diff --git a/src/or/command.c b/src/or/command.c
index 14dd4994d1..1e3027581c 100644
--- a/src/or/command.c
+++ b/src/or/command.c
@@ -118,8 +118,9 @@ command_process_cell(cell_t *cell, or_connection_t *conn)
 #define PROCESS_CELL(tp, cl, cn) command_process_ ## tp ## _cell(cl, cn)
 #endif
 
-  /* Reject all but VERSIONS when handshaking. */
-  if (handshaking && cell->command != CELL_VERSIONS)
+  /* Reject all but VERSIONS and NETINFO when handshaking. */
+  if (handshaking && cell->command != CELL_VERSIONS &&
+      cell->command != CELL_NETINFO)
     return;
 
   switch (cell->command) {
@@ -476,7 +477,8 @@ command_process_versions_cell(var_cell_t *cell, or_connection_t *conn)
   conn->link_proto = highest_supported_version;
   conn->handshake_state->received_versions = 1;
 
-  // log_notice(LD_OR, "Negotiated version %d", highest_supported_version);
+  log_info(LD_OR, "Negotiated version %d with %s",
+           highest_supported_version, safe_str(conn->_base.address));
 
   if (highest_supported_version >= 2) {
     if (connection_or_send_netinfo(conn) < 0) {
@@ -500,6 +502,7 @@ command_process_netinfo_cell(cell_t *cell, or_connection_t *conn)
   const char *cp, *end;
   uint8_t n_other_addrs;
   time_t now = time(NULL);
+
   if (conn->link_proto < 2) {
     log_fn(LOG_PROTOCOL_WARN, LD_OR,
            "Received a NETINFO cell on %s connection; dropping.",
@@ -562,5 +565,16 @@ command_process_netinfo_cell(cell_t *cell, or_connection_t *conn)
   }
 
   conn->handshake_state->received_netinfo = 1;
+
+  if (conn->handshake_state->apparently_canonical) {
+    conn->is_canonical = 1;
+  }
+  if (connection_or_act_on_netinfo(conn)<0 ||
+      connection_or_set_state_open(conn)<0)
+    connection_mark_for_close(TO_CONN(conn));
+
+  log_info(LD_OR, "Got good NETINFO cell from %s",
+           safe_str(conn->_base.address));
+  assert_connection_ok(TO_CONN(conn),time(NULL));
 }
 
diff --git a/src/or/connection_or.c b/src/or/connection_or.c
index de6f58cd0c..f2bd54a494 100644
--- a/src/or/connection_or.c
+++ b/src/or/connection_or.c
@@ -597,12 +597,6 @@ connection_or_tls_renegotiated_cb(tor_tls_t *tls, void *_conn)
     /* XXXX_TLS double-check that this verifies certificates. */
     connection_mark_for_close(TO_CONN(conn));
   }
-
-#if 0
-  /* XXXX_TLS this happens later, right? */
-  connection_or_init_conn_from_address(conn, conn->_base.addr,
-                                       conn->_base.port, id_digest, 0);
-#endif
 }
 
 /** Move forward with the tls handshake. If it finishes, hand
@@ -806,31 +800,6 @@ connection_or_check_valid_tls_handshake(or_connection_t *conn,
   return 0;
 }
 
-#if 0
-/** DOCDOC */
-int
-connection_or_finish_or_handshake(or_connection_t *conn)
-{
-  char id_digest[DIGEST_LEN];
-  tor_assert(conn);
-  tor_assert(conn->handshake_state);
-  tor_assert(conn->link_proto >= 2);
-  tor_assert(conn->handshake_state->received_versions != 0);
-  tor_assert(conn->handshake_state->received_netinfo != 0);
-  tor_assert(conn->handshake_state->received_certs != 0);
-
-  if (connection_or_check_valid_tls_handshake(conn,
-                                  conn->handshake_state->started_here,
-                                              id_digest) < 0)
-    return -1;
-  connection_or_init_conn_from_address(conn, conn->_base.addr,
-                                       conn->_base.port, id_digest, 0);
-  if (connection_or_act_on_netinfo(conn)<0)
-    return -1;
-  return connection_or_set_state_open(conn);
-}
-#endif
-
 /** The tls handshake is finished.
  *
  * Make sure we are happy with the person we just handshaked with.
@@ -868,6 +837,10 @@ connection_tls_finish_handshake(or_connection_t *conn)
     conn->_base.state = OR_CONN_STATE_OR_HANDSHAKING;
     if (connection_init_or_handshake_state(conn, started_here) < 0)
       return -1;
+    if (!started_here) {
+      connection_or_init_conn_from_address(conn,conn->_base.addr,
+                                           conn->_base.port, digest_rcvd, 0);
+    }
     return connection_or_send_versions(conn);
   }
 }
@@ -917,7 +890,7 @@ connection_or_set_state_open(or_connection_t *conn)
     or_handshake_state_free(conn->handshake_state);
     conn->handshake_state = NULL;
   }
-  connection_watch_events(TO_CONN(conn), EV_READ);
+  connection_start_reading(TO_CONN(conn));
   circuit_n_conn_done(conn, 1); /* send the pending creates, if any. */
 
   return 0;
@@ -1117,6 +1090,7 @@ int
 connection_or_act_on_netinfo(or_connection_t *conn)
 {
   long delta;
+  /*XXXX020 merge this into handle_netinfo.*/
   if (!conn->handshake_state)
     return -1;
 
@@ -1142,12 +1116,10 @@ connection_or_act_on_netinfo(or_connection_t *conn)
                                  delta, conn->_base.address, conn->_base.port);
   }
 
-  /* XXX020 possibly, learn my address from my_apparent_addr */
-
-  if (conn->handshake_state->apparently_canonical) {
+  if (conn->handshake_state->apparently_canonical)
     conn->is_canonical = 1;
-  }
 
+  /* XXX020 possibly, learn my address from my_apparent_addr */
   return 0;
 }
 
diff --git a/src/or/or.h b/src/or/or.h
index 50c2c93375..ca6e062a41 100644
--- a/src/or/or.h
+++ b/src/or/or.h
@@ -892,9 +892,9 @@ typedef struct or_handshake_state_t {
   time_t sent_versions_at;
   unsigned int started_here : 1;
   unsigned int received_versions : 1;
-  unsigned int received_netinfo : 1;
 
-  /* from netinfo */
+  /* from netinfo: XXXX020 totally useless. */
+  unsigned int received_netinfo : 1;
   long apparent_skew;
   uint32_t my_apparent_addr;
   unsigned int apparently_canonical;