| <!DOCTYPE HTML> |
| <html lang="en"> |
| <head> |
| <!-- Generated by javadoc (17) --> |
| <title>Source code</title> |
| <meta name="viewport" content="width=device-width, initial-scale=1"> |
| <meta name="description" content="source: package: org.apache.hadoop.hbase.security, class: AbstractTestMutualTls"> |
| <meta name="generator" content="javadoc/SourceToHTMLConverter"> |
| <link rel="stylesheet" type="text/css" href="../../../../../../stylesheet.css" title="Style"> |
| </head> |
| <body class="source-page"> |
| <main role="main"> |
| <div class="source-container"> |
| <pre><span class="source-line-no">001</span><span id="line-1">/*</span> |
| <span class="source-line-no">002</span><span id="line-2"> * Licensed to the Apache Software Foundation (ASF) under one</span> |
| <span class="source-line-no">003</span><span id="line-3"> * or more contributor license agreements. See the NOTICE file</span> |
| <span class="source-line-no">004</span><span id="line-4"> * distributed with this work for additional information</span> |
| <span class="source-line-no">005</span><span id="line-5"> * regarding copyright ownership. The ASF licenses this file</span> |
| <span class="source-line-no">006</span><span id="line-6"> * to you under the Apache License, Version 2.0 (the</span> |
| <span class="source-line-no">007</span><span id="line-7"> * "License"); you may not use this file except in compliance</span> |
| <span class="source-line-no">008</span><span id="line-8"> * with the License. You may obtain a copy of the License at</span> |
| <span class="source-line-no">009</span><span id="line-9"> *</span> |
| <span class="source-line-no">010</span><span id="line-10"> * http://www.apache.org/licenses/LICENSE-2.0</span> |
| <span class="source-line-no">011</span><span id="line-11"> *</span> |
| <span class="source-line-no">012</span><span id="line-12"> * Unless required by applicable law or agreed to in writing, software</span> |
| <span class="source-line-no">013</span><span id="line-13"> * distributed under the License is distributed on an "AS IS" BASIS,</span> |
| <span class="source-line-no">014</span><span id="line-14"> * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.</span> |
| <span class="source-line-no">015</span><span id="line-15"> * See the License for the specific language governing permissions and</span> |
| <span class="source-line-no">016</span><span id="line-16"> * limitations under the License.</span> |
| <span class="source-line-no">017</span><span id="line-17"> */</span> |
| <span class="source-line-no">018</span><span id="line-18">package org.apache.hadoop.hbase.security;</span> |
| <span class="source-line-no">019</span><span id="line-19"></span> |
| <span class="source-line-no">020</span><span id="line-20">import static org.apache.hadoop.hbase.ipc.TestProtobufRpcServiceImpl.SERVICE;</span> |
| <span class="source-line-no">021</span><span id="line-21">import static org.hamcrest.MatcherAssert.assertThat;</span> |
| <span class="source-line-no">022</span><span id="line-22">import static org.hamcrest.Matchers.instanceOf;</span> |
| <span class="source-line-no">023</span><span id="line-23">import static org.junit.Assert.assertThrows;</span> |
| <span class="source-line-no">024</span><span id="line-24"></span> |
| <span class="source-line-no">025</span><span id="line-25">import java.io.File;</span> |
| <span class="source-line-no">026</span><span id="line-26">import java.io.IOException;</span> |
| <span class="source-line-no">027</span><span id="line-27">import java.lang.invoke.MethodHandles;</span> |
| <span class="source-line-no">028</span><span id="line-28">import java.net.InetSocketAddress;</span> |
| <span class="source-line-no">029</span><span id="line-29">import java.security.GeneralSecurityException;</span> |
| <span class="source-line-no">030</span><span id="line-30">import java.security.Security;</span> |
| <span class="source-line-no">031</span><span id="line-31">import java.security.cert.X509Certificate;</span> |
| <span class="source-line-no">032</span><span id="line-32">import javax.net.ssl.SSLHandshakeException;</span> |
| <span class="source-line-no">033</span><span id="line-33">import org.apache.commons.io.FileUtils;</span> |
| <span class="source-line-no">034</span><span id="line-34">import org.apache.hadoop.conf.Configuration;</span> |
| <span class="source-line-no">035</span><span id="line-35">import org.apache.hadoop.hbase.HBaseCommonTestingUtil;</span> |
| <span class="source-line-no">036</span><span id="line-36">import org.apache.hadoop.hbase.io.crypto.tls.KeyStoreFileType;</span> |
| <span class="source-line-no">037</span><span id="line-37">import org.apache.hadoop.hbase.io.crypto.tls.X509KeyType;</span> |
| <span class="source-line-no">038</span><span id="line-38">import org.apache.hadoop.hbase.io.crypto.tls.X509TestContext;</span> |
| <span class="source-line-no">039</span><span id="line-39">import org.apache.hadoop.hbase.io.crypto.tls.X509TestContextProvider;</span> |
| <span class="source-line-no">040</span><span id="line-40">import org.apache.hadoop.hbase.io.crypto.tls.X509Util;</span> |
| <span class="source-line-no">041</span><span id="line-41">import org.apache.hadoop.hbase.ipc.FifoRpcScheduler;</span> |
| <span class="source-line-no">042</span><span id="line-42">import org.apache.hadoop.hbase.ipc.NettyRpcClient;</span> |
| <span class="source-line-no">043</span><span id="line-43">import org.apache.hadoop.hbase.ipc.NettyRpcServer;</span> |
| <span class="source-line-no">044</span><span id="line-44">import org.apache.hadoop.hbase.ipc.RpcClient;</span> |
| <span class="source-line-no">045</span><span id="line-45">import org.apache.hadoop.hbase.ipc.RpcClientFactory;</span> |
| <span class="source-line-no">046</span><span id="line-46">import org.apache.hadoop.hbase.ipc.RpcServer;</span> |
| <span class="source-line-no">047</span><span id="line-47">import org.apache.hadoop.hbase.ipc.RpcServerFactory;</span> |
| <span class="source-line-no">048</span><span id="line-48">import org.apache.hadoop.hbase.ipc.TestProtobufRpcServiceImpl;</span> |
| <span class="source-line-no">049</span><span id="line-49">import org.bouncycastle.asn1.x500.X500NameBuilder;</span> |
| <span class="source-line-no">050</span><span id="line-50">import org.bouncycastle.asn1.x500.style.BCStyle;</span> |
| <span class="source-line-no">051</span><span id="line-51">import org.bouncycastle.jce.provider.BouncyCastleProvider;</span> |
| <span class="source-line-no">052</span><span id="line-52">import org.bouncycastle.operator.OperatorCreationException;</span> |
| <span class="source-line-no">053</span><span id="line-53">import org.junit.After;</span> |
| <span class="source-line-no">054</span><span id="line-54">import org.junit.AfterClass;</span> |
| <span class="source-line-no">055</span><span id="line-55">import org.junit.Before;</span> |
| <span class="source-line-no">056</span><span id="line-56">import org.junit.BeforeClass;</span> |
| <span class="source-line-no">057</span><span id="line-57">import org.junit.Test;</span> |
| <span class="source-line-no">058</span><span id="line-58">import org.junit.runners.Parameterized;</span> |
| <span class="source-line-no">059</span><span id="line-59"></span> |
| <span class="source-line-no">060</span><span id="line-60">import org.apache.hbase.thirdparty.com.google.common.collect.Lists;</span> |
| <span class="source-line-no">061</span><span id="line-61">import org.apache.hbase.thirdparty.com.google.common.io.Closeables;</span> |
| <span class="source-line-no">062</span><span id="line-62">import org.apache.hbase.thirdparty.com.google.protobuf.ServiceException;</span> |
| <span class="source-line-no">063</span><span id="line-63"></span> |
| <span class="source-line-no">064</span><span id="line-64">import org.apache.hadoop.hbase.shaded.ipc.protobuf.generated.TestProtos;</span> |
| <span class="source-line-no">065</span><span id="line-65">import org.apache.hadoop.hbase.shaded.ipc.protobuf.generated.TestRpcServiceProtos;</span> |
| <span class="source-line-no">066</span><span id="line-66"></span> |
| <span class="source-line-no">067</span><span id="line-67">public abstract class AbstractTestMutualTls {</span> |
| <span class="source-line-no">068</span><span id="line-68"> protected static HBaseCommonTestingUtil UTIL;</span> |
| <span class="source-line-no">069</span><span id="line-69"></span> |
| <span class="source-line-no">070</span><span id="line-70"> protected static File DIR;</span> |
| <span class="source-line-no">071</span><span id="line-71"></span> |
| <span class="source-line-no">072</span><span id="line-72"> protected static X509TestContextProvider PROVIDER;</span> |
| <span class="source-line-no">073</span><span id="line-73"></span> |
| <span class="source-line-no">074</span><span id="line-74"> private X509TestContext x509TestContext;</span> |
| <span class="source-line-no">075</span><span id="line-75"></span> |
| <span class="source-line-no">076</span><span id="line-76"> protected RpcServer rpcServer;</span> |
| <span class="source-line-no">077</span><span id="line-77"></span> |
| <span class="source-line-no">078</span><span id="line-78"> protected RpcClient rpcClient;</span> |
| <span class="source-line-no">079</span><span id="line-79"> private TestRpcServiceProtos.TestProtobufRpcProto.BlockingInterface stub;</span> |
| <span class="source-line-no">080</span><span id="line-80"></span> |
| <span class="source-line-no">081</span><span id="line-81"> @Parameterized.Parameter(0)</span> |
| <span class="source-line-no">082</span><span id="line-82"> public X509KeyType caKeyType;</span> |
| <span class="source-line-no">083</span><span id="line-83"></span> |
| <span class="source-line-no">084</span><span id="line-84"> @Parameterized.Parameter(1)</span> |
| <span class="source-line-no">085</span><span id="line-85"> public X509KeyType certKeyType;</span> |
| <span class="source-line-no">086</span><span id="line-86"></span> |
| <span class="source-line-no">087</span><span id="line-87"> @Parameterized.Parameter(2)</span> |
| <span class="source-line-no">088</span><span id="line-88"> public String keyPassword;</span> |
| <span class="source-line-no">089</span><span id="line-89"> @Parameterized.Parameter(3)</span> |
| <span class="source-line-no">090</span><span id="line-90"> public boolean expectSuccess;</span> |
| <span class="source-line-no">091</span><span id="line-91"></span> |
| <span class="source-line-no">092</span><span id="line-92"> @Parameterized.Parameter(4)</span> |
| <span class="source-line-no">093</span><span id="line-93"> public boolean validateHostnames;</span> |
| <span class="source-line-no">094</span><span id="line-94"></span> |
| <span class="source-line-no">095</span><span id="line-95"> @Parameterized.Parameter(5)</span> |
| <span class="source-line-no">096</span><span id="line-96"> public CertConfig certConfig;</span> |
| <span class="source-line-no">097</span><span id="line-97"></span> |
| <span class="source-line-no">098</span><span id="line-98"> public enum CertConfig {</span> |
| <span class="source-line-no">099</span><span id="line-99"> // For no cert, we literally pass no certificate to the server. It's possible (assuming server</span> |
| <span class="source-line-no">100</span><span id="line-100"> // allows it based on ClientAuth mode) to use SSL without a KeyStore which will still do all</span> |
| <span class="source-line-no">101</span><span id="line-101"> // the handshaking but without a client cert. This is what we do here.</span> |
| <span class="source-line-no">102</span><span id="line-102"> // This mode only makes sense for client side, as server side must return a cert.</span> |
| <span class="source-line-no">103</span><span id="line-103"> NO_CLIENT_CERT,</span> |
| <span class="source-line-no">104</span><span id="line-104"> // For non-verifiable cert, we create a new certificate which is signed by a different</span> |
| <span class="source-line-no">105</span><span id="line-105"> // CA. So we're passing a cert, but the client/server can't verify it.</span> |
| <span class="source-line-no">106</span><span id="line-106"> NON_VERIFIABLE_CERT,</span> |
| <span class="source-line-no">107</span><span id="line-107"> // Good cert is the default mode, which uses a cert signed by the same CA both sides</span> |
| <span class="source-line-no">108</span><span id="line-108"> // and the hostname should match (localhost)</span> |
| <span class="source-line-no">109</span><span id="line-109"> GOOD_CERT,</span> |
| <span class="source-line-no">110</span><span id="line-110"> // For good cert/bad host, we create a new certificate signed by the same CA. But</span> |
| <span class="source-line-no">111</span><span id="line-111"> // this cert has a SANS that will not match the localhost peer.</span> |
| <span class="source-line-no">112</span><span id="line-112"> VERIFIABLE_CERT_WITH_BAD_HOST</span> |
| <span class="source-line-no">113</span><span id="line-113"> }</span> |
| <span class="source-line-no">114</span><span id="line-114"></span> |
| <span class="source-line-no">115</span><span id="line-115"> @BeforeClass</span> |
| <span class="source-line-no">116</span><span id="line-116"> public static void setUpBeforeClass() throws IOException {</span> |
| <span class="source-line-no">117</span><span id="line-117"> UTIL = new HBaseCommonTestingUtil();</span> |
| <span class="source-line-no">118</span><span id="line-118"> Security.addProvider(new BouncyCastleProvider());</span> |
| <span class="source-line-no">119</span><span id="line-119"> DIR =</span> |
| <span class="source-line-no">120</span><span id="line-120"> new File(UTIL.getDataTestDir(AbstractTestTlsRejectPlainText.class.getSimpleName()).toString())</span> |
| <span class="source-line-no">121</span><span id="line-121"> .getCanonicalFile();</span> |
| <span class="source-line-no">122</span><span id="line-122"> FileUtils.forceMkdir(DIR);</span> |
| <span class="source-line-no">123</span><span id="line-123"> Configuration conf = UTIL.getConfiguration();</span> |
| <span class="source-line-no">124</span><span id="line-124"> conf.setClass(RpcClientFactory.CUSTOM_RPC_CLIENT_IMPL_CONF_KEY, NettyRpcClient.class,</span> |
| <span class="source-line-no">125</span><span id="line-125"> RpcClient.class);</span> |
| <span class="source-line-no">126</span><span id="line-126"> conf.setClass(RpcServerFactory.CUSTOM_RPC_SERVER_IMPL_CONF_KEY, NettyRpcServer.class,</span> |
| <span class="source-line-no">127</span><span id="line-127"> RpcServer.class);</span> |
| <span class="source-line-no">128</span><span id="line-128"> conf.setBoolean(X509Util.HBASE_SERVER_NETTY_TLS_ENABLED, true);</span> |
| <span class="source-line-no">129</span><span id="line-129"> conf.setBoolean(X509Util.HBASE_SERVER_NETTY_TLS_SUPPORTPLAINTEXT, false);</span> |
| <span class="source-line-no">130</span><span id="line-130"> conf.setBoolean(X509Util.HBASE_CLIENT_NETTY_TLS_ENABLED, true);</span> |
| <span class="source-line-no">131</span><span id="line-131"> PROVIDER = new X509TestContextProvider(conf, DIR);</span> |
| <span class="source-line-no">132</span><span id="line-132"> }</span> |
| <span class="source-line-no">133</span><span id="line-133"></span> |
| <span class="source-line-no">134</span><span id="line-134"> @AfterClass</span> |
| <span class="source-line-no">135</span><span id="line-135"> public static void cleanUp() {</span> |
| <span class="source-line-no">136</span><span id="line-136"> Security.removeProvider(BouncyCastleProvider.PROVIDER_NAME);</span> |
| <span class="source-line-no">137</span><span id="line-137"> UTIL.cleanupTestDir();</span> |
| <span class="source-line-no">138</span><span id="line-138"> }</span> |
| <span class="source-line-no">139</span><span id="line-139"></span> |
| <span class="source-line-no">140</span><span id="line-140"> protected abstract void initialize(Configuration serverConf, Configuration clientConf)</span> |
| <span class="source-line-no">141</span><span id="line-141"> throws IOException, GeneralSecurityException, OperatorCreationException;</span> |
| <span class="source-line-no">142</span><span id="line-142"></span> |
| <span class="source-line-no">143</span><span id="line-143"> @Before</span> |
| <span class="source-line-no">144</span><span id="line-144"> public void setUp() throws Exception {</span> |
| <span class="source-line-no">145</span><span id="line-145"> x509TestContext = PROVIDER.get(caKeyType, certKeyType, keyPassword.toCharArray());</span> |
| <span class="source-line-no">146</span><span id="line-146"> x509TestContext.setConfigurations(KeyStoreFileType.JKS, KeyStoreFileType.JKS);</span> |
| <span class="source-line-no">147</span><span id="line-147"></span> |
| <span class="source-line-no">148</span><span id="line-148"> Configuration serverConf = new Configuration(UTIL.getConfiguration());</span> |
| <span class="source-line-no">149</span><span id="line-149"> Configuration clientConf = new Configuration(UTIL.getConfiguration());</span> |
| <span class="source-line-no">150</span><span id="line-150"></span> |
| <span class="source-line-no">151</span><span id="line-151"> initialize(serverConf, clientConf);</span> |
| <span class="source-line-no">152</span><span id="line-152"></span> |
| <span class="source-line-no">153</span><span id="line-153"> rpcServer = new NettyRpcServer(null, "testRpcServer",</span> |
| <span class="source-line-no">154</span><span id="line-154"> Lists.newArrayList(new RpcServer.BlockingServiceAndInterface(SERVICE, null)),</span> |
| <span class="source-line-no">155</span><span id="line-155"> new InetSocketAddress("localhost", 0), serverConf, new FifoRpcScheduler(serverConf, 1), true);</span> |
| <span class="source-line-no">156</span><span id="line-156"> rpcServer.start();</span> |
| <span class="source-line-no">157</span><span id="line-157"></span> |
| <span class="source-line-no">158</span><span id="line-158"> rpcClient = new NettyRpcClient(clientConf);</span> |
| <span class="source-line-no">159</span><span id="line-159"> stub = TestProtobufRpcServiceImpl.newBlockingStub(rpcClient, rpcServer.getListenerAddress());</span> |
| <span class="source-line-no">160</span><span id="line-160"> }</span> |
| <span class="source-line-no">161</span><span id="line-161"></span> |
| <span class="source-line-no">162</span><span id="line-162"> protected void handleCertConfig(Configuration confToSet)</span> |
| <span class="source-line-no">163</span><span id="line-163"> throws GeneralSecurityException, IOException, OperatorCreationException {</span> |
| <span class="source-line-no">164</span><span id="line-164"> switch (certConfig) {</span> |
| <span class="source-line-no">165</span><span id="line-165"> case NO_CLIENT_CERT:</span> |
| <span class="source-line-no">166</span><span id="line-166"> // clearing out the keystore location will cause no cert to be sent.</span> |
| <span class="source-line-no">167</span><span id="line-167"> confToSet.set(X509Util.TLS_CONFIG_KEYSTORE_LOCATION, "");</span> |
| <span class="source-line-no">168</span><span id="line-168"> break;</span> |
| <span class="source-line-no">169</span><span id="line-169"> case NON_VERIFIABLE_CERT:</span> |
| <span class="source-line-no">170</span><span id="line-170"> // to simulate a bad cert, we inject a new keystore into the client side.</span> |
| <span class="source-line-no">171</span><span id="line-171"> // the same truststore exists, so it will still successfully verify the server cert</span> |
| <span class="source-line-no">172</span><span id="line-172"> // but since the new client keystore cert is created from a new CA (which the server doesn't</span> |
| <span class="source-line-no">173</span><span id="line-173"> // have),</span> |
| <span class="source-line-no">174</span><span id="line-174"> // the server will not be able to verify it.</span> |
| <span class="source-line-no">175</span><span id="line-175"> X509TestContext context =</span> |
| <span class="source-line-no">176</span><span id="line-176"> PROVIDER.get(caKeyType, certKeyType, "random value".toCharArray());</span> |
| <span class="source-line-no">177</span><span id="line-177"> context.setKeystoreConfigurations(KeyStoreFileType.JKS, confToSet);</span> |
| <span class="source-line-no">178</span><span id="line-178"> break;</span> |
| <span class="source-line-no">179</span><span id="line-179"> case VERIFIABLE_CERT_WITH_BAD_HOST:</span> |
| <span class="source-line-no">180</span><span id="line-180"> // to simulate a good cert with a bad host, we need to create a new cert using the existing</span> |
| <span class="source-line-no">181</span><span id="line-181"> // context's CA/truststore. Here we can pass any random SANS, as long as it won't match</span> |
| <span class="source-line-no">182</span><span id="line-182"> // localhost or any reasonable name that this test might run on.</span> |
| <span class="source-line-no">183</span><span id="line-183"> X509Certificate cert = x509TestContext.newCert(new X500NameBuilder(BCStyle.INSTANCE)</span> |
| <span class="source-line-no">184</span><span id="line-184"> .addRDN(BCStyle.CN,</span> |
| <span class="source-line-no">185</span><span id="line-185"> MethodHandles.lookup().lookupClass().getCanonicalName() + " With Bad Host Test")</span> |
| <span class="source-line-no">186</span><span id="line-186"> .build(), "www.example.com");</span> |
| <span class="source-line-no">187</span><span id="line-187"> x509TestContext.cloneWithNewKeystoreCert(cert)</span> |
| <span class="source-line-no">188</span><span id="line-188"> .setKeystoreConfigurations(KeyStoreFileType.JKS, confToSet);</span> |
| <span class="source-line-no">189</span><span id="line-189"> break;</span> |
| <span class="source-line-no">190</span><span id="line-190"> default:</span> |
| <span class="source-line-no">191</span><span id="line-191"> break;</span> |
| <span class="source-line-no">192</span><span id="line-192"> }</span> |
| <span class="source-line-no">193</span><span id="line-193"> }</span> |
| <span class="source-line-no">194</span><span id="line-194"></span> |
| <span class="source-line-no">195</span><span id="line-195"> @After</span> |
| <span class="source-line-no">196</span><span id="line-196"> public void tearDown() throws IOException {</span> |
| <span class="source-line-no">197</span><span id="line-197"> if (rpcServer != null) {</span> |
| <span class="source-line-no">198</span><span id="line-198"> rpcServer.stop();</span> |
| <span class="source-line-no">199</span><span id="line-199"> }</span> |
| <span class="source-line-no">200</span><span id="line-200"> Closeables.close(rpcClient, true);</span> |
| <span class="source-line-no">201</span><span id="line-201"> x509TestContext.clearConfigurations();</span> |
| <span class="source-line-no">202</span><span id="line-202"> x509TestContext.getConf().unset(X509Util.TLS_CONFIG_OCSP);</span> |
| <span class="source-line-no">203</span><span id="line-203"> x509TestContext.getConf().unset(X509Util.TLS_CONFIG_CLR);</span> |
| <span class="source-line-no">204</span><span id="line-204"> x509TestContext.getConf().unset(X509Util.TLS_CONFIG_PROTOCOL);</span> |
| <span class="source-line-no">205</span><span id="line-205"> System.clearProperty("com.sun.net.ssl.checkRevocation");</span> |
| <span class="source-line-no">206</span><span id="line-206"> System.clearProperty("com.sun.security.enableCRLDP");</span> |
| <span class="source-line-no">207</span><span id="line-207"> Security.setProperty("ocsp.enable", Boolean.FALSE.toString());</span> |
| <span class="source-line-no">208</span><span id="line-208"> Security.setProperty("com.sun.security.enableCRLDP", Boolean.FALSE.toString());</span> |
| <span class="source-line-no">209</span><span id="line-209"> }</span> |
| <span class="source-line-no">210</span><span id="line-210"></span> |
| <span class="source-line-no">211</span><span id="line-211"> @Test</span> |
| <span class="source-line-no">212</span><span id="line-212"> public void testClientAuth() throws Exception {</span> |
| <span class="source-line-no">213</span><span id="line-213"> if (expectSuccess) {</span> |
| <span class="source-line-no">214</span><span id="line-214"> // we expect no exception, so if one is thrown the test will fail</span> |
| <span class="source-line-no">215</span><span id="line-215"> submitRequest();</span> |
| <span class="source-line-no">216</span><span id="line-216"> } else {</span> |
| <span class="source-line-no">217</span><span id="line-217"> ServiceException se = assertThrows(ServiceException.class, this::submitRequest);</span> |
| <span class="source-line-no">218</span><span id="line-218"> assertThat(se.getCause(), instanceOf(SSLHandshakeException.class));</span> |
| <span class="source-line-no">219</span><span id="line-219"> }</span> |
| <span class="source-line-no">220</span><span id="line-220"> }</span> |
| <span class="source-line-no">221</span><span id="line-221"></span> |
| <span class="source-line-no">222</span><span id="line-222"> private void submitRequest() throws ServiceException {</span> |
| <span class="source-line-no">223</span><span id="line-223"> stub.echo(null, TestProtos.EchoRequestProto.newBuilder().setMessage("hello world").build());</span> |
| <span class="source-line-no">224</span><span id="line-224"> }</span> |
| <span class="source-line-no">225</span><span id="line-225">}</span> |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| </pre> |
| </div> |
| </main> |
| </body> |
| </html> |
