Merge branch 'eol-config' into 'main'

add configuration option to reject descriptor based on tor version

Closes #40817

See merge request tpo/core/tor!773

changes/ticket40817

@@ -0,0 +1,4 @@
+  o Minor feature (directory authority):
+    - Introduce MinimalAcceptedServerVersion to allow modification of minimal
+      accepted version for relays without requiring a new tor release.
+      Closes ticket 40817.

doc/man/tor.1.txt

@@ -3381,6 +3381,11 @@ on the public Tor network.
     multiple times: the values from multiple lines are spliced together. When
     this is set then **VersioningAuthoritativeDirectory** should be set too.
 
+[[MinimalAcceptedServerVersion]] **MinimalAcceptedServerVersion** __STRING__::
+   STRING is the oldest Tor version accepted by the directory authority for
+   relays and bridge. Any older version will be rejected.
+   (Default: 0.4.7.0-alpha-dev)
+
 [[V3AuthDistDelay]] **V3AuthDistDelay** __N__ **seconds**|**minutes**|**hours**::
     V3 authoritative directories only. Configures the server's preferred  delay
     between publishing its consensus and signature and assuming  it has all the

src/feature/dirauth/dirauth_config.c

@@ -16,9 +16,12 @@
 #include "lib/encoding/confline.h"
 #include "lib/confmgt/confmgt.h"
 #include "lib/conf/confdecl.h"
+#include "lib/version/torversion.h"
 
 /* Required for dirinfo_type_t in or_options_t */
 #include "core/or/or.h"
+#include "core/or/tor_version_st.h"
+#include "core/or/versions.h"
 #include "app/config/config.h"
 #include "app/config/resolve_addr.h"
 
@@ -426,6 +429,7 @@ static int
 dirauth_options_validate(const void *arg, char **msg)
 {
   const dirauth_options_t *options = arg;
+  tor_version_t minimal_accepted_server_version, recommended_version;
 
   if (options->VersioningAuthoritativeDirectory &&
       (!options->RecommendedClientVersions ||
@@ -439,12 +443,53 @@ dirauth_options_validate(const void *arg, char **msg)
     REJECT("Guard bandwdith threshold fraction is invalid.");
   }
 
-  char *t;
+  if (tor_version_parse(options->MinimalAcceptedServerVersion,
+        &minimal_accepted_server_version) != 0) {
+    REJECT("Invalid MinimalAcceptedServerVersion");
+  }
+
+  tor_assertf(tor_version_parse(get_short_version(),
+        &recommended_version) == 0,
+      "We failed to parse our own version");
+  if (tor_version_compare(&recommended_version,
+        &minimal_accepted_server_version) < 0) {
+    REJECT("MinimalAcceptedServerVersion wants to reject the version "
+        "this node is running");
+  }
+
+  char *recommended_versions;
+  int found_recommended_rejected_version = 0;
   /* Call these functions to produce warnings only. */
-  t = format_recommended_version_list(options->RecommendedClientVersions, 1);
-  tor_free(t);
-  t = format_recommended_version_list(options->RecommendedServerVersions, 1);
-  tor_free(t);
+  recommended_versions = format_recommended_version_list(
+      options->RecommendedClientVersions, 1);
+  tor_free(recommended_versions);
+
+  recommended_versions = format_recommended_version_list(
+      options->RecommendedServerVersions, 1);
+
+  smartlist_t *version_sl = smartlist_new();
+  smartlist_split_string(version_sl, recommended_versions, ",",
+      SPLIT_SKIP_SPACE, 0);
+  SMARTLIST_FOREACH_BEGIN(version_sl, const char *, version) {
+    if (tor_version_parse(version,
+          &recommended_version) != 0) {
+      COMPLAIN("Found unparseable version in RecommendedServerVersions");
+      continue;
+    }
+
+    if (tor_version_compare(&recommended_version,
+          &minimal_accepted_server_version) < 0) {
+      found_recommended_rejected_version = 1;
+      break;
+    }
+  } SMARTLIST_FOREACH_END(version);
+
+  SMARTLIST_FOREACH(version_sl, char *, version, tor_free(version));
+  smartlist_free(version_sl);
+  tor_free(recommended_versions);
+  if (found_recommended_rejected_version)
+      REJECT("MinimalAcceptedServerVersion wants to reject a recommended "
+          "version");
 
   if (options->TestingAuthDirTimeToLearnReachability > 2*60*60) {
     COMPLAIN("TestingAuthDirTimeToLearnReachability is insanely high.");

src/feature/dirauth/dirauth_options.inc

@@ -76,6 +76,9 @@ CONF_VAR(RecommendedClientVersions, LINELIST, 0, NULL)
 /** Which versions of tor should we tell users to run on relays? */
 CONF_VAR(RecommendedServerVersions, LINELIST, 0, NULL)
 
+/** Which minimal version of tor do we accept relay descriptors from? */
+CONF_VAR(MinimalAcceptedServerVersion, STRING, 0, "0.4.7.0-alpha-dev")
+
 /** Relays which should be voted Guard regardless of uptime and bandwidth. */
 CONF_VAR(AuthDirVoteGuard, ROUTERSET, 0, NULL)
 

src/feature/dirauth/process_descs.c

@@ -404,8 +404,8 @@ dirserv_rejects_tor_version(const char *platform,
   static const char please_upgrade_string[] =
     "Tor version is insecure or unsupported. Please upgrade!";
 
-  /* Anything before 0.4.7.0 is unsupported. Reject them. */
-  if (!tor_version_as_new_as(platform,"0.4.7.0-alpha-dev")) {
+  if (!tor_version_as_new_as(platform,
+        dirauth_get_options()->MinimalAcceptedServerVersion)) {
     if (msg) {
       *msg = please_upgrade_string;
     }