Copyright 1997, 1998 Tadayoshi Kohno (kohno@cs.colorado.edu)
All Rights Reserved.
See the LICENSE file.


TODO file -- primarily for personal use but may be of interest to others.

Because of a promise to release libSSH 0.0.1 beta by the weekend
of May 23, a few of the following have been left undone.  A large
portion of the following will be fixed/solved by the next version of
libSSH.

If you have any additional suggestions or comments, please let me know.



RSA identity generation:
	- add additional functionality to ssh_crypt.c such that we can
	  - initialize a cipher union for non-packet use
	  - encipher based on a cipher union for non-packet use
	  - decipher based on a cipher union for non-packet use
	- doing so will allow us to support additional cipher types
	  for enciphering a saved RSA private identity file
	- doing so will also remove the static (gasp) structs from
	  ssh_ident.c


Compression blocks:
	- roll creating of big blocks (type + data) into ssh_cmsg_xxx_encode()
	- extract type with the data in ssh_smsg_xxx_decode()
	- find the type of packet (so can call appropriate decoder)
	  with ssh_msg_lookahead()
	- these blocks were added when compression support was added
	  this was because compression compesses both the type and
	  the data together.
	- unfortunately the current use of the blocks adds extra bcopy's.

	
Main Features:
	
	- implement port forwarding
	- implement X forwarding

	- add a configure script for Unix so that liSSH is easy to make

	- make sure everything is thread safe

	- create a better, cleaner sample unix client

Misc:

	- check for additional buffer overflows
	  - prime locations for buffer overflows are:
	    - reading/writing identity file
	    - forming/extracting packets and messages
	    - passing any sort of string such as the version info for
	      ssh_proto_get (we know this is bad and will be fixed)

	- create a better set of documentation

	- fix any bugs that are reported or we find (hopefully there
	  won't be too many :)


	- find all xxx's and fix the corresponding portions of the code

	- perform a thorough code reading for correctness, efficiency,
	  and understandability.


	- grep for static and strcpy and fix any associated problems
	  (like in encrypting the RSA identity file or copying the
	  error messages in ssh_errno.c)

	- work on speed 
	  - there are too many bcopys
	  - this is especially a problem with the way compression is currently
	    handled and the additional step of creating a block from type & data

	- add more documentation on how to make (see Scott Morris's message)

	- create better seeds for the random number generator.
	  - especially when creating RSA keys.
	  - as it stands, people can always generate their keys using
	    SSH Communication's distribution of SSH

	- make an SSH_PARANOID_CHECK for paranoid NULL pointer checks
	  - there are a few internal routines that do not check for NULL
	    pointers (but the routines that call them do check for bad pointers)
	  - if SSH_PARANOID_CHECK is defined, still perform pointer checks
	    within these internal routines


