| 1 | dh.c: change format to binary from decimal string (without introducing |
| 2 | endianness problems) |
| 3 | |
| 4 | netlink.c: test the 'allow_route' option properly. |
| 5 | Add fragmentation code. Check that we comply with RFC1812. |
| 6 | |
| 7 | random.c: test properly |
| 8 | |
| 9 | resolver.c: ought to return a list of addresses for each address; the |
| 10 | site code ought to remember them and try contacting them in turn. |
| 11 | |
| 12 | rsa.c: check padding type, change format to binary from decimal string |
| 13 | (without introducing endianness problems) |
| 14 | |
| 15 | site.c: Abandon key exchanges when a bad packet is received. Modify |
| 16 | protocol to include version fields, as described in the NOTES |
| 17 | file. Implement keepalive mode. Make policy about when to initiate key |
| 18 | exchanges more configurable (how many NAKs / bad reverse-transforms |
| 19 | does it take to prompt a key exchange?) |
| 20 | |
| 21 | slip.c: restart userv-ipif to cope with soft routes? Restart it if it |
| 22 | fails in use? |
| 23 | |
| 24 | transform.c: separate the transforms into multiple parts, which can |
| 25 | then be combined in the configuration file. Will allow the user to |
| 26 | plug in different block ciphers, invent an authenticity-only mode, |
| 27 | etc. (similar to udptunnel) |
| 28 | |
| 29 | udp.c: option for path-MTU discovery (once fragmentation support is |
| 30 | implemented in netlink) |
| 31 | |
| 32 | |
| 33 | global: |
| 34 | consider using liboop for the event loop |