-
Notifications
You must be signed in to change notification settings - Fork 37
/
Copy pathCHANGELOG.txt
374 lines (315 loc) · 14 KB
/
CHANGELOG.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
4.1.0 [2021-12-xx]
------------------
- fixed incompatibility with Thunderbird 96 (#279)
- Re-added support for Thunderbird Conversations add-on (#203)
- show proper error message on ill-formed from (#238)
- ignore ill-formed List-Id (#262) and fix parsing of List-Id
- Authentication-Results header: fixed sorting of DKIM results in regards to list id
- fixed options styling for Thunderbird 91
- added Brazilian Portuguese translation (by David BrazSan) (#283)
- updated default rules and favicons (#274)
- Add ability to export/import sign rules (#220)
- Fix layout issues in table views (Sign rules / stored keys) (#248)
- updated default rules and favicons (#263, #266, #274, #281, #284)
4.0.0 [2021-04-18]
------------------
- now requires at least Thunderbird 78
- fixed incompatibility with Thunderbird 78 (#199)
- removed option to show DKIM result in the statusbarpanel
- Authentication-Results header: fixed parsing of version
- Authentication-Results header: fixed parsing of quoted SDID and AUID (#229, #234)
- Authentication-Results header: fixed missing reason on fail resulting in error (#232)
- libunbound resolver: Don't provide a default path (#199)
- libunbound resolver: Improve options description (#199)
- added about page in options
- added incomplete Swedish translation (by Phoenix)
- added Spanish translation (by Peter O Brien) (#239)
- updated default rules and favicons (#208, #209, #210)
3.1.0 [2020-01-22]
------------------
- includes changes from 2.2.0
- fix default rules and favicons (#197)
2.2.0 [2020-01-19]
------------------
- Authentication-Results header: fix relaxed parsing option and trailing ";"
- exposed option on how to treat weak keys. Default is now ignore (was warning since 2.1.0) (#174)
- fixed default text color for unsigned e-mail in dark theme if highlighting of From header is enabled (#181)
- libunbound resolver: add ability to explicitly load dependencies of libunbound (#170, #179)
- updated default rules and favicons (#165, #168, #169, #180)
3.0.1 [2019-09-22]
------------------
- fixed incompatibility with Thunderbird 70 (#167)
- fixed DKIM status not visible when a message is opened in a new window (#172)
- fixed incompatibility with CompactHeader add-on (#177)
- JSDNS: fixed proxy support (#173)
3.0.0 [2019-09-01]
------------------
- now requires at least Thunderbird 68
- fixed incompatibility with Thunderbird 68/69 (#115)
- libunbound resolver: remove old root trust anchor (key tag 19036)
2.1.0 [2019-08-29]
------------------
- Cryptographic Algorithm and Key Usage Update (RFC 8301, #141)
- updated default rules and favicons (#140, #145, #152, #157, #159)
- added Hungarian translation (by Óvári) (#164)
2.0.1 [2019-01-18]
------------------
- fixed signature verification in case the RSA key has an odd key length (#112)
- fixed DMARC heuristic (#125)
- fixed "*" not being recognized as valid Service Type in DKIM Keys (#134)
- changed update DKIM key button to now update the keys of all DKIM signatures in the e-mail
- Authentication-Results header: fixed mixed case results specified by older SPF specs resulting in a parsing error (#135)
- JSDNS: fixed a problem getting the default DNS servers on Windows (#116, #120)
- JSDNS: reduced default DNS server timeout from 10 to 5 seconds
- updated included third-party libraries
- updated default rules and favicons
2.0.0 [2018-04-19]
------------------
- now requires at least Thunderbird 52
- added toolbar button and menuitem for sign rules
- added option to try to read non RFC compliant Authentication-Results header
- fixed incompatibility with Thunderbird 57/59/60
- fixed favicons not being shown if the CardBook add-on is installed
- fixed "Add must be signed exception" button being disabled if wrong signer is only a warning
- updated default rules and favicons
1.7.0 [2017-07-22]
------------------
- libunbound resolver: added ability to specify multiple trust anchors
- libunbound resolver: added new root trust anchor (key tag 20326)
- updated default rules and favicons
1.6.5 [2017-05-14]
------------------
- added Japanese translation (by SAKURAI Kenichi)
- updated default rules
1.6.4 [2017-02-09]
------------------
- fixed saving of result with DNSSEC lock enabled
- fixed incompatibility with Thunderbird 52 and libunbound
- updated default rules and favicons
1.6.3 [2016-11-20]
------------------
- fixed incompatibility with Thunderbird 52
- updated default rules and favicons
1.6.2 [2016-10-24]
------------------
- fixed incompatibility with Silvermel/Charamel
- fixed Problem with copied header fields
- updated default rules and favicons
1.6.1 [2016-09-26]
------------------
- fixed problem with old Thunderbird versions and sign rules
1.6.0 [2016-09-25]
------------------
- added option to indicate successful DNSSEC validation with a lock (enabled by default)
- added option to show the favicon of some known signing domains (enabled by default)
- added option to show the ARH result alongside the add-ons, instead of replacing it
- JSDNS: differentiate between a server error and an non existing DKIM key
- sign rules: ignore must be signed for outgoing messages
- sign rules: updated default rules
- fixed updating a DKIM key or marking it as secure via the "Other Actions" button
1.5.1 [2016-06-11]
------------------
- fixed verification for external messages
- sign rules: updated default rules
1.5.0 [2016-05-17]
------------------
- added option to enable/disable DKIM verification for each account
- JavaScript DNS library: added support to use a proxy
- sign rules: updated default rules (added firefox.com)
- DKIM key: empty, but existing DNS record is now treated as a missing key instead as an ill-formed one
- fixed installing problem if extensions.getAddons.cache.enabled is set to false (https://bugzilla.mozilla.org/show_bug.cgi?id=1187725)
1.4.1 [2016-02-13]
------------------
- fixed incompatibility with Thunderbird 46
- Authentication-Results header: fixed trusting all authentication servers
1.4.0 [2016-02-08]
------------------
- simplified shown error reasons and added advanced option for detailed reasons
- Authentication-Results header: reading of the ARH can now be set for each account
- Authentication-Results header: added option to only trust specific authentication servers
- Authentication-Results header: continue verification if there is no DKIM result in the ARH header
- Authentication-Results header: allow also unknown property types to be compliant with RFC 7601
- Authentication-Results header: fixed bug if ARH header exists, but no message authentication was done
- JavaScript DNS library: no longer get the DNS servers from deactivated interfaces under windows
- libunbound resolver: no longer blocks the UI of Thunderbird
- libunbound resolver: changing preferences no longer needs a restart
1.3.6 [2015-09-13]
------------------
- fixed error in parsing of Authentication-Results header
- added additional debugging calls
1.3.5 [2015-07-11]
------------------
- fixed bug if a header field body started with a ":"
1.3.4 [2015-06-21]
------------------
- added compatibility for Thunderbird 40
1.3.3 [2015-03-21]
------------------
- fixed bug in the sorting of the results of multiple DKIM signatures
1.3.2 [2015-02-21]
------------------
- updated default sign rules
1.3.1 [2014-12-10]
------------------
- DNS errors in DMARC heuristic are now ignored (previously this resulted in an internal error)
- fixed error resulting in incompatibility with Thunderbird 36
1.3.0 [2014-12-08]
------------------
- added option to treat ill-formed selector tag as as error/warning/nothing (default warning; previous behavior was error)
- added support for multiple signatures
- added option to read Authentication-Results header
- added French translation (by Christophe CHAUVET)
- fixed problem with JavaScript DNS Resolver and long DKIM keys, resulting in error "Key couldn't be decoded"
- fixed incompatibility with compact headers add-on
1.2.2 [2014-08-16]
------------------
- added Chinese (Simplified) translation (by YFdyh000)
- fixed the showing of a wrong error reason in some cases of a bad RSA signature
1.2.1 [2014-06-30]
------------------
- fixed an issue in formated strings ("%S" was not replaced)
1.2.0 [2014-06-25]
------------------
- added option for sign rules to allow also subdomains of the SDIDs (enabled by default)
- fixed comparison of domains (was case sensitive)
- updated default sign rules
1.1.2 [2014-05-08]
------------------
- fixed error if e-mail is from a domain on the public suffix list (like "googlecode.com")
- updated default sign rules
1.1.1 [2014-04-10]
------------------
- fixed bug in use of libundboud (non existing domain was treated as server error; caused problems with DMARC)
1.1.0 [2014-04-07]
------------------
- added options for automatically added sign rules
- added option to use DMARC to heuristically determinate if an e-mail should be signed
- fixed sign rules being automatically added even if signRules are disabled
- fixed bug in getting DNS name server from OS under Linux/Mac (last line was not read)
1.0.5 [2014-01-14]
------------------
- added Italian translation (by Michele Locati)
- statusbarpanel and tooltip are now set to loading on reverify
- DKIM Keys and signers rules window can now be opened at the same time
1.0.4 [2013-12-20]
------------------
- fixed bug in an error message of the JavaScript DNS library
- added advanced options for the JavaScript DNS library useful in case of bad network connection (not available through GUI)
1.0.3 [2013-12-12]
------------------
- fixed bug in sign rules if from address contains capital letters
- fixed verification of unsigned e-mails which are marked as should be signed by sign rules
1.0.2 [2013-11-22]
------------------
- fixed internal error if sign rules are disabled
1.0.1 [2013-11-22]
------------------
- fixed DKIM_SIGWARNING_FROM_NOT_IN_SDID
1.0.0 [2013-11-21]
------------------
- added signers rules
- added key storing
- added libunbound as second DNS resolver (supports DNSSEC)
- from tooltip now also works if Thunderbird's status bar is disabled
- fixed some patterns (A-z to A-Za-z, dkim_safe_char, qp_hdr_value)
- fixed pattern for note tag in DKIM key
- fixed bug in DKIM_SIGWARNING_FROM_NOT_IN_AUID
- validate tag list as specified in Section 3.2 of RFC 6376
- now differentiation between missing and ill-formed tags
- added check that hash declared in DKIM-Signature is included in the hashs declared in the key record
- added check that the hash algorithm in the public key is the same as in the header
0.6.3 [2013-10-13]
------------------
- fixed bug for detection of configured DNS Servers in Windows
(if more then one DNS server was configured for an adapter)
0.6.2 [2013-10-13]
------------------
- fixed bug if "other actions" button of CompactHeader add-on toolbar is not included
0.6.1 [2013-10-12]
------------------
- better detection of configured DNS Servers in Windows
0.6.0 [2013-09-26]
------------------
- added option for displaying of header, status bar and tooltip for From header
- fixed false detection of DKIM_SIGERROR_DOMAIN_I
- made options height smaller
- fixed error in "simple" body canonicalization algorithm resulting in "Wrong body hash"
- fixed bug for mixed CRLF and LF EOLs in body (resulting in "Wrong body hash")
- fixed error if external message was viewed (but there is still a problem with IMAP attachments)
- fixed bug ("DKIM-Signature" header name was case sensitive)
0.5.1 [2013-09-20]
------------------
- added option to get DNS Servers from OS
0.5.0 [2013-09-10]
------------------
- added support of multiple DNS servers
- added optional saving of the result
- DNS Server not reachable no longer treated as a PERMFAIL
- added TEMPFAIL
0.4.4 [2013-08-02]
------------------
- changed how msgHdrViewOverlay.css is loaded
0.4.3 [2013-07-27]
------------------
- header highlighting now works with collapsed header from CompactHeader addon
- works now also if e-mail has LF line ending
0.4.2 [2013-06-28]
------------------
- fixed alignment of warning-icon in mac (by Nils Maier)
0.4.1 [2013-06-28]
------------------
- DKIM-Signature header field name now in same style as the others (by Nils Maier)
- fixed bug if message needs to be downloaded from IMAP server
- added German translation (by ionum)
- fixed relaxed canonicalization of a body with only empty lines (by ionum)
- small displaying changes in options
0.4.0 [2013-06-09]
------------------
- warnings are displayed
- added warning for
- Signature is expired
- Signature is in the future
- From is not in SDID
- From is not in AUID
- Signature key is small
- added option to treat testmode as warning, not as error
- added options for highlighting of From header
- added option to always show DKIM-Signature header field
- fixed relaxed body canonicalization for non trailing CRLF
- fixed parsing of Message canonicalization if only one algorithm is named
- added partial support of CNAME record type in DNS Library
- fix bug if nonexisting header field is signed
- fixed parsing of AUID
0.3.3 [2013-05-31]
------------------
- fixed issue with RSS feeds
- added debug info to rsasign-1.2.js
0.3.2 [2013-05-30]
------------------
- fixed regex pattern for SDID, Selector and local_part
0.3.1 [2013-05-30]
------------------
- fixed problem with CompactHeader addon
0.3.0 [2013-05-29]
------------------
- options dialog added
- body length tag was checked before canonicalization
- fixed simple body canonicalization for empty body or no trailing CRLF
- DNS, RSA, ... helper scripts now in DKIM_Verifier namespace
0.2.2 [2013-05-22]
------------------
- fixed regex pattern for domain_name ("." was not escaped)
0.2.1 [2013-05-22]
------------------
- query method was parsed wrong
- last header field was parsed wrong
- DNS exception now caught
0.2 [2013-05-16]
----------------
- check that from header is signed now included
- key record flags are no longer ignored
- Multiple Instances of a header Field are now supported
- encoding issue for body hash fixed
0.1 [2013-05-13]
----------------
- Initial release