X-Git-Url: http://pileus.org/git/?a=blobdiff_plain;f=TODO.txt;h=f5c3456261c4f25d1c6ce72375f6d6654508d49b;hb=b3e0cd2d558b5ccf06c816eed38c883d7462d3d4;hp=84c4059cec0a071e60f1e47bd3fe3017f1b64071;hpb=019324f4b50349f9782ff013013d756c13c10d60;p=~andy%2Ffetchmail

diff --git a/TODO.txt b/TODO.txt
index 84c4059c..f5c34562 100644
--- a/TODO.txt
+++ b/TODO.txt
@@ -1,11 +1,14 @@
 Note that there is a separate todo.html with different content than this.
 
 soon - MUST:
+- blacklist DigiNotar/Comodo hacks/certs, possibly with Chrome's serial#
+  list?
+- check if wildcards from X.509 are handled as strictly as required by
+  the RFCs.
 - audit if there are further untrusted data report_*() calls.
 - Debian Bug #475239, MIME decoder may break up words (need to quote results)
 - put bare IP addresses in brackets for SMTP (check if there are RFC
   1123/5321/5322 differences)
-- Debian Bug #531589: fetchmail ignores SIGUSR1 in idle mode.
 - Fix further occurrences of SMTP reply code handling:
    - for proper smtp_reponse caching of multiline codes (there are some)
    - for stomping over control characters.
@@ -17,6 +20,14 @@ soon - MUST:
   Postfix virtual users" around 2009-09-23 on fetchmail-users@).
 
 soon - SHOULD:
+- support NIL and strings where they are alternatives to literals
+- Debian Bug #531589: fetchmail ignores SIGUSR1 in idle mode.
+  seems non-trivial to fix: in imap_idle(), we wait for untagged
+  responses, and may be deep in SSL_peek -- and that restarts the
+  underlying blocking read() from the socket, so we never break out of
+  the SSL_peek() with SIGUSR1.
+- add repoll for all kinds of auth failures
+  (requires framework to track which auth failed in auto mode)
 - SockOpen sometimes exits with errno == 0, confusing users (found with
   Google RealTime on Twitter)
 - make sure the man page completely lists all options (f. i. sslcertpath) in