## v1.20210803.0

Performance tuning. Enlarge some buffers and network receive windows to
permit faster downloads in some configurations. Adjusted the dynamic
polling model to work more as intended, and tweaked the server send loop
to continue bundling outgoing packets as long as some are immediately
available.

Reduce idle timeout from 10 minutes to 2 minutes. Terminated sessions
will be reclaimed more quickly.

Documentation updates.


## v0.20210424.0

dnstt was part of a software security audit done by Cure53. The report
found issues of severity levels Low–Medium in dnstt and in one of its
dependencies, a package used for Noise cryptography. This release fixes
the following issues:
 * UCB-02-002: Memory leak in acceptStreams() routine of dnstt server (Low)
 * UCB-02-003: Potential nonce overflow in Noise protocol (Medium)
 * UCB-02-004: Deprecated DH25519 Golang API used by Noise (Low)
 * UCB-02-006: DoS due to unconditional nonce increment (Low)
 * UCB-02-007: DoS due to missing socket timeouts (Low)
Unaddressed in this release are:
 * UCB-02-005: Client ID security considerations & Noise authenticated data (Low)
 * UCB-02-008: Lack of rate limiting in Snowflake and dnstt (Info)
Two other issues in the report, UCB-02-001 and UCB-02-009, do not have
to do with dnstt. For more details and the text of the report, see
https://www.bamsoftware.com/software/dnstt/security.html#cure53-turbotunnel-2021

Added man pages for dnstt-client and dnstt-server.


## v0.20200506.0

Documentation updates.


## v0.20200504.0

Documentation updates and link to web page.
https://www.bamsoftware.com/software/dnstt/


## v0.20200430.0

Send leftover packets (those that were too big to fit in the current DNS
response) to the correct client in the future. Before, such leftover
packets were included in the next response to be sent, regardless of the
client it was intended for.

Fix the loop that packs packets into responses in the server. Before, if
there were not a packet immediately available, the response would always
be empty. Now, a packet has until the response timeout to be included.

Buffer the DoT transport in the client so that length prefixes and DNS
queries happen in the same send.

Don't look for encoded packets in a response that was too short to
contain a ClientID.


## v0.20200426.0

Added the -mtu command-line option to the server.

Documentation fixes.


## v0.20200419.0

Initial public release and announcement.
https://github.com/net4people/bbs/issues/30
