Provide dire warnings to any users who set DirServer; move it out of torrc.sample and into torrc.complete.

svn:r5132

3 files changed, 15 insertions, 15 deletions

diff --git a/src/config/torrc.complete.in b/src/config/torrc.complete.in
index 26b3d92e9e..c382f95d32 100644
--- a/src/config/torrc.complete.in
+++ b/src/config/torrc.complete.in
@@ -66,12 +66,20 @@
 ## (Default: 1 hour for clients, 20 minutes for servers)
 #DirFetchPeriod N seconds|minutes|hours|days|weeks
 
-## Use a nonstandard authoritative directory server at the pro-
-## vided address and port, with the specified key fingerprint.
-## This option can be repeated many times, for multiple authorita-
-## tive directory servers. If no dirserver line is given, Tor will
-## use the default directory servers: moria1, moria2, and tor26.
-#DirServer address:port fingerprint
+## Tor only trusts directories signed with one of these keys, and
+## uses the given addresses to connect to the trusted directory
+## servers. If no DirServer lines are specified, Tor uses the built-in
+## defaults (moria1, moria2, tor26), so you can leave this alone unless
+## you need to change it.
+##
+## WARNING! Changing these options will make your Tor behave
+## differently from everyone else's, and hurt your anonymity.  Even
+## uncommenting these lines is a bad idea.  They are the defaults now,
+## but the defaults may change in the future, leaving you behind.
+##
+#DirServer v1 18.244.0.188:9031 FFCB 46DB 1339 DA84 674C 70D7 CB58 6434 C437 0441
+#DirServer v1 18.244.0.114:80 719B E45D E224 B607 C537 07D0 E214 3E2D 423E 74CF
+#DirServer v1 86.59.5.130:80 847B 1F85 0344 D787 6491 A548 92F9 0493 4E4E B85D
 
 ## On startup, setgid to this user.
 #Group GID
diff --git a/src/config/torrc.sample.in b/src/config/torrc.sample.in
index 0a25d833ae..cac24b667b 100644
--- a/src/config/torrc.sample.in
+++ b/src/config/torrc.sample.in
@@ -54,15 +54,6 @@ AllowUnverifiedNodes middle,rendezvous
 ## see the FAQ entry if you want Tor to run as an NT service.
 #RunAsDaemon 1
 
-## Tor only trusts directories signed with one of these keys, and
-## uses the given addresses to connect to the trusted directory
-## servers. If no DirServer lines are specified, Tor uses the built-in
-## defaults (moria1, moria2, tor26), so you can leave this alone unless
-## you need to change it.
-#DirServer 18.244.0.188:9031 FFCB 46DB 1339 DA84 674C 70D7 CB58 6434 C437 0441
-#DirServer 18.244.0.114:80 719B E45D E224 B607 C537 07D0 E214 3E2D 423E 74CF
-#DirServer 86.59.5.130:80 847B 1F85 0344 D787 6491 A548 92F9 0493 4E4E B85D
-
 ## The directory for keeping all the keys/etc. By default, we store
 ## things in $HOME/.tor on Unix, and in Application Data\tor on Windows.
 #DataDirectory @LOCALSTATEDIR@/lib/tor
diff --git a/src/or/config.c b/src/or/config.c
index fd9c2822fb..8970d8d7ed 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -2101,6 +2101,7 @@ options_validate(or_options_t *options)
   if (!options->DirServers) {
     add_default_trusted_dirservers(options);
   } else {
+    log_fn(LOG_WARN, "You have used DirServer to specify directory authorities in your configuration.  This is potentially dangerous: it can make you look different from all other Tor users, and hurt your anonymity.  Even if you've specified the same authorities as Tor uses by default, the defaults could change in the future.  Be sure you know what you're doing.");
     for (cl = options->DirServers; cl; cl = cl->next) {
       if (parse_dir_server_line(cl->value, 1)<0)
         result = -1;