]>
git.ipfire.org Git - thirdparty/squid.git/blob - src/url.cc
2 * Copyright (C) 1996-2014 The Squid Software Foundation and contributors
4 * Squid software is distributed under GPLv2+ license and includes
5 * contributions from numerous individuals and organizations.
6 * Please see the COPYING and CONTRIBUTORS files for details.
9 /* DEBUG: section 23 URL Parsing */
13 #include "HttpRequest.h"
15 #include "SquidConfig.h"
16 #include "SquidString.h"
19 static HttpRequest
*urlParseFinish(const HttpRequestMethod
& method
,
20 const AnyP::ProtocolType protocol
,
21 const char *const urlpath
,
22 const char *const host
,
23 const char *const login
,
25 HttpRequest
*request
);
26 static HttpRequest
*urnParse(const HttpRequestMethod
& method
, char *urn
, HttpRequest
*request
);
27 static const char valid_hostname_chars_u
[] =
28 "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
29 "abcdefghijklmnopqrstuvwxyz"
33 static const char valid_hostname_chars
[] =
34 "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
35 "abcdefghijklmnopqrstuvwxyz"
43 debugs(23, 5, "urlInitialize: Initializing...");
44 /* this ensures that the number of protocol strings is the same as
45 * the enum slots allocated because the last enum is always 'MAX'.
47 assert(strcmp(AnyP::ProtocolType_str
[AnyP::PROTO_MAX
], "MAX") == 0);
49 * These test that our matchDomainName() function works the
50 * way we expect it to.
52 assert(0 == matchDomainName("foo.com", "foo.com"));
53 assert(0 == matchDomainName(".foo.com", "foo.com"));
54 assert(0 == matchDomainName("foo.com", ".foo.com"));
55 assert(0 == matchDomainName(".foo.com", ".foo.com"));
56 assert(0 == matchDomainName("x.foo.com", ".foo.com"));
57 assert(0 != matchDomainName("x.foo.com", "foo.com"));
58 assert(0 != matchDomainName("foo.com", "x.foo.com"));
59 assert(0 != matchDomainName("bar.com", "foo.com"));
60 assert(0 != matchDomainName(".bar.com", "foo.com"));
61 assert(0 != matchDomainName(".bar.com", ".foo.com"));
62 assert(0 != matchDomainName("bar.com", ".foo.com"));
63 assert(0 < matchDomainName("zzz.com", "foo.com"));
64 assert(0 > matchDomainName("aaa.com", "foo.com"));
65 assert(0 == matchDomainName("FOO.com", "foo.COM"));
66 assert(0 < matchDomainName("bfoo.com", "afoo.com"));
67 assert(0 > matchDomainName("afoo.com", "bfoo.com"));
68 assert(0 < matchDomainName("x-foo.com", ".foo.com"));
73 * urlParseProtocol() takes begin (b) and end (e) pointers, but for
74 * backwards compatibility, e defaults to NULL, in which case we
75 * assume b is NULL-terminated.
78 urlParseProtocol(const char *b
, const char *e
)
81 * if e is NULL, b must be NULL terminated and we
82 * make e point to the first whitespace character
87 e
= b
+ strcspn(b
, ":");
91 /* test common stuff first */
93 if (strncasecmp(b
, "http", len
) == 0)
94 return AnyP::PROTO_HTTP
;
96 if (strncasecmp(b
, "ftp", len
) == 0)
97 return AnyP::PROTO_FTP
;
99 if (strncasecmp(b
, "https", len
) == 0)
100 return AnyP::PROTO_HTTPS
;
102 if (strncasecmp(b
, "file", len
) == 0)
103 return AnyP::PROTO_FTP
;
105 if (strncasecmp(b
, "coap", len
) == 0)
106 return AnyP::PROTO_COAP
;
108 if (strncasecmp(b
, "coaps", len
) == 0)
109 return AnyP::PROTO_COAPS
;
111 if (strncasecmp(b
, "gopher", len
) == 0)
112 return AnyP::PROTO_GOPHER
;
114 if (strncasecmp(b
, "wais", len
) == 0)
115 return AnyP::PROTO_WAIS
;
117 if (strncasecmp(b
, "cache_object", len
) == 0)
118 return AnyP::PROTO_CACHE_OBJECT
;
120 if (strncasecmp(b
, "urn", len
) == 0)
121 return AnyP::PROTO_URN
;
123 if (strncasecmp(b
, "whois", len
) == 0)
124 return AnyP::PROTO_WHOIS
;
126 return AnyP::PROTO_NONE
;
130 urlDefaultPort(AnyP::ProtocolType p
)
134 case AnyP::PROTO_HTTP
:
137 case AnyP::PROTO_HTTPS
:
140 case AnyP::PROTO_FTP
:
143 case AnyP::PROTO_COAP
:
144 case AnyP::PROTO_COAPS
:
145 // coaps:// default is TBA as of draft-ietf-core-coap-08.
146 // Assuming IANA policy of allocating same port for base and TLS protocol versions will occur.
149 case AnyP::PROTO_GOPHER
:
152 case AnyP::PROTO_WAIS
:
155 case AnyP::PROTO_CACHE_OBJECT
:
156 return CACHE_HTTP_PORT
;
158 case AnyP::PROTO_WHOIS
:
169 * If the 'request' arg is non-NULL, put parsed values there instead
170 * of allocating a new HttpRequest.
172 * This abuses HttpRequest as a way of representing the parsed url
173 * and its components.
174 * method is used to switch parsers and to init the HttpRequest.
175 * If method is Http::METHOD_CONNECT, then rather than a URL a hostname:port is
177 * The url is non const so that if its too long we can NULL-terminate it in place.
181 * This routine parses a URL. Its assumed that the URL is complete -
182 * ie, the end of the string is the end of the URL. Don't pass a partial
183 * URL here as this routine doesn't have any way of knowing whether
184 * its partial or not (ie, it handles the case of no trailing slash as
185 * being "end of host with implied path of /".
188 urlParse(const HttpRequestMethod
& method
, char *url
, HttpRequest
*request
)
190 LOCAL_ARRAY(char, proto
, MAX_URL
);
191 LOCAL_ARRAY(char, login
, MAX_URL
);
192 LOCAL_ARRAY(char, host
, MAX_URL
);
193 LOCAL_ARRAY(char, urlpath
, MAX_URL
);
197 AnyP::ProtocolType protocol
= AnyP::PROTO_NONE
;
202 proto
[0] = host
[0] = urlpath
[0] = login
[0] = '\0';
204 if ((l
= strlen(url
)) + Config
.appendDomainLen
> (MAX_URL
- 1)) {
205 /* terminate so it doesn't overflow other buffers */
206 *(url
+ (MAX_URL
>> 1)) = '\0';
207 debugs(23, DBG_IMPORTANT
, "urlParse: URL too large (" << l
<< " bytes)");
210 if (method
== Http::METHOD_CONNECT
) {
213 if (sscanf(url
, "[%[^]]]:%d", host
, &port
) < 1)
214 if (sscanf(url
, "%[^:]:%d", host
, &port
) < 1)
217 } else if ((method
== Http::METHOD_OPTIONS
|| method
== Http::METHOD_TRACE
) &&
218 strcmp(url
, "*") == 0) {
219 protocol
= AnyP::PROTO_HTTP
;
220 port
= urlDefaultPort(protocol
);
221 return urlParseFinish(method
, protocol
, url
, host
, login
, port
, request
);
222 } else if (!strncmp(url
, "urn:", 4)) {
223 return urnParse(method
, url
, request
);
228 /* Find first : - everything before is protocol */
229 for (i
= 0, dst
= proto
; i
< l
&& *src
!= ':'; ++i
, ++src
, ++dst
) {
237 if ((i
+3) > l
|| *src
!= ':' || *(src
+ 1) != '/' || *(src
+ 2) != '/')
242 /* Then everything until first /; thats host (and port; which we'll look for here later) */
243 // bug 1881: If we don't get a "/" then we imply it was there
244 // bug 3074: We could just be given a "?" or "#". These also imply "/"
245 // bug 3233: whitespace is also a hostname delimiter.
246 for (dst
= host
; i
< l
&& *src
!= '/' && *src
!= '?' && *src
!= '#' && *src
!= '\0' && !xisspace(*src
); ++i
, ++src
, ++dst
) {
251 * We can't check for "i >= l" here because we could be at the end of the line
252 * and have a perfectly valid URL w/ no trailing '/'. In this case we assume we've
253 * been -given- a valid URL and the path is just '/'.
259 // bug 3074: received 'path' starting with '?', '#', or '\0' implies '/'
260 if (*src
== '?' || *src
== '#' || *src
== '\0') {
266 /* Then everything from / (inclusive) until \r\n or \0 - thats urlpath */
267 for (; i
< l
&& *src
!= '\r' && *src
!= '\n' && *src
!= '\0'; ++i
, ++src
, ++dst
) {
271 /* We -could- be at the end of the buffer here */
274 /* If the URL path is empty we set it to be "/" */
275 if (dst
== urlpath
) {
281 protocol
= urlParseProtocol(proto
);
282 port
= urlDefaultPort(protocol
);
284 /* Is there any login information? (we should eventually parse it above) */
285 t
= strrchr(host
, '@');
287 strncpy((char *) login
, (char *) host
, sizeof(login
)-1);
288 login
[sizeof(login
)-1] = '\0';
289 t
= strrchr(login
, '@');
291 strncpy((char *) host
, t
+ 1, sizeof(host
)-1);
292 host
[sizeof(host
)-1] = '\0';
295 /* Is there any host information? (we should eventually parse it above) */
297 /* strip any IPA brackets. valid under IPv6. */
299 /* only for IPv6 sadly, pre-IPv6/URL code can't handle the clean result properly anyway. */
304 for (; i
< l
&& *src
!= ']' && *src
!= '\0'; ++i
, ++src
, ++dst
) {
308 /* we moved in-place, so truncate the actual hostname found */
312 /* skip ahead to either start of port, or original EOS */
313 while (*dst
!= '\0' && *dst
!= ':')
317 t
= strrchr(host
, ':');
319 if (t
!= strchr(host
,':') ) {
320 /* RFC 2732 states IPv6 "SHOULD" be bracketed. allowing for times when its not. */
321 /* RFC 3986 'update' simply modifies this to an "is" with no emphasis at all! */
322 /* therefore we MUST accept the case where they are not bracketed at all. */
327 // Bug 3183 sanity check: If scheme is present, host must be too.
328 if (protocol
!= AnyP::PROTO_NONE
&& host
[0] == '\0') {
329 debugs(23, DBG_IMPORTANT
, "SECURITY ALERT: Missing hostname in URL '" << url
<< "'. see access.log for details.");
333 if (t
&& *t
== ':') {
340 for (t
= host
; *t
; ++t
)
343 if (stringHasWhitespace(host
)) {
344 if (URI_WHITESPACE_STRIP
== Config
.uri_whitespace
) {
357 debugs(23, 3, "urlParse: Split URL '" << url
<< "' into proto='" << proto
<< "', host='" << host
<< "', port='" << port
<< "', path='" << urlpath
<< "'");
359 if (Config
.onoff
.check_hostnames
&& strspn(host
, Config
.onoff
.allow_underscore
? valid_hostname_chars_u
: valid_hostname_chars
) != strlen(host
)) {
360 debugs(23, DBG_IMPORTANT
, "urlParse: Illegal character in hostname '" << host
<< "'");
364 /* For IPV6 addresses also check for a colon */
365 if (Config
.appendDomain
&& !strchr(host
, '.') && !strchr(host
, ':'))
366 strncat(host
, Config
.appendDomain
, SQUIDHOSTNAMELEN
- strlen(host
) - 1);
368 /* remove trailing dots from hostnames */
369 while ((l
= strlen(host
)) > 0 && host
[--l
] == '.')
372 /* reject duplicate or leading dots */
373 if (strstr(host
, "..") || *host
== '.') {
374 debugs(23, DBG_IMPORTANT
, "urlParse: Illegal hostname '" << host
<< "'");
378 if (port
< 1 || port
> 65535) {
379 debugs(23, 3, "urlParse: Invalid port '" << port
<< "'");
383 #if HARDCODE_DENY_PORTS
384 /* These ports are filtered in the default squid.conf, but
385 * maybe someone wants them hardcoded... */
386 if (port
== 7 || port
== 9 || port
== 19) {
387 debugs(23, DBG_CRITICAL
, "urlParse: Deny access to port " << port
);
392 if (stringHasWhitespace(urlpath
)) {
393 debugs(23, 2, "urlParse: URI has whitespace: {" << url
<< "}");
395 switch (Config
.uri_whitespace
) {
397 case URI_WHITESPACE_DENY
:
400 case URI_WHITESPACE_ALLOW
:
403 case URI_WHITESPACE_ENCODE
:
404 t
= rfc1738_escape_unescaped(urlpath
);
405 xstrncpy(urlpath
, t
, MAX_URL
);
408 case URI_WHITESPACE_CHOP
:
409 *(urlpath
+ strcspn(urlpath
, w_space
)) = '\0';
412 case URI_WHITESPACE_STRIP
:
426 return urlParseFinish(method
, protocol
, urlpath
, host
, login
, port
, request
);
430 * Update request with parsed URI data. If the request arg is
431 * non-NULL, put parsed values there instead of allocating a new
435 urlParseFinish(const HttpRequestMethod
& method
,
436 const AnyP::ProtocolType protocol
,
437 const char *const urlpath
,
438 const char *const host
,
439 const char *const login
,
441 HttpRequest
*request
)
444 request
= new HttpRequest(method
, protocol
, urlpath
);
446 request
->initHTTP(method
, protocol
, urlpath
);
447 safe_free(request
->canonical
);
450 request
->SetHost(host
);
451 xstrncpy(request
->login
, login
, MAX_LOGIN_SZ
);
452 request
->port
= (unsigned short) port
;
457 urnParse(const HttpRequestMethod
& method
, char *urn
, HttpRequest
*request
)
459 debugs(50, 5, "urnParse: " << urn
);
461 request
->initHTTP(method
, AnyP::PROTO_URN
, urn
+ 4);
462 safe_free(request
->canonical
);
466 return new HttpRequest(method
, AnyP::PROTO_URN
, urn
+ 4);
470 urlCanonical(HttpRequest
* request
)
472 LOCAL_ARRAY(char, portbuf
, 32);
473 LOCAL_ARRAY(char, urlbuf
, MAX_URL
);
475 if (request
->canonical
)
476 return request
->canonical
;
478 if (request
->url
.getScheme() == AnyP::PROTO_URN
) {
479 snprintf(urlbuf
, MAX_URL
, "urn:" SQUIDSTRINGPH
,
480 SQUIDSTRINGPRINT(request
->urlpath
));
482 switch (request
->method
.id()) {
484 case Http::METHOD_CONNECT
:
485 snprintf(urlbuf
, MAX_URL
, "%s:%d", request
->GetHost(), request
->port
);
491 if (request
->port
!= urlDefaultPort(request
->url
.getScheme()))
492 snprintf(portbuf
, 32, ":%d", request
->port
);
494 snprintf(urlbuf
, MAX_URL
, "%s://%s%s%s%s" SQUIDSTRINGPH
,
495 request
->url
.getScheme().c_str(),
497 *request
->login
? "@" : null_string
,
500 SQUIDSTRINGPRINT(request
->urlpath
));
505 return (request
->canonical
= xstrdup(urlbuf
));
508 /** \todo AYJ: Performance: This is an *almost* duplicate of urlCanonical. But elides the query-string.
509 * After copying it on in the first place! Would be less code to merge the two with a flag parameter.
510 * and never copy the query-string part in the first place
513 urlCanonicalClean(const HttpRequest
* request
)
515 LOCAL_ARRAY(char, buf
, MAX_URL
);
516 LOCAL_ARRAY(char, portbuf
, 32);
517 LOCAL_ARRAY(char, loginbuf
, MAX_LOGIN_SZ
+ 1);
520 if (request
->url
.getScheme() == AnyP::PROTO_URN
) {
521 snprintf(buf
, MAX_URL
, "urn:" SQUIDSTRINGPH
,
522 SQUIDSTRINGPRINT(request
->urlpath
));
524 switch (request
->method
.id()) {
526 case Http::METHOD_CONNECT
:
527 snprintf(buf
, MAX_URL
, "%s:%d", request
->GetHost(), request
->port
);
533 if (request
->port
!= urlDefaultPort(request
->url
.getScheme()))
534 snprintf(portbuf
, 32, ":%d", request
->port
);
538 if ((int) strlen(request
->login
) > 0) {
539 strcpy(loginbuf
, request
->login
);
541 if ((t
= strchr(loginbuf
, ':')))
544 strcat(loginbuf
, "@");
547 snprintf(buf
, MAX_URL
, "%s://%s%s%s" SQUIDSTRINGPH
,
548 request
->url
.getScheme().c_str(),
552 SQUIDSTRINGPRINT(request
->urlpath
));
554 // strip arguments AFTER a question-mark
555 if (Config
.onoff
.strip_query_terms
)
556 if ((t
= strchr(buf
, '?')))
562 if (stringHasCntl(buf
))
563 xstrncpy(buf
, rfc1738_escape_unescaped(buf
), MAX_URL
);
569 * Yet another alternative to urlCanonical.
570 * This one adds the https:// parts to Http::METHOD_CONNECT URL
571 * for use in error page outputs.
572 * Luckily we can leverage the others instead of duplicating.
575 urlCanonicalFakeHttps(const HttpRequest
* request
)
577 LOCAL_ARRAY(char, buf
, MAX_URL
);
579 // method CONNECT and port HTTPS
580 if (request
->method
== Http::METHOD_CONNECT
&& request
->port
== 443) {
581 snprintf(buf
, MAX_URL
, "https://%s/*", request
->GetHost());
585 // else do the normal complete canonical thing.
586 return urlCanonicalClean(request
);
590 * Test if a URL is relative.
592 * RFC 2396, Section 5 (Page 17) implies that in a relative URL, a '/' will
593 * appear before a ':'.
596 urlIsRelative(const char *url
)
607 for (p
= url
; *p
!= '\0' && *p
!= ':' && *p
!= '/'; ++p
);
616 * Convert a relative URL to an absolute URL using the context of a given
619 * It is assumed that you have already ensured that the URL is relative.
621 * If NULL is returned it is an indication that the method in use in the
622 * request does not distinguish between relative and absolute and you should
623 * use the url unchanged.
625 * If non-NULL is returned, it is up to the caller to free the resulting
626 * memory using safe_free().
629 urlMakeAbsolute(const HttpRequest
* req
, const char *relUrl
)
632 if (req
->method
.id() == Http::METHOD_CONNECT
) {
636 char *urlbuf
= (char *)xmalloc(MAX_URL
* sizeof(char));
638 if (req
->url
.getScheme() == AnyP::PROTO_URN
) {
639 snprintf(urlbuf
, MAX_URL
, "urn:" SQUIDSTRINGPH
,
640 SQUIDSTRINGPRINT(req
->urlpath
));
646 if (req
->port
!= urlDefaultPort(req
->url
.getScheme())) {
647 urllen
= snprintf(urlbuf
, MAX_URL
, "%s://%s%s%s:%d",
648 req
->url
.getScheme().c_str(),
650 *req
->login
? "@" : null_string
,
655 urllen
= snprintf(urlbuf
, MAX_URL
, "%s://%s%s%s",
656 req
->url
.getScheme().c_str(),
658 *req
->login
? "@" : null_string
,
663 if (relUrl
[0] == '/') {
664 strncpy(&urlbuf
[urllen
], relUrl
, MAX_URL
- urllen
- 1);
666 const char *path
= req
->urlpath
.termedBuf();
667 const char *last_slash
= strrchr(path
, '/');
669 if (last_slash
== NULL
) {
670 urlbuf
[urllen
] = '/';
672 strncpy(&urlbuf
[urllen
], relUrl
, MAX_URL
- urllen
- 1);
675 size_t pathlen
= last_slash
- path
;
676 if (pathlen
> MAX_URL
- urllen
- 1) {
677 pathlen
= MAX_URL
- urllen
- 1;
679 strncpy(&urlbuf
[urllen
], path
, pathlen
);
681 if (urllen
+ 1 < MAX_URL
) {
682 strncpy(&urlbuf
[urllen
], relUrl
, MAX_URL
- urllen
- 1);
691 * matchDomainName() compares a hostname with a domainname according
692 * to the following rules:
695 * ------------- ------------- ------
696 * foo.com foo.com YES
697 * .foo.com foo.com YES
698 * x.foo.com foo.com NO
699 * foo.com .foo.com YES
700 * .foo.com .foo.com YES
701 * x.foo.com .foo.com YES
703 * We strip leading dots on hosts (but not domains!) so that
704 * ".foo.com" is is always the same as "foo.com".
707 * 0 means the host matches the domain
708 * 1 means the host is greater than the domain
709 * -1 means the host is less than the domain
713 matchDomainName(const char *h
, const char *d
)
726 * Start at the ends of the two strings and work towards the
729 while (xtolower(h
[--hl
]) == xtolower(d
[--dl
])) {
730 if (hl
== 0 && dl
== 0) {
732 * We made it all the way to the beginning of both
733 * strings without finding any difference.
740 * The host string is shorter than the domain string.
741 * There is only one case when this can be a match.
742 * If the domain is just one character longer, and if
743 * that character is a leading '.' then we call it a
747 if (1 == dl
&& '.' == d
[0])
755 * The domain string is shorter than the host string.
756 * This is a match only if the first domain character
768 * We found different characters in the same position (from the end).
771 * If one of those character is '.' then its special. In order
772 * for splay tree sorting to work properly, "x-foo.com" must
773 * be greater than ".foo.com" even though '-' is less than '.'.
781 return (xtolower(h
[hl
]) - xtolower(d
[dl
]));
785 * return true if we can serve requests for this method.
788 urlCheckRequest(const HttpRequest
* r
)
791 /* protocol "independent" methods
793 * actually these methods are specific to HTTP:
794 * they are methods we recieve on our HTTP port,
795 * and if we had a FTP listener would not be relevant
798 * So, we should delegate them to HTTP. The problem is that we
799 * do not have a default protocol from the client side of HTTP.
802 if (r
->method
== Http::METHOD_CONNECT
)
805 // we support OPTIONS and TRACE directed at us (with a 501 reply, for now)
806 // we also support forwarding OPTIONS and TRACE, except for the *-URI ones
807 if (r
->method
== Http::METHOD_OPTIONS
|| r
->method
== Http::METHOD_TRACE
)
808 return (r
->header
.getInt64(HDR_MAX_FORWARDS
) == 0 || r
->urlpath
!= "*");
810 if (r
->method
== Http::METHOD_PURGE
)
813 /* does method match the protocol? */
814 switch (r
->url
.getScheme()) {
816 case AnyP::PROTO_URN
:
818 case AnyP::PROTO_HTTP
:
820 case AnyP::PROTO_CACHE_OBJECT
:
824 case AnyP::PROTO_FTP
:
826 if (r
->method
== Http::METHOD_PUT
)
829 case AnyP::PROTO_GOPHER
:
831 case AnyP::PROTO_WAIS
:
833 case AnyP::PROTO_WHOIS
:
834 if (r
->method
== Http::METHOD_GET
)
836 else if (r
->method
== Http::METHOD_HEAD
)
841 case AnyP::PROTO_HTTPS
:
850 * Squid can't originate an SSL connection, so it should
851 * never receive an "https:" URL. It should always be
866 * Quick-n-dirty host extraction from a URL. Steps:
868 * Skip any '/' after the colon
869 * Copy the next SQUID_MAXHOSTNAMELEN bytes to host[]
870 * Look for an ending '/' or ':' and terminate
871 * Look for login info preceeded by '@'
878 char * extract(char const *url
);
881 static char Host
[SQUIDHOSTNAMELEN
];
882 void init(char const *);
883 void findHostStart();
884 void trimTrailingChars();
886 char const *hostStart
;
891 urlHostname(const char *url
)
893 return URLHostName().extract(url
);
896 char URLHostName::Host
[SQUIDHOSTNAMELEN
];
899 URLHostName::init(char const *aUrl
)
906 URLHostName::findHostStart()
908 if (NULL
== (hostStart
= strchr(url
, ':')))
913 while (*hostStart
!= '\0' && *hostStart
== '/')
916 if (*hostStart
== ']')
921 URLHostName::trimTrailingChars()
925 if ((t
= strchr(Host
, '/')))
928 if ((t
= strrchr(Host
, ':')))
931 if ((t
= strchr(Host
, ']')))
936 URLHostName::trimAuth()
940 if ((t
= strrchr(Host
, '@'))) {
942 memmove(Host
, t
, strlen(t
) + 1);
947 URLHostName::extract(char const *aUrl
)
952 if (hostStart
== NULL
)
955 xstrncpy(Host
, hostStart
, SQUIDHOSTNAMELEN
);