aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRoger Dingledine <arma@torproject.org>2007-08-19 02:51:54 +0000
committerRoger Dingledine <arma@torproject.org>2007-08-19 02:51:54 +0000
commit96cff65f855f67ad216590620e1442ffee608f80 (patch)
tree12c2380a9d27eb6d6c57a5c7047db7a10138552d
parent22a9d71829ed0978475a920fd8b346397f2096ad (diff)
downloadtor-96cff65f855f67ad216590620e1442ffee608f80.tar
tor-96cff65f855f67ad216590620e1442ffee608f80.tar.gz
backport candidate:
Refuse to start with certain directory authority keys, and encourage people using them to stop. svn:r11171
-rw-r--r--ChangeLog2
-rw-r--r--src/or/config.c7
2 files changed, 9 insertions, 0 deletions
diff --git a/ChangeLog b/ChangeLog
index d9e2f63d6..99cd754bd 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -28,6 +28,8 @@ Changes in version 0.2.0.5-alpha - 2007-08-19
o Minor features (security):
- Warn about unsafe ControlPort configurations.
+ - Refuse to start with certain directory authority keys, and
+ encourage people using them to stop.
o Minor features (controller):
- Add a PROTOCOLINFO controller command. Like AUTHENTICATE, it
diff --git a/src/or/config.c b/src/or/config.c
index e76db2cfd..048266f45 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -3823,6 +3823,13 @@ parse_dir_server_line(const char *line, int validate_only)
(int)strlen(fingerprint));
goto err;
}
+ if (!strcmp(fingerprint, "E623F7625FBE0C87820F11EC5F6D5377ED816294")) {
+ /* a known bad fingerprint. refuse to use it. */
+ log_warn(LD_CONFIG, "Dangerous dirserver line. To correct, erase your "
+ "torrc file (%s), or reinstall Tor and use the default torrc.",
+ get_torrc_fname());
+ goto err;
+ }
if (base16_decode(digest, DIGEST_LEN, fingerprint, HEX_DIGEST_LEN)<0) {
log_warn(LD_CONFIG, "Unable to decode DirServer key digest.");
goto err;