X-Git-Url: http://pileus.org/git/?a=blobdiff_plain;f=TODO.txt;h=f317b3813ac10e48ebb741abda0b25b3aa06282a;hb=b2f38e14c5015a1c3b24e4af75ab9f229d26080b;hp=9bdff3f2916b6a30171b8204dd544bdbc995e274;hpb=d826bbf1b896e5622e0335fb8689b5516ff31871;p=~andy%2Ffetchmail

diff --git a/TODO.txt b/TODO.txt
index 9bdff3f2..f317b381 100644
--- a/TODO.txt
+++ b/TODO.txt
@@ -1,10 +1,14 @@
 Note that there is a separate todo.html with different content than this.
 
 soon - MUST:
+- blacklist DigiNotar/Comodo hacks/certs, possibly with Chrome's serial#
+  list?
+- check if wildcards from X.509 are handled as strictly as required by
+  the RFCs.
+- audit if there are further untrusted data report_*() calls.
 - Debian Bug #475239, MIME decoder may break up words (need to quote results)
 - put bare IP addresses in brackets for SMTP (check if there are RFC
   1123/5321/5322 differences)
-- Debian Bug #531589: fetchmail ignores SIGUSR1 in idle mode.
 - Fix further occurrences of SMTP reply code handling:
    - for proper smtp_reponse caching of multiline codes (there are some)
    - for stomping over control characters.
@@ -16,8 +20,16 @@ soon - MUST:
   Postfix virtual users" around 2009-09-23 on fetchmail-users@).
 
 soon - SHOULD:
-- replace " \n" by "\n" (and similar) - but make sure translators have
-  time to catch up.
+- support NIL and strings where they are alternatives to literals
+- Debian Bug #531589: fetchmail ignores SIGUSR1 in idle mode.
+  seems non-trivial to fix: in imap_idle(), we wait for untagged
+  responses, and may be deep in SSL_peek -- and that restarts the
+  underlying blocking read() from the socket, so we never break out of
+  the SSL_peek() with SIGUSR1.
+- add repoll for all kinds of auth failures
+  (requires framework to track which auth failed in auto mode)
+- SockOpen sometimes exits with errno == 0, confusing users (found with
+  Google RealTime on Twitter)
 - make sure the man page completely lists all options (f. i. sslcertpath) in
   the tables.
 - allow \Deleted without \Seen, rf. 
@@ -25,20 +37,20 @@ soon - SHOULD:
 - document IMAP4 ACL requirements
 - CRYPTO: log configured server name on certificate mismatch (perhaps pay
   attention to via entries and stuff like that)
-- CRYPTO: BerliOS Bug #11576, thread on fetchmail users "Invalid SSL certificate" by
-  Philip Susi, SSL negotiation does not use ERR_error_string(3ssl) to report
-  errors in a readable way, we just report socket errors with no good reason.
 - CRYPTO: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=432618
   * write a table of combinations of TLS/SSL options
 - add To: header to warning mails (authfail for instance)
 - Fix TOCTOU race around prc_filecheck*
 - Read CAPABILITY from greeting if present, saves one round trip.
 - Check if LAST argument is properly validated against message count.
-- find a solution for the "invalid header" discards message problem
-  (escape headers and stuff reminder into body)
 - add Message-ID: header and other SHOULD headers to warning mails?
+- report actual SMTP error with "SMTP listener refused delivery", sugg.
+  Richard Brooksby, fetchmail-users 2010-04-06.
 
 soon - MAY:
+- find a better replacement for sscanf parsing - we don't usually
+  detect errors in format strings such as "* %d FETCH " because we don't
+  check if the FETCH is (a) present, (b) consumed.
 - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=471176
   => fetchmail: support utf-8 encoding in log file
   Revisit http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=400719
@@ -54,7 +66,8 @@ questionable:
 - fetch IMAP message in one go (fetchmail-devel by Adam Simpkins
   <simpkins@cisco.com> around Nov 2nd)?
 
-6.4:
+7.0:
+- Properly free host/user entries (through C++ class instantiation and destructors...)
 - Remove stupid options, such as spambounce, or deferred bounces for anything
   but wrong addresses
 - Do not ever guess envelope from content headers such as To:/Cc:/Resent-To: or
@@ -69,6 +82,8 @@ questionable:
   (silently allowing g+x).
 - make UID code more efficient, parsing is O(n^2), should be no worse
   than O(n log n), lookup is O(n), should be O(log n).
+  * Idea for C: use <search.h> tfind/tsearch. Need to split idlist up
+    so it only keeps the ids, and use an array to track status.
 - help systematic debugging
     - by making logging more strict (Postfix's msg_* as example??)
     - by adding a --loggingtest or something that emits 
@@ -134,6 +149,8 @@ questionable:
 - allow forcing RETR (RETR vs. TOP, fetchmail-users, drbob 2008-01-11)
 - CRYPTO: use SASL?
 - make logfile more useful (redirect not only in daemon mode)
+- close/reopen logfile on certain signals (for newsyslog/logrotate
+  support)
 - for virtual mapping, we don't currently support local user aliases or 
   regexp matching with replacement. This would be useful for hosting 
   several virtual domains in one multidrop mailbox, as in 
@@ -160,6 +177,7 @@ questionable:
   does it expect, what does it get instead, what does that mean, how can the
   user fix it; references to the manual)
 
+
 DOCUMENTATION:
 - Add info whether Keywords are global, server or user keywords
 - consolidate multidrop documentation