X-Git-Url: http://andersk.mit.edu/gitweb/gssapi-openssh.git/blobdiff_plain/996d5e62b203304a38c5c400d764db9ff9121b48..352b92931a9b3d49170acfe3e7758f6f6a27f1bb:/openssh/TODO diff --git a/openssh/TODO b/openssh/TODO index 06f1fe5..3c89852 100644 --- a/openssh/TODO +++ b/openssh/TODO @@ -1,23 +1,8 @@ -Documentation: - -- Update the docs - - Update README - - Update INSTALL - - Merge INSTALL & README.privsep - -- Install FAQ? - -- General FAQ on S/Key, TIS, RSA, RSA2, DSA, etc and suggestions on when it - would be best to use them. - -- Create a Documentation/ directory? - Programming: - - Grep for 'XXX' comments and fix - Link order is incorrect for some systems using Kerberos 4 and AFS. Result - is multiple inclusion of DES symbols. Holger Trapp + is multiple inclusion of DES symbols. Holger Trapp reports that changing the configure generated link order from: -lresolv -lkrb -lz -lnsl -lutil -lkafs -lkrb -ldes -lcrypto @@ -26,12 +11,18 @@ Programming: fixing the problem. - Write a test program that calls stat() to search for EGD/PRNGd socket - rather than use the (non-portable) "test -S". + rather than use the (non-portable) "test -S". + +- Replacement for setproctitle() - HP-UX support only currently -- More platforms for for setproctitle() emulation (testing needed) +- Handle changing passwords for the non-PAM expired password case -- Improve PAM ChallengeResponseAuthentication - - Informational messages +- Improve PAM support (a pam_lastlog module will cause sshd to exit) + and maybe support alternate forms of authenications like OPIE via + pam? + +- Rework PAM ChallengeResponseAuthentication + - Use kbdint request packet with 0 prompts for informational messages - Use different PAM service name for kbdint vs regular auth (suggest from Solar Designer) - Ability to select which ChallengeResponseAuthentications may be used @@ -44,43 +35,52 @@ Programming: - Finish integrating kernel-level auditing code for IRIX and SOLARIS (Gilbert.r.loomis@saic.com) +- sftp-server: Rework to step down to 32bit ints if the platform + lacks 'long long' == 64bit (Notable SCO w/ SCO compiler) + +- Linux hangs for 20 seconds when you do "sleep 20&exit". All current + solutions break scp or leaves processes hanging around after the ssh + connection has ended. It seems to be linked to two things. One + select() under Linux is not as nice as others, and two the children + of the shell are not killed on exiting the shell. Redhat have an excellent + description of this in their RPM package. + +- Build an automated test suite + - 64-bit builds on HP-UX 11.X (stevesk@pobox.com): - utmp/wtmp get corrupted (something in loginrec?) - can't build with PAM (no 64-bit libpam yet) +Documentation: +- More and better + +- Install FAQ? + +- General FAQ on S/Key, TIS, RSA, RSA2, DSA, etc and suggestions on when it + would be best to use them. + +- Create a Documentation/ directory? + Clean up configure/makefiles: - Clean up configure.ac - There are a few double #defined variables left to do. HAVE_LOGIN is one of them. Consider NOT looking for information in wtmpx or utmpx or any of that stuff if it's not detected from the start +- Fails to compile when cross compile. + (vinschen@redhat.com) + - Replace the whole u_intXX_t evilness in acconfig.h with something better??? - - Do it in configure.ac - Consider splitting the u_intXX_t test for sys/bitype.h into seperate test to allow people to (right/wrongfully) link against Bind directly. -- Consider splitting configure.ac into seperate files which do logically - similar tests. E.g move all the type detection stuff into one file, - entropy related stuff into another. - Packaging: -- HP-UX: Provide DEPOT package scripts. +- Solaris: Update packaging scripts and build new sysv startup scripts + Ideally the package metadata should be generated by autoconf. (gilbert.r.loomis@saic.com) -PrivSep Issues: -- mmap() issues. - + /dev/zero solution (Solaris) - + No/broken MAP_ANON (Irix) - + broken /dev/zero parse (Linux) -- PAM - + See above PAM notes -- AIX - + usrinfo() does not set TTY, but only required for legacy systems. Works - with PrivSep. -- OSF - + SIA is broken -- Cygwin - + Privsep for Pre-auth only (no fd passing) +- HP-UX: Provide DEPOT package scripts. + (gilbert.r.loomis@saic.com) $Id$