~ubuntu-branches/ubuntu/maverick/nss-pam-ldapd/maverick : contents of TODO at revision 7

~ubuntu-branches/ubuntu/maverick/nss-pam-ldapd/maverick : (revision 7)

* test reachability problems with LDAP server more
* write more unit tests
* maybe implement a connection object in the myldap module that is shared
  by different sessions (sessions need to be cleaned up)
* add sanity checking code (e.g. not too large buffer allocation and checking
  that host, user, etc do not contain funky characters) in all server modules
* log some statistics: "passwd=100 shadow=10 host=20 rpc=10" (10 req/minute)
* in the server: once the request is done pass the flushing of the buffers to
  a separate thread so our workers are available to handle new requests
  (test whether this actually improves performace)
* tune the filter and parameter buffer sizes
* split out idle checking into separate function so we may be able to call it
  periodically from elsewhere (e.g. the main loop)
* add an option to create an extra socket somewhere (so it may be used in
  chroot jails)
* make I/O timeout between NSS lib and daemon configurable with configure
* ethers: also look in ipHostNumber attribute to look up an IPv4 (IPv6)
  address and return it as an alternative entry (investigate whether this is
  sane)
* protocols/rpc: the description attribute should be used as an alias?
* do more checks with failing LDAP connections (e.g. killing connections)
* maybe make myldap code thread-safe (use locking)
* review changes in nss_ldap and merge any useful changes
* maybe rate-limit LDAP entry warnings
* only parse configuration options if they are available on the platform
* have some more general mechanism to disable NSS lookups from nslcd
* maybe support memberOf attribute in passwd entries that map to groups
* setnetgrent() may need to return an error if the netgroup is undefined
* handle repeated calls to getent() better (see http://bugzilla.padl.com/show_bug.cgi?id=376)
* make it possible to start nslcd real early in the boot process and have
  it become available when it determines it can (other timeout/retry mechanism
  on startup)
* write a simple PAM test application

1 by Arthur de Jong * rename software to nss-pam-ldapd to indicate that PAM module is now a	1	* test reachability problems with LDAP server more
	2	* write more unit tests
	3	* maybe implement a connection object in the myldap module that is shared
	4	by different sessions (sessions need to be cleaned up)
	5	* add sanity checking code (e.g. not too large buffer allocation and checking
	6	that host, user, etc do not contain funky characters) in all server modules
	7	* log some statistics: "passwd=100 shadow=10 host=20 rpc=10" (10 req/minute)
	8	* in the server: once the request is done pass the flushing of the buffers to
	9	a separate thread so our workers are available to handle new requests
	10	(test whether this actually improves performace)
	11	* tune the filter and parameter buffer sizes
	12	* split out idle checking into separate function so we may be able to call it
	13	periodically from elsewhere (e.g. the main loop)
	14	* add an option to create an extra socket somewhere (so it may be used in
	15	chroot jails)
	16	* make I/O timeout between NSS lib and daemon configurable with configure
	17	* ethers: also look in ipHostNumber attribute to look up an IPv4 (IPv6)
	18	address and return it as an alternative entry (investigate whether this is
	19	sane)
	20	* protocols/rpc: the description attribute should be used as an alias?
	21	* do more checks with failing LDAP connections (e.g. killing connections)
	22	* maybe make myldap code thread-safe (use locking)
	23	* review changes in nss_ldap and merge any useful changes
	24	* maybe rate-limit LDAP entry warnings
	25	* only parse configuration options if they are available on the platform
	26	* have some more general mechanism to disable NSS lookups from nslcd
	27	* maybe support memberOf attribute in passwd entries that map to groups
	28	* setnetgrent() may need to return an error if the netgroup is undefined
	29	* handle repeated calls to getent() better (see http://bugzilla.padl.com/show_bug.cgi?id=376)
	30	* make it possible to start nslcd real early in the boot process and have
	31	it become available when it determines it can (other timeout/retry mechanism
	32	on startup)
3 by Arthur de Jong * some attributes may be mapped to a shell-like expression that expand	33	* write a simple PAM test application