diff --git a/other-licenses/nsis/Contrib/CertCheck/CertCheck.cpp b/other-licenses/nsis/Contrib/CertCheck/CertCheck.cpp new file mode 100644 index 00000000000..172ca22f6a2 --- /dev/null +++ b/other-licenses/nsis/Contrib/CertCheck/CertCheck.cpp @@ -0,0 +1,385 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#include +#include +#include +#include +#include + +#pragma comment(lib, "wintrust.lib") +#pragma comment(lib, "crypt32.lib") + +#ifdef UNICODE + +#ifndef _T +#define __T(x) L ## x +#define _T(x) __T(x) +#define _TEXT(x) __T(x) +#endif + +#else + +#ifndef _T +#define _T(x) x +#define _TEXT(x) x +#endif + +#endif // UNICODE + +static const int ENCODING = X509_ASN_ENCODING | PKCS_7_ASN_ENCODING; + +typedef struct _stack_t { + struct _stack_t *next; + TCHAR text[MAX_PATH]; +} stack_t; + +int popstring(stack_t **stacktop, LPTSTR str, int len); +void pushstring(stack_t **stacktop, LPCTSTR str, int len); + +struct CertificateCheckInfo +{ + LPCWSTR name; + LPCWSTR issuer; +}; + +/** + * Checks to see if a file stored at filePath matches the specified info. This + * only supports the name and issuer attributes currently. + * + * @param certContext The certificate context of the file + * @param infoToMatch The acceptable information to match + * @return FALSE if the info does not match or if any error occurs in the check + */ +BOOL +DoCertificateAttributesMatch(PCCERT_CONTEXT certContext, + CertificateCheckInfo &infoToMatch) +{ + DWORD dwData; + LPTSTR szName = NULL; + + // Pass in NULL to get the needed size of the issuer buffer. + dwData = CertGetNameString(certContext, + CERT_NAME_SIMPLE_DISPLAY_TYPE, + CERT_NAME_ISSUER_FLAG, NULL, + NULL, 0); + + if (!dwData) { + return FALSE; + } + + // Allocate memory for Issuer name buffer. + szName = (LPTSTR)LocalAlloc(LPTR, dwData * sizeof(WCHAR)); + if (!szName) { + return FALSE; + } + + // Get Issuer name. + if (!CertGetNameString(certContext, CERT_NAME_SIMPLE_DISPLAY_TYPE, + CERT_NAME_ISSUER_FLAG, NULL, szName, dwData)) { + LocalFree(szName); + return FALSE; + } + + // If the issuer does not match, return a failure. + if (!infoToMatch.issuer || + wcscmp(szName, infoToMatch.issuer)) { + LocalFree(szName); + return FALSE; + } + + LocalFree(szName); + szName = NULL; + + // Pass in NULL to get the needed size of the name buffer. + dwData = CertGetNameString(certContext, CERT_NAME_SIMPLE_DISPLAY_TYPE, + 0, NULL, NULL, 0); + if (!dwData) { + return FALSE; + } + + // Allocate memory for the name buffer. + szName = (LPTSTR)LocalAlloc(LPTR, dwData * sizeof(WCHAR)); + if (!szName) { + return FALSE; + } + + // Obtain the name. + if (!(CertGetNameString(certContext, CERT_NAME_SIMPLE_DISPLAY_TYPE, 0, + NULL, szName, dwData))) { + LocalFree(szName); + return FALSE; + } + + // If the issuer does not match, return a failure. + if (!infoToMatch.name || + wcscmp(szName, infoToMatch.name)) { + LocalFree(szName); + return FALSE; + } + + // We have a match! + LocalFree(szName); + + // If there were any errors we would have aborted by now. + return TRUE; +} + +/** + * Checks to see if a file stored at filePath matches the specified info. This + * only supports the name and issuer attributes currently. + * + * @param filePath The PE file path to check + * @param infoToMatch The acceptable information to match + * @return ERROR_SUCCESS if successful, ERROR_NOT_FOUND if the info + * does not match, or the last error otherwise. + */ +DWORD +CheckCertificateForPEFile(LPCWSTR filePath, + CertificateCheckInfo &infoToMatch) +{ + HCERTSTORE certStore = NULL; + HCRYPTMSG cryptMsg = NULL; + PCCERT_CONTEXT certContext = NULL; + PCMSG_SIGNER_INFO signerInfo = NULL; + DWORD lastError = ERROR_SUCCESS; + + // Get the HCERTSTORE and HCRYPTMSG from the signed file. + DWORD encoding, contentType, formatType; + BOOL result = CryptQueryObject(CERT_QUERY_OBJECT_FILE, + filePath, + CERT_QUERY_CONTENT_FLAG_PKCS7_SIGNED_EMBED, + CERT_QUERY_CONTENT_FLAG_ALL, + 0, &encoding, &contentType, + &formatType, &certStore, &cryptMsg, NULL); + if (!result) { + lastError = GetLastError(); + goto cleanup; + } + + // Pass in NULL to get the needed signer information size. + DWORD signerInfoSize; + result = CryptMsgGetParam(cryptMsg, CMSG_SIGNER_INFO_PARAM, 0, + NULL, &signerInfoSize); + if (!result) { + lastError = GetLastError(); + goto cleanup; + } + + // Allocate the needed size for the signer information. + signerInfo = (PCMSG_SIGNER_INFO)LocalAlloc(LPTR, signerInfoSize); + if (!signerInfo) { + lastError = GetLastError(); + goto cleanup; + } + + // Get the signer information (PCMSG_SIGNER_INFO). + // In particular we want the issuer and serial number. + result = CryptMsgGetParam(cryptMsg, CMSG_SIGNER_INFO_PARAM, 0, + (PVOID)signerInfo, &signerInfoSize); + if (!result) { + lastError = GetLastError(); + goto cleanup; + } + + // Search for the signer certificate in the certificate store. + CERT_INFO certInfo; + certInfo.Issuer = signerInfo->Issuer; + certInfo.SerialNumber = signerInfo->SerialNumber; + certContext = CertFindCertificateInStore(certStore, ENCODING, 0, + CERT_FIND_SUBJECT_CERT, + (PVOID)&certInfo, NULL); + if (!certContext) { + lastError = GetLastError(); + goto cleanup; + } + + if (!DoCertificateAttributesMatch(certContext, infoToMatch)) { + lastError = ERROR_NOT_FOUND; + goto cleanup; + } + +cleanup: + if (signerInfo) { + LocalFree(signerInfo); + } + if (certContext) { + CertFreeCertificateContext(certContext); + } + if (certStore) { + CertCloseStore(certStore, 0); + } + if (cryptMsg) { + CryptMsgClose(cryptMsg); + } + return lastError; +} + +/** + * Compares the certificate name and issuer values for a signed file's with the + * values provided. + * + * @param stacktop A pointer to the top of the stack. The stack should contain + * from the top the file's path, the expected value for the + * certificate's name attribute, and the expected value for + * the certificate's issuer attribute. + * @param variables A pointer to the NSIS variables + * @return 1 if the certificate name and issuer attributes matched the expected + * values, 0 if they don't match the expected values. + */ +extern "C" void __declspec(dllexport) +VerifyCertNameIssuer(HWND hwndParent, int string_size, + TCHAR *variables, stack_t **stacktop, void *extra) +{ + TCHAR tmp1[MAX_PATH + 1] = { _T('\0') }; + TCHAR tmp2[MAX_PATH + 1] = { _T('\0') }; + TCHAR tmp3[MAX_PATH + 1] = { _T('\0') }; + WCHAR filePath[MAX_PATH + 1] = { L'\0' }; + WCHAR certName[MAX_PATH + 1] = { L'\0' }; + WCHAR certIssuer[MAX_PATH + 1] = { L'\0' }; + + popstring(stacktop, tmp1, MAX_PATH); + popstring(stacktop, tmp2, MAX_PATH); + popstring(stacktop, tmp3, MAX_PATH); + +#if !defined(UNICODE) + MultiByteToWideChar(CP_ACP, 0, tmp1, -1, filePath, MAX_PATH); + MultiByteToWideChar(CP_ACP, 0, tmp2, -1, certName, MAX_PATH); + MultiByteToWideChar(CP_ACP, 0, tmp3, -1, certIssuer, MAX_PATH); +#else + wcsncpy(filePath, tmp1, MAX_PATH); + wcsncpy(certName, tmp2, MAX_PATH); + wcsncpy(certIssuer, tmp3, MAX_PATH); +#endif + + CertificateCheckInfo allowedCertificate = { + certName, + certIssuer, + }; + + LONG retCode = CheckCertificateForPEFile(filePath, allowedCertificate); + if (retCode == ERROR_SUCCESS) { + pushstring(stacktop, TEXT("1"), 2); + } else { + pushstring(stacktop, TEXT("0"), 2); + } +} + +/** + * Verifies the trust of a signed file's certificate. + * + * @param filePath The file path to check. + * @return ERROR_SUCCESS if successful, or the last error code otherwise. + */ +DWORD +VerifyCertificateTrustForFile(LPCWSTR filePath) +{ + // Setup the file to check. + WINTRUST_FILE_INFO fileToCheck; + ZeroMemory(&fileToCheck, sizeof(fileToCheck)); + fileToCheck.cbStruct = sizeof(WINTRUST_FILE_INFO); + fileToCheck.pcwszFilePath = filePath; + + // Setup what to check, we want to check it is signed and trusted. + WINTRUST_DATA trustData; + ZeroMemory(&trustData, sizeof(trustData)); + trustData.cbStruct = sizeof(trustData); + trustData.pPolicyCallbackData = NULL; + trustData.pSIPClientData = NULL; + trustData.dwUIChoice = WTD_UI_NONE; + trustData.fdwRevocationChecks = WTD_REVOKE_NONE; + trustData.dwUnionChoice = WTD_CHOICE_FILE; + trustData.dwStateAction = 0; + trustData.hWVTStateData = NULL; + trustData.pwszURLReference = NULL; + // no UI + trustData.dwUIContext = 0; + trustData.pFile = &fileToCheck; + + GUID policyGUID = WINTRUST_ACTION_GENERIC_VERIFY_V2; + // Check if the file is signed by something that is trusted. + LONG ret = WinVerifyTrust(NULL, &policyGUID, &trustData); + return ret; +} + +/** + * Verifies the trust of a signed file's certificate. + * + * @param stacktop A pointer to the top of the stack. This should be the file + * path for the file that will have its trust verified. + * @param variables A pointer to the NSIS variables + * @return 1 if the file's trust was verified successfully, 0 if it was not + */ +extern "C" void __declspec(dllexport) +VerifyCertTrust(HWND hwndParent, int string_size, + TCHAR *variables, stack_t **stacktop, void *extra) +{ + TCHAR tmp[MAX_PATH + 1] = { _T('\0') }; + WCHAR filePath[MAX_PATH + 1] = { L'\0' }; + + popstring(stacktop, tmp, MAX_PATH); + +#if !defined(UNICODE) + MultiByteToWideChar(CP_ACP, 0, tmp, -1, filePath, MAX_PATH); +#else + wcsncpy(filePath, tmp, MAX_PATH); +#endif + + LONG retCode = VerifyCertificateTrustForFile(filePath); + if (retCode == ERROR_SUCCESS) { + pushstring(stacktop, TEXT("1"), 2); + } else { + pushstring(stacktop, TEXT("0"), 2); + } +} + +BOOL WINAPI +DllMain(HANDLE hInst, ULONG ul_reason_for_call, LPVOID lpReserved) +{ + return TRUE; +} + +/** + * Removes an element from the top of the NSIS stack + * + * @param stacktop A pointer to the top of the stack + * @param str The string to pop to + * @param len The max length + * @return 0 on success +*/ +int popstring(stack_t **stacktop, TCHAR *str, int len) +{ + // Removes the element from the top of the stack and puts it in the buffer + stack_t *th; + if (!stacktop || !*stacktop) { + return 1; + } + + th = (*stacktop); + lstrcpyn(str,th->text, len); + *stacktop = th->next; + GlobalFree((HGLOBAL)th); + return 0; +} + +/** + * Adds an element to the top of the NSIS stack + * + * @param stacktop A pointer to the top of the stack + * @param str The string to push on the stack + * @param len The length of the string to push on the stack + * @return 0 on success +*/ +void pushstring(stack_t **stacktop, const TCHAR *str, int len) +{ + stack_t *th; + if (!stacktop) { + return; + } + + th = (stack_t*)GlobalAlloc(GPTR, sizeof(stack_t) + len); + lstrcpyn(th->text, str, len); + th->next = *stacktop; + *stacktop = th; +} diff --git a/other-licenses/nsis/Contrib/CertCheck/CertCheck.dsp b/other-licenses/nsis/Contrib/CertCheck/CertCheck.dsp new file mode 100644 index 00000000000..b0c0625166c --- /dev/null +++ b/other-licenses/nsis/Contrib/CertCheck/CertCheck.dsp @@ -0,0 +1,159 @@ +# Microsoft Developer Studio Project File - Name="CertCheck" - Package Owner=<4> +# Microsoft Developer Studio Generated Build File, Format Version 6.00 +# ** DO NOT EDIT ** + +# TARGTYPE "Win32 (x86) Dynamic-Link Library" 0x0102 + +CFG=CertCheck - Win32 Debug Unicode +!MESSAGE This is not a valid makefile. To build this project using NMAKE, +!MESSAGE use the Export Makefile command and run +!MESSAGE +!MESSAGE NMAKE /f "CertCheck.mak". +!MESSAGE +!MESSAGE You can specify a configuration when running NMAKE +!MESSAGE by defining the macro CFG on the command line. For example: +!MESSAGE +!MESSAGE NMAKE /f "CertCheck.mak" CFG="CertCheck - Win32 Debug Unicode" +!MESSAGE +!MESSAGE Possible choices for configuration are: +!MESSAGE +!MESSAGE "CertCheck - Win32 Release" (based on "Win32 (x86) Dynamic-Link Library") +!MESSAGE "CertCheck - Win32 Debug" (based on "Win32 (x86) Dynamic-Link Library") +!MESSAGE "CertCheck - Win32 Release Unicode" (based on "Win32 (x86) Dynamic-Link Library") +!MESSAGE "CertCheck - Win32 Debug Unicode" (based on "Win32 (x86) Dynamic-Link Library") +!MESSAGE + +# Begin Project +# PROP AllowPerConfigDependencies 0 +# PROP Scc_ProjName "" +# PROP Scc_LocalPath "" +CPP=cl.exe +MTL=midl.exe +RSC=rc.exe + +!IF "$(CFG)" == "CertCheck - Win32 Release" + +# PROP BASE Use_MFC 0 +# PROP BASE Use_Debug_Libraries 0 +# PROP BASE Output_Dir "Release" +# PROP BASE Intermediate_Dir "Release" +# PROP BASE Target_Dir "" +# PROP Use_MFC 0 +# PROP Use_Debug_Libraries 0 +# PROP Output_Dir "Release" +# PROP Intermediate_Dir "Release" +# PROP Ignore_Export_Lib 0 +# PROP Target_Dir "" +# ADD BASE CPP /nologo /MT /W3 /GX /O2 /D "WIN32" /D "NDEBUG" /D "_WINDOWS" /D "_MBCS" /D "_USRDLL" /D "CertCheck_EXPORTS" /YX /FD /c +# ADD CPP /nologo /MT /W3 /GX /O1 /D "WIN32" /D "NDEBUG" /D "_WINDOWS" /D "_MBCS" /D "_USRDLL" /D "CertCheck_EXPORTS" /YX /FD /c +# ADD BASE MTL /nologo /D "NDEBUG" /mktyplib203 /win32 +# ADD MTL /nologo /D "NDEBUG" /mktyplib203 /win32 +# ADD BASE RSC /l 0x409 /d "NDEBUG" +# ADD RSC /l 0x409 /d "NDEBUG" +BSC32=bscmake.exe +# ADD BASE BSC32 /nologo +# ADD BSC32 /nologo +LINK32=link.exe +# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /dll /machine:I386 +# ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comctl32.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /entry:"DllMain" /dll /machine:I386 /nodefaultlib /out:"../../Plugins/CertCheck.dll" /opt:nowin98 +# SUBTRACT LINK32 /pdb:none + +!ELSEIF "$(CFG)" == "CertCheck - Win32 Debug" + +# PROP BASE Use_MFC 0 +# PROP BASE Use_Debug_Libraries 1 +# PROP BASE Output_Dir "Debug" +# PROP BASE Intermediate_Dir "Debug" +# PROP BASE Target_Dir "" +# PROP Use_MFC 0 +# PROP Use_Debug_Libraries 1 +# PROP Output_Dir "Debug" +# PROP Intermediate_Dir "Debug" +# PROP Ignore_Export_Lib 0 +# PROP Target_Dir "" +# ADD BASE CPP /nologo /MTd /W3 /Gm /GX /ZI /Od /D "WIN32" /D "_DEBUG" /D "_WINDOWS" /D "_MBCS" /D "_USRDLL" /D "CertCheck_EXPORTS" /YX /FD /GZ /c +# ADD CPP /nologo /MTd /W3 /Gm /GX /ZI /Od /D "WIN32" /D "_DEBUG" /D "_WINDOWS" /D "_MBCS" /D "_USRDLL" /D "CertCheck_EXPORTS" /YX /FD /GZ /c +# ADD BASE MTL /nologo /D "_DEBUG" /mktyplib203 /win32 +# ADD MTL /nologo /D "_DEBUG" /mktyplib203 /win32 +# ADD BASE RSC /l 0x409 /d "_DEBUG" +# ADD RSC /l 0x409 /d "_DEBUG" +BSC32=bscmake.exe +# ADD BASE BSC32 /nologo +# ADD BSC32 /nologo +LINK32=link.exe +# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /dll /debug /machine:I386 /pdbtype:sept +# ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /dll /debug /machine:I386 /pdbtype:sept + +!ELSEIF "$(CFG)" == "CertCheck - Win32 Release Unicode" + +# PROP BASE Use_MFC 0 +# PROP BASE Use_Debug_Libraries 0 +# PROP BASE Output_Dir "CertCheck___Win32_Release_Unicode" +# PROP BASE Intermediate_Dir "CertCheck___Win32_Release_Unicode" +# PROP BASE Ignore_Export_Lib 0 +# PROP BASE Target_Dir "" +# PROP Use_MFC 0 +# PROP Use_Debug_Libraries 0 +# PROP Output_Dir "Release_Unicode" +# PROP Intermediate_Dir "Release_Unicode" +# PROP Ignore_Export_Lib 1 +# PROP Target_Dir "" +# ADD BASE CPP /nologo /MT /W3 /GX /O1 /D "WIN32" /D "NDEBUG" /D "_WINDOWS" /D "_MBCS" /D "_USRDLL" /D "CertCheck_EXPORTS" /YX /FD /c +# ADD CPP /nologo /MT /W3 /GX /O1 /D "UNICODE" /D "_UNICODE" /D "WIN32" /D "NDEBUG" /D "_WINDOWS" /D "_MBCS" /D "_USRDLL" /D "CertCheck_EXPORTS" /YX /FD /c +# ADD BASE MTL /nologo /D "NDEBUG" /mktyplib203 /win32 +# ADD MTL /nologo /D "NDEBUG" /mktyplib203 /win32 +# ADD BASE RSC /l 0x409 /d "NDEBUG" +# ADD RSC /l 0x409 /d "NDEBUG" +BSC32=bscmake.exe +# ADD BASE BSC32 /nologo +# ADD BSC32 /nologo +LINK32=link.exe +# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comctl32.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /entry:"DllMain" /dll /machine:I386 /nodefaultlib /out:"../../Plugins/CertCheck.dll" /opt:nowin98 +# SUBTRACT BASE LINK32 /pdb:none +# ADD LINK32 wininet.lib kernel32.lib user32.lib gdi32.lib winspool.lib comctl32.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /entry:"DllMain" /dll /machine:I386 /out:"./Unicode/CertCheck.dll" /opt:nowin98 +# SUBTRACT LINK32 /pdb:none /nodefaultlib + +!ELSEIF "$(CFG)" == "CertCheck - Win32 Debug Unicode" + +# PROP BASE Use_MFC 0 +# PROP BASE Use_Debug_Libraries 1 +# PROP BASE Output_Dir "CertCheck___Win32_Debug_Unicode" +# PROP BASE Intermediate_Dir "CertCheck___Win32_Debug_Unicode" +# PROP BASE Target_Dir "" +# PROP Use_MFC 0 +# PROP Use_Debug_Libraries 1 +# PROP Output_Dir "Debug_Unicode" +# PROP Intermediate_Dir "Debug_Unicode" +# PROP Ignore_Export_Lib 0 +# PROP Target_Dir "" +# ADD BASE CPP /nologo /MTd /W3 /Gm /GX /ZI /Od /D "WIN32" /D "_DEBUG" /D "_WINDOWS" /D "_MBCS" /D "_USRDLL" /D "CertCheck_EXPORTS" /YX /FD /GZ /c +# ADD CPP /nologo /MTd /W3 /Gm /GX /ZI /Od /D "UNICODE" /D "_UNICODE" /D "WIN32" /D "_DEBUG" /D "_WINDOWS" /D "_MBCS" /D "_USRDLL" /D "CertCheck_EXPORTS" /YX /FD /GZ /c +# ADD BASE MTL /nologo /D "_DEBUG" /mktyplib203 /win32 +# ADD MTL /nologo /D "_DEBUG" /mktyplib203 /win32 +# ADD BASE RSC /l 0x409 /d "_DEBUG" +# ADD RSC /l 0x409 /d "_DEBUG" +BSC32=bscmake.exe +# ADD BASE BSC32 /nologo +# ADD BSC32 /nologo +LINK32=link.exe +# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /dll /debug /machine:I386 /pdbtype:sept +# ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /dll /debug /machine:I386 /pdbtype:sept + +!ENDIF + +# Begin Target + +# Name "CertCheck - Win32 Release" +# Name "CertCheck - Win32 Debug" +# Name "CertCheck - Win32 Release Unicode" +# Name "CertCheck - Win32 Debug Unicode" +# Begin Group "Source Files" + +# PROP Default_Filter "cpp;c;cxx;rc;def;r;odl;idl;hpj;bat" +# Begin Source File + +SOURCE=.\CertCheck.cpp +# End Source File +# End Group +# End Target +# End Project diff --git a/other-licenses/nsis/Contrib/CertCheck/CertCheck.dsw b/other-licenses/nsis/Contrib/CertCheck/CertCheck.dsw new file mode 100644 index 00000000000..afcc201729b --- /dev/null +++ b/other-licenses/nsis/Contrib/CertCheck/CertCheck.dsw @@ -0,0 +1,29 @@ +Microsoft Developer Studio Workspace File, Format Version 6.00 +# WARNING: DO NOT EDIT OR DELETE THIS WORKSPACE FILE! + +############################################################################### + +Project: "CertCheck"=.\CertCheck.dsp - Package Owner=<4> + +Package=<5> +{{{ +}}} + +Package=<4> +{{{ +}}} + +############################################################################### + +Global: + +Package=<5> +{{{ +}}} + +Package=<3> +{{{ +}}} + +############################################################################### +