diff options
| author | Roger Dingledine <arma@torproject.org> | 2007-08-19 02:51:54 +0000 |
|---|---|---|
| committer | Roger Dingledine <arma@torproject.org> | 2007-08-19 02:51:54 +0000 |
| commit | 96cff65f855f67ad216590620e1442ffee608f80 (patch) | |
| tree | 12c2380a9d27eb6d6c57a5c7047db7a10138552d | |
| parent | 22a9d71829ed0978475a920fd8b346397f2096ad (diff) | |
| download | tor-96cff65f855f67ad216590620e1442ffee608f80.tar.gz tor-96cff65f855f67ad216590620e1442ffee608f80.zip | |
backport candidate:
Refuse to start with certain directory authority keys, and
encourage people using them to stop.
svn:r11171
| -rw-r--r-- | ChangeLog | 2 | ||||
| -rw-r--r-- | src/or/config.c | 7 |
2 files changed, 9 insertions, 0 deletions
@@ -28,6 +28,8 @@ Changes in version 0.2.0.5-alpha - 2007-08-19 o Minor features (security): - Warn about unsafe ControlPort configurations. + - Refuse to start with certain directory authority keys, and + encourage people using them to stop. o Minor features (controller): - Add a PROTOCOLINFO controller command. Like AUTHENTICATE, it diff --git a/src/or/config.c b/src/or/config.c index e76db2cfdb..048266f456 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -3823,6 +3823,13 @@ parse_dir_server_line(const char *line, int validate_only) (int)strlen(fingerprint)); goto err; } + if (!strcmp(fingerprint, "E623F7625FBE0C87820F11EC5F6D5377ED816294")) { + /* a known bad fingerprint. refuse to use it. */ + log_warn(LD_CONFIG, "Dangerous dirserver line. To correct, erase your " + "torrc file (%s), or reinstall Tor and use the default torrc.", + get_torrc_fname()); + goto err; + } if (base16_decode(digest, DIGEST_LEN, fingerprint, HEX_DIGEST_LEN)<0) { log_warn(LD_CONFIG, "Unable to decode DirServer key digest."); goto err; |