Merge remote branch 'sebastian/manpage'

.gitignore

@@ -93,6 +93,22 @@
 /doc/Makefile.in
 /doc/tor.1
 /doc/doxygen
+/doc/tor.1
+/doc/tor.1.in
+/doc/tor.html
+/doc/tor.html.in
+/doc/tor-gencert.1
+/doc/tor-gencert.1.in
+/doc/tor-gencert.html
+/doc/tor-gencert.html.in
+/doc/tor-resolve.1
+/doc/tor-resolve.1.in
+/doc/tor-resolve.html
+/doc/tor-resolve.html.in
+/doc/torify.1
+/doc/torify.1.in
+/doc/torify.html
+/doc/torify.html.in
 
 # /doc/design-paper/
 /doc/design-paper/Makefile

ChangeLog

@@ -158,6 +158,7 @@ Changes in version 0.2.2.7-alpha - 2010-01-19
     - Remove the HSAuthorityRecordStats option that version 0 hidden
       service authorities could have used to track statistics of overall
       hidden service usage.
+    - Stop shipping parts of the website in the tarballs.
 
 
 Changes in version 0.2.1.22 - 2010-01-19

configure.in

@@ -109,6 +109,10 @@ AC_PROG_RANLIB
 dnl autoconf 2.59 appears not to support AC_PROG_SED
 AC_CHECK_PROG([SED],[sed],[sed],[/bin/false])
 
+dnl check for asciidoc and a2x
+AC_PATH_PROG([ASCIIDOC], [asciidoc], none)
+AC_PATH_PROG([A2X], [a2x], none)
+
 AC_PATH_PROG([SHA1SUM], [sha1sum], none)
 AC_PATH_PROG([OPENSSL], [openssl], none)
 
@@ -872,7 +876,7 @@ fi
 
 CPPFLAGS="$CPPFLAGS $TOR_CPPFLAGS_libevent $TOR_CPPFLAGS_openssl $TOR_CPPFLAGS_zlib"
 
-AC_CONFIG_FILES([Makefile tor.spec Doxyfile contrib/tor.sh contrib/torctl contrib/torify contrib/tor.logrotate contrib/Makefile contrib/osx/Makefile contrib/osx/TorBundleDesc.plist contrib/osx/TorBundleInfo.plist contrib/osx/TorDesc.plist contrib/osx/TorInfo.plist contrib/osx/TorStartupDesc.plist src/config/torrc.sample doc/tor.1 src/Makefile doc/Makefile doc/design-paper/Makefile doc/spec/Makefile src/config/Makefile src/common/Makefile src/or/Makefile src/test/Makefile src/win32/Makefile src/tools/Makefile contrib/suse/Makefile contrib/suse/tor.sh])
+AC_CONFIG_FILES([Makefile tor.spec Doxyfile contrib/tor.sh contrib/torctl contrib/torify contrib/tor.logrotate contrib/Makefile contrib/osx/Makefile contrib/osx/TorBundleDesc.plist contrib/osx/TorBundleInfo.plist contrib/osx/TorDesc.plist contrib/osx/TorInfo.plist contrib/osx/TorStartupDesc.plist src/config/torrc.sample src/Makefile doc/Makefile doc/design-paper/Makefile doc/spec/Makefile src/config/Makefile src/common/Makefile src/or/Makefile src/test/Makefile src/win32/Makefile src/tools/Makefile contrib/suse/Makefile contrib/suse/tor.sh])
 AC_OUTPUT
 
 if test -x /usr/bin/perl && test -x ./contrib/updateVersions.pl ; then

contrib/Makefile.am

@@ -3,10 +3,8 @@ DIST_SUBDIRS = osx suse
 
 confdir = $(sysconfdir)/tor
 
-EXTRA_DIST = exitlist tor-tsocks.conf torify.1 tor.nsi.in tor.sh torctl rc.subr cross.sh tor-mingw.nsi.in package_nsis-mingw.sh tor.ico tor-ctrl.sh linux-tor-prio.sh tor-exit-notice.html
+EXTRA_DIST = exitlist tor-tsocks.conf tor.nsi.in tor.sh torctl rc.subr cross.sh tor-mingw.nsi.in package_nsis-mingw.sh tor.ico tor-ctrl.sh linux-tor-prio.sh tor-exit-notice.html
 
 conf_DATA = tor-tsocks.conf
 
 bin_SCRIPTS = torify
-
-man_MANS = torify.1

contrib/torify.1

@@ -1,42 +0,0 @@
-.TH torify 1 "" Jan-2009 ""
-.\" manual page by Peter Palfrader and Jacob Appelbaum
-.SH NAME
-.LP
-torify \- wrapper for torsocks or tsocks and tor
-
-.SH SYNOPSIS
-\fBtorify\fP\ \fIapplication\fP\ [\fIapplication's\ arguments\fP]
-
-.SH DESCRIPTION
-\fBtorify\fR is a simple wrapper that attempts to find the best underlying Tor
-wrapper available on a system. It calls torsocks or tsocks with a tor specific
-configuration file.
-
-torsocks is an improved wrapper that explictly rejects UDP, safely resolves DNS
-lookups and properly socksifies your TCP connections.
-
-tsocks itself is a wrapper between the tsocks library and the application
-that you would like to run socksified.
-
-Please note that since both method use LD_PRELOAD, torify cannot be applied
-to suid binaries.
-
-.SH WARNING
-You should also be aware that the way tsocks currently works only TCP
-connections are socksified.  Be aware that this will in most circumstances
-not include hostname lookups which would still be routed through your
-normal system resolver to your usual resolving nameservers.  The
-\fBtor-resolve\fR(1) tool can be useful as a workaround in some cases.
-The Tor FAQ at https://wiki.torproject.org/noreply/TheOnionRouter/TorFAQ might
-have further information on this subject.
-
-When used with torsocks, torify should not leak DNS requests or UDP data.
-
-Both will leak ICMP data.
-
-.SH SEE ALSO
-.BR tor (1),
-.BR tor-resolve (1),
-.BR torsocks (1),
-.BR tsocks (1),
-.BR tsocks.conf (5).

doc/Makefile.am

@@ -1,31 +1,72 @@
 
-EXTRA_DIST = website img HACKING                             \
-             tor-resolve.1 tor-gencert.1                     \
+# We use a two-step process to generate documentation from asciidoc files.
+#
+# First, we use asciidoc/a2x to process the asciidoc files into .1.in and
+# .html.in files (see the asciidoc-helper.sh script). These are the same as
+# the regular .1 and .html files, except that they still have some autoconf
+# variables set in them.
+#
+# Second, we use config.status to turn .1.in files into .1 files and
+# .html.in files into .html files.
+#
+# We do the steps in this order so that we can ship the .*.in files as
+# part of the source distribution, so that people without asciidoc can
+# just use the .1 and .html files.
+
+asciidoc_files = tor tor-gencert tor-resolve torify
+
+html_in = $(asciidoc_files:=.html.in)
+
+man_in = $(asciidoc_files:=.1.in)
+
+EXTRA_DIST = HACKING                                         \
+             $(html_in) $(man_in) $(asciidoc_files:=.1.txt)  \
              tor-osx-dmg-creation.txt tor-rpm-creation.txt   \
              tor-win32-mingw-creation.txt
 
-man_MANS = tor.1 tor-resolve.1 tor-gencert.1
+nodist_man_MANS = $(asciidoc_files:=.1)
+
+doc_DATA = $(asciidoc_files:=.html)
+
+asciidoc_product = $(nodist_man_MANS) $(doc_DATA)
 
 SUBDIRS = design-paper spec
 
 DIST_SUBDIRS = design-paper spec
 
-website: ../../website/docs/
-	rm -rf website
-	mkdir website
-	if test -d $(srcdir)/../../website ; then \
-		cd $(srcdir)/../../website && $(MAKE); \
-	fi
-	if test -d $(srcdir)/../../website ; then \
-		cp $(srcdir)/../../website/docs/tor-*.html.* \
-			$(srcdir)/../../website/stylesheet.css website; \
-	fi
-img: ../../website/img/
-	rm -rf img
-	mkdir img
-#	if test -d $(srcdir)/../../website/img; then \
-#		cp $(srcdir)/../../website/img/*.png \
-#			$(srcdir)/../../website/img/*.jpg img; \
-#	fi
+# Generate the html documentation from asciidoc, but don't do
+# machine-specific replacements yet
+$(html_in) :
+	$(top_srcdir)/doc/asciidoc-helper.sh html @ASCIIDOC@ @SED@ $(top_srcdir)/doc/$@
 
-.PHONY: website img
+tor.html.in : tor.1.txt
+torify.html.in : torify.1.txt
+tor-gencert.html.in : tor-gencert.1.txt
+tor-resolve.html.in : tor-resolve.1.txt
+
+# Generate the manpage from asciidoc, but don't do
+# machine-specific replacements yet
+$(man_in) :
+	$(top_srcdir)/doc/asciidoc-helper.sh man @A2X@ @SED@ $(top_srcdir)/doc/$@
+
+tor.1.in : tor.1.txt
+torify.1.in : torify.1.txt
+tor-gencert.1.in : tor-gencert.1.txt
+tor-resolve.1.in : tor-resolve.1.txt
+
+# use ../config.status to swap all machine-specific magic strings
+# in the asciidoc with their replacements.
+$(asciidoc_product) :
+	if test -e $(top_srcdir)/doc/$@.in && ! test -e ./$@.in ; then \
+		cp $(top_srcdir)/doc/$@.in .; \
+	fi
+	../config.status --file=$@;
+
+tor.1 : tor.1.in
+torify.1 : torify.1.in
+tor-gencert.1 : tor-gencert.1.in
+tor-resolve.1 : tor-resolve.1.in
+tor.html : tor.html.in
+torify.html : torify.html.in
+tor-gencert.html : tor-gencert.html.in
+tor-resolve.html : tor-resolve.html.in

doc/asciidoc-helper.sh

@@ -0,0 +1,54 @@
+#!/bin/sh
+
+# Copyright (c) The Tor Project, Inc.
+# See LICENSE for licensing information
+# Run this to generate .html.in or .1.in files from asciidoc files.
+# Arguments:
+# html|man asciidocpath sedpath outputfile
+
+set -e
+
+if [ $# != 4 ]; then
+  exit 1;
+fi
+
+output=$4
+input=`echo $output | $3 -e 's/html\.in$/1\.txt/g' -e 's/1\.in$/1\.txt/g'`
+base=`echo $output | $3 -e 's/\.html\.in$//g' -e 's/\.1\.in$//g'`
+
+if [ "$1" = "html" ]; then
+    if [ "$2" != none ]; then
+      "$2" -d manpage -o $output $input;
+    else
+      echo "==================================";
+      echo;
+      echo "The manpage in html form for $base will ";
+      echo "NOT be available, because asciidoc doesn't appear to be ";
+      echo "installed!";
+      echo;
+      echo "==================================";
+    fi
+elif [ "$1" = "man" ]; then
+    if test "$2" != none; then
+      if $2 -f manpage $input; then
+        mv $base.1 $output;
+      else
+        echo "==================================";
+        echo;
+        echo "a2x is installed, but some required docbook support files are";
+        echo "missing. Please install docbook-xsl and docbook-xml (Debian)";
+        echo "or similar.";
+        echo;
+        echo "==================================";
+      fi;
+    else
+      echo "==================================";
+      echo;
+      echo "The manpage for $base will NOT be ";
+      echo "available, because a2x doesn't appear to be installed!";
+      echo;
+      echo "==================================";
+    fi
+fi
+
+touch $output; \

doc/tor-gencert.1

@@ -1,86 +0,0 @@
-.TH tor-gencert 1 "" Jan-2008 ""
-.\" manual page by Nick Mathewson
-.SH NAME
-.LP
-tor-gencert \- Generate certs and keys for Tor directory authorities
-
-.SH SYNOPSIS
-\fBtor-gencert\fP\ [-h|--help] [-v] [-r|--reuse] [--create-identity-key] [-i \fIid_file\fP] [-c \fIcert_file\fP] [-m \fInum\fP] [-a \fIaddress\fP:\fIport\fP]
-
-.SH DESCRIPTION
-\fBtor-gencert\fR generates certificates and private keys for use by Tor
-directory authorities running the v3 Tor directory protocol, as used by Tor
-0.2.0 and later.  If you are not running a directory authority, you don't
-need to use tor-gencert.
-.PP
-Every directory authority has a long term authority \fIidentity key\fP (which
-is distinct from the identity key it uses as a Tor server); this key should
-be kept offline in a secure location.  It is used to certify shorter-lived
-\fIsigning keys\fP, which are kept online and used by the directory authority
-to sign votes and consensus documents.
-.PP
-After you use this program to generate a signing key and a certificate, copy
-those files to the keys subdirectory of your Tor process, and send Tor a
-SIGHUP signal. DO NOT COPY THE IDENTITY KEY.
-
-.SH OPTIONS
-\fB-v\fP
-Display verbose output.
-.LP
-.TP
-\fB-h\fP or \fB--help\fP
-Display help text and exit.
-.LP
-.TP
-\fB-r\fP or \fB--reuse\fP
-Generate a new certificate, but not a new signing key.  This can be
-used to change the address or lifetime associated with a given key.
-.LP
-.TP
-\fB--create-identity-key\fP
-Generate a new identity key.  You should only use this option the first
-time you run tor-gencert; in the future, you should use the identity
-key that's already there.
-.LP
-.TP
-\fB-i \fR\fIFILENAME\fP
-Read the identity key from the specified file.  If the file is not present
-and --create-identity-key is provided, create the identity key in the
-specified file.  Default: "./authority_identity_key"
-.LP
-.TP
-\fB-s \fR\fIFILENAME\fP
-Write the signing key to the specified file.  Default:
-"./authority_signing_key"
-.LP
-.TP
-\fB-c \fR\fIFILENAME\fP
-Write the certificate to the specified file.
-Default: "./authority_certificate"
-.LP
-.TP
-\fB-m \fR\fINUM\fP
-Number of months that the certificate should be valid.  Default: 12.
-.LP
-.TP
-\fB--passphrase-fd \fR\fIFILEDES\fP
-Filedescriptor to read the file descriptor from.  Ends at the first
-NUL or newline.  Default: read from the terminal.
-.LP
-.TP
-\fB-a \fR\fIaddress\fR:\fIport\fP
-If provided, advertise the address:port combination as this authority's
-preferred directory port in its certificate.  If the address is a hostname,
-the hostname is resolved to an IP before it's published.
-
-.SH BUGS
-This probably doesn't run on Windows.  That's not a big issue, since we
-don't really want authorities to be running on Windows anyway.
-
-.SH SEE ALSO
-.BR tor (1)
-.PP
-See also the "dir-spec.txt" file, distributed with Tor.
-
-.SH AUTHORS
-Roger Dingledine <arma@mit.edu>, Nick Mathewson <nickm@alum.mit.edu>.

doc/tor-gencert.1.txt

@@ -0,0 +1,90 @@
+// Copyright (c) The Tor Project, Inc.
+// See LICENSE for licensing information
+// This is an asciidoc file used to generate the manpage/html reference.
+// Learn asciidoc on http://www.methods.co.nz/asciidoc/userguide.html
+tor-gencert(1)
+==============
+Nick Mathewson
+
+NAME
+----
+tor-gencert - Generate certs and keys for Tor directory authorities
+
+SYNOPSIS
+--------
+**tor-gencert** [-h|--help] [-v] [-r|--reuse] [--create-identity-key] [-i __id_file__] [-c 
+__cert_file__] [-m __num__] [-a __address__:__port__]
+
+DESCRIPTION
+-----------
+**tor-gencert** generates certificates and private keys for use by Tor
+directory authorities running the v3 Tor directory protocol, as used by
+Tor 0.2.0 and later. If you are not running a directory authority, you
+don't need to use tor-gencert. +
+
+Every directory authority has a long term authority __identity__ __key__ (which
+is distinct from the identity key it uses as a Tor server); this key
+should be kept offline in a secure location. It is used to certify
+shorter-lived __signing__ __keys__, which are kept online and used by the
+directory authority to sign votes and consensus documents. +
+
+After you use this program to generate a signing key and a certificate,
+copy those files to the keys subdirectory of your Tor process, and send
+Tor a SIGHUP signal. DO NOT COPY THE IDENTITY KEY.
+
+OPTIONS
+-------
+**-v**::
+    Display verbose output.
+
+**-h** or **--help**::
+    Display help text and exit.
+
+**-r** or **--reuse**::
+    Generate a new certificate, but not a new signing key. This can be used to
+    change the address or lifetime associated with a given key.
+
+**--create-identity-key**::
+    Generate a new identity key. You should only use this option the first time
+    you run tor-gencert; in the future, you should use the identity key that's
+    already there.
+
+**-i** __FILENAME__::
+    Read the identity key from the specified file. If the file is not present
+    and --create-identity-key is provided, create the identity key in the
+    specified file. Default: "./authority_identity_key"
+
+**-s** __FILENAME__::
+    Write the signing key to the specified file. Default:
+    "./authority_signing_key"
+
+**-c** __FILENAME__::
+    Write the certificate to the specified file. Default:
+    "./authority_certificate"
+
+**-m** __NUM__::
+    Number of months that the certificate should be valid. Default: 12.
+
+**--passphrase-fd** __FILEDES__::
+    Filedescriptor to read the file descriptor from. Ends at the first NUL or
+    newline. Default: read from the terminal.
+
+**-a** __address__:__port__::
+    If provided, advertise the address:port combination as this authority's
+    preferred directory port in its certificate. If the address is a hostname,
+    the hostname is resolved to an IP before it's published.
+
+BUGS
+----
+This probably doesn't run on Windows. That's not a big issue, since we don't
+really want authorities to be running on Windows anyway.
+
+SEE ALSO
+--------
+**tor**(1) +
+
+See also the "dir-spec.txt" file, distributed with Tor.
+
+AUTHORS
+-------
+    Roger Dingledine <arma@mit.edu>, Nick Mathewson <nickm@alum.mit.edu>.

doc/tor-resolve.1

@@ -1,38 +0,0 @@
-.TH tor-resolve 1 "" Aug-2004 ""
-.\" manual page by Peter Palfrader
-.SH NAME
-.LP
-tor-resolve \- resolve a hostname to an IP address via tor
-
-.SH SYNOPSIS
-\fBtor-resolve\fP\ [-4|-5] [-v] [-x] \fIhostname\fP\ [\fIsockshost\fP[:\fIsocksport]\fP]
-
-.SH DESCRIPTION
-\fBtor-resolve\fR is a simple script to connect to a SOCKS proxy that
-knows about the SOCKS RESOLVE command, hand it a hostname, and return
-an IP address.
-.SH OPTIONS
-\fB-v \fP
-Display verbose output.
-.LP
-.TP
-\fB-x\fP
-Perform a reverse lookup: get the PTR record for an IPv4 address.
-.LP
-.TP
-\fB-5\fP
-Use the SOCKS5 protocol. (Default)
-.LP
-.TP
-\fB-4\fP
-Use the SOCKS4a protocol rather than the default SOCKS5 protocol.  Doesn't
-support reverse DNS.
-
-.SH SEE ALSO
-.BR tor (1),
-.BR torify (1).
-.PP
-See doc/socks-extensions.txt in the Tor package for protocol details.
-
-.SH AUTHORS
-Roger Dingledine <arma@mit.edu>, Nick Mathewson <nickm@alum.mit.edu>.

doc/tor-resolve.1.txt

@@ -0,0 +1,45 @@
+// Copyright (c) The Tor Project, Inc.
+// See LICENSE for licensing information
+// This is an asciidoc file used to generate the manpage/html reference.
+// Learn asciidoc on http://www.methods.co.nz/asciidoc/userguide.html
+tor-resolve(1)
+==============
+Peter Palfrader
+
+NAME
+----
+tor-resolve - resolve a hostname to an IP address via tor
+
+SYNOPSIS
+--------
+**tor-resolve** [-4|-5] [-v] [-x] __hostname__ [__sockshost__[:__socksport__]]
+
+DESCRIPTION
+-----------
+**tor-resolve** is a simple script to connect to a SOCKS proxy that knows about
+the SOCKS RESOLVE command, hand it a hostname, and return an IP address.
+
+OPTIONS
+-------
+**-v**::
+    Display verbose output.
+
+**-x**::
+    Perform a reverse lookup: get the PTR record for an IPv4 address.
+
+**-5**::
+    Use the SOCKS5 protocol. (Default)
+
+**-4**::
+    Use the SOCKS4a protocol rather than the default SOCKS5 protocol. Doesn't
+    support reverse DNS.
+
+SEE ALSO
+--------
+**tor**(1), **torify**(1). +
+
+See doc/socks-extensions.txt in the Tor package for protocol details.
+
+AUTHORS
+-------
+Roger Dingledine <arma@mit.edu>, Nick Mathewson <nickm@alum.mit.edu>.

doc/torify.1.txt

@@ -0,0 +1,50 @@
+// Copyright (c) The Tor Project, Inc.
+// See LICENSE for licensing information
+// This is an asciidoc file used to generate the manpage/html reference.
+// Learn asciidoc on http://www.methods.co.nz/asciidoc/userguide.html
+torify(1)
+=========
+Peter Palfrader
+Jacob Appelbaum
+
+NAME
+----
+torify - wrapper for torsocks or tsocks and tor
+
+SYNOPSIS
+--------
+**torify** __application__ [__application's__ __arguments__]
+
+DESCRIPTION
+-----------
+**torify** is a simple wrapper that attempts to find the best underlying Tor
+wrapper available on a system. It calls torsocks or tsocks with a tor specific
+configuration file. +
+
+torsocks is an improved wrapper that explictly rejects UDP, safely resolves DNS
+lookups and properly socksifies your TCP connections. +
+
+tsocks itself is a wrapper between the tsocks library and the application that
+you would like to run socksified. +
+
+Please note that since both method use LD_PRELOAD, torify cannot be applied to
+suid binaries.
+
+WARNING
+-------
+You should also be aware that the way tsocks currently works only TCP
+connections are socksified. Be aware that this will in most circumstances not
+include hostname lookups which would still be routed through your normal system
+resolver to your usual resolving nameservers. The **tor-resolve**(1) tool can be
+useful as a workaround in some cases. The Tor FAQ at
+https://wiki.torproject.org/noreply/TheOnionRouter/TorFAQ might have further
+information on this subject. +
+
+When used with torsocks, torify should not leak DNS requests or UDP data. +
+
+Both will leak ICMP data.
+
+SEE ALSO
+--------
+**tor**(1), **tor-resolve**(1), **torsocks**(1), **tsocks**(1),
+**tsocks.conf**(5).