void send_pair_composed(struct network_status *net_stat)
/*@ requires [?f0]world(?pub, ?key_clsfy) &*&
proof_obligations(pub) &*&
network_status(net_stat) &*&
principal(?principal, ?count1) &*&
true == bad(principal); @*/
/*@ ensures [f0]world(pub, key_clsfy) &*&
proof_obligations(pub) &*&
network_status(net_stat) &*&
principal(principal, ?count2); @*/
{
struct item *first = network_receive(net_stat);
struct item *second = network_receive(net_stat);
struct item * pair = create_pair(first, second);
//@ assert item(first, ?f, pub);
//@ assert item(second, ?s, pub);
//@ assert item(pair, pair_item(f, s), pub);
//@ open proof_obligations(pub);
//@ assert is_public_pair_compose(?proof, pub);
//@ proof(f, s);
//@ close proof_obligations(pub);
network_send(net_stat, pair);
item_free(pair);
item_free(first);
item_free(second);
}
struct item *app_receive(struct item *key)
/*@ requires [?f0]world(ss_pub) &*&
item(key, symmetric_key_item(?creator, ?id), ss_pub);
@*/
/*@ ensures [f0]world(ss_pub) &*&
item(key, symmetric_key_item(creator, id), ss_pub) &*&
item(result, ?msg, ss_pub) &*&
(
bad(creator) ||
collision_in_run() ||
app_send_event(creator, msg)
);
@*/
{
struct network_status *net_stat = network_bind_and_accept(APP_RECEIVE_PORT);
struct item *m = network_receive(net_stat);
struct item *hash = pair_get_first(m);
struct item *message = pair_get_second(m);
//@ assert item(m, pair_item(?hmac_i, ?message_i), ss_pub);
//@ open [_]ss_pub(pair_item(hmac_i, message_i));
//@ if (!collision_in_run()) open [_]ss_pub(hmac_i);
//@ if (!collision_in_run()) open [_]ss_pub(message_i);
item_free(m);
hmac_verify(hash, key, message);
item_free(hash);
network_disconnect(net_stat);
return message;
}
void selftest_client_xmit_packet(struct Adapter *adapter, struct Thread *thread, struct Packet *pkt)
{
struct TestAdapter *testadapter = (struct TestAdapter *)adapter->userdata;
struct TestAdapter *other;
struct Selftest *selftest = testadapter->parent;
struct Frame frame[1];
if (&selftest->client == testadapter)
other = &selftest->server;
else
other = &selftest->client;
{
struct PcapFile *x;
x = pcapfile_openwrite("self-query.pcap", 1);
pcapfile_writeframe(x, pkt->buf, pkt->max, pkt->max, 0, 0);
pcapfile_close(x);
}
network_receive(
frame,
thread,
other->adapter,
0,
0,
pkt->buf,
pkt->max);
}
void increment_and_send_nonce(struct network_status *net_stat)
/*@ requires [?f0]world(?pub, ?key_clsfy) &*&
proof_obligations(pub) &*&
network_status(net_stat) &*&
principal(?principal, ?count1) &*&
true == bad(principal); @*/
/*@ ensures [f0]world(pub, key_clsfy) &*&
proof_obligations(pub) &*&
network_status(net_stat) &*&
principal(principal, ?count2); @*/
{
struct item *nonce = network_receive(net_stat);
//@ assert item(nonce, ?n, pub);
if (is_nonce(nonce))
{
increment_nonce(nonce);
//@ assert item(nonce, ?n_inc, pub);
//@ open proof_obligations(pub);
/*@ if (col)
{
assert is_public_collision(?proof, pub);
proof(n_inc);
}
else
{
assert is_public_incremented_nonce(?proof, pub);
proof(n, n_inc);
}
@*/
//@ close proof_obligations(pub);
network_send(net_stat, nonce);
}
item_free(nonce);
}
void *ps4link_thread_console(void *thread_id)
{
char buffer[1024];
// If the socket isn't open, this thread isn't needed.
if (console_socket < 0) { pthread_exit(thread_id); }
// Loop forever...
for (;;)
{
// Wait for network activity.
network_wait(console_socket, -1);
// Receive the console buffer.
network_receive(console_socket, buffer, sizeof(buffer));
// Print out the console buffer.
printf("%s", buffer);
// Clear the console buffer.
memset(buffer, 0, sizeof(buffer));
// Reset the timeout counter.
ps4link_counter = 0;
}
// End function.
return NULL;
}
void send_pair_decomposed(struct network_status *net_stat)
/*@ requires [?f0]world(?pub, ?key_clsfy) &*&
proof_obligations(pub) &*&
network_status(net_stat) &*&
principal(?principal, ?count1) &*&
true == bad(principal); @*/
/*@ ensures [f0]world(pub, key_clsfy) &*&
proof_obligations(pub) &*&
network_status(net_stat) &*&
principal(principal, ?count2); @*/
{
struct item *pair = network_receive(net_stat);
//@ assert item(pair, ?p, pub);
if (is_pair(pair))
{
struct item *first = pair_get_first(pair);
struct item *second = pair_get_second(pair);
//@ open proof_obligations(pub);
//@ assert is_public_pair_decompose(?proof1, pub);
//@ assert is_public_collision(?proof2, pub);
//@ proof1(p);
//@ assert item(first, ?f, pub);
//@ if (col) proof2(f);
//@ assert item(second, ?s, pub);
//@ if (col) proof2(s);
//@ close proof_obligations(pub);
network_send(net_stat, first);
network_send(net_stat, second);
item_free(first);
item_free(second);
}
item_free(pair);
}
void send_symmetric_encrypted(struct network_status *net_stat, struct keypair *keypair)
/*@ requires [?f0]world(?pub, ?key_clsfy) &*&
keypair(keypair, ?attacker_id, ?id, ?info, pub) &*&
proof_obligations(pub) &*&
network_status(net_stat) &*&
principal(attacker_id, ?count1) &*&
true == bad(attacker_id); @*/
/*@ ensures [f0]world(pub, key_clsfy) &*&
keypair(keypair, attacker_id, id, info, pub) &*&
proof_obligations(pub) &*&
network_status(net_stat) &*&
principal(attacker_id, ?count2); @*/
{
struct item *key = network_receive(net_stat);
//@ assert item(key, ?k, pub);
if (is_symmetric_key(key))
{
struct item *pay = network_receive(net_stat);
//@ assert item(pay, ?p, pub);
//@ open proof_obligations(pub);
//@ item nonce = nonce_item(attacker_id, count1 + 1, 0);
//@ assert is_public_nonce(?proof1, pub);
//@ proof1(nonce);
struct item *enc = symmetric_encryption(key, pay);
//@ assert item(enc, ?e, pub);
/*@ if (col)
{
assert is_public_collision(?proof2, pub);
proof2(e);
}
else
{
assert is_public_symmetric_encrypted(?proof2, pub);
proof2(e);
}
@*/
//@ close proof_obligations(pub);
network_send(net_stat, enc);
item_free(enc);
item_free(pay);
}
item_free(key);
}
void send_hmac(struct network_status *net_stat, struct keypair *keypair)
/*@ requires [?f0]world(?pub, ?key_clsfy) &*&
keypair(keypair, ?attacker_id, ?id, ?info, pub) &*&
proof_obligations(pub) &*&
network_status(net_stat) &*&
principal(attacker_id, ?count1) &*&
true == bad(attacker_id); @*/
/*@ ensures [f0]world(pub, key_clsfy) &*&
keypair(keypair, attacker_id, id, info, pub) &*&
proof_obligations(pub) &*&
network_status(net_stat) &*&
principal(attacker_id, ?count2); @*/
{
struct item *key = network_receive(net_stat);
//@ assert item(key, ?k, pub);
if (is_symmetric_key(key))
{
struct item *pay = network_receive(net_stat);
//@ assert item(pay, ?p, pub);
//@ close hash_item_payload(pub, true, p);
//@ leak hash_item_payload(pub, true, p);
struct item *mac = create_hmac(key, pay);
//@ assert item(mac, ?h, pub);
//@ open proof_obligations(pub);
/*@ if (col)
{
assert is_public_collision(?proof, pub);
proof(h);
}
else
{
assert is_public_hmac(?proof, pub);
proof(h);
}
@*/
//@ close proof_obligations(pub);
network_send(net_stat, mac);
item_free(mac);
item_free(pay);
}
item_free(key);
}
void send_asymmetric_signature(struct network_status *net_stat,
struct keypair *keypair)
/*@ requires [?f0]world(?pub, ?key_clsfy) &*&
keypair(keypair, ?attacker_id, ?id, ?info, pub) &*&
proof_obligations(pub) &*&
network_status(net_stat) &*&
principal(attacker_id, ?count1) &*&
true == bad(attacker_id); @*/
/*@ ensures [f0]world(pub, key_clsfy) &*&
keypair(keypair, attacker_id, id, info, pub) &*&
proof_obligations(pub) &*&
network_status(net_stat) &*&
principal(attacker_id, ?count2); @*/
{
struct item *key = network_receive(net_stat);
//@ assert item(key, ?k, pub);
if (is_private_key(key))
{
struct item *pay = network_receive(net_stat);
//@ assert item(pay, ?p, pub);
struct item *sig = asymmetric_signature(key, pay);
//@ assert item(sig, ?s, pub);
//@ open proof_obligations(pub);
/*@ if (col)
{
assert is_public_collision(?proof, pub);
proof(s);
}
else
{
assert is_public_asymmetric_signature(?proof, pub);
proof(s);
}
@*/
//@ close proof_obligations(pub);
network_send(net_stat, sig);
item_free(sig);
item_free(pay);
}
item_free(key);
}
struct item *receive()
//@ requires [?f0]world(dummy_pub, dummy_key_clsfy) &*& principal(?p, ?c);
/*@ ensures [f0]world(dummy_pub, dummy_key_clsfy) &*& principal(p, c) &*&
item(result, ?msg, dummy_pub) &*& msg == data_item(_); @*/
{
struct network_status *net_stat = network_bind_and_accept(APP_RECEIVE_PORT);
struct item *m = network_receive(net_stat);
check_is_data(m);
network_disconnect(net_stat);
return m;
}
void send_symmetric_decrypted(struct network_status *net_stat, struct keypair *keypair)
/*@ requires [?f0]world(?pub, ?key_clsfy) &*&
keypair(keypair, ?attacker_id, ?id, ?info, pub) &*&
proof_obligations(pub) &*&
network_status(net_stat) &*&
principal(attacker_id, ?count1) &*&
true == bad(attacker_id); @*/
/*@ ensures [f0]world(pub, key_clsfy) &*&
keypair(keypair, attacker_id, id, info, pub) &*&
proof_obligations(pub) &*&
network_status(net_stat) &*&
principal(attacker_id, ?count2); @*/
{
struct item *key = network_receive(net_stat);
//@ assert item(key, ?k, pub);
if (is_symmetric_key(key))
{
struct item *enc = network_receive(net_stat);
//@ assert item(enc, ?e, pub);
if (is_symmetric_encrypted(enc))
{
struct item *dec = symmetric_decryption(key, enc);
//@ assert item(dec, ?d, pub);
//@ open proof_obligations(pub);
/*@ if (!col)
{
assert is_public_symmetric_decrypted(?proof, pub);
proof(e);
}
@*/
network_send(net_stat, dec);
//@ close proof_obligations(pub);
item_free(dec);
}
item_free(enc);
}
item_free(key);
}
void main_thread(void *v)
{
struct ThreadParms *parms = (struct ThreadParms *)v;
struct Adapter *adapter = parms->adapter;
struct Frame frame[1];
struct Thread thread[1];
memset(frame, 0, sizeof(frame[0]));
/*
* thread
*/
memset(thread, 0, sizeof(thread[0]));
thread->catalog = parms->catalog;
thread->userdata = (char*)malloc(PACKET_SIZE);
adapter->alloc_packet = alloc_packet;
adapter->xmit_packet = rawsock_send_packet;
for (;;) {
int err;
unsigned length;
unsigned secs;
unsigned usecs;
const unsigned char *px;
err = rawsock_recv_packet(
adapter,
&length,
&secs,
&usecs,
&px);
if (err != 0)
continue;
network_receive(
frame,
thread,
adapter,
secs,
usecs,
px,
length);
}
}
void run_perf(struct PerfTest *perftest)
{
unsigned i;
unsigned loop_count = perftest->loop_count;
for (i=0; i<loop_count; i++) {
struct Frame frame[1];
network_receive(
frame,
perftest->thread,
perftest->server.adapter,
0,
0,
(unsigned char*)request_template,
sizeof(request_template)-1);
}
__sync_fetch_and_sub(&threads_running, 1);
}
/****************************************************************************
* During a self-test, we intercept the client "transmit" function to
* instead forward directly to the server "receive" path, thus simulating
* from the server's point of a view the reception of a packet. We also
* intercept the reverse path in the function
* "selftest_server_to_client_response".
****************************************************************************/
void
selftest_client_to_server_query(struct Adapter *adapter,
struct Thread *thread, struct Packet *pkt)
{
struct TestAdapter *testadapter = (struct TestAdapter *)adapter->userdata;
struct TestAdapter *other;
struct Selftest *selftest = testadapter->parent;
struct Frame frame[1];
if (&selftest->client == testadapter)
other = &selftest->server;
else
other = &selftest->client;
/* Save the query packet to a file for inspection */
{
struct PcapFile *x;
x = pcapfile_openwrite("self-query.pcap", 1);
pcapfile_writeframe(x, pkt->buf, pkt->max, pkt->max, 0, 0);
pcapfile_close(x);
}
/*
* SHORT CIRCUIT
* This is supposed to be a "transmit" function from the DNS client,
* but what we are doing instead is just forwarding it to the
* "receive" function of the DNS server.
*/
network_receive(
frame,
thread,
other->adapter,
0,
0,
pkt->buf,
pkt->max);
}
struct item *client(char server, struct item *key, struct item *request)
/*@ requires [?f0]world(rpc_pub, rpc_key_clsfy) &*&
principal(?client, ?count) &*&
item(key, symmetric_key_item(?creator, ?id), rpc_pub) &*&
item(request, ?req, rpc_pub) &*& [_]rpc_pub(req) &*&
true == request(creator, server, req) &*&
shared_with(creator, id) == server;
@*/
/*@ ensures [f0]world(rpc_pub, rpc_key_clsfy) &*&
principal(client, count) &*&
item(key, symmetric_key_item(creator, id), rpc_pub) &*&
item(request, req, rpc_pub) &*& item(result, ?resp, rpc_pub) &*&
(
col || bad(creator) || bad(server) ||
response(creator, server, req, resp)
);
@*/
{
struct network_status *net_stat = network_connect("localhost", SERVER_PORT);
{
struct item *tag = create_data_item_from_int(0);
//@ item d = data_item(chars_of_int(0));
//@ assert item(tag, d, rpc_pub);
//@ close rpc_pub(d);
//@ leak rpc_pub(d);
struct item *payload = create_pair(tag, request);
//@ item p = pair_item(d, req);
//@ assert item(payload, p, rpc_pub);
//@ close rpc_pub(p);
//@ leak rpc_pub(p);
item_free(tag);
struct item *hash = create_hmac(key, payload);
//@ item h = hmac_item(creator, id, some(p));
//@ if (!col) assert item(hash, h, rpc_pub);
//@ close rpc_pub(h);
//@ leak rpc_pub(h);
struct item *m = create_pair(hash, payload);
//@ assert item(m, ?msg, rpc_pub);
//@ item msg0 = pair_item(h, p);
//@ if (!col) msg == msg0;
//@ close rpc_pub(msg);
//@ leak rpc_pub(msg);
item_free(hash);
item_free(payload);
network_send(net_stat, m);
item_free(m);
}
struct item *response;
{
struct item *r = network_receive(net_stat);
check_is_pair(r);
//@ assert item(r, pair_item(?h0, ?p0), rpc_pub);
struct item *hmac1 = pair_get_first(r);
//@ assert item(hmac1, ?h, rpc_pub);
struct item *payload = pair_get_second(r);
//@ assert item(payload, ?p, rpc_pub);
/*@ if (!col)
{
assert h0 == h;
assert p0 == p;
open [_]rpc_pub(pair_item(h, p));
open [_]rpc_pub(h);
open [_]rpc_pub(p);
}
@*/
struct item *hmac2 = create_hmac(key, payload);
item_check_equal(hmac1, hmac2);
item_free(hmac1);
item_free(hmac2);
item_free(r);
//@ assert col || h == hmac_item(creator, id, some(p));
struct item *tag = pair_get_first(payload);
check_is_data(tag);
int tagValue = item_get_data_as_int(tag);
if (tagValue != 1) abort();
//@ item d = data_item(chars_of_int(1));
//@ assert item(tag, ?d0, rpc_pub);
//@ assert col || d == d0;
item_free(tag);
struct item *reqresp = pair_get_second(payload);
struct item *request1 = pair_get_first(reqresp);
response = pair_get_second(reqresp);
//@ assert item(request1, ?req1, rpc_pub);
//@ assert item(response, ?resp, rpc_pub);
//@ if (!col) assert p == pair_item(d, pair_item(req1, resp));
item_free(payload);
item_free(reqresp);
item_check_equal(request, request1);
//@ assert col || req1 == req;
item_free(request1);
}
network_disconnect(net_stat);
return response;
}
int main(int argc, char *argv[])
{
dnsPacket *dns, *dnsresponse;
int iResult, iReceived;
char *qdomain, *qserver, *response;
unsigned short qtype = 1, qclass = 1;
qdomain = ((qdomain = command_arg_get(0, '-', argc, argv)) != NULL) ? qdomain : DNS_DEFAULT_LOOKUP;
qserver = ((qserver = command_arg_get(1, '-', argc, argv)) != NULL) ? qserver : DNS_LOOKUP_SERVER;
// create our empty DNS packet
dns = dns_create();
// set the required header fields
dns->base->id = DNS_IDENTIFIER;
// use recursive query?
if (command_opt_set("-r", argc, argv))
{
dns->base->flags |= DNS_FLAGS_RD;
printf("+ Using recursive querying\n");
}
// use a different query type?
if (command_opt_set("-cname", argc, argv))
{
qtype = DNS_TYPE_CNAME;
printf("+ Using CNAME query type\n");
}
else if (command_opt_set("-ns", argc, argv))
{
qtype = DNS_TYPE_NS;
printf("+ Using NS query type\n");
}
else if (command_opt_set("-mx", argc, argv))
{
qtype = DNS_TYPE_MX;
printf("+ Using MX query type\n");
}
else if (command_opt_set("-ptr", argc, argv))
{
qtype = DNS_TYPE_PTR;
printf("+ Using PTR query type\n");
}
else if (command_opt_set("-aaaa", argc, argv))
{
qtype = DNS_TYPE_AAAA;
printf("+ Using AAAA query type\n");
}
// add our question section
dns_add_question(dns, qdomain, strlen(qdomain), qtype, qclass);
dns_hton(dns);
// initialize the network
network_init(qserver, DNS_PORT);
network_connect_udp();
// send the packet out
printf("Looking up %s using %s...\n", qdomain, qserver);
iResult = network_send((char *)dns->base, dns->size);
assert(iResult > 0);
// block until a response is ready
response = network_receive(&iReceived);
assert(iReceived > 0);
// load up the response packet
dnsresponse = dns_parse(response, iReceived);
assert(dnsresponse->base->flags & DNS_FLAGS_RESPONSE && dnsresponse->base->id == DNS_IDENTIFIER);
output_print_response(dnsresponse);
output_print_sections(dnsresponse);
}
void server(char server, struct item *key)
/*@ requires [?f0]world(rpc_pub, rpc_key_clsfy) &*&
principal(server, ?count) &*&
item(key, symmetric_key_item(?creator, ?id), rpc_pub) &*&
shared_with(creator, id) == server;
@*/
/*@ ensures [f0]world(rpc_pub, rpc_key_clsfy) &*&
principal(server, count + 1) &*&
item(key, symmetric_key_item(creator, id), rpc_pub);
@*/
{
struct network_status *net_stat = network_bind_and_accept(SERVER_PORT);
struct item *request = 0;
{
struct item *r = network_receive(net_stat);
check_is_pair(r);
//@ assert item(r, pair_item(?h0, ?p0), rpc_pub);
struct item *hmac1 = pair_get_first(r);
//@ assert item(hmac1, ?h, rpc_pub);
struct item *payload = pair_get_second(r);
//@ assert item(payload, ?p, rpc_pub);
/*@ if (!col)
{
assert h0 == h;
assert p0 == p;
open [_]rpc_pub(pair_item(h, p));
open [_]rpc_pub(h);
open [_]rpc_pub(p);
}
@*/
struct item *hmac2 = create_hmac(key, payload);
item_check_equal(hmac1, hmac2);
item_free(hmac1);
item_free(hmac2);
item_free(r);
//@ assert col || h == hmac_item(creator, id, some(p));
struct item *tag = pair_get_first(payload);
check_is_data(tag);
int tagValue = item_get_data_as_int(tag);
if (tagValue != 0) abort();
//@ item d = data_item(chars_of_int(0));
request = pair_get_second(payload);
/*@ if (!col)
{
assert item(tag, d, rpc_pub);
assert item(request, ?req, rpc_pub);
assert p == pair_item(d, req);
}
@*/
item_free(tag);
item_free(payload);
}
//@ assert item(request, ?req, rpc_pub);
struct item *response = compute_response(server, request);
//@ assert item(response, ?resp, rpc_pub);
{
struct item *reqresp = create_pair(request, response);
//@ item p = pair_item(req, resp);
//@ assert item(reqresp, p, rpc_pub);
//@ close rpc_pub(p);
//@ leak rpc_pub(p);
item_free(response);
item_free(request);
struct item *tag = create_data_item_from_int(1);
struct item *payload = create_pair(tag, reqresp);
//@ item d = data_item(chars_of_int(1));
//@ close rpc_pub(d);
//@ leak rpc_pub(d);
//@ assert item(payload, pair_item(d, p), rpc_pub);
//@ close rpc_pub(pair_item(d, p));
//@ leak rpc_pub(pair_item(d, p));
item_free(tag);
item_free(reqresp);
struct item *hash = create_hmac(key, payload);
//@ item h = hmac_item(creator, id, some(pair_item(d, p)));
//@ if (!col) assert item(hash, h, rpc_pub);
//@ close rpc_pub(h);
//@ leak rpc_pub(h);
struct item *m = create_pair(hash, payload);
//@ assert item(m, ?msg, rpc_pub);
//@ if (!col) msg == pair_item(h, pair_item(d, p));
//@ if (!col) assert item(m, msg, rpc_pub);
//@ close rpc_pub(msg);
//@ leak rpc_pub(msg);
item_free(hash);
item_free(payload);
network_send(net_stat, m);
item_free(m);
}
network_disconnect(net_stat);
}
void send_asymmetric_decrypted(struct network_status *net_stat, struct keypair *keypair)
/*@ requires [?f0]world(?pub, ?key_clsfy) &*&
keypair(keypair, ?attacker_id, ?id, ?info, pub) &*&
proof_obligations(pub) &*&
network_status(net_stat) &*&
principal(attacker_id, ?count1) &*&
true == bad(attacker_id); @*/
/*@ ensures [f0]world(pub, key_clsfy) &*&
keypair(keypair, attacker_id, id, info, pub) &*&
proof_obligations(pub) &*&
network_status(net_stat) &*&
principal(attacker_id, ?count2); @*/
{
struct item *key = network_receive(net_stat);
//@ assert item(key, ?k, pub);
if (is_private_key(key))
{
//@ assert k == private_key_item(?principal2, ?count2);
struct item *enc = network_receive(net_stat);
//@ assert item(enc, ?e, pub);
if (is_asymmetric_encrypted(enc))
{
//@ assert e == asymmetric_encrypted_item(?principal3, ?count3, ?pay, ?ent);
char tag;
//@ close chars(&tag, 1, _);
random_buffer_(&tag, 1);
//@ open chars(&tag, 1, _);
if (tag == TAG_DATA || tag == TAG_PAIR ||
tag == TAG_NONCE || tag == TAG_HASH ||
tag == TAG_SYMMETRIC_KEY || tag == TAG_PUBLIC_KEY ||
tag == TAG_PRIVATE_KEY || tag == TAG_HMAC ||
tag == TAG_SYMMETRIC_ENC || tag == TAG_ASYMMETRIC_ENC ||
tag == TAG_ASYMMETRIC_SIG)
{
struct item *dec = asymmetric_decryption(key, enc, tag);
//@ assert item(dec, ?d, pub);
//@ open proof_obligations(pub);
/*@ if (col)
{
assert [_]pub(d);
}
else if (principal2 == principal3 && count2 == count3)
{
assert pay == some(d);
assert is_public_asymmetric_decrypted(?proof, pub);
proof(e);
}
else
{
assert [_]pub(d);
}
@*/
network_send(net_stat, dec);
//@ close proof_obligations(pub);
item_free(dec);
}
}
item_free(enc);
}
item_free(key);
}
