X-Git-Url: https://git.strongswan.org/?p=strongswan.git;a=blobdiff_plain;f=TODO;h=c398ebab88743c85d74db83abcd2739e7383e9ad;hp=9ac2cf706850cde573cbe4888b92bf0409e8c9ba;hb=f66f534ee90d617e2ebfaeed23dd014378828363;hpb=9b45443dc2d270f3518be0cb739297baf667a79c;ds=sidebyside diff --git a/TODO b/TODO index 9ac2cf7..c398eba 100644 --- a/TODO +++ b/TODO @@ -1,70 +1,14 @@ - ------------------------- - strongSwan - Roadmap - ------------------------- + ---------------------- + strongSwan - TODO + ---------------------- -These notes mostly belong to charon, the new IKEv2 daemon. The plan is to -migrate IKEv1 into charon. It's hard to say how much effort is needed to -do that, and how much code we can reuse from pluto. But a port IS necessary to -gain hassle-free confiugration, version negotiation and maintainability. +This is a TODO list we should keep in mind. A roadmap of the strongSwan +project is available online at: -Roadmap for 2007 -================ - - Jan ! - first stable release of the strongSwan 4.x branch - ! - Feb ! - refactoring of exchange handling for better code sharing, - ! we need to separate specific tasks to reuse them in multiple - ! exchanges - ! - merge of EAP authentication code / plugin loader - ! - merge of the virtual IP support currently in the pipeline - ! - Mar ! - interface in charon for the new SMP management interface - ! - full certificate support - ! - Cookie support, other fixes to mature against DoS - ! - merge of the experimental "mediated double-NAT" support - ! - write an IETF draft for this feature - ! - Apr ! - start porting efforts of IKEv1 into charon - ! - support of IKEv1 messages and payloads in charon - ! - May ! - migration of plutos state machine into charon - ! - Jun ! - get a useable IKEv1 implementation for simple cases - ! - Jul ! - first release of charon supporting IKEv2 and IKEv1 - ! - Aug ! - get IKEv1 support to the level of pluto - ! - Sep ! - ! - Oct ! - ! - Nov ! - ! - Dec ! - feature complete release - ! - - -TODO-List -========= - -A set of TODOs. This is only a list of things I write down to not forget them. -Watch out for TODOs in the code. - -Build system ------------- -- configure flag which allows to ommit vendor id in pluto -- reduce printf handlers count to 10, as uClibc does not support more - -Denail of service ------------------ -- Cookie support on server -- thread exhaustion (multiple messages to a single IKE_SA) + http://trac.strongswan.org/roadmap Certificate support ------------------- -- New trustchain mechanism? -- proper handling of multiple certificate payloads (import order) - synchronized CRL fetcher - Smartcard interface - Attribute certificates @@ -73,10 +17,17 @@ Stroke interface ---------------- - add a Rekey-Counter for SAs in "statusall" - ipsec statusall bytecount -- proper handling of CTRL+C console detach (SIG_PIPE) Misc ---- -- retry transaction on failure while keyingtries > 1 -- PFS support for creating/rekeying CHILD_SAs - Address pool/backend for virtual IP assignement +- replace iterator by enumerator + +libstrongswan stuff +------------------- +- Header installation support (#include ?) +- object style for leak detective, include an API +- Cleanup/Refactor PEM/ASN1 stuff +- replace file reads through chunk_read +- rewrite lexparser in object-oriented style +