view TODO @ 1529:66a1a2547133 fuzz

The fuzzer has managed to generated DSS key/signature pairs that verify. Avoid false positives from bogus keys that wouldn't be used
author Matt Johnston <matt@ucc.asn.au>
date Wed, 21 Feb 2018 21:49:24 +0800
parents 0cbe8f6dbf9e
children
line wrap: on
line source

Current:

Things which might need doing:

- default private dbclient keys

- Make options.h generated from configure perhaps?

- handle /etc/environment in AIX

- check that there aren't timing issues with valid/invalid user authentication
  feedback.

- Binding to different interfaces

- CTR mode
- SSH_MSG_IGNORE sending to improve CBC security
- DH Group Exchange possibly, or just add group14 (whatever it's called today)

- fix scp.c for IRIX

- Be able to use OpenSSH keys for the client? or at least have some form of 
  encrypted keys.

- Client agent forwarding

- Handle restrictions in ~/.ssh/authorized_keys ?