
TODO:

Raw pass-throough of Location: addresses as long as they follow the minimum
safety rules, for web services that apply strange rules WRT validation of such
redirections (https://bugs.launchpad.net/bugs/1625928)

Add a special cleanup page (or just a special mode of Expiration task which
does not abort on errors and does not remove stuff) which focuses on the
expiration issue.

Try to reduce thread count: use same thread for connection and downloader with
more async. IO (probably offload DNS operations to the background thread,
though).
Or maybe do even more massive AIO (via libevent or Boost::ASIO or plain ASIO)
and run as many threads as cores available and do everything (except for DNS)
in shared threads.

Maybe use lockfree queues for some internal item passing,
https://github.com/cameron314/concurrentqueue . For example for logging, doing
actual log writting via the background thread.

Move signal handler to signalfd (on Linux) or a pipe fed from a basic signal
handler (replacement for non-Linux). Current solution still has potential for dead-locking.

Add custom job trigger with a command file plus fifo file (for output). This
might be triggered by SIGUSR2.

Fix URL parser to cope with more combinations of encoded chars (specially in user:pass part)

Make better secure mechanism to trigger maint jobs. The current one requires faked website authentication, etc.
Should use local methods instead, maybe passing a config file with commands via
filesystem which is only readable/writtable to apt-cacher-ng and push it via
signal?

Local storage of admin password shall use hashing, maybe PBKDF2 from OpenSSL

Direct NTLM proxy authentication (user can use cntlm but internal solution would be nice)

Investigate more on Fedora mirror management, improve mirror list generation

No cancel button in attached mode of maint pages

Use cache control headers where possible

[for s.] root startup and EUID changing for privileged port use
[maybe, what was the urgent reason again...?!] Don't die if at leat one socket was open on start. Plus, retry to open sockets on HUP. document this... ifup can send hups?!
[debian] don't install acngfs manpage on hurd... or finally fix and build acngfs for hurd

> And after a code review yesterday I think the html log is still not a
> bad idea. It still needs some cosmetical fixes.
It has advantages.  Would be neat if it could be served by
http://<server ID>:3142/logs.html (or something like that).  It would
have to generate a pick-list of the
/var/log/apt-cacher-ng/maint_*.log.html files ...

 - integrate generic mirror checker from Rakhesh

 - rethink option syntax of acngfs

 - consider creating Debian and Ubuntu security mirror setup, like:
 Remap-ubusec: file:ubuntu_security /ubuntu-security ; http://security.ubuntu.com/ubuntu

 - (maybe) get the additional index files for i18n (Translation*) and d-i files
   and parse them in expiration

 - better control of reconnect attempts limitation (recon. count) (Prio: low,
   external motivation required)

 - support detection and temporary or permanent blacklisting of dead peers,
   configurable with number of retries, maybe using background ping job or sth.
   (Prio: low, external motivation required) 

 - Document all options in the manpage (Prio: low)

 - (maybe) for import: smart mirror structure discovery... if _$ARCH.deb found but no
   binary-$ARCH data for them, try to locate binary-$ARCH folder positions in
   the cache

 - dynamic update/scrolling of the log pages

For 0.9:

 - Add Backports.org profile to the lists? Debian-Ports? Anything else?

 - For import, make it more controlable. Control page should offer checkboxes:
[] Thrust old apt-cacher metadata if found (skip file verification)
[] Forced copy of imported index files (overwrites existing!)
[] Optimistic Precaching Strategy

 - write installation makefile target

For 1.0:

list the last error messages in the summary of maint logs
