File permision's on the cache are too strict, there is nothing wrong in all
users reading the debs and Packages files.

it looks like it is leaking FileVerifiers

Verification times out with big files and considers them corrupted even if
they are OK.
	- We could have three levels of checking.
		1) stat results if we have
		2) md5sum if we have and stat check fails
		3) current checking otherwise.

	 - when we find that stat doesn't match, we schedule a check and serve
	   anyway. We don't check before serving.

To get streaming from rsync without the LD_PRELOAD hack:
	- Since we know the pid, we can read from /proc/$pid/fd/3 and get the
	  streaming from there ala 'tail -f'

---------------- "Not so urgent" mark ---------------------------

Handle database corruption in a more conservative way.

Support /etc/init.d/apt-proxy reload as kill -HUP
  - auto reload apt-proxy.conf support too?

Report an error at /etc/init.d/apt-proxy start if something is already
listening on the port (current behaviour is no error and message in logfile only)

Add a configuration parameter which says 'never delete the final version of
a package, even if older than max_age'
	Maybe it should be "never delete files which still appear in current
	Packages.gz listings"

When a file transfer is finished, move the temporary file instead of coping
it.

Mirror house-keeping:
MAX_VERSIONS: keep track of versions per distro (potato/woody/sid)
		python-apt should help on that
MAX_CACHE_SIZE: new parameter to limit the maximum disk size that apt-proxy
                uses for the cache directory

Take care of python-apt memory leak:
	deb http://ftp.uk.debian.org/debian/ sid main non-free contrib
		1200 iterations (load, unload)
		leak 528KB (3676-4204) in increments of 36 kB
		0.44KB per iteration.
	deb http://ftp.uk.debian.org/debian/ sid contrib
		2300 iterations (load, unload)
		leak 360KB (3676-4036) in increments of 36 kB
		0.15KB per iteration.

If we overwrite a cached file while it is being read by an static.FileTransfer
things may go wrong.
	Maybe we should write an AptProxyClientFile so it can be added to
	factory.runningClients to prevent that.

Cleanup orphan entries in packages.db also

Implement HEAD method

Parse options:
	--conf
	...

per backend 'min_age'
	we won't bother to update a Packages file before it is "min_age" old

rsync only Packages files, for the rest only ftp and http
	updating a corrupt .deb is probably rare enough not to be worth it.

Consider "Pargma: no-cache" and "Cache-Control: no-cache" to make the client
	do "verify_file" and tell us that the file is corrupt

try to use libapt's backend clients


Is process.Process a producer? 

Mirror house-keeping:Generate Packages/Release/... for the currently available
	stuff
	
auto generate a sample sources.list for clients

consider acting as a real proxy instead of as a "fake" server, this way
sources.list wouldn't need to be modified and apt could be forced to ignore
http_proxy environment variable.

Add support to make apt-proxy request to a another proxy like squid.

consider doing file integrity checks after downloading instead of before
serving to improve performance.

autogenerate backend configuration using netselect-apt or similar
generate a config file from sources.list

Consider implementing rproxy
	- for cascading apt-proxy.
	- to access mirrors which may have it.
	- sincronizing two caches

Consider using apt-build to get "auto recompiled for your processor" packages.
 - warning apt-build changes your system compiler.. ugh.  Chris

Deal with permissions problems in the cache gracefully, not like this:

22/08/2002 17:23 [AptProxy,1,192.168.60.24] [debug:9]CHECKING_CACHED
22/08/2002 17:23 [-] [gzip:9]/var/cache/apt-proxy/security/dists/sarge/updates/non-free/binary-i386/Packages.gz:          0.0%22/08/2002 17:23 [-]
22/08/2002 17:23 [-] [verify:9]Process Status: 0
22/08/2002 17:23 [-] [verify:9]unknown file: not verified
22/08/2002 17:23 [-]
22/08/2002 17:23 [-] [debug:9]NOT_CACHED
22/08/2002 17:23 [-] [debug:9]apt_proxy.apt_proxy.AptProxyClientHttp
22/08/2002 17:23 [-] [client:9]Request uri: /security/dists/sarge/updates/non-free/binary-i386/Release
22/08/2002 17:23 [-] [gzip:9]Status: 0
22/08/2002 17:23 [-] Traceback (most recent call last):
22/08/2002 17:23 [-]   File "/usr/lib/python2.1/site-packages/apt_proxy/twisted_compat/process.py", line 310, in maybeCallProcessEnded
22/08/2002 17:23 [-]     self.proto.processEnded()
22/08/2002 17:23 [-]   File "/usr/lib/python2.1/site-packages/apt_proxy/apt_proxy.py", line 789, in processEnded
22/08/2002 17:23 [-]     self.aptDataEnd(self.transfered)
22/08/2002 17:23 [-]   File "/usr/lib/python2.1/site-packages/apt_proxy/apt_proxy.py", line 359, in aptDataEnd
22/08/2002 17:23 [-]     f = open(self.local_file, "w")
22/08/2002 17:23 [-] exceptions.IOError: [Errno 13] Permission denied: '/var/cache/apt-proxy/security/dists/sarge/updates/non-free/binary-i386/Packages'
22/08/2002 17:23 [AptProxyClientHttp,client] [http_client:9]GET:/debian-security/dists/sarge/updates/non-free/binary-i386/Rele

Accept numeric ports in backend configuration

---------------- Clean up of naming conventions -------------

To help Chris get his head around the code :)

Some suggestions that were hashed out:

- Reduce imports at top of file -
16:54 < ranty> but I don't understand how you plan to fix the namespace problem.
16:56 < haggai> oh, not really.  My only suggestion is to avoid excessibe use of 'import', or maybe to split into smaller source files
move 'import' to the place where it is needed if posible.

---------------- OLD LIST from v1 ---------------------------
TODO list for apt-proxy

- Return a better error message if the backend servers do not exist, rather
  than 'directory does not exist'

- Add debconf questions for default user and cache directory

