/mandos/trunk : revision 738.1.6

To get this branch, use:

bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to TODO

Committer: Teddy Hogeborn
Date: 2015-07-06 20:09:47 UTC
mto: This revision was merged to the branch mainline in revision 759.
Revision ID: teddy@recompile.se-20150706200947-w21u4eq74efgl6r5

Fix minor bugs and typos and add some more debug output.

* Makefile (install-client-nokey): Create plugin-helpers directory and
                                   the mandos-client-iprouteadddel
                                   helper program.
* initramfs-tools-hook (PLUGINHELPERDIR): Fix typo.
* plugins.d/mandos-client.c: Change terminology; routes are "deleted",
                             not "removed".  All occurences changed.
  (add_remove_local_route): Renamed to "add_delete_local_route".  All
                            callers changed.  Also pass "--debug" flag
                            to helper if in debug mode.
  (add_local_route): Add debugging output.
  (remove_local_route): Renamed to "delete_local_route".  All callers
                        changed.  Also pass "--debug" flag to helper
                        if in debug mode.
  (start_mandos_communication): Add debug output when adding route.

Show diffs side-by-side

added added

removed removed

TODO

** TODO [#B] Use capabilities instead of seteuid().

** TODO [#B] Use getaddrinfo(hints=AI_NUMERICHOST) instead of inet_pton()

** TODO [#C] Make start_mandos_communication() take "struct server".

** TODO [#B] Use openat(), fstatat() etc. to avoid asprintf().

** TODO [#C] --interfaces=regex,eth*,noregex (bridge-utils-interfaces(5))

* splashy

** TODO [#B] use scandir(3) instead of readdir(3)

* askpass-fifo

** TODO [#B] Drop privileges after opening FIFO.

* password-prompt

** TODO [#B] lock stdin (with flock()?)

* plugin-runner

** TODO handle printing for errors for plugins

*** Hook up stderr of plugins, buffer them, and prepend "Mandos Plugin [plugin name]"

** TODO [#B] use scandirat(3) instead of readdir(3)

*** Must wait until GNU libc 2.15

** TODO [#C] use same file name rules as run-parts(8)

** kernel command line option for debug info

** TODO Use python-tlslite?

** TODO D-Bus AddClient() method on server object

** TODO Use org.freedesktop.DBus.Method.NoReply annotation on async methods. :2:

** TODO Emit [[http://dbus.freedesktop.org/doc/dbus-specification.html#standard-interfaces-properties][org.freedesktop.DBus.Properties.PropertiesChanged]] signal :2:

TODO Deprecate se.recompile.Mandos.Client.PropertyChanged - annotate!

TODO Can use "invalidates" annotation to also emit on changed secret.

** TODO Support [[http://dbus.freedesktop.org/doc/dbus-specification.html#standard-interfaces-objectmanager][org.freedesktop.DBus.ObjectManager]] interface on server object :2:

Deprecate methods GetAllClients(), GetAllClientsWithProperties()

and signals ClientAdded and ClientRemoved.

** TODO Secret Service API?

http://standards.freedesktop.org/secret-service/

** TODO Remove D-Bus interfaces with old domain name :2:

** TODO Remove old string_to_delta format :2:

** TODO --no-zeroconf (only valid if port or socket is set)

** TODO Remove old string_to_delta format :2:

** TODO http://0pointer.de/blog/projects/stateless.html

*** tmpfiles snippet to create /var/lib/mandos with right user+perms

*** File in /usr/lib/sysusers.d to create user+group "_mandos"

** TODO Error handling on error parsing config files

** TODO init.d script error handling

** TODO D-Bus server properties; address, port, interface, etc. :2:

* mandos.xml

** Add mandos contact info in manual pages

* mandos-ctl

*** Handle "no D-Bus server" and/or "no Mandos server found" better

*** [#B] --dump option

** TODO Remove old string_to_delta format :2:

* TODO mandos-dispatch

Listens for specified D-Bus signals and spawns shell commands with

Older »