Mercurial > dropbear
view TODO @ 47:4b53a43f0082
- client pubkey auth works
- rearrange the runopts code for client and server (hostkey reading is needed
by both (if the client is doing pubkey auth. otherwise....))
author | Matt Johnston <matt@ucc.asn.au> |
---|---|
date | Fri, 06 Aug 2004 16:18:01 +0000 |
parents | 469950e86d0f |
children | 59d16db56e9f |
line wrap: on
line source
Current: Things which need doing: - Make options.h generated from configure perhaps? - investigate self-pipe? - fix agent fwd problems - improve channel window adjustment algorithm (circular buffering) - Don't use pregenerated AES tables - check PRNG - check that there aren't timing issues with valid/invalid user authentication feedback. - IP6 (binding to :: takes over ipv4 as well, sigh. If anyone wants to suggest a clean way (ie no V4MAPPED or setsockopt things) please let me know :) - Binding to different interfaces (see ipv6 probably) - PAM ?? - inetd - possible RSA blinding? need to check whether this is vuln to timing attacks - CTR mode, SSH_MSG_IGNORE sending to improve CBC security - DH Group Exchange possibly - Use m_burn for clearing sensitive items in LTM/LTC - fix scp.c for IRIX