/mandos/trunk

To get this branch, use:

bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to TODO

Committer: Teddy Hogeborn
Date: 2019-07-14 22:39:15 UTC
Revision ID: teddy@recompile.se-20190714223915-aqjkms3t3taa6tye

Only use sanitizing options when debugging

The C compiler's sanitizing options introduce code in the output
binary which is fragile and not very security conscious.  It has
become clear that sanitizing is only really meant for use while
debugging.

As a side effect, this makes compilation faster, as the Makefile, for
production builds, no longer runs the compiler repeatedly to find all
its currently supported sanitizing options.

* Makefile (DEBUG): Add "$(SANITIZE)".
  (SANITIZE): Comment out.
  (CFLAGS): Remove "$(SANITIZE)".
  (plugins.d/mandos-client): Revert back to use plain $(LINK.c), since
                             we no longer need to remove the leak
                             sanitizer by overriding CFLAGS.

files added:
debian/mandos-client.templates

debian/mandos.templates

initramfs-tools-conf

initramfs-tools-conf-hook

initramfs-tools-script-stop

mandos-to-cryptroot-unlock

files removed:
initramfs-tools-hook-conf

files modified:
.bzrignore

DBUS-API

INSTALL

Makefile

NEWS

TODO

clients.conf

common.ent

debian/changelog

debian/control

debian/copyright

debian/mandos-client.README.Debian

debian/mandos-client.dirs

debian/mandos-client.lintian-overrides

debian/mandos-client.postinst

debian/mandos-client.postrm

debian/mandos.lintian-overrides

debian/mandos.postinst

debian/rules

debian/watch

initramfs-tools-hook

initramfs-tools-script

intro.xml

mandos

mandos-clients.conf.xml

mandos-ctl

mandos-ctl.xml

mandos-keygen

mandos-keygen.xml

mandos-monitor

mandos-monitor.xml

mandos-options.xml

mandos.conf.xml

mandos.lsm

mandos.xml

overview.xml

plugin-runner.c

plugin-runner.xml

plugins.d/askpass-fifo.c

plugins.d/askpass-fifo.xml

plugins.d/mandos-client.c

plugins.d/mandos-client.xml

plugins.d/password-prompt.c

plugins.d/password-prompt.xml

plugins.d/plymouth.xml

plugins.d/splashy.xml

plugins.d/usplash.xml

Show diffs side-by-side

added added

removed removed

14

14

** TODO [#C] Make start_mandos_communication() take "struct server".

15

15

** TODO [#C] --interfaces=regex,eth*,noregex (bridge-utils-interfaces(5))

16

16

** TODO [#A] Detect partial writes to stdout and exit with EX_TEMPFAIL

17

** TODO [#B] Use reallocarray() with GNU LibC 2.29 or later.

17

18

18

19

* splashy

19

20

** TODO [#B] use scandir(3) instead of readdir(3)

33

34

34

35

* plymouth

35

36

** TODO [#A] Detect partial writes to stdout and exit with EX_TEMPFAIL

37

** TODO [#B] Use reallocarray() with GNU LibC 2.29 or later.

36

38

37

39

* TODO [#B] passdev

38

40

84

86

*** TODO [#C] In Python 3.3, use shlex.quote() instead of re.escape()

85

87

86

88

* mandos-ctl

87

*** Handle "no D-Bus server" and/or "no Mandos server found" better

88

89

** TODO Remove old string_to_delta format :2:

89

90

90

91

* TODO mandos-dispatch

119

120

120

121

* [[http://www.undeadly.org/cgi?action=article&sid=20110530221728][OpenBSD]]

121

122

122

* TODO Use raw public keys (RFC 7250) for TLS communications :2:

123

** Support for this is planned for GnuTLS version 3.6

124

https://gitlab.com/gnutls/gnutls/issues/26

125

** Rationale

126

*** The client key is used both for communication and encryption

127

Using raw keys in GnuTLS instead uses separate keys for

128

communication and password decryption.

129

*** GnuTLS 3.5.9 has deprecated the OpenPGP functions

130

The functions are still available, but deprecated:

131

https://gitlab.com/gnutls/gnutls/issues/102

132

133

123

134

124

#+STARTUP: showall

Older »