Our regular DH parameters that we use for circuit and rendezvous
crypto are unchanged.  This is yet another small step on the path of
protocol fingerprinting resistance.

Found by piebeer.

This patch imposes (very long) limits on the length of a line in a
directory document, and on the length of a certificate.  I don't
think it should actually be possible to overrun these remotely,
since we already impose a maximum size on any directory object we're
downloading, but a little defensive programming never hurt anybody.

Roger emailed me that doorss reported these on IRC, but nobody seems
to have put them on the bugtracker.

we need to do more hunting, but this fixes the ones mentioned in 2385.

Found by cypherpunks; fixes bug 2384.

Based on discussion in bug 2317, these values seem to be sane.

This addresses Nick's concern about doing non-constant bounds checking
inside networkstatus_get_param().

We need to make sure that the worst thing that a weird consensus param
can do to us is to break our Tor (and only if the other Tors are
reliably broken in the same way) so that the majority of directory
authorities can't pull any attacks that are worse than the DoS that
they can trigger by simply shutting down.

One of these worse things was the cbtnummodes parameter, which could
lead to heap corruption on some systems if the value was sufficiently
large.

This commit fixes this particular issue and also introduces sanity
checking for all consensus parameters.

This prepares for making the accessor method for consensus parameters
safer in the next commit.

Conflicts:
	src/or/routerparse.c
	src/or/test.c

This is checked elsewhere too, but let's be RFC-conformant.