**
** beta_0.9 requirements
**

**
** Release 1.0 requirements
**

* Logging to syslog (done)
* Complete admin program (done)
   - Admin program should use eurephiaDB (done)
   - Add / Delete / Modify users (done)
   - Add / Delete / Modify certificates (by loading the certfile) (done)
   - Add / Remove user->certlink (done)
   - Add / Remove access profiles (done)
   - Show Add / Delete blacklisted users/cert/IP addr (done)
   - Show complete lastlog (done)
   - Simplify all admin functions in dbdriver (done)

**
** Release 1.1 requirements
**

* enhanced firewall thread (fork)
   - Write a binary which is executed via execve(...) after fork
     (this should release memory kept by openvpn in the forked process)
   - This binary will be started by the eurephia plug-in
   - This binary loads the firewall interface (dlopen)
   - This binary takes care of opening up and destructing of message
     queues and semaphores
* Separate database API and openvpn plug-in
   - Have a separate eurephia daemon which can be chrooted and locked
     down.  Communicate via SSL, a unix socket or Posix MQ.
   - The eurephia daemon will load the database driver and do all
     authentication and DB work.
   - The openvpn plug-in wil only implement an API to the eurephia daemon
     and will never do decisions by itself.
   - Firewall changes will be propagated from the openvpn plug-in at this phase
* Admin utility - add ePasswd program
   - Changes password in the eurephia user database for the eurephia
     authenticated user
   - This utility will communicate with the eurephia daemon, so all
     authentication is taken care of outside this program.


**
** Release 1.1
**

* Write PostgreSQL driver
* Write MySQL driver


**
** Wish list
**

* A lot of QA utilities (release 1.1?)
   - Writing test program for DB drivers
       - which tests only the driver (loads .so file)
       - which tests the API, simulating openvpn calls
   - Check that user gets blocked and blacklisted on too many failing attempts
   - Check that right connection profiles are used
   - Check that user/cert matches

* Write web based admin GUI, using libmicrohttpd (release 1.2?)


* Implement Kerberos user authentication (release 1.3?)
   - User/password authentication is done via Kerberos, using
     userID(?) from Kerberos ... to replace openvpn_users

* Consider some way of LDAP integration as well