aboutsummaryrefslogtreecommitdiffstats
path: root/TODO.txt
diff options
context:
space:
mode:
Diffstat (limited to 'TODO.txt')
-rw-r--r--TODO.txt26
1 files changed, 15 insertions, 11 deletions
diff --git a/TODO.txt b/TODO.txt
index dcba8249..b9ea2930 100644
--- a/TODO.txt
+++ b/TODO.txt
@@ -9,12 +9,12 @@ soon - SHOULD:
- allow \Deleted without \Seen, rf.
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=466299
- document IMAP4 ACL requirements
-- log configured server name on certificate mismatch (perhaps pay
+- CRYPTO: log configured server name on certificate mismatch (perhaps pay
attention to via entries and stuff like that)
-- BerliOS Bug #11576, thread on fetchmail users "Invalid SSL certificate" by
+- CRYPTO: BerliOS Bug #11576, thread on fetchmail users "Invalid SSL certificate" by
Philip Susi, SSL negotiation does not use ERR_error_string(3ssl) to report
errors in a readable way, we just report socket errors with no good reason.
-- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=432618
+- CRYPTO: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=432618
* write a table of combinations of TLS/SSL options
- add To: header to warning mails (authfail for instance)
- Fix TOCTOU race around prc_filecheck*
@@ -26,6 +26,7 @@ soon - MAY:
Revisit http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=400719
=> syslog messages are localised
http://lists.debian.org/debian-devel/2006/11/msg01068.html
+- when logging to syslog, disable locale?
- Get rid of peeking in socket.c? MSG_PEEK seems non-portable.
soon - after 6.3.9:
@@ -51,7 +52,7 @@ questionable:
- revisit maximum allowed rcfile permissions, fix inconsistency
(silently allowing g+x).
- make UID code more efficient, parsing is O(n^2), should be no worse
- than O(n log n).
+ than O(n log n), lookup is O(n), should be O(log n).
- help systematic debugging
- by making logging more strict (Postfix's msg_* as example??)
- by adding a --loggingtest or something that emits
@@ -61,7 +62,8 @@ questionable:
- Debian Bug #454291 fetchmail --quit: should check, that pid file
really contains pid of fetchmail process (Dmitry Nezhevenko)
=> use fcntl() lock?
-- feature to skip first N or all messages upon first download
+- feature to skip first N or all messages upon first download, or fetch
+ last N.
- download only messages whose headers match a filter (by Toby, Usenet
Nov 2007 de.comm.software.mailserver
Message-ID: <1195033726.123704.296060@k79g2000hse.googlegroups.com>)
@@ -71,10 +73,13 @@ questionable:
"all before date this-and-that")
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=374514
"Deleting fetchids file" vs. POP3 - probably unneeded if we use IMAP UIDs.
-- change SSL/TLS UI incompatibly, making it easier to use
-- allow selection of SSL/TLS Ciphers
-- perhaps switch to libgsasl and libgnutls (which doesn't talk SSLv2)
-- make the SSL default v3 (rather than v23).
+- CRYPTO: change SSL/TLS UI incompatibly, making it easier to use
+- CRYPTO: allow selection of SSL/TLS Ciphers
+- CRYPTO: perhaps switch to libgsasl and libgnutls (which doesn't talk SSLv2,
+ but we should abandon that anyways).
+- CRYPTO: perhaps port to NSS? Check license and features and required procedure
+ changes. - Redhat Bugs #333741 (crypto consolidation), #346891 (port fetchmail to NSS)
+- CRYPTO: make the SSL default v3 (rather than v23).
- put more hints to the FAQ (should we call it FGA?) as first support place
- make sure we print socket error messages such as connection reset by
peer to hint users the problem is not in fetchmail
@@ -102,13 +107,12 @@ questionable:
- fetchmail -s with running daemon complains rather than silently
restarting daemon
- send warning message when connection fails?
-- when logging to syslog, disable locale?
- check FAQ O5 - do we really prefer From: over envelope?!?
- add code to allow safe authentication schemes if TLS fails
- make APOP an authenticator, integrate with regular auto authentication
but stuff it at the end
- allow forcing RETR (RETR vs. TOP, fetchmail-users, drbob 2008-01-11)
-- use SASL?
+- CRYPTO: use SASL?
- make logfile more useful (redirect not only in daemon mode)
- for virtual mapping, we don't currently support local user aliases or
regexp matching with replacement. This would be useful for hosting