commit 9ece027d6065e09743ac875aa873bf23583c133f parent d018bf199c9e566202eef0bb7fb68c2567c4a25e Author: Nick Mathewson <nickm@torproject.org> Date: Tue, 1 May 2018 10:43:40 -0400 Merge remote-tracking branch 'ffmancera-1/bug20522' Diffstat:
| A | changes/ticket20522 | | | 6 | ++++++ |
| M | src/or/dirserv.c | | | 9 | +++++---- |
2 files changed, 11 insertions(+), 4 deletions(-)
diff --git a/changes/ticket20522 b/changes/ticket20522 @@ -0,0 +1,6 @@ + o Deprecated features: + - As we are not recommending 0.2.5 anymore we require relays that once had + an ed25519 key associated with their RSA key to always have that key + instead of allowing them to drop back to a version that didn't support + ed25519. This means they need to use a new RSA key if the want to + downgrade to an older version of tor without ed25519. Closes ticket 20522. diff --git a/src/or/dirserv.c b/src/or/dirserv.c @@ -259,11 +259,12 @@ dirserv_load_fingerprint_file(void) * identity to stop doing so. This is going to be essential for good identity * security: otherwise anybody who can attack RSA-1024 but not Ed25519 could * just sign fake descriptors missing the Ed25519 key. But we won't actually - * be able to prevent that kind of thing until we're confident that there - * isn't actually a legit reason to downgrade to 0.2.5. So for now, we have - * to leave this #undef. + * be able to prevent that kind of thing until we're confident that there isn't + * actually a legit reason to downgrade to 0.2.5. Now we are not recommending + * 0.2.5 anymore so there is no reason to keep the #undef. */ -#undef DISABLE_DISABLING_ED25519 + +#define DISABLE_DISABLING_ED25519 /** Check whether <b>router</b> has a nickname/identity key combination that * we recognize from the fingerprint list, or an IP we automatically act on