view TODO @ 58:5edf356295af

merge of 3b1edf7489e1de452e30aaaec37d647db44e4328 and 6cdb6b2c0e0e0a600eeb5975e499c9303fe2d4d4
author Matt Johnston <matt@ucc.asn.au>
date Mon, 09 Aug 2004 03:21:20 +0000
parents 469950e86d0f
children 59d16db56e9f
line wrap: on
line source

Current:

Things which need doing:

- Make options.h generated from configure perhaps?

- investigate self-pipe?
- fix agent fwd problems
- improve channel window adjustment algorithm (circular buffering)

- Don't use pregenerated AES tables

- check PRNG
- check that there aren't timing issues with valid/invalid user authentication
  feedback.

- IP6 (binding to :: takes over ipv4 as well, sigh. If anyone wants to suggest
  a clean way (ie no V4MAPPED or setsockopt things) please let me know :)
- Binding to different interfaces (see ipv6 probably)

- PAM ??
- inetd
- possible RSA blinding? need to check whether this is vuln to timing attacks
- CTR mode, SSH_MSG_IGNORE sending to improve CBC security
- DH Group Exchange possibly

- Use m_burn for clearing sensitive items in LTM/LTC

- fix scp.c for IRIX