krb5-strength To-Do List
- * Offer the option of building with a system CrackLib library instead of
- the embedded one. This should come with better documentation of the
- modifications made to the embedded CrackLib and what problems one may
- encounter using an unmodified version.
+ * Update to CrackLib 2.9, which is currently shipped in Debian. This
+ requires testing to confirm that the on-disk data format is still the
+ same.
- * The kadmind patch needs to abort kadmind startup if the plugin could
- not be loaded, or at least needs to reject every password.
+ * Feed back modifications to CrackLib to allow a program to use a custom
+ set of rules, which would allow us to stop embedding our own copy of
+ CrackLib customized to add additional rules.
- * Use a better method to determine 8-bit, 16-bit, and 32-bit types for
- CrackLib.
+ * Do something useful with errors when parsing numeric arguments from
+ krb5.conf configuration or failing to allocate memory when getting
+ string arguments.
+
+ * Use the realm of the principal changing its password to determine the
+ krb5.conf configuration rather than always using the default realm.
+
+ * Refactor the tests for configuration errors in the heimdal-strength
+ test suite into JSON.