[tor-dev] Using fingerprint of cached relay bypasses bridge?

Roger Dingledine arma at mit.edu
Wed Nov 2 04:13:31 UTC 2016

On Wed, Nov 02, 2016 at 02:52:50PM +1100, teor wrote:
> You could also run Tor 0.2.7 or earlier, where the fingerprint is never
> checked, as long as you use the DirPort.

I don't think this is true?

1) bridge lines in your torrc do not say a DirPort, so how would the
client accidentally try to use it?

2) We don't let bridges open a DirPort, as of Tor 0.2.2.x:

3) Bridges should refuse to serve their descriptor except over a begindir
connection on their ORPort:

So I hope it is hard to run into this edge case. :)


More information about the tor-dev mailing list