- Version 0.959 ; release-date: 2005-Mar-31
- GPGrelay:
- Due to (finally!) real charset-conversion in GnuPG 1.4.0 (using iconv.dll)
GPGrelay is now required to work with this version
Be aware that GnuPG works in your Console-Codepage while GPGrelay uses
the Windows-Codepage, so there are few Chars that won't map (show up as
"?" then).
In case you want to know what codepages you're currently using, look at
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\Codepage\ACP
for the Windows-Charset in use, and for console-charset
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\Codepage\OEMCP
- Generate Key/Add Subkey is working with GPG 1.4.0 too (and UserIDs with
exotic chars are finally correctly working now (due to new feature of
GnuPG 1.4.0, see above!)
- Support of the new style gnupg.nls for GnuPG-Localisation
- Disabled-Key-Flag has changed in GPG 1.4.0 too
- HTML-Help is now dynamically linked, so the dependence on "hhctrl.ocx"
doesn't prevent GPGrelay from working anymore on systems without htmlhelp
properly installed (no online-help then but that's it -- but as long
as the online-help is work in progress there still is no other online-help
besides the Tooltips)
- Removed one other API-Call which does not exist on Win95
- Finally there is a possibility to give Aliases an own Keyrule. This is
done by virtual UserIDs: GPGrelay treats these aliases like real UserIDs,
offering to move alias to a profile too.
- And vice-versa: UserIDs can be treated like GPGrelay-Aliases, so you can
have only one keyrule for a key with hundreds of UIDs.
- Context-Menu for Alias-Tab is now properly enabled/greyed
- Import of unchanged key isn't reported as "Import Failed" anymore
- Keyboard-Control improved
- Support for "LockSetForegroundWindow"-API for Passphrase-Dialog in
WinME/Win2K and later (API is not available on older windows-versions)
- Hack to fetch Keyringinfo from GnuPG (so move public-key to keyring
is available again -- you need to have gpg.conf set up with multiple
keyrings for this feature).
Isn't there an official way to see keyring-file using "--with-colons"?
- Support for the list-option "show-sig-subpackets=24" (Keyserver)
- GPGrelay now also accepts email-addresses in the uncommon form of
"email@svr (real name)"
- PasswordSpy-Warning is now using SelfHooking to detect injected
messages...
- Suppress-PasswordSpy-Warning is now persistent (saved to the registry)
(Yes, this feature isn't very reliable; PasswordSpys can still be
present without being noticed; esp. Keyloggers and not to forget trojans...)
- GenKey/AddSubkey-Defaults for keylengths are now more secure, just like
the defaults in GnuPG1.4)
- Little Bug in the Logger fixed
- SMTP:
- POP3:
- Little performance-enhancement
- Implemented basic MailProcessing (very alpha, changes are very likely)
- Bugfix for long MIME-Boundaries
- IMAP:
- Have added some logging-support to the IMAP-Mainloop, also synchronized the
exception-handling to behave like for SMTP/POP3 too.
- POP3-KeepAlive-Thread caused the IMAP-Code to crash. Has been removed until
an IMAP-Keep-Alive will be implemented.
- Some internal rework for enhanced dataflow done.
- Yes, I did quite some work for IMAP, nevertheless I'm looking for help here...
- Version 0.955 ; release-date: 2004-Oct-22
- GPGrelay:
- More Dialogs have now proper Parent/Child-Hierarchy to disable some
unwanted Non-Modality (and proper positioning)
- GPGrelay now always tries to keep selections in lists/trees when
reloading keys
- Revoked/Expired/Disabled Subkeys are now also shown in keyviews (still
missing similar feature for primary keys)
- Revoke UserID is now also available through GPGrelay-GUI
- Untrusted UserIDs are now also grayed out in the Key-Displays
- Advanced debug-compiler-define for deadlock-checking (very experimental,
might not working as intended, have to find out :))
At least it helped to catch one deadlock-situation with GPGrelay-shutdown
while being asked for a passphrase so it wasn't worthless effort...
(Not active in Release-Builds! In case you suffer from GPGrelay hanging,
you might want to give the debug-build a try!)
- STARTTLS/STLS is now always defaulting to TLS-Connection as some servers
abort connection with an SSL2-Hello and don't negotiate TLS (or did I
simply miss something in the OpenSSL-Doc?)
- Log Full Protocol does now also show the StartTLS-Chitchat.
- Some small improvements with Logging (still quite slow for large mails
when log full bodies is turned on)
- GPGrelay isn't that picky about email-addresses anymore, so it will work
with internal email-addresses like "user@domain" or simply "user".
Nevertheless GPGrelay is matching full strings, so "user@domain" doesn't
match with a fully given "user@domain.com", so basically this one is only
useful for giving aliases to GPGrelay (doubt it's useful to have
abbreviated emails inside userids).
- The PhotoID-Display can now be resized
- Changed some dialog-texts to have Mnemonics (underlined chars) now, so you
can navigate a bit more easily with the keyboards by pressing
"Alt+Mnemonic" (don't hesitate to tell me missing/duplicate ones;
this came late and is a boring issue, so I guess I haven't checked all
dialogs properly... Suggested to be incorporated in current and future
translations too.)
- --autoexportsettings is now also working when shutting down win2k
(GPGrelay is now creating the .reg-file by itself instead of executing
regedit.exe to export the entries)
- Simple Password-Spy-Detection should alarm you when someone
unauthorized (eg. Spyware or Backdoor) is trying to read a passphrase
from a GPGrelay-Dialog
- Better support of crippled keys: VerifyPassphrase doesn't only rely on a
signing-(sub)key anymore.
- Better handling of non-canonical lineendings from broken servers
- Little GUI-Fix: Relay-Dialog with IMAP and SSL is now properly changing
the default-ports.
- Changed a few lines of code so GPGrelay will now compile directly
with VC.NET 2003 -- to my surprise the run through VC.NET also revealed
embarrassing misuse of some MFC-Macros, so this experiment was more than
worthwhile!
- SMTP:
- Hide BCC-Recipient introduced blank additional line
- Some more troubles with "No secret primary Key" solved (should now work
as intended) basically due to the fact that there is a way to fetch
Usage-Flags for secret keys from GPG.
- POP3:
- Disabled Nagle-Algorithm (send coalescing) for local->remote-relay.
- Some more Line-Ending-Issues solved (fewer lines added/removed)
- IMAP:
- There is nothing I'll do here ... who is willing to care for IMAP-code?
- Version 0.950 ; release-date: 2004-May-21
- GPGrelay:
- Default-Inline-Profiles now have the "don't touch attachment" turned off
- There is now also a tooltip for the "don't touch attachment"
- Keyring-Load on startup is now working properly again! (used to create
keyrules for keys in keyring twice, which caused the "Profile for
new Key"-Feature to be disabled).
- Show-PhotoID is now also working with 16bit-display-depth
- Decrypt/Verify Clipboard does now try to handle quoted email-text before
failing...
- Some mysterious regular crashes (Win2K, SP4) solved (WM_SOCKET_NOTIFY is
sent after WM_SOCKET_DEAD for CSockets)
- If GPGrelay detects many missing keys, the keyrules aren't deleted
automatically from the registry (you have to confirm manually)
- Passphrase-Verify does now work again if no primary-secret-key is available
- Sign content from clipboard is now using preferred sign-key from the keyrule
of the primary UserID of the Secret Key (this also solves the
"no primary-secret-key"-issue there)
- Copy Log to Clipboard is now working again (Owner-Drawn Listbox but was still
referenced as CListBox...)
- GPGrelay is now doing the "gpg --check-trustdb" properly when reloading
keys
- Added convenience-function to export settings to a .reg-File (the
Save/Restore Settings only write/read data to the registry, and this
"Export Settings" will ease backup of the settings a bit)
To import simply doubleclick the resulting .reg-File
- Also a new commandline-option added: --autoexportsettings "filename.reg"
- Gen-Key/Add Subkey is now properly working with GPG 1.2.4
- Bugfix: Deleting the UserID that is currently edited in the keyrule-dialog
caused GPGrelay to crash.
- It's now also possible to bind GPGrelay to a real IP-Address instead of
only localhost; this has alot of security issues coming along with, so
I don't recommend using it unless you really know what you're up to;
see readme.txt for details!
- SMTP:
- Fixed a bug with Keyrule-Selection when sending a mail to multiple user
via to, cc and bcc (thanks to Chupakabra)
- GPGrelay failed with a special variant of AUTH LOGIN, so this is now
working too
- POP3:
- Added machine-readable status-fields to received mails:
X-GPGrelay-GoodSig: <long keyid> <username>
X-GPGrelay-BadSig: <long keyid> <username>
X-GPGrelay-EncTo: <long keyid> <keytype> <keylength>
These fields are filled with whatever GPG emits for Status-FD, they might
be issues multiple times...
- Also any incoming X-GPGrelay-Headerfield is tagged as a
X-GPGrelay-Fake-Warning-Headerfield!
- These Fake-Warnings also modify the subject-line (see Registry
"FakeWarningModifySubject" to turn this off).
Don't expect too much "Fake-Detection" with this mechanism; but
it may help if your email-client can support subject-coloring
or similar things concerning the machine-readable-status-fields
mentioned above.
- Fewer incorrectly added empty lines to outgoing/incoming mails
- The "Received:"-Entry added by GPGrelay to the incoming mail is now
an "X-GPGrelay-Received:", so it doesn't interfere with common
MTA-Semantics anymore.
Nevertheless, you have to check for it's existance at the first
line of received mail (only some X-GPGrelay-Keep-Alive-Lines are
allowed to be shown before) to have some hint that GPGrelay was
issuing the X-GPGrelay-Headers (Obviously: No fake-detection when
bypassing GPGrelay)...
- Found a bug which allowed special mails to stop GPGrelay-Relays
(crash a relay-thread but doesn't bring down GPGrelay itself)
- First Part of a Multipart is now also decrypted when received
- IMAP:
- There is nothing I'll do here ... who is willing to care for IMAP-code?
- Version 0.94 ; release-date: 2004-Jan-05
- GPGrelay:
- Passphrase-Settings for multiple private keys are now properly saved
- "Don't show retry-dialog" in the relay-settings is working again.
- Cleaner Shutdown: GPGrelay is now waiting for all Active-Threads to terminate
- GPGrelay won't crash anymore if gen-key fails (eg. due to locked
keyring-file -- Although I think, this is a bug/misbehaviour of the
Win32-Port of GnuPG, as it shouldn't fail to create key in this situation)
- Force-Aliases are now replaced by the possibility to specify Sign-Only-
Profiles, which offer the possibility to attach email-aliases directly to
them.
- It's now possible to abort Reload-Keys-Threads (helpful on slow machines with
huge keyrings while you're online)
Partial reload cannot be terminated though, although displayed...
- GPGrelay does now also know about the "unusable" userids (still need to add a
view for the unreachable keys (the ones without an email in the UserIDs)...).
Probably the last step missing for GPGrelay to become a mature gpg-frontend.
- You can also access User-Attributes from within GPGrelay
- Possibility to view PhotoID when DirectX8 is available...
- Add/Remove subkey is now also propagating the new keyids to the controls
- GnuPG1.2.3 doesn't show keyring-file anymore (they say it was a bug that the
Keyring was displayed), so some advanced features like "Move to keyring"
aren't available with GnuPG1.2.3 as GPGrelay simply doesn't know about the
keyrings anymore (this also broke the cache-file-useage).
- SMTP:
- Abort-Request on "Cancel Passphrase" is now saving the "don't ask again"-Flag
properly
- Sending passthrough-mails can now also prematurely terminated
- User-Prompt to confirm signing/encrypting already signed/encrypted mail
- Forwarded Mails (Forward as Attachment) are now handled correctly
(thanks to Xavier Nodet for the patch)
- POP3:
- Cancel Passphrase optionally offers now to abort receiving (instead of always
receive undecrypted when no passphrase was given)
- Always add "Received:"-Header-Field when incoming mail passes GPGrelay
(this is an additional info to detect possible "Good sig"-fakes that might
be received by bypassing GPGrelay)
- Added support for PGP-MIME-signed mails inside Mailinglist-Multipart-Footers
- IMAP:
- There is nothing I'll do here ... who is willing to care for IMAP-code?
- Version 0.93 ; release-date: 2003-Jul-26
- GPGrelay:
- SuppressPortProbing-Flag available through registry (not through GUI; set
"SuppressPortProbing" to 1 if you don't want GPGrelay to do Port-Probing
anymore)
- Trying to be more friendly to the system-settings: Some dialogs are now
aware of large systemfonts, also some System-Color-References are now
properly supported.
- Decryption of symmetric encrypted content is now also properly handled by
GPGrelay
- Import Key features now a primitive preview Key
- Tray-Menu also has now "Show GPGrelay" (alternative to Left-Click on the
Tray-Icon)
- It's now possible to have multiple servers per relay specified (of course,
only one can be active at once) -- this allows to have GPGrelay on a mobile
machine and easily change servers depending on the network to connect to
(mainly useful for SMTP-Servers)
This also allows now to deactivate single relays instead of all on/off
- Change Passphrase for secret key is now also supported
- Thanks to Andrea Rimicci GPGrelay is now properly working on Multihomed-
Hosts!
- Resizable kind of Splitter-Window for the Sign-Key-Dialog
- SSL for the standard-ports is now always treated as STARTTLS to reduce
error-logs on the servers (no SMTPs (or POP3s) on default SMTP- (or POP3-)
Ports allowed anymore)
- Passphrases aren't copied around that much anymore (using RefCount instead of
Copy -- nevertheless dialogs might have still multiple copies in RAM...)
- New commandline-argument: "--hkey_local_machine" which lets GPGrelay store
it's settings under "HKEY_LOCAL_MACHINE\Software\.tSCc.\GPGrelay"
instead of the default location at
"HKEY_CURRENT_USER\Software\.tSCc.\GPGrelay"
This also requires to set a proper entry in
HKEY_LOCAL_MACHINE\Software\GNU\GnuPG\HomeDir
Might be handy for those people who want to run GPGrelay as a NT-Service
- "Add UserID" disables the Okay-Button as long as the new UserID is invalid
- There was a bug lurking in the gpg-comm-stuff that could have caused
occasional crashes on some systems
- The Key-Dialogs now also contain information in which keyring a key resides
(pubrings only) - It's quite useless information when you use only one
keyring-file, but is too much info any harm?
- Partial Keyring-Reload on Sign-Key/Delete-Key (way faster with huge keyrings;
at least in cases of non-complete WoT which is usually the case...)
- GPGrelay-Cachefile-Location now defaults to
"%APPDATA%\GPGrelay\GPGrelay.cache", so it will be useful in
multiuser-environment too
- SMTP:
- Remove BCC-Recipients-KeyIDs is now optional as PGP8.0 for Mobile isn't able
to handle anonymized KeyIDs...
- Log-Decision-Hints now also tells if Preferred-KeyID for Encr. is invalid and
thus Keyrule cannot encrypt.
- There is a new option for Inlined PGP: Clearsign Text/Plain-Attachments.
Now generally all attachments are signed with a detached signature, but you
may want to clearsign text-attachments too.
- And an option to let attachments untouched when sending inlined PGP
- Cancel Passphrase optionally offers now to abort sending (instead of always
sending unsigned when no passphrase was given)
- Advanced Keyrule-Settings: "Add additional Headerfields" like
X-PGP-KeyID: <KeyID>, X-Request-PGP: <url>, ...
- POP3:
- Keep-Alive didn't handle premature-socket-close on the clientside correctly
- There was a fatal double-free bug in the exception-handling which caused
GPGrelay to crash in some error-situations.
- Stupid bug with S/MIME-Mails fixed
- Simple Inlined Encrypted mails aren't handled with "Inlined GPGStatus"
anymore
- IMAP:
- First (and only(?)) implementation of an IMAP-Relay coded by
Martin Sanneblad <martin@spinsane.info>
If someone would like to work on this, let me know!
- Version 0.92 ; release-date: 2003-Mar-12
- GPGrelay:
- Revokate subkey disabled if no secret key is available (crashed GPGrelay!)
- Add/Delete Subkey is now also available through the GUI
- Generate Key a bit more cleaned up
- Additional checks if Sockets are really listening on loopback-device.
- Alias-Edit/Remove-Buttons are now disabled if nothing editable is selected
("Not working edit-button" confused too many users :)).
- Keyrules for Public-Keys-Only crashed when trying to change the subkey to
be used for encryption.
- Update of Passphrase-Settings after Keyrule-Edit was still corrupted
- Reload-Key-Lock has now finer granularity and should feel faster
- It's now possible to disable Shutdown-Confirm (to reenable it you need to use
regedit or hold down SHIFT-Key while selecting shutdown...)
- POP3:
- Inlined-PGP as well as Headerfield-Status used to forward header twice (and
also introduced some empty lines at the beginning of the mail)
- Autolearn-Alias had a bug introduced with the Force-Aliases
- When "don't verify" is set in the global control, GPG is now also called with
"--skip-verify" when decrypting
- Mailparts with empty headers are now also treated correctly
- GPGrelay isn't so pedantic anymore about "protocol"-Parameter in the
PGP-MIME-Content-Type (some clients don't specify it, and it's more or less
redundant anyway)
- "Quiet" and inlined encrypted mails is working now
- Log-Protocol for AUTH PLAIN and AUTH LOGIN is now displaying Username and
Passphrase in clear - hopefully people will be more aware of their insecureness
now (it's just simple Base64 and not proteced in any way)!
Try using AUTH CRAM-MD5 or APOP instead!
- SMTP:
- Fixed bug with the implementation of the RFC3156-Recommendations:
Preparation for signing of nested Multiparts is now also supported
- Confirm "Encrypt To Untrusted"-Dialog is now shown in the foreground
- "Encrypt To Untrusted" had a racecondition that sometimes displayed error
where no error was.
- Sending HTML-Mails inlined (sign or encr) are treated specially now, so
recipients won't have problems anymore to decrypt it; this is done by simply
discarding all HTML-Stuff and only transfer the text/plain-alternative.
- Unknown-Sender always lead to Pass-Through
- Log-Protocol for AUTH PLAIN and AUTH LOGIN is now displaying Username and
Passphrase in clear - hopefully people will be more aware of their insecureness
now (it's just simple Base64 and not proteced in any way)!
Try using AUTH CRAM-MD5 instead!
- Version 0.91 ; release-date: 2003-Jan-31
- GPGrelay:
- Keys without encryption-subkey can now also have a keyrule (was Bug that crashed GPGrelay)
- Tempfile-Names (required for verifying PGP-MIME-Signatures) are now build in a more reliable fashion
- UserIDs that don't have a valid email-address are now ignored without crashing GPGrelay
- Prompt-Windows (eg. for Passphrase) are now positioned in respect of the screen-size and don't
show outside the screen
- Generate Keypair now also allows to have proper Umlauts (converted to CP850) in the UserID (not only
in the passphrase...)
- It's now also possible to change the OwnerTrust of a key if it is listed with other keys with same
Email-Addr
- UserID-Management (--edit-key with adduid/deluid/primary) is also accessible over the GUI now
- Reload-Keys while a dialog is open is now also handled correctly (though I doubt I have found all
possible situations where this might be possible...)
- Signatures for Subkeys (a.k.a. Subkey-Bindings) are now displayed with the subkey (used to be shown
as signatures displayed with the last UserID)
- And as I also discovered a key which has multiple subkey-binding-signatures; GPGrelay displays more
than only the last one.
- It's now also possible to sign single UserIDs instead of complete key
- Send/Receive(Update) Keys from Keyserver is now also accessible from the KeyMenu (Context of Primary-KeyID)
- WM_POWERBROADCAST is now also checked: PBT_APMSUSPEND will now stop the server-threads and
PBT_APMRESUMESUSPEND reactivaes them now (some systems required a manual Restart-Threads after
Suspend-Mode before)
- GPGrelay is finally internationalized!
Many controls have now an automatic Layout to respect the size of translated text that should
be displayed in the dialogs, so the whole thing may now be much easier to translate than before
with fixed size dialog-resources.
Checkout how you can do a translation into your preferred language on the GPGrelay-Homepage.
- GnuPG is now started in it's HomeDir as working Directory
- "Restore last Settings" does now also update the GlobalControls-PropertyPage
- Keyring is now cached (huge keyrings lagged GPGrelay startup immensely) -- There is now a "hidden"
option in the registry to disable cacheing (Set Registry-Key "PermanentCacheUsed" to "0").
- In/Out-Count uses cummulative messages now (happend to flood the MessageQueue too much on slow systems)
- Due to showing Server-Tab first when no server is specified, the Log-Page was initialized randomly,
this is fixed now!
- The Default-Prefixed-Profiles created the first time GPGrelay runs are now set up properly to
their names
- 16-Digit-KeyIDs are now displayed with a space, so it can be more easily compared to their 8-Digit-IDs.
- Multiple userids in the profile-tree are now mapped to their keys and not only to the
email-matching-keyrule, so Delete-Key and other key-edit-options work with them now.
- Validate Passphrase was still language-dependent. It's now also properly using "Status-FD".
- Some more problems with Sign-Only-Keys solved.
- Prefixes can now be synchronized over all Profiles (as this is the most common use for prefixes)
- Multiple Sign-Keys can now also have different Passphrases (and Sign-Subkeys are now mapped to
the passphrase of their primary key)
- Yuck! Found a bad race-condition with kill-thread; this should fix some mysterious crashes...
- Running Threads are now killed before GPGrelay closes down
- Genkey: When changing key-type, the bitlen isn't automatically changed to it's default-length anymore
- Option in context-menu to select all UID-Emails of a key in Treeview (eg. for Drag&Drop)
- Generate Revocation Certificate is now also available through GPGrelay
- Also revocation of subkeys
- And import Keyring doesn't import expired and revoked subkeys anymore
- POP3:
- The HTML-GPG-Status-Report now also contains charset-information as HTML-Tags
- The Confirm-Encr-To-Untrusted is now displayed in the foreground
- Finally I have the Silent-Mode hacked in
- And being there I also added another form or Status-Messages using message/rfc822 (this is like
Forwarded Mail of e.g. Mozilla Mail -- Outlook Express cannot handle it though...)
- Pre-Processing of encrypted OpenPGP-Blocks to obtain Encr-Keys apriori is now a bit more tolerant
about whitespace (GPGrelay used to check for "\r\n\r\n" to find end of PGP-Message-Header, but
sometimes Email-Clients (or MTA, can't tell for sure now) change it to "\r\n \r\n", this caused
GPGrelay failed with "Unknown-Key" to those Inlined-PGP-Messages although GPG itself could
decrypt without problem)
- Inlined-PGP is finally non-destruktive (used to reduce mail only to first found PGP-Block, which
is also the normal situation...)
- STLS-Command (Start TLS, see RFC2595) is now also supported as SSL-Negotiation with POP3
- Autolearn-Alias-Confirm shows full UserIDs now
- Fixed memory-leak with autolearn alias
- Signatures wrapped into Encryption (not Encr&Sign!) are now only checked if
GlobalControl-Flag for "Verify Signatures" is checked.
- SMTP:
- GPGrelay now removes all trailing whitespace when sending Inlined-Signed mails (although GPG
verifies signatures that have removed trailing whitespace after clearsign (eg. by a "clever"
MTA), but I was told this improves interoperability, so, I gave it a try...)
- There is now also special treatment for PGP-MIME-Signed mails like RFC3156 suggests
- Sign-Only-Keys can't encrypt, although it's possible to move them into Profiles which allow
Encrytion. When looking for what to do with sign-only-keys, "Encrypt" will mean
"Pass-Through" and "Encr&Sign" will mean "Sign".
- There is now also a possibility to force Default-Profile to sign for special aliases,
eg. needed for Mailing-Lists
- GPGrelay doesn't care for a known sender anymore (there must be a secret key to create
signatures though)
- Added support for STARTTLS-Negotiation within ESMTP (RFC2487)
- Version 0.90 ; release-date: 2002-Sep-23
- GPGrelay:
- Finally eliminated a bad design-flaw in GPGrelay:
GPG is now always called with the proper KeyID instead of (maybe) ambiguous UserID (remember:
only email-addresses are used for matching!).
The interface is now also aimed straight to email-addresses, so it might be a bit uncommon at
first.
Also this change in concept came very late, thus this caused a very huge rewrite, and this
probably has introduced many new bugs (hope no fatal ones!).
But at least this allows now to handle multiple identical UserIDs (e.g. needed when keys phase
out).
And it's now also possible to directly specify which Subkey should be used for sign or for encr
so you can work with new Subkeys instead of completely new Keys.
- KeyIDs are now used when GPG is invoked (fully avoid Charset-Problems at that point, and also
allowing to speciy which subkey to use)
- UserIDs with different email-addresses are now handled as if they were different keys (say they
have their own keyrules now -- thanks to profiles this isn't too bad to handle)
This is required because Emails are the only part of the UserIDs that is matched
- Revoked/Disabled/Invalid/Expired UserIDs are now also recognized during
Keydata-Loading and aren't imported anymore
- UTF8 is (partly) supported for UserIDs, so GPGrelay can handle at least german umlauts now
(I guess it will work with other languages as well but due to no direct support of Unicode
it's still limited to default windows-8bit-charset (ISO-8859-1))
- It is assumed that GnuPG always does input/output with CP-850; so umlauts are also possible now
within passphrases (same Umlauts as from DOS-Prompt)
- SMTP-Logging-Switch now works properly
- Now deleting subtrees in the registry recursively as WinNT/2000 doesn't delete keys if they
have subkeys
- Most String-Representations of lists are now real lists
- Mailto-Support for UserIDs (accessible from Contextmenu)
- "Delete GPG-Key" now also deletes from the secret-key-keyring
- Assign-Profile-To-New-Keys-Option in the Profile-Dialog to have all newly added Keys
immediately assigned to a selectable profile (instead of the default-profile which is
used for all people without a known key)
- Now there is also an option for asking Passphrases immediately on Startup
- And it's now possible to never ask passphrase again as long as GPGrelay runs (more secure
alternative to the "Always Use Passphrase"-Option which saves the Passphrase in Plaintext
inside the Registry)
- Trying to run a second instance brings the running instance into the foreground now (instead
of an Already-Running-Messagebox)
- Server-Threads are now checked for proper initialisation (shouldn't crash anymore when
any Socket-Conflicts appear)
- Little bug in the MD5sum-Routine fixed (was actually no real problem within GPGrelay, but for
general use it calculated wrong sums in some rare special cases) -- also improved performance
on huge blocks (quite unneccessary for GPGrelay too, but ... hey, so what..?!)
- There is now also a detailed Import-Key-From-Clipboard-Failed-Message
- Generally better resistance against corrupt mailbodies
- Generate Key (also works with --gen-key from Commandline; and is displayed if empty Keyring is
found)
- On first startup there are now some generally useful profiles automatically generated, so you
only have to Drag&Drop the Keys to the proper profile on first use (you can modify/remove them
though).
- There is now also a purge passphrase button available from the key-dialog which let GPGrelay
forget all Passphrase immediately (except the Always-Use-Passphrases).
- Basic Clipboard Sign/Encrypt/Verify/Decrypt included (Decrypt-Clipboard is also aware of
PGP-MIME and can decode quoted-printable on demand)
- You can also set Ownertrust-Value from inside GPGrelay now too
- Registry-Cleanup isn't as aggressive as it used to be (only erase the subtrees that have to be
removed)
- When empty Keyring is found, GPGrelay doesn't purge it's keyrule settings (it seems to happen
irregularly on some systems that GPGrelay cannot import the keyring on startup, so hope this
helps...)
- Reload-Keys is also finally thread-safe (at least I hope so!)
- There is no Algorithm-Selection anymore with the keyrules. You have to set your key-preferences
by using GnuPG as there were just too many traps to stumble into with direct algorithm-
selection (eg. DSA requires a 160Bit-Hash and some hash-functions may not be available on the
receiving site)... And as GPG now offers preferences, this completely unneccessary.
- Another little User-Friendlyness: If no Server-Settings are found on startup:
The "Servers"-Page is shown instead of the default "Logging"-Page
- First-Run now also allows to set a special path for the GnuPG-Homedir (not only the location of
GPG anymore)
- Profile-Drag&Drop is finally possible with multiple selection! (Still a miracle why this common
feature of CTreeCtrl requires such a lot (you wouldn't believe it!) of code and is not directly
available inside MFC)
- I added a new option for Logging: Show full mailbodies sent/received (this allows to see what's
really going in&out -- very helpful for debugging without a packet-sniffer)
- And another great obstacle removed: I dynamically linked in the OpenSSL-DLLs (namely ssleay.dll
(a.k.a. libssl.dll) and libeay32.dll) - so if those DLLs are present GPGrelay can finally also
talk SMTPs and POP3s!
You have to obtain these DLLs on your own though. Either compile it yourself from the sources
you can find on OpenSSL.org -- or, have a look at Stunnel.org as they also offer binaries of
those DLLs.
- Now you can see in the SystemTray what Threads are active -- and you can selectively terminate
them
- Thread is now aborted when a required socket closes prematurely (active parts of a relay will
be finished though)
- Logging full protocol works much faster now (less redraw)
- Prefix-Control now also has a Pass-Through-Prefix: This allows for much more consistent keyrules:
You can now always use the same prefixes in all profiles (in fact this allows to Prefix-Control
to be an equivalent of the standard-actions, so it's a bit redundant now, but anyway, it gives
more control...)
- "Don't show Connection Failed-Dialog" is now an optional feature for the server-settings (this
enables to have GPGrelay be quiet when offline and Email-Client wants to poll new mails...)
- GPGrelay now also expands Environment-Strings (e.g. to utilize %APPDATA% on Win2K) in the
GnuPG-Registry-Settings, and it also checks HKEY_LOCAL_MACHINE if HKEY_CURRENT_USER doesn't have
the requires settings (just like GPG1.2.0 does now).
- How could I have overseen this?!? Damn, I feel really ashamed!
So, GPGrelay can finally cope with Emails that have Lines beginning with a dot (or lines that
contain only a single dot)
- SMTP:
- Better support of ESMTP
- micalg-value in outgoing signed PGP-MIME-Mails is now properly set (maybe there is really a
client that checks this information?!)
- Passphrase isn't asked anymore if no signing is wanted (used to be asked for, even if mail was
passed through)
- GPGrelay is now even tighter bound to secret keys: It interferes outgoing mails now only if
sender can be mapped to a secret key and receiver can be mapped to any key
- The Default-Profile-Behaviour is now also properly working with multiple recipients
- Remove-Prefix and multiple recipients also had a bug...
- Prefix (with or without Remove-Prefix) now also works with "Message Header Extensions for
Non-ASCII Text" (you know, those ugly "=?ISO...?Q?...?=" stuff...)
- BCC-Recipients don't add to the Keyrule-Matching anymore (except if there are only
BCC-Recipients...)
- Inlined PGP works now much better as it tries to respect the encoding, i.e. quoted-printable
and clearsigned mail works now properly (but generally it's still a much better idea to use
PGP-MIME!
Also inlined Multipart-Mails are still not decrypted automatically)
- "MIME-VERSION" is now also allowed to be at the start of the header (fixes bad behaviour of
GPGrelay with HTML-Mail from IncrediMail (and maybe other clients?))
- Like the APOP-Transformation of Plaintext-Login with POP3 there is an equivalent to ESMTP-Auth
where plaintext AUTH LOGIN and AUTH PLAIN can be transformed on the fly into AUTH CRAM-MD5 --
as with APOP-Transform: This will hide your password from eavesdroppers.
- SMTP-Thread is now terminated instead of sending empty messages when encryption fails for
whatever unknown reason...
- As GPG1.2.0 finally shows "Untrusted Key" as reason why encrypt fails, GPGrelay prompts you now
if "Always-Trust-Keys" is not specified (instead sending empty mail...)
- POP3:
- CAPA Command is now also handled correctly
- Don't auto-learn Alias from "Reply-To:"-Field anymore (what did I think when I implemented
this!?)
- If a mail is signed by multiple persons it's not considered to be a source for autolearn-alias
- AutoLearnAlias now features a selection-dialog if Key used for the Signature has multiple
UserIDs (remember: GPGrelay strongly matches Email-Addresses! So AutoLearn cannot be that
automatic anymore...)
- Inlined PGP is now also better integrated (esp. talking about character-encoding; see SMTP)
- X-Keep-Alive-Lifesignals are now (optionally) sended to the email-client when receiving large
mails
- GPGrelay now also does an automatic Reload-Keys when GnuPG fetched a key from a keyserver
- Little bug fixed with OpenPGP-MIME-Blocks without Version-String
- AUTH Command had the same Problem as CAPA... Fixed.
- Autolearn-Alias-Cancel-List while GPGrelay is running ("learn this alias"-questions is now
asked only once)
- Content-Type: application/pgp-signed ist now converted to text/plain as some clients don't know
that type and display only an attachment
- GPGrelay can now also handle PGP-Signed-Text inside PGP-Encrypted-Mails (there really seem to be
some email-client that go with this overhead (which is totally "legal" as RFCs say...)...)
- Version 0.82 ; release-date: 2001-Oct-07
- GPGrelay:
- Key-Insensitiveness for Keyrule-Emails didn't work properly; this also
caused the keyrule-valid-test to fail so Keyrules also were not saved
- Backslash in Profilenames or Keynames are now also escaped (Again a slightly new
Registry-Format; shouldn't normally be a problem)
- Good Signatures are highlighted in HTML-Info for quicker recognition
- Logging of SMTP now displays encryt&sign instead of just encrypt
- Alias-Emailaddresses now also checked to be unique (was that way internally all the time)
- Alias-Lookup also faster now
- TrayIcon now also displays when a GPG-Process is running
- Version 0.81 ; release-date: 2001-Oct-04
- POP3:
- LIST Commando can also be used to retrieve one single line (did hang before)
- GPGrelay:
- Passphrase wasn't propagated when requested to sign a key
- Reload Keys doesn't remove all entered passphrases from memory anymore
- Enrypt&Sign wasn't saved after Profiledialog
- Version 0.80 ; release-date: 2001-Oct-03
- SMTP:
- "Resent-To:"-Field also checked to really get all(?) recipients
- It's now possible to send encrypted mails without signing
- POP3:
- Decryption/Verification of PGP-Message-Blocks not sent as PGP-MIME finally
implemented (works only for simple text/plain-Mails -- still better to try
to stay with PGP-MIME!!!)
- GPGrelay:
- Damn Minimize-To-Tray: System-Shutdown does not send WM_CLOSE but
WM_ENDSESSION; so settings are now saved properly in that case.
- UserIDs mapped to Aliases aren't editable nor removable anymore (also
displayed with blue colored Icon)
- Keys can now be reloaded (no restart neccessary anymore)
- "No PGP-MIME" with "sign always" was never saved.
- Profile-Concept implemented, resulting in nicer opportunity to change
behaviour of Key-Groups
- This also introduces Unknown-Receiver-Defaultsettings
- Email-Adresses are now compared Case-Insensitive
- Registry-Format for Settings more human-readable now
- Shutdown-Confirm-Dialog added
- Check if Server-Ports are correctly initialized
- Memoryleak if Socket closed from outside fixed
- Save Settings Now & Reload Settings added to the System-Menu (not a realy
UNDO but better than nothing...)
- Autolearn Aliases works now for all possible UserIDs
- GnuPG:
- Escaping for special chars (esp. Quotes) in UserIDs implemented
- Very basic Keymanagement included (Clipboard-Export/Import, Delete-Key,
(l)Sign-Key)
- Registry:
- "gpgProgram"-Registry-Key is now used to start GPG.EXE
- Version 0.76 ; release-date: 2001-Aug-14
- GPGrelay:
- Minimize-Button now only minimizes to taskbar -- Close-Button to tray.
- Version 0.75 ; release-date: 2001-Aug-12
- GPGrelay:
- UIDs of GPG are now properly imported as Aliases
- Version 0.74 ; release-date: 2001-Aug-11
- GPGrelay:
- A damn stupid bug made it impossible to edit Keyrules (Fingerprint added to Keyname)...
- Garbage-Filter for Keyrules and Aliases included (just to clean up a bit)
- Interfere SC_CLOSE instead of WM_CLOSE for Minimize To Tray
- this allows shutdown via CTRL-ALT-DEL again
- TrayIcon changes it's color when any relaying is active
- Logging to File included
- Version 0.73 ; release-date: 2001-Aug-08
- GPGrelay:
- I removed the listboxes and put in some neat TreeControls with Icons, Contextmenus and
Tooltips.
Looks way more cleaned up and better structured now...
- Tooltips for many controls added. (Still no real online-help, but a nice helpful feature)
- Keyrule-Dialog also shows now the fingerprint of the key
- Registry:
- Stupid bug with "No Passphrase"-Handling removed
- Folder-Chooser if registry key "HKEY_CURRENT_USER\Software\GNU\GnuPG\HomeDir" is not found
built in (that key is then also built for future useage...)
- Version 0.68 ; release-date: 2001-Jul-31
- GPGrelay:
- Finally I GPL'd the source
- About-Dialog needed to display some more information
- Version 0.67 ; release-date: 2001-Jul-30
- GPGrelay:
Now keys without a passphrase are properly supported (although this shouldn't have been used)
- Version 0.66 ; release-date: 2001-Jul-25
- GPGrelay:
- Retry-Dialog if connection fails implemented
- Passphrase-Validation for 'Always-Use'-Passphrases
- More strings are now loaded from Ressource (maybe different languages will be supported
someday...)
- GnuPG:
Little bug of locale-support removed (Passphrase-Validation didn't worked anymore...)
- Version 0.61 ; release-date: 2001-Jul-19
- SMTP:
Bcc demonstrated: The RCPT TO:-Commando from SMTP-Protocol gives Information,
that must not be found in the mailheader - This is fixed now...
- POP3:
- Learn Alias also from "Reply-To:"-Field
- Passphrases are now asked for all possible secret-keys
- GPGrelay:
header is read, then decision is made, if body must be completely present or not.
So either it's passed through (do-nothing) or the body is read.
This doesn't delays huge relayed mails as much as before
- Version 0.60 ; release-date: 2001-Jul-18
- Registry:
- Settings are now saved everytime the main window is closed (say minimized); this
way it's also started into Tray after System-Shutdown
- Path of gpg.exe is now read from registry
(\\HKEY_CURRENT_USER\Software\GNU\GnuPG\HomeDir)
on start of GPGrelay
- SMTP:
- Emails from Cc-Field added to the Recipient-Email-Addresses (now handled like
Multiple Recpt. in the To:-Field)
- Emails from Bcc-Field also added: KeyID is cleared in OpenPGP-Block then, so that
Bcc means Recv. is hidden from To- and Cc-Receivers.
But this also means decrypting is kind of a problem for the Bcc-Receiver as he has
to check all his Secret Keys if it can be decrypted - and GPGrelay does only one
batch-job (means recv. has probably some handiwork to do)...
- The "Don't use PGP-MIME"-Feature is now also implemented
(eg. for easier communication with friends using the Outlook-Express-PGP-Plugin)
Decryption/Verify of such PGP-Message-Blocks is not supported for now...
- User-Interface:
Support of detailed Verbose for gpg included
- GnuPG:
- Locales are now supported as well; so let GPG speak your language (altough
GPGrelay stays english...)
- Path of 'gpg.exe' is fetched from registry on first start
(\\HKEY_CURRENT_USER\Software\GNU\GnuPG\HomeDir)
- Version 0.56 ; release-date: 2001-Jun-27
- POP3:
Translation from USER/PASS-Commands to the slightly more secure APOP-Command
included (not sure if this works everywhere, but works for me)
- SMTP:
Signatures for multi-recipients work accordingly to encryption, so unneccessary
option from keyrule-dialog removed
- Logging:
- Protocol-String isn't displayed anymore if Log-Protocol isn't checked
- Log doesn't hang anymore when Config-Dialog is opened while something is logged
- Clear-Log now works properly (even if some Logging is done in parallel)
- Version: 0.53 ; release-date: 2001-Jun-01
|
|
