diff --git a/ChangeLog b/ChangeLog
index 81f7f018f5..8cc1883ef4 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -65,7 +65,7 @@ Changes in version 0.1.2.5-alpha - 2007-01-03
       count the failure against the total number of failures allowed
       for the thing we're trying to download.
     - Report X-Your-Address-Is correctly from tunneled directory
-      connections; don't report X-Your-Address-Is is when it's an internal
+      connections; don't report X-Your-Address-Is when it's an internal
       address; and never believe reported remote addresses when they're
       internal.
     - Add client-side caching for reverse DNS lookups.
diff --git a/doc/tor.1.in b/doc/tor.1.in
index 7efeaac77d..21fd64be8a 100644
--- a/doc/tor.1.in
+++ b/doc/tor.1.in
@@ -504,7 +504,7 @@ When a controller asks for a virtual (unused) address with the
 When this option is enabled, Tor blocks hostnames containing illegal
 characters (like @ and :) rather than sending them to an exit node to be
 resolved.  This helps trap accidental attempts to resolve URLs and so on.
-(Default: 1)
+(Default: 0)
 .LP
 .TP
 \fBFastFirstHopPK \fR\fB0\fR|fB1\fR\fP
diff --git a/src/or/connection_edge.c b/src/or/connection_edge.c
index c4b2a6e575..e183512ecf 100644
--- a/src/or/connection_edge.c
+++ b/src/or/connection_edge.c
@@ -673,14 +673,14 @@ addressmap_rewrite(char *address, size_t maxlen)
       return; /* done, no rewrite needed */
 
     cp = tor_strdup(escaped_safe_str(ent->new_address));
-    log_info(LD_APP, "Addressmap: rewriting '%s' to '%s'",
+    log_info(LD_APP, "Addressmap: rewriting %s to %s",
              escaped_safe_str(address), cp);
     tor_free(cp);
     strlcpy(address, ent->new_address, maxlen);
   }
   log_warn(LD_CONFIG,
-           "Loop detected: we've rewritten '%s' 16 times! Using it as-is.",
-           safe_str(address));
+           "Loop detected: we've rewritten %s 16 times! Using it as-is.",
+           escaped_safe_str(address));
   /* it's fine to rewrite a rewrite, but don't loop forever */
 }
 
@@ -696,7 +696,7 @@ addressmap_rewrite_reverse(char *address, size_t maxlen)
   ent = strmap_get(addressmap, s);
   if (ent) {
     cp = tor_strdup(escaped_safe_str(ent->new_address));
-    log_info(LD_APP, "Rewrote reverse lookup '%s' -> '%s'",
+    log_info(LD_APP, "Rewrote reverse lookup %s -> %s",
              escaped_safe_str(s), cp);
     tor_free(cp);
     strlcpy(address, ent->new_address, maxlen);
diff --git a/src/or/directory.c b/src/or/directory.c
index 0d8934776a..5aea7c57d3 100644
--- a/src/or/directory.c
+++ b/src/or/directory.c
@@ -47,9 +47,10 @@ static int purpose_is_private(uint8_t purpose);
 static char *http_get_header(const char *headers, const char *which);
 static void http_set_address_origin(const char *headers, connection_t *conn);
 static void connection_dir_download_networkstatus_failed(
-                                      dir_connection_t *conn, int status);
+                               dir_connection_t *conn, int status_code);
 static void connection_dir_download_routerdesc_failed(dir_connection_t *conn);
-static void dir_networkstatus_download_failed(smartlist_t *failed, int status);
+static void dir_networkstatus_download_failed(smartlist_t *failed,
+                                              int status_code);
 static void dir_routerdesc_download_failed(smartlist_t *failed,
                                            int status_code);
 static void note_request(const char *key, size_t bytes);
@@ -318,7 +319,7 @@ connection_dir_request_failed(dir_connection_t *conn)
  */
 static void
 connection_dir_download_networkstatus_failed(dir_connection_t *conn,
-                                             int status)
+                                             int status_code)
 {
   if (!conn->requested_resource) {
     /* We never reached directory_send_command, which means that we never
@@ -342,7 +343,7 @@ connection_dir_download_networkstatus_failed(dir_connection_t *conn,
     dir_split_resource_into_fingerprints(conn->requested_resource+3,
                                          failed, NULL, 0, 0);
     if (smartlist_len(failed)) {
-      dir_networkstatus_download_failed(failed, status);
+      dir_networkstatus_download_failed(failed, status_code);
       SMARTLIST_FOREACH(failed, char *, cp, tor_free(cp));
     }
     smartlist_free(failed);
@@ -1957,9 +1958,9 @@ connection_dir_finished_connecting(dir_connection_t *conn)
  * fingerprints listed in <b>failed</>).  Mark those fingerprints as having
  * failed once, unless they failed with status code 503. */
 static void
-dir_networkstatus_download_failed(smartlist_t *failed, int status)
+dir_networkstatus_download_failed(smartlist_t *failed, int status_code)
 {
-  if (status == 503)
+  if (status_code == 503)
     return;
   SMARTLIST_FOREACH(failed, const char *, fp,
   {
diff --git a/src/or/routerlist.c b/src/or/routerlist.c
index ebffadd839..3b99c3e7ef 100644
--- a/src/or/routerlist.c
+++ b/src/or/routerlist.c
@@ -570,7 +570,7 @@ router_pick_directory_server_impl(int requireother, int fascistfirewall,
     result = smartlist_choose(tunnel);
   } else if (smartlist_len(overloaded_tunnel)) {
     result = smartlist_choose(overloaded_tunnel);
-  } else if (trusted_tunnel) {
+  } else if (smartlist_len(trusted_tunnel)) {
     /* FFFF We don't distinguish between trusteds and overloaded trusteds
      * yet. Maybe one day we should. */
     result = smartlist_choose(trusted_tunnel);