version 3.0

ssh/TODO

@@ -0,0 +1,18 @@
+Everything has been sort-of hacked together to get something working.  Lots to
+do to make it not awful.
+o) Make the send and receive processes more asynchronous.  Really want to be
+   able to not have to do long, synchronous encryption operations, etc.
+o) Make the Crypto* stuff less awful.  It seems like the Method abstraction is
+   perhaps not worth it.
+o) Do separate algorithm from instance in the SSH code.  It's a mess right now,
+   what with the clone() methods.  Yuck.
+o) Make sure all those things created by new have appropriate deletes somewhere.
+o) Likewise, go over all the RSA, DH, BIGNUM, etc., stuff and add frees.
+o) Maybe don't ever generate random padding?
+o) Some kind of server public key verification callback.
+o) Figure out a naming scheme.  Packet, payload, MACs, etc., all have lots of
+   different names.  Hard because we sometimes need to have a Buffer and a
+   uint8_t array for the same data.  But the code is hard to read due to all the
+   inconsistency and duplication.
+o) Split up the key exchange input method.  It's harder to check whether its
+   variables are used safely since they're in a big, combined lump.