HISTORY (29772B)
1 1998/1999 2.9 written from scratch. 2 3 1999-04-14 2.9beta0 public preview release. 4 5 1999-05-17 2.9beta1 Bug fixes (remix, OpenPGP encryption, FreeBSD 6 name conflict); Win32 DLL. 7 8 1999-05-18 2.9beta2 Install bug fixes. -N and -n options renamed. 9 10 1999-05-19 2.9beta3 OpenSSL-related bug fix. Type 1 remailer fixes 11 (pointed out by <kev@drule.org>). 12 13 1999-05-20 2.9beta4 Read and generate OpenPGP encrypted secret keys. 14 15 1999-05-20 2.9beta5 The client sent messages if PGP encryption failed. 16 17 1999-05-28 2.9beta6 Message-ID generation bug fixes. Contributed by: 18 Johannes Kroeger <hanne@squirrel.owl.de>. 19 Remix-To bug fix. 20 21 1999-06-09 2.9beta7 More (minor) remailer and Install script fixes. 22 23 1999-06-10 2.9beta8 Regular expression bug fix. Thanks to Johannes 24 and Kevin for help with debugging! 25 26 1999-07-20 2.9beta9 Bug fixes (remailer, nym creation). 27 28 1999-08-03 2.9beta10 Fix for buffer overrun error. 29 "Chain:" pseudo-header may contain the number of 30 copies like this: `Chain: *,*,*,*; copies=3' 31 32 1999-09-09 2.9beta11 Support MIME attachments and OpenPGP/MIME in the 33 client. 34 Do not select cpunk remailers if PGP key is missing. 35 Fix error in nym creation. 36 Header lines can be edited when composing new 37 messages in the mail reader. 38 Accept empty pass phrase to allow storing the 39 nym database on an encrypted file system. 40 More verbose error messages. 41 Various minor bug fixes. 42 * Thanks to Gerd Beuster for many good suggestions! 43 44 1999-09-22 2.9beta12 OpenSSL 0.9.3 or newer is now required. 45 For the Mixmaster DLL, allow the application to 46 seed the random number generator. 47 48 1999-09-29 2.9beta13 Fix OpenPGP 3DES decryption. 49 Store DSA secret keys in PGP5 compatible format. 50 Support new "ekx" capability. 51 Use the more secure new style OpenPGP conventional 52 encryption to protect the nym database and nym 53 keys. 54 55 1999-10-01 2.9beta14 Bug fix. 56 57 1999-10-01 2.9beta15 Bug fix: create mixrand.bin in Mix directory. 58 Support "Encrypt-IDEA" directive. 59 60 1999-10-11 2.9beta16 Fix memory leaks. 61 62 1999-11-03 2.9beta17 Bug fix. 63 Sending messages is logged as DEBUGINFO. 64 65 1999-11-09 2.9beta18 Bug fix for rlist with trailing spaces. 66 Print remailer reliability (by Gerd Beuster). 67 68 1999-12-19 2.9beta19 (internal) 69 70 1999-12-19 2.9beta20 Output remailer RSA keys separately from the 71 DSA/ElGamal keys to avoid problems with old 72 versions of PGP. 73 Messages in mail folders can be deleted. Nym 74 messages and other encrypted mail will be 75 written back as plain text (by Gerd Beuster). 76 SMTP bug fix. 77 Support multiple OpenPGP decryption subkeys. 78 Fix remailer bug with Newsgroups header in encrypted 79 T1 messages. 80 Fix MIME-decoding bug (pointed out by Gerd Beuster). 81 Nym creation bug fix (by Gerd Beuster). 82 83 2000-03-09 2.9beta21 Support for PGP partial length packets (by 84 Christian Mock). 85 86 2000-03-16 2.9beta22 Bug fixes (by Antonomasia) and minor changes. 87 88 2000-06-29 2.9beta23 Bug fix for nym creation with several newsgroups 89 reply blocks (by Gerd Beuster). 90 --nym option bug fix (by Adam Back). 91 92 2001-09-11 2.9beta24 Changed pool.c to allow Mixmaster keys to pass 93 even when binary blocking is enabled. Note that 94 the solution is not a nice one: It does not 95 recognize Mix keys, it simply allows 10 lines of 96 binary garbage instead of 3. This should be enough 97 for Mix keys to come through (by Peter Palfrader). 98 Fixed a bug in pgpdata.c affecting v3 OpenPGP keys. 99 (by Michael Young). 100 101 2001-09-14 2.9beta25 Now builds with pcre3 (by Peter Palfrader). 102 Added support for destination.allow (by Peter 103 Palfrader). 104 If the sender email address or IP address matches 105 anything in source.blk, ignore the message (by 106 cmeclax). 107 Added support for the Mutt -T option (by Bill 108 O'Hanlon). 109 Patches merged (by Len Sassaman). 110 111 2001-09-17 2.9beta30 Version renamed to avoid conflicts with other 112 unofficial releases. 113 114 2001-09-19 2.9beta31 Fixed a bug in mime.c that sometimes resulted in 115 malformed text attachments (by Michael Young). 116 Better error handling (by Scott Renfro). 117 Added support for multiple dest.blk files. This 118 is needed for the Remailer Abuse Blocklist (by 119 Markus Stöger). 120 Added support for remailer-adminkey replies to 121 provide a better way for remops to distribute 122 their keys. (by Markus Stöger). 123 Fixed errors with pcre2.08 (by Rodney Thayer). 124 Added long command option --type-list for the -T 125 option, and updated help (by Len Sassaman). 126 Removed redundant "encoded" variable in mime.c. 127 Fixed Installer bugs. 128 129 2001-11-06 2.9beta32 Client functionality updates. 130 POP sockets now properly close. 131 Memory may be freed without allocating. 132 Correct time is written to mbox. 133 Key flags correctly set in key.txt. (all by 134 Disastry). 135 OpenSSL and OpenBSD Install script issues 136 addressed. 137 138 2001-12-16 2.9b33 Support for Mixmaster as a service on Windows 139 platforms added (by Disastry). 140 Problem transparently remixing to Type I remailers 141 debugged and corrected (by Andy Dustman, 142 Disastry, Senshi-Admin). 143 Fixed an error in chain.c that was causing 144 segfaults with chains greater than 20 remailers. 145 Non-multipart MIME message errors fixed. 146 Fixed an error in rfc822.c (by Scott Renfro). 147 Fixed pgpget.c errors. (by Ulf Möller). 148 No longer permits automatic blocking of entire 149 domains or newsgroups. 150 Help files re-written (by Lucky Green). 151 Fixed inconsistencies between software name and 152 package name. 153 154 2002-07-01 2.9b34 Encrypt-to directive is now supported. 155 Partial packets now properly expire if not 156 reassembled (by cmeclax). 157 Fixed an address blocking error introduced in 158 the last version (Peter Palfrader). 159 Various command line bug fixes. 160 161 2002-07-10 2.9b35 Updated zlib due to security reasons. 162 Does not generate keys in client mode. 163 Uses binary format for id.log. 164 Assorted mpgp fixes (by Disastry). 165 Added support for storing the key passphrase 166 in the mix.cfg file. (by Disastry). 167 Now reports the contents of dest.alw for 168 middleman remailers (by Kat). 169 Reworked the OpenSSL version check in the 170 Install script. 171 172 2002-08-09 2.9b36 Removed duplicate define of NYMDB from menu.h. 173 Fix a strncat() to undefined string variable in 174 mix.c (Closes: #584381). 175 Have the Makefile list all prerequisites for each 176 build target (Closes: #584386). 177 Change »majordomo@*« to »majordomo@« in default 178 dest.blk. The dest block engine does not under- 179 stand shell globs. Either substring matches or 180 regexen. 181 Fixed -T switch: if type2.list is not available fall 182 back to pubring.mix. 183 USE_IDEA is no longer default in config.h. It always 184 gets defined by the Install script instead. 185 Only create OpenPGP RSA keys if we compiled with 186 IDEA. 187 Make all filenames configurable in mix.cfg. 188 Add global mix.cfg support (compile time option). 189 The -G option now forces creation of new keys even in 190 client mode (Closes: #585176). 191 Random Documentation updates. 192 Default to not installing a .forward file in Install 193 script. 194 Fix unused variable warning on OpenBSD. 195 Fix public remailer keys getting re-signed 196 every time keys are requested (Closes: #478383). 197 Make smtp sending similar to local /usr/lib/sendmail 198 sending (wrt header/body separation; 199 Closes: #482052). 200 Add X-Loop header on mailbox forwarded messages. 201 Several small fixes by Sami Farin et al. 202 Detach correctly in daemon mode. 203 Minor Install script fixes. 204 205 2002-08-20 2.9b37 OpenPGP enhancement release (fixes by Disastry). 206 Fix a small bug in pgpdata.c that stopped Mixmaster 207 from reading cipher preferences. 208 Fixed Passphrase reading in mpgp (the test program) 209 on Windows platform. 210 Add Hash: header when clearsigning. 211 Properly handle RSA keys whose key size is not a 212 multiple of 64. 213 Remove leading zeros from MPI. 214 Use MDC packets whenever possible. 215 List CAST5 and AES128 in cipher preferences. 216 Now displays Mixmaster version in the PGP version 217 header for non remailer/nym messages. 218 219 2002-09-11 2.9b38 Install script deals with lack of patented IDEA 220 algorithm in a sane way (closes: #479020). 221 Compiled-in passphrase is now deprecated. 222 When expiring packet ids from id.log also expire 223 packets that are dated more than half a year in 224 the future. That way we get rid of invalid 225 packets introduced by the switch to a binary file. 226 The stats in remailer-stats replies always had a 227 peak at 00:00 GMT which was wrong. Fixed. 228 (closes: #597688). 229 Fixed a bug with reading armored keyrings consisting 230 of more than one armored block or having comments 231 in front of the one armored block. 232 In RSA PGP keys, we now set e=0x11. 233 Mixmaster now deletes error and temporary files 234 older than PACKETEXP time along with expired 235 partial packets. 236 Linux PPC fixes (and all other archs where char is 237 unsigned). 238 239 2002-10-07 2.9b39 Added a new feature, --store-mail (-I), which will 240 deliver an encrypted mix packet to the message pool 241 without attempting being decrypted. 242 Made minor updates for WIN32 DLL. 243 When sending type II messages interactively you may 244 now choose a middleman remailer as the last hop 245 in your chain (closes: #481244). 246 If a footer.txt file exists its content will be 247 appended to outgoing messages leaving the remailer 248 network at this hop (closes: #490117). 249 List known remailers in remailer-conf reply (closes: 250 #480330). 251 The files created with "SENDMAIL outfile" have 252 different names now to scale beyond 10k files 253 (closes: #587593). 254 Fixed the "is a mailfolder" checking for -f. 255 Various fixes for Mixmaster when not using ncurses. 256 Added new option --config to allow loading of 257 configuration information from an alternate file. 258 POOL is now used correctly if set in mix.cfg. 259 ASCII armor checksum is now verified on PGP keys. 260 Corrected a bug where 1/4096 of pgp messages was 261 destroyed due an improper armor checksum 262 interpretation. 263 Added password-based authenticated SMTP for mix. 264 Currently, only AUTH LOGIN is supported. 265 Mixmaster now handles <CR><LF> in pubring.mix. 266 Removed incorrect NT service checks in mix.c. 267 Mixmaster now keeps no stats in client mode. 268 The pool is autmatically checked for waiting 269 messages in the client configuration. 270 Mixmaster now bears a DFSG-compliant license. 271 Fixed permissions on tarball release. 272 Documentation updates. 273 274 2002-10-16 2.9b40 New option MAILIN that can be set to either a mbox 275 or Maildir folder. New mail will be read from it 276 and the folder cleared every time Mixmaster 277 processes its pool, or at MAILINTIME intervals 278 (closes: #597043). 279 The Mixmaster daemon now writes a pid file. 280 Mixmaster in daemon mode now catches SIGTERM and 281 SIGINT and finishes its current queue run and then 282 exits successfully. 283 Minor code formating cleanup and Install script 284 fixes. 285 286 2002-12-15 2.9b41 The Mixmaster protocol version is now prepended 287 to the software version in the Mixmaster cap- 288 string. 289 Minor configuration default changes and Install 290 script fixes. 291 Install script now always uses "make" and not 292 "gmake". 293 IDEA detection is fixed on systems that provide 294 the header files but then turn out to not 295 have the required functions upon linking. 296 Install now properly identifies system-wide 297 installations of pcre and/or zlib if they 298 are installed in /usr/local/. 299 Mixmaster will now ensure that an address 300 submitted in a blocking request does not 301 match that of a known remailer before 302 adding it to the dest.blk file (patch 303 submitted by Trek. Vulnerability originally 304 discovered by noise and rabbi.) 305 Minor documentation fixes. 306 307 2002-12-16 2.9b42 Minor documentation fixes. 308 Append another newline character to mbox folders 309 when storing a mail so that the mandatory empty 310 line is there. 311 312 2002-12-16 2.9.0rc1 Release candidate. Packaging changes only. 313 314 2002-12-25 2.9.0 Release version. Minor documentation changes 315 and version number change only. 316 317 2003-11-08 2.9.1 Several changes for the Windows build. 318 Some Install script fixes. 319 Fixed a problem in blockrequest() where a buffer 320 could have been used after it was free()'d which 321 resulted in segfaults. 322 Check that feedback buffer is not null before 323 operating on it in chain_select(). 324 Closes #631353, thanks Sami Farin. 325 Make sure DH/DSA param file is actually opened 326 before writing to it. Fixes a segfault in 327 case it is not. 328 Handle a pool we cannot read correctly: don't close 329 the NULL dir handle (segfaults on *BSD). We also 330 print a warning in that case now. 331 Minor stats fix (gmtime vs localtime). 332 Fix pool stats bug. 333 334 2004-03-20 3.0b1 FEATURE ENHANCEMENTS: 335 336 The secret pgp keyring is now stored ASCII armored 337 with one key per ascii armor. 338 NB: Due to the bug with reading armored keyrings and 339 secring being stored armored now, it is not 340 advisable to downgrade Mixmaster unless special 341 action is taken to preserve the secret pgp 342 keyring. 343 Mixmaster now prompts for secret key passphrase when 344 started in daemon mode. 345 Mixmaster checks expiration and revocation status of 346 pgp keys, userids, and subkeys. 347 Mixmaster will not encrypt or sign with a revoked 348 or expired key. 349 When encrypting, Mixmaster uses preferences from 350 the primary userid (or the latest userid, if zero 351 or more than one primary userid is present.) 352 Mixmaster keys now have creation and expiration date. 353 It is not secured by any crypto voodoo, it's only 354 informational for clients to decide which keys to 355 use should they have more than one per remailer. 356 - on the client side we do not show remailers (and 357 therefore not use them) if their key is expired. 358 - the remailer refuses to decrypt messages to keys 359 that expired one month ago or earlier. 360 - the remailer automatically creates new Mixmaster 361 keys if the current ones are about to expire or 362 already are expired. 363 - the latest key from secring.mix is written to 364 key.txt. It used to be the first one. Since 365 creation of new mix key appends the key, this 366 seemed sensible. 367 Mixmaster now generates dummy messages automatically 368 as mail enters and exits the pool. 369 Applied Maildir feature patch by drt@un.bewaff.net, 370 with some changes by PP: 371 MAILBOX can now be a Maildir (closes: #586223). 372 New Star-Exclude feature by Colin Tuckley: 373 User-selected remailers can be excluded from 374 being chosen as random hops. 375 Have stats on intermediate vs. final hop count 376 (closes: #649900). 377 Add max capability for Type I. 378 Config option EXTFLAGS allows appending additional 379 flags to the capabilities string. (Hauke Lampe) 380 Config option PRECEDENCE allows setting the 381 Precedence: header on all outgoing mail. 382 (Hauke Lampe) 383 In order to serve help files in different languages 384 we need a way to reply to requests like 385 remailer-help-it. In order to not have to modify 386 the code for each and every new ressource, 387 Mixmaster now sends the file 388 requests/remailer-<something> to 389 remailer-<something> requests. 390 remailer-{help,key, stats,conf,adminkey} still are 391 special cases though. 392 Drop messages without timestamps and messages with 393 future timestamps. This abandons backwards 394 compatibility with Mixmaster 2.0.3 and earlier. 395 Mixmaster attempts to detect system clock 396 misconfigurations and refuses to run as a 397 remailer if there is a problem suspected. 398 Only applies to Mixmaster in remailer mode. 399 400 BUG FIXES: 401 402 Mixmaster in daemon mode reloads configuration on 403 SIGHUP. 404 In the curses interface chain selection it was not 405 possible to select a random last hop with a usenet 406 post message. Fixed (closes: #719165). 407 If remix was enabled and we had a Type-I Anon-Post-To 408 request we accidently randhoped it via the 409 configured default remailing chain (default: 410 *,*,*,*). 411 Fixed (closes: #729494). 412 In client mode (REMAIL n) the pool is flushed every 413 time mixmaster is run unless CLIENTAUTOFLUSH is 414 set to n. (closes: #676794: Rate implementation 415 doubled) 416 Found that weird bug that sometimes led to "Unknown 417 remailer version!" errors: In chain_randfinal() we 418 selected a random value between 0 and maxrem 419 instead of 0 and maxrem - 1. Mixmaster now uses 420 broken-chain info from stats. 421 Warn if remailer stats are older than a day or 422 from the future. 423 Don't send messages to ourselves via the mailsystem 424 but instead place them in the pool as incoming 425 messages so that they will get processed with the 426 next pool run. 427 No longer try to send a message if there are no 428 recipients left. 429 Set default max-randhops from 20 to 4. 430 Remix-To chain is limited by max-randhops limit as 431 well. 432 Messages to more than one remailer are dropped. 433 Nym support is not compiled in by default anymore. 434 The OpenPGP module mpgp now includes a man 435 page (large contributions by Trek). 436 Ignore 'No reliable remailers' problems when 437 randhopping messages in middleman mode. 438 That is better than dropping them. 439 Experimental feature: --redirect -l <chain>. 440 If you have a mixmaster message with a 441 chain starting with hop1 (you cannot know any 442 more because it already is encrypted) then 443 mix --redirect -l foo,bar < file 444 redirect the message so the chain is actually 445 foo,bar,hop1,... and places it in your pool. 446 If the total number of hops (which cannot be 447 known) exceeds 20 the message is damanged 448 and will fail at the 20th node. 449 450 2004-05-06 3.0b2 451 Use /dev/arandom instead of /dev/srandom on 452 OpenBSD (Nikolay Sturm). 453 Fall back to 3DES as Encrypt-Key cipher if we don't 454 have IDEA. - Laurent Fousse <laurent@komite.net> 455 Also sort mail into the various mboxes if autoreply 456 is not set. 457 Properly ignore whitespace in chain selection. 458 Removed unused functions in keymgt.c. 459 Added new options -V, --version, and --about. 460 Made manpage corrections. 461 Minor ncurses display tweaks. 462 General improvements for Win32 support (by 463 goblin and Peter Palfrader). 464 Preliminary Windows Installer work. 465 On Win32, default to Application Data/Mixmaster for 466 mixmaster's basedirectory. This can still be 467 overridden by MIXPATH or the registry entry 468 HKEY_CURRENT_USER\Software\Mixmaster\MixDir 469 Introduced new option "(e)dit configuration 470 file" in the main menu. 471 Changed 'q)uit' to 'q)uit w/o sending' in 472 menusend.c. 473 Added stats downloading support. Currently 474 works under Win32 only (by goblin). 475 Fixed bug in buffers.c. 476 477 2006-06-24 3.0rc1 478 Prefer pubring.asc over secring.pgp. 479 Support an unpublished dest.alw file. 480 Added MINLAT directive. Ensures randhopped 481 messages are sent through remailers of 482 latency of MINLAT time or greater 483 (suggested by Steve Crook). 484 Improved OpenSSL version checking in the 485 Install script. 486 Added full stats download support. 487 Fixed buffer overflow bug in keymgt.c. 488 489 2008-03-03 3.0 490 Changed name of WIN32 default config file 491 from mix.cfg.txt to mix.ini. 492 Changed pop3.cfg to pop3.ini on WIN32. 493 Updated Install script. 494 Minor documentation changes. 495 496 497 498 Mixmaster maintainer history: 499 500 1998-2000: Ulf Möller -- versions 2.9beta0 through 2.9beta22. 501 2000: Johannes Kroeger -- version 2.9beta23. 502 2001-2008: Len Sassaman -- versions 2.9beta24 through present.