backport candidate:

Refuse to start with certain directory authority keys, and 
encourage people using them to stop.


svn:r11171
This commit is contained in:
Roger Dingledine 2007-08-19 02:51:54 +00:00
parent 22a9d71829
commit 96cff65f85
2 changed files with 9 additions and 0 deletions

View File

@ -28,6 +28,8 @@ Changes in version 0.2.0.5-alpha - 2007-08-19
o Minor features (security): o Minor features (security):
- Warn about unsafe ControlPort configurations. - Warn about unsafe ControlPort configurations.
- Refuse to start with certain directory authority keys, and
encourage people using them to stop.
o Minor features (controller): o Minor features (controller):
- Add a PROTOCOLINFO controller command. Like AUTHENTICATE, it - Add a PROTOCOLINFO controller command. Like AUTHENTICATE, it

View File

@ -3823,6 +3823,13 @@ parse_dir_server_line(const char *line, int validate_only)
(int)strlen(fingerprint)); (int)strlen(fingerprint));
goto err; goto err;
} }
if (!strcmp(fingerprint, "E623F7625FBE0C87820F11EC5F6D5377ED816294")) {
/* a known bad fingerprint. refuse to use it. */
log_warn(LD_CONFIG, "Dangerous dirserver line. To correct, erase your "
"torrc file (%s), or reinstall Tor and use the default torrc.",
get_torrc_fname());
goto err;
}
if (base16_decode(digest, DIGEST_LEN, fingerprint, HEX_DIGEST_LEN)<0) { if (base16_decode(digest, DIGEST_LEN, fingerprint, HEX_DIGEST_LEN)<0) {
log_warn(LD_CONFIG, "Unable to decode DirServer key digest."); log_warn(LD_CONFIG, "Unable to decode DirServer key digest.");
goto err; goto err;