From 9bcb18738747e12629c38ae366b96993e2002859 Mon Sep 17 00:00:00 2001 From: Nick Mathewson Date: Tue, 27 Dec 2011 21:47:04 -0500 Subject: [PATCH] Authorities reject insecure Tors. This patch should make us reject every Tor that was vulnerable to CVE-2011-0427. Additionally, it makes us reject every Tor that couldn't handle RELAY_EARLY cells, which helps with proposal 110 (#4339). --- changes/bug4788 | 6 ++++++ src/or/dirserv.c | 23 ++++++++++++----------- 2 files changed, 18 insertions(+), 11 deletions(-) create mode 100644 changes/bug4788 diff --git a/changes/bug4788 b/changes/bug4788 new file mode 100644 index 0000000000..d65c0015a0 --- /dev/null +++ b/changes/bug4788 @@ -0,0 +1,6 @@ + o Minor features (directory server): + - Directory servers now reject versions of Tor older than 0.2.1.30, + and Tor versions between 0.2.2.1-alpha and 0.2.2.20-alpha + (inclusive). These versions accounted for only a small fraction of + the Tor network, and have numerous known security issues. Resolves + issue #4788. diff --git a/src/or/dirserv.c b/src/or/dirserv.c index 634b3eca2e..0308d4dbc1 100644 --- a/src/or/dirserv.c +++ b/src/or/dirserv.c @@ -388,19 +388,20 @@ dirserv_get_status_impl(const char *id_digest, const char *nickname, strmap_size(fingerprint_list->fp_by_name), digestmap_size(fingerprint_list->status_by_digest)); - /* Tor 0.2.0.26-rc is the oldest version that currently caches the right - * directory information. Once more of them die off, we should raise this - * minimum. */ - if (platform && !tor_version_as_new_as(platform,"0.2.0.26-rc")) { + /* Versions before Tor 0.2.1.30 have known security issues that + * make them unsuitable for the current network. */ + if (platform && !tor_version_as_new_as(platform,"0.2.1.30")) { if (msg) - *msg = "Tor version is far too old to work."; - return FP_REJECT; - } else if (platform && tor_version_as_new_as(platform,"0.2.1.3-alpha") - && !tor_version_as_new_as(platform, "0.2.1.19")) { - /* These versions mishandled RELAY_EARLY cells on rend circuits. */ - if (msg) - *msg = "Tor version is too buggy to work."; + *msg = "Tor version is insecure. Please upgrade!"; return FP_REJECT; + } else if (platform && tor_version_as_new_as(platform,"0.2.2.1-alpha")) { + /* Versions from 0.2.2.1-alpha...0.2.2.20-alpha have known security + * issues that make them unusable for the current network */ + if (!tor_version_as_new_as(platform, "0.2.2.21-alpha")) { + if (msg) + *msg = "Tor version is insecure. Please upgrade!"; + return FP_REJECT; + } } result = dirserv_get_name_status(id_digest, nickname);