mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-27 22:03:31 +01:00
Refactor dirobj signature generation
Now we can compute the hash and signature of a dirobj before concatenating the smartlist, and we don't need to play silly games with sigbuf and realloc any more.
This commit is contained in:
parent
fd93622cc8
commit
cb75519bbf
@ -1631,6 +1631,29 @@ crypto_digest_assign(crypto_digest_t *into,
|
|||||||
memcpy(into,from,sizeof(crypto_digest_t));
|
memcpy(into,from,sizeof(crypto_digest_t));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
/** Given a list of strings in <b>lst</b>, set the <b>len_out</b>-byte digest
|
||||||
|
* at <b>digest_out</b> to the hash of the concatenation of those strings,
|
||||||
|
* plus the optional string <b>append</b>, computed with the algorithm
|
||||||
|
* <b>alg</b>. */
|
||||||
|
void
|
||||||
|
crypto_digest_smartlist(char *digest_out, size_t len_out,
|
||||||
|
const smartlist_t *lst, const char *append,
|
||||||
|
digest_algorithm_t alg)
|
||||||
|
{
|
||||||
|
crypto_digest_t *d;
|
||||||
|
if (alg == DIGEST_SHA1)
|
||||||
|
d = crypto_digest_new();
|
||||||
|
else
|
||||||
|
d = crypto_digest256_new(alg);
|
||||||
|
SMARTLIST_FOREACH(lst, const char *, cp,
|
||||||
|
crypto_digest_add_bytes(d, cp, strlen(cp)));
|
||||||
|
if (append)
|
||||||
|
crypto_digest_add_bytes(d, append, strlen(append));
|
||||||
|
crypto_digest_get_digest(d, digest_out, len_out);
|
||||||
|
crypto_digest_free(d);
|
||||||
|
}
|
||||||
|
|
||||||
/** Compute the HMAC-SHA-1 of the <b>msg_len</b> bytes in <b>msg</b>, using
|
/** Compute the HMAC-SHA-1 of the <b>msg_len</b> bytes in <b>msg</b>, using
|
||||||
* the <b>key</b> of length <b>key_len</b>. Store the DIGEST_LEN-byte result
|
* the <b>key</b> of length <b>key_len</b>. Store the DIGEST_LEN-byte result
|
||||||
* in <b>hmac_out</b>.
|
* in <b>hmac_out</b>.
|
||||||
|
@ -206,6 +206,10 @@ int crypto_digest(char *digest, const char *m, size_t len);
|
|||||||
int crypto_digest256(char *digest, const char *m, size_t len,
|
int crypto_digest256(char *digest, const char *m, size_t len,
|
||||||
digest_algorithm_t algorithm);
|
digest_algorithm_t algorithm);
|
||||||
int crypto_digest_all(digests_t *ds_out, const char *m, size_t len);
|
int crypto_digest_all(digests_t *ds_out, const char *m, size_t len);
|
||||||
|
struct smartlist_t;
|
||||||
|
void crypto_digest_smartlist(char *digest_out, size_t len_out,
|
||||||
|
const struct smartlist_t *lst, const char *append,
|
||||||
|
digest_algorithm_t alg);
|
||||||
const char *crypto_digest_algorithm_get_name(digest_algorithm_t alg);
|
const char *crypto_digest_algorithm_get_name(digest_algorithm_t alg);
|
||||||
int crypto_digest_algorithm_parse_name(const char *name);
|
int crypto_digest_algorithm_parse_name(const char *name);
|
||||||
crypto_digest_t *crypto_digest_new(void);
|
crypto_digest_t *crypto_digest_new(void);
|
||||||
|
@ -2911,7 +2911,6 @@ generate_v2_networkstatus_opinion(void)
|
|||||||
size_t identity_pkey_len;
|
size_t identity_pkey_len;
|
||||||
char *status = NULL, *client_versions = NULL, *server_versions = NULL,
|
char *status = NULL, *client_versions = NULL, *server_versions = NULL,
|
||||||
*identity_pkey = NULL, *hostname = NULL;
|
*identity_pkey = NULL, *hostname = NULL;
|
||||||
size_t status_len;
|
|
||||||
const or_options_t *options = get_options();
|
const or_options_t *options = get_options();
|
||||||
char fingerprint[FINGERPRINT_LEN+1];
|
char fingerprint[FINGERPRINT_LEN+1];
|
||||||
char published[ISO_TIME_LEN+1];
|
char published[ISO_TIME_LEN+1];
|
||||||
@ -3032,23 +3031,21 @@ generate_v2_networkstatus_opinion(void)
|
|||||||
smartlist_add_asprintf(chunks, "directory-signature %s\n",
|
smartlist_add_asprintf(chunks, "directory-signature %s\n",
|
||||||
options->Nickname);
|
options->Nickname);
|
||||||
|
|
||||||
status = smartlist_join_strings(chunks, "", 0, NULL);
|
crypto_digest_smartlist(digest, DIGEST_LEN, chunks, "", DIGEST_SHA1);
|
||||||
#define MAX_V2_OPINION_SIGNATURE_LEN 4096
|
|
||||||
status_len = strlen(status) + MAX_V2_OPINION_SIGNATURE_LEN + 1;
|
|
||||||
status = tor_realloc(status, status_len);
|
|
||||||
|
|
||||||
if (router_get_networkstatus_v2_hash(status, digest)<0) {
|
|
||||||
log_warn(LD_BUG, "Unable to hash network status");
|
|
||||||
goto done;
|
|
||||||
}
|
|
||||||
|
|
||||||
note_crypto_pk_op(SIGN_DIR);
|
note_crypto_pk_op(SIGN_DIR);
|
||||||
if (router_append_dirobj_signature(status, status_len,digest,DIGEST_LEN,
|
{
|
||||||
private_key)<0) {
|
char *sig;
|
||||||
log_warn(LD_BUG, "Unable to sign router status.");
|
if (!(sig = router_get_dirobj_signature(digest,DIGEST_LEN,
|
||||||
goto done;
|
private_key))) {
|
||||||
|
log_warn(LD_BUG, "Unable to sign router status.");
|
||||||
|
goto done;
|
||||||
|
}
|
||||||
|
smartlist_add(chunks, sig);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
status = smartlist_join_strings(chunks, "", 0, NULL);
|
||||||
|
|
||||||
{
|
{
|
||||||
networkstatus_v2_t *ns;
|
networkstatus_v2_t *ns;
|
||||||
if (!(ns = networkstatus_v2_parse_from_string(status))) {
|
if (!(ns = networkstatus_v2_parse_from_string(status))) {
|
||||||
|
@ -75,7 +75,6 @@ format_networkstatus_vote(crypto_pk_t *private_signing_key,
|
|||||||
char *client_versions_line = NULL, *server_versions_line = NULL;
|
char *client_versions_line = NULL, *server_versions_line = NULL;
|
||||||
networkstatus_voter_info_t *voter;
|
networkstatus_voter_info_t *voter;
|
||||||
char *status = NULL;
|
char *status = NULL;
|
||||||
size_t status_len;
|
|
||||||
|
|
||||||
tor_assert(private_signing_key);
|
tor_assert(private_signing_key);
|
||||||
tor_assert(v3_ns->type == NS_TYPE_VOTE || v3_ns->type == NS_TYPE_OPINION);
|
tor_assert(v3_ns->type == NS_TYPE_VOTE || v3_ns->type == NS_TYPE_OPINION);
|
||||||
@ -185,6 +184,11 @@ format_networkstatus_vote(crypto_pk_t *private_signing_key,
|
|||||||
|
|
||||||
smartlist_add(chunks, tor_strdup("directory-footer\n"));
|
smartlist_add(chunks, tor_strdup("directory-footer\n"));
|
||||||
|
|
||||||
|
/* The digest includes everything up through the space after
|
||||||
|
* directory-signature. (Yuck.) */
|
||||||
|
crypto_digest_smartlist(digest, DIGEST_LEN, chunks,
|
||||||
|
"directory-signature ", DIGEST_SHA1);
|
||||||
|
|
||||||
{
|
{
|
||||||
char signing_key_fingerprint[FINGERPRINT_LEN+1];
|
char signing_key_fingerprint[FINGERPRINT_LEN+1];
|
||||||
if (crypto_pk_get_fingerprint(private_signing_key,
|
if (crypto_pk_get_fingerprint(private_signing_key,
|
||||||
@ -197,22 +201,19 @@ format_networkstatus_vote(crypto_pk_t *private_signing_key,
|
|||||||
signing_key_fingerprint);
|
signing_key_fingerprint);
|
||||||
}
|
}
|
||||||
|
|
||||||
status = smartlist_join_strings(chunks, "", 0, NULL);
|
|
||||||
#define MAX_VOTE_SIGNATURE_LEN 4096
|
|
||||||
status_len = strlen(status) + MAX_VOTE_SIGNATURE_LEN + 1;
|
|
||||||
status = tor_realloc(status, status_len);
|
|
||||||
|
|
||||||
if (router_get_networkstatus_v3_hash(status, digest, DIGEST_SHA1)<0)
|
|
||||||
goto err;
|
|
||||||
note_crypto_pk_op(SIGN_DIR);
|
note_crypto_pk_op(SIGN_DIR);
|
||||||
if (router_append_dirobj_signature(status+strlen(status),
|
{
|
||||||
status_len,
|
char *sig = router_get_dirobj_signature(digest, DIGEST_LEN,
|
||||||
digest, DIGEST_LEN,
|
private_signing_key);
|
||||||
private_signing_key)<0) {
|
if (!sig) {
|
||||||
log_warn(LD_BUG, "Unable to sign networkstatus vote.");
|
log_warn(LD_BUG, "Unable to sign networkstatus vote.");
|
||||||
goto err;
|
goto err;
|
||||||
|
}
|
||||||
|
smartlist_add(chunks, sig);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
status = smartlist_join_strings(chunks, "", 0, NULL);
|
||||||
|
|
||||||
{
|
{
|
||||||
networkstatus_t *v;
|
networkstatus_t *v;
|
||||||
if (!(v = networkstatus_parse_vote_from_string(status, NULL,
|
if (!(v = networkstatus_parse_vote_from_string(status, NULL,
|
||||||
@ -479,24 +480,6 @@ compute_routerstatus_consensus(smartlist_t *votes, int consensus_method,
|
|||||||
return most;
|
return most;
|
||||||
}
|
}
|
||||||
|
|
||||||
/** Given a list of strings in <b>lst</b>, set the <b>len_out</b>-byte digest
|
|
||||||
* at <b>digest_out</b> to the hash of the concatenation of those strings,
|
|
||||||
* computed with the algorithm <b>alg</b>. */
|
|
||||||
static void
|
|
||||||
hash_list_members(char *digest_out, size_t len_out,
|
|
||||||
smartlist_t *lst, digest_algorithm_t alg)
|
|
||||||
{
|
|
||||||
crypto_digest_t *d;
|
|
||||||
if (alg == DIGEST_SHA1)
|
|
||||||
d = crypto_digest_new();
|
|
||||||
else
|
|
||||||
d = crypto_digest256_new(alg);
|
|
||||||
SMARTLIST_FOREACH(lst, const char *, cp,
|
|
||||||
crypto_digest_add_bytes(d, cp, strlen(cp)));
|
|
||||||
crypto_digest_get_digest(d, digest_out, len_out);
|
|
||||||
crypto_digest_free(d);
|
|
||||||
}
|
|
||||||
|
|
||||||
/** Sorting helper: compare two strings based on their values as base-ten
|
/** Sorting helper: compare two strings based on their values as base-ten
|
||||||
* positive integers. (Non-integers are treated as prior to all integers, and
|
* positive integers. (Non-integers are treated as prior to all integers, and
|
||||||
* compared lexically.) */
|
* compared lexically.) */
|
||||||
@ -2095,12 +2078,12 @@ networkstatus_compute_consensus(smartlist_t *votes,
|
|||||||
size_t digest_len =
|
size_t digest_len =
|
||||||
flavor == FLAV_NS ? DIGEST_LEN : DIGEST256_LEN;
|
flavor == FLAV_NS ? DIGEST_LEN : DIGEST256_LEN;
|
||||||
const char *algname = crypto_digest_algorithm_get_name(digest_alg);
|
const char *algname = crypto_digest_algorithm_get_name(digest_alg);
|
||||||
char sigbuf[4096];
|
char *signature;
|
||||||
|
|
||||||
smartlist_add(chunks, tor_strdup("directory-signature "));
|
smartlist_add(chunks, tor_strdup("directory-signature "));
|
||||||
|
|
||||||
/* Compute the hash of the chunks. */
|
/* Compute the hash of the chunks. */
|
||||||
hash_list_members(digest, digest_len, chunks, digest_alg);
|
crypto_digest_smartlist(digest, digest_len, chunks, "", digest_alg);
|
||||||
|
|
||||||
/* Get the fingerprints */
|
/* Get the fingerprints */
|
||||||
crypto_pk_get_fingerprint(identity_key, fingerprint, 0);
|
crypto_pk_get_fingerprint(identity_key, fingerprint, 0);
|
||||||
@ -2116,14 +2099,12 @@ networkstatus_compute_consensus(smartlist_t *votes,
|
|||||||
signing_key_fingerprint);
|
signing_key_fingerprint);
|
||||||
}
|
}
|
||||||
/* And the signature. */
|
/* And the signature. */
|
||||||
sigbuf[0] = '\0';
|
if (!(signature = router_get_dirobj_signature(digest, digest_len,
|
||||||
if (router_append_dirobj_signature(sigbuf, sizeof(sigbuf),
|
signing_key))) {
|
||||||
digest, digest_len,
|
|
||||||
signing_key)) {
|
|
||||||
log_warn(LD_BUG, "Couldn't sign consensus networkstatus.");
|
log_warn(LD_BUG, "Couldn't sign consensus networkstatus.");
|
||||||
goto done;
|
goto done;
|
||||||
}
|
}
|
||||||
smartlist_add(chunks, tor_strdup(sigbuf));
|
smartlist_add(chunks, signature);
|
||||||
|
|
||||||
if (legacy_id_key_digest && legacy_signing_key && consensus_method >= 3) {
|
if (legacy_id_key_digest && legacy_signing_key && consensus_method >= 3) {
|
||||||
smartlist_add(chunks, tor_strdup("directory-signature "));
|
smartlist_add(chunks, tor_strdup("directory-signature "));
|
||||||
@ -2139,14 +2120,13 @@ networkstatus_compute_consensus(smartlist_t *votes,
|
|||||||
algname, fingerprint,
|
algname, fingerprint,
|
||||||
signing_key_fingerprint);
|
signing_key_fingerprint);
|
||||||
}
|
}
|
||||||
sigbuf[0] = '\0';
|
|
||||||
if (router_append_dirobj_signature(sigbuf, sizeof(sigbuf),
|
if (!(signature = router_get_dirobj_signature(digest, digest_len,
|
||||||
digest, digest_len,
|
legacy_signing_key))) {
|
||||||
legacy_signing_key)) {
|
|
||||||
log_warn(LD_BUG, "Couldn't sign consensus networkstatus.");
|
log_warn(LD_BUG, "Couldn't sign consensus networkstatus.");
|
||||||
goto done;
|
goto done;
|
||||||
}
|
}
|
||||||
smartlist_add(chunks, tor_strdup(sigbuf));
|
smartlist_add(chunks, signature);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -2248,7 +2248,6 @@ router_dump_router_to_string(routerinfo_t *router,
|
|||||||
const or_options_t *options = get_options();
|
const or_options_t *options = get_options();
|
||||||
smartlist_t *chunks = NULL;
|
smartlist_t *chunks = NULL;
|
||||||
char *output = NULL;
|
char *output = NULL;
|
||||||
size_t output_len;
|
|
||||||
|
|
||||||
/* Make sure the identity key matches the one in the routerinfo. */
|
/* Make sure the identity key matches the one in the routerinfo. */
|
||||||
if (!crypto_pk_eq_keys(ident_key, router->identity_pkey)) {
|
if (!crypto_pk_eq_keys(ident_key, router->identity_pkey)) {
|
||||||
@ -2395,24 +2394,22 @@ router_dump_router_to_string(routerinfo_t *router,
|
|||||||
/* Sign the descriptor */
|
/* Sign the descriptor */
|
||||||
smartlist_add(chunks, tor_strdup("router-signature\n"));
|
smartlist_add(chunks, tor_strdup("router-signature\n"));
|
||||||
|
|
||||||
output = smartlist_join_strings(chunks, "", 0, NULL);
|
crypto_digest_smartlist(digest, DIGEST_LEN, chunks, "", DIGEST_SHA1);
|
||||||
#define MAX_DESC_SIGNATURE_LEN 4096
|
|
||||||
output_len = strlen(output) + MAX_DESC_SIGNATURE_LEN + 1;
|
|
||||||
output = tor_realloc(output, output_len);
|
|
||||||
|
|
||||||
if (router_get_router_hash(output, strlen(output), digest) < 0) {
|
|
||||||
goto err;
|
|
||||||
}
|
|
||||||
|
|
||||||
note_crypto_pk_op(SIGN_RTR);
|
note_crypto_pk_op(SIGN_RTR);
|
||||||
if (router_append_dirobj_signature(output, output_len,
|
{
|
||||||
digest,DIGEST_LEN,ident_key)<0) {
|
char *sig;
|
||||||
log_warn(LD_BUG, "Couldn't sign router descriptor");
|
if (!(sig = router_get_dirobj_signature(digest, DIGEST_LEN, ident_key))) {
|
||||||
goto err;
|
log_warn(LD_BUG, "Couldn't sign router descriptor");
|
||||||
|
goto err;
|
||||||
|
}
|
||||||
|
smartlist_add(chunks, sig);
|
||||||
}
|
}
|
||||||
|
|
||||||
/* include a last '\n' */
|
/* include a last '\n' */
|
||||||
strlcat(output, "\n", output_len);
|
smartlist_add(chunks, tor_strdup("\n"));
|
||||||
|
|
||||||
|
output = smartlist_join_strings(chunks, "", 0, NULL);
|
||||||
|
|
||||||
#ifdef DEBUG_ROUTER_DUMP_ROUTER_TO_STRING
|
#ifdef DEBUG_ROUTER_DUMP_ROUTER_TO_STRING
|
||||||
{
|
{
|
||||||
|
@ -683,20 +683,19 @@ router_get_extrainfo_hash(const char *s, size_t s_len, char *digest)
|
|||||||
"\nrouter-signature",'\n', DIGEST_SHA1);
|
"\nrouter-signature",'\n', DIGEST_SHA1);
|
||||||
}
|
}
|
||||||
|
|
||||||
/** Helper: used to generate signatures for routers, directories and
|
/** DOCDOC */
|
||||||
* network-status objects. Given a digest in <b>digest</b> and a secret
|
char *
|
||||||
* <b>private_key</b>, generate an PKCS1-padded signature, BASE64-encode it,
|
router_get_dirobj_signature(const char *digest,
|
||||||
* surround it with -----BEGIN/END----- pairs, and write it to the
|
size_t digest_len,
|
||||||
* <b>buf_len</b>-byte buffer at <b>buf</b>. Return 0 on success, -1 on
|
crypto_pk_t *private_key)
|
||||||
* failure.
|
|
||||||
*/
|
|
||||||
int
|
|
||||||
router_append_dirobj_signature(char *buf, size_t buf_len, const char *digest,
|
|
||||||
size_t digest_len, crypto_pk_t *private_key)
|
|
||||||
{
|
{
|
||||||
char *signature;
|
char *signature;
|
||||||
size_t i, keysize;
|
size_t i, keysize;
|
||||||
int siglen;
|
int siglen;
|
||||||
|
char *buf = NULL;
|
||||||
|
size_t buf_len;
|
||||||
|
/* overestimate of BEGIN/END lines total len. */
|
||||||
|
#define BEGIN_END_OVERHEAD_LEN 64
|
||||||
|
|
||||||
keysize = crypto_pk_keysize(private_key);
|
keysize = crypto_pk_keysize(private_key);
|
||||||
signature = tor_malloc(keysize);
|
signature = tor_malloc(keysize);
|
||||||
@ -706,7 +705,12 @@ router_append_dirobj_signature(char *buf, size_t buf_len, const char *digest,
|
|||||||
log_warn(LD_BUG,"Couldn't sign digest.");
|
log_warn(LD_BUG,"Couldn't sign digest.");
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
if (strlcat(buf, "-----BEGIN SIGNATURE-----\n", buf_len) >= buf_len)
|
|
||||||
|
/* The *2 here is a ridiculous overestimate of base-64 overhead. */
|
||||||
|
buf_len = (siglen * 2) + BEGIN_END_OVERHEAD_LEN;
|
||||||
|
buf = tor_malloc(buf_len);
|
||||||
|
|
||||||
|
if (strlcpy(buf, "-----BEGIN SIGNATURE-----\n", buf_len) >= buf_len)
|
||||||
goto truncated;
|
goto truncated;
|
||||||
|
|
||||||
i = strlen(buf);
|
i = strlen(buf);
|
||||||
@ -719,13 +723,42 @@ router_append_dirobj_signature(char *buf, size_t buf_len, const char *digest,
|
|||||||
goto truncated;
|
goto truncated;
|
||||||
|
|
||||||
tor_free(signature);
|
tor_free(signature);
|
||||||
return 0;
|
return buf;
|
||||||
|
|
||||||
truncated:
|
truncated:
|
||||||
log_warn(LD_BUG,"tried to exceed string length.");
|
log_warn(LD_BUG,"tried to exceed string length.");
|
||||||
err:
|
err:
|
||||||
tor_free(signature);
|
tor_free(signature);
|
||||||
return -1;
|
tor_free(buf);
|
||||||
|
return NULL;
|
||||||
|
}
|
||||||
|
|
||||||
|
/** Helper: used to generate signatures for routers, directories and
|
||||||
|
* network-status objects. Given a digest in <b>digest</b> and a secret
|
||||||
|
* <b>private_key</b>, generate an PKCS1-padded signature, BASE64-encode it,
|
||||||
|
* surround it with -----BEGIN/END----- pairs, and write it to the
|
||||||
|
* <b>buf_len</b>-byte buffer at <b>buf</b>. Return 0 on success, -1 on
|
||||||
|
* failure.
|
||||||
|
*/
|
||||||
|
int
|
||||||
|
router_append_dirobj_signature(char *buf, size_t buf_len, const char *digest,
|
||||||
|
size_t digest_len, crypto_pk_t *private_key)
|
||||||
|
{
|
||||||
|
size_t sig_len, s_len;
|
||||||
|
char *sig = router_get_dirobj_signature(digest, digest_len, private_key);
|
||||||
|
if (!sig) {
|
||||||
|
log_warn(LD_BUG, "No signature generated");
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
sig_len = strlen(sig);
|
||||||
|
s_len = strlen(buf);
|
||||||
|
if (sig_len + s_len + 1 > buf_len) {
|
||||||
|
log_warn(LD_BUG, "Not enough room for signature");
|
||||||
|
tor_free(sig);
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
memcpy(buf+s_len, sig, sig_len+1);
|
||||||
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
/** Return VS_RECOMMENDED if <b>myversion</b> is contained in
|
/** Return VS_RECOMMENDED if <b>myversion</b> is contained in
|
||||||
|
@ -21,6 +21,9 @@ int router_get_networkstatus_v3_hash(const char *s, char *digest,
|
|||||||
int router_get_networkstatus_v3_hashes(const char *s, digests_t *digests);
|
int router_get_networkstatus_v3_hashes(const char *s, digests_t *digests);
|
||||||
int router_get_extrainfo_hash(const char *s, size_t s_len, char *digest);
|
int router_get_extrainfo_hash(const char *s, size_t s_len, char *digest);
|
||||||
#define DIROBJ_MAX_SIG_LEN 256
|
#define DIROBJ_MAX_SIG_LEN 256
|
||||||
|
char *router_get_dirobj_signature(const char *digest,
|
||||||
|
size_t digest_len,
|
||||||
|
crypto_pk_t *private_key);
|
||||||
int router_append_dirobj_signature(char *buf, size_t buf_len,
|
int router_append_dirobj_signature(char *buf, size_t buf_len,
|
||||||
const char *digest,
|
const char *digest,
|
||||||
size_t digest_len,
|
size_t digest_len,
|
||||||
|
Loading…
Reference in New Issue
Block a user