diff options
| author | Nick Mathewson <nickm@torproject.org> | 2016-08-29 15:02:11 -0400 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2016-08-29 15:02:11 -0400 |
| commit | bbaa7d09a045130560a2f5da579671c5e02c9cd7 (patch) | |
| tree | 232540453f40eb00b2dc0492b236967f383627e8 /src/or/dirserv.c | |
| parent | f46ce6e3d8bea3cf00388c87c29cdcafd4bab350 (diff) | |
| parent | 19816f2f782568722964d35ee132af441a809db3 (diff) | |
| download | tor-bbaa7d09a045130560a2f5da579671c5e02c9cd7.tar.gz tor-bbaa7d09a045130560a2f5da579671c5e02c9cd7.zip | |
Merge remote-tracking branch 'teor/reject-tap-v6'
Diffstat (limited to 'src/or/dirserv.c')
| -rw-r--r-- | src/or/dirserv.c | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/src/or/dirserv.c b/src/or/dirserv.c index 64ebde6fdd..ff50ca4417 100644 --- a/src/or/dirserv.c +++ b/src/or/dirserv.c @@ -255,6 +255,20 @@ dirserv_router_get_status(const routerinfo_t *router, const char **msg, return FP_REJECT; } + /* dirserv_get_status_impl already rejects versions older than 0.2.4.18-rc, + * and onion_curve25519_pkey was introduced in 0.2.4.8-alpha. + * But just in case a relay doesn't provide or lies about its version, or + * doesn't include an ntor key in its descriptor, check that it exists, + * and is non-zero (clients check that it's non-zero before using it). */ + if (!routerinfo_has_curve25519_onion_key(router)) { + log_fn(severity, LD_DIR, + "Descriptor from router %s is missing an ntor curve25519 onion " + "key.", router_describe(router)); + if (msg) + *msg = "Missing ntor curve25519 onion key. Please upgrade!"; + return FP_REJECT; + } + if (router->cache_info.signing_key_cert) { /* This has an ed25519 identity key. */ if (KEYPIN_MISMATCH == |