TODO:

Urgent:
 * run leak checker
   + proxies/http known to leak, probably daemon/httpd too
 * make regression test kit

General:
 * Simplify(?) by turning much of the state code into a bunch of tables
   + FTP, POP, SMTP should benefit from this
 * Remove use of locale-dependant functions (mostly from ctype.h)
 * Support for taking args from config file (need to replace popt)
   + Also must be settable via ACL
 * SSL support where possible (POP-3, SMTP, IMAP)
   + require switching much code to use openssl's BIO_* stuff, yuck
 * Get rid of a lot of the globals
 * constification
 * More correct types:
   + POSIXly correct (int => [ size_t, ssize_t, etc ])
   + Remove strtou?l with int, etc
 * IPv6 support
 * Testing!
 * Auditing!
 * Documentation!
 * non-transparent/hardcoded support (ie. user=foo@host.org)?
 * proxy authentication where possible?
 * Performance:
   + Minimise number of syscalls
   + Pipelining?
   + Increase buffer sizes?
   + Minimise memory allocations/frees?

Everywhere
 * grep for XXX - fix FIXMEs

New code:
 * Store and forward SMTP gw
 * IMAP proxy

proxies/http.c:
 * what does transparent mean when we have both SO_ORIGINAL_DEST
   and a "Host:" header?
 * what does "GET http://foo HTTP/1.0\r\nHost: bar\r\n\r\n" mean?
 * upstream proxy support (important)
 * support language, encoding, etc. headers
 * zlib compression support?
 * parse returned document:
   + HTML filter
   + unpack encoding (uncompress, etc)
   + etc

proxies/pop.c:
 * APOP support
 * wrap recvline and check all chars printable

proxies/ftp.c:
 * support rename (RNFR, RNTO)
 * support MDTM
 * support SITE CHMOD
 * support passwords and filenames with spaces ('\0' => ' ') - ick
 * reformat EPLF listings?
 * improve code

daemon/auth.c:
 * ident_lookup_uid assumes that sizeof(uid_t) <= sizeof(int)

daemon/httpd.c:
 * conformance testing
 * better error handling
 * ship default error fileset
 * simple HTTP auth? 
 * make symlink following configurable
 * zlib compression support?

daemon/pingd.c:
 * implement checksumming

logcheck/tailnew.c:
 * zlib support for gzipped files?

logcheck/:
 * add parser for netfilter logs
 * summary tools for proxy logs

lib/log.c:
 * document that logging function must support "%m"
 * avoid logging invocation errors to stdout if not a tty?

lib/line.c:
 * recvline(): parameterise line length
 * recvline(): (conditionally) accept '\n' on its own (maybe
   accept line terminator as a parameter?)

acl/:
 * replace generated lexer with home-made one to shrink code size
   and allow expansion
 * fix parser or add semantic checking pass to ensure that chains
   contain only matches, and end with only targets
 * Make ACL types more generic:
   + Move IDSA support into ACLs
   + Proxies should be able to add ACL types (eg. http headers)
     and targets (eg. redirections)
 * "options" stanza to specify:
   + do we use local or authslave ident client?
   + location of authslave socket
   + etc
 * more ACL types:
   + {receiv,send}ing interface?
   + reverse lookup/domain match (ie. *.foo.net)
 * more targets:
   + exec() something
   + setenv() something
   + set argument for sub-program (dest port, for example)
 * convert (some) to ip{f,fw,filter,fwadm,chains,tables} rules
 * simplifier/optimiser
   + remove unnecessary {}s
   + move cheap (address/port) checks ahead of more expensive
     (ident/domain) checks

$Id: TODO,v 1.21 2001/10/23 15:36:37 matthew Exp $