$OpenBSD: TO-DO,v 1.4 1998/11/17 11:10:06 niklas Exp $ $EOM: TO-DO,v 1.25 1998/10/11 16:17:01 niklas Exp $ This file is pretty lame as it should really contain a lot more given that the program is far from ready in any area. * Add debugging messages, maybe possible to control asynchronously. [done] * Implement the local policy governing logging and notification of exceptional conditions. * A field description mechanism used for things like making packet dumps readable etc. Both Photurisd and Pluto does this. [done] * Fix the cookies. [done] * Garbage collect transports (ref-counting?). * Retransmission/dup packet handling. [done] * Generic payload checks. [mostly done] * For math, speed up multiplication and division functions. * Cleanup of SAs when dropping messages. [done] * Look over message resource tracking. * Retransmission timing & count adaptivity and configurability. [configurability done] * Quick mode exchanges [done] * Aggressive mode exchange. * Finish main mode exchange [done] * Separation of key exchange from the IPSEC DOI, i.e. factor out IKE details. * Setup the IPSEC situation field in the main mode. [done] * Kernel interface for IPSEC parameter passing. [done] * Notify of unsupported situations. * Set/get field macros generated from the field descriptions. [done] * SIGHUP handler with reparsing of config file. [done] * RSA signature authentication [done] * DSS signature authentication * RSA encryption authentication * New group mode * DELETE payload handling, and generation from ui. * Deal well with incoming informational exchanges. * Generate all possible SA attributes in quick mode. [done] * Validate incoming attribute according to policy, main mode. * Validate incoming attribute according to policy, quick mode. * Cleanup reserved SPIs on cleanup of associated SAs. [done] * Validate attribute types (i.e. that what the specs tells should be basic). * Cleanup reserved SPIs in proposals never chosen. [done] * Add time measuring and reporting to the exchange code for catching of bottlenecks. * Rescan interfaces on SIGHUP and on reception of messages on the INADDR_ANY listener socket.