URGENT:
o scan ALL modules, so that they use consistent names for structures
and variables in their instantiation (rlm_foo_t *inst), and that they
call rlm_foo_detach() if anything goes wrong, instead of just free()'ing
'inst'. The cf_parse_section().. code may have malloc'd memory, and
that needs to be free'd, too.
o Add a 'listen' directive, ala Apache, so that we can listen
on multiple ports. Hmm... if we do that, we should allow multiple
virtual servers, too.
o Stop unloading modules on HUP so that we can have persistant
handles/socketc/etc from module_init(). Alan D. and Alan C. had a good
plan for when to load/reload modules on the list recently...I say
run with that.
o double-check Cistron 'compat' mode, so that all current users of
Cistron can upgrade "out of the box" to FreeRADIUS
MEDIUM PRIORITY
o go through all of the code and reformat it, for project standards
o go through all of the code, removing unnecessary #include's, and
generating a standard include file order which will work across all
platforms.
o rad_malloc() fixes: child processes/threads ALWAYS kill themselves
if malloc() fails. The main server process does a 'sleep' for N
seconds, and tries again. After T tries, it gives up, and calls exit().
LOW PRIORITY:
o Write better documentation
o Manual pages for the daemon, utilities and conffiles (some done)
o Fix all FIXME's in the source.
o better SNMP statistics support, for the auth/acct servers, and for
each client.
o fix the proxy receive code, so that we don't have to look through ALL
of the requests to find the matching proxy. This might be hard to do..
It would also involve thread locking issues.
WAIT UNTIL NEXT RELEASE:
o UPDATE accounting requests aren't handled as in 1.5.4.3 for wtmp
Is this a problem ? Need to fix in rlm_unix.c
o New module: rlm_fastradwtmp. with a radutmp-style active session
database to guarantee wtmp records are always written in matching
pairs. Because radlast is slow.
o New module: rlm_attrmap. assigns a single attribute based on a
username, with ed-friendly/awk-friendly config file. Because the
users file is too complicated.
o replace the module_t method table with a set of register_* functions
(so different instances of the same module can offer different
methods)
o enable server to run with child processes
(This is a little more difficult than the threading changes)
o switch all timers from time() to gettimeofday() so processing is
less bursty
o SNMP support for querying users who are on-line.
o New module: rlm_nsupdate (dyndns). Because dynamic addresses are
cruel.
o New module: rlm_perl.
WILL NOT DO:
o module initialization AFTER forking, not before.
--- The modules should NOT be setting up any process-dependent
--- information.
o there should be a way that radius itself could
rotate the wtmp file properly. It should write "logout" records for
all users, move the file to wtmp.0, and create a new wtmp file with
"login" records for all currently online users.
--- This work is for an external process to do ---
DONE:
o fix radwho to read modules{radutmp{filename = }}
o Add 'initialize' list in modules, so explicitely give initialization order.
o merge OSF/OSFIA patches from Cistron.
o Fix DBM support:
- Put DBM into its own module
- Multiple defaults (done)
- Fallthrough (hard for not DEFAULT entries)
o modular radutmp and radwtmp, as per Alan Curry's old patches.
o Fix multiple/conflicting VALUE names as pointed out on the list.
e.g. 'Rlogin' has different values when used with different ATTRIBUTEs,
o go through *.c and *.h, adding comments at the top with a copyright,
and a GPL license.
o Integrated Alan Curry's module failover patch.
o add more support for new configuration files
o Fixed potentially long locks on radutmp file by radcheck thread
This means unlocking the file, forking checkrad, and then locking
the file again.
o get rlm_unix to work with multiple instances
o partial split of rlm_files into rlm_fastusers and rlm_detail
o enable server to run in threaded mode
o rlm_realm module for COMPLETE control of proxying on any attribute
o re-transmits of proxied packets
o operator support in pairmove.
o stripping Prefix/Suffix in accounting
o new configuration file /etc/raddb/radius.conf
o Radius proxy support.
o Max-Simultaneous-Use parameter to avoid double logins.
o Specify a program to be run on succesful login
o Prefix/Suffix support
o Change radutmp format to v2 (see radutmp.h)
o move radutmp to /var/log ?
o Compatibility with radius-2.0
o Support for pidfile
o Configurable logging: both radutmp/radwtmp and details files
o session_id is not numeric but an 8-byte (?) string !
o Detect reboot packet sent by portmaster and clear radutmp / wtmp
o Seperate /etc/raddb/clients into public and private file (secret == secret!)
Add ts-type field to clients file for checklogin.pl
Better: return clients to old form (no shortname) and add a new file,
"nas" or so. Matching on this file is done based on Nas-Ip-Address
instead of the IP address of the sender. Better if there's a proxy
in between.
o Allow spaces in usernames (using " or \ to escape)
o Return Proxy-State A/V pairs, in the right order.
o retransmits from the terminal server get proxied with
a new ID and random_vector. We should check for this!
o Limit logins based on time/date
(for example, Login-Hour = 8-18, Login-Day = 0-5 for business hours)
o take out host-order IP addresses
o Support Connect-Rate
o have a config file (or section in radiusd.conf) that tells rlm_sql
what the names of the tables and columns are instead of hardcoding
them
o split rlm_files into rlm_users, rlm_fastusers (in-memory hash),
rlm_detail, they all should share as much code as
possible though, not be big cut-and-paste jobs
o fix the request list walking code, to scan each element no more than
once per second.