3
* [[http://www.undeadly.org/cgi?action=article&sid=20110530221728][OpenBSD]]
8
** TODO [#A] Wireless network hook
9
** TODO [#B] Use capabilities instead of seteuid().
10
** TODO [#B] Use struct sockaddr_storage instead of a union
11
** TODO [#B] Use getaddrinfo(hints=AI_NUMERICHOST) instead of inet_pton()
12
** TODO [#B] Use getnameinfo(serv=NULL, NI_NUMERICHOST) instead of inet_ntop()
13
** TODO [#B] Prefer /run/tmp over /tmp, if it exists
16
** TODO [#B] use scandir(3) instead of readdir(3)
18
* usplash (Deprecated)
19
** TODO [#A] Make it work again
20
** TODO [#B] use scandir(3) instead of readdir(3)
21
** TODO Use [[info:libc:Argz%20Functions][argz_extract]]
24
** TODO [#B] Drop privileges after opening FIFO.
27
** TODO [#B] lock stdin (with flock()?)
34
** TODO handle printing for errors for plugins
35
*** Hook up stderr of plugins, buffer them, and prepend mandos pluig [plugin name]
36
** TODO [#B] use scandir(3) instead of readdir(3)
37
** TODO [#C] use same file name rules as run-parts(8)
38
** kernel command line option for debug info
39
** TODO [#B] Use openat()
42
** TODO Document why we ignore sigint
43
** TODO [#B] Log level :BUGS:
44
*** TODO /etc/mandos/clients.d/*.conf
45
Watch this directory and add/remove/update clients?
46
** TODO [#C] config for TXT record
47
** TODO Log level dbus option
48
SetLogLevel D-Bus call
49
** TODO Implement --foreground :BUGS:
50
[[info:standards:Option%20Table][Table of Long Options]]
51
** TODO Implement --socket
52
[[info:standards:Option%20Table][Table of Long Options]]
53
** TODO [#C] DBusServiceObjectUsingSuper
54
** TODO [#B] Global enable/disable flag
55
** TODO [#B] By-client countdown on number of secrets given
56
** TODO [#B] Support RFC 3339 time duration syntax
58
*** NeedsPassword(50) - Timeout, default disapprove
59
+ SetPass(u"gazonk", True) -> Approval, persistent
60
+ Approve(False) -> Close client connection immediately
61
** TODO [#C] python-parsedatetime
62
** TODO [#C] systemd/launchd
63
http://0pointer.de/blog/projects/systemd.html
64
http://wiki.debian.org/systemd
65
** TODO Separate logging logic to own object
66
** TODO [#A] Limit approval_delay to max gnutls/tls timeout value
67
** TODO [#B] break the wait on approval_delay if connection dies
68
** TODO Generate Client.runtime_expansions from client options + extra
69
** TODO Allow %%(checker)s as a runtime expansion
70
** TODO Use python-tlslite?
71
** TODO D-Bus AddClient() method on server object
74
** Add mandos contact info in manual pages
77
*** Handle "no D-Bus server" and/or "no Mandos server found" better
78
*** [#B] --dump option
79
** TODO Support RFC 3339 time duration syntax
81
* TODO mandos-dispatch
82
Listens for specified D-Bus signals and spawns shell commands with
86
** TODO help should be toggleable
87
** Urwid client data displayer
88
Better view of client data in the listing
90
** Nicer crashes. Stack traces Messes up shell.
91
*** Print a nice "We are sorry" message, save stack trace to log.
92
** Show timeout countdown for approval
95
** TODO "--secfile" option
96
Using the "secfile" option instead of "secret"
97
** TODO [#B] "--test" option
98
For testing decryption before rebooting.
101
** TODO [#C] Implement DEB_BUILD_OPTIONS
102
http://www.debian.org/doc/debian-policy/ch-source.html#s-debianrules-options
105
** /usr/share/initramfs-tools/hooks/mandos
106
*** TODO [#C] use same file name rules as run-parts(8)
107
*** TODO [#C] Do not install in initrd.img if configured not to.
108
Use "/etc/initramfs-tools/hooksconf.d/mandos"?
109
** TODO [#C] /etc/bash_completion.d/mandos
110
From XML sources directly?
113
** TODO Locate which package moves the other bin/sh when busybox is deactivated
114
** TODO contact owner of package, and ask them to have that shell static in position regardless of busybox
2
configuration for cert, key, CA and interface
9
run-time communication with server
11
handle SIGTERM, SIGQUIT, etc.
13
[Mandos-tools/utilities]
added
removed
TODO
