===============================
Version 1.4.0 : 20th April 2013
===============================

Preliminary IPv6 support.

Improve bandwidth utilisation for applications that require a lot of downstream
data (eg; streaming video).


=============================
Version 1.3.2 : 3rd July 2009
=============================

Fix UDP tunnelling within the socket tunnel interface of libhttptun.

Improve socket polling efficiency.

Fix bug where client would keep trying to send data to server even when the
quotas wouldn't allow it.

Fix bug that caused client to continuously poll the server if an intermediate
proxy wasn't allowing persistent connections.


=================================
Version 1.3.1 : 7th February 2009
=================================

Provide basic tunnel server user authentication. Users who are allowed
to connect to a HTTPTunnel server can be listed in the config file with
the new 'user' config option. See the README file for more details.

Sending a HUP signal to HTTPTunnel now causes it to re-read its configuration
and restart all configured tunnels.

Experimental tunnel testing feature. This causes the HTTPTunnel client
and server to try and negotiate the best parameters for things like HTTP
payload sizes to use between themselves. Due to some uncertainty over
the effectiveness of this feature it is currently disabled by default, but
can be enabled by the use of the 'dotest' config option. See the README
file for more details.

Fix a possible deadlock in the HTTPTunnel server when processing SSL tunnels.


=============================
Version 1.2.1 : 4th July 2008
=============================

Experimental socket tunnelling interface included in libhttptun.

Improve the efficiency when tunnelling bandwidth hungry connections.

Compilation fixes for gcc 4.3.


===============================
Version 1.1.1 : 21st March 2008
===============================

Fix SSL enabled build failure on OSX.

Small reductions in the tunnelling protocol overhead.

Experimental support for NTLM proxy authentication. If you need to specify a
user domain as well as a username for NTLM authentication at the proxy you
can do it by specifying the proxy username as a combination of the domain and
user separated by a '\'. For example: SomeDomain\UserName

Overhauled the whole proxy authentication system so that if one authentication
scheme fails we will fallback to trying alternative schemes until all options
are exhausted.

Use reusable tunnelling library libhttptun as the basis for HTTPTunnel.


==================================
Version 1.0.1 : 24th November 2007
==================================

Our first full feature complete non-beta release!

Include experimental support for SSL (secure) tunnelling. Although previous
releases have included this SSL code for a while now, this is the first release
where I consider it sufficiently stable and well tested to advertise it as a
full feature. For instructions on how to build and use SSL tunnelling, please
see the INSTALL and README files.

Experimental support for tunnelling through proxies that don't allow us to
maintain persistent connections.

Improved responsiveness for interactive tunnels.


================================
Version 0.9.4 : 18th August 2007
================================

Fix a race condition and a memory leak in the UDP tunnelling code.

New global configuration option to create a pidfile for the running HTTPTunnel
process.

Fix an error that could cause multiple client tunnels to have the same tunnel
ID.

Include support for building on Cygwin.

Handle poll HUP properly.

Ensure client authentication is only done on a per tunnel basis.

Fix an error in the SSL socket shutdown code that prevented any further SSL
sockets being created once an error had occurred.

Fix a memory leak in the SSL socket code.

Completely rework the tunnelling error detection and message retransmission
code to hopefully improve our resilience under message loss conditions.


==============================
Version 0.9.3 : 16th June 2007
==============================

Include support for building on Mac OSX.

Try to fix UDP tunnelling to maintain datagram boundaries.

Experimental support for secure tunnelling using HTTP over SSL (HTTPS).
Note - SSL support is disabled by default in the current build. To enable it
you must follow the instructions contained in the INSTALL file.


=============================
Version 0.9.2 : 2nd June 2007
=============================

Experimental support for fixed tunnelling of UDP traffic. In this mode the
HTTPTunnel client and server will run a UDP socket for applications to connect
to. Any UDP datagrams received over this socket will then be sent to the other
end of the tunnel over a standard HTTP (over TCP) connection. Currently we only
support fixed (ie; not SOCKS) UDP tunnelling, but if there is demand for it I
might consider implementing full SOCKS support. Use the 'udp' argument to the
'fixed' configuration option within a [CLIENT] configuration file section to
enable this.


============================
Version 0.9.1 : 1st May 2007
============================

Completely reworked the configuration. You can no longer tell HTTPTunnel how to
run via the command line arguments, you must now create a configuration file
and pass that to HTTPTunnel as its one and only argument. The format of the new
configuration file is completely different to the format of the old file, so
any existing configuration files will need to be recreated from scratch. Please
see the included README file for a description of the new options and file
format.

New socket handling classes as a first step towards supporting tunnelling of
UDP traffic.

Experimental support for running multiple HTTPTunnel client/server instances
within a single session. To use this facility simply create multiple [CLIENT]
or [SERVER] specifications within the configuration file.

The usual various other bug fixes & minor enhancements.


===============================
Version 0.8.1 : 31st March 2007
===============================

Support for client authentication at the server. The default version of the
server always accepts the clients authentication, if you require full MySQL
database backed authentication at the server then I would be happy to sell
an enhanced version to do that.

Reworked the connection handling so that we no longer require a thread per
active connection. This should significantly improve scalability at the server.

Extend SOCKS4 proxy support to include SOCKS4a.

Include the new command line argument -bind (usable at either the client or
server end) which instructs HTTPTunnel to bind its listening socket only to
the interface identified by the specified IP address.

Various other bug fixes & minor enhancements.


===================================
Version 0.7.2 : 10th September 2006
===================================

Include basic firewalling capability at the server to block clients creating
tunnels to specified IP addresses or ports.  Use the -denyip & -denyport
command line arguments to configure.

Fixed a bug in the MD5 code that caused digest authentication to fail on 64bit
platforms.

Fixed some more corner cases that could cause tunnels to break when tunnelling
through proxies.

Implemented initial support in the client for authenticating the user at the
server.

Various other bug fixes & minor enhancements.


===============================
Version 0.7.1 : 5th August 2006
===============================

Include basic support for SOCKS4 clients, eg; Internet Explorer.

Experimental support for tunnelling through paranoid proxies or other devices
that block non-standard HTTP headers.

Experimental support for proxy digest authentication.

Reduced the number of threads required to support each active tunnel.

Minor changes to the format of the command line arguments.

Various bug fixes & minor enhancements.


=============================
Version 0.6.2 : 3rd June 2006
=============================

Fixed a rather dumb threading bug that would cause frequent deadlocks in the
client and/or server.


=============================
Version 0.6.1 : 29th May 2006
=============================

The address of the ultimate destination server for tunnelled traffic is now
carried across the tunnel from the client end to the server end. This means
that a single server can support tunnelling for many clients requesting
tunnels for arbitrary destinations. If you want to specify a fixed tunnel
destination you now specify its address/port at the client end, and the only
required argument for the server is the port to listen on.

This release includes support for running a SOCKS server in the client. Using
this a client application can connect to the SOCKS server and tell it where
the ultimate destination server is located using the SOCKS protocol.

As part of the changes to support these new tunnelling modes all the command
line configuration arguments have been completely updated. There is also now
the option of specifying the configuration via a config file.

The usual collection of old bugs fixed and new bugs introduced.


===============================
Version 0.5.3 : 10th March 2006
===============================

Introduced experimental support for basic proxy authentication. To use
authentication, supply the username and password as extra fields to the
-p command line proxy argument.

Tightened up the code that decides whether a tunnel is suffering too many
errors and should be shutdown. It's still not perfect, but it is now more
easily tunable so hopefully it should be getting there.

At startup we will now run as a daemon by default. This can be disabled
using the -nd command line option.

Improved the signal handing; we now blocks all signals except for SIGINT &
SIGTERM, both of which cause it to try and perform a clean shutdown.

Fixed some important races & other bugs.


==================================
Version 0.5.2 : 26th February 2006
==================================

Complete re-write of the core tunnelling engine to try and improve the
robustness of the tunnelling protocol in the event of errors. With any luck
tunnelling either direct or through a squid proxy should be pretty solid now.
Tunnelling via an apache proxy should also be working again, albeit possibly
with a few bugs still to iron out.

