X-Git-Url: http://pileus.org/git/?a=blobdiff_plain;f=TODO.txt;h=ad0c77ad276debdfda5e57395dcc3dc775a585c1;hb=9f99b463d27294281c778c9be890499ee1d84799;hp=4233786fc083639cc53c930004f9825f62f604e6;hpb=0775c627d2719d830d55065598a6b53949c2d647;p=~andy%2Ffetchmail diff --git a/TODO.txt b/TODO.txt index 4233786f..ad0c77ad 100644 --- a/TODO.txt +++ b/TODO.txt @@ -1,11 +1,14 @@ Note that there is a separate todo.html with different content than this. soon - MUST: +- blacklist DigiNotar/Comodo/Türktrust hacks/certs, possibly with Chrome's serial# + list? +- check if wildcards from X.509 are handled as strictly as required by + the RFCs. - audit if there are further untrusted data report_*() calls. - Debian Bug #475239, MIME decoder may break up words (need to quote results) - put bare IP addresses in brackets for SMTP (check if there are RFC 1123/5321/5322 differences) -- Debian Bug #531589: fetchmail ignores SIGUSR1 in idle mode. - Fix further occurrences of SMTP reply code handling: - for proper smtp_reponse caching of multiline codes (there are some) - for stomping over control characters. @@ -17,6 +20,16 @@ soon - MUST: Postfix virtual users" around 2009-09-23 on fetchmail-users@). soon - SHOULD: +- support NIL and strings where they are alternatives to literals +- Debian Bug #531589: fetchmail ignores SIGUSR1 in idle mode. + seems non-trivial to fix: in imap_idle(), we wait for untagged + responses, and may be deep in SSL_peek -- and that restarts the + underlying blocking read() from the socket, so we never break out of + the SSL_peek() with SIGUSR1. +- add repoll for all kinds of auth failures + (requires framework to track which auth failed in auto mode) +- SockOpen sometimes exits with errno == 0, confusing users (found with + Google RealTime on Twitter) - make sure the man page completely lists all options (f. i. sslcertpath) in the tables. - allow \Deleted without \Seen, rf. @@ -35,6 +48,9 @@ soon - SHOULD: Richard Brooksby, fetchmail-users 2010-04-06. soon - MAY: +- find a better replacement for sscanf parsing - we don't usually + detect errors in format strings such as "* %d FETCH " because we don't + check if the FETCH is (a) present, (b) consumed. - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=471176 => fetchmail: support utf-8 encoding in log file Revisit http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=400719 @@ -50,7 +66,7 @@ questionable: - fetch IMAP message in one go (fetchmail-devel by Adam Simpkins around Nov 2nd)? -6.4: +7.0: - Properly free host/user entries (through C++ class instantiation and destructors...) - Remove stupid options, such as spambounce, or deferred bounces for anything but wrong addresses @@ -95,7 +111,6 @@ questionable: - CRYPTO: perhaps port to NSS? Check license and features and required procedure changes. - Redhat Bugs #333741 (crypto consolidation), #346891 (port fetchmail to NSS) - CRYPTO: make the SSL default v3 (rather than v23). -- CRYPTO: remove sslfingerprint? too easily abused (see NEWS) - CRYPTO: force sslcertck - CRYPTO: by default forbid cleartext or other compromising password schemes over insecure connections? @@ -161,6 +176,17 @@ questionable: does it expect, what does it get instead, what does that mean, how can the user fix it; references to the manual) +- grarpamp suggested, on the fetchmail list in later April 2013, more + config file flexibility and explicitness, by marking polls, hosts, + accounts. See thread. + +- more selection options, Debian Bug#705291. + +- add a way to specify multiple fingerprints per host + +- add a way to specify non-MD5 fingerprints per host. SHA1 can be told + from its mere length; other digest algorithms would require some sort + of prefix. We may require the prefix for SHA1, too, for clarity. DOCUMENTATION: - Add info whether Keywords are global, server or user keywords