Merge remote-tracking branch 'rransom/warn-about-hses-without-guards'

This commit is contained in:
Nick Mathewson 2012-09-25 12:39:00 -04:00
commit 95d9f7e9cc
3 changed files with 18 additions and 1 deletions

View File

@ -0,0 +1,8 @@
o Minor features:
- Warn users who run hidden services on a Tor client with
UseEntryGuards disabled that their hidden services will be
vulnerable to http://freehaven.net/anonbib/#hs-attack06 (the
attack which motivated Tor to support entry guards in the first
place). Fixes bug 6889.

View File

@ -2538,6 +2538,15 @@ options_validate(or_options_t *old_options, or_options_t *options,
options->UseEntryGuards = 0;
}
if (!(options->UseEntryGuards) &&
(options->RendConfigLines != NULL)) {
log_warn(LD_CONFIG,
"UseEntryGuards is disabled, but you have configured one or more "
"hidden services on this Tor instance. Your hidden services "
"will be very easy to locate using a well-known attack -- see "
"http://freehaven.net/anonbib/#hs-attack06 for details.");
}
if (!(options->LearnCircuitBuildTimeout) &&
options->CircuitBuildTimeout < RECOMMENDED_MIN_CIRCUIT_BUILD_TIMEOUT) {
log_warn(LD_CONFIG,

View File

@ -1893,7 +1893,7 @@ networkstatus_compute_consensus(smartlist_t *votes,
* listed that descriptor will have the same summary. If not then
* something is fishy and we'll use the most common one (breaking
* ties in favor of lexicographically larger one (only because it
* lets me reuse more existing code.
* lets me reuse more existing code)).
*
* The other case that can happen is that no authority that voted
* for that descriptor has an exit policy summary. That's