Resolve a bunch of FIXME items; mark a lot more for attention; ask for clarification on some. Turn all XXXX008 ("showstopper for 0.0.8 release") items into XXXX009 or XXXX, since plainly they were not showstoppers for 0.0.8. Add/clean some docs.

svn:r2808

src/common/util.c

@@ -1028,8 +1028,9 @@ int is_internal_IP(uint32_t ip) {
 }
 
 /** Return true iff <b>ip</b> (in host order) is judged to be on the
- * same network as us. For now, check if it's an internal IP. For XXX008,
- * also check if it's on the same class C network as our public IP.
+ * same network as us. For now, check if it's an internal IP.
+ *
+ * XXX Also check if it's on the same class C network as our public IP.
  */
 int is_local_IP(uint32_t ip) {
   return is_internal_IP(ip);

src/or/circuitbuild.c

@@ -422,7 +422,8 @@ int circuit_send_next_onion_skin(circuit_t *circ) {
       if(!has_completed_circuit) {
         has_completed_circuit=1;
         log_fn(LOG_NOTICE,"Tor has successfully opened a circuit. Looks like it's working.");
-// XXX008 put a count of known routers here
+        /* XXX009 put a count of known routers here */
+        /* XXXX "Put?" Do you mean log, or something else? -NM */
       }
       circuit_rep_hist_note_result(circ);
       circuit_has_opened(circ); /* do other actions as necessary */

src/or/config.c

@@ -93,6 +93,7 @@ static config_var_t config_vars[] = {
   VAR("ClientOnly",          BOOL,     ClientOnly,           "0"),
   VAR("ContactInfo",         STRING,   ContactInfo,          NULL),
   VAR("ControlPort",         UINT,     ControlPort,          "0"),
+  VAR("CookieAuthentication",BOOL,     CookieAuthentication, "0"),
   VAR("DebugLogFile",        STRING,   DebugLogFile,         NULL),
   VAR("DataDirectory",       STRING,   DataDirectory,        NULL),
   VAR("DirPort",             UINT,     DirPort,              "0"),
@@ -294,6 +295,8 @@ options_act(void) {
   if(options->PidFile)
     write_pidfile(options->PidFile);
 
+  init_cookie_authentication(options->CookieAuthentication);
+
   /* reload keys as needed for rendezvous services. */
   if (rend_service_load_keys()<0) {
     log_fn(LOG_ERR,"Error reloading rendezvous service keys");
@@ -1173,6 +1176,14 @@ options_validate(or_options_t *options)
     }
   }
 
+  if (options->HashedControlPassword) {
+    char buf[S2K_SPECIFIER_LEN+DIGEST_LEN];
+    if (base64_decode(buf,sizeof(buf),options->HashedControlPassword,
+                      strlen(options->HashedControlPassword)!=sizeof(buf))) {
+      log_fn(LOG_WARN,"Bad HashedControlPassword: wrong length or bad base64");
+      result = -1;
+    }
+  }
   if (check_nickname_list(options->ExitNodes, "ExitNodes"))
     result = -1;
   if (check_nickname_list(options->EntryNodes, "EntryNodes"))

src/or/connection.c

@@ -833,7 +833,7 @@ int connection_handle_read(connection_t *conn) {
        if(conn->purpose == DIR_PURPOSE_FETCH_DIR &&
           !all_trusted_directory_servers_down()) {
          log_fn(LOG_INFO,"Giving up on dirserver %s; trying another.", conn->address);
-         directory_get_from_dirserver(DIR_PURPOSE_FETCH_DIR, NULL, 0);
+         directory_get_from_dirserver(DIR_PURPOSE_FETCH_DIR, NULL);
        }
     }
     return -1;

src/or/connection_or.c

@@ -211,7 +211,7 @@ connection_t *connection_or_connect(uint32_t addr, uint16_t port,
 
   /* this function should never be called if we're already connected to
    * id_digest, but check first to be sure */
-/*XXX008 this is getting called, at least by dirservers. */
+  /*XXX this is getting called, at least by dirservers. */
   conn = connection_get_by_identity_digest(id_digest, CONN_TYPE_OR);
   if(conn) {
     tor_assert(conn->nickname);

src/or/control.c

@@ -201,7 +201,7 @@ send_control_event(uint16_t event, uint16_t len, const char *body)
     }
   }
 
-  tor_free(buf); 
+  tor_free(buf);
 }
 
 /** Called when we receive a SETCONF message: parse the body and try
@@ -331,18 +331,17 @@ static int
 handle_control_authenticate(connection_t *conn, uint16_t len, const char *body)
 {
   or_options_t *options = get_options();
-  if (len == AUTHENTICATION_COOKIE_LEN &&
-      authentication_cookie_is_set &&
-      !memcmp(authentication_cookie, body, len)) {
-    goto ok;
-  }
-  if (options->HashedControlPassword) {
+  if (options->CookieAuthentication) {
+    if (len == AUTHENTICATION_COOKIE_LEN &&
+        !memcmp(authentication_cookie, body, len)) {
+      goto ok;
+    }
+  } else if (options->HashedControlPassword) {
     char expected[S2K_SPECIFIER_LEN+DIGEST_LEN];
     char received[DIGEST_LEN];
     if (base64_decode(expected,sizeof(expected),
                       options->HashedControlPassword,
                       strlen(options->HashedControlPassword))<0) {
-      /* XXXX009 NM we should warn sooner. */
       log_fn(LOG_WARN,"Couldn't decode HashedControlPassword: invalid base64");
       goto err;
     }
@@ -350,11 +349,13 @@ handle_control_authenticate(connection_t *conn, uint16_t len, const char *body)
     if (!memcmp(expected+S2K_SPECIFIER_LEN, received, DIGEST_LEN))
       goto ok;
     goto err;
-  }
-  if (len == 0) {
-    /* if Tor doesn't demand any stronger authentication, then
-     * the controller can get in with a blank auth line. */
-    goto ok;
+  } else {
+    if (len == 0) {
+      /* if Tor doesn't demand any stronger authentication, then
+       * the controller can get in with a blank auth line. */
+      goto ok;
+    }
+    goto err;
   }
 
  err:
@@ -577,11 +578,12 @@ control_event_logmsg(int severity, const char *msg)
  * Anybody who can read the cookie from disk will be considered
  * authorized to use the control connection. */
 int
-init_cookie_authentication(void)
+init_cookie_authentication(int enabled)
 {
   char fname[512];
 
-  /* XXXX009 NM add config option to disable this. */
+  if (!enabled)
+    authentication_cookie_is_set = 0;
 
   tor_snprintf(fname, sizeof(fname), "%s/control_auth_cookie",
                get_options()->DataDirectory);

src/or/cpuworker.c

@@ -134,8 +134,8 @@ int connection_cpu_process_inbuf(connection_t *conn) {
     /* parse out the circ it was talking about */
     tag_unpack(buf, &addr, &port, &circ_id);
     circ = NULL;
-    /* XXXX This is actually right: we want a specific port here in
-     * case there are multiple connections. */
+    /* (This is actually right: we want a specific port here in
+     * case there are multiple connections.) */
     p_conn = connection_exact_get_by_addr_port(addr,port);
     if(p_conn)
       circ = circuit_get_by_circ_id_conn(circ_id, p_conn);

src/or/directory.c

@@ -31,20 +31,23 @@
 
 static void
 directory_initiate_command_router(routerinfo_t *router, uint8_t purpose,
+                                  const char *resource,
                                   const char *payload, size_t payload_len);
 static void
 directory_initiate_command_trusted_dir(trusted_dir_server_t *dirserv,
-                      uint8_t purpose, const char *payload, size_t payload_len);
-
+                                      uint8_t purpose, const char *resource,
+                                      const char *payload, size_t payload_len);
 static void
 directory_initiate_command(const char *address, uint32_t addr, uint16_t port,
                            const char *platform,
                            const char *digest, uint8_t purpose,
+                           const char *resource,
                            const char *payload, size_t payload_len);
 
 static void
 directory_send_command(connection_t *conn, const char *platform,
-                       int purpose, const char *payload, size_t payload_len);
+                       int purpose, const char *resource,
+                       const char *payload, size_t payload_len);
 static int directory_handle_command(connection_t *conn);
 
 /********* START VARIABLES **********/
@@ -136,7 +139,8 @@ directory_post_to_dirservers(uint8_t purpose, const char *payload,
         if (!smartlist_string_isin(get_options()->FirewallPorts, buf))
           continue;
       }
-      directory_initiate_command_trusted_dir(ds, purpose, payload, payload_len);
+      directory_initiate_command_trusted_dir(ds, purpose, NULL,
+                                             payload, payload_len);
     });
 }
 
@@ -146,8 +150,7 @@ directory_post_to_dirservers(uint8_t purpose, const char *payload,
  * 'DIR_PURPOSE_FETCH_DIR' or 'DIR_PURPOSE_FETCH_RENDDESC'.
  */
 void
-directory_get_from_dirserver(uint8_t purpose, const char *payload,
-                             size_t payload_len)
+directory_get_from_dirserver(uint8_t purpose, const char *resource)
 {
   routerinfo_t *r = NULL;
   trusted_dir_server_t *ds = NULL;
@@ -171,9 +174,9 @@ directory_get_from_dirserver(uint8_t purpose, const char *payload,
   }
 
   if (r)
-    directory_initiate_command_router(r, purpose, payload, payload_len);
+    directory_initiate_command_router(r, purpose, resource, NULL, 0);
   else if (ds)
-    directory_initiate_command_trusted_dir(ds, purpose, payload, payload_len);
+    directory_initiate_command_trusted_dir(ds, purpose, resource, NULL, 0);
   else
     log_fn(LOG_WARN,"No running dirservers known. Not trying. (purpose %d)", purpose);
 }
@@ -184,30 +187,42 @@ directory_get_from_dirserver(uint8_t purpose, const char *payload,
  * DIR_PURPOSE_{FETCH|UPLOAD}_{DIR|RENDDESC}.
  *
  * When uploading, <b>payload</b> and <b>payload_len</b> determine the content
- * of the HTTP post.  When fetching a rendezvous descriptor, <b>payload</b>
- * and <b>payload_len</b> are the service ID we want to fetch.
+ * of the HTTP post.  Otherwise, <b>payload</b> should be NULL.
+ *
+ * When fetching a rendezvous descriptor, <b>resource</b> is the service ID we
+ * want to fetch.
  */
 static void
 directory_initiate_command_router(routerinfo_t *router, uint8_t purpose,
+                                  const char *resource,
                                   const char *payload, size_t payload_len)
 {
   directory_initiate_command(router->address, router->addr, router->dir_port,
                              router->platform, router->identity_digest,
-                             purpose, payload, payload_len);
+                             purpose, resource, payload, payload_len);
 }
 
+/** As directory_initiate_command_router, but send the command to a trusted
+ * directory server <b>dirserv</b>. **/
 static void
 directory_initiate_command_trusted_dir(trusted_dir_server_t *dirserv,
-                      uint8_t purpose, const char *payload, size_t payload_len)
+                                       uint8_t purpose, const char *resource,
+                                       const char *payload, size_t payload_len)
 {
   directory_initiate_command(dirserv->address, dirserv->addr,dirserv->dir_port,
-                        NULL, dirserv->digest, purpose, payload, payload_len);
+               NULL, dirserv->digest, purpose, resource, payload, payload_len);
 }
 
+/** Helper for directory_initiate_command(router|trusted_dir): send the
+ * command to a server whose address is <b>address</b>, whose IP is
+ * <b>addr</b>, whose directory port is <b>dir_port</b>, whose tor version is
+ * <b>platform</b>, and whose identity key digest is <b>digest</b>. The
+ * <b>platform</b> argument is optional; the others are required. */
 static void
 directory_initiate_command(const char *address, uint32_t addr,
                            uint16_t dir_port, const char *platform,
                            const char *digest, uint8_t purpose,
+                           const char *resource,
                            const char *payload, size_t payload_len)
 {
   connection_t *conn;
@@ -267,7 +282,7 @@ directory_initiate_command(const char *address, uint32_t addr,
         if(purpose == DIR_PURPOSE_FETCH_DIR &&
            !all_trusted_directory_servers_down()) {
           log_fn(LOG_INFO,"Giving up on dirserver %s; trying another.", conn->address);
-          directory_get_from_dirserver(purpose, payload, payload_len);
+          directory_get_from_dirserver(purpose, NULL);
         }
         connection_free(conn);
         return;
@@ -276,8 +291,8 @@ directory_initiate_command(const char *address, uint32_t addr,
         /* fall through */
       case 0:
         /* queue the command on the outbuf */
-        directory_send_command(conn, platform, purpose, payload, payload_len);
-
+        directory_send_command(conn, platform, purpose, resource,
+                               payload, payload_len);
         connection_watch_events(conn, POLLIN | POLLOUT | POLLERR);
         /* writable indicates finish, readable indicates broken link,
            error indicates broken link in windowsland. */
@@ -297,18 +312,19 @@ directory_initiate_command(const char *address, uint32_t addr,
     conn->state = DIR_CONN_STATE_CLIENT_SENDING;
     connection_add(conn);
     /* queue the command on the outbuf */
-    directory_send_command(conn, platform, purpose, payload, payload_len);
+    directory_send_command(conn, platform, purpose, resource,
+                           payload, payload_len);
     connection_watch_events(conn, POLLIN | POLLOUT | POLLERR);
   }
 }
 
-/** Queue an appropriate HTTP command on conn-\>outbuf.  The args
- * <b>purpose</b>, <b>payload</b>, and <b>payload_len</b> are as in
+/** Queue an appropriate HTTP command on conn-\>outbuf.  The other args as in
  * directory_initiate_command.
  */
 static void
 directory_send_command(connection_t *conn, const char *platform,
-                       int purpose, const char *payload, size_t payload_len) {
+                       int purpose, const char *resource,
+                       const char *payload, size_t payload_len) {
   char tmp[8192];
   char proxystring[128];
   char hoststring[128];
@@ -335,42 +351,40 @@ directory_send_command(connection_t *conn, const char *platform,
 
   switch(purpose) {
     case DIR_PURPOSE_FETCH_DIR:
-      tor_assert(payload == NULL);
+      tor_assert(!resource);
+      tor_assert(!payload);
       log_fn(LOG_DEBUG, "Asking for %scompressed directory from server running %s",
              use_newer?"":"un", platform?platform:"<unknown version>");
       httpcommand = "GET";
       strlcpy(url, use_newer ? "/tor/dir.z" : "/", sizeof(url));
       break;
     case DIR_PURPOSE_FETCH_RUNNING_LIST:
-      tor_assert(payload == NULL);
+      tor_assert(!resource);
+      tor_assert(!payload);
       httpcommand = "GET";
       strlcpy(url, use_newer ? "/tor/running-routers" : "/running-routers", sizeof(url));
       break;
     case DIR_PURPOSE_UPLOAD_DIR:
+      tor_assert(!resource);
       tor_assert(payload);
       httpcommand = "POST";
       strlcpy(url, use_newer ? "/tor/" : "/", sizeof(url));
       break;
     case DIR_PURPOSE_FETCH_RENDDESC:
-      tor_assert(payload);
+      tor_assert(resource);
+      tor_assert(!payload);
 
       /* this must be true or we wouldn't be doing the lookup */
-      tor_assert(payload_len <= REND_SERVICE_ID_LEN);
+      tor_assert(strlen(payload) <= REND_SERVICE_ID_LEN);
       /* This breaks the function abstraction. */
-      memcpy(conn->rend_query, payload, payload_len);
-      conn->rend_query[payload_len] = 0;
+      strlcpy(conn->rend_query, resource, sizeof(conn->rend_query));
 
       httpcommand = "GET";
-      tor_snprintf(url, sizeof(url), "%s/rendezvous/%s", use_newer ? "/tor" : "", payload);
-
-      /* XXX We're using payload here to mean something other than
-       * payload of the http post. This is probably bad, and should
-       * be fixed one day. Kludge for now to make sure we don't post more. */
-      payload_len = 0;
-      payload = NULL;
+      tor_snprintf(url, sizeof(url), "%s/rendezvous/%s", use_newer ? "/tor" : "", resource);
 
       break;
     case DIR_PURPOSE_UPLOAD_RENDDESC:
+      tor_assert(!resource);
       tor_assert(payload);
       httpcommand = "POST";
       tor_snprintf(url, sizeof(url), "%s/rendezvous/publish", use_newer ? "/tor" : "");
@@ -439,15 +453,13 @@ parse_http_url(char *headers, char **url)
 
 /** Parse an HTTP response string <b>headers</b> of the form
  * "HTTP/1.\%d \%d\%s\r\n...".
- * If it's well-formed, assign *<b>code</b>, point *<b>message</b> to the first
- * non-space character after code if there is one and message is non-NULL
- * (else leave it alone), and return 0.
+ * If it's well-formed, assign *<b>code</b>, point  and return 0.
  * If <b>date</b> is provided, set *date to the Date header in the
  * http headers, or 0 if no such header is found.
  * Otherwise, return -1.
  */
 static int
-parse_http_response(char *headers, int *code, char **message, time_t *date,
+parse_http_response(const char *headers, int *code, time_t *date,
                     int *compression)
 {
   int n1, n2;
@@ -465,9 +477,7 @@ parse_http_response(char *headers, int *code, char **message, time_t *date,
     return -1;
   }
   *code = n2;
-  if(message) {
-    /* XXX should set *message correctly */
-  }
+
   parsed_headers = smartlist_create();
   smartlist_split_string(parsed_headers, headers, "\n",
                          SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, -1);
@@ -535,7 +545,7 @@ connection_dir_client_reached_eof(connection_t *conn)
     /* case 1, fall through */
   }
 
-  if(parse_http_response(headers, &status_code, NULL, &date_header,
+  if(parse_http_response(headers, &status_code, &date_header,
                          &compression) < 0) {
     log_fn(LOG_WARN,"Unparseable headers. Closing.");
     tor_free(body); tor_free(headers);
@@ -769,7 +779,7 @@ directory_handle_command_get(connection_t *conn, char *headers,
   if(!strcmp(url,"/tor/running-routers")) { /* running-routers fetch */
     tor_free(url);
     if(!authdir_mode(get_options())) {
-      /* XXX008 for now, we don't cache running-routers. Reject. */
+      /* For now, we don't cache running-routers. Reject. */
       connection_write_to_buf(answer400, strlen(answer400), conn);
       return 0;
     }

src/or/dns.c

@@ -169,6 +169,22 @@ static void send_resolved_cell(connection_t *conn, uint8_t answer_type)
                                conn->cpath_layer);
 }
 
+/** Link <b>r</b> into the tree of address-to-result mappings, and add it to
+ * the linked list of resolves-by-age. */
+static void
+insert_resolve(struct cached_resolve *r)
+{
+  /* add us to the linked list of resolves */
+  if (!oldest_cached_resolve) {
+    oldest_cached_resolve = r;
+  } else {
+    newest_cached_resolve->next = r;
+  }
+  newest_cached_resolve = r;
+
+  SPLAY_INSERT(cache_tree, &cache_root, r);
+}
+
 /** See if we have a cache entry for <b>exitconn</b>-\>address. if so,
  * if resolve valid, put it into <b>exitconn</b>-\>addr and return 1.
  * If resolve failed, return -1.
@@ -243,15 +259,7 @@ int dns_resolve(connection_t *exitconn) {
   resolve->pending_connections = pending_connection;
   exitconn->state = EXIT_CONN_STATE_RESOLVING;
 
-  /* add us to the linked list of resolves */
-  if (!oldest_cached_resolve) {
-    oldest_cached_resolve = resolve;
-  } else {
-    newest_cached_resolve->next = resolve;
-  }
-  newest_cached_resolve = resolve;
-
-  SPLAY_INSERT(cache_tree, &cache_root, resolve);
+  insert_resolve(resolve);
   return assign_to_dnsworker(exitconn);
 }
 
@@ -453,9 +461,13 @@ static void dns_found_answer(char *address, uint32_t addr, char outcome) {
 
   resolve = SPLAY_FIND(cache_tree, &cache_root, &search);
   if(!resolve) {
-    log_fn(LOG_INFO,"Resolved unasked address '%s'? Dropping.", address);
-    /* XXX Why drop?  Just because we don't care now doesn't mean we shouldn't
-     * XXX cache the result for later. */
+    log_fn(LOG_INFO,"Resolved unasked address '%s'; caching anyway.", address);
+    resolve = tor_malloc_zero(sizeof(struct cached_resolve));
+    resolve->state = (outcome == DNS_RESOLVE_SUCCEEDED) ?
+      CACHE_STATE_VALID : CACHE_STATE_FAILED;
+    resolve->addr = addr;
+    resolve->expire = time(NULL) + MAX_DNS_ENTRY_AGE;
+    insert_resolve(resolve);
     return;
   }
 
@@ -473,7 +485,7 @@ static void dns_found_answer(char *address, uint32_t addr, char outcome) {
    * resolve X.Y.Z. */
   /* tor_assert(resolve->state == CACHE_STATE_PENDING); */
 
-  resolve->addr = ntohl(addr);
+  resolve->addr = addr;
   if(outcome == DNS_RESOLVE_SUCCEEDED)
     resolve->state = CACHE_STATE_VALID;
   else
@@ -586,7 +598,7 @@ int connection_dns_process_inbuf(connection_t *conn) {
 
   tor_assert(success >= DNS_RESOLVE_FAILED_TRANSIENT);
   tor_assert(success <= DNS_RESOLVE_SUCCEEDED);
-  dns_found_answer(conn->address, addr, success);
+  dns_found_answer(conn->address, ntohl(addr), success);
 
   tor_free(conn->address);
   conn->address = tor_strdup("<idle>");
@@ -667,7 +679,7 @@ static int dnsworker_main(void *data) {
       result = -1;
     switch (result) {
       case 1:
-/* XXX008 result can never be 1, because we set it to -1 above on error */
+        /* XXX result can never be 1, because we set it to -1 above on error */
         log_fn(LOG_INFO,"Could not resolve dest addr %s (transient).",address);
         answer[0] = DNS_RESOLVE_FAILED_TRANSIENT;
         break;

src/or/hibernate.c

@@ -35,6 +35,10 @@ static int hibernate_state = HIBERNATE_STATE_LIVE;
  * aren't hibernating. */
 static time_t hibernate_end_time = 0;
 
+typedef enum {
+  UNIT_MONTH, UNIT_WEEK, UNIT_DAY,
+} time_unit_t;
+
 /* Fields for accounting logic.  Accounting overview:
  *
  * Accounting is designed to ensure that no more than N bytes are sent
@@ -196,6 +200,7 @@ update_expected_bandwidth(void)
   uint32_t max_configured = (get_options()->BandwidthRateBytes * 60);
   /* XXX max_configured will be false if it exceeds
    * get_options()->AccountingMaxKB*1000, right? -RD
+   * XXX Huh? Why? How? -NM
    */
 
   if (n_seconds_active_in_interval < 1800) {

src/or/main.c

@@ -441,7 +441,7 @@ static int decide_if_publishable_server(time_t now) {
   if(!options->ORPort)
     return 0;
 
-  /* XXX008 for now, you're only a server if you're a server */
+  /* XXX for now, you're only a server if you're a server */
   return server_mode(options);
 
   /* here, determine if we're reachable */
@@ -568,7 +568,7 @@ static void run_scheduled_events(time_t now) {
       router_retry_connections();
     }
 
-    directory_get_from_dirserver(DIR_PURPOSE_FETCH_DIR, NULL, 0);
+    directory_get_from_dirserver(DIR_PURPOSE_FETCH_DIR, NULL);
 
     if(!we_are_hibernating()) {
       /* Force an upload of our rend descriptors every DirFetchPostPeriod seconds. */
@@ -710,7 +710,7 @@ static int do_hup(void) {
     }
   }
   /* Fetch a new directory. Even authdirservers do this. */
-  directory_get_from_dirserver(DIR_PURPOSE_FETCH_DIR, NULL, 0);
+  directory_get_from_dirserver(DIR_PURPOSE_FETCH_DIR, NULL);
   if(server_mode(options)) {
     /* Restart cpuworker and dnsworker processes, so they get up-to-date
      * configuration options. */
@@ -750,7 +750,7 @@ static int do_main_loop(void) {
   stats_prev_global_read_bucket = global_read_bucket;
   stats_prev_global_write_bucket = global_write_bucket;
 
-/*XXX move to options_act? */
+  /*XXX009 move to options_act? */
   /* Set up accounting */
   if (get_options()->AccountingMaxKB)
     configure_accounting(time(NULL));
@@ -958,7 +958,6 @@ static int network_init(void)
     log_fn(LOG_WARN,"Error initializing windows network layer: code was %d",r);
     return -1;
   }
-  /* XXXX We should call WSACleanup on exit, I think. */
 #endif
   return 0;
 }
@@ -967,7 +966,8 @@ static int network_init(void)
  */
 static void exit_function(void)
 {
-/* XXX if we ever daemonize, this gets called immediately */
+  /* NOTE: If we ever daemonize, this gets called immediately.  That's
+   * okay for now, because we only use this on Windows.  */
 #ifdef MS_WINDOWS
   WSACleanup();
 #endif

src/or/or.h

@@ -965,6 +965,8 @@ typedef struct {
                         * hibernate." */
   char *HashedControlPassword; /**< Base64-encoded hash of a password for
                                 * the control system. */
+  int CookieAuthentication; /**< Boolean: do we enable cookie-based auth for
+                             * the control system? */
 } or_options_t;
 
 #define MAX_SOCKS_REPLY_LEN 1024
@@ -1265,7 +1267,7 @@ int control_event_or_conn_status(connection_t *conn, or_conn_status_event_t e);
 int control_event_bandwidth_used(uint32_t n_read, uint32_t n_written);
 void control_event_logmsg(int severity, const char *msg);
 
-int init_cookie_authentication(void);
+int init_cookie_authentication(int enabled);
 
 /********************************* cpuworker.c *****************************/
 
@@ -1281,8 +1283,7 @@ int assign_to_cpuworker(connection_t *cpuworker, unsigned char question_type,
 int dir_policy_permits_address(uint32_t addr);
 void directory_post_to_dirservers(uint8_t purpose, const char *payload,
                                   size_t payload_len);
-void directory_get_from_dirserver(uint8_t purpose, const char *payload,
-                                  size_t payload_len);
+void directory_get_from_dirserver(uint8_t purpose, const char *resource);
 int connection_dir_process_inbuf(connection_t *conn);
 int connection_dir_finished_flushing(connection_t *conn);
 int connection_dir_finished_connecting(connection_t *conn);

src/or/rendclient.c

@@ -246,8 +246,7 @@ rend_client_refetch_renddesc(const char *query)
     log_fn(LOG_INFO,"Would fetch a new renddesc here (for %s), but one is already in progress.", query);
   } else {
     /* not one already; initiate a dir rend desc lookup */
-    directory_get_from_dirserver(DIR_PURPOSE_FETCH_RENDDESC,
-                                 query, strlen(query));
+    directory_get_from_dirserver(DIR_PURPOSE_FETCH_RENDDESC, query);
   }
 }
 

src/or/rephist.c

@@ -176,7 +176,7 @@ void rep_hist_note_connection_died(const char* id, time_t when)
 {
   or_history_t *hist;
   if(!id) {
-    /* XXXX008 not so. */
+    /* XXXX009 Well, everybody has an ID now. Hm. */
     /* If conn has no nickname, it's either an OP, or it is an OR
      * which didn't complete its handshake (or did and was unapproved).
      * Ignore it.