Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
O
OpnSense
Project
Project
Details
Activity
Releases
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Kulya
OpnSense
Commits
180d611a
Commit
180d611a
authored
Mar 11, 2017
by
Franco Fichtner
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
ipsec: move/merge into plugins
parent
9b694b70
Changes
21
Hide whitespace changes
Inline
Side-by-side
Showing
21 changed files
with
117 additions
and
145 deletions
+117
-145
plist
plist
+2
-3
interfaces.inc
src/etc/inc/interfaces.inc
+2
-2
if_ipsec.inc
src/etc/inc/plugins.inc.d/if_ipsec.inc
+0
-112
ipsec.inc
src/etc/inc/plugins.inc.d/ipsec.inc
+88
-2
auth-user.php
src/etc/inc/plugins.inc.d/ipsec/auth-user.php
+0
-0
services.inc
src/etc/inc/services.inc
+2
-2
legacy.inc
src/etc/inc/xmlrpc/legacy.inc
+1
-1
rc.bootup
src/etc/rc.bootup
+2
-2
rc.newipsecdns
src/etc/rc.newipsecdns
+2
-2
rc.newwanip
src/etc/rc.newwanip
+1
-1
rc.newwanipv6
src/etc/rc.newwanipv6
+2
-2
diag_ipsec_leases.php
src/www/diag_ipsec_leases.php
+1
-1
diag_ipsec_sad.php
src/www/diag_ipsec_sad.php
+1
-1
diag_ipsec_spd.php
src/www/diag_ipsec_spd.php
+1
-1
vpn_ipsec.php
src/www/vpn_ipsec.php
+3
-3
vpn_ipsec_keys.php
src/www/vpn_ipsec_keys.php
+2
-2
vpn_ipsec_keys_edit.php
src/www/vpn_ipsec_keys_edit.php
+1
-1
vpn_ipsec_mobile.php
src/www/vpn_ipsec_mobile.php
+2
-2
vpn_ipsec_phase1.php
src/www/vpn_ipsec_phase1.php
+1
-2
vpn_ipsec_phase2.php
src/www/vpn_ipsec_phase2.php
+1
-1
vpn_ipsec_settings.php
src/www/vpn_ipsec_settings.php
+2
-2
No files found.
plist
View file @
180d611a
...
...
@@ -23,8 +23,6 @@
/usr/local/etc/inc/gwlb.inc
/usr/local/etc/inc/interfaces.inc
/usr/local/etc/inc/interfaces.lib.inc
/usr/local/etc/inc/ipsec.auth-user.php
/usr/local/etc/inc/ipsec.inc
/usr/local/etc/inc/legacy_bindings.inc
/usr/local/etc/inc/notices.basic_sasl_client.inc
/usr/local/etc/inc/notices.cram_md5_sasl_client.inc
...
...
@@ -43,10 +41,11 @@
/usr/local/etc/inc/plugins.inc
/usr/local/etc/inc/plugins.inc.d/dnsmasq.inc
/usr/local/etc/inc/plugins.inc.d/if_group.inc
/usr/local/etc/inc/plugins.inc.d/if_ipsec.inc
/usr/local/etc/inc/plugins.inc.d/if_legacy_opt.inc
/usr/local/etc/inc/plugins.inc.d/if_openvpn.inc
/usr/local/etc/inc/plugins.inc.d/ipfw.inc
/usr/local/etc/inc/plugins.inc.d/ipsec.inc
/usr/local/etc/inc/plugins.inc.d/ipsec/auth-user.php
/usr/local/etc/inc/plugins.inc.d/netflow.inc
/usr/local/etc/inc/plugins.inc.d/ntpd.inc
/usr/local/etc/inc/plugins.inc.d/pf.inc
...
...
src/etc/inc/interfaces.inc
View file @
180d611a
...
...
@@ -1034,7 +1034,7 @@ function interfaces_configure($verbose = false)
if
(
$reload
)
{
system_routing_configure
(
''
,
$verbose
);
ipsec_configure
(
$verbose
);
ipsec_configure
_do
(
$verbose
);
dnsmasq_configure_do
(
$verbose
);
unbound_configure_do
(
$verbose
);
services_dhcpd_configure
(
'all'
,
array
(),
$verbose
);
...
...
@@ -2769,7 +2769,7 @@ function interface_configure($interface = 'wan', $reloadall = false, $linkupeven
system_routing_configure
(
$interface
);
/* reload ipsec tunnels */
ipsec_configure
();
ipsec_configure
_do
();
/* restart dns servers */
dnsmasq_configure_do
();
...
...
src/etc/inc/plugins.inc.d/if_ipsec.inc
deleted
100644 → 0
View file @
9b694b70
<?php
/*
Copyright (C) 2016 Deciso B.V.
All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are met:
1. Redistributions of source code must retain the above copyright notice,
this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.
*/
function
if_ipsec_syslog
()
{
$logfacilities
=
array
();
$logfacilities
[
'ipsec'
]
=
array
(
'facility'
=>
array
(
'charon'
),
'remote'
=>
'vpn'
,
);
return
$logfacilities
;
}
function
if_ipsec_services
()
{
global
$config
;
$services
=
array
();
if
(
!
empty
(
$config
[
'ipsec'
][
'enable'
])
||
!
empty
(
$config
[
'ipsec'
][
'client'
][
'enable'
]))
{
$pconfig
=
array
();
$pconfig
[
'name'
]
=
'strongswan'
;
$pconfig
[
'description'
]
=
gettext
(
'IPsec VPN'
);
$pconfig
[
'pidfile'
]
=
'/var/run/charon.pid'
;
$pconfig
[
'configd'
]
=
array
(
'restart'
=>
array
(
'ipsec restart'
),
'start'
=>
array
(
'ipsec start'
),
'stop'
=>
array
(
'ipsec stop'
),
);
$services
[]
=
$pconfig
;
}
return
$services
;
}
function
if_ipsec_interfaces
()
{
global
$config
;
$interfaces
=
array
();
if
(
isset
(
$config
[
'ipsec'
][
'phase1'
])
&&
isset
(
$config
[
'ipsec'
][
'phase2'
]))
{
foreach
(
$config
[
'ipsec'
][
'phase1'
]
as
$ph1ent
)
{
if
(
!
empty
(
$ph1ent
[
'disabled'
]))
{
continue
;
}
foreach
(
$config
[
'ipsec'
][
'phase2'
]
as
$ph2ent
)
{
if
(
!
empty
(
$ph2ent
[
'disabled'
])
||
$ph1ent
[
'ikeid'
]
!=
$ph2ent
[
'ikeid'
])
{
continue
;
}
if
((
!
empty
(
$ph2ent
[
'mobile'
])
&&
empty
(
$config
[
'ipsec'
][
'client'
][
'enable'
]))
||
empty
(
$config
[
'ipsec'
][
'enable'
]))
{
continue
;
}
$oic
=
array
(
'enable'
=>
true
);
$oic
[
'if'
]
=
'enc0'
;
$oic
[
'descr'
]
=
'IPsec'
;
$oic
[
'type'
]
=
'none'
;
$oic
[
'virtual'
]
=
true
;
$oic
[
'networks'
]
=
array
();
$interfaces
[
'enc0'
]
=
$oic
;
break
2
;
}
}
}
return
$interfaces
;
}
function
if_ipsec_xmlrpc_sync
()
{
$result
=
array
();
$result
[]
=
array
(
'description'
=>
gettext
(
'IPsec'
),
'section'
=>
'ipsec'
,
'id'
=>
'ipsec'
,
);
return
$result
;
}
src/etc/inc/ipsec.inc
→
src/etc/inc/
plugins.inc.d/
ipsec.inc
View file @
180d611a
<?php
/*
Copyright (C) 2016 Deciso B.V.
Copyright (C) 2008 Shrew Soft Inc
Copyright (C) 2008 Ermal Luçi
Copyright (C) 2004-2007 Scott Ullrich
...
...
@@ -98,6 +99,40 @@ $p2_protos = array(
'ah'
=>
'AH'
);
function
ipsec_syslog
()
{
$logfacilities
=
array
();
$logfacilities
[
'ipsec'
]
=
array
(
'facility'
=>
array
(
'charon'
),
'remote'
=>
'vpn'
,
);
return
$logfacilities
;
}
function
ipsec_services
()
{
global
$config
;
$services
=
array
();
if
(
!
empty
(
$config
[
'ipsec'
][
'enable'
])
||
!
empty
(
$config
[
'ipsec'
][
'client'
][
'enable'
]))
{
$pconfig
=
array
();
$pconfig
[
'name'
]
=
'strongswan'
;
$pconfig
[
'description'
]
=
gettext
(
'IPsec VPN'
);
$pconfig
[
'pidfile'
]
=
'/var/run/charon.pid'
;
$pconfig
[
'configd'
]
=
array
(
'restart'
=>
array
(
'ipsec restart'
),
'start'
=>
array
(
'ipsec start'
),
'stop'
=>
array
(
'ipsec stop'
),
);
$services
[]
=
$pconfig
;
}
return
$services
;
}
$p2_pfskeygroups
=
array
(
0
=>
'off'
,
1
=>
'1 (768 bit)'
,
...
...
@@ -110,6 +145,57 @@ $p2_pfskeygroups = array(
18
=>
'18 (8192 bit)'
);
function
ipsec_interfaces
()
{
global
$config
;
$interfaces
=
array
();
if
(
isset
(
$config
[
'ipsec'
][
'phase1'
])
&&
isset
(
$config
[
'ipsec'
][
'phase2'
]))
{
foreach
(
$config
[
'ipsec'
][
'phase1'
]
as
$ph1ent
)
{
if
(
!
empty
(
$ph1ent
[
'disabled'
]))
{
continue
;
}
foreach
(
$config
[
'ipsec'
][
'phase2'
]
as
$ph2ent
)
{
if
(
!
empty
(
$ph2ent
[
'disabled'
])
||
$ph1ent
[
'ikeid'
]
!=
$ph2ent
[
'ikeid'
])
{
continue
;
}
if
((
!
empty
(
$ph2ent
[
'mobile'
])
&&
empty
(
$config
[
'ipsec'
][
'client'
][
'enable'
]))
||
empty
(
$config
[
'ipsec'
][
'enable'
]))
{
continue
;
}
$oic
=
array
(
'enable'
=>
true
);
$oic
[
'if'
]
=
'enc0'
;
$oic
[
'descr'
]
=
'IPsec'
;
$oic
[
'type'
]
=
'none'
;
$oic
[
'virtual'
]
=
true
;
$oic
[
'networks'
]
=
array
();
$interfaces
[
'enc0'
]
=
$oic
;
break
2
;
}
}
}
return
$interfaces
;
}
function
ipsec_xmlrpc_sync
()
{
$result
=
array
();
$result
[]
=
array
(
'description'
=>
gettext
(
'IPsec'
),
'section'
=>
'ipsec'
,
'id'
=>
'ipsec'
,
);
return
$result
;
}
/*
* Return phase1 local address
*/
...
...
@@ -439,7 +525,7 @@ function ipsec_convert_to_modp($index)
return
$convertion
;
}
function
ipsec_configure
(
$verbose
=
false
)
function
ipsec_configure
_do
(
$verbose
=
false
)
{
global
$config
,
$p2_ealgos
,
$ipsec_loglevels
;
...
...
@@ -745,7 +831,7 @@ EOD;
}
if
(
$a_client
[
'user_source'
]
!=
"none"
&&
$disable_xauth
==
false
)
{
$strongswan
.=
"
\t\t
xauth-generic {\n"
;
$strongswan
.=
"
\t\t\t
script = /usr/local/etc/inc/
ipsec.
auth-user.php
\n
"
;
$strongswan
.=
"
\t\t\t
script = /usr/local/etc/inc/
plugins.inc.d/ipsec/
auth-user.php
\n
"
;
$strongswan
.=
"
\t\t\t
authcfg = "
;
$firstsed
=
0
;
$authcfgs
=
explode
(
","
,
$a_client
[
'user_source'
]);
...
...
src/etc/inc/
ipsec.
auth-user.php
→
src/etc/inc/
plugins.inc.d/ipsec/
auth-user.php
View file @
180d611a
File moved
src/etc/inc/services.inc
View file @
180d611a
...
...
@@ -45,8 +45,8 @@
*/
require_once
(
'dyndns.class'
);
require_once
(
'plugins.inc.d/dnsmasq.inc'
);
require_once
(
'ipsec.inc'
);
require_once
(
'openvpn.inc'
);
require_once
(
'
plugins.inc.d/
ipsec.inc'
);
require_once
(
'openvpn.inc'
);
/* XXX move to plugin */
require_once
(
'plugins.inc.d/unbound.inc'
);
function
generate_ipv6_from_mac
(
$mac
)
...
...
src/etc/inc/xmlrpc/legacy.inc
View file @
180d611a
...
...
@@ -256,7 +256,7 @@ function restore_config_section_xmlrpc($new_config)
}
if
(
isset
(
$old_config
[
'ipsec'
][
'enable'
])
!==
isset
(
$config
[
'ipsec'
][
'enable'
]))
{
ipsec_configure
();
ipsec_configure
_do
();
}
unset
(
$old_config
);
...
...
src/etc/rc.bootup
View file @
180d611a
...
...
@@ -116,7 +116,7 @@ filter_configure_sync(true);
plugins_configure
(
'bootup'
,
true
);
/* start IPsec tunnels */
$ipsec_dynamic_hosts
=
ipsec_configure
(
true
);
$ipsec_dynamic_hosts
=
ipsec_configure
_do
(
true
);
enable_rrd_graphing
(
true
);
system_powerd_configure
(
true
);
...
...
@@ -130,7 +130,7 @@ system_syslogd_start(true);
/* If there are ipsec dynamic hosts try again to reload the tunnels as rc.newipsecdns does */
if
(
$ipsec_dynamic_hosts
)
{
ipsec_configure
(
true
);
ipsec_configure
_do
(
true
);
}
// generate configuration data for all installed templates
...
...
src/etc/rc.newipsecdns
View file @
180d611a
...
...
@@ -32,7 +32,7 @@
require_once
(
"util.inc"
);
require_once
(
"config.inc"
);
require_once
(
"filter.inc"
);
require_once
(
'ipsec.inc'
);
require_once
(
'
plugins.inc.d/
ipsec.inc'
);
require_once
(
'auth.inc'
);
require_once
(
"interfaces.inc"
);
...
...
@@ -47,5 +47,5 @@ if (file_exists('/var/run/booting')) {
}
$ipseclck
=
lock
(
'ipsecdns'
,
LOCK_EX
);
ipsec_configure
();
ipsec_configure
_do
();
unlock
(
$ipseclck
);
src/etc/rc.newwanip
View file @
180d611a
...
...
@@ -189,7 +189,7 @@ if (!is_ipaddr($oldip) || $curwanip != $oldip || !is_ipaddrv4($config['interface
/* reconfigure IPsec tunnels */
if
(
ipsec_configured_on_interface
(
$interface
))
{
ipsec_configure
();
ipsec_configure
_do
();
}
/* start OpenVPN server & clients */
...
...
src/etc/rc.newwanipv6
View file @
180d611a
...
...
@@ -123,7 +123,7 @@ if (is_ipaddrv6($oldipv6)) {
if
(
in_array
(
$config
[
'interfaces'
][
$interface
][
'ipaddrv6'
],
array
(
'pppoe'
,
'pptp'
,
'ppp'
)))
{
/* reconfigure IPsec tunnels */
if
(
ipsec_configured_on_interface
(
$interface
))
{
ipsec_configure
();
ipsec_configure
_do
();
}
/* start OpenVPN server & clients */
...
...
@@ -147,7 +147,7 @@ services_dyndns_configure($interface);
/* reconfigure IPsec tunnels */
if
(
ipsec_configured_on_interface
(
$interface
))
{
ipsec_configure
();
ipsec_configure
_do
();
}
/* start OpenVPN server & clients */
...
...
src/www/diag_ipsec_leases.php
View file @
180d611a
...
...
@@ -28,7 +28,7 @@
*/
require_once
(
"guiconfig.inc"
);
require_once
(
"ipsec.inc"
);
require_once
(
"
plugins.inc.d/
ipsec.inc"
);
require_once
(
"services.inc"
);
require_once
(
"interfaces.inc"
);
...
...
src/www/diag_ipsec_sad.php
View file @
180d611a
...
...
@@ -29,7 +29,7 @@
*/
require_once
(
"guiconfig.inc"
);
require_once
(
"ipsec.inc"
);
require_once
(
"
plugins.inc.d/
ipsec.inc"
);
require_once
(
"services.inc"
);
require_once
(
"interfaces.inc"
);
...
...
src/www/diag_ipsec_spd.php
View file @
180d611a
...
...
@@ -29,7 +29,7 @@
*/
require_once
(
"guiconfig.inc"
);
require_once
(
"ipsec.inc"
);
require_once
(
"
plugins.inc.d/
ipsec.inc"
);
require_once
(
"services.inc"
);
require_once
(
"interfaces.inc"
);
...
...
src/www/vpn_ipsec.php
View file @
180d611a
...
...
@@ -30,7 +30,7 @@
require_once
(
"guiconfig.inc"
);
require_once
(
"filter.inc"
);
require_once
(
"ipsec.inc"
);
require_once
(
"
plugins.inc.d/
ipsec.inc"
);
require_once
(
"services.inc"
);
require_once
(
"interfaces.inc"
);
...
...
@@ -77,7 +77,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$a_phase1
=
&
$config
[
'ipsec'
][
'phase1'
];
$a_phase2
=
&
$config
[
'ipsec'
][
'phase2'
];
if
(
isset
(
$_POST
[
'apply'
]))
{
ipsec_configure
();
ipsec_configure
_do
();
filter_configure
();
$savemsg
=
get_std_save_message
();
clear_subsystem_dirty
(
'ipsec'
);
...
...
@@ -88,7 +88,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
unset
(
$config
[
'ipsec'
][
'enable'
]);
}
write_config
();
ipsec_configure
();
ipsec_configure
_do
();
filter_configure
();
clear_subsystem_dirty
(
'ipsec'
);
header
(
url_safe
(
'Location: /vpn_ipsec.php'
));
...
...
src/www/vpn_ipsec_keys.php
View file @
180d611a
...
...
@@ -28,7 +28,7 @@
*/
require_once
(
"guiconfig.inc"
);
require_once
(
"ipsec.inc"
);
require_once
(
"
plugins.inc.d/
ipsec.inc"
);
require_once
(
"filter.inc"
);
require_once
(
"services.inc"
);
require_once
(
"interfaces.inc"
);
...
...
@@ -55,7 +55,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
}
}
elseif
(
isset
(
$_POST
[
'apply'
]))
{
// apply changes
ipsec_configure
();
ipsec_configure
_do
();
filter_configure
();
$savemsg
=
get_std_save_message
();
clear_subsystem_dirty
(
'ipsec'
);
...
...
src/www/vpn_ipsec_keys_edit.php
View file @
180d611a
...
...
@@ -29,7 +29,7 @@
require_once
(
"interfaces.inc"
);
require_once
(
"guiconfig.inc"
);
require_once
(
"ipsec.inc"
);
require_once
(
"
plugins.inc.d/
ipsec.inc"
);
require_once
(
"services.inc"
);
if
(
!
isset
(
$config
[
'ipsec'
])
||
!
is_array
(
$config
[
'ipsec'
]))
{
...
...
src/www/vpn_ipsec_mobile.php
View file @
180d611a
...
...
@@ -30,7 +30,7 @@
require_once
(
"interfaces.inc"
);
require_once
(
"guiconfig.inc"
);
require_once
(
"filter.inc"
);
require_once
(
"ipsec.inc"
);
require_once
(
"
plugins.inc.d/
ipsec.inc"
);
require_once
(
"services.inc"
);
if
(
!
isset
(
$config
[
'ipsec'
])
||
!
is_array
(
$config
[
'ipsec'
]))
{
...
...
@@ -88,7 +88,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
exit
;
}
elseif
(
isset
(
$_POST
[
'apply'
]))
{
// apply changes
ipsec_configure
();
ipsec_configure
_do
();
$savemsg
=
get_std_save_message
();
clear_subsystem_dirty
(
'ipsec'
);
header
(
url_safe
(
'Location: /vpn_ipsec_mobile.php?savemsg=%s'
,
array
(
$savemsg
)));
...
...
src/www/vpn_ipsec_phase1.php
View file @
180d611a
...
...
@@ -31,7 +31,7 @@
require_once
(
"guiconfig.inc"
);
require_once
(
"filter.inc"
);
require_once
(
"ipsec.inc"
);
require_once
(
"
plugins.inc.d/
ipsec.inc"
);
require_once
(
"services.inc"
);
require_once
(
"interfaces.inc"
);
...
...
@@ -414,7 +414,6 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
}
/* if the remote gateway changed and the interface is not WAN then remove route */
/* the ipsec_configure() handles adding the route */
if
(
$pconfig
[
'interface'
]
<>
"wan"
)
{
if
(
$old_ph1ent
[
'remote-gateway'
]
<>
$pconfig
[
'remote-gateway'
])
{
mwexec
(
"/sbin/route delete -host
{
$old_ph1ent
[
'remote-gateway'
]
}
"
);
...
...
src/www/vpn_ipsec_phase2.php
View file @
180d611a
...
...
@@ -30,7 +30,7 @@
require_once
(
"guiconfig.inc"
);
require_once
(
"interfaces.inc"
);
require_once
(
"ipsec.inc"
);
require_once
(
"
plugins.inc.d/
ipsec.inc"
);
require_once
(
"services.inc"
);
/**
...
...
src/www/vpn_ipsec_settings.php
View file @
180d611a
...
...
@@ -29,7 +29,7 @@
require_once
(
"guiconfig.inc"
);
require_once
(
"filter.inc"
);
require_once
(
"ipsec.inc"
);
require_once
(
"
plugins.inc.d/
ipsec.inc"
);
require_once
(
"services.inc"
);
require_once
(
"interfaces.inc"
);
...
...
@@ -83,7 +83,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
write_config
();
$savemsg
=
get_std_save_message
();
filter_configure
();
ipsec_configure
();
ipsec_configure
_do
();
}
$service_hook
=
'ipsec'
;
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment