C&C Software Tuesday, October 23, 2018

C&C Home | Product Portfolio | Resellers | Contact Us

Buy Now

Test Drive

[Current version of WinGate is 9.1.5 - Release Notes]

WinGate Release Notes

WinGate 9 release notes

Version 9.1.5 (Build 5965) Released 30 April 2018

1. Fix: JScript Item: Fix crash if script longer than 2k characters.

2. Fix: JScript Item: Fix problems with String.Tokenize, including destruction of source string, and improper handling of empty first token.

3. Fix: SOCKS: Properly report and display SOCKS4a if that is being used by the client (was reporting as SOCKS4)

4. New: Session Schema: Added Session.LogEvent function to schema so you can log to the session log from script

5. New: SOCKS Schema: Added Session.ServerName to allow policy control on destination of SOCKS connection requests where the proxy is resolving the target. Can be overwritten.

Version 9.1.4 (Build 5962) Released 10 April 2018

1. Fix: Notifications: Fix crash if reporting notifications to a disabled notification plan, introduced in 9.1.3.

2. Fix: Telemetry: Remove upload timeout (was 1min) for uploading telemetry and crash dumps.

Version 9.1.3 (Build 5958) Released 22 March 2018

1. Fix: HTTP Error responses: Fix XML encoding of embedded data in web access control block pages.

2. Fix: HTTP Error responses: Fix XML encoding of embedded data in Web Admin service internal block pages.

3. Fix: SIP Proxy: Fix broken debug logging for some messages.

4. Fix: HTTP Events: Fixed Headers.Clear function for runtimes.

5. Fix: HTTP Cache: Fix automatically reported crash in user interface in some cases directly after login

6. Fix: WinGate Users and Groups: Fix automatically reported crash relating to configuration errors in authentication.

7. New: Block pages: Added {ACCOUNT} to custom responses and block page templates to report logged in user account.

8. New: Web Admin Service: added support for custom response pages similar to the WWW proxy custom responses.

9. New: Telemetry: Added several more attributes to gather information about the types of service being used.

Version 9.1.2 (Build 5956) Released 18 December 2017

1. Fix: HTTP Error responses: Fix XML encoding of embedded data in response pages, prevents XSS attacks via WinGate block pages.

2. Fix: Directory browsing: Fix issues with links to icon files for directory browsing with https

3. Fix: AD Connector: Fix auto-reported crash relating to enumeration of inter-trusted domains missing certain DNS information.

4. Fix: AD Connector: Fix occasional encoding problem for some arguments in LDAP queries.

5. Fix: Help system: Fix auto-reported crash if hhctrl.ocx fails to load

6. Fix: Schema script: Fix auto-reported crash if script does not include enough operands for various operators

7. Fix: HTTP Basic Auth: Added charset auth param to challenge to indicate preference to receive user/pass in UTF-8

8. Fix: Route Table checking: Fix auto-reported crash when route table contains no routes via a gateway.

9. Fix: Service Bindings: Fix race condition causing crash when viewing bindings while they change (auto-reported).

10. Fix: Dashboards: Fix race condition causing crash when a dashboard is deleted and receives an update (auto-reported).

Version 9.1.1 (Build 5951) Released 9 October 2017

1. Fix: WINS: Fixed rare automatically-reported crash on receiving certain WINS broadcast packets

2. Fix: Activity: Copy URL to clipboard was not working for CONNECT server:port requests

3. Fix: WinGate: Fixed rare automatically-reported crash relating to checking interface table for changes

4. Fix: WinGate Management: Fixed rare automatically-reported crash relating to dialog showing progress of synchronising modules

5. Fix: Web Access Rules: Fix context menu for report header

6. Fix: Send/Recv: Report correct error code if pended completion called with error

7. Fix: Shutdown: Fix crash on shutdown relating to Logging updating shared data values

8. Fix: Minidumps: Fix crash in minidump generation in some cases when shutting down

9. New: Web Access Rules: Added ${USER} and ${IP} options to block pages.

Version 9.1.0 (Build 5945) Released 27 September 2017

1. New: Active Directory: Now works with multiple trusted forests / domains (Enterprise only).

2. New: Credential rules: New setting to prevent inheritance of Domain Computer credentials, means no longer need to battle with system services that auth when restricting user access to web sites.

3. New: Reverse Proxy: Can now set whether client cert is required on a per site basis for reverse proxy with SSL/TLS

4. New: User interface: Updated to latest version of Codejock user interface framework.

5. New: WinGate Updates: overhauled user interface.

6. New: Logos: new product icons / logos for WinGate, Kaspersky AV, Lumen, and the SMS connector.

7. Fix: Web Proxy: Fixed automatically-reported crash occuring when using the wrong number of arguments for some functions in script.

8. Fix: Web Activity: Fix logging of web activity items to timeline on first run when it's disabled.

9. Fix: Licensing: Crash in licensing panel if licenses changed while not showing panel.

10. Fix: Services: Automatically-reported crash in call to LookupPrivilege in some cases relating to checking for port conflicts when starting services.

11. Fix: DNS client: Automatically-reported crash in call to GetNetworkParams, now use DnsQueryConfig to enumerate system-known DNS servers.

12. Fix: Localization: Resolve issue localizing modules that are installed in different folders (not child folder of WinGate).

13. Fix: Localization: Resolve issue with writing missing resources to file

Version 9.0.8 (Build 5935) Released 21 August 2017

1. Fix: Various: Fixed several automatically-reported crashes in WinGate Management and WinGate engine.

2. Fix: Flow-chart policy: Fixed problem with list lookup relating to localised interface where the method sort order changes.

3. Fix: Notifications: Fixed automatically-reported crash relating to logging notification reports.

Version 9.0.7 (Build 5933) Released 14 July 2017

1. Fix: AD connector: Crash in SOCKS authentication related to testing for available auth methods.

2. Fix: Various: various localization issues with some strings

Version 9.0.6 (Build 5929) Released 8 June 2017

1. Fix: Services: Fixed problem with high rate of incoming connections.

2. Fix: WinGate Engine: fixed intermittent crash on engine shutdown.

3. Fix: Localization: Made numerous hard-coded strings available for localization.

4. Fix: Email UI: fixed display of email address handler restrictions.

5. Fix: WWW proxy: Fixed issue in web server when serving files with % in filename

6. New: Licenses: Now report notification incident when license count is exceeded

Version 9.0.5 (Build 5926) Released 5 April 2017

1. Fix: Locking: Reverted to FIFO lock acquisition strategy to resolve issues with stablity due to thread starvation on highly contended locks under load.

2. Fix: WWW proxy: Fixed parser problem if response headers contain mixed CR and CRLF line endings.

3. Fix: Credential Rules: fixed lookup failure when multiple IP-matching sub-ranges defined.

4. Fix: Web Access Rules: Fixed display problem in rules if username contained XML special characters (such as ampersand)

5. Fix: Web Access Rules: Fixed a problem if registry merging resulted in multiple conflicting rule entries.

6. Fix: WinGate Engine: Fixed a crash on shutdown whilst deleting services

7. Fix: WinGate Management: Fixed an automatically-reported crash issue when accessing context menus from some panels when the task panel is hidden.

8. Change: String handling: Performance improvements in several places where strings are copied.

9. Change: Web Access: Refactored locking to reduce contention and increase performance.

10. Change: Minidump reporting: collect more data on crashes, submit minidumps zipped.

Version 9.0.4 (Build 5915) Released 13 February 2017

1. Fix: TLS in services: fixed allowed cipher suite issue relating to deprecation of RC4 and 3-DES, causing older clients to fail to connect with TLS.

2. Fix: WinGate Engine: Fixed an automatically reported crash on shut down of WinGate engine

3. Fix: Categories: Fixed an automatically reported crash in the user interface when you add a category and clear the name,

4. Fix: Permissions: Fixed an automatically reported crash in the user interface which occured occasionally when changing selection

5. Fix: WinGate Management: Fixed an automatically reported crash in the user interface relating to requesting credentials from the user.

6. Fix: Telemetry: several fixes relating to missing prefixes.

Version 9.0.3 (Build 5911) Released 25 January 2017

1. Fix: WinGate Management: Fixed display issue with categories containing special characters

2. Fix: DHCP: fix issue where client changing networks requests old IP was given it instead of rejected.

3. Fix: Localization: Fixed a problem on Windows 7 with WinGate localization causing WinGate management to fail to start.

4. Change: TLS client certs: setting to request a client cert now requires it

5. Chenge: Telemetry: Various fixes, and added start timestamp to record duration covered by report

Version 9.0.2 (Build 5909) Released 13 January 2017

This is another maintenance release, fixing bugs reported by the Application Experience feature in WinGate 9.

1. Fix: WinGate Management: Fixed crash when creating a new service if the dialog OK button is clicked prior to the service showing in the dialog

2. Fix: Activation: fix crash where user deactivates a license where the product is not loaded (e.g. old PureSight license)

3. Fix: Installer: check for existence of KB2533623 on Windows 7, this is required for WinGate to load modules (normally installed by Windows update)

4. Fix: WinGate Updates: Fixed notification of new updates, now always notify on new updates.

5. Fix: Minidump generation: Fixed an problem relating to generation of minidumps without exception information.

6. Fix: Application Experience: Fixed an issue where in some cases install instance ID not available

Version 9.0.1 (Build 5906) Released 29 December 2016

This is an early maintenance release, fixing bugs reported by the Application Experience feature in WinGate 9.

1. Fix: WinGate Engine: Fixed engine crash when WinGate Management connects where there are no packages installed (can happen if you delete packages registry key after installing WinGate).

2. Fix: WinGate Management: fix crash where user hits F1 key on login, or language setting dialog box if they had previously connected to WinGate

3. Fix: DNS server: Fix crash on race condition if sessions were set to time out too short. Now timeouts aren't set in the proxy (they are a function of the DNS client).

4. Fix: WinGate Engine: Fixed crash in some cases in checking for changes to the system route table

5. Fix: Updates: Fixed an occasional crash where a status for a product is updated.

Version 9.0.0 (Build 5902) Released 20 December 2016


1. New: moved to native 64 bit only, dropped support for 32 bit windows.

2. New: no longer support XP or 2003 server, minimum recommended OS is Windows 7 x64 / 2008 R2 server.

3. Change: moved build environment to Visual Studio 2015, which requires deployment of VS2015 runtime.


4. Change: HTTP Proxy: streamlined parsing for improved parsing performance and reduced memory heap access

5. Change: HTTP Proxy: increased buffer size to reduce number of system calls

6. Change: HTTP Proxy: streamlined buffer manager to use fewer allocations and reduce contention around buffer pool

7. Change: HTTP Proxy: streamlined code path for serving files to reduce parsing workload.

8. Change: HTTP Cache: various performance improvements

9. Change: Events: various optimizations to event processing, including reduction of lock contention on processing events

10. Change: Network IO: moved to overlapped sending to reduce system calls when sending data

11. Change: Service: use IO completion ports to accept connections

12. Change: Performance: Improved pattern matching algorithm performance, affects data list lookups.

13. Change: Performance: improved performance of unicode <> UTF-8/ANSI conversion which is in widespread use throughout WinGate

14. Change: Locking: improve lock acquisition cost improves performance overall.

15. Change: String formatting: improved string formatting code to reduce memory allocations

16. Change: String encoding: improved speed of various string encoding functions.

17. Change: Performance: Various other changes to reduce memory heap access and copies.

18. Change: Data: reduced contention / locking around counters to improve performance of monitored data.

19. Change: TCP Mapping proxy: increased throughput performance of proxy

20. Change: SMTP delivery: increased send buffer size for improved delivery performance

21. Change: Timeline: various performance improvements to reduce load of large timeline databases.


22. New: HTTP Proxy: Now supports SNI on incoming connections. Useful for supporting multiple reverse proxy sites with different certificates.

23. New: HTTP Proxy: Now inspects initial packet checking for TLS record and SNI. This supports SNI for intercepted connections, and also allows https for diverted connections to the proxy (sometimes called SSL peek and bump).

24. New: Cache: Now supports caching partial responses. <> 25: Change: HTTP Proxy: numerous performance improvements as above

26. Change: HTTP Proxy: Now allow explicit control over whether to allow GET / HEAD requests to contain a message body.

27. Fix: Cache: better error reporting on cache volume problems (part of adding support for Ramdisk cache)

28. Fix: Web Access Rules: fix web access rule creation wizard navigation


29. New: SIP Proxy: allows you to track calls in timeline, and block calls made using SIP phones.

30. New: TCP Mapping: Added controls over TCP keepalive settings for client and server-side connections

31. New: WinGate Management: Added filtering of activity view. Can now set lists of IPs to display or hide traffic from.

32. New: Application Experience: Now collects information about usage of WinGate in order to assist us to prioritise features for development.

33. New: Application Experience: Automatically uploads any crash dump / minidump files and information to our servers for analysis and bug-fixing.

34. New: Logging: new log migration wizard allows moving log folders.

35. New: SQL statement: item can now copy database record field data from results into event data for use in event handlers

36. New: SQL statement: item can now be added directly onto event processing

37. New: SQL statement: policy item can now check whether rows were affected in INSERT/UPDATE/DELETE queries

38. New: Policy: Send Email item can now attach a file

39. New: Policy: New Log Entry item, can log to current service log file from within policy or event (pro or enterprise only)

40. New: Scheduler: added option to randomize the minutes value for when the event will next run. Used for update checker, IP to country updates (on new installs). Useful for load spreading of access to remote servers.

41. New: Config Utility: added -nomap option to allow exporting unmapped file paths

42. New: IPtoCountry: added logging and use of notifications to log update issues.

43. New: IPtoCountry: added IpToCountry as a globally accessible object from script, added "CountryForIp" function.

44> New: POP3 Server: Added SessionComplete event to POP3 server. Now can see how many messages remain in a folder and/or were deleted after a POP3 client disconnects

45. Change: WinGate Management: WinGate management connection no longer inherits credentials from any previous-established cached credentials for the IP it connects from.

46. Change: WinGate Management: Additional logging around login / logout and auth failure.

47. Change: WinGate Management: migrated to new version of Codejock user interface library.

48. Change: WinGate Management: User interface tweaks, to make tabs and quick access buttons more visible, and to distinguish it visually from WG8

49. Change: Notifications Panel: Can now close out multiple incidents at once

50. Change: Email: Mail file processing now binary safe. There was a problem with some embedded non-ASCII-based character sets being corrupted.

51. Change: Logging: session creation and termination is now logged at info level instead of debug.

51. Change: Resources Panel: removed the resources panel for various reasons, mainly due to performance cost, and lack of utility. At least we're honest.

53. Change: OpenSSL: updated to version 1.0.2j

54. Change: Scilexer: new scilexer for context-highlighting of code (script) windows.

55. Change: Licensing: Changed the way WinGate notifies the user about accessing license-restricted features in trial mode to reduce confusion about the purpose of the notification.

56. Change: Installer: migrate mail spool, web admin, certs, resources, custom responses folders to ProgramData

57. Fix: Authentication: some cases where auth failed were not being properly reported / auth failed event processed.

58. Fix: IpToCountry: better file validation of downloaded files.

59. Fix: Various: numerous other fixes.

WinGate 8 release notes

Version 8.5.9 (Build 4883) Released 16 May 2016

1. Fix: Socket notifications: performance improvement from fixed callback window creation.

2. Fix: WinGate Engine: Fixed memory leak in thread naming if policy is used to terminate connections from within ClientConnect event

3. Fix: Reverse Proxy: Fixed memory leak relating to extension to EXE mappings when web serving.

4. Fix: Email Panel: Fixed crash relating to tooltip.

5. Fix: JScript Item: Fixed bug relating to strings from schema objects being treated as booleans when compared.

6. Fix: JScript Item: Fixed bug in less than and greater than operators

7. Change: Pattern Matching: Performance improvement in pattern matching, affects data list content checking.

8. Change: WWW Proxy: now recognises the relatively new PATCH command (so doesn't block it by default)

Version 8.5.8 (Build 4881) Released 23 April 2016

1. Fix: Proxy: Serious load problem with many connections to proxy (log entry shows exception in TCPSession::InitInstance) caused by issue in MFC introduced in 8.4.0 (#22).

2. Fix: Web Activity: Parallelized callout to web classifiers (such as manual classifier) which were being serialized, causing performance bottleneck if classification is too expenive (e.g. very large lists of wild-card entries).

3. Fix: Remote Control: Problem with communications from WinGate Management becoming overloaded and unresponsive if too many packets being sent in the other direction. Could cause settings from WinGate Management to not be applied for example when loading large numbers of timeline records.

4. New: Data Lists: Added RemoveAll and ExportToFile functions to List object schema.

Version 8.5.7 (Build 4879) Released 6 April 2016

1. Fix: Installer: Problem with SHA256 signatures on installer prevented signature validation on XP

2. Fix: Installer: Setupfactory extension RegistryEx.lmd not loading on XP due to missing dependency

3. Change: Installer: Now uses dual signatures on installers to support new requirements for SHA256 and retain previous SHA1 support.

Version 8.5.6 (Build 4877) Released 29 March 2016

1. Fix: DNS Client: Memory leak when DNS requests cancelled prior to completion.

2. Fix: FTP Proxy: Problem logging some non-UTF-8 filenames etc in debug logging.

3. Fix: FTP Proxy: Problem with some UTF-8 filenames being corrupted, preventing download or change directory.

4. Fix: FTP Proxy: Fixed logging of multi-line responses such as FEAT responses.

5. Fix: Timeline: not showing name for Web Activity option on settings > general tab

6. Fix: File-based Data lists: file reading issue when final line not new-line terminated

7. Change: HTTPS inspection: Can now inspect on non-standard ports (use policy if you want finer control)

8. Change: Timeline: Manifest no longer dependent on SQLite ODBC driver file (which is no longer installed to packages folder)

9. Change: Installer: Check CRC on existing driver binary and skip driver upgrade if the binary is the same. Saves a reboot and interface cycling.

10. Change: Installer: Now restart WinGate service (if installer stopped it) and Engine Monitor (in all cases) where reboot is not required.

11. Change: Installer: Installer now signed using SHA256 hash algorithm.

Version 8.5.5 (Build 4858) Released 28 January 2016

1. Fix: DNS Client: Fixed case-sensitivity bug in hosts file entries

2. Fix: DNS Client: hosts file now supports multiple names per line, and multiple addresses per name.

3. Fix: Service Editing: Fix ignored ESC key in editing service when description field is selected.

4. New: DNS client: Add support for adding domain suffix to unqualified requests.

5. New: Active Directory: Result filtering can now select Organization Units as well as domains.

6. New: Upstream connections: proxies can now connect upstream using SOCKS4a, thereby avoiding DNS lookups.

Version 8.5.4 (Build 4852) Released 17 November 2015

1. Fix: WWW Proxy: Fixed issue with stripping of empty Basic auth request header.

2. Fix: TLS: Fix issue with superfluous initialisation of TLS algorithms when generating certificates

3. Fix: Events: Fix problem with editing event processors from events panel - was blocking communications with engine.

4. Fix: Schema: Fix schema / script-based access to Session.ServerIp, broken in 8.5.0

5. Fix: Schema: Fix parameter checking in various built-in functions which could crash WinGate if function called incorrectly.

6. Fix: FTP Proxy: Fix broken PORT command parsing, broken in version 8.5.2

8. New: WinGate Users and Groups: can now change own password via Web Admin service.

Version 8.5.3 (Build 4846) Released 13 October 2015

1. Fix: WWW Proxy: Fixed broken (in 8.5.0) authentication for server requests / reverse proxy / intercepted connections where the proxy is doing the authentication.

Version 8.4.1 (Build 4813) Released 21 July 2015

1. Fix: SSL / TLS: Increase timeout for SSL/TLS handshake to cover for slow clients and certificate revokation checks.

2. Fix: Localization: Was not loading localized strings for package modules

3. Fix: Installer: Problem setting permissions on ProgramData\Qbik folder could take too long if the HTTP cache volume was in there. Problem introduced in 8.4

4. Fix: WinGate Updates: crash in WinGateUpdates.exe relating to logging settings in registry

5. Change: Installer: Updated to SetupFactory 9.5

Version 8.3.2 (Build 4773) Released 8 April 2015

1. Fix: Logging: not persisting changes to logged fields in W3C usage logging introduced in 8.3.0

2. Fix: Policy: Bug introduced in 8.3.0: crash in WinGate management when closing the call policy item in a flow-chart policy

3. Fix: Dashboard: Bug introduced in 8.3.0: WinGate Management would become unresponsive if you delete a dashboard item.

4. Fix: HTTP Filters: occasional crash when a filter returns its own content to a request (e.g. block pages etc)

5. Fix: Web Access Control Rules: crash when dragging and dropping rules if you drop one below default rule

6. Fix: Web Access Control Rules: UI glitch when adding category or site to a rule would not show until dialog was reopened.

7. Fix: Web Access Control Rules: no longer do implicit auth (if user unknown and not matching) on re-authentication rules, only explicit (where it matches the Who tab).

8. Fix: Web Access Control Rules: fixed hit count on auth rules.

9. Fix: Schema script: crash when trying to use uninitialised variables as a result in some scripts or policy items.

10. Fix: Email UI: crash in WinGate Management caused by race condition between creation of email panel, and unsolicited queue updates

11. Fix: WinGate users and groups: NTLM 1 byte buffer overrun problem when logging at debug level

12. Change: Web Access Rules: Performance improvements to rule evaluation.

13. Change: Web Access Rules: Added performance tracking (time spent in each rule for hit and miss cases) so cost of a rule becomes visible.

14. Change: WWW Proxy: Diagnostic Logging now logs requests associated with auth handshaking.

15. Change: WWW Proxy: no longer count intermediate auth challenge handshake requests for session request limiting (limiting to 1 would break NTLM).

16. Change: Notifications: Added Last Change column to notifications panel, changed the way UI updates are handled.

Version 8.3.1 (Build 4769) Released 12 March 2015

1. Fix: SSL: Problem with changed start order of modules revealed a problem with initialisation of OpenSSL that could cause mail delivery to fail when using STARTTLS

2. Fix: POP3 Collection: Fixed issue causing problems connecting to pop3s servers on upgrade.

3. Fix: POP3 Collection: Was not honouring setting for SSL/TLS version in the case of STLS-negotiated SSL/TLS layer

4. Fix: SMTP Delivery: Was not honouring setting for SSL/TLS version in the case of STARTTLS-negotiated SSL/TLS layer

5. Fix: Uninstaller: would hang forever waiting for WinGate service to stop on a WinGate Management only installation

6. Change: Certificate Importing: Prevent importing certificates that do not have a private key.

7. Change: SSL/TLS: Added logging for diagnosing issues with SSL/TLS negotiation and certificates

Version 8.3.0 (Build 4764) Released 5 March 2015

1. Fix: DHCP: Fixed issue where permissions were not registered if User Database started late (e.g AD server not available on WinGate start), so DHCP panel not displayed.

2. Fix: User database: Fixed issue where permissions were not registered if User Database started late (e.g AD server not available on WinGate start), so Users and Groups panel not displayed.

3. Fix: Web Proxy: Fixed occasional buffer leak

4. Fix: Logging: Fixed crash in output buffering when writing very large fields

5. Fix: VPN: Fixed crash when using User object in event handler for VPN connection event.

6. Fix: IMAP: Fixed issue when command contains empty string literal.

7. Fix: Config utility: Problem with utility reporting that WinGate was not installed.

8. Fix: VPN: problem exporting and importing VPN config files. Was reported fixed in 8.0.2, but still had an issue on some OSes.

9. Fix: Policy: fixed a parse error in a default (sample) policy

10. Fix: Engine: Fix issue preventing windows from reporting correct windows version on Windows 8.1 and Windows 10

11. Fix: SSL: now loads entire chain of certificates (if included) from certificate PEM files

12. Fix: IP to Country: update to new format and URLs for access to IP assignment record data.

13. Fix: IMAP: Crash if length information in index file different to file length on disk.

14. Fix: File Copying: deprecated OS CopyFile calls as they are not reliable on 2k12. Now copy file by reading and writing file content. Affects mainly mail (local delivery and mailbox moving).

15. Fix: Mailboxes: bug with tooltips when working with more than 1 mail volume would hang WinGate Management.

16. Fix: Mailboxes: fixed issue where merging mailboxes would fail if a source file did not exist (now skips).

17. Fix: Web Admin: Fixed issue preventing Email tab from displaying

18. Fix: HTTP Cache: Couldn't save rule with only "do not cache" option selected

19. Fix: Web Access Control: Checkbox values in "what" tab of rule were not honoured (always checked).

20. Fix: Users and Groups: Allow access in event processing to Full Name, and Account Name of User object, when authenticated user is a domain computer account.

21. Fix: WinGate Update: issues relating to certificate revocation check failing which prevented update checks.

22. Fix: DHCP Panel: fixed occasional crash when updating lease information

23. Fix: Manual Classifier: improved speed of lookups.

24. Fix: POP3 Proxy and SMTP receiver: buffer overwrite problem when receiving large buffers from client.

25. Fix: Timeline: Crash when changing timeline settings if Database failed to initialise

26. Added: SSL/TLS: can now specify allowable SSL/TLS versions for back-end connections in reverse proxy, and/or client connections (mail delivery and POP3 collection).

27. Change: Mailboxes: now show number of folders and messages in mailbox panel

28. Change: SDK: changed interface registration to auto-binding

29. Change: Permissions: Added default administrative group to root object so that by default administrators can see everything regardless of who created it (e.g. policies/dashboards etc).

30. Change: Permissions: Added proper display handling for checking / unchecking full control option.

31. Change: IMAP: performance improvements in mailbox indices particularly for network-based mail volumes. Greatly speeds up expunges (mail filtering).

32. Change: Policy: Expression evaluator item dialog now resizable and uses larger courier font to assist editing script.

Version 8.2.5 (Build 4733) Released 5 September 2014
  1. Fix: Permissions: Fixed issue which prevented display of permissions panel in WinGate Management, introduced in 8.2.2.
  2. Fix: User database: memory leak relating to user objects.
  3. Fix: Settings utility: incorrectly reported that WinGate was not installed
  4. Fix: SQLite ODBC driver: fixed issue with converting floating point numbers using current locale.
  5. Change: User database: changed indexing for object handles to make it safe to test for handle validity.

  6. Version 8.2.1 (Build 4711) Released 28 April 2014

    1. Fix: Logging: crash when logging some strings containing mixed ANSI and unicode strings, e.g. embedded Japanese.

    2. Fix: Logging: fix timer-based flushing of outstanding buffered log data.

    3. Fix: FTP proxy: FTP commands are now treated correctly as case-insensitive.

    Version 8.2.0 (Build 4707) Released 23 April 2014

    1. Fix: WinGate Management: crash when closing WinGate management during failed connection attempt

    2. Change: Web Access Rules: can now drag / drop to re-order web access rules

    3. Change: Web Access Rules: can now specify a block page per rule

    4. Change: Web Access Rules: block pages now stored under AppData folder instead of under Program Files

    5. Change: Web Access Rules: now uses combo box to choose between All, All below, or all except below in each of "Who", "where" and "What" tabs

    6. Change: Web Access Rules: "where" and "what" can now check against global data lists

    7. Change: DNS: new strategy when dealing with SRVFAIL results from DNS servers. Now tries one other server if there is one.

    8. Change: Mail delivery: new special case handling for SRVFAIL responses to MX lookups, now fails over to A record processing.

    9. Change: Logging: Major performance improvements to logging, including reduction in data conversion, double-buffering, and file IO.

    10. Change: Logging: Added feature to allow buffering of log data before writing it to disk to further reduce file IO. Greatly improves performance of logging to a SAN

    11. Change: Logging: Added data counters to track lines logged and bytes logged.

    12. Change: Module loading: changed package manager logging to log module load failures

    13. Change: Module loading: explicitly report version problems with packages in UI

    14. Change: Module loading: overhauled synching dialog. Now wraps text, shows errors more clearly.

    15. Change: BGP Service: Added BGP server. This should be considered experimental.

    16. Change: Framework: updated to Codejock v 16.3.1 UI framework

    Version 8.1.0 (Build 4655) Released 28 February 2014

    1. Fix: POP3 Server: debug logging of POP3 commands could cause crash if command contained certain characters.

    2. Fix: WWW proxy: issue with reverse proxy checking for path exploits effectively blocking access to back-end URLs containing certain character sequences

    3. Fix: AD User Database: crash problem when authing to accounts where AD object is missing required fields. Now logs missing fields and fails auth.

    4. Fix: Timeline: Deadlock could occur in some cases when multiple WinGate Management accessing Timeline using MDB or Database concurrency set to 1.

    5. Fix: Manual classifier: was not honoring permission for modification of manual classifications.

    6. Fix: SMTP Delivery: occasional crash due to race condition when timing out SMTP delivery sessions.

    7. Fix: Web Admin: occasional crash when accessing email tab when using AD user database

    8. Change: Timeline: changed default database to SQLite from MDB. MDB just not up to the task for medium - large sites.

    9. Change: Web Activity: rules can now specify which proxies the rule applies to

    10. Change: HTTP Cache: rules can now specify which proxies the rule applies to

    11. Change: Dashboards: no longer limit number of dashboards by license.

    12. Change: import/export utility: can now import configuration from command line.

    13. Change: Data lists: selection dialog now shows current selection

    14. Change: Code Signing Cert: new (updated) Qbik Code Signing cert used for WinGate modules.

    Version 8.0.5 (Build 4634) Released 5 December 2013

    1. Fix: HTTP proxy: malformed request reported when POST request challenged for authentication.
    2. Fix: DNS client: crash relating to timing out delegated requests
    3. Fix: Timeline: was not showing all activity blocks in some cases.

    Version 8.0.4 (Build 4629) Released 4 November 2013

    1. Fix: HTTP proxy: problem with tunneled requests (https) when processing pended data on closing connection.

    2. Fix: Web Activity: fixed crash when trying to log database initialisation failure

    3. Fix: Notifications: fixed WinGate Management crash when notifications occur with notifications panel not visible.

    4. Fix: Timeline: Fix issue where UI would not update value of "enable activity tracking" properly

    5. Change: Data monitoring: Added option to reset derived values

    6. New: Configuration utility: Added utility to export / import configuration (handles 32/64 bit issues as well).

    Version 8.0.3 (Build 4625) Released 18 October 2013

    1. Fix: Mail delivery: problem with retrying if mail rejected temporarily after DATA command

    2. Fix: Mail delivery: problem with bounce messages.

    3. Fix: POP3 Server: buffer overflow vulnerability fixed.

    4. Fix: SMTP Client: Fixed crash which occured if session was timed out whilst negotiating SSL connection with STARTTLS.

    5. Fix: HTTP proxy: problem with SSL inspection if connecting through upstream proxy

    6. Fix: DNS client: fixed problem for delegate requests to different domains.

    7. Fix: Activity Screen: crash when right-clicking user icon on multiple user machine.

    8. Change: Licensing: connections to SMTP server no longer consume a license

    9. Change: Schema: Added InRange member function to IP Address object

    Version 8.0.2 (Build 4614) Released 23 September 2013

    1. Fix: WWW proxy: problem with chunked POST requests.

    2. Fix: WWW proxy: problem with FTP URLs.

    3. Fix: POP3 Proxy: crash problem when using Kaspersky AV for WinGate and client issues STLS command.

    4. Fix: Updates Installer: Fixed issue with improper handling of silent installs in some upgrade scenarios

    5. Fix: WINS service: crash when parsing NetBIOS broadcast packets containing no IP address records

    6. Fix: SMTP Client and POP3 client: issue when talking to older servers that don't support TLS

    7. Fix: VPN: problem exporting and importing VPN config files

    8. Fix: Notifications: memory leak when closing an incident that wasn't currently open.

    9. Fix: Dashboards: dialog resize bug in dialog for choosing data source for dashboard items.

    Version 8.0.1 (Build 4608) Released 20 August 2013

    1. Fix: HTTPS inspection: Crash when signer certificate created without encrypted private key

    2. Fix: HTTPS inspection: Problem selecting correct signing certificate (due to sorting in combo box).

    3. Fix: Timeline: Problem initialising timeline for some versions of MySQL ODBC driver

    4. Fix: Timeline: Problem saving new config if database not initialised.

    5. Fix: Timeline: problem in user interface causing WinGate Management to crash on exit.

    6. Fix: FTP Proxy: Debug logging problem with server responses

    7. Fix: Updates Installer: Updated to fixed WinGate 8 installer.

    Version 8.0.0 (Build 4601) 31 July 2013


    1. New: HTTPS inspection support added (Enterprise licenses only)

    2. New: HTTP cache: now uses in-memory / file-backed indexes - no more SQL. Result is much faster cache.

    3. New: Web Access Control: added rule result of "re-authenticate". This can be used to force change of user.

    4. New: Web Access control: added option to track different categories for same site separately or not

    5. New: can now intercept port 443 to proxy (normal non-https binding). If SSL inspection is enabled, it can be inspected, else it is tunneled.

    6. New: now reads mime types for file extensions from OS when serving.

    7. Change: buffer handling, removing double-buffering resulting in much improved throughput

    8. Change: now maintains connection to upstream proxy for SOCKS as well as Tunneled upstream connections.

    9. Change: usage logs time taken now in milliseconds

    10. Change: added option to disconnect in reject policy response

    11. Fix: fixed issue with occasional site hangs, and broken images

    12. Fix: Web serving: fixed problem improperly blocking URLs containing ':' character - affects reverse proxy as well.

    13. Fix: Web proxy: X-Forwarded-For was not being added for upstream connections via proxy, even if selected

    14. New: Web proxy: Added support for adding X-Forwarded-For for reverse proxy requests

    Email services

    15. New: Added support for client certificates and SASL EXTERNAL auth mechanism throughout services and clients.

    16, New: Added support to check user database for incoming email addresses to see whether to accept mail or not. Allows integration with Active directory email addresses.

    17. New: SMTP Delivery: can now override FQDN in known server

    18. New: pushes a notification if a mailbox is over quota when delivering or accepting mail.

    19. New: can now install multiple SMTP servers.

    20. New: SMTP Server: Added option to require authentication.

    21. New: SMTP Server: Added option to override default FQDN

    22. Change: Now Checks volume access, writability etc etc. Useful for network shared volumes

    23. Change: can now create volumes regardless of license. Whether you can use anything other than default volume is a matter of license. This allows you to create a new volume to migrate to without having an enterprise license.

    24. Change: now checks storage type of mail volumes disallowing invalid media, such as CDROM or RAMDisk

    25. Change: can now create a volume in a non-empty folder (which allows attaching a volume to a previous volume)

    26. Change: SMTP Delivery: now supports MX which resolves to multiple A records.

    27. Change: SMTP Server: extended schema of SMTP Session to allow setting of FQDN and whether to require auth in policy.

    28. Change: SMTP delivery: no longer (invalidly) tries backup MX servers if a recipient is permanently rejected

    29. Change: IMAP: now better handles temporarily unavailable mailboxes (e.g. those on network shares)

    30. Fix: resolved some issues with migration of ORDB servers from WG6

    31. Fix: fixed bug in POP3 Server when client using SSL / STLS in some cases session would hang

    32: Fix: fixed bug in IMAP search when no search sequence specified.

    33: Fix: Fixed bug saving mailbox settings.


    34. New: TCP mapping proxy: supports client certificates on incoming and outbound connections

    35. New: Certificates: can now import certificates from pfx file.

    36. New: Certificates: WinGate-generated self-signed certs now add Basic constraints and subject Key ID, necessary for signing other certs.

    37. New: Credential rules, now UI validates entering IP or MAC address - makes entering MAC addresses more lenient.

    38. New: Activity: added expand / collapse all

    39. New: Activity: pause activity updates now shuts off updates from server, thereby saving bandwidth.

    40. New: WinGate NAT: Added Disconnect event

    41. New: Notifications: added logging support. Now logs reports and events to file.

    42. Change: changed development environment to MS Visual Studio 2010

    43. Change: AD Connector: now control cache lifetime of objects retrieved from active directory. Objects will now be re-fetched after 1min, to reflect changes in account settings etc.

    44. Change: AD Connector: now displays email address of users and groups.

    45. Change: AD Connector: better handling if AD controller is unavailable when WinGate starts (reports errors to UI, retries initialisation).

    46. Change: DNS Client: Can now specify order of servers.

    47. Change: DNS Client: Changed deprecation strategy when servers unavailable, now just demote the server, rather than ceasing use of it altogether.

    48. Change: Credential rules: Now check for conflicts when creating a new rule.

    49: Change: SSL Support: updated OpenSSL to latest 0.9.8y version

    50. Change: Post-mortem logging now uses DebugHelp.dll to create minidump files, rather than our old custom post mortem log files. These are also now generated always instead of off by default.

    51. Change: Logging: changed log level for various informational events from debug to Info (e.g. proxy requests, and traffic). Means you no longer need to log all debug messages to get requests and traffic.

    52. Change: Dashboards: now supports undo/redo and Save / Cancel for editing.

    53. Change: Data lists: speed improvements to shared data list lookups used by Policy, and Manual classifier.

    54. Fix: Credential rules, fixed locking issue on updating credential rules.

    55. Fix: Timeline: now warns on MDB over size, and enforces auto-purging.

    56. Fix: Timeline: now deals with temporary inaccessibility of database.

    57. Fix: Data: fixed several locking issues

    58. Fix: Engine startup: problem on some systems with disabled Ras Manager service where WinGate would crash on startup after reboot.

    59. Fix: Lua Scripts: fixed issue when calling function with no parameters.

    60. Fix: Policy: fixed problem with imported policies relating to 32 bit values imported as signed vs unsigned data.

    61. Fix: AD UDB: issue where empty search results would return incorrect error to client code.

    62. Fix: Web Activity: deadlock editing web access control rules while under load.

    63. Fix: Timeline: fixed deadlock in timeline when using MDB and retrieving large datasets.

    64. Fix: Network Driver: fixed deadlock when disabling / enabling USB-based adapters. Version 7.3.1 (Build 3535) Released 16 May 2013

    1. Change: Debugging: now generates minidump files for better analysis of top level exceptions.

    2. Change: Updates: added support for hyperlinks to launch browser (e.g. for links to release notes)

    3. Change: Installer: Now adds rule to windows firewall for WinGate service.

    4. Fix: IMAP: Search without range or UID range specifier would fail

    5. Fix: Dialer: Failure to start RasMan service in time could cause WinGate engine to crash on startup.

    6. Fix: WWW proxy: problem downloading resources greater than 2GB

    7. Fix: Logging: Support for logging 64bit values to usage logs, changed log types for HTTP download size, mail message size etc to 64 bit capable

    8. Fix: HTTP Cache: problem relating to parsing of ETag could cause some server responses to not be correctly processed.

    9. Fix: WinGate Management: Help panel should no longer require adding site to Internet Explorer trusted sites.

    10. Fix: Data global lists: WinGate crash where lists linked to a file couldn't access the file Version 7.3.0 (Build 3506) Released 7 March 2013

    1. New: Reverse proxy: can now specify to make back-end connection with SSL and/or client certificate

    2. New: in web serving sites matching host-names can now specify to match on SSL or not.

    3. New: Service events: Added Binding object to events for TCP-based services (WWW, FTP, SMTP, POP3, IMAP, Remote Control etc). This allows setting local SSL settings per connection

    4. New: server requests, reverse proxy etc can now make SSL connections, with client certificates. These settings can also be changed in policy per request.

    5. New: Users and Groups. Now supports filtering by domain.

    6. New: TCP mapping proxy, published more members for session object, to specify connection control, (e.g. client cert, use SSL, bypass proxy etc).

    7. Change: Policy: policy flow-chart now shows icon of type of item in the worksheet.

    8. Change: POP3 collection and SMTP delivery now avoid DNS lookup if connecting through upstream proxy that connects by servername.

    9. Change: POP3 collection and SMTP delivery now support use of client certificates when connecting to a server

    10. Change: Connections: moved processing of ClientConnect event prior to establishment of SSL, based on binding, so policy can override this (e.g. choose cert per client IP etc)

    11. Change: Network connections: Added adapter ID to network adapter dialog in Network connections panel. Also ability to copy data to clipboard. This is useful so you can compare adapter ID with Binding member in policy.

    12. Fix: Persistence: Fixed buffer overflow bug in persistence classes.

    13. Fix: Notifications: Fixed deadlock in Notification component if logging fails due to access issues to log folder.

    14. Fix: Scripting: LuaScript and JScript policy items now verify that the function prototype matches the event data. This was necessary due to addition of Binding object to event data.

    15. Fix: fixed problem with reverse proxy for https sites where back-end connection was not SSL.

    16. Fix: fixed occasional deadlock when using Kaspersky AntiVirus for WinGate

    17. Fix: SSL Support: fixed issue closing SSL sockets.

    Version 7.2.10 (Build 3486) Released 5 February 2013

    1. Fix: WWW proxy. Now supports HTTP messages with content length > 4GB

    2. Fix: WWW proxy. Improved performance of WWW proxy as a web server, no longer sends headers and response line in separate packet to initial payload.

    3. Fix: TCP Mapping proxy. Fixed problem introduced in 7.2.9 where intercepted connections matched specific mappings, would cause connection to fail.

    4. Fix: HTTP Cache. Fixed problem with improper removal of cache entries when a server re-uses same ETag for multiple resources.

    5. Change: Browse for Folder dialog - usability improvements, can now select the folder you're viewing, rather than only sub-folders.

    6. Change: Activity: Pausing activity updates now stops updates at source, thereby reducing load and bandwidth requirements.

    7. Change: Activity: efficiency improvements when no WinGate Management is connected.

    Version 7.2.9 (Build 3480) Released 11 January 2013

    1. New: TCP Mapping proxy - now pushes an event on connection failure so you can notify / retry a failover server.

    2. Fix: Data Lists - problem inserting new string items would cause WinGate Management crash.

    3. Fix: Data items - problem with sample Restricted Sites list prevented editing.

    Version 7.2.8 (Build 3467) Released 27 November 2012

    1. New: DHCP, added WPAD option, so can do WPAD without enterprise license.

    2. New: SOCKS server now supports SOCKS 4a.

    3. Fix: POP3 proxy, issue with passwords containing % symbol

    4. Fix: WWW Proxy: issue with lost buffered client data when tunneling FTP through WWW proxy.

    5. Fix: Categories: issue with categories containing non-text characters (caused problems when trying to create web access rules with PureSight categories such as "Children's").

    6. Fix: Schema script runtime, fixed parsing problem with certain script constructs.

    7. Fix: WinGate Management, fixed issue relating to trying to update help pane topic when the help pane wasn't created.

    8. Fix: Permissions, buffer alignment problem when storing and reading permissions objects to registry

    9. Fix: WinGate Management, fixed lockup on services panel when changing service status Version 6.6.4 Build 1338 (Released 14 October 2009)

    1. Fixed an issue with the DHCP server where if an old lease referred to a scope that had been deleted, WinGate would not make an offer.
    2. Signed the Wgengmon and wgvpnmon applications so they can be loaded in 2k8 server without disabling UAC.
    3. Added full minidump capability for troubleshooting.
    4. Fixed an issue in the WWW proxy where serving files from disk with a space in the URL.
    5. Fixed an issue in the WWW proxy where accessing FTP servers which use UTF-8 filenames would cause problems.
    6. Fixed an issue in the WWW proxy with Basic authentication causing some sessions to hang.
    7. Fixed an issue in the WWW proxy relating to policy that checked server ip address.
    8. Fixed an issue in SMTP delivery - no longer try A record when MX record lookup times out.
    Version 6.6.0 Build 1277 (Released 27 May 2009)
    1. New WWW proxy, including changes relating to auth, scanning, caching, pipelining, and HTTP/1.1 support
    2. Fixed an issue relating to FIN/RST handling and timeout behaviour in Extended networking.
    3. Resolved dialup issues on 2k3 server.
    4. Fixed a bug in the IMAP server where it was case-sensitive to certain commands.
    5. Fixed a problem with ARP cache timeouts and refreshing.
    6. Reworked the VPN control connection mechanism to harden it against attack.
    7. Added tunnel keep-alive packets to keep tunnels active through NAT devices.
    8. Fixed a problem with editing schedule item actions in VPN-only UI.
    9. Fixed a problem editing access rights on hosted VPNs from a remote GateKeeper in VPN-only UI.
    10. Deprecated cache freshness overrides (number of days before checking...) in WWW cache.
    11. Added schedule option to resynch NT user database

    WinGate 6.5.0 Build 1197 (Released December 15, 2008)

    1. Added support for Windows Vista 32 bit
    2. Added support for Windows XP 64 bit edition
    3. Added rebuilding of IMAP mailbox index if index file is deleted.
    4. Added support for using Query String in banlist for HTTP policies
    5. Added data for polic