From 9504fabb02788bde6bd698fb2a148f25330dc021 Mon Sep 17 00:00:00 2001 From: Fernando Fernandez Mancera Date: Thu, 5 Apr 2018 16:19:40 +0200 Subject: [PATCH 1/2] Enable DISABLE_DISABLING_ED25519. We are going to stop recommending 0.2.5 so there is no reason to keep the undef statement anymore. Fixes #20522. Signed-off-by: Fernando Fernandez Mancera --- src/or/dirserv.c | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/src/or/dirserv.c b/src/or/dirserv.c index 68727f071..b3aaa25bf 100644 --- a/src/or/dirserv.c +++ b/src/or/dirserv.c @@ -259,11 +259,12 @@ dirserv_load_fingerprint_file(void) * identity to stop doing so. This is going to be essential for good identity * security: otherwise anybody who can attack RSA-1024 but not Ed25519 could * just sign fake descriptors missing the Ed25519 key. But we won't actually - * be able to prevent that kind of thing until we're confident that there - * isn't actually a legit reason to downgrade to 0.2.5. So for now, we have - * to leave this #undef. + * be able to prevent that kind of thing until we're confident that there isn't + * actually a legit reason to downgrade to 0.2.5. Now we are not recommending + * 0.2.5 anymore so there is no reason to keep the #undef. */ -#undef DISABLE_DISABLING_ED25519 + +#define DISABLE_DISABLING_ED25519 /** Check whether router has a nickname/identity key combination that * we recognize from the fingerprint list, or an IP we automatically act on From 6ed2ad0f0031f011591837a44533d5b196a51e37 Mon Sep 17 00:00:00 2001 From: Fernando Fernandez Mancera Date: Mon, 16 Apr 2018 12:41:22 +0200 Subject: [PATCH 2/2] Add the change file of #20522. Signed-off-by: Fernando Fernandez Mancera --- changes/ticket20522 | 6 ++++++ 1 file changed, 6 insertions(+) create mode 100644 changes/ticket20522 diff --git a/changes/ticket20522 b/changes/ticket20522 new file mode 100644 index 000000000..a5e6718e1 --- /dev/null +++ b/changes/ticket20522 @@ -0,0 +1,6 @@ + o Deprecated features: + - As we are not recommending 0.2.5 anymore we require relays that once had + an ed25519 key associated with their RSA key to always have that key + instead of allowing them to drop back to a version that didn't support + ed25519. This means they need to use a new RSA key if the want to + downgrade to an older version of tor without ed25519. Closes ticket 20522.