mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-11 05:33:47 +01:00
f7a3cdc8f2
It is important to verify the uptime claim of a relay instead of just trusting it, otherwise it becomes too easy to blackhole a specific hidden service. rephist already has data available that we can use here. Bugfix on 0.2.0.10-alpha.
8 lines
395 B
Plaintext
8 lines
395 B
Plaintext
o Security fixes:
|
|
- Directory authorities now use data collected from rephist when
|
|
choosing whether to assign the HSDir flag to relays, instead of
|
|
trusting the uptime value the relay reports in its descriptor.
|
|
This helps prevent an attack where relatively few malaicious
|
|
nodes can blackhole any given hidden service. Bugfix on
|
|
0.2.0.10-alpha; fixes bug 2709.
|