From 39364ce7608b64bf50accaf3f73288d048e6948f Mon Sep 17 00:00:00 2001 From: Matthias Andree Date: Sun, 14 Jun 2009 10:23:17 +0000 Subject: Update TODO.txt. svn path=/branches/BRANCH_6-3/; revision=5355 --- TODO.txt | 26 +++++++++++++++----------- 1 file changed, 15 insertions(+), 11 deletions(-) diff --git a/TODO.txt b/TODO.txt index dcba8249..b9ea2930 100644 --- a/TODO.txt +++ b/TODO.txt @@ -9,12 +9,12 @@ soon - SHOULD: - allow \Deleted without \Seen, rf. http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=466299 - document IMAP4 ACL requirements -- log configured server name on certificate mismatch (perhaps pay +- CRYPTO: log configured server name on certificate mismatch (perhaps pay attention to via entries and stuff like that) -- BerliOS Bug #11576, thread on fetchmail users "Invalid SSL certificate" by +- CRYPTO: BerliOS Bug #11576, thread on fetchmail users "Invalid SSL certificate" by Philip Susi, SSL negotiation does not use ERR_error_string(3ssl) to report errors in a readable way, we just report socket errors with no good reason. -- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=432618 +- CRYPTO: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=432618 * write a table of combinations of TLS/SSL options - add To: header to warning mails (authfail for instance) - Fix TOCTOU race around prc_filecheck* @@ -26,6 +26,7 @@ soon - MAY: Revisit http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=400719 => syslog messages are localised http://lists.debian.org/debian-devel/2006/11/msg01068.html +- when logging to syslog, disable locale? - Get rid of peeking in socket.c? MSG_PEEK seems non-portable. soon - after 6.3.9: @@ -51,7 +52,7 @@ questionable: - revisit maximum allowed rcfile permissions, fix inconsistency (silently allowing g+x). - make UID code more efficient, parsing is O(n^2), should be no worse - than O(n log n). + than O(n log n), lookup is O(n), should be O(log n). - help systematic debugging - by making logging more strict (Postfix's msg_* as example??) - by adding a --loggingtest or something that emits @@ -61,7 +62,8 @@ questionable: - Debian Bug #454291 fetchmail --quit: should check, that pid file really contains pid of fetchmail process (Dmitry Nezhevenko) => use fcntl() lock? -- feature to skip first N or all messages upon first download +- feature to skip first N or all messages upon first download, or fetch + last N. - download only messages whose headers match a filter (by Toby, Usenet Nov 2007 de.comm.software.mailserver Message-ID: <1195033726.123704.296060@k79g2000hse.googlegroups.com>) @@ -71,10 +73,13 @@ questionable: "all before date this-and-that") - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=374514 "Deleting fetchids file" vs. POP3 - probably unneeded if we use IMAP UIDs. -- change SSL/TLS UI incompatibly, making it easier to use -- allow selection of SSL/TLS Ciphers -- perhaps switch to libgsasl and libgnutls (which doesn't talk SSLv2) -- make the SSL default v3 (rather than v23). +- CRYPTO: change SSL/TLS UI incompatibly, making it easier to use +- CRYPTO: allow selection of SSL/TLS Ciphers +- CRYPTO: perhaps switch to libgsasl and libgnutls (which doesn't talk SSLv2, + but we should abandon that anyways). +- CRYPTO: perhaps port to NSS? Check license and features and required procedure + changes. - Redhat Bugs #333741 (crypto consolidation), #346891 (port fetchmail to NSS) +- CRYPTO: make the SSL default v3 (rather than v23). - put more hints to the FAQ (should we call it FGA?) as first support place - make sure we print socket error messages such as connection reset by peer to hint users the problem is not in fetchmail @@ -102,13 +107,12 @@ questionable: - fetchmail -s with running daemon complains rather than silently restarting daemon - send warning message when connection fails? -- when logging to syslog, disable locale? - check FAQ O5 - do we really prefer From: over envelope?!? - add code to allow safe authentication schemes if TLS fails - make APOP an authenticator, integrate with regular auto authentication but stuff it at the end - allow forcing RETR (RETR vs. TOP, fetchmail-users, drbob 2008-01-11) -- use SASL? +- CRYPTO: use SASL? - make logfile more useful (redirect not only in daemon mode) - for virtual mapping, we don't currently support local user aliases or regexp matching with replacement. This would be useful for hosting -- cgit v1.2.3