Skip to content

Commit

Permalink
Merge pull request #1515 from nccgroup/case-insensitive-conditionals
Browse files Browse the repository at this point in the history 
Case insensitive conditionals
  • Loading branch information
@fernando-gallego
fernando-gallego authored May 9, 2024
2 parents de1b62c + 77388ef commit 891c337
Show file tree
Hide file tree
Showing 5 changed files with 157 additions and 74 deletions.
6 changes: 5 additions & 1 deletion ScoutSuite/core/conditions.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -115,9 +115,13 @@ def pass_condition(b, test, a):

# Dictionary keys tests
elif test == 'withKey':
result = (a in b)
result = a in b
elif test == 'withoutKey':
result = a not in b
elif test == 'withKeyCaseInsensitive':
result = a.lower() in map(str.lower, b)
elif test == 'withoutKeyCaseInsensitive':
result = a.lower() not in map(str.lower, b)

# String test
elif test == 'containString':
Expand Down
2 changes: 1 addition & 1 deletion ScoutSuite/providers/aws/rules/conditions/policy-statement-any-principal.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
"conditions": [ "or",
[ "_STATEMENT_.Principal", "containAtLeastOneOf", "*" ],
[ "and",
[ "_STATEMENT_.Principal", "withKey", "AWS" ],
[ "_STATEMENT_.Principal", "withKeyCaseInsensitive", "AWS" ],
[ "_STATEMENT_.Principal.AWS", "containAtLeastOneOf", "*" ]
]
]
Expand Down
219 changes: 149 additions & 70 deletions ScoutSuite/providers/aws/rules/conditions/policy-statement-poor-condition.json
View file
Original file line number Diff line number Diff line change
@@ -1,75 +1,154 @@
{
"conditions": [ "or",
[ "_STATEMENT_.", "withoutKey", "Condition" ],
"conditions": [ "or",
[ "_STATEMENT_.", "withoutKey", "Condition" ],
[ "and",
[ "and",
[ "_STATEMENT_.Condition.", "withoutKey", "ArnEquals" ],
[ "_STATEMENT_.Condition.", "withoutKey", "ForAnyValue:ArnEquals" ]
],
[ "and",
[ "_STATEMENT_.Condition.", "withoutKey", "ArnLike" ],
[ "_STATEMENT_.Condition.", "withoutKey", "ForAnyValue:ArnLike" ]
],
[ "or",
[ "_STATEMENT_.Condition.", "withoutKey", "StringEquals" ],
[ "and",
[ "and",
[ "_STATEMENT_.Condition.", "withoutKey", "ArnEquals" ],
[ "_STATEMENT_.Condition.", "withoutKey", "ForAnyValue:ArnEquals" ]
],
[ "and",
[ "_STATEMENT_.Condition.", "withoutKey", "ArnLike" ],
[ "_STATEMENT_.Condition.", "withoutKey", "ForAnyValue:ArnLike" ]
],
[ "or",
[ "_STATEMENT_.Condition.", "withoutKey", "StringEquals" ],
[ "and",
[ "_STATEMENT_.Condition.StringEquals.", "withoutKey", "AWS:SourceArn" ],
[ "_STATEMENT_.Condition.StringEquals.", "withoutKey", "AWS:SourceOwner" ],
[ "_STATEMENT_.Condition.StringEquals.", "withoutKey", "kms:ViaService" ],
[ "_STATEMENT_.Condition.StringEquals.", "withoutKey", "kms:CallerAccount" ],
[ "_STATEMENT_.Condition.StringEquals.", "withoutKey", "iam:PassedToService" ]
]
],
[ "or",
[ "_STATEMENT_.Condition.", "withoutKey", "StringEqualsIgnoreCase" ],
[ "and",
[ "_STATEMENT_.Condition.StringEqualsIgnoreCase.", "withoutKey", "AWS:SourceArn" ],
[ "_STATEMENT_.Condition.StringEqualsIgnoreCase.", "withoutKey", "AWS:SourceOwner" ],
[ "_STATEMENT_.Condition.StringEqualsIgnoreCase.", "withoutKey", "kms:ViaService" ],
[ "_STATEMENT_.Condition.StringEqualsIgnoreCase.", "withoutKey", "kms:CallerAccount" ],
[ "_STATEMENT_.Condition.StringEqualsIgnoreCase.", "withoutKey", "iam:PassedToService" ]
]
],
[ "or",
[ "_STATEMENT_.Condition.", "withoutKey", "StringLike" ],
[ "and",
[ "_STATEMENT_.Condition.StringLike.", "withoutKey", "AWS:SourceArn" ],
[ "_STATEMENT_.Condition.StringLike.", "withoutKey", "AWS:SourceOwner" ],
[ "_STATEMENT_.Condition.StringLike.", "withoutKey", "kms:ViaService" ],
[ "_STATEMENT_.Condition.StringLike.", "withoutKey", "kms:CallerAccount" ],
[ "_STATEMENT_.Condition.StringLike.", "withoutKey", "iam:PassedToService" ]
]
],
[ "or",
[ "_STATEMENT_.Condition.", "withoutKey", "ForAnyValue:StringEquals" ],
[ "and",
[ "_STATEMENT_.Condition.ForAnyValue:StringEquals.", "withoutKey", "AWS:SourceArn" ],
[ "_STATEMENT_.Condition.ForAnyValue:StringEquals.", "withoutKey", "AWS:SourceOwner" ],
[ "_STATEMENT_.Condition.ForAnyValue:StringEquals.", "withoutKey", "kms:ViaService" ],
[ "_STATEMENT_.Condition.ForAnyValue:StringEquals.", "withoutKey", "kms:CallerAccount" ],
[ "_STATEMENT_.Condition.ForAnyValue:StringEquals.", "withoutKey", "iam:PassedToService" ]
]
],
[ "or",
[ "_STATEMENT_.Condition.", "withoutKey", "ForAnyValue:StringEqualsIgnoreCase" ],
[ "and",
[ "_STATEMENT_.Condition.ForAnyValue:StringEqualsIgnoreCase.", "withoutKey", "AWS:SourceArn" ],
[ "_STATEMENT_.Condition.ForAnyValue:StringEqualsIgnoreCase.", "withoutKey", "AWS:SourceOwner" ],
[ "_STATEMENT_.Condition.ForAnyValue:StringEqualsIgnoreCase.", "withoutKey", "kms:ViaService" ],
[ "_STATEMENT_.Condition.ForAnyValue:StringEqualsIgnoreCase.", "withoutKey", "kms:CallerAccount" ],
[ "_STATEMENT_.Condition.ForAnyValue:StringEqualsIgnoreCase.", "withoutKey", "iam:PassedToService" ]
]
],
[ "or",
[ "_STATEMENT_.Condition.", "withoutKey", "ForAnyValue:StringLike" ],
[ "and",
[ "_STATEMENT_.Condition.ForAnyValue:StringLike.", "withoutKey", "AWS:SourceArn" ],
[ "_STATEMENT_.Condition.ForAnyValue:StringLike.", "withoutKey", "AWS:SourceOwner" ],
[ "_STATEMENT_.Condition.ForAnyValue:StringLike.", "withoutKey", "kms:ViaService" ],
[ "_STATEMENT_.Condition.ForAnyValue:StringLike.", "withoutKey", "kms:CallerAccount" ],
[ "_STATEMENT_.Condition.ForAnyValue:StringLike.", "withoutKey", "iam:PassedToService" ]
]
]
[ "_STATEMENT_.Condition.StringEquals.", "withoutKeyCaseInsensitive", "aws:CalledVia" ],
[ "_STATEMENT_.Condition.StringEquals.", "withoutKeyCaseInsensitive", "aws:CalledViaFirst" ],
[ "_STATEMENT_.Condition.StringEquals.", "withoutKeyCaseInsensitive", "aws:CalledViaLast" ],
[ "_STATEMENT_.Condition.StringEquals.", "withoutKeyCaseInsensitive", "aws:PrincipalAccount" ],
[ "_STATEMENT_.Condition.StringEquals.", "withoutKeyCaseInsensitive", "aws:PrincipalArn" ],
[ "_STATEMENT_.Condition.StringEquals.", "withoutKeyCaseInsensitive", "aws:PrincipalOrgPaths" ],
[ "_STATEMENT_.Condition.StringEquals.", "withoutKeyCaseInsensitive", "aws:PrincipalOrgID" ],
[ "_STATEMENT_.Condition.StringEquals.", "withoutKeyCaseInsensitive", "aws:PrincipalServiceName" ],
[ "_STATEMENT_.Condition.StringEquals.", "withoutKeyCaseInsensitive", "aws:PrincipalServiceNamesList" ],
[ "_STATEMENT_.Condition.StringEquals.", "withoutKeyCaseInsensitive", "aws:ResourceTag" ],
[ "_STATEMENT_.Condition.StringEquals.", "withoutKeyCaseInsensitive", "aws:SourceAccount" ],
[ "_STATEMENT_.Condition.StringEquals.", "withoutKeyCaseInsensitive", "aws:SourceArn" ],
[ "_STATEMENT_.Condition.StringEquals.", "withoutKeyCaseInsensitive", "aws:SourceIdentity" ],
[ "_STATEMENT_.Condition.StringEquals.", "withoutKeyCaseInsensitive", "aws:SourceOwner" ],
[ "_STATEMENT_.Condition.StringEquals.", "withoutKeyCaseInsensitive", "aws:ViaAWSService" ],
[ "_STATEMENT_.Condition.StringEquals.", "withoutKeyCaseInsensitive", "iam:PassedToService" ],
[ "_STATEMENT_.Condition.StringEquals.", "withoutKeyCaseInsensitive", "kms:CallerAccount" ],
[ "_STATEMENT_.Condition.StringEquals.", "withoutKeyCaseInsensitive", "kms:ViaService" ]
]
],
[ "or",
[ "_STATEMENT_.Condition.", "withoutKey", "StringEqualsIgnoreCase" ],
[ "and",
[ "_STATEMENT_.Condition.StringEqualsIgnoreCase.", "withoutKeyCaseInsensitive", "aws:CalledVia" ],
[ "_STATEMENT_.Condition.StringEqualsIgnoreCase.", "withoutKeyCaseInsensitive", "aws:CalledViaFirst" ],
[ "_STATEMENT_.Condition.StringEqualsIgnoreCase.", "withoutKeyCaseInsensitive", "aws:CalledViaLast" ],
[ "_STATEMENT_.Condition.StringEqualsIgnoreCase.", "withoutKeyCaseInsensitive", "aws:PrincipalAccount" ],
[ "_STATEMENT_.Condition.StringEqualsIgnoreCase.", "withoutKeyCaseInsensitive", "aws:PrincipalArn" ],
[ "_STATEMENT_.Condition.StringEqualsIgnoreCase.", "withoutKeyCaseInsensitive", "aws:PrincipalOrgPaths" ],
[ "_STATEMENT_.Condition.StringEqualsIgnoreCase.", "withoutKeyCaseInsensitive", "aws:PrincipalOrgID" ],
[ "_STATEMENT_.Condition.StringEqualsIgnoreCase.", "withoutKeyCaseInsensitive", "aws:PrincipalServiceName" ],
[ "_STATEMENT_.Condition.StringEqualsIgnoreCase.", "withoutKeyCaseInsensitive", "aws:PrincipalServiceNamesList" ],
[ "_STATEMENT_.Condition.StringEqualsIgnoreCase.", "withoutKeyCaseInsensitive", "aws:ResourceTag" ],
[ "_STATEMENT_.Condition.StringEqualsIgnoreCase.", "withoutKeyCaseInsensitive", "aws:SourceAccount" ],
[ "_STATEMENT_.Condition.StringEqualsIgnoreCase.", "withoutKeyCaseInsensitive", "aws:SourceArn" ],
[ "_STATEMENT_.Condition.StringEqualsIgnoreCase.", "withoutKeyCaseInsensitive", "aws:SourceIdentity" ],
[ "_STATEMENT_.Condition.StringEqualsIgnoreCase.", "withoutKeyCaseInsensitive", "aws:SourceOwner" ],
[ "_STATEMENT_.Condition.StringEqualsIgnoreCase.", "withoutKeyCaseInsensitive", "aws:ViaAWSService" ],
[ "_STATEMENT_.Condition.StringEqualsIgnoreCase.", "withoutKeyCaseInsensitive", "iam:PassedToService" ],
[ "_STATEMENT_.Condition.StringEqualsIgnoreCase.", "withoutKeyCaseInsensitive", "kms:CallerAccount" ],
[ "_STATEMENT_.Condition.StringEqualsIgnoreCase.", "withoutKeyCaseInsensitive", "kms:ViaService" ]
]
],
[ "or",
[ "_STATEMENT_.Condition.", "withoutKey", "StringLike" ],
[ "and",
[ "_STATEMENT_.Condition.StringLike.", "withoutKeyCaseInsensitive", "aws:CalledVia" ],
[ "_STATEMENT_.Condition.StringLike.", "withoutKeyCaseInsensitive", "aws:CalledViaFirst" ],
[ "_STATEMENT_.Condition.StringLike.", "withoutKeyCaseInsensitive", "aws:CalledViaLast" ],
[ "_STATEMENT_.Condition.StringLike.", "withoutKeyCaseInsensitive", "aws:PrincipalAccount" ],
[ "_STATEMENT_.Condition.StringLike.", "withoutKeyCaseInsensitive", "aws:PrincipalArn" ],
[ "_STATEMENT_.Condition.StringLike.", "withoutKeyCaseInsensitive", "aws:PrincipalOrgPaths" ],
[ "_STATEMENT_.Condition.StringLike.", "withoutKeyCaseInsensitive", "aws:PrincipalOrgID" ],
[ "_STATEMENT_.Condition.StringLike.", "withoutKeyCaseInsensitive", "aws:PrincipalServiceName" ],
[ "_STATEMENT_.Condition.StringLike.", "withoutKeyCaseInsensitive", "aws:PrincipalServiceNamesList" ],
[ "_STATEMENT_.Condition.StringLike.", "withoutKeyCaseInsensitive", "aws:ResourceTag" ],
[ "_STATEMENT_.Condition.StringLike.", "withoutKeyCaseInsensitive", "aws:SourceAccount" ],
[ "_STATEMENT_.Condition.StringLike.", "withoutKeyCaseInsensitive", "aws:SourceArn" ],
[ "_STATEMENT_.Condition.StringLike.", "withoutKeyCaseInsensitive", "aws:SourceIdentity" ],
[ "_STATEMENT_.Condition.StringLike.", "withoutKeyCaseInsensitive", "aws:SourceOwner" ],
[ "_STATEMENT_.Condition.StringLike.", "withoutKeyCaseInsensitive", "aws:ViaAWSService" ],
[ "_STATEMENT_.Condition.StringLike.", "withoutKeyCaseInsensitive", "iam:PassedToService" ],
[ "_STATEMENT_.Condition.StringLike.", "withoutKeyCaseInsensitive", "kms:CallerAccount" ],
[ "_STATEMENT_.Condition.StringLike.", "withoutKeyCaseInsensitive", "kms:ViaService" ]
]
],
[ "or",
[ "_STATEMENT_.Condition.", "withoutKey", "ForAnyValue:StringEquals" ],
[ "and",
[ "_STATEMENT_.Condition.ForAnyValue:StringEquals.", "withoutKeyCaseInsensitive", "aws:CalledVia" ],
[ "_STATEMENT_.Condition.ForAnyValue:StringEquals.", "withoutKeyCaseInsensitive", "aws:CalledViaFirst" ],
[ "_STATEMENT_.Condition.ForAnyValue:StringEquals.", "withoutKeyCaseInsensitive", "aws:CalledViaLast" ],
[ "_STATEMENT_.Condition.ForAnyValue:StringEquals.", "withoutKeyCaseInsensitive", "aws:PrincipalAccount" ],
[ "_STATEMENT_.Condition.ForAnyValue:StringEquals.", "withoutKeyCaseInsensitive", "aws:PrincipalArn" ],
[ "_STATEMENT_.Condition.ForAnyValue:StringEquals.", "withoutKeyCaseInsensitive", "aws:PrincipalOrgPaths" ],
[ "_STATEMENT_.Condition.ForAnyValue:StringEquals.", "withoutKeyCaseInsensitive", "aws:PrincipalOrgID" ],
[ "_STATEMENT_.Condition.ForAnyValue:StringEquals.", "withoutKeyCaseInsensitive", "aws:PrincipalServiceName" ],
[ "_STATEMENT_.Condition.ForAnyValue:StringEquals.", "withoutKeyCaseInsensitive", "aws:PrincipalServiceNamesList" ],
[ "_STATEMENT_.Condition.ForAnyValue:StringEquals.", "withoutKeyCaseInsensitive", "aws:ResourceTag" ],
[ "_STATEMENT_.Condition.ForAnyValue:StringEquals.", "withoutKeyCaseInsensitive", "aws:SourceAccount" ],
[ "_STATEMENT_.Condition.ForAnyValue:StringEquals.", "withoutKeyCaseInsensitive", "aws:SourceArn" ],
[ "_STATEMENT_.Condition.ForAnyValue:StringEquals.", "withoutKeyCaseInsensitive", "aws:SourceIdentity" ],
[ "_STATEMENT_.Condition.ForAnyValue:StringEquals.", "withoutKeyCaseInsensitive", "aws:SourceOwner" ],
[ "_STATEMENT_.Condition.ForAnyValue:StringEquals.", "withoutKeyCaseInsensitive", "aws:ViaAWSService" ],
[ "_STATEMENT_.Condition.ForAnyValue:StringEquals.", "withoutKeyCaseInsensitive", "iam:PassedToService" ],
[ "_STATEMENT_.Condition.ForAnyValue:StringEquals.", "withoutKeyCaseInsensitive", "kms:CallerAccount" ],
[ "_STATEMENT_.Condition.ForAnyValue:StringEquals.", "withoutKeyCaseInsensitive", "kms:ViaService" ]
]
],
[ "or",
[ "_STATEMENT_.Condition.", "withoutKey", "ForAnyValue:StringEqualsIgnoreCase" ],
[ "and",
[ "_STATEMENT_.Condition.ForAnyValue:StringEqualsIgnoreCase.", "withoutKeyCaseInsensitive", "aws:CalledVia" ],
[ "_STATEMENT_.Condition.ForAnyValue:StringEqualsIgnoreCase.", "withoutKeyCaseInsensitive", "aws:CalledViaFirst" ],
[ "_STATEMENT_.Condition.ForAnyValue:StringEqualsIgnoreCase.", "withoutKeyCaseInsensitive", "aws:CalledViaLast" ],
[ "_STATEMENT_.Condition.ForAnyValue:StringEqualsIgnoreCase.", "withoutKeyCaseInsensitive", "aws:PrincipalAccount" ],
[ "_STATEMENT_.Condition.ForAnyValue:StringEqualsIgnoreCase.", "withoutKeyCaseInsensitive", "aws:PrincipalArn" ],
[ "_STATEMENT_.Condition.ForAnyValue:StringEqualsIgnoreCase.", "withoutKeyCaseInsensitive", "aws:PrincipalOrgPaths" ],
[ "_STATEMENT_.Condition.ForAnyValue:StringEqualsIgnoreCase.", "withoutKeyCaseInsensitive", "aws:PrincipalOrgID" ],
[ "_STATEMENT_.Condition.ForAnyValue:StringEqualsIgnoreCase.", "withoutKeyCaseInsensitive", "aws:PrincipalServiceName" ],
[ "_STATEMENT_.Condition.ForAnyValue:StringEqualsIgnoreCase.", "withoutKeyCaseInsensitive", "aws:PrincipalServiceNamesList" ],
[ "_STATEMENT_.Condition.ForAnyValue:StringEqualsIgnoreCase.", "withoutKeyCaseInsensitive", "aws:ResourceTag" ],
[ "_STATEMENT_.Condition.ForAnyValue:StringEqualsIgnoreCase.", "withoutKeyCaseInsensitive", "aws:SourceAccount" ],
[ "_STATEMENT_.Condition.ForAnyValue:StringEqualsIgnoreCase.", "withoutKeyCaseInsensitive", "aws:SourceArn" ],
[ "_STATEMENT_.Condition.ForAnyValue:StringEqualsIgnoreCase.", "withoutKeyCaseInsensitive", "aws:SourceIdentity" ],
[ "_STATEMENT_.Condition.ForAnyValue:StringEqualsIgnoreCase.", "withoutKeyCaseInsensitive", "aws:SourceOwner" ],
[ "_STATEMENT_.Condition.ForAnyValue:StringEqualsIgnoreCase.", "withoutKeyCaseInsensitive", "aws:ViaAWSService" ],
[ "_STATEMENT_.Condition.ForAnyValue:StringEqualsIgnoreCase.", "withoutKeyCaseInsensitive", "iam:PassedToService" ],
[ "_STATEMENT_.Condition.ForAnyValue:StringEqualsIgnoreCase.", "withoutKeyCaseInsensitive", "kms:CallerAccount" ],
[ "_STATEMENT_.Condition.ForAnyValue:StringEqualsIgnoreCase.", "withoutKeyCaseInsensitive", "kms:ViaService" ]
]
],
[ "or",
[ "_STATEMENT_.Condition.", "withoutKey", "ForAnyValue:StringLike" ],
[ "and",
[ "_STATEMENT_.Condition.ForAnyValue:StringLike.", "withoutKeyCaseInsensitive", "aws:CalledVia" ],
[ "_STATEMENT_.Condition.ForAnyValue:StringLike.", "withoutKeyCaseInsensitive", "aws:CalledViaFirst" ],
[ "_STATEMENT_.Condition.ForAnyValue:StringLike.", "withoutKeyCaseInsensitive", "aws:CalledViaLast" ],
[ "_STATEMENT_.Condition.ForAnyValue:StringLike.", "withoutKeyCaseInsensitive", "aws:PrincipalAccount" ],
[ "_STATEMENT_.Condition.ForAnyValue:StringLike.", "withoutKeyCaseInsensitive", "aws:PrincipalArn" ],
[ "_STATEMENT_.Condition.ForAnyValue:StringLike.", "withoutKeyCaseInsensitive", "aws:PrincipalOrgPaths" ],
[ "_STATEMENT_.Condition.ForAnyValue:StringLike.", "withoutKeyCaseInsensitive", "aws:PrincipalOrgID" ],
[ "_STATEMENT_.Condition.ForAnyValue:StringLike.", "withoutKeyCaseInsensitive", "aws:PrincipalServiceName" ],
[ "_STATEMENT_.Condition.ForAnyValue:StringLike.", "withoutKeyCaseInsensitive", "aws:PrincipalServiceNamesList" ],
[ "_STATEMENT_.Condition.ForAnyValue:StringLike.", "withoutKeyCaseInsensitive", "aws:ResourceTag" ],
[ "_STATEMENT_.Condition.ForAnyValue:StringLike.", "withoutKeyCaseInsensitive", "aws:SourceAccount" ],
[ "_STATEMENT_.Condition.ForAnyValue:StringLike.", "withoutKeyCaseInsensitive", "aws:SourceArn" ],
[ "_STATEMENT_.Condition.ForAnyValue:StringLike.", "withoutKeyCaseInsensitive", "aws:SourceIdentity" ],
[ "_STATEMENT_.Condition.ForAnyValue:StringLike.", "withoutKeyCaseInsensitive", "aws:SourceOwner" ],
[ "_STATEMENT_.Condition.ForAnyValue:StringLike.", "withoutKeyCaseInsensitive", "aws:ViaAWSService" ],
[ "_STATEMENT_.Condition.ForAnyValue:StringLike.", "withoutKeyCaseInsensitive", "iam:PassedToService" ],
[ "_STATEMENT_.Condition.ForAnyValue:StringLike.", "withoutKeyCaseInsensitive", "kms:CallerAccount" ],
[ "_STATEMENT_.Condition.ForAnyValue:StringLike.", "withoutKeyCaseInsensitive", "kms:ViaService" ]

]
]
]
]
}
2 changes: 1 addition & 1 deletion ScoutSuite/providers/aws/rules/findings/iam-assume-role-lacks-external-id-and-mfa.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@
],
[
"iam.roles.id.assume_role_policy.PolicyDocument.Statement.id.Principal",
"withKey",
"withKeyCaseInsensitive",
"AWS"
],
[
Expand Down
2 changes: 1 addition & 1 deletion ScoutSuite/providers/aws/rules/findings/iam-assume-role-no-mfa.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@
],
[
"iam.roles.id.assume_role_policy.PolicyDocument.Statement.id.Principal",
"withKey",
"withKeyCaseInsensitive",
"AWS"
],
[
Expand Down

0 comments on commit 891c337

Please sign in to comment.