GPGrelay   
[ GPGrelay ] [ Download ] [ Localisation ] [ Setup ] [ FAQ ]


Page-Navigation
 History
 Bug-Reports
 TODO-List
 eMail


History
  • Version 0.959 ; release-date: 2005-Mar-31

    • GPGrelay:
      • Due to (finally!) real charset-conversion in GnuPG 1.4.0 (using iconv.dll) GPGrelay is now required to work with this version Be aware that GnuPG works in your Console-Codepage while GPGrelay uses the Windows-Codepage, so there are few Chars that won't map (show up as "?" then). In case you want to know what codepages you're currently using, look at HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\Codepage\ACP for the Windows-Charset in use, and for console-charset HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\Codepage\OEMCP
      • Generate Key/Add Subkey is working with GPG 1.4.0 too (and UserIDs with exotic chars are finally correctly working now (due to new feature of GnuPG 1.4.0, see above!)
      • Support of the new style gnupg.nls for GnuPG-Localisation
      • Disabled-Key-Flag has changed in GPG 1.4.0 too
      • HTML-Help is now dynamically linked, so the dependence on "hhctrl.ocx" doesn't prevent GPGrelay from working anymore on systems without htmlhelp properly installed (no online-help then but that's it -- but as long as the online-help is work in progress there still is no other online-help besides the Tooltips)
      • Removed one other API-Call which does not exist on Win95
      • Finally there is a possibility to give Aliases an own Keyrule. This is done by virtual UserIDs: GPGrelay treats these aliases like real UserIDs, offering to move alias to a profile too.
      • And vice-versa: UserIDs can be treated like GPGrelay-Aliases, so you can have only one keyrule for a key with hundreds of UIDs.
      • Context-Menu for Alias-Tab is now properly enabled/greyed
      • Import of unchanged key isn't reported as "Import Failed" anymore
      • Keyboard-Control improved
      • Support for "LockSetForegroundWindow"-API for Passphrase-Dialog in WinME/Win2K and later (API is not available on older windows-versions)
      • Hack to fetch Keyringinfo from GnuPG (so move public-key to keyring is available again -- you need to have gpg.conf set up with multiple keyrings for this feature).
        Isn't there an official way to see keyring-file using "--with-colons"?
      • Support for the list-option "show-sig-subpackets=24" (Keyserver)
      • GPGrelay now also accepts email-addresses in the uncommon form of "email@svr (real name)"
      • PasswordSpy-Warning is now using SelfHooking to detect injected messages...
      • Suppress-PasswordSpy-Warning is now persistent (saved to the registry) (Yes, this feature isn't very reliable; PasswordSpys can still be present without being noticed; esp. Keyloggers and not to forget trojans...)
      • GenKey/AddSubkey-Defaults for keylengths are now more secure, just like the defaults in GnuPG1.4)
      • Little Bug in the Logger fixed

    • SMTP:

    • POP3:
      • Little performance-enhancement
      • Implemented basic MailProcessing (very alpha, changes are very likely)
      • Bugfix for long MIME-Boundaries

    • IMAP:
      • Have added some logging-support to the IMAP-Mainloop, also synchronized the exception-handling to behave like for SMTP/POP3 too.
      • POP3-KeepAlive-Thread caused the IMAP-Code to crash. Has been removed until an IMAP-Keep-Alive will be implemented.
      • Some internal rework for enhanced dataflow done.
      • Yes, I did quite some work for IMAP, nevertheless I'm looking for help here...


  • Version 0.955 ; release-date: 2004-Oct-22

    • GPGrelay:
      • More Dialogs have now proper Parent/Child-Hierarchy to disable some unwanted Non-Modality (and proper positioning)
      • GPGrelay now always tries to keep selections in lists/trees when reloading keys
      • Revoked/Expired/Disabled Subkeys are now also shown in keyviews (still missing similar feature for primary keys)
      • Revoke UserID is now also available through GPGrelay-GUI
      • Untrusted UserIDs are now also grayed out in the Key-Displays
      • Advanced debug-compiler-define for deadlock-checking (very experimental, might not working as intended, have to find out :))
        At least it helped to catch one deadlock-situation with GPGrelay-shutdown while being asked for a passphrase so it wasn't worthless effort... (Not active in Release-Builds! In case you suffer from GPGrelay hanging, you might want to give the debug-build a try!)
      • STARTTLS/STLS is now always defaulting to TLS-Connection as some servers abort connection with an SSL2-Hello and don't negotiate TLS (or did I simply miss something in the OpenSSL-Doc?)
      • Log Full Protocol does now also show the StartTLS-Chitchat.
      • Some small improvements with Logging (still quite slow for large mails when log full bodies is turned on)
      • GPGrelay isn't that picky about email-addresses anymore, so it will work with internal email-addresses like "user@domain" or simply "user".
        Nevertheless GPGrelay is matching full strings, so "user@domain" doesn't match with a fully given "user@domain.com", so basically this one is only useful for giving aliases to GPGrelay (doubt it's useful to have abbreviated emails inside userids).
      • The PhotoID-Display can now be resized
      • Changed some dialog-texts to have Mnemonics (underlined chars) now, so you can navigate a bit more easily with the keyboards by pressing "Alt+Mnemonic" (don't hesitate to tell me missing/duplicate ones; this came late and is a boring issue, so I guess I haven't checked all dialogs properly... Suggested to be incorporated in current and future translations too.)
      • --autoexportsettings is now also working when shutting down win2k (GPGrelay is now creating the .reg-file by itself instead of executing regedit.exe to export the entries)
      • Simple Password-Spy-Detection should alarm you when someone unauthorized (eg. Spyware or Backdoor) is trying to read a passphrase from a GPGrelay-Dialog
      • Better support of crippled keys: VerifyPassphrase doesn't only rely on a signing-(sub)key anymore.
      • Better handling of non-canonical lineendings from broken servers
      • Little GUI-Fix: Relay-Dialog with IMAP and SSL is now properly changing the default-ports.
      • Changed a few lines of code so GPGrelay will now compile directly with VC.NET 2003 -- to my surprise the run through VC.NET also revealed embarrassing misuse of some MFC-Macros, so this experiment was more than worthwhile!

    • SMTP:
      • Hide BCC-Recipient introduced blank additional line
      • Some more troubles with "No secret primary Key" solved (should now work as intended) basically due to the fact that there is a way to fetch Usage-Flags for secret keys from GPG.

    • POP3:
      • Disabled Nagle-Algorithm (send coalescing) for local->remote-relay.
      • Some more Line-Ending-Issues solved (fewer lines added/removed)

    • IMAP:
      • There is nothing I'll do here ... who is willing to care for IMAP-code?


  • Version 0.950 ; release-date: 2004-May-21

    • GPGrelay:
      • Default-Inline-Profiles now have the "don't touch attachment" turned off
      • There is now also a tooltip for the "don't touch attachment"
      • Keyring-Load on startup is now working properly again! (used to create keyrules for keys in keyring twice, which caused the "Profile for new Key"-Feature to be disabled).
      • Show-PhotoID is now also working with 16bit-display-depth
      • Decrypt/Verify Clipboard does now try to handle quoted email-text before failing...
      • Some mysterious regular crashes (Win2K, SP4) solved (WM_SOCKET_NOTIFY is sent after WM_SOCKET_DEAD for CSockets)
      • If GPGrelay detects many missing keys, the keyrules aren't deleted automatically from the registry (you have to confirm manually)
      • Passphrase-Verify does now work again if no primary-secret-key is available
      • Sign content from clipboard is now using preferred sign-key from the keyrule of the primary UserID of the Secret Key (this also solves the "no primary-secret-key"-issue there)
      • Copy Log to Clipboard is now working again (Owner-Drawn Listbox but was still referenced as CListBox...)
      • GPGrelay is now doing the "gpg --check-trustdb" properly when reloading keys
      • Added convenience-function to export settings to a .reg-File (the Save/Restore Settings only write/read data to the registry, and this "Export Settings" will ease backup of the settings a bit) To import simply doubleclick the resulting .reg-File
      • Also a new commandline-option added: --autoexportsettings "filename.reg"
      • Gen-Key/Add Subkey is now properly working with GPG 1.2.4
      • Bugfix: Deleting the UserID that is currently edited in the keyrule-dialog caused GPGrelay to crash.
      • It's now also possible to bind GPGrelay to a real IP-Address instead of only localhost; this has alot of security issues coming along with, so I don't recommend using it unless you really know what you're up to; see readme.txt for details!

    • SMTP:
      • Fixed a bug with Keyrule-Selection when sending a mail to multiple user via to, cc and bcc (thanks to Chupakabra)
      • GPGrelay failed with a special variant of AUTH LOGIN, so this is now working too

    • POP3:
      • Added machine-readable status-fields to received mails:
        X-GPGrelay-GoodSig: <long keyid> <username>
        X-GPGrelay-BadSig: <long keyid> <username>
        X-GPGrelay-EncTo: <long keyid> <keytype> <keylength>
        These fields are filled with whatever GPG emits for Status-FD, they might be issues multiple times...
      • Also any incoming X-GPGrelay-Headerfield is tagged as a X-GPGrelay-Fake-Warning-Headerfield!
      • These Fake-Warnings also modify the subject-line (see Registry "FakeWarningModifySubject" to turn this off).
        Don't expect too much "Fake-Detection" with this mechanism; but it may help if your email-client can support subject-coloring or similar things concerning the machine-readable-status-fields mentioned above.
      • Fewer incorrectly added empty lines to outgoing/incoming mails
      • The "Received:"-Entry added by GPGrelay to the incoming mail is now an "X-GPGrelay-Received:", so it doesn't interfere with common MTA-Semantics anymore.
        Nevertheless, you have to check for it's existance at the first line of received mail (only some X-GPGrelay-Keep-Alive-Lines are allowed to be shown before) to have some hint that GPGrelay was issuing the X-GPGrelay-Headers (Obviously: No fake-detection when bypassing GPGrelay)...
      • Found a bug which allowed special mails to stop GPGrelay-Relays (crash a relay-thread but doesn't bring down GPGrelay itself)
      • First Part of a Multipart is now also decrypted when received

    • IMAP:
      • There is nothing I'll do here ... who is willing to care for IMAP-code?


  • Version 0.94 ; release-date: 2004-Jan-05

    • GPGrelay:
      • Passphrase-Settings for multiple private keys are now properly saved
      • "Don't show retry-dialog" in the relay-settings is working again.
      • Cleaner Shutdown: GPGrelay is now waiting for all Active-Threads to terminate
      • GPGrelay won't crash anymore if gen-key fails (eg. due to locked keyring-file -- Although I think, this is a bug/misbehaviour of the Win32-Port of GnuPG, as it shouldn't fail to create key in this situation)
      • Force-Aliases are now replaced by the possibility to specify Sign-Only- Profiles, which offer the possibility to attach email-aliases directly to them.
      • It's now possible to abort Reload-Keys-Threads (helpful on slow machines with huge keyrings while you're online)
        Partial reload cannot be terminated though, although displayed...
      • GPGrelay does now also know about the "unusable" userids (still need to add a view for the unreachable keys (the ones without an email in the UserIDs)...).
        Probably the last step missing for GPGrelay to become a mature gpg-frontend.
      • You can also access User-Attributes from within GPGrelay
      • Possibility to view PhotoID when DirectX8 is available...
      • Add/Remove subkey is now also propagating the new keyids to the controls
      • GnuPG1.2.3 doesn't show keyring-file anymore (they say it was a bug that the Keyring was displayed), so some advanced features like "Move to keyring" aren't available with GnuPG1.2.3 as GPGrelay simply doesn't know about the keyrings anymore (this also broke the cache-file-useage).

    • SMTP:
      • Abort-Request on "Cancel Passphrase" is now saving the "don't ask again"-Flag properly
      • Sending passthrough-mails can now also prematurely terminated
      • User-Prompt to confirm signing/encrypting already signed/encrypted mail
      • Forwarded Mails (Forward as Attachment) are now handled correctly (thanks to Xavier Nodet for the patch)

    • POP3:
      • Cancel Passphrase optionally offers now to abort receiving (instead of always receive undecrypted when no passphrase was given)
      • Always add "Received:"-Header-Field when incoming mail passes GPGrelay (this is an additional info to detect possible "Good sig"-fakes that might be received by bypassing GPGrelay)
      • Added support for PGP-MIME-signed mails inside Mailinglist-Multipart-Footers

    • IMAP:
      • There is nothing I'll do here ... who is willing to care for IMAP-code?


  • Version 0.93 ; release-date: 2003-Jul-26

    • GPGrelay:
      • SuppressPortProbing-Flag available through registry (not through GUI; set "SuppressPortProbing" to 1 if you don't want GPGrelay to do Port-Probing anymore)
      • Trying to be more friendly to the system-settings: Some dialogs are now aware of large systemfonts, also some System-Color-References are now properly supported.
      • Decryption of symmetric encrypted content is now also properly handled by GPGrelay
      • Import Key features now a primitive preview Key
      • Tray-Menu also has now "Show GPGrelay" (alternative to Left-Click on the Tray-Icon)
      • It's now possible to have multiple servers per relay specified (of course, only one can be active at once) -- this allows to have GPGrelay on a mobile machine and easily change servers depending on the network to connect to (mainly useful for SMTP-Servers)
        This also allows now to deactivate single relays instead of all on/off
      • Change Passphrase for secret key is now also supported
      • Thanks to Andrea Rimicci GPGrelay is now properly working on Multihomed- Hosts!
      • Resizable kind of Splitter-Window for the Sign-Key-Dialog
      • SSL for the standard-ports is now always treated as STARTTLS to reduce error-logs on the servers (no SMTPs (or POP3s) on default SMTP- (or POP3-) Ports allowed anymore)
      • Passphrases aren't copied around that much anymore (using RefCount instead of Copy -- nevertheless dialogs might have still multiple copies in RAM...)
      • New commandline-argument: "--hkey_local_machine" which lets GPGrelay store it's settings under "HKEY_LOCAL_MACHINE\Software\.tSCc.\GPGrelay" instead of the default location at "HKEY_CURRENT_USER\Software\.tSCc.\GPGrelay"
        This also requires to set a proper entry in HKEY_LOCAL_MACHINE\Software\GNU\GnuPG\HomeDir
        Might be handy for those people who want to run GPGrelay as a NT-Service
      • "Add UserID" disables the Okay-Button as long as the new UserID is invalid
      • There was a bug lurking in the gpg-comm-stuff that could have caused occasional crashes on some systems
      • The Key-Dialogs now also contain information in which keyring a key resides (pubrings only) - It's quite useless information when you use only one keyring-file, but is too much info any harm?
      • Partial Keyring-Reload on Sign-Key/Delete-Key (way faster with huge keyrings; at least in cases of non-complete WoT which is usually the case...)
      • GPGrelay-Cachefile-Location now defaults to "%APPDATA%\GPGrelay\GPGrelay.cache", so it will be useful in multiuser-environment too

    • SMTP:
      • Remove BCC-Recipients-KeyIDs is now optional as PGP8.0 for Mobile isn't able to handle anonymized KeyIDs...
      • Log-Decision-Hints now also tells if Preferred-KeyID for Encr. is invalid and thus Keyrule cannot encrypt.
      • There is a new option for Inlined PGP: Clearsign Text/Plain-Attachments. Now generally all attachments are signed with a detached signature, but you may want to clearsign text-attachments too.
      • And an option to let attachments untouched when sending inlined PGP
      • Cancel Passphrase optionally offers now to abort sending (instead of always sending unsigned when no passphrase was given)
      • Advanced Keyrule-Settings: "Add additional Headerfields" like X-PGP-KeyID: <KeyID>, X-Request-PGP: <url>, ...

    • POP3:
      • Keep-Alive didn't handle premature-socket-close on the clientside correctly
      • There was a fatal double-free bug in the exception-handling which caused GPGrelay to crash in some error-situations.
      • Stupid bug with S/MIME-Mails fixed
      • Simple Inlined Encrypted mails aren't handled with "Inlined GPGStatus" anymore

    • IMAP:
      • First (and only(?)) implementation of an IMAP-Relay coded by Martin Sanneblad <martin@spinsane.info>
        If someone would like to work on this, let me know!


  • Version 0.92 ; release-date: 2003-Mar-12

    • GPGrelay:
      • Revokate subkey disabled if no secret key is available (crashed GPGrelay!)
      • Add/Delete Subkey is now also available through the GUI
      • Generate Key a bit more cleaned up
      • Additional checks if Sockets are really listening on loopback-device.
      • Alias-Edit/Remove-Buttons are now disabled if nothing editable is selected ("Not working edit-button" confused too many users :)).
      • Keyrules for Public-Keys-Only crashed when trying to change the subkey to be used for encryption.
      • Update of Passphrase-Settings after Keyrule-Edit was still corrupted
      • Reload-Key-Lock has now finer granularity and should feel faster
      • It's now possible to disable Shutdown-Confirm (to reenable it you need to use regedit or hold down SHIFT-Key while selecting shutdown...)

    • POP3:
      • Inlined-PGP as well as Headerfield-Status used to forward header twice (and also introduced some empty lines at the beginning of the mail)
      • Autolearn-Alias had a bug introduced with the Force-Aliases
      • When "don't verify" is set in the global control, GPG is now also called with "--skip-verify" when decrypting
      • Mailparts with empty headers are now also treated correctly
      • GPGrelay isn't so pedantic anymore about "protocol"-Parameter in the PGP-MIME-Content-Type (some clients don't specify it, and it's more or less redundant anyway)
      • "Quiet" and inlined encrypted mails is working now
      • Log-Protocol for AUTH PLAIN and AUTH LOGIN is now displaying Username and Passphrase in clear - hopefully people will be more aware of their insecureness now (it's just simple Base64 and not proteced in any way)! Try using AUTH CRAM-MD5 or APOP instead!

    • SMTP:
      • Fixed bug with the implementation of the RFC3156-Recommendations: Preparation for signing of nested Multiparts is now also supported
      • Confirm "Encrypt To Untrusted"-Dialog is now shown in the foreground
      • "Encrypt To Untrusted" had a racecondition that sometimes displayed error where no error was.
      • Sending HTML-Mails inlined (sign or encr) are treated specially now, so recipients won't have problems anymore to decrypt it; this is done by simply discarding all HTML-Stuff and only transfer the text/plain-alternative.
      • Unknown-Sender always lead to Pass-Through
      • Log-Protocol for AUTH PLAIN and AUTH LOGIN is now displaying Username and Passphrase in clear - hopefully people will be more aware of their insecureness now (it's just simple Base64 and not proteced in any way)! Try using AUTH CRAM-MD5 instead!


  • Version 0.91 ; release-date: 2003-Jan-31

    • GPGrelay:
      • Keys without encryption-subkey can now also have a keyrule (was Bug that crashed GPGrelay)
      • Tempfile-Names (required for verifying PGP-MIME-Signatures) are now build in a more reliable fashion
      • UserIDs that don't have a valid email-address are now ignored without crashing GPGrelay
      • Prompt-Windows (eg. for Passphrase) are now positioned in respect of the screen-size and don't show outside the screen
      • Generate Keypair now also allows to have proper Umlauts (converted to CP850) in the UserID (not only in the passphrase...)
      • It's now also possible to change the OwnerTrust of a key if it is listed with other keys with same Email-Addr
      • UserID-Management (--edit-key with adduid/deluid/primary) is also accessible over the GUI now
      • Reload-Keys while a dialog is open is now also handled correctly (though I doubt I have found all possible situations where this might be possible...)
      • Signatures for Subkeys (a.k.a. Subkey-Bindings) are now displayed with the subkey (used to be shown as signatures displayed with the last UserID)
      • And as I also discovered a key which has multiple subkey-binding-signatures; GPGrelay displays more than only the last one.
      • It's now also possible to sign single UserIDs instead of complete key
      • Send/Receive(Update) Keys from Keyserver is now also accessible from the KeyMenu (Context of Primary-KeyID)
      • WM_POWERBROADCAST is now also checked: PBT_APMSUSPEND will now stop the server-threads and PBT_APMRESUMESUSPEND reactivaes them now (some systems required a manual Restart-Threads after Suspend-Mode before)
      • GPGrelay is finally internationalized!
        Many controls have now an automatic Layout to respect the size of translated text that should be displayed in the dialogs, so the whole thing may now be much easier to translate than before with fixed size dialog-resources.
        Checkout how you can do a translation into your preferred language on the GPGrelay-Homepage.
      • GnuPG is now started in it's HomeDir as working Directory
      • "Restore last Settings" does now also update the GlobalControls-PropertyPage
      • Keyring is now cached (huge keyrings lagged GPGrelay startup immensely) -- There is now a "hidden" option in the registry to disable cacheing (Set Registry-Key "PermanentCacheUsed" to "0").
      • In/Out-Count uses cummulative messages now (happend to flood the MessageQueue too much on slow systems)
      • Due to showing Server-Tab first when no server is specified, the Log-Page was initialized randomly, this is fixed now!
      • The Default-Prefixed-Profiles created the first time GPGrelay runs are now set up properly to their names
      • 16-Digit-KeyIDs are now displayed with a space, so it can be more easily compared to their 8-Digit-IDs.
      • Multiple userids in the profile-tree are now mapped to their keys and not only to the email-matching-keyrule, so Delete-Key and other key-edit-options work with them now.
      • Validate Passphrase was still language-dependent. It's now also properly using "Status-FD".
      • Some more problems with Sign-Only-Keys solved.
      • Prefixes can now be synchronized over all Profiles (as this is the most common use for prefixes)
      • Multiple Sign-Keys can now also have different Passphrases (and Sign-Subkeys are now mapped to the passphrase of their primary key)
      • Yuck! Found a bad race-condition with kill-thread; this should fix some mysterious crashes...
      • Running Threads are now killed before GPGrelay closes down
      • Genkey: When changing key-type, the bitlen isn't automatically changed to it's default-length anymore
      • Option in context-menu to select all UID-Emails of a key in Treeview (eg. for Drag&Drop)
      • Generate Revocation Certificate is now also available through GPGrelay
      • Also revocation of subkeys
      • And import Keyring doesn't import expired and revoked subkeys anymore

    • POP3:
      • The HTML-GPG-Status-Report now also contains charset-information as HTML-Tags
      • The Confirm-Encr-To-Untrusted is now displayed in the foreground
      • Finally I have the Silent-Mode hacked in
      • And being there I also added another form or Status-Messages using message/rfc822 (this is like Forwarded Mail of e.g. Mozilla Mail -- Outlook Express cannot handle it though...)
      • Pre-Processing of encrypted OpenPGP-Blocks to obtain Encr-Keys apriori is now a bit more tolerant about whitespace (GPGrelay used to check for "\r\n\r\n" to find end of PGP-Message-Header, but sometimes Email-Clients (or MTA, can't tell for sure now) change it to "\r\n \r\n", this caused GPGrelay failed with "Unknown-Key" to those Inlined-PGP-Messages although GPG itself could decrypt without problem)
      • Inlined-PGP is finally non-destruktive (used to reduce mail only to first found PGP-Block, which is also the normal situation...)
      • STLS-Command (Start TLS, see RFC2595) is now also supported as SSL-Negotiation with POP3
      • Autolearn-Alias-Confirm shows full UserIDs now
      • Fixed memory-leak with autolearn alias
      • Signatures wrapped into Encryption (not Encr&Sign!) are now only checked if GlobalControl-Flag for "Verify Signatures" is checked.

    • SMTP:
      • GPGrelay now removes all trailing whitespace when sending Inlined-Signed mails (although GPG verifies signatures that have removed trailing whitespace after clearsign (eg. by a "clever" MTA), but I was told this improves interoperability, so, I gave it a try...)
      • There is now also special treatment for PGP-MIME-Signed mails like RFC3156 suggests
      • Sign-Only-Keys can't encrypt, although it's possible to move them into Profiles which allow Encrytion. When looking for what to do with sign-only-keys, "Encrypt" will mean "Pass-Through" and "Encr&Sign" will mean "Sign".
      • There is now also a possibility to force Default-Profile to sign for special aliases, eg. needed for Mailing-Lists
      • GPGrelay doesn't care for a known sender anymore (there must be a secret key to create signatures though)
      • Added support for STARTTLS-Negotiation within ESMTP (RFC2487)


  • Version 0.90 ; release-date: 2002-Sep-23

    • GPGrelay:
      • Finally eliminated a bad design-flaw in GPGrelay:
        GPG is now always called with the proper KeyID instead of (maybe) ambiguous UserID (remember: only email-addresses are used for matching!).
        The interface is now also aimed straight to email-addresses, so it might be a bit uncommon at first.
        Also this change in concept came very late, thus this caused a very huge rewrite, and this probably has introduced many new bugs (hope no fatal ones!).
        But at least this allows now to handle multiple identical UserIDs (e.g. needed when keys phase out).
        And it's now also possible to directly specify which Subkey should be used for sign or for encr so you can work with new Subkeys instead of completely new Keys.
      • KeyIDs are now used when GPG is invoked (fully avoid Charset-Problems at that point, and also allowing to speciy which subkey to use)
      • UserIDs with different email-addresses are now handled as if they were different keys (say they have their own keyrules now -- thanks to profiles this isn't too bad to handle) This is required because Emails are the only part of the UserIDs that is matched
      • Revoked/Disabled/Invalid/Expired UserIDs are now also recognized during Keydata-Loading and aren't imported anymore
      • UTF8 is (partly) supported for UserIDs, so GPGrelay can handle at least german umlauts now (I guess it will work with other languages as well but due to no direct support of Unicode it's still limited to default windows-8bit-charset (ISO-8859-1))
      • It is assumed that GnuPG always does input/output with CP-850; so umlauts are also possible now within passphrases (same Umlauts as from DOS-Prompt)
      • SMTP-Logging-Switch now works properly
      • Now deleting subtrees in the registry recursively as WinNT/2000 doesn't delete keys if they have subkeys
      • Most String-Representations of lists are now real lists
      • Mailto-Support for UserIDs (accessible from Contextmenu)
      • "Delete GPG-Key" now also deletes from the secret-key-keyring
      • Assign-Profile-To-New-Keys-Option in the Profile-Dialog to have all newly added Keys immediately assigned to a selectable profile (instead of the default-profile which is used for all people without a known key)
      • Now there is also an option for asking Passphrases immediately on Startup
      • And it's now possible to never ask passphrase again as long as GPGrelay runs (more secure alternative to the "Always Use Passphrase"-Option which saves the Passphrase in Plaintext inside the Registry)
      • Trying to run a second instance brings the running instance into the foreground now (instead of an Already-Running-Messagebox)
      • Server-Threads are now checked for proper initialisation (shouldn't crash anymore when any Socket-Conflicts appear)
      • Little bug in the MD5sum-Routine fixed (was actually no real problem within GPGrelay, but for general use it calculated wrong sums in some rare special cases) -- also improved performance on huge blocks (quite unneccessary for GPGrelay too, but ... hey, so what..?!)
      • There is now also a detailed Import-Key-From-Clipboard-Failed-Message
      • Generally better resistance against corrupt mailbodies
      • Generate Key (also works with --gen-key from Commandline; and is displayed if empty Keyring is found)
      • On first startup there are now some generally useful profiles automatically generated, so you only have to Drag&Drop the Keys to the proper profile on first use (you can modify/remove them though).
      • There is now also a purge passphrase button available from the key-dialog which let GPGrelay forget all Passphrase immediately (except the Always-Use-Passphrases).
      • Basic Clipboard Sign/Encrypt/Verify/Decrypt included (Decrypt-Clipboard is also aware of PGP-MIME and can decode quoted-printable on demand)
      • You can also set Ownertrust-Value from inside GPGrelay now too
      • Registry-Cleanup isn't as aggressive as it used to be (only erase the subtrees that have to be removed)
      • When empty Keyring is found, GPGrelay doesn't purge it's keyrule settings (it seems to happen irregularly on some systems that GPGrelay cannot import the keyring on startup, so hope this helps...)
      • Reload-Keys is also finally thread-safe (at least I hope so!)
      • There is no Algorithm-Selection anymore with the keyrules. You have to set your key-preferences by using GnuPG as there were just too many traps to stumble into with direct algorithm- selection (eg. DSA requires a 160Bit-Hash and some hash-functions may not be available on the receiving site)... And as GPG now offers preferences, this completely unneccessary.
      • Another little User-Friendlyness: If no Server-Settings are found on startup: The "Servers"-Page is shown instead of the default "Logging"-Page
      • First-Run now also allows to set a special path for the GnuPG-Homedir (not only the location of GPG anymore)
      • Profile-Drag&Drop is finally possible with multiple selection! (Still a miracle why this common feature of CTreeCtrl requires such a lot (you wouldn't believe it!) of code and is not directly available inside MFC)
      • I added a new option for Logging: Show full mailbodies sent/received (this allows to see what's really going in&out -- very helpful for debugging without a packet-sniffer)
      • And another great obstacle removed: I dynamically linked in the OpenSSL-DLLs (namely ssleay.dll (a.k.a. libssl.dll) and libeay32.dll) - so if those DLLs are present GPGrelay can finally also talk SMTPs and POP3s!
        You have to obtain these DLLs on your own though. Either compile it yourself from the sources you can find on OpenSSL.org -- or, have a look at Stunnel.org as they also offer binaries of those DLLs.
      • Now you can see in the SystemTray what Threads are active -- and you can selectively terminate them
      • Thread is now aborted when a required socket closes prematurely (active parts of a relay will be finished though)
      • Logging full protocol works much faster now (less redraw)
      • Prefix-Control now also has a Pass-Through-Prefix: This allows for much more consistent keyrules: You can now always use the same prefixes in all profiles (in fact this allows to Prefix-Control to be an equivalent of the standard-actions, so it's a bit redundant now, but anyway, it gives more control...)
      • "Don't show Connection Failed-Dialog" is now an optional feature for the server-settings (this enables to have GPGrelay be quiet when offline and Email-Client wants to poll new mails...)
      • GPGrelay now also expands Environment-Strings (e.g. to utilize %APPDATA% on Win2K) in the GnuPG-Registry-Settings, and it also checks HKEY_LOCAL_MACHINE if HKEY_CURRENT_USER doesn't have the requires settings (just like GPG1.2.0 does now).
      • How could I have overseen this?!? Damn, I feel really ashamed!
        So, GPGrelay can finally cope with Emails that have Lines beginning with a dot (or lines that contain only a single dot)

    • SMTP:
      • Better support of ESMTP
      • micalg-value in outgoing signed PGP-MIME-Mails is now properly set (maybe there is really a client that checks this information?!)
      • Passphrase isn't asked anymore if no signing is wanted (used to be asked for, even if mail was passed through)
      • GPGrelay is now even tighter bound to secret keys: It interferes outgoing mails now only if sender can be mapped to a secret key and receiver can be mapped to any key
      • The Default-Profile-Behaviour is now also properly working with multiple recipients
      • Remove-Prefix and multiple recipients also had a bug...
      • Prefix (with or without Remove-Prefix) now also works with "Message Header Extensions for Non-ASCII Text" (you know, those ugly "=?ISO...?Q?...?=" stuff...)
      • BCC-Recipients don't add to the Keyrule-Matching anymore (except if there are only BCC-Recipients...)
      • Inlined PGP works now much better as it tries to respect the encoding, i.e. quoted-printable and clearsigned mail works now properly (but generally it's still a much better idea to use PGP-MIME!
        Also inlined Multipart-Mails are still not decrypted automatically)
      • "MIME-VERSION" is now also allowed to be at the start of the header (fixes bad behaviour of GPGrelay with HTML-Mail from IncrediMail (and maybe other clients?))
      • Like the APOP-Transformation of Plaintext-Login with POP3 there is an equivalent to ESMTP-Auth where plaintext AUTH LOGIN and AUTH PLAIN can be transformed on the fly into AUTH CRAM-MD5 -- as with APOP-Transform: This will hide your password from eavesdroppers.
      • SMTP-Thread is now terminated instead of sending empty messages when encryption fails for whatever unknown reason...
      • As GPG1.2.0 finally shows "Untrusted Key" as reason why encrypt fails, GPGrelay prompts you now if "Always-Trust-Keys" is not specified (instead sending empty mail...)

    • POP3:
      • CAPA Command is now also handled correctly
      • Don't auto-learn Alias from "Reply-To:"-Field anymore (what did I think when I implemented this!?)
      • If a mail is signed by multiple persons it's not considered to be a source for autolearn-alias
      • AutoLearnAlias now features a selection-dialog if Key used for the Signature has multiple UserIDs (remember: GPGrelay strongly matches Email-Addresses! So AutoLearn cannot be that automatic anymore...)
      • Inlined PGP is now also better integrated (esp. talking about character-encoding; see SMTP)
      • X-Keep-Alive-Lifesignals are now (optionally) sended to the email-client when receiving large mails
      • GPGrelay now also does an automatic Reload-Keys when GnuPG fetched a key from a keyserver
      • Little bug fixed with OpenPGP-MIME-Blocks without Version-String
      • AUTH Command had the same Problem as CAPA... Fixed.
      • Autolearn-Alias-Cancel-List while GPGrelay is running ("learn this alias"-questions is now asked only once)
      • Content-Type: application/pgp-signed ist now converted to text/plain as some clients don't know that type and display only an attachment
      • GPGrelay can now also handle PGP-Signed-Text inside PGP-Encrypted-Mails (there really seem to be some email-client that go with this overhead (which is totally "legal" as RFCs say...)...)


  • Version 0.82 ; release-date: 2001-Oct-07

    • GPGrelay:
      • Key-Insensitiveness for Keyrule-Emails didn't work properly; this also caused the keyrule-valid-test to fail so Keyrules also were not saved
      • Backslash in Profilenames or Keynames are now also escaped (Again a slightly new Registry-Format; shouldn't normally be a problem)
      • Good Signatures are highlighted in HTML-Info for quicker recognition
      • Logging of SMTP now displays encryt&sign instead of just encrypt
      • Alias-Emailaddresses now also checked to be unique (was that way internally all the time)
      • Alias-Lookup also faster now
      • TrayIcon now also displays when a GPG-Process is running


  • Version 0.81 ; release-date: 2001-Oct-04

    • POP3:
      • LIST Commando can also be used to retrieve one single line (did hang before)

    • GPGrelay:
      • Passphrase wasn't propagated when requested to sign a key
      • Reload Keys doesn't remove all entered passphrases from memory anymore
      • Enrypt&Sign wasn't saved after Profiledialog


  • Version 0.80 ; release-date: 2001-Oct-03

    • SMTP:
      • "Resent-To:"-Field also checked to really get all(?) recipients
      • It's now possible to send encrypted mails without signing

    • POP3:
      • Decryption/Verification of PGP-Message-Blocks not sent as PGP-MIME finally implemented (works only for simple text/plain-Mails -- still better to try to stay with PGP-MIME!!!)

    • GPGrelay:
      • Damn Minimize-To-Tray: System-Shutdown does not send WM_CLOSE but WM_ENDSESSION; so settings are now saved properly in that case.
      • UserIDs mapped to Aliases aren't editable nor removable anymore (also displayed with blue colored Icon)
      • Keys can now be reloaded (no restart neccessary anymore)
      • "No PGP-MIME" with "sign always" was never saved.
      • Profile-Concept implemented, resulting in nicer opportunity to change behaviour of Key-Groups
      • This also introduces Unknown-Receiver-Defaultsettings
      • Email-Adresses are now compared Case-Insensitive
      • Registry-Format for Settings more human-readable now
      • Shutdown-Confirm-Dialog added
      • Check if Server-Ports are correctly initialized
      • Memoryleak if Socket closed from outside fixed
      • Save Settings Now & Reload Settings added to the System-Menu (not a realy UNDO but better than nothing...)
      • Autolearn Aliases works now for all possible UserIDs

    • GnuPG:
      • Escaping for special chars (esp. Quotes) in UserIDs implemented
      • Very basic Keymanagement included (Clipboard-Export/Import, Delete-Key, (l)Sign-Key)

    • Registry:
      • "gpgProgram"-Registry-Key is now used to start GPG.EXE


  • Version 0.76 ; release-date: 2001-Aug-14

    • GPGrelay:
      • Minimize-Button now only minimizes to taskbar -- Close-Button to tray.


  • Version 0.75 ; release-date: 2001-Aug-12

    • GPGrelay:
      • UIDs of GPG are now properly imported as Aliases


  • Version 0.74 ; release-date: 2001-Aug-11

    • GPGrelay:
      • A damn stupid bug made it impossible to edit Keyrules (Fingerprint added to Keyname)...
      • Garbage-Filter for Keyrules and Aliases included (just to clean up a bit)
      • Interfere SC_CLOSE instead of WM_CLOSE for Minimize To Tray - this allows shutdown via CTRL-ALT-DEL again
      • TrayIcon changes it's color when any relaying is active
      • Logging to File included


  • Version 0.73 ; release-date: 2001-Aug-08

    • GPGrelay:
      • I removed the listboxes and put in some neat TreeControls with Icons, Contextmenus and Tooltips.
        Looks way more cleaned up and better structured now...
      • Tooltips for many controls added. (Still no real online-help, but a nice helpful feature)
      • Keyrule-Dialog also shows now the fingerprint of the key

    • Registry:
      • Stupid bug with "No Passphrase"-Handling removed
      • Folder-Chooser if registry key "HKEY_CURRENT_USER\Software\GNU\GnuPG\HomeDir" is not found built in (that key is then also built for future useage...)


  • Version 0.68 ; release-date: 2001-Jul-31

    • GPGrelay:
      • Finally I GPL'd the source
      • About-Dialog needed to display some more information


  • Version 0.67 ; release-date: 2001-Jul-30

    • GPGrelay:
      Now keys without a passphrase are properly supported (although this shouldn't have been used)


  • Version 0.66 ; release-date: 2001-Jul-25

    • GPGrelay:
      • Retry-Dialog if connection fails implemented
      • Passphrase-Validation for 'Always-Use'-Passphrases
      • More strings are now loaded from Ressource (maybe different languages will be supported someday...)

    • GnuPG:
      Little bug of locale-support removed (Passphrase-Validation didn't worked anymore...)


  • Version 0.61 ; release-date: 2001-Jul-19

    • SMTP:
      Bcc demonstrated: The RCPT TO:-Commando from SMTP-Protocol gives Information, that must not be found in the mailheader - This is fixed now...

    • POP3:
      • Learn Alias also from "Reply-To:"-Field
      • Passphrases are now asked for all possible secret-keys

    • GPGrelay:
      header is read, then decision is made, if body must be completely present or not. So either it's passed through (do-nothing) or the body is read.
      This doesn't delays huge relayed mails as much as before


  • Version 0.60 ; release-date: 2001-Jul-18

    • Registry:
      • Settings are now saved everytime the main window is closed (say minimized); this way it's also started into Tray after System-Shutdown
      • Path of gpg.exe is now read from registry (\\HKEY_CURRENT_USER\Software\GNU\GnuPG\HomeDir) on start of GPGrelay

    • SMTP:
      • Emails from Cc-Field added to the Recipient-Email-Addresses (now handled like Multiple Recpt. in the To:-Field)
      • Emails from Bcc-Field also added: KeyID is cleared in OpenPGP-Block then, so that Bcc means Recv. is hidden from To- and Cc-Receivers.
        But this also means decrypting is kind of a problem for the Bcc-Receiver as he has to check all his Secret Keys if it can be decrypted - and GPGrelay does only one batch-job (means recv. has probably some handiwork to do)...
      • The "Don't use PGP-MIME"-Feature is now also implemented (eg. for easier communication with friends using the Outlook-Express-PGP-Plugin)
        Decryption/Verify of such PGP-Message-Blocks is not supported for now...

    • User-Interface:
      Support of detailed Verbose for gpg included

    • GnuPG:
      • Locales are now supported as well; so let GPG speak your language (altough GPGrelay stays english...)
      • Path of 'gpg.exe' is fetched from registry on first start (\\HKEY_CURRENT_USER\Software\GNU\GnuPG\HomeDir)


  • Version 0.56 ; release-date: 2001-Jun-27

    • POP3:
      Translation from USER/PASS-Commands to the slightly more secure APOP-Command included (not sure if this works everywhere, but works for me)

    • SMTP:
      Signatures for multi-recipients work accordingly to encryption, so unneccessary option from keyrule-dialog removed

    • Logging:
      • Protocol-String isn't displayed anymore if Log-Protocol isn't checked
      • Log doesn't hang anymore when Config-Dialog is opened while something is logged
      • Clear-Log now works properly (even if some Logging is done in parallel)


  • Version: 0.53 ; release-date: 2001-Jun-01

    • first public release


TODO-List
  • Auth. passphrase-cache-access from relays, e.g. by fetching a password from the server-password (so your client needs something like "gpgrelayPWD:serverPWD" as the password for your relay:server-Setup).
    This will reduce the threat of local GPGrelay-missuse (e.g. when multiple Users are logged on at once).
    How about the GUI? Is there any missuse possible?

  • Advanced checking for Look-Alike-Mails (esp. Mails that have a faked Good-Signature-Header; "fuzzy" matching required!) (Needs some more priority now as GPGrelay seems to be used by lots of users now)

  • Option to verify "From"- and "Reply-To"-Fields and in case they don't match a signers UserID/Alias, show some warning or replace fields to become resistent against such kind of attacks to get decrypted content by redirecting automated replys.

  • Option to let user confirm all Outgoing-Actions

  • Cache-File and Multiple-Keyrings and Multiple-Users with personal keyrings requires some solution... (any other way than reading info directly from gpg.conf?) -- A simple workaround if you run into problems with such a setup: Disable Cache! (PermanentCacheUsed=0 turns cachefile off)

  • Add Photo-IDs to key (not only showing/saving them)

  • Optimize Partial keyring-reload (as with delete-key and sign-key) should reload the keyring completely if more than 1/3 of all keys would be affected... Or a magic boundary like no more then 100 Keys for partial reload?

  • Advanced-Tab: "BCC to self" (get a copy of outgoing yourself)

  • If no public key is available when sending, try to get it from keyserver (optionally as this can slow down alot)
    Abort send if no pub-key, instead of send unencrypted (collect failed email-addr)

  • Option for Find Alias to find Alias-Match for a given Email (match Alias->Search-String instead of find Search-SubString in Alias)

  • Appearance: Like Multipart/ASCII but Merge with text/plain

  • Appearance: Like Multipart/ASCII but with Status as second Part (some mail-clients only reply to first part).

  • Relay incoming silently except for special events (eg. Sig-Failed will give normal multipart-notify, others stay "hidden" as header-field)

  • Delete/Revoke selected Signature

  • Delete multiple keys (currently you can only kill one selected key)

  • Option for "--no-encrypt-to": Disable the use of all --encrypt-to keys that might be in the gpg.conf.

  • Add UserGroups; for encapsulating multiple UID-Emails into a more handy group (for the GUI only -- support of GPG-Usergroups won't be useful in any way I can think of)

  • Subject-Removal for encrypted Mails (Are PGP-MIME-Mails allowed to have a "real" (protected) subject that differs from the mail-subject? - If so, this would be easy for PGP-MIME-Mails; just don't offer for inlined?)

  • Have a GPGrelay-Settings-Server to setup GPGrelay for a distributed network with a single admin responsible for the content of the shared keyring and for the keyrules.
    Might be troublesome, esp. as GnuPG must be used with a shared read-only keyring. One way to ensure this would be to use GPG in GPGrelay with "--no-default-keyring" and "--no-options", and then have a temporary local copy from the server used with "--keyring", "--secret-keyring" and "--trustdb-name".
    Guess this will become a very special setup with no direct GUI-Support, say all Client-GPGrelays would show up as "Log-Sheet"-Only-GUI.

  • Generally all Server-Setting-Changes should automatically restart assoc. Server-Thread

  • Generally Clean-Up code and optimizing... (as always :))


Bug-Reports
If you find a bug (they are there for sure), please write me an email to andreas_john@tesla.inka.de.
Or leave a note in the Guestbook

Another very helpful thing would be to use the tracker-system at
SourceForge.net Logo sourceforge.net

Whatever you prefer: Reporting bugs helps to improve any software!

But don't forget to check if the latest version has the bug(s) too!

And please try to describe exact problem, meaning log anything and send me a copy of that log (strike out private information; but don't delete complete lines!); maybe use an external sniffer-program to locate the problem even more exactly and so on...

I must be able to reproduce the bug, otherwise I cannot fix it...


And you can even download the source, fix it there and send it to me ... (Hehe, yes, that would be really nice).


   GPGrelay   
[ GPGrelay ] [ Download ] [ Localisation ] [ Setup ] [ FAQ ]




Contact
.tSCc.
  tscc.atari.org
 
  
dynaCore   andreas_john@tesla.inka.de
 
andreas john
schulzenstr. 36
76771 hördt



[ Home ] [ Tesselation ] [ Others ] [ Guestbook ]