backport r11171

svn:r11173

2 files changed, 9 insertions, 0 deletions

diff --git a/ChangeLog b/ChangeLog
index f57e5accf6..b00813c4ea 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -32,6 +32,8 @@ Changes in version 0.1.2.17 - 2007-08-xx
       where no controller could authenticate. Now we exit.
     - If we require CookieAuthentication, stop generating a new cookie
       every time we change any piece of our config.
+    - Refuse to start with certain directory authority keys, and
+      encourage people using them to stop.
     - Terminate multi-line control events properly. Original patch
       from tup.
 
diff --git a/src/or/config.c b/src/or/config.c
index fcd0430cfe..7b7c456d63 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -3470,6 +3470,13 @@ parse_dir_server_line(const char *line, int validate_only)
     log_warn(LD_CONFIG, "Key digest for DirServer is wrong length.");
     goto err;
   }
+  if (!strcmp(fingerprint, "E623F7625FBE0C87820F11EC5F6D5377ED816294")) {
+    /* a known bad fingerprint. refuse to use it. */
+    log_warn(LD_CONFIG, "Dangerous dirserver line. To correct, erase your "
+             "torrc file (%s), or reinstall Tor and use the default torrc.",
+             get_torrc_fname());
+    goto err;
+  }
   if (base16_decode(digest, DIGEST_LEN, fingerprint, HEX_DIGEST_LEN)<0) {
     log_warn(LD_CONFIG, "Unable to decode DirServer key digest.");
     goto err;