WinGate release notes

The following changes have been made since WinGate 7 beta 1 (build 3239) was released on 27 May 2011.


Version 9.0.8 (Build 5935) Released 21 August 2017

1. Fix: Various: Fixed several automatically-reported crashes in WinGate Management and WinGate engine.

2. Fix: Flow-chart policy: Fixed problem with list lookup relating to localised interface where the method sort order changes.

3. Fix: Notifications: Fixed automatically-reported crash relating to logging notification reports.


Version 9.0.7 (Build 5933) Released 14 July 2017

1. Fix: AD connector: Crash in SOCKS authentication related to testing for available auth methods.

2. Fix: Various: various localization issues with some strings


Version 9.0.6 (Build 5929) Released 8 June 2017

1. Fix: Services: Fixed problem with high rate of incoming connections.

2. Fix: WinGate Engine: fixed intermittent crash on engine shutdown.

3. Fix: Localization: Made numerous hard-coded strings available for localization.

4. Fix: Email UI: fixed display of email address handler restrictions.

5. Fix: WWW proxy: Fixed issue in web server when serving files with % in filename

6. New: Licenses: Now report notification incident when license count is exceeded


Version 9.0.5 (Build 5926) Released 5 April 2017

1. Fix: Locking: Reverted to FIFO lock acquisition strategy to resolve issues with stablity due to thread starvation on highly contended locks under load.

2. Fix: WWW proxy: Fixed parser problem if response headers contain mixed CR and CRLF line endings.

3. Fix: Credential Rules: fixed lookup failure when multiple IP-matching sub-ranges defined.

4. Fix: Web Access Rules: Fixed display problem in rules if username contained XML special characters (such as ampersand)

5. Fix: Web Access Rules: Fixed a problem if registry merging resulted in multiple conflicting rule entries.

6. Fix: WinGate Engine: Fixed a crash on shutdown whilst deleting services

7. Fix: WinGate Management: Fixed an automatically-reported crash issue when accessing context menus from some panels when the task panel is hidden.

8. Change: String handling: Performance improvements in several places where strings are copied.

9. Change: Web Access: Refactored locking to reduce contention and increase performance.

10. Change: Minidump reporting: collect more data on crashes, submit minidumps zipped.


Version 9.0.4 (Build 5915) Released 13 February 2017

1. Fix: TLS in services: fixed allowed cipher suite issue relating to deprecation of RC4 and 3-DES, causing older clients to fail to connect with TLS.

2. Fix: WinGate Engine: Fixed an automatically reported crash on shut down of WinGate engine

3. Fix: Categories: Fixed an automatically reported crash in the user interface when you add a category and clear the name,

4. Fix: Permissions: Fixed an automatically reported crash in the user interface which occured occasionally when changing selection

5. Fix: WinGate Management: Fixed an automatically reported crash in the user interface relating to requesting credentials from the user.

6. Fix: Telemetry: several fixes relating to missing prefixes.


Version 9.0.3 (Build 5911) Released 25 January 2017

1. Fix: WinGate Management: Fixed display issue with categories containing special characters

2. Fix: DHCP: fix issue where client changing networks requests old IP was given it instead of rejected.

3. Fix: Localization: Fixed a problem on Windows 7 with WinGate localization causing WinGate management to fail to start.

4. Change: TLS client certs: setting to request a client cert now requires it

5. Chenge: Telemetry: Various fixes, and added start timestamp to record duration covered by report


Version 9.0.2 (Build 5909) Released 13 January 2017

This is another maintenance release, fixing bugs reported by the Application Experience feature in WinGate 9.

1. Fix: WinGate Management: Fixed crash when creating a new service if the dialog OK button is clicked prior to the service showing in the dialog

2. Fix: Activation: fix crash where user deactivates a license where the product is not loaded (e.g. old PureSight license)

3. Fix: Installer: check for existence of KB2533623 on Windows 7, this is required for WinGate to load modules (normally installed by Windows update)

4. Fix: WinGate Updates: Fixed notification of new updates, now always notify on new updates.

5. Fix: Minidump generation: Fixed an problem relating to generation of minidumps without exception information.

6. Fix: Application Experience: Fixed an issue where in some cases install instance ID not available


Version 9.0.1 (Build 5906) Released 29 December 2016

This is an early maintenance release, fixing bugs reported by the Application Experience feature in WinGate 9.

1. Fix: WinGate Engine: Fixed engine crash when WinGate Management connects where there are no packages installed (can happen if you delete packages registry key after installing WinGate).

2. Fix: WinGate Management: fix crash where user hits F1 key on login, or language setting dialog box if they had previously connected to WinGate

3. Fix: DNS server: Fix crash on race condition if sessions were set to time out too short. Now timeouts aren't set in the proxy (they are a function of the DNS client).

4. Fix: WinGate Engine: Fixed crash in some cases in checking for changes to the system route table

5. Fix: Updates: Fixed an occasional crash where a status for a product is updated.


Version 9.0.0 (Build 5902) Released 20 December 2016

Platform-related

1. New: moved to native 64 bit only, dropped support for 32 bit windows.

2. New: no longer support XP or 2003 server, minimum recommended OS is Windows 7 x64 / 2008 R2 server.

3. Change: moved build environment to Visual Studio 2015, which requires deployment of VS2015 runtime.

Performance-related

4. Change: HTTP Proxy: streamlined parsing for improved parsing performance and reduced memory heap access

5. Change: HTTP Proxy: increased buffer size to reduce number of system calls

6. Change: HTTP Proxy: streamlined buffer manager to use fewer allocations and reduce contention around buffer pool

7. Change: HTTP Proxy: streamlined code path for serving files to reduce parsing workload.

8. Change: HTTP Cache: various performance improvements

9. Change: Events: various optimizations to event processing, including reduction of lock contention on processing events

10. Change: Network IO: moved to overlapped sending to reduce system calls when sending data

11. Change: Service: use IO completion ports to accept connections

12. Change: Performance: Improved pattern matching algorithm performance, affects data list lookups.

13. Change: Performance: improved performance of unicode <> UTF-8/ANSI conversion which is in widespread use throughout WinGate

14. Change: Locking: improve lock acquisition cost improves performance overall.

15. Change: String formatting: improved string formatting code to reduce memory allocations

16. Change: String encoding: improved speed of various string encoding functions.

17. Change: Performance: Various other changes to reduce memory heap access and copies.

18. Change: Data: reduced contention / locking around counters to improve performance of monitored data.

19. Change: TCP Mapping proxy: increased throughput performance of proxy

20. Change: SMTP delivery: increased send buffer size for improved delivery performance

21. Change: Timeline: various performance improvements to reduce load of large timeline databases.

Web-related

22. New: HTTP Proxy: Now supports SNI on incoming connections. Useful for supporting multiple reverse proxy sites with different certificates.

23. New: HTTP Proxy: Now inspects initial packet checking for TLS record and SNI. This supports SNI for intercepted connections, and also allows https for diverted connections to the proxy (sometimes called SSL peek and bump).

24. New: Cache: Now supports caching partial responses. <> 25: Change: HTTP Proxy: numerous performance improvements as above

26. Change: HTTP Proxy: Now allow explicit control over whether to allow GET / HEAD requests to contain a message body.

27. Fix: Cache: better error reporting on cache volume problems (part of adding support for Ramdisk cache)

28. Fix: Web Access Rules: fix web access rule creation wizard navigation

Miscellaneous

29. New: SIP Proxy: allows you to track calls in timeline, and block calls made using SIP phones.

30. New: TCP Mapping: Added controls over TCP keepalive settings for client and server-side connections

31. New: WinGate Management: Added filtering of activity view. Can now set lists of IPs to display or hide traffic from.

32. New: Application Experience: Now collects information about usage of WinGate in order to assist us to prioritise features for development.

33. New: Application Experience: Automatically uploads any crash dump / minidump files and information to our servers for analysis and bug-fixing.

34. New: Logging: new log migration wizard allows moving log folders.

35. New: SQL statement: item can now copy database record field data from results into event data for use in event handlers

36. New: SQL statement: item can now be added directly onto event processing

37. New: SQL statement: policy item can now check whether rows were affected in INSERT/UPDATE/DELETE queries

38. New: Policy: Send Email item can now attach a file

39. New: Policy: New Log Entry item, can log to current service log file from within policy or event (pro or enterprise only)

40. New: Scheduler: added option to randomize the minutes value for when the event will next run. Used for update checker, IP to country updates (on new installs). Useful for load spreading of access to remote servers.

41. New: Config Utility: added -nomap option to allow exporting unmapped file paths

42. New: IPtoCountry: added logging and use of notifications to log update issues.

43. New: IPtoCountry: added IpToCountry as a globally accessible object from script, added "CountryForIp" function.

44> New: POP3 Server: Added SessionComplete event to POP3 server. Now can see how many messages remain in a folder and/or were deleted after a POP3 client disconnects

45. Change: WinGate Management: WinGate management connection no longer inherits credentials from any previous-established cached credentials for the IP it connects from.

46. Change: WinGate Management: Additional logging around login / logout and auth failure.

47. Change: WinGate Management: migrated to new version of Codejock user interface library.

48. Change: WinGate Management: User interface tweaks, to make tabs and quick access buttons more visible, and to distinguish it visually from WG8

49. Change: Notifications Panel: Can now close out multiple incidents at once

50. Change: Email: Mail file processing now binary safe. There was a problem with some embedded non-ASCII-based character sets being corrupted.

51. Change: Logging: session creation and termination is now logged at info level instead of debug.

51. Change: Resources Panel: removed the resources panel for various reasons, mainly due to performance cost, and lack of utility. At least we're honest.

53. Change: OpenSSL: updated to version 1.0.2j

54. Change: Scilexer: new scilexer for context-highlighting of code (script) windows.

55. Change: Licensing: Changed the way WinGate notifies the user about accessing license-restricted features in trial mode to reduce confusion about the purpose of the notification.

56. Change: Installer: migrate mail spool, web admin, certs, resources, custom responses folders to ProgramData

57. Fix: Authentication: some cases where auth failed were not being properly reported / auth failed event processed.

58. Fix: IpToCountry: better file validation of downloaded files.

59. Fix: Various: numerous other fixes.


Version 8.5.9 (Build 4883) Released 16 May 2016

1. Fix: Socket notifications: performance improvement from fixed callback window creation.

2. Fix: WinGate Engine: Fixed memory leak in thread naming if policy is used to terminate connections from within ClientConnect event

3. Fix: Reverse Proxy: Fixed memory leak relating to extension to EXE mappings when web serving.

4. Fix: Email Panel: Fixed crash relating to tooltip.

5. Fix: JScript Item: Fixed bug relating to strings from schema objects being treated as booleans when compared.

6. Fix: JScript Item: Fixed bug in less than and greater than operators

7. Change: Pattern Matching: Performance improvement in pattern matching, affects data list content checking.

8. Change: WWW Proxy: now recognises the relatively new PATCH command (so doesn't block it by default)


Version 8.5.8 (Build 4881) Released 23 April 2016

1. Fix: Proxy: Serious load problem with many connections to proxy (log entry shows exception in TCPSession::InitInstance) caused by issue in MFC introduced in 8.4.0 (#22).

2. Fix: Web Activity: Parallelized callout to web classifiers (such as manual classifier) which were being serialized, causing performance bottleneck if classification is too expenive (e.g. very large lists of wild-card entries).

3. Fix: Remote Control: Problem with communications from WinGate Management becoming overloaded and unresponsive if too many packets being sent in the other direction. Could cause settings from WinGate Management to not be applied for example when loading large numbers of timeline records.

4. New: Data Lists: Added RemoveAll and ExportToFile functions to List object schema.


Version 8.5.7 (Build 4879) Released 6 April 2016

1. Fix: Installer: Problem with SHA256 signatures on installer prevented signature validation on XP

2. Fix: Installer: Setupfactory extension RegistryEx.lmd not loading on XP due to missing dependency

3. Change: Installer: Now uses dual signatures on installers to support new requirements for SHA256 and retain previous SHA1 support.


Version 8.5.6 (Build 4877) Released 29 March 2016

1. Fix: DNS Client: Memory leak when DNS requests cancelled prior to completion.

2. Fix: FTP Proxy: Problem logging some non-UTF-8 filenames etc in debug logging.

3. Fix: FTP Proxy: Problem with some UTF-8 filenames being corrupted, preventing download or change directory.

4. Fix: FTP Proxy: Fixed logging of multi-line responses such as FEAT responses.

5. Fix: Timeline: not showing name for Web Activity option on settings > general tab

6. Fix: File-based Data lists: file reading issue when final line not new-line terminated

7. Change: HTTPS inspection: Can now inspect on non-standard ports (use policy if you want finer control)

8. Change: Timeline: Manifest no longer dependent on SQLite ODBC driver file (which is no longer installed to packages folder)

9. Change: Installer: Check CRC on existing driver binary and skip driver upgrade if the binary is the same. Saves a reboot and interface cycling.

10. Change: Installer: Now restart WinGate service (if installer stopped it) and Engine Monitor (in all cases) where reboot is not required.

11. Change: Installer: Installer now signed using SHA256 hash algorithm.


Version 8.5.5 (Build 4858) Released 28 January 2016

1. Fix: DNS Client: Fixed case-sensitivity bug in hosts file entries

2. Fix: DNS Client: hosts file now supports multiple names per line, and multiple addresses per name.

3. Fix: Service Editing: Fix ignored ESC key in editing service when description field is selected.

4. New: DNS client: Add support for adding domain suffix to unqualified requests.

5. New: Active Directory: Result filtering can now select Organization Units as well as domains.

6. New: Upstream connections: proxies can now connect upstream using SOCKS4a, thereby avoiding DNS lookups.


Version 8.5.4 (Build 4852) Released 17 November 2015

1. Fix: WWW Proxy: Fixed issue with stripping of empty Basic auth request header.

2. Fix: TLS: Fix issue with superfluous initialisation of TLS algorithms when generating certificates

3. Fix: Events: Fix problem with editing event processors from events panel - was blocking communications with engine.

4. Fix: Schema: Fix schema / script-based access to Session.ServerIp, broken in 8.5.0

5. Fix: Schema: Fix parameter checking in various built-in functions which could crash WinGate if function called incorrectly.

6. Fix: FTP Proxy: Fix broken PORT command parsing, broken in version 8.5.2

8. New: WinGate Users and Groups: can now change own password via Web Admin service.


Version 8.5.3 (Build 4846) Released 13 October 2015

1. Fix: WWW Proxy: Fixed broken (in 8.5.0) authentication for server requests / reverse proxy / intercepted connections where the proxy is doing the authentication.


Version 8.5.2 (Build 4845) Released 9 October 2015

1. Fix: WinGate: Crash on startup of WinGate service if plugins were not upgraded as well. Now shows error and doesn't load module.

2. Fix: HTTP Cache: Crash in serving cached files if stored response headers > 16kB

3. Fix: FTP Proxy: Problem with non-ANSI / non-UTF-8 character set used in file names.

4. Fix: Web Access Rules: Crash in WinGate Management when double-clicking report header in "What" pane when editing a rule if no entry selected.

5. Fix: Policy: fix colour for text for policies which are enabled, but not attached to any event. Was showing as greyed.

6. Change: WWW proxy: now ignore and strip (instead of failing auth on) Proxy-Authorization headers which contain empty Basic credentials, which are sent by some non-compliant clients on all requests

7. Change: Plugin interface: changed SDK version relating to fix #1 above.


Version 8.5.1 (Build 4840) Released 25 September 2015

1. Fix: Installer: Problem installing WinGate network driver on Windows 10 introduced in 8.4.1 due to change in installer version.

2. Fix: Services: Fixed socket creation problem on XP, Vista and Windows 7 pre SP1 introduced in 8.5.0.


Version 8.5.0 (Build 4837) Released 24 September 2015

1. Fix: Installer: Problem installing VS2010 runtime and WinGate network driver on Windows 10 introduced in 8.4.1 due to change in installer version.

2. Fix: WWW Proxy: Fixed socket handle leak if connection to server failed but client connection re-used.

3. Fix: WWW Proxy: Fixed validation of Expects header

4. Fix: WinGate Management: Improved startup time

5. Fix: SMTP Server: issue deleting SMTP service

6. Fix: WinGate engine: issue stopping WinGate.

7. Fix: Policy: Fixed case-sensitivity issue when attaching policies to events if the event source name changed case.

8. Fix: Policy: Fixed deadlock in flow-chart policy UI.

9. Fix: Web Access Control: Fixed issue when you create and rename a new block page it would set the new content to the initial name of the block page not the new one.

10. Fix: JScript: several fixes and performance improvement in JScript policy item and event handler

11. Fix: Updater: Manifest update installer to run elevated since it needs to stop and start services even when run from WinGate Management in non-elevated login.

12. Fix: Proxy auth settings: when AD UDB provider fails to initialise on first try, IMAP, POP3, SMTP services and WWW proxy would not get list of available auth methods.

13. Fix: Service: Prevent creation of services whose names differ only by case.

14. Add: WWW Proxy: added support for custom error response pages (in WinGate\HTTPCustomResponses folder).

15. Add: Services: services attempt connections to all IP addresses for a hostname instead of just the first (this can also provide failover for reverse proxying).

16. Add: Bindings: added TLS minimum version setting for Binding policies

17. Add: Remote Control: Added Login event to Remote Control Service

18. Add: TLS: Added explicit control for minimum TLS version (SSLv3, TLS 1.0, TLS 1.1 or TLS 1.2) for bindings and outbound connections.

19. Add: TLS: Added support for ECDHE encryption to TLS, so browsers connecting to TLS-secured WinGate services no longer report obsolete encryption

20. Add: Schema: Added string member functions to base class for strings (Text).

21. Add: Resource Tracking: added support for tracking memory use (disabled by default)

22. Change: Web Access Rules: Don't block SSL tunnel creation if using https inspection, instead block tunnelled https requests. This allows display of block pages for https if using https inspection.

23. Change: WinGate engine: remove dependency on RasDlg.dll

24. Change: Packages: Various changes to packaging system.

25. Change: TLS: Deprecated support for SSLv2 connections.

26. Change: IPtoCountry: now retrieves registrar files by HTTP instead of FTP.

27. Change: IpToCountry: improved parsing to minimise memory heap access.

28. Change: MACInfo: improved parsing to minimise memory heap access.

29. Change: Unicode: Removed double buffering in unicode to ANSI conversion to improve performance

30. Change: WWW Proxy: improved memory performance of http header processing

31. Change: Services Panel: use colour to highlight problem conditions and stopped services

32. Change: WinGate API: incremented API version due to changes in Logging, Services, and Events APIs.

33. Change: Driver: Installer now sets driver max buffers setting to 4096 if it was less.


Version 8.4.2 (Build 4814) Released 23 July 2015

1. Fix: IMAP: case-sensitivity bug in SEARCH tokens introduced in 8.4


Version 8.4.1 (Build 4813) Released 21 July 2015

1. Fix: SSL / TLS: Increase timeout for SSL/TLS handshake to cover for slow clients and certificate revokation checks.

2. Fix: Localization: Was not loading localized strings for package modules

3. Fix: Installer: Problem setting permissions on ProgramData\Qbik folder could take too long if the HTTP cache volume was in there. Problem introduced in 8.4

4. Fix: WinGate Updates: crash in WinGateUpdates.exe relating to logging settings in registry

5. Change: Installer: Updated to SetupFactory 9.5


Version 8.4.0 (Build 4807) Released 15 July 2015

1. Fix: Credential Rules: Problem looking up rules if there were mixed rules in the set (match on IP vs Computername etc) meant some rules would stop working

2. Fix: Certificates: Problem importing certificates from pfx or PEM which contain a certificate chain.

3. Fix: Certificates: Problem with certificate generation (lack of keyUsage attribute) preventing recent versions of Firefox from accepting signer certificate in HTTPS inspection

4. Fix: Installer: Set permissions on program data folder to allow non-elevated users of WinGate Management to synchronise modules with a remote WinGate engine

5. Fix: TLS/SSL: Enforce timeouts during TLS negotiation.

6. Fix: HTTP Caching: Fix logging

7. Fix: Config utility: manifest application to require elevation so it can write to necessary registry locations.

8. Fix: IMAP server: improper quoting in mailbox name in untagged STATUS response caused some mail clients to view some folders as empty

9. Fix: IMAP server: was incorrectly setting \Seen flag on a message when UID FETCH also asked for UID in response data.

10. Fix: IMAP server: incorrect handling of nested OR search specifications which didn't use parentheses

11. Fix: IMAP server: RENAME on folder which has child folders was not adjusting path of child folders or their subscriptions

12. Fix: Licensing: Crash bug activating a license for a product that was not loaded / installed.

13. Add: WinGate Login: Now deploy WinGate Login client (QbikAuth.exe) to utilities folder, can use this to log into WinGate Remote Control Service.

14. Add: Remote Control: Added feature for what to do to credentials upon WinGate Login client disconnecting.

15. Add: WinGate Updates: Added minidump generation to WinGateUpdates.exe to generate debug information if it crashes.

16. Add: IMAP server: Added support for SORT and ESORT extensions (including DisplayFrom and DisplayTo sort extensions)

17. Add: IMAP server: Added support for XLIST extension

18. Add: IMAP server: Added support for METADATA extension including /private/specialuse to set special use attributes on a folder

19. Add: IMAP server: Added support for CREATE-SPECIAL-USE extension to enable setting of folder use on creation as per RFC 6154

20. Add: IMAP Server: report folder special use on LIST command response as per RFC 6154

21. Change: Remote Control: added support to distinguish WinGate Management from WinGate Login client.

22. Change: Socket notifications: Internal change to improve performance of notifications on socket connections

23. Change: WWW Proxy: Add support for pass-through authentication to upstream proxy

24. Change: OpenSSL: update OpenSSL library to latest version (1.0.2a)

25. Change: SSL/TLS: support session resumption for client peers with TLS tickets (TLS-based services only)

26. Change: ZLib: update ZLib library to latest version (1.2.8)

27. Change: SDK: several changes to WinGate SDK/API

28. Change: Licensing: Added support for SDK licensing.

29. Change: Activity: Changed layout of machine properties dialog to allow copy to clipboard.

30. Change: Certificates: changes to certification generation wizard, can now set basicConstraints, and keyUsage attributes on generation. Encryption of private key now mandatory.

31. Change: IMAP Server: now automatically subscribe to new folders. This allows folders created by clients which do not use subscriptions to be visible to clients that do.


Version 8.3.4 (Build 4786) Released 19 May 2015

1. Fix: WWW Proxy: Problem with some requests being hung relating to Web Access Control blocking of requests.

2. Fix: Credential rules: Prevent service starting prior to credential rule loading, was causing some rules to not apply on startup.

3. Added: WinGate Management: added option to control whether to navigate to the last location on new connection to a server or not.


Version 8.3.3 (Build 4784) Released 7 May 2015

1. Fix: WWW Proxy: residual problem suppressing count of intermediate auth challenge handshake requests for session request limiting

2. Fix: WWW Proxy: When operating as a reverse proxy filters were being notified twice on receipt of request. This for example would result in double evaluation of web access rules

3. Fix: Help File: was not launching help file on F1 or help links. Problem introduced in version 8.2.2

4. Fix: Credential rules: Was not re-evaluating credential rules when a machine was reactivated. This could cause assumed users credentials to stop working.

5. Fix: MAC Info: problem parsing new OUI file format meant no records.

6. Change: DNS Client: Added information about the query in log warnings about server responses to assist in identifying upstream DNS issues.

7. Change: HTTPS Inspection: added support for SNI extension fixes problems with multi-hosted SSL sites using different certs based on server name indication.

8. Change: Certificates: changed signing algorithm to SHA256

9. Change: WWW Session Schema: Added access to LimitRequestsPerConnection and MaxRequestsPerConnection so these can be set in policy.


Version 8.3.2 (Build 4773) Released 8 April 2015

1. Fix: Logging: not persisting changes to logged fields in W3C usage logging introduced in 8.3.0

2. Fix: Policy: Bug introduced in 8.3.0: crash in WinGate management when closing the call policy item in a flow-chart policy

3. Fix: Dashboard: Bug introduced in 8.3.0: WinGate Management would become unresponsive if you delete a dashboard item.

4. Fix: HTTP Filters: occasional crash when a filter returns its own content to a request (e.g. block pages etc)

5. Fix: Web Access Control Rules: crash when dragging and dropping rules if you drop one below default rule

6. Fix: Web Access Control Rules: UI glitch when adding category or site to a rule would not show until dialog was reopened.

7. Fix: Web Access Control Rules: no longer do implicit auth (if user unknown and not matching) on re-authentication rules, only explicit (where it matches the Who tab).

8. Fix: Web Access Control Rules: fixed hit count on auth rules.

9. Fix: Schema script: crash when trying to use uninitialised variables as a result in some scripts or policy items.

10. Fix: Email UI: crash in WinGate Management caused by race condition between creation of email panel, and unsolicited queue updates

11. Fix: WinGate users and groups: NTLM 1 byte buffer overrun problem when logging at debug level

12. Change: Web Access Rules: Performance improvements to rule evaluation.

13. Change: Web Access Rules: Added performance tracking (time spent in each rule for hit and miss cases) so cost of a rule becomes visible.

14. Change: WWW Proxy: Diagnostic Logging now logs requests associated with auth handshaking.

15. Change: WWW Proxy: no longer count intermediate auth challenge handshake requests for session request limiting (limiting to 1 would break NTLM).

16. Change: Notifications: Added Last Change column to notifications panel, changed the way UI updates are handled.


Version 8.3.1 (Build 4769) Released 12 March 2015

1. Fix: SSL: Problem with changed start order of modules revealed a problem with initialisation of OpenSSL that could cause mail delivery to fail when using STARTTLS

2. Fix: POP3 Collection: Fixed issue causing problems connecting to pop3s servers on upgrade.

3. Fix: POP3 Collection: Was not honouring setting for SSL/TLS version in the case of STLS-negotiated SSL/TLS layer

4. Fix: SMTP Delivery: Was not honouring setting for SSL/TLS version in the case of STARTTLS-negotiated SSL/TLS layer

5. Fix: Uninstaller: would hang forever waiting for WinGate service to stop on a WinGate Management only installation

6. Change: Certificate Importing: Prevent importing certificates that do not have a private key.

7. Change: SSL/TLS: Added logging for diagnosing issues with SSL/TLS negotiation and certificates


Version 8.3.0 (Build 4764) Released 5 March 2015

1. Fix: DHCP: Fixed issue where permissions were not registered if User Database started late (e.g AD server not available on WinGate start), so DHCP panel not displayed.

2. Fix: User database: Fixed issue where permissions were not registered if User Database started late (e.g AD server not available on WinGate start), so Users and Groups panel not displayed.

3. Fix: Web Proxy: Fixed occasional buffer leak

4. Fix: Logging: Fixed crash in output buffering when writing very large fields

5. Fix: VPN: Fixed crash when using User object in event handler for VPN connection event.

6. Fix: IMAP: Fixed issue when command contains empty string literal.

7. Fix: Config utility: Problem with utility reporting that WinGate was not installed.

8. Fix: VPN: problem exporting and importing VPN config files. Was reported fixed in 8.0.2, but still had an issue on some OSes.

9. Fix: Policy: fixed a parse error in a default (sample) policy

10. Fix: Engine: Fix issue preventing windows from reporting correct windows version on Windows 8.1 and Windows 10

11. Fix: SSL: now loads entire chain of certificates (if included) from certificate PEM files

12. Fix: IP to Country: update to new format and URLs for access to IP assignment record data.

13. Fix: IMAP: Crash if length information in index file different to file length on disk.

14. Fix: File Copying: deprecated OS CopyFile calls as they are not reliable on 2k12. Now copy file by reading and writing file content. Affects mainly mail (local delivery and mailbox moving).

15. Fix: Mailboxes: bug with tooltips when working with more than 1 mail volume would hang WinGate Management.

16. Fix: Mailboxes: fixed issue where merging mailboxes would fail if a source file did not exist (now skips).

17. Fix: Web Admin: Fixed issue preventing Email tab from displaying

18. Fix: HTTP Cache: Couldn't save rule with only "do not cache" option selected

19. Fix: Web Access Control: Checkbox values in "what" tab of rule were not honoured (always checked).

20. Fix: Users and Groups: Allow access in event processing to Full Name, and Account Name of User object, when authenticated user is a domain computer account.

21. Fix: WinGate Update: issues relating to certificate revocation check failing which prevented update checks.

22. Fix: DHCP Panel: fixed occasional crash when updating lease information

23. Fix: Manual Classifier: improved speed of lookups.

24. Fix: POP3 Proxy and SMTP receiver: buffer overwrite problem when receiving large buffers from client.

25. Fix: Timeline: Crash when changing timeline settings if Database failed to initialise

26. Added: SSL/TLS: can now specify allowable SSL/TLS versions for back-end connections in reverse proxy, and/or client connections (mail delivery and POP3 collection).

27. Change: Mailboxes: now show number of folders and messages in mailbox panel

28. Change: SDK: changed interface registration to auto-binding

29. Change: Permissions: Added default administrative group to root object so that by default administrators can see everything regardless of who created it (e.g. policies/dashboards etc).

30. Change: Permissions: Added proper display handling for checking / unchecking full control option.

31. Change: IMAP: performance improvements in mailbox indices particularly for network-based mail volumes. Greatly speeds up expunges (mail filtering).

32. Change: Policy: Expression evaluator item dialog now resizable and uses larger courier font to assist editing script.


Version 8.2.5 (Build 4733) Released 5 September 2014

1. Fix: Permissions: Fixed issue which prevented display of permissions panel in WinGate Management, introduced in 8.2.2.

2. Fix: User database: memory leak relating to user objects.

3. Fix: Settings utility: incorrectly reported that WinGate was not installed

4. Fix: SQLite ODBC driver: fixed issue with converting floating point numbers using current locale.

5. Change: User database: changed indexing for object handles to make it safe to test for handle validity.


Version 8.2.4 (Build 4727) Released 26 August 2014

1. Fix: Manual Classifier: Fixed issue where button didn't work selecting categories, introduced in 8.2.2.

2. New: WinGate Management: Added option to enable/disable reverse DNS lookups when clients connect to WinGate.


Version 8.2.3 (Build 4725) Released 25 August 2014

1. Fix: WinGate Management: Fixed license checking issue affecting access to Some policy items (DNS decision and connection control), and Command Shell introduced in 8.2.2.


Version 8.2.2 (Build 4724) Released 25 August 2014

1. Fix: WinGate Management: Fixed issue where AD user database starts late (AD controller not available when WinGate starts). Some panels were not showing properly in WinGate Management, and didn't have permissions registered properly.

2. Fix: WinGate: Fixed another issue relating to late start of AD user database - machines started with no credentials (not even unknown) will now disappear immediately when all traffic is disconnected. Also will keep trying to update credentials until the AD provider has started.

3. Fix: Web Access Control: Display of option for where column was incorrectly showing All IPs except even when the logic was for specified IPs.

4. Change: FTP proxy: now binds to same interface as control connection is on when making data connections. Allows for case when multiple IPs on an interface.

5. Fix: WinGate Installer: properly sets file attributes on HTML block pages.

6. Fix: WinGate: fixed problem when stopping WinGate service while Kaspersky AV was starting up.

7. Fix: Policy: Fixed problem with drag and drop incorrectly moving rather than copying items between WinGate Management instances or different policies.

8. Fix: HTTP Cache: fixed problem cleaning up folders in deleted volumes.

9. Fix: Web Access Control: fixed problem with remembering selection of block page.

10. Fix: Web Access Control: fixed problem where default block page was installed read only.

11. Fix: VPN: fixed problem where exporting a VPN config file could cause WinGate Management to crash.

12. Fix: Update Checking: prevent proxy auto-detect for update checking when specified to not use a proxy.

13. Change: Licensing: added developer mode flag option to licenses to support people developing plugins using WinGate SDK

14. New: Sessions: Added GetData and SetData schema so event handlers / policy can store and retrieve user data between events, and log it in usage logging.

15. New: TCP Mappings: Added filtering interface


Version 8.2.1 (Build 4711) Released 28 April 2014

1. Fix: Logging: crash when logging some strings containing mixed ANSI and unicode strings, e.g. embedded Japanese.

2. Fix: Logging: fix timer-based flushing of outstanding buffered log data.

3. Fix: FTP proxy: FTP commands are now treated correctly as case-insensitive.


Version 8.2.0 (Build 4707) Released 23 April 2014

1. Fix: WinGate Management: crash when closing WinGate management during failed connection attempt

2. Change: Web Access Rules: can now drag / drop to re-order web access rules

3. Change: Web Access Rules: can now specify a block page per rule

4. Change: Web Access Rules: block pages now stored under AppData folder instead of under Program Files

5. Change: Web Access Rules: now uses combo box to choose between All, All below, or all except below in each of "Who", "where" and "What" tabs

6. Change: Web Access Rules: "where" and "what" can now check against global data lists

7. Change: DNS: new strategy when dealing with SRVFAIL results from DNS servers. Now tries one other server if there is one.

8. Change: Mail delivery: new special case handling for SRVFAIL responses to MX lookups, now fails over to A record processing.

9. Change: Logging: Major performance improvements to logging, including reduction in data conversion, double-buffering, and file IO.

10. Change: Logging: Added feature to allow buffering of log data before writing it to disk to further reduce file IO. Greatly improves performance of logging to a SAN

11. Change: Logging: Added data counters to track lines logged and bytes logged.

12. Change: Module loading: changed package manager logging to log module load failures

13. Change: Module loading: explicitly report version problems with packages in UI

14. Change: Module loading: overhauled synching dialog. Now wraps text, shows errors more clearly.

15. Change: BGP Service: Added BGP server. This should be considered experimental.

16. Change: Framework: updated to Codejock v 16.3.1 UI framework


Version 8.1.0 (Build 4655) Released 28 February 2014

1. Fix: POP3 Server: debug logging of POP3 commands could cause crash if command contained certain characters.

2. Fix: WWW proxy: issue with reverse proxy checking for path exploits effectively blocking access to back-end URLs containing certain character sequences

3. Fix: AD User Database: crash problem when authing to accounts where AD object is missing required fields. Now logs missing fields and fails auth.

4. Fix: Timeline: Deadlock could occur in some cases when multiple WinGate Management accessing Timeline using MDB or Database concurrency set to 1.

5. Fix: Manual classifier: was not honoring permission for modification of manual classifications.

6. Fix: SMTP Delivery: occasional crash due to race condition when timing out SMTP delivery sessions.

7. Fix: Web Admin: occasional crash when accessing email tab when using AD user database

8. Change: Timeline: changed default database to SQLite from MDB. MDB just not up to the task for medium - large sites.

9. Change: Web Activity: rules can now specify which proxies the rule applies to

10. Change: HTTP Cache: rules can now specify which proxies the rule applies to

11. Change: Dashboards: no longer limit number of dashboards by license.

12. Change: import/export utility: can now import configuration from command line.

13. Change: Data lists: selection dialog now shows current selection

14. Change: Code Signing Cert: new (updated) Qbik Code Signing cert used for WinGate modules.


Version 8.0.5 (Build 4634) Released 5 December 2013

1. Fix: HTTP proxy: malformed request reported when POST request challenged for authentication.

2. Fix: DNS client: crash relating to timing out delegated requests

3. Fix: Timeline: was not showing all activity blocks in some cases.


Version 8.0.4 (Build 4629) Released 4 November 2013

1. Fix: HTTP proxy: problem with tunneled requests (https) when processing pended data on closing connection.

2. Fix: Web Activity: fixed crash when trying to log database initialisation failure

3. Fix: Notifications: fixed WinGate Management crash when notifications occur with notifications panel not visible.

4. Fix: Timeline: Fix issue where UI would not update value of "enable activity tracking" properly

5. Change: Data monitoring: Added option to reset derived values

6. New: Configuration utility: Added utility to export / import configuration (handles 32/64 bit issues as well).


Version 8.0.3 (Build 4625) Released 18 October 2013

1. Fix: Mail delivery: problem with retrying if mail rejected temporarily after DATA command

2. Fix: Mail delivery: problem with bounce messages.

3. Fix: POP3 Server: buffer overflow vulnerability fixed.

4. Fix: SMTP Client: Fixed crash which occured if session was timed out whilst negotiating SSL connection with STARTTLS.

5. Fix: HTTP proxy: problem with SSL inspection if connecting through upstream proxy

6. Fix: DNS client: fixed problem for delegate requests to different domains.

7. Fix: Activity Screen: crash when right-clicking user icon on multiple user machine.

8. Change: Licensing: connections to SMTP server no longer consume a license

9. Change: Schema: Added InRange member function to IP Address object


Version 8.0.2 (Build 4614) Released 23 September 2013

1. Fix: WWW proxy: problem with chunked POST requests.

2. Fix: WWW proxy: problem with FTP URLs.

3. Fix: POP3 Proxy: crash problem when using Kaspersky AV for WinGate and client issues STLS command.

4. Fix: Updates Installer: Fixed issue with improper handling of silent installs in some upgrade scenarios

5. Fix: WINS service: crash when parsing NetBIOS broadcast packets containing no IP address records

6. Fix: SMTP Client and POP3 client: issue when talking to older servers that don't support TLS

7. Fix: VPN: problem exporting and importing VPN config files

8. Fix: Notifications: memory leak when closing an incident that wasn't currently open.

9. Fix: Dashboards: dialog resize bug in dialog for choosing data source for dashboard items.


Version 8.0.1 (Build 4608) Released 20 August 2013

1. Fix: HTTPS inspection: Crash when signer certificate created without encrypted private key

2. Fix: HTTPS inspection: Problem selecting correct signing certificate (due to sorting in combo box).

3. Fix: Timeline: Problem initialising timeline for some versions of MySQL ODBC driver

4. Fix: Timeline: Problem saving new config if database not initialised.

5. Fix: Timeline: problem in user interface causing WinGate Management to crash on exit.

6. Fix: FTP Proxy: Debug logging problem with server responses

7. Fix: Updates Installer: Updated to fixed WinGate 8 installer.


Version 8.0.0 (Build 4601) 31 July 2013

Web-related

1. New: HTTPS inspection support added (Enterprise licenses only)

2. New: HTTP cache: now uses in-memory / file-backed indexes - no more SQL. Result is much faster cache.

3. New: Web Access Control: added rule result of "re-authenticate". This can be used to force change of user.

4. New: Web Access control: added option to track different categories for same site separately or not

5. New: can now intercept port 443 to proxy (normal non-https binding). If SSL inspection is enabled, it can be inspected, else it is tunneled.

6. New: now reads mime types for file extensions from OS when serving.

7. Change: buffer handling, removing double-buffering resulting in much improved throughput

8. Change: now maintains connection to upstream proxy for SOCKS as well as Tunneled upstream connections.

9. Change: usage logs time taken now in milliseconds

10. Change: added option to disconnect in reject policy response

11. Fix: fixed issue with occasional site hangs, and broken images

12. Fix: Web serving: fixed problem improperly blocking URLs containing ':' character - affects reverse proxy as well.

13. Fix: Web proxy: X-Forwarded-For was not being added for upstream connections via proxy, even if selected

14. New: Web proxy: Added support for adding X-Forwarded-For for reverse proxy requests

Email services

15. New: Added support for client certificates and SASL EXTERNAL auth mechanism throughout services and clients.

16, New: Added support to check user database for incoming email addresses to see whether to accept mail or not. Allows integration with Active directory email addresses.

17. New: SMTP Delivery: can now override FQDN in known server

18. New: pushes a notification if a mailbox is over quota when delivering or accepting mail.

19. New: can now install multiple SMTP servers.

20. New: SMTP Server: Added option to require authentication.

21. New: SMTP Server: Added option to override default FQDN

22. Change: Now Checks volume access, writability etc etc. Useful for network shared volumes

23. Change: can now create volumes regardless of license. Whether you can use anything other than default volume is a matter of license. This allows you to create a new volume to migrate to without having an enterprise license.

24. Change: now checks storage type of mail volumes disallowing invalid media, such as CDROM or RAMDisk

25. Change: can now create a volume in a non-empty folder (which allows attaching a volume to a previous volume)

26. Change: SMTP Delivery: now supports MX which resolves to multiple A records.

27. Change: SMTP Server: extended schema of SMTP Session to allow setting of FQDN and whether to require auth in policy.

28. Change: SMTP delivery: no longer (invalidly) tries backup MX servers if a recipient is permanently rejected

29. Change: IMAP: now better handles temporarily unavailable mailboxes (e.g. those on network shares)

30. Fix: resolved some issues with migration of ORDB servers from WG6

31. Fix: fixed bug in POP3 Server when client using SSL / STLS in some cases session would hang

32: Fix: fixed bug in IMAP search when no search sequence specified.

33: Fix: Fixed bug saving mailbox settings.

Miscellaneous

34. New: TCP mapping proxy: supports client certificates on incoming and outbound connections

35. New: Certificates: can now import certificates from pfx file.

36. New: Certificates: WinGate-generated self-signed certs now add Basic constraints and subject Key ID, necessary for signing other certs.

37. New: Credential rules, now UI validates entering IP or MAC address - makes entering MAC addresses more lenient.

38. New: Activity: added expand / collapse all

39. New: Activity: pause activity updates now shuts off updates from server, thereby saving bandwidth.

40. New: WinGate NAT: Added Disconnect event

41. New: Notifications: added logging support. Now logs reports and events to file.

42. Change: changed development environment to MS Visual Studio 2010

43. Change: AD Connector: now control cache lifetime of objects retrieved from active directory. Objects will now be re-fetched after 1min, to reflect changes in account settings etc.

44. Change: AD Connector: now displays email address of users and groups.

45. Change: AD Connector: better handling if AD controller is unavailable when WinGate starts (reports errors to UI, retries initialisation).

46. Change: DNS Client: Can now specify order of servers.

47. Change: DNS Client: Changed deprecation strategy when servers unavailable, now just demote the server, rather than ceasing use of it altogether.

48. Change: Credential rules: Now check for conflicts when creating a new rule.

49: Change: SSL Support: updated OpenSSL to latest 0.9.8y version

50. Change: Post-mortem logging now uses DebugHelp.dll to create minidump files, rather than our old custom post mortem log files. These are also now generated always instead of off by default.

51. Change: Logging: changed log level for various informational events from debug to Info (e.g. proxy requests, and traffic). Means you no longer need to log all debug messages to get requests and traffic.

52. Change: Dashboards: now supports undo/redo and Save / Cancel for editing.

53. Change: Data lists: speed improvements to shared data list lookups used by Policy, and Manual classifier.

54. Fix: Credential rules, fixed locking issue on updating credential rules.

55. Fix: Timeline: now warns on MDB over size, and enforces auto-purging.

56. Fix: Timeline: now deals with temporary inaccessibility of database.

57. Fix: Data: fixed several locking issues

58. Fix: Engine startup: problem on some systems with disabled Ras Manager service where WinGate would crash on startup after reboot.

59. Fix: Lua Scripts: fixed issue when calling function with no parameters.

60. Fix: Policy: fixed problem with imported policies relating to 32 bit values imported as signed vs unsigned data.

61. Fix: AD UDB: issue where empty search results would return incorrect error to client code.

62. Fix: Web Activity: deadlock editing web access control rules while under load.

63. Fix: Timeline: fixed deadlock in timeline when using MDB and retrieving large datasets.

64. Fix: Network Driver: fixed deadlock when disabling / enabling USB-based adapters.


Version 7.3.1 (Build 3535) Released 16 May 2013

1. Change: Debugging: now generates minidump files for better analysis of top level exceptions.

2. Change: Updates: added support for hyperlinks to launch browser (e.g. for links to release notes)

3. Change: Installer: Now adds rule to windows firewall for WinGate service.

4. Fix: IMAP: Search without range or UID range specifier would fail

5. Fix: Dialer: Failure to start RasMan service in time could cause WinGate engine to crash on startup.

6. Fix: WWW proxy: problem downloading resources greater than 2GB

7. Fix: Logging: Support for logging 64bit values to usage logs, changed log types for HTTP download size, mail message size etc to 64 bit capable

8. Fix: HTTP Cache: problem relating to parsing of ETag could cause some server responses to not be correctly processed.

9. Fix: WinGate Management: Help panel should no longer require adding site to Internet Explorer trusted sites.

10. Fix: Data global lists: WinGate crash where lists linked to a file couldn't access the file


Version 7.3.0 (Build 3506) Released 7 March 2013

1. New: Reverse proxy: can now specify to make back-end connection with SSL and/or client certificate

2. New: in web serving sites matching host-names can now specify to match on SSL or not.

3. New: Service events: Added Binding object to events for TCP-based services (WWW, FTP, SMTP, POP3, IMAP, Remote Control etc). This allows setting local SSL settings per connection

4. New: server requests, reverse proxy etc can now make SSL connections, with client certificates. These settings can also be changed in policy per request.

5. New: Users and Groups. Now supports filtering by domain.

6. New: TCP mapping proxy, published more members for session object, to specify connection control, (e.g. client cert, use SSL, bypass proxy etc).

7. Change: Policy: policy flow-chart now shows icon of type of item in the worksheet.

8. Change: POP3 collection and SMTP delivery now avoid DNS lookup if connecting through upstream proxy that connects by servername.

9. Change: POP3 collection and SMTP delivery now support use of client certificates when connecting to a server

10. Change: Connections: moved processing of ClientConnect event prior to establishment of SSL, based on binding, so policy can override this (e.g. choose cert per client IP etc)

11. Change: Network connections: Added adapter ID to network adapter dialog in Network connections panel. Also ability to copy data to clipboard. This is useful so you can compare adapter ID with Binding member in policy.

12. Fix: Persistence: Fixed buffer overflow bug in persistence classes.

13. Fix: Notifications: Fixed deadlock in Notification component if logging fails due to access issues to log folder.

14. Fix: Scripting: LuaScript and JScript policy items now verify that the function prototype matches the event data. This was necessary due to addition of Binding object to event data.

15. Fix: fixed problem with reverse proxy for https sites where back-end connection was not SSL.

16. Fix: fixed occasional deadlock when using Kaspersky AntiVirus for WinGate

17. Fix: SSL Support: fixed issue closing SSL sockets.


Version 7.2.10 (Build 3486) Released 5 February 2013

1. Fix: WWW proxy. Now supports HTTP messages with content length > 4GB

2. Fix: WWW proxy. Improved performance of WWW proxy as a web server, no longer sends headers and response line in separate packet to initial payload.

3. Fix: TCP Mapping proxy. Fixed problem introduced in 7.2.9 where intercepted connections matched specific mappings, would cause connection to fail.

4. Fix: HTTP Cache. Fixed problem with improper removal of cache entries when a server re-uses same ETag for multiple resources.

5. Change: Browse for Folder dialog - usability improvements, can now select the folder you're viewing, rather than only sub-folders.

6. Change: Activity: Pausing activity updates now stops updates at source, thereby reducing load and bandwidth requirements.

7. Change: Activity: efficiency improvements when no WinGate Management is connected.


Version 7.2.9 (Build 3480) Released 11 January 2013

1. New: TCP Mapping proxy - now pushes an event on connection failure so you can notify / retry a failover server.

2. Fix: Data Lists - problem inserting new string items would cause WinGate Management crash.

3. Fix: Data items - problem with sample Restricted Sites list prevented editing.


Version 7.2.8 (Build 3467) Released 27 November 2012

1. New: DHCP, added WPAD option, so can do WPAD without enterprise license.

2. New: SOCKS server now supports SOCKS 4a.

3. Fix: POP3 proxy, issue with passwords containing % symbol

4. Fix: WWW Proxy: issue with lost buffered client data when tunneling FTP through WWW proxy.

5. Fix: Categories: issue with categories containing non-text characters (caused problems when trying to create web access rules with PureSight categories such as "Children's").

6. Fix: Schema script runtime, fixed parsing problem with certain script constructs.

7. Fix: WinGate Management, fixed issue relating to trying to update help pane topic when the help pane wasn't created.

8. Fix: Permissions, buffer alignment problem when storing and reading permissions objects to registry

9. Fix: WinGate Management, fixed lockup on services panel when changing service status


Version 7.2.7 (Build 3453) Released 16 August 2012

1. Fix: TCP/UDP mapping proxies. Broken storage of default mapping configuration introduced in 7.2.4


Version 7.2.6 (Build 3449) Released 2 August 2012

1. Fix: Log detail pane, was not scrolling to selected / searched item

2. Fix: User interface: problems related to new CodeJock UI framework, some property grid items would not notify on changed values - this affected settings in Dashboard, web server (in WWW proxy), and in Kaspersky AV scanning settings.

3. Fix: WinGate Update: issues relating to certificate revocation check failing which prevented update checks.


Version 7.2.5 (Build 3447) Released 31 July 2012

1. Fix: WinGate UDB, issue when host computer is renamed (causes Administrator to lose group membership and password)

2. Fix: WinGate Management: issue where WinGate management would crash if the WinGate service was disconnected while WinGate management had the tasks, navigation, or help panels undocked.

3. Fix: WinGate Management: issue where services panel would lock up on service control (start/stop). Issue was introduced by changes to UI framework DLL in 7.2.4.

4. Fix: Mail out of office reply, now honours X-Auto-Response-Suppress, which will prevent looping auto-replies to WinGate, Exchange server and other compliant servers.

5. Change: SMTPMessage object now has access to other headers than just to, from and subject in script.

6. Change: WinGate Management: added info column to services panel showing port numbers for services.


Version 7.2.4 (Build 3445) Released 26 July 2012

1. Fix: Service migration, several issues migrating TCP and UDP mapping services from WinGate 6.

2. Fix: Service migration, issues migrating binding information from pre WinGate 6 versions.

3. Fix: Licensing panel, issue with flashing red light not stopping when resolving certain license issues.

Note: You must also upgrade any plugins (with compatible version of the CodeJock user interface library).


Version 7.2.3 (Build 3441) Released 23 July 2012

1. Fix: DNS Client, under heavy load some DNS requests would never complete.

2. Fix: SOCKS fix to UDP associate where forwarded UDP buffers specify destination by name (rather than IP). Affected Bloomberg client.

3. Fix: Mail, issue where could not move mailbox from one volume to another where both volumes were on different local disks.

4. Fix: POP3 retrieval: crash on retrieval of some messages where received command response contained nagled message content.

5. Fix: HTTP: issue with policy access setting request header block.

6. Fix: HTTP Caching, fix to table creation code affecting some databases.

7. Change: Packages manager. Now stores synchronised packages in Application data folder. Avoids issues with access to program files folder.

8. Change: Languages files are now also in application data folder

9. Change: Updated CodeJock library

10. Change: MAIL, now handles messages over 4GB for IMAP, POP3 and SMTP


Version 7.2.2 (Build 3416) Released 31 May 2012

1. New: Categories: Added support for selecting multiple categories at once when creating web access rules.

2. New: Credentials: Change default credentials downgrade option to do nothing rather than downgrade to assumed

3. New: Credentials: Added option to credentials rule for assumed user to be deemed authenticated.

4. New: Data: Added support in Data file lists for unicode files with BOMs.

5. New: VPN: Added User object to events for Hosted VPNs

6. NeW: VPN: Show username on VPN panel for Nodes connected to hosted VPN

7. New: WinGate Management: Added progress dialog and error reporting for synchronisation of packages from engine

8. New: WinGate Management: Modules panel now prompts to restart WinGate if module startup settings are changed

9. New: API: Extended Network Service API for component-based network services.

10. New: IMAP: Increased maximum command buffer size for IMAP server.

11. New: Users and Groups: Added support for user database searches to search for multiple users at once, to reduce search load for Web access rules panel, Permissions, and Policy User/Group Check items.

12. New: Web Access Control: Added classification result to Session schema, so it is now available in policy / event processors

13. New: Web Access Control: Optimisation of rule evaluation if "who" contains the "Everyone" security principal.

14. New: Policy: Added Event type column to show compatibility of policy

15. New: Policy: Now shows policy as enabled if it is enabled regardless of whether it is connected to an event or not.

16. New: FTP Proxy: now supports authentication to proxy, using USER/PASS. Can access settings also in ClientConnect policy to vary by client.

17. New: FTP Proxy: now supports OPEN command for FTP client to specify which site to connect to

18. New: FTP Proxy: Added ConnectToServer event for access control to servers.

19. New: Data: File-backed lists now optimised for entries which do not contain wild-card characters. Improves lookup speed immensely.

20. New: RIP: changed default setting for RIP listener to off. Saves surprises when there are routers on your LAN broadcasting RIP and you aren't using VPN.

21. Fix: Web Access Control: issue where auth challenge would not be sent if user was assumed.

22. Fix: Web Access Control: issue in web access control rule creation wizard when back button pressed.

23. Fix: WinGate Management: issue when stored layout gets corrupted, causing WinGate Management to crash

24. Fix: WinGate Management: Fixed bug relating to closing of task panel

25. Fix: WinGate Management: Removed Help button from Service dialog (uses F1 help instead)

26. Fix: WinGate Management: wired up help topics for service dialogs

27. Fix: Mail: removed embedded tab characters in debug logging for SMTP delivery and POP3 collection services

28. Fix: Logging: skip embedded tabs when searching in last column

29. Fix: Licensing: fixed issue in license information panel when license name contained invalid XML characters (e.g. ampersands)

30. Fix: Timeline: Fixed bug in timeline relating to closing of blocks when using a filtered view.

31. Fix: Policy: Fixed missing resources in context menu for column headers.

32. Fix: Policy: SQL Item now returns an error on use if license does not permit use of it (rather than returning true).

33. Fix: Licensing: invalid license feature aggregation when trial Standard WinGate selected and VPN trial activated.

34. Fix: Licensing: not showing expiry dates for subscription licenses in report control (only info pane).


Version 7.2.1 unreleased


Version 7.2.0 (Build 3409) Released 3 May 2012

1. New: Supports new free license, equivalent to WinGate Standard 3 concurrent users + WinGate VPN Single user license.

2. New: Web access rules, now can match on client IP address.

3. New: Credential rules now can assume computer accounts

4. New: Email, added GSSAPI auth option for IMAP, POP3 and SMTP

5. New: IMAP, support for COMPRESS method, provides significant speed improvements for mobile users

6. New: IMAP, support for buffered output provides better server network performance.

7. New: IMAP, optimised search ALL.

8. New: IMAP, support for IR-SASL to save round trip on login for supporting clients.

9. New: Prevents connections to the Remote Control Service from non-local IPs when there is no user database available

10. New: Component Services API extensions

11. Change: Categories, paths now case-insensitive

12. New: Active Directory Connector, added ability to use registry to override domain name and domain object GUID.

13. Fix: VPN identity dialog, fixed nags on invalid node name or data port.

14. Fix: Management: Crash bug in modules panel when selecting a group row, if grouped by a column.

15. Fix: Email, problem when moving mailboxes between 2 different UNC-path-based mail volumes.

16. Fix: POP3 server, pipelining fix.

17. Fix: Web access rules, stability fix.


Version 7.1.2 (Build 3397) Released 2 April 2012

1. New: Web Access Control: Added support for rule matching on websites as well as categories.

2. New: TCP Mapping proxy: Added support for client certificates

3. New: Sessions: Added schema access for ExpiryTime - allows policy to set an expiry time on a session

4. New: Policy: Added support for Expression evaluator to not resolve to boolean result.

5. New: Schema: Added support for Time value to convert to / from string.

6. New: IMAP: Added ESEARCH extension

7. New: IMAP: Added WITHIN extension

8. New: IMAP: Added optional Parameters and disposition information to BODYSTRUCTURE

9. New: IMAP: Extended ID response to include WinGate version

10. New: Services: Added support for component-based network services.

11. New: WinGate Management: Added support for scaling of image on online options and login dialog for different font sizes

12. Fix: Updates: history view entries were empty

13. Fix: SMTP Queue: WinGate mail list processing was broken

14. Fix: IMAP: issue with changes to MODSEQ when MOVE is used

15. Fix: IMAP: issue with ENVELOPE for group addresses

16. Fix: POP3 Proxy: Fixed issue with UIDL responses containing certain characters.


Version 7.1.0 (Build 3389) Released 28 February 2012

1. New: support for localization. WinGate can now be translated into any language by anyone using our resource editor, or even notepad.

2. New: added support for multiple selections when choosing user database objects. Eases management of group membership, user/group policy checks, permissions and access control.

3. New: reinstated support for importing users from text file with WinGate users and groups.

4. New: added subject option for auto responder for mail settings, can refer to original subject line.

5. New: Added multiple select in users and groups panel for WinGate users and groups (allows deletion of multiple items at once)

6. Fix: WinGate users and groups: Stability issue with NTLM support.

7. Fix: WinGate users and groups: WinGate Management stability issue displaying group membership when there were a large number of members.

8. Fix: WinGate users and groups: deadlock issue in searches when there were nested groups.

9. Fix: WinGate users and groups: issue relating to conflicting user accounts. Now disable conflicting account and log warning.

10. Fix: WinGate users and groups: In PreAuth event, accessing the Agent value caused an unhandled exception.

11. Fix: Mail auto-responder supports unicode now.

12. Fix: Policy editor toolbox scroll-bar flickering issue. Was preventing editing of some policies, dependent on screen size / layout.

13. Fix: mail queue processing issue when mail was looping, would leave msg file in incoming when rcp moved to dead

14. Fix: SOCKS server issue when SOCKS5 connection request made using IPv4 address type.

15. Fix: issue relating to selection of a tab when opening the edit user dialog (e.g. when editing a user from mailboxes in email).

16. Fix: SMTP Server, issue relating to STARTTLS command when secure connection already established.

17. Fix: set connection backlog for incoming connections to max supported for OS.

18. Fix: VPN panel, issue relating to showing multiple nodes (some would be not shown).

19. Fix: WinGate advanced options issue relating to network buffers and hash entries settings.

20. Fix: IMAP server issue with non-recursive LIST command

21. Fix: IMAP and SMTP servers AUTH empty challenge issue, only affected some clients.

22. Fix: Various fixes to IMAP, including bodystructure with nested RFC822 messages, FETCH partial responses, and ENVELOPE.

23. Fix: Performance improvement to IMAP when fetching a message using multiple FETCH commands.


Version 7.0.8 (Build 3364) Released 13 January 2012

1. Fix: license issue with VPN for single user licenses accessing ENS.

2. Fix: layout issue with VPN nodes in VPN panel.

3. Fix: migration issue with legacy VPNs from WinGate 6.

4. Fix: No response sent to browser if auth required but no methods enabled in the proxy.

5. Fix: Unable to edit UDP broadcast relay port settings.

6. Fix: not properly displaying warnings about trying to access license-restricted features.

7. Change: Updated to latest CodeJock user interface framework 15.2.1


Version 7.0.7 (Build 3360) Released 6 January 2012

1. Fix: POP3 proxy issue when accessing servers that don't support AUTH command.

2. Fix: Problem with SMTP Received header timestamp timezone information resulting in invalid Received date in Outlook.

3. Fix: Problem forwarding undeliverable mail to gateway.


Version 7.0.6 (Build 3357) Released 22 December 2011

1. Fix: HTTP cache volume sizes over 2GB would break cache database initialization.


Version 7.0.5 (Build 3355) Released 21 December 2011

1. Fix: various issues using MDB database for cache and timeline.

2. Fix: unicode issues in timeline.


Version 7.0.4 (Build 3352) Released 20 December 2011

1. Fix: Stability problem in timeline.

2. Fix: Problem in UNC path handling in cache and email volumes.

3. Fix: Problem using SQL Native client for timeline and cache when regionalisation turned on.

4. Fix: Problem using MS SQL Driver for timeline.

5. Change: Better support for HTTP Cache function when database unavailable.


Version 7.0.3 (Build 3345) Released 12 December 2011

1. Fix: Problem with POP3 server when clients retrieve files containing non-standard characters.

2. Fix: Problem in the WWW proxy where it would accept disabled authentication methods.

3. Fix: Changes to command buffer handling in SOCKS service to make it more robust.

4. Change: Added support for GSS-API authentication to SOCKS service. Allows supporting clients to use kerberos authentication when using Active Directory Connector.


Version 7.0.2 (Build 3340) Released 5 December 2011

1. Fix: Problem after migrating from old version WinGate users and groups. Caused subsequent new users and groups to have wrong SIDs.

2. Fix: Problem introduced in 7.0.1 relating to launching CGI processes from WWW proxy as a web server.


Version 7.0.1 (Build 3338) Released 25 November 2011

1. Fix: IMAP index problem relating to POP3 access causing performance issue

2. Fix: DNS client issue relating to local sites associated with disabled DNS servers

3. Change: to user database selection wizard to improve user experience

4. Change: updated certificate on driver catalog.


Version 7.0.0 (Build 3332) Released 15 November 2011

1. Fix: memory and handle leak in manual classifier relating to rules that check data lists

2. Fix: to driver installer, solving occasional problem updating driver on 2k8 server and Windows 7.

3. Fix: to Windows Users and Groups on non-English OSes.

4. Fix: to Log viewer relating to unicode data.

5. Fix: to timeline relating to storage of unicode data

6. Fix: to installer to get around warnings about driver installation from untrusted vendor.

7. Fix: to Data schema relating to use of data strings and data counters within scripts.

8. Fix: to DNS client relating to definition of local sites

9. Fix: to WinGate Management relating to navigation tree not working on some occasions.

10. Fix: to WinGate Management relating to automatically logging into last used WinGate.

11. Fix: to policy relating to exporting of policies containing a colon in the name.

12. Fix: to web activity allowing it to function properly on MS SQL Server

13. Fix: to web activity relating to closing out activity blocks

14. Fix: event schema for session object in IMAP events now shows as correct type.

15. Fix: Issue where trial options were still showing if purchased license and expired trial were installed.

16. Fix: HTTP Cache now prompts for restart of WinGate when the cache index database is changed

17. Fix: Resolved issue where help collection files were becoming corrupted.

18. Added: Support for UNC paths in browse for folder dialog, allows UNC paths to be used for Logging, caching, email etc.

19. Added: New MACInfo module, that provides access to vendor information for MAC addresses.

20. Added: WinGate management shows warning for modules that fail to load.

21. Added: Now remove trials of matching products when a purchased license is installed. Prevents surprises when trials expire.

22. Added: New indices added to timeline database tables to improve query performance.

23. Added: Changes to Active Directory connector to enforce licensing policy for Standard licenses.

24. Change: New event context data (symbol browser) dialog.

25. Change: Changed the way HTTP Cache volumes are removed on deletion (rename first to avoid conflicts with new volumes of the same name that may be created while the first is being removed)

26. Change: removed ability to suppress warning when deleting a VPN.


Version 7.0.0 RC1 (Build 3317) Released 25 October 2011

1. Added new classification and access control framework for web content and URL classification. Includes a manual classifier to categorize sites / URLs. Access rules allow blocking / allowing of site by category / requestor / time of day.

2. Upgraded Codejock UI library to latest version. Includes a change of UI theme from Office 2007 to Office 2010.

3. Re-structured POP3 proxy, including new protocol filtering interface allowing scanning.

4. Added recording of category to timeline database

5. Added support for filtering tunneled requests in HTTP proxy.

6. Fixed stability bug in DNS client.

7. Fixed deadlock in Notification system.

8. Fixed issue with aggregating licenses.

9. Fixed issue with non-ANSI characters in HTTP headers

10. Updates to license system.

11. Fixed CRAM-MD5 in SMTP delivery.

12. Fixed problem editing POP3 collection jobs.

13. Fixed pattern matching problem in SMTP trust policy.

14. Fixed crash problem in ORDB.

15. Fixed building and sending of proxy auto-config file.

16. Added support for computer security accounts to the Active Directory connector.

17. Fixed issue with SSL / TLS connections if no certificate had been created in WinGate.

18. Fixed reporting of peer IP in timeline for VPN.

19. Now allow VPN manager to run (host VPN without participation) if no ENS installed.

20. Now allow W3C logging for Professional licenses and greater, rather than just Enterprise licenses

21. Added method variable to user database events.

22. Added GetData and SetData functions to the Event object, to allow local data to be shared amongst event processors, and within policy.

23. Fixed issue in DHCP server relating to addresses in use by other known DHCP clients.

24. Added support for PIPELINING to POP3 server, and also for POP3 proxy.

25. Fixed deadlock in user database providers.

26. Fixed bug in Active Directory connector enumerating users where domain contains contact objects.

27. Added capability to use Web admin to set user passwords for WinGate user database provider.

28. New Welcome screen.


Version 7.0.0 beta 3 (Build 3259) Released 7 July 2011

1. Fixed issue with email send item from policy taking down WinGate on some bad (default for installer) email addresses (could cause WinGate to become unusable if there was a notification on startup, such as for a port conflict on a service).

2. Fixed issue with WinGate taking a long time to start up after reboot (waiting for Remote Access Connection Manager to start)

3. Fixed issue with windows event log for WinGate (unregistered event source) causing all WinGate log messages to show an error.

4. Fixed issue with Winsock Redirector Service which prevented Application Control item from working to prevent application network access.

5. Fixed lockup issue with right-clicking menu options on users and groups panel

6. Fixed problem with HTTP cache purge on full setting.

7. Added c-dns field to WWW usage logging to log reverse DNS of client.


Version 7.0.0 beta 2 (Build 3254) Released 1 July 2011

1. Fix to the installer to improve installation duration which was long on some computers

2. Added off-line activation.

3. Fixed loop issue with certain DNS requests

4. Fixed an issue with Gatekeeper crashing on disconnect

5. Fixed an issue with unknown not being a member of Everyone.

6. Fixes to POP3 collection, and moving POP3 collection into its own panel

7. Added API to support scanning of the mail delivery queue. Latest Kaspersky AV for WinGate scans this queue, and therefore scans messages retrieved by POP3 collection.

8. Simplified mail queue management (no more PostIn folder)

9. Fixed NAT through dialup on Vista

10. Fixed service control policy item

11. Relaxed license restriction on nested lists in Data, so these are available for all licenses

12. Fixed an issue in the WWW proxy relating to auth with 0 length POST requests.

13. Fixed an issue with FTP directory listings through the WWW proxy

14. Fixed a problem in the IMAP server relating to locking whilst opening mailboxes

15. Fixed an issue in the DHCP service relating to lease updates

16. Added the ability to revoke DHCP leases

17. Fixed issues in POP3 collection and Mail delivery relating to secure connections to end server where connecting via a proxy

18. Added events relating to POP3 collection

19. Numerous minor UI tweaks