-configure.in: done
-
Makefile.in: autodep stuff
-conffile.c: done
-
dh.c: change format to binary from decimal string (without introducing
endianness problems)
-netlink.c: done. jdamery reports tun-old code works on Linux-2.2
-Unresolved problem with ioctl(TUNSETIFF) sometimes return EINVAL.
+ipaddr.c: implement the useful functionality from ipaddr.py
-random.c: test
+netlink.c: investigate why 'default' routes don't appear to work
+(reported by JDA).
+Test the 'allow_route' option properly.
-resolver.c: done
+random.c: test
rsa.c: check padding type, change format to binary from decimal string
(without introducing endianness problems)
-secnet.c: done
-
site.c: the site_incoming() routing could be implemented much more
cleanly using a table. There's still quite a lot of redundancy in this
file. Abandon key exchanges when a bad packet is received. Modify
-protocol to include version fields, as described in the NOTES file.
-
-transform.c: done. JDA reports endianness problems are fixed.
-
-udp.c: done
-
-util.c: sort out logging
-
-General: check over MBM's patches for BSD.
+protocol to include version fields, as described in the NOTES
+file. Implement keepalive mode. Make policy about when to initiate key
+exchanges more configurable (how many NAKs / bad reverse-transforms
+does it take to prompt a key exchange?)
+
+slip.c: restart userv-ipif to cope with soft routes? Restart it if it
+fails in use?
+userv-ipif doesn't like the same bit of network to be specified
+twice. Use the new functionality in ipaddr.c once it's done to prevent
+this.
+Work out why slip.c doesn't compile on Solaris-2.5.1
+
+transform.c: separate the transforms into multiple parts, which can
+then be combined in the configuration file. Will allow the user to
+plug in different block ciphers, invent an authenticity-only mode,
+etc.
+
+udp.c: actually send NAKs rather than just complaining.
~ian / secnet.git / blobdiff