Authorities reject relays running unsupported Tor release series.

Our minimum version is now 0.2.9.5-alpha.  Series 0.3.0, 0.3.1,
0.3.2, 0.3.3, and 0.3.4 are now rejected.

Also, extract this version-checking code into a new function, so we
can test it.

Closes ticket 31549.

Also reject 0.3.5.0 through 0.3.5.6-rc as unstable.

3 files changed, 49 insertions, 16 deletions

diff --git a/changes/ticket31549 b/changes/ticket31549
new file mode 100644
index 0000000000..2c27aca4fb
--- /dev/null
+++ b/changes/ticket31549
@@ -0,0 +1,4 @@
+  o Minor features (authority):
+    - Directory authorities now reject relays running all currently
+      deprecated release series.  The currently supported release series
+      are: 0.2.9, 0.3.5, 0.4.0, 0.4.1, and 0.4.2.  Closes ticket 31549.
diff --git a/src/feature/dirauth/process_descs.c b/src/feature/dirauth/process_descs.c
index e1a02179b0..74a2cde1bd 100644
--- a/src/feature/dirauth/process_descs.c
+++ b/src/feature/dirauth/process_descs.c
@@ -315,6 +315,47 @@ dirserv_would_reject_router(const routerstatus_t *rs)
   return (res & FP_REJECT) != 0;
 }
 
+/**
+ * Check whether the platform string in <b>platform</b> describes a platform
+ * that, as a directory authority, we want to reject.  If it does, return
+ * true, and set *<b>msg</b> (if present) to a rejection message.  Otherwise
+ * return false.
+ */
+STATIC bool
+dirserv_rejects_tor_version(const char *platform,
+                            const char **msg)
+{
+  if (!platform)
+    return false;
+
+  static const char please_upgrade_string[] =
+    "Tor version is insecure or unsupported. Please upgrade!";
+
+  /* Versions before Tor 0.2.9 are unsupported. Versions between 0.2.9.0 and
+   * 0.2.9.4 suffer from bug #20499, where relays don't keep their consensus
+   * up to date */
+  if (!tor_version_as_new_as(platform,"0.2.9.5-alpha")) {
+    if (msg)
+      *msg = please_upgrade_string;
+    return true;
+  }
+
+  /* Series between Tor 0.3.0 and 0.3.4 inclusive are unsupported, and some
+   * have bug #27841, which makes them broken as intro points. Reject them.
+   *
+   * Also reject unstable versions of 0.3.5, since (as of this writing)
+   * they are almost none of the network. */
+  if (tor_version_as_new_as(platform,"0.3.0.0-alpha-dev") &&
+      !tor_version_as_new_as(platform,"0.3.5.7")) {
+    if (msg) {
+      *msg = please_upgrade_string;
+    }
+    return true;
+  }
+
+  return false;
+}
+
 /** Helper: As dirserv_router_get_status, but takes the router fingerprint
  * (hex, no spaces), nickname, address (used for logging only), IP address, OR
  * port and platform (logging only) as arguments.
@@ -347,22 +388,8 @@ dirserv_get_status_impl(const char *id_digest, const char *nickname,
     }
   }
 
-  /* Versions before Tor 0.2.4.18-rc are too old to support, and are
-   * missing some important security fixes too. Disable them. */
-  if (platform && !tor_version_as_new_as(platform,"0.2.4.18-rc")) {
-    if (msg)
-      *msg = "Tor version is insecure or unsupported. Please upgrade!";
-    return FP_REJECT;
-  }
-
-  /* Tor 0.2.9.x where x<5 suffers from bug #20499, where relays don't
-   * keep their consensus up to date so they make bad guards.
-   * The simple fix is to just drop them from the network. */
-  if (platform &&
-      tor_version_as_new_as(platform,"0.2.9.0-alpha") &&
-      !tor_version_as_new_as(platform,"0.2.9.5-alpha")) {
-    if (msg)
-      *msg = "Tor version contains bug 20499. Please upgrade!";
+  /* Check whether the version is obsolete, broken, insecure, etc... */
+  if (platform && dirserv_rejects_tor_version(platform, msg)) {
     return FP_REJECT;
   }
 
diff --git a/src/feature/dirauth/process_descs.h b/src/feature/dirauth/process_descs.h
index 1d4085b091..0203cebfa9 100644
--- a/src/feature/dirauth/process_descs.h
+++ b/src/feature/dirauth/process_descs.h
@@ -38,6 +38,8 @@ int dirserv_would_reject_router(const routerstatus_t *rs);
 
 #ifdef TOR_UNIT_TESTS
 STATIC int dirserv_router_has_valid_address(routerinfo_t *ri);
+STATIC bool dirserv_rejects_tor_version(const char *platform,
+                                        const char **msg);
 #endif /* defined(TOR_UNIT_TESTS) */
 
 #endif /* !defined(TOR_RECV_UPLOADS_H) */