On Wed, Nov 02, 2016 at 02:52:50PM +1100, teor wrote: > You could also run Tor 0.2.7 or earlier, where the fingerprint is never > checked, as long as you use the DirPort.
I don't think this is true? 1) bridge lines in your torrc do not say a DirPort, so how would the client accidentally try to use it? 2) We don't let bridges open a DirPort, as of Tor 0.2.2.x: https://gitweb.torproject.org/tor.git/tree/ChangeLog?id=tor-0.2.7.6#n9744 3) Bridges should refuse to serve their descriptor except over a begindir connection on their ORPort: https://gitweb.torproject.org/tor.git/tree/src/or/dirserv.c?id=tor-0.2.7.6#n3477 So I hope it is hard to run into this edge case. :) --Roger _______________________________________________ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev