Loading changes/bug4788 0 → 100644 +6 −0 Original line number Diff line number Diff line o Minor features (directory server): - Directory servers now reject versions of Tor older than 0.2.1.30, and Tor versions between 0.2.2.1-alpha and 0.2.2.20-alpha (inclusive). These versions accounted for only a small fraction of the Tor network, and have numerous known security issues. Resolves issue #4788. src/or/dirserv.c +12 −11 Original line number Diff line number Diff line Loading @@ -388,20 +388,21 @@ dirserv_get_status_impl(const char *id_digest, const char *nickname, strmap_size(fingerprint_list->fp_by_name), digestmap_size(fingerprint_list->status_by_digest)); /* Tor 0.2.0.26-rc is the oldest version that currently caches the right * directory information. Once more of them die off, we should raise this * minimum. */ if (platform && !tor_version_as_new_as(platform,"0.2.0.26-rc")) { /* Versions before Tor 0.2.1.30 have known security issues that * make them unsuitable for the current network. */ if (platform && !tor_version_as_new_as(platform,"0.2.1.30")) { if (msg) *msg = "Tor version is far too old to work."; *msg = "Tor version is insecure. Please upgrade!"; return FP_REJECT; } else if (platform && tor_version_as_new_as(platform,"0.2.1.3-alpha") && !tor_version_as_new_as(platform, "0.2.1.19")) { /* These versions mishandled RELAY_EARLY cells on rend circuits. */ } else if (platform && tor_version_as_new_as(platform,"0.2.2.1-alpha")) { /* Versions from 0.2.2.1-alpha...0.2.2.20-alpha have known security * issues that make them unusable for the current network */ if (!tor_version_as_new_as(platform, "0.2.2.21-alpha")) { if (msg) *msg = "Tor version is too buggy to work."; *msg = "Tor version is insecure. Please upgrade!"; return FP_REJECT; } } result = dirserv_get_name_status(id_digest, nickname); if (result & FP_NAMED) { Loading Loading
changes/bug4788 0 → 100644 +6 −0 Original line number Diff line number Diff line o Minor features (directory server): - Directory servers now reject versions of Tor older than 0.2.1.30, and Tor versions between 0.2.2.1-alpha and 0.2.2.20-alpha (inclusive). These versions accounted for only a small fraction of the Tor network, and have numerous known security issues. Resolves issue #4788.
src/or/dirserv.c +12 −11 Original line number Diff line number Diff line Loading @@ -388,20 +388,21 @@ dirserv_get_status_impl(const char *id_digest, const char *nickname, strmap_size(fingerprint_list->fp_by_name), digestmap_size(fingerprint_list->status_by_digest)); /* Tor 0.2.0.26-rc is the oldest version that currently caches the right * directory information. Once more of them die off, we should raise this * minimum. */ if (platform && !tor_version_as_new_as(platform,"0.2.0.26-rc")) { /* Versions before Tor 0.2.1.30 have known security issues that * make them unsuitable for the current network. */ if (platform && !tor_version_as_new_as(platform,"0.2.1.30")) { if (msg) *msg = "Tor version is far too old to work."; *msg = "Tor version is insecure. Please upgrade!"; return FP_REJECT; } else if (platform && tor_version_as_new_as(platform,"0.2.1.3-alpha") && !tor_version_as_new_as(platform, "0.2.1.19")) { /* These versions mishandled RELAY_EARLY cells on rend circuits. */ } else if (platform && tor_version_as_new_as(platform,"0.2.2.1-alpha")) { /* Versions from 0.2.2.1-alpha...0.2.2.20-alpha have known security * issues that make them unusable for the current network */ if (!tor_version_as_new_as(platform, "0.2.2.21-alpha")) { if (msg) *msg = "Tor version is too buggy to work."; *msg = "Tor version is insecure. Please upgrade!"; return FP_REJECT; } } result = dirserv_get_name_status(id_digest, nickname); if (result & FP_NAMED) { Loading
