diff options
| -rw-r--r-- | changes/bug2081_followup | 9 | ||||
| -rw-r--r-- | src/or/dirserv.c | 14 |
2 files changed, 19 insertions, 4 deletions
diff --git a/changes/bug2081_followup b/changes/bug2081_followup new file mode 100644 index 0000000000..a53227c38e --- /dev/null +++ b/changes/bug2081_followup @@ -0,0 +1,9 @@ + o Minor features (authorities) + - Directory authorities now reject relays running any versions of + Tor between 0.2.1.3-alpha and 0.2.1.18 inclusive; they have + known bugs that keep RELAY_EARLY cells from working on rendezvous + circuits. Followup to fix for bug 2081. + - Directory authorities now reject relays running any version of Tor + older than 0.2.0.26-rc. That is the earliest version that fetches + current directory information correctly. Fix for bug 2156. + diff --git a/src/or/dirserv.c b/src/or/dirserv.c index 10b9000d51..841c86624b 100644 --- a/src/or/dirserv.c +++ b/src/or/dirserv.c @@ -386,13 +386,19 @@ dirserv_get_status_impl(const char *id_digest, const char *nickname, strmap_size(fingerprint_list->fp_by_name), digestmap_size(fingerprint_list->status_by_digest)); - /* Tor 0.1.2.x is pretty old, but there are a lot of them running still, - * and there aren't any critical relay-side vulnerabilities. Once more - * of them die off, we should raise this minimum to 0.2.0.x. */ - if (platform && !tor_version_as_new_as(platform,"0.1.2.14")) { + /* Tor 0.2.0.26-rc is the oldest version that currently caches the right + * directory information. Once more of them die off, we should raise this + * minimum. */ + if (platform && !tor_version_as_new_as(platform,"0.2.0.26-rc")) { if (msg) *msg = "Tor version is far too old to work."; return FP_REJECT; + } else if (platform && tor_version_as_new_as(platform,"0.2.1.3-alpha") + && !tor_version_as_new_as(platform, "0.2.1.19")) { + /* These versions mishandled RELAY_EARLY cells on rend circuits. */ + if (msg) + *msg = "Tor version is too buggy to work."; + return FP_REJECT; } result = dirserv_get_name_status(id_digest, nickname); |