stanford University.
other changes for kfw 3.2.2 release.
ticket: 5789
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20027 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
| |
ticket: 5789
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20026 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Do not obtain a critical section that is already being held:
"cs_kmq_types"
Update the docs to indicate the additional restriction.
ticket: new
component: windows
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20025 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
that the module has not been installed. Do not report an
error to the end user for uninstalled modules. This will
only annoy the user and there is probably nothing the user
can do about it. Perhaps the user uninstalled the module
intentionally. The fact that there is still a HKCU key
remaining is not an indication that the module is in use.
ticket: 5753
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20023 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
the KMM Schema. Require that modules that are installed be properly
installed.
Add NIM Module Registry values to the NSIS installer. These values were
already being set by the Wix installer.
By removing the ImagePath default, unable to load module errors will
not be generated when the module has not in fact been installed.
ticket: 5753
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20022 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
| |
ticket: 5787
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20021 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
| |
Disable the potentially uninitialized variable warning
for 'ri'. The variable cannot be used when uninitialized.
ticket: new
component: windows
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20020 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
| |
updates for NIM 1.3.1 / KFW 3.2.2
ticket: new
component: windows
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20019 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
| |
In the Advanced mode of the Obtain New Credentials dialog
the keyboard accelerator was missing.
ticket: new
component: windows
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20018 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
| |
ticket: 5787
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20017 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
| |
Correct typos. Make use of "plug-in" vs "plugin" consistent.
ticket: new
component: windows
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20016 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
The Network Identity Manager notification icon can have a tooltip
associated with it. The tooltip will be displayed to the user if she
hovers the mouse cursor over the notification icon. Currently, the
tooltip is used to indicate the current status of Network Identity
Manager. This patch adds the name of the default identity to the
tooltip.
ticket: new
component: windows
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19985 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
|
|
| |
In Network Identity Manager, when locating the action object
corresponding to an action identifier using khui_find_action(), don't
search through the list of standard actions if we already know that
the object we are searching for is a custom action.
ticket: new
component: windows
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19984 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
notification icon context menu. The submenu will display a list of
identities that the user can select as the default identity.
Each identity that is displayed in the sub menu will be colored the
same way it is colored in the basic view to provide a hint as to the
state of the credentials belonging to the identity.
ticket: 5724
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19983 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Identity Manager. This option will be toggled when selected. If
enabled, all the known identities will be displayed in any credentials
view which uses the identity of credentials as the primary group-by
field.
The setting of this option is persistent.
ticket: 5719
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19982 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
| |
ticket: 5772
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19978 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
| |
document the use of KRB5_CCH_CCNAME.
ticket: 5772
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19977 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
kmm_reg.c:
Allocate enough memory to hold the entire PluginList multi-string plus
an extra NUL if the registry value was not properly terminated.
kmm_registrar.c:
Do not record an error loading a module if there was no configuration
for it.
kmmmain.c:
Avoid a race condition by sending the thread quit message instead of
posting it. Do so outside of the critical section to avoid a deadlock.
ticket: new
component: windows
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19976 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
(1) remove an extraneous backslash from the generated FILE:
ccache name. GetTempPath() always returns paths terminated
with a backslash.
(2) increase the max ccache name length to KRB5_CCH_CCNAME from
MAX_PATH.
These changes have dependencies on revisions 19891 and 19897.
ticket: new
component: windows
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19975 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
| |
ticket: 5691
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19974 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19972 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
| |
Restore MIT Copyright removed in revision 19855.
ticket: new
component: windows
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19968 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
khm_krb5_initialize() is called in the krb5cred.dll and krb4cred.dll
credential providers in order to ensure that the caller has references
to a valid krb5_context and a valid krb5_ccache. If the krb5_cc_resolve()
call failed, the error code was not being returned to the caller.
Instead, success was returned which in turn would result in the caller
believing the NULL krb5_ccache pointer was in fact valid.
This fix resolves Microsoft's WER Event ID 432405961.
ticket: new
component: windows
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19967 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
| |
global clean rule in config/Makefile.w32. No need to replicate
them in each individual Makefile.
ticket: 5756
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19966 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
| |
Restore the HideWatermark functionality that was accidently
removed from ui/credwnd.c
ticket: new
component: windows
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19964 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
| |
make sure that we clean up vc70.pdb, vc80.pdb, and
temporary files generated during the build process.
ticket: new
component: windows
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19955 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
| |
remove the registration requirement for administrative installs.
ticket: new
component: windows
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19936 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add support for building 64-bit AMD64 MSI install packages
in addition to 32-bit i386 MSI install packages.
Differences between 32-bit MSI and 64-bit MSI include:
* no krb4 binaries and libraries
* no kclient binaries and libraries
* no krb524 binaries and libraries
* no leash32.exe
* new AMD64 UpgradeCode permits parallel installation with 32-bit MSI
* support for Visual Studio 2005 (VS8, CL1400) merge modules
Open Issues:
* 32-bit MSI installs kfwlogon.dll on AMD64 systems
* 32-bit and 64-bit NetIDMgr.exe as startup. Need to decide
which should be executed by default. Only one can run at
a time.
* Need to make sure that src/windows/build properly configures
the site-local.wxi file for Visual Studio 2005 and platform.
ticket: new
component: windows
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19922 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
| |
Now that krbcc64.lib exists we can build the gss.exe gss-api test
client.
ticket: new
component: windows
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19921 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
NIM supports the ability of the user to specify an
explicit ccache name for use with an identity. If
this ccache is a FILE ccache, we need to be able to
store credentials into the ccache. krb5cred.dll
did not previously specify the KRB5_TC_OPENCLOSE flag
on the ccache when setting other flags such as
KRB5_TC_NOTICKET (which is used with MSLSA ccaches).
As a result, open/close mode was turned off, the
ccache file would be opened in read-only mode and
attempts to store credentials into the ccache would
fail. This is fixed by specifying KRB5_TC_OPENCLOSE
when setting the ccache flags.
When a CCAPI implementation is unavailable, we need
to automatically generate the FILE ccache name if
one has not already been specified. We default to
a file stored in the user's Local Settings\Temp
directory. The generated ccache is then added to
the file ccache watch list.
Finally, some users have complained about the
behavior of Microsoft Vista's UAC mode and how
it makes the CCAPI cache useless for storing
credentials that must be used in conjunction
with processes that do not have restricted
privileges since those processes run in a
separate logon session. For these users we
have added a "DefaultToFileCache" registry
value that can be specified to force the use
of FILE ccaches in preference to CCAPI ccaches
when there is no explicit ccache specified
for a given identity. Unlike CCAPI ccaches,
the FILE ccaches are accessible from both
restricted and unrestricted processes when
UAC is active.
ticket: new
component: windows
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19897 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
| |
Instead of testing for NOT the machine key, test
for is the user key.
ticket: new
component: windows/identity/kconfig/api.c
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19896 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
| |
Remove unused preprocessor symbols automatically added by Visual Studio's
dialog editor.
ticket: new
component: windows/identity/ui/resource.h
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19895 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch permits Network Identity Manager to be built for 64-bit Windows.
In the process all compile time warnings have been taken care of.
For 64-bit Windows, we do not build the Kerberos v4 Credential Provider
and we will not attempt to load the krb524 library.
Note that when testing the 64-bit NIM, there is no CCAPI at the
moment so you must manually specify a FILE: ccache as part of the
identity's Kerberos v5 configuration if you want to use cache's
other than the MSLSA.
This patch also consolidates the computation of the default ccache
name into utility functions:
khm_krb5_get_identity_default_ccache
khm_krb5_get_identity_default_ccacheA
ticket: new
component: windows
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19891 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Microsoft defaults stack checking (/Gs) to on. This requires
that bufferoverflowU.lib be included in the link step. The
macro SCLIB in the build system specifies this library on
versions of Windows that require it. Include SCLIB on the
link line of the makefile.
ticket: new
component: windows
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19881 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
| |
Set the Network Identity Manager application version to 1.3.1 and the
API version to 10.
ticket: new
component: windows
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19869 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
There was a spurious trigger for reloading the layout of the Network
Identity Manager timer code. This was presumably introduced to
mitigate a problem where the identity and outline status might become
stale. (Ticket 5604)
This should no longer be necessary.
ticket: new
component: windows
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19868 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The new credentials dialog in Network Identity Manager does not check
whether it is positioned outside of the display screen. It tries to
position itself in the center of the primary display if the Network
Identity Manager window is hidden and it tries to center itself over
the main window if the main window is visible. If the main window is
too close to the edge of the screen, this may result in the new
credentials window being partially outside the display area. This is
especially a problem when the new credentials dialog switches to the
advanced view.
The patch checks whether the window rectangle is visible before
repositioning the new credentials dialog and adjusts the window
rectangle so that it is.
ticket: new
component: windows
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19867 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
provider
The Kerberos v5 identity provider for Network Identity Manager
monitors the "Software\MIT\kerberos5" registry key for the logged in
user for changes to the "ccname" value. If a change is noticed, it
would query the Kerberos v5 library for the default credentials cache
and attempt to determine the new default identity, which it would then
communicate to the Network Identity Manager application.
When the identity provider queried the Kerberos v5 library after a
registry change notification, it used a cached krb5_context for the
thread. The default credentials cache found using this krb5_context
may not be what the registry specified.
This patch modifies the code in k5_ccname_monitor_thread() to create a
use a new krb5_context when querying for the default credentials cache
following a registry change notification. Doing so ensures that
Kerberos v5 library takes the new registry value into account.
ticket: new
component: windows
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19866 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The Network Identity Manager Configuration Provider module keeps track
of the application and plug-in configuration settings organized into
configuration spaces. The state of each configuration space is
maintained in a reference counted object. Once all the references are
released, the Configuration Provider will attempt to free the
resources allocated for the object.
If the configuration space was marked for deletion, then the registry
keys associated with the object need to be deleted when the
object is being discarded. Due to a coding error, the memory
allocated for the object would be freed before the associated registry
keys were deleted. This could result in a memory access error.
The patch corrects the code in khcint_remove_space() to free the
allocated memory after all the remaining clean-up steps have been
performed.
ticket: new
component: windows
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19865 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The Network Identity Manager application does not provide a user
interface for identity specification. That responsibility lies with
the identity provider. Whenever a dialog needs to allow the user to
specify an identity, the identity provider has to populate the dialog
with the necessary controls so that the user can specify an identity.
In the case of the Kerberos v5 identity provider, the controls allow
the user to specify a username and a realm.
Once the dialog is populated, the application will dispatch window
messages to the identity provider. The identity provider will handle
the window messages and notify the application when the selected
identity changes.
One deficiency of the API was that there was no message to notify the
identity provider that an identity selection has to be made
immediately. When the user invokes the default action for a dialog by
hitting enter, the only message received by the dialog is a command
identifier of the default action. In this case, the identity provider
will not get a chance to notify the application of the identity
selection.
This patch fixes the API deficiency by introducing a new message,
WMNC_IDENT_PREPROCESS, which the application can use to notify the
identity provider that the dialog box is about to be processed. In
response, the identity provider can notify the application of the
selected identity even if no other messages were received by the
identity provider.
ticket: new
component: windows
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19864 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Update the Network Identity Manager developer documentation to include
a reference to the 1.3.0 release which was included with Kerberos for
Windows 3.2.1.
The release history and, in particular, the API versions corresponding
to each release is important for third-party plug-in developers.
ticket: new
component: windows
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19863 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The ccsv.pl and csvschema.cfg scripts are used to generate "C" source
code from CSV files containing tabular data. In particular, these are
used to define the configuration schema for Network Identity Manager
and some of its plug-ins.
It is desirable to be able to include arbitrary header files and
define macros in the generated C code so that the schema definition
can use them. This patch allows the CSV files to contain headers that
define lines of text that will be included literally in the generated
C code. Lines at the start of schema CSV file that begin with '#@'
will be stripped of the '#@' prefix and inserted into the C code.
E.g: The following line at the start of a schema CSV file:
#@#include<windows.h>
,will result in the following text in the C code:
#include<windows.h>
Then the schema definition can use macros of the form:
ClrHeaderExpSel, KC_INT32, "RGB(195, 94, 94)"
,which use macros such as RGB that are defined in the included header
file.
ticket: new
component: windows
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19862 dc483132-0cff-0310-8789-dd5450dbe970
|
