mirror of git://anongit.mindrot.org/openssh.git
- (djm) Tidy and trim TODO
This commit is contained in:
Damien Miller
parent
f5399c24dc
commit
0b8e9006d8
|
|
@ -15,6 +15,7 @@
|
|||
http://www.ietf.org/internet-drafts/draft-ietf-secsh-newmodes-00.txt
|
||||
ok djm@
|
||||
- (djm) Remove IPv4 by default hack now that we can specify AF in config
|
||||
- (djm) Tidy and trim TODO
|
||||
|
||||
20030517
|
||||
- (bal) strcat -> strlcat on openbsd-compat/realpath.c (rev 1.8 OpenBSD)
|
||||
|
|
@ -1570,4 +1571,4 @@
|
|||
save auth method before monitor_reset_key_state(); bugzilla bug #284;
|
||||
ok provos@
|
||||
|
||||
$Id: ChangeLog,v 1.2736 2003/05/18 10:53:59 djm Exp $
|
||||
$Id: ChangeLog,v 1.2737 2003/05/18 11:45:26 djm Exp $
|
||||
|
|
|
|||
78
TODO
78
TODO
|
|
@ -1,4 +1,19 @@
|
|||
Documentation:
|
||||
|
||||
- Update the docs
|
||||
- Update README
|
||||
- Update INSTALL
|
||||
- Merge INSTALL & README.privsep
|
||||
|
||||
- Install FAQ?
|
||||
|
||||
- General FAQ on S/Key, TIS, RSA, RSA2, DSA, etc and suggestions on when it
|
||||
would be best to use them.
|
||||
|
||||
- Create a Documentation/ directory?
|
||||
|
||||
Programming:
|
||||
|
||||
- Grep for 'XXX' comments and fix
|
||||
|
||||
- Link order is incorrect for some systems using Kerberos 4 and AFS. Result
|
||||
|
|
@ -21,8 +36,9 @@ Programming:
|
|||
and maybe support alternate forms of authentications like OPIE via
|
||||
pam?
|
||||
|
||||
- Rework PAM ChallengeResponseAuthentication
|
||||
- Use kbdint request packet with 0 prompts for informational messages
|
||||
- Improve PAM ChallengeResponseAuthentication
|
||||
- Informational messages
|
||||
- chauthtok
|
||||
- Use different PAM service name for kbdint vs regular auth (suggest from
|
||||
Solar Designer)
|
||||
- Ability to select which ChallengeResponseAuthentications may be used
|
||||
|
|
@ -35,70 +51,17 @@ Programming:
|
|||
- Finish integrating kernel-level auditing code for IRIX and SOLARIS
|
||||
(Gilbert.r.loomis@saic.com)
|
||||
|
||||
- sftp-server: Rework to step down to 32bit ints if the platform
|
||||
lacks 'long long' == 64bit (Notable SCO w/ SCO compiler)
|
||||
|
||||
- Linux hangs for 20 seconds when you do "sleep 20&exit". All current
|
||||
solutions break scp or leaves processes hanging around after the ssh
|
||||
connection has ended. It seems to be linked to two things. One
|
||||
select() under Linux is not as nice as others, and two the children
|
||||
of the shell are not killed on exiting the shell.
|
||||
A short run-down of what happens:
|
||||
- The shell starts up, and starts its own session. As a side-effect, it
|
||||
gets its own process group.
|
||||
- The child forks off sleep, and because it's in the background, puts it
|
||||
into its own process group. The sleep command inherits a copy of the
|
||||
shell's descriptor for the tty as its stdout.
|
||||
- The shell exits, but doesn't SIGHUP all of its child PIDs like it probably
|
||||
should(?)
|
||||
- The sshd server attempts to read from the master side of the pty, and
|
||||
while there are still process with the pty open, no EOF is produced.
|
||||
- The sleep command exits, closes its descriptor, sshd detects the EOF, and
|
||||
the connection gets closed.
|
||||
Ways we've tried fixing this in sshd, and why they didn't work out:
|
||||
- SIGHUP the sshd's process group.
|
||||
- The shell is in its own process group.
|
||||
- Track process group IDs of all children before we reap them (via an extra
|
||||
field in Session structures which holds the pgid for each child pid), and
|
||||
SIGHUP the pgid when we reap.
|
||||
- Background commands are in yet another process group.
|
||||
- Close the connection when the child dies.
|
||||
- Background commands may need to write data to the connection. Also
|
||||
prematurely truncates output from some commands (scp server, the
|
||||
famous "dd if=/dev/zero bs=1000 count=100" case).
|
||||
Known workarounds:
|
||||
- bash: shopt huponexit on
|
||||
- tcsh: none
|
||||
- zsh: setopt HUP (usually the default setting)
|
||||
(taken from email from Jason Stone to openssh-unix-dev, 5 May 2001)
|
||||
- pdksh: ?
|
||||
This appears to affect NetKit rsh under Linux as well: it behaves the same
|
||||
with 'sleep 20 & exit'.
|
||||
|
||||
- Build an automated test suite
|
||||
|
||||
- 64-bit builds on HP-UX 11.X (stevesk@pobox.com):
|
||||
- utmp/wtmp get corrupted (something in loginrec?)
|
||||
- can't build with PAM (no 64-bit libpam yet)
|
||||
|
||||
Documentation:
|
||||
- More and better
|
||||
|
||||
- Install FAQ?
|
||||
|
||||
- General FAQ on S/Key, TIS, RSA, RSA2, DSA, etc and suggestions on when it
|
||||
would be best to use them.
|
||||
|
||||
- Create a Documentation/ directory?
|
||||
|
||||
Clean up configure/makefiles:
|
||||
- Clean up configure.ac - There are a few double #defined variables
|
||||
left to do. HAVE_LOGIN is one of them. Consider NOT looking for
|
||||
information in wtmpx or utmpx or any of that stuff if it's not detected
|
||||
from the start
|
||||
|
||||
- Fails to compile when cross compile.
|
||||
(vinschen@redhat.com)
|
||||
- Fails to compile when cross compile. (vinschen@redhat.com)
|
||||
|
||||
- Replace the whole u_intXX_t evilness in acconfig.h with something better???
|
||||
- Do it in configure.ac
|
||||
|
|
@ -118,7 +81,6 @@ Packaging:
|
|||
- HP-UX: Provide DEPOT package scripts.
|
||||
(gilbert.r.loomis@saic.com)
|
||||
|
||||
|
||||
PrivSep Issues:
|
||||
- mmap() issues.
|
||||
+ /dev/zero solution (Solaris)
|
||||
|
|
@ -134,4 +96,4 @@ PrivSep Issues:
|
|||
- Cygwin
|
||||
+ Privsep for Pre-auth only (no fd passing)
|
||||
|
||||
$Id: TODO,v 1.53 2003/01/12 23:00:34 djm Exp $
|
||||
$Id: TODO,v 1.54 2003/05/18 11:44:07 djm Exp $
|
||||
|
|
|
|||
Loading…
Reference in New Issue