usm_v3.cpp
上传用户:cnryan
上传日期:2008-12-15
资源大小:260k
文件大小:126k
- /*_############################################################################
- _##
- _## usm_v3.cpp
- _##
- _## SNMP++v3.2.21
- _## -----------------------------------------------
- _## Copyright (c) 2001-2006 Jochen Katz, Frank Fock
- _##
- _## This software is based on SNMP++2.6 from Hewlett Packard:
- _##
- _## Copyright (c) 1996
- _## Hewlett-Packard Company
- _##
- _## ATTENTION: USE OF THIS SOFTWARE IS SUBJECT TO THE FOLLOWING TERMS.
- _## Permission to use, copy, modify, distribute and/or sell this software
- _## and/or its documentation is hereby granted without fee. User agrees
- _## to display the above copyright notice and this license notice in all
- _## copies of the software and any documentation of the software. User
- _## agrees to assume all liability for the use of the software;
- _## Hewlett-Packard and Jochen Katz make no representations about the
- _## suitability of this software for any purpose. It is provided
- _## "AS-IS" without warranty of any kind, either express or implied. User
- _## hereby grants a royalty-free license to any and all derivatives based
- _## upon this software code base.
- _##
- _## Stuttgart, Germany, Fri Jun 16 17:48:57 CEST 2006
- _##
- _##########################################################################*/
- char usm_v3_cpp_version[]="@(#) SNMP++ $Id: usm_v3.cpp,v 1.25 2006/04/03 21:23:51 katz Exp $";
- #ifdef _AIX
- #include <unistd.h>
- #endif
- #ifdef __MINGW32__
- #include <io.h>
- #endif
- #include <stdio.h>
- #include <stdlib.h>
- #include <string.h>
- #include <time.h>
- #include "snmp_pp/config_snmp_pp.h"
- #ifdef _SNMPv3
- #include "snmp_pp/v3.h"
- #include "snmp_pp/usm_v3.h"
- #include "snmp_pp/auth_priv.h"
- #include "snmp_pp/reentrant.h"
- #include "snmp_pp/mp_v3.h"
- #include "snmp_pp/asn1.h"
- #include "snmp_pp/vb.h"
- #include "snmp_pp/pdu.h"
- #include "snmp_pp/log.h"
- #ifdef SNMP_PP_NAMESPACE
- namespace Snmp_pp {
- #endif
- // Use locking on access methods in an multithreading enviroment.
- #ifdef _THREADS
- #define BEGIN_REENTRANT_CODE_BLOCK SnmpSynchronize auto_lock(*this)
- #define BEGIN_REENTRANT_CODE_BLOCK_CONST
- SnmpSynchronize auto_lock(*(PP_CONST_CAST(SnmpSynchronized*, this)))
- #define BEGIN_AUTO_LOCK(obj) SnmpSynchronize auto_lock(*obj)
- #else
- #define BEGIN_REENTRANT_CODE_BLOCK
- #define BEGIN_REENTRANT_CODE_BLOCK_CONST
- #define BEGIN_AUTO_LOCK(obj)
- #endif
- #ifndef min
- #define min(a,b) ( (a) < (b) ? (a) : (b) )
- #endif
- #define MAX_LINE_LEN 2048 // Max line length in usm user files
- // structure for key update
- struct UsmKeyUpdate
- {
- OctetStr engineID;
- OctetStr securityName;
- OctetStr newPassword;
- OctetStr newKey;
- int type;
- };
- /* ------------------------- UsmTimeTable --------------------------*/
- /**
- * This class provides a table for the time values (engine boots and
- * engine time) for snmp entities that are identified through their
- * engine id.
- *
- * @author Jochen Katz
- */
- class USMTimeTable : public SnmpSynchronized
- {
- public:
- /**
- * Initialize the usmTimeTable.
- *
- * The usmTimeTable stores for each known engineID the engineBoots
- * and the difference to the local system time
- *
- * @param owner - Pointer to the USM object that created this table
- * @param engine_boots - The new value for the snmpEngineBoots counter
- * @param result - OUT: Result of the creation of the table
- */
- USMTimeTable(const USM *owner, const unsigned int engine_boots, int &result);
- ~USMTimeTable();
- /**
- * Add a new entry to the usmTimeTable. The caller is responsible for
- * not adding an engineID twice.
- *
- * @param engine_id - The engineID of the SNMP entity
- * @param engine_boots - The engine boot counter
- * @param engine_time - The engine time
- *
- * @return - SNMPv3_USM_ERROR (no memory) or SNMPv3_USM_OK
- */
- int add_entry(const OctetStr &engine_id,
- const long int engine_boots, const long int engine_time);
- /**
- * Delete this engine id from the table.
- *
- * @param engine_id - The engineID of the SNMP entity
- *
- * @return - SNMPv3_USM_ERROR (no memory) or SNMPv3_USM_OK
- */
- int delete_entry(const OctetStr &engine_id);
- /**
- * Return engineBoots and engineTime for a given engineID
- *
- * @param engine_id - The engineID of the SNMP entity
- * @param engine_boots - OUT: boot counter (0 if not found)
- * @param engine_time - OUT: engine time (0 if not found)
- *
- * @return - SNMPv3_USM_ERROR (not initialized),
- * SNMPv3_USM_OK (entry found, values are filled)
- * SNMPv3_USM_UNKNOWN_ENGINEID ( not found)
- */
- int get_time(const OctetStr &engine_id,
- long int &engine_boots, long int &engine_time);
- /**
- * Return the engineBoots and engineTime of this snmp entity.
- *
- * @param engine_boots - OUT: boot counter (0 if not found)
- * @param engine_time - OUT: engine time (0 if not found)
- *
- * @return - SNMPv3_USM_ERROR (not initialized),
- * SNMPv3_USM_OK (entry found, values are filled)
- */
- int get_local_time(long int &engine_boots, long int &engine_time);
- /**
- * Return the engineBoots value of this snmp entity.
- *
- * @return - engine_boots value if initialized, 0 else
- */
- unsigned long get_local_boots()
- { return (table ? table[0].engine_boots : 0); };
- /**
- * Return the engineTime value of this snmp entity.
- *
- * @return - engine_time value if initialized, 0 else
- */
- unsigned long get_local_time();
- /**
- * Check if the given values for engineBoots and engineTime are
- * in the time window. If the time values are ok, the entry in
- * the usmTimeTable is updated with the given time values.
- *
- * @param engine_id - The engineID of the SNMP entity
- * @param engine_boots - The boot counter
- * @param engine_time - The engine time
- *
- * @return - SNMPv3_USM_ERROR (not initialized),
- * SNMPv3_USM_NOT_IN_TIME_WINDOW,
- * SNMPv3_USM_OK (time ok),
- * SNMPv3_USM_UNKNOWN_ENGINEID
- */
- int check_time(const OctetStr &engine_id,
- const long int engine_boots, const long int engine_time);
- /**
- * Check if the given engineID is known: If the USM is in
- * the discovery mode, all engineIDs are accepted and entries
- * in the timeTable are created.
- *
- * @param engine_id - engine id to check
- *
- * @return - SNMPv3_USM_ERROR (not found and no discovery)
- * SNMPv3_USM_OK (found or discovery set)
- */
- int check_engine_id(const OctetStr &engine_id);
- private:
- struct Entry_T
- {
- unsigned char engine_id[MAXLENGTH_ENGINEID];
- int engine_id_len;
- long int engine_boots;
- long int time_diff;
- long int latest_received_time;
- };
- struct Entry_T *table; ///< Array of entries
- const USM *usm; ///< Pointer to the USM, this table belongs to
- int max_entries; ///< the maximum number of entries
- int entries; ///< the current amount of entries
- };
- /* ------------------------- UsmUserNameTable ----------------------*/
- /**
- * This class holds USM users with PASSWORDS.
- *
- * Whenever the USM has to process a message of a user that is not
- * found in the USMUserTable, this table is queried for the
- * properties of the user. If the user is found, a localized entry
- * for the USMUserTable is created and used for processing the message.
- */
- class USMUserNameTable : public SnmpSynchronized
- {
- public:
- USMUserNameTable(int &result);
- ~USMUserNameTable();
- /**
- * Add a new user to the usmUserNameTable. If the userName is already
- * known, the old entry is replaced.
- *
- * It is not recommended to add users with userName != securityName.
- *
- * @param user_name - Unique userName
- * @param security_name - Unique securityName
- * @param auth_proto - Possible values are:
- * SNMP_AUTHPROTOCOL_NONE,
- * SNMP_AUTHPROTOCOL_HMACMD5,
- * SNMP_AUTHPROTOCOL_HMACSHA
- * @param priv_proto - Possible values are:
- * SNMP_PRIVPROTOCOL_NONE,
- * SNMP_PRIVPROTOCOL_DES,
- * SNMP_PRIVPROTOCOL_IDEA
- * @param auth_pass - Secret password for authentication
- * @param priv_pass - Secret password for privacy
- *
- * @return - SNMPv3_USM_OK or
- * SNMP_v3_USM_ERROR (memory error, not initialized)
- */
- int add_entry(const OctetStr& user_name,
- const OctetStr& security_name,
- const long int auth_proto,
- const long int priv_proto,
- const OctetStr& auth_pass,
- const OctetStr& priv_pass);
- /**
- * Delete all occurences of the user with the given securityName
- * from the table.
- *
- * @param security_name - the securityName of the user
- *
- * @return - SNMPv3_USM_OK, SNMPv3_USM_ERROR (not initialized)
- */
- int delete_security_name(const OctetStr& security_name);
- /**
- * Get the entry with the given securityName from the usmUserNameTable
- *
- * @note Use lock() and unlock() for thread synchronizytion.
- *
- * @param security_name -
- *
- * @return - pointer to the struct or NULL (no need to delete anything)
- */
- const struct UsmUserNameTableEntry* get_entry(const OctetStr &security_name);
- /**
- * Get a clone of the entry with the given securityName from the usmUserNameTable
- *
- * @note call delete_cloned_entry() with the retruned pointer.
- *
- * @param security_name -
- *
- * @return - pointer to the struct or NULL
- */
- struct UsmUserNameTableEntry* get_cloned_entry(const OctetStr &security_name);
- /**
- * Deletes a entry created through get_cloned_entry().
- *
- * @param entry -
- */
- void delete_cloned_entry(struct UsmUserNameTableEntry* &entry);
- /**
- * Get the securityName from a userName
- *
- * @param user_name -
- * @param user_name_len -
- * @param security_name - Buffer for the securityName
- *
- * @return - SNMPv3_USM_ERROR (not initialized, not found, buffer too small),
- * SNMPv3_USM_OK
- */
- int get_security_name(const unsigned char *user_name,
- const long int user_name_len,
- OctetStr &security_name);
- /**
- * Get the userName from a securityName
- *
- * @param user_name - Buffer for the userName
- * @param user_name_len - Has to be set to the max length of the
- * buffer. Is set to the length of the found
- * securityName or to 0 if not found.
- * @param security_name -
- * @param security_name_len -
- *
- * @return - SNMPv3_USM_ERROR (not initialized, not found, buffer too small),
- * SNMPv3_USM_OK
- */
- int get_user_name(unsigned char *user_name, long int *user_name_len,
- const unsigned char *security_name,
- const long int security_name_len);
- /**
- * Save all entries into a file.
- */
- int save_to_file(const char *name, AuthPriv *ap);
- /**
- * Load the table from a file.
- */
- int load_from_file(const char *name, AuthPriv *ap);
- const UsmUserNameTableEntry *peek_first() const
- { if (entries > 0) return table; return 0; };
- const UsmUserNameTableEntry *peek_next(const UsmUserNameTableEntry *e) const;
- private:
- struct UsmUserNameTableEntry *table;
- int max_entries; ///< the maximum number of entries
- int entries; ///< the current amount of entries
- };
- /* ---------------------------- UsmUserTable ------------------- */
- /**
- * This class holds USM users with localized KEYS.
- */
- class USMUserTable : public SnmpSynchronized
- {
- public:
- USMUserTable(int &result);
- ~USMUserTable();
- /**
- * Get the number of valid entries in the table.
- *
- * @return - number of entries
- */
- int size() const { return entries; };
- /**
- * Get the userName from a securityName
- *
- * @param user_name - Buffer for the userName
- * @param user_name_len - Has to be set to the max length of the
- * buffer. Is set to the length of the found
- * securityName or to 0 if not found.
- * @param sec_name -
- * @param sec_name_len -
- *
- * @return - SNMPv3_USM_ERROR (not initialized, not found, buffer too small),
- * SNMPv3_USM_OK
- */
- int get_user_name(unsigned char *user_name, long int *user_name_len,
- const unsigned char *sec_name, const long sec_name_len);
- /**
- * Get the sec_name from a userName
- *
- * @param user_name -
- * @param user_name_len -
- * @param sec_name - Object for the security name
- *
- * @return - SNMPv3_USM_ERROR (not initialized, not found, buffer too small),
- * SNMPv3_USM_OK
- */
- int get_security_name(const unsigned char *user_name,
- const long user_name_len,
- OctetStr &sec_name);
- /**
- * Delete all entries of this user from the usmUserTable
- *
- * @param user_name - The userName that should be deleted
- *
- * @return - SNMPv3_USM_ERROR (not initialized),
- * SNMPv3_USM_OK (user deleted or not in table)
- */
- int delete_entries(const OctetStr& user_name);
- /**
- * Delete all entries with this engine id from the table.
- *
- * @param engine id - The engine id
- *
- * @return - SNMPv3_USM_ERROR (not initialized),
- * SNMPv3_USM_OK (user deleted or not in table)
- */
- int delete_engine_id(const OctetStr& engine_id);
- /**
- * Delete the entry with the given userName and engineID
- * from the usmUserTable
- *
- * @param engine_id - The engine id
- * @param user_name - The userName that should be deleted
- *
- * @return - SNMPv3_USM_ERROR (not initialized),
- * SNMPv3_USM_OK (user deleted or not in table)
- */
- int delete_entry(const OctetStr& engine_id, const OctetStr& user_name);
- /**
- * Protected (for agent++):
- *
- * Get the user at the specified position of the usmUserTable.
- *
- * @note Use lock() and unlock() for thread synchronization.
- *
- * @param number - get the entry at position number (1...)
- *
- * @return - a pointer to the structure or NULL if number is out
- * of range (no need to delete anything)
- */
- const struct UsmUserTableEntry *get_entry(const int number);
- /**
- * Get a user of the usmUserTable.
- *
- * @note Use lock() and unlock() for thread synchronization.
- *
- * @param engine_id - Get a user for this engine id
- * @param sec_name - Get the user with this security name
- *
- * @return - a pointer to the structure or NULL if the user is not
- * found (no need to delete anything)
- */
- const struct UsmUserTableEntry *get_entry(const OctetStr &engine_id,
- const OctetStr &sec_name);
- /**
- * Get a user of the usmUserTable.
- *
- * @note call delete_cloned_entry() with the retruned pointer.
- *
- * @param engine_id - Get a user for this engine id
- * @param sec_name - Get the user with this security name
- *
- * @return - a pointer to the structure or NULL if the user is not
- * found
- */
- struct UsmUserTableEntry *get_cloned_entry(const OctetStr &engine_id,
- const OctetStr &sec_name);
- /**
- * Deletes a entry created through get_cloned_entry().
- *
- * @param entry -
- */
- void delete_cloned_entry(struct UsmUserTableEntry* &entry);
- /**
- * Get a user of the usmUserTable.
- *
- * There could be more than one entry with the given
- * sec_name. Always the first entry that is found is returned.
- *
- * @note Use lock() and unlock() for thread synchronization.
- *
- * @param sec_name - security name to search for
- *
- * @return - a pointer to the structure or NULL if the user is not
- * found (no need to delete anything)
- */
- const struct UsmUserTableEntry *get_entry(const OctetStr &sec_name);
- /**
- * Public:
- *
- * Add or replace a user in the usmUserTable. The usmUserTable stores
- * users with their localized keys.
- *
- * @param engine_id - The engine_id, the key was localized with
- * @param user_name - The name of the user (in the USM)
- * @param sec_name - The security name of the user, this name
- * is the same for all securityModels
- * @param auth_proto - Possible values are:
- * SNMP_AUTHPROTOCOL_NONE,
- * SNMP_AUTHPROTOCOL_HMACMD5,
- * SNMP_AUTHPROTOCOL_HMACSHA
- * @param auth_key - The key used for authentications
- * @param priv_proto - Possible values are:
- * SNMP_PRIVPROTOCOL_NONE,
- * SNMP_PRIVPROTOCOL_DES,
- * SNMP_PRIVPROTOCOL_IDEA
- * @param priv_key - The key used for privacy
- *
- * @return - SNMPv3_USM_OK
- * SNMP_v3_USM_ERROR (not initialized, no memory)
- */
- int add_entry(const OctetStr &engine_id,
- const OctetStr &user_name, const OctetStr &sec_name,
- const long int auth_proto, const OctetStr &auth_key,
- const long int priv_proto, const OctetStr &priv_key);
- /**
- * Replace a localized key of the user and engine_id in the
- * usmUserTable.
- *
- * @param user_name - The name of the user in the USM
- * @param engine_id - Change the localized key for the SNMP
- * entity with this engine_id
- * @param new_key - The new key
- * @param key_type - AUTHKEY, OWNAUTHKEY, PRIVKEY or OWNPRIVKEY
- *
- * @return - SNMPv3_USM_ERROR (no such entry or not initialized),
- * SNMPv3_USM_OK
- */
- int update_key(const OctetStr &user_name,
- const OctetStr &engine_id,
- const OctetStr &new_key,
- const int key_type);
- /**
- * Save all entries into a file.
- */
- int save_to_file(const char *name, AuthPriv *ap);
- /**
- * Load the table from a file.
- */
- int load_from_file(const char *name, AuthPriv *ap);
- const UsmUserTableEntry *peek_first() const
- { if (entries > 0) return table; return 0; };
- const UsmUserTableEntry *peek_next(const UsmUserTableEntry *e) const;
- private:
- void delete_entry(const int nr);
- struct UsmUserTableEntry *table;
- int max_entries; ///< the maximum number of entries
- int entries; ///< the current amount of entries
- };
- struct UsmSecurityParameters {
- unsigned char msgAuthoritativeEngineID[MAXLENGTH_ENGINEID];
- long int msgAuthoritativeEngineIDLength;
- long int msgAuthoritativeEngineBoots;
- long int msgAuthoritativeEngineTime;
- unsigned char msgUserName[MAXLEN_USMUSERNAME];
- long int msgUserNameLength;
- unsigned char *msgAuthenticationParameters;
- long int msgAuthenticationParametersLength;
- unsigned char *msgPrivacyParameters;
- unsigned int msgPrivacyParametersLength;
- };
- struct SecurityStateReference
- {
- unsigned char msgUserName[MAXLEN_USMUSERNAME]; int msgUserNameLength;
- unsigned char *securityName; int securityNameLength;
- unsigned char *securityEngineID; int securityEngineIDLength;
- int authProtocol;
- unsigned char* authKey; int authKeyLength;
- int privProtocol;
- unsigned char* privKey; int privKeyLength;
- int securityLevel;
- };
- void USM::inc_stats_unsupported_sec_levels()
- {
- if (usmStatsUnsupportedSecLevels == MAXUINT32)
- usmStatsUnsupportedSecLevels = 0;
- else
- usmStatsUnsupportedSecLevels++;
- }
- void USM::inc_stats_not_in_time_windows()
- {
- if (usmStatsNotInTimeWindows == MAXUINT32)
- usmStatsNotInTimeWindows = 0;
- else
- usmStatsNotInTimeWindows++;
- }
- void USM::inc_stats_unknown_user_names()
- {
- if (usmStatsUnknownUserNames == MAXUINT32)
- usmStatsUnknownUserNames = 0;
- else
- usmStatsUnknownUserNames++;
- }
- void USM::inc_stats_unknown_engine_ids()
- {
- if (usmStatsUnknownEngineIDs == MAXUINT32)
- usmStatsUnknownEngineIDs = 0;
- else
- usmStatsUnknownEngineIDs++;
- }
- void USM::inc_stats_wrong_digests()
- {
- if (usmStatsWrongDigests == MAXUINT32)
- usmStatsWrongDigests = 0;
- else
- usmStatsWrongDigests++;
- }
- void USM::inc_stats_decryption_errors()
- {
- if (usmStatsDecryptionErrors == MAXUINT32)
- usmStatsDecryptionErrors = 0;
- else
- usmStatsDecryptionErrors++;
- }
- void USM::delete_sec_state_reference(struct SecurityStateReference *ssr)
- {
- if (ssr)
- {
- ssr->msgUserName[0] = 0;
- if (ssr->securityName) delete [] ssr->securityName;
- if (ssr->securityEngineID) delete [] ssr->securityEngineID;
- if (ssr->authKey)
- {
- memset(ssr->authKey, 0, ssr->authKeyLength);
- delete [] ssr->authKey;
- }
- if (ssr->privKey)
- {
- memset(ssr->privKey, 0, ssr->privKeyLength);
- delete [] ssr->privKey;
- }
- }
- delete ssr;
- }
- struct SecurityStateReference *USM::get_new_sec_state_reference()
- {
- struct SecurityStateReference *res = new SecurityStateReference;
- if (!res)
- return NULL;
- memset(res, 0, sizeof(struct SecurityStateReference));
- return res;
- }
- USM::USM(unsigned int engine_boots, const OctetStr &engine_id,
- const v3MP *v3_mp,
- unsigned int *msgID, int &result)
- : local_snmp_engine_id (engine_id),
- v3mp (v3_mp),
- discovery_mode (TRUE),
- usmStatsUnsupportedSecLevels (0),
- usmStatsNotInTimeWindows (0),
- usmStatsUnknownUserNames (0),
- usmStatsUnknownEngineIDs (0),
- usmStatsWrongDigests (0),
- usmStatsDecryptionErrors (0),
- usm_add_user_cb (0)
- {
- auth_priv = new AuthPriv(result);
- if (result != SNMPv3_USM_OK)
- return;
- auth_priv->add_default_modules();
- usm_user_name_table = new USMUserNameTable(result);
- if (result != SNMPv3_USM_OK)
- return;
- usm_user_table = new USMUserTable(result);
- if (result != SNMPv3_USM_OK)
- return;
- #ifdef _TEST
- printf(" Testing DES:n");
- PrivDES pd;
- pp_uint64 testsalt=0xbabec0de;
- pd.set_salt(&testsalt);
- const char *desplaintext[10];
- desplaintext[0] = "abcdefghijklmnopqrstuvwxyz123456";
- desplaintext[1] = "abcdefghijklmnopqrstuvwxyz1234567";
- desplaintext[2] = "abcdefghijklmnopqrstuvwxyz12345678";
- desplaintext[3] = "abcdefghijklmnopqrstuvwxyz123456789";
- desplaintext[4] = "abcdefghijklmnopqrstuvwxyz123456789A";
- desplaintext[5] = "abcdefghijklmnopqrstuvwxyz123456789AB";
- desplaintext[6] = "abcdefghijklmnopqrstuvwxyz123456789ABC";
- desplaintext[7] = "abcdefghijklmnopqrstuvwxyz123456789ABCD";
- desplaintext[8] = "abcdefghijklmnopqrstuvwxyz123456789ABCDE";
- desplaintext[9] = "abcdefghijklmnopqrstuvwxyz123456789ABCDEF";
-
- unsigned char desencrypted[80];
- unsigned char desdecrypted[80];
- unsigned char desprivparams[8];
- unsigned char deskey[17] = "illegal_des_key!";
- for (int i=0; i<9; i++)
- {
- unsigned int encrypt_len = 80;
- unsigned int decrypt_len = 80;
- unsigned int desprivparamslen = 8;
- memset(desencrypted, 'x', 80);
- memset(desdecrypted, 'y', 80);
- debughexcprintf(1, "Plaintext", (unsigned char*)desplaintext[i],
- strlen(desplaintext[i]));
- int res = pd.encrypt(deskey, 16,
- (unsigned char*)desplaintext[i],
- strlen(desplaintext[i]),
- desencrypted, &encrypt_len,
- desprivparams, &desprivparamslen,
- 0x2340abcd, 0);
- printf("%d: Result of encryption is %dn", i, res);
- debughexcprintf(1, "Encrypted", desencrypted, encrypt_len);
- res = pd.decrypt(deskey, 16,
- desencrypted, encrypt_len,
- desdecrypted, &decrypt_len,
- desprivparams, desprivparamslen,
- 0x2340abcd, 0);
- printf("%d: Result of decryption is %dn", i, res);
- debughexcprintf(1, "Decrypted", desdecrypted, decrypt_len);
- if (memcmp(desplaintext[i], desdecrypted, strlen(desplaintext[i])))
- printf("n********* FAILED **********n");
- else
- printf("nOKn");
- }
- #if 0
- printf(" Testing SHA:n");
- // test password2key-algor:
- unsigned char keysha[50];
- auth_priv->password_to_key_auth(...(unsigned char*)"maplesyrup",10,
- (unsigned char*)"