* commit 'tor-0.2.2.9-alpha': (90 commits)
  Mark 160 and 161 as Finished.
  elevate a changelog entry, and get my mailto out of the man page
  Make expand_filename into a tor_strdup() alias on windows.
  Remove some redundant code in options_save_current()
  Expand homedirs in paths passed to tor-checkkey
  Zero a cipher completely before freeing it
  Break early on unknown extendcircuit purpose
  Fix a memory leak, found by coverity
  Remove some redundand code in control.c
  Update the osx dmg creation instructions
  network-status-version must come first in a vote/consensus
  we have two faqs for now
  we deleted AUTHORS, so don't put it in the tarball
  prepare for 0.2.2.9-alpha
  put 0.2.1.24 in release notes too
  bump to 0.2.1.24
  minor fixes in proposal 169
  fix typo and garbage grammar
  Make the DNSPort option work with libevent 2.x
  Future-proof the control protocol by ignoring unrecognized keyword args
  ...

On Windows, we don't have a notion of ~ meaning "our homedir", so we
were deliberately using an #ifdef to avoid calling expand_filename()
in multiple places.  This is silly: The right place to turn a function
into a no-op on a single platform is in the function itself, not in
every single call-site.

get_torrc_fname() does the same thing we did in this code, so let's
replace it.

This is so that coverity stops complaining about using a user-supplied
string with the open() syscall. Let's see if it works.

We used to only zero the first ptrsize bytes of the cipher. Since
cipher is large enough, we didn't zero too many bytes. Discovered
and fixed by ekir. Fixes bug 1254.

Don't continue handling EXTENDCIRCUIT messages when we get an
unknown purpose.

Found by coverity

Make sure we follow basic whitespace sanity principles, update a
few links

Spec conformance issue: The code didn't force the network-status-version
token to be the first token in a v3 vote or consensus.

Problem discovered by Parakeep.

Conflicts:

	ChangeLog
	configure.in
	contrib/tor-mingw.nsi.in
	src/win32/orconfig.h

still need to finish reading it, but so far so good

Conflicts:
	ChangeLog

We need to use evdns_add_server_port_with_base() when configuring
our DNS listener, because libevent segfaults otherwise. Add a macro
in compat_libevent.h to pick the correct implementation depending
on the libevent version.

Fixes bug 1143, found by SwissTorExit

Also add a comment about an odd CBT timeout edgecase.

Conflicts:
	ChangeLog
	configure.in
	contrib/tor-mingw.nsi.in
	src/win32/orconfig.h

This time, set the SSL3_FLAGS_ALLOW_UNSAFE_RENEGOTIATION flag on every
version before OpenSSL 0.9.8l.  I can confirm that the option value (0x0010)
wasn't reused until OpenSSL 1.0.0beta3.