[secnet] / TODO

Makefile.in: autodep stuff

dh.c: change format to binary from decimal string (without introducing
endianness problems)

netlink.c: investigate why 'default' routes don't appear to work
(reported by JDA).

slip.c: detect failure of userv-ipif to start.

tun.c: jdamery reports tun-old code works on Linux-2.2.
Unresolved problem with ioctl(TUNSETIFF) sometimes returning EINVAL, seems
to be related to early 2.4.x (x<=5) series kernels. 2.4.9 and above seem ok;
2.4.[678] untested.

random.c: test

rsa.c: check padding type, change format to binary from decimal string
(without introducing endianness problems)

site.c: the site_incoming() routing could be implemented much more
cleanly using a table. There's still quite a lot of redundancy in this
file. Abandon key exchanges when a bad packet is received. Modify
protocol to include version fields, as described in the NOTES file.

transform.c: make generic

util.c: sort out logging

sha1.c: test

General: separate the transforms in transform.c into multiple parts,
which can then be combined in the configuration file.  Will allow the
user to plug in different block ciphers, invent an authenticity-only
mode, etc.

Signal handling! Really just cope with SIGCHLD and SIGTERM. Possibly
use SIGUSR1/2 for prodding things.

Write scripts to generate the 'real' sites file from a less-expressive
version that's more easily checked by external tools.
Commit	Line	Data
974d0468	1	Makefile.in: autodep stuff
4efd681a	2
8689b3a9 SE	3	dh.c: change format to binary from decimal string (without introducing
8689b3a9 SE	4	endianness problems)
2fe58dfd	5
3454dce4 SE	6	netlink.c: investigate why 'default' routes don't appear to work
3454dce4 SE	7	(reported by JDA).
9d3a4132	8
3454dce4	9	slip.c: detect failure of userv-ipif to start.
9d3a4132 SE	10
9d3a4132 SE	11	tun.c: jdamery reports tun-old code works on Linux-2.2.
3454dce4 SE	12	Unresolved problem with ioctl(TUNSETIFF) sometimes returning EINVAL, seems
	13	to be related to early 2.4.x (x<=5) series kernels. 2.4.9 and above seem ok;
	14	2.4.[678] untested.
2fe58dfd SE	15
	16	random.c: test
	17
2fe58dfd	18	rsa.c: check padding type, change format to binary from decimal string
8689b3a9	19	(without introducing endianness problems)
2fe58dfd	20
2fe58dfd SE	21	site.c: the site_incoming() routing could be implemented much more
2fe58dfd SE	22	cleanly using a table. There's still quite a lot of redundancy in this
baa06aeb SE	23	file. Abandon key exchanges when a bad packet is received. Modify
baa06aeb SE	24	protocol to include version fields, as described in the NOTES file.
2fe58dfd	25
3454dce4	26	transform.c: make generic
2fe58dfd SE	27
2fe58dfd SE	28	util.c: sort out logging
8689b3a9	29
3454dce4 SE	30	sha1.c: test
3454dce4 SE	31
9d3a4132 SE	32	General: separate the transforms in transform.c into multiple parts,
	33	which can then be combined in the configuration file. Will allow the
	34	user to plug in different block ciphers, invent an authenticity-only
	35	mode, etc.
	36
3454dce4 SE	37	Signal handling! Really just cope with SIGCHLD and SIGTERM. Possibly
	38	use SIGUSR1/2 for prodding things.
	39
9d3a4132 SE	40	Write scripts to generate the 'real' sites file from a less-expressive
9d3a4132 SE	41	version that's more easily checked by external tools.