-configure.in: cut down to just the required tests. Support for installation.
+dh.c: change format to binary from decimal string (without introducing
+endianness problems)
-Makefile.in: support for installation.
+netlink.c: test the 'allow_route' option properly.
+Add fragmentation code. Check that we comply with RFC1812.
-conffile.c: deal with line numbers from included conffiles correctly
+random.c: test properly
-dh.c: change format to binary from decimal string
+resolver.c: ought to return a list of addresses for each address; the
+site code ought to remember them and try contacting them in turn.
-netlink.c: done. Test tun-old code.
+rsa.c: check padding type, change format to binary from decimal string
+(without introducing endianness problems)
-random.c: test
+site.c: Abandon key exchanges when a bad packet is received. Modify
+protocol to include version fields, as described in the NOTES
+file. Implement keepalive mode. Make policy about when to initiate key
+exchanges more configurable (how many NAKs / bad reverse-transforms
+does it take to prompt a key exchange?)
-resolver.c: done
+slip.c: restart userv-ipif to cope with soft routes? Restart it if it
+fails in use?
-rsa.c: check padding type, change format to binary from decimal string
+transform.c: separate the transforms into multiple parts, which can
+then be combined in the configuration file. Will allow the user to
+plug in different block ciphers, invent an authenticity-only mode,
+etc. (similar to udptunnel)
-secnet.c: done
+udp.c: option for path-MTU discovery (once fragmentation support is
+implemented in netlink)
-site.c: the site_incoming() routing could be implemented much more
-cleanly using a table. There's still quite a lot of redundancy in this
-file.
-transform.c: done
+global:
+consider using liboop for the event loop
-udp.c: done
-util.c: sort out logging
+--
+This file is part of secnet.
+See LICENCE and this file CREDITS for full list of copyright holders.
+SPDX-License-Identifier: GPL-3.0-or-later
+There is NO WARRANTY.