wolfSSL: Use LIBWOLFSSL_VERSION_HEX to decide whether or not to use WOLFSSL_X509_V_OK

[privoxy.git] / TODO

diff --git a/TODO b/TODO
index 2f6ea91..f6c839f 100644 (file)
--- a/TODO
+++ b/TODO
@@ -189,7 +189,7 @@ https://www.privoxy.org/donate
 86) Add a server-body-tagger action. This is trivial as as all the
     functionality required to do it already exists.
 
-87) Add a client-body-tagger action. This, too, is trivial.
+87) Add a client-body-tagger action. Work in progress.
 
 88) Investigate if there's a Perl module that Privoxy-Regression-Test
     could optionally use to keep connections alive, preferably while
@@ -356,8 +356,6 @@ https://www.privoxy.org/donate
      probably shouldn't be affected (such as actions like
      forward-override). Investigate and fix or document.
 
-142) Remove or update the "internal" pcre version.
-
 143) Add support for OpenBSD's pledge feature once it's stablelized.
      This should be a lot less work then #124.
 
@@ -379,7 +377,7 @@ https://www.privoxy.org/donate
      currently can result in client requests to config.privoxy.org on the
      Internet which may not be desirable.
 
-150) Add blacklistd support.
+150) Add blocklistd support (https://man.netbsd.org/blocklistd.8).
 
 151) Let the dok-tidy target work cross-platform without introducing
      a ton of white-space changes that hide the content changes.
@@ -424,10 +422,6 @@ https://www.privoxy.org/donate
 163) Use subdirectories in the certificate-directory to lower the number
      of files per directory.
 
-164) Evaluate switching from pcreposix(3) to pcre's native api
-     for URL matching which allows to compile the patterns once
-     at load-time.
-
 165) Add a max-connections-per-client directive.
 
 167) Set up a public Privoxy-Filter-Test instance.
@@ -477,7 +471,7 @@ https://www.privoxy.org/donate
      when https inspecting while using a forwarding proxy.
 
 184) Add support for wolfSSL. Work in progress, expected to be
-     committed after the 3.0.32 release. Funded with donations
+     committed after the 3.0.34 release. Funded with donations
      made to the Privoxy project.
 
 185) The mbedTLS and OpenSSL versions of generate_host_certificate()
@@ -534,6 +528,22 @@ https://www.privoxy.org/donate
 200) Add a config directive that causes Privoxy to remove all
      host certificates before exiting.
 
+201) Add an action to change the trusted-cas-file for a section.
+     This should be useful in countries where a person-in-the-middle
+     attack is known to happen on some domains but should not be tolerated
+     on others. It would also allow to limit the accepted CA certificates
+     for given domains instead of accepting all that are specified with
+     the trusted-cas-file directive.
+
+202) Allow to use multiple log files with different debug settings.
+     Suggested by Jonathan Marten in FR#607.
+
+203) Add HTTP/2 support.
+
+204) Make the Privoxy website available over IPv6.
+
+205) Document how commit messages should look like.
+
 ##########################################################################
 
 Hosting wish list (relevant for #53)