Your Tor relay might be affected by Debain OpenSSL flaw

Roger Dingledine arma at mit.edu
Fri May 23 12:11:46 UTC 2008


On Wed, May 14, 2008 at 11:20:35AM -0500, Matt LaPlante wrote:
> > On Wed, May 14, 2008 at 11:10:24AM -0500, Matt LaPlante wrote:
> >>   I received a notice earlier today stating that "Your Tor relay might
> >> be affected by Debain OpenSSL flaw."  I had already regenerated my
> >> secret keys following the procedure given in the tor-announce notice
> >> (after having updated ssl/ssh/etc).  Regardless, my node still appears
> >> blacklisted.  Is this list static?  The notice unfortunately did not
> >> seem to document the re-enabling procedure for corrected nodes.
> >
> > We blacklisted nodes by their weak keys. So if you come back with the same
> > (weak) key, you'll still be blacklisted -- but that's as it should be.
> >
> > Perhaps you could provide more details?
> 
> My server log then gives me:
> May 14 09:01:30.488 [warn] Received http status code 404 ("Not found")
> from server '...' while fetching "/tor/status/fp/...". I'll try again
> soon.
> 
> Which I assume is because I'm still blocked.  Am I missing a step in
> the procedure, or misinterpreting the log?

That warning has to do with fetching directory information so you can
mirror it to Tor clients. It isn't same as the original warning you were
seeing, which was more explicit: "Fingerprint is marked rejected".

So you should be ok now.

(We do try to make our error messages clear when they're important. :)

--Roger



More information about the tor-talk mailing list