lowest complexity. Complexity is a function of both task 'complexity'
and task 'scope'.
+
Core
====
-- connman_element removal
+- Personal firewall
Priority: Low
Complexity: C8
+ Discuss and implement a basic and safe firewalling strategy into
+ Connman. Provide a D-Bus API for personal firewalling.
+
-- DHCP lib server
+- PACRunner extensions
- Priority: High
+ Priority: Low
Complexity: C4
- Owner: Martin Xu <martin.xu@intel.com>
+ Support more URI schemes, support multiple connections, tighter
+ security integration.
-- On demand connection
+
+- Check logging produced by connman_info()
Priority: Medium
- Complexity: C4
- Owner: Samuel Ortiz <sameo@linux.intel.com>
+ Complexity: C1
- With on demand connection applications get connectivity access
- simply by trying to reach the network. They don't need to
- specifically request for a service connection, but ConnMan
- establishes it on their behalf.
- This feature counter part is idle disconnect. ConnMan needs to be
- able to close the on demand established connections by monitoring
- the link activity. This requires kernel support with e.g. the
- netfilter IDLETIMER target.
+ Check that logging produced by connman_info() contains meaningful messages
+ and get rid of the unnecessary ones.
-- Avahi-zeroconf
+
+- Remove --nobacktrace option
+
+ Priority: Medium
+ Complexity: C1
+ When: 2.0
+
+ Remove the --nobacktrace option or change it to --backtrace depending on
+ the level of systemd integration or other factors.
+
+
+- Clean up data structure usage
Priority: Medium
Complexity: C4
- The IPv4 Link Local part should be integrated into DHCP-lib.
+ Use hash tables, queues and lists in the code. Check on the currently used
+ data structures and see if something can be simplified.
+
-- OpenVPN
+- Unit tests for DHCP, DNS and HTTP
+
+ Priority: Low
+ Complexity: C4
+
+ Create unit tests for these components starting with DHCP. Use gtest
+ from GLib for this task similarly to what has been done for OBEX in Bluez
+ and oFono in general.
+
+
+- Support other time sources than NTP
Priority: Low
Complexity: C2
+ Support other time sources like cellular, GPS in addition to NTP.
+
-- VPNc
+- Get interface names from src/device.c
Priority: Low
Complexity: C2
+ Instead of using ioctls in connman_inet_ifindex and connman_inet_ifname,
+ utilize the information already provided by netlink in src/device.c.
-- iptables wrapper
- Priority: High
+- Support D-Bus ObjectManager
+
+ Priority: Medium
Complexity: C4
- Owner: Samuel Ortiz <sameo@linux.intel.com>
- ConnMan needs to be able to set iptables rules and tables for both
- tethering and on demand connection.
- The main idea is to define an internal API for talking to the
- netfilter socket in order to set our tables and rules. Being in
- sync with the actual iptables library might be problematic.
- A less elegant solution would be a process based one, that would
- simply call the iptables executable.
+ Support D-Bus ObjectManager by using functionality already present in
+ ./gdbus. Method calls and signals are already registered with gdbus, but
+ properties and replies especially in Agent are still handled with plain
+ dbus library function calls.
+
+ With this, Manager API is removed, and a WiFi P2P API based on
+ ObjectManager common to Linux desktops can be implemented.
+
+
+Tethering
+=========
+
+- Verify if bridge has been correctly created and configured
+
+ Priority: Low
+ Complexity: C1
+
+ When enabling tethering check if there was any error while creating and
+ configuring the bridge before continue. It has been done only for WiFi
+ technology, for other tethering technologies it should be evaluated
+ and implemented in case it is advantageous.
+
+
+WiFi
+====
-- Tethering
+- Clean up WiFi data structure usage
Priority: Medium
- Complexity: C8
- Owner: Marcel Holtmann <marcel@holtmann.org>
- Dependencies: Core:iptables wrapper
- Dependencies: Core:DHCP lib server
+ Complexity: C2
- Bluetooth, USB and WiFi tethering.
- The tethering framework would typically allow sharing the 3G data
- link between WiFi, Bluetooth or USB clients.
- A bridge needs to be setup and all tethering connections are added
- to it. A DHCP server and a DNS proxy will be running on the bridge.
- Then IP forwarding and masquerading will be set between the default
- service and the bridge interface.
+ Struct wifi_data is passed as a pointer in some of the wifi plugin
+ callbacks. For example removing a WiFi USB stick causes RTNL and
+ wpa_supplicant to call the wifi plugin at the same time causing the
+ freeing of the wifi data structure. Fix up the code to have proper
+ reference counting or other handling in place for the shared wifi data
+ and the members in the data structure.
-- Agent callbacks
+- EAP-AKA/SIM
Priority: Medium
Complexity: C2
+ This EAP is needed for SIM card based network authentication.
+ ConnMan here plays a minor role: Once wpa_supplicant is set up for
+ starting and EAP-AKA/SIM authentication, it will talk to a SIM card
+ through its pcsc-lite API.
+
-- pacrunner
+- EAP-FAST
- Priority: High
- Complexity: C4
- Owner: Mohamed Abbas <mohamed.abbas@intel.com>
+ Priority: Low
+ Complexity: C1
- pacrunner is a standalone daemon that downloads and interpret PAC
- files through a JavaScript interpreter. Once the interpretation is
- done, pacrunner is able to associate a proxy with an URL.
- pacrunner D-Bus interface exports a configuration API for passing
- it the PAC URLs. It also provide a FindProxyForURL() API for
- application to know which proxies to use.
- ConnMan will use pacrunner for both auto and manual proxy
- configurations. Then applications should talk to pacrunner (through
- libproxy for example) to find the right proxies.
- ConnMan will also use the FindProxyForURL() pacruner API for a more
- stable and accurate online detection code.
+- Removing wpa_supplicant 0.7.x legacy support
-- Moving DNS proxy code to ConnMan core
+ Priority: Low
+ Complexity: C1
- Priority: Medium
- Complexity: C2
+ Removing global country property setter in gsupplicant, and removing
+ wifi's technology set_regdom implementation. Removing autoscan fallback.
+ (Note: should be done around the end 2012)
- Supporting DNS proxy or resolv.conf direct editing seems more than
- plenty as far as resolving is concerned. So the idea is to move the
- dnsproxy plugin code to ConnMan core and have an additional command
- line option in case one would like to stick with the current
- resolver.c code for editing resolv.conf.
+Bluetooth
+=========
-WiFi
-====
-- WPS
+Cellular
+========
- Priority: Low
- Complexity: C2
- Dependencies: Core:Agent callbacks
+VPN
+===
-- Ad-Hoc support
+- IPsec
Priority: Medium
- Complexity: C2
- Dependencies: Core:Avahi-zeroconf
+ Complexity: C4
-- Fast Connect
+- L2TP & PPTP compatibility prefix removal
- Priority: Low
- Complexity: C4
- Dependencies: WiFi:libsupplicant
- Owner: Samuel Ortiz <sameo@linux.intel.com>
+ Priority: Medium
+ Complexity: C1
+ When: connman 2.0
+ The VPN config file provisioning patchset contains code that makes
+ PPP options to be marked by "PPPD." prefix. The code supports also
+ old "L2TP." and "PPTP." prefix for PPP options. Remove the compatibility
+ code and only allow "PPPD." prefix for PPP options.
-- EAP-AKA/SIM
+
+- Update VPNC and OpenVPN with Agent support
Priority: Medium
Complexity: C2
- Owner: Samuel Ortiz <sameo@linux.intel.com>
- This EAP is needed for SIM card based network authentication.
- ConnMan here plays a minor role: Once wpa_supplicant is set up for
- starting and EAP-AKA/SIM authentication, it will talk to a SIM card
- through its pcsc-lite API.
+ Update VPNC and OpenVPN with VPN Agent support to request possible user
+ ids and passphrases.
-- WiFi p2p
+- Change OpenConnect plugin to use libopenconnect
Priority: Medium
- Complexity: C2
+ Complexity: C4
+ Current implementation of OpenConnect uses screenscraping and interactive
+ mode for accepting self signed certificates and reacting to PKCS pass
+ phrase requests. This should be replaced with libopenconnect use. It may be
+ worthwhile to attempt to replace the whole authentication with the use of
+ openconnect_obtain_cookie() whatever authentication type is used. This
+ would lead to using only the cookie when connecting (--cookie-on-stdin)
+ and would cleanup the code at run_connect().
-Bluetooth
-=========
+ The usage of stdout can be removed as unnecessary. Cookie should be
+ retrieved with openconnect_obtain_cookie(). Remove this also from
+ connman_task_run().
+
+ Function is_valid_protocol() must use openconnect_get_supported_protocols.
+ Also the static const char *protocols[] would be unnecessary.
+
+ Reading the stderr with byte-by-byte approach is to be removed, as well as
+ are the PKCS failures and requests in stderr IO channel processing.
+
+ The use of interactive mode toggle is to be removed. Non-interactive mode
+ must be used, which leads to using --syslog with each authentication type
+ as task arg.
+
+ If the peer certificate cannot be verified with normal means it is because
+ the peer certificate is self signed and the user setting
+ "AllowSelfSignedCert" has to be used for the verify certificate callback
+ reply. The callback for certificate validation must return zero if user has
+ allowed self signed certificates. In such case save the SHA1 fingerprint of
+ server certificate as it is done now, otherwise indicate error to
+ libopenconnect.
-- DUN client
+Tools
+=====
+
+- Add Clock API support to connmanctl
Priority: Low
- Complexity: C4
+ Complexity: C2
+
+ The connmanctl command line tool should support Clock API.