[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[or-cvs] r11173: backport r11171 (in tor/branches/tor-0_1_2-patches: . src/or)
Author: arma
Date: 2007-08-18 22:55:36 -0400 (Sat, 18 Aug 2007)
New Revision: 11173
Modified:
tor/branches/tor-0_1_2-patches/ChangeLog
tor/branches/tor-0_1_2-patches/src/or/config.c
Log:
backport r11171
Modified: tor/branches/tor-0_1_2-patches/ChangeLog
===================================================================
--- tor/branches/tor-0_1_2-patches/ChangeLog 2007-08-19 02:53:49 UTC (rev 11172)
+++ tor/branches/tor-0_1_2-patches/ChangeLog 2007-08-19 02:55:36 UTC (rev 11173)
@@ -32,6 +32,8 @@
where no controller could authenticate. Now we exit.
- If we require CookieAuthentication, stop generating a new cookie
every time we change any piece of our config.
+ - Refuse to start with certain directory authority keys, and
+ encourage people using them to stop.
- Terminate multi-line control events properly. Original patch
from tup.
Modified: tor/branches/tor-0_1_2-patches/src/or/config.c
===================================================================
--- tor/branches/tor-0_1_2-patches/src/or/config.c 2007-08-19 02:53:49 UTC (rev 11172)
+++ tor/branches/tor-0_1_2-patches/src/or/config.c 2007-08-19 02:55:36 UTC (rev 11173)
@@ -3470,6 +3470,13 @@
log_warn(LD_CONFIG, "Key digest for DirServer is wrong length.");
goto err;
}
+ if (!strcmp(fingerprint, "E623F7625FBE0C87820F11EC5F6D5377ED816294")) {
+ /* a known bad fingerprint. refuse to use it. */
+ log_warn(LD_CONFIG, "Dangerous dirserver line. To correct, erase your "
+ "torrc file (%s), or reinstall Tor and use the default torrc.",
+ get_torrc_fname());
+ goto err;
+ }
if (base16_decode(digest, DIGEST_LEN, fingerprint, HEX_DIGEST_LEN)<0) {
log_warn(LD_CONFIG, "Unable to decode DirServer key digest.");
goto err;