NeXT Computers Forum Index NeXT Computers
www.NeXTComputers.org
 
Log in to check your private messagesLog in to check your private messages

Log inLog in  RegisterRegister


Profile  Search  Memberlist  FAQ  Usergroups
Building openssl-1.0.2k on openstep42 on black and white

 
Post new topic   Reply to topic    NeXT Computers Forum Index -> NeXT Work Logs
View previous topic :: View next topic  
Author Message
rooprob



Joined: 20 Sep 2016
Posts: 15
Location: Auckland, New Zealand

PostPosted: Mon May 15, 2017 1:42 am    Post subject: Building openssl-1.0.2k on openstep42 on black and white Reply with quote

Almost success!
I'm writing this as an effort to rubber duck any thoughts to myself before putting this away.

I've been on a quest to update a few packages: Something like this:

openstep 4.2 on NeXTStation Turbo.
openstep 4.2 on virtualbox on an i7

So far..
    openssl 1.0.2k (gets TLS1.2)
    curl-7.54
    stunnel 4.57
    zlib-1.2.11


Ancillary extras
    - snprintf-2.1 for vsnprinf and family
    - putenv/getenv
    - tcsetattr/getattr
    - dirname
    - uname

So, the good:

$ uname -a
OPENSTEP os42comp1 4.2 NeXT Mach 4.2: Tue Jan 26 11:21:50 PST 1999; root(rcbuilder):Objects/mk-183.34.4.obj~2/RELEASE_I386 I386 Intel 486

$ openssl version
OpenSSL 1.0.2k 26 Jan 2017

$ stunnel -version
stunnel 4.57 on i386-next-openstep4 platform
Compiled/running with OpenSSL 1.0.2k 26 Jan 2017
Threading:FORK Sockets:SELECT,IPv4 SSL:ENGINE,OCSP,FIPS

$ curl --version
curl 7.54.0 (i386-next-openstep4) libcurl/7.54.0 OpenSSL/1.0.2k zlib/1.2.11
Protocols: dict file ftp ftps gopher http https imap imaps pop3 pop3s rtsp smb smbs smtp smtps telnet tftp
Features: NTLM NTLM_WB SSL libz TLS-SRP UnixSockets HTTPS-proxy

$ openssl s_client -connect openssl.org:443 -CAfile /usr/local/etc/ssl/certs/cacert.pem

Code:
subject=/OU=Domain Control Validated/CN=*.openssl.org
issuer=/C=BE/O=GlobalSign nv-sa/CN=GlobalSign Domain Validation CA - SHA256 - G2
---
No client certificate CA names sent
Peer signing digest: SHA512
Server Temp Key: ECDH, P-256, 256 bits
---
SSL handshake has read 3094 bytes and written 433 bytes

SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : ECDHE-RSA-AES256-GCM-SHA384
    Session-ID: C3B8451A5991DBAC0FAA17DE9F55DE05A8476BC0ED3261E63456B67E1CFD6798
    Session-ID-ctx:
    Master-Key: 3D0425708B074E5931F7EBF4FD4F0249F681F109E6BE486E93DCCA7A82CE747F3E96637C5E2A3CD7C3F9922911343ED6


Yay. Onto the NeXT Station.

$ uname -a
OPENSTEP next 4.2 NeXT Mach 4.2: Tue Jan 26 11:23:59 PST 1999; root(rcbuilder):Objects/mk-183.34.4.obj~2/RELEASE_M68K MC680x0 68040

$ openssl version
OpenSSL 1.0.2k 26 Jan 2017

$ stunnel -version
stunnel 4.57 on m68k-next-openstep4 platform
Compiled/running with OpenSSL 1.0.2k 26 Jan 2017
Threading:FORK Sockets:SELECT,IPv

Now the problem: While the NeXT engages with the TLS service, it throws out a

verify error:num=7:certificate signature failure
84633024:error:04091064:rsa routines:INT_RSA_VERIFY:algorithm mismatch:rsa_sign.c:263:
84633024:error:1408D07B:SSL routines:ssl3_get_key_exchange:bad signature:s3_clnt.c:2032:



Weirdly, it passes it's test suite (a good hour run of it)! I haven't looked too closely for tests particular to rsa though.

So works on i386, but not on the venerable m68k Sad Stunnel is sad. Self generated certs don't validate. I messed up something inside openssl.


Code:
subject=/OU=Domain Control Validated/CN=*.openssl.org
issuer=/C=BE/O=GlobalSign nv-sa/CN=GlobalSign Domain Validation CA - SHA256 - G2
---
No client certificate CA names sent
Peer signing digest: SHA512
Server Temp Key: ECDH, P-256, 256 bits
---
SSL handshake has read 2827 bytes and written 7 bytes
---
New, (NONE), Cipher is (NONE)
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : 0000
    Session-ID:
    Session-ID-ctx:
    Master-Key:



PS black system has been rock solid, compiling away for days without a system fault or burning out a cap.
Back to top
View user's profile Send private message
rooprob



Joined: 20 Sep 2016
Posts: 15
Location: Auckland, New Zealand

PostPosted: Tue May 16, 2017 4:07 am    Post subject: Reply with quote

Hmm... The I replaced the old openssl-098za package and stunnel 4.25 packages back (noticing the openssl package also contains zlib 1.2.8.

stunnel is back working again, so I can pick up my mail.

openssl command line fails various cert operations - which write and read files - with the same error I was getting with my new 1.0.2k build Sad

First question I have to rule out is : Does the openssl-0.9.8 package listed here actually work on anyone's m68k NeXT machine?

https://drive.google.com/drive/u/0/folders/0B0gDYBETjc4WN083TUFGWkZHWUk

By "work", I mean can you generate a self-signed certificate in separate commands as shown here, taken from this SO post:

http://stackoverflow.com/questions/10175812/how-to-create-a-self-signed-certificate-with-openssl

# separately
openssl req -new > cert.csr
openssl rsa -in privkey.pem -out key.pem
openssl x509 -in cert.csr -out cert.pem -req -signkey key.pem -days 1001
Signature did not match the certificate request

it should say
openssl x509 -in cert.csr -out cert.pem -req -signkey key.pem -days 1001
Signature ok
subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd
Getting Private key


The one liner works (all versions, all platforms), which encourages me the openssl library is ok, just not the bits which writes, or probably "reads" key matterial from disk on the m68k box, which is big endian after all.

# in a single command
openssl req -x509 -newkey rsa:2048 -keyout self-signed-key.pem -out self-signed-cert.pem -days 365
Back to top
View user's profile Send private message
rooprob



Joined: 20 Sep 2016
Posts: 15
Location: Auckland, New Zealand

PostPosted: Thu Oct 19, 2017 1:32 am    Post subject: Reply with quote

A small incremental update for my personal work log: openssl-1.0.2l buit on egcs-2.91.66.

This is important to me because it's the first build I'm doing with a slightly more modern compiler, which includes the m68k cross compile. In my earlier post, I found I could build on x86 fine, but that the build wouldn't work correctly on m68k. With the cross compiler working, I can iterate faster on a i7 virtualbox OS42 deploy than on my blackbox. Fingers crossed I can get the blackbox running TLS1.2 real soon now.

Code:

me@os42comp1:~ $ gcc --version
egcs-2.91.66
me@os42comp1:~ $ hostinfo
Mach kernel version:
         NeXT Mach 4.2: Tue Jan 26 11:21:50 PST 1999; root(rcbuilder):Objects/mk-183.34.4.obj~2/RELEASE_I386

Kernel configured for a single processor only.
1 processor is physically available.
Processor type: I386 (Intel 486)
Processor active: 0
Primary memory available: 128.00 megabytes.
Default processor set: 45 tasks, 93 threads, 1 processors
Load average: 0.04, Mach factor: 0.95

me@os42comp1:~ $ openssl version
OpenSSL 1.0.2l  25 May 2017
me@os42comp1:~ $ echo  | openssl s_client -connect www.ssllabs.com:443  -CAfile /usr/local/etc/ssl/certs/cacert.pem -tls1_2
CONNECTED(00000003)
depth=3 C = US, O = "Entrust, Inc.", OU = www.entrust.net/CPS is incorporated by reference, OU = "(c) 2006 Entrust, Inc.", CN = Entrust Root Certification Authority
verify return:1
depth=2 C = US, O = "Entrust, Inc.", OU = See www.entrust.net/legal-terms, OU = "(c) 2009 Entrust, Inc. - for authorized use only", CN = Entrust Root Certification Authority - G2
verify return:1
depth=1 C = US, O = "Entrust, Inc.", OU = See www.entrust.net/legal-terms, OU = "(c) 2012 Entrust, Inc. - for authorized use only", CN = Entrust Certification Authority - L1K
verify return:1
depth=0 C = US, ST = California, L = Redwood City, O = "Qualys, Inc.", CN = ssllabs.com
verify return:1
---
Certificate chain
 0 s:/C=US/ST=California/L=Redwood City/O=Qualys, Inc./CN=ssllabs.com
   i:/C=US/O=Entrust, Inc./OU=See www.entrust.net/legal-terms/OU=(c) 2012 Entrust, Inc. - for authorized use only/CN=Entrust Certification Authority - L1K
 1 s:/C=US/O=Entrust, Inc./OU=See www.entrust.net/legal-terms/OU=(c) 2012 Entrust, Inc. - for authorized use only/CN=Entrust Certification Authority - L1K
   i:/C=US/O=Entrust, Inc./OU=See www.entrust.net/legal-terms/OU=(c) 2009 Entrust, Inc. - for authorized use only/CN=Entrust Root Certification Authority - G2
 2 s:/C=US/O=Entrust, Inc./OU=See www.entrust.net/legal-terms/OU=(c) 2009 Entrust, Inc. - for authorized use only/CN=Entrust Root Certification Authority - G2
   i:/C=US/O=Entrust, Inc./OU=www.entrust.net/CPS is incorporated by reference/OU=(c) 2006 Entrust, Inc./CN=Entrust Root Certification Authority
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIEUNNZ8DANBgkqhkiG9w0BAQsFADCBujELMAkGA1UEBhMC
VVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsTH1NlZSB3d3cuZW50
cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAyMDEyIEVudHJ1c3Qs
IEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTEuMCwGA1UEAxMlRW50cnVz
dCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEwxSzAeFw0xNTAyMjIxMjE2NDFa
Fw0xODA1MjIyMzAwMDJaMGYxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9y
bmlhMRUwEwYDVQQHEwxSZWR3b29kIENpdHkxFTATBgNVBAoTDFF1YWx5cywgSW5j
LjEUMBIGA1UEAxMLc3NsbGFicy5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
ggEKAoIBAQCvqE2iGcksUERogopamWy4z/3FuVZUq5JXuFVOTvuoG5Vpq7s/HLTI
MD1V0mNpOIwRvz38oxioxZnKEBqKP0MCpkudDY/qm4FM59wwGgZ3Hmg7B4ncW/b2
m8drnMWeHAFomrfYAOWQYLNkjcd6lWnsGE80VIPnTasOlbiTN6MhherFcTXixonJ
lcplU8Q03ewYG2Gw/0ilGNf087pSS0MAeR2NZtbzZsX09D0InOfmMtMH7+3RMvxO
ACmdrpDGIKAqYmjzfDeGOtv7Xm7Rb27WLBf08gFyYgICw5b/oNyBhy9ghPRno/VN
odpT488xLrE0DY5I+YGn5PVGv7xkVGGVAgMBAAGjggGOMIIBijALBgNVHQ8EBAMC
BaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMDMGA1UdHwQsMCowKKAm
oCSGImh0dHA6Ly9jcmwuZW50cnVzdC5uZXQvbGV2ZWwxay5jcmwwSwYDVR0gBEQw
QjA2BgpghkgBhvpsCgEFMCgwJgYIKwYBBQUHAgEWGmh0dHA6Ly93d3cuZW50cnVz
dC5uZXQvcnBhMAgGBmeBDAECAjBoBggrBgEFBQcBAQRcMFowIwYIKwYBBQUHMAGG
F2h0dHA6Ly9vY3NwLmVudHJ1c3QubmV0MDMGCCsGAQUFBzAChidodHRwOi8vYWlh
LmVudHJ1c3QubmV0L2wxay1jaGFpbjI1Ni5jZXIwJQYDVR0RBB4wHIILc3NsbGFi
cy5jb22CDSouc3NsbGFicy5jb20wHwYDVR0jBBgwFoAUgqJwdN28Uz/Pe9T3zX+n
YMYKTL8wHQYDVR0OBBYEFLj8+Lbi3jpOau/zmnm3TSQhbhJiMAkGA1UdEwQCMAAw
DQYJKoZIhvcNAQELBQADggEBAKqkMEMLXD1KZK5b6r7szq/Y7HevB4uhjzbnl73L
iqBLOri1CtIT/dRcc2LQYRsf7t3RZSWa7uMy/J/DCsXPVeXQUQZ6/dKlJw3M9tct
YcxYq9Hva35pHVLb4x775yjXFgNiLWuJN4ZNis0AxYffKWXNpgIAPU4yVO2LTEI5
3ms8L/x9Fq9d8jMPYQRe+NP28sy8+PZpGbUzZ4AV5Kym60q3B4nQxuE21Tgrwmqa
7rR6zvqzFyAYNT/QYO4OgjrhzbI7ORX055laVh8kv2DrH4YOulKQKC+2HX/+e4WF
zhFqtJc5U1Va7L1iotMeMDL60o13BBnKZlsPQJeECjl9ZGQ=
-----END CERTIFICATE-----
subject=/C=US/ST=California/L=Redwood City/O=Qualys, Inc./CN=ssllabs.com
issuer=/C=US/O=Entrust, Inc./OU=See www.entrust.net/legal-terms/OU=(c) 2012 Entrust, Inc. - for authorized use only/CN=Entrust Certification Authority - L1K
---
No client certificate CA names sent
Peer signing digest: SHA512
Server Temp Key: ECDH, P-256, 256 bits
---
SSL handshake has read 4414 bytes and written 433 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES128-GCM-SHA256
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : ECDHE-RSA-AES128-GCM-SHA256
    Session-ID: 41A00F894E9819D95E887F3BEBCB7352B7A8F89D691B7DE93EECB386711CE54F
    Session-ID-ctx:
    Master-Key: 3A7011D9BDF9374CDEE974BA4CEAE43A6639207D3949FB94EE66640CC9B5E1BD6CEF0229DB12D3FD47B62964FA88B4D7
    Key-Arg   : None
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    Start Time: 1508284442
    Timeout   : 7200 (sec)
    Verify return code: 0 (ok)
---
DONE

_________________
:O2: r12 400 mapleleaf :Indigo2IMP: r10 195 IRIS :Cube: NeXT
New Zealand
Back to top
View user's profile Send private message
rooprob



Joined: 20 Sep 2016
Posts: 15
Location: Auckland, New Zealand

PostPosted: Thu Oct 19, 2017 2:12 am    Post subject: Reply with quote

Grr. Still not happy on the blackbox..

Doesn't seem to like one of the certificates in the chain.

Code:

$ hostinfo
Mach kernel version:
         NeXT Mach 4.2: Tue Jan 26 11:23:59 PST 1999; root(rcbuilder):Objects/mk-183.34.4.obj~2/RELEASE_M68K

Kernel configured for a single processor only.
1 processor is physically available.
Processor type: MC680x0 (68040)
Processor speed: 33 MHz
Processor active: 0
System type: 4
Board revision: 0xf
Primary memory available: 128.00 megabytes.
Default processor set: 44 tasks, 76 threads, 1 processors
Load average: 0.00, Mach factor: 0.99

$ openssl version
OpenSSL 1.0.2l  25 May 2017

$  echo  | openssl s_client -connect www.ssllabs.com:443  -CAfile /usr/local/etc/ssl/certs/cacert.pem -tls1_2
CONNECTED(00000003)
depth=3 C = US, O = "Entrust, Inc.", OU = www.entrust.net/CPS is incorporated by reference, OU = "(c) 2006 Entrust, Inc.", CN = Entrust Root Certification Authority
verify return:1
depth=2 C = US, O = "Entrust, Inc.", OU = See www.entrust.net/legal-terms, OU = "(c) 2009 Entrust, Inc. - for authorized use only", CN = Entrust Root Certification Authority - G2
verify error:num=7:certificate signature failure
84633024:error:04091064:rsa routines:INT_RSA_VERIFY:algorithm mismatch:rsa_sign.c:263:
84633024:error:1408D07B:SSL routines:ssl3_get_key_exchange:bad signature:s3_clnt.c:2038:
---
Certificate chain
 0 s:/C=US/ST=California/L=Redwood City/O=Qualys, Inc./CN=ssllabs.com
   i:/C=US/O=Entrust, Inc./OU=See www.entrust.net/legal-terms/OU=(c) 2012 Entrust, Inc. - for authorized use only/CN=Entrust Certification Authority - L1K
 1 s:/C=US/O=Entrust, Inc./OU=See www.entrust.net/legal-terms/OU=(c) 2012 Entrust, Inc. - for authorized use only/CN=Entrust Certification Authority - L1K
   i:/C=US/O=Entrust, Inc./OU=See www.entrust.net/legal-terms/OU=(c) 2009 Entrust, Inc. - for authorized use only/CN=Entrust Root Certification Authority - G2
 2 s:/C=US/O=Entrust, Inc./OU=See www.entrust.net/legal-terms/OU=(c) 2009 Entrust, Inc. - for authorized use only/CN=Entrust Root Certification Authority - G2
   i:/C=US/O=Entrust, Inc./OU=www.entrust.net/CPS is incorporated by reference/OU=(c) 2006 Entrust, Inc./CN=Entrust Root Certification Authority
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIEUNNZ8DANBgkqhkiG9w0BAQsFADCBujELMAkGA1UEBhMC
VVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsTH1NlZSB3d3cuZW50
cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAyMDEyIEVudHJ1c3Qs
IEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTEuMCwGA1UEAxMlRW50cnVz
dCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEwxSzAeFw0xNTAyMjIxMjE2NDFa
Fw0xODA1MjIyMzAwMDJaMGYxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9y
bmlhMRUwEwYDVQQHEwxSZWR3b29kIENpdHkxFTATBgNVBAoTDFF1YWx5cywgSW5j
LjEUMBIGA1UEAxMLc3NsbGFicy5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
ggEKAoIBAQCvqE2iGcksUERogopamWy4z/3FuVZUq5JXuFVOTvuoG5Vpq7s/HLTI
MD1V0mNpOIwRvz38oxioxZnKEBqKP0MCpkudDY/qm4FM59wwGgZ3Hmg7B4ncW/b2
m8drnMWeHAFomrfYAOWQYLNkjcd6lWnsGE80VIPnTasOlbiTN6MhherFcTXixonJ
lcplU8Q03ewYG2Gw/0ilGNf087pSS0MAeR2NZtbzZsX09D0InOfmMtMH7+3RMvxO
ACmdrpDGIKAqYmjzfDeGOtv7Xm7Rb27WLBf08gFyYgICw5b/oNyBhy9ghPRno/VN
odpT488xLrE0DY5I+YGn5PVGv7xkVGGVAgMBAAGjggGOMIIBijALBgNVHQ8EBAMC
BaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMDMGA1UdHwQsMCowKKAm
oCSGImh0dHA6Ly9jcmwuZW50cnVzdC5uZXQvbGV2ZWwxay5jcmwwSwYDVR0gBEQw
QjA2BgpghkgBhvpsCgEFMCgwJgYIKwYBBQUHAgEWGmh0dHA6Ly93d3cuZW50cnVz
dC5uZXQvcnBhMAgGBmeBDAECAjBoBggrBgEFBQcBAQRcMFowIwYIKwYBBQUHMAGG
F2h0dHA6Ly9vY3NwLmVudHJ1c3QubmV0MDMGCCsGAQUFBzAChidodHRwOi8vYWlh
LmVudHJ1c3QubmV0L2wxay1jaGFpbjI1Ni5jZXIwJQYDVR0RBB4wHIILc3NsbGFi
cy5jb22CDSouc3NsbGFicy5jb20wHwYDVR0jBBgwFoAUgqJwdN28Uz/Pe9T3zX+n
YMYKTL8wHQYDVR0OBBYEFLj8+Lbi3jpOau/zmnm3TSQhbhJiMAkGA1UdEwQCMAAw
DQYJKoZIhvcNAQELBQADggEBAKqkMEMLXD1KZK5b6r7szq/Y7HevB4uhjzbnl73L
iqBLOri1CtIT/dRcc2LQYRsf7t3RZSWa7uMy/J/DCsXPVeXQUQZ6/dKlJw3M9tct
YcxYq9Hva35pHVLb4x775yjXFgNiLWuJN4ZNis0AxYffKWXNpgIAPU4yVO2LTEI5
3ms8L/x9Fq9d8jMPYQRe+NP28sy8+PZpGbUzZ4AV5Kym60q3B4nQxuE21Tgrwmqa
7rR6zvqzFyAYNT/QYO4OgjrhzbI7ORX055laVh8kv2DrH4YOulKQKC+2HX/+e4WF
zhFqtJc5U1Va7L1iotMeMDL60o13BBnKZlsPQJeECjl9ZGQ=
-----END CERTIFICATE-----
subject=/C=US/ST=California/L=Redwood City/O=Qualys, Inc./CN=ssllabs.com
issuer=/C=US/O=Entrust, Inc./OU=See www.entrust.net/legal-terms/OU=(c) 2012 Entrust, Inc. - for authorized use only/CN=Entrust Certification Authority - L1K
---
No client certificate CA names sent
Peer signing digest: SHA512
Server Temp Key: ECDH, P-256, 256 bits
---
SSL handshake has read 4354 bytes and written 7 bytes
---
New, (NONE), Cipher is (NONE)
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : 0000
    Session-ID: 6EECB136D6502B57238C6D3CC52BB499005F0DA3C86E2134CC95162A8182A770
    Session-ID-ctx:
    Master-Key:
    Key-Arg   : None
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    Start Time: 1508404053
    Timeout   : 7200 (sec)
    Verify return code: 7 (certificate signature failure)
---


_________________
:O2: r12 400 mapleleaf :Indigo2IMP: r10 195 IRIS :Cube: NeXT
New Zealand
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    NeXT Computers Forum Index -> NeXT Work Logs All times are GMT - 7 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



Powered by phpBB © 2017 phpBB Group