TODO 14.9 KB
Newer Older
Niels Möller's avatar
Niels Möller committed
1
2
3
4
5
6
7
8
EXCEPTIONS

When using exceptions in commands like do_request_service, when should
we use the passed in exception handler, and when should we use the
handler in the connection struct? Perhaps we should not have any
connection->e handler at all?

  
9
10
S-EXPRESSIONS

Niels Möller's avatar
Niels Möller committed
11
12
13
14
15
Change the format used for encrypted private key to include the public
key as well. This way, the private key can be decrypted on-demand.
This seems cleaner than having the client read both identity and
identity.pub.

Niels Möller's avatar
Niels Möller committed
16
17
18
19
20
21
After retiring the complex "streamed" parser, sexp-conv can no longer
handle arbitrarily large files. That should be fixed some time.
Perhaps sexp-conv could use a parser of it's own, as that is the only
program for which it would make sense to understand all features of
the "advanced" syntax.

22

Niels Möller's avatar
Niels Möller committed
23
24
USERS

Niels Möller's avatar
Niels Möller committed
25
26
27
28
Use real ACL:s instead of the authorized keys hack. Implement a
general user-database abstraction. Also have a look at 'Pluggable Non
Interactive Authentication Modules' at
http://www.msu.ru/pniam/pniam.html.
Niels Möller's avatar
Niels Möller committed
29

Niels Möller's avatar
Niels Möller committed
30
31
32
Log a message if user authentication fails because root is not allowed
to log in.

Niels Möller's avatar
Niels Möller committed
33

Niels Möller's avatar
Niels Möller committed
34
35
CHARSETS

Niels Möller's avatar
Niels Möller committed
36
37
The conversion from UTF8->unicode->latin1 doesn't handle accented
characters properly. Probably needs a complete rewrite.
Niels Möller's avatar
Niels Möller committed
38

Niels Möller's avatar
Niels Möller committed
39

Niels Möller's avatar
Niels Möller committed
40
41
CONFIGURATION

Niels Möller's avatar
Niels Möller committed
42
Figure out what configuration files we need. 
Niels Möller's avatar
Niels Möller committed
43

Niels Möller's avatar
Niels Möller committed
44

45
46
47
48
49
LOGGING

Use syslog to log server startup, shutdown, and user authentication.


Niels Möller's avatar
Niels Möller committed
50
51
52
53
54
55
56
57
58
59
60
SERVER ISSUES

For compatibility with other sshd:s and bash, lshd should set some
more environment variables when starting user processes.

  SSH_CLIENT=<client-ip> <client-port> <server-port>
  SSH_TTY=<tty-name> (if a pty was allocated)
  SSH_ORIGINAL_COMMAND

bash looks at SSH_CLIENT, and reads .bashrc if it is set.

Niels Möller's avatar
Niels Möller committed
61
62
63
64
The lshd server should register a signal handler, probably for
SIGTERM, that causes it to close it's listening socket, and exit after
current connections are gone (or after a timeout).

Niels Möller's avatar
Niels Möller committed
65

Niels Möller's avatar
Niels Möller committed
66
ALLOCATION
Niels Möller's avatar
Niels Möller committed
67

68
69
Have the allocator initialize all objects automatically.

Niels Möller's avatar
Niels Möller committed
70
71
Consider adding reference counts to strings.

Niels Möller's avatar
Niels Möller committed
72
73
74
Unify the debug malloc system to add a magic number to every block
header, with distinct values for space, strings, objects and lists.

Niels Möller's avatar
Niels Möller committed
75
76
77

OBJECT SYSTEM

Niels Möller's avatar
Niels Möller committed
78
79
80
81
82
Better typechecking of non-heap objects. To do this one would also
need valid isa-pointers in classes (as classes are statically
allocated). If this is done properly, the meta feature could also be
cleaned up a little.

Niels Möller's avatar
Niels Möller committed
83
84
Consider adding "const" methods. One such method to use that for is
ALIST_GET.
Niels Möller's avatar
Niels Möller committed
85

Niels Möller's avatar
Niels Möller committed
86
87
88
Make sure that the first (self) argument to the method-like macros
never have side effects.

Niels Möller's avatar
Niels Möller committed
89

Niels Möller's avatar
Niels Möller committed
90
91
CHANNELS

Niels Möller's avatar
Niels Möller committed
92
Implement window-change requests on the server side.
Niels Möller's avatar
Niels Möller committed
93

Niels Möller's avatar
Niels Möller committed
94
95
96
97
Look at client_session.c:do_client_session_eof() and
server_session.c:do_eof() and see if they can be unified or perhaps
even deleted.

Niels Möller's avatar
Niels Möller committed
98
99
100
The CHANNEL_CLOSE_AT_EOF should be enabled by default. It is the
correct behaviour for all channels except the server side of sessions.

Niels Möller's avatar
Niels Möller committed
101
102
103
104
105
106
107
108
109
110
The following bug should be eliminated: I use lshg to get a large
file,

  src/lshg -v --trace --debug >lsh-test.log.gz sture.lysator.liu.se
  cat 'incoming/lsh-test.log.gz' 2>lshg.log

The file is 0x614ef9 bytes, but only 0x610000 bytes gets through.
Looking at the lshg log, the final SSH_MSG_DATA packet(s) is missing,
so the data is lost either in lsh, or in the remote opensshd.

Niels Möller's avatar
Niels Möller committed
111

112
CONTROL LANGUAGE
Niels Möller's avatar
Niels Möller committed
113

Niels Möller's avatar
Niels Möller committed
114
115
Improve the tail recursiveness of builtin functions.

Niels Möller's avatar
Niels Möller committed
116

Niels Möller's avatar
Niels Möller committed
117
118
FORWARDING

119
120
121
122
Generalize the -L and -R options to
[<source-ip>:]<source-port>:<target-ip>:<target-port>
where the first component is optional.

Niels Möller's avatar
Niels Möller committed
123
Implement other types of forwarding; ssh-agent, UDP, etc.
Niels Möller's avatar
Niels Möller committed
124
125
126
127

Review the naming of functions in tcpforward.c; it appears a little
inconsistent. 

Niels Möller's avatar
Niels Möller committed
128
129
130
131
There's one known bug in lshd's X11 forwarding: It will start sending
data on the session before the reply to the client's "shell" or "exec"
request.

Niels Möller's avatar
Niels Möller committed
132

Niels Möller's avatar
Niels Möller committed
133
134
RANDOMNESS

Niels Möller's avatar
Niels Möller committed
135
136
137
138
139
Look at prngd,
http://www.aet.tu-cottbus.de/personen/jaenicke/postfix_tls/prngd.html
(recommended by Oystein Viggen <oysteivi@tihlde.org>), and perhaps
also at egd.

Niels Möller's avatar
Niels Möller committed
140

Niels Möller's avatar
Niels Möller committed
141
142
143
144
145
SPKI ISSUES

Use the name "rsa-pkcs1" consistently for all keys, and perhaps
include the name of the hash function in the signature objects.

Niels Möller's avatar
Niels Möller committed
146
147
148
149
150
Encryption of private keys seems broken, decryption gives the error

  lsh: Unknown encryption algorithm for pkcs5v2.
  lsh: Decrypting private key failed.
  
Niels Möller's avatar
Niels Möller committed
151

Niels Möller's avatar
Niels Möller committed
152
153
154
155
156
157
158
159
160
DENIAL OF SERVICE

Implement some limit on the amount of data that may be buffered for
write on a connection. When the limit is exceeded, the connection
should be dropped. The problem: if a client connects and sends a lot
of packets, without ever reading anything from its socket, the server
will eventually run out of memory.


Niels Möller's avatar
Niels Möller committed
161
162
163
164
BUILD ISSUES

Have autoconf automatically add -I $prefix/include and -L $prefix/lib ?

Niels Möller's avatar
Niels Möller committed
165
166
167
Remaking Makefile.am from subdirectories probably cd:s to the wrong
place, when building outside of the source tree.

Niels Möller's avatar
Niels Möller committed
168
169
170
171
Building outside of the source tree creates machine independent
automatically generated files in the wrong directory (they should be
in the source tree).

Niels Möller's avatar
Niels Möller committed
172
The definition of SBINDIR is broken, in gets the value
Niels Möller's avatar
Niels Möller committed
173
174
"${exec_prefix}/sbin".

Niels Möller's avatar
Niels Möller committed
175
176
177
Use separate version.h.in and version.h files, to avoid rebuilding
everything when the version number is increased.

Niels Möller's avatar
Niels Möller committed
178

Niels Möller's avatar
Niels Möller committed
179
180
181
182
183
PROTOCOL ISSUES

Update the signal-related messages to conform to
draft-ietf-secsh-connect-08.txt.

Niels Möller's avatar
Niels Möller committed
184
185
186
187
Some SSH Inc sshd server sends USERAUTH_FAILURE messages with a
trailing ",", like "publickey,password,". Consider hacking
parse.c:parse_next_atom to allow that.

Niels Möller's avatar
Niels Möller committed
188
189
190
191
192
193
194
The server currently allows the client to send random banner text
before its version string. Such text is not allowed by the protocol
spec.

Add a timeout, to drop connections that hasn't older than (say) five
minutes without having authenticated properly.

Niels Möller's avatar
Niels Möller committed
195

Niels Möller's avatar
Niels Möller committed
196
USER INTERFACE ISSUES
Niels Möller's avatar
Niels Möller committed
197
198
199
200

Hack do_spki_decrypt() in spki_commands.c to ask again if the provided
password is incorrect.

Niels Möller's avatar
Niels Möller committed
201
202
Implement an escape char, like ~ with rsh.

Niels Möller's avatar
Niels Möller committed
203
204
The --interface option to lshd can only handle numeric ip addresses.

Niels Möller's avatar
Niels Möller committed
205

Niels Möller's avatar
Niels Möller committed
206
207
208
209
210
211
212
I/O ISSUES

How should we handle POLLERR in io_iter()?

Add a descriptive string to the lsh_fd struct, to aid debugging.


213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
TESTING

The testsuite is far from complete. Some parts that it misses are

 * Sending and receiving of SSH_MSG_REQUEST_FAILURE and
   SSH_MSG_CHANNEL_FAILURE, and handling of the corresponding
   exceptions.

 * Same for SSH_MSG_CHANNEL_OPEN_FAILURE.

 * All SSH_MSG_CHANNEL_EXTENDED_DATA (i.e. stderr data)

 * i/o exceptions on channels.

 * Failed key exchanges. SRP key exchange.

 * PTY allocation, requests, etc.

 * Userauth banner, failures, passwords,kerberos  password helper.

 * connection_handle_pending(), connection_ignore_handler,
   connection_fail_handler, connection_unimplemented_handler,
   connection_forward_handler.

 * Gatewayed channel requests and global requests.

 * lsh-export-key.
   
 * sexp-conv with options --select, --*-hash.

 * sexp display types.

 * spki, tag prefix and tag any.

 * Encrypted provate keys.

 * TCP forwarding: cancel-tcpip-forward, various exception.

 * utmp logging.


Niels Möller's avatar
Niels Möller committed
254
255
256
257
MISC

Try to find out why read() sometimes returns -1 and sets errno==EPIPE,
on sparc-linux, 2.0.33, redhat-5.1, glibc.
258
259
260
261
Note: Debian's sparc port uses glibc2.1, rather than 2.0; maybe Red Hat does
too? Quite a lot of things have changed between 2.0 and 2.1; this might well
be a documented feature of 2.1.

262
"lsh" is already used as the name of a shell (included in Debian;
263
264
265
266
267
Description: Baby Shell for Novices with DOS compatible commands). Perhaps
we need to change our name?

Make it cleaner wrt. more gcc warnings.

268
269
Fix desTest.c to use proper declarations of its function pointers, and
have autoconf check for rusage().
Niels Möller's avatar
Niels Möller committed
270
271
272
273
274

It seems that it is a little difficult to detect that an asyncronous
connect() failed; poll() indicates that both reading and writing is
possible, but write failes (with EPIPE/SIGPIPE) later. Perhaps a
linux-problem?
Niels Möller's avatar
Niels Möller committed
275

Niels Möller's avatar
Niels Möller committed
276
277
Perhaps some of the dh-code in publickey_crypto should be moved to
keyexchange.c?
Niels Möller's avatar
Niels Möller committed
278

Niels Möller's avatar
Niels Möller committed
279
280
Fix the src/symmetric/desTest program. It doesn't complain if the
desCode is compiled with empty keymap.h, parity.h and rotors.h files.
281

Niels Möller's avatar
Niels Möller committed
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
About POLLHUP:

  I've found something that can either be an io.c or a linux kernel bug.
  This time it is the poll() system call, which causes troubles. If an
  AF_UNIX connection is closed by the client, the kernel doesn't set
  POLLIN in revents, instead it sets only POLLHUP. (and therefore the io
  backend doesn't read the last zero length packet) The following patch
  solves the problem for me:
  
  -        if (fds[i].revents & POLLIN)
  -          READ_FD(fd);
  +        if (fds[i].revents & (POLLIN | POLLHUP))
  +          READ_FD(fd);
  
  jpoll.h doesn't define POLLHUP, so I added a
  
  #define POLLHUP         0
  
  line there. I seldom use poll() so I don't know what the correct
  behaviour should be, but I am afraid this is a kernel bug again.
  
  --
  Bazsi

Niels Möller's avatar
Niels Möller committed
306
307
Find out why opening /dev/ptmx failes occasionally (errno = 19, no
such device).
Niels Möller's avatar
Niels Möller committed
308

Niels Möller's avatar
Niels Möller committed
309
Add some workaround for the poll()-bug in linux/glibc-2.07 reported by
310
311
Bazsi. Hmm, this is probably not a bug. I have to find out what the
right way is to handle the poll conditions POLLERR, POLLHUP and
Niels Möller's avatar
Niels Möller committed
312
POLLERR. 
313

Niels Möller's avatar
Niels Möller committed
314
315
Consider removing the write-attribute from ssh_channel.

Niels Möller's avatar
Niels Möller committed
316
317
Let init_channel take enough arguments to initialize the window- and
packet-size fields properly. It's too easy to forget them.
Niels Möller's avatar
Niels Möller committed
318
319
320

Add const to arguments of type struct exception_handler *?

Niels Möller's avatar
Niels Möller committed
321
Do something reasonable in do_buffered_read() if want_read is cleared.
Niels Möller's avatar
Niels Möller committed
322

Niels Möller's avatar
Niels Möller committed
323
The supplied argp is compiled even if it isn't used.
Niels Möller's avatar
Niels Möller committed
324

Niels Möller's avatar
Niels Möller committed
325
326
327
328
329
Move miscellaneous lsh_string-functions from format.c to a separate
file.

Consider moving SPKI tuple-related functions to a separate file.

Niels Möller's avatar
Niels Möller committed
330
331
332
With SPKI, consider whether or not we should require any specific
order of subexpressions. The most central function for this is
sexp_get_un. 
Niels Möller's avatar
Niels Möller committed
333
334
335

Extend the GABA: (expr ...) constructions with a single parameter
could be used directly as a command_simple. Extend gaba.scm to do that
Niels Möller's avatar
Niels Möller committed
336
337
automatically. Extend the (exp ...) construction to take a return
type, and automatically cast the result to that type.
Niels Möller's avatar
Niels Möller committed
338
339
340

Add -f, to fork and exit when userauthentication is done and any
tunneling is set up.
Niels Möller's avatar
Niels Möller committed
341
342
343
344
345

Consider using dynamically allocated strings for exception messages.
Without this, it is impossible to use non-constant messages, for
instance messages supplied by the peer.

Niels Möller's avatar
Niels Möller committed
346
347
Try to unify the handling of queued channel requests and global
requests. 
Niels Möller's avatar
Niels Möller committed
348
349
350
351
352

Get rid of the double close loop in io_iter. Perhaps start using a
doubly linked list for fds? Add a backend-pointer to fd:s? Use an
extra stack of fds that should be closed?

Niels Möller's avatar
Niels Möller committed
353
354
355
If we add the backend field to lsh_fd objects, the code for listen
could also be simplified, and perhaps we can get rid of the backend
pointer in some other places as well.
Niels Möller's avatar
Niels Möller committed
356
357

Exceptions from listen are handled badly in several places. 
Niels Möller's avatar
Niels Möller committed
358

Niels Möller's avatar
Niels Möller committed
359
360
361
362
363
Should lsh fail if some port forwardings fails? In particular,

  $ lsh -R... -N

is pretty useless if the server doesn't let us bind the remote port.
Niels Möller's avatar
Niels Möller committed
364

Niels Möller's avatar
Niels Möller committed
365
366
Add reasonable limits to all calls to parse_bignum(), sexp2bignum_u()
and sexp_get_un().
Niels Möller's avatar
Niels Möller committed
367
368
369
370

There are dsa-specific details in many places, lsh.c
server_publickey.c, server_authorization.c, server_keyexchange.c. Try
to write more generic functions that can deal with both dsa and rsa.
Niels Möller's avatar
Niels Möller committed
371
372
373
374
375
376
377
378

Review the default algorithm preference list in
algorithms.c:default_crypto_algorithms(). Perhaps make the list more
conservative, and add a "pseudo-algorithm" all to include all
supported algorithms in the list?

Use static objects for crypto algorithms with fixed key sizes and
other parameters.
Niels Möller's avatar
Niels Möller committed
379
380

Replace most defines with enums, for improved type checking.
Niels Möller's avatar
Niels Möller committed
381

Niels Möller's avatar
Niels Möller committed
382
383
384
Write more testcases for rsa.

Perhaps change the LOOKUP_VERIFIER method to return an spki_subject?
Niels Möller's avatar
Niels Möller committed
385

Niels Möller's avatar
Niels Möller committed
386
387
Make connection_unlock install a callout that calls
connection_handle_pending(). 
Niels Möller's avatar
Niels Möller committed
388
389
390
391

Consider how much we really need to differentiate between
rsa-pkcs1-sha1 / rsa-pkcs1-md5 and between spki-sign-rsa /
spki-sign-dss.
Niels Möller's avatar
Niels Möller committed
392
393
394
395
396

Building fails if srp support is disabled. The building of srp-gen
must be conditionalized.

lshg -L doesn't work. The lsh process dies on the first connection to
Niels Möller's avatar
Niels Möller committed
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
the forwarded port. Hmm. Or rather, it seems that the remote server
(opensshd) disconnects.

A successful tcp-forwarding (set up using lsh -L... -N):

DEBUG: Sent CHANNEL_OPEN (size 72 = 0x48)
00000000: 5a0000000c6469726563742d74637069  Z....direct-tcpi
00000010: 70000000000000271000007f9c000000  p......'........
00000020: 126b6f6d2e6c797361746f722e6c6975  .kom.lysator.liu
00000030: 2e73650000131e000000093132372e30  .se........127.0
00000040: 2e302e3100000dc8                  .0.1....

When using lsh -G -N; lshg -L... -n:

DEBUG: gateway received CHANNEL_OPEN (size 72 = 0x48)
00000000: 5a0000000c6469726563742d74637069  Z....direct-tcpi
00000010: 70000000000000271000007f9c000000  p......'........
00000020: 126b6f6d2e6c797361746f722e6c6975  .kom.lysator.liu
00000030: 2e73650000131e000000093132372e30  .se........127.0
00000040: 2e302e3100000dc3                  .0.1....

handle_connection: Received packet of type 90 (CHANNEL_OPEN)
Allocated local channel number 0
Allocated local channel number 0
Registering local channel 0.
DEBUG: Sent CHANNEL_OPEN (size 29 = 0x1d)
00000000: 5a0000000c6469726563742d74637069  Z....direct-tcpi
00000010: 70000000000000271000007f9c        p......'.....


Niels Möller's avatar
Niels Möller committed
427
428
429
430
431
432
433
434
435
436

make_char_classes seems not to work with guile-1.3.4. Bug in guile?

: ERROR: Two copies of (leaf #f (#\377)) (leaf #f (#\377))
: make[1]: *** [sexp_table.h] Error 2

or

: ERROR: Stack overflow
: make: *** [sexp_table.h] Error 2
Niels Möller's avatar
Niels Möller committed
437
438
439

Figure out whether or not to make --cvs-workaround the default.
According to Neil Jarram, "lsh-1.1.2 with --cvs-workaround=oe always
Niels Möller's avatar
Niels Möller committed
440
441
442
443
succeeds." Update: According to rms, --cvs-workaround=e works, and
--cvs-workaround=o doesn't, so it seems that it's stderr that causes
problems. So we need to avoid setting stderr into non-blocking mode.

Niels Möller's avatar
Niels Möller committed
444
445
Add a keep-alive option, which sends SSH_MSG_IGNORE at regular
intervals.
Niels Möller's avatar
Niels Möller committed
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468

The lshd --daemonic option doesn't work with the
RANDOM_POLL_BACKGROUND.

: loic@gnu.org writes:
: 
: >       When I run
: >
: >       lshd  --daemonic --ssh1-fallback=/usr/sbin/sshd
: > 
: >       It dies on first connection and says :
: >
: > Apr 25 04:49:02 subversions lshd[25773]: Background randomness poll failed.
: > Apr 25 04:49:02 subversions lshd[25773]: lshd: Could not get enough entropy from the environment.
: 
: Strange. A guess on what's happening:
: 
:   1. lshd starts a background process for collecting randomness,
: 
:   2. next it forks and exits to get into the background,
: 
:   3. it tries to waitpid the process created in 1, but it's no longer
:      the parent of that process, so waiting fails.
Niels Möller's avatar
Niels Möller committed
469

Niels Möller's avatar
Niels Möller committed
470
471
472
473
474
475
476
477
478
479
480
481
When a forwarding created with lshg -L ... goes down (at the local
end, I think), the channel is not taken down properly, and there are a
lot of "lsh: write_buffer: Attempt to write data to closed buffer."
warnings by lsh:

: bash-2.03$ lshg: Exiting: Connection reset by peer
: lsh: write_buffer: Attempt to write data to closed buffer.
: lsh: write_buffer: Attempt to write data to closed buffer.

To fix this, we must put some resources on the lsh's
gateway-connection's resource list, that closes the chained
connections. 
Niels Möller's avatar
Niels Möller committed
482
483
484

According to rms, lsh is significantly slower than ssh when logging in
over a slow connection. Figure out why.