diff options
author | Peter Palfrader <peter@palfrader.org> | 2008-05-13 17:03:44 +0000 |
---|---|---|
committer | Peter Palfrader <peter@palfrader.org> | 2008-05-13 17:03:44 +0000 |
commit | 5b3efdbec3096396ddc0cdc706b86a2ef0643e14 (patch) | |
tree | 5c46225a93b961ff26859d58b0e80212893aef2c /debian | |
parent | 9b87cfbdf8e3eb760d4db80e2edece321a125254 (diff) | |
download | tor-5b3efdbec3096396ddc0cdc706b86a2ef0643e14.tar.gz tor-5b3efdbec3096396ddc0cdc706b86a2ef0643e14.zip |
* New upstream version.
* Conflict with old libssls.
* On upgrading from versions prior to, including, 0.1.2.19-2, or
from versions later than 0.2.0 and prior to 0.2.0.26-rc do the
following, and if we are a server (we have a /var/lib/tor/keys
directory)
- move /var/lib/tor/keys/secret_onion_key out of the way.
- move /var/lib/tor/keys/secret_onion_key.old out of the way.
- move /var/lib/tor/keys/secret_id_key out of the way if it was
created on or after 2006-09-17, which is the day the bad
libssl was uploaded to Debian unstable.
* Add a NEWS file explaining this change.
svn:r14607
Diffstat (limited to 'debian')
-rw-r--r-- | debian/changelog | 17 | ||||
-rw-r--r-- | debian/control | 1 | ||||
-rw-r--r-- | debian/tor.NEWS | 16 | ||||
-rw-r--r-- | debian/tor.postinst | 65 |
4 files changed, 99 insertions, 0 deletions
diff --git a/debian/changelog b/debian/changelog index ab2bafcba2..9d21521db4 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,20 @@ +tor (0.2.0.26-rc-1) experimental; urgency=critical + + * New upstream version. + * Conflict with old libssls. + * On upgrading from versions prior to, including, 0.1.2.19-2, or + from versions later than 0.2.0 and prior to 0.2.0.26-rc do the + following, and if we are a server (we have a /var/lib/tor/keys + directory) + - move /var/lib/tor/keys/secret_onion_key out of the way. + - move /var/lib/tor/keys/secret_onion_key.old out of the way. + - move /var/lib/tor/keys/secret_id_key out of the way if it was + created on or after 2006-09-17, which is the day the bad + libssl was uploaded to Debian unstable. + * Add a NEWS file explaining this change. + + -- Peter Palfrader <weasel@debian.org> Tue, 13 May 2008 16:11:21 +0200 + tor (0.2.0.24-rc-1) experimental; urgency=low * New upstream version. diff --git a/debian/control b/debian/control index 5d54a40e0e..c53e254d36 100644 --- a/debian/control +++ b/debian/control @@ -8,6 +8,7 @@ Standards-Version: 3.7.2 Package: tor Architecture: any Depends: ${shlibs:Depends}, adduser, tsocks +Conflicts: libssl0.9.8 (<< 0.9.8g-9) Recommends: privoxy | polipo (>= 1), socat, logrotate Suggests: mixmaster, mixminion, anon-proxy Description: anonymizing overlay network for TCP diff --git a/debian/tor.NEWS b/debian/tor.NEWS new file mode 100644 index 0000000000..18860ccaae --- /dev/null +++ b/debian/tor.NEWS @@ -0,0 +1,16 @@ +tor (0.2.0.26-rc-1) experimental; urgency=critical + + * weak cryptographic keys + + It has been discovered that the random number generator in Debian's + openssl package is predictable. This is caused by an incorrect + Debian-specific change to the openssl package (CVE-2008-0166). As a + result, cryptographic key material may be guessable. + + See Debian Security Advisory number 1571 (DSA-1571) for more information: + http://lists.debian.org/debian-security-announce/2008/msg00152.html + + If you run a Tor server using this package please see + /var/lib/tor/keys/moved-away-by-tor-package/README.REALLY + + -- Peter Palfrader <weasel@debian.org> Tue, 13 May 2008 12:49:05 +0200 diff --git a/debian/tor.postinst b/debian/tor.postinst index 7d607b6e68..29d0984298 100644 --- a/debian/tor.postinst +++ b/debian/tor.postinst @@ -51,6 +51,71 @@ find /var/log/tor \( \( ! -user debian-tor \) -o \( ! -group adm \) \) -print0 | find /var/log/tor -type d -print0 | xargs -0 --no-run-if-empty chmod 02750 find /var/log/tor -type f -print0 | xargs -0 --no-run-if-empty chmod 00640 + +move_away_keys=0 + +if [ "$1" = "configure" ] && + [ -e /var/lib/tor/keys ] && + [ ! -z "$2" ]; then + if dpkg --compare-versions "$2" lt 0.1.2.19-2; then + move_away_keys=1 + elif dpkg --compare-versions "$2" gt 0.2.0 && + dpkg --compare-versions "$2" lt 0.2.0.26-rc; then + move_away_keys=1 + fi +fi +if [ "$move_away_keys" = "1" ]; then + echo "Retiring possibly compromised keys. See /usr/share/doc/tor/NEWS.Debian.gz" + echo "and /var/lib/tor/keys/moved-away-by-tor-package/README.REALLY for" + echo "further information." + if ! [ -d /var/lib/tor/keys/moved-away-by-tor-package ]; then + mkdir /var/lib/tor/keys/moved-away-by-tor-package + cat > /var/lib/tor/keys/moved-away-by-tor-package/README.REALLY << EOF +It has been discovered that the random number generator in Debian's +openssl package is predictable. This is caused by an incorrect +Debian-specific change to the openssl package (CVE-2008-0166). As a +result, cryptographic key material may be guessable. + +See Debian Security Advisory number 1571 (DSA-1571) for more information: +http://lists.debian.org/debian-security-announce/2008/msg00152.html + +The Debian package for Tor has moved away the onion keys upon package +upgrade, and it will have moved away your identity key if it was created +in the affected timeframe. There is no sure way to automatically tell +if your key was created with an affected openssl library, so this move +is done unconditionally. + +If you have restarted Tor since this change (and the package probably +did that for you already unless you configured your system differently) +then the Tor daemon already created new keys for itself and in all +likelyhood is already working just fine with new keys. + +If you are absolutely certain that your identity key was created with +a non-affected version of openssl and for some reason you have to retain +the old identity, then you can move back the copy of secret_id_key to +/var/lib/tor/keys. Do not move back the onion keys, they were created +only recently since they are temporary keys with a lifetime of only a few +days anyway. + +Sincerely, +Peter Palfrader, Tue, 13 May 2008 13:32:23 +0200 +EOF + fi + for f in secret_onion_key secret_onion_key.old; do + if [ -e /var/lib/tor/keys/"$f" ]; then + mv -v /var/lib/tor/keys/"$f" /var/lib/tor/keys/moved-away-by-tor-package/"$f" + fi + done + if [ -e /var/lib/tor/keys/secret_id_key ]; then + id_mtime=`/usr/bin/stat -c %Y /var/lib/tor/keys/secret_id_key` + sept=`date -d '2006-09-10' +%s` + if [ "$id_mtime" -gt "$sept" ] ; then + mv -v /var/lib/tor/keys/secret_id_key /var/lib/tor/keys/moved-away-by-tor-package/secret_id_key + fi + fi +fi + + #DEBHELPER# exit 0 |