X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=secnet.git;a=blobdiff_plain;f=TODO;h=e02c6279dd20ea5ae65abac430a61594d2647de7;hp=071a71609e82a4e29c4d63ea8701348c414446c1;hb=794f2398b8fe84bf398bb10d6eeca6fe6737f65f;hpb=baa06aeb963965b4b6a8a8051ec15b72372080dd diff --git a/TODO b/TODO index 071a716..e02c627 100644 --- a/TODO +++ b/TODO @@ -1,32 +1,33 @@ -configure.in: done - Makefile.in: autodep stuff - -conffile.c: done +Make it work using the distributed install.sh (which doesn't support -D) dh.c: change format to binary from decimal string (without introducing endianness problems) -netlink.c: done. jdamery reports tun-old code works on Linux-2.2 +netlink.c: test the 'allow_route' option properly. + +process.c: capture output from children in sys_cmd() and log it random.c: test -resolver.c: done +resolver.c: ought to return a list of addresses for each address; the +site code ought to remember them and try contacting them in turn. rsa.c: check padding type, change format to binary from decimal string (without introducing endianness problems) -secnet.c: done - site.c: the site_incoming() routing could be implemented much more cleanly using a table. There's still quite a lot of redundancy in this file. Abandon key exchanges when a bad packet is received. Modify -protocol to include version fields, as described in the NOTES file. - -transform.c: done. JDA reports endianness problems are fixed. - -udp.c: done - -util.c: sort out logging - -General: check over MBM's patches for BSD. +protocol to include version fields, as described in the NOTES +file. Implement keepalive mode. Make policy about when to initiate key +exchanges more configurable (how many NAKs / bad reverse-transforms +does it take to prompt a key exchange?) + +slip.c: restart userv-ipif to cope with soft routes? Restart it if it +fails in use? + +transform.c: separate the transforms into multiple parts, which can +then be combined in the configuration file. Will allow the user to +plug in different block ciphers, invent an authenticity-only mode, +etc.