TODO revision 124208
1124208SdesDocumentation: 2124208Sdes 3124208Sdes- Update the docs 4124208Sdes - Update README 5124208Sdes - Update INSTALL 6124208Sdes - Merge INSTALL & README.privsep 7124208Sdes 8124208Sdes- Install FAQ? 9124208Sdes 10124208Sdes- General FAQ on S/Key, TIS, RSA, RSA2, DSA, etc and suggestions on when it 11124208Sdes would be best to use them. 12124208Sdes 13124208Sdes- Create a Documentation/ directory? 14124208Sdes 1598937SdesProgramming: 16124208Sdes 1798937Sdes- Grep for 'XXX' comments and fix 1898937Sdes 1998937Sdes- Link order is incorrect for some systems using Kerberos 4 and AFS. Result 2098937Sdes is multiple inclusion of DES symbols. Holger Trapp 2198937Sdes <holger.trapp@hrz.tu-chemnitz.de> reports that changing the configure 2298937Sdes generated link order from: 2398937Sdes -lresolv -lkrb -lz -lnsl -lutil -lkafs -lkrb -ldes -lcrypto 2498937Sdes to: 2598937Sdes -lresolv -lkrb -lz -lnsl -lutil -lcrypto -lkafs -lkrb -ldes 2698937Sdes fixing the problem. 2798937Sdes 2898937Sdes- Write a test program that calls stat() to search for EGD/PRNGd socket 2998937Sdes rather than use the (non-portable) "test -S". 3098937Sdes 31113908Sdes- More platforms for for setproctitle() emulation (testing needed) 3298937Sdes 3398937Sdes- Handle changing passwords for the non-PAM expired password case 3498937Sdes 3598937Sdes- Improve PAM support (a pam_lastlog module will cause sshd to exit) 36106121Sdes and maybe support alternate forms of authentications like OPIE via 3798937Sdes pam? 3898937Sdes 39124208Sdes- Improve PAM ChallengeResponseAuthentication 40124208Sdes - Informational messages 41124208Sdes - chauthtok 4298937Sdes - Use different PAM service name for kbdint vs regular auth (suggest from 4398937Sdes Solar Designer) 4498937Sdes - Ability to select which ChallengeResponseAuthentications may be used 4598937Sdes and order to try them in e.g. "ChallengeResponseAuthentication skey, pam" 4698937Sdes 4798937Sdes- Complete Tru64 SIA support 4898937Sdes - It looks like we could merge it into the password auth code to cut down 4998937Sdes on diff size. Maybe PAM password auth too? 5098937Sdes 5198937Sdes- Finish integrating kernel-level auditing code for IRIX and SOLARIS 5298937Sdes (Gilbert.r.loomis@saic.com) 5398937Sdes 5498937Sdes- 64-bit builds on HP-UX 11.X (stevesk@pobox.com): 5598937Sdes - utmp/wtmp get corrupted (something in loginrec?) 5698937Sdes - can't build with PAM (no 64-bit libpam yet) 5798937Sdes 5898937SdesClean up configure/makefiles: 5998937Sdes- Clean up configure.ac - There are a few double #defined variables 6098937Sdes left to do. HAVE_LOGIN is one of them. Consider NOT looking for 6198937Sdes information in wtmpx or utmpx or any of that stuff if it's not detected 6298937Sdes from the start 6398937Sdes 64124208Sdes- Fails to compile when cross compile. (vinschen@redhat.com) 6598937Sdes 6698937Sdes- Replace the whole u_intXX_t evilness in acconfig.h with something better??? 67113908Sdes - Do it in configure.ac 6898937Sdes 6998937Sdes- Consider splitting the u_intXX_t test for sys/bitype.h into seperate test 7098937Sdes to allow people to (right/wrongfully) link against Bind directly. 7198937Sdes 7298937Sdes- Consider splitting configure.ac into seperate files which do logically 7398937Sdes similar tests. E.g move all the type detection stuff into one file, 7498937Sdes entropy related stuff into another. 7598937Sdes 7698937SdesPackaging: 7798937Sdes- Solaris: Update packaging scripts and build new sysv startup scripts 7898937Sdes Ideally the package metadata should be generated by autoconf. 7998937Sdes (gilbert.r.loomis@saic.com) 8098937Sdes 8198937Sdes- HP-UX: Provide DEPOT package scripts. 8298937Sdes (gilbert.r.loomis@saic.com) 8398937Sdes 8499060SdesPrivSep Issues: 8599060Sdes- mmap() issues. 8699060Sdes + /dev/zero solution (Solaris) 8799060Sdes + No/broken MAP_ANON (Irix) 8899060Sdes + broken /dev/zero parse (Linux) 8999060Sdes- PAM 9099060Sdes + See above PAM notes 9199060Sdes- AIX 92124208Sdes + usrinfo() does not set TTY, but only required for legacy systems. Works 9399060Sdes with PrivSep. 9499060Sdes- OSF 9599060Sdes + SIA is broken 9699060Sdes- Cygwin 9799060Sdes + Privsep for Pre-auth only (no fd passing) 9899060Sdes 99124208Sdes$Id: TODO,v 1.55 2003/06/11 13:56:41 dtucker Exp $ 100