New upstream version

Bump version to 0.2.0.35
changelog cleanups from roger.
2009-06-26 01:56:17 +02:00 · 2009-06-24 16:22:47 -04:00 · 2009-06-24 16:20:40 -04:00 · 2009-06-24 15:57:09 -04:00 · 2009-06-19 17:29:32 +02:00 · 2009-06-19 17:08:11 +02:00
1111 changed files with 154128 additions and 570435 deletions
--- a/.appveyor.yml
+++ b/.appveyor.yml
@ -1,62 +0,0 @@
-version: 1.0.{build}
-
-clone_depth: 50
-
-environment:
-  compiler: mingw
-
-  matrix:
-  - target: i686-w64-mingw32
-    compiler_path: mingw32
-    openssl_path: /c/OpenSSL-Win32
-  - target: x86_64-w64-mingw32
-    compiler_path: mingw64
-    openssl_path: /c/OpenSSL-Win64
-
-install:
- ps: >-
-    Function Execute-Command ($commandPath)
-    {
-        & $commandPath $args 2>&1
-        if ( $LastExitCode -ne 0 ) {
-            $host.SetShouldExit( $LastExitCode )
-        }
-    }
-    Function Execute-Bash ()
-    {
-        Execute-Command 'c:\msys64\usr\bin\bash' '-e' '-c' $args
-    }
-    Execute-Command "C:\msys64\usr\bin\pacman" -Sy --noconfirm openssl-devel openssl libevent-devel libevent mingw-w64-i686-libevent mingw-w64-x86_64-libevent mingw-w64-i686-openssl mingw-w64-x86_64-openssl mingw-w64-i686-zstd mingw-w64-x86_64-zstd
-
-build_script:
- ps: >-
-    if ($env:compiler -eq "mingw") {
-            $oldpath = ${env:Path} -split ';'
-            $buildpath = @("C:\msys64\${env:compiler_path}\bin", "C:\msys64\usr\bin") + $oldpath
-            $env:Path = @($buildpath) -join ';'
-            $env:build = @("${env:APPVEYOR_BUILD_FOLDER}", $env:target) -join '\'
-            Set-Location "${env:APPVEYOR_BUILD_FOLDER}"
-            Execute-Bash 'autoreconf -i'
-            mkdir "${env:build}"
-            Set-Location "${env:build}"
-            Execute-Bash "../configure --prefix=/${env:compiler_path} --build=${env:target} --host=${env:target} --disable-asciidoc --enable-fatal-warnings --with-openssl-dir=${env:openssl_path}"
-            Execute-Bash "V=1 make -j2"
-            Execute-Bash "V=1 make -j2 install"
-     }
-
-test_script:
- ps: >-
-    if ($env:compiler -eq "mingw") {
-            $oldpath = ${env:Path} -split ';'
-            $buildpath = @("C:\msys64\${env:compiler_path}\bin") + $oldpath
-            $env:Path = $buildpath -join ';'
-            Set-Location "${env:build}"
-            Execute-Bash "VERBOSE=1 make -j2 check"
-    }
-
-on_success:
- cmd: C:\Python27\python.exe %APPVEYOR_BUILD_FOLDER%\scripts\test\appveyor-irc-notify.py irc.oftc.net:6697 tor-ci success
-
-on_failure:
- cmd: C:\Python27\python.exe %APPVEYOR_BUILD_FOLDER%\scripts\test\appveyor-irc-notify.py irc.oftc.net:6697 tor-ci failure
-
--- a/.gitignore
+++ b/.gitignore
@ -2,11 +2,8 @@
 \#*\#
 .#*
 *~
-*.swp
-*.swo
 # C stuff
 *.o
-*.obj
 # Diff droppings
 *.orig
 *.rej
@ -14,37 +11,23 @@
 *.gcno
 *.gcov
 *.gcda
+# latex stuff
+*.aux
+*.dvi
+*.blg
+*.bbl
+*.log
 # Autotools stuff
 .deps
-.dirstamp
-*.trs
-*.log
-# Calltool stuff
-.*.graph
 # Stuff made by our makefiles
 *.bak
-# Python droppings
-*.pyc
-*.pyo
-# Cscope
-cscope.*
-# OSX junk
-*.dSYM
-.DS_Store
-# updateFallbackDirs.py temp files
-details-*.json
-uptime-*.json
-*.full_url
-*.last_modified

 # /
 /Makefile
 /Makefile.in
 /aclocal.m4
-/ar-lib
 /autom4te.cache
 /build-stamp
-/compile
 /configure
 /Doxyfile
 /orconfig.h
@ -55,13 +38,10 @@ uptime-*.json
 /config.guess
 /config.sub
 /conftest*
-/micro-revision.*
 /patch-stamp
 /stamp-h
 /stamp-h.in
 /stamp-h1
-/TAGS
-/test-driver
 /tor.sh
 /tor.spec
 /depcomp
@ -70,19 +50,35 @@ uptime-*.json
 /mkinstalldirs
 /Tor*Bundle.dmg
 /tor-*-win32.exe
-/coverage_html/
-/callgraph/

 # /contrib/
-/contrib/dist/tor.sh
-/contrib/dist/torctl
-/contrib/dist/tor.service
-/contrib/operator-tools/tor.logrotate
-/contrib/dist/suse/tor.sh
+/contrib/Makefile
+/contrib/Makefile.in
+/contrib/tor.sh
+/contrib/torctl
+/contrib/torify
+/contrib/*.pyc
+/contrib/*.pyo
+/contrib/tor.logrotate
+/contrib/tor.wxs
+
+# /contrib/osx/
+/contrib/osx/Makefile
+/contrib/osx/Makefile.in
+/contrib/osx/TorBundleDesc.plist
+/contrib/osx/TorBundleInfo.plist
+/contrib/osx/TorDesc.plist
+/contrib/osx/TorInfo.plist
+/contrib/osx/TorStartupDesc.plist
+/contrib/osx/net.freehaven.tor.plist
+
+# /contrib/suse/
+/contrib/suse/tor.sh
+/contrib/suse/Makefile.in
+/contrib/suse/Makefile

 # /debian/
 /debian/files
-/debian/micro-revision.i
 /debian/patched
 /debian/tor
 /debian/tor.postinst.debhelper
@ -93,60 +89,26 @@ uptime-*.json
 # /doc/
 /doc/Makefile
 /doc/Makefile.in
-/doc/doxygen
 /doc/tor.1
-/doc/tor.1.in
-/doc/tor.html
-/doc/tor.html.in
-/doc/tor.1.xml
-/doc/tor-gencert.1
-/doc/tor-gencert.1.in
-/doc/tor-gencert.html
-/doc/tor-gencert.html.in
-/doc/tor-gencert.1.xml
-/doc/tor-resolve.1
-/doc/tor-resolve.1.in
-/doc/tor-resolve.html
-/doc/tor-resolve.html.in
-/doc/tor-resolve.1.xml
-/doc/torify.1
-/doc/torify.1.in
-/doc/torify.html
-/doc/torify.html.in
-/doc/torify.1.xml
+/doc/doxygen
+
+# /doc/design-paper/
+/doc/design-paper/Makefile
+/doc/design-paper/Makefile.in

 # /doc/spec/
 /doc/spec/Makefile
 /doc/spec/Makefile.in

-# /scripts
-/scripts/maint/checkOptionDocs.pl
-/scripts/maint/updateVersions.pl
-
 # /src/
 /src/Makefile
 /src/Makefile.in

-# /src/trace
-/src/trace/libor-trace.a
-
 # /src/common/
 /src/common/Makefile
 /src/common/Makefile.in
 /src/common/libor.a
-/src/common/libor-testing.a
-/src/common/libor.lib
-/src/common/libor-ctime.a
-/src/common/libor-ctime-testing.a
-/src/common/libor-ctime.lib
 /src/common/libor-crypto.a
-/src/common/libor-crypto-testing.a
-/src/common/libor-crypto.lib
-/src/common/libor-event.a
-/src/common/libor-event-testing.a
-/src/common/libor-event.lib
-/src/common/libcurve25519_donna.a
-/src/common/libcurve25519_donna.lib

 # /src/config/
 /src/config/Makefile
@ -154,82 +116,21 @@ uptime-*.json
 /src/config/sample-server-torrc
 /src/config/torrc
 /src/config/torrc.sample
-/src/config/torrc.minimal
-
-# /src/ext/
-/src/ext/ed25519/ref10/libed25519_ref10.a
-/src/ext/ed25519/ref10/libed25519_ref10.lib
-/src/ext/ed25519/donna/libed25519_donna.a
-/src/ext/ed25519/donna/libed25519_donna.lib
-/src/ext/keccak-tiny/libkeccak-tiny.a
-/src/ext/keccak-tiny/libkeccak-tiny.lib

 # /src/or/
 /src/or/Makefile
 /src/or/Makefile.in
+/src/or/micro-revision.*
 /src/or/tor
-/src/or/tor.exe
-/src/or/tor-cov
-/src/or/tor-cov.exe
-/src/or/libtor.a
-/src/or/libtor-testing.a
-/src/or/libtor.lib
-
-# /src/rust
-/src/rust/.cargo/config
-/src/rust/.cargo/registry
-/src/rust/target
-/src/rust/registry
-
-# /src/test
-/src/test/Makefile
-/src/test/Makefile.in
-/src/test/bench
-/src/test/bench.exe
-/src/test/test
-/src/test/test-slow
-/src/test/test-bt-cl
-/src/test/test-child
-/src/test/test-memwipe
-/src/test/test-ntor-cl
-/src/test/test-hs-ntor-cl
-/src/test/test-switch-id
-/src/test/test-timers
-/src/test/test_workqueue
-/src/test/test.exe
-/src/test/test-slow.exe
-/src/test/test-bt-cl.exe
-/src/test/test-child.exe
-/src/test/test-ntor-cl.exe
-/src/test/test-hs-ntor-cl.exe
-/src/test/test-memwipe.exe
-/src/test/test-switch-id.exe
-/src/test/test-timers.exe
-/src/test/test_workqueue.exe
-
-# /src/test/fuzz
-/src/test/fuzz/fuzz-*
-/src/test/fuzz/lf-fuzz-*
+/src/or/test

 # /src/tools/
-/src/tools/libtorrunner.a
 /src/tools/tor-checkkey
 /src/tools/tor-resolve
-/src/tools/tor-cov-resolve
 /src/tools/tor-gencert
-/src/tools/tor-cov-gencert
-/src/tools/tor-checkkey.exe
-/src/tools/tor-resolve.exe
-/src/tools/tor-cov-resolve.exe
-/src/tools/tor-gencert.exe
-/src/tools/tor-cov-gencert.exe
 /src/tools/Makefile
 /src/tools/Makefile.in

-# /src/trunnel/
-/src/trunnel/libor-trunnel-testing.a
-/src/trunnel/libor-trunnel.a
-
 # /src/win32/
 /src/win32/Makefile
 /src/win32/Makefile.in
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@ -1,45 +0,0 @@
-before_script:
-    - apt-get update -qq
-    - apt-get upgrade -qy
-
-build:
-  script:
-    - apt-get install -qy --fix-missing automake build-essential
-      libevent-dev libssl-dev zlib1g-dev
-      libseccomp-dev liblzma-dev libscrypt-dev
-    - ./autogen.sh
-    - ./configure --disable-asciidoc --enable-fatal-warnings
-      --disable-silent-rules
-    - make check || (e=$?; cat test-suite.log; exit $e)
-    - make install
-
-update:
-  only:
-    - schedules
-  script: 
-    - "apt-get install -y --fix-missing git openssh-client"
-    
-    # Run ssh-agent (inside the build environment)
-    - eval $(ssh-agent -s)
-
-    # Add the SSH key stored in SSH_PRIVATE_KEY variable to the agent store
-    - ssh-add <(echo "$DEPLOY_KEY")
-
-    # For Docker builds disable host key checking. Be aware that by adding that
-    # you are susceptible to man-in-the-middle attacks.
-    # WARNING: Use this only with the Docker executor, if you use it with shell
-    # you will overwrite your user's SSH config.
-    - mkdir -p ~/.ssh
-    - '[[ -f /.dockerenv ]] && echo -e "Host *\n\tStrictHostKeyChecking no\n\n" > ~/.ssh/config'
-    # In order to properly check the server's host key, assuming you created the
-    # SSH_SERVER_HOSTKEYS variable previously, uncomment the following two lines
-    # instead.
-    - mkdir -p ~/.ssh
-    - '[[ -f /.dockerenv ]] && echo "$SSH_SERVER_HOSTKEYS" > ~/.ssh/known_hosts'
-    - echo "merging from torgit"
-    - git config --global user.email "labadmin@oniongit.eu"
-    - git config --global user.name "gitadmin"
-    - "mkdir tor"
-    - "cd tor" 
-    - git clone --bare https://git.torproject.org/tor.git
-    - git push --mirror git@oniongit.eu:network/tor.git
--- a/.gitmodules
+++ b/.gitmodules
@ -1,3 +0,0 @@
-[submodule "src/ext/rust"]
-	path = src/ext/rust
-	url = https://git.torproject.org/tor-rust-dependencies
--- a/.travis.yml
+++ b/.travis.yml
@ -1,169 +0,0 @@
-language: c
-
-## Comment out the compiler list for now to allow an explicit build
-## matrix.
-# compiler:
-#   - gcc
-#   - clang
-
-notifications:
-  irc:
-    channels:
-      - "irc.oftc.net#tor-ci"
-    template:
-      - "%{repository} %{branch} %{commit} - %{author}: %{commit_subject}"
-      - "Build #%{build_number} %{result}. Details: %{build_url}"
-    on_success: change
-    on_failure: change
-  email:
-    on_success: never
-    on_failure: change
-
-os:
-  - linux
-  ## Uncomment the following line to also run the entire build matrix on OSX.
-  ## This will make your CI builds take roughly ten times longer to finish.
-  # - osx
-
-## Use the Ubuntu Trusty images.
-dist: trusty
-
-## We don't need sudo. (The "apt:" stanza after this allows us to not need sudo;
-## otherwise, we would need it for getting dependencies.)
-##
-## We override this in the explicit build matrix to work around a
-## Travis CI environment regression
-## https://github.com/travis-ci/travis-ci/issues/9033
-sudo: false
-
-## (Linux only) Download our dependencies
-addons:
-  apt:
-    packages:
-      ## Required dependencies
-      - libevent-dev
-      - libseccomp2
-      - zlib1g-dev
-      ## Optional dependencies
-      - liblzma-dev
-      - libscrypt-dev
-      ## zstd doesn't exist in Ubuntu Trusty
-      #- libzstd
-
-## The build matrix in the following two stanzas expands into four builds (per OS):
-##
-##  * with GCC, with Rust
-##  * with GCC, without Rust
-##  * with Clang, with Rust
-##  * with Clang, without Rust
-env:
-  global:
-    ## The Travis CI environment allows us two cores, so let's use both.
-    - MAKEFLAGS="-j 2"
-  matrix:
-    ## Leave at least one entry here or Travis seems to generate a
-    ## matrix entry with empty matrix environment variables.  Leaving
-    ## more than one entry causes unwanted matrix entries with
-    ## unspecified compilers.
-    - RUST_OPTIONS="--enable-rust --enable-cargo-online-mode"
-    # - RUST_OPTIONS="--enable-rust" TOR_RUST_DEPENDENCIES=true
-    # - RUST_OPTIONS=""
-
-matrix:
-  ## Uncomment to allow the build to report success (with non-required
-  ## sub-builds continuing to run) if all required sub-builds have
-  ## succeeded.  This is somewhat buggy currently: it can cause
-  ## duplicate notifications and prematurely report success if a
-  ## single sub-build has succeeded.  See
-  ## https://github.com/travis-ci/travis-ci/issues/1696
-  # fast_finish: true
-
-  ## Uncomment the appropriate lines below to allow the build to
-  ## report success even if some less-critical sub-builds fail and it
-  ## seems likely to take a while for someone to fix it.  Currently
-  ## Travis CI doesn't distinguish "all builds succeeded" from "some
-  ## non-required sub-builds failed" except on the individual build's
-  ## page, which makes it somewhat annoying to detect from the
-  ## branches and build history pages.  See
-  ## https://github.com/travis-ci/travis-ci/issues/8716
-  allow_failures:
-    # - env: RUST_OPTIONS="--enable-rust" TOR_RUST_DEPENDENCIES=true
-    # - env: RUST_OPTIONS="--enable-rust --enable-cargo-online-mode
-    # - compiler: clang
-
-  ## Create explicit matrix entries to work around a Travis CI
-  ## environment issue.  Missing keys inherit from the first list
-  ## entry under that key outside the "include" clause.
-  include:
-    - compiler: gcc
-    - compiler: gcc
-      env: RUST_OPTIONS="--enable-rust" TOR_RUST_DEPENDENCIES=true
-    - compiler: gcc
-      env: RUST_OPTIONS=""
-    - compiler: gcc
-      env: COVERAGE_OPTIONS="--enable-coverage"
-    - compiler: gcc
-      env: DISTCHECK="yes" RUST_OPTIONS=""
-    - compiler: gcc
-      env: DISTCHECK="yes" RUST_OPTIONS="--enable-rust --enable-cargo-online-mode"
-    - compiler: gcc
-      env: MODULES_OPTIONS="--disable-module-dirauth"
-    ## The "sudo: required" forces non-containerized builds, working
-    ## around a Travis CI environment issue: clang LeakAnalyzer fails
-    ## because it requires ptrace and the containerized environment no
-    ## longer allows ptrace.
-    - compiler: clang
-      sudo: required
-    - compiler: clang
-      sudo: required
-      env: RUST_OPTIONS="--enable-rust" TOR_RUST_DEPENDENCIES=true
-    - compiler: clang
-      sudo: required
-      env: RUST_OPTIONS=""
-    - compiler: clang
-      sudo: required
-      env: MODULES_OPTIONS="--disable-module-dirauth"
-
-before_install:
-  ## If we're on OSX, homebrew usually needs to updated first
-  - if [[ "$TRAVIS_OS_NAME" == "osx" ]]; then brew update ; fi
-  ## Download rustup
-  - if [[ "$RUST_OPTIONS" != "" ]]; then curl -Ssf -o rustup.sh https://sh.rustup.rs; fi
-  - if [[ "$COVERAGE_OPTIONS" != "" ]]; then pip install --user cpp-coveralls; fi
-
-install:
-  ## If we're on OSX use brew to install required dependencies (for Linux, see the "apt:" section above)
-  - if [[ "$TRAVIS_OS_NAME" == "osx" ]]; then { brew outdated openssl    || brew upgrade openssl;    }; fi
-  - if [[ "$TRAVIS_OS_NAME" == "osx" ]]; then { brew outdated libevent   || brew upgrade libevent;   }; fi
-  - if [[ "$TRAVIS_OS_NAME" == "osx" ]]; then { brew outdated pkg-config || brew upgrade pkg-config; }; fi
-  ## If we're on OSX also install the optional dependencies
-  - if [[ "$TRAVIS_OS_NAME" == "osx" ]]; then { brew outdated xz         || brew upgrade xz;         }; fi
-  - if [[ "$TRAVIS_OS_NAME" == "osx" ]]; then { brew outdated libscrypt  || brew upgrade libscrypt;  }; fi
-  - if [[ "$TRAVIS_OS_NAME" == "osx" ]]; then { brew outdated zstd       || brew upgrade zstd;       }; fi
-  ## Install the stable channels of rustc and cargo and setup our toolchain environment
-  - if [[ "$RUST_OPTIONS" != "" ]]; then sh rustup.sh -y --default-toolchain stable; fi
-  - if [[ "$RUST_OPTIONS" != "" ]]; then source $HOME/.cargo/env; fi
-  ## Get some info about rustc and cargo
-  - if [[ "$RUST_OPTIONS" != "" ]]; then which rustc; fi
-  - if [[ "$RUST_OPTIONS" != "" ]]; then which cargo; fi
-  - if [[ "$RUST_OPTIONS" != "" ]]; then rustc --version; fi
-  - if [[ "$RUST_OPTIONS" != "" ]]; then cargo --version; fi
-  ## If we're testing rust builds in offline-mode, then set up our vendored dependencies
-  - if [[ "$TOR_RUST_DEPENDENCIES" == "true" ]]; then export TOR_RUST_DEPENDENCIES=$PWD/src/ext/rust/crates; fi
-
-script:
-  - ./autogen.sh
-  - ./configure $RUST_OPTIONS $COVERAGE_OPTIONS $MODULES_OPTIONS --disable-asciidoc --enable-fatal-warnings --disable-silent-rules --enable-fragile-hardening
-  ## We run `make check` because that's what https://jenkins.torproject.org does.
-  - if [[ "$DISTCHECK" == "" ]]; then make check; fi
-  - if [[ "$DISTCHECK" != "" ]]; then make distcheck DISTCHECK_CONFIGURE_FLAGS="$RUST_OPTIONS $COVERAGE_OPTIONS --disable-asciidoc --enable-fatal-warnings --disable-silent-rules --enable-fragile-hardening"; fi
-
-after_failure:
-  ## `make check` will leave a log file with more details of test failures.
-  - if [[ "$DISTCHECK" == "" ]]; then cat test-suite.log; fi
-  ## `make distcheck` puts it somewhere different.
-  - if [[ "$DISTCHECK" != "" ]]; then make show-distdir-testlog; fi
-
-after_success:
-  ## If this build was one that produced coverage, upload it.
-  - if [[ "$COVERAGE_OPTIONS" != "" ]]; then coveralls -b . --exclude src/test --exclude src/trunnel --gcov-options '\-p'; fi
--- a/41
+++ b/41
@ -0,0 +1,41 @@
+                    This file lists the authors for Tor,
+        a free software project to provide anonymity on the Internet.
+
+       For more information about Tor, see https://www.torproject.org/.
+
+             If you got this file as a part of a larger bundle,
+        there are probably other authors that you should be aware of.
+
+Main authors:
+-------------
+
+Roger Dingledine <arma@freehaven.net> overhauled all of the code, did
+a bunch of new design work, etc.
+
+Nick Mathewson <nickm@freehaven.net> wrote lots of stuff too, in
+particular the router and descriptor parsing, and the crypto and tls
+wrappers.
+
+Matej Pfajfar <badbytes@freehaven.net> wrote the first version of the code
+(called OR) in 2001-2002.
+
+Contributors:
+-------------
+
+John Bashinski <jbash@velvet.com> contributed the initial rpm spec file.
+
+Christian Grothoff <grothoff@cs.purdue.edu> contributed better daemonizing
+behavior.
+
+Steven Hazel <sah@thalassocracy.org> made 'make install' do the right
+thing.
+
+Jason Holt <jason@lunkwill.org> contributed patches to the instructions
+and the man page.
+
+Peter Palfrader <peter@palfrader.org> maintains everything that's
+debian-specific, and has written other useful features.
+
+Aaron Turner <aturner@netscreen.com> contributed the first version of
+the tor.sh initscripts shell script.
+
--- a/39
+++ b/39
@ -1,39 +0,0 @@
-Contributing to Tor
-------------------
-
-### Getting started
-
-Welcome!
-
-We have a bunch of documentation about how to develop Tor in the
-doc/HACKING/ directory.  We recommend that you start with
-doc/HACKING/README.1st.md , and then go from there.  It will tell
-you how to find your way around the source code, how to get
-involved with the Tor community, how to write patches, and much
-more!
-
-You don't have to be a C developer to help with Tor: have a look
-at https://www.torproject.org/getinvolved/volunteer !
-
-The Tor Project is committed to fostering a inclusive community
-where people feel safe to engage, share their points of view, and
-participate. For the latest version of our Code of Conduct, please
-see
-
-https://gitweb.torproject.org/community/policies.git/plain/code_of_conduct.txt
-
-
-
-### License issues
-
-Tor is distributed under the license terms in the LICENSE -- in
-brief, the "3-clause BSD license".  If you send us code to
-distribute with Tor, it needs to be code that we can distribute
-under those terms.  Please don't send us patches unless you agree
-to allow this.
-
-Some compatible licenses include:
-
-  - 3-clause BSD
-  - 2-clause BSD
-  - CC0 Public Domain Dedication
--- a/21644
+++ b/21644
--- a/Doxyfile.in
+++ b/Doxyfile.in
@ -1,4 +1,5 @@
-# Doxyfile 1.5.6
+# $Id$
+# Doxyfile 1.5.1

 # This file describes the settings to be used by the documentation system
 # doxygen (www.doxygen.org) for a project
@ -14,14 +15,6 @@
 # Project related configuration options
 #---------------------------------------------------------------------------

-# This tag specifies the encoding used for all characters in the config file 
-# that follow. The default is UTF-8 which is also the encoding used for all 
-# text before the first occurrence of this tag. Doxygen uses libiconv (or the 
-# iconv built into libc) for the transcoding. See 
-# http://www.gnu.org/software/libiconv for the list of possible encodings.
-
-DOXYFILE_ENCODING      = UTF-8
-
 # The PROJECT_NAME tag is a single word (or a sequence of words surrounded 
 # by quotes) that should identify the project.

@ -38,7 +31,7 @@ PROJECT_NUMBER         = @VERSION@
 # If a relative path is entered, it will be relative to the location 
 # where doxygen was started. If left blank the current directory will be used.

-OUTPUT_DIRECTORY       = @top_builddir@/doc/doxygen
+OUTPUT_DIRECTORY       = ./doc/doxygen

 # If the CREATE_SUBDIRS tag is set to YES, then doxygen will create 
 # 4096 sub-directories (in 2 levels) under the output directory of each output 
@ -54,14 +47,23 @@ CREATE_SUBDIRS         = NO
 # information to generate all constant output in the proper language. 
 # The default language is English, other supported languages are: 
 # Afrikaans, Arabic, Brazilian, Catalan, Chinese, Chinese-Traditional, 
-# Croatian, Czech, Danish, Dutch, Farsi, Finnish, French, German, Greek, 
-# Hungarian, Italian, Japanese, Japanese-en (Japanese with English messages), 
-# Korean, Korean-en, Lithuanian, Norwegian, Macedonian, Persian, Polish, 
-# Portuguese, Romanian, Russian, Serbian, Slovak, Slovene, Spanish, Swedish, 
-# and Ukrainian.
+# Croatian, Czech, Danish, Dutch, Finnish, French, German, Greek, Hungarian, 
+# Italian, Japanese, Japanese-en (Japanese with English messages), Korean, 
+# Korean-en, Lithuanian, Norwegian, Polish, Portuguese, Romanian, Russian, 
+# Serbian, Slovak, Slovene, Spanish, Swedish, and Ukrainian.

 OUTPUT_LANGUAGE        = English

+# This tag can be used to specify the encoding used in the generated output. 
+# The encoding is not always determined by the language that is chosen, 
+# but also whether or not the output is meant for Windows or non-Windows users. 
+# In case there is a difference, setting the USE_WINDOWS_ENCODING tag to YES 
+# forces the Windows encoding (this is the default for the Windows binary), 
+# whereas setting the tag to NO uses a Unix-style encoding (the default for 
+# all platforms other than Windows).
+
+USE_WINDOWS_ENCODING   = NO
+
 # If the BRIEF_MEMBER_DESC tag is set to YES (the default) Doxygen will 
 # include brief member descriptions after the members that are listed in 
 # the file and class documentation (similar to JavaDoc). 
@ -134,19 +136,11 @@ SHORT_NAMES            = NO
 # If the JAVADOC_AUTOBRIEF tag is set to YES then Doxygen 
 # will interpret the first line (until the first dot) of a JavaDoc-style 
 # comment as the brief description. If set to NO, the JavaDoc 
-# comments will behave just like regular Qt-style comments 
-# (thus requiring an explicit @brief command for a brief description.)
+# comments will behave just like the Qt-style comments (thus requiring an 
+# explicit @brief command for a brief description.

 JAVADOC_AUTOBRIEF      = NO

-# If the QT_AUTOBRIEF tag is set to YES then Doxygen will 
-# interpret the first line (until the first dot) of a Qt-style 
-# comment as the brief description. If set to NO, the comments 
-# will behave just like regular Qt-style comments (thus requiring 
-# an explicit \brief command for a brief description.)
-
-QT_AUTOBRIEF           = NO
-
 # The MULTILINE_CPP_IS_BRIEF tag can be set to YES to make Doxygen 
 # treat a multi-line C++ special comment block (i.e. a block of //! or /// 
 # comments) as a brief description. This used to be the default behaviour. 
@ -160,7 +154,7 @@ MULTILINE_CPP_IS_BRIEF = NO
 # If set to NO, the detailed description appears after the member 
 # documentation.

-# DETAILS_AT_TOP         = NO
+DETAILS_AT_TOP         = NO

 # If the INHERIT_DOCS tag is set to YES (the default) then an undocumented 
 # member inherits the documentation from any documented member that it 
@ -196,26 +190,14 @@ ALIASES                =
 OPTIMIZE_OUTPUT_FOR_C  = YES

 # Set the OPTIMIZE_OUTPUT_JAVA tag to YES if your project consists of Java 
-# sources only. Doxygen will then generate output that is more tailored for 
-# Java. For instance, namespaces will be presented as packages, qualified 
-# scopes will look different, etc.
+# sources only. Doxygen will then generate output that is more tailored for Java. 
+# For instance, namespaces will be presented as packages, qualified scopes 
+# will look different, etc.

 OPTIMIZE_OUTPUT_JAVA   = NO

-# Set the OPTIMIZE_FOR_FORTRAN tag to YES if your project consists of Fortran 
-# sources only. Doxygen will then generate output that is more tailored for 
-# Fortran.
-
-OPTIMIZE_FOR_FORTRAN   = NO
-
-# Set the OPTIMIZE_OUTPUT_VHDL tag to YES if your project consists of VHDL 
-# sources. Doxygen will then generate output that is tailored for 
-# VHDL.
-
-OPTIMIZE_OUTPUT_VHDL   = NO
-
-# If you use STL classes (i.e. std::string, std::vector, etc.) but do not want 
-# to include (a tag file for) the STL sources as input, then you should 
+# If you use STL classes (i.e. std::string, std::vector, etc.) but do not want to 
+# include (a tag file for) the STL sources as input, then you should 
 # set this tag to YES in order to let doxygen match functions declarations and 
 # definitions whose arguments contain STL classes (e.g. func(std::string); v.s. 
 # func(std::string) {}). This also make the inheritance and collaboration 
@ -223,26 +205,6 @@ OPTIMIZE_OUTPUT_VHDL   = NO

 BUILTIN_STL_SUPPORT    = NO

-# If you use Microsoft's C++/CLI language, you should set this option to YES to
-# enable parsing support.
-
-CPP_CLI_SUPPORT        = NO
-
-# Set the SIP_SUPPORT tag to YES if your project consists of sip sources only. 
-# Doxygen will parse them like normal C++ but will assume all classes use public 
-# instead of private inheritance when no explicit protection keyword is present.
-
-SIP_SUPPORT            = NO
-
-# For Microsoft's IDL there are propget and propput attributes to indicate getter 
-# and setter methods for a property. Setting this option to YES (the default) 
-# will make doxygen to replace the get and set methods by a property in the 
-# documentation. This will only work if the methods are indeed getting or 
-# setting a simple type. If this is not the case, or you want to show the 
-# methods anyway, you should set this option to NO.
-
-IDL_PROPERTY_SUPPORT   = NO
-
 # If member grouping is used in the documentation and the DISTRIBUTE_GROUP_DOC 
 # tag is set to YES, then doxygen will reuse the documentation of the first 
 # member in the group (if any) for the other members of the group. By default 
@ -258,16 +220,6 @@ DISTRIBUTE_GROUP_DOC   = NO

 SUBGROUPING            = YES

-# When TYPEDEF_HIDES_STRUCT is enabled, a typedef of a struct, union, or enum 
-# is documented as struct, union, or enum with the name of the typedef. So 
-# typedef struct TypeS {} TypeT, will appear in the documentation as a struct 
-# with name TypeT. When disabled the typedef will appear as a member of a file, 
-# namespace, or class. And the struct will be named TypeS. This can typically 
-# be useful for C code in case the coding convention dictates that all compound 
-# types are typedef'ed and only the typedef is referenced, never the tag name.
-
-TYPEDEF_HIDES_STRUCT   = NO
-
 #---------------------------------------------------------------------------
 # Build related configuration options
 #---------------------------------------------------------------------------
@ -302,14 +254,6 @@ EXTRACT_LOCAL_CLASSES  = YES

 EXTRACT_LOCAL_METHODS  = NO

-# If this flag is set to YES, the members of anonymous namespaces will be 
-# extracted and appear in the documentation as a namespace called 
-# 'anonymous_namespace{file}', where file will be replaced with the base 
-# name of the file that contains the anonymous namespace. By default 
-# anonymous namespace are hidden.
-
-EXTRACT_ANON_NSPACES   = NO
-
 # If the HIDE_UNDOC_MEMBERS tag is set to YES, Doxygen will hide all 
 # undocumented members of documented classes, files or namespaces. 
 # If set to NO (the default) these members will be included in the 
@ -385,12 +329,6 @@ SORT_MEMBER_DOCS       = YES

 SORT_BRIEF_DOCS        = NO

-# If the SORT_GROUP_NAMES tag is set to YES then doxygen will sort the 
-# hierarchy of group names into alphabetical order. If set to NO (the default) 
-# the group names will appear in their defined order.
-
-SORT_GROUP_NAMES       = NO
-
 # If the SORT_BY_SCOPE_NAME tag is set to YES, the class list will be 
 # sorted by fully-qualified names, including namespaces. If set to 
 # NO (the default), the class list will be sorted only by class name, 
@ -446,21 +384,15 @@ MAX_INITIALIZER_LINES  = 30

 SHOW_USED_FILES        = YES

-# Set the SHOW_FILES tag to NO to disable the generation of the Files page.
-# This will remove the Files entry from the Quick Index and from the 
-# Folder Tree View (if specified). The default is YES.
+# If the sources in your project are distributed over multiple directories 
+# then setting the SHOW_DIRECTORIES tag to YES will show the directory hierarchy 
+# in the documentation. The default is NO.

-SHOW_FILES             = YES
-
-# Set the SHOW_NAMESPACES tag to NO to disable the generation of the 
-# Namespaces page.  This will remove the Namespaces entry from the Quick Index
-# and from the Folder Tree View (if specified). The default is YES.
-
-SHOW_NAMESPACES        = YES
+SHOW_DIRECTORIES       = NO

 # The FILE_VERSION_FILTER tag can be used to specify a program or script that 
-# doxygen should invoke to get the current version for each file (typically from 
-# the version control system). Doxygen will invoke the program by executing (via 
+# doxygen should invoke to get the current version for each file (typically from the 
+# version control system). Doxygen will invoke the program by executing (via 
 # popen()) the command <command> <input-file>, where <command> is the value of 
 # the FILE_VERSION_FILTER tag, and <input-file> is the name of an input file 
 # provided by doxygen. Whatever the program writes to standard output 
@ -528,23 +460,15 @@ WARN_LOGFILE           =
 # directories like "/usr/src/myproject". Separate the files or directories 
 # with spaces.

-INPUT                  = @top_srcdir@/src/common \
-                         @top_srcdir@/src/or
-
-# This tag can be used to specify the character encoding of the source files 
-# that doxygen parses. Internally doxygen uses the UTF-8 encoding, which is 
-# also the default input encoding. Doxygen uses libiconv (or the iconv built 
-# into libc) for the transcoding. See http://www.gnu.org/software/libiconv for 
-# the list of possible encodings.
-
-INPUT_ENCODING         = UTF-8
+INPUT                  = src/common \
+                         src/or

 # If the value of the INPUT tag contains directories, you can use the 
 # FILE_PATTERNS tag to specify one or more wildcard pattern (like *.cpp 
 # and *.h) to filter out the source-files in the directories. If left 
 # blank the following patterns are tested: 
 # *.c *.cc *.cxx *.cpp *.c++ *.java *.ii *.ixx *.ipp *.i++ *.inl *.h *.hh *.hxx 
-# *.hpp *.h++ *.idl *.odl *.cs *.php *.php3 *.inc *.m *.mm *.py *.f90
+# *.hpp *.h++ *.idl *.odl *.cs *.php *.php3 *.inc *.m *.mm *.py

 FILE_PATTERNS          = *.c \
                         *.h
@ -575,14 +499,6 @@ EXCLUDE_SYMLINKS       = NO

 EXCLUDE_PATTERNS       = 

-# The EXCLUDE_SYMBOLS tag can be used to specify one or more symbol names 
-# (namespaces, classes, functions, etc.) that should be excluded from the 
-# output. The symbol name can be a fully qualified name, a word, or if the 
-# wildcard * is used, a substring. Examples: ANamespace, AClass, 
-# AClass::ANamespace, ANamespace::*Test
-
-EXCLUDE_SYMBOLS        = 
-
 # The EXAMPLE_PATH tag can be used to specify one or more files or 
 # directories that contain example code fragments that are included (see 
 # the \include command).
@ -643,7 +559,7 @@ FILTER_SOURCE_FILES    = NO
 # Note: To get rid of all source code in the generated output, make sure also 
 # VERBATIM_HEADERS is set to NO.

-SOURCE_BROWSER         = YES
+SOURCE_BROWSER         = NO

 # Setting the INLINE_SOURCES tag to YES will include the body 
 # of functions and classes directly in the documentation.
@ -656,13 +572,13 @@ INLINE_SOURCES         = NO

 STRIP_CODE_COMMENTS    = YES

-# If the REFERENCED_BY_RELATION tag is set to YES 
+# If the REFERENCED_BY_RELATION tag is set to YES (the default) 
 # then for each documented function all documented 
 # functions referencing it will be listed.

 REFERENCED_BY_RELATION = YES

-# If the REFERENCES_RELATION tag is set to YES 
+# If the REFERENCES_RELATION tag is set to YES (the default) 
 # then for each documented function all documented entities 
 # called/used by that function will be listed.

@ -754,46 +670,19 @@ HTML_FOOTER            =

 HTML_STYLESHEET        = 

+# If the HTML_ALIGN_MEMBERS tag is set to YES, the members of classes, 
+# files or namespaces will be aligned in HTML using tables. If set to 
+# NO a bullet list will be used.
+
+HTML_ALIGN_MEMBERS     = YES
+
 # If the GENERATE_HTMLHELP tag is set to YES, additional index files 
 # will be generated that can be used as input for tools like the 
-# Microsoft HTML help workshop to generate a compiled HTML help file (.chm) 
+# Microsoft HTML help workshop to generate a compressed HTML help file (.chm) 
 # of the generated HTML documentation.

 GENERATE_HTMLHELP      = NO

-# If the GENERATE_DOCSET tag is set to YES, additional index files 
-# will be generated that can be used as input for Apple's Xcode 3 
-# integrated development environment, introduced with OSX 10.5 (Leopard). 
-# To create a documentation set, doxygen will generate a Makefile in the 
-# HTML output directory. Running make will produce the docset in that 
-# directory and running "make install" will install the docset in 
-# ~/Library/Developer/Shared/Documentation/DocSets so that Xcode will find 
-# it at startup.
-
-GENERATE_DOCSET        = NO
-
-# When GENERATE_DOCSET tag is set to YES, this tag determines the name of the 
-# feed. A documentation feed provides an umbrella under which multiple 
-# documentation sets from a single provider (such as a company or product suite) 
-# can be grouped.
-
-DOCSET_FEEDNAME        = "Doxygen generated docs for Tor"
-
-# When GENERATE_DOCSET tag is set to YES, this tag specifies a string that 
-# should uniquely identify the documentation set bundle. This should be a 
-# reverse domain-name style string, e.g. com.mycompany.MyDocSet. Doxygen 
-# will append .docset to the name.
-
-DOCSET_BUNDLE_ID       = org.torproject.Tor
-
-# If the HTML_DYNAMIC_SECTIONS tag is set to YES then the generated HTML 
-# documentation will contain sections that can be hidden and shown after the 
-# page has loaded. For this to work a browser that supports 
-# JavaScript and DHTML is required (for instance Mozilla 1.0+, Firefox 
-# Netscape 6.0+, Internet explorer 5.0+, Konqueror, or Safari).
-
-HTML_DYNAMIC_SECTIONS  = NO
-
 # If the GENERATE_HTMLHELP tag is set to YES, the CHM_FILE tag can 
 # be used to specify the file name of the resulting .chm file. You 
 # can add a path in front of the file if the result should not be 
@ -814,12 +703,6 @@ HHC_LOCATION           =

 GENERATE_CHI           = NO

-# If the GENERATE_HTMLHELP tag is set to YES, the CHM_INDEX_ENCODING
-# is used to encode HtmlHelp index (hhk), content (hhc) and project file
-# content.
-
-CHM_INDEX_ENCODING     = 
-
 # If the GENERATE_HTMLHELP tag is set to YES, the BINARY_TOC flag 
 # controls whether a binary table of contents is generated (YES) or a 
 # normal table of contents (NO) in the .chm file.
@ -842,20 +725,12 @@ DISABLE_INDEX          = NO

 ENUM_VALUES_PER_LINE   = 4

-# The GENERATE_TREEVIEW tag is used to specify whether a tree-like index
-# structure should be generated to display hierarchical information.
-# If the tag value is set to FRAME, a side panel will be generated
-# containing a tree-like index structure (just like the one that 
+# If the GENERATE_TREEVIEW tag is set to YES, a side panel will be
+# generated containing a tree-like index structure (just like the one that 
 # is generated for HTML Help). For this to work a browser that supports 
 # JavaScript, DHTML, CSS and frames is required (for instance Mozilla 1.0+, 
 # Netscape 6.0+, Internet explorer 5.0+, or Konqueror). Windows users are 
-# probably better off using the HTML help feature. Other possible values 
-# for this tag are: HIERARCHIES, which will generate the Groups, Directories,
-# and Class Hiererachy pages using a tree view instead of an ordered list;
-# ALL, which combines the behavior of FRAME and HIERARCHIES; and NONE, which
-# disables this behavior completely. For backwards compatibility with previous
-# releases of Doxygen, the values YES and NO are equivalent to FRAME and NONE
-# respectively.
+# probably better off using the HTML help feature.

 GENERATE_TREEVIEW      = NO

@ -865,14 +740,6 @@ GENERATE_TREEVIEW      = NO

 TREEVIEW_WIDTH         = 250

-# Use this tag to change the font size of Latex formulas included 
-# as images in the HTML documentation. The default is 10. Note that 
-# when you change the font size after a successful doxygen run you need 
-# to manually remove any form_*.png images from the HTML output directory 
-# to force them to be regenerated.
-
-FORMULA_FONTSIZE       = 10
-
 #---------------------------------------------------------------------------
 # configuration options related to the LaTeX output
 #---------------------------------------------------------------------------
@ -1035,6 +902,18 @@ GENERATE_XML           = NO

 XML_OUTPUT             = xml

+# The XML_SCHEMA tag can be used to specify an XML schema, 
+# which can be used by a validating XML parser to check the 
+# syntax of the XML files.
+
+XML_SCHEMA             = 
+
+# The XML_DTD tag can be used to specify an XML DTD, 
+# which can be used by a validating XML parser to check the 
+# syntax of the XML files.
+
+XML_DTD                = 
+
 # If the XML_PROGRAMLISTING tag is set to YES Doxygen will 
 # dump the program listings (including syntax highlighting 
 # and cross-referencing information) to the XML output. Note that 
@ -1209,15 +1088,6 @@ PERL_PATH              = /usr/bin/perl

 CLASS_DIAGRAMS         = YES

-# You can define message sequence charts within doxygen comments using the \msc 
-# command. Doxygen will then run the mscgen tool (see 
-# http://www.mcternan.me.uk/mscgen/) to produce the chart and insert it in the 
-# documentation. The MSCGEN_PATH tag allows you to specify the directory where 
-# the mscgen tool resides. If left empty the tool is assumed to be found in the 
-# default search path.
-
-MSCGEN_PATH            = 
-
 # If set to YES, the inheritance and collaboration graphs will hide 
 # inheritance and usage relations if the target is undocumented 
 # or is not a class.
@ -1231,24 +1101,6 @@ HIDE_UNDOC_RELATIONS   = YES

 HAVE_DOT               = NO

-# By default doxygen will write a font called FreeSans.ttf to the output 
-# directory and reference it in all dot files that doxygen generates. This 
-# font does not include all possible unicode characters however, so when you need 
-# these (or just want a differently looking font) you can specify the font name 
-# using DOT_FONTNAME. You need need to make sure dot is able to find the font, 
-# which can be done by putting it in a standard location or by setting the 
-# DOTFONTPATH environment variable or by setting DOT_FONTPATH to the directory 
-# containing the font.
-
-DOT_FONTNAME           =
-
-# By default doxygen will tell dot to use the output directory to look for the 
-# FreeSans.ttf font (which doxygen will put there itself). If you specify a 
-# different font using DOT_FONTNAME you can set the path where dot 
-# can find it using this tag.
-
-DOT_FONTPATH           = 
-
 # If the CLASS_GRAPH and HAVE_DOT tags are set to YES then doxygen 
 # will generate a graph for each documented class showing the direct and 
 # indirect inheritance relations. Setting this tag to YES will force the 
@ -1293,19 +1145,19 @@ INCLUDE_GRAPH          = YES

 INCLUDED_BY_GRAPH      = YES

-# If the CALL_GRAPH and HAVE_DOT options are set to YES then 
-# doxygen will generate a call dependency graph for every global function 
-# or class method. Note that enabling this option will significantly increase 
-# the time of a run. So in most cases it will be better to enable call graphs 
-# for selected functions only using the \callgraph command.
+# If the CALL_GRAPH and HAVE_DOT tags are set to YES then doxygen will 
+# generate a call dependency graph for every global function or class method. 
+# Note that enabling this option will significantly increase the time of a run. 
+# So in most cases it will be better to enable call graphs for selected 
+# functions only using the \callgraph command.

 CALL_GRAPH             = NO

-# If the CALLER_GRAPH and HAVE_DOT tags are set to YES then 
-# doxygen will generate a caller dependency graph for every global function 
-# or class method. Note that enabling this option will significantly increase 
-# the time of a run. So in most cases it will be better to enable caller 
-# graphs for selected functions only using the \callergraph command.
+# If the CALLER_GRAPH and HAVE_DOT tags are set to YES then doxygen will 
+# generate a caller dependency graph for every global function or class method. 
+# Note that enabling this option will significantly increase the time of a run. 
+# So in most cases it will be better to enable caller graphs for selected 
+# functions only using the \callergraph command.

 CALLER_GRAPH           = NO

@ -1338,31 +1190,39 @@ DOT_PATH               =

 DOTFILE_DIRS           = 

-# The DOT_GRAPH_MAX_NODES tag can be used to set the maximum number of 
-# nodes that will be shown in the graph. If the number of nodes in a graph 
-# becomes larger than this value, doxygen will truncate the graph, which is 
-# visualized by representing a node as a red box. Note that doxygen if the 
-# number of direct children of the root node in a graph is already larger than 
-# DOT_GRAPH_MAX_NODES then the graph will not be shown at all. Also note 
-# that the size of a graph can be further restricted by MAX_DOT_GRAPH_DEPTH.
+# The MAX_DOT_GRAPH_WIDTH tag can be used to set the maximum allowed width 
+# (in pixels) of the graphs generated by dot. If a graph becomes larger than 
+# this value, doxygen will try to truncate the graph, so that it fits within 
+# the specified constraint. Beware that most browsers cannot cope with very 
+# large images.

-DOT_GRAPH_MAX_NODES    = 50
+MAX_DOT_GRAPH_WIDTH    = 1024
+
+# The MAX_DOT_GRAPH_HEIGHT tag can be used to set the maximum allows height 
+# (in pixels) of the graphs generated by dot. If a graph becomes larger than 
+# this value, doxygen will try to truncate the graph, so that it fits within 
+# the specified constraint. Beware that most browsers cannot cope with very 
+# large images.
+
+MAX_DOT_GRAPH_HEIGHT   = 1024

 # The MAX_DOT_GRAPH_DEPTH tag can be used to set the maximum depth of the 
 # graphs generated by dot. A depth value of 3 means that only nodes reachable 
 # from the root by following a path via at most 3 edges will be shown. Nodes 
 # that lay further from the root node will be omitted. Note that setting this 
 # option to 1 or 2 may greatly reduce the computation time needed for large 
-# code bases. Also note that the size of a graph can be further restricted by 
-# DOT_GRAPH_MAX_NODES. Using a depth of 0 means no depth restriction.
+# code bases. Also note that a graph may be further truncated if the graph's 
+# image dimensions are not sufficient to fit the graph (see MAX_DOT_GRAPH_WIDTH 
+# and MAX_DOT_GRAPH_HEIGHT). If 0 is used for the depth value (the default), 
+# the graph is not depth-constrained.

 MAX_DOT_GRAPH_DEPTH    = 0

 # Set the DOT_TRANSPARENT tag to YES to generate images with a transparent 
-# background. This is enabled by default, which results in a transparent 
-# background. Warning: Depending on the platform used, enabling this option 
-# may lead to badly anti-aliased labels on the edges of a graph (i.e. they 
-# become hard to read).
+# background. This is disabled by default, which results in a white background. 
+# Warning: Depending on the platform used, enabling this option may lead to 
+# badly anti-aliased labels on the edges of a graph (i.e. they become hard to 
+# read).

 DOT_TRANSPARENT        = NO

--- a/31
+++ b/31
@ -3,7 +3,7 @@ Most users who realize that INSTALL files still exist should simply
 follow the directions at
 https://www.torproject.org/docs/tor-doc-unix

-If you got the source from git, run "./autogen.sh", which will
+If you got the source from Subversion, run "./autogen.sh", which will
 run the various auto* programs. Then you can run ./configure, and
 refer to the above instructions.

@ -21,32 +21,5 @@ If it doesn't build for you:
  For example, "setenv LD_LIBRARY_PATH /usr/athena/lib".

  Lastly, check out
-  https://www.torproject.org/docs/faq#DoesntWork
-
-How to do static builds of tor:
-
-Tor supports linking each of the libraries it needs statically. Use the
--enable-static-X ./configure option in conjunction with the --with-X-dir
-option for libevent, zlib, and openssl. For this to work sanely, libevent
-should be built with --disable-shared --enable-static --with-pic, and
-OpenSSL should be built with no-shared no-dso.
-
-If you need to build tor so that system libraries are also statically linked,
-use the --enable-static-tor ./configure option. This won't work on OS X
-unless you build the required crt0.o yourself. It is also incompatible with
-the --enable-gcc-hardening option.
-
-An example of how to build a mostly static tor:
-./configure --enable-static-libevent \
-            --enable-static-openssl  \
-            --enable-static-zlib     \
-            --with-libevent-dir=/tmp/static-tor/libevent-1.4.14b-stable \
-            --with-openssl-dir=/tmp/static-tor/openssl-0.9.8r/ \
-            --with-zlib-dir=/tmp/static-tor/zlib-1.2.5
-
-An example of how to build an entirely static tor:
-./configure --enable-static-tor \
-            --with-libevent-dir=/tmp/static-tor/libevent-1.4.14b-stable \
-            --with-openssl-dir=/tmp/static-tor/openssl-0.9.8r/ \
-            --with-zlib-dir=/tmp/static-tor/zlib-1.2.5
+  http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#ItDoesntWork

--- a/314
+++ b/314
@ -8,12 +8,13 @@
             If you got this file as a part of a larger bundle,
        there may be other license terms that you should be aware of.

+
 ===============================================================================
 Tor is distributed under this license:

 Copyright (c) 2001-2004, Roger Dingledine
 Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson
-Copyright (c) 2007-2017, The Tor Project, Inc.
+Copyright (c) 2007-2008, The Tor Project, Inc.

 Redistribution and use in source and binary forms, with or without
 modification, are permitted provided that the following conditions are
@ -43,7 +44,7 @@ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
 (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
 OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 ===============================================================================
-src/ext/strlcat.c and src/ext/strlcpy.c by Todd C. Miller are licensed
+src/common/strlcat.c and src/common/strlcpy.c by Todd C. Miller are licensed
 under the following license:

 * Copyright (c) 1998 Todd C. Miller <Todd.Miller@courtesan.com>
@ -70,312 +71,15 @@ under the following license:
 * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
 * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-===============================================================================
-src/ext/tor_queue.h is licensed under the following license:
-
- * Copyright (c) 1991, 1993
- *      The Regents of the University of California.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. Neither the name of the University nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
-
-===============================================================================
-src/ext/csiphash.c is licensed under the following license:
-
- Copyright (c) 2013  Marek Majkowski <marek@popcount.org>
-
- Permission is hereby granted, free of charge, to any person obtaining a copy
- of this software and associated documentation files (the "Software"), to deal
- in the Software without restriction, including without limitation the rights
- to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
- copies of the Software, and to permit persons to whom the Software is
- furnished to do so, subject to the following conditions:
-
- The above copyright notice and this permission notice shall be included in
- all copies or substantial portions of the Software.
-
- THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
- IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
- FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
- AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
- LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
- THE SOFTWARE.
-===============================================================================
-Trunnel is distributed under this license:
-
-Copyright 2014  The Tor Project, Inc.
-
-Redistribution and use in source and binary forms, with or without
-modification, are permitted provided that the following conditions are
-met:
-
-    * Redistributions of source code must retain the above copyright
-notice, this list of conditions and the following disclaimer.
-
-    * Redistributions in binary form must reproduce the above
-copyright notice, this list of conditions and the following disclaimer
-in the documentation and/or other materials provided with the
-distribution.
-
-    * Neither the names of the copyright owners nor the names of its
-contributors may be used to endorse or promote products derived from
-this software without specific prior written permission.
-
-THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
-A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
-OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
-LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
-THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
-OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-
-===============================================================================
-src/config/geoip is licensed under the following license:
-
-OPEN DATA LICENSE (GeoLite Country and GeoLite City databases)
-
-Copyright (c) 2008 MaxMind, Inc.  All Rights Reserved.
-
-All advertising materials and documentation mentioning features or use of
-this database must display the following acknowledgment:
-"This product includes GeoLite data created by MaxMind, available from
-http://maxmind.com/"
-
-Redistribution and use with or without modification, are permitted provided
-that the following conditions are met:
-1. Redistributions must retain the above copyright notice, this list of
-conditions and the following disclaimer in the documentation and/or other
-materials provided with the distribution.
-2. All advertising materials and documentation mentioning features or use of
-this database must display the following acknowledgement:
-"This product includes GeoLite data created by MaxMind, available from
-http://maxmind.com/"
-3. "MaxMind" may not be used to endorse or promote products derived from this
-database without specific prior written permission.
-
-THIS DATABASE IS PROVIDED BY MAXMIND, INC ``AS IS'' AND ANY
-EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
-WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
-DISCLAIMED. IN NO EVENT SHALL MAXMIND BE LIABLE FOR ANY
-DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
-(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
-LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
-ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
-DATABASE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-===============================================================================
-m4/pc_from_ucontext.m4 is available under the following license.  Note that
-it is *not* built into the Tor software.
-
-Copyright (c) 2005, Google Inc.
-All rights reserved.
-
-Redistribution and use in source and binary forms, with or without
-modification, are permitted provided that the following conditions are
-met:
-
-    * Redistributions of source code must retain the above copyright
-notice, this list of conditions and the following disclaimer.
-    * Redistributions in binary form must reproduce the above
-copyright notice, this list of conditions and the following disclaimer
-in the documentation and/or other materials provided with the
-distribution.
-    * Neither the name of Google Inc. nor the names of its
-contributors may be used to endorse or promote products derived from
-this software without specific prior written permission.
-
-THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
-A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
-OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
-LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
-THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
-OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-
-===============================================================================
-m4/pkg.m4 is available under the following license.  Note that
-it is *not* built into the Tor software.
-
-pkg.m4 - Macros to locate and utilise pkg-config.            -*- Autoconf -*-
-serial 1 (pkg-config-0.24)
-
-Copyright © 2004 Scott James Remnant <scott@netsplit.com>.
-
-This program is free software; you can redistribute it and/or modify
-it under the terms of the GNU General Public License as published by
-the Free Software Foundation; either version 2 of the License, or
-(at your option) any later version.
-
-This program is distributed in the hope that it will be useful, but
-WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-General Public License for more details.
-
-You should have received a copy of the GNU General Public License
-along with this program; if not, write to the Free Software
-Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
-
-As a special exception to the GNU General Public License, if you
-distribute this file as part of a program that contains a
-configuration script generated by Autoconf, you may include it under
-the same distribution terms that you use for the rest of that program.
-===============================================================================
-src/ext/readpassphrase.[ch] are distributed under this license:
-
-  Copyright (c) 2000-2002, 2007 Todd C. Miller <Todd.Miller@courtesan.com>
-
-  Permission to use, copy, modify, and distribute this software for any
-  purpose with or without fee is hereby granted, provided that the above
-  copyright notice and this permission notice appear in all copies.
-
-  THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
-  WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
-  MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
-  ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
-  WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
-  ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
-  OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-
-  Sponsored in part by the Defense Advanced Research Projects
-  Agency (DARPA) and Air Force Research Laboratory, Air Force
-  Materiel Command, USAF, under agreement number F39502-99-1-0512.
-
-===============================================================================
-src/ext/mulodi4.c is distributed under this license:
-
-     =========================================================================
-     compiler_rt License
-     =========================================================================
-
-     The compiler_rt library is dual licensed under both the
-     University of Illinois "BSD-Like" license and the MIT license.
-     As a user of this code you may choose to use it under either
-     license.  As a contributor, you agree to allow your code to be
-     used under both.
-
-     Full text of the relevant licenses is included below.
-
-     =========================================================================
-
-     University of Illinois/NCSA
-     Open Source License
-
-     Copyright (c) 2009-2016 by the contributors listed in CREDITS.TXT
-
-     All rights reserved.
-
-     Developed by:
-
-         LLVM Team
-
-         University of Illinois at Urbana-Champaign
-
-         http://llvm.org
-
-     Permission is hereby granted, free of charge, to any person
-     obtaining a copy of this software and associated documentation
-     files (the "Software"), to deal with the Software without
-     restriction, including without limitation the rights to use,
-     copy, modify, merge, publish, distribute, sublicense, and/or sell
-     copies of the Software, and to permit persons to whom the
-     Software is furnished to do so, subject to the following
-     conditions:
-
-         * Redistributions of source code must retain the above
-           copyright notice, this list of conditions and the following
-           disclaimers.
-
-         * Redistributions in binary form must reproduce the above
-           copyright notice, this list of conditions and the following
-           disclaimers in the documentation and/or other materials
-           provided with the distribution.
-
-         * Neither the names of the LLVM Team, University of Illinois
-           at Urbana-Champaign, nor the names of its contributors may
-           be used to endorse or promote products derived from this
-           Software without specific prior written permission.
-
-     THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
-     EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES
-     OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
-     NONINFRINGEMENT.  IN NO EVENT SHALL THE CONTRIBUTORS OR COPYRIGHT
-     HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
-     WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
-     FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
-     OTHER DEALINGS WITH THE SOFTWARE.
-
-     =========================================================================
-
-     Copyright (c) 2009-2015 by the contributors listed in CREDITS.TXT
-
-     Permission is hereby granted, free of charge, to any person
-     obtaining a copy of this software and associated documentation
-     files (the "Software"), to deal in the Software without
-     restriction, including without limitation the rights to use,
-     copy, modify, merge, publish, distribute, sublicense, and/or sell
-     copies of the Software, and to permit persons to whom the
-     Software is furnished to do so, subject to the following
-     conditions:
-
-     The above copyright notice and this permission notice shall be
-     included in all copies or substantial portions of the Software.
-
-     THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
-     EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES
-     OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
-     NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
-     HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
-     WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
-     FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
-     OTHER DEALINGS IN THE SOFTWARE.
-
-     =========================================================================
-     Copyrights and Licenses for Third Party Software Distributed with LLVM:
-     =========================================================================
-
-     The LLVM software contains code written by third parties.  Such
-     software will have its own individual LICENSE.TXT file in the
-     directory in which it appears.  This file will describe the
-     copyrights, license, and restrictions which apply to that code.
-
-     The disclaimer of warranty in the University of Illinois Open
-     Source License applies to all code in the LLVM Distribution, and
-     nothing in any of the other licenses gives permission to use the
-     names of the LLVM Team or the University of Illinois to endorse
-     or promote products derived from this Software.

 ===============================================================================
 If you got Tor as a static binary with OpenSSL included, then you should know:
 "This product includes software developed by the OpenSSL Project
 for use in the OpenSSL Toolkit (http://www.openssl.org/)"
 ===============================================================================
+"This program uses the IP-to-Country Database provided by
+WebHosting.Info (http://www.webhosting.info), available from
+http://ip-to-country.webhosting.info."
+See the src/config/geoip file in particular.
+===============================================================================
+
--- a/Makefile.am
+++ b/Makefile.am
@ -1,285 +1,79 @@
+# $Id$
 # Copyright (c) 2001-2004, Roger Dingledine
 # Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson
-# Copyright (c) 2007-2017, The Tor Project, Inc.
+# Copyright (c) 2007-2008, The Tor Project, Inc.
 # See LICENSE for licensing information

-ACLOCAL_AMFLAGS = -I m4
+AUTOMAKE_OPTIONS = foreign
+ # else it keeps trying to put COPYING back in

-noinst_LIBRARIES=
-EXTRA_DIST=
-noinst_HEADERS=
-bin_PROGRAMS=
-EXTRA_PROGRAMS=
-CLEANFILES=
-TESTS=
-noinst_PROGRAMS=
-DISTCLEANFILES=
-bin_SCRIPTS=
-AM_CPPFLAGS=
-AM_CFLAGS=@TOR_SYSTEMD_CFLAGS@ @CFLAGS_BUGTRAP@ @TOR_LZMA_CFLAGS@ @TOR_ZSTD_CFLAGS@
-SHELL=@SHELL@
+SUBDIRS = src doc contrib

-if COVERAGE_ENABLED
-TESTING_TOR_BINARY=$(top_builddir)/src/or/tor-cov$(EXEEXT)
-else
-TESTING_TOR_BINARY=$(top_builddir)/src/or/tor$(EXEEXT)
-endif
+DIST_SUBDIRS = src doc contrib

-if USE_RUST
-rust_ldadd=$(top_builddir)/src/rust/target/release/@TOR_RUST_STATIC_NAME@ \
-	@TOR_RUST_EXTRA_LIBS@
-else
-rust_ldadd=
-endif
-
-include src/include.am
-include doc/include.am
-include contrib/include.am
-
-EXTRA_DIST+= \
-	ChangeLog					\
-	CONTRIBUTING					\
-	INSTALL						\
-	LICENSE						\
-	Makefile.nmake					\
-	README						\
-	ReleaseNotes					\
-	scripts/maint/checkSpace.pl
-
-## This tells etags how to find mockable function definitions.
-AM_ETAGSFLAGS=--regex='{c}/MOCK_IMPL([^,]+,\W*\([a-zA-Z0-9_]+\)\W*,/\1/s'
-
-if COVERAGE_ENABLED
-TEST_CFLAGS=-fno-inline -fprofile-arcs -ftest-coverage
-if DISABLE_ASSERTS_IN_UNIT_TESTS
-TEST_CPPFLAGS=-DTOR_UNIT_TESTS -DTOR_COVERAGE -DDISABLE_ASSERTS_IN_UNIT_TESTS @TOR_MODULES_ALL_ENABLED@
-else
-TEST_CPPFLAGS=-DTOR_UNIT_TESTS -DTOR_COVERAGE @TOR_MODULES_ALL_ENABLED@
-endif
-TEST_NETWORK_FLAGS=--coverage --hs-multi-client 1
-else
-TEST_CFLAGS=
-TEST_CPPFLAGS=-DTOR_UNIT_TESTS @TOR_MODULES_ALL_ENABLED@
-TEST_NETWORK_FLAGS=--hs-multi-client 1
-endif
-TEST_NETWORK_WARNING_FLAGS=--quiet --only-warnings
-
-if LIBFUZZER_ENABLED
-TEST_CFLAGS += -fsanitize-coverage=trace-pc-guard,trace-cmp,trace-div
-# not "edge"
-endif
-
-TEST_NETWORK_ALL_LOG_DIR=$(top_builddir)/test_network_log
-TEST_NETWORK_ALL_DRIVER_FLAGS=--color-tests yes
+EXTRA_DIST = INSTALL README AUTHORS LICENSE ChangeLog          \
+             ReleaseNotes tor.spec tor.spec.in

 #install-data-local:
 #	$(INSTALL) -m 755 -d $(LOCALSTATEDIR)/lib/tor

-# Allows to override rpmbuild with rpmbuild-md5 from fedora-packager so that
-# building for EL5 won't fail on https://bugzilla.redhat.com/show_bug.cgi?id=490613
-RPMBUILD ?= rpmbuild
+# Assume a tarball is in .. for now.
+dist-rpm: 
+	RPM_BUILD_DIR="/tmp/tor-rpm-build-$$$$";                \
+	rm -rf $$RPM_BUILD_DIR;                                 \
+	mkdir $$RPM_BUILD_DIR || exit 1;                        \
+	for subdir in BUILD RPMS SOURCES SPECS SRPMS; do        \
+	    mkdir $$RPM_BUILD_DIR/$$subdir;                     \
+	done;                                                   \
+	mkdir $$RPM_BUILD_DIR/SOURCES/tor-$(VERSION);           \
+    cp -R ./ $$RPM_BUILD_DIR/SOURCES/tor-$(VERSION)/;       \
+    pushd $$RPM_BUILD_DIR/SOURCES/;                         \
+    tar zcf tor-$(VERSION).tar.gz ./;                       \
+    popd;                                                   \
+    LIBS=-lrt rpmbuild -ba --define "_topdir $$RPM_BUILD_DIR" tor.spec; \
+    mv $$RPM_BUILD_DIR/SRPMS/* .;                           \
+    mv $$RPM_BUILD_DIR/RPMS/* .;                            \
+    rm -rf $$RPM_BUILD_DIR

-# Use automake's dist-gzip target to build the tarball
-dist-rpm: dist-gzip
-	TIMESTAMP=$$(date +"%Y-%m-%d_%H.%M.%S"); 				\
-	RPM_BUILD_DIR=$$(mktemp -d "/tmp/tor-rpm-build-$$TIMESTAMP-XXXX");	\
-	mkdir -p "$$RPM_BUILD_DIR"/{BUILD,RPMS,SOURCES/"tor-$(VERSION)",SPECS,SRPMS}; \
-	cp -fa "$(distdir).tar.gz" "$$RPM_BUILD_DIR"/SOURCES/;			\
-	LIBS=-lrt $(RPMBUILD) -ba --define "_topdir $$RPM_BUILD_DIR" tor.spec; 	\
-	cp -fa "$$RPM_BUILD_DIR"/SRPMS/* .;                           		\
-	cp -fa "$$RPM_BUILD_DIR"/RPMS/* .;                            		\
-	rm -rf "$$RPM_BUILD_DIR";						\
-	echo "RPM build finished";						\
-	#end of dist-rpm
+
+dist-osx:
+	@if [ "x$(prefix)" != 'x/Library/Tor' ]; then \
+	  echo "Configure with --prefix=/Library/Tor, please"; \
+	  exit 1; \
+	fi; \
+	if [ "x$(bindir)" != 'x/Library/Tor' ]; then \
+	  echo "Configure with --bindir=/Library/Tor, please"; \
+	  exit 1; \
+	fi; \
+	if [ "x$(sysconfdir)" != 'x/Library' ]; then \
+	  echo "Configure with --sysconfdir=/Library, please"; \
+	  exit 1; \
+	fi; \
+	if [ "x$(CONFDIR)" != 'x/Library/Tor' ]; then \
+	  echo "Configure with CONFDIR=/Library/Tor, please"; \
+	fi
+	$(MAKE) all
+	VERSION=$(VERSION) sh ./contrib/osx/package.sh

 doxygen:
 	doxygen && cd doc/doxygen/latex && make

-test: all
-	$(top_builddir)/src/test/test
+test:
+	./src/or/test

-check-local: check-spaces check-changes
+dist: check

-need-chutney-path:
-	@if test ! -d "$$CHUTNEY_PATH"; then \
-		echo '$$CHUTNEY_PATH was not set.'; \
-		if test -d $(top_srcdir)/../chutney -a -x $(top_srcdir)/../chutney/chutney; then \
-			echo "Assuming test-network.sh will find" $(top_srcdir)/../chutney; \
-		else \
-			echo; \
-			echo "To run these tests, git clone https://git.torproject.org/chutney.git ; export CHUTNEY_PATH=\`pwd\`/chutney"; \
-			exit 1; \
-		fi \
-	fi
-
-# Note that test-network requires a copy of Chutney in $CHUTNEY_PATH.
-# Chutney can be cloned from https://git.torproject.org/chutney.git .
-test-network: need-chutney-path $(TESTING_TOR_BINARY) src/tools/tor-gencert
-	$(top_srcdir)/src/test/test-network.sh $(TEST_NETWORK_FLAGS)
-
-# Run all available tests using automake's test-driver
-# only run IPv6 tests if we can ping6 ::1 (localhost)
-# only run IPv6 tests if we can ping ::1 (localhost)
-# some IPv6 tests will fail without an IPv6 DNS server (see #16971 and #17011)
-# only run mixed tests if we have a tor-stable binary
-# Try the syntax for BSD ping6, Linux ping6, and Linux ping -6,
-# because they're incompatible
-test-network-all: need-chutney-path test-driver $(TESTING_TOR_BINARY) src/tools/tor-gencert
-	mkdir -p $(TEST_NETWORK_ALL_LOG_DIR)
-	@flavors="$(TEST_CHUTNEY_FLAVORS)"; \
-	if ping6 -q -c 1 -o ::1 >/dev/null 2>&1 || ping6 -q -c 1 -W 1 ::1 >/dev/null 2>&1 || ping -6 -c 1 -W 1 ::1 >/dev/null 2>&1; then \
-		echo "ping6 ::1 or ping ::1 succeeded, running IPv6 flavors: $(TEST_CHUTNEY_FLAVORS_IPV6)."; \
-		flavors="$$flavors $(TEST_CHUTNEY_FLAVORS_IPV6)"; \
-	else \
-		echo "ping6 ::1 and ping ::1 failed, skipping IPv6 flavors: $(TEST_CHUTNEY_FLAVORS_IPV6)."; \
-		skip_flavors="$$skip_flavors $(TEST_CHUTNEY_FLAVORS_IPV6)"; \
-	fi; \
-	if command -v tor-stable >/dev/null 2>&1; then \
-		echo "tor-stable found, running mixed flavors: $(TEST_CHUTNEY_FLAVORS_MIXED)."; \
-		flavors="$$flavors $(TEST_CHUTNEY_FLAVORS_MIXED)"; \
-	else \
-		echo "tor-stable not found, skipping mixed flavors: $(TEST_CHUTNEY_FLAVORS_MIXED)."; \
-		skip_flavors="$$skip_flavors $(TEST_CHUTNEY_FLAVORS_MIXED)"; \
-	fi; \
-	for f in $$skip_flavors; do \
-		echo "SKIP: $$f"; \
-	done; \
-	for f in $$flavors; do \
-		$(SHELL) $(top_srcdir)/test-driver --test-name $$f --log-file $(TEST_NETWORK_ALL_LOG_DIR)/$$f.log --trs-file $(TEST_NETWORK_ALL_LOG_DIR)/$$f.trs $(TEST_NETWORK_ALL_DRIVER_FLAGS) $(top_srcdir)/src/test/test-network.sh --flavor $$f $(TEST_NETWORK_FLAGS); \
-		$(top_srcdir)/src/test/test-network.sh $(TEST_NETWORK_WARNING_FLAGS); \
-	done; \
-	echo "Log and result files are available in $(TEST_NETWORK_ALL_LOG_DIR)."; \
-	! grep -q FAIL test_network_log/*.trs
-
-need-stem-path:
-	@if test ! -d "$$STEM_SOURCE_DIR"; then \
-		echo '$$STEM_SOURCE_DIR was not set.'; echo; \
-		echo "To run these tests, git clone https://git.torproject.org/stem.git/ ; export STEM_SOURCE_DIR=\`pwd\`/stem"; \
-		exit 1; \
-	fi
-
-test-stem: need-stem-path $(TESTING_TOR_BINARY)
-	@$(PYTHON) "$$STEM_SOURCE_DIR"/run_tests.py --tor "$(TESTING_TOR_BINARY)" --all --log notice --target RUN_ALL;
-
-test-stem-full: need-stem-path $(TESTING_TOR_BINARY)
-	@$(PYTHON) "$$STEM_SOURCE_DIR"/run_tests.py --tor "$(TESTING_TOR_BINARY)" --all --log notice --target RUN_ALL,ONLINE -v;
-
-test-full: need-stem-path need-chutney-path check test-network test-stem
-
-test-full-online: need-stem-path need-chutney-path check test-network test-stem-full
-
-reset-gcov:
-	rm -f $(top_builddir)/src/*/*.gcda $(top_builddir)/src/*/*/*.gcda
-
-HTML_COVER_DIR=$(top_builddir)/coverage_html
-coverage-html: all
-if COVERAGE_ENABLED
-	test -e "`which lcov`" || (echo "lcov must be installed. See <http://ltp.sourceforge.net/coverage/lcov.php>." && false)
-	test -d "$(HTML_COVER_DIR)" || $(MKDIR_P) "$(HTML_COVER_DIR)"
-	lcov --rc lcov_branch_coverage=1 --directory $(top_builddir)/src --zerocounters
-	$(MAKE) reset-gcov
-	$(MAKE) check
-	lcov --capture --rc lcov_branch_coverage=1 --no-external --directory $(top_builddir) --base-directory $(top_srcdir) --output-file "$(HTML_COVER_DIR)/lcov.tmp"
-	lcov --remove "$(HTML_COVER_DIR)/lcov.tmp" --rc lcov_branch_coverage=1 'test/*' 'ext/tinytest*' '/usr/*' --output-file "$(HTML_COVER_DIR)/lcov.info"
-	genhtml --branch-coverage -o "$(HTML_COVER_DIR)" "$(HTML_COVER_DIR)/lcov.info"
-else
-	@printf "Not configured with --enable-coverage, run ./configure --enable-coverage\n"
-endif
-
-coverage-html-full: all
-	test -e "`which lcov`" || (echo "lcov must be installed. See <http://ltp.sourceforge.net/coverage/lcov.php>." && false)
-	test -d "$(HTML_COVER_DIR)" || mkdir -p "$(HTML_COVER_DIR)"
-	lcov --rc lcov_branch_coverage=1 --directory ./src --zerocounters
-	$(MAKE) reset-gcov
-	$(MAKE) check
-	$(MAKE) test-stem-full
-	CHUTNEY_TOR=tor-cov CHUTNEY_TOR_GENCERT=tor-cov-gencert $(top_srcdir)/src/test/test-network.sh
-	CHUTNEY_TOR=tor-cov CHUTNEY_TOR_GENCERT=tor-cov-gencert $(top_srcdir)/src/test/test-network.sh --flavor hs
-	lcov --capture --rc lcov_branch_coverage=1 --no-external --directory . --output-file "$(HTML_COVER_DIR)/lcov.tmp"
-	lcov --remove "$(HTML_COVER_DIR)/lcov.tmp" --rc lcov_branch_coverage=1 'test/*' 'ext/tinytest*' '/usr/*' --output-file "$(HTML_COVER_DIR)/lcov.info"
-	genhtml --branch-coverage -o "$(HTML_COVER_DIR)" "$(HTML_COVER_DIR)/lcov.info"
-
-# Avoid strlcpy.c, strlcat.c, aes.c, OpenBSD_malloc_Linux.c, sha256.c,
-# tinytest*.[ch]
+# Avoid strlcpy.c, strlcat.c, tree.h
 check-spaces:
-if USE_PERL
-	$(PERL) $(top_srcdir)/scripts/maint/checkSpace.pl -C \
-		$(top_srcdir)/src/common/*.[ch] \
-		$(top_srcdir)/src/or/*.[ch] \
-		$(top_srcdir)/src/test/*.[ch] \
-		$(top_srcdir)/src/test/*/*.[ch] \
-		$(top_srcdir)/src/tools/*.[ch]
-endif
+	./contrib/checkSpace.pl -C                    \
+	        src/common/*.h                        \
+		src/common/[^asO]*.c                  \
+		src/or/[^et]*.[ch] src/or/t*.c src/or/eventdns_tor.h

-check-docs: all
-	$(PERL) $(top_builddir)/scripts/maint/checkOptionDocs.pl
+check-docs:
+	./contrib/checkOptionDocs.pl

 check-logs:
-	$(top_srcdir)/scripts/maint/checkLogs.pl \
-		$(top_srcdir)/src/*/*.[ch] | sort -n
+	./contrib/checkLogs.pl                        \
+		src/*/*.[ch] | sort -n

-.PHONY: check-typos
-check-typos:
-	@if test -x "`which misspell 2>&1;true`"; then \
-		echo "Checking for Typos ..."; \
-		(misspell \
-			$(top_srcdir)/src/[^e]*/*.[ch] \
-			$(top_srcdir)/doc \
-			$(top_srcdir)/contrib \
-			$(top_srcdir)/scripts \
-			$(top_srcdir)/README \
-			$(top_srcdir)/ChangeLog \
-			$(top_srcdir)/INSTALL \
-			$(top_srcdir)/ReleaseNotes \
-			$(top_srcdir)/LICENSE); \
-	else \
-		echo "Tor can use misspell to check for typos."; \
-		echo "It seems that you don't have misspell installed."; \
-		echo "You can install the latest version of misspell here: https://github.com/client9/misspell#install"; \
-	fi
-
-.PHONY: check-changes
-check-changes:
-if USEPYTHON
-	@if test -d "$(top_srcdir)/changes"; then \
-		$(PYTHON) $(top_srcdir)/scripts/maint/lintChanges.py $(top_srcdir)/changes; \
-		fi
-endif
-
-.PHONY: update-versions
-update-versions:
-	$(PERL) $(top_builddir)/scripts/maint/updateVersions.pl
-
-.PHONY: callgraph
-callgraph:
-	$(top_builddir)/scripts/maint/run_calltool.sh
-
-version:
-	@echo "Tor @VERSION@"
-	@if test -d "$(top_srcdir)/.git" && test -x "`which git 2>&1;true`"; then \
-	   echo -n "git: " ;\
-	   (cd "$(top_srcdir)" && git rev-parse --short=16 HEAD); \
-	fi
-
-mostlyclean-local:
-	rm -f $(top_builddir)/src/*/*.gc{da,no} $(top_builddir)/src/*/*/*.gc{da,no}
-	rm -rf $(HTML_COVER_DIR)
-	rm -rf $(top_builddir)/doc/doxygen
-	rm -rf $(TEST_NETWORK_ALL_LOG_DIR)
-
-clean-local:
-	rm -rf $(top_builddir)/src/rust/target
-	rm -rf $(top_builddir)/src/rust/.cargo/registry
-
-if USE_RUST
-distclean-local: distclean-rust
-endif
-
-# This relies on some internal details of how automake implements
-# distcheck.  We check two directories because automake-1.15 changed
-# from $(distdir)/_build to $(distdir)/_build/sub.
-show-distdir-testlog:
-	@if test -d "$(distdir)/_build/sub"; then \
-	  cat $(distdir)/_build/sub/$(TEST_SUITE_LOG); \
-	else \
-	  cat $(distdir)/_build/$(TEST_SUITE_LOG); fi
--- a/Makefile.nmake
+++ b/Makefile.nmake
@ -1,19 +0,0 @@
-all:
-	cd src/common
-	$(MAKE) /F Makefile.nmake
-	cd ../../src/ext
-	$(MAKE) /F Makefile.nmake
-	cd ../../src/or
-	$(MAKE) /F Makefile.nmake
-	cd ../../src/test
-	$(MAKE) /F Makefile.nmake
-
-clean:
-	cd src/common
-	$(MAKE) /F Makefile.nmake clean
-	cd ../../src/ext
-	$(MAKE) /F Makefile.nmake clean
-	cd ../../src/or
-	$(MAKE) /F Makefile.nmake clean
-	cd ../../src/test
-	$(MAKE) /F Makefile.nmake clean
--- a/26
+++ b/26
@ -1,32 +1,22 @@
 Tor protects your privacy on the internet by hiding the connection
-between your Internet address and the services you use. We believe Tor
-is reasonably secure, but please ensure you read the instructions and
-configure it properly.
+between your Internet address and the services you use.  We believe
+Tor is reasonably secure, but please ensure you read the
+instructions and configure it properly.

 To build Tor from source:
-        ./configure && make && make install
-
-To build Tor from a just-cloned git repository:
-        sh autogen.sh && ./configure && make && make install
+        ./configure; make; make install

 Home page:
        https://www.torproject.org/

 Download new versions:
-        https://www.torproject.org/download/download.html
+        https://www.torproject.org/download.html

 Documentation, including links to installation and setup instructions:
-        https://www.torproject.org/docs/documentation.html
+        https://www.torproject.org/documentation.html

 Making applications work with Tor:
-        https://wiki.torproject.org/projects/tor/wiki/doc/TorifyHOWTO
+        http://wiki.noreply.org/noreply/TheOnionRouter/TorifyHOWTO

 Frequently Asked Questions:
-        https://www.torproject.org/docs/faq.html
-
-
-To get started working on Tor development:
-        See the doc/HACKING directory.
-
-Release timeline:
-         https://trac.torproject.org/projects/tor/wiki/org/teams/NetworkTeam/CoreTorReleases
+        http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ
--- a/14809
+++ b/14809
--- a/Win32Build/mingw/CHANGES-libevent
+++ b/Win32Build/mingw/CHANGES-libevent
@ -0,0 +1,80 @@
+Changes related to compilation under MinGW/any sane win32 gcc
+=============================================================
+
+* event.c
+- If gcc include "WIN32-Code/misc.h" instead of "misc.h"
+
+* WIN32-Code/misc.h
+- Add struct prototypes for timeval and timezone
+
+* buffer.c
+- changed type of "i" from "u_int" to "unsigned int". My MinGW wasn't 
+  recognizing it. (u_int is normally typedef'ed to unsigned int, right?)
+
+* evbuffer.c
+- removed incorrect win32 error checking, see bufferevent_writecb().
+  (this needs to be fixed by anyone planning to use evbuffer on win32)
+
+* log.c
+- If gcc include "WIN32-Code/misc.h" instead of "misc.h" 
+
+* WIN32-Code/misc.c
+- if gcc, include "misc.h"
+- added newline at end of file to shut up gcc
+
+* WIN32-Code/win32.c
+- Altered the prototypes of win32_*() so their argument types didn't conflict
+  with the function definitions.
+- Casted types of win32_* to void inside win32ops so that it didn't conflict
+  with the definition of eventops (gcc doesn't like this)
+- Altered prototype of signal_handler to be static since definition is static
+  (why wasn't it like this before)
+- Casted the second argument of signal() to be void*, some reason my MinGW 
+  doesn't have sighandler_t typedef'ed.
+
+* configure.in
+- some code to check if we are compiling for WIN32. 
+  
+* Makefile.am
+- if BUILD_WIN32 is defined, include WIN32-Code/misc.c and
+  WIN32-Code/win32.c as source files.
+- if WIN32, do not build test stuff. (not windows friendly)
+- if WIN32, explicitly link to ws2_32.dll
+  
+Notes
+-----
+- We assume that if __GNUC__ is undefined we are building with MSVC
+- If the user wishes to build a dll, they are on their own, the syntax is 
+  compiler specific. 
+- Getting this warning from libtool, no idea why
+  "libtool: link: warning: undefined symbols not allowed in i686-pc-mingw32
+   shared libraries"
+
+  
+Changes related to "custom eventops"
+====================================
+
+* configure.in
+- add argument --enable-custom-eventops, sets USE_CUSTOM_EVENTOPS in config.h
+- add argument --enable-custom-code, sets USE_CUSTOM_CODE in Makefile
+
+* Makefile.am
+- if USE_CUSTOM_CODE, include custom/custom.c as a source file.
+  (I can't think of a way to pass a string to Makefile.am, so I'm stuck naming
+   the new source file custom.c. It just seems simpler this way, but I'm open 
+   to suggestions)
+   
+* event.c
+- if USE_CUSTOM_EVENTOPS, use eventops as defined in custom-eventops.h
+
+Notes
+-----
+Just in case it isn't completely obvious, the goal of "custom eventops" is to
+allow the user to include their own event processing system without requiring a 
+fork. This is accomplished through two parts. Firstly, by allowing the user to 
+redefine eventops. (for example, the user may wish to use epoll() exclusively). 
+Secondly, by allowing the user to include their own code to support a private
+eventop (note, this may not be necessary, as the user may choose to include 
+already defined eventop's. 
+
+
--- a/Win32Build/mingw/README
+++ b/Win32Build/mingw/README
@ -0,0 +1,8 @@
+The current SVN version of Tor should compile with MinGW.
+
+OpenSSL and libz both compile on MinGW out of the box.
+
+libevent 1.1b will not build unless you apply the diff in this directory.
+
+
+
--- a/Win32Build/mingw/libevent-1.1b-mingw-custom.diff
+++ b/Win32Build/mingw/libevent-1.1b-mingw-custom.diff
@ -0,0 +1,338 @@
+Only in libevent-1.1b: CHANGES
+Only in libevent-1.1b: Makefile
+diff -uwr libevent-1.1b-old/Makefile.am libevent-1.1b/Makefile.am
+--- libevent-1.1b-old/Makefile.am	Wed Aug  9 22:16:35 2006
+++ libevent-1.1b/Makefile.am	Sat Sep  2 03:49:26 2006
+@@ -1,6 +1,5 @@
+ AUTOMAKE_OPTIONS = foreign no-dependencies
+ 
+-SUBDIRS = . sample test
+ 
+ EXTRA_DIST = acconfig.h event.h event-internal.h log.h evsignal.h event.3 \
+ 	kqueue.c epoll_sub.c epoll.c select.c rtsig.c poll.c signal.c \
+@@ -20,8 +19,29 @@
+ 
+ lib_LTLIBRARIES = libevent.la
+ 
+-libevent_la_SOURCES = event.c buffer.c evbuffer.c log.c
+-libevent_la_LIBADD = @LTLIBOBJS@
+
+if BUILD_WIN32
+
+SUBDIRS = . sample
+SYS_LIBS = -lws2_32
+SYS_SRC = WIN32-Code/misc.c WIN32-Code/win32.c 
+
+else
+
+SUBDIRS = . sample test
+SYS_LIBS = 
+SYS_SRC = 
+
+endif
+
+if USE_CUSTOM_CODE
+CUST_SRC = custom/custom.c
+else
+CUST_SRC = 
+endif
+
+libevent_la_SOURCES = event.c buffer.c evbuffer.c log.c $(CUST_SRC) $(SYS_SRC)
+libevent_la_LIBADD = @LTLIBOBJS@ $(SYS_LIBS)
+ libevent_la_LDFLAGS = -release @VERSION@ -version-info 1:2:0
+ 
+ include_HEADERS = event.h
+Only in libevent-1.1b: Makefile.in
+diff -uwr libevent-1.1b-old/WIN32-Code/misc.c libevent-1.1b/WIN32-Code/misc.c
+--- libevent-1.1b-old/WIN32-Code/misc.c	Wed Aug  9 21:01:14 2006
+++ libevent-1.1b/WIN32-Code/misc.c	Fri Sep  1 22:21:31 2006
+@@ -4,6 +4,12 @@
+ #include <sys/timeb.h>
+ #include <time.h>
+ 
+#ifdef __GNUC__
+/*our prototypes for timeval and timezone are in here, just in case the above
+  headers don't have them*/
+#include "misc.h"
+#endif
+
+ /****************************************************************************
+  *
+  * Function: gettimeofday(struct timeval *, struct timezone *)
+diff -uwr libevent-1.1b-old/WIN32-Code/misc.h libevent-1.1b/WIN32-Code/misc.h
+--- libevent-1.1b-old/WIN32-Code/misc.h	Wed Aug  9 21:01:14 2006
+++ libevent-1.1b/WIN32-Code/misc.h	Fri Sep  1 18:47:09 2006
+@@ -1,6 +1,9 @@
+ #ifndef MISC_H
+ #define MISC_H
+ 
+struct timezone;
+struct timeval;
+
+ int gettimeofday(struct timeval *,struct timezone *);
+ 
+ #endif
+diff -uwr libevent-1.1b-old/WIN32-Code/win32.c libevent-1.1b/WIN32-Code/win32.c
+--- libevent-1.1b-old/WIN32-Code/win32.c	Wed Aug  9 21:25:48 2006
+++ libevent-1.1b/WIN32-Code/win32.c	Sat Sep  2 00:45:55 2006
+@@ -60,7 +60,8 @@
+ /* MSDN says this is required to handle SIGFPE */
+ volatile double SIGFPE_REQ = 0.0f;
+ 
+-int signal_handler(int sig);
+static int signal_handler(int sig);
+
+ void signal_process(void);
+ int signal_recalc(void);
+ 
+@@ -77,20 +78,21 @@
+ };
+ 
+ void *win32_init	(void);
+-int win32_insert	(void *, struct event *);
+-int win32_del	(void *, struct event *);
+int win32_insert	(struct win32op *, struct event *);
+int win32_del		(struct win32op *, struct event *);
+ int win32_recalc	(struct event_base *base, void *, int);
+-int win32_dispatch	(struct event_base *base, void *, struct timeval *);
+int win32_dispatch	(struct event_base *base, struct win32op *, struct timeval *);
+ 
+ struct eventop win32ops = {
+ 	"win32",
+ 	win32_init,
+-	win32_insert,
+-	win32_del,
+	(int (*) (void*, struct event*)) win32_insert,
+	(int (*) (void*, struct event*)) win32_del,
+ 	win32_recalc,
+-	win32_dispatch
+	(int (*) (struct event_base*, void*, struct timeval*)) win32_dispatch
+ };
+ 
+
+ #define FD_SET_ALLOC_SIZE(n) ((sizeof(struct win_fd_set) + ((n)-1)*sizeof(SOCKET)))
+ 
+ static int
+@@ -213,7 +215,13 @@
+ 		if (ev->ev_events & (EV_READ|EV_WRITE))
+ 			event_errx(1, "%s: EV_SIGNAL incompatible use",
+ 			           __func__);
+
+#ifndef __GNUC__
+ 		if((int)signal(EVENT_SIGNAL(ev), signal_handler) == -1)
+#else
+		if((int)signal(EVENT_SIGNAL(ev), (void*) signal_handler) == -1)
+#endif
+
+ 			return (-1);
+ 
+ 		return (0);
+@@ -382,8 +390,13 @@
+ 
+ 	/* Reinstall our signal handler. */
+ 	TAILQ_FOREACH(ev, &signalqueue, ev_signal_next) {
+#ifndef __GNUC__
+ 		if((int)signal(EVENT_SIGNAL(ev), signal_handler) == -1)
+#else
+		if((int)signal(EVENT_SIGNAL(ev), (void*) signal_handler) == -1)
+#endif
+ 			return (-1);
+
+ 	}
+ 	return (0);
+ }
+Only in libevent-1.1b-old/: aclocal.m4
+Only in libevent-1.1b: autom4te.cache
+diff -uwr libevent-1.1b-old/buffer.c libevent-1.1b/buffer.c
+--- libevent-1.1b-old/buffer.c	Wed Aug  9 22:01:40 2006
+++ libevent-1.1b/buffer.c	Fri Sep  1 18:52:56 2006
+@@ -197,7 +197,7 @@
+ 	u_char *data = EVBUFFER_DATA(buffer);
+ 	size_t len = EVBUFFER_LENGTH(buffer);
+ 	char *line;
+-	u_int i;
+	unsigned int i;
+ 
+ 	for (i = 0; i < len; i++) {
+ 		if (data[i] == '\r' || data[i] == '\n')
+Only in libevent-1.1b: config.guess
+Only in libevent-1.1b: config.h
+diff -uwr libevent-1.1b-old/config.h.in libevent-1.1b/config.h.in
+--- libevent-1.1b-old/config.h.in	Wed Aug  9 21:27:37 2006
+++ libevent-1.1b/config.h.in	Sat Sep  2 02:23:17 2006
+@@ -223,6 +223,9 @@
+ /* Define to 1 if you can safely include both <sys/time.h> and <time.h>. */
+ #undef TIME_WITH_SYS_TIME
+ 
+/* Define to 1 if you want to use a custom eventops variable */
+#undef USE_CUSTOM_EVENTOPS
+
+ /* Version number of package */
+ #undef VERSION
+ 
+@@ -232,11 +235,9 @@
+ /* Define to empty if `const' does not conform to ANSI C. */
+ #undef const
+ 
+-/* Define to `__inline__' or `__inline' if that's what the C compiler
+-   calls it, or to nothing if 'inline' is not supported under any name.  */
+-#ifndef __cplusplus
+/* Define as `__inline' if that's what the C compiler calls it, or to nothing
+   if it is not supported. */
+ #undef inline
+-#endif
+ 
+ /* Define to `int' if <sys/types.h> does not define. */
+ #undef pid_t
+Only in libevent-1.1b: config.h.in~
+Only in libevent-1.1b: config.log
+Only in libevent-1.1b: config.status
+Only in libevent-1.1b: configure
+diff -uwr libevent-1.1b-old/configure.in libevent-1.1b/configure.in
+--- libevent-1.1b-old/configure.in	Wed Aug  9 22:05:17 2006
+++ libevent-1.1b/configure.in	Sat Sep  2 03:40:15 2006
+@@ -21,6 +21,18 @@
+         CFLAGS="$CFLAGS -Wall"
+ fi
+ 
+AC_ARG_ENABLE(custom-eventops,
+		[  --enable-custom-eventops   Use custom eventops variable],
+		AC_DEFINE([USE_CUSTOM_EVENTOPS],[1],
+					[Define to 1 to use a custom eventops variable])
+		,)
+AC_ARG_ENABLE(custom-code,
+		[  --enable-custom-code       Use custom code from custom/],
+		customcodev=true,
+		customcodev=false)
+
+AM_CONDITIONAL(USE_CUSTOM_CODE, test x$customcodev = xtrue)
+
+ AC_PROG_LIBTOOL
+ 
+ dnl   Uncomment "AC_DISABLE_SHARED" to make shared librraries not get
+@@ -110,6 +122,22 @@
+ 	  AC_MSG_RESULT(yes)] ,AC_MSG_RESULT(no)
+ )
+ fi
+
+dnl - check if the macro WIN32 is defined on this compiler.
+dnl - (this is how we check for a windows version of GCC)
+AC_MSG_CHECKING(for WIN32)
+AC_TRY_COMPILE(,
+	[
+	#ifndef WIN32
+	#error
+	#endif
+	],
+	bwin32=true; AC_MSG_RESULT(yes),
+	bwin32=false; AC_MSG_RESULT(no),
+)
+
+AM_CONDITIONAL(BUILD_WIN32, test x$bwin32 = xtrue)
+
+ 
+ dnl Checks for typedefs, structures, and compiler characteristics.
+ AC_C_CONST
+diff -uwr libevent-1.1b-old/evbuffer.c libevent-1.1b/evbuffer.c
+--- libevent-1.1b-old/evbuffer.c	Wed Aug  9 21:01:14 2006
+++ libevent-1.1b/evbuffer.c	Fri Sep  1 19:18:13 2006
+@@ -154,12 +154,20 @@
+ 	if (EVBUFFER_LENGTH(bufev->output)) {
+ 	    res = evbuffer_write(bufev->output, fd);
+ 	    if (res == -1) {
+#ifndef WIN32
+/*todo. evbuffer uses WriteFile when WIN32 is set. WIN32 system calls do not
+ *set errno. thus this error checking is not portable*/
+ 		    if (errno == EAGAIN ||
+ 			errno == EINTR ||
+ 			errno == EINPROGRESS)
+ 			    goto reschedule;
+ 		    /* error case */
+ 		    what |= EVBUFFER_ERROR;
+
+#else
+				goto reschedule;
+#endif
+
+ 	    } else if (res == 0) {
+ 		    /* eof case */
+ 		    what |= EVBUFFER_EOF;
+@@ -181,6 +189,7 @@
+ 	return;
+ 
+  reschedule:
+
+ 	if (EVBUFFER_LENGTH(bufev->output) != 0)
+ 		bufferevent_add(&bufev->ev_write, bufev->timeout_write);
+ 	return;
+diff -uwr libevent-1.1b-old/event.c libevent-1.1b/event.c
+--- libevent-1.1b-old/event.c	Wed Aug  9 21:25:48 2006
+++ libevent-1.1b/event.c	Sat Sep  2 04:22:05 2006
+@@ -30,8 +30,14 @@
+ #define WIN32_LEAN_AND_MEAN
+ #include <windows.h>
+ #undef WIN32_LEAN_AND_MEAN
+
+#ifdef __GNUC__
+#include "WIN32-Code/misc.h"
+#else
+ #include "misc.h"
+ #endif
+
+#endif
+ #include <sys/types.h>
+ #include <sys/tree.h>
+ #ifdef HAVE_SYS_TIME_H
+@@ -53,6 +59,7 @@
+ #include "event-internal.h"
+ #include "log.h"
+ 
+
+ #ifdef HAVE_SELECT
+ extern const struct eventop selectops;
+ #endif
+@@ -75,6 +82,8 @@
+ extern const struct eventop win32ops;
+ #endif
+ 
+#ifndef USE_CUSTOM_EVENTOPS
+
+ /* In order of preference */
+ const struct eventop *eventops[] = {
+ #ifdef HAVE_WORKING_KQUEUE
+@@ -101,6 +110,11 @@
+ 	NULL
+ };
+ 
+#else
+#include "custom-eventops.h"
+#endif //USE_CUSTOM_EVENTOPS
+
+
+ /* Global state */
+ struct event_list signalqueue;
+ 
+Only in libevent-1.1b: libtool
+diff -uwr libevent-1.1b-old/log.c libevent-1.1b/log.c
+--- libevent-1.1b-old/log.c	Wed Aug  9 21:01:14 2006
+++ libevent-1.1b/log.c	Fri Sep  1 19:09:45 2006
+@@ -45,8 +45,14 @@
+ #define WIN32_LEAN_AND_MEAN
+ #include <windows.h>
+ #undef WIN32_LEAN_AND_MEAN
+
+#ifdef __GNUC__
+#include "WIN32-Code/misc.h"
+#else
+ #include "misc.h"
+ #endif
+
+#endif
+ #include <sys/types.h>
+ #include <sys/tree.h>
+ #ifdef HAVE_SYS_TIME_H
+Only in libevent-1.1b/sample: Makefile
+Only in libevent-1.1b/sample: Makefile.in
+Only in libevent-1.1b: stamp-h1
+Only in libevent-1.1b/test: Makefile
+Only in libevent-1.1b/test: Makefile.in
--- a/Win32Build/mingw/libevent-1.1b-mingw.diff
+++ b/Win32Build/mingw/libevent-1.1b-mingw.diff
@ -0,0 +1,221 @@
+=== Makefile.am
+==================================================================
+--- Makefile.am	(revision 8794)
+++ Makefile.am	(local)
+@@ -1,6 +1,5 @@
+ AUTOMAKE_OPTIONS = foreign no-dependencies
+ 
+-SUBDIRS = . sample test
+ 
+ EXTRA_DIST = acconfig.h event.h event-internal.h log.h evsignal.h event.3 \
+ 	kqueue.c epoll_sub.c epoll.c select.c rtsig.c poll.c signal.c \
+@@ -20,13 +19,29 @@
+ 
+ lib_LTLIBRARIES = libevent.la
+ 
+-libevent_la_SOURCES = event.c buffer.c evbuffer.c log.c
+-libevent_la_LIBADD = @LTLIBOBJS@
+if BUILD_WIN32
+
+SUBDIRS = . sample
+SYS_LIBS = -lws2_32
+SYS_SRC = WIN32-Code/misc.c WIN32-Code/win32.c
+SYS_INCLUDES = -IWIN32-Code
+
+else
+
+SUBDIRS = . sample test
+SYS_LIBS =
+SYS_SRC =
+SYS_INCLUDES =
+
+endif
+
+libevent_la_SOURCES = event.c buffer.c evbuffer.c log.c $(SYS_SRC)
+libevent_la_LIBADD = @LTLIBOBJS@ $(SYS_LIBS)
+ libevent_la_LDFLAGS = -release @VERSION@ -version-info 1:2:0
+ 
+ include_HEADERS = event.h
+ 
+-INCLUDES = -Icompat
+INCLUDES = -Icompat $(SYS_INCLUDES)
+ 
+ man_MANS = event.3
+ 
+=== WIN32-Code/misc.c
+==================================================================
+--- WIN32-Code/misc.c	(revision 8794)
+++ WIN32-Code/misc.c	(local)
+@@ -4,6 +4,12 @@
+ #include <sys/timeb.h>
+ #include <time.h>
+ 
+#ifdef __GNUC__
+/*our prototypes for timeval and timezone are in here, just in case the above
+  headers don't have them*/
+#include "misc.h"
+#endif
+
+ /****************************************************************************
+  *
+  * Function: gettimeofday(struct timeval *, struct timezone *)
+@@ -17,6 +23,7 @@
+  *
+  ****************************************************************************/
+ 
+#ifndef HAVE_GETTIMEOFDAY
+ int gettimeofday(struct timeval *tv, struct timezone *tz) {
+   struct _timeb tb;
+ 
+@@ -28,6 +35,7 @@
+ 	tv->tv_usec = ((int) tb.millitm) * 1000;
+ 	return 0;
+ }
+#endif
+ 
+ int
+ win_read(int fd, void *buf, unsigned int length)
+=== WIN32-Code/misc.h
+==================================================================
+--- WIN32-Code/misc.h	(revision 8794)
+++ WIN32-Code/misc.h	(local)
+@@ -1,6 +1,11 @@
+ #ifndef MISC_H
+ #define MISC_H
+ 
+struct timezone;
+struct timeval;
+
+#ifndef HAVE_GETTIMEOFDAY
+ int gettimeofday(struct timeval *,struct timezone *);
+#endif
+ 
+ #endif
+=== WIN32-Code/win32.c
+==================================================================
+--- WIN32-Code/win32.c	(revision 8794)
+++ WIN32-Code/win32.c	(local)
+@@ -60,7 +60,8 @@
+ /* MSDN says this is required to handle SIGFPE */
+ volatile double SIGFPE_REQ = 0.0f;
+ 
+-int signal_handler(int sig);
+static void signal_handler(int sig);
+
+ void signal_process(void);
+ int signal_recalc(void);
+ 
+@@ -205,8 +206,9 @@
+ }
+ 
+ int
+-win32_insert(struct win32op *win32op, struct event *ev)
+win32_insert(void *op, struct event *ev)
+ {
+	struct win32op *win32op = op;
+ 	int i;
+ 
+ 	if (ev->ev_events & EV_SIGNAL) {
+@@ -251,8 +253,9 @@
+ }
+ 
+ int
+-win32_del(struct win32op *win32op, struct event *ev)
+win32_del(void *op, struct event *ev)
+ {
+	struct win32op *win32op = op;
+ 	int i, found;
+ 
+ 	if (ev->ev_events & EV_SIGNAL)
+@@ -302,9 +305,10 @@
+ */
+ 
+ int
+-win32_dispatch(struct event_base *base, struct win32op *win32op,
+win32_dispatch(struct event_base *base, void *op,
+ 	       struct timeval *tv)
+ {
+	struct win32op *win32op = op;
+ 	int res = 0;
+ 	int i;
+ 	int fd_count;
+@@ -366,13 +370,11 @@
+ }
+ 
+ 
+-static int
+static void
+ signal_handler(int sig)
+ {
+ 	evsigcaught[sig]++;
+ 	signal_caught = 1;
+-
+-	return 0;
+ }
+ 
+ int
+=== buffer.c
+==================================================================
+--- buffer.c	(revision 8794)
+++ buffer.c	(local)
+@@ -197,7 +197,7 @@
+ 	u_char *data = EVBUFFER_DATA(buffer);
+ 	size_t len = EVBUFFER_LENGTH(buffer);
+ 	char *line;
+-	u_int i;
+	unsigned int i;
+ 
+ 	for (i = 0; i < len; i++) {
+ 		if (data[i] == '\r' || data[i] == '\n')
+=== configure.in
+==================================================================
+--- configure.in	(revision 8794)
+++ configure.in	(local)
+@@ -111,6 +111,21 @@
+ )
+ fi
+ 
+dnl - check if the macro WIN32 is defined on this compiler.
+dnl - (this is how we check for a windows version of GCC)
+AC_MSG_CHECKING(for WIN32)
+AC_TRY_COMPILE(,
+	[
+	#ifndef WIN32
+	#error
+	#endif
+	],
+	bwin32=true; AC_MSG_RESULT(yes),
+	bwin32=false; AC_MSG_RESULT(no),
+)
+
+AM_CONDITIONAL(BUILD_WIN32, test x$bwin32 = xtrue)
+
+ dnl Checks for typedefs, structures, and compiler characteristics.
+ AC_C_CONST
+ AC_C_INLINE
+=== evbuffer.c
+==================================================================
+--- evbuffer.c	(revision 8794)
+++ evbuffer.c	(local)
+@@ -154,12 +154,20 @@
+ 	if (EVBUFFER_LENGTH(bufev->output)) {
+ 	    res = evbuffer_write(bufev->output, fd);
+ 	    if (res == -1) {
+#ifndef WIN32
+/*todo. evbuffer uses WriteFile when WIN32 is set. WIN32 system calls do not
+ *set errno. thus this error checking is not portable*/
+ 		    if (errno == EAGAIN ||
+ 			errno == EINTR ||
+ 			errno == EINPROGRESS)
+ 			    goto reschedule;
+ 		    /* error case */
+ 		    what |= EVBUFFER_ERROR;
+
+#else
+				goto reschedule;
+#endif
+
+ 	    } else if (res == 0) {
+ 		    /* eof case */
+ 		    what |= EVBUFFER_EOF;
+
--- a/Win32Build/mingw/libevent-svn-mingw.diff
+++ b/Win32Build/mingw/libevent-svn-mingw.diff
@ -0,0 +1,210 @@
+=== Makefile.am
+==================================================================
+--- Makefile.am	(revision 8794)
+++ Makefile.am	(local)
+@@ -1,6 +1,5 @@
+ AUTOMAKE_OPTIONS = foreign no-dependencies
+ 
+-SUBDIRS = . sample test
+ 
+ bin_SCRIPTS = event_rpcgen.py
+ 
+@@ -22,18 +21,34 @@
+ 
+ lib_LTLIBRARIES = libevent.la
+ 
+if BUILD_WIN32
+
+SUBDIRS = . sample
+SYS_LIBS = -lws2_32
+SYS_SRC = WIN32-Code/misc.c WIN32-Code/win32.c
+SYS_INCLUDES = -IWIN32-Code
+
+else
+
+SUBDIRS = . sample test
+SYS_LIBS =
+SYS_SRC =
+SYS_INCLUDES =
+
+endif
+
+ libevent_la_SOURCES = event.c buffer.c evbuffer.c log.c event_tagging.c \
+-	 http.c evhttp.h http-internal.h evdns.c evdns.h
+-libevent_la_LIBADD = @LTLIBOBJS@
+	 http.c evhttp.h http-internal.h evdns.c evdns.h $(SYS_SRC)
+libevent_la_LIBADD = @LTLIBOBJS@ $(SYS_LIBS)
+ libevent_la_LDFLAGS = -release @VERSION@ -version-info 1:3:0
+ 
+ include_HEADERS = event.h evhttp.h evdns.h
+ 
+-INCLUDES = -Icompat
+INCLUDES = -Icompat $(SYS_INCLUDES)
+ 
+ man_MANS = event.3
+ 
+ verify: libevent.la
+-	cd $(srcdir)/test && make verify	
+	cd $(srcdir)/test && make verify
+ 
+ DISTCLEANFILES = *~
+=== WIN32-Code/misc.c
+==================================================================
+--- WIN32-Code/misc.c	(revision 8794)
+++ WIN32-Code/misc.c	(local)
+@@ -4,6 +4,12 @@
+ #include <sys/timeb.h>
+ #include <time.h>
+ 
+#ifdef __GNUC__
+/*our prototypes for timeval and timezone are in here, just in case the above
+  headers don't have them*/
+#include "misc.h"
+#endif
+
+ /****************************************************************************
+  *
+  * Function: gettimeofday(struct timeval *, struct timezone *)
+=== WIN32-Code/misc.h
+==================================================================
+--- WIN32-Code/misc.h	(revision 8794)
+++ WIN32-Code/misc.h	(local)
+@@ -1,6 +1,9 @@
+ #ifndef MISC_H
+ #define MISC_H
+ 
+struct timezone;
+struct timeval;
+
+ int gettimeofday(struct timeval *,struct timezone *);
+ 
+ #endif
+=== WIN32-Code/win32.c
+==================================================================
+--- WIN32-Code/win32.c	(revision 8794)
+++ WIN32-Code/win32.c	(local)
+@@ -60,7 +60,8 @@
+ /* MSDN says this is required to handle SIGFPE */
+ volatile double SIGFPE_REQ = 0.0f;
+ 
+-int signal_handler(int sig);
+static void signal_handler(int sig);
+
+ void signal_process(void);
+ int signal_recalc(void);
+ 
+@@ -207,8 +208,9 @@
+ }
+ 
+ int
+-win32_insert(struct win32op *win32op, struct event *ev)
+win32_insert(void *op, struct event *ev)
+ {
+	struct win32op *win32op = op;
+ 	int i;
+ 
+ 	if (ev->ev_events & EV_SIGNAL) {
+@@ -253,8 +255,9 @@
+ }
+ 
+ int
+-win32_del(struct win32op *win32op, struct event *ev)
+win32_del(void *op, struct event *ev)
+ {
+	struct win32op *win32op = op;
+ 	int i, found;
+ 
+ 	if (ev->ev_events & EV_SIGNAL)
+@@ -304,9 +307,10 @@
+ */
+ 
+ int
+-win32_dispatch(struct event_base *base, struct win32op *win32op,
+win32_dispatch(struct event_base *base, void *op,
+ 	       struct timeval *tv)
+ {
+	struct win32op *win32op = op;
+ 	int res = 0;
+ 	int i;
+ 	int fd_count;
+@@ -389,13 +393,11 @@
+ 	free(win32op);
+ }
+ 
+-static int
+static void
+ signal_handler(int sig)
+ {
+ 	evsigcaught[sig]++;
+ 	signal_caught = 1;
+-
+-	return 0;
+ }
+ 
+ int
+=== buffer.c
+==================================================================
+--- buffer.c	(revision 8794)
+++ buffer.c	(local)
+@@ -197,7 +197,7 @@
+ 	u_char *data = EVBUFFER_DATA(buffer);
+ 	size_t len = EVBUFFER_LENGTH(buffer);
+ 	char *line;
+-	u_int i;
+	unsigned int i;
+ 
+ 	for (i = 0; i < len; i++) {
+ 		if (data[i] == '\r' || data[i] == '\n')
+=== configure.in
+==================================================================
+--- configure.in	(revision 8794)
+++ configure.in	(local)
+@@ -111,6 +111,22 @@
+ )
+ fi
+ 
+dnl - check if the macro WIN32 is defined on this compiler.
+dnl - (this is how we check for a windows version of GCC)
+AC_MSG_CHECKING(for WIN32)
+AC_TRY_COMPILE(,
+	[
+	#ifndef WIN32
+	#error
+	#endif
+	],
+	bwin32=true; AC_MSG_RESULT(yes),
+	bwin32=false; AC_MSG_RESULT(no),
+)
+
+AM_CONDITIONAL(BUILD_WIN32, test x$bwin32 = xtrue)
+
+
+ dnl Checks for typedefs, structures, and compiler characteristics.
+ AC_C_CONST
+ AC_C_INLINE
+=== evbuffer.c
+==================================================================
+--- evbuffer.c	(revision 8794)
+++ evbuffer.c	(local)
+@@ -163,12 +162,20 @@
+ 	if (EVBUFFER_LENGTH(bufev->output)) {
+ 	    res = evbuffer_write(bufev->output, fd);
+ 	    if (res == -1) {
+#ifndef WIN32
+/*todo. evbuffer uses WriteFile when WIN32 is set. WIN32 system calls do not
+ *set errno. thus this error checking is not portable*/
+ 		    if (errno == EAGAIN ||
+ 			errno == EINTR ||
+ 			errno == EINPROGRESS)
+ 			    goto reschedule;
+ 		    /* error case */
+ 		    what |= EVBUFFER_ERROR;
+
+#else
+				goto reschedule;
+#endif
+
+ 	    } else if (res == 0) {
+ 		    /* eof case */
+ 		    what |= EVBUFFER_EOF;
+
--- a/Win32Build/vc6/Tor.dsw
+++ b/Win32Build/vc6/Tor.dsw
@ -0,0 +1,41 @@
+Microsoft Developer Studio Workspace File, Format Version 6.00
+# WARNING: DO NOT EDIT OR DELETE THIS WORKSPACE FILE!
+
+###############################################################################
+
+Project: "tor"=".\tor\tor.dsp" - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+}}}
+
+###############################################################################
+
+Project: "tor_resolve"=".\tor_resolve\tor_resolve.dsp" - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+}}}
+
+###############################################################################
+
+Global:
+
+Package=<5>
+{{{
+}}}
+
+Package=<3>
+{{{
+}}}
+
+###############################################################################
+
--- a/Win32Build/vc6/tor/Tor.dsp
+++ b/Win32Build/vc6/tor/Tor.dsp
@ -0,0 +1,398 @@
+# Microsoft Developer Studio Project File - Name="tor" - Package Owner=<4>
+# Microsoft Developer Studio Generated Build File, Format Version 6.00
+# ** DO NOT EDIT **
+
+# TARGTYPE "Win32 (x86) Console Application" 0x0103
+
+CFG=tor - Win32 Debug
+!MESSAGE This is not a valid makefile. To build this project using NMAKE,
+!MESSAGE use the Export Makefile command and run
+!MESSAGE 
+!MESSAGE NMAKE /f "tor.mak".
+!MESSAGE 
+!MESSAGE You can specify a configuration when running NMAKE
+!MESSAGE by defining the macro CFG on the command line. For example:
+!MESSAGE 
+!MESSAGE NMAKE /f "tor.mak" CFG="tor - Win32 Debug"
+!MESSAGE 
+!MESSAGE Possible choices for configuration are:
+!MESSAGE 
+!MESSAGE "tor - Win32 Release" (based on "Win32 (x86) Console Application")
+!MESSAGE "tor - Win32 Debug" (based on "Win32 (x86) Console Application")
+!MESSAGE 
+
+# Begin Project
+# PROP AllowPerConfigDependencies 0
+# PROP Scc_ProjName ""
+# PROP Scc_LocalPath ""
+CPP=cl.exe
+RSC=rc.exe
+
+!IF  "$(CFG)" == "tor - Win32 Release"
+
+# PROP BASE Use_MFC 0
+# PROP BASE Use_Debug_Libraries 0
+# PROP BASE Output_Dir "Release"
+# PROP BASE Intermediate_Dir "Release"
+# PROP BASE Target_Dir ""
+# PROP Use_MFC 0
+# PROP Use_Debug_Libraries 0
+# PROP Output_Dir "Release"
+# PROP Intermediate_Dir "Release"
+# PROP Ignore_Export_Lib 0
+# PROP Target_Dir ""
+# ADD BASE CPP /nologo /W3 /GX /O2 /D "WIN32" /D "NDEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /c
+# ADD CPP /nologo /MT /W3 /GX /O2 /I "..\..\..\src\win32" /I "c:\openssl\include" /D "WIN32" /D "NDEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /c
+# ADD BASE RSC /l 0x409 /d "NDEBUG"
+# ADD RSC /l 0x409 /d "NDEBUG"
+BSC32=bscmake.exe
+# ADD BASE BSC32 /nologo
+# ADD BSC32 /nologo
+LINK32=link.exe
+# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /machine:I386
+# ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib wsock32.lib ssleay32.lib libeay32.lib /nologo /subsystem:console /machine:I386 /libpath:"c:\openssl\lib\vc"
+
+!ELSEIF  "$(CFG)" == "tor - Win32 Debug"
+
+# PROP BASE Use_MFC 0
+# PROP BASE Use_Debug_Libraries 1
+# PROP BASE Output_Dir "Debug"
+# PROP BASE Intermediate_Dir "Debug"
+# PROP BASE Target_Dir ""
+# PROP Use_MFC 0
+# PROP Use_Debug_Libraries 1
+# PROP Output_Dir "Debug"
+# PROP Intermediate_Dir "Debug"
+# PROP Ignore_Export_Lib 0
+# PROP Target_Dir ""
+# ADD BASE CPP /nologo /W3 /Gm /GX /ZI /Od /D "WIN32" /D "_DEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /GZ /c
+# ADD CPP /nologo /MTd /W3 /Gm /GX /ZI /Od /I "..\..\..\src\win32" /I "c:\openssl\include" /D "WIN32" /D "_DEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /GZ /c
+# ADD BASE RSC /l 0x409 /d "_DEBUG"
+# ADD RSC /l 0x409 /d "_DEBUG"
+BSC32=bscmake.exe
+# ADD BASE BSC32 /nologo
+# ADD BSC32 /nologo
+LINK32=link.exe
+# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept
+# ADD LINK32 wsock32.lib ssleay32.lib libeay32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept /libpath:"c:\openssl\lib\vc"
+
+!ENDIF 
+
+# Begin Target
+
+# Name "tor - Win32 Release"
+# Name "tor - Win32 Debug"
+# Begin Group "Source Files"
+
+# PROP Default_Filter "cpp;c;cxx;rc;def;r;odl;idl;hpj;bat"
+# Begin Group "common"
+
+# PROP Default_Filter ""
+# Begin Source File
+
+SOURCE=..\..\..\src\common\aes.c
+# End Source File
+# Begin Source File
+
+SOURCE=..\..\..\src\common\compat.c
+# End Source File
+# Begin Source File
+
+SOURCE=..\..\..\src\common\container.c
+# End Source File
+# Begin Source File
+
+SOURCE=..\..\..\src\common\crypto.c
+# End Source File
+# Begin Source File
+
+SOURCE=..\..\..\src\common\log.c
+# End Source File
+# Begin Source File
+
+SOURCE=..\..\..\src\common\log.h
+# End Source File
+# Begin Source File
+
+SOURCE=..\..\..\src\common\torgzip.c
+# End Source File
+# Begin Source File
+
+SOURCE=..\..\..\src\common\tortls.c
+# End Source File
+# Begin Source File
+
+SOURCE=..\..\..\src\common\util.c
+# End Source File
+# End Group
+# Begin Group "zlib"
+
+# PROP Default_Filter ""
+# Begin Source File
+
+SOURCE=..\..\..\contrib\zlib\adler32.c
+# End Source File
+# Begin Source File
+
+SOURCE=..\..\..\contrib\zlib\compress.c
+# End Source File
+# Begin Source File
+
+SOURCE=..\..\..\contrib\zlib\crc32.c
+# End Source File
+# Begin Source File
+
+SOURCE=..\..\..\contrib\zlib\crc32.h
+# End Source File
+# Begin Source File
+
+SOURCE=..\..\..\contrib\zlib\deflate.c
+# End Source File
+# Begin Source File
+
+SOURCE=..\..\..\contrib\zlib\deflate.h
+# End Source File
+# Begin Source File
+
+SOURCE=..\..\..\contrib\zlib\gzio.c
+# End Source File
+# Begin Source File
+
+SOURCE=..\..\..\contrib\zlib\infback.c
+# End Source File
+# Begin Source File
+
+SOURCE=..\..\..\contrib\zlib\inffast.c
+# End Source File
+# Begin Source File
+
+SOURCE=..\..\..\contrib\zlib\inffast.h
+# End Source File
+# Begin Source File
+
+SOURCE=..\..\..\contrib\zlib\inffixed.h
+# End Source File
+# Begin Source File
+
+SOURCE=..\..\..\contrib\zlib\inflate.c
+# End Source File
+# Begin Source File
+
+SOURCE=..\..\..\contrib\zlib\inflate.h
+# End Source File
+# Begin Source File
+
+SOURCE=..\..\..\contrib\zlib\inftrees.c
+# End Source File
+# Begin Source File
+
+SOURCE=..\..\..\contrib\zlib\inftrees.h
+# End Source File
+# Begin Source File
+
+SOURCE=..\..\..\contrib\zlib\trees.c
+# End Source File
+# Begin Source File
+
+SOURCE=..\..\..\contrib\zlib\trees.h
+# End Source File
+# Begin Source File
+
+SOURCE=..\..\..\contrib\zlib\uncompr.c
+# End Source File
+# Begin Source File
+
+SOURCE=..\..\..\contrib\zlib\zconf.h
+# End Source File
+# Begin Source File
+
+SOURCE=..\..\..\contrib\zlib\zlib.h
+# End Source File
+# Begin Source File
+
+SOURCE=..\..\..\contrib\zlib\zutil.c
+# End Source File
+# Begin Source File
+
+SOURCE=..\..\..\contrib\zlib\zutil.h
+# End Source File
+# End Group
+# Begin Group "or"
+
+# PROP Default_Filter ""
+# Begin Source File
+
+SOURCE=..\..\..\src\or\buffers.c
+# End Source File
+# Begin Source File
+
+SOURCE=..\..\..\src\or\circuitbuild.c
+# End Source File
+# Begin Source File
+
+SOURCE=..\..\..\src\or\circuitlist.c
+# End Source File
+# Begin Source File
+
+SOURCE=..\..\..\src\or\circuituse.c
+# End Source File
+# Begin Source File
+
+SOURCE=..\..\..\src\or\command.c
+# End Source File
+# Begin Source File
+
+SOURCE=..\..\..\src\or\config.c
+# End Source File
+# Begin Source File
+
+SOURCE=..\..\..\src\or\connection.c
+# End Source File
+# Begin Source File
+
+SOURCE=..\..\..\src\or\connection_edge.c
+# End Source File
+# Begin Source File
+
+SOURCE=..\..\..\src\or\connection_or.c
+# End Source File
+# Begin Source File
+
+SOURCE=..\..\..\src\or\control.c
+# End Source File
+# Begin Source File
+
+SOURCE=..\..\..\src\or\cpuworker.c
+# End Source File
+# Begin Source File
+
+SOURCE=..\..\..\src\or\directory.c
+# End Source File
+# Begin Source File
+
+SOURCE=..\..\..\src\or\dirserv.c
+# End Source File
+# Begin Source File
+
+SOURCE=..\..\..\src\or\dns.c
+# End Source File
+# Begin Source File
+
+SOURCE=..\..\..\src\or\hibernate.c
+# End Source File
+# Begin Source File
+
+SOURCE=..\..\..\src\or\main.c
+# End Source File
+# Begin Source File
+
+SOURCE=..\..\..\src\or\onion.c
+# End Source File
+# Begin Source File
+
+SOURCE=..\..\..\src\or\policies.c
+# End Source File
+# Begin Source File
+
+SOURCE=..\..\..\src\or\relay.c
+# End Source File
+# Begin Source File
+
+SOURCE=..\..\..\src\or\rendclient.c
+# End Source File
+# Begin Source File
+
+SOURCE=..\..\..\src\or\rendcommon.c
+# End Source File
+# Begin Source File
+
+SOURCE=..\..\..\src\or\rendmid.c
+# End Source File
+# Begin Source File
+
+SOURCE=..\..\..\src\or\rendservice.c
+# End Source File
+# Begin Source File
+
+SOURCE=..\..\..\src\or\rephist.c
+# End Source File
+# Begin Source File
+
+SOURCE=..\..\..\src\or\router.c
+# End Source File
+# Begin Source File
+
+SOURCE=..\..\..\src\or\routerlist.c
+# End Source File
+# Begin Source File
+
+SOURCE=..\..\..\src\or\routerparse.c
+# End Source File
+# Begin Source File
+
+SOURCE=..\..\..\src\or\tor_main.c
+# End Source File
+# Begin Source File
+
+SOURCE=..\..\..\src\or\tree.h
+# End Source File
+# End Group
+# End Group
+# Begin Group "Header Files"
+
+# PROP Default_Filter "h;hpp;hxx;hm;inl"
+# Begin Source File
+
+SOURCE=..\..\..\src\common\aes.h
+# End Source File
+# Begin Source File
+
+SOURCE=..\..\..\src\common\compat.h
+# End Source File
+# Begin Source File
+
+SOURCE=..\..\..\src\common\container.h
+# End Source File
+# Begin Source File
+
+SOURCE=..\..\..\src\common\crypto.h
+# End Source File
+# Begin Source File
+
+SOURCE=..\..\..\src\common\fakepoll.h
+# End Source File
+# Begin Source File
+
+SOURCE=..\..\..\src\or\or.h
+# End Source File
+# Begin Source File
+
+SOURCE=..\..\..\src\win32\orconfig.h
+# End Source File
+# Begin Source File
+
+SOURCE=..\..\..\src\common\test.h
+# End Source File
+# Begin Source File
+
+SOURCE=..\..\..\src\common\torgzip.h
+# End Source File
+# Begin Source File
+
+SOURCE=..\..\..\src\common\torint.h
+# End Source File
+# Begin Source File
+
+SOURCE=..\..\..\src\common\tortls.h
+# End Source File
+# Begin Source File
+
+SOURCE=..\..\..\src\common\util.h
+# End Source File
+# End Group
+# Begin Group "Resource Files"
+
+# PROP Default_Filter "ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe"
+# End Group
+# End Target
+# End Project
--- a/Win32Build/vc6/tor_resolve/tor_resolve.dsp
+++ b/Win32Build/vc6/tor_resolve/tor_resolve.dsp
@ -0,0 +1,134 @@
+# Microsoft Developer Studio Project File - Name="tor_resolve" - Package Owner=<4>
+# Microsoft Developer Studio Generated Build File, Format Version 6.00
+# ** DO NOT EDIT **
+
+# TARGTYPE "Win32 (x86) Console Application" 0x0103
+
+CFG=tor_resolve - Win32 Debug
+!MESSAGE This is not a valid makefile. To build this project using NMAKE,
+!MESSAGE use the Export Makefile command and run
+!MESSAGE 
+!MESSAGE NMAKE /f "tor_resolve.mak".
+!MESSAGE 
+!MESSAGE You can specify a configuration when running NMAKE
+!MESSAGE by defining the macro CFG on the command line. For example:
+!MESSAGE 
+!MESSAGE NMAKE /f "tor_resolve.mak" CFG="tor_resolve - Win32 Debug"
+!MESSAGE 
+!MESSAGE Possible choices for configuration are:
+!MESSAGE 
+!MESSAGE "tor_resolve - Win32 Release" (based on "Win32 (x86) Console Application")
+!MESSAGE "tor_resolve - Win32 Debug" (based on "Win32 (x86) Console Application")
+!MESSAGE 
+
+# Begin Project
+# PROP AllowPerConfigDependencies 0
+# PROP Scc_ProjName ""
+# PROP Scc_LocalPath ""
+CPP=cl.exe
+RSC=rc.exe
+
+!IF  "$(CFG)" == "tor_resolve - Win32 Release"
+
+# PROP BASE Use_MFC 0
+# PROP BASE Use_Debug_Libraries 0
+# PROP BASE Output_Dir "Release"
+# PROP BASE Intermediate_Dir "Release"
+# PROP BASE Target_Dir ""
+# PROP Use_MFC 0
+# PROP Use_Debug_Libraries 0
+# PROP Output_Dir "Release"
+# PROP Intermediate_Dir "Release"
+# PROP Ignore_Export_Lib 0
+# PROP Target_Dir ""
+# ADD BASE CPP /nologo /W3 /GX /O2 /D "WIN32" /D "NDEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /c
+# ADD CPP /nologo /MT /W3 /GX /O2 /I "..\..\..\src\win32" /D "WIN32" /D "NDEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /c
+# ADD BASE RSC /l 0x409 /d "NDEBUG"
+# ADD RSC /l 0x409 /d "NDEBUG"
+BSC32=bscmake.exe
+# ADD BASE BSC32 /nologo
+# ADD BSC32 /nologo
+LINK32=link.exe
+# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib  kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /machine:I386
+# ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib wsock32.lib /nologo /subsystem:console /machine:I386
+
+!ELSEIF  "$(CFG)" == "tor_resolve - Win32 Debug"
+
+# PROP BASE Use_MFC 0
+# PROP BASE Use_Debug_Libraries 1
+# PROP BASE Output_Dir "Debug"
+# PROP BASE Intermediate_Dir "Debug"
+# PROP BASE Target_Dir ""
+# PROP Use_MFC 0
+# PROP Use_Debug_Libraries 1
+# PROP Output_Dir "Debug"
+# PROP Intermediate_Dir "Debug"
+# PROP Ignore_Export_Lib 0
+# PROP Target_Dir ""
+# ADD BASE CPP /nologo /W3 /Gm /GX /ZI /Od /D "WIN32" /D "_DEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /GZ  /c
+# ADD CPP /nologo /MTd /W3 /Gm /GX /ZI /Od /I "..\..\..\src\win32" /D "WIN32" /D "_DEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /GZ  /c
+# ADD BASE RSC /l 0x409 /d "_DEBUG"
+# ADD RSC /l 0x409 /d "_DEBUG"
+BSC32=bscmake.exe
+# ADD BASE BSC32 /nologo
+# ADD BSC32 /nologo
+LINK32=link.exe
+# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib  kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept
+# ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib wsock32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept
+
+!ENDIF 
+
+# Begin Target
+
+# Name "tor_resolve - Win32 Release"
+# Name "tor_resolve - Win32 Debug"
+# Begin Group "Source Files"
+
+# PROP Default_Filter "cpp;c;cxx;rc;def;r;odl;idl;hpj;bat"
+# Begin Source File
+
+SOURCE=..\..\..\src\common\compat.c
+# End Source File
+# Begin Source File
+
+SOURCE=..\..\..\src\common\log.c
+# End Source File
+# Begin Source File
+
+SOURCE="..\..\..\src\tools\tor-resolve.c"
+# End Source File
+# Begin Source File
+
+SOURCE=..\..\..\src\common\util.c
+# End Source File
+# End Group
+# Begin Group "Header Files"
+
+# PROP Default_Filter "h;hpp;hxx;hm;inl"
+# Begin Source File
+
+SOURCE=..\..\..\src\common\compat.h
+# End Source File
+# Begin Source File
+
+SOURCE=..\..\..\src\common\log.h
+# End Source File
+# Begin Source File
+
+SOURCE=..\..\..\src\win32\orconfig.h
+# End Source File
+# Begin Source File
+
+SOURCE=..\..\..\src\common\torint.h
+# End Source File
+# Begin Source File
+
+SOURCE=..\..\..\src\common\util.h
+# End Source File
+# End Group
+# Begin Group "Resource Files"
+
+# PROP Default_Filter "ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe"
+# End Group
+# End Target
+# End Project
--- a/Win32Build/vc7/Tor/Tor.sln
+++ b/Win32Build/vc7/Tor/Tor.sln
@ -0,0 +1,45 @@
+Microsoft Visual Studio Solution File, Format Version 8.00
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "Tor", "Tor.vcproj", "{63A6B170-E742-400C-B3A0-9CCED3699043}"
+	ProjectSection(ProjectDependencies) = postProject
+	EndProjectSection
+EndProject
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "tor_resolve", "..\tor_resolve\tor_resolve.vcproj", "{E2D2762A-26BD-4A28-BD72-DDAB181324B4}"
+	ProjectSection(ProjectDependencies) = postProject
+	EndProjectSection
+EndProject
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "unittests", "..\unittests\unittests.vcproj", "{F1F64693-11A9-4992-8B4B-2A67C07BD8C8}"
+	ProjectSection(ProjectDependencies) = postProject
+	EndProjectSection
+EndProject
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "libevent", "..\..\..\contrib\libevent\WIN32-Prj\libevent.vcproj", "{52BBFCA6-6F82-4596-BBAD-0BCFBC637B80}"
+	ProjectSection(ProjectDependencies) = postProject
+	EndProjectSection
+EndProject
+Global
+	GlobalSection(SolutionConfiguration) = preSolution
+		Debug = Debug
+		Release = Release
+	EndGlobalSection
+	GlobalSection(ProjectConfiguration) = postSolution
+		{63A6B170-E742-400C-B3A0-9CCED3699043}.Debug.ActiveCfg = Debug|Win32
+		{63A6B170-E742-400C-B3A0-9CCED3699043}.Debug.Build.0 = Debug|Win32
+		{63A6B170-E742-400C-B3A0-9CCED3699043}.Release.ActiveCfg = Release|Win32
+		{63A6B170-E742-400C-B3A0-9CCED3699043}.Release.Build.0 = Release|Win32
+		{E2D2762A-26BD-4A28-BD72-DDAB181324B4}.Debug.ActiveCfg = Debug|Win32
+		{E2D2762A-26BD-4A28-BD72-DDAB181324B4}.Debug.Build.0 = Debug|Win32
+		{E2D2762A-26BD-4A28-BD72-DDAB181324B4}.Release.ActiveCfg = Release|Win32
+		{E2D2762A-26BD-4A28-BD72-DDAB181324B4}.Release.Build.0 = Release|Win32
+		{F1F64693-11A9-4992-8B4B-2A67C07BD8C8}.Debug.ActiveCfg = Debug|Win32
+		{F1F64693-11A9-4992-8B4B-2A67C07BD8C8}.Debug.Build.0 = Debug|Win32
+		{F1F64693-11A9-4992-8B4B-2A67C07BD8C8}.Release.ActiveCfg = Release|Win32
+		{F1F64693-11A9-4992-8B4B-2A67C07BD8C8}.Release.Build.0 = Release|Win32
+		{52BBFCA6-6F82-4596-BBAD-0BCFBC637B80}.Debug.ActiveCfg = Debug|Win32
+		{52BBFCA6-6F82-4596-BBAD-0BCFBC637B80}.Debug.Build.0 = Debug|Win32
+		{52BBFCA6-6F82-4596-BBAD-0BCFBC637B80}.Release.ActiveCfg = Release|Win32
+		{52BBFCA6-6F82-4596-BBAD-0BCFBC637B80}.Release.Build.0 = Release|Win32
+	EndGlobalSection
+	GlobalSection(ExtensibilityGlobals) = postSolution
+	EndGlobalSection
+	GlobalSection(ExtensibilityAddIns) = postSolution
+	EndGlobalSection
+EndGlobal
--- a/Win32Build/vc7/Tor/Tor.vcproj
+++ b/Win32Build/vc7/Tor/Tor.vcproj
@ -0,0 +1,357 @@
+<?xml version="1.0" encoding="Windows-1252"?>
+<VisualStudioProject
+	ProjectType="Visual C++"
+	Version="7.10"
+	Name="Tor"
+	ProjectGUID="{63A6B170-E742-400C-B3A0-9CCED3699043}"
+	Keyword="Win32Proj">
+	<Platforms>
+		<Platform
+			Name="Win32"/>
+	</Platforms>
+	<Configurations>
+		<Configuration
+			Name="Debug|Win32"
+			OutputDirectory="Debug"
+			IntermediateDirectory="Debug"
+			ConfigurationType="1"
+			CharacterSet="2">
+			<Tool
+				Name="VCCLCompilerTool"
+				Optimization="0"
+				AdditionalIncludeDirectories="c:\openssl\include;..\..\..\src\win32;..\..\..\contrib\libevent"
+				PreprocessorDefinitions="WIN32;_DEBUG;_CONSOLE"
+				IgnoreStandardIncludePath="FALSE"
+				MinimalRebuild="TRUE"
+				BasicRuntimeChecks="3"
+				RuntimeLibrary="1"
+				UsePrecompiledHeader="0"
+				WarningLevel="3"
+				Detect64BitPortabilityProblems="FALSE"
+				DebugInformationFormat="4"
+				CompileAs="1"/>
+			<Tool
+				Name="VCCustomBuildTool"/>
+			<Tool
+				Name="VCLinkerTool"
+				AdditionalDependencies="wsock32.lib t:\openssl\install\lib\vc\ssleay32.lib t:\openssl\install\lib\vc\libeay32.lib ..\..\..\contrib\libevent\win32-prj\Debug\libevent.lib ws2_32.lib"
+				OutputFile="$(OutDir)/Tor.exe"
+				LinkIncremental="2"
+				IgnoreDefaultLibraryNames="LIBCD"
+				DelayLoadDLLs="advapi32.dll"
+				GenerateDebugInformation="TRUE"
+				ProgramDatabaseFile="$(OutDir)/Tor.pdb"
+				SubSystem="1"
+				TargetMachine="1"/>
+			<Tool
+				Name="VCMIDLTool"/>
+			<Tool
+				Name="VCPostBuildEventTool"/>
+			<Tool
+				Name="VCPreBuildEventTool"/>
+			<Tool
+				Name="VCPreLinkEventTool"/>
+			<Tool
+				Name="VCResourceCompilerTool"/>
+			<Tool
+				Name="VCWebServiceProxyGeneratorTool"/>
+			<Tool
+				Name="VCXMLDataGeneratorTool"/>
+			<Tool
+				Name="VCWebDeploymentTool"/>
+			<Tool
+				Name="VCManagedWrapperGeneratorTool"/>
+			<Tool
+				Name="VCAuxiliaryManagedWrapperGeneratorTool"/>
+		</Configuration>
+		<Configuration
+			Name="Release|Win32"
+			OutputDirectory="Release"
+			IntermediateDirectory="Release"
+			ConfigurationType="1"
+			CharacterSet="2">
+			<Tool
+				Name="VCCLCompilerTool"
+				AdditionalIncludeDirectories="c:\openssl\include;..\..\..\src\win32;..\..\..\contrib\libevent"
+				PreprocessorDefinitions="WIN32;NDEBUG;_CONSOLE"
+				IgnoreStandardIncludePath="FALSE"
+				RuntimeLibrary="0"
+				UsePrecompiledHeader="0"
+				WarningLevel="3"
+				Detect64BitPortabilityProblems="TRUE"
+				DebugInformationFormat="3"
+				CompileAs="1"/>
+			<Tool
+				Name="VCCustomBuildTool"/>
+			<Tool
+				Name="VCLinkerTool"
+				AdditionalDependencies="wsock32.lib c:\openssl\lib\vc\ssleay32.lib c:\openssl\lib\vc\libeay32.lib"
+				OutputFile="$(OutDir)/Tor.exe"
+				LinkIncremental="1"
+				DelayLoadDLLs="advapi32.dll"
+				GenerateDebugInformation="TRUE"
+				SubSystem="1"
+				OptimizeReferences="2"
+				EnableCOMDATFolding="2"
+				TargetMachine="1"/>
+			<Tool
+				Name="VCMIDLTool"/>
+			<Tool
+				Name="VCPostBuildEventTool"/>
+			<Tool
+				Name="VCPreBuildEventTool"/>
+			<Tool
+				Name="VCPreLinkEventTool"/>
+			<Tool
+				Name="VCResourceCompilerTool"/>
+			<Tool
+				Name="VCWebServiceProxyGeneratorTool"/>
+			<Tool
+				Name="VCXMLDataGeneratorTool"/>
+			<Tool
+				Name="VCWebDeploymentTool"/>
+			<Tool
+				Name="VCManagedWrapperGeneratorTool"/>
+			<Tool
+				Name="VCAuxiliaryManagedWrapperGeneratorTool"/>
+		</Configuration>
+	</Configurations>
+	<References>
+	</References>
+	<Files>
+		<Filter
+			Name="Source Files"
+			Filter="cpp;c;cxx;def;odl;idl;hpj;bat;asm;asmx"
+			UniqueIdentifier="{4FC737F1-C7A5-4376-A066-2A32D752A2FF}">
+			<File
+				RelativePath="..\..\..\src\common\aes.c">
+			</File>
+			<File
+				RelativePath="..\..\..\src\or\buffers.c">
+			</File>
+			<File
+				RelativePath="..\..\..\src\or\circuitbuild.c">
+			</File>
+			<File
+				RelativePath="..\..\..\src\or\circuitlist.c">
+			</File>
+			<File
+				RelativePath="..\..\..\src\or\circuituse.c">
+			</File>
+			<File
+				RelativePath="..\..\..\src\or\command.c">
+			</File>
+			<File
+				RelativePath="..\..\..\src\common\compat.c">
+			</File>
+			<File
+				RelativePath="..\..\..\src\or\config.c">
+			</File>
+			<File
+				RelativePath="..\..\..\src\or\connection.c">
+			</File>
+			<File
+				RelativePath="..\..\..\src\or\connection_edge.c">
+			</File>
+			<File
+				RelativePath="..\..\..\src\or\connection_or.c">
+			</File>
+			<File
+				RelativePath="..\..\..\src\common\container.c">
+			</File>
+			<File
+				RelativePath="..\..\..\src\or\control.c">
+			</File>
+			<File
+				RelativePath="..\..\..\src\or\cpuworker.c">
+			</File>
+			<File
+				RelativePath="..\..\..\src\common\crypto.c">
+			</File>
+			<File
+				RelativePath="..\..\..\src\or\directory.c">
+			</File>
+			<File
+				RelativePath="..\..\..\src\or\dirserv.c">
+			</File>
+			<File
+				RelativePath="..\..\..\src\or\dns.c">
+			</File>
+			<File
+				RelativePath="..\..\..\src\or\hibernate.c">
+			</File>
+			<File
+				RelativePath="..\..\..\src\common\log.c">
+			</File>
+			<File
+				RelativePath="..\..\..\src\or\main.c">
+			</File>
+			<File
+				RelativePath="..\..\..\src\or\onion.c">
+			</File>
+			<File
+				RelativePath="..\..\..\src\or\or.h">
+			</File>
+			<File
+				RelativePath="..\..\..\src\win32\orconfig.h">
+			</File>
+			<File
+				RelativePath="..\..\..\src\or\policies.c">
+			</File>
+			<File
+				RelativePath="..\..\..\src\or\relay.c">
+			</File>
+			<File
+				RelativePath="..\..\..\src\or\rendclient.c">
+			</File>
+			<File
+				RelativePath="..\..\..\src\or\rendcommon.c">
+			</File>
+			<File
+				RelativePath="..\..\..\src\or\rendmid.c">
+			</File>
+			<File
+				RelativePath="..\..\..\src\or\rendservice.c">
+			</File>
+			<File
+				RelativePath="..\..\..\src\or\rephist.c">
+			</File>
+			<File
+				RelativePath="..\..\..\src\or\router.c">
+			</File>
+			<File
+				RelativePath="..\..\..\src\or\routerlist.c">
+			</File>
+			<File
+				RelativePath="..\..\..\src\or\routerparse.c">
+			</File>
+			<File
+				RelativePath="..\..\..\src\or\tor_main.c">
+			</File>
+			<File
+				RelativePath="..\..\..\src\common\torgzip.c">
+			</File>
+			<File
+				RelativePath="..\..\..\src\common\torint.h">
+			</File>
+			<File
+				RelativePath="..\..\..\src\common\tortls.c">
+			</File>
+			<File
+				RelativePath="..\..\..\src\common\util.c">
+			</File>
+			<Filter
+				Name="zlib"
+				Filter="">
+				<File
+					RelativePath="..\..\..\contrib\zlib\adler32.c">
+				</File>
+				<File
+					RelativePath="..\..\..\contrib\zlib\compress.c">
+				</File>
+				<File
+					RelativePath="..\..\..\contrib\zlib\crc32.c">
+				</File>
+				<File
+					RelativePath="..\..\..\contrib\zlib\crc32.h">
+				</File>
+				<File
+					RelativePath="..\..\..\contrib\zlib\deflate.c">
+				</File>
+				<File
+					RelativePath="..\..\..\contrib\zlib\deflate.h">
+				</File>
+				<File
+					RelativePath="..\..\..\contrib\zlib\gzio.c">
+				</File>
+				<File
+					RelativePath="..\..\..\contrib\zlib\infback.c">
+				</File>
+				<File
+					RelativePath="..\..\..\contrib\zlib\inffast.c">
+				</File>
+				<File
+					RelativePath="..\..\..\contrib\zlib\inffast.h">
+				</File>
+				<File
+					RelativePath="..\..\..\contrib\zlib\inffixed.h">
+				</File>
+				<File
+					RelativePath="..\..\..\contrib\zlib\inflate.c">
+				</File>
+				<File
+					RelativePath="..\..\..\contrib\zlib\inflate.h">
+				</File>
+				<File
+					RelativePath="..\..\..\contrib\zlib\inftrees.c">
+				</File>
+				<File
+					RelativePath="..\..\..\contrib\zlib\inftrees.h">
+				</File>
+				<File
+					RelativePath="..\..\..\contrib\zlib\trees.c">
+				</File>
+				<File
+					RelativePath="..\..\..\contrib\zlib\trees.h">
+				</File>
+				<File
+					RelativePath="..\..\..\contrib\zlib\uncompr.c">
+				</File>
+				<File
+					RelativePath="..\..\..\contrib\zlib\zconf.h">
+				</File>
+				<File
+					RelativePath="..\..\..\contrib\zlib\zlib.h">
+				</File>
+				<File
+					RelativePath="..\..\..\contrib\zlib\zutil.c">
+				</File>
+				<File
+					RelativePath="..\..\..\contrib\zlib\zutil.h">
+				</File>
+			</Filter>
+		</Filter>
+		<Filter
+			Name="Header Files"
+			Filter="h;hpp;hxx;hm;inl;inc;xsd"
+			UniqueIdentifier="{93995380-89BD-4b04-88EB-625FBE52EBFB}">
+			<File
+				RelativePath="..\..\..\src\common\aes.h">
+			</File>
+			<File
+				RelativePath="..\..\..\src\common\compat.h">
+			</File>
+			<File
+				RelativePath="..\..\..\src\common\container.h">
+			</File>
+			<File
+				RelativePath="..\..\..\src\common\crypto.h">
+			</File>
+			<File
+				RelativePath="..\..\..\src\common\log.h">
+			</File>
+			<File
+				RelativePath="..\..\..\src\common\torgzip.h">
+			</File>
+			<File
+				RelativePath="..\..\..\src\common\tortls.h">
+			</File>
+			<File
+				RelativePath="..\..\..\src\or\tree.h">
+			</File>
+			<File
+				RelativePath="..\..\..\src\common\util.h">
+			</File>
+		</Filter>
+		<Filter
+			Name="Resource Files"
+			Filter="rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx"
+			UniqueIdentifier="{67DA6AB6-F800-4c08-8B7A-83BB121AAD01}">
+		</Filter>
+		<File
+			RelativePath=".\ReadMe.txt">
+		</File>
+	</Files>
+	<Globals>
+	</Globals>
+</VisualStudioProject>
--- a/Win32Build/vc7/tor_resolve/tor_resolve.vcproj
+++ b/Win32Build/vc7/tor_resolve/tor_resolve.vcproj
@ -0,0 +1,169 @@
+<?xml version="1.0" encoding="Windows-1252"?>
+<VisualStudioProject
+	ProjectType="Visual C++"
+	Version="7.10"
+	Name="tor_resolve"
+	ProjectGUID="{E2D2762A-26BD-4A28-BD72-DDAB181324B4}"
+	Keyword="Win32Proj">
+	<Platforms>
+		<Platform
+			Name="Win32"/>
+	</Platforms>
+	<Configurations>
+		<Configuration
+			Name="Debug|Win32"
+			OutputDirectory="Debug"
+			IntermediateDirectory="Debug"
+			ConfigurationType="1"
+			CharacterSet="2">
+			<Tool
+				Name="VCCLCompilerTool"
+				Optimization="0"
+				AdditionalIncludeDirectories="..\..\..\contrib\libevent;..\..\..\src\win32"
+				PreprocessorDefinitions="WIN32;_DEBUG;_CONSOLE"
+				MinimalRebuild="TRUE"
+				BasicRuntimeChecks="3"
+				RuntimeLibrary="1"
+				UsePrecompiledHeader="0"
+				WarningLevel="3"
+				Detect64BitPortabilityProblems="FALSE"
+				DebugInformationFormat="4"/>
+			<Tool
+				Name="VCCustomBuildTool"/>
+			<Tool
+				Name="VCLinkerTool"
+				AdditionalDependencies="wsock32.lib ..\..\..\contrib\libevent\win32-prj\Debug\libevent.lib"
+				OutputFile="$(OutDir)/tor_resolve.exe"
+				LinkIncremental="2"
+				GenerateDebugInformation="TRUE"
+				ProgramDatabaseFile="$(OutDir)/tor_resolve.pdb"
+				SubSystem="1"
+				TargetMachine="1"/>
+			<Tool
+				Name="VCMIDLTool"/>
+			<Tool
+				Name="VCPostBuildEventTool"/>
+			<Tool
+				Name="VCPreBuildEventTool"/>
+			<Tool
+				Name="VCPreLinkEventTool"/>
+			<Tool
+				Name="VCResourceCompilerTool"/>
+			<Tool
+				Name="VCWebServiceProxyGeneratorTool"/>
+			<Tool
+				Name="VCXMLDataGeneratorTool"/>
+			<Tool
+				Name="VCWebDeploymentTool"/>
+			<Tool
+				Name="VCManagedWrapperGeneratorTool"/>
+			<Tool
+				Name="VCAuxiliaryManagedWrapperGeneratorTool"/>
+		</Configuration>
+		<Configuration
+			Name="Release|Win32"
+			OutputDirectory="Release"
+			IntermediateDirectory="Release"
+			ConfigurationType="1"
+			CharacterSet="2">
+			<Tool
+				Name="VCCLCompilerTool"
+				AdditionalIncludeDirectories="..\..\..\contrib\libevent;..\..\..\src\win32"
+				PreprocessorDefinitions="WIN32;NDEBUG;_CONSOLE"
+				RuntimeLibrary="0"
+				UsePrecompiledHeader="0"
+				WarningLevel="3"
+				Detect64BitPortabilityProblems="FALSE"
+				DebugInformationFormat="3"/>
+			<Tool
+				Name="VCCustomBuildTool"/>
+			<Tool
+				Name="VCLinkerTool"
+				AdditionalDependencies="wsock32.lib ..\..\..\contrib\libevent\win32-prj\Debug\libevent.lib"
+				OutputFile="$(OutDir)/tor_resolve.exe"
+				LinkIncremental="1"
+				GenerateDebugInformation="TRUE"
+				SubSystem="1"
+				OptimizeReferences="2"
+				EnableCOMDATFolding="2"
+				TargetMachine="1"/>
+			<Tool
+				Name="VCMIDLTool"/>
+			<Tool
+				Name="VCPostBuildEventTool"/>
+			<Tool
+				Name="VCPreBuildEventTool"/>
+			<Tool
+				Name="VCPreLinkEventTool"/>
+			<Tool
+				Name="VCResourceCompilerTool"/>
+			<Tool
+				Name="VCWebServiceProxyGeneratorTool"/>
+			<Tool
+				Name="VCXMLDataGeneratorTool"/>
+			<Tool
+				Name="VCWebDeploymentTool"/>
+			<Tool
+				Name="VCManagedWrapperGeneratorTool"/>
+			<Tool
+				Name="VCAuxiliaryManagedWrapperGeneratorTool"/>
+		</Configuration>
+	</Configurations>
+	<References>
+	</References>
+	<Files>
+		<Filter
+			Name="Source Files"
+			Filter="cpp;c;cxx;def;odl;idl;hpj;bat;asm;asmx"
+			UniqueIdentifier="{4FC737F1-C7A5-4376-A066-2A32D752A2FF}">
+			<File
+				RelativePath="..\..\..\src\common\compat.c">
+			</File>
+			<File
+				RelativePath="..\..\..\src\common\compat.h">
+			</File>
+			<File
+				RelativePath="..\..\..\src\common\container.c">
+			</File>
+			<File
+				RelativePath="..\..\..\src\common\container.h">
+			</File>
+			<File
+				RelativePath="..\..\..\src\common\log.c">
+			</File>
+			<File
+				RelativePath="..\..\..\src\common\log.h">
+			</File>
+			<File
+				RelativePath="..\..\..\src\win32\orconfig.h">
+			</File>
+			<File
+				RelativePath="..\..\..\src\tools\tor-resolve.c">
+			</File>
+			<File
+				RelativePath="..\..\..\src\common\torint.h">
+			</File>
+			<File
+				RelativePath="..\..\..\src\common\util.c">
+			</File>
+			<File
+				RelativePath="..\..\..\src\common\util.h">
+			</File>
+		</Filter>
+		<Filter
+			Name="Header Files"
+			Filter="h;hpp;hxx;hm;inl;inc;xsd"
+			UniqueIdentifier="{93995380-89BD-4b04-88EB-625FBE52EBFB}">
+		</Filter>
+		<Filter
+			Name="Resource Files"
+			Filter="rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx"
+			UniqueIdentifier="{67DA6AB6-F800-4c08-8B7A-83BB121AAD01}">
+		</Filter>
+		<File
+			RelativePath=".\ReadMe.txt">
+		</File>
+	</Files>
+	<Globals>
+	</Globals>
+</VisualStudioProject>
--- a/Win32Build/vc7/unittests/unittests.vcproj
+++ b/Win32Build/vc7/unittests/unittests.vcproj
@ -0,0 +1,342 @@
+<?xml version="1.0" encoding="Windows-1252"?>
+<VisualStudioProject
+	ProjectType="Visual C++"
+	Version="7.10"
+	Name="unittests"
+	ProjectGUID="{F1F64693-11A9-4992-8B4B-2A67C07BD8C8}"
+	Keyword="Win32Proj">
+	<Platforms>
+		<Platform
+			Name="Win32"/>
+	</Platforms>
+	<Configurations>
+		<Configuration
+			Name="Debug|Win32"
+			OutputDirectory="Debug"
+			IntermediateDirectory="Debug"
+			ConfigurationType="1"
+			CharacterSet="2">
+			<Tool
+				Name="VCCLCompilerTool"
+				Optimization="0"
+				AdditionalIncludeDirectories="..\..\..\src\win32;c:\openssl\include;..\..\..\contrib\libevent"
+				PreprocessorDefinitions="WIN32;_DEBUG;_CONSOLE"
+				MinimalRebuild="TRUE"
+				BasicRuntimeChecks="3"
+				RuntimeLibrary="1"
+				UsePrecompiledHeader="0"
+				WarningLevel="3"
+				Detect64BitPortabilityProblems="FALSE"
+				DebugInformationFormat="4"/>
+			<Tool
+				Name="VCCustomBuildTool"/>
+			<Tool
+				Name="VCLinkerTool"
+				AdditionalDependencies="wsock32.lib t:\openssl\install\lib\vc\libeay32.lib t:\openssl\install\lib\vc\ssleay32.lib ws2_32.lib ..\..\..\contrib\libevent\win32-prj\Debug\libevent.lib"
+				OutputFile="$(OutDir)/unittests.exe"
+				LinkIncremental="2"
+				IgnoreDefaultLibraryNames="LIBCD"
+				GenerateDebugInformation="TRUE"
+				ProgramDatabaseFile="$(OutDir)/unittests.pdb"
+				SubSystem="1"
+				TargetMachine="1"/>
+			<Tool
+				Name="VCMIDLTool"/>
+			<Tool
+				Name="VCPostBuildEventTool"/>
+			<Tool
+				Name="VCPreBuildEventTool"/>
+			<Tool
+				Name="VCPreLinkEventTool"/>
+			<Tool
+				Name="VCResourceCompilerTool"/>
+			<Tool
+				Name="VCWebServiceProxyGeneratorTool"/>
+			<Tool
+				Name="VCXMLDataGeneratorTool"/>
+			<Tool
+				Name="VCWebDeploymentTool"/>
+			<Tool
+				Name="VCManagedWrapperGeneratorTool"/>
+			<Tool
+				Name="VCAuxiliaryManagedWrapperGeneratorTool"/>
+		</Configuration>
+		<Configuration
+			Name="Release|Win32"
+			OutputDirectory="Release"
+			IntermediateDirectory="Release"
+			ConfigurationType="1"
+			CharacterSet="2">
+			<Tool
+				Name="VCCLCompilerTool"
+				AdditionalIncludeDirectories="..\..\..\src\win32;c:\openssl\include;..\..\..\contrib\libevent"
+				PreprocessorDefinitions="WIN32;NDEBUG;_CONSOLE"
+				RuntimeLibrary="0"
+				UsePrecompiledHeader="0"
+				WarningLevel="3"
+				Detect64BitPortabilityProblems="FALSE"
+				DebugInformationFormat="3"/>
+			<Tool
+				Name="VCCustomBuildTool"/>
+			<Tool
+				Name="VCLinkerTool"
+				AdditionalDependencies="wsock32.lib c:\openssl\lib\vc\libeay32.lib c:\openssl\lib\vc\ssleay32.lib"
+				OutputFile="$(OutDir)/unittests.exe"
+				LinkIncremental="1"
+				GenerateDebugInformation="TRUE"
+				SubSystem="1"
+				OptimizeReferences="2"
+				EnableCOMDATFolding="2"
+				TargetMachine="1"/>
+			<Tool
+				Name="VCMIDLTool"/>
+			<Tool
+				Name="VCPostBuildEventTool"/>
+			<Tool
+				Name="VCPreBuildEventTool"/>
+			<Tool
+				Name="VCPreLinkEventTool"/>
+			<Tool
+				Name="VCResourceCompilerTool"/>
+			<Tool
+				Name="VCWebServiceProxyGeneratorTool"/>
+			<Tool
+				Name="VCXMLDataGeneratorTool"/>
+			<Tool
+				Name="VCWebDeploymentTool"/>
+			<Tool
+				Name="VCManagedWrapperGeneratorTool"/>
+			<Tool
+				Name="VCAuxiliaryManagedWrapperGeneratorTool"/>
+		</Configuration>
+	</Configurations>
+	<References>
+	</References>
+	<Files>
+		<Filter
+			Name="Source Files"
+			Filter="cpp;c;cxx;def;odl;idl;hpj;bat;asm;asmx"
+			UniqueIdentifier="{4FC737F1-C7A5-4376-A066-2A32D752A2FF}">
+			<File
+				RelativePath="..\..\..\src\common\aes.c">
+			</File>
+			<File
+				RelativePath="..\..\..\src\or\buffers.c">
+			</File>
+			<File
+				RelativePath="..\..\..\src\or\circuitbuild.c">
+			</File>
+			<File
+				RelativePath="..\..\..\src\or\circuitlist.c">
+			</File>
+			<File
+				RelativePath="..\..\..\src\or\circuituse.c">
+			</File>
+			<File
+				RelativePath="..\..\..\src\or\command.c">
+			</File>
+			<File
+				RelativePath="..\..\..\src\common\compat.c">
+			</File>
+			<File
+				RelativePath="..\..\..\src\or\config.c">
+			</File>
+			<File
+				RelativePath="..\..\..\src\or\connection.c">
+			</File>
+			<File
+				RelativePath="..\..\..\src\or\connection_edge.c">
+			</File>
+			<File
+				RelativePath="..\..\..\src\or\connection_or.c">
+			</File>
+			<File
+				RelativePath="..\..\..\src\common\container.c">
+			</File>
+			<File
+				RelativePath="..\..\..\src\or\control.c">
+			</File>
+			<File
+				RelativePath="..\..\..\src\or\cpuworker.c">
+			</File>
+			<File
+				RelativePath="..\..\..\src\common\crypto.c">
+			</File>
+			<File
+				RelativePath="..\..\..\src\or\directory.c">
+			</File>
+			<File
+				RelativePath="..\..\..\src\or\dirserv.c">
+			</File>
+			<File
+				RelativePath="..\..\..\src\or\dns.c">
+			</File>
+			<File
+				RelativePath="..\..\..\src\or\hibernate.c">
+			</File>
+			<File
+				RelativePath="..\..\..\src\common\log.c">
+			</File>
+			<File
+				RelativePath="..\..\..\src\or\main.c">
+			</File>
+			<File
+				RelativePath="..\..\..\src\or\onion.c">
+			</File>
+			<File
+				RelativePath="..\..\..\src\or\or.h">
+			</File>
+			<File
+				RelativePath="..\..\..\src\win32\orconfig.h">
+			</File>
+			<File
+				RelativePath="..\..\..\src\or\policies.c">
+			</File>
+			<File
+				RelativePath="..\..\..\src\or\relay.c">
+			</File>
+			<File
+				RelativePath="..\..\..\src\or\rendclient.c">
+			</File>
+			<File
+				RelativePath="..\..\..\src\or\rendcommon.c">
+			</File>
+			<File
+				RelativePath="..\..\..\src\or\rendmid.c">
+			</File>
+			<File
+				RelativePath="..\..\..\src\or\rendservice.c">
+			</File>
+			<File
+				RelativePath="..\..\..\src\or\rephist.c">
+			</File>
+			<File
+				RelativePath="..\..\..\src\or\router.c">
+			</File>
+			<File
+				RelativePath="..\..\..\src\or\routerlist.c">
+			</File>
+			<File
+				RelativePath="..\..\..\src\or\routerparse.c">
+			</File>
+			<File
+				RelativePath="..\..\..\src\or\test.c">
+			</File>
+			<File
+				RelativePath="..\..\..\src\common\torgzip.c">
+			</File>
+			<File
+				RelativePath="..\..\..\src\common\torint.h">
+			</File>
+			<File
+				RelativePath="..\..\..\src\common\tortls.c">
+			</File>
+			<File
+				RelativePath="..\..\..\src\common\util.c">
+			</File>
+			<File
+				RelativePath="..\..\..\contrib\zlib\zutil.h">
+			</File>
+			<Filter
+				Name="zlib">
+				<File
+					RelativePath="..\..\..\contrib\zlib\adler32.c">
+				</File>
+				<File
+					RelativePath="..\..\..\contrib\zlib\compress.c">
+				</File>
+				<File
+					RelativePath="..\..\..\contrib\zlib\crc32.c">
+				</File>
+				<File
+					RelativePath="..\..\..\contrib\zlib\crc32.h">
+				</File>
+				<File
+					RelativePath="..\..\..\contrib\zlib\deflate.c">
+				</File>
+				<File
+					RelativePath="..\..\..\contrib\zlib\deflate.h">
+				</File>
+				<File
+					RelativePath="..\..\..\contrib\zlib\gzio.c">
+				</File>
+				<File
+					RelativePath="..\..\..\contrib\zlib\infback.c">
+				</File>
+				<File
+					RelativePath="..\..\..\contrib\zlib\inffast.c">
+				</File>
+				<File
+					RelativePath="..\..\..\contrib\zlib\inffast.h">
+				</File>
+				<File
+					RelativePath="..\..\..\contrib\zlib\inffixed.h">
+				</File>
+				<File
+					RelativePath="..\..\..\contrib\zlib\inflate.c">
+				</File>
+				<File
+					RelativePath="..\..\..\contrib\zlib\inflate.h">
+				</File>
+				<File
+					RelativePath="..\..\..\contrib\zlib\inftrees.c">
+				</File>
+				<File
+					RelativePath="..\..\..\contrib\zlib\inftrees.h">
+				</File>
+				<File
+					RelativePath="..\..\..\contrib\zlib\trees.c">
+				</File>
+				<File
+					RelativePath="..\..\..\contrib\zlib\trees.h">
+				</File>
+				<File
+					RelativePath="..\..\..\contrib\zlib\uncompr.c">
+				</File>
+				<File
+					RelativePath="..\..\..\contrib\zlib\zconf.h">
+				</File>
+				<File
+					RelativePath="..\..\..\contrib\zlib\zlib.h">
+				</File>
+				<File
+					RelativePath="..\..\..\contrib\zlib\zutil.c">
+				</File>
+			</Filter>
+		</Filter>
+		<Filter
+			Name="Header Files"
+			Filter="h;hpp;hxx;hm;inl;inc;xsd"
+			UniqueIdentifier="{93995380-89BD-4b04-88EB-625FBE52EBFB}">
+			<File
+				RelativePath="..\..\..\src\common\aes.h">
+			</File>
+			<File
+				RelativePath="..\..\..\src\common\compat.h">
+			</File>
+			<File
+				RelativePath="..\..\..\src\common\container.h">
+			</File>
+			<File
+				RelativePath="..\..\..\src\common\crypto.h">
+			</File>
+			<File
+				RelativePath="..\..\..\src\common\log.h">
+			</File>
+			<File
+				RelativePath="..\..\..\src\common\torgzip.h">
+			</File>
+			<File
+				RelativePath="..\..\..\src\common\tortls.h">
+			</File>
+			<File
+				RelativePath="..\..\..\src\or\tree.h">
+			</File>
+			<File
+				RelativePath="..\..\..\src\common\util.h">
+			</File>
+		</Filter>
+	</Files>
+	<Globals>
+	</Globals>
+</VisualStudioProject>
--- a/acinclude.m4
+++ b/acinclude.m4
@ -1,8 +1,8 @@
-dnl Helper macros for Tor configure.ac
+dnl $Id$
+dnl Helper macros for Tor configure.in
 dnl Copyright (c) 2001-2004, Roger Dingledine
 dnl Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson
 dnl Copyright (c) 2007-2008, Roger Dingledine, Nick Mathewson
-dnl Copyright (c) 2007-2017, The Tor Project, Inc.
 dnl See LICENSE for licensing information

 AC_DEFUN([TOR_EXTEND_CODEPATH],
@ -27,10 +27,8 @@ AC_DEFUN([TOR_DEFINE_CODEPATH],
  else
   if test -d "$1/lib"; then
     TOR_LDFLAGS_$2="-L$1/lib"
-     TOR_LIBDIR_$2="$1/lib"
   else
     TOR_LDFLAGS_$2="-L$1"
-     TOR_LIBDIR_$2="$1"
   fi
   if test -d "$1/include"; then
     TOR_CPPFLAGS_$2="-I$1/include"
@ -42,70 +40,6 @@ AC_DEFUN([TOR_DEFINE_CODEPATH],
  AC_SUBST(TOR_LDFLAGS_$2)
 ])

-dnl 1: flags
-dnl 2: try to link too if this is nonempty.
-dnl 3: what to do on success compiling
-dnl 4: what to do on failure compiling
-AC_DEFUN([TOR_TRY_COMPILE_WITH_CFLAGS], [
-  AS_VAR_PUSHDEF([VAR],[tor_cv_cflags_$1])
-  AC_CACHE_CHECK([whether the compiler accepts $1], VAR, [
-    tor_saved_CFLAGS="$CFLAGS"
-    CFLAGS="$CFLAGS -pedantic -Werror $1"
-    AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[]], [[]])],
-                   [AS_VAR_SET(VAR,yes)],
-                   [AS_VAR_SET(VAR,no)])
-    if test x$2 != x; then
-      AS_VAR_PUSHDEF([can_link],[tor_can_link_$1])
-      AC_LINK_IFELSE([AC_LANG_PROGRAM([[]], [[]])],
-                  [AS_VAR_SET(can_link,yes)],
-                  [AS_VAR_SET(can_link,no)])
-      AS_VAR_POPDEF([can_link])
-    fi
-    CFLAGS="$tor_saved_CFLAGS"
-  ])
-  if test x$VAR = xyes; then
-     $3
-  else
-     $4
-  fi
-  AS_VAR_POPDEF([VAR])
-])
-
-dnl 1:flags
-dnl 2:also try to link (yes: non-empty string)
-dnl   will set yes or no in $tor_can_link_$1 (as modified by AS_VAR_PUSHDEF)
-AC_DEFUN([TOR_CHECK_CFLAGS], [
-  TOR_TRY_COMPILE_WITH_CFLAGS($1, $2, CFLAGS="$CFLAGS $1", true)
-])
-
-dnl 1:flags
-dnl 2:extra ldflags
-dnl 3:extra libraries
-AC_DEFUN([TOR_CHECK_LDFLAGS], [
-  AS_VAR_PUSHDEF([VAR],[tor_cv_ldflags_$1])
-  AC_CACHE_CHECK([whether the linker accepts $1], VAR, [
-    tor_saved_CFLAGS="$CFLAGS"
-    tor_saved_LDFLAGS="$LDFLAGS"
-    tor_saved_LIBS="$LIBS"
-    CFLAGS="$CFLAGS -pedantic -Werror"
-    LDFLAGS="$LDFLAGS $2 $1"
-    LIBS="$LIBS $3"
-    AC_RUN_IFELSE([AC_LANG_PROGRAM([#include <stdio.h>], [fputs("", stdout)])],
-                  [AS_VAR_SET(VAR,yes)],
-                  [AS_VAR_SET(VAR,no)],
-                  [AC_LINK_IFELSE([AC_LANG_PROGRAM([[]], [[]])],
-                                   [AS_VAR_SET(VAR,yes)],
-                                   [AS_VAR_SET(VAR,no)])])
-    CFLAGS="$tor_saved_CFLAGS"
-    LDFLAGS="$tor_saved_LDFLAGS"
-    LIBS="$tor_saved_LIBS"
-  ])
-  if test x$VAR = xyes; then
-    LDFLAGS="$LDFLAGS $1"
-  fi
-  AS_VAR_POPDEF([VAR])
-])
-
 dnl 1:libname
 AC_DEFUN([TOR_WARN_MISSING_LIB], [
 h=""
@ -113,21 +47,21 @@ if test x$2 = xdevpkg; then
  h=" headers for"
 fi
 if test -f /etc/debian_version && test x"$tor_$1_$2_debian" != x; then
-  AC_MSG_WARN([On Debian, you can install$h $1 using "apt-get install $tor_$1_$2_debian"])
+  AC_WARN([On Debian, you can install$h $1 using "apt-get install $tor_$1_$2_debian"])
  if test x"$tor_$1_$2_debian" != x"$tor_$1_devpkg_debian"; then 
-    AC_MSG_WARN([   You will probably need $tor_$1_devpkg_debian too.])
+    AC_WARN([   You will probably need $tor_$1_devpkg_debian too.])
  fi 
 fi
 if test -f /etc/fedora-release && test x"$tor_$1_$2_redhat" != x; then
-  AC_MSG_WARN([On Fedora, you can install$h $1 using "dnf install $tor_$1_$2_redhat"])
+  AC_WARN([On Fedora Core, you can install$h $1 using "yum install $tor_$1_$2_redhat"])
  if test x"$tor_$1_$2_redhat" != x"$tor_$1_devpkg_redhat"; then 
-    AC_MSG_WARN([   You will probably need to install $tor_$1_devpkg_redhat too.])
+    AC_WARN([   You will probably need to install $tor_$1_devpkg_redhat too.])
  fi 
 else
  if test -f /etc/redhat-release && test x"$tor_$1_$2_redhat" != x; then
-    AC_MSG_WARN([On most Redhat-based systems, you can get$h $1 by installing the $tor_$1_$2_redhat RPM package])
+    AC_WARN([On most Redhat-based systems, you can get$h $1 by installing the $tor_$1_$2_redhat" RPM package])
    if test x"$tor_$1_$2_redhat" != x"$tor_$1_devpkg_redhat"; then 
-      AC_MSG_WARN([   You will probably need to install $tor_$1_devpkg_redhat too.])
+      AC_WARN([   You will probably need to install $tor_$1_devpkg_redhat too.])
    fi 
  fi
 fi
@ -147,7 +81,7 @@ dnl
 AC_DEFUN([TOR_SEARCH_LIBRARY], [
 try$1dir=""
 AC_ARG_WITH($1-dir,
-  AS_HELP_STRING(--with-$1-dir=PATH, [specify path to $1 installation]),
+  [  --with-$1-dir=PATH    Specify path to $1 installation ],
  [
     if test x$withval != xno ; then
        try$1dir="$withval"
@ -186,13 +120,13 @@ AC_CACHE_CHECK([for $1 directory], tor_cv_library_$1_dir, [

    # Can we link against (but not necessarily run, or find the headers for)
    # the binary?
-    AC_LINK_IFELSE([AC_LANG_PROGRAM([$5], [$6])],
+    AC_LINK_IFELSE(AC_LANG_PROGRAM([$5], [$6]),
                   [linkable=yes], [linkable=no])

    if test "$linkable" = yes; then
      tor_$1_any_linkable=yes
      # Okay, we can link against it.  Can we find the headers?
-      AC_COMPILE_IFELSE([AC_LANG_PROGRAM([$4], [$6])],
+      AC_COMPILE_IFELSE(AC_LANG_PROGRAM([$4], [$6]),
                        [buildable=yes], [buildable=no])
      if test "$buildable" = yes; then
         tor_cv_library_$1_dir=$tor_trydir
@ -244,11 +178,8 @@ if test "$cross_compiling" != yes; then
     else
       LDFLAGS="$tor_tryextra $orig_LDFLAGS"
     fi
-     AC_RUN_IFELSE([AC_LANG_PROGRAM([$5], [$6])],
-                   [runnable=yes], [runnable=no],
-                   [AC_LINK_IFELSE([AC_LANG_PROGRAM([[]], [[]])],
-                                   [runnable=yes],
-                                   [runnable=no])])
+     AC_RUN_IFELSE(AC_LANG_PROGRAM([$5], [$6]),
+                   [runnable=yes], [runnable=no])
     if test "$runnable" = yes; then
        tor_cv_library_$1_linker_option=$tor_tryextra
        break
@ -279,7 +210,7 @@ dnl
 dnl TOR_CHECK_PROTYPE(1:functionname, 2:macroname, 2: includes)
 AC_DEFUN([TOR_CHECK_PROTOTYPE], [
 AC_CACHE_CHECK([for declaration of $1], tor_cv_$1_declared, [
-   AC_COMPILE_IFELSE([AC_LANG_PROGRAM([$3],[void *ptr= $1 ;])],
+   AC_COMPILE_IFELSE(AC_LANG_PROGRAM([$3],[void *ptr= $1 ;]),
                     tor_cv_$1_declared=yes,tor_cv_$1_declared=no)])
 if test x$tor_cv_$1_declared != xno ; then
  AC_DEFINE($2, 1,
--- a/autogen.sh
+++ b/autogen.sh
@ -1,23 +1,9 @@
 #!/bin/sh

-if [ -x "`which autoreconf 2>/dev/null`" ] ; then
-  opt="-i -f -W all,error"
-
-  for i in $@; do
-    case "$i" in
-      -v)
-        opt="${opt} -v"
-        ;;
-    esac
-  done
-
-  exec autoreconf $opt
-fi
-
 set -e

 # Run this to generate all the initial makefiles, etc.
-aclocal -I m4 && \
+aclocal && \
 	autoheader && \
 	autoconf && \
 	automake --add-missing --copy
--- a/changes/.dummy
+++ b/changes/.dummy
@ -1,37 +0,0 @@
-This file is here to keep git from removing the changes directory when
-all the changes files have been merged.
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-"I'm Nobody! Who are you?
- Are you--Nobody--too?
- Then there's a pair of us!
- Don’t tell! they'd advertise--you know!
-
- How dreary--to be--Somebody!
- How public--like a Frog--
- To tell one's name--the livelong June--
- To an admiring Bog!"
-    -- Emily Dickinson
-
--- a/changes/TROVE-2018-005
+++ b/changes/TROVE-2018-005
@ -1,6 +0,0 @@
-  o Major bugfixes (security, directory authority, denial-of-service):
-    - Fix a bug that could have allowed an attacker to force a
-      directory authority to use up all its RAM by passing it a
-      maliciously crafted protocol versions string. Fixes bug 25517;
-      bugfix on 0.2.9.4-alpha.  This issue is also tracked as
-      TROVE-2018-005.
--- a/changes/bug25939
+++ b/changes/bug25939
@ -1,3 +0,0 @@
-  o Minor bugfixes (onion services):
-    - Fix a bug that blocked the creation of ephemeral v3 onion services. Fixes
-      bug 25939; bugfix on 0.3.4.1-alpha.
--- a/changes/bug26101_26102
+++ b/changes/bug26101_26102
@ -1,5 +0,0 @@
-  o Minor bugfixes (test coverage tools):
-    - Update our "cov-diff" script to handle output from the latest
-      version of gcov, and to remove extraneous timestamp information
-      from its output. Fixes bugs 26101 and 26102; bugfix on
-      0.2.5.1-alpha.
--- a/changes/bug26116
+++ b/changes/bug26116
@ -1,7 +0,0 @@
-  o Minor bugfixes (compatibility, openssl):
-    - Work around a change in OpenSSL 1.1.1 where
-      return values that would previously indicate "no password" now
-      indicate an empty password. Without this workaround, Tor instances
-      running with OpenSSL 1.1.1 would accept descriptors that other Tor
-      instances would reject. Fixes bug 26116; bugfix on 0.2.5.16.
-      
--- a/changes/bug26121
+++ b/changes/bug26121
@ -1,6 +0,0 @@
-  o Minor bugfixes (controller):
-    - Improve accuracy of the BUILDTIMEOUT_SET control port event's
-      TIMEOUT_RATE and CLOSE_RATE fields. (We were previously miscounting
-      the total number of circuits for these field values.) Fixes bug
-      26121; bugfix on 0.3.3.1-alpha.
-
--- a/changes/bug26156
+++ b/changes/bug26156
@ -1,3 +0,0 @@
-  o Minor bugfixes (compilation):
-    - Fix compilation when building with OpenSSL 1.1.0 with the
-      "no-deprecated" flag enabled. Fixes bug 26156; bugfix on 0.3.4.1-alpha.
--- a/changes/bug26196
+++ b/changes/bug26196
@ -1,4 +0,0 @@
-  o Minor bugfixes (hardening):
-    - Prevent a possible out-of-bounds smartlist read in
-      protover_compute_vote(). Fixes bug 26196; bugfix on
-      0.2.9.4-alpha.
--- a/changes/bug26259
+++ b/changes/bug26259
@ -1,4 +0,0 @@
-  o Minor bugfixes (control port):
-    - Do not count 0-length RELAY_COMMAND_DATA cells as valid data in CIRC_BW
-      events. Previously, such cells were counted entirely in the OVERHEAD
-      field. Now they are not. Fixes bug 26259; bugfix on 0.3.4.1-alpha.
--- a/changes/doc25237
+++ b/changes/doc25237
@ -1,4 +0,0 @@
-  o Documentation:
-    - In code comment, point the reader to the exact section
-      in Tor specification that specifies circuit close error
-      code values. Resolves ticket 25237.
--- a/changes/ticket25549
+++ b/changes/ticket25549
@ -1,4 +0,0 @@
-  o Minor features (continuous integration):
-    - Add the necessary configuration files for continuous integration
-      testing on Windows, via the Appveyor platform. Closes ticket 25549.
-      Patches from Marcin Cieślak and Isis Lovecruft.
--- a/configure.ac
+++ b/configure.ac
--- a/configure.in
+++ b/configure.in
@ -0,0 +1,801 @@
+dnl $Id$
+dnl Copyright (c) 2001-2004, Roger Dingledine
+dnl Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson
+dnl Copyright (c) 2007-2008, The Tor Project, Inc.
+dnl See LICENSE for licensing information
+
+AC_INIT
+AM_INIT_AUTOMAKE(tor, 0.2.0.35)
+AM_CONFIG_HEADER(orconfig.h)
+
+AC_CANONICAL_HOST
+
+if test -f /etc/redhat-release ; then
+  if test -f /usr/kerberos/include ; then
+    CPPFLAGS="$CPPFLAGS -I/usr/kerberos/include"
+  fi
+fi
+
+# Not a no-op; we want to make sure that CPPFLAGS is set before we use
+# the += operator on it in src/or/Makefile.am
+CPPFLAGS="$CPPFLAGS -I../common"
+
+AC_ARG_ENABLE(debug,
+ AS_HELP_STRING(--enable-debug, compile with debugging info),
+[if test x$enableval = xyes; then
+    CFLAGS="$CFLAGS -g"
+fi])
+
+#XXXX ideally, we should make this into a no-op, and detect whether we're
+#compiling for the iphone by using $target.
+AC_ARG_ENABLE(iphone,
+ AS_HELP_STRING(--enable-iphone, compile with iPhone support),
+ [if test x$enableval = xyes ; then
+   tor_cv_iphone=true
+   CFLAGS="$CFLAGS -D__DARWIN_UNIX03 -DIPHONE"
+  fi])
+
+#XXXX020 We should make these enabled or not, before 0.2.0.x-final
+AC_ARG_ENABLE(cell-pool,
+     AS_HELP_STRING(--disable-cell-pool, disable pool allocator for cells))
+AC_ARG_ENABLE(buf-freelists,
+   AS_HELP_STRING(--disable-buf-freelists, disable freelists for buffer RAM))
+AC_ARG_ENABLE(openbsd-malloc,
+   AS_HELP_STRING(--enable-openbsd-malloc, Use malloc code from openbsd.  Linux only))
+
+
+if test x$enable_cell_pool != xno; then
+  AC_DEFINE(ENABLE_CELL_POOL, 1,
+            [Defined if we try to use the pool allocator for queued cells])
+fi
+if test x$enable_buf_freelists != xno; then
+  AC_DEFINE(ENABLE_BUF_FREELISTS, 1,
+            [Defined if we try to use freelists for buffer RAM chunks])
+fi
+AM_CONDITIONAL(USE_OPENBSD_MALLOC, test x$enable_openbsd_malloc = xyes)
+
+AC_ARG_ENABLE(transparent,
+     AS_HELP_STRING(--disable-transparent, disable transparent proxy support),
+     [case "${enableval}" in
+        yes) transparent=true ;;
+        no)  transparent=false ;;
+        *) AC_MSG_ERROR(bad value for --enable-transparent) ;;
+      esac], [transparent=true])
+
+AC_ARG_ENABLE(threads,
+     AS_HELP_STRING(--disable-threads, disable multi-threading support))
+
+if test x$enable_threads = x; then
+   case $host in
+    *-*-solaris* )
+     # Don't try multithreading on solaris -- cpuworkers seem to lock.
+     AC_MSG_NOTICE([You are running Solaris; Sometimes threading makes
+cpu workers lock up here, so I will disable threads.])
+     enable_threads="no";;
+    *)
+     enable_threads="yes";;
+   esac
+fi
+
+if test "$enable_threads" = "yes"; then
+  AC_DEFINE(ENABLE_THREADS, 1, [Defined if we will try to use multithreading])
+fi
+
+case $host in
+   *-*-solaris* )
+     AC_DEFINE(_REENTRANT, 1, [Define on some platforms to activate x_r() functions in time.h])
+     ;;
+esac
+
+AC_ARG_ENABLE(gcc-warnings,
+     AS_HELP_STRING(--enable-gcc-warnings, enable verbose warnings))
+
+AC_PROG_CC
+AC_PROG_CPP
+AC_PROG_MAKE_SET
+AC_PROG_RANLIB
+
+TORUSER=_tor
+AC_ARG_WITH(tor-user,
+        [  --with-tor-user=NAME    Specify username for tor daemon ],
+        [
+           TORUSER=$withval
+        ]
+)
+AC_SUBST(TORUSER)
+
+TORGROUP=_tor
+AC_ARG_WITH(tor-group,
+        [  --with-tor-group=NAME   Specify group name for tor daemon ],
+        [
+           TORGROUP=$withval
+        ]
+)
+AC_SUBST(TORGROUP)
+
+
+dnl If WIN32 is defined and non-zero, we are building for win32
+AC_MSG_CHECKING([for win32])
+AC_RUN_IFELSE([
+int main(int c, char **v) {
+#ifdef WIN32
+#if WIN32
+  return 0;
+#else
+  return 1;
+#endif
+#else
+  return 2;
+#endif
+}],
+bwin32=true; AC_MSG_RESULT([yes]),
+bwin32=false; AC_MSG_RESULT([no]),
+bwin32=cross; AC_MSG_RESULT([cross])
+)
+
+if test "$bwin32" = cross; then
+AC_MSG_CHECKING([for win32 (cross)])
+AC_COMPILE_IFELSE([
+#ifdef WIN32
+int main(int c, char **v) {return 0;}
+#else
+#error
+int main(int c, char **v) {return x(y);}
+#endif
+],
+bwin32=true; AC_MSG_RESULT([yes]),
+bwin32=false; AC_MSG_RESULT([no]))
+fi
+
+if test "$bwin32" = true; then
+AC_DEFINE(MS_WINDOWS, 1, [Define to 1 if we are building for Windows.])
+fi
+AM_CONDITIONAL(BUILD_NT_SERVICES, test x$bwin32 = xtrue)
+
+dnl Enable C99 when compiling with MIPSpro
+AC_MSG_CHECKING([for MIPSpro compiler])
+AC_COMPILE_IFELSE(AC_LANG_PROGRAM(, [
+#if (defined(__sgi) && defined(_COMPILER_VERSION))
+#error
+  return x(y);
+#endif
+]),
+bmipspro=false; AC_MSG_RESULT(no),
+bmipspro=true; AC_MSG_RESULT(yes))
+
+if test "$bmipspro" = true; then
+  CFLAGS="$CFLAGS -c99"
+fi
+
+AC_C_BIGENDIAN
+
+AC_SEARCH_LIBS(socket, [socket])
+AC_SEARCH_LIBS(gethostbyname, [nsl])
+AC_SEARCH_LIBS(dlopen, [dl])
+AC_SEARCH_LIBS(inet_aton, [resolv])
+
+if test "$enable_threads" = "yes"; then
+  AC_SEARCH_LIBS(pthread_create, [pthread])
+  AC_SEARCH_LIBS(pthread_detach, [pthread])
+fi
+
+dnl -------------------------------------------------------------------
+dnl Check for functions before libevent, since libevent-1.2 apparently
+dnl exports strlcpy without defining it in a header.
+
+AC_CHECK_FUNCS(gettimeofday ftime socketpair uname inet_aton strptime getrlimit strlcat strlcpy strtoull ftello getaddrinfo localtime_r gmtime_r memmem strtok_r inet_pton inet_ntop)
+
+using_custom_malloc=no
+if test x$enable_openbsd_malloc = xyes ; then
+   using_custom_malloc=yes
+fi
+if test x$tcmalloc = xyes ; then
+   using_custom_malloc=yes
+fi                                                                             
+if test $using_custom_malloc = no ; then
+   AC_CHECK_FUNCS(mallinfo malloc_good_size malloc_usable_size)
+fi
+
+if test "$enable_threads" = "yes"; then
+  AC_CHECK_HEADERS(pthread.h)
+  AC_CHECK_FUNCS(pthread_create)
+fi
+
+dnl ------------------------------------------------------
+dnl Where do you live, libevent?  And how do we call you?
+
+if test "$bwin32" = true; then
+  TOR_LIB_WS32=-lws2_32
+  # Some of the cargo-cults recommend -lwsock32 as well, but I don't
+  # think it's actually necessary.
+  TOR_LIB_GDI=-lgdi32
+else
+  TOR_LIB_WS32=
+  TOR_LIB_GDI=
+fi
+AC_SUBST(TOR_LIB_WS32)
+AC_SUBST(TOR_LIB_GDI)
+
+dnl We need to do this before we try our disgusting hack below.
+AC_CHECK_HEADERS([sys/types.h])
+
+dnl This is a disgusting hack so we safely include older libevent headers.
+AC_CHECK_TYPE(u_int64_t, unsigned long long)
+AC_CHECK_TYPE(u_int32_t, unsigned long)
+AC_CHECK_TYPE(u_int16_t, unsigned short)
+AC_CHECK_TYPE(u_int8_t, unsigned char)
+
+tor_libevent_pkg_redhat="libevent"
+tor_libevent_pkg_debian="libevent-dev"
+tor_libevent_devpkg_redhat="libevent-devel"
+tor_libevent_devpkg_debian="libevent-dev"
+
+TOR_SEARCH_LIBRARY(libevent, $trylibeventdir, [-levent $TOR_LIB_WS32], [
+#ifdef WIN32
+#include <winsock2.h>
+#endif
+#include <stdlib.h>
+#include <sys/time.h>
+#include <sys/types.h>
+#include <event.h>], [
+#ifdef WIN32
+#include <winsock2.h>
+#endif
+void exit(int); void *event_init(void);],
+    [
+#ifdef WIN32
+{WSADATA d; WSAStartup(0x101,&d); }
+#endif
+event_init(); exit(0);
+], [--with-libevent-dir], [/opt/libevent])
+
+dnl Now check for particular libevent functions.
+save_LIBS="$LIBS"
+save_LDFLAGS="$LDFLAGS"
+save_CPPFLAGS="$CPPFLAGS"
+LIBS="-levent $TOR_LIB_WS32 $LIBS"
+LDFLAGS="$TOR_LDFLAGS_libevent $LDFLAGS"
+CPPFLAGS="$TOR_CPPFLAGS_libevent $CPPFLAGS"
+AC_CHECK_FUNCS(event_get_version event_get_method event_set_log_callback)
+LIBS="$save_LIBS"
+LDFLAGS="$save_LDFLAGS"
+CPPFLAGS="$save_CPPFLAGS"
+
+dnl ------------------------------------------------------
+dnl Where do you live, openssl?  And how do we call you?
+
+tor_openssl_pkg_redhat="openssl"
+tor_openssl_pkg_debian="libssl"
+tor_openssl_devpkg_redhat="openssl-devel"
+tor_openssl_devpkg_debian="libssl-dev"
+
+ALT_openssl_WITHVAL=""
+AC_ARG_WITH(ssl-dir,
+  [  --with-ssl-dir=PATH    Obsolete alias for --with-openssl-dir ],
+  [
+      if test "x$withval" != xno && test "x$withval" != "x" ; then
+         ALT_openssl_WITHVAL="$withval"
+      fi
+  ])
+
+TOR_SEARCH_LIBRARY(openssl, $tryssldir, [-lssl -lcrypto $TOR_LIB_GDI],
+    [#include <openssl/rand.h>],
+    [void RAND_add(const void *buf, int num, double entropy);],
+    [RAND_add((void*)0,0,0); exit(0);], [],
+    [/usr/local/openssl /usr/lib/openssl /usr/local/ssl /usr/lib/ssl /usr/local /usr/athena /opt/openssl])
+
+dnl XXXX check for OPENSSL_VERSION_NUMBER == SSLeay()
+
+dnl ------------------------------------------------------
+dnl Where do you live, zlib?  And how do we call you?
+
+tor_openssl_pkg_redhat="zlib"
+tor_openssl_pkg_debian="zlib1g"
+tor_openssl_devpkg_redhat="zlib-devel"
+tor_openssl_devpkg_debian="zlib1g-dev"
+
+TOR_SEARCH_LIBRARY(zlib, $tryzlibdir, [-lz],
+    [#include <zlib.h>],
+    [const char * zlibVersion(void);],
+    [zlibVersion(); exit(0);], [--with-zlib-dir],
+    [/opt/zlib])
+
+dnl Make sure to enable support for large off_t if available.
+
+AC_SYS_LARGEFILE
+
+AC_CHECK_HEADERS(unistd.h string.h signal.h sys/stat.h sys/types.h fcntl.h sys/fcntl.h sys/time.h errno.h assert.h time.h, , AC_MSG_WARN(Some headers were not found, compilation may fail.  If compilation succeeds, please send your orconfig.h to the developers so we can fix this warning.))
+
+AC_CHECK_HEADERS(netdb.h sys/ioctl.h sys/socket.h arpa/inet.h netinet/in.h pwd.h grp.h sys/un.h)
+
+dnl These headers are not essential
+
+AC_CHECK_HEADERS(stdint.h sys/types.h inttypes.h sys/param.h sys/wait.h limits.h sys/limits.h netinet/in.h arpa/inet.h machine/limits.h syslog.h sys/time.h sys/resource.h inttypes.h utime.h sys/utime.h sys/mman.h netinet/in6.h malloc.h sys/syslimits.h malloc/malloc.h linux/types.h)
+
+TOR_CHECK_PROTOTYPE(malloc_good_size, HAVE_MALLOC_GOOD_SIZE_PROTOTYPE,
+[#ifdef HAVE_MALLOC_H
+#include <malloc.h>
+#endif
+#ifdef HAVE_MALLOC_MALLOC_H
+#include <malloc/malloc.h>
+#endif])
+
+AC_CHECK_HEADERS(net/if.h, net_if_found=1, net_if_found=0,
+[#ifdef HAVE_SYS_TYPES_H
+#include <sys/types.h>
+#endif
+#ifdef HAVE_SYS_SOCKET_H
+#include <sys/socket.h>
+#endif])
+AC_CHECK_HEADERS(net/pfvar.h, net_pfvar_found=1, net_pfvar_found=0,
+[#ifdef HAVE_SYS_TYPES_H
+#include <sys/types.h>
+#endif
+#ifdef HAVE_SYS_SOCKET_H
+#include <sys/socket.h>
+#endif
+#ifdef HAVE_NET_IF_H
+#include <net/if.h>
+#endif])
+AC_CHECK_HEADERS(linux/netfilter_ipv4.h,
+        linux_netfilter_ipv4=1, linux_netfilter_ipv4=0,
+[#ifdef HAVE_SYS_TYPES_H
+#include <sys/types.h>
+#endif
+#ifdef HAVE_SYS_SOCKET_H
+#include <sys/socket.h>
+#endif
+#ifdef HAVE_LIMITS_H
+#include <limits.h>
+#endif
+#ifdef HAVE_LINUX_TYPES_H
+#include <linux/types.h>
+#endif
+#ifdef HAVE_NETINET_IN6_H
+#include <netinet/in6.h>
+#endif
+#ifdef HAVE_NETINET_IN_H
+#include <netinet/in.h>
+#endif])
+
+if test x$transparent = xtrue ; then
+   transparent_ok=0
+   if test x$net_if_found = x1 && test x$net_pfvar_found = x1 ; then
+     transparent_ok=1
+   fi
+   if test x$linux_netfilter_ipv4 = x1 ; then
+     transparent_ok=1
+   fi
+   if test x$transparent_ok = x1 ; then
+     AC_DEFINE(USE_TRANSPARENT, 1, "Define to enable transparent proxy support")
+     case $host in
+       *-*-openbsd*)
+         AC_DEFINE(OPENBSD, 1, "Define to handle pf on OpenBSD properly") ;;
+     esac
+   else
+     AC_MSG_NOTICE([Transparent proxy support enabled, but missing headers.])
+   fi
+fi
+
+AC_FUNC_FSEEKO
+
+AC_CHECK_MEMBERS([struct timeval.tv_sec], , ,
+[#ifdef HAVE_SYS_TYPES_H
+#include <sys/types.h>
+#endif
+#ifdef HAVE_SYS_TIME_H
+#include <sys/time.h>
+#endif])
+
+dnl In case we aren't given a working stdint.h, we'll need to grow our own.
+dnl Watch out.
+
+AC_CHECK_SIZEOF(int8_t)
+AC_CHECK_SIZEOF(int16_t)
+AC_CHECK_SIZEOF(int32_t)
+AC_CHECK_SIZEOF(int64_t)
+AC_CHECK_SIZEOF(uint8_t)
+AC_CHECK_SIZEOF(uint16_t)
+AC_CHECK_SIZEOF(uint32_t)
+AC_CHECK_SIZEOF(uint64_t)
+AC_CHECK_SIZEOF(intptr_t)
+AC_CHECK_SIZEOF(uintptr_t)
+
+dnl AC_CHECK_TYPES([int8_t, int16_t, int32_t, int64_t, uint8_t, uint16_t, uint32_t, uint64_t, intptr_t, uintptr_t])
+
+AC_CHECK_SIZEOF(char)
+AC_CHECK_SIZEOF(short)
+AC_CHECK_SIZEOF(int)
+AC_CHECK_SIZEOF(long)
+AC_CHECK_SIZEOF(long long)
+AC_CHECK_SIZEOF(__int64)
+AC_CHECK_SIZEOF(void *)
+AC_CHECK_SIZEOF(time_t)
+AC_CHECK_SIZEOF(size_t)
+
+AC_CHECK_TYPES([uint, u_char, ssize_t])
+
+AC_CHECK_TYPES([struct in6_addr, struct sockaddr_in6, struct sockaddr_storage, sa_family_t], , ,
+[#ifdef HAVE_SYS_TYPES_H
+#include <sys/types.h>
+#endif
+#ifdef HAVE_NETINET_IN_H
+#include <netinet/in.h>
+#endif
+#ifdef HAVE_NETINET_IN6_H
+#include <netinet/in6.h>
+#endif
+#ifdef HAVE_SYS_SOCKET_H
+#include <sys/socket.h>
+#endif
+#ifdef MS_WINDOWS
+#define WIN32_WINNT 0x400
+#define _WIN32_WINNT 0x400
+#define WIN32_LEAN_AND_MEAN
+#if defined(_MSC_VER) && (_MSC_VER < 1300)
+#include <winsock.h>
+#else
+#include <winsock2.h>
+#include <ws2tcpip.h>
+#endif
+#endif
+])
+AC_CHECK_MEMBERS([struct in6_addr.s6_addr32, struct in6_addr.s6_addr16], , ,
+[#ifdef HAVE_SYS_TYPES_H
+#include <sys/types.h>
+#endif
+#ifdef HAVE_NETINET_IN_H
+#include <netinet/in.h>
+#endif
+#ifdef HAVE_NETINET_IN6_H
+#include <netinet/in6.h>
+#endif
+#ifdef HAVE_SYS_SOCKET_H
+#include <sys/socket.h>
+#endif
+#ifdef MS_WINDOWS
+#define WIN32_WINNT 0x400
+#define _WIN32_WINNT 0x400
+#define WIN32_LEAN_AND_MEAN
+#if defined(_MSC_VER) && (_MSC_VER < 1300)
+#include <winsock.h>
+#else
+#include <winsock2.h>
+#include <ws2tcpip.h>
+#endif
+#endif
+])
+
+AC_CHECK_TYPES([rlim_t], , ,
+[#ifdef HAVE_SYS_TYPES_H
+#include <sys/types.h>
+#endif
+#ifdef HAVE_SYS_TIME_H
+#include <sys/time.h>
+#endif
+#ifdef HAVE_SYS_RESOURCE_H
+#include <sys/resource.h>
+#endif
+])
+
+AC_CACHE_CHECK([whether time_t is signed], tor_cv_time_t_signed, [
+AC_RUN_IFELSE(AC_LANG_SOURCE([
+#ifdef HAVE_SYS_TYPES_H
+#include <sys/types.h>
+#endif
+#ifdef HAVE_SYS_TIME_H
+#include <sys/time.h>
+#endif
+#ifdef HAVE_TIME_H
+#include <time.h>
+#endif
+int main(int c, char**v) { if (((time_t)-1)<0) return 1; else return 0; }]),
+  tor_cv_time_t_signed=no, tor_cv_time_t_signed=yes, tor_cv_time_t_signed=cross)
+])
+
+if test "$tor_cv_time_t_signed" = cross; then
+  AC_MSG_NOTICE([Cross compiling: assuming that time_t is signed.])
+fi
+
+if test "$tor_cv_time_t_signed" != no; then
+  AC_DEFINE([TIME_T_IS_SIGNED], 1,
+            [Define to 1 iff time_t is signed])
+fi
+
+AC_CHECK_SIZEOF(socklen_t, , [AC_INCLUDES_DEFAULT()
+#ifdef HAVE_SYS_SOCKET_H
+#include <sys/socket.h>
+#endif
+])
+
+# We want to make sure that we _don't_ have a cell_t defined, like IRIX does.
+
+AC_CHECK_SIZEOF(cell_t)
+
+# Now make sure that NULL can be represented as zero bytes.
+AC_CACHE_CHECK([whether memset(0) sets pointers to NULL], tor_cv_null_is_zero,
+[AC_RUN_IFELSE([AC_LANG_SOURCE(
+[[#include <stdlib.h>
+#include <string.h>
+#include <stdio.h>
+#ifdef HAVE_STDDEF_H
+#include <stddef.h>
+#endif
+int main () { char *p1,*p2; p1=NULL; memset(&p2,0,sizeof(p2));
+return memcmp(&p1,&p2,sizeof(char*))?1:0; }]])],
+       [tor_cv_null_is_zero=yes],
+       [tor_cv_null_is_zero=no],
+       [tor_cv_null_is_zero=cross])])
+
+if test "$tor_cv_null_is_zero" = cross ; then
+  # Cross-compiling; let's hope that the target isn't raving mad.
+  AC_MSG_NOTICE([Cross-compiling: we'll assume that NULL is represented as a sequence of 0-valued bytes.])
+fi
+
+if test "$tor_cv_null_is_zero" != no; then
+  AC_DEFINE([NULL_REP_IS_ZERO_BYTES], 1,
+            [Define to 1 iff memset(0) sets pointers to NULL])
+fi
+
+# And what happens when we malloc zero?
+AC_CACHE_CHECK([whether we can malloc(0) safely.], tor_cv_malloc_zero_works,
+[AC_RUN_IFELSE([AC_LANG_SOURCE(
+[[#include <stdlib.h>
+#include <string.h>
+#include <stdio.h>
+#ifdef HAVE_STDDEF_H
+#include <stddef.h>
+#endif
+int main () { return malloc(0)?0:1; }]])],
+       [tor_cv_malloc_zero_works=yes],
+       [tor_cv_malloc_zero_works=no],
+       [tor_cv_malloc_zero_works=cross])])
+
+if test "$tor_cv_malloc_zero_works" = cross; then
+  # Cross-compiling; let's hope that the target isn't raving mad.
+  AC_MSG_NOTICE([Cross-compiling: we'll assume that we need to check malloc() arguments for 0.])
+fi
+
+if test "$tor_cv_malloc_zero_works" = yes; then
+  AC_DEFINE([MALLOC_ZERO_WORKS], 1,
+            [Define to 1 iff malloc(0) returns a pointer])
+fi
+
+# whether we seem to be in a 2s-complement world.
+AC_CACHE_CHECK([whether we are using 2s-complement arithmetic], tor_cv_twos_complement,
+[AC_RUN_IFELSE([AC_LANG_SOURCE(
+[[int main () { int problem = ((-99) != (~99)+1);
+return problem ? 1 : 0; }]])],
+       [tor_cv_twos_complement=yes],
+       [tor_cv_twos_complement=no],
+       [tor_cv_twos_complement=cross])])
+
+if test "$tor_cv_twos_complement" = cross ; then
+  # Cross-compiling; let's hope that the target isn't raving mad.
+  AC_MSG_NOTICE([Cross-compiling: we'll assume that negative integers are represented with two's complement.])
+fi
+
+if test "$tor_cv_twos_complement" != no ; then
+  AC_DEFINE([USING_TWOS_COMPLEMENT], 1,
+            [Define to 1 iff we represent negative integers with two's complement])
+fi
+
+# Whether we should use the dmalloc memory allocation debugging library.
+AC_MSG_CHECKING(whether to use dmalloc (debug memory allocation library))
+AC_ARG_WITH(dmalloc,
+[  --with-dmalloc          Use debug memory allocation library. ],
+[if [[ "$withval" = "yes" ]]; then
+  dmalloc=1
+  AC_MSG_RESULT(yes)
+else
+  dmalloc=1
+  AC_MSG_RESULT(no)
+fi], [ dmalloc=0; AC_MSG_RESULT(no) ]
+)
+
+if [[ $dmalloc -eq 1 ]]; then
+  AC_CHECK_HEADERS(dmalloc.h, , AC_MSG_ERROR(dmalloc header file not found. Do you have the development files for dmalloc installed?))
+  AC_SEARCH_LIBS(dmalloc_malloc, [dmallocth dmalloc], , AC_MSG_ERROR(Libdmalloc library not found. If you enable it you better have it installed.))
+  AC_DEFINE(USE_DMALLOC, 1, [Debug memory allocation library])
+  AC_DEFINE(DMALLOC_FUNC_CHECK, 1, [Enable dmalloc's malloc function check])
+  AC_CHECK_FUNCS(dmalloc_strdup dmalloc_strndup)
+fi
+
+AC_ARG_WITH(tcmalloc,
+[  --with-tcmalloc         Use tcmalloc memory allocation library. ],
+[ tcmalloc=yes ], [ tcmalloc=no ])
+
+if test x$tcmalloc = xyes ; then
+   LDFLAGS="-ltcmalloc $LDFLAGS"
+fi
+
+# Allow user to specify an alternate syslog facility
+AC_ARG_WITH(syslog-facility,
+[  --with-syslog-facility=LOG syslog facility to use (default=LOG_DAEMON)],
+syslog_facility="$withval", syslog_facility="LOG_DAEMON")
+AC_DEFINE_UNQUOTED(LOGFACILITY,$syslog_facility,[name of the syslog facility])
+AC_SUBST(LOGFACILITY)
+
+# Check if we have getresuid and getresgid
+AC_CHECK_FUNCS(getresuid getresgid)
+
+# Check for gethostbyname_r in all its glorious incompatible versions.
+#   (This logic is based on that in Python's configure.in)
+AH_TEMPLATE(HAVE_GETHOSTBYNAME_R,
+  [Define this if you have any gethostbyname_r()])
+
+AC_CHECK_FUNC(gethostbyname_r, [
+  AC_MSG_CHECKING([how many arguments gethostbyname_r() wants])
+  OLD_CFLAGS=$CFLAGS
+  CFLAGS="$CFLAGS $MY_CPPFLAGS $MY_THREAD_CPPFLAGS $MY_CFLAGS"
+  AC_COMPILE_IFELSE(AC_LANG_PROGRAM([
+#include <netdb.h>
+  ], [[
+    char *cp1, *cp2;
+    struct hostent *h1, *h2;
+    int i1, i2;
+    (void)gethostbyname_r(cp1,h1,cp2,i1,&h2,&i2);
+  ]]),[
+    AC_DEFINE(HAVE_GETHOSTBYNAME_R)
+    AC_DEFINE(HAVE_GETHOSTBYNAME_R_6_ARG, 1,
+     [Define this if gethostbyname_r takes 6 arguments])
+    AC_MSG_RESULT(6)
+  ], [
+    AC_TRY_COMPILE([
+#include <netdb.h>
+    ], [
+      char *cp1, *cp2;
+      struct hostent *h1;
+      int i1, i2;
+      (void)gethostbyname_r(cp1,h1,cp2,i1,&i2);
+    ], [
+      AC_DEFINE(HAVE_GETHOSTBYNAME_R)
+      AC_DEFINE(HAVE_GETHOSTBYNAME_R_5_ARG, 1,
+        [Define this if gethostbyname_r takes 5 arguments])
+      AC_MSG_RESULT(5)
+   ], [
+      AC_TRY_COMPILE([
+#include <netdb.h>
+     ], [
+       char *cp1;
+       struct hostent *h1;
+       struct hostent_data hd;
+       (void) gethostbyname_r(cp1,h1,&hd);
+     ], [
+       AC_DEFINE(HAVE_GETHOSTBYNAME_R)
+       AC_DEFINE(HAVE_GETHOSTBYNAME_R_3_ARG, 1,
+         [Define this if gethostbyname_r takes 3 arguments])
+       AC_MSG_RESULT(3)
+     ], [
+       AC_MSG_RESULT(0)
+     ])
+  ])
+ ])
+ CFLAGS=$OLD_CFLAGS
+])
+
+AC_CACHE_CHECK([whether the C compiler supports __func__],
+  tor_cv_have_func_macro,
+  AC_COMPILE_IFELSE([
+#include <stdio.h>
+int main(int c, char **v) { puts(__func__); }],
+  tor_cv_have_func_macro=yes,
+  tor_cv_have_func_macro=no))
+
+AC_CACHE_CHECK([whether the C compiler supports __FUNC__],
+  tor_cv_have_FUNC_macro,
+  AC_COMPILE_IFELSE([
+#include <stdio.h>
+int main(int c, char **v) { puts(__FUNC__); }],
+  tor_cv_have_FUNC_macro=yes,
+  tor_cv_have_FUNC_macro=no))
+
+AC_CACHE_CHECK([whether the C compiler supports __FUNCTION__],
+  tor_cv_have_FUNCTION_macro,
+  AC_COMPILE_IFELSE([
+#include <stdio.h>
+int main(int c, char **v) { puts(__FUNCTION__); }],
+  tor_cv_have_FUNCTION_macro=yes,
+  tor_cv_have_FUNCTION_macro=no))
+
+if test "$tor_cv_have_func_macro" = 'yes'; then
+  AC_DEFINE(HAVE_MACRO__func__, 1, [Defined if the compiler supports __func__])
+fi
+
+if test "$tor_cv_have_FUNC_macro" = 'yes'; then
+  AC_DEFINE(HAVE_MACRO__FUNC__, 1, [Defined if the compiler supports __FUNC__])
+fi
+
+if test "$tor_cv_have_FUNCTION_macro" = 'yes'; then
+  AC_DEFINE(HAVE_MACRO__FUNCTION__, 1,
+           [Defined if the compiler supports __FUNCTION__])
+fi
+
+# $prefix stores the value of the --prefix command line option, or
+# NONE if the option wasn't set.  In the case that it wasn't set, make
+# it be the default, so that we can use it to expand directories now.
+if test "x$prefix" = "xNONE"; then
+  prefix=$ac_default_prefix
+fi
+
+# and similarly for $exec_prefix
+if test "x$exec_prefix" = "xNONE"; then
+  exec_prefix=$prefix
+fi
+
+if test "x$CONFDIR" = "x"; then
+  CONFDIR=`eval echo $sysconfdir/tor`
+fi
+AC_SUBST(CONFDIR)
+AH_TEMPLATE([CONFDIR],[tor's configuration directory])
+AC_DEFINE_UNQUOTED(CONFDIR,"$CONFDIR")
+
+BINDIR=`eval echo $bindir`
+AC_SUBST(BINDIR)
+LOCALSTATEDIR=`eval echo $localstatedir`
+AC_SUBST(LOCALSTATEDIR)
+
+# Set CFLAGS _after_ all the above checks, since our warnings are stricter
+# than autoconf's macros like.
+if test "$ac_cv_c_compiler_gnu" = yes; then
+  CFLAGS="$CFLAGS -Wall -g -O2"
+else
+  CFLAGS="$CFLAGS -g -O"
+  enable_gcc_warnings=no
+fi
+
+# Add some more warnings which we use in development but not in the
+# released versions.  (Some relevant gcc versions can't handle these.)
+if test x$enable_gcc_warnings = xyes; then
+
+  AC_COMPILE_IFELSE(AC_LANG_PROGRAM([], [
+#if !defined(__GNUC__) || (__GNUC__ < 4)
+#error
+#endif]), have_gcc4=yes, have_gcc4=no)
+
+  AC_COMPILE_IFELSE(AC_LANG_PROGRAM([], [
+#if !defined(__GNUC__) || (__GNUC__ < 4) || (__GNUC__ == 4 && __GNUC_MINOR__ < 2)
+#error
+#endif]), have_gcc42=yes, have_gcc42=no)
+
+  save_CFLAGS="$CFLAGS"
+  CFLAGS="$CFLAGS -Wshorten-64-to-32"
+  AC_COMPILE_IFELSE(AC_LANG_PROGRAM([], []), have_shorten64_flag=yes,
+                    have_shorten64_flag=no)
+  CFLAGS="$save_CFLAGS"
+
+  CFLAGS="$CFLAGS -W -Wfloat-equal -Wundef -Wpointer-arith -Wstrict-prototypes -Wmissing-prototypes -Wwrite-strings -Wredundant-decls -Wchar-subscripts -Wcomment -Wformat=2 -Wwrite-strings -Wmissing-declarations -Wredundant-decls -Wnested-externs -Wbad-function-cast -Wswitch-enum -Werror"
+  # Disabled, so we can use mallinfo(): -Waggregate-return
+
+  if test x$have_gcc4 = xyes ; then 
+    # These warnings break gcc 3.3.5 and work on gcc 4.0.2
+    CFLAGS="$CFLAGS -Winit-self -Wmissing-field-initializers -Wdeclaration-after-statement -Wold-style-definition"
+  fi
+
+  if test x$have_gcc42 = xyes ; then 
+    # These warnings break gcc 4.0.2 and work on gcc 4.2
+    # XXXX020 Use -fstack-protector.
+    # XXXX020 See if any of these work with earlier versions.
+    CFLAGS="$CFLAGS -Waddress -Wmissing-noreturn -Wnormalized=id -Woverride-init -Wstrict-overflow=1"
+    # We used to use -Wstrict-overflow=5, but that breaks us heavily under 4.3.
+  fi
+
+  if test x$have_shorten64_flag = xyes ; then
+    CFLAGS="$CFLAGS -Wshorten-64-to-32"
+  fi
+
+##This will break the world on some 64-bit architectures
+# CFLAGS="$CFLAGS -Winline"
+fi
+
+
+
+CPPFLAGS="$CPPFLAGS $TOR_CPPFLAGS_libevent $TOR_CPPFLAGS_openssl $TOR_CPPFLAGS_zlib"
+
+AC_CONFIG_FILES([Makefile tor.spec Doxyfile contrib/tor.sh contrib/torctl contrib/torify contrib/tor.logrotate contrib/Makefile contrib/osx/Makefile contrib/osx/TorBundleDesc.plist contrib/osx/TorBundleInfo.plist contrib/osx/TorDesc.plist contrib/osx/TorInfo.plist contrib/osx/TorStartupDesc.plist src/config/torrc.sample doc/tor.1 src/Makefile doc/Makefile doc/design-paper/Makefile doc/spec/Makefile src/config/Makefile src/common/Makefile src/or/Makefile src/win32/Makefile src/tools/Makefile contrib/suse/Makefile contrib/suse/tor.sh])
+AC_OUTPUT
+
+if test -x /usr/bin/perl && test -x ./contrib/updateVersions.pl ; then
+  ./contrib/updateVersions.pl
+fi
+
--- a/contrib/Makefile.am
+++ b/contrib/Makefile.am
@ -0,0 +1,12 @@
+SUBDIRS = osx suse
+DIST_SUBDIRS = osx suse
+
+confdir = $(sysconfdir)/tor
+
+EXTRA_DIST = exitlist tor-tsocks.conf torify.1 tor.nsi.in tor.sh torctl rc.subr cross.sh tor-mingw.nsi.in package_nsis-mingw.sh tor.ico tor-ctrl.sh linux-tor-prio.sh tor-exit-notice.html
+
+conf_DATA = tor-tsocks.conf
+
+bin_SCRIPTS = torify
+
+man_MANS = torify.1
--- a/contrib/README
+++ b/contrib/README
@ -1,68 +0,0 @@
-The contrib/ directory contains small tools that might be useful for using
-with Tor.  A few of them are included in the Tor source distribution; you can
-find the others in the main Tor repository.  We don't guarantee that they're
-particularly useful.
-
-dirauth-tools/ -- Tools useful for directory authority administrators
---------------------------------------------------------------------
-
-add-tor is an old script to manipulate the approved-routers file.
-
-nagios-check-tor-authority-cert is a nagios script to check when Tor
-authority certificates are expired or nearly expired.
-
-clang/ -- Files for use with the clang compiler
-----------------------------------------------
-
-sanitize_blacklist.txt is used to build Tor with clang's dynamic
-AddressSanitizer and UndefinedBehaviorSanitizer. It contains detailed
-instructions on configuration, build, and testing with clang's sanitizers.
-
-client-tools/ -- Tools for use with Tor clients
-----------------------------------------------
-
-torify is a small wrapper script around torsocks.
-
-tor-resolve.py uses Tor's SOCKS port extensions to perform DNS lookups.  You
-should probably use src/tools/tor-resolve instead.
-
-dist/ -- Scripts and files for use when packaging Tor
-----------------------------------------------------
-
-torctl, rc.subr, and tor.sh are init scripts for use with SysV-style init
-tools.  Everybody likes to write init scripts differently, it seems.
-
-tor.service is a sample service file for use with systemd.
-
-The suse/ subdirectory contains files used by the suse distribution.
-
-operator-tools/ -- Tools for Tor relay operators
------------------------------------------------
-
-tor-exit-notice.html is an HTML file for use with the DirPortFrontPage
-option.  It tells visitors that your relay is a Tor exit node, and that they
-shouldn't assume you're the origin for the traffic that you're delivering.
-
-tor.logrotate is a configuration file for use with the logrotate tool.  You
-may need to edit it to work for you.
-
-linux-tor-prio.sh uses Linux iptables tools to traffic-shape your Tor relay's
-traffic. If it breaks, you get to keep both pieces.
-
-or-tools/ -- Tools for interacting with relays
----------------------------------------------
-
-checksocks.pl is a tool to scan relays to see if any of them have advertised
-public SOCKS ports, so we can tell them not to.
-
-check-tor is a quick shell script to try doing a TLS handshake with a router
-or to try fetching a directory from it.
-
-exitlist is a precursor of check.torproject.org: it parses a bunch of cached
-server descriptors to determine which can connect to a given address:port.
-
-win32build -- Old files for windows packaging
---------------------------------------------
-
-You shouldn't need these unless you're building some of the older Windows
-packages.
--- a/contrib/dirauth-tools/add-tor
+++ b/contrib/dirauth-tools/add-tor
--- a/contrib/auto-naming/README
+++ b/contrib/auto-naming/README
@ -0,0 +1,65 @@
+=== AUTONAMING FOR TOR ===
+
+Tor directory authorities may maintain a binding of server identities
+(their long term identity key) and nicknames.  In their status documents
+they may for each router they know tell if this is indeed the owner of
+that nickname or not.
+
+This toolset allows automatic maintaining of a binding list of nicknames
+to identity keys, implementing Tor proposal 123[1].
+
+The rules are simple:
+ - A router claiming to be Bob is named (i.e. added to the binding list)
+   if there currently does not exist a different binding for that
+   nickname, the router has been around for a bit (2 weeks), no other
+   router has used that nickname in a while (1 month).
+ - A binding is removed if the server that owns it has not been seen
+   in a long time (6 months).
+
+
+=== REQUIREMENTS ===
+
+ * ruby, and its postgres DBI interface (Debian packages: ruby, ruby1.8, libdbi-ruby1.8, libdbd-pg-ruby1.8)
+ * postgres (tested with >= 8.1)
+ * cron
+
+=== SETUP ===
+
+ * copy this tree some place, like into a 'auto-naming' directory in your Tor's
+   data directory
+ * create a database and a user, modifying db-config.rb accordingly
+ * initialize the database by executing the sql statements in create-db.sql
+ * setup a cronjob that feeds the current consensus to the process-consensus
+   script regularly.
+ * once the database is sufficiently populated, maybe a month or so after the
+   previous step, setup a cronjob to regularly build the binding list using
+   the build-approved-routers script.  You probably want to append a manually
+   managed list of rejections to that file and give it to tor as its
+   "approved-routers" file.
+   The Sample-Makefile and Sample-crontab demonstrate the method used at tor26.
+
+
+1. https://tor-svn.freehaven.net/svn/tor/trunk/doc/spec/proposals/123-autonaming.txt
+
+
+
+
+Copyright (c) 2007 Peter Palfrader
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
--- a/contrib/auto-naming/Sample-Makefile
+++ b/contrib/auto-naming/Sample-Makefile
@ -0,0 +1,20 @@
+
+all: ../approved-routers
+
+update:
+	wget -q -O - http://tor.noreply.org/tor/status-vote/current/consensus | \
+		./process-consensus
+
+.PHONY: approved-routers-auto
+approved-routers-auto:
+	./build-approved-routers > "$@"
+
+.INTERMEDIATE: approved-routers
+approved-routers: approved-routers-auto /etc/tor/approved-routers
+	cat $^ > "$@"
+
+../approved-routers: approved-routers
+	if ! diff -q "$<" "$@"; then \
+		mv "$<" "$@" &&\
+		(! [ -e /var/run/tor/tor.pid ] || kill -HUP `cat /var/run/tor/tor.pid`) ; \
+		fi
--- a/contrib/auto-naming/Sample-crontab
+++ b/contrib/auto-naming/Sample-crontab
@ -0,0 +1,3 @@
+MAILTO=admin
+# cronjob for tor naming
+23 * * * * make -s -C auto-naming update && make -s -C auto-naming
--- a/contrib/auto-naming/build-approved-routers
+++ b/contrib/auto-naming/build-approved-routers
@ -0,0 +1,45 @@
+#!/usr/bin/ruby
+
+# build-approved-routers - create a name-binding list for use at a Tor
+#                          directory authority
+#
+# Copyright (c) 2007 Peter Palfrader
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+# SOFTWARE.
+
+require "yaml"
+
+require 'db'
+require 'db-config'
+
+verbose = ARGV.first == "-v"
+
+db = Db.new($CONFIG['database']['dbhost'], $CONFIG['database']['dbname'], $CONFIG['database']['user'], $CONFIG['database']['password'])
+
+db.transaction_begin
+named = db.query2("
+		SELECT fingerprint, router_id, nickname_id, nick, first_seen, last_seen
+		FROM router NATURAL JOIN router_claims_nickname NATURAL JOIN nickname
+		WHERE named")
+while (n=named.next) do
+	puts "# (r##{n['router_id']},n##{n['nickname_id']}); first_seen: #{n['first_seen']}, last_seen: #{n['last_seen']}"
+	fpr = n['fingerprint'].split(/(....)/).delete_if{|x| x=="" }.join(' ')
+	puts "#{n['nick']} #{fpr}"
+end
+db.transaction_commit
--- a/contrib/auto-naming/create-db.sql
+++ b/contrib/auto-naming/create-db.sql
@ -0,0 +1,50 @@
+
+CREATE TABLE router (
+	router_id	SERIAL PRIMARY KEY,
+	fingerprint	CHAR(40)		NOT NULL,
+	UNIQUE(fingerprint)
+);
+-- already created implicitly due to unique contraint
+-- CREATE INDEX router_fingerprint ON router(fingerprint);
+
+CREATE TABLE nickname (
+	nickname_id	SERIAL PRIMARY KEY,
+	nick		VARCHAR(30)		NOT NULL,
+	UNIQUE(nick)
+);
+-- already created implicitly due to unique contraint
+-- CREATE INDEX nickname_nick ON nickname(nick);
+
+CREATE TABLE router_claims_nickname (
+	router_id	INTEGER		NOT NULL	REFERENCES router(router_id) ON DELETE CASCADE,
+	nickname_id	INTEGER		NOT NULL	REFERENCES nickname(nickname_id) ON DELETE CASCADE,
+	first_seen	TIMESTAMP WITH TIME ZONE	NOT NULL	DEFAULT CURRENT_TIMESTAMP,
+	last_seen	TIMESTAMP WITH TIME ZONE	NOT NULL	DEFAULT CURRENT_TIMESTAMP,
+	named		BOOLEAN				NOT NULL	DEFAULT 'false',
+	UNIQUE(router_id, nickname_id)
+);
+CREATE INDEX router_claims_nickname_router_id ON router_claims_nickname(router_id);
+CREATE INDEX router_claims_nickname_nickname_id ON router_claims_nickname(nickname_id);
+CREATE INDEX router_claims_nickname_first_seen ON router_claims_nickname(first_seen);
+CREATE INDEX router_claims_nickname_last_seen ON router_claims_nickname(last_seen);
+
+
+-- Copyright (c) 2007 Peter Palfrader
+--
+-- Permission is hereby granted, free of charge, to any person obtaining a copy
+-- of this software and associated documentation files (the "Software"), to deal
+-- in the Software without restriction, including without limitation the rights
+-- to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+-- copies of the Software, and to permit persons to whom the Software is
+-- furnished to do so, subject to the following conditions:
+--
+-- The above copyright notice and this permission notice shall be included in
+-- all copies or substantial portions of the Software.
+--
+-- THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+-- IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+-- FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+-- AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+-- LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+-- OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+-- SOFTWARE.
--- a/contrib/auto-naming/db-config.rb
+++ b/contrib/auto-naming/db-config.rb
@ -0,0 +1,8 @@
+$CONFIG             = {} unless $CONFIG
+$CONFIG['database'] = {} unless $CONFIG['database']
+
+# if you use postgres' "ident sameuser" auth set dbhost to ''
+$CONFIG['database']['dbhost'] = 'localhost';
+$CONFIG['database']['dbname'] = 'tornaming';
+$CONFIG['database']['user'] = 'tornaming';
+$CONFIG['database']['password'] = 'x';
--- a/contrib/auto-naming/db.rb
+++ b/contrib/auto-naming/db.rb
@ -0,0 +1,165 @@
+#!/usr/bin/ruby
+
+# Copyright (c) 2006, 2007 Peter Palfrader
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+# SOFTWARE.
+
+require "dbi"
+
+class WeaselDbQueryHandle
+	def initialize(sth)
+		@sth = sth
+	end
+
+	def next()
+		row = @sth.fetch_hash
+		if row
+			return row
+		else
+			@sth.finish
+			return nil
+		end
+	end
+end
+
+class Db
+	def initialize(host, database, user, password)
+		@dbh = DBI.connect("dbi:Pg:#{database}:#{host}", user, password);
+		@dbh['AutoCommit'] = false
+		@transaction = false
+		@pre_initial_transaction=true
+	end
+
+	def do(query,*args)
+		@dbh.do(query,*args)
+	end
+	def transaction_begin()
+		@dbh.do("BEGIN") unless @pre_initial_transaction
+		@transaction = true
+		@pre_initial_transaction=false
+	end
+	def transaction_commit()
+		@dbh.do("COMMIT")
+		@transaction = false
+	end
+	def transaction_rollback()
+		@dbh.do("ROLLBACK")
+	end
+	def get_primarykey_name(table);
+		#return 'ref';
+		return table+'_id';
+	end
+
+	def update(table, values, keys)
+		cols = []
+		vals = []
+		values.each_pair{ |k,v|
+			cols << "#{k}=?"
+			vals << v
+		}
+
+		wheres = []
+		keys.each_pair{ |k,v|
+			wheres << "#{k}=?"
+			vals << v
+		}
+
+		throw "update value set empty" unless cols.size > 0
+		throw "where clause empty" unless wheres.size > 0
+
+		query = "UPDATE #{table} SET #{cols.join(',')} WHERE #{wheres.join(' AND ')}"
+		transaction_begin unless transaction_before=@transaction
+		r = @dbh.do(query, *vals)
+		transaction_commit unless transaction_before
+		return r
+	end
+
+	def update_row(table, values)
+		pk_name = get_primarykey_name(table);
+		throw "Ref not defined" unless values[pk_name]
+		return update(table, values.clone.delete_if{|k,v| k == pk_name}, { pk_name => values[pk_name] });
+	end
+	def insert(table, values)
+		cols = values.keys
+		vals = values.values
+		qmarks = values.values.collect{ '?' }
+
+		query = "INSERT INTO #{table} (#{cols.join(',')}) VALUES (#{qmarks.join(',')})"
+		transaction_begin unless transaction_before=@transaction
+		@dbh.do(query, *vals)
+		transaction_commit unless transaction_before
+	end
+
+	def insert_row(table, values)
+		pk_name = get_primarykey_name(table);
+		if values[pk_name]
+			insert(table, values)
+		else
+			transaction_begin unless transaction_before=@transaction
+			row = query_row("SELECT nextval(pg_get_serial_sequence('#{table}', '#{pk_name}')) AS newref");
+			throw "No newref?" unless row['newref']
+			values[pk_name] = row['newref']
+			insert(table, values);
+			transaction_commit unless transaction_before
+		end
+	end
+	def delete_row(table, ref)
+		pk_name = get_primarykey_name(table);
+		query = "DELETE FROM #{table} WHERE #{pk_name}=?"
+		transaction_begin unless transaction_before=@transaction
+		@dbh.do(query, ref)
+		transaction_commit unless transaction_before
+	end
+	def query(query, *params)
+		sth = @dbh.execute(query, *params)
+		while row = sth.fetch_hash
+			yield row
+		end
+		sth.finish
+	end
+	# nil if no results
+	# hash if one match
+	# throw otherwise
+	def query_row(query, *params)
+		sth = @dbh.execute(query, *params)
+
+		row = sth.fetch_hash
+		if row == nil
+			sth.finish
+			return nil
+		elsif sth.fetch_hash != nil
+			sth.finish
+			throw "More than one result when querying for #{query}"
+		else
+			sth.finish
+			return row
+		end
+	end
+	def query_all(query, *params)
+		sth = @dbh.execute(query, *params)
+
+		rows = sth.fetch_all
+		return nil if rows.size == 0
+		return rows
+	end
+	def query2(query, *params)
+		sth = @dbh.execute(query, *params)
+		return WeaselDbQueryHandle.new(sth)
+	end
+end
--- a/contrib/auto-naming/process-consensus
+++ b/contrib/auto-naming/process-consensus
@ -0,0 +1,119 @@
+#!/usr/bin/ruby
+
+# process-consensus - read a current consensus document, inserting the
+#                     information into a database then calling
+#                     update-named-status.rb to update the name-binding
+#                     flags
+#
+# Copyright (c) 2007 Peter Palfrader
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+# SOFTWARE.
+
+require "yaml"
+
+require 'db'
+require 'db-config'
+require 'update-named-status'
+
+$db = Db.new($CONFIG['database']['dbhost'], $CONFIG['database']['dbname'], $CONFIG['database']['user'], $CONFIG['database']['password'])
+
+$router_cache = {}
+$nickname_cache = {}
+
+def parse_consensus consensus
+	ts = nil
+	routers = []
+	consensus.each do |line|
+		(key, value) = line.split(' ',2)
+		case key
+			when "valid-after", "published": ts = DateTime.parse(value)
+			when "r":
+				(nick, fpr, _) = value.split(' ', 3)
+				nick.downcase!
+				next if nick == 'unnamed'
+				routers << {
+					'nick' => nick,
+					'fingerprint' => (fpr+'=').unpack('m').first.unpack('H*').first
+					}
+		end
+	end
+	throw "Did not find a timestamp" unless ts
+	throw "Did not find any routers" unless routers.size > 0
+	return ts, routers
+end
+
+def insert_routers_into_db(router, table, field, value)
+	pk = table+'_id'
+	row = $db.query_row("SELECT #{pk} FROM #{table} WHERE #{field}=?", value)
+	if row
+		return row[pk]
+	else
+		r = { field => value }
+		$db.insert_row( table, r )
+		return r[pk]
+	end
+end
+
+def handle_one_consensus(c)
+	puts "parsing..." if $verbose
+	timestamp, routers = parse_consensus c
+	puts "storing..." if $verbose
+
+	routers.each do |router|
+		fpr = router['fingerprint']
+		nick = router['nick']
+		$router_cache[fpr] = router_id = ($router_cache[fpr] or insert_routers_into_db(router, 'router', 'fingerprint', router['fingerprint']))
+		$nickname_cache[nick] = nickname_id = ($nickname_cache[nick] or insert_routers_into_db(router, 'nickname', 'nick', router['nick']))
+
+		row = $db.update(
+			'router_claims_nickname',
+			{ 'last_seen' => timestamp.to_s },
+			{ 'router_id' => router_id, 'nickname_id' => nickname_id} )
+		case row
+			when 0:
+				$db.insert('router_claims_nickname',
+					{
+						'first_seen' => timestamp.to_s,
+						'last_seen' => timestamp.to_s,
+						'router_id' => router_id, 'nickname_id' => nickname_id} )
+			when 1:
+			else
+				throw "Update of router_claims_nickname returned unexpected number of affected rows(#{row})"
+		end
+	end
+end
+
+$db.transaction_begin
+if ARGV.first == '-v'
+	$verbose = true
+	ARGV.shift
+end
+
+if ARGV.size == 0
+	handle_one_consensus STDIN.readlines
+	do_update $verbose
+else
+	ARGV.each do |filename|
+		puts filename if $verbose
+		handle_one_consensus File.new(filename).readlines
+		puts "updating..." if $verbose
+		do_update $verbose
+	end
+end
+$db.transaction_commit
--- a/contrib/auto-naming/update-named-status.rb
+++ b/contrib/auto-naming/update-named-status.rb
@ -0,0 +1,70 @@
+#!/usr/bin/ruby
+
+# update-named-status.rb - update the named status of routers in our database
+#
+# Copyright (c) 2007 Peter Palfrader
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+# SOFTWARE.
+
+require "yaml"
+
+require 'db'
+require 'db-config'
+
+def do_update(verbose)
+	now = $db.query_row("SELECT max(last_seen) AS max FROM router_claims_nickname")['max']
+	unless now
+		STDERR.puts "Could not find the latest last_seen timestamp.  Is the database empty still?"
+		return
+	end
+	now = "TIMESTAMP '" + now.to_s + "'"
+
+	denamed = $db.do("
+			UPDATE router_claims_nickname
+			SET named=false
+			WHERE named
+			  AND last_seen < #{now} - INTERVAL '6 months'")
+	puts "de-named: #{denamed}" if verbose
+
+	named = $db.do("
+			UPDATE router_claims_nickname
+			SET named=true
+			WHERE NOT named
+			  AND first_seen < #{now} - INTERVAL '2 weeks'
+			  AND last_seen  > #{now} - INTERVAL '2 days'
+			  AND NOT EXISTS (SELECT *
+			       FROM router_claims_nickname AS innertable
+			       WHERE named
+			         AND router_claims_nickname.nickname_id=innertable.nickname_id) "+ # if that nickname is already named, we lose.
+			" AND NOT EXISTS (SELECT *
+			       FROM router_claims_nickname AS innertable
+			       WHERE router_claims_nickname.nickname_id=innertable.nickname_id
+			         AND router_claims_nickname.router_id <> innertable.router_id
+			         AND last_seen > #{now} - INTERVAL '1 month') ") # if nobody else wanted that nickname in the last month we are set
+	puts "named: #{named}" if verbose
+end
+
+if __FILE__ == $0
+	$db = Db.new($CONFIG['database']['dbhost'], $CONFIG['database']['dbname'], $CONFIG['database']['user'], $CONFIG['database']['password'])
+	verbose = ARGV.first == "-v"
+
+	$db.transaction_begin
+	do_update verbose
+	$db.transaction_commit
+end
--- a/contrib/or-tools/check-tor
+++ b/contrib/or-tools/check-tor
--- a/scripts/maint/checkLogs.pl
+++ b/scripts/maint/checkLogs.pl
--- a/contrib/checkOptionDocs.pl
+++ b/contrib/checkOptionDocs.pl
@ -0,0 +1,91 @@
+#!/usr/bin/perl -w
+# $Id
+use strict;
+
+my %options = ();
+my %descOptions = ();
+my %torrcSampleOptions = ();
+my %torrcCompleteOptions = ();
+my %manPageOptions = ();
+
+# Load the canonical list as actually accepted by Tor.
+my $mostRecentOption;
+open(F, "./src/or/tor --list-torrc-options |") or die;
+while (<F>) {
+    next if m!\[notice\] Tor v0\.!;
+    if (m!^([A-Za-z0-9_]+)!) {
+        $mostRecentOption = lc $1;
+        $options{$mostRecentOption} = 1;
+    } elsif (m!^    !) {
+        $descOptions{$mostRecentOption} = 1;
+        if (m!\{DEPRECATED\}!) {
+            delete $descOptions{$mostRecentOption};
+            delete $options{$mostRecentOption};
+        }
+    } else {
+        print "Unrecognized output> ";
+        print;
+    }
+}
+close F;
+
+# Load the contents of torrc.sample and torrc.complete
+sub loadTorrc {
+    my ($fname, $options) = @_;
+    local *F;
+    open(F, "$fname") or die;
+    while (<F>) {
+        next if (m!##+!);
+        if (m!#([A-Za-z0-9_]+)!) {
+            $options->{lc $1} = 1;
+        }
+    }
+    close F;
+    0;
+}
+
+loadTorrc("./src/config/torrc.sample.in", \%torrcSampleOptions);
+loadTorrc("./src/config/torrc.complete.in", \%torrcCompleteOptions);
+
+# Try to figure out what's in the man page.
+
+my $considerNextLine = 0;
+open(F, "./doc/tor.1.in") or die;
+while (<F>) {
+    if ($considerNextLine and
+        m!^\\fB([A-Za-z0-9_]+)!) {
+        $manPageOptions{lc $1} = 1;
+	next;
+    }
+
+    if (m!^\.(?:SH|TP|PP)!) {
+        $considerNextLine = 1; next;
+    } else {
+        $considerNextLine = 0;
+    }
+}
+close F;
+
+# Now, display differences:
+
+sub subtractHashes {
+    my ($s, $a, $b) = @_;
+    my @lst = ();
+    for my $k (keys %$a) {
+        push @lst, $k unless (exists $b->{$k});
+    }
+    print "$s: ", join(' ', sort @lst), "\n\n";
+    0;
+}
+
+subtractHashes("No online docs", \%options, \%descOptions);
+# subtractHashes("Orphaned online docs", \%descOptions, \%options);
+
+subtractHashes("Not in torrc.complete.in", \%options, \%torrcCompleteOptions);
+subtractHashes("Orphaned in torrc.complete.in", \%torrcCompleteOptions, \%options);
+subtractHashes("Orphaned in torrc.sample.in", \%torrcSampleOptions, \%options);
+
+subtractHashes("Not in man page", \%options, \%manPageOptions);
+subtractHashes("Orphaned in man page", \%manPageOptions, \%options);
+
+
--- a/contrib/checkSpace.pl
+++ b/contrib/checkSpace.pl
@ -0,0 +1,123 @@
+#!/usr/bin/perl -w
+
+if ($ARGV[0] =~ /^-/) {
+    $lang = shift @ARGV;
+    $C = ($lang eq '-C');
+#    $TXT = ($lang eq '-txt');
+}
+
+for $fn (@ARGV) {
+    open(F, "$fn");
+    $lastnil = 0;
+    $lastline = "";
+    $incomment = 0;
+    while (<F>) {
+        ## Warn about windows-style newlines.
+        if (/\r/) {
+            print "       CR:$fn:$.\n";
+        }
+        ## Warn about tabs.
+        if (/\t/) {
+            print "      TAB:$fn:$.\n";
+        }
+        ## Warn about trailing whitespace.
+        if (/ +$/) {
+            print "Space\@EOL:$fn:$.\n";
+        }
+        ## Warn about control keywords without following space.
+        if ($C && /\s(?:if|while|for|switch)\(/) {
+            print "      KW(:$fn:$.\n";
+        }
+	## Warn about #else #if instead of #elif. 
+	if (($lastline =~ /^\# *else/) and ($_ =~ /^\# *if/)) {
+            print " #else#if:$fn:$.\n";
+	}
+	$lastline = $_;
+        ## Warn about multiple empty lines.
+        if ($lastnil && /^$/) {
+            print " DoubleNL:$fn:$.\n";
+        } elsif (/^$/) {
+            $lastnil = 1;
+        } else {
+            $lastnil = 0;
+        }
+        ## Terminals are still 80 columns wide in my world.  I refuse to
+        ## accept double-line lines.  Except, of course, svn Id tags
+        ## can make us go long.
+        if (/^.{80}/ && !/\$Id: /) {
+            print "     Wide:$fn:$.\n";
+        }
+        ### Juju to skip over comments and strings, since the tests
+        ### we're about to do are okay there.
+        if ($C) {
+            if ($incomment) {
+                if (m!\*/!) {
+                    s!.*?\*/!!;
+                    $incomment = 0;
+                } else {
+                    next;
+                }
+            }
+            if (m!/\*.*?\*/!) {
+                s!\s*/\*.*?\*/!!;
+            } elsif (m!/\*!) {
+                s!\s*/\*!!;
+                $incomment = 1;
+                next;
+            }
+            s!"(?:[^\"]+|\\.)*"!"X"!g;
+            next if /^\#/;
+            ## Warn about C++-style comments.
+            if (m!//!) {
+                #    print "       //:$fn:$.\n";
+                s!//.*!!;
+            }
+            ## Warn about braces preceded by non-space.
+            if (/([^\s])\{/) {
+                print "       $1\{:$fn:$.\n";
+            }
+            ## Warn about multiple internal spaces.
+            #if (/[^\s,:]\s{2,}[^\s\\=]/) {
+            #    print "     X  X:$fn:$.\n";
+            #}
+            ## Warn about { with stuff after.
+            #s/\s+$//;
+            #if (/\{[^\}\\]+$/) {
+            #    print "     {X:$fn:$.\n";
+            #}
+            ## Warn about function calls with space before parens.
+            if (/(\w+)\s\(([A-Z]*)/) {
+                if ($1 ne "if" and $1 ne "while" and $1 ne "for" and
+                    $1 ne "switch" and $1 ne "return" and $1 ne "int" and
+                    $1 ne "elsif" and $1 ne "WINAPI" and $2 ne "WINAPI" and
+                    $1 ne "void" and $1 ne "__attribute__") {
+                    print "     fn ():$fn:$.\n";
+                }
+            }
+            ## Warn about functions not declared at start of line.
+            if ($in_func_head ||
+                ($fn !~ /\.h$/ && /^[a-zA-Z0-9_]/ &&
+                 ! /^(?:const |static )*(?:typedef|struct|union)[^\(]*$/ &&
+                 ! /= *\{$/ && ! /;$/)) {
+                if (/.\{$/){
+                    print "fn() {:$fn:$.\n";
+                    $in_func_head = 0;
+                } elsif (/^\S[^\(]* +\**[a-zA-Z0-9_]+\(/) {
+                    $in_func_head = -1; # started with tp fn
+                } elsif (/;$/) {
+                    $in_func_head = 0;
+                } elsif (/\{/) {
+                    if ($in_func_head == -1) {
+                        print "tp fn():$fn:$.\n";
+                    }
+                    $in_func_head = 0;
+                }
+            }
+        }
+    }
+    if (! $lastnil) {
+        print "  EOL\@EOF:$fn:$.\n";
+    }
+    close(F);
+}
+
--- a/contrib/or-tools/checksocks.pl
+++ b/contrib/or-tools/checksocks.pl
--- a/contrib/clang/sanitize_blacklist.txt
+++ b/contrib/clang/sanitize_blacklist.txt
@ -1,103 +0,0 @@
-# clang sanitizer special case list
-# syntax specified in http://clang.llvm.org/docs/SanitizerSpecialCaseList.html
-# for more info see http://clang.llvm.org/docs/AddressSanitizer.html
-
-#
-# Tor notes: This file is obsolete!
-#
-# It was necessary in order to apply the sanitizers to all of tor.  But
-# we don't believe that's a good idea: some parts of tor need constant-time
-# behavior that is hard to guarantee with these sanitizers.
-#
-# If you need this behavior, then please consider --enable-expensive-hardening,
-# and report bugs as needed.
-#
-
-# usage:
-# 1. configure tor build:
-#    ./configure \
-#    CC=clang \
-#    CFLAGS="-fsanitize-blacklist=contrib/clang/sanitize_blacklist.txt -fsanitize=undefined -fsanitize=address -fno-sanitize-recover=all -fno-omit-frame-pointer -fno-optimize-sibling-calls -fno-inline" \
-#    LDFLAGS="-fsanitize=address" \
-#    --disable-gcc-hardening
-# and any other flags required to build tor on your OS.
-#
-# 2. build tor:
-#    make
-#
-# 3. test tor:
-#    ASAN_OPTIONS=allow_user_segv_handler=1 make test
-#    ASAN_OPTIONS=allow_user_segv_handler=1 make check
-#    make test-network # requires chutney
-#
-# 4. the tor binary is now instrumented with clang sanitizers,
-#    and can be run just like a standard tor binary
-
-# Compatibility:
-# This blacklist has been tested with clang 3.7's UndefinedBehaviorSanitizer
-# and AddressSanitizer on OS X 10.10 Yosemite, with all tests passing
-# on both x86_64 and i386 (using CC="clang -arch i386")
-# It has not been tested with ThreadSanitizer or MemorySanitizer
-# Success report and patches for other sanitizers or OSs are welcome
-
-# ccache and make don't account for the sanitizer blacklist as a dependency
-# you might need to set CCACHE_DISABLE=1 and/or use make clean to workaround
-
-# Configuration Flags:
-# -fno-sanitize-recover=all
-# causes clang to crash on undefined behavior, rather than printing
-# a warning and continuing (the AddressSanitizer always crashes)
-# -fno-omit-frame-pointer -fno-optimize-sibling-calls -fno-inline
-# make clang backtraces easier to read
-# --disable-gcc-hardening
-# disables warnings about the redefinition of _FORTIFY_SOURCE
-# (it conflicts with the sanitizers)
-
-# Turning the sanitizers off for particular functions:
-# (Unfortunately, exempting functions doesn't work for the blacklisted
-# functions below, and we can't turn the code off because it's essential)
-#
-# #if defined(__has_feature)
-# #if __has_feature(address_sanitizer)
-# /* tell clang AddressSanitizer not to instrument this function */
-# #define NOASAN __attribute__((no_sanitize_address))
-# #define _CLANG_ASAN_
-# #else
-# #define NOASAN
-# #endif
-# #else
-# #define NOASAN
-# #endif
-#
-# /* Telling AddressSanitizer to not instrument a function */
-# void func(void) NOASAN;
-#
-# /* Including or excluding sections of code */
-# #ifdef _CLANG_ASAN_
-# /* code that only runs under address sanitizer */
-# #else
-# /* code that doesn't run under address sanitizer */
-# #endif
-
-# Blacklist Entries:
-
-# test-memwipe.c checks if a freed buffer was properly wiped
-fun:vmemeq
-fun:check_a_buffer
-
-# we need to allow the tor bt handler to catch SIGSEGV
-# otherwise address sanitizer munges the expected output and the test fails
-# we can do this by setting an environmental variable
-# See https://code.google.com/p/address-sanitizer/wiki/Flags
-# ASAN_OPTIONS=allow_user_segv_handler=1
-
-# test_bt_cl.c stores to a NULL pointer to trigger a crash
-fun:crash
-
-# curve25519-donna.c left-shifts 1 bits into and past the sign bit of signed
-# integers. Until #13538 is resolved, we exempt functions that do left shifts.
-# Note that x86_64 uses curve25519-donna-c64.c instead of curve25519-donna.c
-fun:freduce_coefficients
-fun:freduce_degree
-fun:s32_eq
-fun:fcontract
--- a/contrib/client-tools/tor-resolve.py
+++ b/contrib/client-tools/tor-resolve.py
@ -1,153 +0,0 @@
-#!/usr/bin/python
-
-import socket
-import struct
-import sys
-
-def socks4AResolveRequest(hostname):
-    version = 4
-    command = 0xF0
-    port = 0
-    addr = 0x0000001
-    username = ""
-    reqheader = struct.pack("!BBHL", version, command, port, addr)
-    return "%s%s\x00%s\x00"%(reqheader,username,hostname)
-
-def socks4AParseResponse(response):
-    RESPONSE_LEN = 8
-    if len(response) < RESPONSE_LEN:
-        return None
-    assert len(response) >= RESPONSE_LEN
-    version,status,port = struct.unpack("!BBH",response[:4])
-    assert version == 0
-    assert port == 0
-    if status == 90:
-        return "%d.%d.%d.%d"%tuple(map(ord, response[4:]))
-    else:
-        return "ERROR (status %d)"%status
-
-def socks5Hello():
-    return "\x05\x01\x00"
-def socks5ParseHello(response):
-    if response != "\x05\x00":
-        raise ValueError("Bizarre socks5 response")
-def socks5ResolveRequest(hostname, atype=0x03, command=0xF0):
-    version = 5
-    rsv = 0
-    port = 0
-    reqheader = struct.pack("!BBBB",version, command, rsv, atype)
-    if atype == 0x03:
-        reqheader += struct.pack("!B", len(hostname))
-    portstr = struct.pack("!H",port)
-    return "%s%s%s"%(reqheader,hostname,portstr)
-
-def socks5ParseResponse(r):
-    if len(r)<8:
-        return None
-    version, reply, rsv, atype = struct.unpack("!BBBB",r[:4])
-    assert version==5
-    assert rsv==0
-    if reply != 0x00:
-        return "ERROR",reply
-    assert atype in (0x01,0x03,0x04)
-    if atype != 0x03:
-        expected_len = 4 + ({1:4,4:16}[atype]) + 2
-        if len(r) < expected_len:
-            return None
-        elif len(r) > expected_len:
-            raise ValueError("Overlong socks5 reply!")
-        addr = r[4:-2]
-        if atype == 0x01:
-            return "%d.%d.%d.%d"%tuple(map(ord,addr))
-        else:
-            # not really the right way to format IPv6
-            return "IPv6: %s"%(":".join([hex(ord(c)) for c in addr]))
-    else:
-        hlen, = struct.unpack("!B", r[4])
-        expected_len = 5 + hlen + 2
-        if len(r) < expected_len:
-            return None
-        return r[5:-2]
-
-def socks5ResolvePTRRequest(hostname):
-    return socks5ResolveRequest(socket.inet_aton(hostname),
-                                atype=1, command = 0xF1)
-
-
-def parseHostAndPort(h):
-    host, port = "localhost", 9050
-    if ":" in h:
-        i = h.index(":")
-        host = h[:i]
-        try:
-            port = int(h[i+1:])
-        except ValueError:
-            print "Bad hostname %r"%h
-            sys.exit(1)
-    elif h:
-        try:
-            port = int(h)
-        except ValueError:
-            host = h
-
-    return host, port
-
-def resolve(hostname, sockshost, socksport, socksver=4, reverse=0):
-    assert socksver in (4,5)
-    if socksver == 4:
-        fmt = socks4AResolveRequest
-        parse = socks4AParseResponse
-    elif not reverse:
-        fmt = socks5ResolveRequest
-        parse = socks5ParseResponse
-    else:
-        fmt = socks5ResolvePTRRequest
-        parse = socks5ParseResponse
-
-    s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
-    s.connect((sockshost,socksport))
-    if socksver == 5:
-        s.send(socks5Hello())
-        socks5ParseHello(s.recv(2))
-    s.send(fmt(hostname))
-    answer = s.recv(6)
-    result = parse(answer)
-    while result is None:
-        more = s.recv(1)
-        if not more:
-            return None
-        answer += more
-        result = parse(answer)
-    print "Got answer",result
-    m = s.recv(1)
-    if m:
-        print "Got extra data too: %r"%m
-    return result
-
-if __name__ == '__main__':
-    if len(sys.argv) not in (2,3,4):
-        print "Syntax: resolve.py [-4|-5] hostname [sockshost:socksport]"
-        sys.exit(0)
-    socksver = 4
-    reverse = 0
-    while sys.argv[1][0] == '-':
-        if sys.argv[1] in ("-4", "-5"):
-            socksver = int(sys.argv[1][1])
-            del sys.argv[1]
-        elif sys.argv[1] == '-x':
-            reverse = 1
-            del sys.argv[1]
-        elif sys.argv[1] == '--':
-            break
-
-    if len(sys.argv) >= 4:
-        print "Syntax: resolve.py [-x] [-4|-5] hostname [sockshost:socksport]"
-        sys.exit(0)
-    if len(sys.argv) == 3:
-        sh,sp = parseHostAndPort(sys.argv[2])
-    else:
-        sh,sp = parseHostAndPort("")
-
-    if reverse and socksver == 4:
-        socksver = 5
-    resolve(sys.argv[1], sh, sp, socksver, reverse)
--- a/contrib/client-tools/torify
+++ b/contrib/client-tools/torify
@ -1,61 +0,0 @@
-#! /bin/sh
-
-# This script used to call (the now deprecated) tsocks as a fallback in case
-# torsocks wasn't installed.
-# Now, it's just a backwards compatible shim around torsocks with reasonable
-# behavior if -v/--verbose or -h/--help arguments are passed.
-#
-# Copyright (c) 2004, 2006, 2009 Peter Palfrader
-# Modified by Jacob Appelbaum <jacob@appelbaum.net> April 16th 2006
-# Stripped of all the tsocks cruft by ugh on February 22nd 2012
-# May be distributed under the same terms as Tor itself
-
-
-compat() {
-	echo "torify is now just a wrapper around torsocks(1) for backwards compatibility."
-}
-
-usage() {
-	compat
-	echo "Usage: $0 [-hv] <command> [<options>...]"
-}
-
-case $# in 0)
-	usage >&2
-	exit 1
-esac
-
-case $# in 1)
-	case $1 in -h|--help)
-		usage
-		exit 0
-	esac
-esac
-
-case $1 in -v|--verbose)
-	compat >&2
-	shift
-esac
-
-# taken from Debian's Developer's Reference, 6.4
-pathfind() {
-       OLDIFS="$IFS"
-       IFS=:
-       for p in $PATH; do
-               if [ -x "$p/$*" ]; then
-                       IFS="$OLDIFS"
-                       return 0
-               fi
-       done
-       IFS="$OLDIFS"
-       return 1
-}
-
-if pathfind torsocks; then
-    exec torsocks "$@"
-    echo "$0: Failed to exec torsocks $@" >&2
-    exit 1
-else
-    echo "$0: torsocks not found in your PATH.  Perhaps it isn't installed?  (tsocks is no longer supported, for security reasons.)" >&2
-fi
-
--- a/contrib/cross.sh
+++ b/contrib/cross.sh
@ -0,0 +1,196 @@
+#!/bin/bash
+# $Id$
+# Copyright 2006 Michael Mohr with modifications by Roger Dingledine
+# See LICENSE for licensing information.
+
+#######################################################################
+#  Tor-cross: a tool to help cross-compile Tor
+#
+#  The purpose of a cross-compiler is to produce an executable for
+#  one system (CPU) on another.  This is useful, for example, when
+#  the target system does not have a native compiler available.
+#  You might, for example, wish to cross-compile a program on your
+#  host (the computer you're working on now) for a target such as
+#  a router or handheld computer.
+#
+#  A number of environment variables must be set in order for this
+#  script to work:
+#        $PREFIX, $CROSSPATH, $HOST_TRIPLET, $HOST,
+#        and (optionally) $BUILD
+#  Please run the script for a description of each one.  If automated
+#  builds are desired, the above variables can be exported at the top
+#  of this script.
+#
+#  Recent releases of Tor include test programs in configure. Normally
+#  this is a good thing, since it catches a number of problems.
+#  However, this also presents a problem when cross compiling, since
+#  you can't run binary images for the target system on the host.
+#
+#  Tor-cross assumes that you know what you're doing and removes a
+#  number of checks known to cause problems with this process.
+#  Note that this does not guarantee that the program will run or
+#  even compile; it simply allows configure to generate the Makefiles.
+#
+#  Stripping the binaries should almost always be done for an
+#  embedded environment where space is at an exacting premium.
+#  However, the default is NOT to strip them since they are useful for
+#  debugging.  If you do not plan to do any debugging and you
+#  don't care about the debugging symbols, set $STRIP to "yes" before
+#  running this script.
+#
+#  Tor-cross was written by Michael Mohr.  He can be contacted at
+#  m(dot)mohr(at)laposte(dot)net.  Comments are appreciated, but
+#  flames go to /dev/null.
+#
+#  The target with which this script is tested is little-endian
+#  MIPS Linux, built on an Athlon-based Linux desktop.
+#
+#######################################################################
+
+# disable the platform-specific tests in configure
+export CROSS_COMPILE=yes
+
+# for error conditions
+EXITVAL=0
+
+if [ ! -f autogen.sh ]
+then
+  echo "Please run this script from the root of the Tor distribution"
+  exit -1
+fi
+
+if [ ! -f configure ]
+then
+  if [ -z $GEN_BUILD ]
+  then
+    echo "To automatically generate the build environment, set \$GEN_BUILD"
+    echo "to yes; for example,"
+    echo "	export GEN_BUILD=yes"
+    EXITVAL=-1
+  fi
+fi
+
+if [ -z $PREFIX ]
+then
+  echo "You must define \$PREFIX since you are cross-compiling."
+  echo "Select a non-system location (i.e. /tmp/tor-cross):"
+  echo "	export PREFIX=/tmp/tor-cross"
+  EXITVAL=-1
+fi
+
+if [ -z $CROSSPATH ]
+then
+  echo "You must define the location of your cross-compiler's"
+  echo "directory using \$CROSSPATH; for example,"
+  echo "	export CROSSPATH=/opt/cross/staging_dir_mipsel/bin"
+  EXITVAL=-1
+fi
+
+if [ -z $HOST_TRIPLET ]
+then
+  echo "You must define \$HOST_TRIPLET to continue.  For example,"
+  echo "if you normally cross-compile applications using"
+  echo "mipsel-linux-uclibc-gcc, you would set \$HOST_TRIPLET like so:"
+  echo "	export HOST_TRIPLET=mipsel-linux-uclibc-"
+  EXITVAL=-1
+fi
+
+if [ -z $HOST ]
+then
+  echo "You must specify a target processor with \$HOST; for example:"
+  echo "	export HOST=mipsel-unknown-elf"
+  EXITVAL=-1
+fi
+
+if [ -z $BUILD ]
+then
+  echo "You should specify the host machine's type with \$BUILD; for example:"
+  echo "	export BUILD=i686-pc-linux-gnu"
+  echo "If you wish to let configure autodetect the host, set \$BUILD to 'auto':"
+  echo "	export BUILD=auto"
+  EXITVAL=-1
+fi
+
+if [ ! -x $CROSSPATH/$HOST_TRIPLETgcc ]
+then
+  echo "The specified toolchain does not contain an executable C compiler."
+  echo "Please double-check your settings and rerun cross.sh."
+  EXITVAL=-1
+fi
+
+if [ $EXITVAL -ne 0 ]
+then
+  echo "Remember, you can hard-code these values in cross.sh if needed."
+  exit $EXITVAL
+fi
+
+if [ ! -z "$GEN_BUILD" -a ! -f configure ]
+then
+  export NOCONF=yes
+  ./autogen.sh
+fi
+
+# clean up any existing object files
+if [ -f src/or/tor ]
+then
+  make clean
+fi
+
+# Set up the build environment and try to run configure
+export PATH=$PATH:$CROSSPATH
+export RANLIB=${HOST_TRIPLET}ranlib
+export CC=${HOST_TRIPLET}gcc
+
+if [ $BUILD == "auto" ]
+then
+  ./configure \
+	--enable-debug \
+	--enable-eventdns \
+	--prefix=$PREFIX \
+	--host=$HOST
+else
+  ./configure \
+	--enable-debug \
+	--enable-eventdns \
+	--prefix=$PREFIX \
+	--host=$HOST \
+	--build=$BUILD
+fi
+
+# has a problem occurred?
+if [ $? -ne 0 ]
+then
+  echo ""
+  echo "A problem has been detected with configure."
+  echo "Please check the output above and rerun cross.sh"
+  echo ""
+  exit -1
+fi
+
+# Now we're cookin'
+
+make
+
+# has a problem occurred?
+if [ $? -ne 0 ]
+then
+  echo ""
+  echo "A problem has been detected with make."
+  echo "Please check the output above and rerun make."
+  echo ""
+  exit -1
+fi
+
+# if $STRIP has length (i.e. STRIP=yes), strip the binaries
+if [ ! -z $STRIP ]
+then
+${HOST_TRIPLET}strip \
+	src/or/tor \
+	src/or/test \
+	src/tools/tor-resolve
+fi
+
+echo ""
+echo "Tor should be compiled at this point.  Now run 'make install' to"
+echo "install to $PREFIX"
+echo ""
--- a/contrib/dirauth-tools/nagios-check-tor-authority-cert
+++ b/contrib/dirauth-tools/nagios-check-tor-authority-cert
@ -1,86 +0,0 @@
-#!/bin/bash
-
-# nagios-check-tor-authority-cert - check certificate expiry time
-
-# A nagios check for Tor v3 directory authorities:
-# - Checks the current certificate expiry time
-#
-# Usage: nagios-check-tor-authority-cert <authority identity fingerprint>
-# e.g.: nagios-check-tor-authority-cert A9AC67E64B200BBF2FA26DF194AC0469E2A948C6
-
-# Copyright (c) 2008 Peter Palfrader <peter@palfrader.org>
-#
-# Permission is hereby granted, free of charge, to any person obtaining
-# a copy of this software and associated documentation files (the
-# "Software"), to deal in the Software without restriction, including
-# without limitation the rights to use, copy, modify, merge, publish,
-# distribute, sublicense, and/or sell copies of the Software, and to
-# permit persons to whom the Software is furnished to do so, subject to
-# the following conditions:
-#
-# The above copyright notice and this permission notice shall be
-# included in all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
-# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
-# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
-# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
-# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
-# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
-# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
-
-
-set -e
-set -u
-
-if [ -z "${1:-}" ]; then
-	echo "Usage: $0 <authority identity fingerprint>" 2>&1
-	exit 3
-fi
-
-identity="$1"
-
-DIRSERVERS=""
-DIRSERVERS="$DIRSERVERS 86.59.21.38:80"         # tor26
-DIRSERVERS="$DIRSERVERS 128.31.0.34:9031"       # moria1
-DIRSERVERS="$DIRSERVERS 216.224.124.114:9030"   # ides
-DIRSERVERS="$DIRSERVERS 80.190.246.100:80"      # gabelmoo
-#DIRSERVERS="$DIRSERVERS 140.247.60.64:80"      # lefkada
-DIRSERVERS="$DIRSERVERS 194.109.206.212:80"     # dizum
-DIRSERVERS="$DIRSERVERS 213.73.91.31:80"        # dannenberg
-
-TMPFILE="`tempfile`"
-trap 'rm -f "$TMPFILE"' 0
-
-for dirserver in $DIRSERVERS; do
-	wget -q -O "$TMPFILE" "http://$dirserver/tor/keys/fp/$identity"
-	if [ "$?" = 0 ]; then
-		break
-	else
-		cat /dev/null > "$TMPFILE"
-		continue
-	fi
-done
-
-if ! [ -s "$TMPFILE" ] ; then
-	echo "UNKNOWN: Downloading certificate for $identity failed."
-	exit 3
-fi
-
-expirydate="$(awk '$1=="dir-key-expires" {printf "%s %s", $2, $3}' < "$TMPFILE")"
-expiryunix=$(TZ=UTC date -d "$expirydate" +%s)
-now=$(date +%s)
-
-if [ "$now" -ge "$expiryunix" ]; then
-	echo "CRITICAL: Certificate expired $expirydate (authority $identity)."
-	exit 2
-elif [ "$(( $now + 7*24*60*60 ))" -ge "$expiryunix" ]; then
-	echo "CRITICAL: Certificate expires $expirydate (authority $identity)."
-	exit 2
-elif [ "$(( $now + 30*24*60*60 ))" -ge "$expiryunix" ]; then
-	echo "WARNING: Certificate expires $expirydate (authority $identity)."
-	exit 1
-else
-	echo "OK: Certificate expires $expirydate (authority $identity)."
-	exit 0
-fi
--- a/contrib/dist/rc.subr
+++ b/contrib/dist/rc.subr
@ -1,43 +0,0 @@
-#!/bin/sh
-# $FreeBSD: ports/security/tor-devel/files/tor.in,v 1.1 2006/02/17 22:21:25 mnag Exp $
-#
-# (rc.subr written by Peter Thoenen for Net/FreeBSD)
-#
-# REQUIRE: NETWORKING SERVERS USR
-# BEFORE: LOGIN
-#
-# Add the following lines to /etc/rc.conf to enable tor
-#
-# tor_enable (bool):    Set to "NO" by default
-#                       Set it to "YES" to enable tor
-# tor_conf (str):       Points to your tor conf file
-#                       Default: /usr/local/etc/tor/torrc
-# tor_user (str):       Tor Daemon user. Default _tor
-#
-
-. /etc/rc.subr
-
-name="tor"
-rcvar=${name}_enable
-
-load_rc_config ${name}
-
-: ${tor_enable="NO"}
-: ${tor_conf="/usr/local/etc/tor/torrc"}
-: ${tor_user="_tor"}
-: ${tor_pidfile="/var/run/tor/tor.pid"}
-: ${tor_logfile="/var/log/tor"}
-: ${tor_datadir="/var/run/tor"}
-
-required_files=${tor_conf}
-required_dirs=${tor_datadir}
-command="/usr/local/bin/${name}"
-command_args="-f ${tor_conf} --pidfile ${tor_pidfile} --runasdaemon 1 --datadirectory ${tor_datadir} --user ${tor_user}"
-extra_commands="log"
-log_cmd="${name}_log"
-
-tor_log() {
-        cat ${tor_logfile}
-}
-
-run_rc_command "$1"
--- a/contrib/dist/suse/tor.sh.in
+++ b/contrib/dist/suse/tor.sh.in
@ -1,118 +0,0 @@
-#!/bin/sh
-#
-# Copyright (c) 2006-2007 Andrew Lewman
-#
-# tor    The Onion Router
-#
-# Startup/shutdown script for tor. This is a wrapper around torctl;
-# torctl does the actual work in a relatively system-independent, or at least
-# distribution-independent, way, and this script deals with fitting the
-# whole thing into the conventions of the particular system at hand.
-#
-# These next couple of lines "declare" tor for the "chkconfig" program,
-# originally from SGI, used on Red Hat/Fedora and probably elsewhere.
-#
-# chkconfig: 2345 90 10
-# description: Onion Router - A low-latency anonymous proxy
-#
-
-### BEGIN INIT INFO
-# Provides: tor
-# Required-Start: $remote_fs $network
-# Required-Stop: $remote_fs $network
-# Default-Start: 3 5
-# Default-Stop: 0 1 2 6
-# Short-Description: Start the tor daemon
-# Description:  Start the tor daemon:  the anon-proxy server
-### END INIT INFO
-
-. /etc/rc.status
-
-# Shell functions sourced from /etc/rc.status:
-#      rc_check         check and set local and overall rc status
-#      rc_status        check and set local and overall rc status
-#      rc_status -v     ditto but be verbose in local rc status
-#      rc_status -v -r  ditto and clear the local rc status
-#      rc_failed        set local and overall rc status to failed
-#      rc_reset         clear local rc status (overall remains)
-#      rc_exit          exit appropriate to overall rc status
-
-# First reset status of this service
-rc_reset
-
-# Increase open file descriptors a reasonable amount
-ulimit -n 8192
-
-TORCTL=@BINDIR@/torctl
-
-# torctl will use these environment variables
-TORUSER=@TORUSER@
-export TORUSER
-TORGROUP=@TORGROUP@
-export TORGROUP
-
-TOR_DAEMON_PID_DIR="@LOCALSTATEDIR@/run/tor"
-
-if [ -x /bin/su ] ; then
-    SUPROG=/bin/su
-elif [ -x /sbin/su ] ; then
-    SUPROG=/sbin/su
-elif [ -x /usr/bin/su ] ; then
-    SUPROG=/usr/bin/su
-elif [ -x /usr/sbin/su ] ; then
-    SUPROG=/usr/sbin/su
-else
-    SUPROG=/bin/su
-fi
-
-case "$1" in
-
-    start)
-    echo "Starting tor daemon"
-
-    if [ ! -d $TOR_DAEMON_PID_DIR ] ; then
-        mkdir -p $TOR_DAEMON_PID_DIR
-        chown $TORUSER:$TORGROUP $TOR_DAEMON_PID_DIR
-    fi
-
-    ## Start daemon with startproc(8). If this fails
-    ## the echo return value is set appropriate.
-
-    startproc -f $TORCTL start
-    # Remember status and be verbose
-    rc_status -v
-    ;;
-
-    stop)
-    echo "Stopping tor daemon" 
-    startproc -f $TORCTL stop
-    # Remember status and be verbose
-    rc_status -v
-    ;;
-
-    restart)
-    echo "Restarting tor daemon" 
-    startproc -f $TORCTL restart
-    # Remember status and be verbose
-    rc_status -v
-    ;;
-
-    reload)
-    echo "Reloading tor daemon" 
-    startproc -f $TORCTL reload
-    # Remember status and be verbose
-    rc_status -v
-    ;;
-
-    status)
-    startproc -f $TORCTL status
-    # Remember status and be verbose
-    rc_status -v
-    ;;
-
-    *)
-    echo "Usage: $0 (start|stop|restart|reload|status)"
-    RETVAL=1
-esac
-
-rc_exit
--- a/contrib/dist/tor.service.in
+++ b/contrib/dist/tor.service.in
@ -1,35 +0,0 @@
-# tor.service -- this systemd configuration file for Tor sets up a
-# relatively conservative, hardened Tor service.  You may need to
-# edit it if you are making changes to your Tor configuration that it
-# does not allow.  Package maintainers: this should be a starting point
-# for your tor.service; it is not the last point.
-
-[Unit]
-Description=Anonymizing overlay network for TCP
-After=syslog.target network.target nss-lookup.target
-
-[Service]
-Type=notify
-NotifyAccess=all
-ExecStartPre=@BINDIR@/tor -f @CONFDIR@/torrc --verify-config
-ExecStart=@BINDIR@/tor -f @CONFDIR@/torrc
-ExecReload=/bin/kill -HUP ${MAINPID}
-KillSignal=SIGINT
-TimeoutSec=30
-Restart=on-failure
-WatchdogSec=1m
-LimitNOFILE=32768
-
-# Hardening
-PrivateTmp=yes
-PrivateDevices=yes
-ProtectHome=yes
-ProtectSystem=full
-ReadOnlyDirectories=/
-ReadWriteDirectories=-@LOCALSTATEDIR@/lib/tor
-ReadWriteDirectories=-@LOCALSTATEDIR@/log/tor
-NoNewPrivileges=yes
-CapabilityBoundingSet=CAP_SETUID CAP_SETGID CAP_NET_BIND_SERVICE
-
-[Install]
-WantedBy=multi-user.target
--- a/contrib/dist/tor.sh.in
+++ b/contrib/dist/tor.sh.in
@ -1,123 +0,0 @@
-#!/bin/sh
-#
-# tor    The Onion Router
-#
-# Startup/shutdown script for tor. This is a wrapper around torctl;
-# torctl does the actual work in a relatively system-independent, or at least
-# distribution-independent, way, and this script deals with fitting the
-# whole thing into the conventions of the particular system at hand.
-# This particular script is written for Red Hat/Fedora Linux, and may
-# also work on Mandrake, but not SuSE.
-#
-# These next couple of lines "declare" tor for the "chkconfig" program,
-# originally from SGI, used on Red Hat/Fedora and probably elsewhere.
-#
-# chkconfig: 2345 90 10
-# description: Onion Router - A low-latency anonymous proxy
-#
-
-PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
-DAEMON=/usr/sbin/tor
-NAME=tor
-DESC="tor daemon"
-TORPIDDIR=/var/run/tor
-TORPID=$TORPIDDIR/tor.pid
-WAITFORDAEMON=60
-ARGS=""
-
-# Library functions
-if [ -f /etc/rc.d/init.d/functions ]; then
-   . /etc/rc.d/init.d/functions
-elif [ -f /etc/init.d/functions ]; then
-   . /etc/init.d/functions
-fi
-
-TORCTL=@BINDIR@/torctl
-
-# torctl will use these environment variables
-TORUSER=@TORUSER@
-export TORUSER
-
-if [ -x /bin/su ] ; then
-    SUPROG=/bin/su
-elif [ -x /sbin/su ] ; then
-    SUPROG=/sbin/su
-elif [ -x /usr/bin/su ] ; then
-    SUPROG=/usr/bin/su
-elif [ -x /usr/sbin/su ] ; then
-    SUPROG=/usr/sbin/su
-else
-    SUPROG=/bin/su
-fi
-
-# Raise ulimit based on number of file descriptors available (thanks, Debian)
-
-if [ -r /proc/sys/fs/file-max ]; then
-	system_max=`cat /proc/sys/fs/file-max`
-	if [ "$system_max" -gt "80000" ] ; then
-		MAX_FILEDESCRIPTORS=32768
-	elif [ "$system_max" -gt "40000" ] ; then
-		MAX_FILEDESCRIPTORS=16384
-	elif [ "$system_max" -gt "10000" ] ; then
-		MAX_FILEDESCRIPTORS=8192
-	else
-		MAX_FILEDESCRIPTORS=1024
-		cat << EOF
-
-Warning: Your system has very few filedescriptors available in total.
-
-Maybe you should try raising that by adding 'fs.file-max=100000' to your
-/etc/sysctl.conf file.  Feel free to pick any number that you deem appropriate.
-Then run 'sysctl -p'.  See /proc/sys/fs/file-max for the current value, and
-file-nr in the same directory for how many of those are used at the moment.
-
-EOF
-	fi
-else
-	MAX_FILEDESCRIPTORS=8192
-fi
-
-NICE=""
-
-case "$1" in
-
-    start)
-	if [ -n "$MAX_FILEDESCRIPTORS" ]; then
-		echo -n "Raising maximum number of filedescriptors (ulimit -n) to $MAX_FILEDESCRIPTORS"
-		if ulimit -n "$MAX_FILEDESCRIPTORS" ; then
-			echo "."
-		else
-			echo ": FAILED."
-		fi
-	fi
-
-    action $"Starting tor:" $TORCTL start
-    RETVAL=$?
-    ;;
-
-    stop)
-    action $"Stopping tor:" $TORCTL stop
-    RETVAL=$?
-    ;;
-
-    restart)
-    action $"Restarting tor:" $TORCTL restart
-    RETVAL=$?
-    ;;
-
-    reload)
-    action $"Reloading tor:" $TORCTL reload
-    RETVAL=$?
-    ;;
-
-    status)
-    $TORCTL status
-    RETVAL=$?
-    ;;
-
-    *)
-    echo "Usage: $0 (start|stop|restart|reload|status)"
-    RETVAL=1
-esac
-
-exit $RETVAL
--- a/contrib/exitlist
+++ b/contrib/exitlist
@ -0,0 +1,321 @@
+#!/usr/bin/python
+# Copyright 2005-2006 Nick Mathewson
+# See the LICENSE file in the Tor distribution for licensing information.
+
+# Requires Python 2.2 or later.
+
+"""
+ exitlist -- Given a Tor directory on stdin, lists the Tor servers
+ that accept connections to given addreses.
+
+ example usage (Tor 0.2.0.7-alpha and earlier):
+
+    cat ~/.tor/cached-routers* | python exitlist 18.244.0.188:80
+
+ example usage (Tor 0.2.0.8-alpha and later):
+
+    cat ~/.tor/cached-descriptors* | python exitlist 18.244.0.188:80
+
+ You should look at the "FetchUselessDescriptors" config option in the
+ man page. For 0.2.0.13-alpha and later, also look at the
+ "FetchDirInfoEarly" config option.
+
+ Note that this script won't give you a perfect list of IP addresses
+ that might connect to you using Tor, since some Tor servers might exit
+ from other addresses than the one they publish. See
+ https://check.torproject.org/ for an alternative (more
+ accurate!) approach.
+
+"""
+
+#
+# Change this to True if you want more verbose output.  By default, we
+# only print the IPs of the servers that accept any the listed
+# addresses, one per line.
+#
+VERBOSE = False
+
+#
+# Change this to True if you want to reverse the output, and list the
+# servers that accept *none* of the listed addresses.
+#
+INVERSE = False
+
+#
+# Change this list to contain all of the target services you are interested
+# in.  It must contain one entry per line, each consisting of an IPv4 address,
+# a colon, and a port number. This default is only used if we don't learn
+# about any addresses from the command-line.
+#
+ADDRESSES_OF_INTEREST = """
+    1.2.3.4:80
+"""
+
+
+#
+# YOU DO NOT NEED TO EDIT AFTER THIS POINT.
+#
+
+import sys
+import re
+import getopt
+import socket
+import struct
+import time
+
+assert sys.version_info >= (2,2)
+
+
+def maskIP(ip,mask):
+    return "".join([chr(ord(a) & ord(b)) for a,b in zip(ip,mask)])
+
+def maskFromLong(lng):
+    return struct.pack("!L", lng)
+
+def maskByBits(n):
+    return maskFromLong(0xffffffffl ^ ((1L<<(32-n))-1))
+
+class Pattern:
+    """
+    >>> import socket
+    >>> ip1 = socket.inet_aton("192.169.64.11")
+    >>> ip2 = socket.inet_aton("192.168.64.11")
+    >>> ip3 = socket.inet_aton("18.244.0.188")
+
+    >>> print Pattern.parse("18.244.0.188")
+    18.244.0.188/255.255.255.255:1-65535
+    >>> print Pattern.parse("18.244.0.188/16:*")
+    18.244.0.0/255.255.0.0:1-65535
+    >>> print Pattern.parse("18.244.0.188/2.2.2.2:80")
+    2.0.0.0/2.2.2.2:80-80
+    >>> print Pattern.parse("192.168.0.1/255.255.00.0:22-25")
+    192.168.0.0/255.255.0.0:22-25
+    >>> p1 = Pattern.parse("192.168.0.1/255.255.00.0:22-25")
+    >>> import socket
+    >>> p1.appliesTo(ip1, 22)
+    False
+    >>> p1.appliesTo(ip2, 22)
+    True
+    >>> p1.appliesTo(ip2, 25)
+    True
+    >>> p1.appliesTo(ip2, 26)
+    False
+    """
+    def __init__(self, ip, mask, portMin, portMax):
+        self.ip = maskIP(ip,mask)
+        self.mask = mask
+        self.portMin = portMin
+        self.portMax = portMax
+
+    def __str__(self):
+        return "%s/%s:%s-%s"%(socket.inet_ntoa(self.ip),
+                              socket.inet_ntoa(self.mask),
+                              self.portMin,
+                              self.portMax)
+
+    def parse(s):
+        if ":" in s:
+            addrspec, portspec = s.split(":",1)
+        else:
+            addrspec, portspec = s, "*"
+
+        if addrspec == '*':
+            ip,mask = "\x00\x00\x00\x00","\x00\x00\x00\x00"
+        elif '/' not in addrspec:
+            ip = socket.inet_aton(addrspec)
+            mask = "\xff\xff\xff\xff"
+        else:
+            ip,mask = addrspec.split("/",1)
+            ip = socket.inet_aton(ip)
+            if "." in mask:
+                mask = socket.inet_aton(mask)
+            else:
+                mask = maskByBits(int(mask))
+
+        if portspec == '*':
+            portMin = 1
+            portMax = 65535
+        elif '-' not in portspec:
+            portMin = portMax = int(portspec)
+        else:
+            portMin, portMax = map(int,portspec.split("-",1))
+
+        return Pattern(ip,mask,portMin,portMax)
+
+    parse = staticmethod(parse)
+
+    def appliesTo(self, ip, port):
+        return ((maskIP(ip,self.mask) == self.ip) and
+                (self.portMin <= port <= self.portMax))
+
+class Policy:
+    """
+    >>> import socket
+    >>> ip1 = socket.inet_aton("192.169.64.11")
+    >>> ip2 = socket.inet_aton("192.168.64.11")
+    >>> ip3 = socket.inet_aton("18.244.0.188")
+
+    >>> pol = Policy.parseLines(["reject *:80","accept 18.244.0.188:*"])
+    >>> print str(pol).strip()
+    reject 0.0.0.0/0.0.0.0:80-80
+    accept 18.244.0.188/255.255.255.255:1-65535
+    >>> pol.accepts(ip1,80)
+    False
+    >>> pol.accepts(ip3,80)
+    False
+    >>> pol.accepts(ip3,81)
+    True
+    """
+
+    def __init__(self, lst):
+        self.lst = lst
+
+    def parseLines(lines):
+        r = []
+        for item in lines:
+            a,p=item.split(" ",1)
+            if a == 'accept':
+                a = True
+            elif a == 'reject':
+                a = False
+            else:
+                raise ValueError("Unrecognized action %r",a)
+            p = Pattern.parse(p)
+            r.append((p,a))
+        return Policy(r)
+
+    parseLines = staticmethod(parseLines)
+
+    def __str__(self):
+        r = []
+        for pat, accept in self.lst:
+            rule = accept and "accept" or "reject"
+            r.append("%s %s\n"%(rule,pat))
+        return "".join(r)
+
+    def accepts(self, ip, port):
+        for pattern,accept in self.lst:
+            if pattern.appliesTo(ip,port):
+                return accept
+        return True
+
+class Server:
+    def __init__(self, name, ip, policy, published, fingerprint):
+        self.name = name
+        self.ip = ip
+        self.policy = policy
+        self.published = published
+        self.fingerprint = fingerprint
+
+def uniq_sort(lst):
+    d = {}
+    for item in lst: d[item] = 1
+    lst = d.keys()
+    lst.sort()
+    return lst
+
+def run():
+    global VERBOSE
+    global INVERSE
+    global ADDRESSES_OF_INTEREST
+
+    if len(sys.argv) > 1:
+        try:
+            opts, pargs = getopt.getopt(sys.argv[1:], "vx")
+        except getopt.GetoptError, e:
+            print """
+usage: cat ~/.tor/cached-routers* | %s [-v] [-x] [host:port [host:port [...]]]
+    -v  verbose output
+    -x  invert results
+""" % sys.argv[0]
+            sys.exit(0)
+
+        for o, a in opts:
+            if o == "-v":
+                VERBOSE = True
+            if o == "-x":
+                INVERSE = True
+        if len(pargs):
+            ADDRESSES_OF_INTEREST = "\n".join(pargs)
+
+    servers = []
+    policy = []
+    name = ip = None
+    published = 0
+    fp = ""
+    for line in sys.stdin.xreadlines():
+        if line.startswith('router '):
+            if name:
+                servers.append(Server(name, ip, Policy.parseLines(policy),
+                                      published, fp))
+            _, name, ip, rest = line.split(" ", 3)
+            policy = []
+            published = 0
+            fp = ""
+        elif line.startswith('fingerprint') or \
+                 line.startswith('opt fingerprint'):
+            elts = line.strip().split()
+            if elts[0] == 'opt': del elts[0]
+            assert elts[0] == 'fingerprint'
+            del elts[0]
+            fp = "".join(elts)
+        elif line.startswith('accept ') or line.startswith('reject '):
+            policy.append(line.strip())
+        elif line.startswith('published '):
+            date = time.strptime(line[len('published '):].strip(),
+                                 "%Y-%m-%d %H:%M:%S")
+            published = time.mktime(date)
+
+    if name:
+        servers.append(Server(name, ip, Policy.parseLines(policy), published,
+                              fp))
+
+    targets = []
+    for line in ADDRESSES_OF_INTEREST.split("\n"):
+        line = line.strip()
+        if not line: continue
+        p = Pattern.parse(line)
+        targets.append((p.ip, p.portMin))
+
+    # remove all but the latest server of each IP/Nickname pair.
+    latest = {}
+    for s in servers:
+        if (not latest.has_key((s.fingerprint))
+            or s.published > latest[(s.fingerprint)]):
+            latest[s.fingerprint] = s
+    servers = latest.values()
+
+    accepters, rejecters = {}, {}
+    for s in servers:
+        for ip,port in targets:
+            if s.policy.accepts(ip,port):
+                accepters[s.ip] = s
+                break
+        else:
+            rejecters[s.ip] = s
+
+    # If any server at IP foo accepts, the IP does not reject.
+    for k in accepters.keys():
+        if rejecters.has_key(k):
+            del rejecters[k]
+
+    if INVERSE:
+        printlist = rejecters.values()
+    else:
+        printlist = accepters.values()
+
+    ents = []
+    if VERBOSE:
+        ents = uniq_sort([ "%s\t%s"%(s.ip,s.name) for s in printlist ])
+    else:
+        ents = uniq_sort([ s.ip for s in printlist ])
+    for e in ents:
+        print e
+
+def _test():
+    import doctest, exitparse
+    return doctest.testmod(exitparse)
+#_test()
+
+run()
+
--- a/contrib/id_to_fp.c
+++ b/contrib/id_to_fp.c
@ -0,0 +1,78 @@
+/* Copyright 2006 Nick Mathewson; see LICENSE for licensing information */
+/* $Id$ */
+
+/* id_to_fp.c : Helper for directory authority ops.  When somebody sends us
+ * a private key, this utility converts the private key into a fingerprint
+ * so you can de-list that fingerprint.
+ */
+
+#include <openssl/rsa.h>
+#include <openssl/bio.h>
+#include <openssl/sha.h>
+#include <openssl/pem.h>
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#define die(s) do { fprintf(stderr, "%s\n", s); goto err; } while (0)
+
+int
+main(int argc, char **argv)
+{
+  BIO *b = NULL;
+  RSA *key = NULL;
+  unsigned char *buf = NULL, *bufp;
+  int len, i;
+  unsigned char digest[20];
+  int status = 1;
+
+  if (argc < 2) {
+    fprintf(stderr, "Reading key from stdin...\n");
+    if (!(b = BIO_new_fp(stdin, BIO_NOCLOSE)))
+      die("couldn't read from stdin");
+  } else if (argc == 2) {
+    if (strcmp(argv[1], "-h") == 0 ||
+        strcmp(argv[1], "--help") == 0) {
+      fprintf(stdout, "Usage: %s [keyfile]\n", argv[0]);
+      status = 0;
+      goto err;
+    } else {
+      if (!(b = BIO_new_file(argv[1], "r")))
+        die("couldn't open file");
+    }
+  } else {
+    fprintf(stderr, "Usage: %s [keyfile]\n", argv[0]);
+    goto err;
+  }
+  if (!(key = PEM_read_bio_RSAPrivateKey(b, NULL, NULL, NULL)))
+    die("couldn't parse key");
+
+  len = i2d_RSAPublicKey(key, NULL);
+  if (len < 0)
+    die("Bizarre key");
+  bufp = buf = malloc(len+1);
+  if (!buf)
+    die("Out of memory");
+  len = i2d_RSAPublicKey(key, &bufp);
+  if (len < 0)
+    die("Bizarre key");
+
+  SHA1(buf, len, digest);
+  for (i=0; i < 20; i += 2) {
+    printf("%02X%02X ", (int)digest[i], (int)digest[i+1]);
+  }
+  printf("\n");
+
+  status = 0;
+
+err:
+  if (buf)
+    free(buf);
+  if (key)
+    RSA_free(key);
+  if (b)
+    BIO_free(b);
+  return status;
+}
+
--- a/contrib/include.am
+++ b/contrib/include.am
@ -1,18 +0,0 @@
-
-EXTRA_DIST+= \
-	contrib/README					\
-	contrib/client-tools/torify			\
-	contrib/dist/rc.subr				\
-	contrib/dist/suse/tor.sh.in			\
-	contrib/dist/tor.sh				\
-	contrib/dist/torctl				\
-	contrib/dist/tor.service.in			\
-	contrib/operator-tools/linux-tor-prio.sh	\
-	contrib/operator-tools/tor-exit-notice.html	\
-	contrib/or-tools/exitlist			\
-	contrib/win32build/package_nsis-mingw.sh	\
-	contrib/win32build/tor-mingw.nsi.in		\
-	contrib/win32build/tor.ico			\
-	contrib/win32build/tor.nsi.in
-
-bin_SCRIPTS+= contrib/client-tools/torify
--- a/contrib/linux-tor-prio.sh
+++ b/contrib/linux-tor-prio.sh
@ -0,0 +1,176 @@
+#!/bin/bash
+# Written by Marco Bonetti & Mike Perry
+# Based on instructions from Dan Singletary's ADSL BW Management HOWTO:
+# http://www.faqs.org/docs/Linux-HOWTO/ADSL-Bandwidth-Management-HOWTO.html
+# This script is Public Domain.
+
+############################### README #################################
+
+# This script provides prioritization of Tor traffic below other
+# traffic on a Linux server. It has two modes of operation: UID based 
+# and IP based. The UID based method requires that Tor be launched from 
+# a specific user ID. The "User" Tor config setting is
+# insufficient, as it sets the UID after the socket is created.
+# Here is a three line C wrapper you can use to execute Tor and drop 
+# privs to UID 501 before it creates any sockets. Change the UID 
+# to the UID for your tor server user, and compile with 
+# 'gcc tor_wrap.c -o tor_wrap':
+
+# #include <unistd.h>
+# int main(int argc, char **argv) {
+# if(setresuid(501, 501, 501) == -1) { perror("setresuid"); return 1; }
+# execl("/bin/tor", "/bin/tor", "-f", "/etc/tor/torrc", NULL);
+# perror("execl"); return 1;
+# }
+
+# The IP setting requires that a separate IP address be dedicated to Tor. 
+# Your Torrc should be set to bind to this IP for "OutboundBindAddress", 
+# "ListenAddress", and "Address".
+
+# You should also tune the individual connection rate parameters below
+# to your individual connection. In particular, you should leave *some* 
+# minimum amount of bandwidth for Tor, so that Tor users are not 
+# completely choked out when you use your server's bandwidth. 30% is 
+# probably a polite choice.
+
+# To start the shaping, run it as: 
+#   ./linux-tor-prio.sh 
+
+# To get status information (useful to verify packets are getting marked
+# and prioritized), run:
+#   ./linux-tor-prio.sh status
+
+# And to stop prioritization:
+#   ./linux-tor-prio.sh stop
+
+########################################################################
+
+# BEGIN USER TUNABLE PARAMETERS
+
+DEV=eth0
+
+# NOTE! You must START Tor under this UID. Using the Tor User
+# config setting is NOT sufficient.
+TOR_UID=$(id -u tor)
+
+# If the UID mechanism doesn't work for you, you can set this parameter
+# instead. If set, it will take precedence over the UID setting. Note that
+# you need multiple IPs for this to work.
+#TOR_IP="42.42.42.42"
+
+# Average ping to most places on the net, milliseconds
+RTT_LATENCY=40
+
+# RATE_UP must be less than your connection's upload capacity. If it is
+# larger, then the bottleneck will be at your router's queue, which you
+# do not control. This will cause congestion and a revert to normal TCP
+# fairness no matter what the queing priority is.
+RATE_UP=5000
+
+# RATE_UP_TOR is the minimum speed your Tor connections will have.
+# They will have at least this much bandwidth for upload. In general, 
+# you probably shouldn't set this too low, or else Tor users who use 
+# your node will be completely choked out whenever your machine
+# does any other network activity. That is not very fun.
+RATE_UP_TOR=1500
+
+# RATE_UP_TOR_CEIL is the maximum rate allowed for all Tor trafic
+RATE_UP_TOR_CEIL=5000
+
+CHAIN=OUTPUT
+#CHAIN=PREROUTING
+#CHAIN=POSTROUTING
+
+MTU=1500
+AVG_PKT=900 # should be more like 600 for non-exit nodes
+
+# END USER TUNABLE PARAMETERS
+
+# The queue size should be no larger than your bandwidth-delay
+# product. This is RT latency*bandwidth/MTU/2
+
+BDP=$(expr $RTT_LATENCY \* $RATE_UP / $AVG_PKT)
+
+# Further research indicates that the BDP calculations should use
+# RTT/sqrt(n) where n is the expected number of active connections..
+
+BDP=$(expr $BDP / 4)
+
+if [ "$1" = "status" ]
+then
+	echo "[qdisc]"
+	tc -s qdisc show dev $DEV
+	tc -s qdisc show dev imq0
+	echo "[class]"
+	tc -s class show dev $DEV
+	tc -s class show dev imq0
+	echo "[filter]"
+	tc -s filter show dev $DEV
+	tc -s filter show dev imq0
+	echo "[iptables]"
+	iptables -t mangle -L TORSHAPER-OUT -v -x 2> /dev/null
+	exit
+fi
+
+
+# Reset everything to a known state (cleared)
+tc qdisc del dev $DEV root 2> /dev/null > /dev/null
+tc qdisc del dev imq0 root 2> /dev/null > /dev/null
+iptables -t mangle -D POSTROUTING -o $DEV -j TORSHAPER-OUT 2> /dev/null > /dev/null
+iptables -t mangle -D PREROUTING -o $DEV -j TORSHAPER-OUT 2> /dev/null > /dev/null
+iptables -t mangle -D OUTPUT -o $DEV -j TORSHAPER-OUT 2> /dev/null > /dev/null
+iptables -t mangle -F TORSHAPER-OUT 2> /dev/null > /dev/null
+iptables -t mangle -X TORSHAPER-OUT 2> /dev/null > /dev/null
+ip link set imq0 down 2> /dev/null > /dev/null
+rmmod imq 2> /dev/null > /dev/null
+
+if [ "$1" = "stop" ]
+then
+	echo "Shaping removed on $DEV."
+	exit
+fi
+
+# Outbound Shaping (limits total bandwidth to RATE_UP)
+
+ip link set dev $DEV qlen $BDP
+
+# Add HTB root qdisc, default is high prio
+tc qdisc add dev $DEV root handle 1: htb default 20
+
+# Add main rate limit class
+tc class add dev $DEV parent 1: classid 1:1 htb rate ${RATE_UP}kbit
+
+# Create the two classes, giving Tor at least RATE_UP_TOR kbit and capping
+# total upstream at RATE_UP so the queue is under our control.
+tc class add dev $DEV parent 1:1 classid 1:20 htb rate $(expr $RATE_UP - $RATE_UP_TOR)kbit ceil ${RATE_UP}kbit prio 0
+tc class add dev $DEV parent 1:1 classid 1:21 htb rate $[$RATE_UP_TOR]kbit ceil ${RATE_UP_TOR_CEIL}kbit prio 10
+
+# Start up pfifo
+tc qdisc add dev $DEV parent 1:20 handle 20: pfifo limit $BDP
+tc qdisc add dev $DEV parent 1:21 handle 21: pfifo limit $BDP
+
+# filter traffic into classes by fwmark
+tc filter add dev $DEV parent 1:0 prio 0 protocol ip handle 20 fw flowid 1:20
+tc filter add dev $DEV parent 1:0 prio 0 protocol ip handle 21 fw flowid 1:21
+
+# add TORSHAPER-OUT chain to the mangle table in iptables
+iptables -t mangle -N TORSHAPER-OUT
+iptables -t mangle -I $CHAIN -o $DEV -j TORSHAPER-OUT
+
+
+# Set firewall marks
+# Low priority to Tor
+if [ ""$TOR_IP == "" ]
+then
+	echo "Using UID-based QoS. UID $TOR_UID marked as low priority."
+	iptables -t mangle -A TORSHAPER-OUT -m owner --uid-owner $TOR_UID -j MARK --set-mark 21
+else
+	echo "Using IP-based QoS. $TOR_IP marked as low priority."
+	iptables -t mangle -A TORSHAPER-OUT -s $TOR_IP -j MARK --set-mark 21
+fi
+
+# High prio for everything else
+iptables -t mangle -A TORSHAPER-OUT -m mark --mark 0 -j MARK --set-mark 20
+
+echo "Outbound shaping added to $DEV.  Rate for Tor upload at least: ${RATE_UP_TOR}Kbyte/sec."
+
--- a/contrib/mdd.py
+++ b/contrib/mdd.py
@ -0,0 +1,169 @@
+#!/usr/bin/env python2.3
+
+import re, sys
+import textwrap
+
+files = sys.argv[1:]
+funcDeclaredIn = {}
+fileDeclares = {}
+functionCalls = {}
+funcCalledByFile = {}
+funcCalledByFunc = {}
+
+cpp_re = re.compile(r'//.*$')
+c_re = re.compile(r'/[*]+(?:[^*]+|[*]+[^/*])*[*]+/', re.M|re.S)
+
+for fname in files:
+    f = open(fname, 'r')
+    curFunc = "???"
+    functionCalls.setdefault(curFunc,{})
+    lineno = 0
+    body = f.read()
+    body = cpp_re.sub(" ",body)
+    body = c_re.sub(" ",body)
+    #if fname == 'dns.c': print body
+    for line in body.split("\n"):
+        lineno += 1
+        m = re.match(r'^[^\s/].*\s(\w+)\([^;]*$', line)
+        if m:
+            #print line, "->", m.group(1)
+            curFunc = m.group(1)
+            if curFunc[0] == '_': curFunc = curFunc[1:]
+            functionCalls.setdefault(curFunc,{})
+            funcDeclaredIn[m.group(1)] = fname
+            fileDeclares.setdefault(fname, {})[m.group(1)] = 1
+            continue
+        m = re.match(r'^(\w+)\([^;]', line)
+        if m:
+            #print line, "->", m.group(1)
+            curFunc = m.group(1)
+            if curFunc[0] == '_': curFunc = curFunc[1:]
+            functionCalls.setdefault(curFunc,{})
+            funcDeclaredIn[m.group(1)] = fname
+            fileDeclares.setdefault(fname, {})[m.group(1)] = 1
+            continue
+        while line:
+            m = re.search(r'(\w+)\(', line)
+            if not m: break
+            #print fname, line, curFunc, "->", m.group(1)
+            fn = m.group(1)
+            if fn[0] == '_':
+                fn = fn[1:]
+            functionCalls[curFunc][m.group(1)] = 1
+            #if curFunc == "???":
+            #    print ">>!!!!! at %s:%s"%(fname,lineno)
+            funcCalledByFunc.setdefault(m.group(1), {})[curFunc]=1
+            funcCalledByFile.setdefault(m.group(1), {})[fname]=1
+            line = line[m.end():]
+
+    f.close()
+
+fileUsers = {}
+fileUses = {}
+
+for fname in files:
+    print "%s:"%fname
+    users = {}
+    for func in fileDeclares[fname]:
+        cb = funcCalledByFile.get(func,{}).keys()
+        for f in cb: users[f] = 1
+        #print "users[%s] = %s"%(f,users[f])
+    users = users.keys()
+    users.sort()
+    fileUsers[fname] = users
+    for user in users:
+        fileUses.setdefault(user,[]).append(fname)
+        if user == fname: continue
+        print "  from %s:"%user
+        for func in fileDeclares[fname]:
+            if funcCalledByFile.get(func,{}).get(user,0):
+                print "    %s()"%func
+
+def wrap(s, pre):
+    return textwrap.fill(s,
+                         width=77, initial_indent=pre,
+                         subsequent_indent=" "*len(pre))
+
+for fname in files:
+    print
+    print "===== %s"%fname
+    print wrap(" ".join(fileUses[fname]),
+               "        Calls: ")
+    print wrap(" ".join(fileUsers[fname]),
+              "    Called by: ")
+
+print "=============================="
+
+funcnames = functionCalls.keys()
+funcnames.sort()
+
+if 1:
+    for func in funcnames:
+        print "===== %s"%func
+        callers = [c for c in funcCalledByFunc.get(func,{}).keys()
+                   if c != "???"]
+        callers.sort()
+        called = [c for c in functionCalls[func].keys() if c != "???" and
+                  c in funcnames]
+        called.sort()
+        print wrap(" ".join(callers),
+                   "  Called by:")
+        print wrap(" ".join(called),
+                   "      Calls:")
+
+# simple topological sort.
+functionDepth = {}
+while 1:
+    BIG = 1000000
+    any = 0
+    for func in funcnames:
+        if functionDepth.has_key(func):
+            continue
+        called = [c for c in functionCalls[func] if c != func and
+                  functionCalls.has_key(c)]
+        if len(called) == 0:
+            functionDepth[func] = 0
+            #print "Depth(%s)=%s"%(func,0)
+            any = 1
+            continue
+        calledDepths = [ functionDepth.get(c,BIG) for c in called ]
+        if max(calledDepths) < BIG:
+            d = functionDepth[func] = max(calledDepths)+1
+            #print "Depth(%s)=%s"%(func,d)
+            any = 1
+            continue
+    if not any:
+        break
+
+# compute lexical closure.
+cycCalls = {}
+for func in funcnames:
+    if not functionDepth.has_key(func):
+        calls = [ c for c in functionCalls[func] if c != func and
+                  functionCalls.has_key(c) and not functionDepth.has_key(c)]
+        cycCalls[func] = d = {}
+        for c in calls:
+            d[c]=1
+
+cycNames = cycCalls.keys()
+while 1:
+    any = 0
+    for func in cycNames:
+        L = len(cycCalls[func])
+        for called in cycCalls[func].keys():
+            cycCalls[func].update(cycCalls[called])
+        if L != len(cycCalls[func]):
+            any = 1
+    if not any:
+        break
+
+depthList = [ (v,k) for k,v in functionDepth.items() ]
+depthList.sort()
+cycList = [ (len(v),k) for k,v in cycCalls.items() ]
+cycList.sort()
+for depth,name in depthList:
+    print "Depth[%s]=%s"%(name,depth)
+for bredth,name in cycList:
+    print "Width[%s]=%s"%(name,bredth)
+
+print "Sorted %s / %s"%(len(functionDepth),len(funcnames))
--- a/contrib/nagios-check-tor-authority-cert
+++ b/contrib/nagios-check-tor-authority-cert
@ -0,0 +1,86 @@
+#!/bin/bash
+
+# nagios-check-tor-authority-cert - check certificate expiry time
+
+# A nagios check for Tor v3 directory authorities:
+# - Checks the current certificate expiry time
+#
+# Usage: nagios-check-tor-authority-cert <authority identity fingerprint>
+# e.g.: nagios-check-tor-authority-cert A9AC67E64B200BBF2FA26DF194AC0469E2A948C6
+
+# $Id$
+
+# Copyright (c) 2008 Peter Palfrader <peter@palfrader.org>
+#
+# Permission is hereby granted, free of charge, to any person obtaining
+# a copy of this software and associated documentation files (the
+# "Software"), to deal in the Software without restriction, including
+# without limitation the rights to use, copy, modify, merge, publish,
+# distribute, sublicense, and/or sell copies of the Software, and to
+# permit persons to whom the Software is furnished to do so, subject to
+# the following conditions:
+#
+# The above copyright notice and this permission notice shall be
+# included in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+
+set -e
+set -u
+
+if [ -z "${1:-}" ]; then
+	echo "Usage: $0 <authority identity fingerprint>" 2>&1
+	exit 3
+fi
+
+identity="$1"
+
+DIRSERVERS=""
+DIRSERVERS="$DIRSERVERS 86.59.21.38:80"         # tor26
+DIRSERVERS="$DIRSERVERS 128.31.0.34:9031"       # moria1
+DIRSERVERS="$DIRSERVERS 216.224.124.114:9030"   # ides
+DIRSERVERS="$DIRSERVERS 88.198.7.215:80"        # gabelmoo
+DIRSERVERS="$DIRSERVERS 140.247.60.64:80"       # lefkada
+
+TMPFILE="`tempfile`"
+trap 'rm -f "$TMPFILE"' 0
+
+for dirserver in $DIRSERVERS; do
+	wget -q -O "$TMPFILE" "http://$dirserver/tor/keys/fp/$identity"
+	if [ "$?" = 0 ]; then
+		break
+	else
+		cat /dev/null > "$TMPFILE"
+		continue
+	fi
+done
+
+if ! [ -s "$TMPFILE" ] ; then
+	echo "UNKNOWN: Downloading certificate for $identity failed."
+	exit 3
+fi
+
+expirydate="$(awk '$1=="dir-key-expires" {printf "%s %s", $2, $3}' < "$TMPFILE")"
+expiryunix=$(TZ=UTC date -d "$expirydate" +%s)
+now=$(date +%s)
+
+if [ "$now" -ge "$expiryunix" ]; then
+	echo "CRITICAL: Certificate expired $expirydate (authority $identity)."
+	exit 2
+elif [ "$(( $now + 7*24*60*60 ))" -ge "$expiryunix" ]; then
+	echo "CRITICAL: Certificate expires $expirydate (authority $identity)."
+	exit 2
+elif [ "$(( $now + 30*24*60*60 ))" -ge "$expiryunix" ]; then
+	echo "WARNING: Certificate expires $expirydate (authority $identity)."
+	exit 1
+else
+	echo "OK: Certificate expires $expirydate (authority $identity)."
+	exit 0
+fi
--- a/contrib/operator-tools/linux-tor-prio.sh
+++ b/contrib/operator-tools/linux-tor-prio.sh
@ -1,192 +0,0 @@
-#!/bin/bash
-# Written by Marco Bonetti & Mike Perry
-# Based on instructions from Dan Singletary's ADSL BW Management HOWTO:
-# http://www.faqs.org/docs/Linux-HOWTO/ADSL-Bandwidth-Management-HOWTO.html
-# This script is Public Domain.
-
-############################### README #################################
-
-# This script provides prioritization of Tor traffic below other
-# traffic on a Linux server. It has two modes of operation: UID based 
-# and IP based. 
-
-# UID BASED PRIORITIZATION
-#
-# The UID based method requires that Tor be launched from 
-# a specific user ID. The "User" Tor config setting is
-# insufficient, as it sets the UID after the socket is created.
-# Here is a C wrapper you can use to execute Tor and drop privs before 
-# it creates any sockets. 
-#
-# Compile with:
-# gcc -DUID=`id -u tor` -DGID=`id -g tor` tor_wrap.c -o tor_wrap
-#
-# #include <unistd.h>
-# int main(int argc, char **argv) {
-# if(initgroups("tor", GID) == -1) { perror("initgroups"); return 1; }
-# if(setresgid(GID, GID, GID) == -1) { perror("setresgid"); return 1; }
-# if(setresuid(UID, UID, UID) == -1) { perror("setresuid"); return 1; }
-# execl("/bin/tor", "/bin/tor", "-f", "/etc/tor/torrc", NULL);
-# perror("execl"); return 1;
-# }
-
-# IP BASED PRIORITIZATION
-#
-# The IP setting requires that a separate IP address be dedicated to Tor. 
-# Your Torrc should be set to bind to this IP for "OutboundBindAddress", 
-# "ListenAddress", and "Address".
-
-# GENERAL USAGE
-#
-# You should also tune the individual connection rate parameters below
-# to your individual connection. In particular, you should leave *some* 
-# minimum amount of bandwidth for Tor, so that Tor users are not 
-# completely choked out when you use your server's bandwidth. 30% is 
-# probably a reasonable choice. More is better of course.
-#
-# To start the shaping, run it as: 
-#   ./linux-tor-prio.sh 
-#
-# To get status information (useful to verify packets are getting marked
-# and prioritized), run:
-#   ./linux-tor-prio.sh status
-#
-# And to stop prioritization:
-#   ./linux-tor-prio.sh stop
-#
-########################################################################
-
-# BEGIN USER TUNABLE PARAMETERS
-
-DEV=eth0
-
-# NOTE! You must START Tor under this UID. Using the Tor User
-# config setting is NOT sufficient. See above.
-TOR_UID=$(id -u tor)
-
-# If the UID mechanism doesn't work for you, you can set this parameter
-# instead. If set, it will take precedence over the UID setting. Note that
-# you need multiple IPs with one specifically devoted to Tor for this to
-# work.
-#TOR_IP="42.42.42.42"
-
-# Average ping to most places on the net, milliseconds
-RTT_LATENCY=40
-
-# RATE_UP must be less than your connection's upload capacity in
-# kbits/sec. If it is larger, then the bottleneck will be at your
-# router's queue, which you do not control. This will cause congestion
-# and a revert to normal TCP fairness no matter what the queing
-# priority is.
-RATE_UP=5000
-
-# RATE_UP_TOR is the minimum speed your Tor connections will have in
-# kbits/sec.  They will have at least this much bandwidth for upload.
-# In general, you probably shouldn't set this too low, or else Tor
-# users who use your node will be completely choked out whenever your
-# machine does any other network activity. That is not very fun.
-RATE_UP_TOR=1500
-
-# RATE_UP_TOR_CEIL is the maximum rate allowed for all Tor traffic in
-# kbits/sec.
-RATE_UP_TOR_CEIL=5000
-
-CHAIN=OUTPUT
-#CHAIN=PREROUTING
-#CHAIN=POSTROUTING
-
-MTU=1500
-AVG_PKT=900 # should be more like 600 for non-exit nodes
-
-# END USER TUNABLE PARAMETERS
-
-
-
-# The queue size should be no larger than your bandwidth-delay
-# product. This is RT latency*bandwidth/MTU/2
-
-BDP=$(expr $RTT_LATENCY \* $RATE_UP / $AVG_PKT)
-
-# Further research indicates that the BDP calculations should use
-# RTT/sqrt(n) where n is the expected number of active connections..
-
-BDP=$(expr $BDP / 4)
-
-if [ "$1" = "status" ]
-then
-	echo "[qdisc]"
-	tc -s qdisc show dev $DEV
-	tc -s qdisc show dev imq0
-	echo "[class]"
-	tc -s class show dev $DEV
-	tc -s class show dev imq0
-	echo "[filter]"
-	tc -s filter show dev $DEV
-	tc -s filter show dev imq0
-	echo "[iptables]"
-	iptables -t mangle -L TORSHAPER-OUT -v -x 2> /dev/null
-	exit
-fi
-
-
-# Reset everything to a known state (cleared)
-tc qdisc del dev $DEV root 2> /dev/null > /dev/null
-tc qdisc del dev imq0 root 2> /dev/null > /dev/null
-iptables -t mangle -D POSTROUTING -o $DEV -j TORSHAPER-OUT 2> /dev/null > /dev/null
-iptables -t mangle -D PREROUTING -o $DEV -j TORSHAPER-OUT 2> /dev/null > /dev/null
-iptables -t mangle -D OUTPUT -o $DEV -j TORSHAPER-OUT 2> /dev/null > /dev/null
-iptables -t mangle -F TORSHAPER-OUT 2> /dev/null > /dev/null
-iptables -t mangle -X TORSHAPER-OUT 2> /dev/null > /dev/null
-ip link set imq0 down 2> /dev/null > /dev/null
-rmmod imq 2> /dev/null > /dev/null
-
-if [ "$1" = "stop" ]
-then
-	echo "Shaping removed on $DEV."
-	exit
-fi
-
-# Outbound Shaping (limits total bandwidth to RATE_UP)
-
-ip link set dev $DEV qlen $BDP
-
-# Add HTB root qdisc, default is high prio
-tc qdisc add dev $DEV root handle 1: htb default 20
-
-# Add main rate limit class
-tc class add dev $DEV parent 1: classid 1:1 htb rate ${RATE_UP}kbit
-
-# Create the two classes, giving Tor at least RATE_UP_TOR kbit and capping
-# total upstream at RATE_UP so the queue is under our control.
-tc class add dev $DEV parent 1:1 classid 1:20 htb rate $(expr $RATE_UP - $RATE_UP_TOR)kbit ceil ${RATE_UP}kbit prio 0
-tc class add dev $DEV parent 1:1 classid 1:21 htb rate $[$RATE_UP_TOR]kbit ceil ${RATE_UP_TOR_CEIL}kbit prio 10
-
-# Start up pfifo
-tc qdisc add dev $DEV parent 1:20 handle 20: pfifo limit $BDP
-tc qdisc add dev $DEV parent 1:21 handle 21: pfifo limit $BDP
-
-# filter traffic into classes by fwmark
-tc filter add dev $DEV parent 1:0 prio 0 protocol ip handle 20 fw flowid 1:20
-tc filter add dev $DEV parent 1:0 prio 0 protocol ip handle 21 fw flowid 1:21
-
-# add TORSHAPER-OUT chain to the mangle table in iptables
-iptables -t mangle -N TORSHAPER-OUT
-iptables -t mangle -I $CHAIN -o $DEV -j TORSHAPER-OUT
-
-
-# Set firewall marks
-# Low priority to Tor
-if [ ""$TOR_IP == "" ]
-then
-	echo "Using UID-based QoS. UID $TOR_UID marked as low priority."
-	iptables -t mangle -A TORSHAPER-OUT -m owner --uid-owner $TOR_UID -j MARK --set-mark 21
-else
-	echo "Using IP-based QoS. $TOR_IP marked as low priority."
-	iptables -t mangle -A TORSHAPER-OUT -s $TOR_IP -j MARK --set-mark 21
-fi
-
-# High prio for everything else
-iptables -t mangle -A TORSHAPER-OUT -m mark --mark 0 -j MARK --set-mark 20
-
-echo "Outbound shaping added to $DEV.  Rate for Tor upload at least: ${RATE_UP_TOR}Kbyte/sec."
-
--- a/contrib/operator-tools/tor-exit-notice.html
+++ b/contrib/operator-tools/tor-exit-notice.html
@ -1,144 +0,0 @@
-<?xml version="1.0"?>
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
-    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
-<html xmlns="http://www.w3.org/1999/xhtml">
-<head>
-<meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
-<title>This is a Tor Exit Router</title>
-
-<!--
-
-This notice is intended to be placed on a virtual host for a domain that
-your Tor exit node IP reverse resolves to so that people who may be about
-to file an abuse complaint would check it first before bothering you or
-your ISP. Ex:
-http://tor-exit.yourdomain.org or http://tor-readme.yourdomain.org.
-
-This type of setup has proven very effective at reducing abuse complaints
-for exit node operators.
-
-There are a few places in this document that you may want to customize.
-They are marked with FIXME.
-
-->
-
-</head>
-<body>
-
-<p style="text-align:center; font-size:xx-large; font-weight:bold">This is a
-Tor Exit Router</p>
-
-<p>
-Most likely you are accessing this website because you had some issue with
-the traffic coming from this IP. This router is part of the <a
-href="https://www.torproject.org/">Tor Anonymity Network</a>, which is
-dedicated to <a href="https://www.torproject.org/about/overview">providing
-privacy</a> to people who need it most: average computer users. This
-router IP should be generating no other traffic, unless it has been
-compromised.</p>
-
-
-<!-- FIXME: you should probably grab your own copy of how_tor_works_thumb.png
-     and serve it locally -->
-
-<p style="text-align:center">
-<a href="https://www.torproject.org/about/overview">
-<img src="https://www.torproject.org/images/how_tor_works_thumb.png" alt="How Tor works" style="border-style:none"/>
-</a></p>
-
-<p>
-Tor sees use by <a href="https://www.torproject.org/about/torusers">many
-important segments of the population</a>, including whistle blowers,
-journalists, Chinese dissidents skirting the Great Firewall and oppressive
-censorship, abuse victims, stalker targets, the US military, and law
-enforcement, just to name a few.  While Tor is not designed for malicious
-computer users, it is true that they can use the network for malicious ends.
-In reality however, the actual amount of <a
-href="https://www.torproject.org/docs/faq-abuse">abuse</a> is quite low. This
-is largely because criminals and hackers have significantly better access to
-privacy and anonymity than do the regular users whom they prey upon. Criminals
-can and do <a
-href="http://voices.washingtonpost.com/securityfix/2008/08/web_fraud_20_tools.html">build,
-sell, and trade</a> far larger and <a
-href="http://voices.washingtonpost.com/securityfix/2008/08/web_fraud_20_distributing_your.html">more
-powerful networks</a> than Tor on a daily basis. Thus, in the mind of this
-operator, the social need for easily accessible censorship-resistant private,
-anonymous communication trumps the risk of unskilled bad actors, who are
-almost always more easily uncovered by traditional police work than by
-extensive monitoring and surveillance anyway.</p>
-
-<p>
-In terms of applicable law, the best way to understand Tor is to consider it a
-network of routers operating as common carriers, much like the Internet
-backbone. However, unlike the Internet backbone routers, Tor routers
-explicitly do not contain identifiable routing information about the source of
-a packet, and no single Tor node can determine both the origin and destination
-of a given transmission.</p>
-
-<p>
-As such, there is little the operator of this router can do to help you track
-the connection further. This router maintains no logs of any of the Tor
-traffic, so there is little that can be done to trace either legitimate or
-illegitimate traffic (or to filter one from the other).  Attempts to
-seize this router will accomplish nothing.</p>
-
-<!-- FIXME: US-Only section. Remove if you are a non-US operator -->
-
-<p>
-Furthermore, this machine also serves as a carrier of email, which means that
-its contents are further protected under the ECPA. <a
-href="http://www.law.cornell.edu/uscode/text/18/2707">18
-USC 2707</a> explicitly allows for civil remedies ($1000/account
-<i><b>plus</b></i>  legal fees)
-in the event of a seizure executed without good faith or probable cause (it
-should be clear at this point that traffic with an originating IP address of
-FIXME_DNS_NAME should not constitute probable cause to seize the
-machine). Similar considerations exist for 1st amendment content on this
-machine.</p>
-
-<!-- FIXME: May or may not be US-only. Some non-US tor nodes have in
-     fact reported DMCA harassment... -->
-
-<p>
-If you are a representative of a company who feels that this router is being
-used to violate the DMCA, please be aware that this machine does not host or
-contain any illegal content. Also be aware that network infrastructure
-maintainers are not liable for the type of content that passes over their
-equipment, in accordance with <a
-href="http://www.law.cornell.edu/uscode/text/17/512">DMCA
-"safe harbor" provisions</a>. In other words, you will have just as much luck
-sending a takedown notice to the Internet backbone providers. Please consult
-<a href="https://www.torproject.org/eff/tor-dmca-response">EFF's prepared
-response</a> for more information on this matter.</p>
-
-<p>For more information, please consult the following documentation:</p>
-
-<ol>
-<li><a href="https://www.torproject.org/about/overview">Tor Overview</a></li>
-<li><a href="https://www.torproject.org/docs/faq-abuse">Tor Abuse FAQ</a></li>
-<li><a href="https://www.torproject.org/eff/tor-legal-faq">Tor Legal FAQ</a></li>
-</ol>
-
-<p>
-That being said, if you still have a complaint about the router,  you may
-email the <a href="mailto:FIXME_YOUR_EMAIL_ADDRESS">maintainer</a>. If
-complaints are related to a particular service that is being abused, I will
-consider removing that service from my exit policy, which would prevent my
-router from allowing that traffic to exit through it. I can only do this on an
-IP+destination port basis, however. Common P2P ports are
-already blocked.</p>
-
-<p>
-You also have the option of blocking this IP address and others on
-the Tor network if you so desire. The Tor project provides a <a
-href="https://check.torproject.org/cgi-bin/TorBulkExitList.py">web service</a>
-to fetch a list of all IP addresses of Tor exit nodes that allow exiting to a
-specified IP:port combination, and an official <a
-href="https://www.torproject.org/tordnsel/dist/">DNSRBL</a> is also available to
-determine if a given IP address is actually a Tor exit server. Please
-be considerate
-when using these options. It would be unfortunate to deny all Tor users access
-to your site indefinitely simply because of a few bad apples.</p>
-
-</body>
-</html>
--- a/contrib/operator-tools/tor.logrotate.in
+++ b/contrib/operator-tools/tor.logrotate.in
@ -1,14 +0,0 @@
-@LOCALSTATEDIR@/log/tor/*log {
-	daily
-	rotate 5
-	compress
-	delaycompress
-	missingok
-	notifempty
-	# you may need to change the username/groupname below
-	create 0640 _tor _tor
-	sharedscripts
-	postrotate
-		/etc/init.d/tor reload > /dev/null
-	endscript
-}
--- a/contrib/or-tools/exitlist
+++ b/contrib/or-tools/exitlist
@ -1,323 +0,0 @@
-#!/usr/bin/python
-# Copyright 2005-2006 Nick Mathewson
-# See the LICENSE file in the Tor distribution for licensing information.
-
-# Requires Python 2.2 or later.
-
-"""
- exitlist -- Given a Tor directory on stdin, lists the Tor servers
- that accept connections to given addreses.
-
- example usage:
-
-    cat ~/.tor/cached-descriptors* | python exitlist 18.244.0.188:80
-
- You should look at the "FetchUselessDescriptors" and "FetchDirInfoEarly"
- config options in the man page.
-
- Note that this script won't give you a perfect list of IP addresses
- that might connect to you using Tor.
- False negatives:
-   - Some Tor servers might exit from other addresses than the one they
-     publish in their descriptor.
- False positives:
-   - This script just looks at the descriptor lists, so it counts relays
-     that were running a day in the past and aren't running now (or are
-     now running at a different address).
-
- See https://check.torproject.org/ for an alternative (more accurate!)
-  approach.
-
-"""
-
-#
-# Change this to True if you want more verbose output.  By default, we
-# only print the IPs of the servers that accept any the listed
-# addresses, one per line.
-#
-VERBOSE = False
-
-#
-# Change this to True if you want to reverse the output, and list the
-# servers that accept *none* of the listed addresses.
-#
-INVERSE = False
-
-#
-# Change this list to contain all of the target services you are interested
-# in.  It must contain one entry per line, each consisting of an IPv4 address,
-# a colon, and a port number. This default is only used if we don't learn
-# about any addresses from the command-line.
-#
-ADDRESSES_OF_INTEREST = """
-    1.2.3.4:80
-"""
-
-
-#
-# YOU DO NOT NEED TO EDIT AFTER THIS POINT.
-#
-
-import sys
-import re
-import getopt
-import socket
-import struct
-import time
-
-assert sys.version_info >= (2,2)
-
-
-def maskIP(ip,mask):
-    return "".join([chr(ord(a) & ord(b)) for a,b in zip(ip,mask)])
-
-def maskFromLong(lng):
-    return struct.pack("!L", lng)
-
-def maskByBits(n):
-    return maskFromLong(0xffffffffl ^ ((1L<<(32-n))-1))
-
-class Pattern:
-    """
-    >>> import socket
-    >>> ip1 = socket.inet_aton("192.169.64.11")
-    >>> ip2 = socket.inet_aton("192.168.64.11")
-    >>> ip3 = socket.inet_aton("18.244.0.188")
-
-    >>> print Pattern.parse("18.244.0.188")
-    18.244.0.188/255.255.255.255:1-65535
-    >>> print Pattern.parse("18.244.0.188/16:*")
-    18.244.0.0/255.255.0.0:1-65535
-    >>> print Pattern.parse("18.244.0.188/2.2.2.2:80")
-    2.0.0.0/2.2.2.2:80-80
-    >>> print Pattern.parse("192.168.0.1/255.255.00.0:22-25")
-    192.168.0.0/255.255.0.0:22-25
-    >>> p1 = Pattern.parse("192.168.0.1/255.255.00.0:22-25")
-    >>> import socket
-    >>> p1.appliesTo(ip1, 22)
-    False
-    >>> p1.appliesTo(ip2, 22)
-    True
-    >>> p1.appliesTo(ip2, 25)
-    True
-    >>> p1.appliesTo(ip2, 26)
-    False
-    """
-    def __init__(self, ip, mask, portMin, portMax):
-        self.ip = maskIP(ip,mask)
-        self.mask = mask
-        self.portMin = portMin
-        self.portMax = portMax
-
-    def __str__(self):
-        return "%s/%s:%s-%s"%(socket.inet_ntoa(self.ip),
-                              socket.inet_ntoa(self.mask),
-                              self.portMin,
-                              self.portMax)
-
-    def parse(s):
-        if ":" in s:
-            addrspec, portspec = s.split(":",1)
-        else:
-            addrspec, portspec = s, "*"
-
-        if addrspec == '*':
-            ip,mask = "\x00\x00\x00\x00","\x00\x00\x00\x00"
-        elif '/' not in addrspec:
-            ip = socket.inet_aton(addrspec)
-            mask = "\xff\xff\xff\xff"
-        else:
-            ip,mask = addrspec.split("/",1)
-            ip = socket.inet_aton(ip)
-            if "." in mask:
-                mask = socket.inet_aton(mask)
-            else:
-                mask = maskByBits(int(mask))
-
-        if portspec == '*':
-            portMin = 1
-            portMax = 65535
-        elif '-' not in portspec:
-            portMin = portMax = int(portspec)
-        else:
-            portMin, portMax = map(int,portspec.split("-",1))
-
-        return Pattern(ip,mask,portMin,portMax)
-
-    parse = staticmethod(parse)
-
-    def appliesTo(self, ip, port):
-        return ((maskIP(ip,self.mask) == self.ip) and
-                (self.portMin <= port <= self.portMax))
-
-class Policy:
-    """
-    >>> import socket
-    >>> ip1 = socket.inet_aton("192.169.64.11")
-    >>> ip2 = socket.inet_aton("192.168.64.11")
-    >>> ip3 = socket.inet_aton("18.244.0.188")
-
-    >>> pol = Policy.parseLines(["reject *:80","accept 18.244.0.188:*"])
-    >>> print str(pol).strip()
-    reject 0.0.0.0/0.0.0.0:80-80
-    accept 18.244.0.188/255.255.255.255:1-65535
-    >>> pol.accepts(ip1,80)
-    False
-    >>> pol.accepts(ip3,80)
-    False
-    >>> pol.accepts(ip3,81)
-    True
-    """
-
-    def __init__(self, lst):
-        self.lst = lst
-
-    def parseLines(lines):
-        r = []
-        for item in lines:
-            a,p=item.split(" ",1)
-            if a == 'accept':
-                a = True
-            elif a == 'reject':
-                a = False
-            else:
-                raise ValueError("Unrecognized action %r",a)
-            p = Pattern.parse(p)
-            r.append((p,a))
-        return Policy(r)
-
-    parseLines = staticmethod(parseLines)
-
-    def __str__(self):
-        r = []
-        for pat, accept in self.lst:
-            rule = accept and "accept" or "reject"
-            r.append("%s %s\n"%(rule,pat))
-        return "".join(r)
-
-    def accepts(self, ip, port):
-        for pattern,accept in self.lst:
-            if pattern.appliesTo(ip,port):
-                return accept
-        return True
-
-class Server:
-    def __init__(self, name, ip, policy, published, fingerprint):
-        self.name = name
-        self.ip = ip
-        self.policy = policy
-        self.published = published
-        self.fingerprint = fingerprint
-
-def uniq_sort(lst):
-    d = {}
-    for item in lst: d[item] = 1
-    lst = d.keys()
-    lst.sort()
-    return lst
-
-def run():
-    global VERBOSE
-    global INVERSE
-    global ADDRESSES_OF_INTEREST
-
-    if len(sys.argv) > 1:
-        try:
-            opts, pargs = getopt.getopt(sys.argv[1:], "vx")
-        except getopt.GetoptError, e:
-            print """
-usage: cat ~/.tor/cached-routers* | %s [-v] [-x] [host:port [host:port [...]]]
-    -v  verbose output
-    -x  invert results
-""" % sys.argv[0]
-            sys.exit(0)
-
-        for o, a in opts:
-            if o == "-v":
-                VERBOSE = True
-            if o == "-x":
-                INVERSE = True
-        if len(pargs):
-            ADDRESSES_OF_INTEREST = "\n".join(pargs)
-
-    servers = []
-    policy = []
-    name = ip = None
-    published = 0
-    fp = ""
-    for line in sys.stdin.xreadlines():
-        if line.startswith('router '):
-            if name:
-                servers.append(Server(name, ip, Policy.parseLines(policy),
-                                      published, fp))
-            _, name, ip, rest = line.split(" ", 3)
-            policy = []
-            published = 0
-            fp = ""
-        elif line.startswith('fingerprint') or \
-                 line.startswith('opt fingerprint'):
-            elts = line.strip().split()
-            if elts[0] == 'opt': del elts[0]
-            assert elts[0] == 'fingerprint'
-            del elts[0]
-            fp = "".join(elts)
-        elif line.startswith('accept ') or line.startswith('reject '):
-            policy.append(line.strip())
-        elif line.startswith('published '):
-            date = time.strptime(line[len('published '):].strip(),
-                                 "%Y-%m-%d %H:%M:%S")
-            published = time.mktime(date)
-
-    if name:
-        servers.append(Server(name, ip, Policy.parseLines(policy), published,
-                              fp))
-
-    targets = []
-    for line in ADDRESSES_OF_INTEREST.split("\n"):
-        line = line.strip()
-        if not line: continue
-        p = Pattern.parse(line)
-        targets.append((p.ip, p.portMin))
-
-    # remove all but the latest server of each IP/Nickname pair.
-    latest = {}
-    for s in servers:
-        if (not latest.has_key((s.fingerprint))
-            or s.published > latest[(s.fingerprint)]):
-            latest[s.fingerprint] = s
-    servers = latest.values()
-
-    accepters, rejecters = {}, {}
-    for s in servers:
-        for ip,port in targets:
-            if s.policy.accepts(ip,port):
-                accepters[s.ip] = s
-                break
-        else:
-            rejecters[s.ip] = s
-
-    # If any server at IP foo accepts, the IP does not reject.
-    for k in accepters.keys():
-        if rejecters.has_key(k):
-            del rejecters[k]
-
-    if INVERSE:
-        printlist = rejecters.values()
-    else:
-        printlist = accepters.values()
-
-    ents = []
-    if VERBOSE:
-        ents = uniq_sort([ "%s\t%s"%(s.ip,s.name) for s in printlist ])
-    else:
-        ents = uniq_sort([ s.ip for s in printlist ])
-    for e in ents:
-        print e
-
-def _test():
-    import doctest, exitparse
-    return doctest.testmod(exitparse)
-#_test()
-
-run()
-
--- a/contrib/osx/Makefile.am
+++ b/contrib/osx/Makefile.am
@ -0,0 +1,12 @@
+# XXX Is this define necessary, or is it redundant with the
+# one from the top-level configure? -RD
+confdir = $(sysconfdir)/Tor
+
+EXTRA_DIST = PrivoxyConfDesc.plist PrivoxyConfInfo.plist          \
+    ReadMe.rtf StartupParameters.plist Tor TorBundleDesc.plist.in \
+    TorBundleInfo.plist.in TorBundleWelcome.rtf TorDesc.plist.in  \
+    TorInfo.plist.in TorStartupDesc.plist.in TorStartupInfo.plist \
+    package.sh privoxy.config TorPostflight addsysuser            \
+    Tor_Uninstaller.applescript uninstall_tor_bundle.sh           \
+    TorbuttonInfo.plist TorbuttonDesc.plist                       \
+    package_list.txt tor_logo.gif TorPreFlight
--- a/contrib/osx/PrivoxyConfDesc.plist
+++ b/contrib/osx/PrivoxyConfDesc.plist
@ -0,0 +1,10 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+<dict>
+	<key>IFPkgDescriptionTitle</key>
+	<string>Privoxy configuration for Tor</string>
+	<key>IFPkgDescriptionVersion</key>
+	<string>0.1</string>
+</dict>
+</plist>
--- a/contrib/osx/PrivoxyConfInfo.plist
+++ b/contrib/osx/PrivoxyConfInfo.plist
@ -0,0 +1,22 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+<dict>
+	<key>CFBundleIdentifier</key>
+	<string>Privoxy configuration for Tor</string>
+	<key>CFBundleGetInfoString</key>
+	<string>Privoxy configuration for Tor</string>
+	<key>CFBundleName</key>
+	<string>Privoxy configuration for Tor</string>
+	<key>CFBundleSortVersionString</key>
+	<string>0.1</string>
+	<key>IFPkgFlagAuthorizationAction</key>
+	<string>RootAuthorization</string>
+        <key>IFPkgFlagRestartAction</key>
+        <string>RecommendedRestart</string>
+	<key>IFPkgFlagFollowLinks</key>
+	<true/>
+	<key>IFPkgFlagIsRequired</key>
+	<false/>
+</dict>
+</plist>
--- a/contrib/osx/ReadMe.rtf
+++ b/contrib/osx/ReadMe.rtf
@ -0,0 +1,7 @@
+{\rtf1\mac\ansicpg10000\cocoartf102
+{\fonttbl\f0\fswiss\fcharset77 Helvetica;}
+{\colortbl;\red255\green255\blue255;}
+\margl1440\margr1440\vieww9000\viewh9000\viewkind0
+\pard\tx560\tx1120\tx1680\tx2240\tx2800\tx3360\tx3920\tx4480\tx5040\tx5600\tx6160\tx6720\ql\qnatural
+
+\f0\fs24 \cf0 Tor is a toolset for a wide range of organizations and people who want to improve their safety and security on the Internet. Using Tor can help you anonymize web browsing and publishing, instant messaging, IRC, SSH, and more. Tor also provides a platform on which software developers can build new applications with built-in anonymity, safety, and privacy features.}
--- a/contrib/osx/StartupParameters.plist
+++ b/contrib/osx/StartupParameters.plist
@ -0,0 +1,13 @@
+{
+  Description     = "Tor";
+  Provides        = ("tor");
+  Requires        = ("Network");
+  Uses		  = ("Network");
+  OrderPreference = "Last";
+  Messages =
+  {
+  start = "Starting Tor";
+  stop = "Stopping Tor";
+  };
+}
+
--- a/contrib/osx/Tor
+++ b/contrib/osx/Tor
@ -0,0 +1,87 @@
+#!/bin/sh
+
+TORLOC=/Library/StartupItems/Tor/Tor.loc
+
+if [ -f $TORLOC ]; then
+ TORDIR=`cat /Library/StartupItems/Tor/Tor.loc`
+ if [ "x$TORDIR" = "x" -o ! -d $TORDIR -o ! -x $TORDIR/tor ]; then
+   TORDIR=/Library/Tor
+ fi
+else
+ TORDIR=/Library/Tor
+fi
+TORCONF=$TORDIR/torrc
+TORDATA=$TORDIR/var/lib/tor
+TORPID=/var/run/Tor.pid
+TORUSER=_tor
+TORGROUP=daemon
+TORCMD=$TORDIR/tor
+TORLOG=/var/log/tor.log
+
+## Determine OSX Version
+# map version to name
+if [ -x /usr/bin/sw_vers ]; then
+# This is poor, yet functional.  We don't care about the 3rd number in
+# the OS version
+  OSVER=`/usr/bin/sw_vers | grep ProductVersion | cut -f2 | cut -d"." -f1,2`
+      case "$OSVER" in
+    "10.6") ARCH="universal";;
+	"10.5") ARCH="universal";;
+ 	"10.4") ARCH="universal";;
+ 	"10.3") ARCH="ppc";;
+ 	"10.2") ARCH="ppc";;
+ 	"10.1") ARCH="ppc";;
+ 	"10.0") ARCH="ppc";;
+      esac
+else
+	ARCH="unknown"
+fi
+ 
+if [ $ARCH != "universal" ]; then
+	export EVENT_NOKQUEUE=1
+fi
+
+##
+# Tor Service
+##
+
+. /etc/rc.common
+
+StartService ()
+{
+
+    if [ -f $TORCMD ]; then
+        if pid=$(GetPID Tor); then
+            return 0
+        else
+		ConsoleMessage "Starting Tor Service"
+# Tentative
+# Making sure it is not running (I know it is not a best approarch)
+		killall tor 2>/dev/null
+		$TORCMD -f "$TORCONF" --runasdaemon 1 --pidfile "$TORPID" --datadirectory "$TORDATA" --user "$TORUSER" --group "$TORGROUP" --log "notice file $TORLOG" &
+	fi
+    fi
+}
+
+StopService ()
+{
+    if pid=$(GetPID Tor); then
+	ConsoleMessage "Stopping Tor Service"
+	kill -TERM "${pid}"
+# Just for sanity (sometimes necessary.)
+	killall tor 2>/dev/null
+    else
+	ConsoleMessage "Tor Service not responding."
+# Just for sanity (sometimes necessary.)
+	killall tor 2>/dev/null
+    fi
+}
+
+RestartService () { StopService; StartService; }
+
+if [ "$#" = 0 ]; then
+  echo "Syntax: tor {start|stop}"
+  exit 1
+fi 
+
+RunService "$1"
--- a/contrib/osx/TorBundleDesc.plist.in
+++ b/contrib/osx/TorBundleDesc.plist.in
@ -0,0 +1,14 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+<dict>
+	<key>IFPkgDescriptionDeleteWarning</key>
+	<string></string>
+	<key>IFPkgDescriptionDescription</key>
+	<string>Bundled package of Tor @VERSION@, Privoxy 3.0.6, and Torbutton.</string>
+	<key>IFPkgDescriptionTitle</key>
+	<string>Tor - Privoxy - Torbutton Bundle</string>
+	<key>IFPkgDescriptionVersion</key>
+	<string>@VERSION@</string>
+</dict>
+</plist>
--- a/contrib/osx/TorBundleInfo.plist.in
+++ b/contrib/osx/TorBundleInfo.plist.in
@ -0,0 +1,33 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+<dict>
+	<key>CFBundleName</key>
+	<string>Tor Bundle</string>
+	<key>CFBundleGetInfoString</key>
+	<string>Tor Bundle @VERSION@</string>
+	<key>CFBundleIdentifier</key>
+	<string>net.freehaven.torbundle</string>
+	<key>CFBundleShortVersionString</key>
+	<string>@VERSION@</string>
+	<key>IFPkgFlagComponentDirectory</key>
+	<string>../.contained_packages</string>
+	<key>IFPkgFlagPackageList</key>
+	<array>
+		<dict>
+			<key>IFPkgFlagPackageLocation</key>
+			<string>Tor.pkg</string>
+			<key>IFPkgFlagPackageSelection</key>
+			<string>required</string>
+		</dict>
+		<dict>
+			<key>IFPkgFlagPackageLocation</key>
+			<string>torstartup.pkg</string>
+			<key>IFPkgFlagPackageSelection</key>
+			<string>selected</string>
+		</dict>
+	</array>
+        <key>IFPkgFormatVersion</key>
+        <real>0.10000000149011612</real>
+</dict>
+</plist>
--- a/contrib/osx/TorBundleWelcome.rtf
+++ b/contrib/osx/TorBundleWelcome.rtf
@ -0,0 +1,38 @@
+{\rtf1\mac\ansicpg10000\cocoartf824\cocoasubrtf420
+{\fonttbl\f0\fswiss\fcharset77 Helvetica;\f1\fswiss\fcharset77 Helvetica-Oblique;\f2\fswiss\fcharset77 Helvetica-Bold;
+}
+{\colortbl;\red255\green255\blue255;}
+\paperw11900\paperh16840\margl1440\margr1440\vieww9000\viewh9000\viewkind0
+\pard\tx720\tx1440\tx2160\tx2880\tx3600\tx4320\tx5040\tx5760\tx6480\tx7200\tx7920\tx8640\ql\qnatural
+
+\f0\fs24 \cf0 Welcome to Tor - Privoxy - Torbutton Bundle installer.\
+This will install Tor, Privoxy, and Torbutton in your computer.\
+\
+
+\f1\i Tor, Privoxy, and Torbutton are separate products.\
+They are packaged together for your convenience.
+\f2\i0\b \
+
+\f0\b0 \
+\pard\tx560\tx1120\tx1680\tx2240\tx2800\tx3360\tx3920\tx4480\tx5040\tx5600\tx6160\tx6720\ql\qnatural
+
+\f2\b \cf0 Tor
+\f0\b0  is a system for using the Internet anonymously, and allowing\
+others to do so.\
+\
+	For more information, please visit https://www.torproject.org/\
+\
+
+\f2\b Privoxy
+\f0\b0  stands between your web browser and Tor to make your web surfing experience safer.\
+\
+	For more information, please visit http://www.privoxy.org/\
+\
+\pard\tx560\tx1120\tx1680\tx2240\tx2800\tx3360\tx3920\tx4480\tx5040\tx5600\tx6160\tx6720\ql\qnatural\pardirnatural
+
+\f2\b \cf0 Torbutton
+\f0\b0  is a 1-click way for Firefox users to enable or disable the browser's use of Tor.   
+\f1\i Torbutton will not install if you do not have Firefox installed.
+\f0\i0 \
+\
+	For more information, please visit https://torbutton.torproject.org/}
--- a/contrib/osx/TorDesc.plist.in
+++ b/contrib/osx/TorDesc.plist.in
@ -0,0 +1,10 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+<dict>
+	<key>IFPkgDescriptionTitle</key>
+	<string>Tor</string>
+	<key>IFPkgDescriptionVersion</key>
+	<string>@VERSION@</string>
+</dict>
+</plist>
--- a/contrib/osx/TorInfo.plist.in
+++ b/contrib/osx/TorInfo.plist.in
@ -0,0 +1,28 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+<dict>
+	<key>CFBundleIdentifier</key>
+	<string>Tor @VERSION@</string>
+	<key>CFBundleGetInfoString</key>
+	<string>Tor @VERSION@</string>
+	<key>CFBundleName</key>
+	<string>Tor</string>
+	<key>CFBundleShortVersionString</key>
+	<string>@VERSION@</string>
+	<key>IFPkgFlagAllowBackRev</key>
+	<true/>
+	<key>IFPkgFlagAuthorizationAction</key>
+	<string>RootAuthorization</string>
+	<key>IFPkgFlagFollowLinks</key>
+	<true/>
+	<key>IFPkgFlagIsRequired</key>
+	<true/>
+	<key>IFPkgFlagRootVolumeOnly</key>
+	<true/>
+	<key>IfPkgFlagBackgroundScaling</key>
+	<string>proportional</string>
+	<key>IFPkgFlagBackgroundAlignment</key>
+	<string>bottomleft</string>
+</dict>
+</plist>
--- a/contrib/osx/TorPostflight
+++ b/contrib/osx/TorPostflight
@ -0,0 +1,136 @@
+#!/bin/sh
+# ====================================================================
+#  TorPostFlight is distributed under this license
+#
+#  Copyright (c) 2006 Andrew Lewman
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are
+# met:
+#
+#     * Redistributions of source code must retain the above copyright
+# notice, this list of conditions and the following disclaimer.
+#
+#     * Redistributions in binary form must reproduce the above
+# copyright notice, this list of conditions and the following disclaimer
+# in the documentation and/or other materials provided with the
+# distribution.
+#
+#     * Neither the names of the copyright owners nor the names of its
+# contributors may be used to endorse or promote products derived from
+# this software without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+# ======================================================================
+
+# TorPostflight gets invoked after any install or upgrade.
+
+ADDSYSUSER=$RECEIPT_PATH/addsysuser
+if [ ! -x "$ADDSYSUSER" ]; then
+  echo "Could not find addsysuser script."
+  exit 1
+fi
+
+TORUSER=_tor
+TORGROUP=daemon
+TARGET=$2/Library/Tor
+TORDIR=$TARGET/var/lib/tor
+LOGFILE=/var/log/tor.log
+TORBUTTON_VERSION="1.2.0-fx"
+
+# Check defaults for TARGET
+if [ "$TARGET" == "//Library/Tor" ]; then
+	TARGET=/Library/Tor
+fi
+
+# Create user $TORUSER in group daemon.  If it's already there, great.
+$ADDSYSUSER $TORUSER "Tor System user" $TORDIR
+
+# Create the tor directory, if it doesn't exist.
+if [ ! -d $TORDIR ]; then
+  mkdir -p $TORDIR
+fi
+# Check its permissions.
+chown $TORUSER $TORDIR
+chgrp daemon $TORDIR
+chmod 700 $TORDIR
+
+if [ ! -f $LOGFILE ]; then
+    touch $LOGFILE
+    chown $TORUSER $LOGFILE
+    chgrp daemon $LOGFILE
+    chmod 660 $LOGFILE
+fi
+
+# Create the configuration file only if there wasn't one already.
+if [ ! -f $TARGET/torrc ]; then
+  cp $TARGET/torrc.sample $TARGET/torrc
+fi
+
+# Put the geoip database into the datadir
+if [ ! -f $TORDIR/geoip ]; then
+  cp $PACKAGE_PATH/Contents/Resources/geoip $TORDIR/geoip
+fi
+
+# Ensure symbolic links
+cd /usr/bin
+if [ -e /usr/bin/tor -a ! -L /usr/bin/tor ]; then
+  mv tor tor_old
+fi
+if [ -e /usr/bin/tor-resolve -a ! -L /usr/bin/tor-resolve ]; then
+  mv tor-resolve tor-resolve_old
+fi
+ln -sf $TARGET/tor .
+ln -sf $TARGET/tor-resolve .
+
+cd /usr/share/man/man1
+MAN1=$TARGET/share/man/man1
+#ln -sf $MAN1/*.1 .
+
+if [ -d /Library/StartupItems/Privoxy ]; then
+  find /Library/StartupItems/Privoxy -print0 | xargs -0 chown root:wheel
+fi
+
+# Copy Documentation
+if [ -d $PACKAGE_PATH/Contents/Resources/documents ];then
+   cp -r $PACKAGE_PATH/Contents/Resources/documents $TARGET/documents
+fi
+
+# Copy Uninstaller
+if [ -f $PACKAGE_PATH/Contents/Resources/Tor_Uninstaller.applescript ]; then 
+   cp $PACKAGE_PATH/Contents/Resources/Tor_Uninstaller.applescript $TARGET/Tor_Uninstaller.applescript
+   chmod 550 $TARGET/Tor_Uninstaller.applescript
+fi
+
+if [ -f $PACKAGE_PATH/Contents/Resources/uninstall_tor_bundle.sh ]; then
+   cp $PACKAGE_PATH/Contents/Resources/uninstall_tor_bundle.sh $TARGET/uninstall_tor_bundle.sh
+   chmod 550 $TARGET/uninstall_tor_bundle.sh
+fi
+
+if [ -f $PACKAGE_PATH/Contents/Resources/package_list.txt ]; then
+   cp $PACKAGE_PATH/Contents/Resources/package_list.txt $TARGET/package_list.txt
+fi
+
+if [ -d /Library/StartupItems/Tor ]; then
+   rm -f /Library/StartupItems/Tor/Tor.loc
+   echo "$TARGET" > /Library/StartupItems/Tor/Tor.loc
+fi
+
+# This only works if the user installing us is an Admin user.
+# Otherwise, this will silently fail to install torbutton in firefox.
+if [ -f /Applications/Firefox.app/Contents/MacOS/firefox ]; then
+  if [ -f /Library/Torbutton/torbutton-$TORBUTTON_VERSION.xpi ]; then
+# Open firefox with a prompt to install the torbutton xpi
+      su $USER open -a /Applications/Firefox.app /Library/Torbutton/torbutton-$TORBUTTON_VERSION.xpi
+  fi
+fi
--- a/contrib/osx/TorPreFlight
+++ b/contrib/osx/TorPreFlight
@ -0,0 +1,59 @@
+#!/bin/sh
+#
+# ===================================================================
+# 
+# TorPreFlight is distributed under this license:
+#
+# Copyright (c) 2006 Andrew Lewman
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are
+# met:
+#
+#     * Redistributions of source code must retain the above copyright
+# notice, this list of conditions and the following disclaimer.
+#
+#     * Redistributions in binary form must reproduce the above
+# copyright notice, this list of conditions and the following disclaimer
+# in the documentation and/or other materials provided with the
+# distribution.
+#
+#     * Neither the names of the copyright owners nor the names of its
+# contributors may be used to endorse or promote products derived from
+# this software without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+#===============================================================================
+
+# TorPreFlight is invoked before the install begins
+
+# Figure out where Tor is installed
+if [ -f /Library/StartupItems/Tor/Tor.loc ]; then
+	TORPATH=`cat /Library/StartupItems/Tor/Tor.loc`
+else
+	TORPATH="/Library/Tor/"
+fi
+
+if [ -f /Library/StartupItems/Privoxy/Privoxy.loc ]; then
+	PRIVOXYPATH=`cat /Library/StartupItems/Privoxy/Privoxy.loc`
+else
+	PRIVOXYPATH="/Library/Privoxy/"
+fi
+
+# Backup all of Tor, just in case
+if [ -d $TORPATH ]; then
+  cp $TORPATH/torrc $TORPATH/torrc.installer-saved
+  cp $PRIVOXYPATH/config $PRIVOXYPATH/config.installer-saved
+  cp $PRIVOXYPATH/user.action $PRIVOXYPATH/user.action.installer-saved
+fi
+
--- a/contrib/osx/TorStartupDesc.plist.in
+++ b/contrib/osx/TorStartupDesc.plist.in
@ -0,0 +1,10 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+<dict>
+	<key>IFPkgDescriptionTitle</key>
+	<string>Tor Startup Script</string>
+	<key>IFPkgDescriptionVersion</key>
+	<string>@VERSION@</string>
+</dict>
+</plist>
--- a/contrib/osx/TorStartupInfo.plist
+++ b/contrib/osx/TorStartupInfo.plist
@ -0,0 +1,26 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+<dict>
+	<key>CFBundleIdentifier</key>
+	<string>Tor Startup Script</string>
+	<key>CFBundleGetInfoString</key>
+	<string>Tor Startup Script</string>
+	<key>CFBundleName</key>
+	<string>Tor Startup Script</string>
+	<key>CFBundleShortVersionString</key>
+	<string>0.1</string>
+	<key>IFPkgFlagAllowBackRev</key>
+	<true/>
+	<key>IFPkgFlagAuthorizationAction</key>
+	<string>RootAuthorization</string>
+        <key>IFPkgFlagRestartAction</key>
+        <string>NoRestart</string>
+	<key>IFPkgFlagFollowLinks</key>
+	<true/>
+	<key>IFPkgFlagIsRequired</key>
+	<false/>
+	<key>IFPkgFlagRootVolumeOnly</key>
+	<true/>
+</dict>
+</plist>
--- a/contrib/osx/Tor_Uninstaller.applescript
+++ b/contrib/osx/Tor_Uninstaller.applescript
@ -0,0 +1,68 @@
+-- Tor Uninstaller.applescript
+-- Tor Uninstaller
+
+-- ===============================================================================
+-- Tor Uninstaller is distributed under this license:
+--
+-- Copyright (c) 2005 Andrew Lewman ( pgp key: 31B0974B )
+-- 
+-- Redistribution and use in source and binary forms, with or without
+-- modification, are permitted provided that the following conditions are
+-- met:
+-- 
+--     * Redistributions of source code must retain the above copyright
+-- notice, this list of conditions and the following disclaimer.
+-- 
+--     * Redistributions in binary form must reproduce the above
+-- copyright notice, this list of conditions and the following disclaimer
+-- in the documentation and/or other materials provided with the
+-- distribution.
+-- 
+--     * Neither the names of the copyright owners nor the names of its
+-- contributors may be used to endorse or promote products derived from
+-- this software without specific prior written permission.
+-- 
+-- THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+-- "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+-- LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+-- A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+-- OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+-- SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+-- LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+-- DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+-- THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+-- (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+-- OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+-- ===============================================================================
+
+on run
+	
+	-- Validate & find disk paths
+	set boot_disk to (path to startup disk) as string
+	set default_tor_path to boot_disk & "Library:Tor"
+	set default_privoxy_path to boot_disk & "Library:Privoxy"
+	set default_tor_startup_path to boot_disk & "Library:StartupItems:Tor"
+	set default_privoxy_startup_path to boot_disk & "Library:StartupItems:Privoxy"
+	set shell_script to default_tor_path & ":uninstall_tor_bundle.sh"
+	set doomed_path_list to {default_tor_path, default_privoxy_path, default_tor_startup_path, default_privoxy_startup_path}
+	
+	-- Display what we're removing and ask for validation
+	-- this is the simplest way to do this
+	set remove_me to display dialog "Welcome to the Tor + Privoxy Uninstaller.  This program will remove:" & return & return & POSIX path of default_tor_path & return & POSIX path of default_privoxy_path & return & POSIX path of default_tor_startup_path & return & POSIX path of default_privoxy_startup_path & return & return & "If this looks correct, choose Yes.  Otherwise, choose No." buttons {"Yes", "No"} default button "No"
+	
+	-- Run a shell script to do all the unix work since applescript can't see it at all
+	if button returned of result is "Yes" then
+		try
+			do shell script (POSIX path of shell_script) with administrator privileges
+		on error
+			display dialog "Too many errors, quitting." buttons {"Quit"} default button "Quit" with icon stop giving up after 3
+			quit
+		end try
+		-- So Long and Thanks for all the Fish!
+		display dialog "Thank you for using tor!" buttons {"Ok"} giving up after 3
+	else
+		display dialog "Thank you for your continued use of Tor & Privoxy" buttons {"You're welcome."} giving up after 3
+	end if
+	
+end run
+-- We're done
--- a/contrib/osx/TorbuttonDesc.plist
+++ b/contrib/osx/TorbuttonDesc.plist
@ -0,0 +1,10 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+<dict>
+	<key>IFPkgDescriptionTitle</key>
+	<string>Torbutton Extension for Firefox</string>
+	<key>IFPkgDescriptionVersion</key>
+	<string>0.1</string>
+</dict>
+</plist>
--- a/contrib/osx/TorbuttonInfo.plist
+++ b/contrib/osx/TorbuttonInfo.plist
@ -0,0 +1,22 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+<dict>
+	<key>CFBundleIdentifier</key>
+	<string>Torbutton Extension for Firefox</string>
+	<key>CFBundleGetInfoString</key>
+	<string>Torbutton configuration for Tor</string>
+	<key>CFBundleName</key>
+	<string>Torbutton configuration for Tor</string>
+	<key>CFBundleSortVersionString</key>
+	<string>0.1</string>
+	<key>IFPkgFlagAuthorizationAction</key>
+	<string>RootAuthorization</string>
+        <key>IFPkgFlagRestartAction</key>
+        <string>RecommendedRestart</string>
+	<key>IFPkgFlagFollowLinks</key>
+	<true/>
+	<key>IFPkgFlagIsRequired</key>
+	<false/>
+</dict>
+</plist>
--- a/contrib/osx/addsysuser
+++ b/contrib/osx/addsysuser
@ -0,0 +1,83 @@
+#!/bin/sh
+#
+# Original adduser 05 Feb 2002 by Jon L. Gardner
+#
+# Modified for Tor installer by Nick Mathewson
+# 2007-06-12 Modified for leopard by Andrew Lewman
+# Copyright (c) 2007 Andrew Lewman
+#
+
+
+ROOTPROP=/
+
+if [ "`whoami`" != "root" ]; then
+  echo "You must be root to execute this script."
+  exit
+fi
+if [ "x$3" = "x" ]; then
+  echo 'Usage: addsysuser <username> "<full name>" <homedir>'
+  exit 0
+fi
+
+username=$1
+realname=$2
+homedir=$3
+
+if [ -x /usr/bin/dscl ]; then
+  # Determine the gid of the daemon group
+  gid=`dscl . -read /groups/daemon gid`
+  if [ "x`dscl . -list /users|cut -f2 -d' '|grep $username`" != "x" ]; then
+    echo The account $username already exists.
+    exit 0
+  fi
+  if [ -x /usr/bin/nidump ]; then
+    uiddef=`nidump passwd / | cut -d: -f3 | sort -n | grep -v '^[56789]..' |grep -v '^....$' | tail -n 1`
+  else
+    _tmp=/tmp/_dsexport_tmp.txt.$$
+    rm -f $_tmp
+    dsexport $_tmp '/Local/Default' 'dsRecTypeStandard:Users' > /dev/null 2>&1
+    uiddef=`cat $_tmp | sed 's/\\\://g' | cut -d: -f6 | grep '^[0-9]' | sort -n | grep -v '^[56789]..' | grep -v '^....$' | tail -n 1`
+    rm -f $_tmp
+  fi
+  uiddef=`echo $uiddef + 1 | bc`
+  dscl . -create /users/$username uid $uiddef
+  # home is the local path to the home directory
+  home=/Users/$username
+  echo Creating account for $username...
+  dscl . -create /users/$username
+  dscl . -create /users/$username _writers_tim_passwd $username
+  dscl . -create /users/$username realname $realname
+  dscl . -create /users/$username _writers_passwd $username
+  dscl . -create /users/$username gid $gid
+  dscl . -create /users/$username home $homedir
+  dscl . -create /users/$username name $username
+  dscl . -create /users/$username passwd '*'
+  dscl . -create /users/$username shell /dev/null
+else
+  # Determine the gid of the daemon group
+  gid=`niutil -readprop $ROOTPROP /groups/daemon gid`
+  if [ "x`niutil -list $ROOTPROP /users|cut -f2 -d' '|grep $username`" != "x" ]; then
+   echo The account $username already exists.
+   exit 0
+  fi
+  # home is the local path to the home directory
+  home=/Users/$username
+  # defhome is what goes into NetInfo
+  defhome="/Network/Servers/MyServer/Users"
+  #echo "Determining next available system uid (please be patient)..."
+  # Uids over 500 are for system users.
+  uiddef=`nidump passwd / | cut -d: -f3 | sort -n | grep -v '^[56789]..' |grep -v '^....$' | tail -n 1`
+  uiddef=`echo $uiddef + 1 |bc`
+  echo Creating account for $username...
+  niutil -create $ROOTPROP /users/$username
+  niutil -createprop $ROOTPROP /users/$username _writers_tim_passwd $username
+  niutil -createprop $ROOTPROP /users/$username realname $realname
+  niutil -createprop $ROOTPROP /users/$username _writers_passwd $username
+  niutil -createprop $ROOTPROP /users/$username uid $uiddef
+  #niutil -createprop $ROOTPROP /users/$username home_loc "<home_dir><url>afp://afp.server.com/Users/</url><path>$username</path></home_dir>"
+  niutil -createprop $ROOTPROP /users/$username gid $gid
+  niutil -createprop $ROOTPROP /users/$username home $homedir
+  niutil -createprop $ROOTPROP /users/$username name $username
+  niutil -createprop $ROOTPROP /users/$username passwd '*'
+  niutil -createprop $ROOTPROP /users/$username shell /dev/null
+fi
--- a/contrib/osx/org.torproject.tor.plist
+++ b/contrib/osx/org.torproject.tor.plist
@ -0,0 +1,26 @@
+<?xml version=\"1.0\" encoding=\"UTF-8\"?>
+<!DOCTYPE plist PUBLIC \"-//Apple Computer//DTD PLIST 1.0//EN\"
+        \"http://www.apple.com/DTDs/PropertyList-1.0.dtd\">
+<plist version=\"1.0\">
+<dict>
+        <key>Label</key>
+        <string>org.torproject.tor</string>
+        <key>ProgramArguments</key>
+        <array>
+                <string>/usr/bin/tor</string>
+                <string>-f</string>
+                <string>/Library/Tor/torrc</string>
+        </array>
+        <key>RunAtLoad</key>
+        <true/>
+    <key>OnDemand</key>
+    <false/>
+
+    <key>UserName</key>
+    <string>_tor</string>
+    <key>GroupName</key>
+    <string>daemon</string>
+
+</dict>
+
+</plist>
--- a/contrib/osx/package.sh
+++ b/contrib/osx/package.sh
@ -0,0 +1,163 @@
+#!/bin/sh
+# $Id$
+# Copyright 2004-2005 Nick Mathewson. 
+# Copyright 2005-2007 Andrew Lewman
+# Copyright 2008 The Tor Project
+# See LICENSE in Tor distribution for licensing information.
+
+# This script builds a Macintosh OS X metapackage containing 2 packages:
+#    - One for Tor.
+#    - One for Startup scripts for Tor.
+#
+# This script expects to be run from the toplevel makefile, with VERSION
+# set to the latest Tor version, and Tor already built.
+#
+
+# Read the documentation located in tor/doc/tor-osx-dmg-creation.txt on
+# how to build Tor for OSX
+
+###
+# Helpful info on OS X packaging:
+#   http://developer.apple.com/documentation/DeveloperTools/Conceptual/SoftwareDistribution/index.html
+#   man packagemaker
+
+# Make sure VERSION is set, so we don't name the package
+# "Tor--$ARCH-Bundle.dmg"
+if [ "XX$VERSION" = 'XX' ]; then
+  echo "VERSION not set."
+  exit 1
+fi
+
+## Determine OSX Version
+# map version to name
+if [ -x /usr/bin/sw_vers ]; then
+# This is poor, yet functional.  We don't care about the 3rd number in
+# the OS version
+  OSVER=`/usr/bin/sw_vers | grep ProductVersion | cut -f2 | cut -d"." -f1,2`
+    case "$OSVER" in
+    "10.6") ARCH="universal";;
+    "10.5") ARCH="universal";;
+	"10.4") ARCH="universal";;
+	"10.3") ARCH="ppc";;
+	"10.2") ARCH="ppc";;
+	"10.1") ARCH="ppc";;
+	"10.0") ARCH="ppc";;
+	*) ARCH="unknown";;
+    esac
+else
+  ARCH="unknown"
+fi
+
+# Where will we put our temporary files?
+BUILD_DIR=/tmp/tor-osx-$$
+# Path to PackageMaker app.
+PACKAGEMAKER=/Developer/Applications/Utilities/PackageMaker.app/Contents/MacOS/PackageMaker
+
+umask 022
+
+echo I might ask you for your password now, so you can sudo.
+
+sudo rm -rf $BUILD_DIR
+mkdir $BUILD_DIR || exit 1
+for subdir in tor_packageroot tor_resources \
+              torstartup_packageroot \
+              torbundle_resources \
+              output; do
+    mkdir $BUILD_DIR/$subdir
+done
+
+### Make Tor package.
+
+make install DESTDIR=$BUILD_DIR/tor_packageroot
+cp contrib/osx/ReadMe.rtf $BUILD_DIR/tor_resources
+chmod 755 contrib/osx/TorPostflight
+cp contrib/osx/TorPostflight $BUILD_DIR/tor_resources/postflight
+cp contrib/osx/addsysuser $BUILD_DIR/tor_resources/addsysuser
+cp contrib/osx/Tor_Uninstaller.applescript $BUILD_DIR/tor_resources/Tor_Uninstaller.applescript
+cp contrib/osx/uninstall_tor_bundle.sh $BUILD_DIR/tor_resources/uninstall_tor_bundle.sh
+cp contrib/osx/package_list.txt $BUILD_DIR/tor_resources/package_list.txt
+cp contrib/osx/tor_logo.gif $BUILD_DIR/tor_resources/background.gif
+cp src/config/geoip $BUILD_DIR/tor_resources/geoip
+cat <<EOF > $BUILD_DIR/tor_resources/Welcome.txt
+Tor: an anonymous Internet communication system
+
+Tor is a system for using the internet anonymously, and allowing
+others to do so.
+EOF
+
+### Assemble documentation
+
+DOC=$BUILD_DIR/tor_resources/documents
+mkdir $DOC
+mkdir $DOC/howto
+cp AUTHORS $DOC/AUTHORS.txt
+groff doc/tor.1.in -T ps -m man | pstopdf -i -o $DOC/tor-reference.pdf
+groff doc/tor-resolve.1 -T ps -m man | pstopdf -i -o $DOC/tor-resolve.pdf
+mkdir $DOC/Advanced
+cp	doc/spec/tor-spec.txt         \
+	doc/spec/rend-spec.txt        \
+	doc/spec/control-spec.txt     \
+	doc/spec/socks-extensions.txt \
+	doc/spec/version-spec.txt     \
+	doc/spec/address-spec.txt     \
+	doc/spec/path-spec.txt        \
+	$DOC/Advanced
+
+cp doc/HACKING $DOC/Advanced/HACKING.txt
+cp ChangeLog $DOC/Advanced/ChangeLog.txt
+
+find $BUILD_DIR/tor_packageroot -print0 |sudo xargs -0 chown root:wheel
+
+$PACKAGEMAKER -build              \
+    -p $BUILD_DIR/output/Tor.pkg  \
+    -f $BUILD_DIR/tor_packageroot \
+    -r $BUILD_DIR/tor_resources   \
+    -i contrib/osx/TorInfo.plist  \
+    -d contrib/osx/TorDesc.plist
+
+### Make Startup Script package
+
+mkdir -p $BUILD_DIR/torstartup_packageroot/Library/StartupItems/Tor
+cp contrib/osx/Tor contrib/osx/StartupParameters.plist \
+   $BUILD_DIR/torstartup_packageroot/Library/StartupItems/Tor
+
+find $BUILD_DIR/torstartup_packageroot -print0 | sudo xargs -0 chown root:wheel
+
+$PACKAGEMAKER -build 		       \
+  -p $BUILD_DIR/output/torstartup.pkg  \
+  -f $BUILD_DIR/torstartup_packageroot \
+  -i contrib/osx/TorStartupInfo.plist  \
+  -d contrib/osx/TorStartupDesc.plist
+
+### Assemble the metapackage.  Packagemaker won't buld metapackages from
+# the command line, so we need to do it by hand.
+
+MPKG=$BUILD_DIR/output/Tor-$VERSION-$ARCH-Bundle.mpkg
+mkdir -p "$MPKG/Contents/Resources"
+echo -n "pmkrpkg1" > "$MPKG/Contents/PkgInfo"
+cp contrib/osx/ReadMe.rtf "$MPKG/Contents/Resources"
+cp contrib/osx/TorBundleInfo.plist "$MPKG/Contents/Info.plist"
+cp contrib/osx/TorBundleWelcome.rtf "$MPKG/Contents/Resources/Welcome.rtf"
+cp contrib/osx/TorBundleDesc.plist "$MPKG/Contents/Resources/Description.plist"
+cp contrib/osx/tor_logo.gif "$MPKG/Contents/Resources/background.gif"
+
+# Move all the subpackages into place.  
+mkdir $BUILD_DIR/output/.contained_packages
+mv $BUILD_DIR/output/*.pkg $BUILD_DIR/OUTPUT/.contained_packages
+( cd $BUILD_DIR/output/.contained_packages )
+
+### Copy readmes and licenses into toplevel.
+cp contrib/osx/ReadMe.rtf $BUILD_DIR/output/Tor\ ReadMe.rtf
+cp LICENSE $BUILD_DIR/output/Tor\ License.txt
+
+### Package it all into a DMG
+
+find $BUILD_DIR/output -print0 | sudo xargs -0 chown root:wheel
+
+mv $BUILD_DIR/output "$BUILD_DIR/Tor-$VERSION-$ARCH-Bundle"
+rm -f "Tor-$VERSION-$ARCH-Bundle.dmg"
+USER="`whoami`"
+sudo hdiutil create -format UDZO -imagekey zlib-level=9 -srcfolder "$BUILD_DIR/Tor-$VERSION-$ARCH-Bundle" "Tor-$VERSION-$ARCH-Bundle.dmg"
+sudo chown "$USER" "Tor-$VERSION-$ARCH-Bundle.dmg"
+
+sudo rm -rf $BUILD_DIR
--- a/contrib/osx/package_list.txt
+++ b/contrib/osx/package_list.txt
@ -0,0 +1,6 @@
+Tor
+Privoxy
+torstartup
+privoxyconf
+Vidalia
+torbutton
--- a/Show More
+++ b/Show More