183d2307dSDag-Erling SmørgravProgramming: 283d2307dSDag-Erling Smørgrav- Grep for 'XXX' comments and fix 383d2307dSDag-Erling Smørgrav 483d2307dSDag-Erling Smørgrav- Link order is incorrect for some systems using Kerberos 4 and AFS. Result 583d2307dSDag-Erling Smørgrav is multiple inclusion of DES symbols. Holger Trapp 683d2307dSDag-Erling Smørgrav <holger.trapp@hrz.tu-chemnitz.de> reports that changing the configure 783d2307dSDag-Erling Smørgrav generated link order from: 883d2307dSDag-Erling Smørgrav -lresolv -lkrb -lz -lnsl -lutil -lkafs -lkrb -ldes -lcrypto 983d2307dSDag-Erling Smørgrav to: 1083d2307dSDag-Erling Smørgrav -lresolv -lkrb -lz -lnsl -lutil -lcrypto -lkafs -lkrb -ldes 1183d2307dSDag-Erling Smørgrav fixing the problem. 1283d2307dSDag-Erling Smørgrav 1383d2307dSDag-Erling Smørgrav- Write a test program that calls stat() to search for EGD/PRNGd socket 1483d2307dSDag-Erling Smørgrav rather than use the (non-portable) "test -S". 1583d2307dSDag-Erling Smørgrav 16d0c8c0bcSDag-Erling Smørgrav- More platforms for for setproctitle() emulation (testing needed) 1783d2307dSDag-Erling Smørgrav 1883d2307dSDag-Erling Smørgrav- Handle changing passwords for the non-PAM expired password case 1983d2307dSDag-Erling Smørgrav 2083d2307dSDag-Erling Smørgrav- Improve PAM support (a pam_lastlog module will cause sshd to exit) 214b17dab0SDag-Erling Smørgrav and maybe support alternate forms of authentications like OPIE via 2283d2307dSDag-Erling Smørgrav pam? 2383d2307dSDag-Erling Smørgrav 2483d2307dSDag-Erling Smørgrav- Rework PAM ChallengeResponseAuthentication 2583d2307dSDag-Erling Smørgrav - Use kbdint request packet with 0 prompts for informational messages 2683d2307dSDag-Erling Smørgrav - Use different PAM service name for kbdint vs regular auth (suggest from 2783d2307dSDag-Erling Smørgrav Solar Designer) 2883d2307dSDag-Erling Smørgrav - Ability to select which ChallengeResponseAuthentications may be used 2983d2307dSDag-Erling Smørgrav and order to try them in e.g. "ChallengeResponseAuthentication skey, pam" 3083d2307dSDag-Erling Smørgrav 3183d2307dSDag-Erling Smørgrav- Complete Tru64 SIA support 3283d2307dSDag-Erling Smørgrav - It looks like we could merge it into the password auth code to cut down 3383d2307dSDag-Erling Smørgrav on diff size. Maybe PAM password auth too? 3483d2307dSDag-Erling Smørgrav 3583d2307dSDag-Erling Smørgrav- Finish integrating kernel-level auditing code for IRIX and SOLARIS 3683d2307dSDag-Erling Smørgrav (Gilbert.r.loomis@saic.com) 3783d2307dSDag-Erling Smørgrav 3883d2307dSDag-Erling Smørgrav- sftp-server: Rework to step down to 32bit ints if the platform 3983d2307dSDag-Erling Smørgrav lacks 'long long' == 64bit (Notable SCO w/ SCO compiler) 4083d2307dSDag-Erling Smørgrav 4183d2307dSDag-Erling Smørgrav- Linux hangs for 20 seconds when you do "sleep 20&exit". All current 4283d2307dSDag-Erling Smørgrav solutions break scp or leaves processes hanging around after the ssh 4383d2307dSDag-Erling Smørgrav connection has ended. It seems to be linked to two things. One 4483d2307dSDag-Erling Smørgrav select() under Linux is not as nice as others, and two the children 454b17dab0SDag-Erling Smørgrav of the shell are not killed on exiting the shell. 464b17dab0SDag-Erling Smørgrav A short run-down of what happens: 474b17dab0SDag-Erling Smørgrav - The shell starts up, and starts its own session. As a side-effect, it 484b17dab0SDag-Erling Smørgrav gets its own process group. 494b17dab0SDag-Erling Smørgrav - The child forks off sleep, and because it's in the background, puts it 504b17dab0SDag-Erling Smørgrav into its own process group. The sleep command inherits a copy of the 514b17dab0SDag-Erling Smørgrav shell's descriptor for the tty as its stdout. 524b17dab0SDag-Erling Smørgrav - The shell exits, but doesn't SIGHUP all of its child PIDs like it probably 534b17dab0SDag-Erling Smørgrav should(?) 544b17dab0SDag-Erling Smørgrav - The sshd server attempts to read from the master side of the pty, and 554b17dab0SDag-Erling Smørgrav while there are still process with the pty open, no EOF is produced. 564b17dab0SDag-Erling Smørgrav - The sleep command exits, closes its descriptor, sshd detects the EOF, and 574b17dab0SDag-Erling Smørgrav the connection gets closed. 584b17dab0SDag-Erling Smørgrav Ways we've tried fixing this in sshd, and why they didn't work out: 594b17dab0SDag-Erling Smørgrav - SIGHUP the sshd's process group. 604b17dab0SDag-Erling Smørgrav - The shell is in its own process group. 614b17dab0SDag-Erling Smørgrav - Track process group IDs of all children before we reap them (via an extra 624b17dab0SDag-Erling Smørgrav field in Session structures which holds the pgid for each child pid), and 634b17dab0SDag-Erling Smørgrav SIGHUP the pgid when we reap. 644b17dab0SDag-Erling Smørgrav - Background commands are in yet another process group. 654b17dab0SDag-Erling Smørgrav - Close the connection when the child dies. 664b17dab0SDag-Erling Smørgrav - Background commands may need to write data to the connection. Also 674b17dab0SDag-Erling Smørgrav prematurely truncates output from some commands (scp server, the 684b17dab0SDag-Erling Smørgrav famous "dd if=/dev/zero bs=1000 count=100" case). 694b17dab0SDag-Erling Smørgrav Known workarounds: 704b17dab0SDag-Erling Smørgrav - bash: shopt huponexit on 714b17dab0SDag-Erling Smørgrav - tcsh: none 724b17dab0SDag-Erling Smørgrav - zsh: setopt HUP (usually the default setting) 734b17dab0SDag-Erling Smørgrav (taken from email from Jason Stone to openssh-unix-dev, 5 May 2001) 744b17dab0SDag-Erling Smørgrav - pdksh: ? 754b17dab0SDag-Erling Smørgrav This appears to affect NetKit rsh under Linux as well: it behaves the same 764b17dab0SDag-Erling Smørgrav with 'sleep 20 & exit'. 7783d2307dSDag-Erling Smørgrav 7883d2307dSDag-Erling Smørgrav- Build an automated test suite 7983d2307dSDag-Erling Smørgrav 8083d2307dSDag-Erling Smørgrav- 64-bit builds on HP-UX 11.X (stevesk@pobox.com): 8183d2307dSDag-Erling Smørgrav - utmp/wtmp get corrupted (something in loginrec?) 8283d2307dSDag-Erling Smørgrav - can't build with PAM (no 64-bit libpam yet) 8383d2307dSDag-Erling Smørgrav 8483d2307dSDag-Erling SmørgravDocumentation: 8583d2307dSDag-Erling Smørgrav- More and better 8683d2307dSDag-Erling Smørgrav 8783d2307dSDag-Erling Smørgrav- Install FAQ? 8883d2307dSDag-Erling Smørgrav 8983d2307dSDag-Erling Smørgrav- General FAQ on S/Key, TIS, RSA, RSA2, DSA, etc and suggestions on when it 9083d2307dSDag-Erling Smørgrav would be best to use them. 9183d2307dSDag-Erling Smørgrav 9283d2307dSDag-Erling Smørgrav- Create a Documentation/ directory? 9383d2307dSDag-Erling Smørgrav 9483d2307dSDag-Erling SmørgravClean up configure/makefiles: 9583d2307dSDag-Erling Smørgrav- Clean up configure.ac - There are a few double #defined variables 9683d2307dSDag-Erling Smørgrav left to do. HAVE_LOGIN is one of them. Consider NOT looking for 9783d2307dSDag-Erling Smørgrav information in wtmpx or utmpx or any of that stuff if it's not detected 9883d2307dSDag-Erling Smørgrav from the start 9983d2307dSDag-Erling Smørgrav 10083d2307dSDag-Erling Smørgrav- Fails to compile when cross compile. 10183d2307dSDag-Erling Smørgrav (vinschen@redhat.com) 10283d2307dSDag-Erling Smørgrav 10383d2307dSDag-Erling Smørgrav- Replace the whole u_intXX_t evilness in acconfig.h with something better??? 104d0c8c0bcSDag-Erling Smørgrav - Do it in configure.ac 10583d2307dSDag-Erling Smørgrav 10683d2307dSDag-Erling Smørgrav- Consider splitting the u_intXX_t test for sys/bitype.h into seperate test 10783d2307dSDag-Erling Smørgrav to allow people to (right/wrongfully) link against Bind directly. 10883d2307dSDag-Erling Smørgrav 10983d2307dSDag-Erling Smørgrav- Consider splitting configure.ac into seperate files which do logically 11083d2307dSDag-Erling Smørgrav similar tests. E.g move all the type detection stuff into one file, 11183d2307dSDag-Erling Smørgrav entropy related stuff into another. 11283d2307dSDag-Erling Smørgrav 11383d2307dSDag-Erling SmørgravPackaging: 11483d2307dSDag-Erling Smørgrav- Solaris: Update packaging scripts and build new sysv startup scripts 11583d2307dSDag-Erling Smørgrav Ideally the package metadata should be generated by autoconf. 11683d2307dSDag-Erling Smørgrav (gilbert.r.loomis@saic.com) 11783d2307dSDag-Erling Smørgrav 11883d2307dSDag-Erling Smørgrav- HP-UX: Provide DEPOT package scripts. 11983d2307dSDag-Erling Smørgrav (gilbert.r.loomis@saic.com) 12083d2307dSDag-Erling Smørgrav 121ee21a45fSDag-Erling Smørgrav 122ee21a45fSDag-Erling SmørgravPrivSep Issues: 123ee21a45fSDag-Erling Smørgrav- mmap() issues. 124ee21a45fSDag-Erling Smørgrav + /dev/zero solution (Solaris) 125ee21a45fSDag-Erling Smørgrav + No/broken MAP_ANON (Irix) 126ee21a45fSDag-Erling Smørgrav + broken /dev/zero parse (Linux) 127ee21a45fSDag-Erling Smørgrav- PAM 128ee21a45fSDag-Erling Smørgrav + See above PAM notes 129ee21a45fSDag-Erling Smørgrav- AIX 130ee21a45fSDag-Erling Smørgrav + usrinfo() does not set TTY, but only required for legicy systems. Works 131ee21a45fSDag-Erling Smørgrav with PrivSep. 132ee21a45fSDag-Erling Smørgrav- OSF 133ee21a45fSDag-Erling Smørgrav + SIA is broken 134ee21a45fSDag-Erling Smørgrav- Cygwin 135ee21a45fSDag-Erling Smørgrav + Privsep for Pre-auth only (no fd passing) 136ee21a45fSDag-Erling Smørgrav 137d0c8c0bcSDag-Erling Smørgrav$Id: TODO,v 1.53 2003/01/12 23:00:34 djm Exp $ 138