20190517-01 (Server) Changes in rule list matching code. I've overdone it a bit with generalizations, and this appears to have caused thread crashes. 20190221-01 (Client) Backport from Android. Mostly new domains. 20190109-01 (Both) Fixed OpenVPN UDP mode in DNS tunnel mode. (Client) Updated built-in server data. 20181028-01 (Client) Backport from Android version. 20181013-01 (Server) Ensure that messenger uses IPv6 if IPv4 does not work (at least for TCP connections). 20180405-01 (Client) Fixed a bug that would break local authentication for both SOCKS and HTTP proxy port. For HTTP proxy port, the YF client incorrectly shut down the connection if no authentication was received in the first request; this is fixed. However, that wasn't the main issue. The main problem is a bug in the java standard library that we have reported to Oracle years ago, and it is still not fixed. We should have known! 20180315-01 (Server) Rolled back 20180312-01 after problems have been observed in the wild that had not shown in the lab. (Server) More debugging for VPN connections. 20180312-02 (Server) Fixed a problem in the control console introduced in 20180312-01. 20180312-01 (Server) Different queueing algorithm for timers, shown to be significantly better performing in tests. 20180309-02 (Server) Improvements to control panel. 20180309-01 (Server) DDoS protection. 20180307-01 (Both) DNS domain updates. (Server) Made some parameters configurable on-the-fly that need to be fine tuned for high-performance servers. 20180202-01 (Both) Backports from Android (performance improvements). (Server) Better protection against profile cheaters. 20180130-02 (Server) Fixed a bug in native Socks support. 20180130-01 (Both) Fixed a silly bug in MD5 code that could cause session start-up problems. (Both) Lots of refactorings and small improvements backported from Android client app. 20180121-01 (Both) Better, more memory friendly implementation of DNS encoding. 20180119-01 (Both) Speedtest stats added. 20180118-01 (Both) Added speedtest capability for Android. 20180113-01 (Both) New domains. (Client) Updated server list. 20180109-01 (Server) Do not kick duplicate users on same server with different service type. 20171228-02 (Client) Updated server list. (Client) Gracefully deal with work backlog in DNS mode. (Client) Try different domain if DNS server suddenly refuses to resolve ours. 20171222-01 (Server) Fixed missing acceptance of new domains. D'oh! 20171221-01 (Both) Allow for larger EDNS payload size. Make it configurable in the client app. I doubt that this will help a lot, but for the sake of customer satisfaction... :-) 20171220-01 (Client) Tweak added. (Client) Small bugfixes. (Client) Reduce maximum memory footprint. 20171214-01 (Client) Fixed DNS mode probing (introduced in 20171212-01). (Client) Sub-millisecond timing in DNS mode greatly improves performance. You may also use sub-millisecond values for min tx intvl. 20171212-01 (Both) Set an upper limit to concurrently running threads for timed and delayed tasks. 20171211-01 (Server) Fixed a problem that could lead to memory starvation with long-running, very busy VPN sessions. 20171208-01 (Server) Limit number of proxied streams according to profile. 20171207-01 (Server) Fixed bug that could lead to OOM-crashes. 20171121-01 (Client) Fixed OpenVPN detection on Windows. (Run as administrator!) (Client) Changes to DNS mode will hopefully help in places where intermediate servers incorrectly implement EDNS. 20171116-01 (Server) Added troubleshooting code. Refactoring. 20171108-01 (Client) Fixed potential crash in DNS connection mode when using low values for UDP srcport change interval or rate. (Client) Updated built-in server list. 20171107-01 (Server) Fixed minor bug in internal messageing only occurring on Debian Stretch. 20171103-01 (Client) Tweak additions. 20171025-01 (Server) Better defense against trojan account hijacking activity. 20171023-01 (Server) Workaround for a problem in PPTP (ensuring that idle sessions actually time out). 20171017-01 (Client) Updated server list. (CLient) Minor bug fixes. 20170921-01 (Server) More granular honeypot config for detecting botnet activity. 20170816-01 (Server) DNS mode: more consistent authority records. (Server) DNS mode: very minor optimizations. 20170809-01 (Client) Minor improvements, mostly changed some defaults. 20170717-01 (Client) Fixed stream transport related problems in DNS mode (it only affects desktop clients, not the Android app). 20170626-01 (Client) Added two tweaks. 20170522-01 (Server) Fixed possible exception in DNS code. 20170502-01 (Client) Fixed a bug in DNS mode that could lead to unnecessary retransmits. 20170420-01 (Client) Updated server list. 20170328-01 (Both) Finally made CNAME tunnelling work properly. 20170324-01 (Both) Improved DNS mode encodings for TXT, MX and CNAME. 20170314-01 (Both) More flexible server reachability testing in DNS mode. 20170302-01 (Client) Updated built-in server list. 20170301-01 (Both) DNS mode changes. 20170223-01 (Both) DNS mode changes. 20170222-01 (Server) Fixed some rare exceptions seen in the wild, all related to potential races. 20170217-01 (Both) Performance improvements in DNS mode (will only become effective once the new encoding is activated in the mainline client). 20170215-01 (Server) Fixed UDP mode, broken since 20161209-01. Sorry! 20170214-01 (Server) Fixed a bug in DNS code (does not affect the current mainline clients). (Client) Fixed a lot of small bugs in DNS code. 20170213-01 (Both) Fixed problems in DNS crypto code (could lead to connection not being set up). (Client) Performance improvements in DNS code. (Client) Fixed another resolver bug that could lead to direct connections not being used though they are possible (performance loss in some cases, slow connection set-up). 20170210-01 (Client) Fixed a problem in DNS resolver code that could lead to unnecessary connection set-up delays. 20170209-01 (Server) Worked on VPN code. 20170208-01 (Client) Updated language files for German and French. 20170206-01 (Server) Malware protection enhancements. 20161209-01 (Server) Changes that will be necessary to support the iOS app. 20161207-01 (Both) Additional query types for DNS mode. 20161121-01 (Client) Tweak changes. 20161118-01 (Client) New tweaks. 20161116-01 (Client) Fixed broken tweaks, particularly for AE and QA. 20161111-01 (Client) Tweak updates. 20161107-01 (Client) Tweak fixes. 20161006-01 (Client) Tweak updates. 20160908-01 (Server) Workaround & debugging for CPU hogging threads. 20160823-01 (Both) Added new DNS domain. (Client) Improved DNS search. 20160822-01 (Both) Added new ports for HTTPS mode. 20160812-01 (Client) Fixed --nogui 20160811-01 (Server) Fixed true SSL connection mode for Android. (Client) Updated buiult-in server list. 20160803-01 (Both) Use TLSv1.2 when faking SSL connection. 20160802-01 (Server) Bug fixes, particularly UDP mode. 20160725-01 (Server) Made details of certificate used with HTTPS/SSL mode configurable. 20160629-01 (Server) Regression fix (problem introduced in 20160419-01, breaking high-bandwidth streams). 20160615-01 (Client) Added tweak. 20160510-01 (Client) Added local authentication for web and socks proxy ports (desktop only). This will let you block out unwanted users that can reach your PC. (Client) Updated server list. 20160419-01 (Server) Changes relevant only for future iOS client app compatibility. (Client) UDP mode fixes. 20160412-01 (Client) Tweak updates. 20160404-02 (Server) Better thread control in DNS mode. (Client) Auto-activate tweaks in some mobile networks (Android only). 20160404-01 (Server) Debugging changes. (Client) Tweak updates (C�te d'Ivoire). 20160210-01 (Both) Updated keying material. Needed in preparation of iOS development. 20160203-01 (Client) Fixed message about exceeded usage time. Fixed several more bugs that could cause crashes in race conditions. (Server) Properly enforce usage time restrictions in all cases. 20160131-03 (Server) Fixed a bug in DNS code introduced in 20160118-01 and not properly fixed in 20160128-01. 20160131-02 (Server) Increased the UDP output queue. 20160131-01 (Server) Slight modification in the way UDP replies are sent. More CPU efficient queueing. 20160129-01 (Server) Improvement for UDP based protocols. 20160128-01 (Server) Added debugging in DNS mode. Fixed another problem recently introduced in DNS mode that slowed down people significantly, to the point where intermediate DNS servers would give up. 20160127-01 (Server) Reversed a change made in 20160118-01 20160121-01 (Both) Auto-detect DNS servers that are non-case-preserving and automatically enable case-insensitive encoding. Server needs to report this, the client will never know whether the query was mangled on its way to the server because everything gets reverted on the way back. 20160120-02 (Both) Implemented protocol modification for DNS to allow tunnelling through non-case-preserving DNS servers. 20160120-01 (Server) Workaround for problems arising from Oman's use of 0x20 DNS forgery protection. This breaks connections from there, but they don't work anyway right now. A proper solution is on its way. 20160119-01 (Server) Rewritten user database query code, should fix authentication issues. 20160118-01 (Server) Changes in DNS code, hopefully improving issues in Oman. 20160111-01 (Server) Found a deadlock in session management. 20160110-02 (Server) Lots of refactoring. Probably fixed some bugs too. (Server) Reduced the impact of out-of-sync crypto in DNS mode. 20160110-01 (Server) Made UDP connection mode less prone to overusage. 20160109-01 (Server) Refactoring and minor optimizations in UDP mode. 20151223-01 (Client) Fixed crash that occurred when version 20151210-01 was run on a system that never had YF run on before. Sorry! 20151210-01 (Client) Added display scaling to accommodate these fancy new high-resolution-but-small-size displays (yup -- yours truly got one of these and couldn't believe how it looked). If you have one of these, next time you run the client a scaling factor will be selected for you. If you don't like it, change it in the config (General Settings). 20151116-01 (Server) Minor fixes. 20151111-01 (Client) Finally releasing new GET connection mode to the public. It might work where POST doesn't quite but almost. :-) Performance-wise it should be about the same as POST but the timing control is better (eventually POST will get it too). (Client) Added missing translations (german, mostly). 20151108-01 (Server) Fixed some bounds checks. 20151102-01 (Both) Complete re-write of timer code, addressing rare but occuring threading problems that resulted in short session hangs. 20151007-01 (Server) Added system monitoring capabilities. 20150924-01 (Client) Updated tweaks. 20150922-03 (Server) DNS mode fixes for problems on busy servers. 20150922-02 (Server) Fixed voucher processing. Sorry! 20150922-01 (Server) Fixed UDP based protocols on servers with multiple IPs. (Client) Performance improvements for UDP connections. 20150902-01 (Client) Fixed bug in full-installer version introduced in 20150823-01. Sorry! 20150823-01 (Client) New tweaks for Oman. 20150812-01 (Client) Tweak updates. 20150810-03 (Client) Tweak updates. 20150810-02 (Client) Tweak updates. 20150810-01 (Client) Tweak updates. 20150722-01 (Server) Better malware activity detection. 20150721-01 (Server) Removed unnecessary debugging that was only confusing. (Client) Updated built-in server list. 20150711-01 (Server) Debug connection issues with HTTP on some servers. 20150622-01 (Server) Fixed a bug in DNS resolution that could cause high CPU usage. 20150619-01 (Client) Stability fixes back-ported from Android app. (Server) Profile specific usage reporting. 20150611-01 (Client) Updated server list. 20150608-01 (Client) Updated name resolver. (Server) Fixed statistics problems. 20150602-01 (Client) Updated built-in server list. 20150522-02 (Server) More debugging on messenger connection set-up. 20150522-01 (Server) Worked on message connection behavior. 20150520-02 (Server) Keep inter-server message queue trim even on network problems. 20150520-01 (Server) Fixed some minor problems. 20150513-01 (Client) Updated built-in server list. (Client) Added Russia as known country for servers. 20150507-01 (Client) Fixed a crash in server connections through SOCKS proxies. 20150429-01 (Server) Added filtering capabilities. 20150427-01 (Client) Updated server list. 20150319-01 (Client) Updated server list. 20150309-02 (Server) Same for UDP mode (see below). 20150309-01 (Server) Trying workaround for DNS mode problem on high-volume servers. (Client) Minor bug fixes. 20150219-01 (Client) Updated server list. 20150105-01 (Client) Server search fixes. 20141231-01 (Server) Debugging. (Client) Updated server list. 20141224-01 (Client) Server list updates. (Server) Fixed problem in Android VPN debugging. 20141222-01 (Server) Another reporting fix. 20141220-01 (Server) Fixed a reporting issue (debugging). 20141205-01 (Client) Fixed a recursion problem in DNS resolver. 20140903-01 (Client) Added a tweak. 20140722-01 (Server) Changes in session shutdown will hopefully fix login problems (no profile received). 20140716-01 (Client) Tweak changes (MTN Nigeria, DNS mode). 20140707-01 (Both) DNS mode improvements that may be able to tunnel clever name servers that block based on record type. Feature gets automatically enabled if tunneling does not work otherwise. 20140701-01 (Server) Control panel additions. 20140620-01 (Client) Maintain a backup copy of the config file in case the main config file becomes corrupted. Load backup config file if config appears incomplete. 20140606-01 (Client) Fixed potential crash in UDP mode. (Client) Small improvements in DNS mode. 20140528-01 (Client) Reschedule initial handshakes for lossy protocols only, and only after session initialization not session creation. 20140523-02 (Both) Fixed bug in bandwidth throttling affecting mobile users -- or rather not affecting them. :-) 20140523-01 (Server) Fix bug introduced in 20140522-01, mobile clients were not properly recognized. 20140522-01 (Server) Allow simultaneous logins from different session types. This makes it possible to use one desktop client, one Android app client, and one native VPN at the same time with the same account. One each. 20140507-01 (Client) New tweak for Nigeria Glo. 20140505-01 (Client) Fixed bug in DNS mode introduced in 20140430-01. Sorry! 20140430-01 (Both) More DNS mode improvements. 20140428-01 (Both) Worked on DNS/ECHO mode hangs. (Both) Added profile retransmission for lossy connection modes, helps with connections that would just not set up properly. 20140421-01 (Both) Fixes for Java 8. 20140409-01 (Both) Refactoring and removal of inactive code. 20140404-02 (Client) Fixed a crash in UDP mode (seen on Android only but same code in desktop version). 20140324-01 (Client) Added a tweak for Arab Emirates Etisalat. 20140321-01 (Client) Fixed bug in conditional text processing (i.e. some things are supposed to only show up on phones, others only on desktop). 20140310-01 (Server) Added country override feature. 20140304-01 (Limited Release) (Client) Made ftp suffixes configurable. 20140303-01 (Server) Debugging only. 20140228-01 (Server) Added fair-queueing for Android VPN clients. 20140225-01 (Client) Fixed a bug in UDP mode that would cause endless source port changes if you click on "restart". If that actually made your connection work better, configure "UDP srcport change rate" instead (try for example 10 or 5, but you may go down to 1 if you have to, and this will imitate the buggy behavior). 20140130-01 (Client) More DNS mode debugging. 20140129-01 (Client) DNS mode improvements. 20140128-01 (Client) Changes in search thread scheduling. Should help with hanging searches. 20130115-01 (Server) Fixed a bug in UDP port relaying. Made it more flexible too. (Server) Refactorings. 20130114-01 (Server) Workarounds for amplification attacks. (Server) Refactorings. 20131223-01 (Client) Tweak changes. 20131218-01 (Both) Fixed payload size bugs in DNS mode, sometimes leading to hanging connections with EDNS ignorant name servers sitting in-between. 20131201-01 (Client) Stability fixes. 20131125-01 (Client) Show profile name and expiry in status display. (Client) Fixed reconnecting for tweaks that use a specific source port. 20131113-01 (Client) Made HTTP header lines configurable through GUI. 20131028-01 (Client) Tweak changes (Nigeria MTN). (Client) Added debugging in host resolution code. (Client) Fixed problem in UDP connection code where connections would not stop when button was pressed. 20131023-01 (Both) Detect failures in bytestream protocols more quickly. 20131010-01 (Client) Tweak changes (Nigeria Etisalat). (Client) Built-in server list updated. 20131003-01 (Both) Added detection code and workaround for a CPU hogging problem observed in the wild. 20130930-01 (Client) Changed DNS mode behavior for servers that do not always mirror EDNS0 OPT additional records. This is expected to improve performance for those who receive "DNS server does not support EDNS0, this will reduce performance" messages after a while. 20130926-01 (Client) New tweak for Nigeria Etisalat. 20130924-01 (Server) Cleanups and refactorings. 20130918-01 (Both) Fixed problem in streams code that could lead to files not downloading entirely over slow tunnel connections. (Client) Properly shut down tunnel connection while installing an update to avoid OpenVPN problems when running the new installation for the first time. 20130829-01 (Both) Cleanups in streams register code. (Client) Properly display some notification types in scroll bar. 20130826-01 (Client) Fixed some minor issues in server search. 20130820-01 (Server) Support for new MobileFreedom profile (only available on mobile -- Android -- devices). (Client) Updated built-in server list. 20130813-01 (Server) Workaround for a problem with failing VPN sessions with Android devices on some servers. 20130812-01 (Client) Added new server search mechanism. (Client) Many new tweaks for Nigeria and Zambia. 20130804-01 (Client) Fixed broken build (20130731-01). (Client) Fixed server port forwarding. 20130722-04 (Server) Don't kick immediately, schedule a kickout instead (a few seconds). 20130722-03 (Server) If "unregistered", don't warn, just kick out when usage time is up. 20130722-01, -02 (Server) Properly unassign internal IP in Android VPN on session stop. (Server) Allow user stop message to arrive before shutting down the connection. 20130715-01 (Client) Back-ports from Android. (Client) Fixed German translations. 20130708-01 (Client) Tweak changes (Nigeria Etisalat) (Client) Back-port of a fix made in the Android version (DNS mode). 20130704-01 (Server) Properly shut down UDP mode OpenVPN forwarders that are stale when session is shut down. 20130620-01 (Client) Added missing Spanish translations. 20130619-02 (Client) Small fixes and a tweak change. 20130618-01 (Client) Performance improvements in DNS mode. (Server) Fixed domain recognition for multiple domains (DNS mode). 20130617-01 (Client) Updated tweaks for Mobinil 20130610-01 (Client) Workaround for malformed SOCKS5 requests from buggy programs. 20130608-01 (Both) Fixed small bugs that could lead to malfunctions in rare situations. 20130607-01 (Client) Started adding new functionality. The profile panel now has a new button that lets you request "try before you buy" upgrades. No need to go through the web page anymore. (Only works with personal accounts.) 20130606-01 (Client) Only offer OpenVPN if running with sufficient privileges and if OpenVPN is found to be installed. (Both do not apply for OSX.) (Client) Fixed a crash when parsing server notifications observed on Android but in code shared by the desktop version. (Client) Added new command line option "--multi" to allow more than one instance to run simultaneously (but you should use it in combination with multiple config files, "--configfile=xxx"). 20130604-01 (Server) Fixed a bug in control console. 20130603-01 (Server) Explicitly notify users of old client versions that their version is not compatible with OpenVPN if it is older than 20130528-02, instead of trying. (Client) Fixed OpenVPN config incompatibility between server and client. OpenVPN can be incredibly stupid at times it seems... 20130531-01 (Client) Made "openvpn_route_method" work properly. (Windows only) 20130530-02 (Client) Added hidden config options "openvpn_route_method" and "openvpn_ip_method" (Windows only). Clarified that delay added in 20130530-01 is in fact a "tap-sleep" not a "route-delay". 20130530-01 (Client) Made delay between OpenVPN setting up the TAP interface and installing routes configurable (Windows only). 20130528-02 (Client) New OpenVPN mode certificates. Fixes OpenVPN mode. (Client) Fixed a small bug in ECHO mode. (Client) Fixed silly bug in HTTPS mode introduced in 20130528-01. 20130528-01 (Client) Fixed reconnection in HTTPS mode. (Server) Remove stale OpenVPN filters when session dies. 20130527-01 (Server) Preparations for allowing FreeFreedom use without registration on the website. (Client) Minor fixes. 20130524-01 (Both) Concurrency issues in FTP connection mode fixed. 20130513-02 (Client) Fixed potential null pointer exception in HTTPS mode. 20130513-01 (Client) Fixed regression in HTTPS mode that would break it for many users. Sorry... :-( (Client) Fixed bug in HTTP/HTTPS/POST/CGI modes that would cause connections to fail on second attempt with different address. (Client) Fast-skip IPv6 addresses in FTP mode, they don't work (not implemented yet). (Client) On Linux, use hidden file name .ems.cfg instead of ems.cfg and automatically convert existing config. (Client) Fixed many small bugs in config window that would cause crashes (effectively breaking the "save&exit" button). 20130507-01 (Server) Fixed user database response delays. (Client) Removed unnecessary reauth cycles from HTTPS session reconnects. 20130506-03 (Both) Performance fixes to timer code. 20130506-02 (Both) Cleaned up timer code. (Client) Increase dynamically calculated minimum keepalive time in HTTPS protocol. 20130506-01 (Server) Worked around a concurrency problem in HTTPS mode reconnects. (Client) Updated built-in server lists. (Client) HTTPS mode had stability problems for some users. This should be fixed. 20130504-01 (Both) Ensure DNS cache expiry when using legacy resolver interface. (Server) Work-around for a problem that really should not occur with new-style VPNs (Android). 20130503-01 (Both) Migrated everything that used old-style resolver code to new resolver. You should not notice the difference... but maybe some things work better now. Everything is now aligned again with Android development. 20130426-01 (Client) Try basic authentication if proxy authentication is set to "any or none" and a proxy domain is configured. Switch to NTLM if it doesn't work. Previous behavior was to avoid Basic authentication if a proxy domain is configured. If you need this behavior, please configure "prefer NTLM". (Client) If, for whatever reason, OpenVPN dies, restart it unless there is no chance that it will work. (Client) Detect if OpenVPN has died uncleanly and has left stray routes; delete them if yes. It may help with restarting the connection. (Client) More OpenVPN stability fixes. 20130418-01 (Both) Stability fixes in ECHO mode. This will improve DNS mode too. If you are using one of these mode, update now! 20130417-01 (Both) Performance improvements in ECHO mode. (Client) Made maximum ECHO payload size configurable (if you want to avoid probing for it; maximum useful value is 1464). 20130416-01 (Client) Added hidden config option "openvpn_tmp". See http://www.your-freedom.net/252/ (Client) Backports from Android client version, should not have noticeable effects. 20130402-02 (Server) Changed load calculation algorithm to exclude nice load. 20130402-01 (Server) Added capability to refuse DNS queries not belonging to tunnel traffic instead of forwarding them to a DNS server or just ignoring them. 20130315-01 (Server) Fixed Android style VPN in HTTP/POST/CGI connection mode. (Client) Fixed initial POST size in HTTP mode -- a real performance killer. 20130310-01 (Server) Small fixes. 20130225-01 (Client) Refactorings. (Client) Fixed default reconnection delay. 20130218-01 (Server) Properly report number of VPN enabled sessions (Android). (Client) Removed a restriction that is likely no longer necessary to protect against spam. 20130207-01 (Client) Fixed a concurrency problem present in all connection modes but primarily in DNS mode. (Client) Added workaround for known issue in Sun's JNDI (review id: 1854941) that makes YF crash if you run in a Unix'ish environment and your system has an IPv6 nameserver configured -- without square brackets, i.e. as required by Linux. The wonderful engineers at Sun forgot to add the brackets when using the IP internally in an URL, and the even better engineers at Oracle ignore the bug report since August 2010. 20130205-01 (Server) More Android integration. Server is ready to roll now. 20130201-01 (Server) ECHO mode now finally really works on all server IPs. :-) (Server) Removed unnecessary debugging. 20130130-02 (Both) Troubleshooting another byteblock codec problem. 20130130-01 (Both) Potential race condition in byteblock codec used with UDP, DNS and ECHO transport. (Server) Fixed bug in echo mode, now works on all server IPs. 20130129-01 (Server) Worked on new-style VPN code. 20130128-01 (Client) Fixed null pointer exception in ports panel dialog. (Server) Added new-style VPN code. 20130125-01 (Client) Fixed missing start menu links. Sorry! (Client) Reorganized tweaks (you should not notice a difference). 20130115-01 (Server) Fixed potential dangling session record in openvpn mapping. 20130111-01 (Client) Fixed missing locales -- sorry! (regression in 20130109-01, only JET compiled version) (Client) Fixed display of non-system default fonts (needed for some localizations like Myanmar). You need to install one of these fonts on your system to see it properly: Zawgyi-One, Padauk, UniBurma, MyaZedi, Myanmar3, Parabaik, WinInwa, Academy, M-Myanmar1 (just google for the font name and "ttf"). (Client) Fixed some more locale related problems (danish, arabic). 20130110-01 (Client) Fixed message formatting. Many translated strings were mutilated if they contained single quotes. This should now all be fixed. (Client) Some messages were mutilated in the scrolling notification frame. Fixed. (Client) UDP connection problems were not properly shown. Fixed. 20130109-01 (Client) Added button to profile panel -- facilitates visiting the web page for account upgrades. The button will open your web browser and log you in automatically if possible. 20121221-01 (Client) Fixed a (still existing) problem in the french locale. 20121218-01 (Client) Fixed a problem in bandwidth graphing. (Client) Fixed some locales (arabic and others). 20121213-01 (Both) On WebProxy ports, properly process OPTIONS and TRACE. Only few applications use it, notably SVN. (Client) Some new options in config window were not properly saved and validated. (Client) Fixed many messages in several languages that would not show variables properly. 20121210-01 (Client) Fixed build, proper versioning. 20121207-01 (Client) Fixed bug in french translation that bothered FreeFreedom users by not displaying them the "turing test" number properly. 20121204-01 (Client) Only enable restart button for connection modes that have persistent TCP connections. Others "reconnect" all the time anyway. (Client) Removed unnecessary debugging in CGI mode. 20121203-01 (Client) Fixed CGI relay search. Please note that this is not the final solution -- it may not find any CGI relays in your place yet. 20121130-01 (Client) Fixed a problem in ECHO mode -- also faster connection set-up for most people. (Both) Fixed CGI mode (regressions *sigh*). (Both) Improvements in HTTP/POST mode. 20121129-01 (Client) New tweak for Nigeria Etisalat. (Client) New config option for DNS mode. 20121127-01 (Both) Fixed rarely occurring counter bug in streams registry. 20121126-01 (Client) Ensure DNS resolution results are permanent, even if system DNS servers are unavailable during reconnect attempts. 20121124-01 (Server) Fixed a potential null pointer exception that could occur during session shutdown. (Server) Fixed country stats. 20121121-01 (Client) New config handling code. (Client) Fixed connection initialization problems in UDP mode. (Server) Worked on data structures around OpenVPN sessions. 20121120-01 (Client) Fixed a goof in context menu; disabled items were still selectable. 20121119-01 (Server) Fixed config persistency bug. 20121117-04 (Server) Seen instability. 20121117-03 (Server) Set up SSL wrapped connections more quickly. (Regression) 20121117-02 (Server) Undocumented change in inter-peer communication. 20121117-01 (Server) Fixed a non-fatal bug in inter-peer communication I have been searching for ages. (Server) Undocumented changes to internal server peer communication. (Server) Re-wrote parts of the SSL client connection wrapper. 20121112-02 (Both) Worked on byteblock codec, fixed some potential concurrency problems. 20121112-01 (Server) Lots of refactoring and some re-writing. 20121111-01 (Both) Re-write of streams register code. 20121110-01 (Both) Complete re-write of all thread running and scheduling code. 20121109-01 (Server) I think I have fixed the problem, my extensive tests don't show it anymore. Back to new timer code (it has 30% less rescheduling overhead at the cost of a slightly higher memory footprint). 20121108-02 (Server) Seen a problem in new timer code, back to the old code for now. 20121108-01 (Server) More code restructuring. 20121106-01 (Both) Code restructuring. 20121029-01 (Client) Lots of small fixes to exceptions we have observed in the wild. 20121025-01 (Server) Removed old-style authentication only used by *very* old clients. If you cannot authenticate anymore, update! 20121024-01 (Client) Fixed null pointer exception in server search. (Client) Do not exclude Google's DNS servers from OpenVPN tunnel even if they were already configured in the system. (Client) Fixed bug in web connection code that would throw null pointer exceptions instead of reporting problems properly. (Server) Tell user about server not being available to him, and why. Leave time before kickout so vouchers can be sent. 20121023-01 (Client) Better startup in ECHO mode. (Client) Added some ECHO mode tuning parameters to configuration GUI. (Client) Verify whether we have admin privileges before even offering ECHO mode. (Client) Lots and lots of refactoring. (Server) When replying to client probes, set don't fragment bit. 20121022-01 (Client) Added 64bit version of the native code DLL. Only relevant if you are using the "small installer version" on a 64bit system with a 64bit version of Java installed; in this case you've now got the full set of capabilities. (Client) Tweak changes (Nigeria). 20121019-01 (Client) Do not offer ECHO mode if supporting libraries are not available on this architecture or this installation. (Server) Fix connection statistics for ECHO mode. (Server) Use proper source IP address when replying to ECHO requests. 20121017-04 (Server) Removed radius debugging. (Server) Terminate misguided BT connections earlier, don't pass on between different connection models. (Server) Small fix in ECHO connection mode. 20121017-03 (Both) Small change in the way ACKs are scheduled for stream data. This should avoid unnecessary ACK bursts (they are harmless but unnecessarily waste bandwidth). (Client) Fix silly bug that disables the connect button if the port number is 0 in ECHO mode. ECHO mode does not use ports so the number does not matter. 20121017-02 (Server) Fixed small bug in server probing. 20121017-01 (Client) First public release to contain new ECHO connection mode (using ICMP ECHO aka ping). You must run the client with administrator privileges to use this mode. (Client) Properly end ECHO connection attempt when server is not responding to probes. (Server) Bounds checking in ECHO code. 20121006-01 (Server) More debugging. (Server) Quickly fail misguided BitTorrent connections (some people seem to be configuring YF server ports for inbound connections as their external BT port, and this causes unnecessary load for very active torrents). 20121005-01 (Server) Added debugging to server-side SOCKS code. 20120928-01 (Server) Match by servergroup in profiles. 20120927-01 (Both) Fixed buffer scaling bug in streams code. This should improve performance with some protocols. (Client) Cleaned up DNS config parameter processing. Properly use values from tweaks if present and nothing is configured manually. (Client) Fixed problem in updater. 20120926-03 (Client) Fixed layout problem in connection wizard. 20120926-02 (Client) Fixed bugs in the "app wizard". 20120926-01 (Both) Fixed a bug that greatly reduced performance in congestion situations and for protocols that do not have underlying flow control (UDP, DNS). (Client) Small fixes of bugs we learned about through automatic client thread crash feedback. (Client) Tweak change for ZA 8ta. (Both) Fixed a big fat bug in the DNS resolver. (Client) Mark servers that are not available for FreeFreedom users in server list. (Client) Allow reordering of columns and resorting of the table rows in search result. Enjoy! 20120912-01 (Server) Added debugging code to chase a difficult-to-reproduce problem in name resolution. 20120911-01 (Client) Fixed Tunnelblick on Mac OSX. (Server) Better error messages on failing streams. 20120910-01 (Server) Use our own resolver instead of Java InetAddress resolver in one place -- we have seen hangs though the Java guys don't believe us. (Server) Changes in backoff code, not sure if there was a problem in it or not but I have seen streams being unduly delayed. The new implementation is much cleaner. (Client) There are still issues with the new proxy port implementation. For now, let's go back to the old implementation until they are resolved. 20120904-01 (Client) New proxy port implementation. Old implementation still available should problems occur (see Ports panel). 20120831-01 (Client) Fixed updater for "small installer" version (NSI). 20120830-01 (Client) Removed "ping" mode from menu, it should not be there yet as it is not functional. 20120829-01 (Client) Fixed startup bug introduced in 20120828-01. 20120828-01 (Client) Made OpenVPN mode much more reliable. (Client) Fixed bug in message panel that could cause wrong order of logged messages. 20120827-01 (Server) Fixed speed test that seems to have been broken for quite a while. 20120825-01 (Server) Fixed OpenVPN mode in TCP mode, broken in 20120820-01. 20120822-01 (Client) Tweak change. 20120821-02 (Client) Made server search nicer. (Client) Detect if update installation fails and offer advice instead of failing silently. (Client) Added a tweak for Indonesia Telkomsel. (Client) Applications panel refactoring. 20120821-01 (Client) Modified server search rules to include some new ports. (Client) Updated built-in server list. (Both) Added new-style UDP probe, able to learn more about servers. 20120820-02 (Client) Updated Nigeria Multilinks tweak and some others. 20120820-01 (Client) New connection data for mobile networks in Nigeria. (Client) Updater: don't download same file twice. (Client) Advise to run as administrator if update failes. (Client) Use user configured port values in "application wizard" instead of hard-coded 1080/8080. (Client) Added cut/copy/paste context menu to all text fields. (Client) Display other end's IP/port instead of client's IP/port in streams panel -- helpful for relayers. (Client) Lots of refactoring. 20120723-01 (Client) Refactorings. (Client) New tweak for Zambia Airtel. 20120713-01 (Server) Fixed PPTP. Sorry! 20120712-02 (Server) Changed DNS mode inbound query processing principle. So far, everything was done in four worker threads, shared by all DNS mode sessions. Now, the workers fill an input queue per session and four worker threads per session take it from there. A hanging session can therefore no longer starve a worker. Furthermore, a single session worker would sometimes hang too (in frame reception) but four work reliably. It's a wild world... need to find the problem... (Client) Properly determine connection state and act on it in DNS mode. 20120712-01 (Both) Worked on DNS connection reliability. 20120711-01 (Client) Added update function to make it easier for you to maintain a current installation. 20120709-01 (Client) Fixed bug in CLID detection. (Client) Small refactorings. (Server) Fixed bug in VPN (PPTP) code that would apply wrong profile rules and not care about country of origin. 20120706-04 (Both) Fixed potential threading issues in DNS mode. 20120706-03 (Both) Small fix in DNS codec, presumably fixing a spurious problem in encryption. This should improve reliability of DNS mode connections. (Both) Fixed potential queue starvation problem in DNS mode. 20120706-02 (Both) Work on DNS codec. 20120706-01 (Server) Fixed server port binding. (Client) Cleaned up profile code. (Client) Added a new tweak for Egypt Mobinil. 20120704-02 (Client) Properly terminate socks port streams that require socks auth (we do not support it). (Server) Fixed protocol bug that caused semantically wrong socks reply message (reporting destination IP and port instead of bind IP and port). 20120704-01 (Client) Fixed breaking connections, bug introduced in 20120621-01 and present in 20120702-01, triggered by server messages that inform the user about an outdated version. (Client) Fixed outdated version message (the version number 0.9 is obsolete, we currently only use build numbers). 20120702-01 (Client) Fixed bug in server search (DNS mode). This caused the YF client to not find any usable servers if DNS search was enabled, and it is enabled by default. This was broken in version 20120521-01. (Both) Lots of code refactoring. 20120621-01 (Both) Lots of code refactoring. (Client) Minor changes to UDP connection mode (faster initial connection set-up, longer initial timeout). (Client) Fixed russian locale. 20120612-01 (Both, mainly server) Code cleanups. 20120611-01 (Client) Minor changes to notification bar. (Server) Kick out FreeFreedom users using very old client versions. Spare paying customers but remind them to update their installation. 20120606-01 (Client) Added notification scrollbar instead of most of the pop-ups. (Both) Lots of refactoring. 20120601-02 (Both) Back to old timer code until I have resolved some remaining issues. 20120601-01 (Both) Re-implemented timers -- simpler and probably better performing design. 20120531-01 (Server) Fixed fatal signedness bug in socks server code. (Server) Fixed another fatal bug in internal inter-server communication. (Server) Fixed VPN mode auto-disconnect. (Both) Lots of refactoring around log file handling. 20120525-01 (Client) Two new tweaks (Nigeria Cobra & Swift). 20120521-01 (Client) DNS mode: major improvements if you have more than one name server configured. 20120515-01 (Both) DNS mode: fill datagrams sent from server to client to the maximum. (Yes, this is a change in the client too, but old versions are still compatible.) 20120514-01 (Client) Be less aggressive when retransmitting DNS queries that have not been answered. Interval is now configurable too. (Both) Use different query types in DNS mode, some name servers seemingly do not support all of them. 20120511-01 (Client) Suppress insane nameservers found in the system config. 20120510-01 (Client) Probe configured nameservers in DNS mode, eliminate those that don't work properly. 20120509-01 (Client) Added config option in DNS mode to force indirect connection. (Client) Fixed DNS mode for indirect connection scenarios. Sorry! 20120507-01 (Client) DNS connection code: if we know about more than one DNS server, use them in a round-robin fashion. You can also configure more than one DNS server, separate them with commas. 20120503-02 (Client) Small DNS related fixes and improvements. (Client) Source port changing (both DNS and UDP) now actually works... (Client) DNS tx adaption factor is now actually configurable... 20120503-01 (Server) Fixed geolocation bug with new clients and CGI relay servers. (Client) Repeat unanswered DNS queries after a while without waiting for higher layers to send data again. (Client) Fixed silly rate adaption bug introduced in 20120502-01. (Server) Fixed missing NS reply in DNS connection code. Some DNS servers are super-cautious... (Server) Fixed DNS mode for some particularly tense nameservers -- e.g. Google. 20120502-01 (Client) Connect faster in DNS mode in cases where direct communication between client and server is not possible. (Client) Collect query statistics in DNS mode and report them in log file. (Client) Slow down in DNS mode if there are too many outstanding queries. (Client) If "avoid dns" is ticked and a DNS server must be used, don't rapid-fire in CGI mode but provide a useful error message. Same in DNS mode, don't fail silently but report the problem. 20120426-01 (Server) Fixed endless loop in stream code. 20120425-02 (Client) Fixed streams panel flicker. Finally! 20120425-01 (Both) Small changes in DNS probing. (Both) Refactoring. 20120420-01 (Client) Tweak changes (Egypt Mobinil). (Both) Small changes in stream code that should not have any significant effect. (Server) Refactoring. 20120417-02 (Both) More tuning in DNS mode. (Client) Validate and save DNS tuning parameters in server configuration panel. 20120417-01 (Both) DNS tuning. Now very fast! (Client) Let user set a particular nameserver to tunnel through by appending it to the YF server name with a separating semicolon. 20120416-02 (Server) Buffer size tuning in DNS mode. 20120416-01 (Server) Fixed bug in DNS mode that could cause hanging sessions. 20120413-01, 20120414-01 (Client) DNS mode changes. 20120412-01 (Both) Handle EDNS0 payload size correctly. 20120411-02, -03 (Server) Make DNS mode work with picky name servers like Google. Not good yet, this makes the connection slow. (Client) Make DNS parameters configurable. 20120411-01 (Both, but mainly server) Improve reliability over lossy connection protocols. (Client) More debugging in probing code so we learn why some networks won't let us probe properly. 20120410-01 (Server) Changed implementation of throttling in DNS mode. (Both) Added DNS probing. (Client) Dump rubbish we receive so we can analyze it. 20120405-03 (Server) Added downlink throttling in DNS mode. Also decoupled reception paths of different sessions so one cannot slow down the other. (Client) Small improvements in timing (DNS code). 20120405-02 (Both) Fixed statistical display for new DNS mode. 20120405-01 (Both) DNS connection code now ready for first tests in the wild. 20120404-01 (Both) Added DNS commection model. It works in a test environment but is not yet ready for the general public. Please don't ask. (Client) Added workaround for a name resolution problem some people see. 20120328-01 (Client) Do not run application panel on Windows x64 -- because it will crash. Most people will never notice because they use either the compiled version or a x86 version of Java... (Client) When canceling server search, show connection options found so far. It was always meant to work this way but somehow this feature became a roadkill... 20120320-01 (Server) Fixed disconnection bug (much too fast) introduced in 20120320-01. 20120319-01 (Client) Detect if PC was in standby mode, and break session. (Server) Properly auto-disconnect FreeFreedom users using PPTP. 20120316-01 (Server) Properly implemented SOCKS5 UDP for non-YF-client, direct SOCKS5 connections. 20120312-01 (Both) Fixed bug in IPv6 address parser. 20120305-01 (Both) Fixed bug in HTTP codec that made it impossible to send and receive operator messages. 20120229-02 (Server) On generic SOCKS ports, pass through to other connection models if not SOCKS5 protocol. 20120229-01 (Server) Implemented SOCKS5 as an alternative connection protocol. 20120222-01 (Server) Faster reply to RADIUS accounting requests ensures that MTU fixup script is called sooner (PPTP). (Client) Fixed crash in GUI if no config yet. (Client) Translation additions (HU). (Client) Added Digest proxy authentication. 20120131-03 (Server) Fixed bug in PPTP introduced in -02 20120131-02 (Server) Fixed another bug in session management for VPNs. 20120131-01 (Client) Tweak updates (Nigeria Glo). (Server) More changes in session management. 20120130-01, -02 (Server) More changes in session management. 20120127-02 (Server) Properly show VPN sessions in overview panel. 20120127-01 (Server) Fixed bug in session management for VPN. 20120123-01 (Server) Added kicking of VPN users to control panel. 20120122-01 (Server) Small changes in PPTP code. 20120120-03 (Server) Kick duplicate logins also with PPTP, ensure usage time gets properly recorded for FreeFreedom. 20120120-02 (Server) Fixed bug introduced in 20120120-01 -- sorry! 20120120-01 (Server) Even more work on PPTP support. Almost there! 20120119-01 (Server) More work on PPTP support. 20120118-01 (Server) Added PPTP support. Still testing, not for the general public yet! 20120112-01 (Client) Tweak change (Nigeria Glo). 20111229-01 (Server) Preparations for more connection modes. (Server) Hacks to make SSL connections look more like real web servers. 20111213-03 (Client) Oops, forget about -02, it is entirely broken and won't even start. Sorry... 20111213-02 (Server) Fixed a bug that would cause some sessions to not properly connect using HTTPS protocol on HTTP ports. (Client) Nigeria Etisalat works again, in POST mode. 20111213-01 (Server) Faster kick-out of misguided BitTorrent connections on our http ports. (Client) Tweak change (Nigeria MTN). 20111212-01 (Client) Tweak change (Nigeria Etisalat HTTP/POST) 20111206-01 (Client) On SSL connections, dump peer certificate to dump.log. Log when SSL handshake is successful. This helps us see how far a connection proceeds. 20111202-01 (Server) Queueing changes in POST mode, should help with downlink stream freezes. 20111201-02, 20111201-03 (Both) Oops, one of the changes made things slower for many... 20111201-01 (Both) Queueing changes that are mostly (but not only) relevant to POST mode. Should improve throughput and reduce overhead over relatively slow links. 20111130-01 (Client) More debugging in UDP server search. 20111129-01 (Client) Tweak changes Nigeria MTN. HTTPS only. 20111128-01 (Client) Worked around a problem in server search that probably breaks it for some people. 20111124-02 (Client) Fixed bandwidth display in POST mode. 20111124-01 (Client) Made all POST mode config parameters configurable through front-end. (now better duck and cover...) (Server) Properly police bandwidth on downlink path in POST mode. 20111123-01 (Client) In POST mode, honor the config setting for HTTP/1.0 or 1.1. Made this user configurable as well. (Server) Properly report connection type with fake responders. 20111122-02 (Server) Even better faking of SSH. :-) Let's see if we can fool the Chinese Wall. 20111122-01 (Server) Better fake of services on some ports. (Client) New China tweaks. Not sure if they work but worth a try. 20111121-01 (Client) Tweak changes Nigeria MTN. (Client) Small change in SSL code may help with problems seen on Ubuntu. 20111118-01 (Both) Small changes in POST code. 20111117-01 (Both) Improvements in POST connection code, should make things more fluent. 20111115-01 (Client) New tweak for Nigeria Etisalat -- use HTTP or POST. (Tweak courtesy of "casts") 20111111-01 (Client) Fixed a bug in web connection code that would cause try rules to fail if previous rules have failed in a particular way. 20111110-02 (Client) More Burmese translations. (Client) Made some UDP parametes configurable through front end. 20111110-01 (Both) More work on making POST work for MTN. 20111109-01 (Both) Small changes in HTTP protocol, may be relevant for MTN. 20111108-01 (Client) Tweak changes, fixed null pointer exception that caused some tweaks to never be tried. 20111107-01 (Client) Not all known tweaks tried; this fix should help many... 20111105-01 (Client) New MTN tweak, use http. 20111104-01 (Server) Fixed potential null pointer exception in resolver code. 20111027-02, 20111029-01, 20111103-01 (Client) Tweak change (Nigeria Etisalat). 20111027-01 (Client) Allow tunnel protocol restriction (IPv4/IPv6 or both). This might not yet be perfect... 20111025-01 (Client) Added new and nifty stuff to UDP connection code (ability to frequently change the source port). Used in the Nigeria Etisalat tweaks. 20111024-01 (Server) Small tweak change for Nigeria MTN. 20111021-01 (Server) Colorize values outside thresholds in server overview display of the server console -- easier to notice! (Server) Lists servers that are currently believed to be down so I don't have to search for them... 20111020-01 (Server) Fixed bug in new DNS resolution code. 20111018-02 (Server) Debugging of incoming connections. 20111018-01 (Server) Java DNS bug bites again in another place. *sigh* 20111015-02 (Server) DNS cache expiry was not properly called (memory leak). 20111015-01 (Server) Added my own DNS lookup code because the code used in java.net.InetAddress is *BROKEN* -- it causes deadlocks. Oracle says the bug is long fixed, but it is not. And I believe I know what is wrong. *sigh* 20111014-01 (Server) Re-send server details when connection is re-established and authentication has not been completed yet. Chances are high that these details have been lost. 20111009-03 (Server) Increased thread pool size. 20111009-02 (Server) Increase thread priority on inbound connections once we are sure that they are legitimate. 20111009-01 (Server) New thread model for inbound connections. This saves a lot of resources when under attack and gives better response times to honest users. 20111008-02 (Both) Small change in send queue processing, saves a lot of CPU especially on servers but also on clients. 20111008-01 (Both) Change in thread locking. 20111007-01 (Both) Small change in send queue processing of streams. Might solve a deadlock. 20111006-03 (Server) Removed potential deadlock in frame queue code. 20111006-02 (Server) More debugging on hanging threads. 20111006-01 (Server) Oh dear, 1.7 is even worse. Going back to 1.6_27 for now. (Server) More debugging on hanging threads. 20111005-01 (Server) Adjust thread priority on profile change. (Server) I know that there is a deadlock in DNS resolution with Java 1.6.0_27. It is not a bug in my code. Trying to run servers on 1.7 instead. If that does not help I will have to find a workaround. 20110928-01 (Server) Worked on what is seemingly a deadlock. 20110927-01 (Client) Remove whitespace around voucher codes and labels. (Client) Small tweak changes (Nigeria MTN). 20110922-01 (Server) I think I found another possible deadly embrace that could happen on very busy servers. Fixed. 20110921-01 (Client) Tweak changes (Nigeria MTN -- removed stuff that doesn't work anyway; Egypt Mobinil; Nigeria Multilinks). 20110920-02 (Client) More tweak changes and a tweak addition (ZA cell.c) 20110920-01 (Client) Tweak changes (MTN Nigeria, Etisalat Nigeria). 20110919-01 (Client) Tweak changes (MTN Nigeria, Etisalat Nigeria). 20110918-01 (Client) Don't start OpenVPN process if port binding failed. (Client) Tweak changes (MTN Benin, MTN Nigeria). 20110917-01 (Server) Experimenting with (hopefully) less deadlock-prone way of tearing hanging sessions down. 20110914-01 (Server) Fixed OpenVPN connection blocking issue. 20110913-02 (Server) Added a self-defence mechanism against resource starvation attacks. 20110913-01 (Server) Debug incoming http connection thread. I've seen hanging threads. 20110912-01 (Server) Worked on a bug in streams register code that may be responsible for deadlocks. 20110909-03 (Client) Fixed Bing search (redirection). (Client) Another small tweak change in Nigeria MTN. 20110909-02 (Client) Tweak change (Nigeria MTN) 20110909-01 (Client) Added search limiters (num tried/num found) to speed up search in environments where there is no strict IP filtering. (Client) Tweak changes (Egypt Mobinil) (Client) Tweak changes (Nigeria Multilinks) 20110907-02 (Server) Block OpenVPN connections if they cannot be attributed to a session. 20110907-01 (Server) Fixed bug in streams management that could cause server to stall. 20110822-03 (Client) Another tweak change. 20110822-02 (Client) More tweak changes. 20110822-01 (Client) Worked on HTTPS with Nigeria MTN. 20110820-02 (Client) Fixed a problem in HTTP/POST code to better rule out non-working tweaks. 20110820-01 (Client) Tweak changes (Nigeria MTN). 20110819-02 (Client) Fixed bug in HTTP/POST connection code. 20110819-01 (Client) Updated built-in server list. (Client) Experimental tweak for Mobinil (Egypt) (Client) More tweak changes (Nigeria MTN). 20110815-01 (Server) Fix problem with openvpn mapping on new kernels. (Client) Updated built-in server list. (Client) Fixed problem with lost connections in OpenVPN mode on Unix/Linux platforms. 20110809-01 (Server) Looks like I messed parts of the server detector look-up code a while ago -- fixed. 20110802-01 (Client) Refactoring only. 20110801-01 (Client) Tweak changes: Nigeria Etisalat (Both) Security improvement in re-keying. 20110729-01 (Server) Changed an internal interface in preparation for a larger change, should have no external effect. 20110722-01 (Server) Added a timeouter to put-through code. 20110707-01 (Server) Small modifications in thread management for HTTPS style connections. This will hopefully reduce the number of stale threads. 20110706-01 (Server) Refactoring. (Server) Changed thread pool size. 20110704-01 (Server) Additional debugging. (Server) Added some defense mechanisms. (Client) Tweak changes. 20110630-01 (Both) Removed debugging introduced in 20110627-01, it is no longer needed since it is obvious that the changes are fine. *phew!* 20110627-01 (Server) Undo change in 20110624-01, has proved to be contra-productive. (Both) More debugging on thread pooling, there is still something going on there. (Both) Restructured synchronization in thread pool. 20110624-01 (Server) Do not re-challenge an existing FTP session upon new connection. 20110621-01 (Both) Another thread pooling fix. 20110615-01 (Both) Fixed a problem in thread pool management. 20110608-02 (Server) Make payload compression the default, now that it works properly. 20110608-01 (Server) Added payload compression to internal messaging protocol to improve scalability until the new messaging protocol is implemented. 20110603-01 (Server) Fixed problematic exception handling that could kill the server. 20110601-01 (Client) Tweak for ZA Telkom (8ta). (Client) Small change in Nigeria Multilinks tweak. 20110527-01 (Client) Tweak changes. 20110521-01 (Both) Slight modification in timing code. 20110520-01 (Server) Some HTTPS session debugging added. 20110512-01 (Client) Added tweak for Egypt Etisalat (http). (Client) Fixed OpenVPN mode for some (false error detection). 20110510-01 (Both) Implemented new authentication method and made it default. Modified key generation for encryption to make it *much* more secure, especially for those with weak passwords. (Server) Still accept old authentication method but warn if used in combination with a weak password. (The warning is not activated at the moment though.) (Server) Fixed FTP mode (broken since client version 20110405-01). Yes, client version. 20110506-01 (Client) Automatically adjust window size to small screens. (Client) Make openvpn mode work on Maemo. 20110502-02 (Server) Changed a socket option. 20110502-01 (Client) Fixed bug in wizard that would cause initial language to not be stored in config. (Client) Missing translation added (German). (Server) Cosmetic changes in messenger code. 20110427-02 (Server) Small bug introduced in 20110427-01 defeated the backoff mechanism, fixed. 20110427-01 (Server) Changes in backoff code. Should solve problems with hanging new connections. 20110424-01 (Server) Reduced timer pool sizes. 20110411-01 (Client) Tweak ZA-MTN 20110408-01 (Server) Small change in the way retransmissions are queued. This might help with queue starvation in situations where one stream hogs the output queue. 20110405-02 (Server) Help admins see which sessions use what kind of encryption, if any. This is purely so we can understand the potential impact of stronger encryption on our servers. (Server) Removed silly debugging message. 20110405-01 (Both) Added AES encryption and made it default for all client versions from now on. 20110324-01 (Server) Changes in timeouter pool parameters. (Server) Fixed bug in web server emulation that could cause high CPU load. 20110323-01 (Server) Fixed null pointer exception (that doesn't do any harm though because it's catched and displayed only, and the fix is to just return if the reference is null). 20110322-01 (Client) New tweak for Vodacom South Africa. You need to be a subscriber of Vodacom Color though. See country information page. 20110317-01 (Server) Fixed potential null pointer exception. 20110316-01 (Server) Undocumented changes in protocol detection code. 20110301-01 (Server) Undocumented changes in filter code. 20110223-01 (Client) Fixed silly bug that caused UDP port to not properly show up in debug messages. (Client) Nigeria Etisalat tweaks. (Both) Removed obsolete frame pooling code -- it never worked properly. If we need it again, we'll have to implement it in another way. (Client) Fixed keepalive setting -- this was broken since quite a while ago. 20110214-01 (Server) Stop some keylogger from calling home. We need to protect our customers from this! 20110203-02 (Client) Tweak for Philippines Smart (untested). 20110203-01 (Client) Tweak changes for Nigeria Glo. (Server) Preparations for new hack that might work with Smart on the Philippines. (Server) Fixed bug in server detection for Nigeria Multilinks tweak. 20110201-01 (Client) Try some additional UDP ports when searching for servers. They seem random but users believe they make a difference in Iran. (Client) Fixed a deadlock in voucher code adding/updating. 20110128-02 (Client) Capitalization problem in a config option fixed. 20110128-01 (Client) Clarified the "authentication not valid for your country" message. Many translations still need to be updated. *TODO* (Client) Make SSL protocol version configurable. Since 20101006-01 this was forced to be TLSv1, it can now also be "any", "SSLv3" or "SSLv2" (the default before 20101006-01). (Server) Small change in config file parsing. 20110124-01 (Server) Fixed bug in parsing a config file. (Client) Updated croatian translation. (Client) Added tweak file for Cameroon MTN -- no idea whether anything in there works or not but we give it a try. 20110107-02 (Server) Fixed a bug in config saving introduced in 20101230-02 that only manifested itself today. 20110107-01 (Server) Fixed false positive detection for some weird DNS records in abuse testing. 20110104-03 (Both) Fixed potential thread lock-up in frame queue (introduced in 20110104-01). Nothing serious, just unnecessary. 20110104-02 (Both) Safe-catch: wake all waiting threads if there is suddenly plenty of queue space, not just one. It *should* not make a difference but you never know. (Client) Change in client installation detection. 20110104-01 (Server) Added some thread debugging. (Both) Changed stream thread timing to reduce load on server. (Both) Made frame queueing more resource friendly. 20101230-02 (Server) Modifications in messenger protocol. Also fixed bug in message verification (this makes this server code version incompatible with previous versions). 20101230-01 (Server) Some debugging around periodic processes. 20101218-01 (Client) Fixed broken web connection modes (broken in 20101216-01). 20101216-01 (Client) Fixed UDP connection mode. Sorry! (Client) New MTN Ghana tweaks. (Client) Better web connection debugging. 20101215-01 (Client) Tweak changes for Nigeria Airtel. 20101210-01 (Client) Fixed many more duplicate clid problems. 20101208-01 (Client) Let Airtel tweak use HTTP mode instead of POST, it seems to work and is faster. (Client) Fixed silly message in HTTP mode that just annoys people. 20101207-01 (Server) Added another condition to profile parsing. 20101206-01 (Client) New tweak for Airtel Nigeria. (Client) Small changes to MTN and Multi-Links Nigeria tweaks. (Both) Longer OpenVPN negotiation timeouts. (Server) Refactoring. (Server) Fixed some small threading problems and added some debugging around others. 20101205-01 (Server) Fixed silly monitor problem that could lock up threads -- and did. 20101203-01 (Server) Fixed a loophole that allowed fresh user accounts to use up to one hour of FreeFreedom even though the client installation is already over time budget. Thanks to the honest person who reported it! 20101126-02 (Client) Tweak change (Multilinks in Nigeria). Set udp port to 53 when tweak gets enabled. (Client) Fixed automatic adaption of some server connection settings when you select a different tweak set. 20101126-01 (Client) Fixed font display problems for some languages. (Server) Fixed bug in spam detection. 20101125-01 (Both) Made _Stream object more thread-safe. Also small performance improvements in many places. (Client) Added workaround for some seemingly faulty copies of OpenVPN 2.1.4 that don't support the "comp-lzo" option. 20101123-02 (Client) Tweak change for MTN Ghana. 20101123-01 (Client) Tweak changes (Multilinks NG and MTN ZA). (Server) Modified frame sending scheduling in FTP connection mode. 20101122-01 (Client) Tweak changes (MTN ZA). (Client) Lots of refactoring. (Client) Finally found a fix for the jumping streams table problem. Yeah! Swing sucks... 20101120-01 (Server) Don't synchronize around read and close (20101119-02), it causes hangs too, just in a different place. Instead, don't close but interrupt the reading thread after setting a flag that will break the loop and make it exit. 20101119-03 (Server) Fixed potential endless loop in FTP code. (Server) Many small performance improvements. 20101119-02 (Server) Hopefully worked around a Java bug (#6492872) that despite all claims from Sun is *not* fixed. This can cause a deadlock on an SSL socket if it is read and closed at the same time. (Server) Fixed a potential endless loop in UDP code. 20101119-01 (Server) Still more timer debugging in control console. 20101118-01 (Server) More timer debugging. Small change around how timers are fired -- seems to help with single-core processors but not multi-core! 20101115-01 (Client) Changed location and name of config file on Windows to "ems.cfg" and "%HOMEPATH%/AppData/Local/Your Freedom". 20101109-03 (Client) Fixed tweaks for Ghana. Not sure whether they work now but at least they are no longer syntactically wrong. 20101109-02 (Server) Added some debugging in _Stream teardown code. (Client) Added a tweak for MTN in Zambia (https) -- I don't know yet whether it is any good or not, you tell me! (Client) Catch an exception that really just means that the proxy is refusing the connection, and report it properly. 20101109-01 (Client) Fixed null pointer exception that could only occur on non-Windows machines. (Client) Send correct boundary marks. (Client) Fixed HTTP mode, it was entirely broken... sorry! (Server) Properly deal with boundary marks, no matter if it's an old (buggy, pre-20101109-01) client or not. 20101108-02 (Server) Even better runq debugging. 20101108-01 (Client) Hopefully fixed Benin tweaks. Also fixed stupid bug in tweaks processing that could cause problems in many tweak sets. (Server) Stream runq debugging. Fixed a bug in backoff code. 20101105-01 (Server) Removed useless debugging message. 20101104-02 (Server) Small modification that may fix the problem worked around in 20101104-01. 20101104-01 (Server) Modified some anti-DDoS stuff to make it less strict -- it was getting in the way! (Client) New Benin MTN settings. 20101103-01 (Server) Removed some unnecessary debugging messages. 20101102-01 (Client) Removed pre-configured OpenVPN exclude for a network that has now been assigned by the IANA. (Server) Expiry of putthrough sessions. 20101028-02 (Client) Display inline destination information in streams panel if we know it. 20101028-01 (Server) Minimal changes in PutThrough code that might fix the memory exhaustion problem we've seen. (Client) Report proper protocol name when tweaked to SSL. (Client) Fixed problem in server search for tweak profiles that need to use cloaked IPs. 20101010-02 (Client) Added debugging around IPv6 detection. (Client) More small tweak additions (Nigeria MTN) 20101010-01 (Client) Make Nigeria MTN use SSL in HTTPS mode. Also small change to the way we use HTTPS mode in this tweak. 20101008-01 (Client) Another change to Nigeria MTN tweak. (Client) Fix port forward from port 25. 20101007-01 (Server) Fixed "reply as a proxy" bug in https mode. (Client) New tweak in Nigeria MTN tries https mode. 20101006-01 (Client) Use TLSv1 instead of SSLv2. 20100930-01 (Client) Removed (wrong) debugging message telling that uplink and downlink bandwidth are being sent when they haven't even changed. Not a functional change, just cosmetics. (Client) Fixed typo in config parameter name for new POST mode. Now actually recognized. :-) 20100929-02 (Client) (Hopefully) Fixed CGI mode as well -- should work with MTN in Nigeria. :-) (Server) Tell old clients about it when they use CGI. 20100929-01 (Server) Finally found the bug in POST code. (Client) Made POST parameters configurable. Changed a default value. Changed the way connections are timed. 20100928-02 (Client) Avoid unnecessary line noise with some connection models (especially the ones that re-open connections frequently). 20100928-01 (Both) Worked on performance of POST code. Also fixed stupid bug that could influence performance in other connection modes. (Both) Fixed issues in encryption in POST code (races). Now rock-solid. 20100927-03 (Client) Made some things configurable in POST mode. 20100927-02 (Client) Fixed silly bug in POST mode. Sorry! Now works. :-) 20100927-01 (Client) More debugging in POST method. (Server) Tuning POST mode. 20100924-02 (Client) Hey, found another bug that unnecessarily slowed down things in HTTP based protocols. :-) 20100924-01 (Both) New connection model "post" finally to replace "cgi". This is not proven code but we need to test in the field now. If you use it, you are on your own! Scanning for this model will be added later. 20100921-01 (Server) Should not have any effect. 20100920-01 (Client) Fixed null pointer exception in server search code. This might explain why some (many?) could no longer find servers... (Client) Fixed possible null pointer exception in FTP code. 20100917-02 (Client) New Zambia MTN tweak, don't know if it works. 20100917-01 (Server) Overcome string length limitation in the way servers announce their existence to each other. (Server) Added feature to messenger for weakly connected servers. (Client) Nigeria MTN tweak changes. 20100915-01 (Client) Nigeria MTN tuning. 20100913-01 (Server) Fixed bugs in honeypot code. Workarounds added in 20100906-01 should no longer be needed but it doesn't hurt to let them in. Cleaned up honeypot code as well, removed old code that was inactive for a long time (old implementations). (Client) Ghana MTN tweaks change. (Client) Some OpenVPN modifications (simpler routing). 20100909-01 (Server) Shut down duplicate login session in a separate thread. (Client) Only signal to the frontend a likely connection state change if it is actually likely... 20100908-01 (Client) Always use CGI instead of HTTP when using Nigeria MTN tweaks (by default). 20100906-01 (Server) Bugfix in honeypot code. 20100902-01 (Server) Fixed another bug in detector code that caused trouble for some users. 20100826-02 (Server) Fixed "wpad" honeypot detection problem. 20100826-01 (Both) Working on better HTTP/1.1 conformance to solve problems with some caches. (Client) Completely cleaned up and rewrote MTN tweaks. 20100825-02 (Client) Testing something else in tweaks. 20100825-01 (Client) Worked on tweaking. 20100823-01 (Server) Further work on whitespace-in-passwords problem. (Client) Change to Nigeria MTN tweak. Don't know if it helps. (Client) Changed heap size in Excelsior version. 20100820-01 (Server) Fix problems with whitespace in passwords. 20100819-01 (Server) Ensure that users are not only kicked out quickly when their client installation is banned but that they also receive the notification about it. 20100818-02 (Client) Trying new MTN Nigeria tweak. 20100818-01 (Server) Make these macros look up recursively. Makes config files even simpler. :-) (Server) Better client banning. Now immediate. (Client) Fixed improperly displayed ban message. 20100817-01 (Client) Debugging changes. (Server) Added macros to one of the config files to facilitate config. 20100811-05 (Server) Added contingent_mode to config. 20100811-04 (Server) Another DNS folly fixed that could lead to false positives. 20100811-03 (Server) Previous fix was ineffective. Sorry folks... I don't know why these false positives suddenly appear when there have never been some before and I'm on holiday on a remote islany with only weak Internet access. But I'm doing my best. This fix is now tested and it works. 20100811-02 (Server) More work on false positives. 20100811-01 (Server) Fixed silly bug in cross-protocol handling (https on http port). 20100810-01 (Server) Quick fix for the "localhost" honeypot hit problem. 20100730-01 (Client) Some changes that will hopefully help Nigerians find servers and get connected again. 20100729-02 (Client) When searching for UDP connection options, try to determine which port is fastest if more than one works. 20100729-01 (Client) Return cookie if the proxy sends one. (Client) Added tweak for Jazz network in Pakistan. 20100728-01 (Client) Another change to Philippines_Globe tweak. 20100723-01 (Client) Another change to Philippines_Globe tweak. 20100722-01 (Server) Allow FQDNs in honeypot file that resolve to more than one IP address, and match them all. Also, if user requests access to an FQDN that resolves to more than one IP, check all these IPs against the honeypot file and LART him if only one matches. (Client) Small tweaks change that might make all the difference to people on the Philippines. 20100720-02 (Server) Better detection of "https" style communication on "http" style port. (Client) Slight change to Philippines_Globe tweak. 20100720-01 (Client) Added tweak for Philippines. Not sure if it works. (Server) Recognize tweaked pseudo-proxy CONNECT messages on "http" port and redirect to "https" port. 20100719-02 (Server) So sorry... another bug fixed. 20100719-01 (Server) Fixed bug introduced in 20100716-01 for IPv6. 20100716-01 (Client) Changed Nigeria tweaks a bit to make connection set-up faster. (Server) New honeypots code. Keen to see it in action! Now scales much better, is IPv6 aware, can do ranges and CIDR, ... 20100711-01 (Client) If unable to bind to RC port, start and don't exit. Also, listen on non-standard loopback address to avoid conflicts. 20100709-01 (Client) Made RC port configurable. (This port is used for communication between multiple instances of the YF client.) Changed default from 63171 to 62799 after user report that values above 62800 cause problems on some PCs. If you need to use a different value, add "rcport xxx" to your .ems.cfg file. 20100707-01 (Client) Fixed broken detection of a failed route installation on Windows in OpenVPN mode. 20100705-02 (Client) Fixed broken server search for non-proxy configs. 20100705-01 (Client) Try to catch problems early in the startup phase and report them. (Client) Fixed Microsoft IIS ESMTP detection. (Server) Fixed user record parsing for strange passwords. 20100702-01 (Client) Fixed threading problem in U2 code and some null pointer issues. (Client) Changed FTP mode to prefer commonly permitted file name suffixes and only use randomly generated ones when running out of them. Also, retry with up to 10 different ones if one is refused. (Client) (JET) Removed version number from build identifier -- not ideal but better than having dozens of left-over installation records in the installed programs list. 20100630-01 (Server) Fixed null pointer problem in UDP probing code. 20100629-01 (Client) Modified built-in server list. 20100624-02 (Client) ... and now it actually works. This is so embarassing... 20100624-01 (Client) Actually enable usage of tweaks when going through the entire setup wizard. Duh! 20100623-01 (Client) Caught null pointer exception in tweaks code. 20100621-01 (Client) translation updates (HU). 20100618-01 (Client) Fixed HTTPS server search for tweaks. (Client) Fixed interruption of server search. 20100616-01 (Client) Changes in WebConnection code. Slight changes in Nigeria-MTN tweaks. 20100615-01 (Client) New MTN Nigeria setting in tweaks. 20100611-01 (Client) Only record working connection method for HTTP if both uplink and downlink are believed to be functional. (Client) Try another hint given by the MTN community. 20100609-01 (Both) Fixed some things in HTTP code -- might make tweaks work that didn't work well so far. 20100531-01 (Client) Fixed bug for systems without system tray. (Client) Restored compatibility with older OpenVPN versions. 20100528-02 (Client) Added new config file option "socks5_ignore_ccc". 20100528-01 (Client) Worked on tweaking code to get proxy auth right. (Server) Fixed bug in profile parsing. 20100521-01 (Client) Fixed bug introduced in 20100520-01 that only occurred on non-Windows systems. (Client) New MTN tweak that reportedly works. 20100520-01 (Client) Ensure only one instance is running. (Client) Allow hiding of systray icon, pop up already running app's window when re-started. 20100519-02 (Client) Experimenting with another tweak. 20100519-01 (Client) Changes to MTN and Etisalat tweaks. (Client) Exclude Teredo anycast address if IPv6 is being used. (Server) Fixed another null pointer exception in HTTP code. 20100518-01 (Client) Fixed greyed out start button and wizard on every run problem. (Client) Don't nag with turing test if user has sent a voucher. 20100517-01 (Client) Fixed bug that caused FTP mode to fail with some server replies. (Server) Fixed potential null pointer excpetion. (Server) Fixed a bug in abuse reporting code that could lead to dying sessions and overutilized resources on the server. (Server) Fixed a bug in FTP connection code that could lead to hanging sessions on the server and a waste of resources. 20100512-01 (Client) New attempt with Multilinks... 20100504-02 (Server) And another bug in mail filter code... 20100504-01 (Server) Fixed a bug in mail filter code. 20100503-03 (Client) Allow intermediate whitespace in passwords. 20100503-02 (Client) Fixed null pointer exception some people seem to be seeing. 20100503-01 (Client) Fixed bug introduced in 20100330-01 that makes MTN Nogeria tweaks fail. Duh! 20100430-01 (Client) Worked on Indosat Indonesia tweaks. You need to reconfigure the tweaks as the name has changed. (Client) Don't run app wizard if running on Windows in 64bit data model. It won't work. 20100421-01 (Server) Just a code cleanup that helped me in resolving a problem between O/S and JVM. 20100420-01 (Client) Better warning if OpenVPN is too old. (Server) Notify users of versions 20100402-01 to 20100406-01 that their installation is not secure (seems to make more of an impression that just telling that it's broken beyond repair...) 20100416-01 (Server) Change in self-defense mechanisms (making it less radical). 20100415-02 (Server) Changed frequency of one of the monitoring threads. 20100415-01 (Server) Fixed null pointer exception in one of the monitoring threads. (Client) Trying to fix a problem I could not reproduce, related to buttons that appear as shaded when they should not. 20100409-01 (Client) Worked on Ghana MTN tweaks. 20100408-02 (Server) Change of cosmetic relevance in control panel. (Server) Tell people right away if they are over usage time and kick them out later (give them the chance to send a voucher code). 20100408-01 (Server) Hopefully fixed problem with non-working connections through YF for people in places where time limitations do not apply. 20100407-01 (Server) Small change in session tracking. (Turns out that it triggered a bug that caused trouble to people in censoring countries. Sorry! Fixed in 20100408-01) 20100406-02 (Client) Fixed another silly bug introduced in 20100402-01. If OpenVPN did no longer start for you because you were using version 2.1_rc20 or 2.1_rc21, this is why. 20100406-01 (Server) Kick out faster when over time budget. (Both) Fixed bug in library function introduced in 20100402-01 and made worse in 20100405-01. Sorry! (Client) Workaround to repair damage to config file produced by version 20100405-01. 20100405-01 (Client) Fixed bug in whitespace terminated string parsing. It manifested itself in the tweaks list but could have been present in many places. Duh! (Both) Slight change in timer scheduling. (Server) If over daily/weekly usage time, block all data connections, only allow vouchers to be sent. 20100402-01 (Client) Allow more routes in OpenVPN, require that a release version of OpenVPN is installed. (Client) Slight tweak changes. (Client) Fixed bug in config parsing that made OpenVPN mode fail to exclude single IPs. 20100330-01 (Client) Never exclude OpenDNS name servers from OpenVPN routing (at least not automatically). People seemingly use them as an alternative to ours. (Client) Fixed Tunnelblick support on Mac OS. (Client) Added South Africa MTN tweaks. No idea whether it works or not... 20100329-01 (Client) Try HTTPS on port 22 for MTN. 20100327-01 (Client) HTTPS might work with MTN again using the new tweaks. 20100326-02 (Server) Don't kick people out when accessing a projecthoneypot server. Just record it. 20100326-01 (Client) Fixed null pointer exception that could occur on some PCs in the authentication phase. (Server) Reduce number of false PH detections. 20100325-01 (Server) Set upper limit for honeypot cache entries. 20100324-01 (Server) Fixed a profile issue. 20100323-01 (Client) Trying something with Multilinks. 20100317-02 (Server) Added whitelist to exclude unwanted stuff in ProjectHoneypot. 20100317-01 (Server) Added ProjectHoneypot interface. 20100316-01 (Client) Small message processing change. (Server) Changes in MessagePort class. 20100315-02 (Server) Debugging of an issue I've seen. 20100315-01 (Server) Report profile statistics. 20100311-01 (Server) Better GeoIPFixup code. (Client) Worked on Multilinks stuff. 20100310-02 (Server) New style CGI mode. (Client) Forgot to enable tweaks in CGI mode... duh... 20100310-01 (Server) Send more complete HTTP reply header. (Client) New style CGI mode. 20100309-01 (Client) Made Client send HTTP header in one chunk. (Server) Made one of the self-defense mechanisms less aggressive. It's the one responsible for no-one from MTN been able to connect this afternoon. 20100308-02 (Server) Now I know why it doesn't hit as many people as it should... and it surely does now, so spammers beware! 20100308-01 (Client) Don't do websearch/bingsearch when tweaks are enabled, waste of time... (Client) Fixed stupid bug in hints feeding. (Client) Fixed server searching for MTN. I think. :-) (Server) Still troubleshooting a self-defense mechanism. 20100305-04 (Client) It would if there wasn't a fundamental problem the HTTP connector has with the way MTN now works... I'll try a workaround. The connector needs to be rewritten, but not tonight. 20100305-03 (Client) Alright, this should work now with MTN... 20100305-02 (Server) Debugging. (Client) MTN modification. 20100305-01 (Client) Added Multilinks tweak. (Server) Fixed bug in honeypot processing. (Server) Allow for disabling of remote authentication (for test purposes in the lab.) 20100304-01 (Client) Some MTN fine tuning. (Server) Fixed serious bug... duh... 20100303-01 (Client) New MTN tweak. :-) (Server) Disable self-defence mechanisms for admins. 20100301-01 (Client) Automatically adjust keepalive values in tweaks. (Server) More anti-spam stuff. 20100226-01 (Client) Fixed a bug that was only triggered for very few people... (Server) Added possibility to clear lists in profiles. 20100223-01 (Client) Always append :443 on proxy CONNECT requests, some proxies seemingly can't do without. (Client) Interpret 503 service unavailable as "this representation of an IP address is not understood or accepted here". 20100222-01 (Client) Troubleshooting a reported bug, no need to update your installation unless we told you to, 20100217-02 (Server) Debug self-defense mechanism. 20100217-01 (Client) Log when tweak set is in use. (Client) Small changes to MTN Nigeria tweaks. (Server) Allow wildcards in honeypot definitions. 20100212-01 (Client) More tweaks for more networks. (Server) Fixed bug in GeoIP lookup code for IPv6 Teredo addresses. 20100210-01 (Server) Added more anti-spam self-defense mechanisms. (Client) Played a bit more with tweaks, might work... 20100208-01 (Client) Added variable for proxy mangling. (Server) On HTTPS connections, ignore proxy CONNECT header if present. 20100206-01 (Client) Updates to tweaks for MTN, ZAIN, XL 20100205-03 (Client) Worked more on tweaks. Next try! 20100205-02 (Client) Hmmm... interesting method. :-) Added a new way to get connected from MTN Nigeria. 20100205-01 (Client) Fixed bug in tweaks that made all tweaks use fail... 20100204-01 (Client) New feature: country "tweaks". Please try, we cannot tell if they work but you can! 20100203-01 (Server) Tell client about server groups. (Server) Troubleshoot a UDP problem. 20100201-01 (Server) Fixed bug in stream reporting. 20100129-01 (Server) Catch people who access distributed spamming scripts. Report to database right away. 20100128-01 (Server) Added a self-defense mechanism that is HIGHLY needed. (Client) Worked on tweaking code to only apply it when the input values look correct. This will allow our users to try stuff like before. 20100114-00 (beta) (Client) Bugfix in tweaking code. 20100113-00 (beta) (Client) Added "tweaks". Some people will love it. :-) 20101011-01 (Server) Make bind address of messenger port configurable. (Both) Better debugging around anti-SPAM measures. 20100105-01 (Server) Stupid bug in server profile parsing permitted "sesawe" logins on some servers that have deny records for other countries. *GNAGNAGNA* 20091228-01 (Server) Kick out banned clients after authentication, not during authentication. We want proper database records. 20091217-01 (Client) Fix a clid collission with Bluetooth PAN. (Server) More anti-spam stuff. 20091216-01 (Client) Fixed server search on Windows. PHEW! 20091215-01 (Client) Excelsior JET 7.0 release (better performance) (Server) More anti-spam stuff. 20091214-01 (Client) Minor corrections and null pointer checks that should never match. (Client) Better "barfing" -- include O/S type and JVM version. This will help a lot with debugging. 20091203-01 (Client) Search improvements for IPv6. (Client) Implemented exception catching and reporting to help us find bugs that never appear during testing. (Client) Detect if there are no TAP interfaces available for OpenVPN and it exits prematurely. (Server) Receive reported exceptions. This is all anonymous, no personal data is reported, just that a software crash has happened, where it has happened, and what the client version is. (Server) Do not send recommendations so often. Also do some things less often in the session periodic timer. I hope it relieves a bit of load from the old P4s. 20091202-01 (Client) Fixed parsing of stored server data that could cause the server search wizard to fail on corrupted data or data containing incomplete search results. 20091201-02 (Client) Silly bug broke UDP server search, fixed. 20091201-01 (Client) Added translations for country name SWEDEN in most languages. (Client) Cache wizard search results, don't run search again unless "again" button is pressed. 20091126-01 (Client) Fixed OpenVPN issues with Windows 7 when using the "small installer" version. 20091123-01 (Client) Found that the Java Windows library comtains a bug that reports wrong subnet masks on dual-stack machines where IPv4 AND IPv6 is spoken natively on the same interface. There is no suitable workaround. Resorted to ancient "ipconfig" method of figuring out directly connected networks (which might fail on some Windows localisations *sigh*). 20091118-02 (Server) Print no error if there is no ban list file. (Server) Expire banned clids after as little as 15 minutes. 20091118-01 (Client) Fixed silly OpenVPN problem that caused OpenVPN to fail for many users (especially on XP), introduced in 20091110-01 (Client) More anti-SPAM measures. (Server) Expire banned clids after 1 hour not 24 hours (and immediately if no longer in local copy of ban database). (Server) Make reporting interval 3 seconds instead of 30 seconds. 20091110-01 (Client) Detect some OpenVPN messages and mark the set-up as failed if they appear. (Client) Properly exclude interface addresses and masks if we can figure them out. (Server) More anti-SPAM measures. 20091109-01 (Server) Anti-SPAM measures. (Client) Make reconnection delay configurable. Iranians need it. 20091103-01 (Client) Fixed OpenVPN auto-exclude bug with DNS servers. 20091030-01 (Server) Workaround for a problem people in Indonesia see. 20091022-01 (Client) Added Bing search, removed Google search (which doesn't work anyway at the moment). 20091016-01 (Server) Do not barf on range header, just ignore it. (Client) Use a username and password in FTP mode that actually works... duh. 20091008-01 (Client) Updates to Italian language translation. (Client) Be much more aggressive about trying IPv6. 20091007-01 (Server) Changes in portmapper to resolve mapping issues. 20091006-01 (Client) Workaround for option problems on local server sockets. (Server) Added portmapper stuff. 20091002-01 (Server) Small coding changes, irrelevant. (Client) Try alternative domains. (Client) Try port 53 if you enable non-standard ports in wizard. 20090928-01 (Server) Fixed silly bug that would not ban some client IDs even if it is supposed to. 20090925-01 (Server) Treat CGI relay users from Iran as other users from Iran. 20090923-01 (Client) Undocumented changes that will help people in places like Iran. (Client) Fixed loads of bugs in server search code. 20090917-01 (Server) Removed some now unnecessary debugging. (Server) Modified accessibility of console. 20090901-01 (Both) Round-up of all the little things done yesterday that obviously improve performance seriously and solve a problem that is outstanding for two years ("some streams would just not work"). Also I'm now trying a little idea with thread priorities in the timer scheduling... let's see if and how it makes a difference. 20090831-10 (Both) Put in some safety nets that might help with the thread storms I see. 20090831-09 (Server) Used atomic statements for ID generation. This might fix the hanging stream phenonemon that I could never reproduce. 20090831-08 (Server) More debugging... still trying to find out what's going on with these timer bursts. 20090831-07 (Server) Yep, it did. It only was a number... but it triggered a piece of code that was lurking for years and caused havoc. :-( It's removed now, the number no longer has a meaning and I have put back in all the little changes that have been rolled back. The first comment on 20090831-01 was only too true! 20090831-06 (Server) Another little change rolled back that could mean the world... 20090831-05 (Server) I think I know what was wrong. 20090831-04 (Server) Emergency rollback of code I though was stable. See if it helps. 20090831-03 (Server) Rolled back a trivial change in TimeOuter code. 20090831-02 (Server) More thread debugging -- we need to find the bugs! 20090831-01 (Server) Don't slow down new TimeOuter threads, this could be fatal because they are cleaning up... (Server) Fixed a potential infinite loop in the protocol inspection code that tries to catch spammers. 20090830-01 (Server) Safety catch... one of the servers ran out of memory. 20090829-01 (Server) Better call statistics, I need to understand what's driving servers round the bend sometimes. (Both) Fixed server searching through Google. 20090828-03 (Server) Made the thread pool even larger. 20090828-02 (Server) Performance tuning. 20090828-01 (Both) Performance improvements in UDP connection code. This should help the users in Nigeria considerably... 20090827-03 (Server) Very tiny optimizations. 20090827-02 (Both) Modified the way times are being fired, this should help with timer congestion on very busy servers. 20090827-01 (Server) Fixed a potential race condition in voucher processing code that could be triggered if the user logged out at almost the same time. 20090826-02 (Server) Partially undone debugging changes. 20090826-01 (Server) Debugging changes. (Client) Do not only use the Windows product ID but also the installation timestamp. 20090815-01 (Server) Added ability to query backup report hosts for user data if main report hosts don't reply within a given time. 20090813-01 (Client) More false-banning fixes. 20090812-01 (Client) OpenVPN workarounds for Vista. *sigh* 20090811-01 (Client) Updated static information about servers and some OpenVPN parameters. (Client) Another false-banning problem solved. 20090810-01 (Server) Report duplicate login on same server. (Server) Fixed rare but possible problem during server (Messenger crashed.) 20090806-01 (Client) Fixed a problem with Asia Tech WAN interfaces that would lead to false "banning" of innocent users. 20090804-01 (Server) Implemented a way to fix up wrong IP to country mappings. 20090803-01 (Client) Changed route metric in OpenVPN. 20090801-01 (Server) Don't query central database if local file record is less than 2 minutes old. (Server) Kick out users who exceed their time limit, even if they don't log out themselves. Duh! 20090731-03 (Server) Changed timing in database querying... it can take a bit longer if the backend database connection needs to recover from a hang. 20090731-02 (Server) Fixed a problem in server shutdown. 20090731-01 (Server) Added database query code. Not tested! (But it won't hurt too much if it doesn't work.) 20090729-01 (Server) Fixed potential array index issue during shutdown. (Client) show clid calculation in dump. Might also fix the bug I'm looking for... 20090720-01 (Server) Oops, overlooked something. 20090719-02 (Server) Added some debugging around spam catching. (Server) Added protocol detection for TCP forwards. Used for SPAM detection on SMTP connections through OpenVPN. 20090719-01 (Server) Even more SPAM detection, this time somewhat proactive (but unfortunately only effective against SMTP delivered SPAM). 20090718-01 (Server) More code to catch spammers .. unfortunately, still only reactive. 20090713-01 (Client) Might have found out why so many users appear to be sharing a PC. Using this client release might fix it. 20090709-01 (Both) Debug a problem we've seen. 20090707-02 (Server) Make some email restriction parameters configurable on a per-user basis so we can permit humanitarian NGOs to send their stuff. 20090707-01 (Server) Fixed potential null pointer exception when shutting down a server that has putthrough sessions. (Client) Changed timing of UDP probing slightly. Should work better with mobile connections. 20090706-01 (Server) Added message type CONFIG. This allows me to configure the servers remotely without logging in, individually or in bundles. (Server) More code to catch spammers. 20090705-01 (Client) Accept spaces in proxy user name and password. 20090702-01 (Client) Use time to test server connection as additional criterion when displaying server list in preferred order. 20090701-01 (Client) Show date and time when a message was logged as a tooltip in message window. (Client) Take packet round trip time into account when sorting the server list for UDP. (Server) Fixed hourly kickout for Iranians. Sorry! 20090629-01 (Server) Added conditions put-throughs. We'll use them to display different pseudo web pages for different accessing countries. In the future this could match on IP ranges, whois records, ... see the potential? :-) (Client) Added Farsi -- finally! 20090625-01 (Server) Add "ignore_deny_until" to profile so we don't have to delete the usage records for FreeFreedom users in suppressive countries. Should relieve load from database. 20090624-02 (Server) Entirely new conditional parser should now work correctly for all countries. 20090624-01 (Server) Log when we refuse a login based on the country. (Server) Fixed bug that would keep Nigerian FreeFreedom users out of all servers -- that wasn't intended, sorry! 20090623-01 (Server) Added condition "server" to profile config. Yes, this is the first anti-Nigerian-spammer action. The people in Iran need the servers, you spammers don't! (Client) Added russian translation. 20090622-01 (Server) Report to database the number of current logins per country. 20090616-01 (Client) In dump mode, dump garbage encountered in bytestream codec. (Client) When adding a voucher manually to the management panel and there's an active connection, fetch info right away. (Client) Added some translation stuff. 20090615-01 (Client) Voucher button gone, voucher panel added. 20090611-01 (Client) Language selection window on first start. 20090610-02 (Client) Started to implement voucher manager. Not yet visible to the general public but already partially working. Stay tuned. :-) (Server) Provisions for new voucher processing code that supports the new voucher manager. 20090610-01 (Server) Delay overtime kickouts a bit so people have a chance to send a voucher code. (Client) Barf if OpenVPN cannot install routes. 20090604-01 (Client) Report in message log if dump cannot be created. (Server) Keep banned client installations out more rigorously -- don't let them in for even a second. (Client) Removed some left-over debugging from CGI mode. 20090601-02 (Server) Display country code in other server panel places as well. Helps us understand how our servers are being used. 20090601-01 (Server) Display country code in server panel. (Server) Fixed presumed hole in bandwidth limitation. 20090530-01 (Client) Set TLS renegotiation for OpenVPN to 0, effectively allowing the server to choose the renegotiation interval. 20090528-01 (Server) More and more people use UDP connection mode; increase timeouter pool size to accommodate this. 20090514-01 (Client) Fixed bug in reading Unix routing table. Introduced in 20071009-01 -- can you believe it! 20090511-01 (Both) Fool stupid proxies that white-list on patterns using the hidden config parameter "http_postfix" -- try setting it to "microsoft.com". 20090507-01 (Client) Updated built-in server list. 20090504-01 (Client) Fixed translation file syntax for OPENVPN_DOWN message. (Server) Field length fix to one of the control panels. 20090421-01 (Server) Troubleshooting the checksum errors in messenger. 20090420-02 (Both) Properly announce CGI relays through CGI relays so that they can be found by both client and search engines. Interpret data properly in the client (both old-style and new-style). 20090420-01 (Client) Different detection timeout for CGI relays. (Client) Better find CGI relays if not looking for any other ways to connect. 20090417-02 (Server) Oops, wrong multiplier... 20090417-01 (Server) Display units in a better way in one of the control panels. (Server) More problem catching, UDP listeners still dying. 20090414-01 (Client) Changed port preference for UDP connection model. (Server) Catch some more potential problems in UDP listener code -- we've seen unexpectedly dying threads and would like to know why they died. 20090331-01 (Server) make /ems-dist an alias of /download 20090323-01 (Client) Fixed automatic OpenVPN excludes on BSD like systems. 20090319-01 (Client) Translations. (Client) Wizard fixes. 20090309-01 (Client) Don't hide sesawe configuration in sesawe mode. (Client) Updated server data. 20090304-01 (Server) Sesawe modifications. (Client) Changed built-in server list. 20090225-01 (Client) Worked around a new proxy folly when announcing required authentication. (Client) Sesawe modifications. (Server) Fixed a bug in statistical reporting. (Server) Fixed null pointer exception that could cause streams to fail. (Client) Translation updates. 20090223-01 (Client) More translations. 20090218-01 (Client) More translations. 20090216-01 (Server) Add ability to remotely kick by session id. Kick baddies more rapidly. (Server) Better detect spammers. 20090210-02 (Server) Made a mistake, fixed. Silly of me... 20090210-01 (Server) Enable TCP keepalive on all TCP sockets. Ensures forwarded inbound streams are torn down if connection from source fails. 20090209-01 (Client) Added Myanmar (Burmese) translation. It's not complete but it's a start. 20090203-01 (Client) Fixed another problem in message display. Now long server welcome messages will display properly. :-) 20090202-01 (Both) Properly display more messages... duh! Please upgrade... (Both) Fixed the way streams and the connection are torn down when user clicks on the stop button. The client used to tell the server to shut down the connection, then to shut down the individual streams, then it would not shut down the streams on its end because it never received an ACK from the server to shut them down because the server thought the connection was already dying anyway... duh! 20090130-01 (Server) Implemented geolocation with MaxMind's Java classes instead of a system call and caching. Faster and more reliable. (Both) Lay the foundations for profiles only permitted in certain countries or denied in some countries. We need this to offer free access in some places in cooperation with NGOs. (Client) Fixed the message popup. 20090126-02 (Client) Package expiry message wasn't displayed properly. (Client) Fixed bug in displaying messages that contain single quotes and variables... duh! 20090126-01 (Both) For very few users there is a compatibility problem in 20090123-01 with the current server code; if you are one of them the server will notice and suggest you upgrade. 20090123-01 (Client) Nicer About panel -- that finally no longer throws null pointer exceptions every now and then. :-) Thanks very much to the supplier of the image! (Client) Fixes in the applications wizard. (Client) Added missing German translations. (Client) Hopefully fixes the problem some have with strange languages suddenly appearing when upgrading. 20090122-01 (Client) Modified OpenVPN config -- Windows uses ridiculously small defaults for buffer sizes. (Client) Even better icons. 20090120-01 (Server) Fixed a potential race condition that could lead to a dying thread. 20090119-03 (Client) Fixed Turing test. 20090119-02 (Client) Added traditional chinese. 20090119-01 (Client) Fixed bug in message display when not authorized or authenticated. 20090114-01 (Client) Prepared OpenVPN messages for translation. (Client) New icons -- thanks to the supplier! (Server) Only report login if profile has been loaded successfully and user's account is valid for the server. 20090112-01 (Client) Added Arabic translation. (Client) Fixed lots of orientation problems for right-to-left languages. (Client) Fixed bug in proxy auto-detection. 20090110-01 (Client) Added simplified chinese. (Client) Modified font selection mechanism. 20090106-01 (Server) Cosmetic changes only. 20090102-01 (Server) Caught a potential null pointer exception. 20081230-01 (Client) Find servers even in environments where a connection through UDP would be possible but name resolution and/or web access is not possible. (Client) Added Switzerland as possible server country -- because we are going to have servers there soon. 20081218-01 (Client) Added Indonesian translation. (Client) Added variants for Yankee English and the Queen's English. Guess what -- they differ by two words. It's more an example than anything else. (Client) Changed text in wizard, reflecting current Firefox versions. 20081212-01 (Client) Added Romanian translation. (Client) Added Dutch translation. (Client) Added "Clear" button to message panel as suggested in the forum. 20081210-01 (Server) OpenVPN mapping changes (more efficient). 20081202-01 (Client) Loads of translation work added. Thanks to all who provided translations! (Client) Offer Burmese language if Padauk font is installed. There is no translation available yet but if I get one I will enable this! Same for Farsi, Arabic and the like -- get in contact with us, we are now ready to support these languages as well! (Server) Remove unnecessary debug trace. 20081128-01 (Server) Collect anonymous statistics about which destination is accessed by users from which country. Please rest assured: we do NOT log what destinations you access. It is not possible to abuse this statistic. We need the data to help supporters to secure funding. The data is NOT stored on the connectivity servers. We strictly adhere to German telecommunications law which ensures your privacy (and explicitly states that it is illegal to log accessed destinations by user). 20081120-01 (Client) Fixed some missing translations. (Server) Fixed a potential start-up race that could lead to a dying support thread. 20081112-01 (Client) Added turkish translation. Removed old-style file. 20081111-02 (Server) Fixed typecast problem. 20081111-01 (Client) Fixed --nogui mode in combination with --log=0. (Server) Fixed very silly bug in OpenVPN IP mapping that could lead to IP association problems through a race condition. 20081103-01 (Server) Fixed server greeting message for old clients. (Client) Display server greeting message properly in new clients. (Server) Fixed a bug in OpenVPN mapping -- mostly cosmetics. 20081031-01 (Server) Removed debugging message that could cause a slowdown. 20081028-01 (Client) Lots of translation work. 20081027-01 (Server) Hopefully fixed problem in UDP listeners that caused UDP connection service to fail over time. Debugging added so we might learn why it fails if it fails again. 20081023-01 (Server) Loads of anti-fraud additions. 20081006-01 (Server) Fixed bug in TCP forward code on server that could cause TCP forwarding to fail (and SMTP delivery to break). (Client) Avoid the GTK LAF, it's broken. (Client) Worked a lot on translation code. (Client) Workaround so client finds CGI relays better. 20080822-01 (Client) Fixed IPv6 in UDP mode. 20080820-03 (Server) Small fix in the way search engines are being passed between relays. 20080820-02 (Both) Fixed race condition that could cause a null pointer exception in stream code on dying streams. More or less just cosmetics. (Server) Hopefully fixed the silly IllegalThreadStateException problem -- no idea why it happens at all or how it can happen without a problem in the JRE. It can only mean that an object instance scoped variable had an inconsistent state and that's hard if it has been set in the same thread just a few lines before. 20080820-01 (Client) Use Java's new Systray interface. It's pretty messy and doesn't work properly cross-platform, plus it requires Java 1.6. Not sure yet if this is the way to go... but it somewhat works on the Mac and probably works on KDE as well. AND it should work on Vista 64bit. (Both) Changes in the way CGI relays are announced and found. Partially incompatible with previous releases! (But older releases will still find relays.) 20080815-01 (Client) Shorter timeout for FTP control connection (15 seconds instead of the default 3 minutes for attempts). (Client) Worked a lot on server search code. Now finds CGI relays too! Need to add more sophisticated tests whether they work though... 20080812-01 (Server) Fixed silly bug in CGI relay announcing. (Client) Fixed bug in startup code that would cause the YF client to crash if the config could not be read. Introduced in 20080630-01 I guess. 20080811-01 (Server) Fixed CGI relay announcing of servers. (Server) Nicely serve favicon.ico for Mozilla and co. :-) (Client) Fixed CGI connection mode -- was using a different host name for second connection! (Client) Delay connection method reporting. 20080808-01 (Server) More debugging around dying TCPForwards (Client) Fixed a long outstanding race condition in the way the About panel was built. Swing really sucks! I am not really sure what effects the problem had on the remainder of the application. 20080807-01 (Client) Worked on IPv6 search code. Should be able to locate servers in IPv6 address space now. (Client) Work around a problem in parsing old configs that contains two initial servers separated by a colon, the second one being an IP address (this used to be the correct format, now it's a semicolon). (Client) Fix silly problem when command line option --start is passed -- it should set the button text properly so people do not click accidentally and stop the connection. (Client) Only show servers in search results that can possibly work, suppress those that definitely don't work. (Server) Process some frames even if authentication hasn't succeeded yet -- this works around race conditions inherent to some connection protocols. 20080805-01 (Server) Server side changes to enable detection of servers through IPv6. 20080801-01 (Server) Minimal changes irrelevant to end users. 20080731-01 (Server) Minimal changes in TCPForward. I'd like to know how the accept thread has managed to die on some servers... (Server) Fixed bug in web serving code that broke downloading of Mac OS X file from mirrors. 20080726-01 (Server) Fixed bug introduced in 20080715-01 but only recognized after an actual server restart. (The test environment doesn't make use of the item changed.) (Client) Fixed a bug in server search wizard probably introduced in 20080715-01. 20080724-01 (Server) Fixed lots of small threading errors that could cause sessions to crash under rare circumstances. 20080715-01 (Client) Fixed bugs in server search. (Server) Unbundled reporter from EMSD. (Server) Started implementing porter. 20080630-01 (Client) Stop trying to connect if the proxy has reported an error condition in HTTPS mode. This was not working for true SSL. (Both) IPv6 work. 20080619-01 (Client) Display bandwidth unit used in bandwidth panels to avoid confusion. 20080606-01 (Client) Make "User Agent" easily configurable through front end. (Client) Imitate web browsers more closely to better fool proxies. 20080605-01 (Client) Fixed OpenVPN certificate verification. My apologies for this problem in 20080529-01 -- yes I have tested and it worked when I tested, I have no explanation. 20080529-01 (Both) New OpenVPN RSA keys and certificates to fix Debian OpenSSL goof. 20080528-01 (Client) Added --shortdump option. It works the same as the --dump option, just that it doesn't dump all stream content. For most debugging purposes this will be enough and it makes dump files significantly smaller. 20080430-01 (Server) Increase number of possible servers. We're growing. :-) (Client) Fixed google search for servers. 20080429-01 (Client) Added translations for spanish country code. (Client) Made searching for PROXY records in wpad files simpler and more foolproof. 20080422-01 (Both) Fixed authentication problems for those with strange characters in passwords. If you use non-ASCII characters in your password you MUST use this or a later client release. (Client) More translations. 20080412-01 (Client) Don't show "unlimited" in Enhanced profile! (Just a display problem.) 20080407-01 (Client) Catch potential exceptions in server search code. 20080402-01 (Client) Added proxy auto-detection to wizard. This is still very crude and might not work in some scenarios where your web browser is still able to find the proxy, but it should work where Firefox works. 20080401-01 (Both) Fixed enqueueing of retransmitted frames -- they need to be put upfront. Also, don't request the same retransmit over and over again rapidly. 20080327-01 (Client) Added new Configuration/Settings panel. Made unit of bandwidth control configurable (default is still kbit/s but you may set it to kBytes/s). 20080325-01 (Both) Implemented on-request frame retransmitting to avoid retransmission of a lot of frames if only one is actually missing. With old clients this does not work, the retransmit requests are simply ignored by the clients (which is pretty much the same as it used to be). If you've got an up-to-date client you should see an improvement. 20080320-01 (Both) Do not repeat ACKs ad nauseam if a stream is idle, under no circumstances. It's simply useless! (Both) Only refire sendq after transport sendq has requested to backlog the frame if the transport sendq has reactivated the stream. This should reduce CPU load under congestion. (Both) New runq code that fairly refires the sendqs of the streams; removes the need to refire them at intervals and better balances remaining bandwidth between streams under congestion conditions. It should also save CPU if there are many active streams. (Both) Slightly modified timing in UDP transmission code, this allows for higher data rates (but still more than 2 Mbit/s is unrealistic -- we could achieve more but it would highly increase loss probability and this would not do you any good, the additional bandwidth would just be retransmissions). 20080319-01 (Both) Worked on stream retransmit code, should highly improve situation for lossy links. (Both) Trivial changes to the frame buffer code (removed unnecessary CPU cycles). (Client) Removed unnecessary debugging in UDP mode. 20080314-01 (Client) Some debugging added. 20080310-01 (Client) Fixed problem introduced in 20080307-01. This makes OpenVPN mode work again -- sorry about that! (Yes, it was thoroughly tested but in the wrong environment.) 20080307-01 (Client) Modified the way OpenVPN compression is set in client and server. It used to be static; now the server pushes the option to the client. This is in preparation to remove compression in UDP mode where it sometimes causes instabilities. 20080228-01 (Client) Fix a problem with Vista in detecting existing IP addresses in OpenVPN mode. Vista is _incredibly_ stupid at times. (Client) Hopefully we've got detection of Windows Millennium Edition right this time. 20080222-02 (Client) Oops, I goofed. It's fixed, saving the config works again properly. 20080222-01 (Server) Fix syslog reading code. (Client) Settings on OpenVPN config page weren't saved properly. 20080221-01 (Client) Stop googling if we have enough hits. We don't need the same results from dozens of servers. (Client) Ask more Google search pages in case some are blocked. (Client) Avoid silly question about one stream not being closed when OpenVPN mode is running. (Client) Hopefully detect Windows Millennium Edition properly now. (Both) Little changes to the streams register code that should slightly improve performance. 20080215-01 (Client) Debugging around stream ACKing. (Both) Fixed bug in UDP mode that could cause an infinite loop when closing the connection. 20080214-02 (Both) Don't always "flatten bursts" for UDP -- only if the checkbox is ticked. 20080214-01 (Client) Make YF work on Windows 98 again. 20080213-03 (Both) Little changes to timeouter firer pool management. 20080213-02 (Client) Switched off frag testing in OpenVPN UDP mode. 20080213-01 (Both) Increased UDP socket buffer size (mainly has an effect on Windows where the defaults are ridiculously small and not dynamically adapted like on every decent operating system), which can lead to buffer overruns during thread starvation and consequently to buffer overruns. This improves stability and performance of the UDP transmission mode. (Both) Slightly changed thread switching behaviour in UDP mode transmission code. This should have no effect on performance but will reduce the context switching overhead. 20080205-01 (Client) Fixed silly problems when creating OpenVPN config (fragment/mssfix). 20080202-01 (Both) Minor changes in stream code to avoid useless (but harmless and reported) null pointer exceptions under rare conditions. 20080201-01 (Client) Report why openvpn file could not be copied. (Client) Worked on keepalive code -- I've seen strange bursts of keepalives on the servers and can only explain them as client bugs. 20080130-01 (Both) Ensure that memory leak debugging does not increase latency every 10 seconds for a few frames. 20080129-01 (Both) Troubleshoot memory leak. 20080122-01 (Client) Changed default for "flatten bursts" to off. (Both) Modified MSS/fragment size for OpenVPN. (Client) When relaying for others is disabled, close refused connections more quickly. 20071231-01 (Both) Code cleanups. Removed lots of dead code and libraries that we no longer need. This should improve startup times significantly. 20071221-01 (Client) Hopefully fixed problems with server search that lead to people depending on FTP transport not being able to find servers. The problem was probably introduced in 20071214-01. (Both) Modified the way receiving stream instances dequeue frames from the recvq. This hopefully fixes an issue we've seen with a receiver acknowledging a frame but then requesting it over and over again, leading to a frozen sendq on the other end. 20071219-01 (Server) Tear down FTP sessions more quickly if there has never been a data connection for a session (i.e. client was only probing or someone else connected). (Client) Fixed potential hang in server search. 20071218-01 (Client) Receive large frames in UDP mode that come in fragmented UDP datagrams. We're not speaking of data, just messages and meta info and the like. (Client) Stupid Windows uses TCP buffers that are way too small for fast connections; detect this and increase them. This should improve uplink speeds for heavy users. (Server) Fixed status page data so server search works again. (Client) Learn to decipher new server status page. 20071217-01 (Both) Working around ineffective network usage by WoW. This might improve latency in battle grounds. (Client) Incorporated different systray menu library to fix systray menu in Vista. 20071214-01 (Both) Implemented better IP announcement code. The servers do not announce IPs of other servers in the clear anymore to dumb scripts. Old clients won't be able to find servers anymore for long... and ask me if I care! 20071213-01 (Server) Fixed a bug in user verification code. 20071211-01 (Client) Be more stubborn when authenticating via NTLM and try all possible representations before giving up. 20071210-01 (Client) Fixed null pointer exception in client HTTP connection code that could occur if the connection was shut down before it connected fully. No big deal. (Client) Better connection wizard debugging for FTP. (Both) Listen on port 13 TCP/UDP as well. (Client) Added NAT functionality for Windows XP and 2003 (highly experimental!). NOTE: This does not work with Vista unless you install some DLLs that do not ship with Vista. There will soon be documentation how to make this work; for now check out http://www.anetforums.com/posts.aspx?ThreadIndex=64643 (last post; you only need to copy the files and run the "add helper" commands). 20071205-02 (Both) Tuned buffer and queue parameters, this will hopefully improve speed for some heavy users. Yes, we want to please you if we possibly can, we are not slowing you down on purpose! 20071205-01 (Both) Fixed potential thread fight in stream code that could lead to very high CPU usage. (Client) Fixed null pointer exception if "flatten traffic bursts" is modified without previous connection. 20071130-01 (Client) Fixed server search -- Google has changed the way they deal with localized requests and that made the wizard show silly error messages for some users. (Both) Freeze threads slightly longer in stream class. This will hopefully reduce the load on the servers for some processor types. 20071128-01 (Both) Slight changes that may help the GC do its job. 20071127-01 (Server) Fixed some more potential null pointer exceptions that could occur when sessions were torn down. They have no production relevance but I don't like them. 20071126-04 (Client) Search more "HTTPS" ports. (Both) Better UDP transmission algorithm should lead to more smooth transmission. (Server) Fixed bug that caused passwords with an equal sign to fail. 20071126-03 (Both) Tear down streams more thoroghly. It seems we still have a memory leak there. I wonder where the cyclic reference problem may be. 20071126-02 (Both) Fixed bug introduced in 20071126-01. 20071126-01 (Both) Permanently inactivated code that wasn't doing anything anymore anyway, but wasting CPU cycles. Should hardly be noticable though... it's a preparation before I finally remove it entirely from the code base. 20071125-01 (Server) Fixed silly bug introduced in 20071124-01. 20071124-01 (Server) Make TimeOuterFirer call statistics configurable. Disable by default. 20071123-01 (Client) Added turkish translation. It is not yet complete but a good start. (Both) Better sendq and recvq thread handling in stream class. Greatly reduces CPU overhead and should improve latency on busy servers. (Server) Fixed wrong port display in info screen. 20071122-02 (Server) Fixed silly array index exception in debugging code (no influence on production use). (Both) Fixed possible null pointer exception in stream code that could occur during shutdown of a hanging session. No production relevance. 20071122-01 (Server) Do proper and meaningful statistics about TimeOuterFirer events. We use this to profile the code and find thread hogs. (Both) Only run backlog thread of FrameQueue if there really are backloggers in the queue. 20071120-01 (Server) Collect Runq_Runnable statistics for debugging purposes. I'd like to know what's pushing the load up from time to time. 20071118-01 (Both) Keep track of buffering and queueing of frames, and only recycle when counter is 0. Also, fixed a bug in frame buffer class that should not have had serious effects. (Both) Turned off frame recycling altogether. It's probably not necessary for performance reasons anyway and only causes trouble. 20071114-01 (Both) Statically disabled frame recycling in FrameBuffer code -- there is a fundamental problem with frame recycling that we cannot solve at the moment without re-designing the way the pool is managed. (Server) Drop stream data frames without sequence number silently. 20071113-03 (Both) Added code that checks whether frames fetched from the frame pool are really fresh, and whether frames that are marked as recycled get sent. We need to track down these buggers! 20071113-02 (Both) Removed unnecessary "retransmit" debugging message. 20071113-01 (Both) Rewrote FrameBuffer class. LAN measurements show an overall(!) throughput gain of 40%! (Both) Fixed very serious bug in UDP CoDec that caused frames to be returned to the pool when they were still in use. 20071112-08 (Both) Fixed bug in acknowledgement scheduling. This caused streams to hang with lossy transports. Also fixed bug in frame buffering that was triggered by out-of-order delivery of frames. (Both) Make receiving frame buffer in stream class bigger than the other end's sending frame buffer. This avoids lock-ups in loss situations. Silly! 20071112-07 (Both) Simplifications in the way threads interlock when emptying the frame buffer. 20071112-06 (Both) Isn't. Gosh. 20071112-05 (Both) OK, time to go to bed. Fixed the silly performance drop introduced in 20071112-04. Now it's working! 20071112-04 (Both) Worked on stream frame buffer send code. 20071112-03 (Client) List system properties in dumps. (Client) Better debugging of frame transmission timing. (Both) Modified frame buffer enqueueing in stream class to reduce CPU load and improve reliability. 20071112-02 (Client) Fixed silly bug in HTTP connection code that could lead to uplink connection repeatedly connecting and disconnecting. 20071112-01 (Both) No matter what's configured, do not increase minimum buffer size above the maximum payload size of the transport protocol when using UDP transport. (Both) Fixed bugs in UDP transport enqueueing. (Both) Enforce traffic burst flattening in UDP transport -- it's simply required for stable transport. 20071109-02 (Server) Fixed bug responsible for broken server IP address display in UDP connection mode. 20071109-01 (Server) Limit number of TCPForwards with backoff to disallow spammers to use up too many resources. (Client) Only connect through proxy in HTTPS mode if destination port is 443 or proxy type is not HTTP/HTTPS. (Client) Fill in only working protocols and ports when running the wizard. D'oh! (Client) Improvements in server search. 20071108-01 (Both) Modifications in the way sendq is run. This should fix problems with bad performance for some. 20071107-01 (Server) Permit # in usernames and passwords 20071106-02 (Server) Fixed debugging message. (Server) Detect clients between 20071031-01 and 20071105-01 and warn them about the security hole. 20071106-01 (Client) Fixed security hole in client introduced in 20071031-01 that could make your PC an open web proxy. Please upgrade! (Server) TCP forwarding with backoff capability. This is useful to combat SPAM through OpenVPN mode. Also fixed little bug in backoff code. 20071105-01 (Both) Made non-passive FTP connection mode work. (Client) Fixed negative port number in some info messages. 20071102-01 (Server) Map OpenVPN sessions to local IPs for debugging purposes (not logged). 20071031-01 (Client) Hopefully fixed another Vista specific bug. Vista is braindead... (Server) Fixed a bug that could lead to excessive periodic user announcements (that's how the servers keep track of which user is logged in where). 20071029-02 (Server) When debugging timeouters, show the "hint" information. This helps us figuring out which part of the code is freezing a thread. (Server) Fixed race condition in tearing down UDP relayer instances (used for NTP relaying). 20071029-01 (Client) Make proxy authentication method selectable. (Server) Do time correction on server as well. 20071026-01 (Server) Fixed thread statistics -- very useful for troubleshooting. 20071025-02 (Both) Modified the ThreadFreezer object slightly. This should work around a potential race condition. 20071025-01 (Client) Fixed issues with "relaying not permitted" when the request is actually coming from the local host. (Both) Fixed potential null pointer issue when starting up connection. (Both) Added debugging around suspected timeouter issue. 20071022-02 (Server) Slightly raise thread priority for firing events in stream code if profile requests it. It was already done in other places, this was still missing. (Both) Removed some unnecessary debugging stuff that has a CPU impact. (Both, mainly server) Leave more residue in timeouter pool, don't reap so much. We need all the timeouter firer objects anyway at some time, especially as long as more are working than relaxing. 20071022-01 (Server) Hopefully fixed bug that caused server code in 20071019-01 to hog resources. (Client) A similar bug was present in the client, it just could not cause havoc there. 20071019-01 (Client) FTP connection mode configurable ("normal", "passive", "both" (default)). But the client doesn't support normal mode yet anyway... TBD. (Server) Modified the way threads get assigned to UDP relaying. This should reduce CPU overhead. 20071018-02 (Client) Changed reference bandwidth for slider settings in TotalFreedom from 4000000 to 4194304 (this is just a technicality and has nothing to do with the bandwidth you get). (Client) Fixed bug in CGI connection code that put off picky proxies. 20071018-01 (Both) Modified the way thread interlocking is done in the HTTP and HTTPS link code. The new method uses less CPU and slightly improves latency (lag). Plus, it utilizes a proven procedure instead of a bunch of workarounds. 20071017-02 (Server) Potential lock-up in timer code when using a debug command in the console. 20071017-01 (Server) Fixed bug that caused SSL wrapped connections to be closed every 30 seconds. Ouch! (Client) Fixed OpenVPN on-the-fly startup and shutdown. (Client) Detect if Mac version of client is outdated. (Both) Did the same thing as in 20071016-04, but this time the right way. This has seriously improved CPU and memory footprint on a heavily loaded server and a busy client. 20071016-05 (Both) Fixed potential null pointer exceptions in frame buffer code. (Both) Rolled back 20071016-04 -- dammit! Thought it's perfect but it isn't. 20071016-04 (Both) Modified way timers wait for their turn to run. This reduces CPU load and slightly improves latency. 20071016-03 (Both) And another threading change. 20071016-02 (Both) More threading race conditions around sleeping threads fixed. (Client) If "flatten bursts" is modified on-the-fly, let server know about it too. 20071016-01 (Both) Fixed very serious multi-threading issue in scheduler code, responsible for occasional stream hangs. This is for you all who have reported hanging streams, WoW hangs/disconnects and so on! (Client) Made burst flattening configurable on-the-fly. (Both) Changed scheduling of queue running after queue overruns. (Both) Don't suppress duplicate ACKs where they may be needed to re-trigger the stream flow. 20071014-01 (Client) Fixed a bug that caused connection to fail if proxy was requiring authentication and offered NTLM as well as Basic authentication. 20071012-01 (Client) New OpenVPN settings panel in configuration window. 20071011-01 (Client) OS X OpenVPN support. (Client) Make connection option pane scrollable for those systems that need it. 20071009-02 (Both) Made burst flattening configurable. It may help gamers with high lag to disable burst flattening (Configure, Connection). 20071009-01 (Client) Parse Mac OS X route table properly. (Both) Lower minimum keepalive interval. Adjustments to the way the timeout interval is calculated from this value to make better use of the TCP fast retransmit algorithm. If you have packet loss on the YF client to server connection, low keepalive intervals used to kick you out frequently. If they still do, lower the keepalive value to 500 milliseconds. (Both) Modified frame buffer pool sizes to better accommodate the frame size distribution pattern caused by recent changes to the stream code. 20071008-01 (Client) Fixed buffer size problem for OpenVPN TCP mode uplink. This should improve performance. 20071005-01 (Both) Allow for more bursting. 20071004-03 (Both) Rewrote (client) and fixed (server) UDP transmission code to better co-operate with buffering in stream code. 20071004-02 (Server) Broken policer -- sorry guys, we can't have that. 20071004-01 (Both) Fixes in UDP connection mode. This should greatly improve performance and reliability. 20071003-01 (Server) Fixed bug in HTTP code that was triggered by changes in 20071001-01. It wasn't introduced there but I guess that's just a technicality. :-( 20071001-01 (Client) Fix null pointer issue in cases where the profile does not allow OpenVPN but the client requests it. (Client) Re-written OpenVPN excludes-to-routes conversion code. The old code made horrible mistakes. (Both) Fixed bandwidth policing of small frames; this should seriously improve smoothness of all connection types, especially UDP mode. 20070927-01 (Both) Improve buffer sizes in UDP mode. 20070925-01 (Client) Tiny changes in CS code. (Client) Better debugging of RTT and other service traffic. 20070924-05 (Client) Fixed null pointer exception in statistics display code responsible for freezing stats display. 20070924-04 (Both) Made connection statistics code even simpler. 20070924-03 (Client) Be even more stubborn on keeping connection statistics alive. (Server) Do not use connection statistics listener functionality for queue parameter updates; instead, update queue parameters directly. This saves CPU and thread switches and is sufficient. 20070924-02 (Client) Don't stop updating stats just because the system clock skewed. (Server) Gentler shutdown process. 20070924-01 (Both) Reworked connection statistics notification code, believed to be responsible for hangs. 20070921-01 (Client) Allow spaces in OpenVPN path. (Client) Print openvpn messages in message window. 20070920-02 (Client) Fixed UDP connection code broken in 20070913-01. Sorry! 20070920-01 (Client) Modified the way sliding averages for bandwidths are being calculated (smooth but still accurate and responsive bandwidth display). (Server) Clean-ups in connection code. (Both) Reduced overhead in runq with stuck and overloaded connections. 20070919-01 (Client) Fixed bandwidth panel. (Both) Performance improvements. 20070918-01 (Client) Workaround for hanging streams. 20070917-01 (Client) Trying a workaround for the hotspot crashes. (Client) Fix bug introduced in 20070913-01 -- searching servers now works again. 20070913-01 (Client) Allow user to choose which protocols to probe in the connection wizard. (Server) Don't recommend servers so often if connection is wonky. 20070911-02 (Client) Fixed config file parsing for some repetitive commands. 20070911-01 (Server) Fixed bug in traffic reporting. Just cosmetics... (Client) Dump config when starting the server search wizard or the connection to help us helping you. Also dump connection statistics periodically. 20070910-01 (Server) Don't announce tunnel interface IPs. 20070907-01 (Client) Fixed multiple "header" options in config file (so far, only one worked -- duh!) (Client) Added "openvpn_option" as a "hidden" option in the config file, it supplies additional configuration commands to OpenVPN. (Client) Prefer basic authentication over NTLM authentication if web proxy accepts both. 20070831-02 (Server) Silly bug introduced in 20070830-01 broke SSL mode. (Server) Catch unnecessary exception by rearranging some things in SSL code. 20070831-01 (Client) Made connect timeouts configurable (useful for mobile phone Internet connection users). (Client) Report proper protocol name for HTTPS/SSL. (Server) Better detect SSL. (Server) Fixed bug in UDP code that could lead to some packets be discarded all the time. 20070830-01 (Server) Time out SSL negotiation so suckers can't suck up our resources. (Server) Catch some exceptions for sockets that get closed by the other end. Just cosmetics... 20070829-01 (Client) Teached connection wizard to try SSL wrapping for HTTPS if there is reason to believe that it could help, and if it does, to modify the config accordingly. (Client) Fixed unnecessary server search wizard hangs. 20070828-01 (Both) Implemented true SSL for HTTPS connection mode. 20070824-03 (Client) Stupid bug in SOCKS5 code did break encryption. 20070824-02 (Client) Added support for connecting to YF server through a SOCKS proxy (this means TOR!). It's not very well tested but at least SOCKS5 appears to be working with TOR. Don't expect good performance though... 20070824-01 (Client) Let users choose to use UDP connection mode for OpenVPN. (Client) Start and stop OpenVPN on the fly while the connection is open! 20070823-02 (Server) Still more anti-Nagle stuff. (Server) Fixed statistics for new OpenVPN mode. 20070823-01 (Both) More Nagle bugs found and fixed. (Client) Fixed bandwidth graphs. 20070822-02 (Server) Fixed silly negative time in shutdown announcement. 20070822-01 (Server) Show correct number of OpenVPN sessions on local server instead of 0. (Server) Raise thread priority for paying customers. 20070820-01 (Client) Update stats display every 3 seconds, not every second. (Client) Added restart button. 20070814-01 (Client) Clarified some things in wizard. (Both) Improved HTTPS detection code so filtering firewalls can't fool the client into believing HTTPS mode works when it doesn't. 20070810-01 (Both) Disable Nagle's algorithm in all TCP connection models. (Both) Fixed OpenVPN for HTTP and CGI connection model. Why did no-one tell me! 20070809-02 (Client) Connection code was not trying clever tricks in some cases, fixed that. 20070809-01 (Both) Use maximum buffer sizes when OpenVPN is active. Don't adjust automatically. 20070808-02 (Both) Made buffer/queue shrinking even more careful. 20070808-01 (Both) Fixed serious buffer resizing issues in both server and client queueing code, probably responsible for all kinds of performance problems. Upgrade! 20070807-01 (Server) Worked a bit on server IP detection in UDP code. (Server) Worked on scalability of NTP forwarding code. 20070806-01 (Server) Added UDP relaying so servers can be NTP servers again. This is important to hide our capability to tunnel through this port from the nosy sysadmin. :-) (Client) Automatically increase min_buffersize to 1500 if not otherwise configured. It drastically improves performance for many. (Client) Added port 123/udp as potential connection port. 20070731-02 (Client) Fixed jumpy, erroneous streams table. 20070731-01 (Client) Fixed combination of "start minimized" and "automatically connect on startup". 20070725-01 (Both) Timer code debugging added after we've seen an AIEEE on one of the servers. This hasn't happened for months and we thought it was fixed... 20070704-01 (Client) Fixed SOCKS problem introduced in 20070622-01. (Client) Fixed translation bug that would show wrong lockout times for free users in the german translation. (Client) Bit more debugging in connection wizard while dumping. (Client) Removed useless debugging from FTP connection code. 20070622-02 (Client) Actually allow destination port 0... 20070622-01 (Both) Implemented speed testing. See FAQ for details. 20070618-01 (Client) More items in context menu (Windows only). (Client) Fixed silly "erroneous JPEG bytes" message. 20070615-02 (Client) The fix wasn't quite fixing it in all cases. Now it does. 20070615-01 (Client) Be more verbous if something goes wrong creating the OpenVPN config file. (Client) More debugging around handling excludes in OpenVPN code. (Client) Fixed bug in exclude summarization. 20070614-01 (Client) Fixed bug: openvpn_exclude lines on config got lost. 20070612-01 (Client) Added config parameter "openvpn_path" -- specify the full path including the name of the executable. Default is just "openvpn". 20070611-01 (Client) Worked on clock skew code. (Server) Made some messages more clear. 20070608-01 (Server) Started working on UDP server port forwards again. The server part of it should be done now. (Client) Implemented client part as well. Untested so far. (Client) System clock skew compensation wasn't properly working yet -- it should now. 20070606-01 (Client) Compensate for system clock skew. We suspect that some users might have problems with a jumpy system clock (e.g. clock tick too fast and Windows PC in a domain) -- this would confuse YF a lot. We therefore check every second if the clock has skewed significantly and if yes, unfreeze the delayed timers. 20070604-01 (Server) Shut down old profile object properly if new profile gets loaded. (Server) Drop protocol detector object reference when shutting down a stream. (Both) Drop reference to connection in stream object when closing stream. Not sure if this doesn't break anything, only one way to figure out I guess... (Client) Additional HTTPS connection failure debugging. 20070601-01 (Server) Detect DC++ 20070531-03 (Server) Fixed signedness bug in messenger debugging code. (Server) Fixed wrong uplink/downlink priority in HTTP connection code (introduced in 20070531-01) (Server) Modified thread priorities in timer code after an observed hang-up. 20070531-02 (Server) Fixed potential null pointer exception when shutting down. 20070531-01 (Server) Small change in control panel. (Server) Changes in thread priority assignment. 20070530-01 (Client) OpenVPN: automatically exclude secondary servers as well. 20070529-01 (Server) Better debugging of session latency problems. 20070523-01 (Server) Delay kicking of FreeFreedom users who have exceeded their time limit for 60 seconds. This will enable them to send a voucher code. 20070521-02 (Server) Undocumented change to control panel. 20070521-01 (Server) Do not block old clients in suppressive countries. (Server) Fix null pointer bug in HTTP code, might also be symptomatic for a memory leak... 20070516-01 (Server) Only announce new client version once per session, no matter how many messenger frames we receive. (Server) Don't pester so much. (Server) Longer grace period for outdated clients (15min). (Server) Added a missing translation. 20070515-01 (Both) Better debugging why stream is closed. (Client) Fixed bug in library that could lead to crashes when analyzing the routing table for OpenVPN. (Server) Adjust server port number with profile changes. 20070512-01 (Server) Tell people whose login gets denied because of usage time restrictions about the "unregistered" account. (Server) Worked on termination code in HTTPS connection class. It seems that threads wouldn't die in some cases, causing a memory leak. 20070511-01 (Client) Made more tuning parameters configurable. Only relevant for HTTP. (Client) Modified some runtime parameters to better support Java 1.6. 20070510-02 (Client) Worked on server detection wizard code to remove potential lock-ups. 20070510-01 (Both) Negotiate the minimum buffer size. (That is, client instructs server.) 20070509-01 (Server) When binding a port through SOCKS, don't wait longer than 60 seconds. Misbehaving apps could otherwise crash the server. 20070508-01 (Server) Only count OpenVPN session counters for total when positive (negative means: no data). (Client) Don't automatically reconnect if server disconnects user before sending a profile. 20070507-02 (Server) Hopefully fixed problem that sometimes occurred when server was restarting. (Server) Include number of OpenVPN sessions in server statistics page. 20070507-01 (Client) Made window somewhat bigger. (Server) Undocumented security change. 20070504-02 (Client) Change not documented (security reasons). 20070504-01 (Both) Get rid of silly expiry warnings when using vouchers. 20070502-01 (Client) Fixed a bug that kept the client from using the configured min_buffersize. 20070430-01 (Server) Tiny changes in session maintenance code. (Client) Some missing translations added. (Client) Stay away from the magical number 100 with regards to routes in OpenVPN. It seems that 98 will still make the client fail under some circumstances. 20070426-01 (Client) Automatically reduce the complexity of OpenVPN excludes if it yields to more than 100 routes. OpenVPN has this maximum number as a compiled-in default. (Server) Send correct expiry date after profile changes. 20070425-02 (Server) Changes in reporter facility to better support vouchers. (Client) Fixed bug introduced in 20070424-02 that created unnecessary overhead on both the server and the client, and the connection between them. (Server) More tight SMTP restrictions -- to combat Nazi SPAM (and other SPAM too, of course). 20070425-01 (Server) React to profile changes more promptly. 20070424-03 (Server) Modify auto-disconnect according to profile! 20070424-02 (Server) Detect profile changes. (Client) React properly to profile changes. 20070424-01 (Client) Automatically exclude DNS servers from routing through OpenVPN tunnel. (Server) Added voucher code relaying. 20070418-01 (Client) Make OpenVPN check server certificate. Not really important though - we know we are connected to the right server. (Client) Less OpenVPN debugging -- we don't need that much, it can only hurt performance. (Server) Fixed serious bug in OpenVPN code that could lead to exhaustion of system resources. 20070405-01 (Server) Fixed timeout bug introduced in 20070314-01 that caused disconnects and a lot of annoyance (MOTD pop-ups etc.) (Client) Don't search on TCP ports the server is not even listening on... (Client) Fixed auto-reconnect bug that caused duplicate login disconnects if the connection has been re-established manually in the meantime. (Client) Fixed Turing test pestering. 20070322-01 (Server) Properly detect Azureus scrape 20070321-01 (Server) Cosmetic changes in control panel. (Both) Be more stubborn when trying to bind to a port. Retry a few times. (Server) Keep track of streams that get closed by the client that the server doesn't know about yet -- so they get closed as soon as the server registers them and don't stick around. 20070319-01 (Client) Dumbed down error checking for OpenVPN under Vista. The OpenVPN client always reports duplicate routes, and since we cannot differentiate between permission problems and duplicaton problems in all languages (Windows has the nasty habit of translating everything) we can only ignore them. This means of course that we cannot detect when the user simply does not have permission to install routes. *SIGH* (Client) Delay initial RTT measurement a bit more to avoid measuring while the connection is not yet fully set up. 20070316-01 (Client) More debugging around stream closure. (Client) Added hidden config parameter "min_buffersize". (Server) Added protocol detection for Lineage so server can try some tweaks to improve performance. 20070315-01 (20070314-01) (Both) Made keepalive interval configurable and negotiable. (Client) When running in dump mode, make server search serial instead of parallel (it's a lot slower but the dump is actually readable and we are more able to help you). (Client) Fixed potential false HTTP positive in server search. 20070313-01 (Server) Fixed a bug in stream registration that could lead to pending streams opened by the server and rejected by the client not getting deleted from the register. 20070308-01 (Client) Catch missing privilege problems in OpenVPN mode and deal with them properly. (Server) Include abuse email on "Go away" page. (Client) Use more search engines, be less sensitive to layout changes. Also more debugging so we can learn about search engines being blocked and/or filtered in different places. 20070307-01 (Client) Made sliders and bar indicators less logarithmic, especially for low bandwidth profiles. It seemed more logical. Also, made the graph semi-logarithmic as well. (Both) Changes to frame queueing mechanism, should not be noticeable but saves resources in failure situations. (Client) Added hidden parameter "rtt_interval". If you specify a time in milliseconds, the round trip time to the server will be measured periodically (value needs to be at least 1000 ms). If not configured, RTT is only measured once when the connection starts. 20070301-01 (Both) Fixed bugs that kept FTP reconnect from working properly. 20070227-01 (Client) Added --notray and --noappwizard option in case you are having trouble with your latest and overpriced operating system. 20070225-02 (Server) Fixed stupid number formatting bug that leads to null pointer exceptions. 20070225-01 (Client) Don't reconnect automatically if stop button pressed. (Server) Debugging in FTP code. 20070224-01 (Server) Worked on FTP code. 20070223-01 (Client) Fixed google search -- they've changed their output format again. If you can't find any servers anymore then this version is for you! 20070221-01 (Client) Gosh, still another exception in OpenVPN code. 20070220-01 (Server) Increased TimeOuterFirer pool size. (Both) Changed way TimeOuterFirers are named. Naming may actually be responsible for long-term problems. 20070219-01 (Client) Fixed exception in OpenVPN startup thread. 20070217-02 (Server) ControlPanel had wrong divisor in one place. Just cosmetics... 20070217-01 (Server) Announce planned server shutdowns 15 minutes ahead, repeat announcements every 2 minutes until shutdown. Also, tell other servers about it so they stop redirecting people to us if they shut down in the meantime. (Server) Another bug in number formatter fixed. 20070215-02 (Server) Don't keep integer treemap objects for the frame buffers in a pool -- we've seen a crash in this code and it's useless anyway, though it's certainly not the code's fault but the JRE's. 20070215-01 (Server) Fixed bugs in number formatting. (Client) Cache server search results, only do a full search when there are no previous results or the user requests it. 20070213-01 (Client) Debugging changes 20070209-01 (Client) Automatically reconnect on server shutdown if desired by the user. 20070208-02 (Server) Removed some debugging messages that we no longer need. (Server) Be more tolerant ... let people connect for five minutes with outdated clients instead of one. Also, only send one of the two possible messages. (Server) Better number formatting in control panel. 20070208-01 (Server) Fixed deadlock in server code by modifying all potential places where it could occur in theory. My wicked mind was running wild I guess but mow there is really absolutely no place left where this particular lock-up could happen. 20070207-01 (Server) Fixed null pointer exception in OpenVPN code. (Client) If we know the proxy chain, report it as well. We need the version numbers... 20070206-02 (Client) Fixed silly bug in remembering what worked well for connecting. 20070206-01 (Client) Fixed route exclude problems in OpenVPN code. (Client) Minor debugging changes. (Client) Added --log, --log=minlevel command line option (Server) Added connection reporting code. It helps us learning how exactly you connect. Rest assured that nothing confidential is revealed -- we would just like to know which tricks still work in which part of the world. 20070205-01 (Client) Small fixes in apps config panel. (Client) Try to close OpenVPN before exiting. 20070203-01 (Server) Fixed null pointer exception in VPN code 20070202-01 (Client) Improve reconnection time in difficult firewalling scenarios (try first what is known to have worked before) -- very important for CGI and HTTP connection method. 20070201-01 (Server) Fixed silly null pointer problem. 20070131-01 (Client) Learned some new IP obfuscation tricks. 20070130-01 (Server) Fixed null pointer problem in traffic dump of control panel. 20070127-01 (Server) More session debugging. 20070124-01 (Server) Added control panel code for OpenVPN. (Server) Added OpenVPN traffic reporting. Traffic _only_. (Client) Better debugging with HTTPS connection problems. 20070123-01 (Client) Added openvpn_exclude option. (Client) Ignore IP addresses that are known to no longer work (ex server IP addresses still haunting the net). This speeds up server search. 20070122-01 (Client) Added OpenVPN support code. (Client) Added missing translations in German and Saarl�ndisch. (Client) Added new server criterion (OpenVPN support) (Server) Modified way comments in config file are parsed. 20070120-01 (Server) Don't announce tunnel endpoint IP. 20070119-01 (Both) Implemented OpenVPN support -- it works!! 20070112-01 (Server) Made disconnection warning more clear -- it was telling FreeFreedom users that they would be able to immediately reconnect when they weren't because of overall usage time restrictions. (Client) "Encrypt" sensitive data in config. NOTE! In order to encrypt an existing config you need to change something in the config! For example, go to the Ports panel, untick and tick a box. 20070111-01 (Client) Rewrote the timing and scheduling for the bandwidth monitors, using the same proven code as for everything else. 20070110-02 (Server) Found problem in UDP reception code that could cause sessions to be slowed down to a crawl. 20070110-01 (Server) Tuned buffer sizes a bit. 20070109-01 (Client) Treat error 502 like error 403 and don't try this representation again. (Client) Removed "unregistering stream" message that only confuses people. 20070108-01 (Client) Try octal representations as well. 20070105-01 (Client) Hopefully fixed a bug in web connection code that caused newer client versions to fail on the combination of ISA/NTLM web proxy and WebSense. Please try! 20070104-01 (Client) Worked on server selection. 20070103-01 (Client) Fixed message date/time display. 20061229-01 (Server) Make sure peers vector gets updated in messenger when it is changed on the fly. (Server) Increased WoW buffer size to 8192. Don't know if it's any good though. (Server) Enlarge minimum buffer size for protocols like WoW even further. (Client) Enable re-keying in the wizard. Gosh, forgot that! 20061222-02 (Server) Increased min buffer size for WoW to 1460 bytes, seemed natural, considering that this results in 1500 byte IP packets. 20061222-01 (Server) Worked on WoW detection. 20061221-02 (Server) Removed debugging... argh. (Client) Fixed typo in a debug message. 20061221-01 (Server) Fixed multithreading problem with messenger relays kind-of-introduced in 20061214-01. (Server) Added protocol detector for WoW. We can hopefully use this to improve our support for this game, and who knows? We might learn enough to better support other games too. (Both) Tweaked stream processing a bit, it may help improve lag with broken protocols like WoW. 20061217-01 (Server) Fixed stupid bug in messenger code introduced in 20061214-01. 20061214-01 (Server) Less reporting of stream data; waste of bandwidth and CPU, we're not interested anyway. 20061213-01 (Both) Use fast retransmits for UDP tunnels. (Both) Generally faster retransmits for other types as well. 20061212-01 (Client) Changes to Wizard. Made wider and removed default host -- it's no good anymore, don't use it. Also use preferences; preferences panel therefore activated. (Server) Don't relay to ourself. (Server) Don't accept duplicate peers in config, just ignore. (Server) Small fix in number formatter for control panel -- some users really go exponential with more than 100 Gigabytes per session... unbelievable! 20061211-01 (Server) Version checking problem fixed. 20061208-01 (Server) Implemented time restrictions, they will be used to restrict permanent usage of the service by FreeFreedom users. It's just no longer tolerable... 20061206-01 (Server) Fixed bug in server announcement code. (Client) Worked on connection option code. 20061205-01 (Server) CGI relay announcement code revised. 20061204-01 (Client) Added quirk to fix up one-way audio in SIP conversations. Try adding "sip_fixup_audiostream true" to your config file if you have one-way audio problems. 20061201-01 (Client) Made turing test a bit more nasty. (Server) Pester user if client is older than 20061201-01 20061130-03 (Client) Seems like we've lost the bandwidth history graph somewhere underway... oh well, I've put it back in. 20061130-02 (Client) Fixed SOCKS5 UDP forwarding code -- this time I have found a very old bug, I don't know when it has been introduced but it must have been there for quite a while. Effectively it broke UDP ASSOCIATE requests, needed by many applications that rely un the UDP protocol. An example is TeamSpeak, the voice protocol in many games. (Server) Hmmmmm... this could now trigger a null pointer exception that makes the connection fail. Fixed! 20061130-01 (Server) Allow for more servers to be found. (Both) Broke UDP forwarding in 20061123-01, sorry guys! It's fixed. 20061128-01 (Client) Added turing testing. 20061123-02 (Server) Another small fix in IRC detection code. 20061123-01 (Both) Implemented queue expiry, should help recover voice streams more quickly after a connection problem. This means that some frames don't get sent anymore if they have been enqueued too long ago -- useless with voice and many other UDP protocols. It also avoids that the queues get completely swamped with small RTP frames. (Server) Fixed a problem in IRC detection code. 20061121-01 (Server) Added protocol detector for IRC. Note that we can distinguish whether someone is running a client or a server. Servers will not be permitted anywhere! Clients will be banned on some servers only (where the provider requires it). Please don't be upset -- we may as well simply ditch all US based servers :-( but we decided not to. (Server) Fixed timer debugging code. 20061120-01 (Client) Worked on SIP forwarding code. I've successfully tested it with sipgate.de! 20061118-02 (Server) Fixed silly bug in UDP code introduced in 20061025-01. Sorry! 20061118-01 (Server) Fixed race condition in HTTP initial connection code that could trigger a null pointer exception. 20061115-01 (Server) Added debugging feature to control console that allows to interrupt timer threads to cause a stack trace and see where they are stuck. Very useful together with the "show timers hogs" feature. 20061113-01 (Server) Added something to CGI info page. You don't need to know, really... it's something that helps our test scripts to learn about the cascaded server behind a CGI forwarder script. Not a secret though, have a look if you like. 20061109-01 (Server) Sort sessions by bandwidth in control panel when showing traffic stats. Helps debugging... 20061108-01 (Both) Modified maximum queue sizes to improve throughput in high-bandwidth-high-latency scenarios. (Server) Made queueing and buffering parameters more dynamic (we now adjust them every 4 seconds instead of every 10 seconds). It might make a difference for gamers who suddenly find themselves in heavy traffic scenarios. 20061104-01 (Server) Worked on CGI detection code. (Server) Send info on FTP connection as well. (Client) Read info from FTP connection as well when testing servers. 20061102-01 (Client) Completely re-done CGI connection code, now uses WebConnection code as well (meaning that it also works with NTLM proxies and supports IP quirks). 20061031-01 (Server) Modified the way server announcements are being triggered. Is this the mystery null pointer bug? (Both) Small change in timeouter code, might shed light on mystery memory leak. 20061025-01 (Both) Taught client to learn server name and about other servers via UDP probes, and server to tell about its name and the IPs of other servers. (Both) Same for FTP. (Both) Improvements in TimeOuterFirer initialization code. (Server) Increased timeouterfirer pool size and lowered reaping rate a bit -- it seems that the servers are now more busy than they used to be with timer tasks, and a little bit of fine tuning is advisable. (Server) Improved active thread listing in control panel. (Both) Another small change in the TimeOuterFirer code. 20061024-01 (Server) Bug caused problems when user had empty password. (Both) Made TimeOuterFirer code less prone to memory leaks and added debugging around issue of TimeOuterFirers getting lost underway. It seems like the pool becomes inactive? (Client) Fixed silly bug in web connection code. (Client) Fixed bug in wizard FTP test code. 20061017-01 (Client) More detailed logging around server disconnects. (Server) Fixed potential null pointer exception in a race condition. (Client) Make sure users are not pestered continually with "your package will expire soon" -- only when client is started, then again after two days. This was a bug. 20061011-01 (Server) Fixed silly bugs in control panel. 20061010-02 (Client) Fixed null pointer exception when closing unsuccessful FTP connection. (Server) I broke the FTP code miserably... sorry about that! 20061010-01 (Server) Better fix to the stall problem. 20061009-01 (Server) Fixed a bug that would sometimes tell the users that their client is not current when it is. (Server) Hopefully fixed a stall problem in FTP connection code that could exhaust all memory resources. 20061005-01 (Client) Fixed silly bug that would sometimes kill the connection immediately on startup, without telling the user. (Client) Fixed bug in connection code that would almost always break the connection if you've got automatic server selection enabled these days... oops! (Client) Added server selection panel to config window. (Server) When announcing ourselves to the client, add the servergroups as well; otherwise our own server is often less preferable when it actually is best, or the other way round. 20060908-01 (Client) Don't switch servers if UDP forwards have not timed out. (Server) Added UDP statistics to control panel. (Server) Fixed misunderstanding between client and server wrt how the client can figure out the server's address and port for UDP forwards. (Client) Ensure only one forwarder per media -- it does the trick of tying the ends together though I don't really like it... (Client) SIP forwarding now works with SIPgate! 20060906-01 (Server) Allow for UDP forwarders to request whether they want an odd or an even port on the server. (Client) Dito. (Both) Yep, SIP's working! Just need to make it more user friendly. If you want to test, this is how you can turn your YF client into a SIP proxy. Add these lines manually to the config file: sip_proxy what.ever.com sip_proxy_port 5060 (or whatever) sip_port 5060 (or whatever) This will turn your localhost into a mirror image of the remote SIP proxy. Note however that FreeFreedom will most likely not do because most codecs (notably G.711) will require at least 80 kbit/s bandwidth in both directions, including overhead. Note that server version 20060906-01 is required, please check when you test. 20060905-01 (Client) Whoah, SIP mostly working! 20060904-01 (Server) SIP code now more or less working. (Server) Fixed null pointer exception introduced in 20060831-01 (Client) Worked on SIP code -- basically works now. 20060831-01 (Client) Worked on SIP code. (Client) Removed unnecessary debugging introduced in 20060830-01 (Server) Added UDP forwarder expiry. This should fix some problems with servers just no longer working properly after a while -- they simply run out of UDP ports if some users use a lot of different UDP forwarders. Now they expire after 5 idle minutes, and we should be fine. 20060830-01 (Client) Improved server searching in the wizard. 20060829-01 (Server) Fixed problem with server announcements. 20060828-01 (Server) Better protocol detection for HTTP CONNECT. Needed to block P2P through web proxies on some of our servers. (Server) Added more protocol detection -- please don't be alarmed, we need this for statistical purposes only so we can properly plan ahead. Used protocols are not logged together with account data. 20060823-01 (Server) Modified treatment of ACKs in the messenger code with regard to how they get propagated to the higher application levels. (Server) Announce logged in users every 20 minutes, not every 5 minutes. This resulted in dozens of packets per second, each 100 bytes long, being sent to every server, with a background noise of 30 kbit/s per server. 20060822-01 (Server) Fixed arrax index problem in protocol detection code. 20060816-01 (Client) Fixed input validation for proxy user name and allowed intermediate spaces. (Server) Only send MOTD once, not everytime a user re-connects to the session. It's not there to annoy people! 20060814-01 (Server) Conserve memory with protocol detection by dropping the buffers once we found the protocol, or when it's clear that we won't figure it out. (Server) Fixed a bug in streams register code that really should have no effect at all but could cause problems when tearing down sessions. It is also present in the client but the effects there would even be less serious. 20060810-01 (Server) Better HTTP detection code. (Server) Improvements to control console. (Server) Fixed silly bug in messenger code that caused an exception when we added another IP address and a string grew too long. 20060804-01 (Server) Properly detect eDonkey2000. 20060803-01 (Server) Detect more torrent tracking. (Server) Don't trigger pop-ups on the client for blocked protocols. (Client) Fixed a null pointer exception (nothing dramatic). 20060802-01 (Server) Fixed silly bug in messenger code and got rid of accompagnied silly console messages. (Server) Log blocked protocols for statistical and debugging purposes (so that we can effectively provide support). (Server) List peers sorted by name in control panel. 20060801-01 (Server) Implemented protocol filtering. Sorry guys, we need it. We will try to keep some of the servers completely open but we need to restrict some or lose them. This is not to pester you but to keep some of the servers close to you. 20060725-01 (Client) Fixed versioning confusion. 20060714-01 (Client) Fixed silly bug that caused the Free Freedom to signal that it will expire or has expired. Sorry about that. 20060713-01 (not yet released) (Server) Remind users to upgrade if clients are very old. 20060712-01 (Client) Warn if profile is about to expire. 20060711-02 (Server) Better messages when refusing streams. (Client) More detailed messages around connecting to the server. 20060711-01 (Server) Undocumented changes. 20060704-02 (Client) New parallelized server search code. Silly enough, what's not properly working yet is the status display... 20060704-01 (Server) Added possibility of profile modifications and additions per user. (Server) Worked on Google hint code. (Client) Worked on multi-IP capabilities w/r/t server detection. 20060629-01 (Server) Changes in the reporting code. 20060628-01 (Client) Fixed problem in dump mode causing connections to not work when NTLM authentication is required. 20060627-01 (Client) Fixed timeout issue in server detection wizard that could occur with unresponsive servers. 20060622-01 (Server) Make sure client learns about secondary IPs. I won't tell how. :-) 20060621-01 (Client) Fixed silly bug that caused the connection problems with newer clients. 20060620-01 (Client) More debugging. 20060619-01 (Client) Added debugging around connection establishment to track down the problems we see with newer versions. 20060614-01 (Server) Think I've found a workaround for a silly problem that leads to the server's external IP sometimes not being displayed properly. 20060607-01 (Server) Shuffeled stuff around, nothing serious. 20060606-01 (Server) Won't tell. :-) 20060531-01 (Both) Multi-IP capabilities -- untested, do not release! (Client) Even when server is configured with hostname and one or more IP addresses, only show the name or the first IP address. (Client) Think I fixed a long-lasting problem in the HTTPS code (the "this should never happen" message). (Client) Fixed null pointer exception when no config there... 20060530-01 (Server) Don't send silly "connection terminated by server" when it was the client who terminated it. (Client) Include timestamps in dumps. (Client) Added wizard code for new (very much alpha!) UDP connection protocol. Made it configurable as well. Please, don't whine too much if it's not working properly yet (though it should!). Reports very much welcome! (Both) Added missing keepalive code to UDP protocol... *blush* (Server) I think I found the reason why the server sometimes doesn't know its IP (or so it seems). 20060529-01 (Client) Fixed null pointer exception in servergroups code. (Client) Modified IP quirk code to only try representations of IP addresses known to work with at least some proxies. (Server) Fixed an annoyance in the command console code (whitespace removal). 20060524-01 (Client) Better PIX fooling, also disabled it by default (hidden config parameter now). This might solve some problems people have. (Client) Always send "cache-control" header -- this makes things work with some stubborn transparent proxies like the one german mobile operator E-Plus uses. 20060523-02 (Client) Fixed many recently introduced bugs in new connection code. Sorry about that! 20060523-01 (Client) Made wizard tell what it is doing while the user waits. Also made searching faster by not analyzing the same server twice. (Server) Added server state reporting to web page. 20060519-01 (Both) Fixed RTP encoding in HTML codec. (Both) Added new frame type "UDP MAPPED" to all codecs. 20060518-01 (Both) More detailed messages when refusing a connection. I hope this will reduce the number of support requests claiming that YF is not working when the destination is simply not resolvable, not reachable, or refusing connections. (Server) Fixed silly "stopping connection on client request" message -- that's a bit too much, debugging-wise. 20060515-01 (Server) Fixed silly bug in debugging code. (Server) More debugging around session termination. 20060511-01 (Server) Added more debugging for discarded messenger packets. (Both) Optimizations in debugging code -- not releasing a new client just because of this. 20060510-01 (Server) Added code to differentiate between server groups. (Client) Show server groups belonging to profile. (Client) Removed debugging message for code that is not yet used anyway... but was an indication of flexibility to come. :-) (Server) Fixed info panel for ftp 20060509-01 (Client) Learned to make good use of a known Cisco PIX bug with regards to WebSense. This bypasses WebSense checks on older PIX OS versions. 20060505-01 (Client) Teached the client to use IP quirks to fool the proxy. No need anymore to do it manually, which also means that it works together with automatic server selection! (For now this is only working for HTTP & HTTPS method -- it does not work with the CGI method, reason being that the data flow model is completely different and I need to re-engineer it first.) (Client) More debugging around web connections to help us track down your proxy connection problems. (Client) Used same connection model for HTTP as for HTTPS. This is a bit quirky (POST never causes the proxy to send a reply if the request is legal, so if we don't see one for two seconds we assume it's OK to go ahead), but it allows for all the same clever tricks as with HTTPS, like automatic server selection, addressing hacks, NTLM authentication, etc. 20060503-01 (Client) Added Italian language. (Client) Other small fixes and improvements. 20060406-01 (Server) Replaced ident reply "EatMyShorts" by random replies. 20060330-01 Nothing changed I think... not sure though. :-) 20060329-01 (Server) Found problem in messenger code, put in workaround. Ugly! 20060316-01 (Server) Fixed null pointer problem in FTP code introduced a few days ago. (Server) Refuse "range" requests. We just can't do that, and it's antisocial anyway. 20060315-02 (Client) Add FTP connection protocol to wizard. Also show which connection tests have been completed successfully. Note that the wizard does not yet ask for an FTP proxy... we'll add this soon. 20060315-01 (Server) Fixed FTP "quit" command. Cosmetics... (Client) Wizard learned a new trick to get you connected. 20060314-01 (Client) Greatly improved (well, fixed) wizard. It actually finds the servers again now (d'oh!). 20060313-01 (Server) Project X :-) 20060306-01 (Both but mainly server) Ah! Think that's it now for the timer problem... 20060303-02 (Both but mainly server) Added another bit of debugging around timers. Got a suspicion why they sometimes cannot get rescheduled. 20060303-01 (Server) Go Away page. 20060222-01 (Client) Implemented FTP non-passive connection mode as fallback when intermediate proxy refuses PASV mode. (Server) Irrelevant clean-ups. 20060221-01 (Server) Fixed bug in server port reporting when reconnecting. (Client) Fixed a silly null pointer exception when searching for servers. 20060207-04 (Both) I think I found the reason for the "division search" problem on the servers. Guess what -- it's a bug in Sun's Java implementation. If you resize an array (by copying the contents into a new one) in synchronized context (not synchronizing on the array itself of course), other threads may not see the difference, even if access to the array is only done in the same synchronized scope. This violates my understanding of the specs, but it's the only explanation I can come up with. I've made the array reference "volatile", let's see if the problem goes away (though I don't like the performance hit). 20060207-03 (Server) Found bug that is likely responsible for the "duplicate login" problem. 20060207-02 (Both) Debugging added around a problem with timer scheduling. This is a stubborn one! (Server) Removed silly debugging. 20060207-01 (Server) Workaround did not work, re-implemented server port assignment in a more brute-force style. This implementation has a statistical likelihood to fail, but it's indeed very unlikely that it does (under normal load it's a lot less likely than winning the lottery big time). (Server) Warn 2 minutes before scheduled shutdown, not 1 minute. 20060206-01 (Server) Tracking a problem with FTP connection method. Implemented a workaround and added debugging code. 20060131-01 (Server) Made logging more precise, now includes milliseconds. 20060117-01 (Client) Worked on FTP connection code. It's now ready for public beta. Enjoy! 20060113-01 (Server) Improved remote upgrade capabilities. 20060112-01 (Server, Tools) New rollout code appears to be OK now. 20060106-01 (Server) Working on new rollout code. 20060104-01 (Server) FTP code only sends keepalive when it receives one. This is to enable the client to test both directions and shut down both channels if one fails. (Client) Send a keepalive every 10 seconds, no matter if other traffic is there as well. This triggers the keepalive mechanism in the server and lets us know if the server still sees our frames! 20060103-01 (Server) Worked on FTP code. Fixed timeout and client IP. (Client) FTP keepalive and timeout code. 20051220-01 (Server) Fixed bug that kept user from being automatically kicked when the server received a USERDEL message if the username contained uppercase letters. (Server) Blocked HTTP forwarding server to client to combat phishing abuse. 20051125-01 (Server) Made FTP data port configurable. (Client) Worked a hell of a lot on client FTP code. (Both) FTP now working in principle. 20051112-01 (Server) Fixed some neglience in the FTP control connection code. (Client) Worked on the FTP control connection code. It actually works now through FTP proxies, tested with Check Point's FireWall-1. :-) 20051111-02 (Server) Worked more on FTP code. Should be ready for first tests now... time to write the client code. :-) (Client) Clean-ups and simplifications in connection code for all protocols. (Client) Started implementing FTP connection. Not functional yet though... be patient please. 20051111-01 (Server) Added UDP forwarder debugging code. 20051110-01 (Server) Enhanced server's actions to be found by Google and other search engines. (Server) Started implementing the new FTP connection method. 20051108-01 (Server) Different shared secret for reports and messages. (Both) Spanish translation. Thanks Carlos! 20051028-02 (Both) Spanish translation added. 20051028-01 (Client) Fixed some portuguese translations. (Client) Fixed improper behavior of SOCKS and HTTP Proxy fields in Ports panel. 20051013-01 (Client) Added more debugging code around NTLM connections. 20051012-01 (Server) Differentiated in server messages between streams that are refused because too many streams are open, and streams that are refused because too many pending streams are present. 20051004-01 (Client) Fixed encryption under Solaris. To quote Douglas Adams: "The worst assumptions are the ones you don't even know you're making." In this case the way the HTTPS transport method works caused writes to the TCP stream to be interrupted, generating an exception, instead of just setting the ThreadInterrupted flag as with all the other OS's. This caused the write requests to be re-ordered because of internal re-queueing, and with stream encryption we can't have that of course. (Client) Fixed some Portugese translations. 20050908-01 (Server) Made control port configurable on-the-fly. 20050907-01 (Server) Added piping to command line. Very handy. :-) 20050831-01 (Client) Integrated latest application panel patches. (Server) Added MOTD feature. Useful for servers that will go out of service soon. 20050824-01 (Server) Added ability to configure more than one server IP so it's properly announced. (Server) Added capability of listing server IPs in info panel. (Server) Suppress "null" listings of alternative servers in info panel (merely cosmetic...) 20050819-01 (Client) Started to integrate application wizard panel. (Client) Worked a lot on server detection code. (Client) Made Wizard and server detection code work with NTLM authenticating proxies. (Client) Make it more clear to proxies and servers that we cannot accept any form of encoding. Just to be sure. This should fix some problems with looking up servers via Google et al. 20050713-01 (Both) Started implementing new connection management framework. This requires that the servers know more about each other, and that the clients keep a lot more track about connection options. When it's all done the user does no longer have to configure anything at all and the client can do it all, even optimizing. 20050712-01 (Server) Actually compiled latest changes in. *blush* 20050705-01 (Client) Fixed missind german translation in some language definition files. Was a missing operator. 20050623-01 (Server) Fixed silly bug that broke formatter in policer status output. Recently introduced when I made formatting a but nicer. (Server) Policer_Linux just learned to watch more than one interface. We need this for servers that have more than one IP address. (Server) Splitted policer into RX and TX part. Needed to support connections that have different uplink and downlink policies. UNTESTED! 20050621-01 (Client) CGI now working. Enabling in client configuration panel. (Client) Modified status panel formatting slightly. (Both) Worked on HTTP codec to make sure we are fully compliant with CGI specs. That's a prerequisite for CGI proxying through PHP to work. :-) 20050617-01 (Both) Working on CGI code. (Server) Fixed bug in policer code that could lead to connection drops in web server. 20050607-01 (Both) Fixed bugs in DNS code that have been freshly introduced. (Server) Sorted out some flags in the DNS header. (Client) Ignore duplicate nameserver lines in resolv.conf. Silly! 20050606-01 (Server) Accept DNS packets where other counters are not 0. (Server) Send authoritative records with each and everything the servers sends, including errors. (Client) Worked on DNS code. Getting better and better. 20050601-01 (Both) Moved connection stats and state signalling to runq model. Should save a few cycles, especially in the server. (Server) Moved duplicate user kicking code to runq model as well. 20050531-01 (Server) Added debugging code to find a harmless out-of-bounds problem. (Server) Do not recommend server "null". Silly... 20050527-01 (Both) Worked around a performance problem that seemingly only shows itself in the client but is present in shared code. It's a CPU leak that makes the connection statistics listeners be called a lot more often than necessary. 20050526-02 (Server) Make number output formatting nicer. 20050526-01 (Server) Added arg to "sessions" command in control panel to allow to only show one session instead of an enormously long list. (Server) Better thread statistics code. Does no longer exaggerate server load because of wonky estimates of the number of running threads. 20050520-01 (Server) Made config parameter load_factor a float to have more granulatity on load control. (Both) Worked on stream sendq firing code to avoid firing the sendq more often than necessary. This should reduce the number of unnecessary threads under some circumstances that are responsible for making servers with little memory explode. (Both) Fixed a bug in the frame queue backlog code that could cause the backlog queue to never empty. D'oh! 20050519-01 (Both) Found bug in bytestream codec that unnecessarily increases the number of bytes skipped after a transmission problem. It's not really relevant though. (Server) Improved performance in HTTP codec for those cases where carriage returns are never sent. I.e. for most cases. :-) (Both) Saved the odd cycle in xlation code. (Server) Removed left-over debugging from HTTP incoming connection code that did not serve any purpose anymore. (Server) Found potential infinite loop in HTTP connection code and fixed it. (Server) Improved performance of built-in file server. (Server) Added some debugging in DNS codec to finally find out why it's not working with DNS servers in-between. Must be something really stupid. 20050518-01 (Client) Added "http_flush" config parameter. 20050517-01 (Server) More debugging for long-running Runq events. 20050516-01 (Server) Added code to locate long-running timeouterfirers. 20050513-02 (Both) Revised the fix below a bit. The fix contains a "deadly embrace", this is now solved. 20050513-01 (Both) I think I found an explanation why the timers sometimes go berserk. This should be fixed now! 20050512-04 (Server) Another small performance improvement, nothing serious though but may reduce latency caused by a periodic cleanup process that synchronized on an important object longer than necessary. 20050512-03 (Server) Made local IP determination a lot less complex, this should save greatly on CPU. The assumption it is making is correct on all servers so why bother and waste CPU? 20050512-02 (Both, mainly server) Hopefully improved performance of StreamsRegisterHash for the most likely case (i.e. sparse usage of the buckets). This should greatly reduce CPU impact of high user counts. (Both, mainly server) Added more debugging code in TimeOuter and added linear search for cases where division search fails; let's see if the search is buggy or if the timer really isn't there. 20050512-01 (Server) Added debug message to get to the bottom of the "ASSERTION FAILED" problem in timeouter code. (Server) Added server version to hello messages. 20050510-01 (Server) Added DNS debugging. 20050506-02 (Server) Added logging of automatic disconnect to facilitate support. (Server) Fixed very silly bug in DNS code that could cause the server side of the session to hang and the CPU load go up to 100%. D'oh! (Server) Fix integer overflow in streams panel. 20050506-01 (Both) Added automatic disconnection feature to the server and support for displaying it as part of the profile in the client. 20050505-02 (Server) Fixed silly bug that keeps the server from logging logins with the proper username. 20050505-01 (Server) Implemented all-new global policer; see how it behaves... at least it's absolutely precise because it obtains bandwidth info directly from the interface. (Linux only so far but who cares?) 20050504-09 (Server) Fudged policer a bit more to account for Ethernet overhead as well. It's a rough estimate but hopefully pretty much accurate. 20050504-08 (Server) Made policing account /all/ traffic, also stream traffic. This is more useful. 20050504-07 (Server) Cleaned up policing code, saves on CPU. 20050504-06 (Server) Hopefully finally fixed policer to look at real amount of data sent, not net data. 20050504-05 (Server) Urgs, seems that I've messed up some things... maybe using "long"s helps... 20050504-04 (Server) Made "no policer" feature in profile actually work. 20050504-03 (Server) Always run policer, even if profile is not limited. Otherwise global readings are wrong and user is not participating in global policing! 20050504-02 (Server) Be more accurate about bandwidth in hellos. (Server) Send hello frame every 15 instead of 20 seconds. (Server) Make server name resolving time out after 3 seconds instead of 10. 20050504-01 (Server) Fixed thread total counter in debugging output. Cosmetic fix only. (Server) Added ability to deactivate global traffic policing for certain profiles. (Server) Apply global policing to web server code as well. (Server) Reduced influence of traffic on load (unless policing). 20050429-02 (Server) Update traffic rate per user only every 10 seconds, not every 2 seconds. That should do and saves CPU, also it does not fire so many events (saving threads and memory). 20050429-01 (Server) Added debugging to find out where ems02 locked up. 20050428-03 (Both) Very subtle change in the TimeOuterFirer code that could save some cycles and maybe reduce load but does not have any other effect on the code. Or at least it should not. :-) 20050428-02 (Server) Worked on TimeOuterFirer pool statistics. 20050428-01 (Server) Limit the amount of logging under DoS. We don't want to make it too easy for them bastards do we? Not that the servers can't cope with it but why waste resources? 20050427-06 (Server) Display correct summary counters for alive and dead threads. Just cosmetics. 20050427-05 (Server) Put in code that also lists dead threads... it seems we've got a zombie problem here! 20050427-04 (Both) Completely removed now redundant StringBufferPool code. Saves a lot of CPU I guess. 20050427-03 (Server) Removed this silly "refusing connection" message -- it only makes matters worse and does not help us any. 20050427-02 (Server) Added a try/catch (Server) Fixed potential null pointer exception in Profile code freshly introduced in 20050422-02. 20050427-01 (Server) Added periodic threads listing so I can see which threads are going haywire when the servers crash... 20050422-02 (Server) Slight bugfix on the backoffs. (Server) Made weed-out more rare (every 15 minutes), it's no longer necessary anyway but I leave it in for now. (Server) Added uptime to the hello announcements and the control panel. (Server) Added system load to hello announcements and control panel peer display. (Server) Modified change below to make it less memory consuming. 20050421-03 (Server) Modified connection backoff code to ensure each port has its own backoff. 20050421-02 (Server) Reversed a small modification that might be the cause of the slowdown, though I doubt it. 20050421-01 (Server) Added profile option to allow duplicate logins. 20050420-02 (Server) Irrelevant null pointer fix in control port code. (Server) Don't kill streams this thoroughly when shutting down a session, it's not necessary. (Server) Found a silly bug in the new parts of the DNS server code that could lead to sessions disconnecting. 20050420-01 (Server) Fixed potential null pointer exception in control console. Nothing serious, can't crash anything and the command works the second time... just a silly race condition. (Server) Worked on DNS code. It's working a lot better now! 20050414-02 (Both) Worked on DNS code, now more reliable it seems. 20050414-01 (Server) Fixed stupid bug in server config code. 20050413-02 (Server) Removed silly debug message. (Both) Worked on DNS code. Guess what -- it's working! Not stable yet but I'm able to log in and open a stream and send and receive some data before it freezes. Call that a start eh? 20050413-01 (Both) These DNS servers think they are clever... alright let's see who's more clever. (Client) Fixed --nogui option. 20050412-03 (Both) DNS tunnelling may work now, let's see! 20050412-02 (Server) More work on stream policing -- see if this works. (Server) Found the problem! It's the backoff mechanism kicking in. Added new parameter for maximum backoff. 20050412-01 (Both) Modified the way stream policing is done, also fixed the stream status display in the GUI. Delayed streams should now be listed properly. 20050411-01 (Client) Small updates to french translation. (Client) Change to streams per second policer (first line of defence in client). This may solve the problems encountered with some applications. (Server) Started re-writing most of the DNS CoDec to make tunnelling through DNS servers work. 20050405-02 (Server) Subtle additions to control panel. (Server) Fixed silly bug in profile parsing that makes the "unlimited" profile fail. 20050405-01 (Server) Fixed problem with displaying proper expiry date. (Server) Silently ignore unknown user attributes instead of throwing up. (Server) Minor modifications to control panel. (Client) Fixed bug that caused wrong expiry date to be displayed. 20050331-01 (Server) Made ID handling in DNS codec a lot simpler. (Client) Modified version comparison code to allow for new "buildday-NN major.minor" syntax. Only the build number is compared. If the major.minor is missing, that's just fine. (Client) Modified DNS CoDec to introduce another segment to avoid requests for server IP addresses being redirected to the servers themselves. Doesn't matter if you have no clue what I mean. :-) The server is already able to ignore this so no change here. (Both) Very slight modification in streams-per-second policing code may solve problems encountered with some web pages that contain loads of graphical elements. (Both) Added expiry to profile (only informational). 20050311-01 (Both) Fixed significant bugs in frame queue code. Oh dear... this lead to very bad behaviour in retransmits. (Both) Enormous advances in DNS code. Timing now mostly reliable, which means we're about to try it in the wild. :-) 20050310-01 (Both) More work on DNS code. 20050309-01 (Server) Decrease incomplete counter when handing over misguided HTTP connections from HTTPS code to HTTP code. (Both) A lot more DNS connection code done... almost working now! I've been logged in already and used SSH over it, well somewhat. Problem is the maximum payload size of a DNS packet is rather small and the rest of the code is not yet able to cope with this properly. (Server) Don't block when sending a stop message. 20050304-01 (Client) Show server and its IP in the Windows systray bubble. (Both) More work on DNS tunnelling code. (Server) More debugging and manipulation methods around the blocking of source IP addresses. (Server) Sanitise URL for downloads. 20050303-01 (Server) Added code to decrease IP counters for incomplete connections periodically, to work around problems with some IPs being blocked eternally (or so it seems). 20050301-01 (Client) Started to implement new DNS tunnelling code (Client) Fixed bug in server search that would break the "web search". (Client) Added timeout in server search so a broken server can't stop the whole process. 20050221-01 (Server) Fixed exception in download code. 20050218-01 (Client) Stop and close local ends of streams when connection is terminated by the server. 20050215-01 (Server) Implemented file server. 20050211-01 (Client) Log client version when starting up -- should save us lots of emails in the customer support department... 20050209-04 (Both) Modified HTTP code to adhere to RFC1867. Modification is backwards compatible, i.e. old clients will still be able to connect to new servers. (Client) Fixed HTTP encoding broken in 20050209-03 20050209-03 (Both) Started implementing HTTP chunked transfer. (Both) Slight modification in the streams-per-second policer code that may address the problem of never-decrementing counters when the client application is hammering the YF client. 20050209-02 (Server) Worked a bit on the backoff code for outgoing streams. May improve situation for heavy (ab)users. 20050209-01 (Client) Ensure HTTP is using HTTP 1.0 not 1.1! Plus some work for CGI relaying. (Server) Work on CGI relaying. (CGIRelay) Implemented prototype in PHP. Still having the same buffering problems as with Perl though, but this is much more elegant. (Both) Rolled back a recent change in stream pending registration that seems to cause trouble. (Client) Fixed bug in UDP forwarder code that was the cause for these "closed" streams and streams that subsequently would not open. 20050208-02 (Both) Hopefully fixed bug that open pending counters are not reset properly under all circumstances. Added debugging to be able to spot such problems. 20050208-01 (Client) Improved server search wizard. Now automatically determines if IP should be used instead of DNS name. (Server) Fixed silly bug in control port connection. 20050207-02 (Both) Worked on TimeOuter code, see if this is now working and more stable. 20050207-01 (Client) Added Portuguese language. Thanks Rui! 20050204-01 (Client) Fixed bug introduced in 20050202-02 that caused UDP packets sent from the client to the server to be overly long. This breaks many UDP applications, eg. RTP. (Server) Modified the UDPForwarder behavior. The forwarding should end when the client says so, or when the client connection dies. No sooner, no later. (Server) Fixed a bug that would cause UDP forwarders not to die and vanish properly when the session dies. That was another memory leakn, though not a big one, but UDP performance of the server would have logarithmically deteriorated with the number of sessions that have died and used UDP. Funny bug eh? 20050203-03 (Server) Oops, fixed a bug introduced in 20050201-01 that would announce a "null" server. 20050203-02 (Both, mainly server) Made a change to TimeOuter code to address a deadlock. I know that the code I have in now is dodgy and will not work properly under all circumstances but at least it will not lock up. Let's see what is more acceptable. :-) 20050203-01 (Client) I'm fairly certain that NTLM should actually work now... at least I was able to reproduce exactly what IE produced in a sample session. Please test, folks! 20050202-03 (Server) More UDP optimizations. (Both) I think I finally found what's going on with these streams that just won't die. 20050202-02 (Both) UDP optimizations. Should use much less CPU now and perform a lot better. 20050202-01 (Server) Fixed some formatting in control console. (Server) More attempts of fixing this g.d. stream threads not dying problem. Hope they don't break anything! (Client) Removed unnecessary UDP debugging. 20050201-02 (Server) Modified number formatting in control console a bit. Also clean-ups there. (Server) Added some debugging to see why some threads still don't die when they are supposed to! 20050201-01 (Server) Do not announce servers that have taken themselves out of service (because of reachability problems etc.) by having loads bigger than 1.000.000.000. The clients ignore these announcements but why make them in the first place! (Server) Make global sleep value load increasing to direct clients away from servers that already throttle traffic. (Client) Updated french translation (thanks Philippe!). 20050131-02 (Server) Modified connection acception (or rather: refusal) code to cleanly catch cases where the connector does not send any data. Also removed potential deadlock (I say "potential" because it's way too complex to check and completely unnecessary). 20050131-01 (Both) Minimal changes to stream code. I don't think they actually help but at least they won't hurt. 20050127-01 (Both) Found another deadly embrace in stream code. 20050126-02 (Both) Worked some more on stream closedown code. 20050126-01 (Both) Worked a bit on thread interruption and sleeping in an attempt to cut down on stale threads. (Both) Found a BONEHEAD mistake... all this don't-wait stream closedown code did not work at all! Users may have noticed that applications seemingly did not notice they've lost connection when the client-to-server connection was closed; only when you shut down the YF client did they notice. Well now you know why... the stream was actually never killed. The server suffered a lot more than the client though. 20050125-02 (Server) Slight formatting change in control port code. (Server) Reduced frame buffer sizes -- we just don't need them this big. 20050125-01 (Server) Removed some unnecessary debugging. (Server) Modified locking of session object instance for incoming connections. (Server) Added debugging that tells me where incoming links get stuck (if they do) when a sessions is simply not dying. Just a suspicion but we'll see. (Client) Allow spaces in proxy password. (Client) Parse config file differently: assume exactly one space between key and value. Don't strip any extra whitespace as it could be part of the value! 20050124-06 (Server) Clean-ups that may or may not fix some hangs. 20050124-05 (Server) Think I know what's wrong. 20050124-04 (Server) Still more debugging, same place... 20050124-03 (Server) May have found problem... let's try. 20050124-02 (Server) There is still a problem with sessions that just won't die. Added debugging to track the problem down and see which lock cannot be acquired. 20050124-01 (Server) Fixed stupid class cast exception recently introduced. Nothing serious though. (Both) Think I've found out why the timeouters can suddenly stop firing. Should be fixed now. 20050123-01 (Server) More debugging around connection granting and refusal. 20050120-01 (Server) Fixed frame leak that has been recently introduced. (Server) SYNCUSERSCOMPLETE message no longer relayed as it is a personal message only intended for this particular server. (Server) Added ability to restart or reboot a single server with a simple messenger packet. Won't tell you how. :-) 20050119-02 (Server) There is still something wrong with this weedout process. Added more debugging and rewrote a few lines. 20050119-01 (Server) Hopefully fixed bug in stream closedown code that would make the "dontwait" flag ineffective if the closedown has already been requested without this flag before but is hanging for whatever reason (for example because there is no uplink to tell the other end). D'oh! 20050118-02 (Both) Catch rare case where timer is cancelled or rescheduled while being fired but not yet marked as being fired. We can't do this with synchronization without unnecessary performance impact. (Server) I think I found out why the weedOut periodic timer sometimes seemingly gets lost... it's stuck killing a session that won't die because one of its streams won't die, reason being that it tries to send an ACK that it can't send because there is no uplink anymore. This should be fixed now, when enqueueing the ACK I set the "dontwait" flag; if the queue is blocked then the frame is dropped and that's that. 20050118-01 (Server) Still problems with an unreleased lock, added more debugging to find it. (Both) More cleanups. (Both) Irrelevant change in Base64 code. (Both) Removed unnecessary synchronization from StreamRegister. 20050117-03 (Both) Cleanups of new TimeOuter code. 20050117-02 (Both) Seems there was still a bug in there that could schedule timers in the wrong order. 20050117-01 (Both) Completely redone the TimeOuter code with new data structures and new algorithms. Not sure if it works properly but there's no better way than testing it in the field. :-) :-) 20050115-01 (Both) Added code to catch exception in TimeOuter firing actions and report them. 20050114-03 (Server) Fixed another null pointer exception. 200050114-02 (Both) Fixed another small silly bug in the TimeOuter code that can only strike in the client -- the server is never idle enough. :-) (Server) Hopefully fixed negligiance that could lead to a TooManyOpenFiles exception. 20050114-01 (Client) Fixed potential NoSuchElementException in TimeOuter code that realistically can only ocur in the client. 20050113-06 (Server) Fixed little bug when setting up TimeOuterFirer pools. (Both) No sleeping when firing TimeOuters. May interfer with interrupting elsewhere. 20050113-05 (Both) Major overhaul of TimeOuter code. Should really by thread-safe now. 20050113-04 (Both) Do not "yield()" when firing timer events. 20050113-03 (Both) Worked again on the TimeOuter code and rewrote the cancel() method. Also worked on synchronization. 20050113-02 (Both) More tidying up of the TimeOuter code. Should have less CPU impact now. 20050113-01 (Server) Fixed another null pointer exception. (Both) Fixed some more potential race conditions in timeouter code. 20050112-07 (Server) Found another potential problem in TimeOuter. 20050112-06 (Server) Found potential glitch in TimeOuter code that could cause tasks to not be fired and subsequently be lost if autorescheduled. 20050112-05 (Server) Made reaping more aggressive. 20050112-04 (Both) Made disguiser pools smaller to conserve memory. (Server) Still losing timers... hope this fixes it. 20050112-03 (Server) Seems like I broke something... 20050112-02 (Server) Added reaping to timeouter firer pool. No need to keep unneeded threads active forever. Also made the pool a lot smaller, it's not that expensive to recreate them. 20050112-01 (Server) Made web page generator a lot more efficient. This will save us a lot of CPU and also conserve memory -- well, at least make memory usage more constant. 20050111-03 (Server) Fixed bug in UDP forwarding code. Could cause clients to hang on subsequent connections... (Client) Worked around a problem that some clients (including dante socksify) seem to have: they close the TCP connection and still expect the UDP forwarding to work. We simply don't close the UDP forwarder when the TCP connection breaks and let it time out instead. This should not be a problem unless you resolve thousands of DNS names... 20050111-02 (Server, also client) Fixed more null pointers. All in consequence of stuffing memory leaks. (Both) May have found another memory leak in the FrameQueue. D'oh! 20050111-01 (Server) Debug why sessions stop. (Client) It seems that in HTTPS mode, keepalive was no longer working -- for whatever reason. See if this fixes it. 20050110-07 (Both) Try to avoid excessive synchronization in bytestream CoDec. Not sure if that's okay but we'll see. -- It's not. Taken out again but leave in some optimizations. 20050110-06 (Both) Found another potential memory bloat. It's not a leak however. 20050110-05 (Both) Fixed stupid bug that caused streams to not properly shut down. Introduced today. 20050110-04 (Both) Performance improvements. This will hopefully help a bit in interpreted mode. 20050110-03 (Server) Another null pointer, nothing serious. 20050110-02 (Server) Fixed another null pointer exception in backoff code (all these are the consequence of stricter memory management). 20050110-01 (Server) More plumbing on memory leaks, probably more null pointer exceptions again now... just a symptom of the problem. (Server) Fixed more now-occurring null pointer exceptions. 20050109-01 (Server) Fixed more now-occurring null pointer exceptions. 20050107-02 (Server) Fixed more now-occurring null pointer exceptions. 20050107-01 (Server) Fixed more now-occurring null pointer exceptions. 20050106-03 (Server) Fixed more now-occurring null pointer exceptions because of calls to sessions that are already shut down... d'oh! (Happens because tasks are scheduled, then session is destroyed.) (Client) Switched off rekeying debugging, it's working perfectly fine now SO PLEASE USE IT! 20050106-02 (Server) Use only one translator instance per language. (Server) Hopefully some improvements regarding garbage collection of no-longer needed objects. 20050106-01 (Server) Fixed a bug in server code that would cause the wrong number of concurrent streams being communicated to the client. Sorry guys, now I know why there are less open streams than some months ago. :-) 20050105-01 (Server) Added usersync request feature. If enabled, newly upped servers request user database synchronisation before they bring their ports up and announce their presence if they last received user information a certain while ago. This should avoid trouble with servers that were offline for quite a while and do not have a (complete) user database. 20050104-01 (Client) Added config param "header". Use as often as you like to add headers to the request sent to your proxy (example: "header User-Agent: None-Of-Your-Business 1.0". Headers are guaranteed to appear in the same order you've specified them, and you can use the same attribute multiple times. 20041215-02 (Server) Added sanity checking to rekey TX code. This may be the NullPointerException... but I'm not convinced enough yet to restart the servers. 20041215-01 (Server) Even more such debugging. I believe it's a JVM bug that I don't see the traces (id 4292742) and I will install 1.5.0 on all servers now. (Both) Did some very minor changes to avoid code that has been deprecated in Java 1.5.0. All changes are backwards compatible so we can still use 1.4.2_05. 20041214-02 (Server) More NullPointerException debugging. Have to find this bugger! 20041214-01 (Server) More NullPointerException debugging. 20041213-02 (Server) Made delay caused by global policer add to the "load". (Server) Worked around some more potential race conditions, this time in the session. (Server) Made the global policer a bit more aggressive. 20041213-01 (Both) Worked around potential (though very unlikely) race conditions in stream closedown code that could lead to a NullPointerException, possibly causing hanging threads. 20041207-01 (Both) Added more debugging code to finally catch the spurious null pointer exceptions. 20041206-01 (Server) Irrelevant change in thread debugging. (Client) Made popups run in separate thread. If you select "automatic server selection" this will also mean that you are automatically reconnected to this or a different server when the server shuts down (currently HTTPS only). (Client) Back off somewhat after 5 unsuccessful attempts to reconnect to a server by sleeping 5 seconds between retries. This should easen the load on a server that is barred or shutting down. (Server) Fixed bug in code to feed CGI-BIN relays to Google. 20041203-01 (Server) Irrelevant cleanups in in the connection code. (Server) Send notify instead of user message if too many inbound streams (server to client forwarding). Client can choose to ignore or (current implementation) log in messages window. 20041202-04 (Both) Found a race condition in rekeying that could cause the sending end to use a different key without telling the receiving end. 20041202-03 (Server) Don't annoy people with unnecessary popup messages about failed inbound connections because the streams limit has been exceeded. We'll deal differently with this when I get the time, eg. send them in a way that they are just logged. 20041202-02 (Server) Made loads of debugging conditional and switched most of it off. Should generally improve performance, and the debugging is really no longer needed because the code works. 20041202-01 (Server) Irrelevant change in timer debugging that produces nicer statistics. (Server) Increased TimeOuterFirer pool size. (Server) Added StringBufferPool statistics so we can start optimizing this part of the code as well. (Both) And guess what the result was... the whole code is useless. I've disabled it. 20041201-01 (Both) Fixed some misconceptions around the interrupted state of a thread that may solve some mysterious problems with threads that just won't die. (Server) Fixed small race condition that could lead to a null pointer exception. 20041126-01 (Both) Cleanups. 20041125-01 (Server) Fixed small bug that could cause session periodic timers to be rescheduled just when the session is about to die, causing them to run forever and keeping the session object alive though invalid, unnecessarily using up CPU and threads. 20041124-03 (Server) Found horrible bug in stream opening code that could cause a frame to be recycled that has been recycled before, which could lead to a frame being used in two different threads at the same time... blimey! (Both) Massively cleaned up the stream opening code so it does not need a freshly created thread anymore that is afterwards destroyed at horrendous cost. Instead, it now uses threads from the pool that basically run forever. By the way... latest measurements show that overall throughput has improved by at least a factor 4 in the last few weeks. :-) 20041124-02 (Server) Aply streams limit also to server-to-client forwards. 20041124-01 (Both) Made one-off scheduler less aggressive in places where there is no rush in an attempt to save on threads. (Server) Implemented a limit on maximum number of pending streams, because they are currently killing our servers! Please guys, try to configure your applications to not attempt too many new connections at a time. 20041123-07 (Both) This time really. :-) Stupid thing, really. It's not optimal but it seems that we have now really little threads for very good performance -- just what we want. 20041123-06 (Both) I think I have found the problem described in 20041123-04. Workaround again removed, it made the servers puke anyway... 20041123-05 (Server) Fixed synchronization problem that could cause a concurrent modification exception. This may well be responsible for the massive server hang we encountered afterwards. 20041123-04 (Both) It appears that there is a problem with hanging streams in -03. I have made a small change to the one-off scheduler for the recvq that trades performace for reliability... *sigh* 20041123-03 (Both) Oops, one should only have one recvq processor running at a time... 20041123-02 (Server) Switched off some debugging that is no longer needed and that only makes the situation worse for the server. (Client) Switched UDP debugging off. 20041123-01 (Both, but mostly only relevant to server code) Modified the one-off firing code a bit to not unnecessarily create new firing threads when an existing one is probably available within the next milliseconds. (Both) Considerably slow down the speed at which connections are requested by the client and requests are dealt with by the server when user is over the top with regards to number of concurrent streams. (Both) Broke the policer in 20041122-03 with regards to profile and user limits. This is fixed now. 20041122-09 (Both) Gone one step further and eliminated the recvq threads altogether. :-) 20041122-08 (Both) Fixed bugs in signedness of short-to-int conversions that broke TCP connections and UDP associations to ports above 32767 in some cases... *blush* 20041122-07 (Server) Even more thread debugging. Already relieved the average server of thousands of threads... (Both) Slightly changed recvq dequeueing thread to ensure it dies more easily -- because it seems that it doesn't die very well at the moment! 20041122-06 (Server) Also count streams that are not yet open when determining if a user may open more streams! 20041122-05 (Server) More thread debugging. 20041122-04 (Server) Added streams throttle. It's not really a hard limit but if there are too many streams on a server opening of a new stream can be delayed up to 10 seconds. This should hopefully allow for some streams to close in the meantime. I know it's not ideal especially since it may freeze the user's connection for up to 10 seconds but we need to do something about this! Therefore this will only kick in if the user has at least 10 open streams. 20041122-03 (Server) Implemented enforcement of uplink bandwidth restriction. Was until then only enforced in client. The server version only enforces net bandwidth, i.e. is less restrictive than the one in the client, and should therefore in theory never really kick in. But we need it for global bandwidth limitation. 20041122-02 (Server) Implemented global bandwidth policer. To be tested. 20041122-01 (Server) Modified connection backoff code to not only allow configuration of backoffs for single destination ports but also general catch-al backoffs. This can be used to throttle users who open connections too rapidly. (Client) Do not rapid-fire open connections to a failing server. 20041118-01 (Client) Another bug in SOCKS UDP forwarding fixed. This time packets were not returned properly if client app bound to port 0 (don't know yet). 20041117-04 (Server) Added another workaround that should ensure that the hack described below does actually figure out an IP address, even when there's really no way telling yet what it's going to be for the association because the destination address is not yet known and therefore the routing is not yet determined. Doesn't matter if it doesn't make sense to you... 20041117-03 (Both) Implemented hack that allows a SOCKS5 UDP application to figure out what the source IP and port of datagrams sent by the server to the destination will be. All you have to do is send a datagram to whatever IP address on port 0, and you'll "receive" one with IP and port as "source". 20041117-02 (Client) Fixed bug in SOCKS UDP implementation that would cause wrong replies. 20041117-01 (Client) Added code to detect illegal SOCKS4/5 requests and report them instead of simply ignoring them, leaving the stream in the "closed" state. (Client) Fixed a bug in the SOCKS emulation code that would cause the emulation to fail if the command was not sent in one packet. (Server) Put challenge frames to the front of the queue. (Server) Ensure server keeps correct authentication state even if intermediate re-authentications fail (up to now, that would not have caused the connection to be dropped). 20041116-05 (Client) Cleanups in HTTPS connection code, potentially also fixing threading issues. 20041116-04 (Client) Added code that detects a bad state of the connection and stops and restarts it immediately instead of waiting for a timeout. This is not entirely satisfactory but until we know what's going on (only happens with proxies and HTTPS!) it should be an acceptable workaround. 20041116-03 (Client) Fixed a problem in SOCKS UDP code that would cause communication to fail with "client application passed illegal port 0, could not get local UDP port" or something like this if the client app chose to not reveal its source port in the SOCKS initiation (which is perfectly legal albeit most likely only to blame on the laziness of the programmer). 20041116-02 (Both) More strict synchronizing in the codecs where I previously believed it would not be required. Now I think it _is_ required. 20041116-01 (Both) I think I may have discovered some more threading unsafeties that may be responsible for the occational loss of connection under heavy load. 20041111-02 (Server) Also fixed disconnect-reconnect bug for HTTP protocol. Same stupid mistake. (Client) Same problem was (kind of) present in the HTTP code of the client. This is fixed now. You should finally be able to keep the session up even if the link is kind of unstable or your proxy is of the rather nasty type. This should also improve the stability of the CGI-BIN solution. (Client) Added code to Wizard to find CGI proxy servers. This is untested yet and the client does not yet check if if actually could use them before offering them to the user (unlike the direct server search code!). We need to fix this! 20041111-01 (Server) Found it! Disconnect and failing to reconnect problem should be solved now also for HTTPS protocol. 20041110-01 (Both) Fixed bug in HTML CoDec that would have caused TCP urgent data to fail (if it could work at all with Java). Don't bother. (Both) Started implementing SIP/RTP. Completely untested and certainly not working yet because the SIP/SDP packets are not yet re-written and the RTP forwarding is not yet set up. But the foundation is in. 20041104-01 (Client) In HTTPS, really try alternative server and not the same one over and over again. (Client) Fixed potential ArrayIndexOutOfBounds issue in profile panel that could be triggered under rare circumstances when watching the panel while the connection is active. 20041102-02 (Both) More debugging to verify if server and client agree on the same keys after session reconnects. 20041102-01 (Client) Added code to support the 100 Continue message (HTTP). 20041101-03 (Client) Also fixed HTTP reconnect stuff, or so I believe. 20041101-02 (Client) Be a lot more aggressive about failing link detection in HTTPS mode. Ensure that both read and write thread always die in unison so that new read and write threads get created when the connection is re-established. This should solve the problems with failing connections once and for all. We'll see. (Client) Ensure that a new TX key is only announced by the client after the connection is authenticated. Otherwise the client gets stuck with a non-functional connection if the server lost the session (i.e. was restarted). 20041101-01 (Client) Ignore absurd screen locations in config. (Server) Speling mistakes corrected. 20041028-01 (Server) Fixed potential null pointer exception in HTTP code. 20041026-01 (Client) Finally someone pointed out a serious bug in the wizard to me: you couldn't leave the proxy domain field empty! That's fixed. (Server) Fixed silly bug that effectively broke UDP. Why didn't you tell me guys?! 20041022-01 (Server) Added code to feed the CGI Relay URLs to Google. (Client) Seriously improved performance of HTTP CoDec; the code was very heap unfriendly in one place -- mea culpa. (Both) Improved reliability of reconnection code at the (slight) expense of memory usage. We now use a different codec instance every time we set up a connection. This seems to be solving a race condition. 20041021-01 (Server) Slightly changed the ordering decision for announced CGI relays. (Server) Made message receiver code less prone to null pointer exceptions, and added a catch to see if there are still any. 20041020-01 (Client) Fixed broken text for NOT_LATEST_VERSION_LONG (Server) Improved Google fodder page. (Server) Added CGIRelay reporting code. This will in the end be code to locate CGIRelays in a nearly unblockable fashion. 20041013-01 (Server) Fixed little bugs in HTTP connection code that caused uplink connections to die too slowly. For a new feature, that is... (Client) Finally made it work. YO! The CGI hack does actually work now, and even though the connection through an intermediate CGI script is not very interactive it is quite usable, and if you limit the uplink bandwidth to a few hundred kilobits per second it's even stable. This means that we can now use the cheapest available web servers and transform them into relays... the only thing we need to be able to do is run a simple Perl CGI script. (Both) Fixed inaccuracies in rate limitation. 20041012-01 (Client) Fixed serious bug in HTTP codec that must have been in there for at least 2 months. Server port forwards caused null pointer exceptions. (Client) Put in hack that will hopefully allow us to fool restrictive admins in the future at very little cost. Stay tuned. :-) 20041007-01 (Server) Fixed typo in HTTP reply header that may have caused problems with some proxies. 20041005-01 (Client) Worked on WebConnection code to support HTTP POST in the future. Also loads of performance improvements. (Not that they really matter but I don't like subobtimal code.) (Server) Removed left-over messenger debug message. 20040930-01 (Server) The fix in 20040929-02 was not effective for ACK frames, which means that the server (which receives loads of ACKs since the log packets are ACK'd) ran out of memory after a while. I still don't know why the fix works though; frame objects hold references to packets, and they don't hold references to anything. There is no deadly embrace. But deleting the references in the frames to the packets before deleting all references to the frames makes the GC shred it all. Oh well. (Server) If a user profile is older than 10 days, delete it and refuse to authenticate. 20040929-02 (Server) Fixed memory leak in messenger. Strange enough, I have no explanation why the garbage collector was unable to collect the objects. Nulling some pointers helped however. Maybe I'll understand at some point what the reason is, I don't think it's a deadly embrace. Maybe the leak is not plugged but it's no longer that bad. 20040929-01 (Server) Made account database more scalable. Should now scale well beyond 1 million users. Don't laugh, we already need to worry about scalability... 20040928-02 (Server) Accidentally broke immediate frame ACKing in messenger... oops! :-) 20040928-01 (Both) Fixed potentially non-thread-safe code in disguiser. 20040927-02 (Server) Fixed memory leak in messenger. (Server) Lots of other messenger fixes. Much more stable transport now! (Server) Greatly reduced number of needed timers in messenger code. 20040927-01 (Server) Cleanups. (Server) Made logging transport failsafe (retransmit of both log packets and ACKs). (Server) Fixed memory leak freshly introduced. 20040924-01 (Server) Fixed stupidities in messenger code. (Server) Fixed potential null pointer dereference in client version announcement code. This caused the messenger to crash and cease to receive messages, hence why all servers stopped replying to user creation requests at the same time! 20040923-01 (Server) Irrelevant change in messenger code. 20040922-01 (Client) Fixed HTTP connection code that was broken in 20040909-02. Sorry about that guys, and thanks very much Philippe for reporting it! 20040921-01 (Client) Fixed debugging code in HTTP uplink code to show response headers when request fails. 20040913-02 (Server, Client) More debugging around version announcement. (Server) Fix bug that caused version announcements never to be sent to the clients. 20040913-01 (Client) Added code to verify if we are running the latest available client version, and to notify the user (in a polite and considerate manner I hope) that he should upgrade. (Server) Added client version distribution and announcement code (triggered by packets received via the messaging service). 20040910-01 (Server) Better server state tracking (show peers). 20040909-02 (Client) Fixed small bug in HTTP connection code that may cause problems with over-critical proxies. 20040909-01 (Client) Only reset timeout when a valid frame is received, not if undecodable trash has been received. This ensures that links are recognized as broken when the encryption gets out of sync. (The server already did it like this.) (Client) Irrelevant cleanups and not-so-irrelevant speedups in connection code. (Client) More optimizations in dump code. 20040908-02 (Client) 20040908-01 broke the "follow server recommendations" checkbox and made the client always follow them. Fixed. 20040908-01 (Client) Avoid server changes when dumping. (Client) When dumping, don't stop dumping after the server connection has been stopped. Instead, flush the file and continue dumping afterwards. (Client) Changed confusing message that connection would be re-opened even if Stop has been pressed. (Client) In HTTP connection code, close down server connection a lot faster in the downlink stream instead of waiting for the server to close it. This bug could cause the downlink thread to run continuously if the server connection failed because of a timed-out NAT translation or similar. (Client) Added code to dump server/proxy responses. (For HTTP, only uplink is dumped but that's good enough.) (Client) Greatly improved performance of dump code. (Client) Improved proxy response read code in HTTP connection code. This fixes the connect problem many people have with strange, very gabby proxies. 20040906-01 (Client) Worked on NTLM code. (Both) Changed a mis-named error message. (Client) Small fixes in client GUI code. This may fix the problems some users had with the window becoming invisible. 20040902-01 (Server) Fixed potential null pointer exception in authentication code (can only happen with malformed frames though). 20040831-01 (Client) Made re-keying configurable in the GUI. (Client) YF window now remembers where it las was on the screen. 20040827-03 (Both) Changed synchronization in ConnectionStatistics code. This should fix some strange bugs, eg. client statistics not properly updating. 20040827-02 (Client) Modified Google search to avoid filtering of similar pages. (Server) Fixed ugly bug in server that broke Google search. Silly! 20040827-01 (Server) Fixed UDP for HTTP encapsulation. This has not worked for quite a while I'm afraid because of a typo. (Client) Improved HTTP uplink performance significantly. 20040826-02 (Server) I think I found the problem why there are always more sessions than users. We'll see. Has something to do with duplicate sessions, one thread registering the new session and the other thread unregistering the old session, with the unregister process removing the newly registered session just because of its name. :-) (Client) Fixed an ArrayIndexOutOfBoundsException problem in the HTTP code. Obvious stupidity, sorry about that. 20040826-01 (Both) Shifted disguising (encryption) from link layer into CoDec. Big difference is that the CoDec knows exactly where frame boundaries are and can ensure that key changes happen exactly at frame boundaries. This should fix the problems we had with key changes and some proxies. Consequently, this feature is now again enabled in the client. (Client) Fixed but that broke HTTP mode over proxies that require authentication. 20040825-01 (Server) Added code to try and stop again sessions periodically when they are idle for more than 1000 seconds. I would like to see where their stop process got stuck. 20040823-04 (Client) Made rekeying configurable, default is "off" for now (not available through the GUI yet). 20040823-03 (Both) Tuned the timeouterfirer pool a bit. (Both) Tweaked the flushing code a bit, may make rekeying work with some proxies. 20040823-02 (Both) Added flush()es to ensure all sides see the streams in sync when changing keys. Hopefully fixes loss of connection. 20040823-01 (Both) Implemented re-keying for encryption layer. Client and server will generate new keys every 5 minutes (if the client supports it) and transmit it using the old key. However an eavesdropper cannot make any use of this key without knowing the user's password. This key exchange also takes place immediately after authentication, which means that we are now more secure than WEP (with shared secrets), and about as secure as PEAP or LEAP. Spooks, have a good time! 20040819-01 (Client) Very minor optimizations in HTTP connection code. (Server) Tuned the frame pool sizes a bit. (Server) Very subtle changes in the way sessions are timed out, may fix some sessions still not timing out. (Client) Removed silly "SEND UDP TO SERVER" message that in case of a busy client wasn't even telling the truth. 20040818-01 (Both) If the timeouter firer pool is almost empty, sleep a little bit before runq jobs are fired to relieve the stress on the pool. 20040817-07 (Both) Fixed stupid null pointer bug introduced today. 20040817-06 (Both) Re-introduced the scheduled flag for the Runq_Runnable. (Server) Increased timeouter firer pool to 500. (Client) Decreased timeouter firer pool to 50. 20040817-05 (Server) Further increased timeouter firer pool size to keep uo with demand by runq objects. 20040817-04 (Server) Moved more parts of the load calculation code into the synchronized brace. This avoids unnecessary work on heavily loaded servers, as we have them now. :-) (Both) Reduced timer pool size to 20, that seems to be big enough and more is just a waste of threads. (Both) Weird! Just when you thought you can't probably do any better on the number of needed threads you find that the whole thing you've just implemented that greatly reduces the number of threads isn't needed in the first place, because you already have another part of the code that is doing exactly the same thing -- it took only a few additional lines, and poof, another thread per session gone! 20040817-03 (Both) Changed the way connection statistics updates are propagated. They now use the runq as well, saving a thread that otherwise would have to be created every second or so. 20040817-02 (Server) Fixed potential array index out of bounds problem in message sending code. (Client) Update status panel when connection shuts down so that the statistics are not showing an old state. (Client) Fixed small issue in HTTP connection code that may cause problems with the downlink connection, depending on the configuration. 20040817-01 (Both) Added a new language: French/Fran�ais. Thanks to Philippe Guntz for translating the whole stuff! (Both) Removed one thread from the stream code and replaced it with new one-thread-per-session code. (Client) Fixed stupid formatting bug in connection configuration panel. (Both) Hopefully fixed the "dropping frame for non-existing stream" message shown when streams were rejected. (Client) Fixed potential race condition that could lead to some connections just not opening properly. 20040816-01 (Client) Better proxy debugging (HTTPS connection method only). 20040813-02 (Server) Observed that it can happen that sessions are in the user map but not in the sessions map! No idea how this can happen but I suppose that means that they could not be unregistered because at the time they were about to be unregistered they did not have a username assigned (race between authentication and termination of a session I suppose). Added code to address this. 20040813-01 (Server) Ensured StreamRegister cannot be blocked. 20040812-02 (Server) Found this silly "sometimes only 1 session" problem. 20040812-01 (Server) More debugging. (Client) Worked on SOCKS emulation. Will hopefully fix problems for some client software. 20040811-03 (Both) Worked more on the FrameQueue code, should be more stable now when shutting down a frame queue. 20040811-02 (Both) Fixed stupid problem just introduced. 20040811-01 (Server) Put in safe-catches when killing HTTP uplink and downlink threads. We don't wait longer than 10 seconds for them to die. (Client) Fixed bug that made the "no pop-up" switch non-persistent. (Client) Hopefully finally made sure in all places that the default language is English. 20040810-04 (Both) Put in a quirk into the bytestream CoDec that detects negative sizes and gracefully returns if they are present. 20040810-03 (Both) Added debugging around an exception in the bytestream CoDec I have seen. Next time we'll see. (Server) Found a potential threading problem and fixed it. 20040810-02 (Server) Show statistics about how many users are on which server in the command console locate command output. (Server) Added stop phase to what is shown in "sessions" output to see why sessions just don't die. 20040810-01 (Both) Introduced TimeOuterFirer class that lives in a pool and does exactly what the name suggests: it fires a timer, without creating and destroying a thread every time. And lo and behold, no need anymore for lightweight timers because now all timers are pretty much lightweight. :-) (Server) Modified defaults for ping. (Server) String clean-ups in esoteric places. 20040809-01 (Server) More string clean-ups in console code. (Server) Tightened some synchronized blocks and improved the getSessions() method. It had a stupid bug that would bite occasionally and could lead to bizarre null pointer exceptions, including crashes of threads that calculated the load, i.e. nearly all. :-) (Server) Improved ACL code, server IP matching. (Server) Worked on traffic contingenter code. (Server) Loads of clean-ups, making code more heap friendly, eg. by using Misc methods instead of bulky built-ins to parse integers. (Server) Loads of small clean-ups in the way string buffers are used to improve optimization by the compiler. 20040805-02 (Both) Modified the timer code to remove potential of locking up under very strange circumstances. 20040805-01 (Server) Greatly (hope so) improved performance of HTML CoDec. Less CPU, much less heap. Less string operations in server code. (Client) Fixed bug in config code that would cause config to be saved with a wrong file name in wizard if file name was supplied on the command line. Also improved string operations there. (Both) Cleanups in bytestream codec. (Server) Worked more on string operations in console code. (Server) Do not announce if session is shutting down. 20040804-03 (Server) Worked on string operations in console code. (Server) Modified EMSD_L, some streams synchronize statements enclosed more commands than absolutely necessary, could have been a deadly embrace and the cause for some sessions just plainly not dying because they can't close down their strems. 20040804-02 (Server) Make the load calculation thingy from 20040804-01 actually work. (Server) Not really a code change but I am playing with more detailed memory sizing options to reduce the amount of CPU spent on garbage collection. (Server) No more explicit GC calls. 20040804-01 (Server) When waiting for a lock in the load calculation, check after acquiring the lock if someone else has done the calculation in the meantime. If yes, just use their result. (Server) Another synchronized statement when accessing the size of the tasks structure. This is not very important because the worst thing that could happen are false results. (Both) Performance improvements in timeouter code, should also ensure that the tree does not become too unbalanced. 20040803-06 (Server) Unimportant change in session management. (Server) Modified the way locking and thread yielding is done in the load calculation. Debugging indicates that we may have a problem there. Also made some variables volatile. 20040803-05 (Both) Modified the timer code again, it looks like the changes from 20030803-03 made things worse. Do up to 50 fire()'s without releasing the lock. 20040803-04 (Both) In timeouter code, do socket close in a separate thread to avoid blocking. Also, ensure that autoreschedule also works if the timeouter does not call a listener timeout() method (not used in YF though). 20040803-03 (Both) More subtle changes in the timer code that avoids timer process being stopped and re-started when there are no more timers scheduled. As if that would ever happen... :-) Also, don't Thread.yield() as long as we still hold the lock to the timers structure, we'll be done with the work very quickly anyway. 20040803-02 (Both) Yeah! Found another stupid non-thread-safe variable in the timer code. This one is responsible for timers being executed way too late. 20040803-01 (Server) Debugging code to figure out which resource stays locked when the server crawls to a halt. Use the "info" command and watch for console output. (Both) Clean-ups in stream code, irrelevant. (Server) Added missing synchronized in HTTPS connection code. D'oh! 20040802-02 (Both) Got rid of the to_retransmit and to_close timers in the stream code. What's not there can't cause trouble. (Server) Don't announce unless the user has fully logged in. (Server) Named timers that did not have name. (Server) Removed another small heap hog. 20040802-01 (Both) Seriously modified statistics code to use less timers (no timers at all, in fact). (Both) In bytestream codec, don't extend decoderbuffer to extreme sizes if someone sends garbage. (Both) Made bytestream codec more foolproof. It could lock up if garbage was received. (Both) Cancel the stream retransmit timer if the sendq is empty, meaning that all frames have been acked by the receiving end. No need to fire it unproductively! 20040801-01 (Server) Removed more timers that are no longer needed. 20040730-04 (Client) Worked the HTTP link code. 20040730-03 (Server) Put in workaround to make wizard work with proxies again... d'oh! (Server) Tuned built-in web server. 20040730-02 (Server) Fixed another bunch of missing synchronizations that could lead to serious structure corruption and lock-ups. (Server, also client) Made some variables volatile that are used and modified by several threads. Symptom: multiple stop messages for each session when shutting down. This should be fixed now! 20040730-01 (Both) Performance improvements (less CPU, less heap, less blocking) in Base64 and Codec_HTML code. (Also found that HTTPS performance is about 20% better than a few weeks ago, but this is due to other improvements.) (Both) Fixed serious bug in HTML CoDec that make the client perceive every frame without data block as a keepalive frame, effectively not understanding things like CLOSE frames etc. This broke for example SOCKS non-passive FTP. 20040729-08 (Both) Avoid at all cost to print debugging while the tasks map is locked in TimeOuter. This only adds severely to the backlog! 20040729-07 (Both) Found a heap hog in TimeOuter debugging code. May well be responsible for some of the slow-down. 20040729-06 (Server) Removed a synchronization when shutting session down that is not needed and seems to be blocking at times. 20040729-05 (Server) Whoops, forgot synchronization where new users are being registered with the EMSD.users hash map. Also, session did no longer report logouts. 20040729-04 (Server) Be somewhat more harsh with streams that won't shut down and keep sessions from dying. We don't wait longer than 25 seconds before we simply gun down the stream by closing the socket and destroying the object. This may also solve problems with idle sessions not timing out, we'll see. 20040729-03 (Both) I think I found a potentially serious problem in the TimeOuter code. It has something to do with long (and double, btw.) variables not being thread-safe... *sigh* 20040729-02 (Both) Improved the way autoreschedule of timers works, inner class does no longer use variables of outer class method in which it is defined, this should reduce stack usage and maybe solve one or another problem we have... 20040729-01 (Server) Modified load calculation algorithm parameters to put more emphasize on the number of people logged in and less on the traffic. The recent changes make the amount of work a server has more proportional to the number of people logged in. (Server) Changed session periodic call to every 2 seconds instead of every second. Should greatly reduce the server load and roughly double the number of users that can be supported. 20040728-06 (Server) Enormous improvements in the Messenger code... we scheduled one timer for every packet we received that only fired after 900 seconds! Now it's a periodic timer every 30 seconds that does all the housekeeping much more efficiently. And what's even better: I think I plugged a big memory hole in there. 20040728-05 (Server) Worked a lot on the messenger code, hope I didn't break it. Should now perform better and be a lot more heap-friendly. 20040728-04 (Both) Worked around strange null pointer exception in frame buffer code that I do not understand yet. (Server) More session stopping debugging code to figure out why some sessions just won't die when told to. 20040728-03 (Both) (Hopefully) improved Base64 code to use StringBuffers from the pool instead of byte[] arrays and StringBuffers freshly created on the heap. Should make a big difference with the HTML codec! 20040728-02 (Server) Refuse to authenticate via MD5 if challenge has not yet been sent to client. (Both) Very minor optimizations in timer code. 20040728-01 (Server) Very minor optimizations. (Server) Added code to exit on shutdown after 60 seconds even if some sessions refuse to die within this time. (Server) Added code to debug why sessions just won't die. After 60 seconds, just before the server exits anyway, hanging sessions are listed, including where their stop thread got stuck. I believe it's got something to do with these mysterious and unattributed null pointer exceptions we still get from time to time. (Both, but mainly server) Added a safe-catch to timer code that kicks in when timers are fired while they are firing. This can happen in rare cases and can lead to timer code blocking for a long time. 20040727-05 (Server) Use standard pings instead of large pings, -s can only be used as root and the server is no longer running as root. 20040727-04 (Server) Fixed silly bug introduced some weeks ago that would keep the server from recommending alternative servers. (Server) Nag people with very old clients that force me to keep a truckload of old rubbish in the server code to upgrade. (Server) Cache alternative servers so we don't have to recalculate the array every second and thrash the heap. 20040727-03 (Server) Still seeing sessions that won't die, worked on this. (Server) Very minor performance tweaks. 20040727-02 (Server) Show which ping destinations are currently unreachable. 20040727-01 (Client) Improved performance of SOCKS faking code, also reduced memory hogging. (Both) Better IP parsing code that does not fragment the heap and is (of course) faster. (Both) Made logging code faster by not synchronizing unnecessarily. (Both) Fixed autoreschedule code, safety measuer there to avoid scheduling in the past was flawed. (Both) Fixed potential null pointer exception in IP parsing code. 20040726-04 (Server) Made ident port configurable and fixed a bug that would cause connections to not time out. 20040726-03 (Both) Minor performance tweaks in StreamRegisterHash code. Also limited the absolute maximum number of streams to 1023, this will improve performance as some operations with the StreamRegister still are of linear complexity. (Both) Removed another memory hog by moving code into the StreamsRegister that would otherwise have required the creation of an array containing all streams. This is done every second for every session, mind you! 20040726-02 (Both) Avoid locking the timeouter element when firing the timer to avoid locking the main timer process. We just need to se if we can do without. 20040726-01 (Both, but mainly server) Show if timers are scheduled in the past. Maybe that's the reason for the lock hogging problems? (Server) Removed more unnecessary timers from the code and replaced them by call hooks in the session periodic code. (Both) Save some system calls by passing the time along with method calls. (Both) Made connection statistics periodic timer autoReschedule() instead of periodic(). Less precise, more foolproof. (Both) I think I've made the connection statistics listener hook code somewhat more clever by using two vectors that I keep instead of one hash set that I threw away everytime. (Both) Modified ACL code and removed big memory hog in there. 20040719-01 (Both, but mainly server) Added some debugging to see if too many timers are scheduled. 20040718-01 (Server) Reqrote session timeout code to not use a separate timer. 20040717-01 (Both) Very minor change to the StreamStats code that should still save noticeably on CPU on busy servers. (Both) Bit of pooling around the FrameBuffer. Don't know if it's any good or bad, we will see. Most of the code is not used at the moment though, only the IntegerTreeMap pool code is used at the moment. (Both) Fixed newly introduced bug in Stream code that would make streams not properly close down immediately but time out. 20040716-02 (Both) Found another stupid bug in the timeouter code that can lead to autorescheduled threads being rescheduled over and over again although they have actually been cancelled. This is why the server still comes to a screeching halt at times. Well, came I hope. 20040715-04, 20040716-01 (Client) Make sure the wizard sets the language properly and spares people from having to read German when they probably cannot. (Server) When session has no streams, stop automatic rescheduling of streams-periodic timer. (Both) Ensure autoreschedule does not schedule in the past when the system is overloaded. 20040715-03 (Both, but mainly Server) Avoid too many debug messages in synchronized timer reschedule code that only make the situation worse. 20040715-02 (Both) Changed a little something that should make interactive work more pleasant again. 20040715-01 (Both) Re-worked the whole ACK timing to make it less bulky. (Both) Re-worked statistics timing to ensure that missed events are not made up for. This could lead to ever more backlog and finally to a screeching halt. (Client) Fixed bug that could only occur with extremely good connections (i.e. server and client in the same network). 20040714-06 (Both) Slightly modified the code in order not to hog the lock for too long. 20040714-05 (Both) Trying to keep the lock on the tasks map with the thread emptying the queue as long as it is behind schedule. This will hopeully make the code behave better. 20040714-04 (Server) Won't tell you but it's about becoming more resistant against DoS. :-) 20040714-03 (Both) Made threads working queues until they are empty less selfish by forcing them to yield() the CPO after each iteration. Hopefully this will reduce waiting time for other urgent threads. 20040714-02 (Both) TimeOuter work to improve performance and reduce heap fragmentation. 20040714-01 (Server) TimeOuter debugging. 20040713-06 (Client) Fixed obviously long outstanding null pointer exception in HTML CoDec. (Server) Minor string work. 20040713-05 (Server) Removed more useless debugging. (Server) Wait a bit if authentication fails before it is reported to the client and the connection is closed. This should relieve the server of the burden of clients trying 100 times per second. (Both) Greatly improved performance of HTTP CoDec. 20040713-04 (Both) Removed loads of timers (2 per stream) that are continually rescheduled. They're not needed, we can do it differently. This will hopefully greatly relieve scheduling overhead because the timer reschedule code uses synchronized a lot. 20040713-03 (Server) Removed some of the more useless debugging that only slows down the server. 20040713-02 (Client) Ensure the default language is English. 20040713-01 (Server) Added network tester that ensures reachability of chosen targets, and increases reported server load if a configured number of these targets are not or badly reachable. (Both) Slight modification to the timer code that should greatly reduce the number of locks that have to be acquired with hopefully no negative side effects. Busy servers are getting behind running the timer, and a backlog of up to 30 seconds on timers can't be good. :-) 20040712-07 (Server) Avoid leaving connectivity information on the servers unless we are debugging. 20040712-06 (Server) Do not announce users to other servers that appear to be idle for an overly long period (30 secs). This should avoid users being kicked out of other servers when the current server still has not timed out the user. 20040712-05 (Both) Rephrased some of the ConnectionStatistics code to make it less obese. (Both) Be less picky with timers firing immediately, even 10 in a row. This can well happen with negative delays of up to some milliseconds without unjust cause. Reporting it only makes the backlog worse. :-) 20040712-04 (Both) Added more efficient alternatives to cancel() in timer code to cancel automatic reschedules. Only used in StreamStats code for now, and I think in ConnectionStatistics as well. 20040712-03 (Both) Worked on timer code, added periodic and auto-rescheduled timers. Also added lightweight timers again, don't think it was responsible for the instabilities. 20040712-02 (Both) Fixed silly bug in StringBufferPool code. (Server) More StringBuffer pooling. (Server) Removed some useless debugging. 20040712-01 (Both) Modified logging code so that it accepts StringBuffer as well. (Both) Added string buffer pooling. Not everywhere yet but already in the most important places. 20040710-01 (Server) Catch bad UDP frame info and don't throw exceptions. 20040709-03 (Both) Added debugging that shows when too many accepts happen on forwarded ports. 20040709-02 (Both) Removed synchronized from timer's fire method. 20040709-01 (Both) Removed "synchronized" from fire() method of timer code. Instead, I used a "synchronized(this)" on the only statement I believe to be critical. We have to avoid that a timer fires while it is being rescheduled but it's no problem if it is being rescheduled while it fires. :-) Also, the "lightweight" timer stuff is useless and dangerous. There is not a single place in YF where it could safely be used so I deactivated it again. 20040708-05 (Both) Worked on the timer code. I had a strange feeling in my guts that something's wrong there, and I think I have found a possibility how 3 (three) interacting threads could cause problems if two were modifying the same timer. It's highly unlikely but so is winning the lottery, and it happens nearly every Saturday. Germans have a proberb saying that horses have been seen barfing in front of the pharmacy. Doesn't matter if you don't get it, neither do the Germans. :-) 20040708-04 (Server) More connection debugging. 20040708-03 (Both) Worked around a situation where hundreds of timers could fire at the same time in the StreamStats code. (Both) Modified scheduling of retransmit timers to avoid many of them firing at the same time if a user with a hanging session has hundreds of streams open. (Both) Introduced "lightweight" timers that do not spawn threads when firing. They are only used for timer events that cannot block and that cannot run for extended periods. (Coders beware, this is a very dangerous feature and you should know what you are doing if you do.) (Client) Servers are now all in the your-freedom.de domain, updated all references. 20040708-01 to 02 (Both, mainly relevant for server) Timer code debugging to find tasks executed behind schedule in a row. The occasional message should not alarm you, it _can_ happen. It just should not happen dozens of times over and over again. (Server) Added code to track down unusually high numbers of socket accepts. Just want to know if this is what is causing high CPU load at times. 20040707-01 (Server) Added timestamps when load calculation is shown. Also added stream count and system load. (Client) Small changes in HTTPS connection code that should fix a problem with the STOP button not working in some cases. 20040706-02 (Server) Add IP to what Google will display. The client will later be modified to use this information. This is for places where DNS will not work at all. 20040706-01 (Both) Reduced maximum frame size to 8192 bytes. Note that this is a change incompatible with older clients! Should they ever send such a big frame it will be dropped. But frankly, this has only happened a few times in months of server operation. (Both) More different frame pools, more frames of different sizes. Just want to see if it helps any with bursty frame needs. It's more important to the server than to the client though. (Server) Even bigger frame pools to deal with increasing demand on the servers. 20040705-02 to -03 (Client) NTLM development. (Both) Compiled with 1.4.2_05 (Server) Increased buffer pools even further. 20040705-01 (Both) Very minor optimizations in FrameQueue code. (Both) Bit more synchronization in FrameBuffer and StreamsRegister code that may help with very rare stream drops. (Both) Removed "magic numbers" from Frame pool code. Don't see why we should only have 5 queues and have that number set in stone. :-) (Server) Increased somd frame pools, reduced others in size, to match up with observations. 20040702-03 (Server) Worked on connection acception code to reduce CPU impact of DoS. (Server) If some doofus uses HTTP on an HTTPS port, we fudge it to make it work. We may later send him a message to have him fix his configuration, but then again: who cares? It works now. :-) (Client) When user changes protocol, set port to this protocol's default port. This avoids mistakes. 20040702-02 (Client) Avoid hundreds of connections per second if using HTTP on a server that does not understand our protocol. (Server) Delay 1s before closing bad connection. 20040702-01 20040701-01 to -07 (Client) Worked on WebConnection code NTLM authentication. 20040628-01 (Both) Fixed potential ArrayIndexOutOfBoundsException in ConnectionStatistics code. (Server) Report resused connections (so they get time-stamped). (Server) Better reporting of bad and throughput connections. 20040624-03 (Server) Better DoS protection code, also fixes problems with connections hanging before anything could be transmitted. 20040624-02 (Client) Relaxed syntax checking of proxy server responses plus debugging on stdout. (Both) Very minor change in the FrameQueue code to make this absolutely bullet-proof and thread-safe. 20040624-01 (Server) Inform client of server location (country). (Client) Display country of server location if known. (Both) More stream optimizations. (Server) Limit number of pending connections per IP address until the session timeout kicks in. 20040623-02 (Server) Reporter optimizations. (Client) Minor optimizations in Google search code. (Server) More pool size tuning. (Server) Put connections through based on port and type, not only type. 20040623-01 (Server) Further increased pool sizes. (Server) Added on-the-fly configuration for many important config parameters. 20040622-09 (Both) Fixed more frame leakage. 20040622-08 (Both) Small bug in frame queue code: frames should only be recycled there when frame queue is stopped if they are marked to be recycled when dequeued. Otherwise there are still references somewhere else, eg. in a frame buffer. Not that this can really do havoc, it's just good style this way. (Both) Introduced silly bug in 20040622-0x that leads to frame leakage and streams not closing down properly 20040622-07 (Client) Removed debugging message that I forgot in the code. (Client) Fixed bouncing problem where the client bounces between several servers looking for the best one. 20040622-06 (Both) Fixed synchronization bug in frame queue code, implementation was definitely not thread-safe. 20040622-05 (Both) Size of frames to be used as buffers when reading from stream is no longer only dependent on connection throughput but also on what the stream used last time and if it used all of the available space. In other words: less active streams use smaller frames despite what the connection suggests to conserve memory. (Server) Full GC is only done every 5 minutes now instead of every 10 seconds. Memory usage improvements have made this possible. (Both) I think I found a problem in the stream code that could lead to a frame being modified after it has been recycled. 20040622-04 (Both) Fixed potential race conditions in both CoDecs. 20040622-03 (Both) Fixed bug in HTTP codec. 20040622-02 (Both, but mainly server) Fixed more frame "leakage". (Client) Fixed frame dump code, was broken after recent change to the frame code. 20040622-01 (Both) Recycle frames when tearing down non-empty frame buffers and frame queues. Also recycle duplicate frames in buffers and also superseded ACKs. (Both) More small optimizations. 20040621-06 (Server) Increased some pools a bit more. 20040621-05 (Both) More frame recycling. 20040621-04 (Both) More frame recycling. 20040621-03 (Server) Messenger optimizations. (Server) If the load is really high, reduce the queue sizes somewhat so that not too many frames are kept in memory. (Server) Added more frame pool debugging to control panel. 20040621-02 (Server) Better locking around load calculation to avoid two threads calculating load at the same time. Happens only rarely but is a waste of CPU anyway. Threads that use the load can wait a bit anyway. (Both) Found a freshly introduced bug that would throw an exception when sending error messages. 20040621-01 (Both) Loads of clean-ups and more synchronization in critical places (for operations that are not as uncritical as I used to think). (Server) Finally fixed the problem of HTTP connections sometimes not working because of null pointer exceptions or strange, unexplained authentication failures. It was a race condition, of course. (Server) Added control panel command "show buffers". 20040619-01 (Both) Frame size hack: use 5 frame pools for frames of different sizes instead of always sung maximum sized frames. Saves loads of memory, especially on the server. 20040617-02 (Client) Check out the Languages :-) 20040617-01 (Both) Dramatically reduced the number of expensive string operations by using properly sized StringBuffers instead of the concatenation operator +. 20040616-03 (Both) Slight changes to connection statistics timing that will like relieve the server of bursty CPU load caused by all statistics being updated at the same time (which is nonsense). The client will not benefit from this though - it only has one connection. 20040616-02 (Client) Fixed bug in Windows client that caused the YF window to stay hidden even if "show window" was selected from the context menu. 20040616-01 (Both) Subtle change in ACK timing, better when many streams are open at the same time. (Server) When forwarding streams, shut down the ports first, then the streams. Otherwise remote port forwards coming in at a constant rate will stop the session from dying. (Both) Fixed bug in frame debugging code. (Both) Specialized versions of TreeMap for int and long keys will save us from having to create thousands of key objects per second. (Both) Fixed a bug in TimeOuter that could definitely be the culprit for server hangs. It very likely is. 20040615-06 (Both) Fixed stupid bug in delayed acknowledge code. The bug slowed down single streams substantially, while not affecting overall throughput. (Both) Better queue adjustment code no longer triggered by periodic timer but by availability of new connection statistics (on which it is based). 20040615-05 (Server) Stream close down code now a little bit less thrashy with CPU. 20040615-04 (Both) Radically changed the buffering concept in frames. Expect the worst... 20040615-03 (Server) Cosmetic fix in control port code. (Server) Stricter synchronization for incoming connections in HTTPS code. 20040615-02 (Server) Added debugging code around garbage collection to see if it is ever running for an inordinate time and causing problems for the timer code, or if it's the other way round. (Server) Added debugging code around session stopping code to see if sessions with same name are run in same object when there are multiple stopping announcements in a row. 20040615-01 (Server) Some debugging around duplicate login detection code added to verify a strange thing I've seen in the logs. It's got nothing to do with the code there itself but it seems that two sessions have not been treated as equal though they had the same session id? Has left to a left-over user map entry. 20040614-05 (Server) Adapted load calculation once more. "uptime" is now taken into account (Unix servers only). (Client) Added missing translation. 20040614-04 (Server) Quirk to suppress non-sense "unknown idle sec" display (Messenger) Fixed bug that dropped duplicate ACKs... stupid. Irrelevant for the server and the client though. (Server) Ignore user announcements that originate from ourselves. Fixes the "duplicate connection" problem. 20040614-03 (Server) Activated periodic full GC again to see if it makes a difference with regards to VM stability. 20040614-02 (Both) Still tweaking the timer code. It appears to me that one of the recent changes to the timer code, the precision feature, is causing the problem. Reason is that the implementation always rounded down instead of up, potentially leaving timers to fire immediately. Not really sure about this but a simple "+1" seems to have fixed the problem of one thread eating loads of CPU. :-) 20040614-01 (Both) Subtle change to timer code that may fix a race condition. Not sure if there is any though. 20040611-04 (Both, but mostly server) Fixed horrible bug in stream open code that is the cause for so many open requests failing. 20040611-03 (Both) Came across a problem with a recent change to event scheduling. It's not a good idea to use large precision intervals because this will cause loads of events to be scheduled at the same time, causing other threads to be starved, causing all kinds of havoc. I suppose. If there are no screeching halts of the server anymore we'll know why. 20040611-02 (Server) Fixed thread creation race condition in HTTPS code that could put the server into an illegal state if a client opened connections in fast repetition and the server was loaded. 20040611-01 (Both) Timer code improvements. No fixes, just less CPU and memory usage. 20040610-08 (Both) More timer code fixes. This time the bug could cause the timer main process to consume huge amounts of CPU when events were scheduled to be executed in rapid succession. (Server) Have provisions to catch firing timers for sessions that are no longer valid. This can happen because of the firing timers running in separate threads. 20040610-07 (Server) Obviously timers are firing for invalid sessions, need to debug this. 20040610-06 (Server) Still more session termination stuff. 20040610-05 (Server) Cosmetics. (Server) Be sure the session timeout is always scheduled, even if not a single frame is received. (Both) Fixed problem in timer code that could lead to timers not being removed from schedule when fired and fired all over again. 20040610-04 (Server) Added ability to control connection to kill by session id, not only kick by username. 20040610-03 (Server) Found a freshly introduced bug in session timeout code. 20040610-02 (Server) Added shutdown code to put throughs. 20040610-01 (Server) Re-worked session shutdown code once more, also added UDP forwarder shutdown code that was missing. Also added code to refuse new streams and forwardings while session is shutting down. 20040609-02, -03, -04 (Server) Worked more on the session stop code to finally get the sessions to die when they should. Think I've found what's wrong... had the sessions registered in two places instead of one and was only cleaning up one properly. 20040609-01 (Client) Added domain field in wizard and configuration panel in preparation for adding NTLM support. Actually it may already work for HTTPS, but it is untested. 20040608-04 (Both) Timer code clean-ups, should make it a bit faster and use less memory and intermediate objects. 20040608-03 (Server) Fixed potential null pointer exceptions in reporter code (sessions logging out that have not authenticated yet). 20040608-02 (Server) More messenger debugging. (Server) Fixed potential null pointer exception on protocol violations. 20040608-01 (Server) Modified the load calculation algorithm to place more emphasis on the number of open streams. (Client) Added file_extip parameter in config that takes a file name as argument. The client writes the server's external IP to this file. Useful for scripting. (Client) Fixed a potential null pointer exception in UDP forwarding code. 20040607-04, -05 (Server) Fixed really serious bug in session management. Sessions were not properly associated to session IDs which could lead to dangling sessions still eating resources and reconnection of sessions not working. 20040607-03 (Server) Debugging. 20040607-02 (Client) Try not to overrun server's limitation of new streams per second. Won't do us any good anyway, the server will not open the connections any faster if we do. 20040607-01 (Both) Fixed bug in stream registry code that would have kicked in and thrown an exception when more than 2046 streams would have been forwarded from the server to the client. (Client) Clean-ups in connection code. (Client) Modified connection code to allow for test-only secondary connections that do nothing else but measure the round trip time. We will use this in the future to make more informed decisions in server selection that prefer "close" servers if they are not too overloaded. 20040604-02 (Both) Implemented round trip time measurement. In the very near future the client will use this to influence its choice of server based on previous experience. This way people will get connected preferentially to servers which have worked well for them in the past. Currently this is not used for anything but you will see an informational log message every minute. (Client) Recycle more received frames, including incoming open requests and messages. 20040604-01 (Server) Added debugging to track down a strange problem with sockets. (Client) Made the message log slightly less memory intensive. 20040602-04 (Both) Fixed bug in HTML codec that breaks SOCKS BIND. (Server) Make sure BIND_LISTENING frames are queued in front of ACKs of the same stream to ensure they are received in the correct order and the SOCKS protocol is not violated. This may fix some problems we've seen with some applications. (Both) Fixed bug in queueing of CLOSE frames that could lead to CLOSE requests not being received by the other end. (Both - but will be most effective in server) When outgoing half of link is blocked and stream data can't be enqueued, tear down stream without waiting for an ACK to the CLOSE request. This should make shutdowns a lot faster! (Both) Recycle superseded ACKs. 20040602-03 (Both) Fixed major bugs in Frame recycling code, should solve problems with hanging and dropping connections. 20040602-02 More strict locking for Frame reusage code. 20040602-01 (Both) Fixed very stupid bug in Frame creation code. Symptom: "ignoring bad open request" messages and popup windows with empty messages. (Client) Fixed bug in Wizard's server selection code. 20040601-02, 03 (Server) Fixed cat-bites-tail problem in threading. (Server) Fixed stupid sessions that would not die. 20040601-01 (Both) Implemented different streams register hash that should perform somewhat better and that does not need to create any objects. 20040529-01 (Both) Increased throughput by 65% just by doing optimisations (algorithmic optimisations) in the TimeOuter. More to come! 20040527-01 (Server) Worked on messenger MessagePort code. (Server) Think I've found a way to avoid some of the null pointer exceptions we are seeing in the timer code. (Server) Less silly debugging 20040526-01 (Server) Worked on getting rid of these null entries. (Server) Cache result of load calculation for 30 seconds to save a little bit on CPU. 20040525-03 (Client) Rewritten the authentication code again. Hopefully more reliable like this. 20040525-02 (Client) Fixed authentication problem that occurred if the server was restarted during a session. (Client) Client now actually pops up a window and stops trying if the server says that the authentication failed. :-) (Client) Gracefully stop connection if server does not offer a challenge. (Server) Fixed exception that occurs when there are no peers configured but messages to relay. (Client) Really try alternative server if current server fails (HTTPS only for now). 20040525-01 (Both) Implemented challenge response authentication instead of plaintext. This is a little bit more secure albeit not protected against replay attacks. Note that it is a feature of Your Freedom to keep everything consistent while the session is alive... subsequent requests could come from different IPs and could also not be in sync about their notion of the challenge if it changed mid-way. (HTTP for an example... it uses two different connections for uplink and downlink.) (Server) Fixed potential null pointer exception in UDP code. 20040524-02 (Server) Implemented an upper limit for new streams per second to reduce CPU load on server when all the bit torrents hit it. Does not really hurt the users but helps the server a great deal (or so I hope). 20040524-01 (Client) Better config checking. 20040521-04 (Server) Implemented remote shutdown. 20040521-03 (Server) Fixed bug in messenger that kicked in with multipart frames. (Client) Avoid changing servers more often than every minute. 20040521-02 (Server) It appears that non-resolving host names caused hangs in HTTPS mode. Probably due to a bug in the send message code there, to be investigated. For now the message has been suppressed. 20040521-01 (Server) Added missing "synchronized" in messenger to avoid exceptions on rare occasions (ArrayStoreException) (Server) Added automated distribution of profiles through messenger. 20040519-02 (Client) Fixed About panel by working around a potential race condition. 20040519-01 (Server) Log periodic user announcements. (Client) When saving messages, directories should now be displayed even when .txt filter is on. 20040518-02 (Client) Deactivating the "choose best server" checkbox did not come to effect until the client was restarted. Well, at least it was perceived like this because the internal structures only expired after 15 minutes. (Server) regex matching in locate code 20040518-01 (Server) Less debugging. 20040517-06 (Server) More tracker fixes. 20040517-05 (Both) Fixed potential exception in bytestream CoDec that can be triggered by protocol violations (only). (Server) More tracker stuff. (Server) Fixed messenger bug. 20040517-04 (Server) More tracker stuff. Also chased the **** proxy IP address appearing in announcements. (Client) Trifles only. 20040517-03 (Server) UserTracker. Still basic but should do. (Client) Avoid endlessly reconnecting when current server actually is the best... 20040517-02 (Server) Worked around stupid bug that made server report wrong identity. 20040517-01 (Client) When server shuts down and alternative servers are available and the user has enabled automatic server selection, the client re-connects to a different server. (Server) Recommend other servers even if current is best and let client decide. 20040513-03 (Server) Added another panel called "traffic". 20040513-02 (Server) Added traffic contingenter code. 20040513-01 (Server) Exceptions during shutdown should now display in the console connection instead of crashing the thread. :-) (Client) Another hidden feature that I will tell the public about later. :-) 20040512-03 Better server selection in wizard. 20040512-02 (Server) Stability quirks. (sic.) (Client) Fixed bug that caused configuration panels not to save changes when data in other panels has also changed. (Server) Implemented connection backoff. We need this to fight spammers. 20040512-01 (Client) Added config file parameter "initial_post_size" and "minimum_post_size". It should be fairly obvious what they do. Defaults are 10000000 and 20000, respectively. For now these can only be modified manually in the config file. Use them to speed up your HTTP connections with proxies that do not allow large POSTs. (Server) Added messenger reporter code. (Server) Fixed bug in control console that could trigger an exception under rare circumstances. 20040511-01 (Server) Fixed bug in SOCKS BIND code that caused duplicate SOCKS connect messages, the first one being wrong. (Server) Fixed potential null pointer exceptions in server that could be the cause for sessions not dying, console port commands hanging infinitely etc. (Client) Added checkbox to switch off encryption. 20040510-01 Fixed SOCKS BIND problem that has sneaked into the code with other fixes. (server) Added About panel. It basically displays a HTML page with stylesheet and graphics if desired, so if anyone would like to come up with something more snappy, please go ahead. :-) 20040507-02 Fixed initial wizard not properly updating active config in client (symptom: the buttons would not change). Fixed problems in Wizard with finding servers through proxy. Fixed Ports Panel not being properly updated after Wizard run. Added more debugging to server and worked around potential lockup problem in console. 20040507-01 20040506-02 Fixed potential NullPointerException that could occur if a timer fired while the user was logging out. (server) Fixed uplink buffer size adjustment problem that caused slow uplink speeds. The queues should now quickly adjust to the traffic requirements. 20040506-01 Client now shows external IP. Only works with server versions 20040506-01 and above. 20040505-03 Show language of user in control panel, important now that we have an international group of users that we don't want to bother with German messages. Also show source IP. In client, only try to get info from the registry when running on a Windows system. Made wizard crash on Linux systems. 20040505-01, -02 More debugging in server for session and stream termination Port assignment per server 20040430-01 Wizard should not be able to find proxy settings on Windows boxes even if they use a primitive configuration. I may implement proxy.pac later as well... 20040429-03 Pop-up messages show date and time. 20040429-02 Fixed java.util.ConcurrentModificationException at de.resolution.emsc.EMSC_SC.getStreamIds(EMSC_SC.java:117) Fixed encoding problems, it's all UTF-8 now, also in the protocol. 20040429-01 Minor fix in session handling. 20040428-01 Hopefully fixed some bugs around old config values being used after the config has been altered in the GUI. Server: fixed bug in messenger's adduser code. Fixed another potential null pointer exception in console. Fixed another potential null pointer in client. More work on making sure sessions actually die. Added SOCKS DNS redirection. Very useful for those using socksify under Unix or any broken SOCKS application that believes the system's configured DNS servers would be reachable via the Freedom server... many programmers just are boneheads aren't they? (Works only for UDP though.) 20040427-05 Fixed bug in load calculation on server. Added missing icons in WIN-XP LAF. 20040427-04 Added totals in console's streams listings. Fixed stupid bug that would make the server crash on shutdown when no-one has ever been logged in. 20040427-03 Added switch in configuration panel to avoid using DNS and try to use IP addresses instead whenever possible. Helps people with broken or non-existing DNS to avoid using DNS by using server's official IP instead of name. Added info command in control console. Fixed queueing problem that could block the client from logging on again after a connection failure if in the meantime the still open streams have filled up the sendq. 20040427-02 Fixed problem reported by P2P users regarding SOCKS port freezing up at times. Sorry folks, that was plain and simply stupid. 20040427-01 Server now has an "identity": an official name and an IP that it communicates to the connecting client. The client can then use this name and IP for subsequent connection attempts to the same server instead of potentially using a DNS round robin name and ending up being on the wrong server. This official server name can be configured; if not configured, DNS is asked for the name of the IP belonging to the client's connection. If none of this is successful, the IP is used instead. Client now shows the official name of the server. 20040423-02 Abstraction of the "Stream" class. This is now an interface. Reason being that I want to completely re-write it and I want to keep as much of the code ready-to-be-used whenever I decide that I have to fall back to the old code. 20040423-01 Fixed bug in FrameQueue that could cause enqueueing threads to live longer than they should as long as some other thread is still able to enqueue, for example ACKs (which are enqueued even if the queue is full). Same in FrameBuffer. This should solve the problem of "zombie" threads we've seen in the server (and it will also fix this problem in the client, where we haven't observed it :-). 20040422-01 "no pop-ups" checkbox added put "ems.resolution.de" as default server in wizard Even with "follow server recommendations" disabled, the client could use server information learned from the server to connect to a different server when opening the connection again (eg. after losing it or after the user manually disabled it). This is fixed. When the checkbox is disabled, the client now properly ignores all such messages from the server. 20040420-01 Removed unnecessary LAF message on startup. I believe I have fixed the bandwidth problems now. Please check if the proper bandwidths are used now without having to readjust the sliders. Fixed obscure NullPointerException that could appear with SOCKS emulated ports. But don't ask me how on earth the server can violate the protocol in a way that it happens; it's probably some strange error condition when connecting to the destination host. The client should be able to cope with it anyway. Made the client to never reuse stream ids in new connections to avoid problems with his and the server's notion of the current session. 20040419-02 Configuration panels revisited. Check it out! There's a few new options there that you might be interested in. And the ports configuration panel is gone for good. Hopefully fixed a -well- bug in the reporter with server port forwards. Added automatic contingent monitoring. 20040419-01 info.txt will now display server load Message windows should really appear now where they belong and not behind application windows. Status panel now correctly shows tunnel host when using a different host than the configured one initially. 20040416-02 Fixed frontend not noticing loss of connection due to server shutting down. Minor cosmetic fix in server debug messages ("null" at beginning of log messages while username is not known). Worked on the server state things. It seems it is still not barring people out when told so. Need to investigate. Fixed messenger bugs. ACKs now working. Added originator port to the protocol to allow ACKs to be sent to the correct port. NOTE THAT THIS MAKES THIS AND FUTURE VERIONS INCOMPATIBLE WITH EARLIER VERSIONS! 20040416-01 Increased the accept queue depth of client ports from 10 to 100 to work around problems observed with client apps that are infamous for opening a vast amount of connections within very short time (a.k.a. P2P). Server now sends recommendations when client closes last stream and other servers would be preferrable for the user. More server redirection stuff in client and server. All untested of course but I'll be the guinea pig. :-) More translations of messages. "Exit" bug solved. Put in hack to raise message windows. 20040415-04 Put remote reporter in, yet untested but should work. 20040415-03 Server now reports on login/logout/stream opened/stream closed to file if configured for it. Foundation for report reporting is there, implementing it is merely a matter of an hour. 20040415-02 Client should more behave like a native XP application now on XP. Can't test it myself, can't seem to get any Windows LAF on any of my boxes at the moment but it seems to work for others... oh well. 20040415-01 Server now recommends other servers if it believes the user would benefit from using them instead or if the admin has put the server in a non-desirable mode (barred, deprecated, down). Client can follow these server recommendations provided that there are no open streams (or the connection failed permanently). Note that this feature is currently disabled by default and can only be enabled by the knowledgeable. It will become a checkbox soon but only after it is tested. Note that all this is incomplete and alpha code; there is a reason why it is not enabled by default. Server now logging with user name instead of session id in most cases. Added missing translations in the server. Some code beautification measures in the Stream class. 20040414-02 Changed the connection algorithm a bit. Stream tries to connect to remote addresses in the order the nameservice has the IPs, first with a timeout of 1 second, then 5 seconds, then 30 seconds. If there is only one IP, a timeout of 30 seconds is used. Added a few translations that I simply forgot. 20040414-01 Cosmetics. Taught server to not only connect to the first IP the name service offers but to try all of them instead, with a 5 second timeout for each. This should be good enough in practice. Btw. this should fix the AOL problem: their first IP in the list for toc.oscar.aol.com is not responding! 20040413-04 Made stream ids unique per session: server assigns only odds while client assigns only evens. This way they don't step on each other's toes. Server calls garbage collection every 5 seconds now (but only when streams are closing down). This should make the server run more smoothly in busy periods. 20040413-03 Fixed bug in profile reading in the client that caused the list of forwarded ports to be -um- incomplete. 20040413-02 Alright, there is some potential that updating the ports in the new panel actually changes the configuration now. :-) Sorry about that, I was hacking this in the wee hours this morning on the train. 20040413-01 New panel for adding and removing port forwards on the fly (i.e. while the connection is open) is now working. Try it out and enjoy. And of course, please report all problems. I would also like to hear your opinion if there is any sense in keeping the ports panel in the configuration section -- I mean it's functionally identical, just this new one is always available. Hopefully fixed the profile panel that would sometimes not update properly on reception of profile information. Implemented server port forwarding in the client. I must have forgotten this somehow... duh. And I thought I had tested it. Probably had and it got lost somehow. Removed more HOG code that now is the no. 1 cause of server crashes. :-) 20040408-04 Disabled some of the hog messages that may pester people and that are in places where code is legally executed very often. These code snipplets are now believed to be safe. Cleaned up the port code in the client. (Well, actually also in the server.) This is the foundation to making ports configurable on-the-fiy and not only while the connection is stopped! Fixed bug in input validator for numbers. Layed the foundation for immediate change of local services. 20040408-03 Details... pay attention to details... a broken frame could still make the CoDec go boom. Should be fixed now in both server and client (you probably noticed that the server was down again? :-) 20040408-02 language cleanups version info now kept in separate file in JAR, also separately for server and client ipconfig/ifconfig selected based on os.name 20040408-01 Right! Found another hog in a place where I would not have thought possible... in the CoDec. But when I was looking closer it was blatantly obvious. Please upgrade your clients as well as they are also affected by this bug. 20040407-03 Fixed bug in server port forwarding (only last configured port worked). Fixed (really!) lost port forward problem in client. Volker, that's for you! 20040407-02 Loads of thread debugging and messenger stuff added. 20040407-01 More server side hog detection code again. :-( 20040406-05 Fixed bugs in messenger (server only). 20040406-04 Unified session tracking in the different protocol modules (read: moved Map object to abstract class and adapted implementations to not barf if they see instances of each other). Calculate server load and tell other servers about it in the HELLO message so they can sort their recommendations once we implement it. 20040406-03 Removed Hog code from TimeOuter (these functions are run very often, this is not an indication of a bug, and it's proven good code by now). Made client save the slider settings in the config. Now showing rates in kilobits instead of bits per second (bandwidth sliders). 20040406-02 Fixed a stupid problem causing an exception for people with server port forwards (like me). 20040406-01 Server learned foreign languages. Started to put Messenger into server. With Messenger in place, servers can keep track of each other's existence and are able to enforce the one-account-one-session policy across servers. We will also distribute account and policy updates with this feature. Implemented the user-kickout thingy but haven't tested it. Put in workaround to the HOG problem found last night. I'm not happy with it though but it should not cause severe problems (worst case: dead thread idling around). 20040405-02 Streams should no longer get stuck in the "Closed" state if something goes wrong between EMS and the client app when doing SOCKS. Range checking when entering ports. (Using bad values causes strange effects... including exceptions.) 20040405-01 Put in SO_REUSEADDR in socket code, should fix the "port in use" problem. 20040402-01 Hopefully made source address detection on MacOS-X work. Stupid BSD. But then again it made me find a much more elegant way of testing if a connection originates from the local system. :-) 20040401-04 Added XMPP protocol detection code. Just add "xmpp" behind an ACL (as with IRC and "irc"), eg. acl_dst permit any 5190 xmpp acl_dst permit any 5448 xmpp Also detects SSH ("ssh") 20040401-03 Added even more hog detection code to the server HTTPS code and moved some code a bit -- hopefully this will fix a problem with endless CPU consumption. 20040401-02 Hopefully better checking of config before allowing connection (i.e. enabling tje button). Fixed null pointer exception in "scrollDown()". Removed stupid "save" debugging message. 20040401-01 "Sreams" -> "Streams" "resetting dequeued" debug message removed Fixed ordering mistake in profile panel. Made buttons in configuration window behave reasonably withe wizard is open. Hopefully the proxy auth credentials will now be requested in the wizard, I cannot really test it. The wizard should first notice that it could connect the proxy but that the proxy requires authentication, then request the data from the user. State of autoscroll checkbox should now be stored in the config. Same with level setting. 20040329-01 I think I've got things right now. Verified that the preloading code in the client is really rubbish, don't know why I've put it there. It's only needed in the server and it works there. It seems that sometimes the client does not receive the profile; in this case the connection is not working. Have to watch this. 20040326-02 / -03 Added "encryption" to HTTPS connection protocol. It uses a 48 bit pseudo random generator with a seed made from a shared secret (known to client and server and static) and the session id. It's more of a disguise than an encryption but probably good enough to fool sniffers and it performs very well. :-) Oh yes, and I removed the "preloading" code. Dunno why but it breaks encryption... and is probably unnecessary anyway, but that has to be verified with proxies and without. Statistics now updated properly. Worked a lot on queue size and payload size dynamic adjustments. You should see better performance now with high-bandwidth profiles over low-bandwidth connections. Fixed another bug in dump code. It seems that some releases ago I have broken the retransmit stuff (after connection failure). The connection would re-establish, but existing streams would hang and timeout. This should now be working again, and a lot better. I am still not fully happy with the way retransmits are handled but it's sure better than before. 20040326-01 The UDP problem is fixed. Experiemting with better dynamic queueing adjustments in congestion situations (I'm having one here, using ISDN...). 20040325-01 It appears that I have come across a strange problem in the CoDec that is only seen with failing connections (that fail in the middle of a frame). In these cases the recvq thread can (will?) dump core. This is now fixed. Fixed bug in dump code. Made frontend signal desired bandwidth directly after connection is set up so that slider adjustments while the connection was down are communicated to the server. Worked around a bug that made clients hang on all other streams when UDP forwards occurred. 20040324-04 Removed all regex stuff and everything that was not implemented in Java 1.3 (I hope), which means that both client and server should now work with JRE 1.3, and the server _does_ work with gcj. Unfortunately the performance is a lot worse than with JRE 1.4.2_04. Fixed a bug in the stream cancellation code that affects both server and client. Saves ressources. 20040324-03 Fixed annoyingly stupid bug in server that kept sessions from dying immediately after the user closed connections and made them lurk in the background until their timeout fired after 3 minutes, so they can mess with the other sessions that the user has established in the meantime. Effectively this would have allowed the user to log in several times without getting thrown out and without getting caught. 20040324-02 Wizard does now read default proxy settings from Windows registry (where possible). 20040324-01 With Google picking up so slowly, I implemented a second method of finding servers. Google is only last resort; maybe it will work some time in the future. Frontend now properly detects connection losses and acts on them. Implemented port redirection in the server (only local ports for now) to allow to use different proxies based on the profile. The port number is changed before access control takes place, so make sure that the connection is permitted with the new port number. Syntax is "redirect_port " In the future the syntax may be extended to include destination ip/mask and redirection address as well. :-> And why not also change the banner links in HTML pages on the fly and offer our own banner service? Hey, just kidding. Or not? Fixed "close pending" bug. Streams should now close down within 30 seconds even if the close request is not acknowledged. 20040323-05 Another silly bug fixed. If no debuglevel was configured in the config file the default (2) was still not used because of a bug; it used 0, which means show all messages. This made the client still log on stdout even if the user did not explicitly request it. The default is now 999 and it actually works, so if you want the client to log debug messages on the console you must explicitly configure a debuglevel below 5. This does not affect the message panel or dumps -- they always see all messages and record them. Note that your best option for a bug report that needs to contain messages is to write a dump and send it to me, or if that's not possible use the save button in the messages panel and write them to a .txt file. Hopefully fixed the phantom session bug in the server. The session teardown code should now be a lot more solid, also making sure all the streams die as well. Yeah, more potential for race conditions but I hope I got it right. :-) 20040323-04 Made relaying configurable in the GUI. Made language configurable in the GUI. Hopefully finally made HTTPS link stopping code uncrashable. It may not stop the link but it will sure no longer crash. :-) And 50 hogs of the same kind will now kill the client to protect the host system. 20040323-03 Client now pops up server error messages, I simply forgot to implement it in the client. Did more client signaling in separate threads. Maybe this fixes spurious exceptions. Client now checking port forwards and accepts for at least some reason. Fixed relaying bug in client. Now allowing connections to client ports to also come from the PC's Ethernet IP (actually from the same IP that is used to connect to the server). This makes Yahoo! messenger work with SOCKS4/5 instead of HTTP Proxy if you use your Ethernet IP instead of 127.0.0.1. We'll pass this to Yahoo! as bug report. 20040323-02 Fixed broken ACL with netmask code. Another thing that happens late at night. 20040323-01 Fixed some silly mistakes of the variety that you only make late at night. Profiles should now work. Ports are now only started after profile has been received. This ensures that the client is not doing this that the profile does not permit (eg. relaying). It also ensures that connections are only accepted on the client side after all has been set up. Made GUI message log run in a separate thread; this ensures that the GUI is not delaying the link thread. 20040322-04 Implemented the skeleton for protocol filtering, and implemented IRC as the first filtered protocol. I.e. one can set up access lists that permit all connections to port 6667 if and only if the IRC protocol is spoken. Cleaned up Stream code. 20040322-03 Fixed race condition bug that could occur if the user re-opened the connection before closing the message window telling that the old connection failed. Several other small fixes, none of them very severe. Implemented ident protocol faker in server to allow IRC to work. :-) 20040322-02 Found serious problem in protocol, profile transmission was broken by design. This means I had to change it in an incompatible fashion -- older clients may no longer work or do strange things! I also assigned each of you "real" tariffs. They should not block anything except attacks to the server itself so tell me if anything is not working. Eliminated potential for an Exception reporting an illegal array index in a JMenuBar. Server learned loads of new things re access restrictions. 20040322-01 Officially renamed the beast to "Your Freedom". EMS should be gone everywhere in the client. (Except for the name of the config file, this will change in one of the next releases.) The client now speaks German as well! If you are using a localized version of Java that is set to "de" as language it should work out of the box for you; if not, run the client once with "--lang=de" to change the language setting. I will add fields in the client configuration panel and the wizard in one of the next releases. More debugging with connections that are put through. Made server complain that emsd.cfg is not there instead of ems.cfg. PNG files are now in the JAR, you can delete them from your installation. (For those who wonder how this works, just use an Object o that resides in the same package, do URL u=o.getClass().getResource("foo.png"); then use the URL just like you would use a filename.) Unfortunately this does not work for the DLL and the .ico files because this stuff is loaded by the native code directly. Fixed address restriction code, it was not applied if host names instead of IP addresses were used... shame on me. It is still not perfect but should work somewhat now. 20040319-06 Put icon in a JLabel. 20040319-05 ClassCastException in AccessRestrictionsTableModel fixed. 20040319-04 Exception when no ports forwarded. Fixed. SOCKS stuff fixed. 20040319-03 Added more dump stuff, was missing in the HTTPS send code. Worked on the SOCKS emulation on the server side. 20040319-02 Experienced a client hang in HTTPS code when pressing STOP after the server died, but could not reproduce. I have put in hog detection code, if you see HOG messages (not one but plenty of the same type) please report (the numbers printed do not matter). Changed icon in status panel to match the icon in systray. I loved the dots and even made them smileys but then decided that we need a serious product. Guess I'm growing up. Buhahahaha. 20040319-01 Fixed bug that caused an exception when saving a freshly created config. Thanks Oliver! Added more dump stuff around the SOCKS4/5 code that I forgot last night. 20040318-07 Added dump feature. If you encounter a problem with an application and you can reproduce it, please do so using the "--dump=somefile.log" command line argument (emsgui only), but please only do what you have to do to reproduce the problem. Then send me the file that has been created. It may look like garbage to you but not to me. :-) 20040318-06 Fixed a very minor bug in the client (alright, another null pointer throwing an Exception in strange cases that really can only happen if a protocol violation occurs). Added debugging code to server to track down a SOCKS problem. Server is now trying harder in figuring out a local IP address for binds. If all fails, it is now configurable as well, but let us first try without. 20040318-05 Made wizard look nicer by keeping some distance from frame border. Icon now goes away from systray when application closes. Put in an indicator that goes red when the link is permanently down, yellow when the link is temporarily unavailable, and green when the link is working fine. I know it still looks a bit shabby under Windows XP but hey, I haven't done this forever you know. 20040318-04 Fixed very minor bugs that could lead to Exceptions in strange situations. Hardened HTTP code. The client will now automatically suggest a lower uplink bandwidth if the proxy enforces a tough POST size limit on it. This makes the connection a lot more reliable. (It's not as bad as it seems. The client recommends the post size as uplink speed, i.e. not more than one required re-connect per second. For a typical proxy config with a POST limit of 100 kBytes this limits the bandwidth to 800 kbits/sec -- really tough. And if you really feel like it you can override it. And in situations where a lot of re-transmits are required the client will burst a little bit anyway to make up for the loss in-between.) I found a potential deadlock situation that backfired 100% in the HTTP code and may also be triggered in the HTTPS code, eating 100% CPU on the server and keeping the session from dying. Neverthess I leave the hog detection code in for now... it slows down the server and the client somewhat but not too much. I also removed a lot of debugging messages that I don't need anymore (or so I hope :-) and changed the level of some others. Started to put in some tooltip texts. Put in a warning that is shown if you try to close the connection while there are open streams. 20040318-03 Profile panel now correctly shows forwarded ports. The formatting is still not nice though (bold face). 20040318-02 Fixed exception that could occur if a port could not be bound. Added command line options to emsgui. Just try "/help" or "--help", whatever your platform likes. If the config is incomplete (i.e. misses required parameters), the config wizard is fired up when the GUI is started. This can be avoided by using the --nowizard option. If you run the emsgui with the --nogui option the results are exactly the same as if you'd run ems. 20040318-01 Fixed the look of a lot of panels. In the configuration panels, only the first change was effective when saving, others were ignored. This is fixed. Fixed messages autoscroll. Fixed deadlock problem in HTTPS code that caused the STOP button not to work when connection could not be established. 20040317-02 Hopefully fixed a silly stability problem in the server. 20040317-01 Added syntactical verification of configuration input. Implemented server port forwarding to client. If you'd like to make your PC reachable from the Internet, just tell me and I'll forward you a few ports that you can freely map to your box (or some other!). 20040316-03 Emulated web server now behaving correctly (closing connection with FIN instead of RST and only sending data after the full header has been received, plus honouring the HEAD command). Google should now no longer notice the difference to a normal Web server. 20040316-02 Put another debug message into the server code to track down sessions that never time out. I would like to know if the timeout timer never fired or if it was not able to shoot down the session. At least it seems that the server is a lot more stable now, though I don't know why. Schroedinger's cat? The "help me" button now works although it's no good as long as Google does not know our servers. Made session closedown on command a lot more "pushing". :-) 20040316-01 Fixed the stack crash when the Stop button is clicked. Worked a lot on the configuration panel; should be OK now as far as it is implemented. That is: please start using it, remove your local ems.cfg file. 20040315-02 Finally found the reason why sessions never died in HTTPS code. Stupid me was searching the hash for the value instead of the key. Added CPU hog detection code to track down those strange cases where threads seem to eat up the CPU. If you see any "HOG" messages (well, the same message regularly, that is) please send me the log. Worked a lot on the configuration code. Wizard is mostly complete now. 20040315-01 Started to work on unblockable server location mechanism. And I mean it. Google, our friend, will tell us where the servers are, and the question we ask is different every time. :-) Unfortunately Google has not yet catched on our service though I've hinted it about it so I can't really test; it'll work immediately though I'm sure. No really important changes to the client so you don't have to update unless you wish to be on the cutting edge. 20040312-04 Oops... the sessions did not time out indeed... that explains a lot. I just forgot to call the code that starts the timer in the HTTPS connection code... shame on me. Now it's called in the superclass of all protocol specific implementations. Client now detects a failing connection better than before; after 3 minutes of failing re-connects it will finally give up. It will also give up immediately if a name lookup failure occurs. 20040312-03 Simple port forwards without destination host name no longer worked (symptom: hostname appeared as "null" in debug output). This is fixed. The server now has a configurable limit of the number of streams a user may have at the same time. Currently this is set to 0 for everyone, meaning no limit. A stream is any open TCP connection or UDP association. We must limit this in the future to avoid denial of service attacks (every stream uses system ressources on the server). 20040312-02 Configuration panel works to some degree; at least you can configure the configuration stuff there now. Be careful, "Save and Exit" really works! It does not destroy your config but may mess up the order of the parameters and certainly deletes all your comments! The whitespace-at-end-of-line bug should be fixed now. 20040312-01 Systray icon handling improved. Check it out. :-) Started to work on configuration panel. Please don't use yet, you will only be disappointed. Added an "Exit" button to the status panel. Easier to use than the Exit function of the Systray icon. The config file in the user's home or in Windows's user base directory (C:\Documents and Settings\) is now called .ems.cfg instead of ems.cfg, please change the file name if you decided to put your config there or otherwise the client will not run properly (for now - working on it). What you don't notice (hopefully!) is that the whole config file handling has changed, to internal structures that resemble a lot Java's Properties class, just that they are a bit smarter. :) This will make writing the configuration panels and wizards a lot easier. 20040311-05 Bandwidth sliders now somewhat logarithmic, which is a lot easier to use in my opinion. 20040311-04 Worked on the automatic reconnect code. It seems that re-writing the timer stuff (and making things a little bit easier for the calling code) fixes other problems as well... I have changed a timer value in the HTTP code but that should not affect anyone since no-one is using it at the moment anyway. But there is still a little issue with the server silently dying and re-starting: the client is no longer authenticated and will not re-authenticate unless the connection is re-started. At the moment this probably means that the client must be shut down and re-started. CR sent me code to implement the tray icon. Please be sure to copy the .ico and the .dll files to your installation directory or you won't be able to run the GUI anymore. If you click on the closing X button in the top right corner the application will instead go to the tray icon next to the clock. Should work with KDE as well, or so I am told. On systems not implementing the icon tray there will be a message on the console that can be safely ignored (and that will go away soon). 20040311-03 I have re-written the whole TimeOuter code, not using Java's Timer class. It's broken by design if you ask me, at least it was not really good for what I was using it for. If you still experience high CPU load or if you get a message on the console with ***, please tell me! Oh, and streams should now die again properly. That was a bug that I must have introduced in one of the last versions, I've cancelled the timer that sends the ACKs before the final ACK could be sent so that the stream was stuck in the "Closing" state. 20040311-02 Implemented UDP transport over HTTP (only HTTPS worked so far). Improved stream buffering and queueing a lot for those users with unlimited profiles (i.e. currently all of you :-). The maximum frame size and the stream queue length are now automatically adjusted every 3 seconds, so if you move the slide in the GUI to the left it might help a lot over slow connections... I suggest you adapt the desired bandwidth to the maximum bandwidth available to you. To make things less fidgy I will see if I can make the slides logarithmic. I also increased the maximum frame size and the maximum stream queue length, and we don't wait 0.3 secs between ACKs anymore if more than 15 frames are to be acknowledged. This should increase throughput way beyond 10 Mbit/s. :-) Oh btw. I can now see all your streams with statistical info on the command console. :-) 20040311-01 Added code to save configuration after changes to it. Yet inactive of course but the basis for future work. Improved UDP forwarding code to save ressources by making the UDP relay threads die as soon as possible on both ends (instead of waiting for the recommended 2 minutes timeout), as signalled by the client application closing the TCP connection to the SOCKS server (see RFC1928). Finally accepted that Swing has its own mind about the size of labels in boxes. *SIGH* 20040310-03 Added Java version check after lots of problems could be linked to them running Java 1.3.1, which is currently not supported (minimum is 1.4). In the GUI, the "Save To File" button of the Messages panel now works. Please use it if you wish to send me a dump of the messages you are seeing. This means you can safely set debuglevel to 5 now in your config file as long as you are not experiencing exceptions. 20040310-02 Made control connection only available from localhost to protect it against attackers. (It also asks for a password, of course.) Implemented SOCKS5 UDP forwarding. At least nslookup and Unix traceroute work perfectly fine (with Dante's socksify), and so should any other application running under Dante's socksify command. :-) This should mean that any application using UDP and capable of using a SOCKS5 server should work now. Note however that the client is currently not capable of more than 1000 UDP associations at the same time -- a rather theoretical limit I hope. 20040310-01 Implemented a control console on the server so the admin can get info about users and connections, kick users, send messages to them etc. Also implemented better messaging between server and client about session termination. The user will now know when the server is being shut down and the server will notice when the client closes the session (i.e. the connections with no intend to re-open them). 20040309-02 Changed length of session id to 9-12 characters; server is enforcing this length now so older clients won't work anymore! 20040309-01 Fixed minor bug in bandwidth sliders (lowest value not below 2400 to avoid lock-ups and conflicts with 0, which means no limitation at all). In the GUI, I've added output to console again to allow capture to file synchronized with Exceptions. To suppress it, just set debuglevel to at least 5 (this will not conflict with the Messages panel settings). Server refused to send any stream data when using an unlimited account and setting the desired downlink bandwidth to 0 (unlimited). Better debugging with SOCKS emulation. Logging to console was broken, sorry folks. Server can now co-exist with web server (for now only HTTP, HTTPS is being worked on), as long as all files with extension html and cgi are in subdirectories (index.html works nevertheless) of the web server root. 20040308-05 Better info output when using SOCKS emulation. This should help users see what they are doing wrongly if their applications fail. 20040308-04 The Messages panel has finally come to life. emsgui does no longer spit out anything on the console, it uses its messages panel instead. I know there are still some bugs in there (like all messages being centered instead of left-aligned and the autoscroll not working properly and the Save button not being implemented) but you'll have to live with it for now. Guess you can. Oh yes, the debuglevel option has no meaning anymore with the GUI. (And if you aren't using the GUI version yet, you should start using it now because that's the one I'm working on - the other one will continue to work but all the nifty new stuff is only available through the GUI.) 20040308-03 Fixed a bug only affecting people with unlimited profile settings (i.e. me and CR for now :-). Also fixed an exception that occurred on the server when authentication failed. 20040308-02 Fixed a problem with some clients that use the local SOCKS emulation and produced a null pointer exception. Added bandwidth sliders to the GUI. Try it out, it's fun! If you start the connection and then adjust the sliders you can limit your (net, i.e. sum of all streams not counting protocol overhead) bandwidth utilisation to better avoid being caught. :-) Note however that bursting is still possible, the bandwidth is averaged over a few seconds. 20040308-01 Very minor change that probably helps us with java 1.3.1 20040306-01 Added checking of client version when opening connection. Added more detailed server to client messaging around authentication process. Finally found the reason why sometimes streams hang after the open has been acknowledged -- that was a stupid one, of course. 20040305-02 Added configuration parameter "debuglevel", which defaults to 1 (print everything that has at least informational level). The higher the number, the less you get. With 0 you get all the debug messages, numbers above 5 are not useful. There is still this annoying problem present that sometimes the very first stream hangs. 20040305-01 Dunno what, but there was a problem. :-) Oh, and I also moved all the debugging into the new Log object and we're just a few lines away from getting rid of unnecessary debug messages and implementing the message window in the GUI. 20040304-02 I've been too enthusiastic and sent out the new version too early. The whole keepalive code was f***ed up for both HTTP and HTTPS. 20040304-01 Properly implemented sending profile information to client (already implemented in 20040303-02 but got things wrong there :-). Implemented uplink traffic policing. Currently done in the client, should be done in the server as well but I don't know how this will interfer with stability. It's not that important anyway, we are not really afraid of hackers working around this limitation - it would require them to write their own client or patch the client. Implemented duplicate login detection. Old session is terminated when a new session is made using the same user id. Implemented notification frames. Client frontend can display informational notes and warnings etc., currently not implemented though. Now adapting maximum frame size to bandwidth configuration. This results in _much_ better fairqueue performance, i.e. concurrent streams interleave better without the fat one starving the thin one. If you transfer a file over one stream and work interactively on the other, you won't really notice the file transfer anymore. :-) Also changed HTTPS server code to send frames separately instead of bundled in blocks, just like the client did from the very start. Again this results in finer fair queueing. Again: you won't even notice a parallel data transfer on a link limited to 1440 bits per second! 20040303-02 Cleaned up nesting between server and client classes that made packaging difficult; users should not notice the difference. Streams now properly unregister (and free their memory and update the statistics) when closed by the other end. 20040303-01 Rewritten HTTP transport code. The client is now able to detect the proxy's limit on POST bodies (Squid used to have a default configuration of 100K and will simply stop forwarding bytes after this is exceeded instead of closing the connection) and work around it by closing the uplink connection just before the limit is reached and re-opening it again. Tests on my laptop went very smoothly, I did not notice that the uplink was dropped and set up again and pushed more than one megabyte per second through the client with SSH, and my Squid was configured to only accept 40K POSTs. :-) Client has a new configuration option "relay". Without this option, it will only accept connections from localhost (127.0.0.1), i.e. client applications have to use the localhost address to connect to forwarded ports and the local SOCKS server. This makes it impossible for other computers in the network to (ab-)use the client. If you want your computer to be a relay for others, add this option to your configuration file ("relay yes"). I have thought about implementing SOCKS5 UDP forwarding but 1) I don't know any application that could seriously make any use of it 2) it's broken by design anyway, just like all the rest of SOCKS. If anyone really needs it I will probably reconsider it but don't expect wonders, SOCKS servers will most likely not do what you'd expect... check the RFC1928 if you don't believe me.