Be more lenient in our fix for bug 11149

There are still quite a few 0.2.3.2x relays running for x<5, and while I
agree they should upgrade, I don't think cutting them out of the network
is a net win on either side.

diff --git a/changes/require_023 b/changes/require_023
index 95302e149382d429c10b42535d69d64c042ef27f..f3a5a1417c585068c51c7aa5f0bfb7cccac9455b 100644 (file)
--- a/changes/require_023
+++ b/changes/require_023
@@ -1,6 +1,6 @@
   o Deprecated versions:
     - Tor 0.2.2.x is no longer supported, and has not been for a while.
-      Directory authorities will stop accepting descriptors from
-      Tor relays running any version of Tor prior to Tor 0.2.3.25.
+      Directory authorities no longer accept descriptors from
+      Tor relays running any version of Tor prior to Tor 0.2.3.16-alpha.
       Resolves ticket 11149.
 

diff --git a/src/or/dirserv.c b/src/or/dirserv.c
index 234209d2107bcba4bbda5e4fa59023bbe519d04a..19ed12d7c16bc445611421e01572038ccf068a45 100644 (file)
--- a/src/or/dirserv.c
+++ b/src/or/dirserv.c
@@ -374,9 +374,9 @@ dirserv_get_status_impl(const char *id_digest, const char *nickname,
               strmap_size(fingerprint_list->fp_by_name),
               digestmap_size(fingerprint_list->status_by_digest));
 
-  /* Versions before Tor 0.2.3.25 are too old to support, and aren't
-   * getting any more security fixes. Disable them. */
-  if (platform && !tor_version_as_new_as(platform,"0.2.3.25")) {
+  /* Versions before Tor 0.2.3.16-alpha are too old to support, and are
+   * missing some important security fixes too. Disable them. */
+  if (platform && !tor_version_as_new_as(platform,"0.2.3.16-alpha")) {
     if (msg)
       *msg = "Tor version is insecure or unsupported. Please upgrade!";
     return FP_REJECT;