|
@@ -388,19 +388,20 @@ dirserv_get_status_impl(const char *id_digest, const char *nickname,
|
|
|
strmap_size(fingerprint_list->fp_by_name),
|
|
strmap_size(fingerprint_list->fp_by_name),
|
|
|
digestmap_size(fingerprint_list->status_by_digest));
|
|
digestmap_size(fingerprint_list->status_by_digest));
|
|
|
|
|
|
|
|
- /* Tor 0.2.0.26-rc is the oldest version that currently caches the right
|
|
|
|
|
- * directory information. Once more of them die off, we should raise this
|
|
|
|
|
- * minimum. */
|
|
|
|
|
- if (platform && !tor_version_as_new_as(platform,"0.2.0.26-rc")) {
|
|
|
|
|
|
|
+ /* Versions before Tor 0.2.1.30 have known security issues that
|
|
|
|
|
+ * make them unsuitable for the current network. */
|
|
|
|
|
+ if (platform && !tor_version_as_new_as(platform,"0.2.1.30")) {
|
|
|
if (msg)
|
|
if (msg)
|
|
|
- *msg = "Tor version is far too old to work.";
|
|
|
|
|
- return FP_REJECT;
|
|
|
|
|
- } else if (platform && tor_version_as_new_as(platform,"0.2.1.3-alpha")
|
|
|
|
|
- && !tor_version_as_new_as(platform, "0.2.1.19")) {
|
|
|
|
|
- /* These versions mishandled RELAY_EARLY cells on rend circuits. */
|
|
|
|
|
- if (msg)
|
|
|
|
|
- *msg = "Tor version is too buggy to work.";
|
|
|
|
|
|
|
+ *msg = "Tor version is insecure. Please upgrade!";
|
|
|
return FP_REJECT;
|
|
return FP_REJECT;
|
|
|
|
|
+ } else if (platform && tor_version_as_new_as(platform,"0.2.2.1-alpha")) {
|
|
|
|
|
+ /* Versions from 0.2.2.1-alpha...0.2.2.20-alpha have known security
|
|
|
|
|
+ * issues that make them unusable for the current network */
|
|
|
|
|
+ if (!tor_version_as_new_as(platform, "0.2.2.21-alpha")) {
|
|
|
|
|
+ if (msg)
|
|
|
|
|
+ *msg = "Tor version is insecure. Please upgrade!";
|
|
|
|
|
+ return FP_REJECT;
|
|
|
|
|
+ }
|
|
|
}
|
|
}
|
|
|
|
|
|
|
|
result = dirserv_get_name_status(id_digest, nickname);
|
|
result = dirserv_get_name_status(id_digest, nickname);
|
Nick Mathewson