1
* test reachability problems with LDAP server more
2
1
* write more unit tests
3
* maybe implement a connection object in the myldap module that is shared
4
by different sessions (sessions need to be cleaned up)
5
2
* add sanity checking code (e.g. not too large buffer allocation and checking
6
3
that host, user, etc do not contain funky characters) in all server modules
7
4
* log some statistics: "passwd=100 shadow=10 host=20 rpc=10" (10 req/minute)
8
* in the server: once the request is done pass the flushing of the buffers to
9
a separate thread so our workers are available to handle new requests
10
(test whether this actually improves performace)
11
* split out idle checking into separate function so we may be able to call it
12
periodically from elsewhere (e.g. the main loop)
13
5
* add an option to create an extra socket somewhere (so it may be used in
15
7
* make I/O timeout between NSS lib and daemon configurable with configure
16
* ethers: also look in ipHostNumber attribute to look up an IPv4 (IPv6)
17
address and return it as an alternative entry (investigate whether this is
19
8
* protocols/rpc: the description attribute should be used as an alias?
20
* do more checks with failing LDAP connections (e.g. killing connections)
21
* maybe make myldap code thread-safe (use locking)
22
9
* review changes in nss_ldap and merge any useful changes
23
10
* maybe rate-limit LDAP entry warnings
24
* only parse nslcd.conf options if they are available on the platform
25
* maybe support memberOf attribute in passwd entries that map to groups
26
11
* setnetgrent() may need to return an error if the netgroup is undefined
27
* handle repeated calls to getent() better (see http://bugzilla.padl.com/show_bug.cgi?id=376)
12
* handle repeated calls to getent() better
13
(see http://bugzilla.padl.com/show_bug.cgi?id=376)
28
14
* make it possible to start nslcd real early in the boot process and have
29
15
it become available when it determines it can (other timeout/retry mechanism
31
* write a simple PAM test application
17
* implement requesting and handling password policy information when binding
19
* implement nested groups
20
* implement other services in nslcd: sudo and autofs are candidates
21
* restart unscd on postinst, just like nscd (or perhaps do nscd -i <MAP>)
22
* instead of library symbol, use environment variable to disable NSS module
23
* properly test Solaris support
24
* fix buffer handling in read_**string() functions (Solaris support)
25
* complete pynslcd implementation
26
* implement chsh and chfn in nslcd PAM code and make chsh.ldap and chfn.ldap
28
* have nslcd flush the nscd caches when reconnecting to the LDAP server after
30
* have PAM code support password policy of server (see pam_ldap)
31
* also add a max uid option for PAM module