TODO 14.6 KB
Newer Older
Niels Möller's avatar
Niels Möller committed
1
2
3
4
5
6
7
8
EXCEPTIONS

When using exceptions in commands like do_request_service, when should
we use the passed in exception handler, and when should we use the
handler in the connection struct? Perhaps we should not have any
connection->e handler at all?

  
9
10
S-EXPRESSIONS

Niels Möller's avatar
Niels Möller committed
11
12
13
14
15
Change the format used for encrypted private key to include the public
key as well. This way, the private key can be decrypted on-demand.
This seems cleaner than having the client read both identity and
identity.pub.

Niels Möller's avatar
Niels Möller committed
16
17
18
19
20
21
After retiring the complex "streamed" parser, sexp-conv can no longer
handle arbitrarily large files. That should be fixed some time.
Perhaps sexp-conv could use a parser of it's own, as that is the only
program for which it would make sense to understand all features of
the "advanced" syntax.

22

Niels Möller's avatar
Niels Möller committed
23
24
USERS

Niels Möller's avatar
Niels Möller committed
25
26
27
28
Use real ACL:s instead of the authorized keys hack. Implement a
general user-database abstraction. Also have a look at 'Pluggable Non
Interactive Authentication Modules' at
http://www.msu.ru/pniam/pniam.html.
Niels Möller's avatar
Niels Möller committed
29

Niels Möller's avatar
Niels Möller committed
30

Niels Möller's avatar
Niels Möller committed
31
32
CHARSETS

Niels Möller's avatar
Niels Möller committed
33
34
The conversion from UTF8->unicode->latin1 doesn't handle accented
characters properly. Probably needs a complete rewrite.
Niels Möller's avatar
Niels Möller committed
35

Niels Möller's avatar
Niels Möller committed
36

Niels Möller's avatar
Niels Möller committed
37
38
CONFIGURATION

Niels Möller's avatar
Niels Möller committed
39
Figure out what configuration files we need. 
Niels Möller's avatar
Niels Möller committed
40

Niels Möller's avatar
Niels Möller committed
41

42
43
44
45
46
47
48
49
LOGGING

Use syslog to log server startup, shutdown, and user authentication.
Update utmp (users currently logged in), wtmp (record of logins) and lastlog
(last login time).
Use tcpwrapper's libwrap to log connections and perform access control.


Niels Möller's avatar
Niels Möller committed
50
51
52
53
54
55
56
57
58
59
60
SERVER ISSUES

For compatibility with other sshd:s and bash, lshd should set some
more environment variables when starting user processes.

  SSH_CLIENT=<client-ip> <client-port> <server-port>
  SSH_TTY=<tty-name> (if a pty was allocated)
  SSH_ORIGINAL_COMMAND

bash looks at SSH_CLIENT, and reads .bashrc if it is set.

Niels Möller's avatar
Niels Möller committed
61
62
63
64
The lshd server should register a signal handler, probably for
SIGTERM, that causes it to close it's listening socket, and exit after
current connections are gone (or after a timeout).

Niels Möller's avatar
Niels Möller committed
65

Niels Möller's avatar
Niels Möller committed
66
ALLOCATION
Niels Möller's avatar
Niels Möller committed
67

68
69
Have the allocator initialize all objects automatically.

Niels Möller's avatar
Niels Möller committed
70
71
Consider adding reference counts to strings.

Niels Möller's avatar
Niels Möller committed
72
73
74
Unify the debug malloc system to add a magic number to every block
header, with distinct values for space, strings, objects and lists.

Niels Möller's avatar
Niels Möller committed
75
76
77

OBJECT SYSTEM

Niels Möller's avatar
Niels Möller committed
78
79
80
81
82
Better typechecking of non-heap objects. To do this one would also
need valid isa-pointers in classes (as classes are statically
allocated). If this is done properly, the meta feature could also be
cleaned up a little.

Niels Möller's avatar
Niels Möller committed
83
84
Consider adding "const" methods. One such method to use that for is
ALIST_GET.
Niels Möller's avatar
Niels Möller committed
85

Niels Möller's avatar
Niels Möller committed
86
87
88
Make sure that the first (self) argument to the method-like macros
never have side effects.

Niels Möller's avatar
Niels Möller committed
89

Niels Möller's avatar
Niels Möller committed
90
91
CHANNELS

Niels Möller's avatar
Niels Möller committed
92
Implement window-change requests on the server side.
Niels Möller's avatar
Niels Möller committed
93

Niels Möller's avatar
Niels Möller committed
94
95
96
97
Look at client_session.c:do_client_session_eof() and
server_session.c:do_eof() and see if they can be unified or perhaps
even deleted.

Niels Möller's avatar
Niels Möller committed
98
99
100
The CHANNEL_CLOSE_AT_EOF should be enabled by default. It is the
correct behaviour for all channels except the server side of sessions.

Niels Möller's avatar
Niels Möller committed
101
102
103
104
105
106
107
108
109
110
The following bug should be eliminated: I use lshg to get a large
file,

  src/lshg -v --trace --debug >lsh-test.log.gz sture.lysator.liu.se
  cat 'incoming/lsh-test.log.gz' 2>lshg.log

The file is 0x614ef9 bytes, but only 0x610000 bytes gets through.
Looking at the lshg log, the final SSH_MSG_DATA packet(s) is missing,
so the data is lost either in lsh, or in the remote opensshd.

Niels Möller's avatar
Niels Möller committed
111

112
CONTROL LANGUAGE
Niels Möller's avatar
Niels Möller committed
113

Niels Möller's avatar
Niels Möller committed
114
115
Improve the tail recursiveness of builtin functions.

Niels Möller's avatar
Niels Möller committed
116

Niels Möller's avatar
Niels Möller committed
117
118
FORWARDING

Niels Möller's avatar
Niels Möller committed
119
Implement other types of forwarding; X, ssh-agent, UDP, etc.
Niels Möller's avatar
Niels Möller committed
120
121
122
123
124

Review the naming of functions in tcpforward.c; it appears a little
inconsistent. 


Niels Möller's avatar
Niels Möller committed
125
126
RANDOMNESS

Niels Möller's avatar
Niels Möller committed
127
128
129
130
131
Look at prngd,
http://www.aet.tu-cottbus.de/personen/jaenicke/postfix_tls/prngd.html
(recommended by Oystein Viggen <oysteivi@tihlde.org>), and perhaps
also at egd.

Niels Möller's avatar
Niels Möller committed
132

Niels Möller's avatar
Niels Möller committed
133
134
135
136
137
138
SPKI ISSUES

Use the name "rsa-pkcs1" consistently for all keys, and perhaps
include the name of the hash function in the signature objects.


Niels Möller's avatar
Niels Möller committed
139
140
141
142
143
144
145
146
147
DENIAL OF SERVICE

Implement some limit on the amount of data that may be buffered for
write on a connection. When the limit is exceeded, the connection
should be dropped. The problem: if a client connects and sends a lot
of packets, without ever reading anything from its socket, the server
will eventually run out of memory.


Niels Möller's avatar
Niels Möller committed
148
149
150
151
152
153
154
BUILD ISSUES

make distclean doesn't work, it fails in src/symmetric because it
tries to rebuild desdata.o.

Have autoconf automatically add -I $prefix/include and -L $prefix/lib ?

Niels Möller's avatar
Niels Möller committed
155
156
157
Remaking Makefile.am from subdirectories probably cd:s to the wrong
place, when building outside of the source tree.

Niels Möller's avatar
Niels Möller committed
158
159
160
161
Building outside of the source tree creates machine independent
automatically generated files in the wrong directory (they should be
in the source tree).

Niels Möller's avatar
Niels Möller committed
162
The definition of SBINDIR is broken, in gets the value
Niels Möller's avatar
Niels Möller committed
163
164
"${exec_prefix}/sbin".

Niels Möller's avatar
Niels Möller committed
165
166
167
Use separate version.h.in and version.h files, to avoid rebuilding
everything when the version number is increased.

Niels Möller's avatar
Niels Möller committed
168

Niels Möller's avatar
Niels Möller committed
169
170
171
172
173
PROTOCOL ISSUES

Update the signal-related messages to conform to
draft-ietf-secsh-connect-08.txt.

Niels Möller's avatar
Niels Möller committed
174
175
176
177
Some SSH Inc sshd server sends USERAUTH_FAILURE messages with a
trailing ",", like "publickey,password,". Consider hacking
parse.c:parse_next_atom to allow that.

Niels Möller's avatar
Niels Möller committed
178
179
180
181
182
183
184
The server currently allows the client to send random banner text
before its version string. Such text is not allowed by the protocol
spec.

Add a timeout, to drop connections that hasn't older than (say) five
minutes without having authenticated properly.

Niels Möller's avatar
Niels Möller committed
185

Niels Möller's avatar
Niels Möller committed
186
USER INTERFACE ISSUES
Niels Möller's avatar
Niels Möller committed
187
188
189
190

Hack do_spki_decrypt() in spki_commands.c to ask again if the provided
password is incorrect.

Niels Möller's avatar
Niels Möller committed
191
192
Implement an escape char, like ~ with rsh.

Niels Möller's avatar
Niels Möller committed
193
194
The --interface option to lshd can only handle numeric ip addresses.

Niels Möller's avatar
Niels Möller committed
195

Niels Möller's avatar
Niels Möller committed
196
197
198
199
200
201
202
I/O ISSUES

How should we handle POLLERR in io_iter()?

Add a descriptive string to the lsh_fd struct, to aid debugging.


203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
TESTING

The testsuite is far from complete. Some parts that it misses are

 * Sending and receiving of SSH_MSG_REQUEST_FAILURE and
   SSH_MSG_CHANNEL_FAILURE, and handling of the corresponding
   exceptions.

 * Same for SSH_MSG_CHANNEL_OPEN_FAILURE.

 * All SSH_MSG_CHANNEL_EXTENDED_DATA (i.e. stderr data)

 * i/o exceptions on channels.

 * Failed key exchanges. SRP key exchange.

 * PTY allocation, requests, etc.

 * Userauth banner, failures, passwords,kerberos  password helper.

 * connection_handle_pending(), connection_ignore_handler,
   connection_fail_handler, connection_unimplemented_handler,
   connection_forward_handler.

 * Gatewayed channel requests and global requests.

 * lsh-export-key.
   
 * sexp-conv with options --select, --*-hash.

 * sexp display types.

 * spki, tag prefix and tag any.

 * Encrypted provate keys.

 * TCP forwarding: cancel-tcpip-forward, various exception.

 * utmp logging.


Niels Möller's avatar
Niels Möller committed
244
245
246
247
MISC

Try to find out why read() sometimes returns -1 and sets errno==EPIPE,
on sparc-linux, 2.0.33, redhat-5.1, glibc.
248
249
250
251
Note: Debian's sparc port uses glibc2.1, rather than 2.0; maybe Red Hat does
too? Quite a lot of things have changed between 2.0 and 2.1; this might well
be a documented feature of 2.1.

252
"lsh" is already used as the name of a shell (included in Debian;
253
254
255
256
257
Description: Baby Shell for Novices with DOS compatible commands). Perhaps
we need to change our name?

Make it cleaner wrt. more gcc warnings.

258
259
Fix desTest.c to use proper declarations of its function pointers, and
have autoconf check for rusage().
Niels Möller's avatar
Niels Möller committed
260
261
262
263
264

It seems that it is a little difficult to detect that an asyncronous
connect() failed; poll() indicates that both reading and writing is
possible, but write failes (with EPIPE/SIGPIPE) later. Perhaps a
linux-problem?
Niels Möller's avatar
Niels Möller committed
265

Niels Möller's avatar
Niels Möller committed
266
267
Perhaps some of the dh-code in publickey_crypto should be moved to
keyexchange.c?
Niels Möller's avatar
Niels Möller committed
268

Niels Möller's avatar
Niels Möller committed
269
270
Fix the src/symmetric/desTest program. It doesn't complain if the
desCode is compiled with empty keymap.h, parity.h and rotors.h files.
271

Niels Möller's avatar
Niels Möller committed
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
About POLLHUP:

  I've found something that can either be an io.c or a linux kernel bug.
  This time it is the poll() system call, which causes troubles. If an
  AF_UNIX connection is closed by the client, the kernel doesn't set
  POLLIN in revents, instead it sets only POLLHUP. (and therefore the io
  backend doesn't read the last zero length packet) The following patch
  solves the problem for me:
  
  -        if (fds[i].revents & POLLIN)
  -          READ_FD(fd);
  +        if (fds[i].revents & (POLLIN | POLLHUP))
  +          READ_FD(fd);
  
  jpoll.h doesn't define POLLHUP, so I added a
  
  #define POLLHUP         0
  
  line there. I seldom use poll() so I don't know what the correct
  behaviour should be, but I am afraid this is a kernel bug again.
  
  --
  Bazsi

Niels Möller's avatar
Niels Möller committed
296
297
Find out why opening /dev/ptmx failes occasionally (errno = 19, no
such device).
Niels Möller's avatar
Niels Möller committed
298

Niels Möller's avatar
Niels Möller committed
299
Add some workaround for the poll()-bug in linux/glibc-2.07 reported by
300
301
Bazsi. Hmm, this is probably not a bug. I have to find out what the
right way is to handle the poll conditions POLLERR, POLLHUP and
Niels Möller's avatar
Niels Möller committed
302
POLLERR. 
303

Niels Möller's avatar
Niels Möller committed
304
305
Consider removing the write-attribute from ssh_channel.

Niels Möller's avatar
Niels Möller committed
306
307
Let init_channel take enough arguments to initialize the window- and
packet-size fields properly. It's too easy to forget them.
Niels Möller's avatar
Niels Möller committed
308
309
310

Add const to arguments of type struct exception_handler *?

Niels Möller's avatar
Niels Möller committed
311
Do something reasonable in do_buffered_read() if want_read is cleared.
Niels Möller's avatar
Niels Möller committed
312

Niels Möller's avatar
Niels Möller committed
313
The supplied argp is compiled even if it isn't used.
Niels Möller's avatar
Niels Möller committed
314

Niels Möller's avatar
Niels Möller committed
315
316
317
318
319
Move miscellaneous lsh_string-functions from format.c to a separate
file.

Consider moving SPKI tuple-related functions to a separate file.

Niels Möller's avatar
Niels Möller committed
320
321
322
With SPKI, consider whether or not we should require any specific
order of subexpressions. The most central function for this is
sexp_get_un. 
Niels Möller's avatar
Niels Möller committed
323
324
325

Extend the GABA: (expr ...) constructions with a single parameter
could be used directly as a command_simple. Extend gaba.scm to do that
Niels Möller's avatar
Niels Möller committed
326
327
automatically. Extend the (exp ...) construction to take a return
type, and automatically cast the result to that type.
Niels Möller's avatar
Niels Möller committed
328
329
330

Add -f, to fork and exit when userauthentication is done and any
tunneling is set up.
Niels Möller's avatar
Niels Möller committed
331
332
333
334
335

Consider using dynamically allocated strings for exception messages.
Without this, it is impossible to use non-constant messages, for
instance messages supplied by the peer.

Niels Möller's avatar
Niels Möller committed
336
337
Try to unify the handling of queued channel requests and global
requests. 
Niels Möller's avatar
Niels Möller committed
338
339
340
341
342

Get rid of the double close loop in io_iter. Perhaps start using a
doubly linked list for fds? Add a backend-pointer to fd:s? Use an
extra stack of fds that should be closed?

Niels Möller's avatar
Niels Möller committed
343
344
345
If we add the backend field to lsh_fd objects, the code for listen
could also be simplified, and perhaps we can get rid of the backend
pointer in some other places as well.
Niels Möller's avatar
Niels Möller committed
346
347

Exceptions from listen are handled badly in several places. 
Niels Möller's avatar
Niels Möller committed
348

Niels Möller's avatar
Niels Möller committed
349
350
351
352
353
Should lsh fail if some port forwardings fails? In particular,

  $ lsh -R... -N

is pretty useless if the server doesn't let us bind the remote port.
Niels Möller's avatar
Niels Möller committed
354

Niels Möller's avatar
Niels Möller committed
355
356
Add reasonable limits to all calls to parse_bignum(), sexp2bignum_u()
and sexp_get_un().
Niels Möller's avatar
Niels Möller committed
357
358
359
360

There are dsa-specific details in many places, lsh.c
server_publickey.c, server_authorization.c, server_keyexchange.c. Try
to write more generic functions that can deal with both dsa and rsa.
Niels Möller's avatar
Niels Möller committed
361
362
363
364
365
366
367
368

Review the default algorithm preference list in
algorithms.c:default_crypto_algorithms(). Perhaps make the list more
conservative, and add a "pseudo-algorithm" all to include all
supported algorithms in the list?

Use static objects for crypto algorithms with fixed key sizes and
other parameters.
Niels Möller's avatar
Niels Möller committed
369
370

Replace most defines with enums, for improved type checking.
Niels Möller's avatar
Niels Möller committed
371

Niels Möller's avatar
Niels Möller committed
372
373
374
Write more testcases for rsa.

Perhaps change the LOOKUP_VERIFIER method to return an spki_subject?
Niels Möller's avatar
Niels Möller committed
375

Niels Möller's avatar
Niels Möller committed
376
377
Make connection_unlock install a callout that calls
connection_handle_pending(). 
Niels Möller's avatar
Niels Möller committed
378
379
380
381

Consider how much we really need to differentiate between
rsa-pkcs1-sha1 / rsa-pkcs1-md5 and between spki-sign-rsa /
spki-sign-dss.
Niels Möller's avatar
Niels Möller committed
382
383
384
385
386

Building fails if srp support is disabled. The building of srp-gen
must be conditionalized.

lshg -L doesn't work. The lsh process dies on the first connection to
Niels Möller's avatar
Niels Möller committed
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
the forwarded port. Hmm. Or rather, it seems that the remote server
(opensshd) disconnects.

A successful tcp-forwarding (set up using lsh -L... -N):

DEBUG: Sent CHANNEL_OPEN (size 72 = 0x48)
00000000: 5a0000000c6469726563742d74637069  Z....direct-tcpi
00000010: 70000000000000271000007f9c000000  p......'........
00000020: 126b6f6d2e6c797361746f722e6c6975  .kom.lysator.liu
00000030: 2e73650000131e000000093132372e30  .se........127.0
00000040: 2e302e3100000dc8                  .0.1....

When using lsh -G -N; lshg -L... -n:

DEBUG: gateway received CHANNEL_OPEN (size 72 = 0x48)
00000000: 5a0000000c6469726563742d74637069  Z....direct-tcpi
00000010: 70000000000000271000007f9c000000  p......'........
00000020: 126b6f6d2e6c797361746f722e6c6975  .kom.lysator.liu
00000030: 2e73650000131e000000093132372e30  .se........127.0
00000040: 2e302e3100000dc3                  .0.1....

handle_connection: Received packet of type 90 (CHANNEL_OPEN)
Allocated local channel number 0
Allocated local channel number 0
Registering local channel 0.
DEBUG: Sent CHANNEL_OPEN (size 29 = 0x1d)
00000000: 5a0000000c6469726563742d74637069  Z....direct-tcpi
00000010: 70000000000000271000007f9c        p......'.....


Niels Möller's avatar
Niels Möller committed
417
418
419
420
421
422
423
424
425
426

make_char_classes seems not to work with guile-1.3.4. Bug in guile?

: ERROR: Two copies of (leaf #f (#\377)) (leaf #f (#\377))
: make[1]: *** [sexp_table.h] Error 2

or

: ERROR: Stack overflow
: make: *** [sexp_table.h] Error 2
Niels Möller's avatar
Niels Möller committed
427
428
429

Figure out whether or not to make --cvs-workaround the default.
According to Neil Jarram, "lsh-1.1.2 with --cvs-workaround=oe always
Niels Möller's avatar
Niels Möller committed
430
431
432
433
succeeds." Update: According to rms, --cvs-workaround=e works, and
--cvs-workaround=o doesn't, so it seems that it's stderr that causes
problems. So we need to avoid setting stderr into non-blocking mode.

Niels Möller's avatar
Niels Möller committed
434
435
Add a keep-alive option, which sends SSH_MSG_IGNORE at regular
intervals.
Niels Möller's avatar
Niels Möller committed
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458

The lshd --daemonic option doesn't work with the
RANDOM_POLL_BACKGROUND.

: loic@gnu.org writes:
: 
: >       When I run
: >
: >       lshd  --daemonic --ssh1-fallback=/usr/sbin/sshd
: > 
: >       It dies on first connection and says :
: >
: > Apr 25 04:49:02 subversions lshd[25773]: Background randomness poll failed.
: > Apr 25 04:49:02 subversions lshd[25773]: lshd: Could not get enough entropy from the environment.
: 
: Strange. A guess on what's happening:
: 
:   1. lshd starts a background process for collecting randomness,
: 
:   2. next it forks and exits to get into the background,
: 
:   3. it tries to waitpid the process created in 1, but it's no longer
:      the parent of that process, so waiting fails.
Niels Möller's avatar
Niels Möller committed
459

Niels Möller's avatar
Niels Möller committed
460
461
462
463
464
465
466
467
468
469
470
471
When a forwarding created with lshg -L ... goes down (at the local
end, I think), the channel is not taken down properly, and there are a
lot of "lsh: write_buffer: Attempt to write data to closed buffer."
warnings by lsh:

: bash-2.03$ lshg: Exiting: Connection reset by peer
: lsh: write_buffer: Attempt to write data to closed buffer.
: lsh: write_buffer: Attempt to write data to closed buffer.

To fix this, we must put some resources on the lsh's
gateway-connection's resource list, that closes the chained
connections. 
Niels Möller's avatar
Niels Möller committed
472
473
474

According to rms, lsh is significantly slower than ssh when logging in
over a slow connection. Figure out why.