Merge pull request #1019 from PurpleI2P/openssl

recent changes
7 years ago · 276a78cb2e
42 changed files with 750 additions and 463 deletions
--- a/.travis.yml
+++ b/.travis.yml
@ -2,34 +2,53 @@ language: cpp
				@@ -2,34 +2,53 @@ language: cpp
 cache:
  apt: true
 os:
-  - linux
-sudo: required
+- linux
+- osx
 dist: trusty
+sudo: required
+compiler:
+- g++
+- clang++
+env:
+  global:
+  - MAKEFLAGS="-j 2"
+  matrix:
+  - BUILD_TYPE=make UPNP=ON MAKE_UPNP=yes
+  - BUILD_TYPE=make UPNP=OFF MAKE_UPNP=no
+  - BUILD_TYPE=cmake UPNP=ON MAKE_UPNP=yes
+  - BUILD_TYPE=cmake UPNP=OFF MAKE_UPNP=no
+matrix:
+  exclude:
+  - os: osx
+    env: BUILD_TYPE=cmake UPNP=ON MAKE_UPNP=yes
+  - os: osx
+    env: BUILD_TYPE=cmake UPNP=OFF MAKE_UPNP=no
+  - os: linux
+    compiler: clang++
+    env: BUILD_TYPE=make UPNP=ON MAKE_UPNP=yes
+  - os: linux
+    compiler: clang++
+    env: BUILD_TYPE=make UPNP=OFF MAKE_UPNP=no
 addons:
  apt:
    packages:
-      - build-essential
-      - cmake
-      - g++
-      - clang
-      - libboost-chrono-dev
-      - libboost-date-time-dev
-      - libboost-filesystem-dev
-      - libboost-program-options-dev
-      - libboost-system-dev
-      - libboost-thread-dev
-      - libminiupnpc-dev
-      - libssl-dev
-compiler:
-  - gcc
-  - clang
+    - build-essential
+    - cmake
+    - g++
+    - clang
+    - libboost-chrono-dev
+    - libboost-date-time-dev
+    - libboost-filesystem-dev
+    - libboost-program-options-dev
+    - libboost-system-dev
+    - libboost-thread-dev
+    - libminiupnpc-dev
+    - libssl-dev
 before_install:
-  - if [[ "$TRAVIS_OS_NAME" == "osx" ]]; then brew update ; fi
-  - if [[ "$TRAVIS_OS_NAME" == "osx" ]]; then brew install openssl miniupnpc ; fi
-  - if [[ "$TRAVIS_OS_NAME" == "osx" ]]; then brew unlink boost openssl && brew link boost openssl -f ; fi
-env:
-  matrix:
-    - BUILD_TYPE=Release UPNP=ON
-    - BUILD_TYPE=Release UPNP=OFF
+- if [[ "$TRAVIS_OS_NAME" == "osx" ]]; then brew update ; fi
+- if [[ "$TRAVIS_OS_NAME" == "osx" ]]; then brew install libressl miniupnpc ; fi
+- if [[ "$TRAVIS_OS_NAME" == "osx" ]]; then brew outdated boost || brew upgrade boost ; fi
 script:
-  - cd build && cmake -DCMAKE_BUILD_TYPE=${BUILD_TYPE} -DWITH_UPNP=${UPNP} && make
+- if [[ "$TRAVIS_OS_NAME" == "linux" && "$BUILD_TYPE" == "cmake" ]]; then cd build && cmake -DCMAKE_BUILD_TYPE=Release -DWITH_UPNP=${UPNP} && make ; fi
+- if [[ "$TRAVIS_OS_NAME" == "linux" && "$BUILD_TYPE" == "make" ]]; then make USE_UPNP=${MAKE_UPNP} ; fi
+- if [[ "$TRAVIS_OS_NAME" == "osx" ]]; then make HOMEBREW=1 USE_UPNP=${MAKE_UPNP} ; fi
--- a/17
+++ b/17
@ -1,6 +1,23 @@
				@@ -1,6 +1,23 @@
 # for this file format description,
 # see https://github.com/olivierlacan/keep-a-changelog

+## [2.16.0] - 2017-11-13
+### Added
+- https and "Connect" method for HTTP proxy
+- outproxy for HTTP proxy
+- initial support of ECIES crypto
+- NTCP soft and hard descriptors limits
+- Support full timestamps in logs
+### Changed
+- Faster implmentation of GOST R 34.11 hash
+- Reject routers with RSA signtures
+- Reload config and shudown from Windows GUI
+- Update tunnels address(destination) without restart
+### Fixed
+- BOB crashes if destination is not set
+- Correct SAM tunnel name
+- QT GUI issues
+
 ## [2.15.0] - 2017-08-17
 ### Added
 - QT GUI 
--- a/Makefile.homebrew
+++ b/Makefile.homebrew
@ -3,27 +3,30 @@ BREWROOT = /usr/local
				@@ -3,27 +3,30 @@ BREWROOT = /usr/local
 BOOSTROOT = ${BREWROOT}/opt/boost
 SSLROOT = ${BREWROOT}/opt/libressl
 UPNPROOT = ${BREWROOT}/opt/miniupnpc
-CXX = clang++
 CXXFLAGS = -g -Wall -std=c++11 -DMAC_OSX -Wno-overloaded-virtual
 INCFLAGS = -I${SSLROOT}/include -I${BOOSTROOT}/include 

+ifndef TRAVIS
+	CXX = clang++
+endif
+
 ifeq ($(USE_STATIC),yes)
-LDLIBS = -lz ${SSLROOT}/lib/libcrypto.a ${SSLROOT}/lib/libssl.a ${BOOSTROOT}/lib/libboost_system.a ${BOOSTROOT}/lib/libboost_date_time.a ${BOOSTROOT}/lib/libboost_filesystem.a ${BOOSTROOT}/lib/libboost_program_options.a -lpthread
+	LDLIBS = -lz ${SSLROOT}/lib/libcrypto.a ${SSLROOT}/lib/libssl.a ${BOOSTROOT}/lib/libboost_system.a ${BOOSTROOT}/lib/libboost_date_time.a ${BOOSTROOT}/lib/libboost_filesystem.a ${BOOSTROOT}/lib/libboost_program_options.a -lpthread
 else
-LDFLAGS = -L${SSLROOT}/lib -L${BOOSTROOT}/lib
-LDLIBS = -lz -lcrypto -lssl -lboost_system -lboost_date_time -lboost_filesystem -lboost_program_options -lpthread
+	LDFLAGS = -L${SSLROOT}/lib -L${BOOSTROOT}/lib
+	LDLIBS = -lz -lcrypto -lssl -lboost_system -lboost_date_time -lboost_filesystem -lboost_program_options -lpthread
 endif

 ifeq ($(USE_UPNP),yes)
 	LDFLAGS += -ldl
 	CXXFLAGS += -DUSE_UPNP
-  INCFLAGS += -I${UPNPROOT}/include
-  ifeq ($(USE_STATIC),yes)
-    LDLIBS += ${UPNPROOT}/lib/libminiupnpc.a
-  else
-    LDFLAGS += -L${UPNPROOT}/lib
-    LDLIBS += -lminiupnpc
-  endif  
+	INCFLAGS += -I${UPNPROOT}/include
+	ifeq ($(USE_STATIC),yes)
+		LDLIBS += ${UPNPROOT}/lib/libminiupnpc.a
+	else
+		LDFLAGS += -L${UPNPROOT}/lib
+		LDLIBS += -lminiupnpc
+	endif
 endif

 # OSX Notes
--- a/Makefile.osx
+++ b/Makefile.osx
@ -5,29 +5,29 @@ INCFLAGS = -I/usr/local/include
				@@ -5,29 +5,29 @@ INCFLAGS = -I/usr/local/include
 LDFLAGS = -Wl,-rpath,/usr/local/lib -L/usr/local/lib

 ifeq ($(USE_STATIC),yes)
-LDLIBS = -lz /usr/local/lib/libcrypto.a /usr/local/lib/libssl.a /usr/local/lib/libboost_system.a /usr/local/lib/libboost_date_time.a /usr/local/lib/libboost_filesystem.a /usr/local/lib/libboost_program_options.a -lpthread
+	LDLIBS = -lz /usr/local/lib/libcrypto.a /usr/local/lib/libssl.a /usr/local/lib/libboost_system.a /usr/local/lib/libboost_date_time.a /usr/local/lib/libboost_filesystem.a /usr/local/lib/libboost_program_options.a -lpthread
 else
-LDLIBS = -lz -lcrypto -lssl -lboost_system -lboost_date_time -lboost_filesystem -lboost_program_options -lpthread
+	LDLIBS = -lz -lcrypto -lssl -lboost_system -lboost_date_time -lboost_filesystem -lboost_program_options -lpthread
 endif

 ifeq ($(USE_UPNP),yes)
-  LDFLAGS += -ldl
-  CXXFLAGS += -DUSE_UPNP
-ifeq ($(USE_STATIC),yes)
-  LDLIBS += /usr/local/lib/libminiupnpc.a
-else
-  LDLIBS += -lminiupnpc
-endif
+	LDFLAGS += -ldl
+	CXXFLAGS += -DUSE_UPNP
+	ifeq ($(USE_STATIC),yes)
+		LDLIBS += /usr/local/lib/libminiupnpc.a
+	else
+		LDLIBS += -lminiupnpc
+	endif
 endif

 ifeq ($(USE_AESNI),1)
-  CXXFLAGS += -maes -DAESNI
+	CXXFLAGS += -maes -DAESNI
 else
-  CXXFLAGS += -msse
+	CXXFLAGS += -msse
 endif

 ifeq ($(USE_AVX),1)
-  CXXFLAGS += -mavx
+	CXXFLAGS += -mavx
 endif

 # Disabled, since it will be the default make rule. I think its better
--- a/README.md
+++ b/README.md
@ -54,9 +54,9 @@ Build instructions:
				@@ -54,9 +54,9 @@ Build instructions:

 **Supported systems:**

-* GNU/Linux x86/x64  - [![Build Status](https://travis-ci.org/PurpleI2P/i2pd.svg?branch=openssl)](https://travis-ci.org/PurpleI2P/i2pd)  
-* Windows        - [![Build status](https://ci.appveyor.com/api/projects/status/1908qe4p48ff1x23?svg=true)](https://ci.appveyor.com/project/PurpleI2P/i2pd)  
-* Mac OS X
+* GNU/Linux x86/x64		- [![Build Status](https://travis-ci.org/PurpleI2P/i2pd.svg?branch=openssl)](https://travis-ci.org/PurpleI2P/i2pd)
+* Windows				- [![Build status](https://ci.appveyor.com/api/projects/status/1908qe4p48ff1x23?svg=true)](https://ci.appveyor.com/project/PurpleI2P/i2pd)
+* Mac OS X				- [![Build Status](https://travis-ci.org/PurpleI2P/i2pd.svg?branch=openssl)](https://travis-ci.org/PurpleI2P/i2pd)
 * FreeBSD
 * Android 
 * iOS
--- a/Win32/installer.iss
+++ b/Win32/installer.iss
@ -1,5 +1,5 @@
				@@ -1,5 +1,5 @@
 #define I2Pd_AppName "i2pd"
-#define I2Pd_ver "2.15.0"
+#define I2Pd_ver "2.16.0"
 #define I2Pd_Publisher "PurpleI2P"

 [Setup]
--- a/android/AndroidManifest.xml
+++ b/android/AndroidManifest.xml
@ -2,7 +2,7 @@
				@@ -2,7 +2,7 @@
 <manifest xmlns:android="http://schemas.android.com/apk/res/android"
      package="org.purplei2p.i2pd"
      android:versionCode="1"
-      android:versionName="2.15.0"
+      android:versionName="2.16.0"
 	  android:installLocation="auto">
    <uses-sdk android:minSdkVersion="14" android:targetSdkVersion="25"/>
 	<uses-permission android:name="android.permission.WRITE_EXTERNAL_STORAGE"/>
--- a/appveyor.yml
+++ b/appveyor.yml
@ -1,4 +1,4 @@
				@@ -1,4 +1,4 @@
-version: 2.15.{build}
+version: 2.16.{build}
 pull_requests:
  do_not_increment_build_number: true
 branches:
--- a/build/CMakeLists.txt
+++ b/build/CMakeLists.txt
@ -150,7 +150,7 @@ else()
				@@ -150,7 +150,7 @@ else()
  if (MSYS OR MINGW)
    add_definitions( -DWIN32_LEAN_AND_MEAN )
  endif ()
-  set( CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -Wall -Wextra -Winvalid-pch" )
+  set( CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -Wall -Wextra -Winvalid-pch -Wno-unused-parameter" )
  set( CMAKE_CXX_FLAGS_RELEASE "${CMAKE_CXX_FLAGS_RELEASE} -pedantic" )
  # TODO: The following is incompatible with static build and enabled hardening for OpenWRT.
  # Multiple definitions of __stack_chk_fail (libssp & libc)
@ -180,7 +180,7 @@ if (CMAKE_CXX_COMPILER_ID STREQUAL "GNU")
				@@ -180,7 +180,7 @@ if (CMAKE_CXX_COMPILER_ID STREQUAL "GNU")
 elseif (CMAKE_CXX_COMPILER_ID STREQUAL "Clang")
  # more tweaks
  if (NOT (MSVC OR MSYS OR APPLE))
-    set (CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -stdlib=libstdc++" )
+    set (CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -Wno-unused-const-variable -Wno-overloaded-virtual -Wno-c99-extensions" )
  endif()
 endif ()

--- a/contrib/certificates/reseed/r4sas_at_mail.i2p.crt
+++ b/contrib/certificates/reseed/r4sas_at_mail.i2p.crt
@ -1,32 +0,0 @@
				@@ -1,32 +0,0 @@
-----BEGIN CERTIFICATE-----
-MIIFezCCA2OgAwIBAgIEb8xTzzANBgkqhkiG9w0BAQ0FADBuMQswCQYDVQQGEwJY
-WDELMAkGA1UECBMCWFgxHjAcBgNVBAcTFUkyUCBBbm9ueW1vdXMgTmV0d29yazEL
-MAkGA1UEChMCWFgxDDAKBgNVBAsTA0kyUDEXMBUGA1UEAwwOcjRzYXNAbWFpbC5p
-MnAwHhcNMTYwODExMjIyNDM2WhcNMjYwODExMjIyNDM2WjBuMQswCQYDVQQGEwJY
-WDELMAkGA1UECBMCWFgxHjAcBgNVBAcTFUkyUCBBbm9ueW1vdXMgTmV0d29yazEL
-MAkGA1UEChMCWFgxDDAKBgNVBAsTA0kyUDEXMBUGA1UEAwwOcjRzYXNAbWFpbC5p
-MnAwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDjUMy/aYd0i6Oc3rdc
-24V/fM2vhviH+cNhAOXsMSrwDSVbFQkuDPIfq4fo1A25rsyULR57vy7XKA51OstX
-GvREPDhth4cMZjthq0f8AVzPq2vIk8Po65uvKR190yupPQ4FhvGeRkHkqp+SqoIJ
-lClD8xZEHrUHSYZotm5TLWIgSwa4DuO1q3bMRI8oIWzqhv99FtlmHlC8fjVUN4mR
-2czhABr0u6RMPOtJwTVxWgT1PKXiLWfmeHb63TcPYGgpJ39iMDOjtgY9jYueoO8J
-uGJJtkGRIRjOuhDFE9NUlNnljUxUDWvMU7zCO4ozaKMZgoxr1WoIO6ubI/003I53
-sZ0Q5h8yfz+QreEw3wzjxnQSkejG5c3NIvJSiu0ylOqDWmnj0v1Jv/P0qAMU4bt/
-ZWj0GOrYfPn9STg0VxMOQwQ2o15GAcbr6PFI56U2IJhZAeER3hIe2kOl6591jQ67
-zvOjPRRh2q05Ss8yo7nEpYUiB/FrE6RssJ5tVwX6e6Tq4Z1frINanIkUkToTkypP
-Fn2T/KV2lak9rLuxzvhiDobu5iGCR323zFcFEpGq4Wsopx1uRT9+71G/ejw8pKTf
-kQ7XiGaaxFyZuMuOz3bFkTuoTmAkUQTlRjGw2DmKZi/apcN+VQgpq9tQpS10pEUy
-DCVdtw1AdlOnwb+Hf3X0Uz6OjwIDAQABoyEwHzAdBgNVHQ4EFgQUqLBlSlnqCo25
-sIduMPm4iROMqkAwDQYJKoZIhvcNAQENBQADggIBAGWv8rDTzqhHkjqDOT+Ba2bs
-gVddpCNa94RQoOn2DUSu4c+yuWJLSctjpX7gswB6qvWk5Ojfafop8jJW8zuozJrO
-76b9345S/VnnbHVSoVfIpF9Fve1Xc8nvU4ylRcAMwhf8N3Md5Yc1kb+P7NtTTwMZ
-TBR3xY3fVxv3qTpKApWQKkUiqM7yJKOfS8xcK/pjO/3oRUwfA9DHugCUpgSidlN+
-JkZmgwAcA3/WMlDdNKmKnWLGB2Ea+W6kIx5TDFfjf11rbjuwXhDLyaOK88qlN0W2
-hYa31UDSEYYQd3gMG1gjVc+9vZA/Vr0+SF5ULN9QLjB18CVIdPv92mBjJQRmJSVW
-b1qwZI0jf/V+1fu9H9r7sE4CId3+WGOek3UNRNZLOVZCSiFq/b9cswcQZGjw6aE+
-1FNjw1HW9CLoNcg74Kr98QouOoeRSofQYZiYqaM9Sz/MsinYMIRGRGw3Uq1uNRo0
-WgoOngmZSKGaW5PFR19uuuNIVB4fCShqBVyrguW4xIskta1JVFoggFeOeTwk6/kH
-S5roMzyB/kzv83A2IB0VxqbiDj8khgdm1Us6HCCmU+iTRVyG28gFklCJ8dQfxgGH
-W2gpIwvxYLyNP14/7E1oF7/NfHmyjAVzYnR5Xw2wE4tvSHuIrHhj6Q26VB3vze6j
-E/w1AJEepnw/KfHqS3bw
-----END CERTIFICATE-----
--- a/contrib/i2pd.conf
+++ b/contrib/i2pd.conf
@ -23,7 +23,8 @@
				@@ -23,7 +23,8 @@
 # log = file
 ## Path to logfile (default - autodetect)
 # logfile = /var/log/i2pd.log
-## Log messages above this level (debug, *info, warn, error)
+## Log messages above this level (debug, *info, warn, error, none)
+## If you set it to none, logging will be disabled
 # loglevel = info

 ## Path to storage of i2pd data (RI, keys, peer profiles, ...)
--- a/contrib/rpm/i2pd.spec
+++ b/contrib/rpm/i2pd.spec
@ -1,7 +1,7 @@
				@@ -1,7 +1,7 @@
 %define build_timestamp %(date +"%Y%m%d")

 Name:           i2pd
-Version:        2.15.0
+Version:        2.16.0
 Release:        %{build_timestamp}git%{?dist}
 Summary:        I2P router written in C++

@ -103,6 +103,20 @@ getent passwd i2pd >/dev/null || \
				@@ -103,6 +103,20 @@ getent passwd i2pd >/dev/null || \


 %changelog
+* Mon Nov 13 2017 orignal <i2porignal@yandex.ru> - 2.16.0
+- Added https and "Connect" method for HTTP proxy
+- Added outproxy for HTTP proxy
+- Added initial support of ECIES crypto
+- Added NTCP soft and hard descriptors limits
+- Added support full timestamps in logs
+- Changed faster implmentation of GOST R 34.11 hash
+- Changed reject routers with RSA signtures
+- Changed reload config and shudown from Windows GUI
+- Changed update tunnels address(destination) without restart
+- Fixed BOB crashes if destination is not set
+- Fixed correct SAM tunnel name
+- Fixed QT GUI issues
+
 * Thu Aug 17 2017 orignal <i2porignal@yandex.ru> - 2.15.0
 - Added QT GUI 
 - Added ability add and remove I2P tunnels without restart
--- a/daemon/HTTPServer.cpp
+++ b/daemon/HTTPServer.cpp
@ -60,12 +60,14 @@ namespace http {
				@@ -60,12 +60,14 @@ namespace http {
 		"  .tunnel.established { color: #56B734; }\r\n"
 		"  .tunnel.expiring    { color: #D3AE3F; }\r\n"
 		"  .tunnel.failed      { color: #D33F3F; }\r\n"
-		"  .tunnel.another     { color: #434343; }\r\n"
+		"  .tunnel.building    { color: #434343; }\r\n"
 		"  caption { font-size: 1.5em; text-align: center; color: #894C84; }\r\n"
 		"  table { width: 100%; border-collapse: collapse; text-align: center; }\r\n"
-		"  .private { background: black; color: black; } .private:hover { background: black; color: white } \r\n"
-		"  .slide p, .slide [type='checkbox']{ display:none; } \r\n"
-		"  .slide [type='checkbox']:checked ~ p { display:block; } \r\n"
+		"  .slide label { color: #894C84 }\r\n"
+		"  .slide p, .slide [type='checkbox']{ display:none; }\r\n"
+		"  .slide [type='checkbox']:checked ~ p { display:block; margin-top: 0; padding: 0; }\r\n"
+		"  .disabled:after { color: #D33F3F; content: \"Disabled\" }\r\n"
+		"  .enabled:after  { color: #56B734; content: \"Enabled\"  }\r\n"
 		"</style>\r\n";

 	const char HTTP_PAGE_TUNNELS[] = "tunnels";
@ -270,7 +272,17 @@ namespace http {
				@@ -270,7 +272,17 @@ namespace http {
 		size_t transitTunnelCount = i2p::tunnel::tunnels.CountTransitTunnels();

 		s << "<b>Client Tunnels:</b> " << std::to_string(clientTunnelCount) << " ";
-		s << "<b>Transit Tunnels:</b> " << std::to_string(transitTunnelCount) << "<br>\r\n";
+		s << "<b>Transit Tunnels:</b> " << std::to_string(transitTunnelCount) << "<br>\r\n<br>\r\n";
+
+		s << "<table><caption>Services</caption><tr><th>Service</th><th>State</th></tr>\r\n";
+		s << "<tr><td>" << "HTTP Proxy"		<< "</td><td><div class='" << ((i2p::client::context.GetHttpProxy ())			? "enabled" : "disabled") << "'></div></td></tr>\r\n";
+		s << "<tr><td>" << "SOCKS Proxy"	<< "</td><td><div class='" << ((i2p::client::context.GetSocksProxy ())			? "enabled" : "disabled") << "'></div></td></tr>\r\n";
+		s << "<tr><td>" << "BOB"			<< "</td><td><div class='" << ((i2p::client::context.GetBOBCommandChannel ())	? "enabled" : "disabled") << "'></div></td></tr>\r\n";
+		s << "<tr><td>" << "SAM"			<< "</td><td><div class='" << ((i2p::client::context.GetSAMBridge ())			? "enabled" : "disabled") << "'></div></td></tr>\r\n";
+		s << "<tr><td>" << "I2CP"			<< "</td><td><div class='" << ((i2p::client::context.GetI2CPServer ())			? "enabled" : "disabled") << "'></div></td></tr>\r\n";
+		bool i2pcontrol; i2p::config::GetOption("i2pcontrol.enabled", i2pcontrol);
+		s << "<tr><td>" << "I2PControl"		<< "</td><td><div class='" << ((i2pcontrol) 									? "enabled" : "disabled") << "'></div></td></tr>\r\n";
+		s << "</table>\r\n";
 	}

 	void ShowLocalDestinations (std::stringstream& s)
@ -284,7 +296,7 @@ namespace http {
				@@ -284,7 +296,7 @@ namespace http {
 		}

 		auto i2cpServer = i2p::client::context.GetI2CPServer ();
-		if (i2cpServer)
+		if (i2cpServer && !(i2cpServer->GetSessions ().empty ()))
 		{
 			s << "<br><b>I2CP Local Destinations:</b><br>\r\n<br>\r\n";
 			for (auto& it: i2cpServer->GetSessions ())
@ -304,14 +316,14 @@ namespace http {
				@@ -304,14 +316,14 @@ namespace http {
 	{
 		s << "<b>Base64:</b><br>\r\n<textarea readonly=\"readonly\" cols=\"64\" rows=\"11\" wrap=\"on\">";
 		s << dest->GetIdentity ()->ToBase64 () << "</textarea><br>\r\n<br>\r\n";
-		s << "<b>LeaseSets:</b> <i>" << dest->GetNumRemoteLeaseSets () << "</i><br>\r\n";
 		if(dest->GetNumRemoteLeaseSets())
 		{
-			s << "<div class='slide'\r\n><label for='slide1'>Hidden content. Press on text to see.</label>\r\n<input type='checkbox' id='slide1'/>\r\n<p class='content'>\r\n";
+			s << "<div class='slide'\r\n><label for='slide1'><b>LeaseSets:</b> <i>" << dest->GetNumRemoteLeaseSets () << "</i></label>\r\n<input type='checkbox' id='slide1'/>\r\n<p class='content'>\r\n";
 			for(auto& it: dest->GetLeaseSets ())
 				s << it.second->GetIdentHash ().ToBase32 () << "<br>\r\n";
 			s << "</p>\r\n</div>\r\n";
-		}
+		} else
+			s << "<b>LeaseSets:</b> <i>0</i><br>\r\n";
 		auto pool = dest->GetTunnelPool ();
 		if (pool)
 		{
@ -401,7 +413,7 @@ namespace http {
				@@ -401,7 +413,7 @@ namespace http {

 	void ShowLeasesSets(std::stringstream& s)
 	{
-		s << "<div id='leasesets'><b>LeaseSets (click on to show info):</b></div><br>\r\n";
+		s << "<b>LeaseSets:</b><br>\r\n<br>\r\n";
 		int counter = 1;
 		// for each lease set
 		i2p::data::netdb.VisitLeaseSets(
@ -434,6 +446,7 @@ namespace http {
				@@ -434,6 +446,7 @@ namespace http {

 	void ShowTunnels (std::stringstream& s)
 	{
+		s << "<b>Tunnels:</b><br>\r\n<br>\r\n";
 		s << "<b>Queue size:</b> " << i2p::tunnel::tunnels.GetQueueSize () << "<br>\r\n";

 		s << "<b>Inbound tunnels:</b><br>\r\n";
@ -457,7 +470,7 @@ namespace http {
				@@ -457,7 +470,7 @@ namespace http {
 	static void ShowCommands (std::stringstream& s, uint32_t token)
 	{
 		/* commands */
-		s << "<b>Router Commands</b><br>\r\n";
+		s << "<b>Router Commands</b><br>\r\n<br>\r\n";
 		s << "  <a href=\"/?cmd=" << HTTP_COMMAND_RUN_PEER_TEST << "&token=" << token << "\">Run peer test</a><br>\r\n";
 		//s << "  <a href=\"/?cmd=" << HTTP_COMMAND_RELOAD_CONFIG << "\">Reload config</a><br>\r\n";
 		if (i2p::context.AcceptsTunnels ())
@ -529,13 +542,13 @@ namespace http {
				@@ -529,13 +542,13 @@ namespace http {
 				}
 				if (!tmp_s.str ().empty ())
 				{
-					s << "<b>NTCP</b> ( " << cnt << " )<br>\r\n";
-					s << tmp_s.str () << "<br>\r\n";
+					s << "<div class='slide'\r\n><label for='slide_ntcp'><b>NTCP</b> ( " << cnt << " )</label>\r\n<input type='checkbox' id='slide_ntcp'/>\r\n<p class='content'>";
+					s << tmp_s.str () << "</p>\r\n</div>\r\n";
 				}
 				if (!tmp_s6.str ().empty ())
 				{
-					s << "<b>NTCP6</b> ( " << cnt6 << " )<br>\r\n";
-					s << tmp_s6.str () << "<br>\r\n";
+					s << "<div class='slide'\r\n><label for='slide_ntcp6'><b>NTCP6</b> ( " << cnt6 << " )</label>\r\n<input type='checkbox' id='slide_ntcp6'/>\r\n<p class='content'>";
+					s << tmp_s6.str () << "</p>\r\n</div>\r\n";
 				}
 			}
 		}
@ -545,7 +558,7 @@ namespace http {
				@@ -545,7 +558,7 @@ namespace http {
 			auto sessions = ssuServer->GetSessions ();
 			if (!sessions.empty ())
 			{
-				s << "<b>SSU</b> ( " << (int) sessions.size() << " )<br>\r\n";
+				s << "<div class='slide'\r\n><label for='slide_ssu'><b>SSU</b> ( " << (int) sessions.size() << " )</label>\r\n<input type='checkbox' id='slide_ssu'/>\r\n<p class='content'>";
 				for (const auto& it: sessions)
 				{
 					auto endpoint = it.second->GetRemoteEndpoint ();
@ -557,12 +570,12 @@ namespace http {
				@@ -557,12 +570,12 @@ namespace http {
 						s << " [itag:" << it.second->GetRelayTag () << "]";
 					s << "<br>\r\n" << std::endl;
 				}
-				s << "<br>\r\n";
+				s << "</p>\r\n</div>\r\n";
 			}
 			auto sessions6 = ssuServer->GetSessionsV6 ();
 			if (!sessions6.empty ())
 			{
-				s << "<b>SSU6</b> ( " << (int) sessions6.size() << " )<br>\r\n";
+				s << "<div class='slide'\r\n><label for='slide_ssu6'><b>SSU6</b> ( " << (int) sessions6.size() << " )</label>\r\n<input type='checkbox' id='slide_ssu6'/>\r\n<p class='content'>";
 				for (const auto& it: sessions6)
 				{
 					auto endpoint = it.second->GetRemoteEndpoint ();
@ -574,7 +587,7 @@ namespace http {
				@@ -574,7 +587,7 @@ namespace http {
 						s << " [itag:" << it.second->GetRelayTag () << "]";
 					s << "<br>\r\n" << std::endl;
 				}
-				s << "<br>\r\n";
+				s << "</p>\r\n</div>\r\n";
 			}
 		}
 	}
--- a/daemon/UPnP.cpp
+++ b/daemon/UPnP.cpp
@ -79,11 +79,14 @@ namespace transport
				@@ -79,11 +79,14 @@ namespace transport

 	void UPnP::Discover ()
 	{
-		int nerror = 0;
 #if MINIUPNPC_API_VERSION >= 14
+		int nerror = 0;
 		m_Devlist = upnpDiscover (2000, m_MulticastIf, m_Minissdpdpath, 0, 0, 2, &nerror);
-#else
+#elif ( MINIUPNPC_API_VERSION >= 8 || defined(UPNPDISCOVER_SUCCESS) )
+		int nerror = 0;
 		m_Devlist = upnpDiscover (2000, m_MulticastIf, m_Minissdpdpath, 0, 0, &nerror);
+#else
+		m_Devlist = upnpDiscover (2000, m_MulticastIf, m_Minissdpdpath, 0);
 #endif
 		{
 			// notify satrting thread
@ -155,7 +158,11 @@ namespace transport
				@@ -155,7 +158,11 @@ namespace transport
 		std::string strType (GetProto (address)), strPort (std::to_string (address->port));
 		int r;
 		std::string strDesc; i2p::config::GetOption("upnp.name", strDesc);
+#ifdef UPNPDISCOVER_SUCCESS
 		r = UPNP_AddPortMapping (m_upnpUrls.controlURL, m_upnpData.first.servicetype, strPort.c_str (), strPort.c_str (), m_NetworkAddr, strDesc.c_str (), strType.c_str (), 0, "0");
+#else
+		r = UPNP_AddPortMapping (m_upnpUrls.controlURL, m_upnpData.first.servicetype, strPort.c_str (), strPort.c_str (), m_NetworkAddr, strDesc.c_str (), strType.c_str (), 0);
+#endif
 		if (r!=UPNPCOMMAND_SUCCESS)
 		{
 			LogPrint (eLogError, "UPnP: AddPortMapping (", m_NetworkAddr, ":", strPort, ") failed with code ", r);
--- a/debian/changelog
+++ b/debian/changelog
@ -1,3 +1,9 @@
				@@ -1,3 +1,9 @@
+i2pd (2.16.0-1) unstable; urgency=low
+
+  * updated to version 2.16.0/0.9.32
+
+ -- orignal <orignal@i2pmail.org>  Mon, 13 Nov 2017 18:00:00 +0000
+
 i2pd (2.15.0-1) unstable; urgency=low

  * updated to version 2.15.0/0.9.31
--- a/libi2pd/Config.cpp
+++ b/libi2pd/Config.cpp
@ -179,6 +179,7 @@ namespace config {
				@@ -179,6 +179,7 @@ namespace config {
 			("reseed.floodfill", value<std::string>()->default_value(""), "Path to router info of floodfill to reseed from")
 			("reseed.file", value<std::string>()->default_value(""),      "Path to local .su3 file or HTTPS URL to reseed from")
 			("reseed.zipfile", value<std::string>()->default_value(""),   "Path to local .zip file to reseed from")
+			("reseed.proxy", value<std::string>()->default_value(""),     "url for reseed proxy, supports http/socks")
 			("reseed.urls", value<std::string>()->default_value(
 				"https://reseed.i2p-projekt.de/,"
 				"https://i2p.mooo.com/netDb/,"
--- a/libi2pd/Crypto.cpp
+++ b/libi2pd/Crypto.cpp
@ -447,13 +447,13 @@ namespace crypto
				@@ -447,13 +447,13 @@ namespace crypto
 				memcpy (data, m + 33, 222);
 			else
 			{
-				LogPrint (eLogError, "ECICS decrypt hash doesn't match");
+				LogPrint (eLogError, "ECIES decrypt hash doesn't match");
 				ret = false;
 			}
 		}
 		else
 		{
-			LogPrint (eLogError, "ECICS decrypt point is invalid");
+			LogPrint (eLogError, "ECIES decrypt point is invalid");
 			ret = false;
 		}

@ -504,10 +504,10 @@ namespace crypto
				@@ -504,10 +504,10 @@ namespace crypto
 			"vxorps %%ymm0, %%ymm1, %%ymm1 \n"
 			"vmovups %%ymm1, (%[hash]) \n"
 			"vzeroall \n" // end of AVX
-		    "movups %%xmm0, 80(%[hash]) \n" // zero last 16 bytes
+			"movups %%xmm0, 80(%[hash]) \n" // zero last 16 bytes
 			:
 			: [key]"m"(*(const uint8_t *)key), [ipad]"m"(*ipads), [opad]"m"(*opads),
-			  [buf]"r"(buf), [hash]"r"(hash)
+				[buf]"r"(buf), [hash]"r"(hash)
 			: "memory", "%xmm0"	// TODO: change to %ymm0 later
 		);
 #else
@ -698,18 +698,18 @@ namespace crypto
				@@ -698,18 +698,18 @@ namespace crypto
 #ifdef AESNI
 		__asm__
 		(
-		 	"movups	(%[iv]), %%xmm1 \n"
-		 	"1: \n"
-		 	"movups	(%[in]), %%xmm0 \n"
-		 	"pxor %%xmm1, %%xmm0 \n"
-		 	EncryptAES256(sched)
-		 	"movaps	%%xmm0, %%xmm1 \n"	
-		 	"movups	%%xmm0, (%[out]) \n"
-		 	"add $16, %[in] \n"
-		 	"add $16, %[out] \n"
-		 	"dec %[num] \n"
-		 	"jnz 1b \n"	 	
-		 	"movups	%%xmm1, (%[iv]) \n"
+			"movups	(%[iv]), %%xmm1 \n"
+			"1: \n"
+			"movups	(%[in]), %%xmm0 \n"
+			"pxor %%xmm1, %%xmm0 \n"
+			EncryptAES256(sched)
+			"movaps	%%xmm0, %%xmm1 \n"
+			"movups	%%xmm0, (%[out]) \n"
+			"add $16, %[in] \n"
+			"add $16, %[out] \n"
+			"dec %[num] \n"
+			"jnz 1b \n"
+			"movups	%%xmm1, (%[iv]) \n"
 			:
 			: [iv]"r"((uint8_t *)m_LastBlock), [sched]"r"(m_ECBEncryption.GetKeySchedule ()),
 			  [in]"r"(in), [out]"r"(out), [num]"r"(numBlocks)
@ -740,8 +740,8 @@ namespace crypto
				@@ -740,8 +740,8 @@ namespace crypto
 		(
 			"movups	(%[iv]), %%xmm1 \n"
 			"movups	(%[in]), %%xmm0 \n"
-		 	"pxor %%xmm1, %%xmm0 \n"
-		 	EncryptAES256(sched)
+			"pxor %%xmm1, %%xmm0 \n"
+			EncryptAES256(sched)
 			"movups	%%xmm0, (%[out]) \n"
 			"movups	%%xmm0, (%[iv]) \n"
 			:
@ -760,18 +760,18 @@ namespace crypto
				@@ -760,18 +760,18 @@ namespace crypto
 		__asm__
 		(
 			"movups	(%[iv]), %%xmm1 \n"
-		 	"1: \n"
-		 	"movups	(%[in]), %%xmm0 \n"
+			"1: \n"
+			"movups	(%[in]), %%xmm0 \n"
 			"movaps %%xmm0, %%xmm2 \n"
-		 	DecryptAES256(sched)
+			DecryptAES256(sched)
 			"pxor %%xmm1, %%xmm0 \n"
-		 	"movups	%%xmm0, (%[out]) \n"
+			"movups	%%xmm0, (%[out]) \n"
 			"movaps %%xmm2, %%xmm1 \n"
-		 	"add $16, %[in] \n"
-		 	"add $16, %[out] \n"
-		 	"dec %[num] \n"
-		 	"jnz 1b \n"	 	
-		 	"movups	%%xmm1, (%[iv]) \n"
+			"add $16, %[in] \n"
+			"add $16, %[out] \n"
+			"dec %[num] \n"
+			"jnz 1b \n"
+			"movups	%%xmm1, (%[iv]) \n"
 			:
 			: [iv]"r"((uint8_t *)m_IV), [sched]"r"(m_ECBDecryption.GetKeySchedule ()),
 			  [in]"r"(in), [out]"r"(out), [num]"r"(numBlocks)
@ -801,11 +801,11 @@ namespace crypto
				@@ -801,11 +801,11 @@ namespace crypto
 		__asm__
 		(
 			"movups	(%[iv]), %%xmm1 \n"
-		 	"movups	(%[in]), %%xmm0 \n"
+			"movups	(%[in]), %%xmm0 \n"
 			"movups	%%xmm0, (%[iv]) \n"
-		 	DecryptAES256(sched)
+			DecryptAES256(sched)
 			"pxor %%xmm1, %%xmm0 \n"
-		 	"movups	%%xmm0, (%[out]) \n"	
+			"movups	%%xmm0, (%[out]) \n"
 			:
 			: [iv]"r"((uint8_t *)m_IV), [sched]"r"(m_ECBDecryption.GetKeySchedule ()),
 			  [in]"r"(in), [out]"r"(out)
@ -821,7 +821,7 @@ namespace crypto
				@@ -821,7 +821,7 @@ namespace crypto
 #ifdef AESNI
 		__asm__
 		(
-            // encrypt IV 
+			// encrypt IV
 			"movups	(%[in]), %%xmm0 \n"
 			EncryptAES256(sched_iv)
 			"movaps %%xmm0, %%xmm1 \n"
@ -831,14 +831,14 @@ namespace crypto
				@@ -831,14 +831,14 @@ namespace crypto
 			// encrypt data, IV is xmm1
 			"1: \n"
 			"add $16, %[in] \n"
-		    "add $16, %[out] \n"
-		 	"movups	(%[in]), %%xmm0 \n"
-		 	"pxor %%xmm1, %%xmm0 \n"
-		 	EncryptAES256(sched_l)
-		 	"movaps	%%xmm0, %%xmm1 \n"	
-		 	"movups	%%xmm0, (%[out]) \n"
-		 	"dec %[num] \n"
-		 	"jnz 1b \n"	 	
+			"add $16, %[out] \n"
+			"movups	(%[in]), %%xmm0 \n"
+			"pxor %%xmm1, %%xmm0 \n"
+			EncryptAES256(sched_l)
+			"movaps	%%xmm0, %%xmm1 \n"
+			"movups	%%xmm0, (%[out]) \n"
+			"dec %[num] \n"
+			"jnz 1b \n"
 			:
 			: [sched_iv]"r"(m_IVEncryption.GetKeySchedule ()), [sched_l]"r"(m_LayerEncryption.GetKeySchedule ()),
 			  [in]"r"(in), [out]"r"(out), [num]"r"(63) // 63 blocks = 1008 bytes
@ -857,7 +857,7 @@ namespace crypto
				@@ -857,7 +857,7 @@ namespace crypto
 #ifdef AESNI
 		__asm__
 		(
-            // decrypt IV 
+			// decrypt IV
 			"movups	(%[in]), %%xmm0 \n"
 			DecryptAES256(sched_iv)
 			"movaps %%xmm0, %%xmm1 \n"
@ -867,18 +867,18 @@ namespace crypto
				@@ -867,18 +867,18 @@ namespace crypto
 			// decrypt data, IV is xmm1
 			"1: \n"
 			"add $16, %[in] \n"
-		    "add $16, %[out] \n"
+			"add $16, %[out] \n"
 			"movups	(%[in]), %%xmm0 \n"
 			"movaps %%xmm0, %%xmm2 \n"
-		 	DecryptAES256(sched_l)
+			DecryptAES256(sched_l)
 			"pxor %%xmm1, %%xmm0 \n"
-		 	"movups	%%xmm0, (%[out]) \n"
+			"movups	%%xmm0, (%[out]) \n"
 			"movaps %%xmm2, %%xmm1 \n"
-		 	"dec %[num] \n"
-		 	"jnz 1b \n"	 	
+			"dec %[num] \n"
+			"jnz 1b \n"
 			:
 			: [sched_iv]"r"(m_IVDecryption.GetKeySchedule ()), [sched_l]"r"(m_LayerDecryption.GetKeySchedule ()),
-			  [in]"r"(in), [out]"r"(out), [num]"r"(63) // 63 blocks = 1008 bytes
+				[in]"r"(in), [out]"r"(out), [num]"r"(63) // 63 blocks = 1008 bytes
 			: "%xmm0", "%xmm1", "%xmm2", "cc", "memory"
 		);
 #else
@ -907,7 +907,7 @@ namespace crypto
				@@ -907,7 +907,7 @@ namespace crypto
 		SSL_library_init ();
 /*		auto numLocks = CRYPTO_num_locks();
 		for (int i = 0; i < numLocks; i++)
-		     m_OpenSSLMutexes.emplace_back (new std::mutex);
+			m_OpenSSLMutexes.emplace_back (new std::mutex);
 		CRYPTO_set_locking_callback (OpensslLockingCallback);*/
 		if (precomputation)
 		{
@ -939,4 +939,3 @@ namespace crypto
				@@ -939,4 +939,3 @@ namespace crypto
 	}
 }
 }
-
--- a/libi2pd/Destination.cpp
+++ b/libi2pd/Destination.cpp
@ -483,9 +483,22 @@ namespace client
				@@ -483,9 +483,22 @@ namespace client
 		{
 			if (m_PublishReplyToken)
 			{
-				LogPrint (eLogWarning, "Destination: Publish confirmation was not received in ", PUBLISH_CONFIRMATION_TIMEOUT,  " seconds, will try again");
 				m_PublishReplyToken = 0;
-				Publish ();
+				if (GetIdentity ()->GetCryptoKeyType () == i2p::data::CRYPTO_KEY_TYPE_ELGAMAL)
+				{
+					LogPrint (eLogWarning, "Destination: Publish confirmation was not received in ", PUBLISH_CONFIRMATION_TIMEOUT,  " seconds, will try again");				
+					Publish ();
+				}
+				else
+				{
+					LogPrint (eLogWarning, "Destination: Publish confirmation was not received in ", PUBLISH_CONFIRMATION_TIMEOUT,  " seconds from Java floodfill for crypto type ", (int)GetIdentity ()->GetCryptoKeyType ());
+					// Java floodfill never sends confirmantion back for unknown crypto type
+					// assume it successive and try to verify
+					m_PublishVerificationTimer.expires_from_now (boost::posix_time::seconds(PUBLISH_VERIFICATION_TIMEOUT));
+					m_PublishVerificationTimer.async_wait (std::bind (&LeaseSetDestination::HandlePublishVerificationTimer,
+			shared_from_this (), std::placeholders::_1));
+					
+				}
 			}
 		}
 	}
@ -702,8 +715,8 @@ namespace client
				@@ -702,8 +715,8 @@ namespace client
 	}

 	ClientDestination::ClientDestination (const i2p::data::PrivateKeys& keys, bool isPublic, const std::map<std::string, std::string> * params):
-		LeaseSetDestination (isPublic, params),
-		m_Keys (keys), m_DatagramDestination (nullptr), m_RefCounter (0),
+		LeaseSetDestination (isPublic, params), m_Keys (keys), m_StreamingAckDelay (DEFAULT_INITIAL_ACK_DELAY),
+		m_DatagramDestination (nullptr), m_RefCounter (0),
 		m_ReadyChecker(GetService())
 	{
 		if (isPublic)
@ -714,6 +727,14 @@ namespace client
				@@ -714,6 +727,14 @@ namespace client
 		m_Decryptor = m_Keys.CreateDecryptor (m_EncryptionPrivateKey); 
 		if (isPublic)
 			LogPrint (eLogInfo, "Destination: Local address ", GetIdentHash().ToBase32 (), " created");
+
+		// extract streaming params
+		if (params) 
+		{
+			auto it = params->find (I2CP_PARAM_STREAMING_INITIAL_ACK_DELAY);
+			if (it != params->end ())
+				m_StreamingAckDelay = std::stoi(it->second);
+		}
 	}

 	ClientDestination::~ClientDestination ()
--- a/libi2pd/Destination.h
+++ b/libi2pd/Destination.h
@ -58,6 +58,10 @@ namespace client
				@@ -58,6 +58,10 @@ namespace client
 	const char I2CP_PARAM_MAX_TUNNEL_LATENCY[] = "latency.max";
 	const int DEFAULT_MAX_TUNNEL_LATENCY = 0;

+	// streaming
+	const char I2CP_PARAM_STREAMING_INITIAL_ACK_DELAY[] = "i2p.streaming.initialAckDelay";
+	const int DEFAULT_INITIAL_ACK_DELAY = 200; // milliseconds
+
 	typedef std::function<void (std::shared_ptr<i2p::stream::Stream> stream)> StreamRequestComplete;

 	class LeaseSetDestination: public i2p::garlic::GarlicDestination,
@ -199,6 +203,7 @@ namespace client
				@@ -199,6 +203,7 @@ namespace client
 			void StopAcceptingStreams ();
 			bool IsAcceptingStreams () const;
 			void AcceptOnce (const i2p::stream::StreamingDestination::Acceptor& acceptor);
+			int GetStreamingAckDelay () const { return m_StreamingAckDelay; }

 			// datagram
      i2p::datagram::DatagramDestination * GetDatagramDestination () const { return m_DatagramDestination; };
@ -230,6 +235,7 @@ namespace client
				@@ -230,6 +235,7 @@ namespace client
 			uint8_t m_EncryptionPublicKey[256], m_EncryptionPrivateKey[256];
 			std::shared_ptr<i2p::crypto::CryptoKeyDecryptor> m_Decryptor;

+			int m_StreamingAckDelay;
 			std::shared_ptr<i2p::stream::StreamingDestination> m_StreamingDestination; // default
 			std::map<uint16_t, std::shared_ptr<i2p::stream::StreamingDestination> > m_StreamingDestinationsByPorts;
      		i2p::datagram::DatagramDestination * m_DatagramDestination;
--- a/libi2pd/Identity.cpp
+++ b/libi2pd/Identity.cpp
@ -324,6 +324,12 @@ namespace data
				@@ -324,6 +324,12 @@ namespace data
 		return SIGNING_KEY_TYPE_DSA_SHA1;
 	}

+	bool IdentityEx::IsRSA () const
+	{
+		auto sigType = GetSigningKeyType ();
+		return sigType <= SIGNING_KEY_TYPE_RSA_SHA512_4096 && sigType >= SIGNING_KEY_TYPE_RSA_SHA256_2048;
+	}
+
 	CryptoKeyType IdentityEx::GetCryptoKeyType () const
 	{
 		if (m_StandardIdentity.certificate[0] == CERTIFICATE_TYPE_KEY && m_ExtendedLen >= 4)
@ -451,6 +457,7 @@ namespace data
				@@ -451,6 +457,7 @@ namespace data
 				return std::make_shared<i2p::crypto::ElGamalEncryptor>(key);
 			break;
 			case CRYPTO_KEY_TYPE_ECIES_P256_SHA256_AES256CBC:
+			case CRYPTO_KEY_TYPE_ECIES_P256_SHA256_AES256CBC_TEST:
 				return std::make_shared<i2p::crypto::ECIESP256Encryptor>(key);
 			break;
 			case CRYPTO_KEY_TYPE_ECIES_GOSTR3410_CRYPTO_PRO_A_SHA256_AES256CBC:
@ -602,6 +609,7 @@ namespace data
				@@ -602,6 +609,7 @@ namespace data
 				return std::make_shared<i2p::crypto::ElGamalDecryptor>(key);
 			break;
 			case CRYPTO_KEY_TYPE_ECIES_P256_SHA256_AES256CBC:
+			case CRYPTO_KEY_TYPE_ECIES_P256_SHA256_AES256CBC_TEST:
 				return std::make_shared<i2p::crypto::ECIESP256Decryptor>(key);
 			break;
 			case CRYPTO_KEY_TYPE_ECIES_GOSTR3410_CRYPTO_PRO_A_SHA256_AES256CBC:
@ -632,14 +640,10 @@ namespace data
				@@ -632,14 +640,10 @@ namespace data
 					i2p::crypto::CreateECDSAP521RandomKeys (keys.m_SigningPrivateKey, signingPublicKey);
 				break;
 				case SIGNING_KEY_TYPE_RSA_SHA256_2048:
-					i2p::crypto::CreateRSARandomKeys (i2p::crypto::RSASHA2562048_KEY_LENGTH, keys.m_SigningPrivateKey, signingPublicKey);
-				break;
 				case SIGNING_KEY_TYPE_RSA_SHA384_3072:
-					i2p::crypto::CreateRSARandomKeys (i2p::crypto::RSASHA3843072_KEY_LENGTH, keys.m_SigningPrivateKey, signingPublicKey);
-				break;
 				case SIGNING_KEY_TYPE_RSA_SHA512_4096:
-					i2p::crypto::CreateRSARandomKeys (i2p::crypto::RSASHA5124096_KEY_LENGTH, keys.m_SigningPrivateKey, signingPublicKey);
-				break;
+					LogPrint (eLogWarning, "Identity: RSA signature type is not supported. Create EdDSA");
+				// no break here 
 				case SIGNING_KEY_TYPE_EDDSA_SHA512_ED25519:
 					i2p::crypto::CreateEDDSA25519RandomKeys (keys.m_SigningPrivateKey, signingPublicKey);
 				break;
@ -650,7 +654,7 @@ namespace data
				@@ -650,7 +654,7 @@ namespace data
 					i2p::crypto::CreateGOSTR3410RandomKeys (i2p::crypto::eGOSTR3410TC26A512, keys.m_SigningPrivateKey, signingPublicKey);
 				break;
 				default:
-					LogPrint (eLogError, "Identity: Signing key type ", (int)type, " is not supported. Create DSA-SHA1");
+					LogPrint (eLogWarning, "Identity: Signing key type ", (int)type, " is not supported. Create DSA-SHA1");
 					return PrivateKeys (i2p::data::CreateRandomKeys ()); // DSA-SHA1
 			}
 			// encryption
@ -673,6 +677,7 @@ namespace data
				@@ -673,6 +677,7 @@ namespace data
 				i2p::crypto::GenerateElGamalKeyPair(priv, pub);
 			break;
 			case CRYPTO_KEY_TYPE_ECIES_P256_SHA256_AES256CBC:
+			case CRYPTO_KEY_TYPE_ECIES_P256_SHA256_AES256CBC_TEST:
 				i2p::crypto::CreateECIESP256RandomKeys (priv, pub);
 			break;
 			case CRYPTO_KEY_TYPE_ECIES_GOSTR3410_CRYPTO_PRO_A_SHA256_AES256CBC:
--- a/libi2pd/Identity.h
+++ b/libi2pd/Identity.h
@ -53,7 +53,8 @@ namespace data
				@@ -53,7 +53,8 @@ namespace data
 	const size_t DEFAULT_IDENTITY_SIZE = sizeof (Identity); // 387 bytes

 	const uint16_t CRYPTO_KEY_TYPE_ELGAMAL = 0;
-	const uint16_t CRYPTO_KEY_TYPE_ECIES_P256_SHA256_AES256CBC = 65280; // TODO: change to actual code
+	const uint16_t CRYPTO_KEY_TYPE_ECIES_P256_SHA256_AES256CBC = 1;
+	const uint16_t CRYPTO_KEY_TYPE_ECIES_P256_SHA256_AES256CBC_TEST = 65280; // TODO: remove later
 	const uint16_t CRYPTO_KEY_TYPE_ECIES_GOSTR3410_CRYPTO_PRO_A_SHA256_AES256CBC = 65281; // TODO: use GOST R 34.11 instead SHA256 and GOST 28147-89 instead AES

 	const uint16_t SIGNING_KEY_TYPE_DSA_SHA1 = 0;
@ -102,6 +103,7 @@ namespace data
				@@ -102,6 +103,7 @@ namespace data
 			size_t GetSignatureLen () const;
 			bool Verify (const uint8_t * buf, size_t len, const uint8_t * signature) const;
 			SigningKeyType GetSigningKeyType () const;
+			bool IsRSA () const; // signing key type
 			CryptoKeyType GetCryptoKeyType () const;
 			void DropVerifier () const; // to save memory

--- a/libi2pd/Log.cpp
+++ b/libi2pd/Log.cpp
@ -16,10 +16,11 @@ namespace log {
				@@ -16,10 +16,11 @@ namespace log {
 	 */
 	static const char * g_LogLevelStr[eNumLogLevels] =
 	{
+		"none",  // eLogNone
 		"error", // eLogError
 		"warn",  // eLogWarn
 		"info",  // eLogInfo
-		"debug"	 // eLogDebug
+		"debug"  // eLogDebug
 	};

 	/**
@ -27,9 +28,10 @@ namespace log {
				@@ -27,9 +28,10 @@ namespace log {
 	 * @note Using ISO 6429 (ANSI) color sequences
 	 */
 #ifdef _WIN32
-	static const char *LogMsgColors[] = { "", "", "", "", "" };
+	static const char *LogMsgColors[] = { "", "", "", "", "", "" };
 #else /* UNIX */
 	static const char *LogMsgColors[] = {
+		[eLogNone]      = "\033[0m",    /* reset */
 		[eLogError]     = "\033[1;31m", /* red */
 		[eLogWarning]   = "\033[1;33m", /* yellow */
 		[eLogInfo]      = "\033[1;36m", /* cyan */
@ -46,6 +48,7 @@ namespace log {
				@@ -46,6 +48,7 @@ namespace log {
 	static inline int GetSyslogPrio (enum LogLevel l) {
 		int priority = LOG_DEBUG;
 		switch (l) {
+			case eLogNone    : priority = LOG_CRIT;    break;
 			case eLogError   : priority = LOG_ERR;     break;
 			case eLogWarning : priority = LOG_WARNING; break;
 			case eLogInfo    : priority = LOG_INFO;    break;
@ -105,7 +108,8 @@ namespace log {
				@@ -105,7 +108,8 @@ namespace log {
 	}

 	void Log::SetLogLevel (const std::string& level) {
-		if      (level == "error") { m_MinLevel = eLogError; }
+		if      (level == "none")  { m_MinLevel = eLogNone; }
+		else if (level == "error") { m_MinLevel = eLogError; }
 		else if (level == "warn")  { m_MinLevel = eLogWarning; }
 		else if (level == "info")  { m_MinLevel = eLogInfo;  }
 		else if (level == "debug") { m_MinLevel = eLogDebug; }
@ -165,7 +169,7 @@ namespace log {
				@@ -165,7 +169,7 @@ namespace log {
 		while (m_IsRunning)
 		{
 			std::shared_ptr<LogMsg> msg;
-			while (msg = m_Queue.Get ())
+			while ((msg = m_Queue.Get ()))
 				Process (msg);
 			if (m_LogStream) m_LogStream->flush();
 			if (m_IsRunning)
@ -181,6 +185,7 @@ namespace log {
				@@ -181,6 +185,7 @@ namespace log {
 	void Log::SendTo (const std::string& path)
 	{
 		if (m_LogStream) m_LogStream = nullptr; // close previous
+		if (m_MinLevel == eLogNone) return;
 		auto flags = std::ofstream::out | std::ofstream::app;
 		auto os = std::make_shared<std::ofstream> (path, flags);
 		if (os->is_open ())
@ -202,6 +207,7 @@ namespace log {
				@@ -202,6 +207,7 @@ namespace log {

 #ifndef _WIN32
 	void Log::SendTo(const char *name, int facility) {
+		if (m_MinLevel == eLogNone) return;
 		m_HasColors = false;
 		m_Destination = eLogSyslog;
 		m_LogStream = nullptr;
--- a/libi2pd/Log.h
+++ b/libi2pd/Log.h
@ -25,7 +25,8 @@
				@@ -25,7 +25,8 @@

 enum LogLevel
 {
-	eLogError = 0,
+	eLogNone = 0,
+	eLogError,
 	eLogWarning,
 	eLogInfo,
 	eLogDebug,
--- a/libi2pd/NTCPSession.cpp
+++ b/libi2pd/NTCPSession.cpp
@ -1247,7 +1247,7 @@ namespace transport
				@@ -1247,7 +1247,7 @@ namespace transport
 				return;
 			}
 			buff[4] = (uint8_t) addrsize;
-			memcpy(buff+4, host.c_str(), addrsize);
+			memcpy(buff+5, host.c_str(), addrsize);
 		}
 		htobe16buf(buff+sz, port);
 		sz += 2;
@ -1259,7 +1259,7 @@ namespace transport
				@@ -1259,7 +1259,7 @@ namespace transport
 			}
 		});

-		boost::asio::async_read(conn->GetSocket(), boost::asio::buffer(readbuff, sz), [=](const boost::system::error_code & e, std::size_t transferred) {
+		boost::asio::async_read(conn->GetSocket(), boost::asio::buffer(readbuff, 10), [=](const boost::system::error_code & e, std::size_t transferred) {
 			if(e)
 			{
 				LogPrint(eLogError, "NTCP: socks proxy read error ", e.message());
--- a/libi2pd/Reseed.cpp
+++ b/libi2pd/Reseed.cpp
@ -489,6 +489,27 @@ namespace data
				@@ -489,6 +489,27 @@ namespace data

 	std::string Reseeder::HttpsRequest (const std::string& address)
 	{
+		i2p::http::URL proxyUrl;
+		std::string proxy; i2p::config::GetOption("reseed.proxy", proxy);
+		// check for proxy url
+		if(proxy.size()) {
+			// parse
+			if(proxyUrl.parse(proxy)) {
+				if (proxyUrl.schema == "http" && !proxyUrl.port) {
+					proxyUrl.port = 80;
+				} else if (proxyUrl.schema == "socks" && !proxyUrl.port) {
+					proxyUrl.port = 1080;
+				}
+				// check for valid proxy url schema
+				if (proxyUrl.schema != "http" && proxyUrl.schema != "socks") {
+					LogPrint(eLogError, "Reseed: bad proxy url: ", proxy);
+					return "";
+				}
+			} else {
+				LogPrint(eLogError, "Reseed: bad proxy url: ", proxy);
+				return "";
+			}
+		}
 		i2p::http::URL url;
 		if (!url.parse(address)) {
 			LogPrint(eLogError, "Reseed: failed to parse url: ", address);
@ -500,66 +521,183 @@ namespace data
				@@ -500,66 +521,183 @@ namespace data

 		boost::asio::io_service service;
 		boost::system::error_code ecode;
-		auto it = boost::asio::ip::tcp::resolver(service).resolve (
-			boost::asio::ip::tcp::resolver::query (url.host, std::to_string(url.port)), ecode);
-		if (!ecode)
+
+		boost::asio::ssl::context ctx(service, boost::asio::ssl::context::sslv23);
+		ctx.set_verify_mode(boost::asio::ssl::context::verify_none);
+		boost::asio::ssl::stream<boost::asio::ip::tcp::socket> s(service, ctx);
+
+		if(proxyUrl.schema.size())
 		{
-			boost::asio::ssl::context ctx(service, boost::asio::ssl::context::sslv23);
-			ctx.set_verify_mode(boost::asio::ssl::context::verify_none);
-			boost::asio::ssl::stream<boost::asio::ip::tcp::socket> s(service, ctx);
-			s.lowest_layer().connect (*it, ecode);
-			if (!ecode)
+			// proxy connection
+			auto it = boost::asio::ip::tcp::resolver(service).resolve (
+				boost::asio::ip::tcp::resolver::query (proxyUrl.host, std::to_string(proxyUrl.port)), ecode);
+			if(!ecode)
 			{
-				SSL_set_tlsext_host_name(s.native_handle(), url.host.c_str ());
-				s.handshake (boost::asio::ssl::stream_base::client, ecode);
-				if (!ecode)
+				s.lowest_layer().connect(*it, ecode);
+				if(!ecode)
 				{
-					LogPrint (eLogDebug, "Reseed: Connected to ", url.host, ":", url.port);
-					i2p::http::HTTPReq req;
-					req.uri = url.to_string();
-					req.AddHeader("User-Agent", "Wget/1.11.4");
-					req.AddHeader("Connection", "close");
-					s.write_some (boost::asio::buffer (req.to_string()));
-					// read response
-					std::stringstream rs;
-					char recv_buf[1024]; size_t l = 0;
-					do {
-						l = s.read_some (boost::asio::buffer (recv_buf, sizeof(recv_buf)), ecode);
-						if (l) rs.write (recv_buf, l);
-					} while (!ecode && l);
-					// process response
-					std::string data = rs.str();
-					i2p::http::HTTPRes res;
-					int len = res.parse(data);
-					if (len <= 0) {
-						LogPrint(eLogWarning, "Reseed: incomplete/broken response from ", url.host);
-						return "";
-					}
-					if (res.code != 200) {
-						LogPrint(eLogError, "Reseed: failed to reseed from ", url.host, ", http code ", res.code);
-						return "";
+					auto & sock = s.next_layer();
+					if(proxyUrl.schema == "http")
+					{
+						i2p::http::HTTPReq proxyReq;
+						i2p::http::HTTPRes proxyRes;
+						proxyReq.method = "CONNECT";
+						proxyReq.version = "HTTP/1.1";
+						proxyReq.uri = url.host + ":" + std::to_string(url.port);
+
+						boost::asio::streambuf writebuf, readbuf;
+
+						std::ostream out(&writebuf);
+						out << proxyReq.to_string();
+
+						boost::asio::write(sock, writebuf.data(), boost::asio::transfer_all(), ecode);
+						if (ecode)
+						{
+							sock.close();
+							LogPrint(eLogError, "Reseed: HTTP CONNECT write error: ", ecode.message());
+							return "";
+						}
+						boost::asio::read_until(sock, readbuf, "\r\n\r\n", ecode);
+						if (ecode)
+						{
+							sock.close();
+							LogPrint(eLogError, "Reseed: HTTP CONNECT read error: ", ecode.message());
+							return "";
+						}
+						if(proxyRes.parse(boost::asio::buffer_cast<const char *>(readbuf.data()), readbuf.size()) <= 0)
+						{
+							sock.close();
+							LogPrint(eLogError, "Reseed: HTTP CONNECT malformed reply");
+							return "";
+						}
+						if(proxyRes.code != 200)
+						{
+							sock.close();
+							LogPrint(eLogError, "Reseed: HTTP CONNECT got bad status: ", proxyRes.code);
+							return "";
+						}
 					}
-					data.erase(0, len); /* drop http headers from response */
-					LogPrint(eLogDebug, "Reseed: got ", data.length(), " bytes of data from ", url.host);
-					if (res.is_chunked()) {
-						std::stringstream in(data), out;
-						if (!i2p::http::MergeChunkedResponse(in, out)) {
-							LogPrint(eLogWarning, "Reseed: failed to merge chunked response from ", url.host);
+					else
+					{
+						// assume socks if not http, is checked before this for other types
+						// TODO: support username/password auth etc
+						uint8_t hs_writebuf[3] = {0x05, 0x01, 0x00};
+						uint8_t hs_readbuf[2];
+						boost::asio::write(sock, boost::asio::buffer(hs_writebuf, 3), boost::asio::transfer_all(), ecode);
+						if(ecode)
+						{
+							sock.close();
+							LogPrint(eLogError, "Reseed: SOCKS handshake write failed: ", ecode.message());
+							return "";
+						}
+						boost::asio::read(sock, boost::asio::buffer(hs_readbuf, 2), ecode);
+						if(ecode)
+						{
+							sock.close();
+							LogPrint(eLogError, "Reseed: SOCKS handshake read failed: ", ecode.message());
+							return "";
+						}
+						size_t sz = 0;
+						uint8_t buf[256];
+
+						buf[0] = 0x05;
+						buf[1] = 0x01;
+						buf[2] = 0x00;
+						buf[3] = 0x03;
+						sz += 4;
+						size_t hostsz = url.host.size();
+						if(1 + 2 + hostsz + sz > sizeof(buf))
+						{
+							sock.close();
+							LogPrint(eLogError, "Reseed: SOCKS handshake failed, hostname too big: ", url.host);
+							return "";
+						}
+						buf[4] = (uint8_t) hostsz;
+						memcpy(buf+5, url.host.c_str(), hostsz);
+						sz += hostsz + 1;
+						htobe16buf(buf+sz, url.port);
+						sz += 2;
+						boost::asio::write(sock, boost::asio::buffer(buf, sz), boost::asio::transfer_all(), ecode);
+						if(ecode)
+						{
+							sock.close();
+							LogPrint(eLogError, "Reseed: SOCKS handshake failed writing: ", ecode.message());
+							return "";
+						}
+						boost::asio::read(sock, boost::asio::buffer(buf, 10), ecode);
+						if(ecode)
+						{
+							sock.close();
+							LogPrint(eLogError, "Reseed: SOCKS handshake failed reading: ", ecode.message());
+							return "";
+						}
+						if(buf[1] != 0x00)
+						{
+							sock.close();
+							LogPrint(eLogError, "Reseed: SOCKS handshake bad reply code: ", std::to_string(buf[1]));
 							return "";
 						}
-						LogPrint(eLogDebug, "Reseed: got ", data.length(), "(", out.tellg(), ") bytes of data from ", url.host);
-						data = out.str();
 					}
-					return data;
 				}
-				else
-					LogPrint (eLogError, "Reseed: SSL handshake failed: ", ecode.message ());
+			}
+		}
+		else
+		{
+			// direct connection
+			auto it = boost::asio::ip::tcp::resolver(service).resolve (
+				boost::asio::ip::tcp::resolver::query (url.host, std::to_string(url.port)), ecode);
+			if(!ecode)
+				s.lowest_layer().connect (*it, ecode);
+		}
+		if (!ecode)
+		{
+			SSL_set_tlsext_host_name(s.native_handle(), url.host.c_str ());
+			s.handshake (boost::asio::ssl::stream_base::client, ecode);
+			if (!ecode)
+			{
+				LogPrint (eLogDebug, "Reseed: Connected to ", url.host, ":", url.port);
+				i2p::http::HTTPReq req;
+				req.uri = url.to_string();
+				req.AddHeader("User-Agent", "Wget/1.11.4");
+				req.AddHeader("Connection", "close");
+				s.write_some (boost::asio::buffer (req.to_string()));
+				// read response
+				std::stringstream rs;
+				char recv_buf[1024]; size_t l = 0;
+				do {
+					l = s.read_some (boost::asio::buffer (recv_buf, sizeof(recv_buf)), ecode);
+					if (l) rs.write (recv_buf, l);
+				} while (!ecode && l);
+				// process response
+				std::string data = rs.str();
+				i2p::http::HTTPRes res;
+				int len = res.parse(data);
+				if (len <= 0) {
+					LogPrint(eLogWarning, "Reseed: incomplete/broken response from ", url.host);
+					return "";
+				}
+				if (res.code != 200) {
+					LogPrint(eLogError, "Reseed: failed to reseed from ", url.host, ", http code ", res.code);
+					return "";
+				}
+				data.erase(0, len); /* drop http headers from response */
+				LogPrint(eLogDebug, "Reseed: got ", data.length(), " bytes of data from ", url.host);
+				if (res.is_chunked()) {
+					std::stringstream in(data), out;
+					if (!i2p::http::MergeChunkedResponse(in, out)) {
+						LogPrint(eLogWarning, "Reseed: failed to merge chunked response from ", url.host);
+						return "";
+					}
+					LogPrint(eLogDebug, "Reseed: got ", data.length(), "(", out.tellg(), ") bytes of data from ", url.host);
+					data = out.str();
+				}
+				return data;
 			}
 			else
-				LogPrint (eLogError, "Reseed: Couldn't connect to ", url.host, ": ", ecode.message ());
+				LogPrint (eLogError, "Reseed: SSL handshake failed: ", ecode.message ());
 		}
 		else
-			LogPrint (eLogError, "Reseed: Couldn't resolve address ", url.host, ": ", ecode.message ());
+			LogPrint (eLogError, "Reseed: Couldn't connect to ", url.host, ": ", ecode.message ());
 		return "";
 	}
 }
--- a/libi2pd/RouterInfo.cpp
+++ b/libi2pd/RouterInfo.cpp
@ -132,6 +132,13 @@ namespace data
				@@ -132,6 +132,13 @@ namespace data
 		}
 		if (verifySignature)
 		{	
+			// reject RSA signatures
+			if (m_RouterIdentity->IsRSA ())
+			{
+				LogPrint (eLogError, "RouterInfo: RSA signature type is not allowed");
+				m_IsUnreachable = true;
+				return;
+			}
 			// verify signature
 			int l = m_BufferLen - m_RouterIdentity->GetSignatureLen ();	
 			if (l < 0 || !m_RouterIdentity->Verify ((uint8_t *)m_Buffer, l, (uint8_t *)m_Buffer + l))
--- a/libi2pd/Streaming.cpp
+++ b/libi2pd/Streaming.cpp
@ -62,6 +62,7 @@ namespace stream
				@@ -62,6 +62,7 @@ namespace stream
 		m_RemoteLeaseSet (remote), m_ReceiveTimer (m_Service), m_ResendTimer (m_Service),
 		m_AckSendTimer (m_Service),  m_NumSentBytes (0), m_NumReceivedBytes (0), m_Port (port),
 		m_WindowSize (MIN_WINDOW_SIZE), m_RTT (INITIAL_RTT), m_RTO (INITIAL_RTO),
+		m_AckDelay (local.GetOwner ()->GetStreamingAckDelay ()),
 		m_LastWindowSizeIncreaseTime (0), m_NumResendAttempts (0)
 	{
 		RAND_bytes ((uint8_t *)&m_RecvStreamID, 4);
@ -73,7 +74,8 @@ namespace stream
				@@ -73,7 +74,8 @@ namespace stream
 		m_Status (eStreamStatusNew), m_IsAckSendScheduled (false), m_LocalDestination (local),
 		m_ReceiveTimer (m_Service), m_ResendTimer (m_Service), m_AckSendTimer (m_Service),
 		m_NumSentBytes (0), m_NumReceivedBytes (0), m_Port (0),  m_WindowSize (MIN_WINDOW_SIZE),
-		m_RTT (INITIAL_RTT), m_RTO (INITIAL_RTO), m_LastWindowSizeIncreaseTime (0), m_NumResendAttempts (0)
+		m_RTT (INITIAL_RTT), m_RTO (INITIAL_RTO), m_AckDelay (local.GetOwner ()->GetStreamingAckDelay ()),
+		m_LastWindowSizeIncreaseTime (0), m_NumResendAttempts (0)
 	{
 		RAND_bytes ((uint8_t *)&m_RecvStreamID, 4);
 	}
@ -161,7 +163,7 @@ namespace stream
				@@ -161,7 +163,7 @@ namespace stream
 				{
 					m_IsAckSendScheduled = true;
 					auto ackTimeout = m_RTT/10;
-					if (ackTimeout > ACK_SEND_TIMEOUT) ackTimeout = ACK_SEND_TIMEOUT;
+					if (ackTimeout > m_AckDelay) ackTimeout = m_AckDelay;
 					m_AckSendTimer.expires_from_now (boost::posix_time::milliseconds(ackTimeout));
 					m_AckSendTimer.async_wait (std::bind (&Stream::HandleAckSendTimer,
 						shared_from_this (), std::placeholders::_1));
@ -199,7 +201,7 @@ namespace stream
				@@ -199,7 +201,7 @@ namespace stream
 				{
 					// wait for SYN
 					m_IsAckSendScheduled = true;
-					m_AckSendTimer.expires_from_now (boost::posix_time::milliseconds(ACK_SEND_TIMEOUT));
+					m_AckSendTimer.expires_from_now (boost::posix_time::milliseconds(SYN_TIMEOUT));
 					m_AckSendTimer.async_wait (std::bind (&Stream::HandleAckSendTimer,
 						shared_from_this (), std::placeholders::_1));
 				}
@ -228,6 +230,13 @@ namespace stream
				@@ -228,6 +230,13 @@ namespace stream
 		if (flags & PACKET_FLAG_FROM_INCLUDED)
 		{
 			m_RemoteIdentity = std::make_shared<i2p::data::IdentityEx>(optionData, packet->GetOptionSize ());
+			if (m_RemoteIdentity->IsRSA ())
+			{
+				LogPrint (eLogInfo, "Streaming: Incoming stream from RSA destination ", m_RemoteIdentity->GetIdentHash ().ToBase64 (), "  Discarded");
+				m_LocalDestination.DeletePacket (packet);
+				Terminate ();
+				return;
+			}
 			optionData += m_RemoteIdentity->GetFullLen ();
 			if (!m_RemoteLeaseSet)
 				LogPrint (eLogDebug, "Streaming: Incoming stream from ", m_RemoteIdentity->GetIdentHash ().ToBase64 (), ", sSID=", m_SendStreamID, ", rSID=", m_RecvStreamID);
@ -244,16 +253,23 @@ namespace stream
				@@ -244,16 +253,23 @@ namespace stream
 		{
 			uint8_t signature[256];
 			auto signatureLen = m_RemoteIdentity->GetSignatureLen ();
-			memcpy (signature, optionData, signatureLen);
-			memset (const_cast<uint8_t *>(optionData), 0, signatureLen);
-			if (!m_RemoteIdentity->Verify (packet->GetBuffer (), packet->GetLength (), signature))
+			if(signatureLen <= sizeof(signature))
 			{
-				LogPrint (eLogError, "Streaming: Signature verification failed, sSID=", m_SendStreamID, ", rSID=", m_RecvStreamID);
-				Close ();
-				flags |= PACKET_FLAG_CLOSE;
+				memcpy (signature, optionData, signatureLen);
+				memset (const_cast<uint8_t *>(optionData), 0, signatureLen);
+				if (!m_RemoteIdentity->Verify (packet->GetBuffer (), packet->GetLength (), signature))
+				{
+					LogPrint (eLogError, "Streaming: Signature verification failed, sSID=", m_SendStreamID, ", rSID=", m_RecvStreamID);
+					Close ();
+					flags |= PACKET_FLAG_CLOSE;
+				}
+				memcpy (const_cast<uint8_t *>(optionData), signature, signatureLen);
+				optionData += signatureLen;
+			}
+			else
+			{
+				LogPrint(eLogError, "Streaming: Signature too big, ", signatureLen, " bytes");
 			}
-			memcpy (const_cast<uint8_t *>(optionData), signature, signatureLen);
-			optionData += signatureLen;
 		}

 		packet->offset = packet->GetPayload () - packet->buf;
@ -798,7 +814,7 @@ namespace stream
				@@ -798,7 +814,7 @@ namespace stream
 		{
 			if (m_LastReceivedSequenceNumber < 0)
 			{
-				LogPrint (eLogWarning, "Streaming: SYN has not been received after ", ACK_SEND_TIMEOUT, " milliseconds after follow on, terminate rSID=", m_RecvStreamID, ", sSID=", m_SendStreamID);
+				LogPrint (eLogWarning, "Streaming: SYN has not been received after ", SYN_TIMEOUT, " milliseconds after follow on, terminate rSID=", m_RecvStreamID, ", sSID=", m_SendStreamID);
 				m_Status = eStreamStatusReset;
 				Close ();
 				return;
--- a/libi2pd/Streaming.h
+++ b/libi2pd/Streaming.h
@ -42,13 +42,13 @@ namespace stream
				@@ -42,13 +42,13 @@ namespace stream
 	const size_t STREAMING_MTU = 1730;
 	const size_t MAX_PACKET_SIZE = 4096;
 	const size_t COMPRESSION_THRESHOLD_SIZE = 66;	
-	const int ACK_SEND_TIMEOUT = 200; // in milliseconds
 	const int MAX_NUM_RESEND_ATTEMPTS = 6;	
 	const int WINDOW_SIZE = 6; // in messages
 	const int MIN_WINDOW_SIZE = 1;
 	const int MAX_WINDOW_SIZE = 128;		
 	const int INITIAL_RTT = 8000; // in milliseconds
 	const int INITIAL_RTO = 9000; // in milliseconds
+	const int SYN_TIMEOUT = 200; // how long we wait for SYN after follow-on, in milliseconds
 	const size_t MAX_PENDING_INCOMING_BACKLOG = 128;
 	const int PENDING_INCOMING_TIMEOUT = 10; // in seconds
 	const int MAX_RECEIVE_TIMEOUT = 30; // in seconds 
@ -242,7 +242,7 @@ namespace stream
				@@ -242,7 +242,7 @@ namespace stream

 			std::mutex m_SendBufferMutex;
 			SendBufferQueue m_SendBuffer;
-			int m_WindowSize, m_RTT, m_RTO;
+			int m_WindowSize, m_RTT, m_RTO, m_AckDelay;
 			uint64_t m_LastWindowSizeIncreaseTime;
 			int m_NumResendAttempts;
 	};
--- a/libi2pd/version.h
+++ b/libi2pd/version.h
@ -7,7 +7,7 @@
				@@ -7,7 +7,7 @@
 #define MAKE_VERSION(a,b,c) STRINGIZE(a) "." STRINGIZE(b) "." STRINGIZE(c)

 #define I2PD_VERSION_MAJOR 2
-#define I2PD_VERSION_MINOR 15
+#define I2PD_VERSION_MINOR 16
 #define I2PD_VERSION_MICRO 0
 #define I2PD_VERSION_PATCH 0
 #define I2PD_VERSION MAKE_VERSION(I2PD_VERSION_MAJOR, I2PD_VERSION_MINOR, I2PD_VERSION_MICRO)
--- a/libi2pd_client/ClientContext.cpp
+++ b/libi2pd_client/ClientContext.cpp
@ -71,12 +71,12 @@ namespace client
				@@ -71,12 +71,12 @@ namespace client
 			}
 			try
 			{
-			  m_HttpProxy = new i2p::proxy::HTTPProxy(httpProxyAddr, httpProxyPort, httpOutProxyURL, localDestination);
-			  m_HttpProxy->Start();
+				m_HttpProxy = new i2p::proxy::HTTPProxy("HTTP Proxy", httpProxyAddr, httpProxyPort, httpOutProxyURL, localDestination);
+				m_HttpProxy->Start();
 			}
 			catch (std::exception& e)
 			{
-			  LogPrint(eLogError, "Clients: Exception in HTTP Proxy: ", e.what());
+				LogPrint(eLogError, "Clients: Exception in HTTP Proxy: ", e.what());
 			}
 		}

@ -107,7 +107,8 @@ namespace client
				@@ -107,7 +107,8 @@ namespace client
 			}
 			try
 			{
-				m_SocksProxy = new i2p::proxy::SOCKSProxy(socksProxyAddr, socksProxyPort, socksOutProxy, socksOutProxyAddr, socksOutProxyPort, localDestination);
+				m_SocksProxy = new i2p::proxy::SOCKSProxy("SOCKS", socksProxyAddr, socksProxyPort,
+	 				socksOutProxy, socksOutProxyAddr, socksOutProxyPort, localDestination);
 				m_SocksProxy->Start();
 			}
 			catch (std::exception& e)
@ -283,6 +284,13 @@ namespace client
				@@ -283,6 +284,13 @@ namespace client
 	bool ClientContext::LoadPrivateKeys (i2p::data::PrivateKeys& keys, const std::string& filename, 
 		i2p::data::SigningKeyType sigType, i2p::data::CryptoKeyType cryptoType)
 	{
+		if (filename == "transient")
+		{
+			keys = i2p::data::PrivateKeys::CreateRandomKeys (sigType, cryptoType);
+			LogPrint (eLogInfo, "Clients: New transient keys address ", m_AddressBook.ToAddress(keys.GetPublic ()->GetIdentHash ()), " created");
+			return true;
+		}
+
 		bool success = true;
 		std::string fullPath = i2p::fs::DataDirPath (filename);
 		std::ifstream s(fullPath, std::ifstream::binary);
@ -341,10 +349,11 @@ namespace client
				@@ -341,10 +349,11 @@ namespace client
 		return infos;
 	}

-	std::shared_ptr<ClientDestination> ClientContext::CreateNewLocalDestination (bool isPublic, i2p::data::SigningKeyType sigType,
-     const std::map<std::string, std::string> * params)
+	std::shared_ptr<ClientDestination> ClientContext::CreateNewLocalDestination (bool isPublic,
+ 		i2p::data::SigningKeyType sigType, i2p::data::CryptoKeyType cryptoType,
+		const std::map<std::string, std::string> * params)
 	{
-		i2p::data::PrivateKeys keys = i2p::data::PrivateKeys::CreateRandomKeys (sigType);
+		i2p::data::PrivateKeys keys = i2p::data::PrivateKeys::CreateRandomKeys (sigType, cryptoType);
 		auto localDestination = std::make_shared<ClientDestination> (keys, isPublic, params);
 		std::unique_lock<std::mutex> l(m_DestinationsMutex);
 		m_Destinations[localDestination->GetIdentHash ()] = localDestination;
@ -422,6 +431,7 @@ namespace client
				@@ -422,6 +431,7 @@ namespace client
 		options[I2CP_PARAM_TAGS_TO_SEND] = GetI2CPOption (section, I2CP_PARAM_TAGS_TO_SEND, DEFAULT_TAGS_TO_SEND);
 		options[I2CP_PARAM_MIN_TUNNEL_LATENCY] = GetI2CPOption(section, I2CP_PARAM_MIN_TUNNEL_LATENCY, DEFAULT_MIN_TUNNEL_LATENCY);
 		options[I2CP_PARAM_MAX_TUNNEL_LATENCY] = GetI2CPOption(section, I2CP_PARAM_MAX_TUNNEL_LATENCY, DEFAULT_MAX_TUNNEL_LATENCY);
+		options[I2CP_PARAM_STREAMING_INITIAL_ACK_DELAY] = GetI2CPOption(section, I2CP_PARAM_STREAMING_INITIAL_ACK_DELAY, DEFAULT_INITIAL_ACK_DELAY);
 	}

 	void ClientContext::ReadI2CPOptionsFromConfig (const std::string& prefix, std::map<std::string, std::string>& options) const
@ -533,14 +543,14 @@ namespace client
				@@ -533,14 +543,14 @@ namespace client
 						if (type == I2P_TUNNELS_SECTION_TYPE_SOCKS)
 						{
 							// socks proxy
-							clientTunnel = new i2p::proxy::SOCKSProxy(address, port, false, "", destinationPort, localDestination);
+							clientTunnel = new i2p::proxy::SOCKSProxy(name, address, port, false, "", destinationPort, localDestination);
 							clientEndpoint = ((i2p::proxy::SOCKSProxy*)clientTunnel)->GetLocalEndpoint ();
 						}
 						else if (type == I2P_TUNNELS_SECTION_TYPE_HTTPPROXY)
 						{
 							// http proxy
 							std::string outproxy = section.second.get("outproxy", "");
-							clientTunnel = new i2p::proxy::HTTPProxy(address, port, outproxy, localDestination);
+							clientTunnel = new i2p::proxy::HTTPProxy(name, address, port, outproxy, localDestination);
 							clientEndpoint = ((i2p::proxy::HTTPProxy*)clientTunnel)->GetLocalEndpoint ();
 						}
 						else if (type == I2P_TUNNELS_SECTION_TYPE_WEBSOCKS)
--- a/libi2pd_client/ClientContext.h
+++ b/libi2pd_client/ClientContext.h
@ -64,10 +64,12 @@ namespace client
				@@ -64,10 +64,12 @@ namespace client
 			void ReloadConfig ();

 			std::shared_ptr<ClientDestination> GetSharedLocalDestination () const { return m_SharedLocalDestination; };
-			std::shared_ptr<ClientDestination> CreateNewLocalDestination (bool isPublic = false, i2p::data::SigningKeyType sigType = i2p::data::SIGNING_KEY_TYPE_DSA_SHA1,
-			    const std::map<std::string, std::string> * params = nullptr); // transient
+			std::shared_ptr<ClientDestination> CreateNewLocalDestination (bool isPublic = false, // transient
+				i2p::data::SigningKeyType sigType = i2p::data::SIGNING_KEY_TYPE_DSA_SHA1,
+				i2p::data::CryptoKeyType cryptoType = i2p::data::CRYPTO_KEY_TYPE_ELGAMAL,
+				const std::map<std::string, std::string> * params = nullptr); // used by SAM only
 			std::shared_ptr<ClientDestination> CreateNewLocalDestination (const i2p::data::PrivateKeys& keys, bool isPublic = true,
-    																																const std::map<std::string, std::string> * params = nullptr);
+				const std::map<std::string, std::string> * params = nullptr);
 			std::shared_ptr<ClientDestination> CreateNewMatchedTunnelDestination(const i2p::data::PrivateKeys &keys, const std::string & name, const std::map<std::string, std::string> * params = nullptr);
 			void DeleteLocalDestination (std::shared_ptr<ClientDestination> destination);
 			std::shared_ptr<ClientDestination> FindLocalDestination (const i2p::data::IdentHash& destination) const;
@ -76,6 +78,7 @@ namespace client
				@@ -76,6 +78,7 @@ namespace client
 				i2p::data::CryptoKeyType cryptoType = i2p::data::CRYPTO_KEY_TYPE_ELGAMAL);

 			AddressBook& GetAddressBook () { return m_AddressBook; };
+			const BOBCommandChannel * GetBOBCommandChannel () const { return m_BOBCommandChannel; };
 			const SAMBridge * GetSAMBridge () const { return m_SamBridge; };
 			const I2CPServer * GetI2CPServer () const { return m_I2CPServer; };

@ -87,8 +90,8 @@ namespace client
				@@ -87,8 +90,8 @@ namespace client
 			template<typename Section, typename Type>
 			std::string GetI2CPOption (const Section& section, const std::string& name, const Type& value) const;
 			template<typename Section>
-			void ReadI2CPOptions (const Section& section, std::map<std::string, std::string>& options) const;
-			void ReadI2CPOptionsFromConfig (const std::string& prefix, std::map<std::string, std::string>& options) const;
+			void ReadI2CPOptions (const Section& section, std::map<std::string, std::string>& options) const; // for tunnels
+			void ReadI2CPOptionsFromConfig (const std::string& prefix, std::map<std::string, std::string>& options) const; // for HTTP and SOCKS proxy

 			void CleanupUDP(const boost::system::error_code & ecode);
 			void ScheduleCleanupUDP();
--- a/libi2pd_client/HTTPProxy.cpp
+++ b/libi2pd_client/HTTPProxy.cpp
@ -54,7 +54,7 @@ namespace proxy {
				@@ -54,7 +54,7 @@ namespace proxy {
 			void HandleSockRecv(const boost::system::error_code & ecode, std::size_t bytes_transfered);
 			void Terminate();
 			void AsyncSockRead();
-			bool ExtractAddressHelper(i2p::http::URL & url, std::string & b64);
+			bool ExtractAddressHelper(i2p::http::URL & url, std::string & b64, bool & confirm);
 			void SanitizeHTTPRequest(i2p::http::HTTPReq & req);
 			void SentHTTPFailed(const boost::system::error_code & ecode);
 			void HandleStreamRequestComplete (std::shared_ptr<i2p::stream::Stream> stream);
@ -182,13 +182,15 @@ namespace proxy {
				@@ -182,13 +182,15 @@ namespace proxy {
 					 std::bind(&HTTPReqHandler::SentHTTPFailed, shared_from_this(), std::placeholders::_1));
 	}

-	bool HTTPReqHandler::ExtractAddressHelper(i2p::http::URL & url, std::string & b64)
+	bool HTTPReqHandler::ExtractAddressHelper(i2p::http::URL & url, std::string & b64, bool & confirm)
 	{
+		confirm = false;
 		const char *param = "i2paddresshelper=";
 		std::size_t pos = url.query.find(param);
 		std::size_t len = std::strlen(param);
 		std::map<std::string, std::string> params;

+
 		if (pos == std::string::npos)
 			return false; /* not found */
 		if (!url.parse_query(params))
@ -197,6 +199,8 @@ namespace proxy {
				@@ -197,6 +199,8 @@ namespace proxy {
 		std::string value = params["i2paddresshelper"];
 		len += value.length();
 		b64 = i2p::http::UrlDecode(value);
+		// if we need update exists, request formed with update param
+		if (params["update"] == "true") { len += std::strlen("&update=true"); confirm = true; }
 		url.query.replace(pos, len, "");
 		return true;
 	}
@ -242,24 +246,36 @@ namespace proxy {
				@@ -242,24 +246,36 @@ namespace proxy {
 		/* parsing success, now let's look inside request */
 		LogPrint(eLogDebug, "HTTPProxy: requested: ", m_ClientRequest.uri);
 		m_RequestURL.parse(m_ClientRequest.uri);
+		bool m_Confirm;

-		if (ExtractAddressHelper(m_RequestURL, b64))
+		if (ExtractAddressHelper(m_RequestURL, b64, m_Confirm))
 		{
 			bool addresshelper; i2p::config::GetOption("httpproxy.addresshelper", addresshelper);
 			if (!addresshelper)
 			{
-				LogPrint(eLogWarning, "HTTPProxy: addresshelper disabled");
-				GenericProxyError("Invalid request", "adddresshelper is not supported");
+				LogPrint(eLogWarning, "HTTPProxy: addresshelper request rejected");
+				GenericProxyError("Invalid request", "addresshelper is not supported");
 				return true;
 			}
-			i2p::client::context.GetAddressBook ().InsertAddress (m_RequestURL.host, b64);
-			LogPrint (eLogInfo, "HTTPProxy: added b64 from addresshelper for ", m_RequestURL.host);
-			std::string full_url = m_RequestURL.to_string();
-			std::stringstream ss;
-			ss << "Host " << m_RequestURL.host << " added to router's addressbook from helper. "
-			   << "Click <a href=\"" << full_url << "\">here</a> to proceed.";
-			GenericProxyInfo("Addresshelper found", ss.str().c_str());
-			return true; /* request processed */
+			if (!i2p::client::context.GetAddressBook ().FindAddress (m_RequestURL.host) || m_Confirm)
+			{
+				i2p::client::context.GetAddressBook ().InsertAddress (m_RequestURL.host, b64);
+				LogPrint (eLogInfo, "HTTPProxy: added b64 from addresshelper for ", m_RequestURL.host);
+				std::string full_url = m_RequestURL.to_string();
+				std::stringstream ss;
+				ss << "Host " << m_RequestURL.host << " added to router's addressbook from helper. "
+				   << "Click <a href=\"" << full_url << "\">here</a> to proceed.";
+				GenericProxyInfo("Addresshelper found", ss.str().c_str());
+				return true; /* request processed */
+			}
+			else
+			{
+				std::stringstream ss;
+				ss << "Host " << m_RequestURL.host << " <font color=red>already in router's addressbook</font>. "
+				   << "Click <a href=\"" << m_RequestURL.query << "?i2paddresshelper=" << b64 << "&update=true\">here</a> to update record.";
+				GenericProxyInfo("Addresshelper found", ss.str().c_str());
+				return true; /* request processed */
+			}
 		}
 		std::string dest_host;
 		uint16_t    dest_port;
@ -570,7 +586,7 @@ namespace proxy {
				@@ -570,7 +586,7 @@ namespace proxy {
 	{
 		if (!stream) {
 			LogPrint (eLogError, "HTTPProxy: error when creating the stream, check the previous warnings for more info");
-			GenericProxyError("Host is down", "Can't create connection to requested host, it may be down");
+			GenericProxyError("Host is down", "Can't create connection to requested host, it may be down. Please try again later.");
 			return;
 		}
 		if (Kill())
@ -582,9 +598,9 @@ namespace proxy {
				@@ -582,9 +598,9 @@ namespace proxy {
 		Done (shared_from_this());
 	}

-	HTTPProxy::HTTPProxy(const std::string& address, int port, const std::string & outproxy, std::shared_ptr<i2p::client::ClientDestination> localDestination):
+	HTTPProxy::HTTPProxy(const std::string& name, const std::string& address, int port, const std::string & outproxy, std::shared_ptr<i2p::client::ClientDestination> localDestination):
 		TCPIPAcceptor(address, port, localDestination ? localDestination : i2p::client::context.GetSharedLocalDestination ()),
-		m_OutproxyUrl(outproxy)
+		m_Name (name), m_OutproxyUrl(outproxy)
 	{
 	}

--- a/libi2pd_client/HTTPProxy.h
+++ b/libi2pd_client/HTTPProxy.h
@ -6,9 +6,9 @@ namespace proxy {
				@@ -6,9 +6,9 @@ namespace proxy {
 	class HTTPProxy: public i2p::client::TCPIPAcceptor
 	{
 		public:
-			HTTPProxy(const std::string& address, int port, const std::string & outproxy, std::shared_ptr<i2p::client::ClientDestination> localDestination);
-			HTTPProxy(const std::string& address, int port, std::shared_ptr<i2p::client::ClientDestination> localDestination = nullptr) :
-				HTTPProxy(address, port, "", localDestination) {} ;
+			HTTPProxy(const std::string& name, const std::string& address, int port, const std::string & outproxy, std::shared_ptr<i2p::client::ClientDestination> localDestination);
+			HTTPProxy(const std::string& name, const std::string& address, int port, std::shared_ptr<i2p::client::ClientDestination> localDestination = nullptr) :
+				HTTPProxy(name, address, port, "", localDestination) {} ;
 			~HTTPProxy() {};

 			std::string GetOutproxyURL() const { return m_OutproxyUrl; }
@ -16,9 +16,10 @@ namespace proxy {
				@@ -16,9 +16,10 @@ namespace proxy {
 		protected:
 			// Implements TCPIPAcceptor
 			std::shared_ptr<i2p::client::I2PServiceHandler> CreateHandler(std::shared_ptr<boost::asio::ip::tcp::socket> socket);
-			const char* GetName() { return "HTTP Proxy"; }
+			const char* GetName() { return m_Name.c_str (); }

 		private:
+			std::string m_Name;
 			std::string m_OutproxyUrl;
 	};
 } // http
--- a/libi2pd_client/SAM.cpp
+++ b/libi2pd_client/SAM.cpp
@ -489,11 +489,15 @@ namespace client
				@@ -489,11 +489,15 @@ namespace client
 		ExtractParams (buf, params);
 		// extract signature type
 		i2p::data::SigningKeyType signatureType = i2p::data::SIGNING_KEY_TYPE_DSA_SHA1;
+		i2p::data::CryptoKeyType cryptoType = i2p::data::CRYPTO_KEY_TYPE_ELGAMAL;
 		auto it = params.find (SAM_PARAM_SIGNATURE_TYPE);
 		if (it != params.end ())
 				// TODO: extract string values
 			signatureType = std::stoi(it->second);
-		auto keys = i2p::data::PrivateKeys::CreateRandomKeys (signatureType);
+		it = params.find (SAM_PARAM_CRYPTO_TYPE);
+		if (it != params.end ())
+			cryptoType = std::stoi(it->second);
+		auto keys = i2p::data::PrivateKeys::CreateRandomKeys (signatureType, cryptoType);
 #ifdef _MSC_VER
 		size_t l = sprintf_s (m_Buffer, SAM_SOCKET_BUFFER_SIZE, SAM_DEST_REPLY,
 			keys.GetPublic ()->ToBase64 ().c_str (), keys.ToBase64 ().c_str ());
@ -911,14 +915,18 @@ namespace client
				@@ -911,14 +915,18 @@ namespace client
 		{
 			// extract signature type
 			i2p::data::SigningKeyType signatureType = i2p::data::SIGNING_KEY_TYPE_DSA_SHA1;
+			i2p::data::CryptoKeyType cryptoType = i2p::data::CRYPTO_KEY_TYPE_ELGAMAL;	
 			if (params)
 			{
 				auto it = params->find (SAM_PARAM_SIGNATURE_TYPE);
 				if (it != params->end ())
 					// TODO: extract string values
 					signatureType = std::stoi(it->second);
+				it = params->find (SAM_PARAM_CRYPTO_TYPE);
+				if (it != params->end ())
+					cryptoType = std::stoi(it->second);
 			}
-			localDestination = i2p::client::context.CreateNewLocalDestination (true, signatureType, params);
+			localDestination = i2p::client::context.CreateNewLocalDestination (true, signatureType, cryptoType, params);
 		}
 		if (localDestination)
 		{
--- a/libi2pd_client/SAM.h
+++ b/libi2pd_client/SAM.h
@ -53,6 +53,7 @@ namespace client
				@@ -53,6 +53,7 @@ namespace client
 	const char SAM_PARAM_DESTINATION[] = "DESTINATION";
 	const char SAM_PARAM_NAME[] = "NAME";
 	const char SAM_PARAM_SIGNATURE_TYPE[] = "SIGNATURE_TYPE";
+	const char SAM_PARAM_CRYPTO_TYPE[] = "CRYPTO_TYPE";
 	const char SAM_PARAM_SIZE[] = "SIZE";
 	const char SAM_VALUE_TRANSIENT[] = "TRANSIENT";
 	const char SAM_VALUE_STREAM[] = "STREAM";
--- a/libi2pd_client/SOCKS.cpp
+++ b/libi2pd_client/SOCKS.cpp
@ -768,9 +768,10 @@ namespace proxy
				@@ -768,9 +768,10 @@ namespace proxy
 			shared_from_this(), std::placeholders::_1, std::placeholders::_2));
 	}

-	SOCKSServer::SOCKSServer(const std::string& address, int port, bool outEnable, const std::string& outAddress, uint16_t outPort,
-			std::shared_ptr<i2p::client::ClientDestination> localDestination) : 
-		TCPIPAcceptor (address, port, localDestination ? localDestination : i2p::client::context.GetSharedLocalDestination ())
+	SOCKSServer::SOCKSServer(const std::string& name, const std::string& address, int port, 
+		bool outEnable, const std::string& outAddress, uint16_t outPort, 
+		std::shared_ptr<i2p::client::ClientDestination> localDestination) : 
+		TCPIPAcceptor (address, port, localDestination ? localDestination : i2p::client::context.GetSharedLocalDestination ()), m_Name (name)
 	{
 		m_UseUpstreamProxy = false;
 		if (outAddress.length() > 0 && outEnable)
--- a/libi2pd_client/SOCKS.h
+++ b/libi2pd_client/SOCKS.h
@ -14,7 +14,7 @@ namespace proxy
				@@ -14,7 +14,7 @@ namespace proxy
 	class SOCKSServer: public i2p::client::TCPIPAcceptor
 	{
 		public:
-			SOCKSServer(const std::string& address, int port, bool outEnable, const std::string& outAddress, uint16_t outPort,
+			SOCKSServer(const std::string& name, const std::string& address, int port, bool outEnable, const std::string& outAddress, uint16_t outPort,
 				std::shared_ptr<i2p::client::ClientDestination> localDestination = nullptr);
 			~SOCKSServer() {};

@ -23,9 +23,11 @@ namespace proxy
				@@ -23,9 +23,11 @@ namespace proxy
 		protected:
 			// Implements TCPIPAcceptor
 			std::shared_ptr<i2p::client::I2PServiceHandler> CreateHandler(std::shared_ptr<boost::asio::ip::tcp::socket> socket);
-			const char* GetName() { return "SOCKS"; }
+			const char* GetName() { return m_Name.c_str (); }

 		private:
+
+			std::string m_Name;
 			std::string m_UpstreamProxyAddress;
 			uint16_t m_UpstreamProxyPort;
 			bool m_UseUpstreamProxy;
--- a/qt/i2pd_qt/.gitignore
+++ b/qt/i2pd_qt/.gitignore
@ -3,5 +3,7 @@ moc_*
				@@ -3,5 +3,7 @@ moc_*
 ui_*
 qrc_*
 i2pd_qt
-Makefile
+Makefile*
 *.stash
+object_script.*
+i2pd_qt_plugin_import.cpp
--- a/qt/i2pd_qt/SignatureTypeComboboxFactory.h
+++ b/qt/i2pd_qt/SignatureTypeComboboxFactory.h
@ -70,13 +70,6 @@ public:
				@@ -70,13 +70,6 @@ public:
        addItem(signatureTypeCombobox, QApplication::translate("signatureTypeCombobox", "GOSTR3410_TC26_A_512_GOSTR3411_512", 0), SIGNING_KEY_TYPE_GOSTR3410_TC26_A_512_GOSTR3411_512); //10
        if(selectedSigType==SIGNING_KEY_TYPE_GOSTR3410_TC26_A_512_GOSTR3411_512){signatureTypeCombobox->setCurrentIndex(index);foundSelected=true;}
        ++index;
-        // TODO: remove later
-        addItem(signatureTypeCombobox, QApplication::translate("signatureTypeCombobox", "GOSTR3410_CRYPTO_PRO_A_GOSTR3411_256_TEST", 0), SIGNING_KEY_TYPE_GOSTR3410_CRYPTO_PRO_A_GOSTR3411_256_TEST); //65281
-        if(selectedSigType==SIGNING_KEY_TYPE_GOSTR3410_CRYPTO_PRO_A_GOSTR3411_256_TEST){signatureTypeCombobox->setCurrentIndex(index);foundSelected=true;}
-        ++index;
-        addItem(signatureTypeCombobox, QApplication::translate("signatureTypeCombobox", "GOSTR3410_TC26_A_512_GOSTR3411_512_TEST", 0), SIGNING_KEY_TYPE_GOSTR3410_TC26_A_512_GOSTR3411_512_TEST); //65282
-        if(selectedSigType==SIGNING_KEY_TYPE_GOSTR3410_TC26_A_512_GOSTR3411_512_TEST){signatureTypeCombobox->setCurrentIndex(index);foundSelected=true;}
-        ++index;
        if(!foundSelected){
            addItem(signatureTypeCombobox, QString::number(selectedSigType), selectedSigType); //unknown sigtype
            signatureTypeCombobox->setCurrentIndex(index);
--- a/qt/i2pd_qt/android/AndroidManifest.xml
+++ b/qt/i2pd_qt/android/AndroidManifest.xml
@ -1,5 +1,5 @@
				@@ -1,5 +1,5 @@
 <?xml version="1.0"?>
-<manifest package="org.purplei2p.i2pd" xmlns:android="http://schemas.android.com/apk/res/android" android:versionName="2.15.0" android:versionCode="2" android:installLocation="auto">
+<manifest package="org.purplei2p.i2pd" xmlns:android="http://schemas.android.com/apk/res/android" android:versionName="2.16.0" android:versionCode="2" android:installLocation="auto">
    <uses-sdk android:minSdkVersion="11" android:targetSdkVersion="23"/>
        <supports-screens android:largeScreens="true" android:normalScreens="true" android:anyDensity="true" android:smallScreens="true"/>
    <!-- <application android:hardwareAccelerated="true" -->
--- a/qt/i2pd_qt/mainwindow.cpp
+++ b/qt/i2pd_qt/mainwindow.cpp
@ -155,8 +155,9 @@ MainWindow::MainWindow(QWidget *parent) :
				@@ -155,8 +155,9 @@ MainWindow::MainWindow(QWidget *parent) :

    uiSettings->logDestinationComboBox->clear();
    uiSettings->logDestinationComboBox->insertItems(0, QStringList()
-     << QApplication::translate("MainWindow", "stdout", 0)
-     << QApplication::translate("MainWindow", "file", 0)
+        << QApplication::translate("MainWindow", "syslog", 0)
+        << QApplication::translate("MainWindow", "stdout", 0)
+        << QApplication::translate("MainWindow", "file", 0)
    );
    initLogDestinationCombobox(   OPTION("","log",[]{return "";}), uiSettings->logDestinationComboBox);

@ -302,9 +303,9 @@ MainWindow::MainWindow(QWidget *parent) :
				@@ -302,9 +303,9 @@ MainWindow::MainWindow(QWidget *parent) :
 }

 void MainWindow::logDestinationComboBoxValueChanged(const QString & text) {
-    bool stdout = text==QString("stdout");
-    uiSettings->logFileLineEdit->setEnabled(!stdout);
-    uiSettings->logFileBrowsePushButton->setEnabled(!stdout);
+    bool fileEnabled = text==QString("file");
+    uiSettings->logFileLineEdit->setEnabled(fileEnabled);
+    uiSettings->logFileBrowsePushButton->setEnabled(fileEnabled);
 }


--- a/qt/i2pd_qt/mainwindow.h
+++ b/qt/i2pd_qt/mainwindow.h
@ -224,7 +224,6 @@ public:
				@@ -224,7 +224,6 @@ public:
    }
    virtual void saveToStringStream(std::stringstream& out){
        std::string logDest = comboBox->currentText().toStdString();
-        if(logDest==std::string("stdout"))logDest="";
        optionValue=logDest;
        MainWindowItem::saveToStringStream(out);
    }