1 This is actually Henry's to-do file, which covers more than just the
2 utilities, but had to go somewhere...
4 (H = high, M = medium, L = low, list otherwise unordered)
6 H untangle the unnecessary generality in plutorun
7 H should left=%defaultroute be available without interfaces=%defaultroute?
8 H change config default to m
9 H showhostkey should run hostname only if it must
10 H overridemtu=%calculate ?
11 H do something to warn of changes to ipsec.conf boilerplate?
12 H how to handle /usr/src/linux-2.4
13 H precise reporting of unknown chars in base64 (etc.) keys
14 H use metric trickery to do atomic route updates?
15 H do something about the IPSEC EVENT message
16 H chkconfig, maybe even startup, in RPM install
17 H install the docs in /usr/local/doc, beware referenced files
18 H malformed public keys are reported very mysteriously
19 H manual and auto should verify ipsec running before proceeding
20 H --reversemap option for showhostkey (look up name?)
22 H base64 decoder should (at least optionally) skip white space
23 H prepluto should be synchronous
24 H double startup message
25 H better support for interface-flap restart
26 H test & set up module-only installs
27 H severity tagging for messages
29 H FreeS/WAN version number into manpages, C programs
30 H non-interactive version of ogo
31 H shell minimization in new setup stuff
32 H patcher vs. config files
33 H sort out rp_filter business
34 H updown manpage, incl. suggesting location for custom one
35 H ipsec_setup determine and note appropriate log files
37 H option to copy files into kernel instead of symlinking? aids packaging
38 H updown hooks for shunts
39 H ranbits, rsasigkey check availability of bits before asking for them
40 H library function for mapping syslog name to number
41 H "/usr/local" should be a macro defined in top-level Makefile only
42 H terminology standard for docs
43 H ttoaddr, ttosubnet variants which refer DNS back to caller
44 H some way to check success of xconfig etc.?
45 H setup should call "updown init"
46 H sysctl.conf need any attention?
47 H sweep logs and startup messages for unnecessary/incorrect/debugging crud
48 H another look at the DESTDIR stuff, use makefile include
49 H experiment with tncfg -- no need to tear all down when interfaces change?
50 H auto vs. whack error messages, non-error output too
51 H showroute command to postprocess auto --status?
52 H rsasigkey (optionally?) generate SPKI format, RFC 2459, also RFC 2440?
53 H revise look output format for compactness
54 H gnats -- include send-freeswan-pr in dist, SH docs
56 H plutoadd is N^2, too slow for large numbers of connections
58 H general manpages (ipsec? klips?) and refs to same (incl bugs)
59 H investigate cross-compiles
60 H general name/address mapping for manual (shell utilities for atosubnet etc.)
61 H rethink syslog locations, esp. info and debug
62 H snapshot notices to whole team
63 H way to bring one interface up or down?
65 M snapshot naming to match candidate naming
66 M network restart should cause ipsec restart
67 M cert build and extract utilities
68 M save and replace existing routes?
69 M auto-unroute option?
70 M tar files should have files owned by bin/bin (1/1), not freeswan/freeswan
71 M startup very slow when DNS is unavailable
72 M basic regression testing (hooks needed in Klips and Pluto?)
73 M ifconfig, etc. mods to use our syntaxes
74 M way to force renegotiation of all connections
76 L audit Klips code for magic numbers, inline, etc.
77 L more thorough regression testing, full functionality, corner cases
78 L examples in manpages
79 L do daemons need to auto-restart on death?
81 2.x drop spibase from conf file and manual
82 2.x get rid of the obsolete-syntax provisions in manual and auto
85 This file is RCSID $Id: TODO,v 1.120 2002/03/20 17:36:41 henry Exp $