On 2 Nov. 2016, at 15:13, Roger Dingledine arma@mit.edu wrote:
On Wed, Nov 02, 2016 at 02:52:50PM +1100, teor wrote:
You could also run Tor 0.2.7 or earlier, where the fingerprint is never checked, as long as you use the DirPort.
I don't think this is true?
- bridge lines in your torrc do not say a DirPort, so how would the
client accidentally try to use it?
- We don't let bridges open a DirPort, as of Tor 0.2.2.x:
https://gitweb.torproject.org/tor.git/tree/ChangeLog?id=tor-0.2.7.6#n9744
- Bridges should refuse to serve their descriptor except over a begindir
connection on their ORPort: https://gitweb.torproject.org/tor.git/tree/src/or/dirserv.c?id=tor-0.2.7.6#n...
So I hope it is hard to run into this edge case. :)
I think you'd have to be on a connection to the relay, using the details from the relay descriptor (not the bridge line).
Which is actually more likely in 0.2.8, because it looks up descriptor addresses more often. But 0.2.8 also protects you by checking the fingerprint every time.
T