lowest complexity. Complexity is a function of both task 'complexity'
and task 'scope'.
+
Core
====
-- Session API implementation
+- Personal firewall
+
+ Priority: Low
+ Complexity: C8
+
+ Discuss and implement a basic and safe firewalling strategy into
+ Connman. Provide a D-Bus API for personal firewalling.
+
- Priority: High
+- PACRunner extensions
+
+ Priority: Low
Complexity: C4
- Owner: Daniel Wagner <daniel.wagner@bmw-carit.de>
- Owner: Samuel Ortiz <sameo@linux.intel.com>
- The session API should provide a connection abstraction in order to
- prioritize applications network accesses, prevent or allow network
- and bearer roaming, or provide applications with a way to request
- for periodic network connections. On-demand connections will be
- implemented through this API as well.
- See http://www.mail-archive.com/connman@connman.net/msg01653.html
+ Support more URI schemes, support multiple connections, tighter
+ security integration.
-- WiSPR support
+- Check logging produced by connman_info()
Priority: Medium
- Complexity: C4
- Owner: Marcel Holtmann <marcel@holtmann.org>
+ Complexity: C1
- Based on the portal detection parsing results, and provisioned
- credentials, ConnMan should be able to initiate a WiSPR authentication.
+ Check that logging produced by connman_info() contains meaningful messages
+ and get rid of the unnecessary ones.
-- DNS caching
+- Remove --nobacktrace option
- Priority: Low
- Complexity: C4
+ Priority: Medium
+ Complexity: C1
+ When: 2.0
- A simple initial implementation would see ConnMan's dnsproxy
- caching the DNS record based on their TTL.
+ Remove the --nobacktrace option or change it to --backtrace depending on
+ the level of systemd integration or other factors.
-- Power management
+- Clean up data structure usage
Priority: Medium
Complexity: C4
- Owner: Samuel Ortiz <sameo@linux.intel.com>
- Implement a simple device pm hook that ConnMan's core code would
- use whenever it decides to put devices in power save mode. Although
- the kernel runtime power management code should take care of that,
- not all driver (especially WiFi ones) implement runtime PM hooks.
+ Use hash tables, queues and lists in the code. Check on the currently used
+ data structures and see if something can be simplified.
-- IPv6 gateway handling
+- Unit tests for DHCP, DNS and HTTP
- Priority: Medium
+ Priority: Low
Complexity: C4
- We should be able to switch between IPv6 only services and thus
- change the default IPv6 gateway on the fly. For that we need to
- improve the connection.c code to properly handle IPv6 gateways.
+ Create unit tests for these components starting with DHCP. Use gtest
+ from GLib for this task similarly to what has been done for OBEX in Bluez
+ and oFono in general.
-- IP ranges allocation and check
+- Support other time sources than NTP
- Priority: High
+ Priority: Low
Complexity: C2
- For both tethering and private networks, but also to detect invalid
- static IP configurations, we need to have a core IP range layer
- that manages all currently used IP blocks.
+ Support other time sources like cellular, GPS in addition to NTP.
-- Personal firewall
+- Get interface names from src/device.c
Priority: Low
- Complexity: C8
+ Complexity: C2
- Extend the iptables code and provide a D-Bus API for personal firewalling.
+ Instead of using ioctls in connman_inet_ifindex and connman_inet_ifname,
+ utilize the information already provided by netlink in src/device.c.
-- PACRunner extensions
+- Support D-Bus ObjectManager
- Priority: Low
+ Priority: Medium
Complexity: C4
- Support more URI schemes, support multiple connections, tighter
- security integration.
+ Support D-Bus ObjectManager by using functionality already present in
+ ./gdbus. Method calls and signals are already registered with gdbus, but
+ properties and replies especially in Agent are still handled with plain
+ dbus library function calls.
+ With this, Manager API is removed, and a WiFi P2P API based on
+ ObjectManager common to Linux desktops can be implemented.
+
+
+Tethering
+=========
+
+- Verify if bridge has been correctly created and configured
+
+ Priority: Low
+ Complexity: C1
+
+ When enabling tethering check if there was any error while creating and
+ configuring the bridge before continue. It has been done only for WiFi
+ technology, for other tethering technologies it should be evaluated
+ and implemented in case it is advantageous.
WiFi
====
-- Ad-Hoc support
+- Clean up WiFi data structure usage
Priority: Medium
Complexity: C2
- Owner: Samuel Ortiz <sameo@linux.intel.com>
-
-
-- Fast Connect
- Priority: Low
- Complexity: C4
- Owner: Samuel Ortiz <sameo@linux.intel.com>
+ Struct wifi_data is passed as a pointer in some of the wifi plugin
+ callbacks. For example removing a WiFi USB stick causes RTNL and
+ wpa_supplicant to call the wifi plugin at the same time causing the
+ freeing of the wifi data structure. Fix up the code to have proper
+ reference counting or other handling in place for the shared wifi data
+ and the members in the data structure.
- EAP-AKA/SIM
Priority: Medium
Complexity: C2
- Owner: Samuel Ortiz <sameo@linux.intel.com>
This EAP is needed for SIM card based network authentication.
ConnMan here plays a minor role: Once wpa_supplicant is set up for
Priority: Low
Complexity: C1
- Owner: Henri Bragge <henri.bragge@ixonos.com>
-
-
-- EAP-GTC
-
- Priority: Low
- Complexity: C1
- Owner: Henri Bragge <henri.bragge@ixonos.com>
-- WiFi p2p
+- Removing wpa_supplicant 0.7.x legacy support
- Priority: Medium
- Complexity: C2
+ Priority: Low
+ Complexity: C1
+ Removing global country property setter in gsupplicant, and removing
+ wifi's technology set_regdom implementation. Removing autoscan fallback.
+ (Note: should be done around the end 2012)
Bluetooth
=========
-- DUN client
-
- Priority: Low
- Complexity: C4
- Owner: Mario Tokarz <mario.tokarz@bmw-carit.de>
-
-
Cellular
========
VPN
===
-- l2tp support
+- IPsec
- Priority: Low
- Complexity: C2
- Owner: Mohamed Abbas <mohamed.abbas@intel.com>
+ Priority: Medium
+ Complexity: C4
-- pptp support
+- L2TP & PPTP compatibility prefix removal
- Priority: Low
+ Priority: Medium
+ Complexity: C1
+ When: connman 2.0
+
+ The VPN config file provisioning patchset contains code that makes
+ PPP options to be marked by "PPPD." prefix. The code supports also
+ old "L2TP." and "PPTP." prefix for PPP options. Remove the compatibility
+ code and only allow "PPPD." prefix for PPP options.
+
+
+- Update VPNC and OpenVPN with Agent support
+
+ Priority: Medium
Complexity: C2
- Owner: Mohamed Abbas <mohamed.abbas@intel.com>
+ Update VPNC and OpenVPN with VPN Agent support to request possible user
+ ids and passphrases.
-- IPsec
- Priority: Low
+- Change OpenConnect plugin to use libopenconnect
+
+ Priority: Medium
Complexity: C4
+ Current implementation of OpenConnect uses screenscraping and interactive
+ mode for accepting self signed certificates and reacting to PKCS pass
+ phrase requests. This should be replaced with libopenconnect use. It may be
+ worthwhile to attempt to replace the whole authentication with the use of
+ openconnect_obtain_cookie() whatever authentication type is used. This
+ would lead to using only the cookie when connecting (--cookie-on-stdin)
+ and would cleanup the code at run_connect().
+
+ The usage of stdout can be removed as unnecessary. Cookie should be
+ retrieved with openconnect_obtain_cookie(). Remove this also from
+ connman_task_run().
+
+ Function is_valid_protocol() must use openconnect_get_supported_protocols.
+ Also the static const char *protocols[] would be unnecessary.
+
+ Reading the stderr with byte-by-byte approach is to be removed, as well as
+ are the PKCS failures and requests in stderr IO channel processing.
+
+ The use of interactive mode toggle is to be removed. Non-interactive mode
+ must be used, which leads to using --syslog with each authentication type
+ as task arg.
-- Split tunnelling
+ If the peer certificate cannot be verified with normal means it is because
+ the peer certificate is self signed and the user setting
+ "AllowSelfSignedCert" has to be used for the verify certificate callback
+ reply. The callback for certificate validation must return zero if user has
+ allowed self signed certificates. In such case save the SHA1 fingerprint of
+ server certificate as it is done now, otherwise indicate error to
+ libopenconnect.
+
+Tools
+=====
+
+- Add Clock API support to connmanctl
Priority: Low
- Complexity: C8
- Dependencies: Core:Private networks
+ Complexity: C2
- The current VPN support puts the VPN interface at the top of the
- service list, giving VPNs the default route. When doing split
- tunneling, the system routes packet to the VPN interface for
- private IPs, while going through the default interface for the rest
- of the traffic.
+ The connmanctl command line tool should support Clock API.
projects / platform / upstream / connman.git / blobdiff