mirror of git://anongit.mindrot.org/openssh.git
138 lines
5.2 KiB
Plaintext
138 lines
5.2 KiB
Plaintext
Programming:
|
|
- Grep for 'XXX' comments and fix
|
|
|
|
- Link order is incorrect for some systems using Kerberos 4 and AFS. Result
|
|
is multiple inclusion of DES symbols. Holger Trapp
|
|
<holger.trapp@hrz.tu-chemnitz.de> reports that changing the configure
|
|
generated link order from:
|
|
-lresolv -lkrb -lz -lnsl -lutil -lkafs -lkrb -ldes -lcrypto
|
|
to:
|
|
-lresolv -lkrb -lz -lnsl -lutil -lcrypto -lkafs -lkrb -ldes
|
|
fixing the problem.
|
|
|
|
- Write a test program that calls stat() to search for EGD/PRNGd socket
|
|
rather than use the (non-portable) "test -S".
|
|
|
|
- More platforms for for setproctitle() emulation (testing needed)
|
|
|
|
- Handle changing passwords for the non-PAM expired password case
|
|
|
|
- Improve PAM support (a pam_lastlog module will cause sshd to exit)
|
|
and maybe support alternate forms of authentications like OPIE via
|
|
pam?
|
|
|
|
- Rework PAM ChallengeResponseAuthentication
|
|
- Use kbdint request packet with 0 prompts for informational messages
|
|
- Use different PAM service name for kbdint vs regular auth (suggest from
|
|
Solar Designer)
|
|
- Ability to select which ChallengeResponseAuthentications may be used
|
|
and order to try them in e.g. "ChallengeResponseAuthentication skey, pam"
|
|
|
|
- Complete Tru64 SIA support
|
|
- It looks like we could merge it into the password auth code to cut down
|
|
on diff size. Maybe PAM password auth too?
|
|
|
|
- Finish integrating kernel-level auditing code for IRIX and SOLARIS
|
|
(Gilbert.r.loomis@saic.com)
|
|
|
|
- sftp-server: Rework to step down to 32bit ints if the platform
|
|
lacks 'long long' == 64bit (Notable SCO w/ SCO compiler)
|
|
|
|
- Linux hangs for 20 seconds when you do "sleep 20&exit". All current
|
|
solutions break scp or leaves processes hanging around after the ssh
|
|
connection has ended. It seems to be linked to two things. One
|
|
select() under Linux is not as nice as others, and two the children
|
|
of the shell are not killed on exiting the shell.
|
|
A short run-down of what happens:
|
|
- The shell starts up, and starts its own session. As a side-effect, it
|
|
gets its own process group.
|
|
- The child forks off sleep, and because it's in the background, puts it
|
|
into its own process group. The sleep command inherits a copy of the
|
|
shell's descriptor for the tty as its stdout.
|
|
- The shell exits, but doesn't SIGHUP all of its child PIDs like it probably
|
|
should(?)
|
|
- The sshd server attempts to read from the master side of the pty, and
|
|
while there are still process with the pty open, no EOF is produced.
|
|
- The sleep command exits, closes its descriptor, sshd detects the EOF, and
|
|
the connection gets closed.
|
|
Ways we've tried fixing this in sshd, and why they didn't work out:
|
|
- SIGHUP the sshd's process group.
|
|
- The shell is in its own process group.
|
|
- Track process group IDs of all children before we reap them (via an extra
|
|
field in Session structures which holds the pgid for each child pid), and
|
|
SIGHUP the pgid when we reap.
|
|
- Background commands are in yet another process group.
|
|
- Close the connection when the child dies.
|
|
- Background commands may need to write data to the connection. Also
|
|
prematurely truncates output from some commands (scp server, the
|
|
famous "dd if=/dev/zero bs=1000 count=100" case).
|
|
Known workarounds:
|
|
- bash: shopt huponexit on
|
|
- tcsh: none
|
|
- zsh: setopt HUP (usually the default setting)
|
|
(taken from email from Jason Stone to openssh-unix-dev, 5 May 2001)
|
|
- pdksh: ?
|
|
This appears to affect NetKit rsh under Linux as well: it behaves the same
|
|
with 'sleep 20 & exit'.
|
|
|
|
- Build an automated test suite
|
|
|
|
- 64-bit builds on HP-UX 11.X (stevesk@pobox.com):
|
|
- utmp/wtmp get corrupted (something in loginrec?)
|
|
- can't build with PAM (no 64-bit libpam yet)
|
|
|
|
Documentation:
|
|
- More and better
|
|
|
|
- Install FAQ?
|
|
|
|
- General FAQ on S/Key, TIS, RSA, RSA2, DSA, etc and suggestions on when it
|
|
would be best to use them.
|
|
|
|
- Create a Documentation/ directory?
|
|
|
|
Clean up configure/makefiles:
|
|
- Clean up configure.ac - There are a few double #defined variables
|
|
left to do. HAVE_LOGIN is one of them. Consider NOT looking for
|
|
information in wtmpx or utmpx or any of that stuff if it's not detected
|
|
from the start
|
|
|
|
- Fails to compile when cross compile.
|
|
(vinschen@redhat.com)
|
|
|
|
- Replace the whole u_intXX_t evilness in acconfig.h with something better???
|
|
- Do it in configure.ac
|
|
|
|
- Consider splitting the u_intXX_t test for sys/bitype.h into seperate test
|
|
to allow people to (right/wrongfully) link against Bind directly.
|
|
|
|
- Consider splitting configure.ac into seperate files which do logically
|
|
similar tests. E.g move all the type detection stuff into one file,
|
|
entropy related stuff into another.
|
|
|
|
Packaging:
|
|
- Solaris: Update packaging scripts and build new sysv startup scripts
|
|
Ideally the package metadata should be generated by autoconf.
|
|
(gilbert.r.loomis@saic.com)
|
|
|
|
- HP-UX: Provide DEPOT package scripts.
|
|
(gilbert.r.loomis@saic.com)
|
|
|
|
|
|
PrivSep Issues:
|
|
- mmap() issues.
|
|
+ /dev/zero solution (Solaris)
|
|
+ No/broken MAP_ANON (Irix)
|
|
+ broken /dev/zero parse (Linux)
|
|
- PAM
|
|
+ See above PAM notes
|
|
- AIX
|
|
+ usrinfo() does not set TTY, but only required for legicy systems. Works
|
|
with PrivSep.
|
|
- OSF
|
|
+ SIA is broken
|
|
- Cygwin
|
|
+ Privsep for Pre-auth only (no fd passing)
|
|
|
|
$Id: TODO,v 1.53 2003/01/12 23:00:34 djm Exp $
|