From a848231ae0f346dc7cc000973fbeb65b0894ee92 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Wed, 10 Apr 2024 21:59:03 +0200 Subject: Adding upstream version 3.8.5. Signed-off-by: Daniel Baumann --- TLS_TODO | 39 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 39 insertions(+) create mode 100644 TLS_TODO (limited to 'TLS_TODO') diff --git a/TLS_TODO b/TLS_TODO new file mode 100644 index 0000000..0559010 --- /dev/null +++ b/TLS_TODO @@ -0,0 +1,39 @@ +This list does not really follow priority. + +* Code cleanup: split smtp_session.c into generic SMTP, legacy TLS, + and current TLS. The amount of TLS code now dominates the file. + Do this after all other code revisions stabilize, to avoid + complicating code reviews. + +* Code cleanup: TLS_LEV_NOTFOUND no longer belongs in the TLS + library. It is an SMTP-client only feature. To fix, change the + policy lookup API and use a different method to indicate if a + policy was found. At the same time, fix policy lookup to initialize + session->tls_level. + +* Code cleanup: see if multiple consecutive switches can be aggregated + (set_cipher_grade() and session_tls_init()). + +* Implement support of CRL checking. OpenSSL 0.9.7 finally supports CRLs, + so Postfix/TLS should support loading CRLs. + +* Cleanup the "pfixtls" special logging, so that it fits Wietses original + "per site" decision to make debugging easier. + +* Move TLS based information from separate lines into Postfix's smtpd + logging lines to make logfile analysis easier. + +* Check the "info_callback" for sensitive use. I already had to remove the + "warning alert" issued on normal shutdown. Why is a warning issued for + a normal shutdown?? + +* Introduce new tls_per_client table to achieve the same selective behaviour + for incoming connections. + +* Introduce better support for "opportunistic" encryption: collect information + about peers connecting; log warnings when the key changed etc. + [I am not sure that I already have the best answers available.] + +* Find a way to use the certificates themselves instead of the fingerprints + to allow certificate based relaying. The maintenance of the fingerprints + is a nightmare. -- cgit v1.2.3