Remove completed to-do items

While this file has not really been updated in years, some of the
completed items can easily be removed.

Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
Jouni Malinen 2014-11-01 16:24:36 +02:00
parent 01b32d5e36
commit ee231fdb2b

View file

@ -5,8 +5,6 @@ To do:
authentication has been completed (cache scard data based on serial#(?)
and try to optimize next connection if the same card is present for next
auth)
- on disconnect event, could try to associate with another AP if one is
present in scan results; would need to update scan results periodically..
- if driver/hw is not WPA2 capable, must remove WPA_PROTO_RSN flag from
ssid->proto fields to avoid detecting downgrade attacks when the driver
is not reporting RSN IE, but msg 3/4 has one
@ -24,8 +22,7 @@ To do:
RFC 3748 Sect. 4.2
- test compilation with gcc -W options (more warnings?)
(Done once; number of unused function arguments still present)
- add proper support for using dot11RSNAConfigSATimeout
- ctrl_iface: get/set/remove blob
- ctrl_iface: get/remove blob
- use doc/docbook/*.sgml and docbook2{txt,html,pdf} to replace README and
web pages including the same information.. i.e., have this information only
in one page; how to build a PDF file with all the SGML included?
@ -56,14 +53,11 @@ To do:
- try to work around race in configuring PTK and sending msg 4/4 (some NDIS
drivers with ndiswrapper end up not being able to complete 4-way handshake
in some cases; extra delay before setting the key seems to help)
- add wpa_secure_memzero() macro and secure implementation (volatile u8*) to
clear memory; this would be used to clear temporary buffers containing
private data (e.g., keys); the macro can be defined to NOP in order to save
space (i.e., no code should depend on the macro doing something)
- make sure that TLS session cache is not shared between EAP types or if it
is, that the cache entries are bound to only one EAP type; e.g., cache entry
created with EAP-TLS must not be allowed to do fast re-auth with EAP-TTLS
- consider moving eap_tls_build_ack() call into eap_tls_process_helper()
- consider moving eap_peer_tls_build_ack() call into
eap_peer_tls_process_helper()
(it seems to be called always if helper returns 1)
* could need to modify eap_{ttls,peap,fast}_decrypt to do same
- add support for fetching full user cert chain from Windows certificate