Mercurial > dropbear
view TODO @ 34:e2a1eaa19f22
Client mostly works up to password auth
Need to rework algo-choosing etc, since server is now broken.
author | Matt Johnston <matt@ucc.asn.au> |
---|---|
date | Wed, 28 Jul 2004 16:44:16 +0000 |
parents | 469950e86d0f |
children | 59d16db56e9f |
line wrap: on
line source
Current: Things which need doing: - Make options.h generated from configure perhaps? - investigate self-pipe? - fix agent fwd problems - improve channel window adjustment algorithm (circular buffering) - Don't use pregenerated AES tables - check PRNG - check that there aren't timing issues with valid/invalid user authentication feedback. - IP6 (binding to :: takes over ipv4 as well, sigh. If anyone wants to suggest a clean way (ie no V4MAPPED or setsockopt things) please let me know :) - Binding to different interfaces (see ipv6 probably) - PAM ?? - inetd - possible RSA blinding? need to check whether this is vuln to timing attacks - CTR mode, SSH_MSG_IGNORE sending to improve CBC security - DH Group Exchange possibly - Use m_burn for clearing sensitive items in LTM/LTC - fix scp.c for IRIX