1999-10-11 21:22:23 +00:00
|
|
|
|
$Id: TODO,v 1.7 1999/10/11 21:22:23 he Exp $
|
1999-06-29 16:22:34 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Important:
|
1999-10-05 21:23:20 +00:00
|
|
|
|
|
|
|
|
|
The server and client initially need to run with root privileges.
|
1999-07-26 22:04:24 +00:00
|
|
|
|
Thus, those parts need careful review by experienced unix
|
1999-10-05 21:23:20 +00:00
|
|
|
|
programmers who should watch out for potential security hazards.
|
1999-06-29 16:22:34 +00:00
|
|
|
|
|
1999-07-26 22:04:24 +00:00
|
|
|
|
In particular buffer overflows triggered by cmd line options or
|
|
|
|
|
environment (eftp) or received protocol data units (eftd)
|
|
|
|
|
The server authentication procedure is a port from wu-ftpd.
|
|
|
|
|
Check 0-Termination of received string parameters.
|
1999-06-29 16:22:34 +00:00
|
|
|
|
|
|
|
|
|
Not showstoppers, but should be done before a possible stable release:
|
|
|
|
|
|
|
|
|
|
- more casefix testing with new mangeling method
|
1999-10-05 21:23:20 +00:00
|
|
|
|
- selectively and automatically (for file systems not supporting
|
1999-06-29 16:22:34 +00:00
|
|
|
|
symlinks) disallow symlink-based transfer name database
|
|
|
|
|
lookup
|
|
|
|
|
- certain disconnect scenarios result in error/warning
|
|
|
|
|
messages which are harmless, but might confuse novice users.
|
1999-10-11 21:22:23 +00:00
|
|
|
|
(in particular, release amd wait for release seems to be buggy)
|
1999-07-26 22:04:24 +00:00
|
|
|
|
- scan all source files for FIXME/XXX/#if 0 labels and
|
|
|
|
|
try cleaning this up.
|
1999-06-29 16:22:34 +00:00
|
|
|
|
- improve autoconf readline support (support non-default
|
|
|
|
|
locations of libreadline and lib[n]curses).
|
1999-10-06 18:16:21 +00:00
|
|
|
|
- autoconf is somewhat ugly as several configuration variables
|
1999-06-29 16:22:34 +00:00
|
|
|
|
are passed to the source files by different channels
|
|
|
|
|
(config.h, -D option) and name schemes are inconsistent.
|
|
|
|
|
- improved event logging (with error indications and
|
|
|
|
|
distinction of successful/failed requests).
|
|
|
|
|
- improved parameter logging within events (handle unset
|
|
|
|
|
parameters nicer).
|
|
|
|
|
|
|
|
|
|
Currently, when requesting establishment of association and access
|
|
|
|
|
regime, the parameters in the corresponding positive response are
|
|
|
|
|
not evaluated properly. This might leed to inconsistencies between
|
|
|
|
|
the peer's and our own idea of those protocol parameter settings.
|
|
|
|
|
|
|
|
|
|
To do: Review and improve those regime establishment (and release)
|
|
|
|
|
processing.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Currently, exception and error events are often not dealed with
|
|
|
|
|
or generated properly. Error events are not counted. Thus, this
|
|
|
|
|
implementation might fail if certain error conditions occur.
|
|
|
|
|
|
|
|
|
|
To do: Review and improve error handling
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Currently the CI field of the result/reason parameter of received
|
1999-10-05 21:23:20 +00:00
|
|
|
|
T-response-pos/neg is not always checked for matching the corresponding
|
1999-06-29 16:22:34 +00:00
|
|
|
|
command CI.
|
|
|
|
|
|
1999-10-05 21:23:20 +00:00
|
|
|
|
To do: Check and implement appropriate exception actions if
|
1999-06-29 16:22:34 +00:00
|
|
|
|
mismatch is detected.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Currently the file header is neither analysed nor processed
|
|
|
|
|
(just stripped) when files are received.
|
|
|
|
|
|
|
|
|
|
To do: Analyse file headers and implement appropriate actions.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Currently, certain ETS 300 075 services (in particular T_Delete, T_Rename,
|
|
|
|
|
T_Read_Restart) are not supported. The supported
|
1999-10-05 21:23:20 +00:00
|
|
|
|
services don't support all (optional) parameters. Thus, the corresponding
|
1999-06-29 16:22:34 +00:00
|
|
|
|
Eurofile services are not supported, either (in particular no
|
|
|
|
|
deletion nor renaming of files).
|
|
|
|
|
|
|
|
|
|
To do:
|
|
|
|
|
|
|
|
|
|
Enhance protocol processing.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Not urgent at all, might take care of after the first stable release
|
|
|
|
|
if anybody is interested:
|
|
|
|
|
|
|
|
|
|
For future portability to non-posix system, consider implementing a
|
|
|
|
|
tdu_stream object which is based on standard C file handles
|
1999-10-05 21:23:20 +00:00
|
|
|
|
instead of unix file-descriptors. This might also improve performance
|
1999-06-29 16:22:34 +00:00
|
|
|
|
due to internal buffering.
|
|
|
|
|
|
|
|
|
|
The eftp client provided with eftp4linux is a rather primitive
|
1999-10-05 21:23:20 +00:00
|
|
|
|
front end (this is intentional) to the eft protocol library's
|
1999-06-29 16:22:34 +00:00
|
|
|
|
client code.
|
|
|
|
|
|
|
|
|
|
To Do: write more user friendly client front ends. Or even better,
|
|
|
|
|
add eurofile support to existing user tools (i.e. mozilla,
|
|
|
|
|
GUI file managers) or write an eft-http gateway by means
|
|
|
|
|
of the eftp4linux core library.
|
|
|
|
|
|
|
|
|
|
Support other authentification methods (PAM comes to mind)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
And the "to do" list is incomplete as well.
|
|
|
|
|
|
|
|
|
|
Meta to do: Enhance "to do" list.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Supplement by ms@msdatec.de:
|
|
|
|
|
|
|
|
|
|
Until nobody complains, in short form and in German:
|
|
|
|
|
|
|
|
|
|
- <20>ber Konfiguration durch /etc/isdn/eftd.conf nachdenken
|
|
|
|
|
- einkommende Dateien sch<63>tzen
|
|
|
|
|
- Log- von Debug-Infos trennen, Loginfos sollen statistikf<6B>hig sein
|
|
|
|
|
- how2 schreiben
|
|
|
|
|
- NEWS-File
|
|
|
|
|
- "install" in "Makefile" implementieren
|
|
|
|
|
- Versionsnummern von Protokollimplementation, eftd und eftp trennen.
|
|
|
|
|
- Sollte das pid-file nicht von eftd selbst gesetzt/geloescht werden?
|