implement graceful shutdown of bcrypt compute processes.  fix bcrypt.get_rounds (was throwing an exception)

upgrade to a branch of statsd that lazily closes ephemeral UDP ports, so that we're not allocating one UDP socket per request when under load.  closes #680

(loadgen) fix subtle issue whereby a XXX@loadgen.domain users's password could be changed during load generation, and affect subsequent runs.  closes #681

(loadgen) fix bug in reauth activity.  in addition to clearing cookies, we must clear client state to cause re-authentication to occur.  maybe the cause for issue #682

remove process.exit() from loadgen upon email addition failure.  loadgen shouldn't stop till it reaches the top.

disable http agent in http_forward - it has been capping us at five simul forwarded requests per backend process (dbwriter, keysigner)

(loadgen) optimization - re-use assertions to generate synthetic load without the client compute cost

fix regression in keysigner - ensure non-default VAR_PATH is relayed to compute processes - issue #213

remove the deep __heartbeat__ checks performed from browserid (the webhead), while dbwriter should ping the database to ensure health - closes #566

improve node.js version checking.  eliminate DRY violation, and use semver for robust version specification and matching.  nice yak, eh?

express our dependency on nodejs >= 0.6.3 in package.json and in code.  (note: I'm not sure package.json actually does anything useful, but it's a good place to document it)c

(loadgen) include-only activity properly returns errors accoring to new error conventions (undefined means success)

tests to reproduce and fixes for wildy invalid assertions posted to the verifier.  closes #598 and closes #605

certs issued by anyone other than the verifier should fail until primary support is implemented.  closes #645

better input validation on audience.  accept even more forms of input (domain:port) and do the best we can to validate.  closes #642

(loadgen) when generating assertions, calculate current server time in the same manner that the webclient does - namely add a delta from session creation time to now to server time - issue #504

(loadgen) add -u option that allows one to specify a numeric range which will make load testing with a large database possible - issue #504

on a hard connection error during http forwarding, don't end the client reqeust, instead let the client formulate the error code and message