TODO   [plain text]


URGENT:
o scan ALL modules, so that they use consistent names for structures
  and variables in their instantiation (rlm_foo_t *inst), and that they
  call rlm_foo_detach() if anything goes wrong, instead of just free()'ing
  'inst'.  The cf_parse_section().. code may have malloc'd memory, and
  that needs to be free'd, too.
o Stop unloading modules on HUP so that we can have persistant
  handles/socketc/etc from module_init().  Alan D. and Alan C. had a good
  plan for when to load/reload modules on the list recently...I say
  run with that.
o double-check Cistron 'compat' mode, so that all current users of
  Cistron can upgrade "out of the box" to FreeRADIUS

MEDIUM PRIORITY
o go through all of the code and reformat it, for project standards
o go through all of the code, removing unnecessary #include's, and
  generating a standard include file order which will work across all
  platforms.
o rad_malloc() fixes:  child processes/threads ALWAYS kill themselves
  if malloc() fails.  The main server process does a 'sleep' for N
  seconds, and tries again.  After T tries, it gives up, and calls exit().

LOW PRIORITY:
o Write better documentation
o Manual pages for the daemon, utilities and conffiles (some done)
o Fix all FIXME's in the source.
o better SNMP statistics support, for the auth/acct servers, and for
  each client.

WAIT UNTIL NEXT RELEASE:
o UPDATE accounting requests aren't handled as in 1.5.4.3 for wtmp
  Is this a problem ? Need to fix in rlm_unix.c
o New module: rlm_fastradwtmp. with a radutmp-style active session
  database to guarantee wtmp records are always written in matching
  pairs. Because radlast is slow.
o replace the module_t method table with a set of register_* functions
  (so different instances of the same module can offer different
  methods)
o enable server to run with child processes
  (This is a little more difficult than the threading changes)
o switch all timers from time() to gettimeofday() so processing is
  less bursty
o SNMP support for querying users who are on-line.
o New module: rlm_nsupdate (dyndns). Because dynamic addresses are
  cruel.

WILL NOT DO:
o module initialization AFTER forking, not before.
	--- The modules should NOT be setting up any process-dependent
	--- information.

o there should be a way that radius itself could
  rotate the wtmp file properly. It should write "logout" records for
  all users, move the file to wtmp.0, and create a new wtmp file with
  "login" records for all currently online users.
	--- This work is for an external process to do ---

DONE:
o IPv6
o proxy receive rbtree stuff
o rlm_perl
o "listen" directive
o fix radwho to read modules{radutmp{filename = }}
o Add 'initialize' list in modules, so explicitely give initialization order.
o merge OSF/OSFIA patches from Cistron.
o Fix DBM support:
  - Put DBM into its own module
  - Multiple defaults (done)
  - Fallthrough (hard for not DEFAULT entries)
o modular radutmp and radwtmp, as per Alan Curry's old patches.
o Fix multiple/conflicting VALUE names as pointed out on the list.
   e.g. 'Rlogin' has different values when used with different ATTRIBUTEs,
o go through *.c and *.h, adding comments at the top with a copyright,
  and a GPL license.
o Integrated Alan Curry's module failover patch.
o add more support for new configuration files
o Fixed potentially long locks on radutmp file by radcheck thread
  This means unlocking the file, forking checkrad, and then locking
  the file again.
o get rlm_unix to work with multiple instances
o partial split of rlm_files into rlm_fastusers and rlm_detail
o enable server to run in threaded mode
o rlm_realm module for COMPLETE control of proxying on any attribute
o re-transmits of proxied packets
o operator support in pairmove.
o stripping Prefix/Suffix in accounting
o new configuration file /etc/raddb/radius.conf
o Radius proxy support.
o Max-Simultaneous-Use parameter to avoid double logins.
o Specify a program to be run on succesful login
o Prefix/Suffix support
o Change radutmp format to v2 (see radutmp.h)
o move radutmp to /var/log ?
o Compatibility with radius-2.0
o Support for pidfile
o Configurable logging: both radutmp/radwtmp and details files
o session_id is not numeric but an 8-byte (?) string !
o Detect reboot packet sent by portmaster and clear radutmp / wtmp
o Seperate /etc/raddb/clients into public and private file (secret == secret!)
  Add ts-type field to clients file for checklogin.pl
  Better: return clients to old form (no shortname) and add a new file,
  "nas" or so. Matching on this file is done based on Nas-Ip-Address
  instead of the IP address of the sender. Better if there's a proxy
  in between.
o Allow spaces in usernames (using " or \ to escape)
o Return Proxy-State A/V pairs, in the right order.
o retransmits from the terminal server get proxied with
  a new ID and random_vector. We should check for this!
o Limit logins based on time/date 
  (for example, Login-Hour = 8-18, Login-Day = 0-5 for business hours)
o take out host-order IP addresses
o Support Connect-Rate
o have a config file (or section in radiusd.conf) that tells rlm_sql
  what the names of the tables and columns are instead of hardcoding
  them
o split rlm_files into rlm_users, rlm_fastusers (in-memory hash),
  rlm_detail, they all should share as much code as
  possible though, not be big cut-and-paste jobs
o fix the request list walking code, to scan each element no more than
  once per second.