4 1. Run a V5 KDC on the master KDC.
5 * audit code in v4 kadmind server
6 * convert syslog -> log (to real file)
7 * save versus deletion of rcache file
10 * context changes (mostly done)
12 * get_in_tkt for salt support, multi encryption
13 * keytab lookup (for multi-encryption)
14 * oracle forwarding support
16 3. Multi-encryption support
17 * kdb5_edit support (show princal, set attributes)
19 * make DES-MD5 default, fall back to DES-CRC
21 4. Better Kerberos Database
22 * Design encoders/decoders
25 * write configuration file library
28 * check file vs stdio ccache code; replace file code with stdio
30 * fold in krb4 library
31 * kdc support automatic fallback (done)
32 * DES glue code rewrite
33 * don't need NEED_SYS_FCNTL.H; just always include <fnctl.h>
34 * utmp configure cleanup
36 * CONFIG_RULES should include more standard rules (WITH_KRB4, etc.)
37 stuff that's in every single configure.in file.
38 * klist and kdestroy drags in the entire libcrypto library
39 unnecessarily; this is because init_ctx references
40 krb5_csarray (via valid_etype) and
41 krb5_max_crypto_system, which drags in cryptoconf.c
44 * support for realm name changes
52 * Password changing protocol.
56 needed before beta4-patch2:
58 940802 stdargs/varargs breakage of ksu under SunOS
59 940802 double-check make install
61 not-quite-critical bug fixes:
63 940808 Support for DES-MD5
64 940802 double-check telnet problems, e.g. solaris pty grabbing
65 940802 rethink using compile check for fopen() binary mode
69 940808 check file vs stdio ccache code; replace file code with stdio
70 940808 rewrite rcache code
71 940808 fold in krb4 library
73 940808 support for realm name changes
74 940808 configuration file for krb5 clients to replace compile-time
79 940802 realloc lossage made more reasonable; requires a compile
80 and run type of check, then use REALLOC everywhere, #defined
81 to check if argument is NULL first, if realloc(NULL) returns
82 NULL. This is to guard against lossage like SunOS.
83 940802 yank isode from tree, insert tcl subset
84 940802 sanity check API doc
85 940802 deja gnu, testing framework
87 940808 make sure we're using $(MAKE) everywhere
89 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
91 OLD TODO LIST. To be vetted later....
95 look at sandia changes (contact gmachin@somnet.sandia.gov):
103 specific coding items:
104 ----------------------
106 new protocol revision
108 telnet client address checking (hard to get hold of the addr?)
110 uuserver adds a ticket to the credentials cache each time it runs,
111 even if the client is using the same ticket.
113 KDC bulletproofing (after beta)
115 KDC statistic gathering (after beta)
117 admin server (after beta)
124 realm "quality" code and/or hooks (tytso) (after beta?)
126 alloca/tempalloc (after beta)
128 test suites (after beta)
130 KDC transited field comma quoting
132 verify that memcpy/memcmp is in use for principal names
133 Make sure that all comparisons of principal components (realms, etc.)
134 use memcmp instead of strcmp --- principal components can have nulls
135 in them! (Don't blame me, blame OSI!)
136 --> kdc realm transiting
138 code boiling between scc_ and fcc_ (after beta)
140 remove 32 bit dependencies (esp. in md4 and md5) (after beta)
142 documentation issues:
145 manual pages (programs, library)
147 Manual pages for appl/bsd need to be fixed!!!!
149 what we depend on in the system (kprop, kdc: sockets; etc)
151 build/installation doc:
152 document expected "warnings", how to build it, configuration options
153 picking up ss, com_err, makedepend, imake separately
154 unifdef: ftp.uu.net:/bsd-sources/pgrm/unifdef/
162 ap_rep vs. subsession keys
163 assign "no meaning" #s for others?
164 byte-wise comparison for principal names
165 DER, "Zulu" format timestamps
181 ----------------------------------------------------------------
183 library name problems: with shared libraries cryptoconf.o can't be
184 replaced. Change docs to require static linking.
187 ----------------------------------------------------------------
190 Document new functions:
193 krb5_append_addresses
196 --------------------------------------------------------------
198 Bad comment message in KRB5-aux.h (KRB5-types.c should be KRB5_tables.c)