history.txt

 * Streaming:
   - Reduce min RTO for quicker recovery after packet loss
   - Reduce default initial ack delay
   - More efficient checking for input buffer overflow

2015-04-22 zzz
 * i2psnark: Fix deletion of config files, cleanup old ones (ticket #1498)
 * I2PSocketEepGet: Fix i2psnark NPE caused by -6 (ticket #1543)
 * NTCP: Reduce min send finisher threads to 1
 * PortMapper: Status output for /debug

2015-04-21 zzz
 * i2ptunnel: Log uncaught errors in thread pool
 * Reseed: Disable non-su3 reseeding
 * Router timestamper:
   - Add country-to-continent mapping
   - Add continent zones as fallback
   - Don't start threads in constructors
 * Transports: Reduce idle timeouts

2015-04-20 zzz
 * Blockfile: Unroll recursive initialization
 * EepGet: Set soTimeout for non-proxied fetches to enforce
   header timeout and prevent long reseed hangs
 * Reseed:
   - Honor SSL/non-SSL setting when custom reseed list is set (ticket #1136)
   - Remove all default HTTP URLs (ticket #1514)

2015-04-17 zzz
Prop from i2p.i2p.zzz.test2:
 * Console: Set session cookies to HttpOnly
 * i2psnark: Remove extra mime types in i2psnark web.xml;
   added to Jetty's default by now, or in our mime.properties file
 * i2ptunnel:
   - Send HTTP server port 443 traffic to the server
     transparently, to support HTTPS over the same tunnel, if so configured
   - Add check for total header size in HTTP server
   - Return specific error pages to client on errors
     in HTTP header processing in the HTTP server (ticket #1507)
 * Jetty:
   -  Add extensive help to jetty-ssl.xml
   -  Set session cookies to HttpOnly in all webapps
 * JobQueue: Make number of runners configurable
 * Router: Move update extraction code to new class in tasks/
 * Tunnels:
   - Add bloom filter warning if high bandwidth but low memory
   - Add new Bloom filter size, increase bandwidth limit (ticket #1505)
   - Add config to disable Bloom filter for testing

2015-04-16 zzz
 * I2CP: Run DistributeLocal jobs inline (ticket #1506)
 * i2psnark: Increase max tunnels to 10
 * i2ptunnel: Don't start tunnels in constructors (ticket #815)
 * NetDB: Reduce max search depth
 * Transport: Fix active peer count for NTCP

2015-04-15 tuna
 * SimpleScheduler: Deprecated, functionality moved to SimpleTimer2 (ticket #1069)

2015-04-13 zzz
 * Router: Fix NPE on bad share bandwidth config (ticket #1524)
 * Streaming: Handle reset packets without a FROM field, validate
              signature using connection's destination
 * Update: Don't log an error for the "dummy" updater (ticket #1525)

* 2015-04-12 0.9.19 released

2015-04-11 zzz
 * Updates after review

2015-04-09 kytv
 * Updates to geoip.txt and geoipv6.dat.gz based on Maxmind GeoLite Country
   database from 2015-04-07.
 * Translation updates

2015-04-05 zzz
 * IRC Server: Better timeout handling reading initial lines (ticket #723)

2015-04-04 zzz
 * i2ptunnel:
   - Better timeout handling when reading headers in HTTP server (ticket #723)
   - Fix NoSuchElementException processing proxyList caused by 03-31 checkin
 * Streaming:
   - Fix read timeout on input stream (ticket #723)
   - Fix read() returning 0 instead of -1 on read timeout (ticket #335)

2015-04-03 zzz
 * i2ptunnel: Fix stopping tunnel on bad args when starting
 * wrapper.config: Remove old mortbay Jetty parameters

2015-04-01 zzz
 * I2CP: Allow larger client clock skew (ticket #1503)
 * i2psnark: Fix changing data directory on Windows (ticket #1503)

2015-03-31 zzz
 * API: Fix some client-side APIs to honor defaults in Properties;
   add javadocs to specify where we do and don't (ticket #1491)
 * i2ptunnel: Fix multiple SSL outproxies in HTTP client

2015-03-29 zzz
 * I2CP: Prevent NPE (ticket #1503)

2015-03-25 zzz
 * i2ptunnel HTTP client: Replace all getBytes() calls
   with a Writer or getBytes("UTF-8") (ticket #457)

2015-03-24 zzz
 * Streaming: Throw I2PSocketException when connection is reset,
   display new error page in HTTP client (ticket #643)

2015-03-23 zzz
 * Javadoc: Add missing package.html files (ticket #1109)
 * Summary bar: linkify news headings, remove 'show news' link

2015-03-22 zzz
 * Console: Better status feedback on manual reseed from URL
 * NetDB: Don't become floodfill w/o ECDSA support
 * Reseed: Better status feedback and cleanup in summary bar

2015-03-21 zzz
 * Console: Support plugin installation from local file

2015-03-20 zzz
 * Reseed:
  - Move multipart form support from susimail to jetty-i2p.jar
    so console can use it
  - Finish manual reseed from local file

2015-03-19 zzz
 * Reseed (ticket #1369):
  - Add form to manually reseed from zip or su3 URL
  - Add form to manually reseed from local zip or su3 file
  - Add form to create reseed zip file to share
  - Backend support and refactoring in reseed code

2015-03-18 zzz
 * NetDB:
  - Send exploratory lookups directly to the floodfill if
    we are already connected to him
  - Don't encrypt RI lookups when overloaded
  - Don't explore when overloaded
  - Don't publish non-ff RI on exit if we are coming right back
 * Router: Allow disabling the setting of some System properties, for embedded applications
 * StatisticsManager: Publish dummy LS count if we just started
 * Streaming: Reduce min RTO again
 * Tunnels: Drop instead of reject requests on high job lag
 * UPnP: Update to cyberlink 3.0

2015-03-16 zzz
 * Apache Tomcat 6.0.43
 * NetDB: Send RI lookups directly to the floodfill if
   we are already connected to him
 * Router:
   - Republish RI early if capabilities change
   - Increase exploratory tunnel quantity if floodfill
 * Throttle: Reject tunnels based on job lag

2015-03-15 zzz
 * Job Queue:
   - Fix overload dropping
   - Add drop count to job stats
   - Decrease overload threshold again
 * NetDb: Track flood success

2015-03-13 zzz
 * i2psnark:
   - Auto-reduce tunnel quantity based on peer count
   - Increase max tunnels
 * Job Queue:
   - Drop garlic message decryption jobs on overload
   - Decrease overload threshold

2015-03-13 dg
 * Router: create router.integratedPeers (floodfills) stat, and 
   allow graphing of it.

2015-03-08 zzz
 * i2psnark: Increase min and default bandwidth
 * Throttle: Tweak messages during probabalistic rejection
 * Transport: Add missing bogons to IP validity check

* 2015-02-22 0.9.18 released

2015-02-18 kytv
 * Updates to geoip.txt and geoipv6.dat.gz based on Maxmind GeoLite Country
   database from 2015-02-04.

2015-02-15 dg
 * FloodfillMonitorJob: 
   - Use lifetime average value for job lag
   - Change the job lag limit to less than 25ms
   - Consider and set the limit of backlogged tunnels to less than 5

2015-02-10 dg
 * I2PSnark, Jetty, SAM, crypto: findbugs resource leaks.

2015-02-07 zzz
 * SSU: Limit range for valid clock skew
 * Transport: Ban routers if they are too old and we are non-DSA

2015-02-06 zzz
 * NetDB: Reduce max job lag for floodfill
 * NTCP: Block IP for a while when incoming connection is dropped before
   receiving a message. Possible workaround for tickets #551, #1075, #1411.
 * Transport:
   - Decrease DH refiller initial delay and increase buffer size
     to reduce chance of running out on high-bandwidth routers
   - Add event log for reachability change

2015-02-01 zzz
 * Crypto: Catch IAE in generateCertificate()
 * NetDB: Don't flood an RI back to itself. While Java ffs self-flood,
   other implementations may not.
 * OCMOSJ: Pick a OB tunnel at random, not with the OBEP closest
   to the lease, as that may be hurting connection reliability.
 * Router: Call warmupCrypto() earlier in the initialization

2015-01-31 zzz
 * Console:
   - Don't display invalid IPv6 addresses as options on /confignet
   - Disable changing log path
 * NetDb:
   - Encrypt lookups for 32-bit x86 also
   - Disable floodfill in laptop mode
 * PRNG: Don't hang forever at startup waiting for SecureRandom init
 * Transport: Set 4 MBps max bw due to bloom filter

2015-01-30 zzz
 * HTTP Proxy: More error page changes
 * NTCP: Throttle event pumper if looping too fast (tickets #551, #1075, #1411)

2015-01-29 zzz
 * SSU:
   - Fix replaceExternalAddress churn when firewalled
   - Sort introducers in router address, so we won't force a republish
     due to a different ordering of the same introducers
   - Don't publish an address if we need introducers but don't have any,
     so the user won't see a 'firewalled with inbound NTCP enabled' message
   - Fix transition from firewalled to non-firewalled

2015-01-28 zzz
 * UPnP:
  - Rescan for devices periodically and when reachability changes (tickets #661, #959)
  - Callback when device removed
  - Consolidate callbacks
  - Clear ignored devices after primary device removed
    to allow one to be promoted on rescan
  - Don't put "I2P" in registered protocol name
  - Add uptime to UPnP info
  - HTML escaping
  - Remove static log on Android

2015-01-11 zzz
 * i2psnark: Skip incompatible welterde tracker if we are ECDSA
 * I2PTunnel: Add option for multihoming optimization

2015-01-10 zzz
 * NetDB: Stubs for bandwidth estimation during reseed (ticket #935)

2015-01-09 zzz
 * NetDB: Publish RI faster when costs change (ticket #1437)

2015-01-08 zzz
 * Console, i2ptunnel, proxy: Renaming of various things to "hidden services"

2015-01-07 zzz
 * ClientAppConfig: Start i2ptunnel sooner (ticket #1162)
 * NetDB: Possible fixes for reseed completion not recognized (ticket #1384)
 * Router:
   - Add startup/shutdown state machine
   - Don't reset uptime after a soft restart
 * Startup: Accept tunnels after 10 minutes instead of 20 (ticket #1152)
 * Tunnels:
   - Cleanup, catch more cases of zero-hop configuration
   - Temporarily increase exploratory tunnel quantity at startup,
     so that netdb refresh will work better

2015-01-05 zzz
 * Blocklist:
   - Rewrite to read and merge multiple files
   - Include in update, use version in base dir too
   - Increase limits
   - Bug fixes
 * EepGet: Change command line default to 0 retries
 * Latency reduction all over:
   - SSU: Reduce ack delay
   - Streaming: Reduce min RTO and flusher delay
   - Tunnels: Reduce GW batching time
 * Streaming:
   - Add API for sending/receiving payload in ping/pong
   - Fix PcapWriter
 * UrlLauncher:
   - Configure browser with routerconsole.browser (ticket #1159)
   - Convert to ClientApp interface

2015-01-03 zzz
 * I2CP: Use configured leaseset keys if available
 * I2PTunnel: Persist leaseset keys

2014-12-15 zzz
 * Console: Prevent two-word translations from splitting across lines in summary bar
 * Crypto: EdDSA cleanups
 * i2psnark: Unchoke new peer sooner
 * SSU: reduce log level of uncaught errors processing I2NP message
 * SU3:
   - Don't require specification of sig type when signing
   - Implement 'extract -k'
   - Fix getContentOffset()
   - Fail on excess data after signature
 * Tunnels: Raise concurrent build limit

2014-12-08 zzz
 * HTTP Proxy: Fix parsing of ECDSA address helper
 * NetDB: Increase lookup throttle time

2014-12-05 zzz
Prop from i2p.i2p.zzz.test2:
 * Console:
   - Show b32 for local leasesets also on netdb LS tab
 * Data:
   - Disallow duplicate keys in a Mapping
   - Add RouterInfo.getVersion()
 * I2NP:
   - Move some data structures away from ByteArray; offsets were always zero
     - New BuildRequestRecord constructors
     - BuildRequestRecord field becomes final byte[222]
     - IV becomes byte[16]
     - Build record becomes EncryptedBuildRecord
   - Remove extra copy in BuildRequestRecord.encryptRecord()
   - Remove unused BuildRequestRecord.readOurIdentityMatches()
   - DatabaseStoreMessage: Mask the unused bits in the type field for future use
 * i2psnark: Reduce auto-stop threshold for update torrent
 * I2PTunnel: Reduce i2ptunnel threads, more thread pooling.
   - Move client pool from static inI2PTunnelClientBase to TCG.
   - Use client pool for some server threads
   - Run some things inline that were formerly threads
 * KeyGenerator: main() test improvements
 * Logger: Configurable flush interval
 * Plugins: Another fix for restarting a ClientApp plugin
 * Profiles: Change slice selection argument from an int to an enum for clarity
 * SusiMail:
   - Add save-as button
   - Fix encoding for filename in Content-Disposition header
 * Transport:
   - Disallow standard I2P application ports as the router port
   - Increase default class O conn. limits to 350 NTCP, 1050 SSU
 * Update: Use last-modified instead of last-checked for the next
   if-modified-since fetch, to fix failing to fetch the latest news

* 2014-11-30 0.9.17 released

2014-11-28 kytv
 * Updated PO files from Transifex
 * Updates to geoip.txt and geoipv6.dat.gz based on Maxmind GeoLite Country
   database from 2014-11-05.

2014-11-26 zzz
 * BuildRequestor: Reduce delay when client build can't find
   a paired tunnel (ticket #1412)
 * Data:
   - Fix NPE on unknown sig type in destination
   - Fix hashcode and equals for typed data
 * Tunnels: Disallow changing allowZeroHop setting for exploratory

2014-11-24 zzz
 * i2ptunnel: Fix automatic setting of random key
 * PrivateKeyFile: Don't rewrite file in main() if no options

2014-11-23 zzz
 * Reseed hosts update

2014-11-22 zzz
 * PeerSelector: If non-DSA, don't use incompatible peers
   for exploratory tunnels or closest-hop in client tunnels
 * SAM: Fix v3 bug accepting incoming connections

2014-11-17 zzz
 * NetDB: Exclude A1/A2 "countries" from auto-floodfill

2014-11-15 zzz
 * I2NP:
   - Set lookup type flags even if no reply tunnel specified
   - Reduce object churn when writing some messages

2014-11-13 zzz
 * I2PTunnel:
   - Fix bug that left server acceptor thread running after close
   - Add destroy() methods to release all resources when closing a tunnel for good,
     particularly the streaming timer threads
   - Use COWAL to prevent concurrency problems
 * PluginStarter: Simplify detection of active threads
 * Streaming:
   - Don't return null from accept() any more; actually throw
     ConnectException as the Javadocs have always specified
   - Throw ConnectException from accept() if interrupted; previously caught and ignored
   - Throw exceptions from ConnectionHandler.accept(), not higher up
   - Close ServerSocket when ConnectionManager is shut down
   - Synchronize setActive(), clear queue when starting to accept,
     better handling of calls that don't change state

2014-11-12 zzz
 * Data: Clear more caches when under memory pressure and at shutdown
 * Plugins: Fix bug in stopping a ClientApp plugin with $parameters in the args

2014-11-09 zzz
 * i2psnark: Fix tracker config form issues
 * Router, i2ptunnel: Add option for per-pool persistent random key,
   so peer ordering does not change across restarts

2014-11-08 zzz
 * EdDSA: Bump minimum router version to 0.9.17
 * i2psnark: Add support for specifying data dir in add form (ticket #1028)
 * ProfileOrganizer: More efficient slice calculation
 * SSU: Fix bug preventing inbound connection from non-DSA router (ticket #1408)
 * Transports: If non-DSA, check for compatibility before connecting out

2014-11-06 zzz
Prop from i2p.i2p.zzz.test2:
 * Blockfile:
   - Add block size to superblock
   - Add span size to skiplist block
   - Bump version to 1.2
 * Console:
   - Log warnings for Java 6 or no Pack200
   - Add ECDSA warning to sidebar
   - Don't disable updates when restarting from /configupdate
   - Recognize router.newsRefreshFrequency=0 as "never"
 * Crypto: Drop dummy crypto stubs
 * i2psnark:
   - Convert '+' to ' ' in magnet dn param
   - Fix NPE when deleting torrent if the data directory
     was deleted out from under us (ticket #1407)
   - Add new opentrackers, remove welterde
   - Support multiple default opentrackers
   - Don't link to opentrackers at the top
 * i2ptunnel:
   - ECDSA default for all new server tunnels
   - ECDSA default for streamr client tunnels
   - Fix display of server destination on edit page when not running (privkey file path wasn't absolute)
   - Fix display of persistent client key b32 on edit page when not running
   - Fix display of server sig type on edit page when we have a privkey file
 * jbigi: Save and report extracted library name
 * Reseed: SSL-only by default
 * Router:
   - Make recognition of a hidden router consistent,
     whether specified in the caps or the cert
   - Job Queue: Only drop lookup jobs if lagged
 * SSU:
   - Don't resend ACKS that are too old (ticket #772)
   - Dont OOM if ACK sender dies
   - Don't publish direct info if introducers are required
 * SU3File: Show content and file types in showversion
 * Transports:
   - Consolidate port checking code
   - Disallow SSDP port
 * Update: Implement signed news in su3 format with trusted signers,
   wrapping an Atom XML format
 * Util:
   - Use write-sync-close-rename for config file writing
   - Null check in zip entry name

2014-11-04 zzz
 * SSU: Fix corruption of ack-only packets containing bitfields

* 2014-11-01 0.9.16 released

2014-10-30 kytv
 * Updates to geoip.txt and geoipv6.dat.gz based on Maxmind GeoLite Country
   database from 2014-10-07.
 * Arabic, Chinese, Czech, Dutch, French, German, Russian, and Spanish
   translation updates from Transifex

2014-10-30 zzz
 * Router: Fix rare NPE building garlic message (ticket #1403)

2014-10-26 zzz
 * SSU: Fix ACK Sender thread dying on corrupt packet

2014-10-24 zzz
 * i2ptunnel: Fix description entered via wizard

2014-10-23 zzz
 * SessionKeyManager:
   - Raise inbound limit
   - Delete oldest tagsets when limit is hit
   - Don't delete recent tagsets when limit is hit
 * SSL: Don't prohibit SSLv3 ciphers if that's all we have

2014-10-20 zzz
 * Console: Fix lockups (ticket #1395)
 * Eepsite Jetty: Switch back to QueuedThreadPool (ticket #1395)

2014-10-17 zzz
 * NTCP: Deadlock fix 3rd try (ticket #1394)

2014-10-16 zzz
 * NTCP: Deadlock fix 2nd try (ticket #1394)

2014-10-15 zzz
 * Console, I2CP, i2ptunnel, SSLEepGet: Set allowed SSL
   protocols and ciphers. Disable SSLv3 and older ciphers.
   Enable TLSv1.1 and TLSv1.2 on Java 7,
   where it is disabled by default client-side.

2014-10-14 zzz
 * I2NP: Implement DatabaseLookupMessage search type field

2014-10-13 zzz
 * i2ptunnel: Set default sig type to ECDSA-P256 for client types
   Standard, IRC, and Socks IRC, if non-shared.

2014-10-10 zzz
 * Banlist: Remove unused banlist tracking in the profile
   causing deadlock (ticket #1394)
 * GeoIP:
   - Don't rate peers in some countries as high capacity
   - Don't enable auto-floodfill in some countries
   - Don't prefer floodfills in some countries

2014-10-08 zzz
 * UPnP: Comment out unused parsers

2014-10-07 zzz
 * CPUID: Remove Intel model 2 again, this is spoofed in the VM
 * Graphs: Catch an error caused by missing fonts
 * i2ptunnel: Handle named sig types from i2ptunnel.config in the GUI
 * SSU: Improve handling of socket that gets closed (ticket #1385)
 * Startup: Delay ReadConfigJob another minute

2014-10-05 zzz
 * Crypto: EdDSA cleanup

2014-10-04 zzz
 * i2psnark: Disable changing types for predefined trackers
 * i2ptunnel: Fix js confirm for delete button

2014-10-03 zzz
 * Console: New add-to-addressbook links on leaseset page
 * CPUID: Fix Intel processor identification
 * i2psnark: Fix adding magnet links with % encoding (ticket #1391)

2014-09-30 zzz
 * Logs: Fix displayed filename when empty (ticket #1386)
 * SAM: Fix v3 LS publish, broken in -4 (ticket #1390)

2014-09-29 zzz
 * CPUID:
   - Fix main() model and family calculation
   - Add model string fetch from processor
   - AMD model string tweaks
 * i2psnark: Show subdirectory in table header on details page

2014-09-27 zzz
 * CPUID:
   - Fix model and family calculations
   - Fix most AMD family 15 IDs
   - Add AMD Llano, Jaguar, Bulldozer 2
   - Add Intel Ivy Bridge, Haswell, Broadwell, Penryn,
     Pineview, Cedarview, Bay Trail, Avoton, and others
   - Set best-guess capabilities for most Intel processors
   - Supply best-guess model string in most cases
   - Processors listed above, and some others, may see crypto speedups as a result

2014-09-26 zzz
 * EdDSA: Use our PRNG by default for keygen
 * i2psnark:
   - Increase default to 3 hops (ticket #966)
   - Show info hash on details page
 * NetDB: Increase max age of RIs to reduce number refreshed after restart
 * SAM:
   - Don't publish LS for DIRECTION=CREATE
   - Set default tunnel name
 * Tests: Fix junit compile fails due to data structure moves
 * Transport: Hooks for pluggable transports (ticket #1170)

2014-09-23 zzz
Prop from i2p.i2p.zzz.test2:
 * Addressbook: Improve parser efficiency
 * Data structures: Move several router-only classes from i2p.jar to
   net.i2p.data.router in router.jar. This will break existing
   versions of the i2pcontrol plugin.
 * HTTP Client: Add error page for unsupported encryption
 * I2CP:
   - Verify crypto key pair in LS
   - Verfiy same dest as before in LS
   - Enforce strict authorization when auth is enabled
 * i2psnark:
   - Set-all priority buttons (ticket #1376)
   - Comment out command-line code
   - Consolidate and clean up parameters code
   - Click to sort by column
   - Display upload ratio when sorted by ratio, and on details page (ticket #1298)
   - Consolidate code for creating img entities
   - Switch from checkbox to radio for tracker configuration form
   - Sort themes in config form
   - Consolidate HTML header code
   - Set no-cache headers
   - Don't set HTML headers for redirects
 * I2PTunnelGUI: Test tool deleted, moved to i2p.scripts
 * Jetty 8.1.16.v20140903
 * KeyGenerator: Add support for converting
   all signing key types from private to public
 * NetDB:
   - Encrypt RI lookups and request encrypted reply on
     faster boxes, to prevent scraping by OBEPs and IBGWs
   - Encrypt exploratory lookups too
   - Better handling of unsupported encryption in destinations
   - Implement handling of unsupported encryption in router identities
   - Banlist forever all RIs with unsupported encryption
   - New negative cache of all dests with unsupported encryption
   - New methods for destination lookup that will succeed even if
     the LS is expired or encryption is unsupported
   - Use new dest lookup so client will get the right error code
     later, rather than failing with no LS when we really got it
     but just couldn't verify it.
   - Don't auto-enable floodfill if ARM or if ElG decrypt is too slow
 * NTCP EstablishState:
   - Prep for future enhancements by refactoring to a state machine model
   - Reduce object churn; use SimpleByteCache
   - Synchronization
 * OCMOSJ: Detect unsupported encryption on dest and return the correct failure code
     through I2CP to streaming to i2ptunnel
 * PrivateKeyFile:
   - New constructor with padding
   - New router extension to add getRouterIdentity()
   - Add validateKeyPairs()
 * Router:
   - New router.sigType config
   - Generate / regenerate router keys based on config
   - New router.keys.dat file in PKF format for sig types and padding
   - Fix RouterInfo.readBytes() signature verification with sig types
   - Catch unset padding in KeysAndCert.writeBytes()
   - Catch key errors in ReadRouterJob
   - Show RI sig type on /netdb in console
   - Move some things from Router to startup classes
   - Startup classes package private
   - Buffer readin of key files
   - Remove configurability of router.info and router.keys file locations
   - Consolidate router keys readin code
   - Update killKeys file list
   - Validate router key pairs read in from file
   - Don't try to use an unavailable sig type for the router,
     even if it's the default
 * RoutingKeyGenerator:
   - Move from core to RouterKeyGenerator in router.jar
   - Leave RoutingKeyGenerator as a simple abstract class
   - DatabaseEntry now uses timestamp instead of mod data
     to determine if mod data has changed. Don't expose
     mod data to DatabaseEntry any more.
   - I2PAppContext.routingKeyGenerator() now returns null;
     you must be in RouterContext to get a generator.
 * SSU:
   - Implement bundling of multiple fragments in a single data message.
     This has always been in the spec and implemented in the receive side
     since the beginning, so it is compatible with all versions.
   - OutboundMessageState: Fix SSU Output Queue errors in PacketBuilder:
     Remove all buffer caching as it can't be made thread-safe.
     Just allocate buffer in constructor and let GC handle it
     Do fragmenting in constructor and make all fragment fields final
     Don't track per-fragment retransmissions as it wasn't used
     Move ack tracking from an array to a long
     Sync all ack methods; Entire class now thread-safe
   - InboundMessageState: Rewrite PartialBitfield for efficiency, less space and object churn
   - PeerState.fetchPartialACKs() improvements
   - Don't allow more than 10 bytes when reading in bitfield
   - Don't send a corrupt ack packet if the partial ack got completed (race)
 * Streaming: Re-enable message status override, but treat LS lookup failure
     as a soft failure for now.
 * Transports:
   - Handle RI sig types
   - Banlist unsupported RI sig types
   - Return unused DH keypairs to the pool
 * Tunnels:
   - Enforce request record timestamp
   - Randomize timestamp to prevent hop detection at top of hour

2014-09-22 zzz
 * SSU: Fix 100% CPU after socket failure
 * UPnP: Catch reported error on FreeBSD

* 2014-09-20 0.9.15 released

2014-09-17 kytv
 * Updates to geoip.txt and geoipv6.dat.gz based on Maxmind GeoLite Country
   database from 2014-09-04.
 * Translations:
   - updates pulled from Transifex (cs, es, fi, fr, ja, nb, pl, ro, ru, uk)
   - en po files updated and pushed to Transifex

2014-09-16 zzz
 * i2psnark: Don't send HTML-only headers for icons (2nd try)

2014-09-13 zzz
 * i2ptunnel:
   - Fixes for stopping client tunnels
   - Fix status display for shared clients

2014-09-12 zzz
 * i2psnark: Escape fixes
 * i2ptunnel: Fix updating session options on a running delay-open client tunnel

2014-09-09 zzz
 * i2psnark: Escape fixes

2014-08-31 zzz
 * Build: Add support for bundling router infos in the package
 * I2PTunnel: Allow changing of spoof host and target host/port without
              restarting server tunnel

2014-08-30 zzz
 * Console:
  - Re-enable plugin installation by default
  - Don't show configuration section or update-all button if no plugins installed
  - Show unavailable crypto on /logs
 * Router: Log warnings for unavailable crypto at startup
 * RouterInfo: Backport fix for verification of EdDSA RI sig type

2014-08-28 zzz
 * Streaming: Fix verify of Ed25519 signatures in CLOSE packets

2014-08-27 zzz
 * i2psnark:
   - Persist uploaded count (tickets #1034, #1298)
   - Don't retry announce if we get back HTML
   - Recognize Vuze tracker rejections
   - Don't retry rejected announces unless seeding
   - Better UI handling of announces with ports or full destination
 * NetDB: Don't abort initialization on an unsupported RI sig type
 * Streaming: Fix P521 and RSA sig types

2014-08-23 zzz
 * Console, i2psnark, i2ptunnel: Escape fixes and cleanups
 * SSU: Drop peer tests as Bob from unestablished Alices

2014-08-22 zzz
 * SigTypes:
   - Add isSupportedSince(), use in floodfill selection
   - Handle mixed-case 25519 enum
   - Fix 25519 type code
   - Add dup type code check

2014-08-21 str4d
 * Add Ed25519 SigType

2014-08-21 zzz
 * i2psnark:
   - Escape control chars in encodePath()
   - Increase max piece size to 8 MB (ticket #1347)
 * i2ptunnel: Add local SSL support for std. and IRC client tunnels (ticket #1107)

2014-08-19 zzz
 * i2psnark:
   - Don't filter create torrent form, and
     fix exception on ':' in file names (ticket #1342)
   - Don't remap file names on torrents we created, and
     save remap setting in torrent config file (tickets #571, 771)
   - Escaping fixes since names may not be remapped
   - Use better encodePath() from Jetty
   - Don't say create torrent succeeded when it didn't
   - Add more sanity checks for base path of created torrent

2014-08-18 zzz
 * i2psnark:
   - Don't send HTML-only headers for icons
   - Catch IllegalStateException for icons
 * Tunnels: Use consistent tunnel pair for Delivery Status Message
   to reduce network connections (ticket #1350)

2014-08-15 zzz
 * Console: Escaping fix (ticket #1348)
 * I2CP: Lookup synch cleanups

2014-08-13 dg
 * Console, EventLog: add BECAME_FLOODFILL and NOT_FLOODFILL, they are now shown
   at the /events page when the router changes its floodfill state

2014-08-13 zzz
 * Console: Escaping fix (ticket #1346)
 * i2psnark: Fix add torrent NPE

2014-08-10 zzz
Prop from i2p.i2p.zzz.snarkconfig:
 * i2psnark:
   - Move config file and DHT persistence file to a config dir
   - Move per-torrent configuration from "zmeta" in the main config file
     to a per-torrent config file (ticket #1132)
   - Split timestamp and bitfield into separate configs
   - Fix misspelling of autoStart config
   - Remove two unused SnarkManager methods
   - Refactor file deletion in prep for better file name handling (ticket #571)
   - Don't use canonical files in directory listings,
     for speed and to avoid file comparison problems (tickets #1079, #1148)
   - Set base file/dir in Storage constructor, make final,
     in prep for arbitrary locations (ticket #1028)
   - Add missing nonce protection for file priority setting
   - Add torrent mime type

2014-08-10 zzz
Prop from i2p.i2p.zzz.test2:
 * Console: Show share options below 30% (ticket #1329)
 * Crypto: Move TransientSessionKeyManager from core to router.
   I2PAppContext will return the dummy SessionKeyManager which
   is sufficient for non-tag uses (e.g. Bote).
   Client use of end-to-end encryption using SessionTags was
   disabled in release 0.6, 2005-07-27.
 * KeysAndCert: Change hashcode to prevent possible collisions
   caused by apps with zeroed pubkey
 * Plugins: Start of SU3 support (ticket #1227)
 * SAM:
   - Don't spawn a thread for each transmitted datagram
   - Set protocol field for raw and signed datagrams
   - Enforce a 60s timeout for HELLO
   - Use naming service cache to reduce Destination object churn
   - Get Log object from the log manager
 * SigType: Add static isAvailable() methods
 * SSU: Speed up introductions by responding to HolePunch (ticket #1333)
 * SU3File:
   - Add support for XML and NEWS types
   - Fix NPE on EOF reading input
   - Add -x option to bypass signature verification
   - Add -k option to use specified private key cert for verification
   - Don't verify signature in showversion
 * UPnP: Disable external entities in XML parser

2014-08-10 zzz
 * Console: Hide client delete buttons unless advanced on /configclients

* 2014-08-09 0.9.14.1 released

2014-08-07 kytv
 * Updates to geoip.txt and geoipv6.dat.gz based on Maxmind GeoLite Country
   database from 2014-08-06.

2014-08-03 zzz
 * Console:
   - Fix update buttons
   - Don't filter parameter names starting with "nofilter_"
   - Re-allow configadvanced, news URL, and unsigned update URL if routerconsole.advanced=true
   - Re-allow plugin install if routerconsole.advanced=true or routerconsole.enablePluginInstall=true
   - Only allow whitelisted plugin signers, unless routerconsole.allowUntrustedPlugins=true
   - Re-allow clients.config changes if routerconsole.advanced=true or routerconsole.enableClientChange=true
   - More escaping
 * i2psnark: Fix add torrent form

2014-07-31 zzz
 * ExecNamingService: Remove
 * Plugins: Add whitelist of keys

* 2014-07-26 0.9.14 released

2014-07-26 zzz
 * Console:
   - Fix several XSS issues (thx Exodus Intelligence)
   - Add Content-Security-Policy and X-XSS-Protection headers
   - Disable changing news feed URL from UI
   - Disable plugin install from UI
   - Disable setting unsigned update URL from UI
   - Disable /configadvanced
 * DataHelper: Disallow \r in storeProps() (thx joernchen of Phenoelit)
 * ExecNamingService: Disable (thx joernchen of Phenoelit)
 * Startup: Add susimail.config to migrated files

2014-07-23 kytv
 * Updates to geoip.txt and geoipv6.dat.gz based on Maxmind GeoLite Country
   database from 2014-07-02.

2014-07-19 zzz
 * i2psnark: Don't prefer leeches during end game, to
   prevent slowdowns or stalls
 * SAM: Add support for RAW on the bridge socket in v3 (ticket #1334)
 * Streaming; Disable fail-fast for now.
 * SusiMail: Better error message on decode fail

2014-07-15 str4d
 * I2CP: Stubs for I2CP connections over Unix domain sockets

2014-07-11 zzz
 * Datagrams:
  - Redefine the repliable datagram signature for non-DSA_SHA1 sig types;
    was the sig of the SHA-256 of the payload, now the sig of the payload itself.

2014-07-03 zzz
 * Base64:
  - Catch numerous decoding errors that were previously misdecoded (ticket #1318)
  - Improve decoding efficiency, reduce copies
  - encode(String) now uses UTF-8 encoding
  - decode() now accepts short strings without trailing '='
  - whitespace in decode will now cause an error, was previously ignored
 * Console: Add event log viewer (ticket #1117)

2014-07-02 kytv
 * Update Java Service Wrapper to v3.5.25
    - Windows: x86 and x64 versions self-compiled with VS2010 in
      Windows 7. The icon has been changed from Tanuki's default to Itoopie.
    - Linux ARMv6: Compiled on a RaspberryPi using gcc 4.6.3-14+rpi1,
      Oracle Java 1.7.0+update40 and stripped
    - All other binaries are from the "community edition" deltapack offered by
      Tanuki.

2014-06-29 zzz
 * NetDB: Fix handling reseed URLs with ports (ticket #1278)

2014-06-28 zzz
 * NetDB: Add support for reseeding with su3 files (ticket #934)
 * SAM:
   - Support SIGNATURE_TYPE, bump to 3.1 (ticket #1318)
   - Private key checking fixes (ticket #1318)
   - Parameter parsing fixes (ticket #1325)
   - Cleanups

2014-06-24 zzz
 * Streaming; Drop the preliminary channel implementations,
   as they don't work and can't ever work as designed.

2014-06-23 zzz
 * Streaming:
   - Bundle new socket messages for translation
   - Fix connection error message
 * Tunnels: Reject participating tunnels when hidden (ticket #1314)

2014-06-21 zzz
 * i2psnark:
   - Display webapp name in html title (ticket #1311)
   - Use tracker from magnet link in display (ticket #1313)
   - Clarify auto-start (ticket #1293)
   - Include tracker in magnet link on details page (ticket #964)

2014-06-13 zzz
 * i2psnark: Fix NPE when fetching invalid torrent (ticket #1307)
 * Transports: Disallow Carrier Grade NAT (RFC 6598) addresses
 * Tunnels: Don't get stuck only building tunnels
   for an empty pool (ticket #1300)

2014-06-10 zzz
 * i2psnark: Fix decoding of negative numbers (ticket #1307)
 * NewsFetcher: Only treat correct status codes as success

2014-06-09 zzz
 * i2psnark:
   - Show client version if available
   - Linkify all announce URLs on details page
   - Sanitize announce URLs
 * Jetty 8.1.15.v20140411
 * Tomcat 6.0.41

2014-06-07 zzz
 * Console: Fix NPE in summary bar
 * Eepsite: Updated French help page (thx hummingbird)
 * i2psnark: Fix errors when checking read-only files
 * NetDB: Reduce negative lookup cache time
 * OCMOSJ:
   - Increase timeout if we must lookup leaseset
 * Streaming:
   - Shorter expire time in TCBCache
   - Don't fail a connection once it is up

2014-06-01 zzz
 * i2psnark:
   - Store seed/leech status in DHT tracker (ticket #1280)
   - Increase max received DHT nodes (Vuze sends more)

2014-05-31 zzz
Prop from i2p.i2p.zzz.test2:
 * Console: Fix shutdown error on old wrappers (ticket #1285)
 * CPUID:
   - Add hasAES()
   - Fix bugs in unused hasSSE3(), hasSSE41(), hasSSE42()
 * Crypto:
   - Use JVM AES when faster
   - Don't start YK thread in constructor (ticket #973)
 * HTTP client:
   - Fix 'connection reset' browser messages
     after an error in the first line (ticket #1277)
  - Add GUI options for user-agent, referer, accept
  - Disable SSL to i2p addresses by default, add GUI option
  - Fix NPE in error handler
 * I2CP: Per-message reliability settings (ticket #788):
   - Store message nonce in ClientMessage, so we may send
     a MessageStatusMessage with a failure code to the client
     without sending an ACCEPTED MessageStatusMessage first.
     All MessageStatusMessages sent in response to outbound messages will now have a valid nonce.
   - Clean up and reuse MessageState for asynch notification
   - New I2PSession sendMessage() method and listener
   - Move VerifyUsage from SimpleScheduler to SimpleTimer2 for efficiency
   - New I2PSessionException
   - Streaming PacketQueue requests status for SYNs on outbound conns
   - PacketQueue throws I2PSessionException in streams
 * i2psnark:
   - Support ports in announce URLs (ticket #1283)
   - Change "private" value in infohash from string to number,
     to match what everybody else does
   - Send seed/leech status in DHT announces (ticket #1280)
   - Extend DHT tracker expire time from 45m to 3h
   - Extend DHT announce interval from 10m to 40m
   - Increase announces from 1 peer to 4 (ticket #1281)
   - Respond to get_peers with an empty peers list instead of
     a nodes list if the requester was the only peer (ticket #1279)
   - Fix sendError() (still unused)
 * i2ptunnel:
   - Show key cert settings