Changes from 1.10.0 to 1.11.0
-----------------------------

* Created a new release script (does not affect code)
	f80ad2a35
    14d4e6b00

* Upgrade to newer mbedTLS version
    bdad09cad
    c9436cc38

* Add back in DHE with a 2048 bit parameter
    c2f61c63a
    c7d318f52
    6a7426aac
    c8b33e168
    7949693b2
    07dd1347f

Changes from 1.9.3 to 1.10.0
----------------------------

* Several minor Makefile fixes:
    7560af00
    6bb17785
    0410fa6d
    fb04b232

* Try getrandom, /dev/urandom (if available in chroot) and havege (old behavior)
  In that order:
    650031cc
    856b4600
    71328bd6
    0214841a

* Fix closing and error-handling on SSL sockets:
    eb75e842
    ea09dd5e
    ed2f5406
    89333c60

* Fix warnings:
    4fa1cf88
    8c075ed3
    4609a9e2

* Rename PolarSSL to mbedTLS and switch GH repository we pull from to match:
    fbe71d3c
    817ffb62

* The reloading new configurations on SIGHUP was broken, and is now removed
  We now just rotate logs on SIGHUP:
    f09c80ce
    a5d302ac

* Get submodule via https rather than insecure git protocol:
    3033f7b6
    546dc888

* Be more aggressive about notifying handlers of disconnect events:
    14af9346
    ac6a7220
    8f849586
    293f93ee
    90e9ef73
    801580c3

* Fix NULL referrence that could occur if client disconnects in the middle
  of a websocket packet:
    b721274e
    8766da74

* Allow flow-control for large client downloads from handlers; handlers must
  request this behavior; old behavior is default:
    dab97e92
    6b98e7bb

* Fix memory leak:
    3a407e51

* Fix symbol-name conflict in system headers on some newer systems:
    81a0cd9f
    563bac8c

* Add optional more-relaxed URI parsing:
    b023666e
    aace2e86
    ea943d29

* Expire SSL session cache entries:
    de9d44cf
    53036f43

* Add support for wildcard certs with SNI:
    ee5bab17
    26652403

* Add support for chunked uploads
    955bae8a
    26b2dd71

* Fix build failure when debug is enabled on connection.c
    c855c714

Changes from 1.9.2 to 1.9.3
---------------------------

* Fix "make clean" when not in a git checkout
    c59d3931

* Bump polarSSL version
    053e0d53
    cad261ca

Changes from 1.9.1 to 1.9.2
---------------------------

* Make improvements to default ciphers
    679b9529
    1784b562
    d1963dc5
    fd551b2d
    ea03afc4
    53c27d6b
    f91a5915
    7a057fc9

* Cleanup polarssl git submodule integration
    1edb6ab4
    854bc486

* Remove non-working ARM code
    605d7972
    1a81de53

* Disable SSLv3 in PolarSSL configuration
    3d9d91c6
    f95d8ce1

* When handling large uploads via tempfile, close tempfile before notifying handler:
    423bcd47
    fba57ddb

* Makefile fixes:
    c40e8b2b
    de30bef1
    61cf4217
    eafe3cf3

* Improve portability of websocket upgrade handling
    9bc56c50

Changes from 1.9.0 to 1.9.1
---------------------------

* Fix broken test-mode
    b734059e

* Update expired certificate for failing test
    7762c93f

* Tidy up a few minor issues found by scan-build:
    b3f547e5

Changes from 1.8.0 to 1.9.0:
commit 19df4cbd1

    Upgrade to PolarSSL 1.3.0 

commit 21d4cc95b

    Change flags for building .so on macports (A new sample filter broke the
    old options)

commit e61fee3e7

    Add an option to stream large uploads to a handler using a token credit
    system to prevent over-buffering.

commit 3a58aa0da

    Add an option ssl.verify_required to mandate client certificate
    verification

commit 9024156ad

    Add a control XREQ type; only supported option is a keep-alive which acts
    as a "ping" for the mongrel2 idle connection killer

commit 854cff6e9

    Add mongrel2 header field "REMOTE_ADDR" with the actual remote from
    mongrel2.
    Add option "no_clobber_xff" which will preserve the x-forwarded-for field
    from the client/upstream proxy.

    Old behavior was to replace the x-forwarded-for header with the remote
    address to mongrel2.  This new way is better since it still allows a
    trusted field (REMOTE_ADDR) while also preserving x-forwarded-for for
    setups that include (for instance) a load-balancer or external
    ssl-terminator.

    We don't replace the old behavior for x-forwarded-for unless requested,
    since older handlers may trust that header.

commit b82451f343

    Add ability to have a separate control port for each server


commit ea6a9cd729

    This was hotfixed-into 1.8.1 and fixed some bugs in how the deliver task
    gets killed.

commit ef1c601777
    
    Add a few MIME type mappings

commit 89ed061396

    Adds TLS SNI identification

    In the certdir, place e.g. example.com.key and example.com.crt to have SNI
    work.  1.9.0 should fall back on the old key/crt files if these aren't
    found

commit 81bf4ac84ba

    Adds a new "Extended" handler reply format, and a plugin system to hook
    into them.  A sample plugin was created that will do x-sendfile like
    responses (The handler sends the proper headers, then an extended reply
    keyed to the plugin, which causes mongrel2 to dump a file to the
    connection)

commit 82b3ab000dc

    Docs fixes for ubuntu installation instructions

commit 24b2ed3936a

    A number of either completely or nearly non-functional changes to make
    a static analyzer happy.

commit 89e1f43f545

    Add ability for filters to rewrite headers going to proxy connections

    This allows, for example mod_rewrite like ability in filters

commit 5150a0583c1

    Modification to Python zmq library to allow forwarding of raw 0mq message
    
commit 82a26a67c04

    Bugfix for when a connection first goes to proxy and then a zmq handler
    
commit 861cdf36f585

    Add configuration option to prevent forking
    Makes a lot of process management tools happier
