changes.txt

Version 4.0.0 - 2024-10-15
This is an major change and enhancement release:
       **IMPORTANT NOTE**: Please review upgrade notes in the RELEASE-NOTES.md if you are upgrading
1. Java 8 is NO LONGER supported. Support is for Java 11 and newer releases only.
2. The logging facade was switched from Jakarta Commons Logging to SLF4J and the default implementation uses the Logback framework.
3. The DB state logging for external databases now uses an Hikari connection pool and persists to the database using a separate thread to improve performance.
4. Switch to Jakarta package for mail and REST API implementations
5. Remove the insecure "remote" socket command processor and associated support class in the OpenAS2 server.
6. Remove redundant packages from maven build.
7. Fix MDN cleanup occurring when resend mode is entered.
 

Version 3.11.0 - 2024-08-22
This is an minor enhancement release:
       **IMPORTANT NOTE**: Please review upgrade notes in the RELEASE-NOTES.md if you are upgrading
1. Enhance the handling of MDN processing and associated resend handling to provide more reliable error handling.
2. Enhance the Disposition-Notification-Options handler to properly support the standard.
3. Use the LTS releases of Java for testing
4. Use a SQL-92 compliant SQL format for accessing the database.


Version 3.10.1 - 2024-05-06
This is an minor bugfix release:
       **IMPORTANT NOTE**: Please review upgrade notes in the RELEASE-NOTES.md if you are upgrading
 1. Fix sending the Content-Length header correctly on MDN response when chinked transfer is not supported by the receiving software.
 2. Fix log message to indicate SYNC or ASYNC mode when receiving an MDN.
 3. Change the default Java package to Eclipse Temurin for the docker creation.
 4. Upgrade the encryprion packages to fix a low severity security issue.

Version 3.10.0 - 2024-03-17
This is an enhancement release:
       **IMPORTANT NOTE**: Please review upgrade notes in the RELEASE-NOTES.md if you are upgrading

 1. Support Elliptic Curve algorithm.

Version 3.9.1 - 2024-02-06
This is a minor bugfix release:
       **IMPORTANT NOTE**: Please review upgrade notes in the RELEASE-NOTES.md if you are upgrading

 1. Fix persistence to errordir after all resend attempts fail.

Version 3.9.0 - 2023-12-20
This is an enhancement release:
       **IMPORTANT NOTE**: Please review upgrade notes in the RELEASE-NOTES.md if you are upgrading

 1. Support for non-standard algorithm strings for partners that do not conform to the RFC standard. See documentation section 7.2.1 "Signing"

Version 3.8.0 - 2023-11-07
This is an enhancement and minor bugfix release:
       **IMPORTANT NOTE**: Please review upgrade notes in the RELEASE-NOTES.md if you are upgrading

 1. Support for configurable dynamic Content-Type based on the file extension. See documentation section 7.5 "Setting Content Type"
 
Version 3.7.0 - 2023-09-12
This is an enhancement and minor bugfix release:
       **IMPORTANT NOTE**: Please review upgrade notes in the RELEASE-NOTES.md if you are upgrading

  1. Support parallel mode processing for the directory polling configuration to achieve high volume throughput.
  2. Enhance error handling when chacking for files that never received an DMN response.
  3. Added logging to indicate reading a fixed byte count message from HTTP stream to aid debugging.

Version 3.6.0 - 2023-07-27
This is an enhancement and bugfix release:
       **IMPORTANT NOTE**: Please review upgrade notes in the RELEASE-NOTES.md if you are upgrading

  1. Enhance shell scripts to better support certificate management and creation.
  2. Extract all confog.xml values to properties allowing complete server config thru custom properties.
  3. Deploy fixes for reported CVE on H2 database (see release notes for upgrade of this item).
  3. Upgrade to Junit 5 for enhanced unit test features.
  4. Various WebUI bug fixes including persisting changes to the parnerships configurations.

Version 3.5.0 - 2022-12-27
This is an enhancement and bugfix release:
       **IMPORTANT NOTE**: Please review upgrade notes in the RELEASE-NOTES.md if you are upgrading

  1. Enhance the file splitter to be more flexible supporting execution as a java app or as a new thread when done inline.
  2. Prevent the config.xml based pollers from being stopped when the partnerships are refreshed.

Version 3.4.1 - 2022-12-04
This is an enhancement and minor bugfix release:
       **IMPORTANT NOTE**: Please review upgrade notes in the RELEASE-NOTES.md if you are upgrading

  1. Fix message attributes not being available to partnership config (eg attributes.filename)
  2. Add defensie coding for highly questionnable file names sent by partner containing an asterisk such as ".*"
  3. Further enhancements to the config.xml extracting key values to properties to facilitate auto upgrades.
  4. Enhance helper scripts to support non-prompting execution allowing invocation from other scripts.
  5. Disable the WebUI module by default as it only runs with Java 11 and above.

Version 3.4.0 - 2022-10-04
This is an enhancement and minor bugfix release:
       **IMPORTANT NOTE**: Please review upgrade notes in the RELEASE-NOTES.md if you are upgrading

  1. Support for splitting line based files into multiple file. This is useful for very large files where encryption consumes too much memory.
  2. Support other databases than H2 for the WebUI commands.
  3. Catch exceptions in the strm command processor to avoid crashing the command processor.
  4. Pre-enhance AS2 properties before adding system properties to cater for $ in system properties

Version 3.3.0 - 2022-08-13
This is a significant enhancement and minor bugfix release:
       **IMPORTANT NOTE**: Please review upgrade notes in the RELEASE-NOTES.md if you are upgrading

  1. Support rejecting messages being sent that are unsigned. See section "Reject Unsigned Messages" in the documentation.
  2. Support having 2 certificates for your partner definition. This allows switch over of your own certificate to be zero down time. See section "Overlapping Old And New Certificates When Changing" in the documentation.
  3. Support overriding most of the config.xml attribute values using the external property file. This allows custom configuration to be restricted to a single properties file and makes version upgrades much simpler.
  4. Enhance shell and bat scripts to prepare for install and upgrade scripts to simplify managing the install and upgrade of OpenAS2 in the future.
  5. Enhance the properties parser to support periods in the property name.
  6. Fix the erroneous error when cleaning up files due to a duplicate call to the file cleanup function.

Version 3.2.1 - 2022-07-06
This is a bugfix release:
       **IMPORTANT NOTE**: Please review upgrade notes in the RELEASE-NOTES.md if you are upgrading

  1. Fix extracting the MDN bodypart from the multipart.
  2. Fix creating a zip bomb package.
  
Version 3.2.0 - 2022-06-21
This is a minor enhancement and bugfix release:
       **IMPORTANT NOTE**: Please review upgrade notes in the RELEASE-NOTES.md if you are upgrading

  1. Support "prevent_chunking" attribute on partnership to support older AS2 systems.
  2. Fix copying the sent file to the sent folder when successfully sent.
  
Version 3.1.0 - 2022-06-04
This is a minor enhancement and bugfix release:
       **IMPORTANT NOTE**: Please review upgrade notes in the RELEASE-NOTES.md if you are upgrading

  1. Support embedded $properties.xxx$ within property element values.
  2. Support setting unix executables in ZIP file when packaging new release in Maven.
  3. Fix asynchronous MDN sending and receiving.
  
Version 3.0.1 - 2022-05-30
This is a bugfix and minor enhancement release:
       **IMPORTANT NOTE**: Please review upgrade notes in the RELEASE-NOTES.md if you are upgrading


  1. Fix partnership directory poller cache not refreshing when partnerships file is modified on a live system.
  2. Fix the support for bypassing proxy hosts.
  3. Fix access via the web application. See the README here for using it: https://github.com/OpenAS2/OpenAs2App/blob/master/WebUI/README.md
  4. Support setting the valid days count and start date for certificate generation in the gen_p12_key_par.sh script.
  5. Provide a more useful message when parsing dynamic strings throws an error.
  

Version 3.0.0 - 2022-04-10
This is a major enhancement release:
       **READ THE UPGRADE NOTES FOR THIS RELEASE**
       **IMPORTANT NOTE**: Please review upgrade notes in the RELEASE-NOTES.md if you are upgrading from any older version.

  1. Enhance the directory polling capability so that the configuration can be done in the partnership instead of the config.xml. The partnerships.xml file is now used to store directories to be polled using an attribute instead of the individual entries in config.xml. See the "Sending Files" section of the OpenAS2HowTo for details.
  2. Enhance dynamic variables to support property variables in any configuration string that allows the use of dynamic variables. This allows using the properties to further simplify repeated dynamic variable strings in config.
  2. Support overriding the default storage location for received files specified in the config.xml MessageFileMoule with a partnership attribute "store_received_file_to". The attribute supports the use of dynamic variables.
  4. Change the HTTP error when an invalid message format is received from error to a warning and allow it to be suppressed using the "log_invalid_http_request" property.
  5. Expand the classpath in the startup scripts instead of using file globbing expansion in the java command as it seems to mess with Mailcap loading causing DCH missing error.
  6. Enhance documentation for areas that have user questions related to them to improve new user ease of configuring a new system.
  7. Fixed the command processor so that it does not write the XML back to disk from objects that have been enhanced in the loader and therefore losing the generic config.
  8. Rationalised the exception logging when significant errors occur so that there is less "noise" in the logging.
  9. Added dependency management plugin to make it easier to keep the project updated with latest release versions.

Version 2.14.0 - 2021-12-10
This is a enhancement and bugfix release:
       **IMPORTANT NOTE**: Please review upgrade notes in the RELEASE-NOTES.md if you are upgrading

  1. Add an additional way to filter files based on a regular expression. This allows filtering files based on text within the file name and not just the file extension. See the section **Restricting Directory Files By Extension Or Name** in the documentation for details of use.
  2. Fix directory polling module not releasing file handles and eventually starving the OS of file handles.

Version 2.13.1 - 2021-12-02
This is a bugfix release:
       **IMPORTANT NOTE**: Please review upgrade notes in the RELEASE-NOTES.md if you are upgrading

  1. Fix error when resender is invoked.
  2. Fix directory polling module dying when specific errors occur that are not caught at source and end up in the module base invocation.

Version 2.13.0 - 2021-10-21
This is a minor enhancement release and windows bat files bugfix:
       **IMPORTANT NOTE**: Please review upgrade notes in the RELEASE-NOTES.md if you are upgrading

  1. Enhance the directory polling module to use the NIO library.
  2. Fix the startup.bat file for Windows where in newer versions of Java the JAVA environment variable is set with quotes surrounding it.
  3. Fix the windows service installer bat file so that it reliably installs as a service that will start.
  4. Support CI/CD for Java 8 thru 17
  5. Add Windows bat script to import files from a source keystore to the main keystore including private key if in the source store.

Version 2.12.0 - 2021-10-15
This is a minor enhancement release, bug fixes and library upgrades:
       **IMPORTANT NOTE**: Please review upgrade notes in the RELEASE-NOTES.md if you are upgrading

  1. Fix resend tracking in the tracking DB and add missing columns (https://github.com/OpenAS2/OpenAs2App/issues/195)
  2. Changed error message to info message and support not rendering the error message when an invalid HTTP request is detected.
  3. Support overriding the "remove_http_header_folding" property at partnership level. See OpenAS2HowTo section on "Header Folding" for details. (contributed by Claudio Degioanni claudio.degioanni@bmeweb.it)
  4. Fix HTTP timeout configuration - the timeout configuration was  not correctly reading any user specific setting.
  5. Enhance documentation based on user feedback.
  6. Register successfully sent MDN in DB tracking.
  7. Add a helper script to import certificates from a source keystore to a target keystore (import_alias_from_keystore.sh)
  8. Change the way the receiver handler finds the private key. backwards compatibility was maintained through the use of a partnership attribute or system property (use_new_certificate_lookup_mode). It defaults to new mode but setting to false reverts the behaviour.

Version 2.11.0 - 2020-09-19
This is a minor enhancement release:
       **IMPORTANT NOTE**: Please review upgrade notes  in the RELEASE-NOTES.md if you are upgrading

  1. Provide support for setting configuration values from environment variables. See the section "Passing In Configuration Values" in the OpenAS2HowTo
  2. Support passing properties on the command line. See the section "Passing In Configuration Values" in the OpenAS2HowTo

Version 2.10.1 - 2020-08-16
This is a minor bugfix release:
       **IMPORTANT NOTE**: Please review upgrade notes in the RELEASE-NOTES.md if you are upgrading

  1. Fix a problem authenticating using Basic Authentication causing a NonRepeatableRequestException.

Version 2.10.0 - 2019-09-29
This is a minor enhancement release:
       **IMPORTANT NOTE**: Please review upgrade notes in the RELEASE-NOTES.md if you are upgrading

  1. Components in the config.xml file are now enabled and disabled by an "enabled" attribute on the component. See the documentation in the section 6 "Application Configuration" on how this works.
  2. Support using a custom properties file to override properties in the config.xml file. See the documentation in the section 6.1 "System Properties" on how this works.

Version 2.9.4 - 2019-09-18
This is a minior bugfix release:
       **IMPORTANT NOTE**: Please review upgrade notes in the RELEASE-NOTES.md if you are upgrading

  1. Clean sent/error file names for file system compatibility

Version 2.9.3 - 2019-09-05
This is a minior enhancement release:
       **IMPORTANT NOTE**: Please review upgrade notes in the RELEASE-NOTES.md if you are upgrading

  1. Allowed defining a custom fallback file name for received fiels where partner does not send file name. See section 6.3 of the OpenAS2HowTo and the as2_receive_message_filename_fallback attribute.
  2. Upgraded BouncyCastle libraries to 1.62 to support Java 12

Version 2.9.2 - 2019-08-16
This is a an enhancement and bugfix release:
       **IMPORTANT NOTE**: Please review upgrade notes in the RELEASE-NOTES.md if you are upgrading

  1. Fixed error where DB tracking module was not logging fields to database.
  2. Added a script to connect to the H2 database from the command line.
  3. Simplified the default config.xml for changing ports by using properties.
  4. Added support for location of the config.xml using an environment variable in the start-openas2.sh file
  5. Document stored_sent_filename and stored_error_filename as well as provide more examples for setting errordir and sentdir using extended dynamic variables

Version 2.9.1 - 2019-08-03
This is a an enhancement and bugfix release:
       **IMPORTANT NOTE**: Please review upgrade notes in the RELEASE-NOTES.md if you are upgrading

  1. Support additional filters on logging to support reduced email logger errors flagging interface errors due to exernal access attemopts to AS2 server..
  2. Fixed error where DB tracking module was not logging fields to database.
  3. Documented additional logging filters.
  4. Support for dynamic variables in sentDir and errorDir attributes in the config.
  5. Enhanced the remote command processor to support text output format.
  6. Updarted remote command processor documentation.
  7. Added a script to run the remote command interface from the command line.
  8. Included the remote socket command processor app jar into the release package to allow use without a separate effort to set up.

Version 2.9.0 - 2019-03-28
This is a an enhancement and bugfix release:
       **IMPORTANT NOTE**: Please review upgrade notes in the RELEASE-NOTES.md if you are upgrading

  1. Provide ability to dynamically set the target URL for the partner based on directory polling mopdule configuration.
  2. Add tracking of sent file name to database tracking of AS2 messages (see upgrade notes for upgrading)
  3. Document the mechanism for using the dynamic URL feature
  4. Update documentation on database schema upgrades
  5. Fix a bug in 2.8.0 release that caused DB tracking not to track messages

Version 2.8.0 - 2019-03-23
This is a an enhancement release:
       **IMPORTANT NOTE**: Please review upgrade notes in the RELEASE-NOTES.md if you are upgrading

  1. Add DB tracking message when pending information file detected indicating failed receipt of an MDN.
  2. Changed the partnerships.xml sample to make it easier to understand and proivide examplke for additional partners
  3. Enhanced documentation to reflect changes in the partnerships.xml and some cleaning uop and adding more detail.
  4. Provide ability to define a custom table name for tracking messages to a database
  5. Update documentation for mechanism to use a different table name in the tracking database

Version 2.7.1 - 2019-03-11
This is a minor enhancement release:
       **IMPORTANT NOTE**: Please review upgrade notes in the RELEASE-NOTES.md if you are upgrading

  1. Modify the way the application identifies the correct manifest file to determine title and version of the app.
  2. Alter the file cleanup logging messages to make it easier to debig issues.
  3. Correct minor spelling errors in logging statements

Version 2.7.0 - 2019-03-03
This is a minor enhancement release:
       **IMPORTANT NOTE**: Please review upgrade notes in the RELEASE-NOTES.md if you are upgrading

  1. Add an exclude filter option for the file polling module to support large files using a temporary extension until file is copied to directory
  2. Add support for including extra parts of a parsed file name into the final parameter in the "format" attribute for file name parsing.
  3. Support HTTP authentication on a per partnership basis.
  4. Document the use of HTTP authentication, file filters and file name parsing functionality.

Version 2.6.4 - 2019-02-01
This is a minor bugfix release:
       **IMPORTANT NOTE**: Please review upgrade notes in the RELEASE-NOTES.md if you are upgrading

  1. Change the "Reporting-UA" MDN attribute to use the "http.user.agent" property value instead of the OpenAS2 application version if set.
  2. Enhance documentation to show how to configure with multiple partners.


Version 2.6.3 - 2018-11-14
This is a minor bugfix release:
       **IMPORTANT NOTE**: Please review upgrade notes  in the RELEASE-NOTES.md if you are upgrading

  1. Make Async MDN sender use the "no_chunked_max_size" attribute to switch between chinked and Content-Length modes of sending
  2. Add "sentdir" attribute to documentation for saving sent files on DirectoryPollingModule.

Version 2.6.2 - 2018-09-26
This is a minor enhancement and bgufix:
       IMPORTANT NOTE: Please review upgrade notes in the RELEASE-NOTES.md if you are upgrading

  1. Provide ability to use restricted headers in HTTP with partnership level overrides for the "Content-Transfer-Encoding" header
  2. Allow unsigned MDN to be sent using the "none" keyword for the "as2_mdn_options" attribute
  3. Use a Java 7 compatible method call for a Map class method that required Java 8


Version 2.6.1 - 2018-09-09
This is a minor enhancement:
       IMPORTANT NOTE: Please review upgrade notes in the RELEASE-NOTES.md if you are upgrading

  1. Allow MDN subject to use filename parsing functionality to set the text.
 
Version 2.6.0 - 2018-08-31
This is an enhancement and bugfix release:
       IMPORTANT NOTE: Please review upgrade notes in the RELEASE-NOTES.md if you are upgrading

  1. Support for deploying as a Windows service - see OpenAS2HowTo.pdf for details
  2. Allow all components in the config.xml to use the attribute enhancer feature.
  3. Fix possibility of logs getting cleared
  4. Fix the DB logging module not being able to use the "tcp_server_start" parameter is always true in previous versions.
  5. Optimise the move file method
  6. Optimise the HTTP client handler
  7. Rationalise the PID environment variable name to match between service script and startup script

Version 2.5.0 - 2018-07-02
This is an enhancement and bugfix release:
       IMPORTANT NOTE: Please review upgrade notes in the RELEASE-NOTES.md if you are upgrading

  1. Supports Java 7 and up. Java 6 (Java 1.6) is no longer supported.
  2. Provide "log" command to dynamically alter logging levels in real time without restarting the application.
  3. Rationalize MDN sending so that Synchronous and Asynchronous are processed by a single module. NB See upgrade notes for class name change.
  4. Move HTTP header folding removal to HTTPUtils for centralised management
  5. Make the HTTP "User-Agent" header configurable via a property.
  6. Default "Message-Id" format complies with https://www.ietf.org/rfc/rfc2822.txt section 3.6.4.
  7. Provide ability to configure emails for successfully received and sent files.
  8. Upgrade libraries to the latest release.
  9. Support using system environment variables in config.xml
  10. Change attribute name for overriding Message-ID format at partnership level to match name at system level. NB See upgrade notes for attribute name change.
  11. Allow modules to have scheduled tasks using the HasSchedule implementation.
  12. Add scheduled task to detect failed sent messages where files are not cleaned up. (Fixes https://sourceforge.net/p/openas2/tickets/5/)
  13. Allow attributes in partnership element to reference other partnership elements and resolve the references at load time.
  14. Default sample in partnerships.xml for "as2_mdn_options" to use the "sign" attribute value for the micalg value.
  15. Support AS2 ID with spaces in the value.


Version 2.4.3 - 2017-10-20
This is a minor bugfix release:
       IMPORTANT NOTE: Please review upgrade notes below if you are upgrading

  1. Fix EXIT command not working when executed from remote socket command processor.

Version 2.4.2 - 2017-10-12
This is a minor bugfix and documentation enhancement release:
       IMPORTANT NOTE: Please review upgrade notes below if you are upgrading

  1. Fix using a Java 1.8 call to ensure 1.6 compatibility
  2. Enhance documentation around certificate creation and deployment.

Version 2.4.1 - 2017-09-28
This is a minor enhancement release:
       IMPORTANT NOTE: Please review upgrade notes below if you are upgrading

  1. Enhance health check module to test all active modules. All modules now require implementing a healthcheck() method for self test.

Version 2.4.0 - 2017-09-25
This is a minor enhancement release:
       IMPORTANT NOTE: Please review upgrade notes below if you are upgrading

  1. Add initial basic health check listener on HTTP port for load balancer/high availability deployment
  2. Enhance POM to deploy code base to central maven repository

Version 2.3.2 - 2017-08-17
This is a minor enhancement release:
       IMPORTANT NOTE: Please review upgrade notes below if you are upgrading

  1. Enhance the HTTP reader to allow logging the raw data when unable to determine how to process the data
  2. Correct the config.xml that was missing a $ sign in the log file name

Version 2.3.1 - 2017-08-06
This is a minor enhancement release:
       IMPORTANT NOTE: Please review release notes for upgrade steps if you are upgrading

  1. Remove reserved characters from dynamically generated file names
  2. Document feature to change reserved character list for file names.
  3. Document java tuning requirements for large files
  4. Change default logging date format to international standard
  5. Document logging date format configuration
  6. Document upgrade process as an appendix in OpenAS2HowTo
  7. Prevent HTTP header folding by default with config option to allow. (Fixes issue with NGINX)
  8. Change email logger to allow any exception to be logged through exception parser (not just OpenAS2Exception)
  9. Add support for Sentry logger for exceptions
  10. Enhanced documentation on logging system
  11. Change default log file name to use international date format

Version 2.3.0 - 2017-05-04
This is an enhancement and minor bugfix release:
       IMPORTANT NOTE: Please review ALL release notes for intermediate versions if you are upgrading

  1. Enhance message state tracking to correctly handle resends
  2. Support external databases that have JDBC drivers for message state tracking via configuration.
  3. Allow AS2 Message ID format to be configurable globally and overridden on a per partnership basis
  4. Persist message attributes for the full lifecycle of the message including resends.
  5. Provide support for proxy server authentication.
  6. Fix resending ASYNC MDN messages
  7. Document all of the enhancements and improve existing documentation.

Version 2.2.3 - 2017-04-07
This is a minor bugfix release:
       IMPORTANT NOTE: Please review ALL release notes for intermediate versions if you are upgrading

  1. Remove appending a UUID to the received AS2 filename allowing complete user control. To add one us $rand.UUID$ in the "filename" parameter

Version 2.2.1 - 2017-03-03
This is a minor bugfix release:
       IMPORTANT NOTE: Please review ALL release notes for intermediate versions if you are upgrading

  1. Remove the encapsulating "<" and ">" from the generated message ID as windows no longer allows that in file names
  2. Minor update to documentation on handling SSL certificate issues

Version 2.2.0 - 2017-02-01
This is an enhancement and minor bugfix release:
       IMPORTANT NOTE: As of this release, OpenAS2 no longer supports Java 1.5 and below
  1. Add sample file for running OpenAS2 under systemd on NIX based systems
  2. Set the sender and recipient in the Message object when MDN is created to facilitate debugging due to config issues
  3. Extract the deployed version from the MANIFEST.MF file instead of embedding in the Session.java file
  4. Move to Maven build process
  5. Add an INFO level message for any files that are not writable in a polling directory
  6. Provide ability to generate a UUID using the dynamic parameter $rand.xxx
  7. Fix the method that creates a file name for storing pending messages (was removing the first character)
  8. Enhance error handling when using HTTPS and certificate checker class to facilitate debugging SSL certificate issues
  9. Reworked initialization structure to provide OSGi functionality to deploy as a standard OSGi bundle (OSGi deployment should be available in next release)
  10. Updated documentation relating to the enhancements including troubleshooting information.

Version 2.1.3 - 2016-11-09
This release is a bugfix release:
  1. Revert to default for allowing restricted HTTP headers (see OpenAS2HowTo for discussion on this issue)
  2. Remove \r (CR) character from logging and use the the system property to avoid issues on NIX based systems that parse logs
  3. Enhance documentation

Version 2.1.2 - 2016-10-29
This release is a bugfix release:
  1. Swap call to scan directory with the tracking processing call to ensure there is at least one full poll interval between scan and call to tracking processing to avoid sending incomplete files.
  2. Add documentation on Java tuning for large files and/or busy AS2 systems

Version 2.1.1 - 2016-10-17
This release is a bugfix release:
  1. Fix sending HTTP headers in a synchronous MDN that are copied from the inbound message causing some AS2 implementations to fail

Version 2.1.0 - 2016-10-11
  1. Add message tracking module to allow easy identification of sent and received messages based on state
  		- persists state change tracking of messages to H2 database
  		- allow user-plugin of custom tracking module(s)
  2. Enhanced documentation around certificate management
  3. Added properties element to config to allow easy custom config property access from java modules and helper classes
  4. Added support for parsing file name into partnership attributes using regular expressions
  5. Added script to support launching OpenAS2 as a daemon using the init.d paradigm
  6. Added system parameter to startup scripts to allow restricted HTTP headers that cause problems for some AS2 implementations


Version 2.0.0 - 2016-05-31
  1. Add support for custom HTTP headers
  		- configurable static headers as name/value pairs in the partnership
  		- configurable dynamic headers with header values set from parsing the name of the file to be sent
  2. Fix generator encoding for compression, encryption and signing
  3. Support configurable control of canonicalization when signing
  4. Support overriding digest "sha-1" algorithm name in signing to use "old" name without dash ("sha1")
  5. Support AES128, AES192, AES256 ciphers
  6. Support disabling the CMS algorithm protection OID for older AS2 systems that do not support it
  7. Added "Troubleshooting.." section to documentation
  8. Authenticated SMTP for email logging
  
Version 1.3.6 - 2015-11-23
  1. Fix handling creating a unique file name for storing message info for ASYNC MDN
  2. Rationalise the handling of received MDN so that there is a common handler for Async and Sync MDN
  3. Fix moving pending messages that fail after retries to the error folder.
  4. Enhance logging to pass MEssage object to log manager to facilitate finer grained and more targeted logging
  
Version 1.3.5 - 2015-11-13
  1. Fix handling of file streams to ensure file handle is always closed
  2. Fix async MDN functionality
  3. Fix calculation of MIC when content is signed and compressed
  4. Improved logic handling sending of MDN errors and HTTP responses
  5. Add compiler option to build file to ensure java 1.5 compatibility
  6. Add ability to control number of resend attempts

Version 1.3.4  - 2015-10-22
  1. add SHA224, SHA256, SHA384 and SHA512 encryption algorithms

Version 1.3.3 - 2015-09-14
  1. Fix sent MIC compare against returned MIC since the partner could return the algorithm identifier in different case to what was sent

Version 1.3.2  - 2015-09-09
  1. Add support for file name filtering by file extension in directory polling module
  2. Change the file writing mechanism in the file module to support NFS shares

Version 1.3.1  - 2015-09-08
  1. Bugfix for calculating MIC to include headers unless no encryption and no signing.

Version 1.3.0  - 2015-08-22
  1. Add support for using HTTPS as the transport protocol.
  2. Allow overriding the the password for the certificate store with a system parameter passed into the app at startup

Version 1.2.0  - 2015-08-17
    Add support for compression and decompression per RFC5402

Version 1.1.0  - 2015-08-03
    1. Enhanced logging to support configurable levels of output. Default level is INFO
       Added additional logging information to make it clearer what the real problem is  when errors occur
    2. Bouncy Castle Libraries upgraded to 1.5.2 and the code base changes implemented to support this.
    3. Upgrade other 3rd party libraries to latest versions

2010-08-26  Update and Corrections

	1. Content-Disposition will be set with filename if available.

    2. Update to bat shell program.
    
    3. Added two new parameters connecttimeout and readtimeout to the 
     two processors: AS2SenderModule and AsynchMDNSenderModule which 
     are defined in the config.xml file. These parameters define 
     timeout values in milliseconds for each respective function.  
     The parameters are optional and the default value for each is 
     30000.

2009-10-18  Corrections

	1. Fix in AS2SenderModule.java. For some AS2 servers send MIC and 
	algorithm separated by comma only (no space).
	
	2. Fix in AsynchMDNSenderModule .  When verifying the command in 
	the canHandle method code should be using constant DO_SENDMDN.
	

2009-09-10  Update  -  Common Logging.

Added the Apache Group commons logging library to allow the
use of other logging packages like log4j and Sun's Java logging
implementation, along with the OpenAS2 logging.

Side effects -
	1. These changes required replacing all log requests to use the 
	Common Logging log call. This includes changing the Level of the 
	log and Level description.
	
    2. If you continue to use the OpenAS2 logging package you must 
    include  -Dorg.apache.commons.logging.Log=org.openas2.logging.Log 
    in your startup call or as a property in the commons-logging.properties 
    file. See http://commons.apache.org/logging/guide.html#commons-logging-api.jar
    for more information.

    3.  If you use any other logging package you MUST remove the 
    loggers node and its logger subnodes from the config.xml file.


2009-05-07 - Update and Corrections

Both Sender classes now accept all 200 HTTP response codes from 
receiver.

2009-04-28 - Update and Corrections

Placed the unstable code into the stable code. We all have been using this code
for sometime now so it must be stable.

Corrected the start-openas2 scripts in the sample-setup.

Note - you may want to try the new BC mail and provider classes available at BouncyCastle.org.
As of today BC is version 143.

Added a new attribute to the partnership node to allow specifying Content-Transfer-Encoding.


Corrected the following bugs
 2716888	remove folding from HTTP headers
 2660947	OpenAS2 uses incorrect RFC2822 date format
 2615775	OpenAS2 allows malicious sender to overwrite files
 2609279	Poor parsing of mic's

Applied the following patches
 2727470	Optional extraction of encoded message content with headers
 2723552	$msg.content-disposition.filename$ has incorrect filename
 2715448	Compatibility with nuBridges e-commerce AS2
 2662179	Outbound Async MDN's are saved but not sync MDN's
 2656852	Saved MDN format puts text first. Last would be better
 2616405	CompositeParameters exposes itself
 2615919	Get rid of some little used code
 2612760	Cope with Transfer-Encoding: chunked
 2593257	allow setting of Content-Type from attributes
 2593214	Allow per-partnership definition of message-id  

2009-01-09 - Updates and Corrections

Fix problem w/ CYCLONE MDN responses.
  
2008-06-13 - Updates and Corrections

Corrected message header date reporting.

AS2ReceiverHandler not appending new line character.

Organized some import statements.

2008-05-13 - Updates and Corrections

Added missing toXML method from CommandResult class.

Replaced use of StringTokenizer with CommandTokenizer.


2008-03-18 - Updates and Corrections

Added a logging statement so that incoming message ids can be 
associated with the stored file name.

Corrected stored file naming issue.

    Allows the use of the content-disposition filename to be used in
    the stored filename specification in config.xml MessageFileModule
      example...
        filename="%home%\inbox\$msg.content-disposition.filename$"
      note new system variable $msg.content-disposition.filename$
      
	In 2007-03-31 release if content-disposition contained the filename
	this filename was used to create the stored filename ignoring the 
	filename specification in the config.xml file.


2008-01-08 - OpenAS2 With A Web Front-End 

This release contain the final changes to set up a web-based front end to OpenAS2.
The underlying AS2 engine has not changed, only the commands and setup files.

A SocketLoggerClass has been added and an entry must be present
in the config.xml. The logger entry is a subnode of the loggers node.
The ipaddr/portid is the address where the OpenAS2Server sends logging 
information.  Note: If using the web front end the servlet listens 
here.  For more information see the OpenAS2 Remote package.
		<logger classname="org.openas2.logging.SocketLogger"
			ipaddr="127.0.0.1"
			portid="999"/>

As noted below, the SocketCommandProcessor entry in the config.xml file has 
changed. Two new nodes are added (userid and password). See example below:
	<commandProcessors>
	  <commandProcessor classname="org.openas2.cmd.processor.StreamCommandProcessor"/>
	  <commandProcessor classname="org.openas2.cmd.processor.SocketCommandProcessor"  portId="4321"
	    userid="userID" password="pWd"/>
	</commandProcessors>
These values are used to logon to the socket command processor from a
remote terminal or webpage.


2007-08-28 - Preparing OpenAS2 For Web Front-End 

This release contain changes to set up a web-based front end to OpenAS2.
The underlying AS2 engine has not changed, only the commands and setup 
files.

A new CommandProcessor has been added.  This command process, which 
accepts a command as a single line string like the StreamCommandProcessor,
gets its commands from a TCP/IP socket hence its name 
SocketCommandProcessor.

Also new commands have been created to allow command line edits to the 
partnership.xml file.  It is recommended that you continue to maintain 
the partnership.xml file with a standard editor.

The "part" command has been replaced by "partnership".

1.  Changes to config.xml.  The commandProcessor is now a subnode of a
new node named commandProcessors. OpenAS2 now supports multiple command 
processors.  Only one command processor is required, though the package 
does not check to see if no processors are defined.  You may comment 
out one of the commandProcessor nodes - most likely the 
SocketCommandProcessor.

	<commandProcessors>
		<commandProcessor classname="org.openas2.cmd.processor.StreamCommandProcessor"/>
		<commandProcessor classname="org.openas2.cmd.processor.SocketCommandProcessor"
			portId="4321" userid="useridhere" password="anotsocrypticpassword"/>
	</commandProcessors>

Also, commandProcessors have been changed to be running as a thread 
within the OpenAS2Server.


2.  Changes to commands.xml.  The commands affecting the partnership.xml 
file have been expanded to allow full editing - basically commands to  
list, view, add and delete.  Also there is a command to save the 
changes to the partnership.xml file.

	<multicommand name="partner"
		description="Partner commands">
		<command classname="org.openas2.app.partner.ListPartnersCommand"/>
		<command classname="org.openas2.app.partner.AddPartnerCommand"/>
		<command classname="org.openas2.app.partner.DeletePartnerCommand"/>
		<command classname="org.openas2.app.partner.ViewPartnerCommand"/>
	</multicommand>
	<multicommand name="partnership"
		description="Partnership commands">
		<command classname="org.openas2.app.partner.RefreshPartnershipsCommand"/>
		<command classname="org.openas2.app.partner.ListPartnershipsCommand"/>
		<command classname="org.openas2.app.partner.AddPartnershipCommand"/>
		<command classname="org.openas2.app.partner.DeletePartnershipCommand"/>
		<command classname="org.openas2.app.partner.StorePartnershipsCommand"/>
		<command classname="org.openas2.app.partner.ViewPartnershipCommand"/>
	</multicommand>
	
3.  A new "external" package org.openas2.remote has been added. 
Eventually the package will be the front-end to the web-based application.
Presently it contains a simple interface to pass commands to the SocketCommandProcessor.

    Refer to the source program CommandLine for more information.

4.  About the SocketCommandProcessor messages are sent as single lines 
via a predefined port.  The format of the messages are: 
	<command id="useridhere" password="anotsocrypticpassword">cert list</command>

5.  Several modules in the org.openas2.app package have been moved to a 
new package named org.openas2.cmd.

---

2007-06-01 - Added ability to include the filename in http headers

1.  Changes to config.xml, node: processor, subnode: module.
    
    1.a New attribute for AS2DirectoryPollingModules to specify if 
    the filename is to be included in the headers. Any value other than
    "true" will be considered false.
      	<module classname="org.openas2.processor.receiver.AS2DirectoryPollingModule"
			outboxdir="%home%\toAny"
			errordir="%home%\toAny\error"
			interval="5"
			delimiters="-."
			format="sender.as2_id, receiver.as2_id, attributes.fileid"
			mimetype="application/EDI-X12"
			sendFileName="true"/>

    1.b Affected modules:
      org.openas2.processor.receiver.DirectoryPollingModule
      org.openas2.processor.storage.BaseStorageModule
      org.openas2.processor.storage.MessageFileModule
      
2.  Used the Eclipse UI to eliminate unused Java imports. Too many affected 
modules to list.

3.  Structure of download package changed.  Removed samples-setup.

---

2007-04-03 - Bug fix for Asynch MDN

1.  Put the OpenAS2 classes into jar file. OpenAS2-20070402.jar

2.  Placed jar file in sample-startup bin directory.

3.  Updated windows start-openas2.bat commands file

---

2007-04-02 - Bug fix for Asynch MDN 

1.  AS2MDNReceiverHandler - pendinginfo file not deleted. Bad path 
    string.

---

2007-03-31 - Updated for Asynch MDN

Note: The Asynchronous MDN sender and receiver do not work with SMTP 
protocol.

Several changes:

  1.  Changes to partnerships.xml file.
  
    1.a  New attribute in partnership node, to specify url to your 
    server receives asynchronous MDN responses.
    
      ex:  <attribute name="as2_receipt_option" value="http://xxxxxxx:10081"/>
      
  2.  Changes to config.xml file.
  
    2.a  New attributes to processor node, specifies file system 
    directories where your server stores pending asynchronous MDN 
    responses.  When your trading partner returns the asynch MDN the 
    server uses file stored in these directories to verify MDN 
    response.
    
    ex:
    		pendingMDN="%home%/pendingMDN3"
    		pendingMDNinfo="%home%/pendinginfoMDN3">
    
    2.b  New module node which hangs off of the processor node.
    Specifies the class and port number that handles incoming 
    Asynchronous MDN responses.
    
    ex:	<module classname="org.openas2.processor.receiver.AS2MDNReceiverModule"
          port="10081"/>
          
  3.  Source code changes.
  
     Too many to list. But primarily new classes added to handle outgoing and 
     incoming Asynchronous MDNs.