Home | History | Annotate | Download | only in openssh 
      1 Documentation:
      2 
      3 - Update the docs
      4   - Update README
      5   - Update INSTALL
      6   - Merge INSTALL & README.privsep
      7 
      8 - Install FAQ?
      9 
     10 - General FAQ on S/Key, TIS, RSA, RSA2, DSA, etc and suggestions on when it
     11   would be best to use them.
     12 
     13 - Create a Documentation/ directory?
     14 
     15 Programming:
     16 
     17 - Grep for 'XXX' comments and fix
     18 
     19 - Link order is incorrect for some systems using Kerberos 4 and AFS. Result
     20   is multiple inclusion of DES symbols. Holger Trapp
     21   <holger.trapp (a] hrz.tu-chemnitz.de> reports that changing the configure
     22   generated link order from:
     23 	-lresolv -lkrb -lz -lnsl  -lutil -lkafs -lkrb -ldes -lcrypto
     24   to:
     25 	-lresolv -lkrb -lz -lnsl  -lutil -lcrypto -lkafs -lkrb -ldes
     26   fixing the problem.
     27 
     28 - Write a test program that calls stat() to search for EGD/PRNGd socket
     29   rather than use the (non-portable) "test -S".
     30 
     31 - More platforms for for setproctitle() emulation (testing needed)
     32 
     33 - Improve PAM ChallengeResponseAuthentication
     34  - Informational messages
     35  - Use different PAM service name for kbdint vs regular auth (suggest from
     36    Solar Designer)
     37  - Ability to select which ChallengeResponseAuthentications may be used
     38    and order to try them in e.g. "ChallengeResponseAuthentication skey, pam"
     39 
     40 - Complete Tru64 SIA support
     41  - It looks like we could merge it into the password auth code to cut down
     42    on diff size. Maybe PAM password auth too?
     43 
     44 - Finish integrating kernel-level auditing code for IRIX and SOLARIS
     45   (Gilbert.r.loomis (a] saic.com)
     46 
     47 - 64-bit builds on HP-UX 11.X (stevesk (a] pobox.com):
     48   - utmp/wtmp get corrupted (something in loginrec?)
     49   - can't build with PAM (no 64-bit libpam yet)
     50 
     51 Clean up configure/makefiles:
     52 - Clean up configure.ac - There are a few double #defined variables
     53   left to do.  HAVE_LOGIN is one of them.  Consider NOT looking for
     54   information in wtmpx or utmpx or any of that stuff if it's not detected
     55   from the start
     56 
     57 - Replace the whole u_intXX_t evilness in acconfig.h with something better???
     58  - Do it in configure.ac
     59 
     60 - Consider splitting the u_intXX_t test for sys/bitype.h  into seperate test
     61   to allow people to (right/wrongfully) link against Bind directly.
     62 
     63 - Consider splitting configure.ac into seperate files which do logically
     64   similar tests. E.g move all the type detection stuff into one file,
     65   entropy related stuff into another.
     66 
     67 Packaging:
     68 - HP-UX: Provide DEPOT package scripts.
     69   (gilbert.r.loomis (a] saic.com)
     70 
     71 PrivSep Issues:
     72 - mmap() issues.
     73   + /dev/zero solution (Solaris)
     74   + No/broken MAP_ANON (Irix)
     75   + broken /dev/zero parse (Linux)
     76 - PAM
     77   + See above PAM notes
     78 - AIX
     79   + usrinfo() does not set TTY, but only required for legacy systems.  Works
     80     with PrivSep.
     81 - OSF
     82   + SIA is broken
     83 - Cygwin
     84   + Privsep for Pre-auth only (no fd passing)
     85 
     86 $Id: TODO,v 1.58 2004/12/06 11:40:11 dtucker Exp $
     87