2.14.0

Merge pull request #881 from majestrate/ntcp-socks
2025-03-07 06:09:42 +00:00 · 2017-06-01 10:05:20 -04:00 · 2017-06-01 10:04:02 -04:00 · 2017-05-29 10:36:46 -04:00 · 2017-05-29 10:09:24 -04:00 · 2017-05-29 10:08:49 -04:00
191 changed files with 3706 additions and 3474 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -1,5 +1,5 @@
 # i2pd
-obj/*.o
+*.o
 router.info
 router.keys
 i2p
@@ -240,6 +240,8 @@ pip-log.txt
 docs/_build
 /androidIdea/
 # Doxygen
 docs/generated
 # emacs files
 *~
@@ -247,3 +249,9 @@ docs/_build
 # gdb files
 .gdb_history
 # cmake makefile
 build/Makefile
 # debian stuff
 .pc/
--- a/25
+++ b/25
@@ -1,6 +1,31 @@
 # for this file format description,
 # see https://github.com/olivierlacan/keep-a-changelog
 ## [2.14.0] - 2017-06-01
 ### Added
 - Transit traffic bandwidth limitation
 - NTCP connections through HTTP and SOCKS proxies
 - Ability to disable address helper for HTTP proxy
 ### Changed
 - Reseed servers list
 - Minimal required version is 4.0 for Android
 ### Fixed
 - Ignore comments in addressbook feed
 ## [2.13.0] - 2017-04-06
 ### Added
 - Persist local destination's tags
 - GOST signature types 9 and 10
 - Exploratory tunnels configuration
 ### Changed
 - Reseed servers list
 - Inactive NTCP sockets get closed faster
 - Some EdDSA speed up
 ### Fixed
 - Multiple acceptors for SAM
 - Follow on data after STREAM CREATE for SAM
 - Memory leaks
 ## [2.12.0] - 2017-02-14
 ### Added
 - Additional HTTP and SOCKS proxy tunnels
--- a/22
+++ b/22
@@ -7,6 +7,10 @@ I2PD  := i2pd
 GREP := grep
 DEPS := obj/make.dep
 LIB_SRC_DIR := libi2pd
 LIB_CLIENT_SRC_DIR := libi2pd_client
 DAEMON_SRC_DIR := daemon
 include filelist.mk
 USE_AESNI	:= yes
@@ -17,24 +21,23 @@ USE_UPNP	:= no
 ifeq ($(WEBSOCKETS),1)
 	NEEDED_CXXFLAGS += -DWITH_EVENTS
 	DAEMON_SRC += Websocket.cpp
 endif
 ifeq ($(UNAME),Darwin)
-	DAEMON_SRC += DaemonLinux.cpp
+	DAEMON_SRC += $(DAEMON_SRC_DIR)/UnixDaemon.cpp
 	ifeq ($(HOMEBREW),1)
 		include Makefile.homebrew
 	else
 		include Makefile.osx
 	endif
 else ifeq ($(shell echo $(UNAME) | $(GREP) -Ec '(Free|Open)BSD'),1)
-	DAEMON_SRC += DaemonLinux.cpp
+	DAEMON_SRC += $(DAEMON_SRC_DIR)/UnixDaemon.cpp
 	include Makefile.bsd
 else ifeq ($(UNAME),Linux)
-	DAEMON_SRC += DaemonLinux.cpp
+	DAEMON_SRC += $(DAEMON_SRC_DIR)/UnixDaemon.cpp
 	include Makefile.linux
-else # win32 mingw
+else
-	DAEMON_SRC += DaemonWin32.cpp Win32/Win32Service.cpp Win32/Win32App.cpp
+	DAEMON_SRC += Win32/DaemonWin32.cpp Win32/Win32Service.cpp Win32/Win32App.cpp
 	include Makefile.mingw
 endif
@@ -42,11 +45,16 @@ ifeq ($(USE_MESHNET),yes)
 	NEEDED_CXXFLAGS += -DMESHNET
 endif
 NEEDED_CXXFLAGS += -I$(LIB_SRC_DIR) -I$(LIB_CLIENT_SRC_DIR)
 all: mk_obj_dir $(ARLIB) $(ARLIB_CLIENT) $(I2PD)
 mk_obj_dir:
 	@mkdir -p obj
 	@mkdir -p obj/Win32
 	@mkdir -p obj/$(LIB_SRC_DIR)
 	@mkdir -p obj/$(LIB_CLIENT_SRC_DIR)
 	@mkdir -p obj/$(DAEMON_SRC_DIR)
 api: mk_obj_dir $(SHLIB) $(ARLIB)
 api_client: mk_obj_dir $(SHLIB) $(ARLIB) $(SHLIB_CLIENT) $(ARLIB_CLIENT)
@@ -70,7 +78,7 @@ obj/%.o: %.cpp
 DAEMON_OBJS += $(patsubst %.cpp,obj/%.o,$(DAEMON_SRC))
 $(I2PD): $(DAEMON_OBJS) $(ARLIB) $(ARLIB_CLIENT)
-	$(CXX) -o $@ $^ $(LDLIBS) $(LDFLAGS)
+	$(CXX) -o $@ $^ $(LDFLAGS) $(LDLIBS)
 $(SHLIB): $(patsubst %.cpp,obj/%.o,$(LIB_SRC))
 ifneq ($(USE_STATIC),yes)
--- a/Makefile.homebrew
+++ b/Makefile.homebrew
@@ -9,8 +9,9 @@ LDFLAGS = -L${SSLROOT}/lib -L${BOOSTROOT}/lib
 LDLIBS = -lz -lcrypto -lssl -lboost_system -lboost_date_time -lboost_filesystem -lboost_program_options -lpthread
 ifeq ($(USE_UPNP),yes)
-  LDFLAGS += -ldl
+	LDFLAGS += -ldl
-  CXXFLAGS += -DUSE_UPNP
+	CXXFLAGS += -DUSE_UPNP
 	LDLIBS += -lminiupnpc
 endif
 # OSX Notes
@@ -19,7 +20,7 @@ endif
 # Found no good way to detect it from command line. TODO: Might be some osx sysinfo magic
 # note from psi: 2009 macbook does not have aesni
 #ifeq ($(USE_AESNI),yes)
-#  CXXFLAGS += -maes -DAESNI
+#	CXXFLAGS += -maes -DAESNI
 #endif
 # Disabled, since it will be the default make rule. I think its better
--- a/Makefile.linux
+++ b/Makefile.linux
@@ -31,39 +31,36 @@ ifeq ($(USE_STATIC),yes)
 # NOTE: on glibc you will get this warning:
 #   Using 'getaddrinfo' in statically linked applications requires at runtime
 #   the shared libraries from the glibc version used for linking
-  LIBDIR := /usr/lib
+	LIBDIR := /usr/lib
-  LDLIBS  = $(LIBDIR)/libboost_system.a
+	LDLIBS  = $(LIBDIR)/libboost_system.a
-  LDLIBS += $(LIBDIR)/libboost_date_time.a
+	LDLIBS += $(LIBDIR)/libboost_date_time.a
-  LDLIBS += $(LIBDIR)/libboost_filesystem.a
+	LDLIBS += $(LIBDIR)/libboost_filesystem.a
-  LDLIBS += $(LIBDIR)/libboost_program_options.a
+	LDLIBS += $(LIBDIR)/libboost_program_options.a
-  LDLIBS += $(LIBDIR)/libssl.a
+	LDLIBS += $(LIBDIR)/libssl.a
-  LDLIBS += $(LIBDIR)/libcrypto.a
+	LDLIBS += $(LIBDIR)/libcrypto.a
-  LDLIBS += $(LIBDIR)/libz.a
+	LDLIBS += $(LIBDIR)/libz.a
-  LDLIBS += -lpthread -static-libstdc++ -static-libgcc -lrt -ldl
+	LDLIBS += -lpthread -static-libstdc++ -static-libgcc -lrt -ldl
-  USE_AESNI := no
+	USE_AESNI := no
 else
-  LDLIBS = -lcrypto -lssl -lz -lboost_system -lboost_date_time -lboost_filesystem -lboost_program_options -lpthread
+	LDLIBS = -lcrypto -lssl -lz -lboost_system -lboost_date_time -lboost_filesystem -lboost_program_options -lpthread
 endif
 # UPNP Support (miniupnpc 1.5 and higher)
 ifeq ($(USE_UPNP),yes)
-  CXXFLAGS += -DUSE_UPNP
+	CXXFLAGS += -DUSE_UPNP
 ifeq ($(USE_STATIC),yes)
-  LDLIBS += $(LIBDIR)/libminiupnpc.a
+	LDLIBS += $(LIBDIR)/libminiupnpc.a
 else
-  LDLIBS += -lminiupnpc
+	LDLIBS += -lminiupnpc
 endif
 endif
 IS_64 := $(shell $(CXX) -dumpmachine 2>&1 | $(GREP) -c "64")
 ifeq ($(USE_AESNI),yes)
 ifeq ($(IS_64),1)
 #check if AES-NI is supported by CPU
 ifneq ($(shell $(GREP) -c aes /proc/cpuinfo),0)
 	CPU_FLAGS += -maes -DAESNI
 endif
 endif
 endif
 ifeq ($(USE_AVX),yes)
 #check if AVX supported by CPU
--- a/Makefile.mingw
+++ b/Makefile.mingw
@@ -4,31 +4,29 @@ WINDRES = windres
 CXXFLAGS = -Os -D_MT -DWIN32 -D_WINDOWS -DWIN32_LEAN_AND_MEAN
 NEEDED_CXXFLAGS = -std=c++11
 BOOST_SUFFIX = -mt
-INCFLAGS = -I/usr/include/ -I/usr/local/include/
+INCFLAGS = -I/usr/include/ -I/usr/local/include/ -I. -Idaemon
-LDFLAGS = -Wl,-rpath,/usr/local/lib \
+LDFLAGS = -Wl,-rpath,/usr/local/lib -Wl,-Bstatic -static-libgcc -static-libstdc++ -L/usr/local/lib
  -L/usr/local/lib 
 # UPNP Support
 ifeq ($(USE_UPNP),yes)
-  CXXFLAGS += -DUSE_UPNP -DMINIUPNP_STATICLIB
+	CXXFLAGS += -DUSE_UPNP -DMINIUPNP_STATICLIB
-  LDLIBS = -Wl,-Bstatic -lminiupnpc	
+	LDLIBS = -lminiupnpc
 endif
 LDLIBS += \
-  -Wl,-Bstatic -lboost_system$(BOOST_SUFFIX) \
+	-lboost_system$(BOOST_SUFFIX) \
-  -Wl,-Bstatic -lboost_date_time$(BOOST_SUFFIX) \
+	-lboost_date_time$(BOOST_SUFFIX) \
-  -Wl,-Bstatic -lboost_filesystem$(BOOST_SUFFIX) \
+	-lboost_filesystem$(BOOST_SUFFIX) \
-  -Wl,-Bstatic -lboost_program_options$(BOOST_SUFFIX) \
+	-lboost_program_options$(BOOST_SUFFIX) \
-  -Wl,-Bstatic -lssl \
+	-lssl \
-  -Wl,-Bstatic -lcrypto \
+	-lcrypto \
-  -Wl,-Bstatic -lz \
+	-lz \
-  -Wl,-Bstatic -lwsock32 \
+	-lwsock32 \
-  -Wl,-Bstatic -lws2_32 \
+	-lws2_32 \
-  -Wl,-Bstatic -lgdi32 \
+	-lgdi32 \
-  -Wl,-Bstatic -liphlpapi \
+	-liphlpapi \
-  -static-libgcc -static-libstdc++ \
+	-lstdc++ \
-  -Wl,-Bstatic -lstdc++ \
+	-lpthread
  -Wl,-Bstatic -lpthread
 ifeq ($(USE_WIN32_APP), yes)
 	CXXFLAGS += -DWIN32_APP
@@ -50,7 +48,7 @@ endif
 ifeq ($(USE_ASLR),yes)
 	LDFLAGS += -Wl,--nxcompat -Wl,--high-entropy-va \
-      -Wl,--dynamicbase,--export-all-symbols
+	-Wl,--dynamicbase,--export-all-symbols
 endif
 obj/%.o : %.rc
--- a/Makefile.osx
+++ b/Makefile.osx
@@ -13,6 +13,11 @@ endif
 ifeq ($(USE_UPNP),yes)
  LDFLAGS += -ldl
  CXXFLAGS += -DUSE_UPNP
 ifeq ($(USE_STATIC),yes)
  LDLIBS += /usr/local/lib/libminiupnpc.a
 else
  LDLIBS += -lminiupnpc
 endif
 endif
 ifeq ($(USE_AESNI),1)
--- a/README.md
+++ b/README.md
@@ -17,6 +17,17 @@ applications (websites, instant messengers, chat-servers).
 I2P allows people from all around the world to communicate and share information
 without restrictions.
 Features
 --------
 * Distributed anonymous networking framework
 * End-to-end encrypted communications
 * Small footprint, simple dependencies, fast performance
 * Rich set of APIs for developers of secure applications
 Resources
 ---------
 * [Website](http://i2pd.website)
 * [Documentation](https://i2pd.readthedocs.io/en/latest/)
 * [Wiki](https://github.com/PurpleI2P/i2pd/wiki)
@@ -34,7 +45,7 @@ i2pd from source on your OS.
 **Supported systems:**
-* Linux x86/x64  - [![Build Status](https://travis-ci.org/PurpleI2P/i2pd.svg?branch=openssl)](https://travis-ci.org/PurpleI2P/i2pd)  
+* GNU/Linux x86/x64  - [![Build Status](https://travis-ci.org/PurpleI2P/i2pd.svg?branch=openssl)](https://travis-ci.org/PurpleI2P/i2pd)  
 * Windows        - [![Build status](https://ci.appveyor.com/api/projects/status/1908qe4p48ff1x23?svg=true)](https://ci.appveyor.com/project/PurpleI2P/i2pd)  
 * Mac OS X
 * FreeBSD
@@ -44,17 +55,19 @@ i2pd from source on your OS.
 Using i2pd
 ----------
-See [documentation](https://i2pd.readthedocs.io/en/latest/usage.html) and 
+See [documentation](https://i2pd.readthedocs.io/en/latest/user-guide/run/) and 
-[example config file](https://github.com/PurpleI2P/i2pd/blob/openssl/docs/i2pd.conf).
+[example config file](https://github.com/PurpleI2P/i2pd/blob/openssl/contrib/i2pd.conf).
 Donations
 ---------
 BTC: 1K7Ds6KUeR8ya287UC4rYTjvC96vXyZbDY   
 ZEC: t1cTckLuXsr1dwVrK4NDzfhehss4NvMadAJ  
 DASH: Xw8YUrQpYzP9tZBmbjqxS3M97Q7v3vJKUF   
 LTC: LKQirrYrDeTuAPnpYq5y7LVKtywfkkHi59  
 ANC: AQJYweYYUqM1nVfLqfoSMpUMfzxvS4Xd7z  
 DOGE: DNXLQKziRPAsD9H3DFNjk4fLQrdaSX893Y  
 ANC: AQJYweYYUqM1nVfLqfoSMpUMfzxvS4Xd7z   
 GST: GbD2JSQHBHCKLa9WTHmigJRpyFgmBj4woG  
 License
 -------
--- a/UPnP.cpp
+++ b/UPnP.cpp
@@ -1,205 +0,0 @@
 #ifdef USE_UPNP
 #include <string>
 #include <thread>
 #include <boost/thread/thread.hpp>
 #include <boost/asio.hpp>
 #include <boost/bind.hpp>
 #include "Log.h"
 #include "RouterContext.h"
 #include "UPnP.h"
 #include "NetDb.h"
 #include "util.h"
 #include "RouterInfo.h"
 #include "Config.h"
 #include <miniupnpc/miniupnpc.h>
 #include <miniupnpc/upnpcommands.h>
 namespace i2p
 {
 namespace transport
 {
    UPnP::UPnP () : m_IsRunning(false), m_Thread (nullptr), m_Timer (m_Service)
    {
    }
    void UPnP::Stop ()
    {
 		if (m_IsRunning)
 		{
 		    LogPrint(eLogInfo, "UPnP: stopping");
 			m_IsRunning = false;	
 			m_Timer.cancel ();
 			m_Service.stop ();
 		    if (m_Thread)
 		    {   
 		        m_Thread->join (); 
 		        m_Thread.reset (nullptr);
 		    }
 			CloseMapping ();
 		    Close ();
 		}
    }
    void UPnP::Start()
    {
 		m_IsRunning = true;
        LogPrint(eLogInfo, "UPnP: starting");
 		m_Service.post (std::bind (&UPnP::Discover, this));
 		std::unique_lock<std::mutex> l(m_StartedMutex);
        m_Thread.reset (new std::thread (std::bind (&UPnP::Run, this)));
 		m_Started.wait_for (l, std::chrono::seconds (5)); // 5 seconds maximum
    }
    UPnP::~UPnP ()
    {
 		Stop ();
    } 
    void UPnP::Run ()
    {
 		while (m_IsRunning)
 		{
 			try
 			{	
 				m_Service.run ();
 				// Discover failed
 				break; // terminate the thread
 			}
 			catch (std::exception& ex)
 			{
 				LogPrint (eLogError, "UPnP: runtime exception: ", ex.what ());
 				PortMapping ();
 			}	
 		}	
    } 
    void UPnP::Discover ()
    {
        int nerror = 0;
 #if MINIUPNPC_API_VERSION >= 14
        m_Devlist = upnpDiscover (2000, m_MulticastIf, m_Minissdpdpath, 0, 0, 2, &nerror);
 #else
        m_Devlist = upnpDiscover (2000, m_MulticastIf, m_Minissdpdpath, 0, 0, &nerror);
 #endif
 		{
 			// notify satrting thread			
 			std::unique_lock<std::mutex> l(m_StartedMutex);
 			m_Started.notify_all ();
 		}	
        int r;
        r = UPNP_GetValidIGD (m_Devlist, &m_upnpUrls, &m_upnpData, m_NetworkAddr, sizeof (m_NetworkAddr));
        if (r == 1)
        {
            r = UPNP_GetExternalIPAddress (m_upnpUrls.controlURL, m_upnpData.first.servicetype, m_externalIPAddress);
            if(r != UPNPCOMMAND_SUCCESS)
            {
                LogPrint (eLogError, "UPnP: UPNP_GetExternalIPAddress() returned ", r);
                return;
            }
            else
            {
                if (!m_externalIPAddress[0])
                {
                    LogPrint (eLogError, "UPnP: GetExternalIPAddress() failed.");
                    return;
                }
            }
        }
 		else
 		{
 			 LogPrint (eLogError, "UPnP: GetValidIGD() failed.");
             return;
 		}
 		// UPnP discovered	
 		LogPrint (eLogDebug, "UPnP: ExternalIPAddress is ", m_externalIPAddress);
        i2p::context.UpdateAddress (boost::asio::ip::address::from_string (m_externalIPAddress));
 		// port mapping
 		PortMapping ();
    }
 	void UPnP::PortMapping ()
 	{
 		const auto& a = context.GetRouterInfo().GetAddresses();
 		for (const auto& address : a)
        {
            if (!address->host.is_v6 ())
            	TryPortMapping (address);
        }
 		m_Timer.expires_from_now (boost::posix_time::minutes(20));	// every 20 minutes
 		m_Timer.async_wait ([this](const boost::system::error_code& ecode)
 			{ 
 				if (ecode != boost::asio::error::operation_aborted)	
 					PortMapping ();
 			});
 	}	
 	void UPnP::CloseMapping ()
 	{
 		const auto& a = context.GetRouterInfo().GetAddresses();
 		for (const auto& address : a)
        {
            if (!address->host.is_v6 ())
            	CloseMapping (address);
        }
 	}	
    void UPnP::TryPortMapping (std::shared_ptr<i2p::data::RouterInfo::Address> address)
    {
        std::string strType (GetProto (address)), strPort (std::to_string (address->port));
        int r;
        std::string strDesc; i2p::config::GetOption("upnp.name", strDesc);
        r = UPNP_AddPortMapping (m_upnpUrls.controlURL, m_upnpData.first.servicetype, strPort.c_str (), strPort.c_str (), m_NetworkAddr, strDesc.c_str (), strType.c_str (), 0, "0");
        if (r!=UPNPCOMMAND_SUCCESS)
        {
            LogPrint (eLogError, "UPnP: AddPortMapping (", m_NetworkAddr, ":", strPort, ") failed with code ", r);
            return;
        }
        else
        {
            LogPrint (eLogDebug, "UPnP: Port Mapping successful. (", m_NetworkAddr ,":", strPort, " type ", strType, " -> ", m_externalIPAddress ,":", strPort ,")");
            return;
        }
    }
    void UPnP::CloseMapping (std::shared_ptr<i2p::data::RouterInfo::Address> address)
    {
        std::string strType (GetProto (address)), strPort (std::to_string (address->port));
        int r = 0;
        r = UPNP_DeletePortMapping (m_upnpUrls.controlURL, m_upnpData.first.servicetype, strPort.c_str (), strType.c_str (), 0);
        LogPrint (eLogError, "UPnP: DeletePortMapping() returned : ", r);
    }
    void UPnP::Close ()
    {
        freeUPNPDevlist (m_Devlist);
        m_Devlist = 0;
        FreeUPNPUrls (&m_upnpUrls);
    }
 	std::string UPnP::GetProto (std::shared_ptr<i2p::data::RouterInfo::Address> address)
 	{
 		switch (address->transportStyle)
        {
            case i2p::data::RouterInfo::eTransportNTCP:
                return "TCP";
            break;
            case i2p::data::RouterInfo::eTransportSSU:
            default:
                return "UDP";
        }
 	}
 }
 }
 #else /* USE_UPNP */
 namespace i2p {
 namespace transport {
 }
 }
 #endif /* USE_UPNP */
--- a/Win32/DaemonWin32.cpp
+++ b/Win32/DaemonWin32.cpp
--- a/Win32/Resource.rc2
+++ b/Win32/Resource.rc2
@@ -6,7 +6,7 @@
 #error this file is not editable by Microsoft Visual C++
 #endif //APSTUDIO_INVOKED
-#include "../version.h"
+#include "../libi2pd/version.h"
 /////////////////////////////////////////////////////////////////////////////
 //
--- a/Win32/Win32App.cpp
+++ b/Win32/Win32App.cpp
@@ -1,13 +1,13 @@
 #include <string.h>
 #include <windows.h>
 #include <shellapi.h>
-#include "../ClientContext.h"
+#include "ClientContext.h"
-#include "../Config.h"
+#include "Config.h"
-#include "../NetDb.h"
+#include "NetDb.hpp"
-#include "../RouterContext.h"
+#include "RouterContext.h"
-#include "../Transports.h"
+#include "Transports.h"
-#include "../Tunnel.h"
+#include "Tunnel.h"
-#include "../version.h"
+#include "version.h"
 #include "resource.h"
 #include "Win32App.h"
 #include <stdio.h>
@@ -99,7 +99,7 @@ namespace win32
 		s << seconds << " seconds\n";
 	}
-	static void ShowTransfered (std::stringstream& s, int transfer)
+	template <typename size> static void ShowTransfered (std::stringstream& s, size transfer)
 	{
 		auto bytes = transfer & 0x03ff;
 		transfer >>= 10;
@@ -143,7 +143,7 @@ namespace win32
 		s << "\n";
 		s << "Inbound: " << i2p::transport::transports.GetInBandwidth() / 1024 << " KiB/s; ";
 		s << "Outbound: " << i2p::transport::transports.GetOutBandwidth() / 1024 << " KiB/s\n";
-		s << "Recvieved: "; ShowTransfered (s, i2p::transport::transports.GetTotalReceivedBytes());
+		s << "Received: "; ShowTransfered (s, i2p::transport::transports.GetTotalReceivedBytes());
 		s << "Sent: "; ShowTransfered (s, i2p::transport::transports.GetTotalSentBytes());
 		s << "\n";
 		s << "Routers: " << i2p::data::netdb.GetNumRouters () << "; ";
--- a/Win32/Win32Service.cpp
+++ b/Win32/Win32Service.cpp
@@ -7,8 +7,8 @@
 #include <strsafe.h>
 #include <windows.h>
-#include "../Daemon.h"
+#include "Daemon.h"
-#include "../Log.h"
+#include "Log.h"
 I2PService *I2PService::s_service = NULL;
--- a/Win32/i2pd.vcxproj
+++ b/Win32/i2pd.vcxproj
@@ -83,7 +83,7 @@
    <ClInclude Include="..\LittleBigEndian.h" />
    <ClInclude Include="..\Log.h" />
 	<ClInclude Include="..\NetDbRequests.h" />
-    <ClInclude Include="..\NetDb.h" />
+    <ClInclude Include="..\NetDb.hpp" />
    <ClInclude Include="..\NTCPSession.h" />
    <ClInclude Include="..\Queue.h" />
 	<ClInclude Include="..\Profiling.h" />
--- a/Win32/i2pd.vcxproj.filters
+++ b/Win32/i2pd.vcxproj.filters
@@ -158,7 +158,7 @@
    <ClInclude Include="..\Log.h">
      <Filter>Header Files</Filter>
    </ClInclude>
-    <ClInclude Include="..\NetDb.h">
+    <ClInclude Include="..\NetDb.hpp">
      <Filter>Header Files</Filter>
    </ClInclude>
    <ClInclude Include="..\NTCPSession.h">
--- a/Win32/installer.iss
+++ b/Win32/installer.iss
@@ -1,5 +1,5 @@
 #define I2Pd_AppName "i2pd"
-#define I2Pd_ver "2.12.0"
+#define I2Pd_ver "2.14.0"
 #define I2Pd_Publisher "PurpleI2P"
 [Setup]
@@ -28,9 +28,9 @@ AppUpdatesURL=https://github.com/PurpleI2P/i2pd/releases
 Source: ..\i2pd_x86.exe; DestDir: {app}; DestName: i2pd.exe; Flags: ignoreversion; Check: not IsWin64
 Source: ..\i2pd_x64.exe; DestDir: {app}; DestName: i2pd.exe; Flags: ignoreversion; Check: IsWin64
 Source: ..\README.md; DestDir: {app}; DestName: Readme.txt; Flags: onlyifdoesntexist
-Source: ..\docs\i2pd.conf; DestDir: {userappdata}\i2pd; Flags: onlyifdoesntexist
+Source: ..\contrib\i2pd.conf; DestDir: {userappdata}\i2pd; Flags: onlyifdoesntexist
-Source: ..\docs\subscriptions.txt; DestDir: {userappdata}\i2pd; Flags: onlyifdoesntexist
+Source: ..\contrib\subscriptions.txt; DestDir: {userappdata}\i2pd; Flags: onlyifdoesntexist
-Source: ..\docs\tunnels.conf; DestDir: {userappdata}\i2pd; Flags: onlyifdoesntexist
+Source: ..\contrib\tunnels.conf; DestDir: {userappdata}\i2pd; Flags: onlyifdoesntexist
 Source: ..\contrib\certificates\*; DestDir: {userappdata}\i2pd\certificates; Flags: onlyifdoesntexist recursesubdirs createallsubdirs
 [Icons]
--- a/android/.gitignore
+++ b/android/.gitignore
@@ -1,6 +1,7 @@
 gen
 tests
 .idea
 ant.properties
 local.properties
 build.sh
 bin
--- a/android/AndroidManifest.xml
+++ b/android/AndroidManifest.xml
@@ -2,8 +2,9 @@
 <manifest xmlns:android="http://schemas.android.com/apk/res/android"
      package="org.purplei2p.i2pd"
      android:versionCode="1"
-      android:versionName="2.12.0">
+      android:versionName="2.14.0"
-    <uses-sdk android:minSdkVersion="9" android:targetSdkVersion="24"/>
+	  android:installLocation="auto">
    <uses-sdk android:minSdkVersion="14" android:targetSdkVersion="25"/>
 	<uses-permission android:name="android.permission.WRITE_EXTERNAL_STORAGE"/>
    <uses-permission android:name="android.permission.INTERNET"/>
    <uses-permission android:name="android.permission.ACCESS_NETWORK_STATE"/>
--- a/android/build.xml
+++ b/android/build.xml
@@ -93,5 +93,4 @@
    -->
    <!-- version-tag: 1 -->
    <import file="${sdk.dir}/tools/ant/build.xml" />
 </project>
--- a/android/jni/Android.mk
+++ b/android/jni/Android.mk
@@ -2,7 +2,7 @@ LOCAL_PATH := $(call my-dir)
 include $(CLEAR_VARS)
 LOCAL_MODULE := i2pd
 LOCAL_CPP_FEATURES := rtti exceptions
-LOCAL_C_INCLUDES += $(IFADDRS_PATH) ../..
+LOCAL_C_INCLUDES += $(IFADDRS_PATH) $(LIB_SRC_PATH) $(LIB_CLIENT_SRC_PATH) $(DAEMON_SRC_PATH)
 LOCAL_STATIC_LIBRARIES := \
 	boost_system \
 	boost_date_time \
@@ -12,57 +12,13 @@ LOCAL_STATIC_LIBRARIES := \
 	miniupnpc
 LOCAL_LDLIBS := -lz
-LOCAL_SRC_FILES := DaemonAndroid.cpp i2pd_android.cpp \
+LOCAL_SRC_FILES := DaemonAndroid.cpp i2pd_android.cpp $(IFADDRS_PATH)/ifaddrs.c \
-	$(IFADDRS_PATH)/ifaddrs.c \
+	$(wildcard $(LIB_SRC_PATH)/*.cpp)\
-    ../../HTTPServer.cpp ../../I2PControl.cpp ../../Daemon.cpp ../../Config.cpp \
+	$(wildcard $(LIB_CLIENT_SRC_PATH)/*.cpp)\
-    ../../AddressBook.cpp \
+	$(DAEMON_SRC_PATH)/Daemon.cpp \
-    ../../api.cpp \
+	$(DAEMON_SRC_PATH)/UPnP.cpp \
-    ../../Base.cpp \
+	$(DAEMON_SRC_PATH)/HTTPServer.cpp \
-    ../../BOB.cpp \
+	$(DAEMON_SRC_PATH)/I2PControl.cpp
    ../../ClientContext.cpp \
    ../../Crypto.cpp \
    ../../Datagram.cpp \
    ../../Destination.cpp \
    ../../Family.cpp \
    ../../FS.cpp \
    ../../Garlic.cpp \
    ../../Gzip.cpp \
    ../../HTTP.cpp \
    ../../HTTPProxy.cpp \
    ../../I2CP.cpp \
    ../../I2NPProtocol.cpp \
    ../../I2PEndian.cpp \
    ../../I2PService.cpp \
    ../../I2PTunnel.cpp \
    ../../Identity.cpp \
    ../../LeaseSet.cpp \
    ../../Log.cpp \
    ../../NetDb.cpp \
    ../../NetDbRequests.cpp \
    ../../NTCPSession.cpp \
    ../../Profiling.cpp \
    ../../Reseed.cpp \
    ../../RouterContext.cpp \
    ../../RouterInfo.cpp \
    ../../SAM.cpp \
    ../../Signature.cpp \
    ../../SOCKS.cpp \
    ../../SSU.cpp \
    ../../SSUData.cpp \
    ../../SSUSession.cpp \
    ../../Streaming.cpp \
    ../../TransitTunnel.cpp \
    ../../Transports.cpp \
    ../../Tunnel.cpp \
    ../../TunnelEndpoint.cpp \
    ../../TunnelGateway.cpp \
    ../../TunnelPool.cpp \
 	../../Timestamp.cpp \
 	../../Event.cpp \
 	../../WebSocks.cpp \
 ../../BloomFilter.cpp \
    ../../util.cpp \
     ../../i2pd.cpp ../../UPnP.cpp
 include $(BUILD_SHARED_LIBRARY)
@@ -97,15 +53,15 @@ include $(PREBUILT_STATIC_LIBRARY)
 LOCAL_PATH := $(call my-dir)
 include $(CLEAR_VARS)
 LOCAL_MODULE := crypto
-LOCAL_SRC_FILES := $(OPENSSL_PATH)/openssl-1.1.0/$(TARGET_ARCH_ABI)/lib/libcrypto.a
+LOCAL_SRC_FILES := $(OPENSSL_PATH)/openssl-1.1.0e/$(TARGET_ARCH_ABI)/lib/libcrypto.a
-LOCAL_EXPORT_C_INCLUDES := $(OPENSSL_PATH)/openssl-1.1.0/include
+LOCAL_EXPORT_C_INCLUDES := $(OPENSSL_PATH)/openssl-1.1.0e/include
 include $(PREBUILT_STATIC_LIBRARY)
 LOCAL_PATH := $(call my-dir)
 include $(CLEAR_VARS)
 LOCAL_MODULE := ssl
-LOCAL_SRC_FILES := $(OPENSSL_PATH)/openssl-1.1.0/$(TARGET_ARCH_ABI)/lib/libssl.a
+LOCAL_SRC_FILES := $(OPENSSL_PATH)/openssl-1.1.0e/$(TARGET_ARCH_ABI)/lib/libssl.a
-LOCAL_EXPORT_C_INCLUDES := $(OPENSSL_PATH)/openssl-1.1.0/include
+LOCAL_EXPORT_C_INCLUDES := $(OPENSSL_PATH)/openssl-1.1.0e/include
 LOCAL_STATIC_LIBRARIES := crypto
 include $(PREBUILT_STATIC_LIBRARY)
--- a/android/jni/Application.mk
+++ b/android/jni/Application.mk
@@ -3,7 +3,7 @@
 #APP_ABI := x86
 APP_ABI := armeabi-v7a
 #can be android-3 but will fail for x86 since arch-x86 is not present at ndkroot/platforms/android-3/ . libz is taken from there.
-APP_PLATFORM := android-9
+APP_PLATFORM := android-14
 # http://stackoverflow.com/a/21386866/529442 http://stackoverflow.com/a/15616255/529442 to enable c++11 support in Eclipse
 NDK_TOOLCHAIN_VERSION := 4.9
@@ -25,8 +25,15 @@ APP_OPTIM  := debug
 # git clone https://github.com/PurpleI2P/MiniUPnP-for-Android-Prebuilt.git
 # git clone https://github.com/PurpleI2P/android-ifaddrs.git
 # change to your own
-I2PD_LIBS_PATH=/path/to/libraries
+I2PD_LIBS_PATH = /path/to/libraries
 BOOST_PATH = $(I2PD_LIBS_PATH)/Boost-for-Android-Prebuilt
 OPENSSL_PATH = $(I2PD_LIBS_PATH)/OpenSSL-for-Android-Prebuilt
 MINIUPNP_PATH = $(I2PD_LIBS_PATH)/MiniUPnP-for-Android-Prebuilt
 IFADDRS_PATH = $(I2PD_LIBS_PATH)/android-ifaddrs
 # don't change me
 I2PD_SRC_PATH = $(PWD)/..
 LIB_SRC_PATH = $(I2PD_SRC_PATH)/libi2pd
 LIB_CLIENT_SRC_PATH = $(I2PD_SRC_PATH)/libi2pd_client
 DAEMON_SRC_PATH = $(I2PD_SRC_PATH)/daemon
--- a/android/jni/DaemonAndroid.cpp
+++ b/android/jni/DaemonAndroid.cpp
@@ -1,5 +1,5 @@
 #include "DaemonAndroid.h"
-#include "../../Daemon.h"
+#include "Daemon.h"
 #include <iostream>
 #include <boost/exception/diagnostic_information.hpp>
 #include <boost/exception_ptr.hpp>
@@ -191,4 +191,3 @@ namespace android
 	}
 }
 }
--- a/android/jni/i2pd_android.cpp
+++ b/android/jni/i2pd_android.cpp
@@ -3,8 +3,8 @@
 #include <jni.h>
 #include "org_purplei2p_i2pd_I2PD_JNI.h"
 #include "DaemonAndroid.h"
-#include "../../RouterContext.h"
+#include "RouterContext.h"
-#include "../../Transports.h"
+#include "Transports.h"
 JNIEXPORT jstring JNICALL Java_org_purplei2p_i2pd_I2PD_1JNI_getABICompiledWith
  (JNIEnv * env, jclass clazz) {
--- a/android/libs/.gitignore
+++ b/android/libs/.gitignore
@@ -1 +0,0 @@
 armeabi-v7a
--- a/android/libs/android-support-v4.jar
+++ b/android/libs/android-support-v4.jar
--- a/android/src/org/purplei2p/i2pd/ForegroundService.java
+++ b/android/src/org/purplei2p/i2pd/ForegroundService.java
@@ -6,7 +6,6 @@ import android.app.Service;
 import android.content.Intent;
 import android.os.Binder;
 import android.os.IBinder;
 import android.support.v4.app.NotificationCompat;
 import android.util.Log;
 public class ForegroundService extends Service {
@@ -72,7 +71,7 @@ public class ForegroundService extends Service {
                new Intent(this, I2PD.class), 0);
        // Set the info for the views that show in the notification panel.
-        Notification notification = new NotificationCompat.Builder(this)
+        Notification notification = new Notification.Builder(this)
                .setSmallIcon(R.drawable.itoopie_notification_icon)  // the status icon
                .setTicker(text)  // the status text
                .setWhen(System.currentTimeMillis())  // the time stamp
--- a/appveyor.yml
+++ b/appveyor.yml
@@ -1,4 +1,4 @@
-version: 1.0.{build}
+version: 2.14.{build}
 pull_requests:
  do_not_increment_build_number: true
 branches:
@@ -8,190 +8,42 @@ skip_tags: true
 os: Visual Studio 2015
 shallow_clone: true
 clone_depth: 1
 init:
 - cmd: >-
    mkdir \projects\instdir
    rem Appveyor has win32 openssl pre-installed that is picked up erroneously even for 64-bit. Cleaning the mess... Should happen before restoring cache.
    rem Might consider passing OPENSSL_ROOT_DIR
    if exist \OpenSSL-Win32 rmdir /S /Q \OpenSSL-Win32
    if exist \OpenSSL-Win64 rmdir /S /Q \OpenSSL-Win64
    if exist \OpenSSL rmdir /S /Q \OpenSSL
 environment:
-  BOOST_ROOT: C:\Libraries\boost_1_59_0
+  MSYS2_PATH_TYPE: inherit
-  MINIUPNPC: miniupnpc-1.9.20151026
+  CHERE_INVOKING: enabled_from_arguments
  OPENSSL: OpenSSL_1_0_2e
  ZLIB: zlib-1.2.8
  matrix:
-  # - type: static
+  - MSYSTEM: MINGW64
-  #   msvc: 14
+  - MSYSTEM: MINGW32
-  #   x64: 0
+
  # - type: static
  #   variant: Release
  #   # FIXME why is this necessary with Appveyor???
  #   cmake: -DSSL_EAY=/mingw32/lib/libssl.a -DLIB_EAY=/mingw32/lib/libcrypto.a
  - type: shared
    variant: Release
  - type: static
    msvc: 12
    x64: 1
    variant: RelWithDebInfo
  - type: static
    msvc: 14
    variant: RelWithDebInfo
    cmake: -DWITH_PCH=ON
  # - type: static
  #   msvc: 12
  # - type: shared
  #   msvc: 14
  #   variant: Debug
  # - type: shared
  #   variant: Release
  #   cmake: -DWITH_PCH=ON
  #   x64: 1
 install:
- if not exist \projects\miniupnpc\ (
+- c:\msys64\usr\bin\bash -lc "pacman --noconfirm -Rns gcc-fortran gcc"
-    mkdir \projects\miniupnpc
+- c:\msys64\usr\bin\bash -lc "pacman --noconfirm -Syuu"
-    && curl -sL http://miniupnp.free.fr/files/download.php?file=%MINIUPNPC%.tar.gz -o \projects\miniupnpc\%MINIUPNPC%.tar.gz
+
-  )
+- c:\msys64\usr\bin\bash -lc "pacman --noconfirm -Syuu"
- tar --strip-components=1 --directory=\projects\miniupnpc -xzf \projects\miniupnpc\%MINIUPNPC%.tar.gz
+
- if not exist \projects\zlib\ (
+- if "%MSYSTEM%" == "MINGW64" (
-    mkdir \projects\zlib
+    c:\msys64\usr\bin\bash -lc "pacman --noconfirm -S mingw-w64-x86_64-boost mingw-w64-x86_64-miniupnpc"
    && cd \projects\zlib
    && curl -sLO http://zlib.net/%ZLIB%.tar.gz
  )
 - tar --strip-components=1 --directory=\projects\zlib -xzf \projects\zlib\%ZLIB%.tar.gz
 - patch -p0 C:/projects/zlib/CMakeLists.txt %APPVEYOR_BUILD_FOLDER%/build/cmake-zlib-static.patch
 - patch -p0 C:/projects/zlib/CMakeLists.txt %APPVEYOR_BUILD_FOLDER%/build/cmake-zlib-amd64.patch
 - if "%type%" == "static" (
    set "static=ON"
    && set "boostlib=lib"
  ) else (
-    set "static=OFF"
+    c:\msys64\usr\bin\bash -lc "pacman --noconfirm -S mingw-w64-i686-boost mingw-w64-i686-miniupnpc"
    && set "dll=dll"
  )
- if "%x64%"=="1" (
+
 - if "%MSYSTEM%" == "MINGW64" (
    set "bitness=64"
    && set "openssl_target=VC-WIN64A"
    && set "zlib_asm=-DAMD64=ON"
  ) else (
    set "bitness=32"
    && set "openssl_target=VC-WIN32"
    && set "zlib_asm=-DASM686=ON "-DCMAKE_ASM_MASM_FLAGS=/W0 /safeseh""
  )
 - C:\msys64\usr\bin\bash -lc "export PATH=/mingw%bitness%/bin:/usr/bin:. && cd /c/projects/miniupnpc && CC=gcc make -f Makefile.mingw init miniupnpc.dll > c:\projects\instdir\build_miniupnpc.log 2>&1 || cat c:\projects\instdir\build_miniupnpc.log"
 - set /a generator=%msvc%+2001
 - if defined msvc (
    (
      if "%x64%" == "1" (
        call "C:\Program Files (x86)\Microsoft Visual Studio %msvc%.0\VC\vcvarsall.bat" amd64
        && set "generator=Visual Studio %msvc% %generator% Win64"
      ) else (
        call "C:\Program Files (x86)\Microsoft Visual Studio %msvc%.0\VC\vcvarsall.bat" x86
        && set "generator=Visual Studio %msvc% %generator%"
      )
    )
    && set "zlib_root=C:/stage/zlib-Win%bitness%-vc%msvc%-%type%"
    && if "%variant%" neq "Debug" (
      set "boost_variant=variant=release"
      && set "boostdbg=-gd"
    )
  ) else (
    set "generator=Unix Makefiles"
  )
 - if defined msvc if not exist %zlib_root% (
    mkdir \projects\zlib-build
    && cd \projects\zlib-build
    && cmake ../zlib -G "%generator%" %zlib_asm% -DWITH_STATIC=%static% -DCMAKE_INSTALL_PREFIX=%zlib_root% > c:\projects\instdir\build_zlib.log
    && cmake --build . --config Release --target INSTALL >> c:\projects\instdir\build_zlib.log
    || type c:\projects\instdir\build_zlib.log
  )
 - cmd: >-
    rem cinst nasm
    cd \projects
    if not exist nasm-2.11.08-installer.exe curl --silent --location --remote-name http://www.nasm.us/pub/nasm/releasebuilds/2.11.08/win32/nasm-2.11.08-installer.exe
    nasm-2.11.08-installer.exe /S
    set "PATH=%PATH%;C:\Program Files (x86)\nasm"
    if not exist %OPENSSL%.zip curl --silent --location --remote-name https://github.com/openssl/openssl/archive/%OPENSSL%.zip
 - cd %BOOST_ROOT%
 - if defined msvc if not exist "stage%bitness%\lib\%boostlib%boost_system-vc%msvc%0-mt%boostdbg%*" (
    bootstrap > c:\projects\instdir\build_boost.log
    && b2 toolset=msvc-%msvc%.0 %boost_variant% link=%type% runtime-link=%type% address-model=%bitness% --build-type=minimal --with-filesystem --with-program_options --with-date_time --stagedir=stage%bitness% >> c:\projects\instdir\build_boost.log
    || type c:\projects\instdir\build_boost.log
  )
 - if defined msvc if not exist C:\stage\OpenSSL-Win%bitness%-vc%msvc%-%type%\ (
    cd \projects
    && 7z x %OPENSSL%.zip > NUL
    && cd openssl-%OPENSSL%
    && perl Configure %openssl_target% no-rc2 no-rc4 no-rc5 no-idea no-bf no-cast no-whirlpool no-md2 no-md4 no-ripemd no-mdc2 no-camellia no-seed no-comp no-krb5 no-gmp no-rfc3779 no-ec2m no-ssl2 no-jpake no-srp no-sctp no-srtp --prefix=c:\stage\OpenSSL-Win%bitness%-vc%msvc%-%type% > c:\projects\instdir\build_openssl.log
    && ( if "%x64%" == "1" ( ms\do_win64a >> c:\projects\instdir\build_openssl.log ) else ( ms\do_nasm >> c:\projects\instdir\build_openssl.log ) )
    && nmake -f ms\nt%dll%.mak install >> c:\projects\instdir\build_openssl.log 2>&1
    || type c:\projects\instdir\build_openssl.log
  )
 - mklink /J \OpenSSL \stage\OpenSSL-Win%bitness%-vc%msvc%-%type%
 - rem already there: mingw-w64-i686-openssl mingw-w64-i686-gcc
 - if not defined msvc (
    C:\msys64\usr\bin\bash -lc "pacman --needed --noconfirm -Sy bash pacman pacman-mirrors msys2-runtime msys2-runtime-devel cmake"
    && if "%x64%" == "1" (
      C:\msys64\usr\bin\bash -lc "pacman --noconfirm -S mingw-w64-x86_64-openssl mingw-w64-x86_64-boost mingw-w64-x86_64-miniupnpc mingw-w64-x86_64-extra-cmake-modules"
    ) else (
      C:\msys64\usr\bin\bash -lc "pacman --noconfirm -S mingw-w64-i686-openssl mingw-w64-i686-boost mingw-w64-i686-miniupnpc mingw-w64-i686-extra-cmake-modules"
    )
  )
 cache:
 - C:\projects\%OPENSSL%.zip
 - C:\projects\nasm-2.11.08-installer.exe
 - C:\projects\miniupnpc\%MINIUPNPC%.tar.gz
 - C:\stage
 - '%BOOST_ROOT%\stage32'
 - '%BOOST_ROOT%\stage64'
 - C:\projects\zlib\%ZLIB%.tar.gz
 build_script:
 - cmd: >-
-    mkdir \projects\build
+    cd \projects\i2pd
-    rem FIXME use fixup_bundle in cmake
+    echo MSYSTEM = %MSYSTEM%, bitness = %bitness%
-    rem msbuild i2pd.sln /p:Configuration=Release
+- c:\msys64\usr\bin\bash -lc "make USE_UPNP=yes -j2"
 - 7z a -tzip -mx9 -mmt i2pd-mingw-win%bitness%.zip i2pd.exe
    if defined variant ( set cmake_extra=-DCMAKE_BUILD_TYPE=%variant% && set "cmake_build=--config %variant%" )
    echo "bitness=%bitness%; static=%static%; dll=%dll%; type=%type%; generator=%generator%; variant=%variant%; cmake=%cmake%; cmake_extra=%cmake_extra%"
 - if not defined msvc (
    C:\msys64\usr\bin\bash -lc "export PATH=/mingw%bitness%/bin:/usr/bin && cd /c/projects/build && CC=/mingw%bitness%/bin/gcc.exe CXX=/mingw%bitness%/bin/g++.exe /usr/bin/cmake /c/projects/i2pd/build -G 'Unix Makefiles' -DWITH_AESNI=ON -DWITH_UPNP=ON %cmake% %cmake_extra% -DWITH_STATIC=%static% -DWITH_HARDENING=ON -DCMAKE_INSTALL_PREFIX:PATH=/c/projects/instdir -DCMAKE_FIND_ROOT_PATH=/mingw%bitness% && make install"
    && 7z a -tzip -mx9 -mmt C:\projects\i2pd\i2pd-mingw-win%bitness%-%type%.zip C:\projects\instdir\* C:\msys64\mingw%bitness%\bin\zlib1.dll C:\msys64\mingw%bitness%\bin\*eay32.dll
  )
 - rem We are fine with multiple generated configurations in MS solution. Will use later
 - if defined msvc (
    cd \projects\build
    && cmake ..\i2pd\build -G "%generator%" -DWITH_UPNP=ON %cmake% -DWITH_STATIC=%static% -DZLIB_ROOT=%zlib_root% -DBoost_LIBRARY_DIR:PATH=%BOOST_ROOT%/stage%bitness%/lib -DCMAKE_INSTALL_PREFIX:PATH=c:/projects/instdir
    && cmake --build . %cmake_build% --target install
    && 7z a -tzip -mx9 -mmt C:\projects\i2pd\i2pd-vc%msvc%-win%bitness%-%type%.zip C:\projects\instdir\*
    && cmake --build . %cmake_build% --target package
    && xcopy i2pd*win*.exe ..\i2pd\
  )
 test: off
 artifacts:
- path: i2pd-vc12-win64-static.zip
+- path: i2pd-mingw-win*.zip
 - path: i2pd-vc12-win32-static.zip
 - path: i2pd-vc12-win64-shared.zip
 - path: i2pd-vc12-win32-shared.zip
 - path: i2pd-vc14-win64-static.zip
 - path: i2pd-vc14-win32-static.zip
 - path: i2pd-vc14-win64-shared.zip
 - path: i2pd-vc14-win32-shared.zip
 - path: i2pd-mingw-win64-static.zip
 - path: i2pd-mingw-win32-static.zip
 - path: i2pd-mingw-win64-shared.zip
 - path: i2pd-mingw-win32-shared.zip
 - path: i2pd-2.1.0-win64.exe
 - path: i2pd-2.1.0-win32.exe
--- a/build/.gitignore
+++ b/build/.gitignore
@@ -8,3 +8,6 @@
 /CPackConfig.cmake
 /CPackSourceConfig.cmake
 /install_manifest.txt
 # windows build script
 i2pd*.zip
 build*.log
--- a/build/CMakeLists.txt
+++ b/build/CMakeLists.txt
@@ -8,6 +8,7 @@ project ( "i2pd" )
 # configurale options
 option(WITH_AESNI     "Use AES-NI instructions set" OFF)
 option(WITH_AVX       "Use AVX instructions" OFF)
 option(WITH_HARDENING "Use hardening compiler flags" OFF)
 option(WITH_LIBRARY   "Build library" ON)
 option(WITH_BINARY    "Build binary" ON)
@@ -25,43 +26,51 @@ option(WITH_WEBSOCKETS "Build with websocket ui" OFF)
 set ( CMAKE_MODULE_PATH "${CMAKE_CURRENT_SOURCE_DIR}/cmake_modules" )
 set ( CMAKE_SOURCE_DIR ".." )
 set(LIBI2PD_SRC_DIR ../libi2pd)
 set(LIBI2PD_CLIENT_SRC_DIR ../libi2pd_client)
 include_directories(${LIBI2PD_SRC_DIR})
 include_directories(${LIBI2PD_CLIENT_SRC_DIR})
 set (LIBI2PD_SRC
-  "${CMAKE_SOURCE_DIR}/BloomFilter.cpp"
+  "${LIBI2PD_SRC_DIR}/BloomFilter.cpp"
-  "${CMAKE_SOURCE_DIR}/Config.cpp"
+  "${LIBI2PD_SRC_DIR}/Config.cpp"
-  "${CMAKE_SOURCE_DIR}/Crypto.cpp"
+  "${LIBI2PD_SRC_DIR}/Crypto.cpp"
-  "${CMAKE_SOURCE_DIR}/Garlic.cpp"
+  "${LIBI2PD_SRC_DIR}/Garlic.cpp"
-  "${CMAKE_SOURCE_DIR}/Gzip.cpp"
+  "${LIBI2PD_SRC_DIR}/Gzip.cpp"
-  "${CMAKE_SOURCE_DIR}/I2NPProtocol.cpp"
+  "${LIBI2PD_SRC_DIR}/HTTP.cpp"
-  "${CMAKE_SOURCE_DIR}/Identity.cpp"
+  "${LIBI2PD_SRC_DIR}/I2NPProtocol.cpp"
-  "${CMAKE_SOURCE_DIR}/LeaseSet.cpp"
+  "${LIBI2PD_SRC_DIR}/Identity.cpp"
-  "${CMAKE_SOURCE_DIR}/FS.cpp"
+  "${LIBI2PD_SRC_DIR}/LeaseSet.cpp"
-  "${CMAKE_SOURCE_DIR}/Log.cpp"
+  "${LIBI2PD_SRC_DIR}/FS.cpp"
-  "${CMAKE_SOURCE_DIR}/NTCPSession.cpp"
+  "${LIBI2PD_SRC_DIR}/Log.cpp"
-  "${CMAKE_SOURCE_DIR}/NetDbRequests.cpp"	
+  "${LIBI2PD_SRC_DIR}/NTCPSession.cpp"
-  "${CMAKE_SOURCE_DIR}/NetDb.cpp"
+  "${LIBI2PD_SRC_DIR}/NetDbRequests.cpp"
-  "${CMAKE_SOURCE_DIR}/Profiling.cpp"
+  "${LIBI2PD_SRC_DIR}/NetDb.cpp"
-  "${CMAKE_SOURCE_DIR}/Reseed.cpp"
+  "${LIBI2PD_SRC_DIR}/Profiling.cpp"
-  "${CMAKE_SOURCE_DIR}/RouterContext.cpp"
+  "${LIBI2PD_SRC_DIR}/Reseed.cpp"
-  "${CMAKE_SOURCE_DIR}/RouterInfo.cpp"
+  "${LIBI2PD_SRC_DIR}/RouterContext.cpp"
-  "${CMAKE_SOURCE_DIR}/SSU.cpp"
+  "${LIBI2PD_SRC_DIR}/RouterInfo.cpp"
-  "${CMAKE_SOURCE_DIR}/SSUData.cpp"
+  "${LIBI2PD_SRC_DIR}/SSU.cpp"
-  "${CMAKE_SOURCE_DIR}/SSUSession.cpp"
+  "${LIBI2PD_SRC_DIR}/SSUData.cpp"
-  "${CMAKE_SOURCE_DIR}/Streaming.cpp"
+  "${LIBI2PD_SRC_DIR}/SSUSession.cpp"
-  "${CMAKE_SOURCE_DIR}/Destination.cpp"	
+  "${LIBI2PD_SRC_DIR}/Streaming.cpp"
-  "${CMAKE_SOURCE_DIR}/TransitTunnel.cpp"
+  "${LIBI2PD_SRC_DIR}/Destination.cpp"
-  "${CMAKE_SOURCE_DIR}/Tunnel.cpp"
+  "${LIBI2PD_SRC_DIR}/TransitTunnel.cpp"
-  "${CMAKE_SOURCE_DIR}/TunnelGateway.cpp"
+  "${LIBI2PD_SRC_DIR}/Tunnel.cpp"
-  "${CMAKE_SOURCE_DIR}/Transports.cpp"
+  "${LIBI2PD_SRC_DIR}/TunnelGateway.cpp"
-  "${CMAKE_SOURCE_DIR}/TunnelEndpoint.cpp"
+  "${LIBI2PD_SRC_DIR}/Transports.cpp"
-  "${CMAKE_SOURCE_DIR}/TunnelPool.cpp"
+  "${LIBI2PD_SRC_DIR}/TunnelEndpoint.cpp"
-  "${CMAKE_SOURCE_DIR}/Base.cpp"
+  "${LIBI2PD_SRC_DIR}/TunnelPool.cpp"
-  "${CMAKE_SOURCE_DIR}/util.cpp"
+  "${LIBI2PD_SRC_DIR}/Base.cpp"
-  "${CMAKE_SOURCE_DIR}/Datagram.cpp"
+  "${LIBI2PD_SRC_DIR}/util.cpp"
-  "${CMAKE_SOURCE_DIR}/Family.cpp"
+  "${LIBI2PD_SRC_DIR}/Datagram.cpp"
-  "${CMAKE_SOURCE_DIR}/Signature.cpp"
+  "${LIBI2PD_SRC_DIR}/Family.cpp"
-  "${CMAKE_SOURCE_DIR}/Timestamp.cpp"	
+  "${LIBI2PD_SRC_DIR}/Signature.cpp"
-  "${CMAKE_SOURCE_DIR}/api.cpp"
+  "${LIBI2PD_SRC_DIR}/Timestamp.cpp"
-  "${CMAKE_SOURCE_DIR}/Event.cpp"
+  "${LIBI2PD_SRC_DIR}/api.cpp"
  "${LIBI2PD_SRC_DIR}/Event.cpp"
  "${LIBI2PD_SRC_DIR}/Gost.cpp"
 )
 if (WITH_WEBSOCKETS)
@@ -88,30 +97,32 @@ install(TARGETS libi2pd
 # install(EXPORT libi2pd DESTINATION ${CMAKE_INSTALL_LIBDIR})
 set (CLIENT_SRC
-  "${CMAKE_SOURCE_DIR}/AddressBook.cpp"
+  "${LIBI2PD_CLIENT_SRC_DIR}/AddressBook.cpp"
-  "${CMAKE_SOURCE_DIR}/BOB.cpp"	
+  "${LIBI2PD_CLIENT_SRC_DIR}/BOB.cpp"
-  "${CMAKE_SOURCE_DIR}/ClientContext.cpp"
+  "${LIBI2PD_CLIENT_SRC_DIR}/ClientContext.cpp"
-  "${CMAKE_SOURCE_DIR}/I2PTunnel.cpp"
+  "${LIBI2PD_CLIENT_SRC_DIR}/MatchedDestination.cpp"
-  "${CMAKE_SOURCE_DIR}/I2PService.cpp"
+  "${LIBI2PD_CLIENT_SRC_DIR}/I2PTunnel.cpp"
-  "${CMAKE_SOURCE_DIR}/SAM.cpp"
+  "${LIBI2PD_CLIENT_SRC_DIR}/I2PService.cpp"
-  "${CMAKE_SOURCE_DIR}/SOCKS.cpp"
+  "${LIBI2PD_CLIENT_SRC_DIR}/SAM.cpp"
-  "${CMAKE_SOURCE_DIR}/HTTP.cpp"
+  "${LIBI2PD_CLIENT_SRC_DIR}/SOCKS.cpp"
-  "${CMAKE_SOURCE_DIR}/HTTPProxy.cpp"
+  "${LIBI2PD_CLIENT_SRC_DIR}/HTTPProxy.cpp"
-  "${CMAKE_SOURCE_DIR}/I2CP.cpp"
+  "${LIBI2PD_CLIENT_SRC_DIR}/I2CP.cpp"
-  "${CMAKE_SOURCE_DIR}/WebSocks.cpp"
+  "${LIBI2PD_CLIENT_SRC_DIR}/WebSocks.cpp"
-  )
+)
 if(WITH_WEBSOCKETS)
-  list (APPEND CLIENT_SRC "${CMAKE_SOURCE_DIR}/Websocket.cpp")
+  list (APPEND CLIENT_SRC "${LIBI2PD_CLIENT_SRC_DIR}/Websocket.cpp")
 endif ()
 add_library(i2pdclient ${CLIENT_SRC})
 set(DAEMON_SRC_DIR ../daemon)
 set (DAEMON_SRC
-  "${CMAKE_SOURCE_DIR}/Daemon.cpp"
+  "${DAEMON_SRC_DIR}/Daemon.cpp"
-  "${CMAKE_SOURCE_DIR}/HTTPServer.cpp"
+  "${DAEMON_SRC_DIR}/HTTPServer.cpp"
-  "${CMAKE_SOURCE_DIR}/I2PControl.cpp"
+  "${DAEMON_SRC_DIR}/I2PControl.cpp"
-  "${CMAKE_SOURCE_DIR}/i2pd.cpp"
+  "${DAEMON_SRC_DIR}/i2pd.cpp"
-  "${CMAKE_SOURCE_DIR}/UPnP.cpp"
+  "${DAEMON_SRC_DIR}/UPnP.cpp"
 )
 if (WITH_MESHNET)
@@ -176,22 +187,22 @@ endif ()
 # compiler flags customization (by system)
 if (CMAKE_SYSTEM_NAME STREQUAL "Linux")
-  list (APPEND DAEMON_SRC "${CMAKE_SOURCE_DIR}/DaemonLinux.cpp")
+  list (APPEND DAEMON_SRC "${DAEMON_SRC_DIR}/UnixDaemon.cpp")
  # "'sleep_for' is not a member of 'std::this_thread'" in gcc 4.7/4.8
  add_definitions( "-D_GLIBCXX_USE_NANOSLEEP=1" )
 elseif (CMAKE_SYSTEM_NAME STREQUAL "FreeBSD")
-  list (APPEND DAEMON_SRC "${CMAKE_SOURCE_DIR}/DaemonLinux.cpp")
+  list (APPEND DAEMON_SRC "${DAEMON_SRC_DIR}/UnixDaemon.cpp")
  # "'sleep_for' is not a member of 'std::this_thread'" in gcc 4.7/4.8
  add_definitions( "-D_GLIBCXX_USE_NANOSLEEP=1" )
 elseif (CMAKE_SYSTEM_NAME STREQUAL "Darwin")
-  list (APPEND DAEMON_SRC "${CMAKE_SOURCE_DIR}/DaemonLinux.cpp")
+    list (APPEND DAEMON_SRC "${DAEMON_SRC_DIR}/UnixDaemon.cpp")
-elseif (CMAKE_SYSTEM_NAME STREQUAL "OpenBSD")
+  elseif (CMAKE_SYSTEM_NAME STREQUAL "OpenBSD")
-  list (APPEND DAEMON_SRC "${CMAKE_SOURCE_DIR}/DaemonLinux.cpp")
+      list (APPEND DAEMON_SRC "${DAEMON_SRC_DIR}/UnixDaemon.cpp")
-elseif (CMAKE_SYSTEM_NAME STREQUAL "Windows" OR MSYS)
+    elseif (CMAKE_SYSTEM_NAME STREQUAL "Windows" OR MSYS)
-  list (APPEND DAEMON_SRC "${CMAKE_SOURCE_DIR}/DaemonWin32.cpp")
+        list (APPEND DAEMON_SRC "${CMAKE_SOURCE_DIR}/Win32/DaemonWin32.cpp")
  if (WITH_GUI)
    list (APPEND DAEMON_SRC "${CMAKE_SOURCE_DIR}/Win32/Win32App.cpp")
-    set_source_files_properties("${CMAKE_SOURCE_DIR}/DaemonWin32.cpp"
+    set_source_files_properties("${CMAKE_SOURCE_DIR}/Win32/DaemonWin32.cpp"
      PROPERTIES COMPILE_DEFINITIONS WIN32_APP)
  endif ()
  list (APPEND DAEMON_SRC "${CMAKE_SOURCE_DIR}/Win32/Win32Service.cpp")
@@ -203,6 +214,10 @@ if (WITH_AESNI)
  add_definitions ( -DAESNI )
 endif()
 if (WITH_AVX)
  set ( CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -mavx" )
 endif()
 if (WITH_ADDRSANITIZER)
  if (NOT MSVC)
    set( CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fsanitize=address -fno-omit-frame-pointer" )
@@ -273,7 +288,7 @@ endif ()
 if (WITH_PCH)
  include_directories(BEFORE ${CMAKE_BINARY_DIR})
-  add_library(stdafx STATIC "${CMAKE_SOURCE_DIR}/stdafx.cpp")
+  add_library(stdafx STATIC "${LIBI2PD_SRC_DIR}/stdafx.cpp")
  if(MSVC)
    target_compile_options(stdafx PRIVATE /Ycstdafx.h /Zm155)
    add_custom_command(TARGET stdafx POST_BUILD
@@ -289,10 +304,10 @@ if (WITH_PCH)
    get_directory_property(DEFS DEFINITIONS)
    string(REPLACE " " ";" FLAGS "${CMAKE_CXX_FLAGS} ${CMAKE_CXX_FLAGS_${BTU}} ${DEFS}")
    add_custom_command(TARGET stdafx PRE_BUILD
-      COMMAND ${CMAKE_CXX_COMPILER} ${FLAGS} -c ${CMAKE_CURRENT_SOURCE_DIR}/../stdafx.h -o ${CMAKE_BINARY_DIR}/stdafx.h.gch
+      COMMAND ${CMAKE_CXX_COMPILER} ${FLAGS} -c ${CMAKE_CURRENT_SOURCE_DIR}/../libi2pd/stdafx.h -o ${CMAKE_BINARY_DIR}/stdafx.h.gch
    )
-    target_compile_options(libi2pd PRIVATE -include stdafx.h)
+    target_compile_options(libi2pd PRIVATE -include libi2pd/stdafx.h)
-    target_compile_options(i2pdclient PRIVATE -include stdafx.h)
+    target_compile_options(i2pdclient PRIVATE -include libi2pd/stdafx.h)
  endif()
  target_link_libraries(libi2pd stdafx)
 endif()
@@ -369,6 +384,7 @@ message(STATUS "Compiler path      : ${CMAKE_CXX_COMPILER}")
 message(STATUS "Install prefix:    : ${CMAKE_INSTALL_PREFIX}")
 message(STATUS "Options:")
 message(STATUS "  AESNI            : ${WITH_AESNI}")
 message(STATUS "  AVX              : ${WITH_AVX}")
 message(STATUS "  HARDENING        : ${WITH_HARDENING}")
 message(STATUS "  LIBRARY          : ${WITH_LIBRARY}")
 message(STATUS "  BINARY           : ${WITH_BINARY}")
@@ -400,7 +416,7 @@ if (WITH_BINARY)
    if (MSVC)
      target_compile_options("${PROJECT_NAME}" PRIVATE /FIstdafx.h /Yustdafx.h /Zm155 "/Fp${CMAKE_BINARY_DIR}/stdafx.dir/$<CONFIG>/stdafx.pch")
    else()
-      target_compile_options("${PROJECT_NAME}" PRIVATE -include stdafx.h)
+      target_compile_options("${PROJECT_NAME}" PRIVATE -include libi2pd/stdafx.h)
    endif()
  endif()
@@ -451,7 +467,7 @@ install(FILES "C:/projects/openssl-$ENV{OPENSSL}/LICENSE"
  OPTIONAL                      # for local builds only!
  )
-file(GLOB_RECURSE I2PD_SOURCES "../*.cpp" "../build" "../Win32" "../Makefile*")
+file(GLOB_RECURSE I2PD_SOURCES "../libi2pd/*.cpp" "../libi2pd_client/*.cpp" "../daemon/*.cpp" "../build" "../Win32" "../Makefile*")
 install(FILES ${I2PD_SOURCES} DESTINATION src/ COMPONENT Source)
 # install(DIRECTORY ../ DESTINATION src/
 #   # OPTIONAL
@@ -460,7 +476,7 @@ install(FILES ${I2PD_SOURCES} DESTINATION src/ COMPONENT Source)
 #   PATTERN "*.cpp"
 #   )
-file(GLOB I2PD_HEADERS "../*.h")
+file(GLOB I2PD_HEADERS "../libi2pd/*.h" "../libi2pd_client/*.h" "../daemon/*.h")
 install(FILES ${I2PD_HEADERS} DESTINATION src/ COMPONENT Headers)
 # install(DIRECTORY ../ DESTINATION src/
 #   # OPTIONAL
@@ -473,7 +489,7 @@ set(CPACK_PACKAGE_DESCRIPTION_SUMMARY "Purple I2P, a C++ I2P daemon")
 set(CPACK_PACKAGE_VENDOR "Purple I2P")
 set(CPACK_PACKAGE_DESCRIPTION_FILE "${CMAKE_CURRENT_SOURCE_DIR}/../README.md")
 set(CPACK_RESOURCE_FILE_LICENSE "${CMAKE_CURRENT_SOURCE_DIR}/../LICENSE")
-file(READ ../version.h version_h)
+file(READ ../libi2pd/version.h version_h)
 string(REGEX REPLACE ".*I2PD_VERSION_MAJOR ([0-9]+).*" "\\1" CPACK_PACKAGE_VERSION_MAJOR "${version_h}")
 string(REGEX REPLACE ".*I2PD_VERSION_MINOR ([0-9]+).*" "\\1" CPACK_PACKAGE_VERSION_MINOR "${version_h}")
 string(REGEX REPLACE ".*I2PD_VERSION_MICRO ([0-9]+).*" "\\1" CPACK_PACKAGE_VERSION_MICRO "${version_h}")
--- a/build/build_mingw.cmd
+++ b/build/build_mingw.cmd
@@ -0,0 +1,62 @@
@echo off
 setlocal enableextensions enabledelayedexpansion
 title Building i2pd
 REM Copyright (c) 2013-2017, The PurpleI2P Project
 REM This file is part of Purple i2pd project and licensed under BSD3
 REM See full license text in LICENSE file at top of project tree
 REM To use that script, you must have installed in your MSYS installation theese packages:
 REM Base: git make zip
 REM x86_64: mingw-w64-x86_64-boost mingw-w64-x86_64-openssl mingw-w64-x86_64-gcc
 REM i686: mingw-w64-i686-boost mingw-w64-i686-openssl mingw-w64-i686-gcc
 REM setting up variables for MSYS
 REM Note: if you installed MSYS64 to different path, edit WD variable (only C:\msys64 needed to edit)!
 set "WD=C:\msys64\usr\bin\"
 set MSYS2_PATH_TYPE=inherit
 set CHERE_INVOKING=enabled_from_arguments
 set MSYSTEM=MSYS
 REM detecting number of processors and subtract 1.
 set /a threads=%NUMBER_OF_PROCESSORS%-1
 REM we must work in root of repo
 cd ..
 echo Receiving latest commit and cleaning up...
 "%WD%bash" -lc "git pull && make clean" > build/build_git.log 2>&1
 echo.
 REM set to variable current commit hash
 FOR /F "usebackq" %%a IN (`%WD%bash -lc 'git describe --tags'`) DO (
 set tag=%%a
 )
 REM starting building
 set MSYSTEM=MINGW32
 set bitness=32
 call :BUILDING
 echo.
 set MSYSTEM=MINGW64
 set bitness=64
 call :BUILDING
 echo.
 echo Build complete...
 pause
 exit /b 0
 :BUILDING
 echo Building i2pd %tag% for win%bitness%:
 echo Build AVX+AESNI...
 "%WD%bash" -lc "make USE_UPNP=yes USE_AVX=1 USE_AESNI=1 -j%threads% && zip -9 build/i2pd_%tag%_win%bitness%_mingw_avx_aesni.zip i2pd.exe && make clean" > build/build_win%bitness%_avx_aesni.log 2>&1
 echo Build AVX...
 "%WD%bash" -lc "make USE_UPNP=yes USE_AVX=1 -j%threads% && zip -9 build/i2pd_%tag%_win%bitness%_mingw_avx.zip i2pd.exe && make clean" > build/build_win%bitness%_avx.log 2>&1
 echo Build AESNI...
 "%WD%bash" -lc "make USE_UPNP=yes USE_AESNI=1 -j%threads% && zip -9 build/i2pd_%tag%_win%bitness%_mingw_aesni.zip i2pd.exe && make clean" > build/build_win%bitness%_aesni.log 2>&1
 echo Build without extensions...
 "%WD%bash" -lc "make USE_UPNP=yes -j%threads% && zip -9 build/i2pd_%tag%_win%bitness%_mingw.zip i2pd.exe && make clean" > build/build_win%bitness%.log 2>&1
 :EOF
--- a/contrib/.gitignore
+++ b/contrib/.gitignore
@@ -1,2 +0,0 @@
 i2pd*.zip
 build*.log
--- a/contrib/build_mingw.cmd
+++ b/contrib/build_mingw.cmd
@@ -1,22 +0,0 @@
@echo off
 title <20><><EFBFBD>ઠ i2pd
 set "WD=C:\msys64"
 set CHERE_INVOKING=enabled_from_arguments
 set MSYSCON=mintty.exe
 echo <20><><EFBFBD>ઠ i2pd <20><><EFBFBD> win32. <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> Enter <20><>᫥ <20><><EFBFBD><EFBFBD>砭<EFBFBD><E7A0AD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>樨...
 set "MSYSTEM=MINGW32"
 set "CONTITLE=MinGW x32"
 start "%CONTITLE%" /WAIT C:\msys64\usr\bin\mintty.exe -i /msys2.ico /usr/bin/bash --login build_mingw.sh
 pause
 echo <20><><EFBFBD>ઠ i2pd <20><><EFBFBD> win64. <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> Enter <20><>᫥ <20><><EFBFBD><EFBFBD>砭<EFBFBD><E7A0AD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>樨...
 set "MSYSTEM=MINGW64"
 set "CONTITLE=MinGW x64"
 start "%CONTITLE%" /WAIT C:\msys64\usr\bin\mintty.exe -i /msys2.ico /usr/bin/bash --login build_mingw.sh
 pause
 echo <20><><EFBFBD>ઠ <20><><EFBFBD><EFBFBD><EFBFBD>襭<EFBFBD>...
 pause
 exit /b 0
--- a/contrib/build_mingw.sh
+++ b/contrib/build_mingw.sh
@@ -1,84 +0,0 @@
 #!/bin/sh
 # Определяем архитектуру.
 if [ $MSYSTEM == MINGW64 ]; then
 	export arch="win64"
 elif [ $MSYSTEM == MINGW32 ]; then
 	export arch="win32"
 else 
 	echo "Не могу понять, какая у вас архитектура, используемая для сборки.";
 	echo "Вы точно запустили скрипт в оболочке MSYS2 MinGW [64/32]-bit ?";
 	echo "Обычно её можно запустить выполнив c:\msys64\mingw64.exe или c:\msys64\mingw32.exe";
 	exit 1;
 fi;
 # Задаём переменной contrib текущий путь и переходим на уровень выше.
 export contrib=$PWD
 cd ..
 # Очистка от предыдущей сборки (на всякий случай =) ).
 make clean >> /dev/null
 # Обновляем репозиторий, и получаем хеш последнего коммита.
 echo "Получаем обновления из репозитория.";
 git pull
 if [ "$?" != 0 ]; then
 	echo "Не удалось обновить локальный репозиторий.";
 	echo "Вы точно запустили скрипт в папке репозитория?";
 	exit 1;
 fi;
 export commit=$(git rev-parse --verify HEAD | cut -c -7)
 if [ -z commit ]; then
 	echo "Не удалось получить хеш последнего коммита.";
 	echo "Вы точно запустили скрипт в папке репозитория?";
 	exit 1;
 fi;
 # Получаем версию приложения
 export version=$(grep -E "I2PD_VERSION_(MAJOR|MINOR|MICRO)\ " version.h | grep -oE '[^ ]+$' | tr '\n' '.'|head -c -1)
 # Получаем количество ядер, и уменьшаем количество потоков на 1 от количества ядер (если их больше чем 1).
 if [ $NUMBER_OF_PROCESSORS -ge 2 ]; then
 	export threads=$(( $NUMBER_OF_PROCESSORS - 1 ))
 else
 	export threads=$NUMBER_OF_PROCESSORS
 fi;
 echo "Собираем i2pd ${version} (коммит ${commit}) для ${arch}.";
 # Собираем приложение с разными параметрами, и архивируем в zip архивы.
 make USE_UPNP=yes USE_AVX=1 USE_AESNI=1 -j ${threads} > ${contrib}/build_avx_aesni.log 2>&1
 if [ "$?" != 0 ]; then
 	echo "Сборка не удалась. Смотрите в build_avx_aesni.log";
 	exit 1;
 fi;
 zip -9 ${contrib}/i2pd_${version}_${commit}_${arch}_mingw_avx_aesni.zip i2pd.exe >> /dev/null
 make clean >> /dev/null
 make USE_UPNP=yes USE_AVX=1 -j ${threads} > ${contrib}/build_avx.log 2>&1
 if [ "$?" != 0 ]; then
 	echo "Сборка не удалась. Смотрите в build_avx.log.";
 	exit 1;
 fi;
 zip -9 ${contrib}/i2pd_${version}_${commit}_${arch}_mingw_avx.zip i2pd.exe >> /dev/null
 make clean >> /dev/null
 make USE_UPNP=yes USE_AESNI=1 -j ${threads} > ${contrib}/build_aesni.log 2>&1
 if [ "$?" != 0 ]; then
 	echo "Сборка не удалась. Смотрите в build_aesni.log";
 	exit 1;
 fi;
 zip -9 ${contrib}/i2pd_${version}_${commit}_${arch}_mingw_aesni.zip i2pd.exe >> /dev/null
 make clean >> /dev/null
 make USE_UPNP=yes -j ${threads} > ${contrib}/build.log 2>&1
 if [ "$?" != 0 ]; then
 	echo "Сборка не удалась. Смотрите в build.log";
 	exit 1;
 fi;
 zip -9 ${contrib}/i2pd_${version}_${commit}_${arch}_mingw.zip i2pd.exe >> /dev/null
 make clean >> /dev/null
 echo "Сборка i2pd ${version} для ${arch} завершена.";
 exit 0;
--- a/contrib/certificates/reseed/randomrng_at_mail.i2p.crt
+++ b/contrib/certificates/reseed/randomrng_at_mail.i2p.crt
@@ -0,0 +1,34 @@
 -----BEGIN CERTIFICATE-----
 MIIFzTCCA7WgAwIBAgIQAkW0dwrp8UmNi9MTzU4/QjANBgkqhkiG9w0BAQsFADBy
 MQswCQYDVQQGEwJYWDELMAkGA1UEBxMCWFgxCzAJBgNVBAkTAlhYMR4wHAYDVQQK
 ExVJMlAgQW5vbnltb3VzIE5ldHdvcmsxDDAKBgNVBAsTA0kyUDEbMBkGA1UEAwwS
 cmFuZG9tcm5nQG1haWwuaTJwMB4XDTE3MDIyNTE2MTgyM1oXDTI3MDIyNTE2MTgy
 M1owcjELMAkGA1UEBhMCWFgxCzAJBgNVBAcTAlhYMQswCQYDVQQJEwJYWDEeMBwG
 A1UEChMVSTJQIEFub255bW91cyBOZXR3b3JrMQwwCgYDVQQLEwNJMlAxGzAZBgNV
 BAMMEnJhbmRvbXJuZ0BtYWlsLmkycDCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCC
 AgoCggIBAMSUiFKmGKb5sDkuB1mEGfXikfOJA5ATgMROXyY0XkwLWedBCC6pa1/X
 cVOfPDmDdmkPO8Brep7D2CLq21BBb4lAH7LrKHrABNjf1kfAwRAYMon9HsW3Yn+O
 yIAvGbVTXqQlWpeL1ZRGFhU/5h/D5UtEpcIyG0lkBYRfZ52wFKP2WP52TBcGVpj8
 wBQnXfGmAhRUQfKDmJVCB5GLzNSxrmbhbdyBzZMoeOLTaTfMfb7jSIakYzH4f0TZ
 1VE5+z+1BkJ53qVRH7IV1UBtSIBGD/L84wkqM5mIGKnZXiOyZxfKvS/sGr7WZuMu
 NK3ugCFfTZnxYtb0dDPaqeXrdB3OKE/d5ghAOcIyBWrfsRQJlaHSIwvpqz7Hr7vA
 3xSklkvvJoGwCIy2/+bFGP+Z6ietzvF9/mr1NcwxXGH32zjVmDSto+yaDjsMGFu1
 y4L4wUsOQOVsgNYPECC2HZOisUm/iYdw1+Y/PbgZS0sG3KzBZ1HYsvvFiTLZiyZR
 +ZFTLmBoI3DPMfmTf0lRWXXWgUnWXDkxqBAV/fvmAc3XQfpI4HrkAYOllmAIStr9
 7OVsBAJiMcYWzx0UIZGBG+PE9uxHnGxVX64n2lKYLoXLWFURVoFJIYn7AJaxTv0N
 r0IduERKqoQ0wyCjZ6RJOtz26GFUe1bPa7rc/VgfbZwUbF17lzAVAgMBAAGjXzBd
 MA4GA1UdDwEB/wQEAwIChDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwEw
 DwYDVR0TAQH/BAUwAwEB/zAbBgNVHQ4EFAQScmFuZG9tcm5nQG1haWwuaTJwMA0G
 CSqGSIb3DQEBCwUAA4ICAQAi4OOKzy7TcaFZccl2lmKp1wxDmaSaf/dhaqpaSKMS
 zzvgO9XIq6CLEY/YqSm5AjU8PsclaC8+g20THCSUHntL3Jxu2dw1m/H30Mg0I1uJ
 G7pyIVYwuwkdbalGQOaS0u3grzWnbCGMzuqeMBi8EBsZ5jsT5LGjgy1GE+BXl2tv
 9EEWhy8dSVh3cy1iaAM6ZhCyj4rSw4odQqH2NWDOFt52cycHe/rpvKKD1AlrmFHQ
 w18WnfUhr43JAyTWKxg/6uwdxb+cBTX0cad8lbOtQLiqNwOxQvEi/4uRrkdKtbRf
 Z+MUI0XIopH2XV5lLExtxXStAaB4mZTgAbFPCnBC0wKQh/sgdXmUWsEEk610NShC
 26jtXuPb43cDyCewUNCZ+jtzbc9pl6/SyatY/i2gAHamvGmeVJFzQkHe7YHRdzeR
 RIqnWGlwSh0roPPRCU2dNdBZ0uH9lYbkG0IzGmEtks+KQqG+1H0yZkSCmArarLfj
 aU5UslG+Zf1imqXtz5kFD/UMMuaQW05Sa/0YO6gW/hLtChHI5Jpd/Qb/KqLkPAM3
 PEVs4H5ZMVa6mLUsLIw9Ra2QozdB9lqoZBMRa0jqgJKxnAgNcWpYtTyJ2PtfA9oE
 xmjE6O3FlNSee4aKxZ2Kz7cTufd/+ndsSSeNuRLQVihXKNqkrQIuow+H/KDw930c
 Cw==
 -----END CERTIFICATE-----
--- a/contrib/i2pd.conf
+++ b/contrib/i2pd.conf
@@ -64,12 +64,13 @@ ipv6 = false
 # nat = true
 ## Bandwidth configuration
-## L limit bandwidth to 32Kbs/sec, O - to 256Kbs/sec, P - to 2048Kbs/sec,
+## L limit bandwidth to 32KBs/sec, O - to 256KBs/sec, P - to 2048KBs/sec,
 ## X - unlimited
 ## Default is X for floodfill, L for regular node
 # bandwidth = L
-## Router will not accept transit tunnels at startup
+## Router will not accept transit tunnels, disabling transit traffic completely
 ## (default = false)
 # notransit = true
 ## Router will be floodfill
@@ -141,7 +142,7 @@ port = 4447
 [sam]
 ## Uncomment and set to 'true' to enable SAM Bridge
-# enabled = false
+enabled = true
 ## Address and port service will listen on
 # address = 127.0.0.1
 # port = 7656
--- a/contrib/rpm/i2pd.spec
+++ b/contrib/rpm/i2pd.spec
@@ -1,6 +1,8 @@
 %define build_timestamp %(date +"%Y%m%d")
 Name:           i2pd
-Version:        2.10.0
+Version:        2.12.0
-Release:        3%{?dist}
+Release:        %{build_timestamp}git%{?dist}
 Summary:        I2P router written in C++
 License:        BSD
@@ -101,6 +103,23 @@ getent passwd i2pd >/dev/null || \
 %changelog
 * Tue Feb 14 2017 orignal <i2porignal@yandex.ru> - 2.12.0
 - Additional HTTP and SOCKS proxy tunnels
 - Reseed from ZIP archive
 - 'X' bandwidth code
 - Reduced memory and file descriptors usage
 * Mon Dec 19 2016 orignal <i2porignal@yandex.ru> - 2.11.0
 - Full support of zero-hops tunnels
 - Tunnel configuration for HTTP and SOCKS proxy
 - Websockets support
 - Multiple acceptors for SAM destination
 - Routing path for UDP tunnels
 - Reseed through a floodfill
 - Use AVX instructions for DHT and HMAC if applicable
 - Fixed UPnP discovery bug, producing excessive CPU usage
 - Handle multiple lookups of the same LeaseSet correctly
 * Tue Oct 20 2016 Anatolii Vorona <vorona.tolik@gmail.com> - 2.10.0-3
 - add support C7
 - move rpm-related files to contrib folder
--- a/contrib/subscriptions.txt
+++ b/contrib/subscriptions.txt
--- a/contrib/tunnels.conf
+++ b/contrib/tunnels.conf
@@ -1,4 +1,4 @@
-[IRC]
+[IRC-IRC2P]
 type = client
 address = 127.0.0.1
 port = 6668
@@ -6,6 +6,14 @@ destination = irc.postman.i2p
 destinationport = 6667
 keys = irc-keys.dat
 #[IRC-ILITA]
 #type = client
 #address = 127.0.0.1
 #port = 6669
 #destination = irc.ilita.i2p
 #destinationport = 6667
 #keys = irc-keys.dat
 #[SMTP]
 #type = client
 #address = 127.0.0.1
@@ -22,12 +30,4 @@ keys = irc-keys.dat
 #destinationport = 110
 #keys = pop3-keys.dat
 #[MTN]
 #type = client
 #address = 127.0.0.1
 #port = 8998
 #destination = mtn.i2p-projekt.i2p
 #destinationport = 4691
 #keys = mtn-keys.dat
 # see more examples in /usr/share/doc/i2pd/configuration.md.gz
--- a/daemon/Daemon.cpp
+++ b/daemon/Daemon.cpp
@@ -14,7 +14,7 @@
 #include "RouterContext.h"
 #include "Tunnel.h"
 #include "HTTP.h"
-#include "NetDb.h"
+#include "NetDb.hpp"
 #include "Garlic.h"
 #include "Streaming.h"
 #include "Destination.h"
@@ -115,6 +115,12 @@ namespace i2p
 			}
 			LogPrint(eLogInfo,	"i2pd v", VERSION, " starting");
 #ifdef AESNI
 			LogPrint(eLogInfo,	"AESNI enabled");
 #endif
 #if defined(__AVX__)
 			LogPrint(eLogInfo,	"AVX enabled"); 
 #endif
 			LogPrint(eLogDebug, "FS: main config file: ", config);
 			LogPrint(eLogDebug, "FS: data directory: ", datadir);
@@ -189,6 +195,9 @@ namespace i2p
 				i2p::context.SetBandwidth (i2p::data::CAPS_FLAG_LOW_BANDWIDTH2);
 			}
 			int shareRatio; i2p::config::GetOption("share", shareRatio);
 			i2p::context.SetShareRatio (shareRatio);
 			std::string family; i2p::config::GetOption("family", family);
 			i2p::context.SetFamily (family);
 			if (family.length () > 0)
@@ -260,6 +269,7 @@ namespace i2p
 			LogPrint(eLogInfo, "Daemon: starting Transports");
 			if(!ssu) LogPrint(eLogInfo, "Daemon: ssu disabled");
 			if(!ntcp) LogPrint(eLogInfo, "Daemon: ntcp disabled");
 			i2p::transport::transports.Start(ntcp, ssu);
 			if (i2p::transport::transports.IsBoundNTCP() || i2p::transport::transports.IsBoundSSU()) {
 				LogPrint(eLogInfo, "Daemon: Transports started");
--- a/daemon/Daemon.h
+++ b/daemon/Daemon.h
--- a/daemon/HTTPServer.cpp
+++ b/daemon/HTTPServer.cpp
@@ -11,9 +11,8 @@
 #include "Log.h"
 #include "Config.h"
 #include "Tunnel.h"
 #include "TransitTunnel.h"
 #include "Transports.h"
-#include "NetDb.h"
+#include "NetDb.hpp"
 #include "HTTP.h"
 #include "LeaseSet.h"
 #include "Destination.h"
@@ -109,6 +108,18 @@ namespace http {
 		s << seconds << " seconds";
 	}
 	static void ShowTraffic (std::stringstream& s, uint64_t bytes)
 	{
 		s << std::fixed << std::setprecision(2);
 		auto numKBytes = (double) bytes / 1024;
 		if (numKBytes < 1024)
 			s << numKBytes << " KiB";
 		else if (numKBytes < 1024 * 1024)
 			s << numKBytes / 1024 << " MiB";
 		else
 			s << numKBytes / 1024 / 1024 << " GiB";
 	}
 	static void ShowTunnelDetails (std::stringstream& s, enum i2p::tunnel::TunnelState eState, int bytes)
 	{
 		std::string state;
@@ -212,24 +223,14 @@ namespace http {
 			s << "<b>Family:</b> " << family << "<br>\r\n";
 		s << "<b>Tunnel creation success rate:</b> " << i2p::tunnel::tunnels.GetTunnelCreationSuccessRate () << "%<br>\r\n";
 		s << "<b>Received:</b> ";
-		s << std::fixed << std::setprecision(2);
+		ShowTraffic (s, i2p::transport::transports.GetTotalReceivedBytes ());
 		auto numKBytesReceived = (double) i2p::transport::transports.GetTotalReceivedBytes () / 1024;
 		if (numKBytesReceived < 1024)
 			s << numKBytesReceived << " KiB";
 		else if (numKBytesReceived < 1024 * 1024)
 			s << numKBytesReceived / 1024 << " MiB";
 		else
 			s << numKBytesReceived / 1024 / 1024 << " GiB";
 		s << " (" << (double) i2p::transport::transports.GetInBandwidth () / 1024 << " KiB/s)<br>\r\n";
 		s << "<b>Sent:</b> ";
-		auto numKBytesSent = (double) i2p::transport::transports.GetTotalSentBytes () / 1024;
+		ShowTraffic (s, i2p::transport::transports.GetTotalSentBytes ());
 		if (numKBytesSent < 1024)
 			s << numKBytesSent << " KiB";
 		else if (numKBytesSent < 1024 * 1024)
 			s << numKBytesSent / 1024 << " MiB";
 		else
 			s << numKBytesSent / 1024 / 1024 << " GiB";
 		s << " (" << (double) i2p::transport::transports.GetOutBandwidth () / 1024 << " KiB/s)<br>\r\n";
 		s << "<b>Transit:</b> ";
 		ShowTraffic (s, i2p::transport::transports.GetTotalTransitTransmittedBytes ());
 		s << " (" << (double) i2p::transport::transports.GetTransitBandwidth () / 1024 << " KiB/s)<br>\r\n";		
 		s << "<b>Data path:</b> " << i2p::fs::GetDataDir() << "<br>\r\n";
 		s << "<div class='slide'\r\n><label for='slide1'>Hidden content. Press on text to see.</label>\r\n<input type='checkbox' id='slide1'/>\r\n<p class='content'>\r\n";
 		s << "<b>Router Ident:</b> " << i2p::context.GetRouterInfo().GetIdentHashBase64() << "<br>\r\n";
--- a/daemon/HTTPServer.h
+++ b/daemon/HTTPServer.h
--- a/daemon/I2PControl.cpp
+++ b/daemon/I2PControl.cpp
@@ -17,7 +17,7 @@
 #include "FS.h"
 #include "Log.h"
 #include "Config.h"
-#include "NetDb.h"
+#include "NetDb.hpp"
 #include "RouterContext.h"
 #include "Daemon.h"
 #include "Tunnel.h"
--- a/daemon/I2PControl.h
+++ b/daemon/I2PControl.h
--- a/daemon/UPnP.cpp
+++ b/daemon/UPnP.cpp
@@ -0,0 +1,205 @@
 #ifdef USE_UPNP
 #include <string>
 #include <thread>
 #include <boost/thread/thread.hpp>
 #include <boost/asio.hpp>
 #include <boost/bind.hpp>
 #include "Log.h"
 #include "RouterContext.h"
 #include "UPnP.h"
 #include "NetDb.hpp"
 #include "util.h"
 #include "RouterInfo.h"
 #include "Config.h"
 #include <miniupnpc/miniupnpc.h>
 #include <miniupnpc/upnpcommands.h>
 namespace i2p
 {
 namespace transport
 {
 	UPnP::UPnP () : m_IsRunning(false), m_Thread (nullptr), m_Timer (m_Service)
 	{
 	}
 	void UPnP::Stop ()
 	{
 		if (m_IsRunning)
 		{
 			LogPrint(eLogInfo, "UPnP: stopping");
 			m_IsRunning = false;
 			m_Timer.cancel ();
 			m_Service.stop ();
 			if (m_Thread)
 			{
 				m_Thread->join ();
 				m_Thread.reset (nullptr);
 			}
 			CloseMapping ();
 			Close ();
 		}
 	}
 	void UPnP::Start()
 	{
 		m_IsRunning = true;
 		LogPrint(eLogInfo, "UPnP: starting");
 		m_Service.post (std::bind (&UPnP::Discover, this));
 		std::unique_lock<std::mutex> l(m_StartedMutex);
 		m_Thread.reset (new std::thread (std::bind (&UPnP::Run, this)));
 		m_Started.wait_for (l, std::chrono::seconds (5)); // 5 seconds maximum
 	}
 	UPnP::~UPnP ()
 	{
 		Stop ();
 	}
 	void UPnP::Run ()
 	{
 		while (m_IsRunning)
 		{
 			try
 			{
 				m_Service.run ();
 				// Discover failed
 				break; // terminate the thread
 			}
 			catch (std::exception& ex)
 			{
 				LogPrint (eLogError, "UPnP: runtime exception: ", ex.what ());
 				PortMapping ();
 			}
 		}
 	}
 	void UPnP::Discover ()
 	{
 		int nerror = 0;
 #if MINIUPNPC_API_VERSION >= 14
 		m_Devlist = upnpDiscover (2000, m_MulticastIf, m_Minissdpdpath, 0, 0, 2, &nerror);
 #else
 		m_Devlist = upnpDiscover (2000, m_MulticastIf, m_Minissdpdpath, 0, 0, &nerror);
 #endif
 		{
 			// notify satrting thread
 			std::unique_lock<std::mutex> l(m_StartedMutex);
 			m_Started.notify_all ();
 		}
 		int r;
 		r = UPNP_GetValidIGD (m_Devlist, &m_upnpUrls, &m_upnpData, m_NetworkAddr, sizeof (m_NetworkAddr));
 		if (r == 1)
 		{
 			r = UPNP_GetExternalIPAddress (m_upnpUrls.controlURL, m_upnpData.first.servicetype, m_externalIPAddress);
 			if(r != UPNPCOMMAND_SUCCESS)
 			{
 				LogPrint (eLogError, "UPnP: UPNP_GetExternalIPAddress() returned ", r);
 				return;
 			}
 			else
 			{
 				if (!m_externalIPAddress[0])
 				{
 					LogPrint (eLogError, "UPnP: GetExternalIPAddress() failed.");
 					return;
 				}
 			}
 		}
 		else
 		{
 			LogPrint (eLogError, "UPnP: GetValidIGD() failed.");
 			return;
 		}
 		// UPnP discovered
 		LogPrint (eLogDebug, "UPnP: ExternalIPAddress is ", m_externalIPAddress);
 		i2p::context.UpdateAddress (boost::asio::ip::address::from_string (m_externalIPAddress));
 		// port mapping
 		PortMapping ();
 	}
 	void UPnP::PortMapping ()
 	{
 		const auto& a = context.GetRouterInfo().GetAddresses();
 		for (const auto& address : a)
 		{
 			if (!address->host.is_v6 ())
 			TryPortMapping (address);
 		}
 		m_Timer.expires_from_now (boost::posix_time::minutes(20));	// every 20 minutes
 		m_Timer.async_wait ([this](const boost::system::error_code& ecode)
 		{
 			if (ecode != boost::asio::error::operation_aborted)
 			PortMapping ();
 		});
 	}
 	void UPnP::CloseMapping ()
 	{
 		const auto& a = context.GetRouterInfo().GetAddresses();
 		for (const auto& address : a)
 		{
 			if (!address->host.is_v6 ())
 			CloseMapping (address);
 		}
 	}
 	void UPnP::TryPortMapping (std::shared_ptr<i2p::data::RouterInfo::Address> address)
 	{
 		std::string strType (GetProto (address)), strPort (std::to_string (address->port));
 		int r;
 		std::string strDesc; i2p::config::GetOption("upnp.name", strDesc);
 		r = UPNP_AddPortMapping (m_upnpUrls.controlURL, m_upnpData.first.servicetype, strPort.c_str (), strPort.c_str (), m_NetworkAddr, strDesc.c_str (), strType.c_str (), 0, "0");
 		if (r!=UPNPCOMMAND_SUCCESS)
 		{
 			LogPrint (eLogError, "UPnP: AddPortMapping (", m_NetworkAddr, ":", strPort, ") failed with code ", r);
 			return;
 		}
 		else
 		{
 			LogPrint (eLogDebug, "UPnP: Port Mapping successful. (", m_NetworkAddr ,":", strPort, " type ", strType, " -> ", m_externalIPAddress ,":", strPort ,")");
 			return;
 		}
 	}
 	void UPnP::CloseMapping (std::shared_ptr<i2p::data::RouterInfo::Address> address)
 	{
 		std::string strType (GetProto (address)), strPort (std::to_string (address->port));
 		int r = 0;
 		r = UPNP_DeletePortMapping (m_upnpUrls.controlURL, m_upnpData.first.servicetype, strPort.c_str (), strType.c_str (), 0);
 		LogPrint (eLogError, "UPnP: DeletePortMapping() returned : ", r);
 	}
 	void UPnP::Close ()
 	{
 		freeUPNPDevlist (m_Devlist);
 		m_Devlist = 0;
 		FreeUPNPUrls (&m_upnpUrls);
 	}
 	std::string UPnP::GetProto (std::shared_ptr<i2p::data::RouterInfo::Address> address)
 	{
 		switch (address->transportStyle)
 		{
 			case i2p::data::RouterInfo::eTransportNTCP:
 			return "TCP";
 			break;
 			case i2p::data::RouterInfo::eTransportSSU:
 			default:
 			return "UDP";
 		}
 	}
 }
 }
 #else /* USE_UPNP */
 namespace i2p {
 namespace transport {
 }
 }
 #endif /* USE_UPNP */
--- a/daemon/UPnP.h
+++ b/daemon/UPnP.h
--- a/daemon/UnixDaemon.cpp
+++ b/daemon/UnixDaemon.cpp
@@ -42,6 +42,9 @@ void handle_signal(int sig)
 		case SIGTERM:
 			Daemon.running = 0; // Exit loop
 		break;
 		case SIGPIPE:
 			LogPrint(eLogInfo, "SIGPIPE received");
 		break;
 	}
 }
@@ -160,6 +163,7 @@ namespace i2p
 			sigaction(SIGABRT, &sa, 0);
 			sigaction(SIGTERM, &sa, 0);
 			sigaction(SIGINT, &sa, 0);
 			sigaction(SIGPIPE, &sa, 0);			
 			return Daemon_Singleton::start();
 		}
--- a/daemon/i2pd.cpp
+++ b/daemon/i2pd.cpp
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,8 +1,26 @@
 i2pd (2.14.0-1) unstable; urgency=low
  * updated to version 2.14.0/0.9.30
  * updated debian/control
  * renamed logrotate to i2pd.logrotate
  * fixed init.d script
 -- orignal <orignal@i2pmail.org>  Thu, 1 Jun 2017 14:00:00 +0000
 i2pd (2.13.0-1) unstable; urgency=low
  * updated to version 2.13.0/0.9.29
  * updated debian/control
  * renamed logrotate to i2pd.logrotate
  * fixed init.d script
 -- orignal <orignal@i2pmail.org>  Thu, 6 Apr 2017 14:00:00 +0000
 i2pd (2.12.0-1) unstable; urgency=low
  * updated to version 2.12.0/0.9.28
- -- orignal <orignal@i2pmail.org>  Tue, 14 Feb 2016 17:59:30 +0000
+ -- orignal <orignal@i2pmail.org>  Tue, 14 Feb 2017 17:59:30 +0000
 i2pd (2.11.0-1) unstable; urgency=low
--- a/debian/control
+++ b/debian/control
@@ -1,17 +1,10 @@
 Source: i2pd
 Section: net
-Priority: extra
+Priority: optional
 Maintainer: R4SAS <r4sas@i2pmail.org>
-Build-Depends: debhelper (>= 9.0.0), dpkg-dev (>= 1.16.1~),
+Build-Depends: debhelper (>= 9), dpkg-dev (>= 1.16.1~), gcc (>= 4.7) | clang (>= 3.3), libboost-system-dev (>= 1.46), libboost-date-time-dev, libboost-filesystem-dev, libboost-program-options-dev, libminiupnpc-dev, libssl-dev, zlib1g-dev
- gcc (>= 4.7) | clang (>= 3.3),
+Standards-Version: 3.9.6
- libboost-system-dev (>= 1.46),
+Homepage: http://i2pd.website/
 libboost-date-time-dev,
 libboost-filesystem-dev,
 libboost-program-options-dev,
 libminiupnpc-dev,
 libssl-dev
 Standards-Version: 3.9.3
 Homepage: https://github.com/PurpleI2P/i2pd
 Vcs-Git: git://github.com/PurpleI2P/i2pd.git
 Vcs-Browser: https://github.com/PurpleI2P/i2pd.git
@@ -19,26 +12,23 @@ Package: i2pd
 Architecture: any
 Pre-Depends: adduser
 Depends: ${shlibs:Depends}, ${misc:Depends}
-Recommends: privoxy
+Suggests: tor, privoxy
-Suggests: tor
+Description: A full-featured C++ implementation of I2P client.
-Description: load-balanced unspoofable packet switching network - C++ port
+ I2P (Invisible Internet Protocol) is a universal anonymous network layer. All
- I2P is an anonymizing network, offering a simple layer that identity-sensitive
+ communications over I2P are anonymous and end-to-end encrypted, participants
- applications can use to securely communicate. All data is wrapped with several
+ don't reveal their real IP addresses.
 layers of encryption, and the network is both distributed and dynamic, with no
 trusted parties.
 .
- This package contains the port of the I2P router to C++. Unless willing
+ This package contains the full-featured C++ implementation of I2P router.
 to test and report problems, you should install the 'i2p' package instead.
 Package: i2pd-dbg
 Architecture: any
 Priority: extra
 Section: debug
 Depends: i2pd (= ${binary:Version}), ${misc:Depends}
 Suggests: gdb
 Description: i2pd debugging symbols
- I2P is an anonymizing network, offering a simple layer that identity-sensitive
+ I2P (Invisible Internet Protocol) is a universal anonymous network layer. All
- applications can use to securely communicate. All data is wrapped with several
+ communications over I2P are anonymous and end-to-end encrypted, participants
- layers of encryption, and the network is both distributed and dynamic, with no
+ don't reveal their real IP addresses.
 trusted parties.
 .
 This package contains symbols required for debugging.
--- a/debian/docs
+++ b/debian/docs
@@ -1,2 +1 @@
 README.md
 docs/configuration.md
--- a/debian/i2pd.1
+++ b/debian/i2pd.1
@@ -72,7 +72,7 @@ Bandwidth limit: integer in KBps or letter aliases: \fIL (32KBps)\fR, O (256), P
 \fB\-\-family=\fR
 Name of a family, router belongs to.
 .PP
-See service-specific parameters in page \fIdocs/configuration.md\fR or in example config file \fIdocs/i2pd.conf\fR
+See service-specific parameters in example config file \fIcontrib/i2pd.conf\fR
 .SH FILES
 .PP
--- a/debian/i2pd.install
+++ b/debian/i2pd.install
@@ -1,5 +1,5 @@
 i2pd usr/sbin/
-docs/i2pd.conf      etc/i2pd/
+contrib/i2pd.conf      etc/i2pd/
-docs/tunnels.conf etc/i2pd/
+contrib/tunnels.conf etc/i2pd/
-docs/subscriptions.txt etc/i2pd/
+contrib/subscriptions.txt etc/i2pd/
 contrib/certificates/ usr/share/i2pd/
--- a/debian/i2pd.logrotate
+++ b/debian/i2pd.logrotate
--- a/debian/i2pd.upstart
+++ b/debian/i2pd.upstart
@@ -6,4 +6,6 @@ stop on runlevel [016] or unmounting-filesystem
 # these can be overridden in /etc/init/i2pd.override
 env LOGFILE="/var/log/i2pd/i2pd.log"
 expect fork
 exec /usr/sbin/i2pd --daemon --service --log=file --logfile=$LOGFILE
--- a/docs/README.md
+++ b/docs/README.md
@@ -0,0 +1,3 @@
 Documentation is moved to [separate repository](https://github.com/PurpleI2P/i2pd_docs_en.git)
 [View docs online](https://i2pd.readthedocs.io/en/latest/)
--- a/docs/building/android.md
+++ b/docs/building/android.md
@@ -1,65 +0,0 @@
 Building on Android
 ===================
 There are two versions: with QT and without QT.
 Pre-requesties
 --------------
 You need to install Android SDK, NDK  and QT with android support.
 - [SDK](https://developer.android.com/studio/index.html) (choose command line tools only)
 - [NDK](https://developer.android.com/ndk/downloads/index.html)
 - [QT](https://www.qt.io/download-open-source/)(for QT only).
  Choose one for your platform for android. For example QT 5.6 under Linux would be [this file](http://download.qt.io/official_releases/qt/5.6/5.6.1-1/qt-opensource-linux-x64-android-5.6.1-1.run)
 You also need Java JDK and Ant.
 QT-Creator (for QT only)
 ------------------------
 Open QT-creator that should be installed with QT.
 Go to Settings/Anndroid and specify correct paths to SDK and NDK.
 If everything is correct you will see two set avaiable:
 Android for armeabi-v7a (gcc, qt) and Android for x86 (gcc, qt).
 Dependencies
 --------------
 Take following pre-compiled binaries from PurpleI2P's repositories.
 	git clone https://github.com/PurpleI2P/Boost-for-Android-Prebuilt.git
 	git clone https://github.com/PurpleI2P/OpenSSL-for-Android-Prebuilt.git
 	git clone https://github.com/PurpleI2P/MiniUPnP-for-Android-Prebuilt.git
 	git clone https://github.com/PurpleI2P/android-ifaddrs.git
 Building the app with QT
 ------------------------
 - Open `qt/i2pd_qt/i2pd_qt.pro` in the QT-creator
 - Change line `MAIN_PATH = /path/to/libraries` to an actual path where you put the dependancies to
 - Select appropriate project (usually armeabi-v7a) and build
 - You will find an .apk file in `android-build/bin` folder
 Building the app without QT
 ---------------------------
 - Change line `I2PD_LIBS_PATH` in `android/jni/Application.mk` to an actual path where you put the dependancies to
 - Run `ndk-build -j4` from andorid folder
 - Create or edit file 'local.properties'. Place 'sdk.dir=<path to SDK>' and 'ndk.dir=<path to NDK>'
 - Run `ant clean debug`
 Creating release .apk
 ----------------------
 In order to create release .apk you must obtain a Java keystore file(.jks). Either you have in already, or you can generate it yourself using keytool, or from one of you existing well-know ceritificates.
 For example, i2pd release are signed with this [certificate](https://github.com/PurpleI2P/i2pd/blob/openssl/contrib/certificates/router/orignal_at_mail.i2p.crt).
 Create file 'ant.propeties':
 	key.store='path to keystore file'
 	key.alias='alias name'
 	key.store.password='keystore password'
 	key.alias.password='alias password'
 Run `ant clean release`
--- a/docs/building/cross.md
+++ b/docs/building/cross.md
@@ -1,74 +0,0 @@
 Cross compilation notes
 =======================
 Static 64 bit windows binary on Ubuntu 15.10 (Wily Werewolf)
 ------------------------------------------------------------
 Install cross compiler and friends
 	sudo apt-get install g++-mingw-w64-x86-64
 Default is to use Win32 threading model which lacks std::mutex and such. So we change defaults
 	sudo update-alternatives --set x86_64-w64-mingw32-g++ /usr/bin/x86_64-w64-mingw32-g++-posix
 From now on we assume we have everything in `~/dev/`. Get Boost sources unpacked into `~/dev/boost_1_60_0/` and change directory to it.
 Now add out cross compiler configuration. Warning: the following will wipe out whatever you had in there.
 	echo "using gcc : mingw : x86_64-w64-mingw32-g++ ;" > ~/user-config.jam
 Proceed with building Boost normal way, but let's define dedicated staging directory
 	./bootstrap.sh
 	./b2 toolset=gcc-mingw target-os=windows variant=release link=static runtime-link=static address-model=64 \
 	  --build-type=minimal --with-filesystem --with-program_options --with-date_time \
 	  --stagedir=stage-mingw-64
 	cd ..
 Now we get & build OpenSSL
 	git clone https://github.com/openssl/openssl
 	cd openssl
 	git checkout OpenSSL_1_0_2g
 	./Configure mingw64 no-rc2 no-rc4 no-rc5 no-idea no-bf no-cast no-whirlpool no-md2 no-md4 no-ripemd no-mdc2 \
 	  no-camellia no-seed no-comp no-krb5 no-gmp no-rfc3779 no-ec2m no-ssl2 no-jpake no-srp no-sctp no-srtp \
 	  --prefix=~/dev/stage --cross-compile-prefix=x86_64-w64-mingw32-
 	make depend
 	make
 	make install
 	cd ..
 ...and zlib
 	git clone https://github.com/madler/zlib
 	cd zlib
 	git checkout v1.2.8
 	CC=x86_64-w64-mingw32-gcc CFLAGS=-O3 ./configure --static --64 --prefix=~/dev/stage
 	make
 	make install
 	cd ..
 Now we prepare cross toolchain hint file for CMake, let's name it `~/dev/toolchain-mingw.cmake`
 	set(CMAKE_SYSTEM_NAME Windows)
 	set(CMAKE_C_COMPILER x86_64-w64-mingw32-gcc)
 	set(CMAKE_CXX_COMPILER x86_64-w64-mingw32-g++)
 	set(CMAKE_RC_COMPILER x86_64-w64-mingw32-windres)
 	set(CMAKE_FIND_ROOT_PATH /usr/x86_64-w64-mingw32)
 	set(CMAKE_FIND_ROOT_PATH_MODE_PROGRAM NEVER)
 Download miniupnpc, unpack and symlink it into `~/dev/miniupnpc/`.
 Finally, we can build i2pd with all that goodness
 	git clone https://github.com/PurpleI2P/i2pd
 	mkdir i2pd-mingw-64-build
 	cd i2pd-mingw-64-build
 	BOOST_ROOT=~/dev/boost_1_60_0 cmake -G 'Unix Makefiles' ~/dev/i2pd/build -DBUILD_TYPE=Release \
 	  -DCMAKE_TOOLCHAIN_FILE=~/dev/toolchain-mingw.cmake -DWITH_AESNI=ON -DWITH_UPNP=ON -DWITH_STATIC=ON \
 	  -DWITH_HARDENING=ON -DCMAKE_INSTALL_PREFIX:PATH=~/dev/i2pd-mingw-64-static \
 	  -DZLIB_ROOT=~/dev/stage -DBOOST_LIBRARYDIR:PATH=~/dev/boost_1_60_0/stage-mingw-64/lib \
 	  -DOPENSSL_ROOT_DIR:PATH=~/dev/stage
 	make
 	x86_64-w64-mingw32-strip i2pd.exe
 By now, you should have a release build with stripped symbols.
--- a/docs/building/ios.md
+++ b/docs/building/ios.md
@@ -1,85 +0,0 @@
 Building on iOS
 ===================
 How to build i2pd for iOS 9 and iOS Simulator 386/x64
 Prerequisites
 --------------
 XCode7+, cmake 3.2+
 Dependencies
 ------------
 - precompiled openssl
 - precompiled boost with modules `filesystem`, `program_options`, `date_time` and `system`
 - ios-cmake toolchain from `https://github.com/vovasty/ios-cmake.git`
 Building
 --------
 Assume you have folder structure
 	lib/
 		libboost_date_time.a
 		libboost_filesystem.a
 		libboost_program_options.a
 		libboost_system.a
 		libboost.a
 		libcrypto.a
 		libssl.a
 	include/
 		boost/
 		openssl/
 	ios-cmake/
 	i2pd/
 ```bash
 mkdir -p build/simulator/lib build/ios/lib include/i2pd
 pushd build/simulator && \
 cmake   -DIOS_PLATFORM=SIMULATOR \
        -DPATCH=/usr/bin/patch \
        -DCMAKE_BUILD_TYPE=Release \
        -DCMAKE_TOOLCHAIN_FILE=../../ios-cmake/toolchain/iOS.cmake \
        -DWITH_STATIC=yes \
        -DWITH_BINARY=no \
        -DBoost_INCLUDE_DIR=../../include \
        -DOPENSSL_INCLUDE_DIR=../../include \
        -DBoost_LIBRARY_DIR=../../lib \
        -DOPENSSL_SSL_LIBRARY=../../lib/libssl.a \
        -DOPENSSL_CRYPTO_LIBRARY=../../lib/libcrypto.a \
        ../../i2pd/build && \
 make -j16 VERBOSE=1 && \
 popd
 pushd build/ios
 cmake   -DIOS_PLATFORM=OS \
        -DPATCH=/usr/bin/patch \
        -DCMAKE_BUILD_TYPE=Release \
        -DCMAKE_TOOLCHAIN_FILE=../../ios-cmake/toolchain/iOS.cmake \
        -DWITH_STATIC=yes \
        -DWITH_BINARY=no \
        -DBoost_INCLUDE_DIR=../../include \
        -DOPENSSL_INCLUDE_DIR=../../include \
        -DBoost_LIBRARY_DIR=../../lib \
        -DOPENSSL_SSL_LIBRARY=../../lib/libssl.a \
        -DOPENSSL_CRYPTO_LIBRARY=../../lib/libcrypto.a \
        ../../i2pd/build && \
 make -j16 VERBOSE=1 && \
 popd
 libtool -static -o lib/libi2pdclient.a build/*/libi2pdclient.a
 libtool -static -o lib/libi2pd.a build/*/libi2pd.a
 cp i2pd/*.h include/i2pd
 ```
 Include into project
 --------------------
 - add all libraries in `lib` folder to `Project linked frameworks`.
 - add `libc++` and `libz` libraries from system libraries to `Project linked frameworks`.
 - add path to i2p headers to your `Headers search paths`
 Alternatively you may use swift wrapper `https://github.com/vovasty/SwiftyI2P.git`
--- a/docs/building/requirements.md
+++ b/docs/building/requirements.md
@@ -1,15 +0,0 @@
 Build requirements
 ==================
 In general, for building i2pd you need several things:
 * compiler with c++11 support (for example: gcc >= 4.7, clang)
 * boost >= 1.49
 * openssl library
 * zlib library (openssl already depends on it)
 Optional tools:
 * cmake >= 2.8 (or 3.3+ if you want to use precompiled headers on windows)
 * miniupnp library (for upnp support)
 * [websocketpp](https://github.com/zaphoyd/websocketpp/) (for websocket ui)
--- a/docs/building/unix.md
+++ b/docs/building/unix.md
@@ -1,136 +0,0 @@
 Building on Unix systems
 =============================
 First of all we need to make sure that all dependencies are satisfied.
 This doc is trying to cover:
 * [Debian/Ubuntu](#debian-ubuntu) (contains packaging instructions)
 * [Fedora/Centos](#fedora-centos)
 * [Fedora/Centos](#mac-os-x)
 * [FreeBSD](#freebsd)
 Make sure you have all required dependencies for your system successfully installed.
 See [this](requirements.md) page for common requirements.
 If so then we are ready to go!
 Let's clone the repository and start building the i2pd:
 	git clone https://github.com/PurpleI2P/i2pd.git
 Generic build process looks like this (with cmake):
 	cd i2pd/build
 	cmake <cmake options> . # see "CMake Options" section below
 	make                    # you may add VERBOSE=1 to cmdline for debugging
 ..or with quick-and-dirty way with just make:
 	cd i2pd/
 	make
 After successfull build i2pd could be installed with:
 	make install
 CMake Options
 -------------
 Available CMake options(each option has a form of `<key>=<value>`, for more information see `man 1 cmake`):
 * `CMAKE_BUILD_TYPE` build profile (Debug/Release)
 * `WITH_BINARY`      build i2pd itself
 * `WITH_LIBRARY`     build libi2pd
 * `WITH_STATIC`      build static versions of library and i2pd binary
 * `WITH_UPNP`        build with UPnP support (requires libminiupnp)
 * `WITH_AESNI`       build with AES-NI support (ON/OFF)
 * `WITH_HARDENING`   enable hardening features (ON/OFF) (gcc only)
 * `WITH_PCH`         use pre-compiled header (experimental, speeds up build)
 * `WITH_I2LUA`       used when building i2lua
 * `WITH_WEBSOCKETS`  enable websocket server
 Also there is `-L` flag for CMake that could be used to list current cached options:
 	cmake -L
 Debian/Ubuntu
 -------------
 You will need a compiler and other tools that could be installed with `build-essential` package:
 	sudo apt-get install build-essential
 Also you will need a bunch of development libraries:
 	sudo apt-get install \
 	    libboost-date-time-dev \
 	    libboost-filesystem-dev \
 	    libboost-program-options-dev \
 	    libboost-system-dev \
 	    libssl-dev
 If you need UPnP support miniupnpc development library should be installed (don't forget to rerun CMake with needed option):
 	sudo apt-get install libminiupnpc-dev
 You may also build deb-package with the following:
 	sudo apt-get install fakeroot devscripts
 	cd i2pd
 	debuild --no-tgz-check
 Fedora/Centos
 -------------
 You will need a compiler and other tools to perform a build:
 	sudo yum install make cmake gcc gcc-c++
 Also you will need a bunch of development libraries
 	sudo yum install boost-devel openssl-devel
 If you need UPnP support miniupnpc development library should be installed (don't forget to rerun CMake with needed option):
 	sudo yum install miniupnpc-devel
 Latest Fedora systems using [DNF](https://en.wikipedia.org/wiki/DNF_(software)) instead of YUM by default, you may prefer to use DNF, but YUM should be ok
 Centos 7 has CMake 2.8.11 in the official repositories that too old to build i2pd, CMake >=2.8.12 is required.
 But you can use cmake3 from the epel repository:
 	yum install epel-release -y
 	yum install make cmake3 gcc gcc-c++ miniupnpc-devel boost-devel openssl-devel -y
 ...and then use 'cmake3' instead 'cmake'.
 MAC OS X
 --------
 Requires [homebrew](http://brew.sh)
 	brew install boost libressl
 Then build:
 	make HOMEBREW=1
 FreeBSD
 -------
 For 10.X  use clang. You would also need devel/boost-libs, security/openssl and devel/gmake ports.
 Type gmake, it invokes Makefile.bsd, make necessary changes there is required.
 Branch 9.X has gcc v4.2, that is too old (not supports -std=c++11)
 Required ports:
 * `devel/cmake`
 * `devel/boost-libs`
 * `lang/gcc47`(or later version)
 To use newer compiler you should set these variables(replace "47" with your actual gcc version):
 	export CC=/usr/local/bin/gcc47
 	export CXX=/usr/local/bin/g++47
--- a/docs/building/windows.md
+++ b/docs/building/windows.md
@@ -1,159 +0,0 @@
 Building on Windows
 =========================
 There are two approaches available to build i2pd on Windows. The best
 one depends on your needs and personal preferences. One is to use
 msys2 and [unix alike infrastructure](unix.md). Another
 one is to use Visual Studio. While there might be no difference for
 end users of i2pd daemon, developers, however, shall be wary of
 differences in C++ name mangling between the two compilers when making
 a choice to be able to link their software against libi2pd.
 If you are a stranger to C++ with no development tools installed on
 your system and your only goal is to have i2pd up and running from the
 most recent source, consider using msys2. Although it relies on
 command line operations, it should be straight forward.
 In this guide, we will use CMake for both approaches and we will
 assume that you typically have your projects in C:\dev\ as your
 development location for the sake of convenience. Adjust paths
 accordingly if it is not the case. Note that msys uses unix-alike
 paths like /c/dev/ for C:\dev\.
 msys2
 -----
 Get install file `msys2-$ARCH-*.exe` from `https://msys2.github.io`
 Where $ARCH is `i686` or `x86_64` (matching your system).
 - Open MSYS2 Shell (from Start menu).
 - Install all prerequisites and download i2pd source:
        export ARCH='i686'     # or 'x86_64'
        export MINGW='mingw32' # or 'mingw64'
        pacman -S mingw-w64-$ARCH-boost mingw-w64-$ARCH-openssl mingw-w64-$ARCH-gcc git make
        mkdir -p /c/dev/i2pd
        cd /c/dev/i2pd
        git clone https://github.com/PurpleI2P/i2pd.git
        cd i2pd
        # we need compiler on PATH which is usually heavily cluttered on Windows
        export PATH=/$MINGW/bin:/usr/bin
        make
 ### Caveats
 It is important to restrict PATH as described above.
 If you have Strawberry Perl and/or Mercurial installed,
 it will pick up gcc & openssl from the wrong places.
 If you do use precompiled headers to speed up compilation (recommended),
 things can go wrong if compiler options have changed for whatever reason.
 Just delete `stdafx.h.gch` found in your build folder, note the file extension.
 If you are an Arch Linux user, refrain from updating system with `pacman -Syu`.
 Always update runtime separately as described on the home page,
 otherwise you might end up with DLLs incompatibility problems.
 ### AES-NI
 If your processor has [AES instruction set](https://en.wikipedia.org/wiki/AES_instruction_set),
 use `make USE_AESNI=1` instead just `make`. No check is done however, it will compile,
 but it might crash with `Illegal instruction` if this feature is not supported by your processor.
 You should be able to run ./i2pd . If you need to start from the new shell,
 consider starting *MinGW-w64 Win32 Shell* instead of *MSYS2 Shell*
 as it adds `/minw32/bin` to the PATH.
 ### UPnP
 You can install it through the MSYS2 and build with `USE_UPNP` key.
 	export ARCH='i686' # or 'x86_64'
 	pacman -S mingw-w64-$ARCH-miniupnpc
 	make USE_UPNP=yes
 Using Visual Studio
 -------------------
 Requirements for building:
 * [CMake](https://cmake.org/) (tested with 3.1.3)
 * [Visual Studio Community Edition](https://www.visualstudio.com/en-us/products/visual-studio-community-vs.aspx) (tested with VS2013 Update 4)
 * [Boost](http://www.boost.org/) (tested with 1.59)
 * Optionally [MiniUPnP](http://miniupnp.free.fr) (tested with 1.9), we need only few client headers
 * OpenSSL (tested with 1.0.1p and 1.0.2e), if building from sources (recommended), you'll need as well
 	* [Netwide assembler](http://www.nasm.us/)
 	* Strawberry Perl or ActiveState Perl, do NOT try msys2 perl, it won't work
 ### Building Boost
 Open a Command Prompt (there is no need to start Visual Studio command
 prompt to build Boost) and run the following:
 	cd C:\dev\boost
 	bootstrap
 	b2 toolset=msvc-12.0 --build-type=complete --with-filesystem --with-program_options --with-date_time
 If you are on 64-bit Windows and you want to build 64-bit version as well
 	b2 toolset=msvc-12.0 --build-type=complete --stagedir=stage64 address-model=64 --with-filesystem --with-program_options --with-date_time
 After Boost is compiled, set the environment variable `BOOST_ROOT` to
 the directory Boost was unpacked to, e.g., C:\dev\boost.
 If you are planning on building only particular variant, e.g. Debug only and static linking,
 and/or you are out of space/time, you might consider `--build-type=minimal`.
 Take a look at [appveyor.yml](../appveyor.yml) for details on how test builds are done.
 ### Building OpenSSL
 Download OpenSSL, e.g. with git
 	git clone https://github.com/openssl/openssl.git
 	cd openssl
 	git checkout OpenSSL_1_0_1p
 Now open Visual Studio command prompt and change directory to that with OpenSSL
 	set "PATH=%PATH%;C:\Program Files (x86)\nasm"
 	perl Configure VC-WIN32 --prefix=c:\OpenSSL-Win32
 	ms\do_nasm
 	nmake -f ms\ntdll.mak
 	nmake -f ms\ntdll.mak install
 You should have it installed into C:\OpenSSL-Win32 by now.
 Note that you might consider providing `-DOPENSSL_ROOT_DIR` to CMake and/or
 create a symlink (with mklink /J) to C:\OpenSSL if you plan on maintain
 multiple versions, e.g. 64 bit and/or static/shared.
 See `C:\Program Files (x86)\CMake\share\cmake-3.3\Modules\FindOpenSSL.cmake` for details.
 ### Get miniupnpc
 If you are behind a UPnP enabled router and don't feel like manually configuring port forwarding,
 you should consider using [MiniUPnP](http://miniupnp.free.fr) client.
 I2pd can be built capable of using miniupnpc shared library (DLL) to open up necessary port.
 You'd want to have include headers around to build i2pd with support for this.
 Unpack client source code to subdir, e.g. `C:\dev\miniupnpc`.
 You may want to remove version number from folder name included in downloaded archive.
 ### Creating Visual Studio project
 Start CMake GUI, navigate to i2pd directory, choose building directory,  e.g. ./out, and configure options.
 Alternatively, if you feel adventurous, try that from the command line
 	mkdir i2pd\out
 	cd i2pd\out
 	cmake ..\build -G "Visual Studio 12 2013" -DWITH_UPNP=ON -DWITH_PCH=ON -DCMAKE_INSTALL_PREFIX:PATH=C:\dev\Debug_Win32_stage
 If necessary files are not found `WITH_UPNP` will stay off.
 ### Building i2pd
 You can open generated solution/project with Visual Studio and build from there,
 alternatively you can use `cmake --build . --config Release --target install` or
 [MSBuild tool](https://msdn.microsoft.com/en-us/library/dd293626.aspx)
 	msbuild i2pd.sln /p:Configuration=Release
--- a/docs/conf.py
+++ b/docs/conf.py
@@ -1,300 +0,0 @@
 # -*- coding: utf-8 -*-
 #
 # i2pd documentation build configuration file, created by
 # sphinx-quickstart on Tue Jan 12 06:26:12 2016.
 #
 # This file is execfile()d with the current directory set to its
 # containing dir.
 #
 # Note that not all possible configuration values are present in this
 # autogenerated file.
 #
 # All configuration values have a default; values that are commented out
 # serve to show the default.
 import sys
 import os
 import shlex
 from recommonmark.parser import CommonMarkParser
 source_parsers = {
    '.md': CommonMarkParser,
 }
 # Check if on RTD
 on_rtd = os.environ.get('READTHEDOCS', None) == 'True'
 # If extensions (or modules to document with autodoc) are in another directory,
 # add these directories to sys.path here. If the directory is relative to the
 # documentation root, use os.path.abspath to make it absolute, like shown here.
 #sys.path.insert(0, os.path.abspath('.'))
 # -- General configuration ------------------------------------------------
 # If your documentation needs a minimal Sphinx version, state it here.
 #needs_sphinx = '1.0'
 # Add any Sphinx extension module names here, as strings. They can be
 # extensions coming with Sphinx (named 'sphinx.ext.*') or your custom
 # ones.
 extensions = []
 # Add any paths that contain templates here, relative to this directory.
 #templates_path = ['_templates']
 # The suffix(es) of source filenames.
 # You can specify multiple suffix as a list of string:
 # source_suffix = ['.rst', '.md']
 source_suffix = ['.rst', '.md']
 # The encoding of source files.
 #source_encoding = 'utf-8-sig'
 # The master toctree document.
 master_doc = 'index'
 # General information about the project.
 project = u'i2pd'
 copyright = u'2016, PurpleI2P team'
 author = u'PurpleI2P team'
 # The version info for the project you're documenting, acts as replacement for
 # |version| and |release|, also used in various other places throughout the
 # built documents.
 #
 # The short X.Y version.
 version = u'2.2.0'
 # The full version, including alpha/beta/rc tags.
 release = u'2.2.0'
 # The language for content autogenerated by Sphinx. Refer to documentation
 # for a list of supported languages.
 #
 # This is also used if you do content translation via gettext catalogs.
 # Usually you set "language" from the command line for these cases.
 language = None
 # There are two options for replacing |today|: either, you set today to some
 # non-false value, then it is used:
 #today = ''
 # Else, today_fmt is used as the format for a strftime call.
 #today_fmt = '%B %d, %Y'
 # List of patterns, relative to source directory, that match files and
 # directories to ignore when looking for source files.
 exclude_patterns = ['_build']
 # The reST default role (used for this markup: `text`) to use for all
 # documents.
 #default_role = None
 # If true, '()' will be appended to :func: etc. cross-reference text.
 #add_function_parentheses = True
 # If true, the current module name will be prepended to all description
 # unit titles (such as .. function::).
 #add_module_names = True
 # If true, sectionauthor and moduleauthor directives will be shown in the
 # output. They are ignored by default.
 #show_authors = False
 # The name of the Pygments (syntax highlighting) style to use.
 pygments_style = 'sphinx'
 # A list of ignored prefixes for module index sorting.
 #modindex_common_prefix = []
 # If true, keep warnings as "system message" paragraphs in the built documents.
 #keep_warnings = False
 # If true, `todo` and `todoList` produce output, else they produce nothing.
 todo_include_todos = False
 # -- Options for HTML output ----------------------------------------------
 # The theme to use for HTML and HTML Help pages.  See the documentation for
 # a list of builtin themes.
 html_theme = 'default'
 if not on_rtd:
    try:
        import sphinx_rtd_theme
        html_theme = 'sphinx_rtd_theme'
        html_theme_path = [sphinx_rtd_theme.get_html_theme_path()]
    except ImportError:
        pass
 # Theme options are theme-specific and customize the look and feel of a theme
 # further.  For a list of options available for each theme, see the
 # documentation.
 #html_theme_options = {}
 # Add any paths that contain custom themes here, relative to this directory.
 #html_theme_path = []
 # The name for this set of Sphinx documents.  If None, it defaults to
 # "<project> v<release> documentation".
 #html_title = None
 # A shorter title for the navigation bar.  Default is the same as html_title.
 #html_short_title = None
 # The name of an image file (relative to this directory) to place at the top
 # of the sidebar.
 #html_logo = None
 # The name of an image file (within the static path) to use as favicon of the
 # docs.  This file should be a Windows icon file (.ico) being 16x16 or 32x32
 # pixels large.
 #html_favicon = None
 # Add any paths that contain custom static files (such as style sheets) here,
 # relative to this directory. They are copied after the builtin static files,
 # so a file named "default.css" will overwrite the builtin "default.css".
 #html_static_path = ['_static']
 # Add any extra paths that contain custom files (such as robots.txt or
 # .htaccess) here, relative to this directory. These files are copied
 # directly to the root of the documentation.
 #html_extra_path = []
 # If not '', a 'Last updated on:' timestamp is inserted at every page bottom,
 # using the given strftime format.
 #html_last_updated_fmt = '%b %d, %Y'
 # If true, SmartyPants will be used to convert quotes and dashes to
 # typographically correct entities.
 #html_use_smartypants = True
 # Custom sidebar templates, maps document names to template names.
 #html_sidebars = {}
 # Additional templates that should be rendered to pages, maps page names to
 # template names.
 #html_additional_pages = {}
 # If false, no module index is generated.
 #html_domain_indices = True
 # If false, no index is generated.
 #html_use_index = True
 # If true, the index is split into individual pages for each letter.
 #html_split_index = False
 # If true, links to the reST sources are added to the pages.
 #html_show_sourcelink = True
 # If true, "Created using Sphinx" is shown in the HTML footer. Default is True.
 #html_show_sphinx = True
 # If true, "(C) Copyright ..." is shown in the HTML footer. Default is True.
 #html_show_copyright = True
 # If true, an OpenSearch description file will be output, and all pages will
 # contain a <link> tag referring to it.  The value of this option must be the
 # base URL from which the finished HTML is served.
 #html_use_opensearch = ''
 # This is the file name suffix for HTML files (e.g. ".xhtml").
 #html_file_suffix = None
 # Language to be used for generating the HTML full-text search index.
 # Sphinx supports the following languages:
 #   'da', 'de', 'en', 'es', 'fi', 'fr', 'hu', 'it', 'ja'
 #   'nl', 'no', 'pt', 'ro', 'ru', 'sv', 'tr'
 #html_search_language = 'en'
 # A dictionary with options for the search language support, empty by default.
 # Now only 'ja' uses this config value
 #html_search_options = {'type': 'default'}
 # The name of a javascript file (relative to the configuration directory) that
 # implements a search results scorer. If empty, the default will be used.
 #html_search_scorer = 'scorer.js'
 # Output file base name for HTML help builder.
 htmlhelp_basename = 'i2pddoc'
 # -- Options for LaTeX output ---------------------------------------------
 latex_elements = {
 # The paper size ('letterpaper' or 'a4paper').
 #'papersize': 'letterpaper',
 # The font size ('10pt', '11pt' or '12pt').
 #'pointsize': '10pt',
 # Additional stuff for the LaTeX preamble.
 #'preamble': '',
 # Latex figure (float) alignment
 #'figure_align': 'htbp',
 }
 # Grouping the document tree into LaTeX files. List of tuples
 # (source start file, target name, title,
 #  author, documentclass [howto, manual, or own class]).
 latex_documents = [
  (master_doc, 'i2pd.tex', u'i2pd Documentation',
   u'PurpleI2P team', 'manual'),
 ]
 # The name of an image file (relative to this directory) to place at the top of
 # the title page.
 #latex_logo = None
 # For "manual" documents, if this is true, then toplevel headings are parts,
 # not chapters.
 #latex_use_parts = False
 # If true, show page references after internal links.
 #latex_show_pagerefs = False
 # If true, show URL addresses after external links.
 #latex_show_urls = False
 # Documents to append as an appendix to all manuals.
 #latex_appendices = []
 # If false, no module index is generated.
 #latex_domain_indices = True
 # -- Options for manual page output ---------------------------------------
 # One entry per manual page. List of tuples
 # (source start file, name, description, authors, manual section).
 man_pages = [
    (master_doc, 'i2pd', u'i2pd Documentation',
     [author], 1)
 ]
 # If true, show URL addresses after external links.
 #man_show_urls = False
 # -- Options for Texinfo output -------------------------------------------
 # Grouping the document tree into Texinfo files. List of tuples
 # (source start file, target name, title, author,
 #  dir menu entry, description, category)
 texinfo_documents = [
  (master_doc, 'i2pd', u'i2pd Documentation',
   author, 'i2pd', 'One line description of project.',
   'Miscellaneous'),
 ]
 # Documents to append as an appendix to all manuals.
 #texinfo_appendices = []
 # If false, no module index is generated.
 #texinfo_domain_indices = True
 # How to display URL addresses: 'footnote', 'no', or 'inline'.
 #texinfo_show_urls = 'footnote'
 # If true, do not generate a @detailmenu in the "Top" node's menu.
 #texinfo_no_detailmenu = False
--- a/docs/config_opts_after_2.3.0.md
+++ b/docs/config_opts_after_2.3.0.md
@@ -1,43 +0,0 @@
 Изменения обработки параметров в релизах > 2.3.0
 ------------------------------------------------
 Система параметров отличается от того, что было ранее и достаточно сильно:
 * изменения имён и стиля параметров
 Все параметры теперь в виде --help (gnu-style), у некоторых есть шорткаты в виде -h (unix-style). 
 Это касается всех систем, в том числе винды.
 --daemon=1 и подобное -> просто --daemon, без параметра. Нет опции - false, есть - true
 --notransit=1 -> --notransit, то же что и выше: есть опция - false, нет - true
 --v6 -> --ipv6 (первое было похоже на версию какого-то своего протокола, типа socksproxy --v5)
 --tunnelscfg -> --tunconf (имя параметра было слишком длинным, cfg переделан на conf - единообразно с --conf)
 --sockskeys -> разделён на два, для socks и httpproxy по-отдельности
 * поддержка секций в основном конфиге
 Выглядит это так:
    # основные опции
    pidfile = /var/run/i2pd.pid
    #
    # настройки конкретного модуля
    [httproxy]
    address = 1.2.3.4
    port    = 4446
    keys    = httproxy-keys.dat
    # и так далее
    [sam]
    enabled = no
    addresss = 127.0.0.2
    # ^^ переопределяется только адрес, остальное берётся из дефолта
 Точно так же сейчас работает конфиг туннелей: секция до точки - имя, после - параметр
 * поддержка выключения отдельных сервисов "на корню" см sam.enabled и подобное
 Это позволило задать дефолт для номера порта и не писать его руками для включения.
 * добавлен --help (см #110)
 * присутствует некая валидация параметров, --port=abcd - не прокатит, --port=100500 - тоже
--- a/docs/configuration.md
+++ b/docs/configuration.md
@@ -1,165 +0,0 @@
 i2pd configuration
 ==================
 Command line options
 --------------------
 Options specified on the command line take precedence over those in the config file.
 If you are upgrading your very old router (< 2.3.0) see also [this](config_opts_after_2.3.0.md) page.
 * --help                - Show builtin help message (default value of option will be shown in braces)
 * --conf=               - Config file (default: ~/.i2pd/i2pd.conf or /var/lib/i2pd/i2pd.conf)
                          This parameter will be silently ignored if the specified config file does not exist.
 * --tunconf=            - Tunnels config file (default: ~/.i2pd/tunnels.conf or /var/lib/i2pd/tunnels.conf)
 * --pidfile=            - Where to write pidfile (dont write by default)
 * --log=                - Logs destination: stdout, file (stdout if not set, file - otherwise, for compatibility)
 * --logfile=            - Path to logfile (default - autodetect)
 * --loglevel=           - Log messages above this level (debug, info, warn, error)
 * --datadir=            - Path to storage of i2pd data (RI, keys, peer profiles, ...)
 * --host=               - Router external IP for incoming connections
 * --port=               - Port to listen for incoming connections (default: auto)
 * --daemon              - Router will go to background after start
 * --service             - Router will use system folders like '/var/lib/i2pd'
 * --ipv6                - Enable communication through ipv6. false by default
 * --notransit           - Router will not accept transit tunnels at startup. false by default
 * --floodfill           - Router will be floodfill. false by default
 * --bandwidth=          - Bandwidth limit: integer in KBps or letters: L (32), O (256), P (2048), X (>9000)
 * --family=             - Name of a family, router belongs to
 * --netid=				- Network ID, router belongs to. Main I2P is 2.
 Windows-specific options:
 * --svcctl=             - Windows service management (--svcctl="install" or --svcctl="remove")
 * --insomnia            - Prevent system from sleeping
 * --close=              - Action on close: minimize, exit, ask
 All options below still possible in cmdline, but better write it in config file:
 * --http.enabled=       - If webconsole is enabled. true by default  
 * --http.address=       - The address to listen on (HTTP server)
 * --http.port=          - The port to listen on (HTTP server) 7070 by default
 * --http.auth           - Enable basic HTTP auth for webconsole
 * --http.user=          - Username for basic auth (default: i2pd)
 * --http.pass=          - Password for basic auth (default: random, see logs)
 * --httpproxy.enabled=  - If HTTP proxy is enabled. true by default  
 * --httpproxy.address=  - The address to listen on (HTTP Proxy)  
 * --httpproxy.port=     - The port to listen on (HTTP Proxy) 4444 by default  
 * --httpproxy.keys=     - optional keys file for HTTP proxy local destination  
 * --httpproxy.signaturetype=    - signature type for new keys if keys file is set. 7 by default  
 * --httpproxy.inbound.length= 	- Inbound tunnels length if keys is set. 3 by default  
 * --httpproxy.inbound.quantity= - Inbound tunnels quantity if keys is set. 5 by default  
 * --httpproxy.outbound.length=	- Outbound tunnels length if keys is set. 3 by default  
 * --httpproxy.outbound.quantity= - Outbound tunnels quantity if keys is set. 5 by default    
 * --socksproxy.enabled=  - If SOCKS proxy is enabled. true by default  
 * --socksproxy.address= - The address to listen on (SOCKS Proxy)  
 * --socksproxy.port=    - The port to listen on (SOCKS Proxy). 4447 by default  
 * --socksproxy.keys=    - optional keys file for SOCKS proxy local destination  
 * --socksproxy.signaturetype=   - signature type for new keys if keys file is set. 7 by default
 * --socksproxy.inbound.length= 	- Inbound tunnels length if keys is set. 3 by default  
 * --socksproxy.inbound.quantity= - Inbound tunnels quantity if keys is set. 5 by default  
 * --socksproxy.outbound.length=	- Outbound tunnels length if keys is set. 3 by default  
 * --socksproxy.outbound.quantity= - Outbound tunnels quantity if keys is set. 5 by default  
 * --socksproxy.outproxy= - Address of outproxy. requests outside i2p will go there  
 * --socksproxy.outproxyport=  - Outproxy remote port  
 * --sam.address=        - The address to listen on (SAM bridge)
 * --sam.port=           - Port of SAM bridge. Usually 7656. SAM is off if not specified
 * --sam.enabled=        - If SAM is enabled. false by default 
 * --bob.address=        - The address to listen on (BOB command channel)
 * --bob.port=           - Port of BOB command channel. Usually 2827. BOB is off if not specified
 * --bob.enabled=        - If BOB is enabled. false by default 
 * --i2cp.address=        - The address to listen on or an abstract address for Android LocalSocket
 * --i2cp.port=           - Port of I2CP server. Usually 7654. Ignored for Andorid
 * --i2cp.enabled=        - If I2CP is enabled. false by default. Other services don't require I2CP 
 * --i2pcontrol.address=  - The address to listen on (I2P control service)  
 * --i2pcontrol.port=     - Port of I2P control service. Usually 7650. I2PControl is off if not specified  
 * --i2pcontrol.enabled=  - If I2P control is enabled. false by default  
 * --i2pcontrol.password= - I2P control authentication password. itoopie by default  
 * --i2pcontrol.cert=     - I2P control HTTPS certificate file name. i2pcontrol.crt.pem by default  
 * --i2pcontrol.key=      - I2P control HTTPS certificate key file name. i2pcontrol.key.pem by default  
 * --upnp.enabled=       - Enable or disable UPnP, false by default for CLI and true for GUI (Windows, Android)  
 * --upnp.name=          - Name i2pd appears in UPnP forwardings list. I2Pd by default  
 * --precomputation.elgamal=  - Use ElGamal precomputated tables. false for x64 and true for other platforms by default  
 * --reseed.verify=      - Request SU3 signature verification  
 * --reseed.file=        - Full path to SU3 file to reseed from  
 * --reseed.urls=        - Reseed URLs, separated by comma
 * --addressbook.defaulturl=     - AddressBook subscription URL for initial setup
 * --addressbook.subscriptions=  - AddressBook subscriptions URLs, separated by comma
 * --limits.transittunnels=  - Override maximum number of transit tunnels. 2500 by default   
 * --limits.openfiles=	- Maximum size of corefile in Kb (0 - use system limit)  
 * --limits.coresize=	- Maximum size of corefile in Kb (0 - use system limit)  
 Config files
 ------------
 INI-like, syntax is the following : <key> = <value>.
 Comments are "#", not ";" as you may expect. See [boost ticket](https://svn.boost.org/trac/boost/ticket/808)
 All command-line parameters are allowed as keys, but note for those which contains dot (.).
 For example:
 i2pd.conf:
    # comment
    log = true
    ipv6 = true
    # settings for specific module
    [httpproxy]
    port = 4444
    # ^^ this will be --httproxy.port= in cmdline
    # another comment
    [sam]
    enabled = true
 See also commented config with examples of all options in ``docs/i2pd.conf``.
 tunnels.conf:
    # outgoing tunnel sample, to remote service
    # mandatory parameters:
    # * type -- always "client"
    # * port -- local port to listen to
    # * destination -- i2p hostname
    # optional parameters (may be omitted)
    # * keys -- our identity, if unset, will be generated on every startup,
    #     if set and file missing, keys will be generated and placed to this file
    # * address -- local interface to bind
    # * signaturetype -- signature type for new destination. 0 (DSA/SHA1), 1 (EcDSA/SHA256) or 7 (EdDSA/SHA512)
    [IRC]
    type = client
    address = 127.0.0.1
    port = 6668
    destination = irc.postman.i2p
    keys = irc-keys.dat
    #
    # incoming tunnel sample, for local service
    # mandatory parameters:
    # * type -- "server" or "http"
    # * host -- ip address of our service
    # * port -- port of our service
    # * keys -- file with LeaseSet of address in i2p
    # optional parameters (may be omitted)
    # * inport -- optional, i2p service port, if unset - the same as 'port'
    # * accesslist -- comma-separated list of i2p addresses, allowed to connect
    #    every address is b32 without '.b32.i2p' part
    [LOCALSITE]
    type = http
    host = 127.0.0.1
    port = 80
    keys = site-keys.dat
    #
    [IRC-SERVER]
    type = server
    host = 127.0.0.1
    port = 6667
    keys = irc.dat
 Also see [this page](https://github.com/PurpleI2P/i2pd/wiki/tunnels.cfg) for more tunnel examples.
--- a/docs/family.md
+++ b/docs/family.md
@@ -1,36 +0,0 @@
 Family configuration
 ====================
 Your might want to specify a family, your router belongs to.
 There are two possibilities: create new family or joing to existing.
 New family
 -----------
 You must create family self-signed certificate and key.  
 The only key type supposted is prime256v1.
 Use the following list of commands:  
    openssl ecparam -name prime256v1 -genkey -out <your family name>.key  
    openssl req -new -key <your family name>.key -out <your family name>.csr  
    touch v3.ext
    openssl x509 -req -days 3650 -in <your family name>.csr -signkey <your family name>.key -out <your family name>.crt -extfile v3.ext  
 Specify <your family name>.family.i2p.net for CN (Common Name) when requested.
 Once you are done with it place <your-family-name>.key and <your-family-name>.crt to <ip2d data>/family folder (for exmple ~/.i2pd/family).
 You should provide these two files to other members joining your family.
 If you want to register you family and let I2P network recorgnize it, create pull request for you .crt file into contrib/certificate/family.
 It will appear in i2pd and I2P next releases packages. Dont place .key file, it must be shared between you family members only.
 How to join existing family
 ---------------------------
 Once you and that family agree to do it, they must give you .key and .crt file and you must place in <i2pd datadir>/certificates/family/ folder.
 Publish your family
 -------------------
 Run i2pd with parameter 'family=<your-family-name>', make sure you have <your-family-name>.key and <your-family-name>.crt in your 'family' folder.
 If everything is set properly, you router.info will contain two new fields: 'family' and 'family.sig'.
 Otherwise your router will complain on startup with log messages starting with "Family:" prefix and severity 'warn' or 'error'.
--- a/docs/hacking.md
+++ b/docs/hacking.md
@@ -1,114 +0,0 @@
 # Hacking on I2PD
 This document contains notes compiled from hacking on i2pd
 ## prerequisites
 This guide assumes:
 * a decent understanding of c++ 
 * basic understanding of how i2p works at i2np level and up
 ## general structure
 Notes on multithreading
 * every compontent runs in its own thread 
 * each component (usually) has a public function `GetService()` which can be used to obtain the `boost::asio::io_service` that it uses.
 * when talking between components/threads, **always** use `GetService().post()` and be mindfull of stack allocated memory.
 ### NetDb
 #### NetDb.h
 The `i2p::data::netdb` is a `i2p::data::NetDb` instance processes and dispatches *inbound* i2np messages passed in from transports.
 global singleton at `i2p::data::netdb` as of 2.10.1
 #### NetDbRequests.h
 For Pending RouterInfo/LeaseSet lookup and store requests
 ### ClientContext 
 #### ClientContext.h
 `i2p::client::ClientContext` spawns all destinations used by the i2p router including the shared local destination.
 global singleton at `i2p::client::context` as of 2.10.1
 ### Daemon
 File: Daemon.cpp
 `i2p::util::Daemon_Singleton_Private` subclasses implement the daemon start-up and tear-down, creates Http Webui and i2p control server.
 ### Destinations
 #### Destination.h
 each destination runs in its own thread
 ##### i2p::client::LeaseSetDestination
 Base for `i2p::client::ClientDestination`
 ##### i2p::client::ClientDestination
 Destination capable of creating (tcp/i2p) streams and datagram sessions.
 #### Streaming.h
 ##### i2p::stream::StreamingDestination
 Does not implement any destination related members, the name is a bit misleading.
 Owns a `i2p::client::ClientDestination` and runs in the destination thread.
 Anyone creating or using streams outside of the destination thread **MUST** be aware of the consequences of multithreaded c++ :^)
 If you use streaming please consider running all code within the destination thread using `ClientDestination::GetService().post()`
 #### Garlic.h
 Provides Inter-Destination routing primatives.
 ##### i2p::garlic::GarlicDestination
 sublcass of `i2p::client::LeaseSetDestination` for sending messages down shared routing paths.
 ##### i2p::garlic::GarlicRoutingSession
 a point to point conversation between us and 1 other destination.
 ##### i2p::garlic::GarlicRoutingPath
 A routing path currently used by a routing session. specifies which outbound tunnel to use and which remote lease set to use for `OBEP` to `IBGW` inter tunnel communication.
 members:
 * outboundTunnel (OBEP)
 * remoteLease (IBGW)
 * rtt (round trip time)
 * updatedTime (last time this path's IBGW/OBEP was updated)
 * numTimesUsesd (number of times this path was used)
 ### Transports
 each transport runs in its own thread
 #### Transports.h
 `i2p::transport::Transports` contains NTCP and SSU transport instances
--- a/docs/index.rst
+++ b/docs/index.rst
@@ -1,41 +0,0 @@
 i2pd
 ====
 i2pd is a full-featured C++ implementation of 
 `I2P <https://geti2p.net/en/about/intro>`_ client.
 * `Website <http://i2pd.website>`_
 * `GitHub <https://github.com/PurpleI2P/i2pd>`_
 * `Wiki <https://github.com/PurpleI2P/i2pd/wiki>`_
 * `Tickets/Issues <https://github.com/PurpleI2P/i2pd/issues>`_
 * `Twitter <https://twitter.com/i2porignal>`_
 Installing
 ----------
 The easiest way to install i2pd is by using 
 `precompiled binaries <https://github.com/PurpleI2P/i2pd/releases/latest>`_. 
 See documentation for how to build i2pd from source on your OS.
 Using i2pd
 ----------
 See documentation and 
 `example config file <https://github.com/PurpleI2P/i2pd/blob/openssl/docs/i2pd.conf>`_.
 Contents:
 ---------
 .. toctree::
   :maxdepth: 2
   building/requirements
   building/unix
   building/windows
   building/cross
   building/android
   building/ios
   configuration
   family
   usage
--- a/docs/itoopieImage.png
+++ b/docs/itoopieImage.png
--- a/docs/usage.md
+++ b/docs/usage.md
@@ -1,171 +0,0 @@
 Usage and tutorials
 ===================
 i2pd can be used for:
 * [anonymous websites](#browsing-and-hosting-websites)
 * [anonymous chats](#using-and-hosting-chat-servers)
 * [anonymous file sharing](#file-sharing)
 and many more.
 ## Starting, stopping and reloading configuration
 After you have built i2pd from source, just run a binary:
    ./i2pd
 To display all available options:
    ./i2pd --help
 i2pd can be controlled with signals. Process ID by default is written to file `~/.i2pd/i2pd.pid` or `/var/run/i2pd/i2pd.pid`.
 You can use `kill` utility to send signals like this:
    kill -INT $( cat /var/run/i2pd/i2pd.pid )
 i2pd supports the following signals:
 * INT - Graceful shutdown. i2pd will wait for 10 minutes and stop. Send second INT signal to shutdown i2pd immediately.
 * HUP - Reload configuration files.
 ### systemd unit
 Some binary Linux packages have a systemd control unit, so it is possible to managage i2pd with it.
 Start/stop i2pd:
    sudo systemctl start i2pd.service
    sudo systemctl stop i2pd.service
 Enable/disable i2pd to be started on bootup:
    sudo systemctl enable i2pd.service
    sudo systemctl disable i2pd.service
 ## Configuring i2pd
 See [configuration documentation](/page/configuration.html).
 ## Browsing and hosting websites
 ### Browse anonymous websites
 To browse anonymous websites inside Invisible Internet, configure your web browser to use HTTP proxy 127.0.0.1:4444 (available by default in i2pd).
 In Firefox: Preferences -> Advanced -> Network tab -> Connection Settings -> choose Manual proxy configuration, Enter HTTP proxy 127.0.0.1, Port 4444
 In Chromium: run chromium executable with key
    chromium --proxy-server="http://127.0.0.1:4444"
 Note that if you wish to stay anonymous too you'll need to tune your browser for better privacy. Do your own research, [can start here](http://www.howtogeek.com/102032/how-to-optimize-mozilla-firefox-for-maximum-privacy/).
 Big list of Invisible Internet websites can be found at [identiguy.i2p](http://identiguy.i2p).
 ### Host anonymous website
 If you wish to run your own website in Invisible Internet, follow those steps:
 1) Run your webserver and find out which host:port it uses (for example, 127.0.0.1:8080).
 2) Configure i2pd to create HTTP server tunnel. Put in your ~/.i2pd/tunnels.conf file:
        [anon-website]
        type = http
        host = 127.0.0.1
        port = 8080
        keys = anon-website.dat
 3) Restart i2pd.
 4) Find b32 destination of your website.
    Go to webconsole -> [I2P tunnels page](http://127.0.0.1:7070/?page=i2p_tunnels). Look for Sever tunnels and you will see address like \<long random string\>.b32.i2p next to anon-website.
    Website is now available in Invisible Internet by visiting this address.
 5) (Optional) Register short and rememberable .i2p domain on [inr.i2p](http://inr.i2p).
 ## Using and hosting chat servers
 ### Running anonymous IRC server
 1) Run your IRC server software and find out which host:port it uses (for example, 127.0.0.1:5555).
    For small private IRC servers you can use [miniircd](https://github.com/jrosdahl/miniircd), for large public networks [UnreadIRCd](https://www.unrealircd.org/).
 2) Configure i2pd to create IRC server tunnel.
    Simplest case, if your server does not support WebIRC, add this to ~/.i2pd/tunnels.conf:
        [anon-chatserver]
        type = irc
        host = 127.0.0.1     
        port = 5555
        keys = chatserver-key.dat
    And that is it.
    Alternatively, if your IRC server supports WebIRC, for example, UnreadIRCd, put this into UnrealIRCd config:
        webirc {
            mask 127.0.0.1;
            password your_password;
        };
    Also change line:
        modes-on-connect "+ixw";
    to
        modes-on-connect "+iw";
    And this in ~/.i2pd/tunnels.conf:
        [anon-chatserver]
        type = irc
        host = 127.0.0.1
        port = 5555
        keys = chatserver-key.dat
        webircpassword = your_password
 3) Restart i2pd.
 4) Find b32 destination of your anonymous IRC server.
    Go to webconsole -> [I2P tunnels page](http://127.0.0.1:7070/?page=i2p_tunnels). Look for Sever tunnels and you will see address like \<long random string\>.b32.i2p next to anon-chatserver.
    Clients will use this address to connect to your server anonymously.
 ### Connect to anonymous IRC server
 To connect to IRC server at *walker.i2p*, add this to ~/.i2pd/tunnels.conf:
    [IRC2]
    type = client
    address = 127.0.0.1
    port = 6669
    destination = walker.i2p
    #keys = walker-keys.dat
 Restart i2pd, then connect to irc://127.0.0.1:6669 with your IRC client.
 ## File sharing
 You can share and download torrents with [Transmission-I2P](https://github.com/l-n-s/transmission-i2p).
 Alternative torrent-clients are [Robert](http://en.wikipedia.org/wiki/Robert_%28P2P_Software%29) and [Vuze](https://en.wikipedia.org/wiki/Vuze).
 Robert uses BOB protocol, i2pd must be run with parameter --bob.enabled=true.
 Vuze uses I2CP protocol, i2pd must be run with parameter --i2cp.enabled=true.
 Also, visit [postman tracker](http://tracker2.postman.i2p).
--- a/filelist.mk
+++ b/filelist.mk
@@ -1,17 +1,22 @@
-LIB_SRC = \
+#LIB_SRC = \
-  BloomFilter.cpp Gzip.cpp Crypto.cpp Datagram.cpp Garlic.cpp I2NPProtocol.cpp LeaseSet.cpp \
+#  BloomFilter.cpp Gzip.cpp Crypto.cpp Datagram.cpp Garlic.cpp I2NPProtocol.cpp LeaseSet.cpp \
-  Log.cpp NTCPSession.cpp NetDb.cpp NetDbRequests.cpp Profiling.cpp \
+#  Log.cpp NTCPSession.cpp NetDb.cpp NetDbRequests.cpp Profiling.cpp \
-  Reseed.cpp RouterContext.cpp RouterInfo.cpp Signature.cpp SSU.cpp \
+#  Reseed.cpp RouterContext.cpp RouterInfo.cpp Signature.cpp SSU.cpp \
-  SSUSession.cpp SSUData.cpp Streaming.cpp Identity.cpp TransitTunnel.cpp \
+#  SSUSession.cpp SSUData.cpp Streaming.cpp Identity.cpp TransitTunnel.cpp \
-  Transports.cpp Tunnel.cpp TunnelEndpoint.cpp TunnelPool.cpp TunnelGateway.cpp \
+#  Transports.cpp Tunnel.cpp TunnelEndpoint.cpp TunnelPool.cpp TunnelGateway.cpp \
-  Destination.cpp Base.cpp I2PEndian.cpp FS.cpp Config.cpp Family.cpp \
+#  Destination.cpp Base.cpp I2PEndian.cpp FS.cpp Config.cpp Family.cpp \
-  Config.cpp HTTP.cpp Timestamp.cpp util.cpp api.cpp Event.cpp
+#  Config.cpp HTTP.cpp Timestamp.cpp util.cpp api.cpp Event.cpp Gost.cpp
-LIB_CLIENT_SRC = \
+LIB_SRC = $(wildcard $(LIB_SRC_DIR)/*.cpp)
-	AddressBook.cpp BOB.cpp ClientContext.cpp I2PTunnel.cpp I2PService.cpp \
+
-	SAM.cpp SOCKS.cpp HTTPProxy.cpp I2CP.cpp WebSocks.cpp
+#LIB_CLIENT_SRC = \
 #	AddressBook.cpp BOB.cpp ClientContext.cpp I2PTunnel.cpp I2PService.cpp MatchedDestination.cpp \
 #	SAM.cpp SOCKS.cpp HTTPProxy.cpp I2CP.cpp WebSocks.cpp
 LIB_CLIENT_SRC = $(wildcard $(LIB_CLIENT_SRC_DIR)/*.cpp)
 # also: Daemon{Linux,Win32}.cpp will be added later
-DAEMON_SRC = \
+#DAEMON_SRC = \
-	HTTPServer.cpp I2PControl.cpp UPnP.cpp Daemon.cpp i2pd.cpp
+#	HTTPServer.cpp I2PControl.cpp UPnP.cpp Daemon.cpp i2pd.cpp
 DAEMON_SRC = $(wildcard $(DAEMON_SRC_DIR)/*.cpp)
--- a/libi2pd/Base.cpp
+++ b/libi2pd/Base.cpp
--- a/libi2pd/Base.h
+++ b/libi2pd/Base.h
--- a/libi2pd/BloomFilter.cpp
+++ b/libi2pd/BloomFilter.cpp
--- a/libi2pd/BloomFilter.h
+++ b/libi2pd/BloomFilter.h
--- a/libi2pd/Config.cpp
+++ b/libi2pd/Config.cpp
@@ -53,9 +53,11 @@ namespace config {
      ("service",   value<bool>()->zero_tokens()->default_value(false), "Router will use system folders like '/var/lib/i2pd'")
      ("notransit", value<bool>()->zero_tokens()->default_value(false), "Router will not accept transit tunnels at startup")
      ("floodfill", value<bool>()->zero_tokens()->default_value(false), "Router will be floodfill")
-      ("bandwidth", value<std::string>()->default_value(""), "Bandwidth limit: integer in kbps or letters: L (32), O (256), P (2048), X (>9000)")
+      ("bandwidth", value<std::string>()->default_value(""), "Bandwidth limit: integer in KBps or letters: L (32), O (256), P (2048), X (>9000)")
 	  ("share",	value<int>()->default_value(100), "Limit of transit traffic from max bandwidth in percents. (default: 100")
      ("ntcp", value<bool>()->zero_tokens()->default_value(true), "Enable NTCP transport")
      ("ssu", value<bool>()->zero_tokens()->default_value(true), "Enable SSU transport")
 			("ntcpproxy", value<std::string>()->default_value(""), "proxy url for ntcp transport")
 #ifdef _WIN32
      ("svcctl",    value<std::string>()->default_value(""),     "Windows service management ('install' or 'remove')")
      ("insomnia", value<bool>()->zero_tokens()->default_value(false), "Prevent system from sleeping")
@@ -94,6 +96,7 @@ namespace config {
 	  ("httpproxy.latency.min",    value<std::string>()->default_value("0"),  "HTTP proxy min latency for tunnels")
 	  ("httpproxy.latency.max",   value<std::string>()->default_value("0"),  "HTTP proxy max latency for tunnels")
 			("httpproxy.outproxy", value<std::string>()->default_value(""), "HTTP proxy upstream out proxy url")
 	  ("httpproxy.addresshelper",   value<bool>()->default_value(true),                         "Enable or disable addresshelper")
      ;
    options_description socksproxy("SOCKS Proxy options");
@@ -115,7 +118,7 @@ namespace config {
    options_description sam("SAM bridge options");
    sam.add_options()
-      ("sam.enabled",         value<bool>()->default_value(false),                        "Enable or disable SAM Application bridge")
+      ("sam.enabled",         value<bool>()->default_value(true),                        "Enable or disable SAM Application bridge")
      ("sam.address",         value<std::string>()->default_value("127.0.0.1"),           "SAM listen address")
      ("sam.port",            value<uint16_t>()->default_value(7656),                     "SAM listen port")
      ;
@@ -186,6 +189,7 @@ namespace config {
 	    "https://reseed.memcpy.io/,"
 	    "https://reseed.onion.im/,"
 	    "https://itoopie.atomike.ninja/"
 //		"https://randomrng.ddns.net/"	   // dead
 		),  "Reseed URLs, separated by comma")
 	  ;
@@ -210,6 +214,13 @@ namespace config {
      ("websockets.address", value<std::string>()->default_value("127.0.0.1"), "address to bind websocket server on")
      ("websockets.port", value<uint16_t>()->default_value(7666), "port to bind websocket server on");
 	options_description exploratory("Exploratory Options");
 	exploratory.add_options()
 	  ("exploratory.inbound.length",      value<int>()->default_value(2),  "Exploratory inbound tunnel length")
 	  ("exploratory.outbound.length",     value<int>()->default_value(2),  "Exploratory outbound tunnel length")
 	  ("exploratory.inbound.quantity",    value<int>()->default_value(3),  "Exploratory inbound tunnels quantity")
 	  ("exploratory.outbound.quantity",   value<int>()->default_value(3),  "Exploratory outbound tunnels quantity");
    m_OptionsDesc
      .add(general)
 	  .add(limits)
@@ -226,21 +237,30 @@ namespace config {
      .add(addressbook)
      .add(trust)
      .add(websocket)
 	  .add(exploratory)
      ;
  }
-  void ParseCmdline(int argc, char* argv[]) {
+  void ParseCmdline(int argc, char* argv[], bool ignoreUnknown)
-    try {
+  {
    try
 	{
      auto style = boost::program_options::command_line_style::unix_style
                 | boost::program_options::command_line_style::allow_long_disguise;
      style &=   ~ boost::program_options::command_line_style::allow_guessing;
-      store(parse_command_line(argc, argv, m_OptionsDesc, style), m_Options);
+	  if (ignoreUnknown)
-    } catch (boost::program_options::error& e) {
+	  	store(command_line_parser(argc, argv).options(m_OptionsDesc).style (style).allow_unregistered().run(), m_Options);
 	  else
      	store(parse_command_line(argc, argv, m_OptionsDesc, style), m_Options);
    }
 	catch (boost::program_options::error& e)
 	{
      std::cerr << "args: " << e.what() << std::endl;
      exit(EXIT_FAILURE);
    }
-    if (m_Options.count("help") || m_Options.count("h")) {
+    if (!ignoreUnknown && (m_Options.count("help") || m_Options.count("h")))
 	{
      std::cout << "i2pd version " << I2PD_VERSION << " (" << I2P_VERSION << ")" << std::endl;
      std::cout << m_OptionsDesc;
      exit(EXIT_SUCCESS);
--- a/libi2pd/Config.h
+++ b/libi2pd/Config.h
@@ -41,7 +41,7 @@ namespace config {
   *
   * Other exceptions will be passed to higher level.
   */
-  void ParseCmdline(int argc, char* argv[]);
+  void ParseCmdline(int argc, char* argv[], bool ignoreUnknown = false);
  /**
   * @brief  Load and parse given config file
--- a/libi2pd/Crypto.cpp
+++ b/libi2pd/Crypto.cpp
@@ -272,11 +272,15 @@ namespace crypto
 	}	
 // ElGamal
-	void ElGamalEncrypt (const uint8_t * key, const uint8_t * data, uint8_t * encrypted, bool zeroPadding)
+	void ElGamalEncrypt (const uint8_t * key, const uint8_t * data, uint8_t * encrypted, BN_CTX * ctx, bool zeroPadding)
 	{
-		BN_CTX * ctx = BN_CTX_new ();
+		BN_CTX_start (ctx);
 		// everything, but a, because a might come from table	
 		BIGNUM * k = BN_CTX_get (ctx);
 		BIGNUM * y = BN_CTX_get (ctx);
 		BIGNUM * b1 = BN_CTX_get (ctx);
 		BIGNUM * b = BN_CTX_get (ctx);
 		// select random k
 		BIGNUM * k = BN_new ();
 #if defined(__x86_64__)
 		BN_rand (k, ELGAMAL_FULL_EXPONENT_NUM_BITS, -1, 1); // full exponent for x64
 #else
@@ -292,23 +296,18 @@ namespace crypto
 			BN_mod_exp (a, elgg, k, elgp, ctx);
 		}
-		BIGNUM * y = BN_new ();
+		// restore y from key
 		BN_bin2bn (key, 256, y);
 		// calculate b1
 		BIGNUM * b1 = BN_new ();
 		BN_mod_exp (b1, y, k, elgp, ctx);
 		BN_free (y);
 		BN_free (k);
 		// create m
 		uint8_t m[255];
 		m[0] = 0xFF;
 		memcpy (m+33, data, 222);
 		SHA256 (m+33, 222, m+1);
 		// calculate b = b1*m mod p
 		BIGNUM * b = BN_new ();
 		BN_bin2bn (m, 255, b);
 		BN_mod_mul (b, b1, b, elgp, ctx);
 		BN_free (b1);
 		// copy a and b
 		if (zeroPadding)
 		{
@@ -322,16 +321,15 @@ namespace crypto
 			bn2buf (a, encrypted, 256);
 			bn2buf (b, encrypted + 256, 256);
 		}		
 		BN_free (b);
 		BN_free (a);
-		BN_CTX_free (ctx);
+		BN_CTX_end (ctx);
 	}
 	bool ElGamalDecrypt (const uint8_t * key, const uint8_t * encrypted, 
-		uint8_t * data, bool zeroPadding)
+		uint8_t * data, BN_CTX * ctx, bool zeroPadding)
 	{
-		BN_CTX * ctx = BN_CTX_new ();
+		BN_CTX_start (ctx);
-		BIGNUM * x = BN_new (), * a = BN_new (), * b = BN_new ();
+		BIGNUM * x = BN_CTX_get (ctx), * a = BN_CTX_get (ctx), * b = BN_CTX_get (ctx);
 		BN_bin2bn (key, 256, x);
 		BN_sub (x, elgp, x); BN_sub_word (x, 1); // x = elgp - x- 1
 		BN_bin2bn (zeroPadding ? encrypted + 1 : encrypted, 256, a);
@@ -341,8 +339,7 @@ namespace crypto
 		BN_mod_mul (b, b, x, elgp, ctx);	
 		uint8_t m[255];
 		bn2buf (b, m, 255); 
-		BN_free (x); BN_free (a); BN_free (b); 
+		BN_CTX_end (ctx);
 		BN_CTX_free (ctx);
 		uint8_t hash[32];
 		SHA256 (m + 33, 222, hash);
 		if (memcmp (m + 1, hash, 32))
@@ -801,6 +798,7 @@ namespace crypto
 		}	
 	}*/
 	void InitCrypto (bool precomputation)
 	{
 		SSL_library_init ();
--- a/libi2pd/Crypto.h
+++ b/libi2pd/Crypto.h
@@ -12,6 +12,7 @@
 #include <openssl/sha.h>
 #include <openssl/evp.h>
 #include <openssl/rand.h>
 #include <openssl/engine.h>
 #include "Base.h"
 #include "Tag.h"
@@ -47,8 +48,8 @@ namespace crypto
 	};	
 	// ElGamal
-	void ElGamalEncrypt (const uint8_t * key, const uint8_t * data, uint8_t * encrypted, bool zeroPadding = false);
+	void ElGamalEncrypt (const uint8_t * key, const uint8_t * data, uint8_t * encrypted, BN_CTX * ctx, bool zeroPadding = false);
-	bool ElGamalDecrypt (const uint8_t * key, const uint8_t * encrypted, uint8_t * data, bool zeroPadding = false);
+	bool ElGamalDecrypt (const uint8_t * key, const uint8_t * encrypted, uint8_t * data, BN_CTX * ctx, bool zeroPadding = false);
 	void GenerateElGamalKeyPair (uint8_t * priv, uint8_t * pub);
 	// HMAC
@@ -288,13 +289,26 @@ namespace crypto
 #if (OPENSSL_VERSION_NUMBER < 0x010100000) || defined(LIBRESSL_VERSION_NUMBER) // 1.1.0 or LibreSSL
 // define getters and setters introduced in 1.1.0
 inline int DSA_set0_pqg(DSA *d, BIGNUM *p, BIGNUM *q, BIGNUM *g) 
-	{ d->p = p; d->q = q; d->g = g; return 1; }
+	{ 
 		if (d->p) BN_free (d->p);
 		if (d->q) BN_free (d->q);
 		if (d->g) BN_free (d->g);
 		d->p = p; d->q = q; d->g = g; return 1; 
 	}
 inline int DSA_set0_key(DSA *d, BIGNUM *pub_key, BIGNUM *priv_key) 
-	{ d->pub_key = pub_key; d->priv_key = priv_key; return 1; } 
+	{ 
 		if (d->pub_key) BN_free (d->pub_key);
 		if (d->priv_key) BN_free (d->priv_key);
 		d->pub_key = pub_key; d->priv_key = priv_key; return 1; 
 	} 
 inline void DSA_get0_key(const DSA *d, const BIGNUM **pub_key, const BIGNUM **priv_key) 
 	{ *pub_key = d->pub_key; *priv_key = d->priv_key; }
 inline int DSA_SIG_set0(DSA_SIG *sig, BIGNUM *r, BIGNUM *s) 
-	{ sig->r = r; sig->s = s; return 1; }
+	{ 
 		if (sig->r) BN_free (sig->r);
 		if (sig->s) BN_free (sig->s);
 		sig->r = r; sig->s = s; return 1; 
 	}
 inline void DSA_SIG_get0(const DSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps) 
 	{ *pr = sig->r; *ps = sig->s; }
@@ -308,12 +322,22 @@ inline void ECDSA_SIG_get0(const ECDSA_SIG *sig, const BIGNUM **pr, const BIGNUM
 	{ *pr = sig->r; *ps = sig->s; }
 inline int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d) 
-	{ r->n = n; r->e = e; r->d = d; return 1; }
+	{
 		if (r->n) BN_free (r->n);
 		if (r->e) BN_free (r->e);
 		if (r->d) BN_free (r->d);
 		r->n = n; r->e = e; r->d = d; return 1; 
 	}
 inline void RSA_get0_key(const RSA *r, const BIGNUM **n, const BIGNUM **e, const BIGNUM **d)
 	{ *n = r->n; *e = r->e; *d = r->d; }
 inline int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g)
-	{ dh->p = p; dh->q = q; dh->g = g;  return 1; }
+	{ 
 		if (dh->p) BN_free (dh->p);
 		if (dh->q) BN_free (dh->q);
 		if (dh->g) BN_free (dh->g);
 		dh->p = p; dh->q = q; dh->g = g;  return 1; 
 	}
 inline int DH_set0_key(DH *dh, BIGNUM *pub_key, BIGNUM *priv_key)
 	{ 
 		if (dh->pub_key) BN_free (dh->pub_key); 
@@ -326,6 +350,11 @@ inline void DH_get0_key(const DH *dh, const BIGNUM **pub_key, const BIGNUM **pri
 inline RSA *EVP_PKEY_get0_RSA(EVP_PKEY *pkey)
 	{ return pkey->pkey.rsa; }
 inline EVP_MD_CTX *EVP_MD_CTX_new ()
 	{ return EVP_MD_CTX_create(); }
 inline void EVP_MD_CTX_free (EVP_MD_CTX *ctx)
 	{ EVP_MD_CTX_destroy (ctx); }
 // ssl
 #define TLS_method TLSv1_method
--- a/libi2pd/Datagram.cpp
+++ b/libi2pd/Datagram.cpp
@@ -255,9 +255,11 @@ namespace datagram
 			}
 			if(m_CurrentRemoteLease && m_CurrentRemoteLease->ExpiresWithin(DATAGRAM_SESSION_LEASE_HANDOVER_WINDOW)) {
 				// bad lease, switch to next one
 				if(m_RemoteLeaseSet && m_RemoteLeaseSet->IsExpired())
 					m_RemoteLeaseSet = m_LocalDestination->FindLeaseSet(m_RemoteIdent);
 				if(m_RemoteLeaseSet) {
 					auto ls = m_RemoteLeaseSet->GetNonExpiredLeasesExcluding([&](const i2p::data::Lease& l) -> bool {
-							return l.tunnelGateway == m_CurrentRemoteLease->tunnelGateway;
+							return l.tunnelID == m_CurrentRemoteLease->tunnelID;
 					});
 					auto sz = ls.size();
 					if (sz) {
@@ -278,7 +280,7 @@ namespace datagram
 				m_CurrentOutboundTunnel = m_LocalDestination->GetTunnelPool()->GetNextOutboundTunnel(m_CurrentOutboundTunnel);
 			}
 			// switch lease if bad
-			if(m_CurrentRemoteLease == nullptr || m_CurrentRemoteLease->ExpiresWithin(DATAGRAM_SESSION_LEASE_HANDOVER_WINDOW)) {
+			if(m_CurrentRemoteLease && m_CurrentRemoteLease->ExpiresWithin(DATAGRAM_SESSION_LEASE_HANDOVER_WINDOW)) {
 				if(!m_RemoteLeaseSet) {
 					m_RemoteLeaseSet = m_LocalDestination->FindLeaseSet(m_RemoteIdent);
 				}
@@ -299,6 +301,17 @@ namespace datagram
 					LogPrint(eLogWarning, "DatagramSession: no remote lease set found for ", m_RemoteIdent.ToBase32());
 					return nullptr;
 				}
 			} else if (!m_CurrentRemoteLease) {
 				if(!m_RemoteLeaseSet) m_RemoteLeaseSet = m_LocalDestination->FindLeaseSet(m_RemoteIdent);
 				if (m_RemoteLeaseSet)
 				{
 					auto ls = m_RemoteLeaseSet->GetNonExpiredLeases();
 					auto sz = ls.size();
 					if (sz) {
 						auto idx = rand() % sz;
 						m_CurrentRemoteLease = ls[idx];
 					}
 				}
 			}
 			path->outboundTunnel = m_CurrentOutboundTunnel;
 			path->remoteLease = m_CurrentRemoteLease;
@@ -346,7 +359,7 @@ namespace datagram
 	void DatagramSession::ScheduleFlushSendQueue()
 	{
-		boost::posix_time::milliseconds dlt(100);
+		boost::posix_time::milliseconds dlt(10);
 		m_SendQueueTimer.expires_from_now(dlt);
 		auto self = shared_from_this();
 		m_SendQueueTimer.async_wait([self](const boost::system::error_code & ec) { if(ec) return; self->FlushSendQueue(); });
--- a/libi2pd/Datagram.h
+++ b/libi2pd/Datagram.h
@@ -26,7 +26,7 @@ namespace datagram
 	// milliseconds interval a routing path is used before switching
 	const uint64_t DATAGRAM_SESSION_PATH_SWITCH_INTERVAL = 20 * 60 * 1000;
 	// milliseconds before lease expire should we try switching leases
-	const uint64_t DATAGRAM_SESSION_LEASE_HANDOVER_WINDOW = 10 * 1000;
+	const uint64_t DATAGRAM_SESSION_LEASE_HANDOVER_WINDOW = 30 * 1000;
 	// milliseconds fudge factor for leases handover
 	const uint64_t DATAGRAM_SESSION_LEASE_HANDOVER_FUDGE = 1000;
 	// milliseconds minimum time between path switches
@@ -103,7 +103,7 @@ namespace datagram
 		public:
-			DatagramDestination (std::shared_ptr<i2p::client::ClientDestination> owner);
+    DatagramDestination (std::shared_ptr<i2p::client::ClientDestination> owner);
 			~DatagramDestination ();
    	void SendDatagramTo (const uint8_t * payload, size_t len, const i2p::data::IdentHash & ident, uint16_t fromPort = 0, uint16_t toPort = 0);
@@ -147,4 +147,3 @@ namespace datagram
 }
 #endif
--- a/libi2pd/Destination.cpp
+++ b/libi2pd/Destination.cpp
@@ -4,7 +4,7 @@
 #include "Log.h"
 #include "FS.h"
 #include "Timestamp.h"
-#include "NetDb.h"
+#include "NetDb.hpp"
 #include "Destination.h"
 #include "util.h"
@@ -110,6 +110,7 @@ namespace client
 	{	
 		if (!m_IsRunning)
 		{	
 			LoadTags ();
 			m_IsRunning = true;
 			m_Pool->SetLocalDestination (shared_from_this ());
 			m_Pool->SetActive (true);	
@@ -145,6 +146,7 @@ namespace client
 				delete m_Thread;
 				m_Thread = 0;
 			}	
 			SaveTags ();
 			CleanUp (); // GarlicDestination
 			return true;
 		}	
--- a/libi2pd/Destination.h
+++ b/libi2pd/Destination.h
@@ -17,7 +17,7 @@
 #include "Crypto.h"
 #include "LeaseSet.h"
 #include "Garlic.h"
-#include "NetDb.h"
+#include "NetDb.hpp"
 #include "Streaming.h"
 #include "Datagram.h"
@@ -175,8 +175,8 @@ namespace client
 			ClientDestination (const i2p::data::PrivateKeys& keys, bool isPublic, const std::map<std::string, std::string> * params = nullptr);
 			~ClientDestination ();
-			bool Start ();
+			virtual bool Start ();
-			bool Stop ();
+			virtual bool Stop ();
 			const i2p::data::PrivateKeys& GetPrivateKeys () const { return m_Keys; };
 			void Sign (const uint8_t * buf, int len, uint8_t * signature) const { m_Keys.Sign (buf, len, signature); };
--- a/libi2pd/Event.cpp
+++ b/libi2pd/Event.cpp
--- a/libi2pd/Event.h
+++ b/libi2pd/Event.h
--- a/libi2pd/FS.cpp
+++ b/libi2pd/FS.cpp
@@ -16,6 +16,7 @@
 #include "Base.h"
 #include "FS.h"
 #include "Log.h"
 #include "Garlic.h"
 namespace i2p {
 namespace fs {
@@ -93,6 +94,11 @@ namespace fs {
    std::string destinations = DataDirPath("destinations");
    if (!boost::filesystem::exists(destinations))
      boost::filesystem::create_directory(destinations);
 	std::string tags = DataDirPath("tags");
    if (!boost::filesystem::exists(tags))
    	boost::filesystem::create_directory(tags);
 	else
 		i2p::garlic::CleanUpTagsFiles ();
    return true;
  }
@@ -116,6 +122,14 @@ namespace fs {
    return boost::filesystem::exists(path);
  }
  uint32_t GetLastUpdateTime (const std::string & path)
  {	
 	 if (!boost::filesystem::exists(path)) return 0;
 	 boost::system::error_code ec;
 	 auto t = boost::filesystem::last_write_time (path, ec);
 	 return ec ? 0 : t;
  }				
  bool Remove(const std::string & path) {
    if (!boost::filesystem::exists(path))
      return false;
--- a/libi2pd/FS.h
+++ b/libi2pd/FS.h
@@ -113,6 +113,8 @@ namespace fs {
   */
  bool Exists(const std::string & path);
  uint32_t GetLastUpdateTime (const std::string & path); // seconds since epoch			
  bool CreateDirectory (const std::string& path);	
  template<typename T>
--- a/libi2pd/Family.cpp
+++ b/libi2pd/Family.cpp
--- a/libi2pd/Family.h
+++ b/libi2pd/Family.h
--- a/libi2pd/Garlic.cpp
+++ b/libi2pd/Garlic.cpp
@@ -10,6 +10,7 @@
 #include "Transports.h"
 #include "Timestamp.h"
 #include "Log.h"
 #include "FS.h"
 #include "Garlic.h"
 namespace i2p
@@ -187,7 +188,9 @@ namespace garlic
 			RAND_bytes (elGamal.preIV, 32); // Pre-IV
 			uint8_t iv[32]; // IV is first 16 bytes
 			SHA256(elGamal.preIV, 32, iv); 
-			i2p::crypto::ElGamalEncrypt (m_Destination->GetEncryptionPublicKey (), (uint8_t *)&elGamal, buf, true);			
+			BN_CTX * ctx = BN_CTX_new ();
 			i2p::crypto::ElGamalEncrypt (m_Destination->GetEncryptionPublicKey (), (uint8_t *)&elGamal, buf, ctx, true);	
 			BN_CTX_free (ctx);		
 			m_Encryption.SetIV (iv);
 			buf += 514;
 			len += 514;	
@@ -389,8 +392,14 @@ namespace garlic
 		return size;
 	}
 	GarlicDestination::GarlicDestination (): m_NumTags (32) // 32 tags by default
 	{
 		m_Ctx = BN_CTX_new ();
 	} 
 	GarlicDestination::~GarlicDestination ()
 	{
 		BN_CTX_free (m_Ctx);
 	}
 	void GarlicDestination::CleanUp ()
@@ -404,9 +413,7 @@ namespace garlic
 		if (key)
 		{
 			uint32_t ts = i2p::util::GetSecondsSinceEpoch ();
-			auto decryption = std::make_shared<i2p::crypto::CBCDecryption>();
+			m_Tags[SessionTag(tag, ts)] = std::make_shared<AESDecryption>(key);
 			decryption->SetKey (key);
 			m_Tags[SessionTag(tag, ts)] = decryption;
 		}
 	}
@@ -430,26 +437,26 @@ namespace garlic
 		if (it != m_Tags.end ())
 		{
 			// tag found. Use AES
 			auto decryption = it->second;
 			m_Tags.erase (it); // tag might be used only once	
 			if (length >= 32)
 			{	
 				uint8_t iv[32]; // IV is first 16 bytes
 				SHA256(buf, 32, iv);
-				it->second->SetIV (iv);
+				decryption->SetIV (iv);
-				it->second->Decrypt (buf + 32, length - 32, buf + 32);
+				decryption->Decrypt (buf + 32, length - 32, buf + 32);
-				HandleAESBlock (buf + 32, length - 32, it->second, msg->from);
+				HandleAESBlock (buf + 32, length - 32, decryption, msg->from);
 			}	
 			else
 				LogPrint (eLogWarning, "Garlic: message length ", length, " is less than 32 bytes");
 			m_Tags.erase (it); // tag might be used only once	
 		}
 		else
 		{
 			// tag not found. Use ElGamal
 			ElGamalBlock elGamal;
-			if (length >= 514 && i2p::crypto::ElGamalDecrypt (GetEncryptionPrivateKey (), buf, (uint8_t *)&elGamal, true))
+			if (length >= 514 && i2p::crypto::ElGamalDecrypt (GetEncryptionPrivateKey (), buf, (uint8_t *)&elGamal, m_Ctx, true))
 			{	
-				auto decryption = std::make_shared<i2p::crypto::CBCDecryption>();
+				auto decryption = std::make_shared<AESDecryption>(elGamal.sessionKey);
 				decryption->SetKey (elGamal.sessionKey);
 				uint8_t iv[32]; // IV is first 16 bytes
 				SHA256(elGamal.preIV, 32, iv); 
 				decryption->SetIV (iv);
@@ -461,7 +468,7 @@ namespace garlic
 		}
 	}	
-	void GarlicDestination::HandleAESBlock (uint8_t * buf, size_t len, std::shared_ptr<i2p::crypto::CBCDecryption> decryption,
+	void GarlicDestination::HandleAESBlock (uint8_t * buf, size_t len, std::shared_ptr<AESDecryption> decryption,
 		std::shared_ptr<i2p::tunnel::InboundTunnel> from)
 	{
 		uint16_t tagCount = bufbe16toh (buf);
@@ -706,5 +713,75 @@ namespace garlic
 		HandleDeliveryStatusMessage (msg);
 	}
 	void GarlicDestination::SaveTags ()
 	{
 		if (m_Tags.empty ()) return;
 		std::string ident = GetIdentHash().ToBase32();
 		std::string path  = i2p::fs::DataDirPath("tags", (ident + ".tags"));
 		std::ofstream f (path, std::ofstream::binary | std::ofstream::out | std::ofstream::trunc);	
 		uint32_t ts = i2p::util::GetSecondsSinceEpoch ();
 		// 4 bytes timestamp, 32 bytes tag, 32 bytes key
 		for (auto it: m_Tags)
 		{
 			if (ts < it.first.creationTime + INCOMING_TAGS_EXPIRATION_TIMEOUT)
 			{
 				f.write ((char *)&it.first.creationTime, 4);
 				f.write ((char *)it.first.data (), 32);
 				f.write ((char *)it.second->GetKey ().data (), 32);
 			} 
 		}
 	}
 	void GarlicDestination::LoadTags ()
 	{
 		std::string ident = GetIdentHash().ToBase32();
 		std::string path  = i2p::fs::DataDirPath("tags", (ident + ".tags"));
 		uint32_t ts = i2p::util::GetSecondsSinceEpoch ();
 		if (ts < i2p::fs::GetLastUpdateTime (path) + INCOMING_TAGS_EXPIRATION_TIMEOUT) 
 		{
 			// might contain non-expired tags
 			std::ifstream f (path, std::ifstream::binary);
 			if (f) 
 			{
 				std::map<i2p::crypto::AESKey, std::shared_ptr<AESDecryption> > keys;
 				// 4 bytes timestamp, 32 bytes tag, 32 bytes key
 				while (!f.eof ())
 				{
 					uint32_t t;
 					uint8_t tag[32], key[32];
 					f.read ((char *)&t, 4); if (f.eof ()) break;
 					if (ts < t + INCOMING_TAGS_EXPIRATION_TIMEOUT)
 					{
 						f.read ((char *)tag, 32);
 						f.read ((char *)key, 32);
 					}
 					else
 						f.seekg (64, std::ios::cur); // skip 
 					if (f.eof ()) break;
 					std::shared_ptr<AESDecryption> decryption;
 					auto it = keys.find (key);
 					if (it != keys.end ())
 						decryption = it->second;
 					else
 						decryption = std::make_shared<AESDecryption>(key);
 					m_Tags.insert (std::make_pair (SessionTag (tag, ts), decryption));
 				}
 				if (!m_Tags.empty ()) 
 					LogPrint (eLogInfo, m_Tags.size (), " loaded for ", ident);	
 			}
 		}
 		i2p::fs::Remove (path);	 
 	}
 	void CleanUpTagsFiles ()
 	{
 		std::vector<std::string> files; 
 		i2p::fs::ReadDir (i2p::fs::DataDirPath("tags"), files);
 		uint32_t ts = i2p::util::GetSecondsSinceEpoch ();
 		for (auto  it: files)
 			if (ts >= i2p::fs::GetLastUpdateTime (it) + INCOMING_TAGS_EXPIRATION_TIMEOUT)
 				 i2p::fs::Remove (it);
 	}
 }	
 }
--- a/libi2pd/Garlic.h
+++ b/libi2pd/Garlic.h
@@ -59,6 +59,22 @@ namespace garlic
 		uint32_t creationTime; // seconds since epoch	
 	};
 	// AESDecryption is associated with session tags and store key
 	class AESDecryption: public i2p::crypto::CBCDecryption
 	{
 		public:
 			AESDecryption (const uint8_t * key): m_Key (key)
 			{
 				SetKey (key);
 			}			
 			const i2p::crypto::AESKey& GetKey () const { return m_Key; };
 		private:
 			i2p::crypto::AESKey m_Key;
 	};
 	struct GarlicRoutingPath
 	{
 		std::shared_ptr<i2p::tunnel::OutboundTunnel> outboundTunnel;
@@ -153,7 +169,7 @@ namespace garlic
 	{
 		public:
-			GarlicDestination (): m_NumTags (32) {}; // 32 tags by default
+			GarlicDestination ();
 			~GarlicDestination ();
 			void CleanUp ();
@@ -181,20 +197,24 @@ namespace garlic
 			void HandleGarlicMessage (std::shared_ptr<I2NPMessage> msg);
 			void HandleDeliveryStatusMessage (std::shared_ptr<I2NPMessage> msg);			
 			void SaveTags ();
 			void LoadTags ();	
 		private:
-			void HandleAESBlock (uint8_t * buf, size_t len, std::shared_ptr<i2p::crypto::CBCDecryption> decryption, 
+			void HandleAESBlock (uint8_t * buf, size_t len, std::shared_ptr<AESDecryption> decryption, 
 				std::shared_ptr<i2p::tunnel::InboundTunnel> from);
 			void HandleGarlicPayload (uint8_t * buf, size_t len, std::shared_ptr<i2p::tunnel::InboundTunnel> from);
 		private:
 			BN_CTX * m_Ctx; // incoming
 			// outgoing sessions
 			int m_NumTags;
 			std::mutex m_SessionsMutex;
 			std::map<i2p::data::IdentHash, GarlicRoutingSessionPtr> m_Sessions;
 			// incoming
-			std::map<SessionTag, std::shared_ptr<i2p::crypto::CBCDecryption>> m_Tags;
+			std::map<SessionTag, std::shared_ptr<AESDecryption> > m_Tags;
 			// DeliveryStatus
 			std::mutex m_DeliveryStatusSessionsMutex;
 			std::map<uint32_t, GarlicRoutingSessionPtr> m_DeliveryStatusSessions; // msgID -> session
@@ -205,6 +225,9 @@ namespace garlic
 			size_t GetNumIncomingTags () const { return m_Tags.size (); }	
 			const decltype(m_Sessions)& GetSessions () const { return m_Sessions; };
 	};
 	void CleanUpTagsFiles ();
 }	
 }
--- a/libi2pd/Gost.cpp
+++ b/libi2pd/Gost.cpp
@@ -0,0 +1,530 @@
 #include <string.h>
 #include <array>
 #include <openssl/sha.h>
 #include <openssl/evp.h>
 #include "I2PEndian.h"
 #include "Gost.h"
 namespace i2p
 {
 namespace crypto
 {
 // GOST R 34.10
 	GOSTR3410Curve::GOSTR3410Curve (BIGNUM * a, BIGNUM * b, BIGNUM * p, BIGNUM * q, BIGNUM * x, BIGNUM * y)
 	{
 		m_KeyLen = BN_num_bytes (p);
 		BN_CTX * ctx = BN_CTX_new ();
 		m_Group = EC_GROUP_new_curve_GFp (p, a, b, ctx);
 		EC_POINT * P = EC_POINT_new (m_Group);
 		EC_POINT_set_affine_coordinates_GFp (m_Group, P, x, y, ctx);
 		EC_GROUP_set_generator (m_Group, P, q, nullptr);
 		EC_GROUP_set_curve_name (m_Group, NID_id_GostR3410_2001);
 		EC_POINT_free(P);
 		BN_CTX_free (ctx);
 	}
 	GOSTR3410Curve::~GOSTR3410Curve ()
 	{
 		EC_GROUP_free (m_Group);
 	}				
 	EC_POINT * GOSTR3410Curve::MulP (const BIGNUM * n) const
 	{
 		BN_CTX * ctx = BN_CTX_new ();
 		auto p = EC_POINT_new (m_Group);
 		EC_POINT_mul (m_Group, p, n, nullptr, nullptr, ctx);
 		BN_CTX_free (ctx);
 		return p;
 	}
 	bool GOSTR3410Curve::GetXY (const EC_POINT * p, BIGNUM * x, BIGNUM * y) const
 	{
 		return EC_POINT_get_affine_coordinates_GFp (m_Group, p, x, y, nullptr);
 	}
 	EC_POINT * GOSTR3410Curve::CreatePoint (const BIGNUM * x, const BIGNUM * y) const
 	{
 		EC_POINT * p = EC_POINT_new (m_Group);
 		EC_POINT_set_affine_coordinates_GFp (m_Group, p, x, y, nullptr);
 		return p;
 	}
 	void GOSTR3410Curve::Sign (const BIGNUM * priv, const BIGNUM * digest, BIGNUM * r, BIGNUM * s)
 	{
 		BN_CTX * ctx = BN_CTX_new ();
 		BN_CTX_start (ctx);
 		BIGNUM * q = BN_CTX_get (ctx);
 		EC_GROUP_get_order(m_Group, q, ctx);
 		BIGNUM * k = BN_CTX_get (ctx);
 		BN_rand_range (k, q); // 0 < k < q
 		EC_POINT * C = MulP (k); // C = k*P
 		GetXY (C, r, nullptr); // r = Cx
 		EC_POINT_free (C);
 		BN_mod_mul (s, r, priv, q, ctx); // (r*priv)%q
 		BIGNUM * tmp = BN_CTX_get (ctx);
 		BN_mod_mul (tmp, k, digest, q, ctx); // (k*digest)%q
 		BN_mod_add (s, s, tmp, q, ctx); // (r*priv+k*digest)%q
 		BN_CTX_end (ctx);
 		BN_CTX_free (ctx);
 	}
 	bool GOSTR3410Curve::Verify (const EC_POINT * pub, const BIGNUM * digest, const BIGNUM * r, const BIGNUM * s)
 	{
 		BN_CTX * ctx = BN_CTX_new ();
 		BN_CTX_start (ctx);
 		BIGNUM * q = BN_CTX_get (ctx);
 		EC_GROUP_get_order(m_Group, q, ctx);
 		BIGNUM * h = BN_CTX_get (ctx);
 		BN_mod (h, digest, q, ctx); // h = digest % q
 		BN_mod_inverse (h, h, q, ctx); // 1/h mod q
 		BIGNUM * z1 = BN_CTX_get (ctx);
 		BN_mod_mul (z1, s, h, q, ctx); // z1 = s/h
 		BIGNUM * z2 = BN_CTX_get (ctx);				
 		BN_sub (z2, q, r); // z2 = -r
 		BN_mod_mul (z2, z2, h, q, ctx); // z2 = -r/h
 		EC_POINT * C = EC_POINT_new (m_Group);
 		EC_POINT_mul (m_Group, C, z1, pub, z2, ctx); // z1*P + z2*pub
 		BIGNUM * x = BN_CTX_get (ctx);	
 		GetXY  (C, x, nullptr); // Cx
 		BN_mod (x, x, q, ctx); // Cx % q
 		bool ret = !BN_cmp (x, r); // Cx = r ?
 		EC_POINT_free (C);
 		BN_CTX_end (ctx);
 		BN_CTX_free (ctx);
 		return ret;
 	}	
 	EC_POINT * GOSTR3410Curve::RecoverPublicKey (const BIGNUM * digest, const BIGNUM * r, const BIGNUM * s, bool isNegativeY) const 
 	{
 		// s*P = r*Q + h*C
 		BN_CTX * ctx = BN_CTX_new ();
 		BN_CTX_start (ctx);
 		EC_POINT * C = EC_POINT_new (m_Group); // C = k*P = (rx, ry)
 		EC_POINT * Q  = nullptr;
 		if (EC_POINT_set_compressed_coordinates_GFp (m_Group, C, r, isNegativeY ? 1 : 0,  ctx))
 		{	
 			EC_POINT * S = EC_POINT_new (m_Group); // S = s*P
 			EC_POINT_mul (m_Group, S, s, nullptr, nullptr, ctx);
 			BIGNUM * q = BN_CTX_get (ctx);
 			EC_GROUP_get_order(m_Group, q, ctx);
 			BIGNUM * h = BN_CTX_get (ctx);
 			BN_mod (h, digest, q, ctx); // h = digest % q
 			BN_sub (h, q, h); // h = -h
 			EC_POINT * H = EC_POINT_new (m_Group); 
 			EC_POINT_mul (m_Group, H, nullptr, C, h, ctx); // -h*C
 			EC_POINT_add (m_Group, C, S, H, ctx); // s*P - h*C
 			EC_POINT_free (H);
 			EC_POINT_free (S);
 			BIGNUM * r1 = BN_CTX_get (ctx);
 			BN_mod_inverse (r1, r, q, ctx);
 			Q = EC_POINT_new (m_Group); 
 			EC_POINT_mul (m_Group, Q, nullptr, C, r1, ctx); // (s*P - h*C)/r 
 		}	
 		EC_POINT_free (C);
 		BN_CTX_end (ctx);
 		BN_CTX_free (ctx);
 		return Q;
 	}	
 	static GOSTR3410Curve * CreateGOSTR3410Curve (GOSTR3410ParamSet paramSet)
 	{
 		// a, b, p, q, x, y	
 		static const char * params[eGOSTR3410NumParamSets][6] = 
 		{
 			{ 
 				"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFD94",
 				"A6",
 				"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFD97",
 				"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF6C611070995AD10045841B09B761B893",
 				"1",
 				"8D91E471E0989CDA27DF505A453F2B7635294F2DDF23E3B122ACC99C9E9F1E14"
 			}, // CryptoPro A
 			{
 				"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFDC4",
 				"E8C2505DEDFC86DDC1BD0B2B6667F1DA34B82574761CB0E879BD081CFD0B6265EE3CB090F30D27614CB4574010DA90DD862EF9D4EBEE4761503190785A71C760",
 				"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFDC7",
 				"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF27E69532F48D89116FF22B8D4E0560609B4B38ABFAD2B85DCACDB1411F10B275",
 				"3",
 				"7503CFE87A836AE3A61B8816E25450E6CE5E1C93ACF1ABC1778064FDCBEFA921DF1626BE4FD036E93D75E6A50E3A41E98028FE5FC235F5B889A589CB5215F2A4"		
 			} // tc26-2012-paramSetA-512
 		};	
 		BIGNUM * a = nullptr, * b = nullptr, * p = nullptr, * q =nullptr, * x = nullptr, * y = nullptr;
 		BN_hex2bn(&a, params[paramSet][0]);
 		BN_hex2bn(&b, params[paramSet][1]);
 		BN_hex2bn(&p, params[paramSet][2]);
 		BN_hex2bn(&q, params[paramSet][3]);
 		BN_hex2bn(&x, params[paramSet][4]);
 		BN_hex2bn(&y, params[paramSet][5]);
 		auto curve = new GOSTR3410Curve (a, b, p, q, x, y);
 		BN_free (a); BN_free (b); BN_free (p); BN_free (q); BN_free (x); BN_free (y);
 		return curve;
 	}	
 	static std::array<std::unique_ptr<GOSTR3410Curve>, eGOSTR3410NumParamSets> g_GOSTR3410Curves;
 	std::unique_ptr<GOSTR3410Curve>& GetGOSTR3410Curve (GOSTR3410ParamSet paramSet)
 	{
 		if (!g_GOSTR3410Curves[paramSet])
 		{
 			auto c = CreateGOSTR3410Curve (paramSet);	
 			if (!g_GOSTR3410Curves[paramSet]) // make sure it was not created already
 				g_GOSTR3410Curves[paramSet].reset (c);
 			else
 				delete c;
 		}	
 		return g_GOSTR3410Curves[paramSet]; 
 	}
 // ГОСТ 34.11-2012
 	static const uint8_t sbox_[256] =
 	{
 		0xFC, 0xEE, 0xDD, 0x11, 0xCF, 0x6E, 0x31, 0x16, 0xFB, 0xC4, 0xFA, 0xDA, 0x23, 0xC5, 0x04, 0x4D,
 		0xE9, 0x77, 0xF0, 0xDB, 0x93, 0x2E, 0x99, 0xBA, 0x17, 0x36, 0xF1, 0xBB, 0x14, 0xCD, 0x5F, 0xC1,
 		0xF9, 0x18, 0x65, 0x5A, 0xE2, 0x5C, 0xEF, 0x21, 0x81, 0x1C, 0x3C, 0x42, 0x8B, 0x01, 0x8E, 0x4F,
 		0x05, 0x84, 0x02, 0xAE, 0xE3, 0x6A, 0x8F, 0xA0, 0x06, 0x0B, 0xED, 0x98, 0x7F, 0xD4, 0xD3, 0x1F,
 		0xEB, 0x34, 0x2C, 0x51, 0xEA, 0xC8, 0x48, 0xAB, 0xF2, 0x2A, 0x68, 0xA2, 0xFD, 0x3A, 0xCE, 0xCC,
 		0xB5, 0x70, 0x0E, 0x56, 0x08, 0x0C, 0x76, 0x12, 0xBF, 0x72, 0x13, 0x47, 0x9C, 0xB7, 0x5D, 0x87,
 		0x15, 0xA1, 0x96, 0x29, 0x10, 0x7B, 0x9A, 0xC7, 0xF3, 0x91, 0x78, 0x6F, 0x9D, 0x9E, 0xB2, 0xB1,
 		0x32, 0x75, 0x19, 0x3D, 0xFF, 0x35, 0x8A, 0x7E, 0x6D, 0x54, 0xC6, 0x80, 0xC3, 0xBD, 0x0D, 0x57,
 		0xDF, 0xF5, 0x24, 0xA9, 0x3E, 0xA8, 0x43, 0xC9, 0xD7, 0x79, 0xD6, 0xF6, 0x7C, 0x22, 0xB9, 0x03,
 		0xE0, 0x0F, 0xEC, 0xDE, 0x7A, 0x94, 0xB0, 0xBC, 0xDC, 0xE8, 0x28, 0x50, 0x4E, 0x33, 0x0A, 0x4A,
 		0xA7, 0x97, 0x60, 0x73, 0x1E, 0x00, 0x62, 0x44, 0x1A, 0xB8, 0x38, 0x82, 0x64, 0x9F, 0x26, 0x41,
 		0xAD, 0x45, 0x46, 0x92, 0x27, 0x5E, 0x55, 0x2F, 0x8C, 0xA3, 0xA5, 0x7D, 0x69, 0xD5, 0x95, 0x3B,
 		0x07, 0x58, 0xB3, 0x40, 0x86, 0xAC, 0x1D, 0xF7, 0x30, 0x37, 0x6B, 0xE4, 0x88, 0xD9, 0xE7, 0x89,
 		0xE1, 0x1B, 0x83, 0x49, 0x4C, 0x3F, 0xF8, 0xFE, 0x8D, 0x53, 0xAA, 0x90, 0xCA, 0xD8, 0x85, 0x61,
 		0x20, 0x71, 0x67, 0xA4, 0x2D, 0x2B, 0x09, 0x5B, 0xCB, 0x9B, 0x25, 0xD0, 0xBE, 0xE5, 0x6C, 0x52,
 		0x59, 0xA6, 0x74, 0xD2, 0xE6, 0xF4, 0xB4, 0xC0, 0xD1, 0x66, 0xAF, 0xC2, 0x39, 0x4B, 0x63, 0xB6
 	};
 	static const uint64_t A_[64] = 
 	{
 		0x8e20faa72ba0b470, 0x47107ddd9b505a38, 0xad08b0e0c3282d1c, 0xd8045870ef14980e,
 		0x6c022c38f90a4c07, 0x3601161cf205268d, 0x1b8e0b0e798c13c8, 0x83478b07b2468764,
 		0xa011d380818e8f40, 0x5086e740ce47c920, 0x2843fd2067adea10, 0x14aff010bdd87508,
 		0x0ad97808d06cb404, 0x05e23c0468365a02, 0x8c711e02341b2d01, 0x46b60f011a83988e,
 		0x90dab52a387ae76f, 0x486dd4151c3dfdb9, 0x24b86a840e90f0d2, 0x125c354207487869,
 		0x092e94218d243cba, 0x8a174a9ec8121e5d, 0x4585254f64090fa0, 0xaccc9ca9328a8950,
 		0x9d4df05d5f661451, 0xc0a878a0a1330aa6, 0x60543c50de970553, 0x302a1e286fc58ca7,
 		0x18150f14b9ec46dd, 0x0c84890ad27623e0, 0x0642ca05693b9f70, 0x0321658cba93c138,
 		0x86275df09ce8aaa8, 0x439da0784e745554, 0xafc0503c273aa42a, 0xd960281e9d1d5215,
 		0xe230140fc0802984, 0x71180a8960409a42, 0xb60c05ca30204d21, 0x5b068c651810a89e,
 		0x456c34887a3805b9, 0xac361a443d1c8cd2, 0x561b0d22900e4669, 0x2b838811480723ba,
 		0x9bcf4486248d9f5d, 0xc3e9224312c8c1a0, 0xeffa11af0964ee50, 0xf97d86d98a327728,
 		0xe4fa2054a80b329c, 0x727d102a548b194e, 0x39b008152acb8227, 0x9258048415eb419d,
 		0x492c024284fbaec0, 0xaa16012142f35760, 0x550b8e9e21f7a530, 0xa48b474f9ef5dc18,
 		0x70a6a56e2440598e, 0x3853dc371220a247, 0x1ca76e95091051ad, 0x0edd37c48a08a6d8,
 		0x07e095624504536c, 0x8d70c431ac02a736, 0xc83862965601dd1b, 0x641c314b2b8ee083
 	}; 
 	static const uint8_t C_[12][64] = 
 	{
 		{
 			0xb1,0x08,0x5b,0xda,0x1e,0xca,0xda,0xe9,0xeb,0xcb,0x2f,0x81,0xc0,0x65,0x7c,0x1f,
 			0x2f,0x6a,0x76,0x43,0x2e,0x45,0xd0,0x16,0x71,0x4e,0xb8,0x8d,0x75,0x85,0xc4,0xfc,
 			0x4b,0x7c,0xe0,0x91,0x92,0x67,0x69,0x01,0xa2,0x42,0x2a,0x08,0xa4,0x60,0xd3,0x15,
 			0x05,0x76,0x74,0x36,0xcc,0x74,0x4d,0x23,0xdd,0x80,0x65,0x59,0xf2,0xa6,0x45,0x07
 		},
 		{
 			0x6f,0xa3,0xb5,0x8a,0xa9,0x9d,0x2f,0x1a,0x4f,0xe3,0x9d,0x46,0x0f,0x70,0xb5,0xd7,
 			0xf3,0xfe,0xea,0x72,0x0a,0x23,0x2b,0x98,0x61,0xd5,0x5e,0x0f,0x16,0xb5,0x01,0x31,
 			0x9a,0xb5,0x17,0x6b,0x12,0xd6,0x99,0x58,0x5c,0xb5,0x61,0xc2,0xdb,0x0a,0xa7,0xca,
 			0x55,0xdd,0xa2,0x1b,0xd7,0xcb,0xcd,0x56,0xe6,0x79,0x04,0x70,0x21,0xb1,0x9b,0xb7
 		},
 		{
 			0xf5,0x74,0xdc,0xac,0x2b,0xce,0x2f,0xc7,0x0a,0x39,0xfc,0x28,0x6a,0x3d,0x84,0x35,
 			0x06,0xf1,0x5e,0x5f,0x52,0x9c,0x1f,0x8b,0xf2,0xea,0x75,0x14,0xb1,0x29,0x7b,0x7b,
 			0xd3,0xe2,0x0f,0xe4,0x90,0x35,0x9e,0xb1,0xc1,0xc9,0x3a,0x37,0x60,0x62,0xdb,0x09,
 			0xc2,0xb6,0xf4,0x43,0x86,0x7a,0xdb,0x31,0x99,0x1e,0x96,0xf5,0x0a,0xba,0x0a,0xb2
 		},
 		{
 			0xef,0x1f,0xdf,0xb3,0xe8,0x15,0x66,0xd2,0xf9,0x48,0xe1,0xa0,0x5d,0x71,0xe4,0xdd,
 			0x48,0x8e,0x85,0x7e,0x33,0x5c,0x3c,0x7d,0x9d,0x72,0x1c,0xad,0x68,0x5e,0x35,0x3f,
 			0xa9,0xd7,0x2c,0x82,0xed,0x03,0xd6,0x75,0xd8,0xb7,0x13,0x33,0x93,0x52,0x03,0xbe,
 			0x34,0x53,0xea,0xa1,0x93,0xe8,0x37,0xf1,0x22,0x0c,0xbe,0xbc,0x84,0xe3,0xd1,0x2e
 		},
 		{
 			0x4b,0xea,0x6b,0xac,0xad,0x47,0x47,0x99,0x9a,0x3f,0x41,0x0c,0x6c,0xa9,0x23,0x63,
 			0x7f,0x15,0x1c,0x1f,0x16,0x86,0x10,0x4a,0x35,0x9e,0x35,0xd7,0x80,0x0f,0xff,0xbd,
 			0xbf,0xcd,0x17,0x47,0x25,0x3a,0xf5,0xa3,0xdf,0xff,0x00,0xb7,0x23,0x27,0x1a,0x16,
 			0x7a,0x56,0xa2,0x7e,0xa9,0xea,0x63,0xf5,0x60,0x17,0x58,0xfd,0x7c,0x6c,0xfe,0x57
 		},
 		{
 			0xae,0x4f,0xae,0xae,0x1d,0x3a,0xd3,0xd9,0x6f,0xa4,0xc3,0x3b,0x7a,0x30,0x39,0xc0,
 			0x2d,0x66,0xc4,0xf9,0x51,0x42,0xa4,0x6c,0x18,0x7f,0x9a,0xb4,0x9a,0xf0,0x8e,0xc6,
 			0xcf,0xfa,0xa6,0xb7,0x1c,0x9a,0xb7,0xb4,0x0a,0xf2,0x1f,0x66,0xc2,0xbe,0xc6,0xb6,
 			0xbf,0x71,0xc5,0x72,0x36,0x90,0x4f,0x35,0xfa,0x68,0x40,0x7a,0x46,0x64,0x7d,0x6e
 		},
 		{
 			0xf4,0xc7,0x0e,0x16,0xee,0xaa,0xc5,0xec,0x51,0xac,0x86,0xfe,0xbf,0x24,0x09,0x54,
 			0x39,0x9e,0xc6,0xc7,0xe6,0xbf,0x87,0xc9,0xd3,0x47,0x3e,0x33,0x19,0x7a,0x93,0xc9,
 			0x09,0x92,0xab,0xc5,0x2d,0x82,0x2c,0x37,0x06,0x47,0x69,0x83,0x28,0x4a,0x05,0x04,
 			0x35,0x17,0x45,0x4c,0xa2,0x3c,0x4a,0xf3,0x88,0x86,0x56,0x4d,0x3a,0x14,0xd4,0x93
 		},
 		{
 			0x9b,0x1f,0x5b,0x42,0x4d,0x93,0xc9,0xa7,0x03,0xe7,0xaa,0x02,0x0c,0x6e,0x41,0x41,
 			0x4e,0xb7,0xf8,0x71,0x9c,0x36,0xde,0x1e,0x89,0xb4,0x44,0x3b,0x4d,0xdb,0xc4,0x9a,
 			0xf4,0x89,0x2b,0xcb,0x92,0x9b,0x06,0x90,0x69,0xd1,0x8d,0x2b,0xd1,0xa5,0xc4,0x2f,
 			0x36,0xac,0xc2,0x35,0x59,0x51,0xa8,0xd9,0xa4,0x7f,0x0d,0xd4,0xbf,0x02,0xe7,0x1e
 		},
 		{
 			0x37,0x8f,0x5a,0x54,0x16,0x31,0x22,0x9b,0x94,0x4c,0x9a,0xd8,0xec,0x16,0x5f,0xde,
 			0x3a,0x7d,0x3a,0x1b,0x25,0x89,0x42,0x24,0x3c,0xd9,0x55,0xb7,0xe0,0x0d,0x09,0x84,
 			0x80,0x0a,0x44,0x0b,0xdb,0xb2,0xce,0xb1,0x7b,0x2b,0x8a,0x9a,0xa6,0x07,0x9c,0x54,
 			0x0e,0x38,0xdc,0x92,0xcb,0x1f,0x2a,0x60,0x72,0x61,0x44,0x51,0x83,0x23,0x5a,0xdb
 		},
 		{
 			0xab,0xbe,0xde,0xa6,0x80,0x05,0x6f,0x52,0x38,0x2a,0xe5,0x48,0xb2,0xe4,0xf3,0xf3,
 			0x89,0x41,0xe7,0x1c,0xff,0x8a,0x78,0xdb,0x1f,0xff,0xe1,0x8a,0x1b,0x33,0x61,0x03,
 			0x9f,0xe7,0x67,0x02,0xaf,0x69,0x33,0x4b,0x7a,0x1e,0x6c,0x30,0x3b,0x76,0x52,0xf4,
 			0x36,0x98,0xfa,0xd1,0x15,0x3b,0xb6,0xc3,0x74,0xb4,0xc7,0xfb,0x98,0x45,0x9c,0xed
 		},
 		{
 			0x7b,0xcd,0x9e,0xd0,0xef,0xc8,0x89,0xfb,0x30,0x02,0xc6,0xcd,0x63,0x5a,0xfe,0x94,
 			0xd8,0xfa,0x6b,0xbb,0xeb,0xab,0x07,0x61,0x20,0x01,0x80,0x21,0x14,0x84,0x66,0x79,
 			0x8a,0x1d,0x71,0xef,0xea,0x48,0xb9,0xca,0xef,0xba,0xcd,0x1d,0x7d,0x47,0x6e,0x98,
 			0xde,0xa2,0x59,0x4a,0xc0,0x6f,0xd8,0x5d,0x6b,0xca,0xa4,0xcd,0x81,0xf3,0x2d,0x1b
 		},
 		{
 			0x37,0x8e,0xe7,0x67,0xf1,0x16,0x31,0xba,0xd2,0x13,0x80,0xb0,0x04,0x49,0xb1,0x7a,
 			0xcd,0xa4,0x3c,0x32,0xbc,0xdf,0x1d,0x77,0xf8,0x20,0x12,0xd4,0x30,0x21,0x9f,0x9b,
 			0x5d,0x80,0xef,0x9d,0x18,0x91,0xcc,0x86,0xe7,0x1d,0xa4,0xaa,0x88,0xe1,0x28,0x52,
 			0xfa,0xf4,0x17,0xd5,0xd9,0xb2,0x1b,0x99,0x48,0xbc,0x92,0x4a,0xf1,0x1b,0xd7,0x20
 		}
 	};
 	union GOST3411Block // 8 bytes aligned
 	{
 		uint8_t buf[64];
 		uint64_t ll[8];
 		GOST3411Block operator^(const GOST3411Block& other) const
 		{
 			GOST3411Block ret;
 			for (int i = 0; i < 8; i++)
 				ret.ll[i] = ll[i]^other.ll[i];
 			return ret;
 		}	
 		GOST3411Block operator^(const uint8_t * other) const
 		{
 			GOST3411Block ret;
 			for (int i = 0; i < 64; i++)
 				ret.buf[i] = buf[i]^other[i];
 			return ret;
 		}	
 		GOST3411Block operator+(const GOST3411Block& other) const
 		{
 			GOST3411Block ret;
 			uint8_t carry = 0;
 			for (int i = 63; i >= 0; i--)
 			{
 				uint16_t sum = buf[i] + other.buf[i] + carry;
 				ret.buf[i] = sum;
 				carry = sum >> 8;
 			}	
 			return ret;
 		}
 		void Add (uint32_t c)
 		{
 			for (int i = 63; i >= 0; i--)
 			{
 				if (!c) return;	
 				c += buf[i];
 				buf[i] = c;
 				c >>= 8;		
 			}
 		}
 		void SPL ()
 		{
 			uint8_t p[64];
 			memcpy (p, buf, 64); // we need to copy it for P's transposition
 			for (int i = 0; i < 8; i++)
 			{
 				uint64_t c = 0;
 				for (int j = 0; j < 8; j++)
 				{	
 					uint8_t bit = 0x80;
 					uint8_t byte = sbox_[p[j*8+i]]; // S - sbox_, P - transpose (i,j)
 					for (int k = 0; k < 8; k++)
 					{
 						if (byte & bit) c ^= A_[j*8+k];
 						bit >>= 1;
 					}
 				}	
 				ll[i] = htobe64 (c);	
 			}	
 		}	
 		GOST3411Block E (const GOST3411Block& m)
 		{
 			GOST3411Block k = *this;
 			GOST3411Block res = k^m;
 			for (int i = 0; i < 12; i++)
 			{
 				res.SPL ();
 				k = k^C_[i];
 				k.SPL ();
 				res = k^res;
 			}	
 			return res;
 		}	
 	};
 	static GOST3411Block gN (const GOST3411Block& N, const GOST3411Block& h, const GOST3411Block& m)
 	{
 		GOST3411Block res = N ^ h;
 		res.SPL ();
 		res = res.E (m);
 		res = res^h;
 		res = res^m;
 		return res;	
 	}	
 	static void H (const uint8_t * iv, const uint8_t * buf, size_t len, uint8_t * digest)
 	{
 		// stage 1	
 		GOST3411Block h, N, s, m;
 		memcpy (h.buf, iv, 64);
 		memset (N.buf, 0, 64);
 		memset (s.buf, 0, 64);
 		size_t l = len;
 		// stage 2
 		while (l >= 64)
 		{
 			memcpy (m.buf, buf + l - 64, 64); // TODO
 			h= gN (N, h, m);
 			N.Add (512);
 			s = m + s;
 			l -= 64;
 		}
 		// stage 3
 		size_t padding = 64 - l;
 		if (padding)
 		{
 			memset (m.buf, 0, padding - 1);
 			m.buf[padding - 1] = 1;
 		}
 		memcpy (m.buf + padding, buf, l);
 		h = gN (N, h, m);
 		N.Add (l*8);	
 		s = m + s;
 		GOST3411Block N0;
 		memset (N0.buf, 0, 64);
 		h = gN (N0, h, N);
 		h = gN (N0, h, s);
 		memcpy (digest, h.buf, 64); 
 	}
 	void GOSTR3411_2012_256 (const uint8_t * buf, size_t len, uint8_t * digest)
 	{
 		uint8_t iv[64];
 		memset (iv, 1, 64);
 		uint8_t h[64];
 		H (iv, buf, len, h);
 		memcpy (digest, h, 32); // first half
 	}
 	void GOSTR3411_2012_512 (const uint8_t * buf, size_t len, uint8_t * digest)
 	{
 		uint8_t iv[64];
 		memset (iv, 0, 64);
 		H (iv, buf, len, digest);
 	}
 	// reverse order
 	struct GOSTR3411_2012_CTX
 	{
 		GOST3411Block h, N, s, m;
 		size_t len;
 		bool is512;
 	};
 	GOSTR3411_2012_CTX * GOSTR3411_2012_CTX_new ()
 	{
 		return new GOSTR3411_2012_CTX;
 	}
 	void GOSTR3411_2012_CTX_free (GOSTR3411_2012_CTX * ctx)
 	{
 		delete ctx;
 	}
 	void GOSTR3411_2012_CTX_Init (GOSTR3411_2012_CTX * ctx, bool is512)
 	{
 		uint8_t iv[64];
 		memset (iv, is512 ? 0 : 1, 64);
 		memcpy (ctx->h.buf, iv, 64);
 		memset (ctx->N.buf, 0, 64);
 		memset (ctx->s.buf, 0, 64);
 		ctx->len = 0;
 		ctx->is512 = is512;
 	}
 	void GOSTR3411_2012_CTX_Update (const uint8_t * buf, size_t len, GOSTR3411_2012_CTX * ctx)
 	{
 		if (!len) return;
 		if (ctx->len > 0) // something left from buffer
 		{
 			size_t l = 64 - ctx->len;
 			if (len < l) l = len;
 			for (size_t i = 0; i < l; i++)
 				ctx->m.buf[ctx->len + i] = buf[l-i-1]; // invert	 
 			ctx->len += l; len -= l; buf += l;
 			ctx->h = gN (ctx->N, ctx->h, ctx->m);
 			ctx->N.Add (512);
 			ctx->s = ctx->m + ctx->s;
 		}
 		while (len >= 64)
 		{
 			for (size_t i = 0; i < 64; i++)
 				ctx->m.buf[i] = buf[63-i]; // invert	
 			len -= 64; buf += 64;
 			ctx->h = gN (ctx->N, ctx->h, ctx->m);
 			ctx->N.Add (512);
 			ctx->s = ctx->m + ctx->s;
 		}
 		if (len > 0) // carry remaining
 		{
 			for (size_t i = 0; i < len; i++)
 				ctx->m.buf[i] = buf[len-i-1]; // invert
 		}
 		ctx->len = len;
 	}
 	void GOSTR3411_2012_CTX_Finish (uint8_t * digest, GOSTR3411_2012_CTX * ctx)
 	{
 		GOST3411Block m;	
 		size_t padding = 64 - ctx->len;
 		if (padding)
 		{
 			memset (m.buf, 0, padding - 1);
 			m.buf[padding - 1] = 1;
 		}
 		memcpy (m.buf + padding, ctx->m.buf, ctx->len);
 		ctx->h = gN (ctx->N, ctx->h, m);
 		ctx->N.Add (ctx->len*8);	
 		ctx->s = m + ctx->s;
 		GOST3411Block N0;
 		memset (N0.buf, 0, 64);
 		ctx->h = gN (N0, ctx->h, ctx->N);
 		ctx->h = gN (N0, ctx->h, ctx->s);
 		size_t sz = ctx->is512 ? 64 : 32;
 		for (size_t i = 0; i < sz; i++)
 			digest[i] = ctx->h.buf[sz - i - 1];
 	}
 }
 }
--- a/libi2pd/Gost.h
+++ b/libi2pd/Gost.h
@@ -0,0 +1,62 @@
 #ifndef GOST_H__
 #define GOST_H__
 #include <memory>
 #include <openssl/ec.h>
 namespace i2p
 {
 namespace crypto
 {
 	// ГОСТ Р 34.10
 	enum GOSTR3410ParamSet
 	{
 		eGOSTR3410CryptoProA = 0,   // 1.2.643.2.2.35.1
 		// XchA = A, XchB = C
 		//eGOSTR3410CryptoProXchA,    // 1.2.643.2.2.36.0
 		//eGOSTR3410CryptoProXchB,	// 1.2.643.2.2.36.1		
 		eGOSTR3410TC26A512,		// 1.2.643.7.1.2.1.2.1
 		eGOSTR3410NumParamSets
 	};	
 	class GOSTR3410Curve
 	{
 		public:
 			GOSTR3410Curve (BIGNUM * a, BIGNUM * b, BIGNUM * p, BIGNUM * q, BIGNUM * x, BIGNUM * y);
 			~GOSTR3410Curve ();			
 			size_t GetKeyLen () const { return m_KeyLen; }; 
 			const EC_GROUP * GetGroup () const { return m_Group; };
 			EC_POINT * MulP (const BIGNUM * n) const;
 			bool GetXY (const EC_POINT * p, BIGNUM * x, BIGNUM * y) const;
 			EC_POINT * CreatePoint (const BIGNUM * x, const BIGNUM * y) const;
 			void Sign (const BIGNUM * priv, const BIGNUM * digest, BIGNUM * r, BIGNUM * s);
 			bool Verify (const EC_POINT * pub, const BIGNUM * digest, const BIGNUM * r, const BIGNUM * s);
 			EC_POINT * RecoverPublicKey (const BIGNUM * digest, const BIGNUM * r, const BIGNUM * s, bool isNegativeY = false) const;
 		private:
 			EC_GROUP * m_Group;
 			size_t m_KeyLen; // in bytes
 	};
 	std::unique_ptr<GOSTR3410Curve>& GetGOSTR3410Curve (GOSTR3410ParamSet paramSet);
 // Big Endian
 	void GOSTR3411_2012_256 (const uint8_t * buf, size_t len, uint8_t * digest);
 	void GOSTR3411_2012_512 (const uint8_t * buf, size_t len, uint8_t * digest);	
 // Little Endian
 	struct GOSTR3411_2012_CTX;
 	GOSTR3411_2012_CTX * GOSTR3411_2012_CTX_new ();
 	void GOSTR3411_2012_CTX_Init (GOSTR3411_2012_CTX * ctx, bool is512 = true);
 	void GOSTR3411_2012_CTX_Update (const uint8_t * buf, size_t len, GOSTR3411_2012_CTX * ctx);
 	void GOSTR3411_2012_CTX_Finish (uint8_t * digest, GOSTR3411_2012_CTX * ctx);	
 	void GOSTR3411_2012_CTX_free (GOSTR3411_2012_CTX * ctx);
 }
 }
 #endif
--- a/libi2pd/Gzip.cpp
+++ b/libi2pd/Gzip.cpp
--- a/libi2pd/Gzip.h
+++ b/libi2pd/Gzip.h
--- a/libi2pd/HTTP.cpp
+++ b/libi2pd/HTTP.cpp
--- a/libi2pd/HTTP.h
+++ b/libi2pd/HTTP.h
--- a/libi2pd/I2NPProtocol.cpp
+++ b/libi2pd/I2NPProtocol.cpp
@@ -6,7 +6,7 @@
 #include "I2PEndian.h"
 #include "Timestamp.h"
 #include "RouterContext.h"
-#include "NetDb.h"
+#include "NetDb.hpp"
 #include "Tunnel.h"
 #include "Transports.h"
 #include "Garlic.h"
@@ -326,12 +326,14 @@ namespace i2p
 			if (!memcmp (record + BUILD_REQUEST_RECORD_TO_PEER_OFFSET, (const uint8_t *)i2p::context.GetRouterInfo ().GetIdentHash (), 16))
 			{	
 				LogPrint (eLogDebug, "I2NP: Build request record ", i, " is ours");
-			
+				BN_CTX * ctx = BN_CTX_new ();
-				i2p::crypto::ElGamalDecrypt (i2p::context.GetEncryptionPrivateKey (), record + BUILD_REQUEST_RECORD_ENCRYPTED_OFFSET, clearText);
+				i2p::crypto::ElGamalDecrypt (i2p::context.GetEncryptionPrivateKey (), record + BUILD_REQUEST_RECORD_ENCRYPTED_OFFSET, clearText, ctx);
 				BN_CTX_free (ctx);
 				// replace record to reply			
 				if (i2p::context.AcceptsTunnels () && 
 					i2p::tunnel::tunnels.GetTransitTunnels ().size () <= g_MaxNumTransitTunnels &&
-					!i2p::transport::transports.IsBandwidthExceeded ())
+					!i2p::transport::transports.IsBandwidthExceeded () &&
 					!i2p::transport::transports.IsTransitBandwidthExceeded ())
 				{	
 					auto transitTunnel = i2p::tunnel::CreateTransitTunnel (
 							bufbe32toh (clearText + BUILD_REQUEST_RECORD_RECEIVE_TUNNEL_OFFSET), 
--- a/libi2pd/I2NPProtocol.h
+++ b/libi2pd/I2NPProtocol.h
@@ -209,6 +209,7 @@ namespace tunnel
 	std::shared_ptr<I2NPMessage> NewI2NPMessage ();
 	std::shared_ptr<I2NPMessage> NewI2NPShortMessage ();
 	std::shared_ptr<I2NPMessage> NewI2NPTunnelMessage ();
 	std::shared_ptr<I2NPMessage> NewI2NPMessage (size_t len);
 	std::shared_ptr<I2NPMessage> CreateI2NPMessage (I2NPMessageType msgType, const uint8_t * buf, size_t len, uint32_t replyMsgID = 0);	
--- a/libi2pd/I2PEndian.cpp
+++ b/libi2pd/I2PEndian.cpp
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
orignal	bd8166e630	2.14.0	2017-06-01 10:05:20 -04:00
orignal	03d1519b39	2.14.0	2017-06-01 10:04:02 -04:00
orignal	36c4719570	Merge pull request #881 from majestrate/ntcp-socks NTCP SOCKS/HTTP Proxy support	2017-05-29 10:36:46 -04:00
Jeff Becker	7c970771c5	fix	2017-05-29 10:09:24 -04:00
orignal	3f64c042bd	Fixed #880 . Print if AESNI or AVX enabled	2017-05-29 10:08:49 -04:00
Jeff Becker	e336cbfb2d	add http proxy, change socks4a to socks5	2017-05-29 09:57:30 -04:00
Jeff Becker	24eec76428	more	2017-05-29 02:16:57 -04:00
Jeff Becker	71c9b15ff1	more	2017-05-29 02:12:16 -04:00
Jeff Becker	2940f0d67c	capture by value not reference	2017-05-29 01:53:34 -04:00
Jeff Becker	cbb1d2d3b5	more whitespace bullshit	2017-05-29 01:44:06 -04:00
Jeff Becker	36dd11a899	more whitespace bullshit	2017-05-29 01:39:11 -04:00
Jeff Becker	be88969b79	more whitespace bullshit	2017-05-29 01:38:32 -04:00
Jeff Becker	d91ad54ed9	more whitespace bullshit	2017-05-29 01:37:19 -04:00
Jeff Becker	1330228080	fix whitespace bullshit	2017-05-29 01:35:11 -04:00
Jeff Becker	3ea1eca350	ntcp socks proxy (initial)	2017-05-29 01:28:16 -04:00
orignal	a4e6d8120b	handle iexp	2017-05-24 12:49:36 -04:00
orignal	3219de235c	Merge pull request #875 from majestrate/cmake-avx add AVX option to cmake build system	2017-05-22 14:37:42 -04:00
Jeff Becker	4e5c2ff620	add AVX option to cmake build system	2017-05-22 11:12:08 -04:00
Jeff	63e25f0ff9	Merge pull request #873 from majestrate/fix-addressbook try fixing issue #871	2017-05-22 10:51:48 -04:00
Jeff Becker	840225b580	try fixing issue #871	2017-05-22 10:34:29 -04:00
Jeff	bd221d60d6	Merge pull request #872 from majestrate/fix-websocket-cmake fix cmake compile error with websockets	2017-05-21 08:38:07 -04:00
Jeff Becker	8a3bb50143	fix cmake compile error with websockets	2017-05-21 08:18:16 -04:00
orignal	e4cd1a465c	ignore comments	2017-05-10 09:36:58 -04:00
orignal	2173a9f246	Merge pull request #869 from bit/patch-1 Build depends on zlib.h (zlib1g-dev)	2017-05-08 14:58:33 -04:00
bit	973a838e2a	Build depends on zlib.h (zlib1g-dev)	2017-05-08 12:54:08 +02:00
orignal	d95ee55497	skip comment address line	2017-05-05 13:54:21 -04:00
orignal	124e2e759c	fix #846 . ability to limit transit bandwidth	2017-05-04 14:58:12 -04:00
orignal	ac918e3618	0.9.30	2017-05-04 09:40:00 -04:00
orignal	009a720c32	disabled dead reseed	2017-05-02 21:08:51 -04:00
orignal	0dbfa43dad	moveable to SD card	2017-05-02 19:25:34 -04:00
orignal	e0b4d36a74	changed target sdk back to 25	2017-05-02 18:06:06 -04:00
orignal	a441474d75	show transit bandwidth	2017-05-02 14:20:00 -04:00
orignal	cfd3c3628e	count and show transit traffic	2017-04-27 16:11:37 -04:00
orignal	474d52f805	minor performance improvements	2017-04-27 10:12:22 -04:00
orignal	7ee8bdf2f3	Merge branch 'master' of https://github.com/PurpleI2P/i2pd into openssl	2017-04-27 10:11:45 -04:00
orignal	8a9757111f	enable SAM by default	2017-04-24 12:20:15 -04:00
Darknet Villain	65dda4a70b	Merge pull request #865 from l-n-s/update_config Sample config: enable SAM by default + update description for notransit	2017-04-24 15:10:57 +00:00
Darknet Villain	1ed39dbbed	Sample config: enable SAM by default + update description for notransit	2017-04-24 11:07:54 -04:00
orignal	8162c2e4e4	GST added	2017-04-23 06:52:37 -04:00
r4sas	a7d74f3f98	update debian stuff	2017-04-23 07:09:12 +03:00
orignal	ad83ae1e7a	removed stdafx	2017-04-22 14:52:19 -04:00
R4SAS	066374906e	Merge pull request #862 from r4sas/makefile update Makefile, tunnels.conf, android platform	2017-04-22 05:35:53 +04:00
orignal	ec79a4a6f6	Merge pull request #861 from majestrate/fix-case-insensative-include remove uneeded lines in qt build file	2017-04-21 21:34:02 -04:00
R4SAS	9fae215db4	update android platform to 14	2017-04-22 04:20:22 +03:00
R4SAS	92b40c9485	update tunnels.conf	2017-04-22 04:19:32 +03:00
R4SAS	19fc59739f	update makefile-s	2017-04-22 04:17:01 +03:00
Jeff Becker	7e0ae4c601	remove uneeded lines in qt build file	2017-04-21 21:01:48 -04:00
orignal	81c2f4b30b	Merge pull request #860 from majestrate/fix-case-insensative-include NetDb.h -> NetDb.hpp	2017-04-21 20:46:56 -04:00
Jeff Becker	e238f7ed37	NetDb.h -> NetDb.hpp for case insensative file systems clashing with libc's netdb.h	2017-04-21 20:04:16 -04:00
orignal	2756f3332c	changed android target sdk to 25	2017-04-21 12:05:58 -04:00
orignal	14b3eefbaf	change minimal requirement to android 4.0	2017-04-21 11:54:08 -04:00
orignal	dc946582a4	generic path to sdk	2017-04-21 09:54:35 -04:00
orignal	dfa14a73a8	Merge pull request #858 from majestrate/restructure Restructure	2017-04-21 08:52:59 -04:00
Jeff Becker	112aa845f4	use correct #include in Win32	2017-04-21 07:20:50 -04:00
Jeff Becker	150a309175	include daemon directory for Win32 mingw	2017-04-21 07:08:31 -04:00
orignal	55c14819a3	Merge pull request #859 from PurpleI2P/openssl recent changes	2017-04-21 06:53:56 -04:00
Jeff Becker	598897caa6	fix mingw build	2017-04-21 06:48:57 -04:00
Jeff Becker	cf3f8a796a	fix path	2017-04-21 06:36:49 -04:00
Jeff Becker	bffc294b13	fix path	2017-04-21 06:35:39 -04:00
Jeff Becker	4cc3b7f9fb	restructure build to separate the 3 main components into 3 subdirectories libi2pd for core libs libi2pd_client for i2pd client libs daemon for i2pd daemon libs	2017-04-21 06:33:45 -04:00
orignal	b3161dde93	Merge pull request #855 from v2e/patch-2 kbps --> KBps	2017-04-19 07:05:29 -04:00
v2e	5550eabac1	kbs -- KBs in i2pd.conf	2017-04-19 11:39:01 +03:00
v2e	b2b320174b	kbps -- KBps in Config.cpp	2017-04-19 11:36:19 +03:00
orignal	dd79348b35	delete used tag before update	2017-04-14 22:08:43 -04:00
orignal	bd6ce7d4da	reduced memory usage	2017-04-14 10:19:26 -04:00
orignal	7a67670e1a	Fixed #846 . httpproxy.addresshelper config parameter added	2017-04-11 14:36:28 -04:00
orignal	539bf482b9	Merge pull request #844 from majestrate/datagram-fixes Datagram fixes	2017-04-09 09:16:37 -04:00
Jeff Becker	ed67ce7f33	tabifty	2017-04-09 08:53:47 -04:00
Jeff Becker	d91c7e5e79	fix datagram bugs	2017-04-09 08:52:42 -04:00
orignal	4f1dfe2ef7	fixed android build	2017-04-08 17:21:56 -04:00
orignal	36ea6c13df	Merge pull request #843 from majestrate/obep-ibgw Allow point to point client tunnels to use OB tunnels that share OBEP and IBGW of remote destination	2017-04-08 15:32:26 -04:00
Jeff Becker	3acb0aac98	tabify	2017-04-08 15:16:51 -04:00
Jeff Becker	fdf4b3878f	tabify	2017-04-08 15:15:59 -04:00
Jeff Becker	2fe71782a7	tabify	2017-04-08 15:14:47 -04:00
Jeff Becker	89dfe2b763	delay request	2017-04-08 15:10:16 -04:00
Jeff Becker	9b62f238ed	add option for client tunnels to build tunnels such that OBEP==IBGW	2017-04-08 15:10:06 -04:00
orignal	987688f196	GOST hash of a Little Endian stream	2017-04-07 11:17:40 -04:00
orignal	46cb95f16c	Merge pull request #842 from PurpleI2P/openssl 2.13.0	2017-04-06 10:02:54 -04:00
r4sas	4e1fcbb706	update appveyor tag to 2.13	2017-04-06 17:01:39 +03:00
orignal	e4c038762b	2.13.0	2017-04-06 09:48:47 -04:00
r4sas	86dfa200a6	update changelog to 2.13	2017-04-06 16:32:00 +03:00
orignal	165cf980d2	fixed memory leak	2017-04-05 18:26:56 -04:00
orignal	13ccb16a4a	fixed memory leak	2017-04-05 17:44:23 -04:00
r4sas	f4b5426865	update debian/control	2017-04-04 18:47:50 +03:00
orignal	c2f62ba52a	persist incoming tags	2017-04-03 15:05:10 -04:00
orignal	b2d2c56a09	Merge pull request #839 from PurpleI2P/openssl recent changes	2017-04-03 11:47:31 -04:00
orignal	abf0f5ac87	fixed typo	2017-03-31 12:26:20 -04:00
orignal	fa1965deb4	assign signature types 8 and 9 to GOST R 34.10	2017-03-31 10:04:39 -04:00
orignal	1f76dc78d8	cleanup acceptor for AcceptOnce	2017-03-30 20:27:31 -04:00
orignal	4448884a3e	handle SIGNATURE_TYPE for DEST GENERATE	2017-03-30 15:43:02 -04:00
orignal	e3fc23bae8	restore previous acceptor later	2017-03-30 13:40:29 -04:00
orignal	29ceed74a2	don't drop destination's acceptor if inactive acceptor gets closed	2017-03-30 11:59:39 -04:00
orignal	382308c3fd	change acceptor back to previous before processing	2017-03-30 11:22:38 -04:00
orignal	3d1b6e29c6	Merge pull request #838 from majestrate/sam-crash-fix-2017-03-29 try fixing sam crashyness	2017-03-29 15:01:22 -04:00
Jeff Becker	3a9a5ec669	try fixing sam crashyness	2017-03-29 14:38:55 -04:00
orignal	8c37c491a9	send STREAM CONNECT follow on data	2017-03-29 13:59:48 -04:00
orignal	fdf11e6038	allow unknown options for api	2017-03-29 10:51:32 -04:00
orignal	8e558f0826	recover public key from GOST R 34.10 signature	2017-03-26 08:55:15 -04:00
orignal	69804c23f1	check if destination keys are correct	2017-03-25 16:53:20 -04:00
orignal	9aa9a62ed4	AESNI for x86	2017-03-25 08:16:56 -04:00
orignal	d9b79f47c8	GetGroup () for GOST curve	2017-03-23 19:26:39 -04:00
orignal	249bc42667	merge S,P,L for GOST R 34.11-2012	2017-03-22 10:26:11 -04:00
R4SAS	644c184f7c	Merge branch 'openssl' into openssl	2017-03-22 17:49:44 +04:00
orignal	66cfae7b3b	more memory allocation optimization	2017-03-21 20:51:13 -04:00
orignal	bd2c2acd5f	use CryptoProA params for GOST R 34.10-2012 256 bits	2017-03-21 11:48:34 -04:00
orignal	13aab750dd	GOST signature unit test added	2017-03-21 10:45:57 -04:00
orignal	7a51abc2f9	GOST unit tests added	2017-03-21 09:44:09 -04:00
orignal	44a3e08095	GOST unit tests added	2017-03-21 09:43:36 -04:00
R4SAS	2aa8cf7104	update gitignore	2017-03-21 15:24:27 +03:00
R4SAS	1b1cfe1b92	rewrote win build script and moved it to build folder	2017-03-21 15:03:31 +03:00
orignal	199c2cdb66	some improvement of GOST R 34.11	2017-03-20 14:25:38 -04:00
orignal	726828a487	use GOST 34.11-2012 with GOST 34.10	2017-03-20 11:57:39 -04:00
orignal	fcbf81a3d4	correct implementation of L for GOST R 34.11-2012	2017-03-20 11:33:45 -04:00
orignal	7637b51ba5	fix #833 . Handle SIGPIPE	2017-03-20 09:52:43 -04:00
orignal	3afed3b316	Merge pull request #832 from PurpleI2P/openssl recent changes	2017-03-19 11:02:36 -04:00
R4SAS	3d6e334007	Appveyor merge (#1 )	2017-03-18 05:22:02 +04:00
R4SAS	6c848a57b6	recreated appveyor config	2017-03-18 02:40:39 +03:00
R4SAS	eb12d43800	update windows build scripts	2017-03-17 20:59:10 +03:00
orignal	465366e644	new ressed	2017-03-16 20:55:05 -04:00
orignal	289e9c809f	correct padding for GOST 34.11	2017-03-16 16:30:32 -04:00
orignal	8b40354786	GOST R 34.11-2012 implementation	2017-03-16 13:31:25 -04:00
orignal	8de8de1b1e	GOST 34.11-2012 functions	2017-03-15 20:46:27 -04:00
orignal	4b76c76712	correct x for tc26 paramSetA 256	2017-03-15 14:59:17 -04:00
orignal	6b9a270506	enable TC26 paramSet A 512 for GOST 34.10-2012	2017-03-15 12:41:02 -04:00
orignal	da2c49ab66	tc26 paramSetA 512 for GOST 34.1002012	2017-03-14 21:15:17 -04:00
orignal	af2a3f3a65	Gost.cpp added	2017-03-14 21:14:23 -04:00
orignal	6369a900da	added TC26 param sets for GOST R 34.10-2012	2017-03-14 20:03:44 -04:00
orignal	e877247032	support of GOST 34.10-2012 512 bits	2017-03-14 16:41:06 -04:00
orignal	5bcc5ff873	initial support of GOST R 34.10-2012	2017-03-14 16:02:16 -04:00
orignal	a52064463e	fixed race condition	2017-03-14 12:03:51 -04:00
orignal	6ed7f19673	moved GOST to separate file	2017-03-13 20:28:36 -04:00
orignal	9aba0ba5a8	Merge branch 'openssl' of https://github.com/PurpleI2P/i2pd into openssl	2017-03-12 14:48:47 -04:00
orignal	5803a84bd7	change establish timeout to 10 seconds	2017-03-12 14:48:11 -04:00
r4sas	ce0bf0f4b4	re-fix year	2017-03-12 18:29:57 +03:00
r4sas	65ed57aff4	fix year	2017-03-12 18:28:25 +03:00
orignal	1317b80fca	terminate incoming connection by timeout	2017-03-11 21:32:35 -05:00
orignal	f0d6145fa6	terminate incoming connection by timeout	2017-03-11 21:17:19 -05:00
orignal	c0c157ecef	use common context for ElGamal encrypt/decrypt	2017-03-11 16:48:54 -05:00
orignal	4bb607f180	Merge pull request #824 from BOPOHA/openssl i2pd.spec: changed Release format, upgrade Version	2017-03-10 19:25:28 -05:00
Anatolii Vorona	2eec205e31	i2pd.spec: changed Release format, upgrade Version	2017-03-11 00:31:00 +01:00
orignal	bd8cdd345a	A,B,B param sets for GOST R 34.10	2017-03-10 16:57:56 -05:00
orignal	7caf3ea7d0	eliminate dependancy from GOST engine for GOST R 34.10	2017-03-10 13:21:22 -05:00
orignal	ba89c60b6d	correct param set for GOST R 34.10 verification	2017-03-10 11:55:30 -05:00
orignal	084e48d6dd	ZEC added	2017-03-10 11:53:49 -05:00
orignal	1bed3f3936	ZEC added	2017-03-10 11:53:05 -05:00
orignal	cd860bfbf8	correct param set for GOST R 34.10 signing	2017-03-09 21:46:34 -05:00
orignal	439c2d445c	GOST R 34.10 sign	2017-03-09 20:13:21 -05:00
orignal	7f71d5dbd8	generate GOST R 34.10 keys with param set	2017-03-09 18:46:28 -05:00
orignal	831c835106	GOST R 34.10 param sets	2017-03-08 19:35:51 -05:00
orignal	5dfb7cb938	GOST R 34.10 curve added	2017-03-07 16:36:17 -05:00
orignal	044d6a2207	eliminate some BIGNUM allocation overhead	2017-03-07 15:02:01 -05:00
orignal	955b46534d	eliminate some BIGNUM allocation overhead	2017-03-07 14:51:05 -05:00
orignal	0e8d80e055	eliminate some BIGNUM allocation overhead	2017-03-07 14:24:19 -05:00
orignal	92fc736cfa	recreate SSU session again if session key is invalid	2017-03-05 17:08:20 -05:00
orignal	60ed43c11b	#818 . Exploratory config	2017-02-28 15:58:53 -05:00
orignal	319f72ae2a	0.9.29	2017-02-28 15:19:49 -05:00
orignal	04dc34260f	replaced stringstream by a list of buffers	2017-02-26 15:05:14 -05:00
orignal	a8196d1f33	Merge pull request #816 from PurpleI2P/openssl recent changes	2017-02-26 09:29:14 -05:00
orignal	1ce6ad5ccc	cleanup send buffer	2017-02-24 11:04:40 -05:00
orignal	145e36925f	check certificate size	2017-02-23 22:08:25 -05:00
orignal	c07928144c	GOST support for Android openssl 1.1	2017-02-21 15:43:03 -05:00
orignal	d8c30f6cbb	fixed typo	2017-02-21 11:38:11 -05:00
orignal	e968c6a2a4	fixed typo	2017-02-21 11:36:53 -05:00
orignal	ffc3a31d09	fixed andorid build	2017-02-21 11:23:14 -05:00
orignal	d6e037dd28	fixed build error	2017-02-19 19:31:37 -05:00
orignal	83b9b3bf4a	enable GOST R 34.10 signatures from netid!=2	2017-02-19 18:08:10 -05:00
orignal	1cb89ce20d	set correct curve parameters for GOST R 34.10	2017-02-19 14:45:10 -05:00
orignal	d75b916153	correct GOST engine initialization	2017-02-18 18:45:21 -05:00
orignal	192b484a8c	fixed typo	2017-02-18 07:00:14 -05:00
r4sas	85e2137d0e	disable incorrect check	2017-02-18 09:14:23 +03:00
orignal	c1042c8f20	GOST R 34.11 hash	2017-02-17 22:26:24 -05:00
orignal	c91b05bd4b	set correct curve from GOST R 34.10 signer and verifier	2017-02-17 13:37:53 -05:00
orignal	f8a09df5c0	generate GOST R 34.10 keys pair	2017-02-16 21:45:12 -05:00
orignal	9363db816c	GOST R 34.10 signer and verifier	2017-02-16 21:18:18 -05:00
orignal	22af4da4d4	initial support of GOST crypto	2017-02-16 16:27:24 -05:00
r4sas	16fa10b056	fix incorrect traffic counting	2017-02-16 17:45:38 +03:00
r4sas	f044851abb	fix typo	2017-02-16 16:29:08 +03:00
r4sas	217e99a0e2	updated InnoSetup script deleted old unused icon added doxygen "docs/generated" folder to gitignore	2017-02-16 16:16:19 +03:00
Darknet Villain	1bc4aea217	Merge pull request #808 from l-n-s/update_docs Update docs	2017-02-16 11:52:32 +00:00
Darknet Villain	4997934bfe	Fix paths for moved contrib files	2017-02-16 06:48:06 -05:00
Darknet Villain	4905dded87	Moved files from docs/ to contrib/	2017-02-16 06:36:01 -05:00
Darknet Villain	ff6447ae2b	Merge pull request #806 from l-n-s/update_docs Update docs	2017-02-16 06:37:55 +00:00
Darknet Villain	7f51857fa5	Update README.md	2017-02-16 01:20:59 -05:00
Darknet Villain	78c3babc37	Move docs to new repo	2017-02-16 01:14:07 -05:00
r4sas	83300044dd	fix osx upnp support fix tabulation in UPnP.cpp	2017-02-15 09:04:40 +03:00
orignal	55f891e2aa	fixed build error for gcc 4.7	2017-02-14 14:20:37 -05:00
orignal	29cc1cf390	Merge pull request #805 from PurpleI2P/openssl 2.12.0	2017-02-14 12:38:32 -05:00
orignal	040585bf3d	Merge pull request #791 from PurpleI2P/openssl recent changes	2017-02-01 14:18:41 -05:00
orignal	26e7821aaa	Merge pull request #781 from PurpleI2P/openssl recent changes	2017-01-19 21:57:08 -05:00
orignal	e0879fbccb	Merge pull request #779 from PurpleI2P/openssl recent changes	2017-01-16 22:06:32 -05:00
orignal	b3ab85f3b5	Merge pull request #768 from PurpleI2P/openssl recent changes	2017-01-05 15:47:04 -05:00
orignal	d4f5871e74	Merge pull request #764 from PurpleI2P/openssl recent changes	2017-01-02 16:16:51 -05:00
orignal	fc08d15a79	Merge pull request #743 from PurpleI2P/openssl 2.11.0	2016-12-18 18:11:22 -05:00
orignal	0ea5fbfe0a	Merge pull request #731 from PurpleI2P/openssl recent changes	2016-12-03 09:38:28 -05:00
orignal	2756cb8b8f	Merge pull request #729 from PurpleI2P/openssl recent changes	2016-11-29 13:39:26 -05:00
orignal	c166bc9b18	Merge pull request #719 from PurpleI2P/openssl recent changes	2016-11-23 11:31:58 -05:00
orignal	fb59d80897	Merge pull request #712 from PurpleI2P/openssl recent changes	2016-11-16 14:40:50 -05:00
orignal	7419f992e7	Merge pull request #703 from PurpleI2P/openssl recent changes	2016-11-09 14:49:12 -05:00
orignal	4a4292a0dc	Merge pull request #700 from PurpleI2P/openssl recent changes	2016-11-06 14:40:43 -05:00
orignal	bc92586323	Merge pull request #684 from PurpleI2P/openssl recent changes	2016-10-22 20:05:28 -04:00
orignal	40456ebaae	Merge pull request #669 from PurpleI2P/openssl recent changes	2016-10-12 11:54:51 -04:00
orignal	7c34c45983	Merge pull request #646 from PurpleI2P/openssl recent changes	2016-09-27 16:19:01 -04:00
orignal	31f6d13cd8	Merge pull request #639 from PurpleI2P/openssl recent changes	2016-09-18 07:43:21 -04:00
orignal	502e6b0ce5	Merge pull request #631 from rabits/patch-1 Fixed upstart i2pd forking	2016-09-10 19:35:02 -04:00
Rabit	516380f979	Fixed upstart forking Upstart can't track daemonize fork without expect fork	2016-09-11 01:15:22 +04:00
orignal	63edc60753	Merge pull request #618 from PurpleI2P/openssl recent changes	2016-08-24 11:12:04 -04:00
`@@ -1,2 +1 @@`
	`README.md`	`README.md`
	`docs/configuration.md`
		`@@ -0,0 +1,3 @@`
							`Documentation is moved to [separate repository](https://github.com/PurpleI2P/i2pd_docs_en.git)`

							`[View docs online](https://i2pd.readthedocs.io/en/latest/)`