39f9ca5665
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@2380 ec53bebd-3082-4978-b11e-865c3cabbd6b
123 lines
2.4 KiB
Plaintext
123 lines
2.4 KiB
Plaintext
-*- indented-text -*-
|
|
|
|
$Id$
|
|
|
|
- admin
|
|
|
|
* add password changing protocol
|
|
|
|
* add some kind of remote admin protocol
|
|
|
|
- appl
|
|
|
|
* more programs here
|
|
|
|
- appl/rsh
|
|
|
|
* forwarding is not implemented at all.
|
|
|
|
* perhaps rsh and rshd should be able to handle `traditional'
|
|
rsh-protocol as well.
|
|
|
|
- appl/telnet
|
|
|
|
* forwarding not implemented.
|
|
|
|
- appl/test
|
|
|
|
* should test more stuff
|
|
|
|
- doc
|
|
|
|
* there's some room for improvement here.
|
|
|
|
- kdc
|
|
|
|
* implement support for interoperability with kerberos V4.
|
|
|
|
* needs a configuration file.
|
|
|
|
* the requirement for preauthentication should be configurable.
|
|
|
|
- kuser
|
|
|
|
* kinit misses lots of useful options.
|
|
|
|
* kinit should try to give better error messages.
|
|
|
|
- lib
|
|
|
|
- lib/asn1
|
|
|
|
- lib/auth
|
|
|
|
* PAM and afskauthlib
|
|
|
|
- lib/des
|
|
|
|
* md4, md5, and sha doesn't work on Crays. There might be some other
|
|
code that that doesn't work either.
|
|
|
|
- lib/editline
|
|
|
|
- lib/error
|
|
|
|
- lib/gssapi
|
|
|
|
* acquire_cred, release_cred, process_context_token, context_time,
|
|
display_status, compare_names, export_name, inquire_cred,
|
|
wrap_size_limit, add_cred, inquire_cred_by_mech, export_sec_context,
|
|
import_sec_context, inquire_names_for_mech, inquire_mechs_for_name,
|
|
canonicalize_name, and duplicate_name not implemented.
|
|
|
|
* import_name only understands GSS_C_NT_HOSTBASED_SERVICE and GSS_C_NO_OID.
|
|
|
|
* get_mic, wrap: always uses the remote_subkey
|
|
|
|
* only DES MAC MD5 and DES implemented.
|
|
|
|
* wrap and unwrap always uses DES for sealing even if conf is not
|
|
requested.
|
|
|
|
* minor_status is never set
|
|
|
|
* init_sec_context: `initiator_cred_handle' and `time_req' ignored.
|
|
|
|
* accept_sec_context: the first principal in the srvtab is always used.
|
|
|
|
* accept_sec_context: `acceptor_cred_handle' is ignored.
|
|
|
|
* input channel bindings are not supported
|
|
|
|
* delegation not implemented
|
|
|
|
* anonymous credentials not implemented
|
|
|
|
- lib/hdb
|
|
|
|
* implement encryption of database entries and master keys.
|
|
|
|
- lib/krb5
|
|
|
|
* replay cache not implemented
|
|
|
|
* the following encryption types have been implemented: DES-CBC-CRC,
|
|
DES-CBC-MD4, DES-CBC-MD5
|
|
|
|
* supports the following checksums: CRC32, RSA-MD4, RSA-MD5,
|
|
RSA-MD4-DES, RSA-MD5-DES
|
|
|
|
* always generates a new subkey in an authenticator
|
|
|
|
* probably leaks memory when errors occur
|
|
|
|
* should the sequence numbers be XORed?
|
|
|
|
* encryption and checksum type is still hardcoded in some places.
|
|
|
|
* postdated, renewable, and forwardable tickets are not supported.
|
|
|
|
- lib/roken
|
|
|
|
- lib/sl
|