We were looking for the first instance of "directory-signature "
when instead the correct behavior is to look for the first instance
of "directory-signature " at the start of a line.

Unfortunately, this can be exploited as to crash authorities while
they're voting.

Fixes #40316; bugfix on 0.2.2.4-alpha.  This is TROVE-2021-002,
also tracked as CVE-2021-28090.

We're going to disable this feature in all versions for now.

"ours" to avoid version bump.

"ours" to avoid version bump.

When reloading a service, we can re-register a service and thus end up again
in the metrics store initialization code path which is fine. No need to BUG()
anymore.

Fixes #40334

Signed-off-by: David Goulet <dgoulet@torproject.org>

Fixes bug #40256; bugfix on 0.2.9.4-alpha.

Use find_str_at_start_of_line(), not strstr() here: we don't want
to match "MemTotal: " if it appears in the middle of a line.

Fixes #40315; bugfix on 0.2.5.4-alpha.

Now deprecated in libc >= 2.33

Closes #40309

Signed-off-by: David Goulet <dgoulet@torproject.org>

Now deprecated in libc >= 2.33

Closes #40309

Signed-off-by: David Goulet <dgoulet@torproject.org>

The directory_fetches_from_authorities() is used to know if a client or relay
should fetch data from an authority early in the boot process.

We had a condition in that function that made a relay trigger that fetch if it
didn't know its address (so we can learn it). However, when this is called,
the address discovery has not been done yet so it would always return true for
a relay.

Furthermore, it would always trigger a log notice that the IPv4 couldn't be
found which was inevitable because the address discovery process has not been
done yet (done when building our first descriptor).

It is also important to point out that starting in 0.4.5.1-alpha, asking an
authority for an address is done during address discovery time using a one-hop
circuit thus independent from the relay deciding to fetch or not documents
from an authority.

Small fix also is to reverse the "IPv(4|6)Only" flag in the notice so that if
we can't find IPv6 it would output to use IPv4Only.

Fixes #40300

Signed-off-by: David Goulet <dgoulet@torproject.org>

When trying to find our address to publish, we would log notice if we couldn't
find it from the cache but then we would look at the suggested cache (which
contains the address from the authorities) in which we might actually have the
address.

Thus that log notice was misplaced. Move it down after the suggested address
cache lookup.

Closes #40300
Signed-off-by: David Goulet <dgoulet@torproject.org>

It can be called with strings that should have been
length-delimited, but which in fact are not.  This can cause a
CPU-DoS bug or, in a worse case, a crash.

Since this function isn't essential, the best solution for older
Tors is to just turn it off.

Fixes bug 40286; bugfix on 0.2.2.1-alpha when dump_desc() was
introduced.