tor

The Tor anonymity network
git clone https://git.dasho.dev/tor.git
Log | Files | Refs | README | LICENSE
commit d459c08b7d5cb1766bda5443ea2750bca160212d
parent 766d0a2d98591ed840cce42710c5a59a2e7dc731
Author: Nick Mathewson <nickm@torproject.org>
Date:   Thu, 30 Nov 2017 12:07:43 -0500

Merge branch 'trove-2017-012_030' into maint-0.3.0

Diffstat:

Achanges/trove-2017-012-part2 | 5+++++


Msrc/or/entrynodes.c | 3++-


2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/changes/trove-2017-012-part2 b/changes/trove-2017-012-part2
@@ -0,0 +1,5 @@
+  o Major bugfixes (security, relay):
+    - When running as a relay, make sure that we never ever choose ourselves
+      as a guard. Previously, this was possible. Fixes part of bug 21534;
+      bugfix on 0.3.0.1-alpha. This issue is also tracked as TROVE-2017-012
+      and CVE-2017-8822.
diff --git a/src/or/entrynodes.c b/src/or/entrynodes.c
@@ -740,7 +740,8 @@ node_is_possible_guard(const node_t *node)
           node->is_stable &&
           node->is_fast &&
           node->is_valid &&
-          node_is_dir(node));
+          node_is_dir(node) &&
+          !router_digest_is_me(node->identity));
 }
 
 /**