X-Git-Url: http://pileus.org/git/?a=blobdiff_plain;f=TODO.txt;h=f5c3456261c4f25d1c6ce72375f6d6654508d49b;hb=03a31a4771efd7e48256ac0d7d2442f5e6bc381f;hp=8816c231dfe00c461ae5dbf6246f72dcbe88c995;hpb=df7a85f6e58c728d99b80c3d1901a0c096dc8d95;p=~andy%2Ffetchmail

diff --git a/TODO.txt b/TODO.txt
index 8816c231..f5c34562 100644
--- a/TODO.txt
+++ b/TODO.txt
@@ -1,11 +1,14 @@
 Note that there is a separate todo.html with different content than this.
 
 soon - MUST:
+- blacklist DigiNotar/Comodo hacks/certs, possibly with Chrome's serial#
+  list?
+- check if wildcards from X.509 are handled as strictly as required by
+  the RFCs.
 - audit if there are further untrusted data report_*() calls.
 - Debian Bug #475239, MIME decoder may break up words (need to quote results)
 - put bare IP addresses in brackets for SMTP (check if there are RFC
   1123/5321/5322 differences)
-- Debian Bug #531589: fetchmail ignores SIGUSR1 in idle mode.
 - Fix further occurrences of SMTP reply code handling:
    - for proper smtp_reponse caching of multiline codes (there are some)
    - for stomping over control characters.
@@ -17,6 +20,12 @@ soon - MUST:
   Postfix virtual users" around 2009-09-23 on fetchmail-users@).
 
 soon - SHOULD:
+- support NIL and strings where they are alternatives to literals
+- Debian Bug #531589: fetchmail ignores SIGUSR1 in idle mode.
+  seems non-trivial to fix: in imap_idle(), we wait for untagged
+  responses, and may be deep in SSL_peek -- and that restarts the
+  underlying blocking read() from the socket, so we never break out of
+  the SSL_peek() with SIGUSR1.
 - add repoll for all kinds of auth failures
   (requires framework to track which auth failed in auto mode)
 - SockOpen sometimes exits with errno == 0, confusing users (found with