1 TODO for 1.2 And Beyond
2 =======================
4 NOTE: Any item that doesn't have (***DONE) in it, isn't done yet. The
5 (***TESTING NEEDED) means that the item has been done but not yet properly
8 NOTE: A TODO entry does not mean that it is ever going to be done. Some
9 of the entries may be just ideas, good, bad or ugly. If you want to work
10 on some of the TODO entries simply let us know about it by dropping a note
11 to silc-devel mailing list or appear on 'silc' channel on SILCNet.
17 o Create apps/tutorial containing various Toolkit API tutorials.
19 o The Toolkit split. The Toolkit is to be splitted in parts. How many
20 parts and what the parts are isn't decided yet. Each part is a separate
21 software package. Current thinking is of the following:
23 SILC Toolkit SILC protocol, client and server library
24 SILC Runtime Toolkit runtime library
25 SILC Crypto Toolkit crypto, asn1, math, skr, pgp, etc.
27 The rationale for this is of course that other than SILC projects
28 might like to use the various libraries SILC Toolkit provides, but
29 naturally they don't want the bloat of SILC protocol related stuff.
31 The Runtime library in SILC Toolkit is a general purpose runtime library,
32 like Glib and APR are. The runtime library is to be developed further
33 to provide alternative to Glib and APR.
35 The Crypto library in SILC Toolkit is a general purpose crypto library
36 providing pretty nice APIs compared to many other crypto libraries,
37 especially OpenSSL. The Crypto library is to be developed further
38 to include support for OpenPGP, X.509 and SSH2.
44 o SILC_PACKET_FLAG_ACK support. Implement ACK packet and packet payload
47 o All payload encoding routines should take SilcStack as argument.
49 o Remove SilcCommandCb from silccommand.h.
51 o All payload test routines into lib/silccore/tests/.
54 lib/silcclient, The Client Library
55 ==================================
57 o Giving WHOIS for nick that doesn't exist should remove any same
58 named entries from the client cache.
60 o peer-to-peer private messages
62 o Private message key request notification to application. See XXX in
65 o in JOIN notify handle resolving that timedout. Currently the user is
66 never joined the channel if this happens. What to do if message is
67 received from user that hasn't been resolved/joined?
69 o Message ACKing support.
71 o in /cmode and /cumode with +r, maybe the public key and private key
72 could be just some "string", which would then match to "string.pub" and
75 o If the SILC Events (see below) are implemented, perhaps client library
76 should provide events so that application developer has a choice of
77 developing the SILC app with callbacks or with events.
80 Runtime library, lib/silcutil/
81 ==============================
83 o Fix universal time decoding (doesn't accept all formats) in silctime.c.
85 o Add functions to manipulate environment variables. (***DONE)
87 o Add functions to loading shared/dynamic object symbols (replaces the
88 SIM library (lib/silcsim) and introduces generic library). Add this
89 to lib/silcutil/silcdll.[ch]. (***TESTING NEEDED WIN32, TODO Symbian)
91 o Add directory opening/traversing functions
93 o silc_getopt routines
95 o The SILC Event signals. Asynchronous events that can be created,
96 connected to and signalled. Either own event routines or glued into
99 SilcTask silc_schedule_task_add_event(SilcSchedule schedule,
100 const char *event, ...);
101 SilcBool silc_schedule_event_connect(SilcSchedule schedule,
103 SilcTaskCallback event_callback,
105 SilcBool silc_schedule_event_signal(SilcSchedule schedule,
106 const char *event, ...);
109 silc_schedule_task_add_event(schedule, "connected",
113 silc_schedule_event_connect(schedule, "connected", connected_cb, ctx);
114 silc_schedule_event_signal(schedule, "connected", integer, buf,
116 SILC_TASK_CALLBACK(connected_cb)
118 FooCtx ctx = context;
123 va_start(args, context);
124 integer = va_arg(args, SilcUInt32);
125 buf = va_arg(args, SilcBuffer);
130 Problems: Events would be SilcSchedule specific, and would not work on
131 multi-thread/multi-scheduler system. The events should be copyable
132 between schedulers. Another problem is the signal delivery. Do we
133 deliver them synchronously possibly from any thread to any other thread
134 or do we deliver them through the target schedulers. If we use the
135 schedulers then signalling would be asynchronous (data must be
136 duplicated and later freed) which is not very nice.
138 o If the event signals are added, the SILC_PARAM_* stuff needs to be
139 moved from silcbuffmt.h to silctypes.h or something similar.
141 o In case the SILC Events are done we shall create a new concept of
142 parent and child SilcSchedule's. When new SilcSchedule is created a
143 parent can be associated to it. This association could be done either
144 directly by the parent or by any other children. This way the signals
145 would in effect be global and would reach all children schedulers.
147 This relationship would be associative only. The schedulers are still
148 independent and run independently from each other. All schedulers
149 would be linked and could be accessed from any of the schedulers.
150 It should be possible to retrieve the parent and enumate all children
151 from any of the schedulers.
153 SilcSchedule silc_schedule_init(int max_tasks, void *app_context,
154 SilcSchedule parent);
155 SilcSchedule silc_schedule_get_parent(SilcSchedule schedule);
157 o Additional scheduler changes: optimize silc_schedule_wakeup. Wakeup
158 only if the scheduler is actually waiting something. If it is
159 delivering tasks wakeup is not needed.
161 o Structured log messages to Log API. Allows machine readable log
162 messages. Would allow sending of any kind of data in a log message.
164 o Base64 to an own API
168 o Add builtin SOCKS and HTTP Proxy support, well the SOCKS at least.
169 SILC currently supports SOCKS4 and SOCKS5 but it needs to be compiled
172 o silc_stringprep to non-allocating version.
174 o silc_hash_table_replace -> silc_hash_table_set. Retain support for
175 silc_hash_table_replace as macro. (***DONE)
177 o SilcStack aware SilcHashTable. (***DONE)
179 o SilcStack aware SilcDList. (***DONE)
181 o Thread pool API. Add this to lib/silcutil/silcthread.[ch]. (***DONE)
183 o Fast mutex implementation. Fast rwlock implementation. Mutex and
184 rwlock implementation using atomic operations.
186 o Compression routines are missing. The protocol supports packet
187 compression thus it must be implemented. SILC Zip API must be
190 o Add new functions to SilcStack API in lib/silcutil/silcstack.[ch]. Add
191 silc_stack_[set|get]_alignment. It defines the default alignment used
192 when allocating memory from stack. It can be used to specify special
193 alignments too when needed (such as for hardware devices like crypto
194 accelerators). Move also the low level silc_stack_malloc and
195 silc_stack_realloc from silcstack_i.h to silcstack.h. Remove the
196 _ua unaligned memory allocation routines. Remove unaligned memory
197 allocation possibility. (***DONE)
199 o Add '%@' format to silc_snprintf functions. It marks for external
200 rendering function of following type:
202 /* Snprintf rendering function. The `data' is rendered into a string
203 and allocated string is returned. If NULL is returned the
204 rendering is skipped and ignored. If the returned string does
205 not fit to the destination buffer it may be truncated. */
206 typedef char *(*SilcSnprintfRender)(void *data);
208 It can work like following:
210 char *id_renderer(void *data)
213 id_to_str(tmp, sizeof(tmp), (SilcID *)data);
217 silc_snprintf(buf, sizeof(buf), "Client ID %@", id_renderer, client_id);
219 (o Generic SilcStatus or SilcResult that includes all possible status and
220 error conditions, including those of SILC protocol. Though, the SILC
221 protocol related status (currently in silcstatus.h) cannot be in
222 runtime library) maybe
224 (o SILC specific socket creation/closing routines to silcnet.h, wrappers
225 to all send(), recv(), sendto() etc. Bad thing is that we'd have to
226 define all socket options, sockaddrs, etc.) maybe
231 lib/silcutil/symbian/
232 =====================
234 o Something needs to be thought to the logging globals as well,
235 like silc_debug etc. They won't work on EPOC. Perhaps logging
236 and debugging is to be disabled on EPOC. The logging currently works
237 by it cannot be controlled, same with debugging.
240 SFTP Library, lib/silcsftp/
241 ===========================
243 o Read prefetch (read-ahead, reading ahead of time). Maybe if this can
247 SKR Library, lib/silcskr/
248 =========================
250 o Add fingerprint as search constraint.
252 o Add OpenPGP support. Adding, removing, fetching PGP keys. (Keyring
255 o Add support for importing public keys from a directory and/or from a
256 file. Add support for exporting the repository (different formats for
257 different key types?).
259 o Change the entire silc_skr_find API. Remove SilcSKRFind and just simply
260 add the find constraints as variable argument list to silc_skr_find, eg:
262 silc_skr_find(skr, schedule, callback, context,
263 SILC_SKR_FIND_PUBLIC_KEY, public_key,
264 SILC_SKR_FIND_COUNTRY, "FI",
265 SILC_SKR_FIND_USAGE, SILC_SKR_USAGE_AUTH,
268 NULL argument would be ignored and skipped.
270 o Add OR logical rule in addition of the current default AND, eg:
272 // Found key(s) MUST have this public key AND this country.
273 silc_skr_find(skr, schedule, callback, context,
274 SILC_SKR_FIND_RULE_AND,
275 SILC_SKR_FIND_PUBLIC_KEY, public_key,
276 SILC_SKR_FIND_COUNTRY, "FI",
279 // Found key(s) MUST have this public key OR this key context
280 silc_skr_find(skr, schedule, callback, context,
281 SILC_SKR_FIND_RULE_OR,
282 SILC_SKR_FIND_PUBLIC_KEY, public_key,
283 SILC_SKR_FIND_CONTEXT, key_context,
286 o SilcStack to SKR API.
289 Crypto Library, lib/silccrypt/
290 ==============================
292 o Add silc_crypto_init and silc_crypto_uninit. The _init should take
293 SilcStack that will act as global memory pool for all of crypto
294 library. It should not be necessary anymore to separately register
295 default ciphers, HMACs, etc, the _init would do that. However, if
296 user after _init calls silc_pkcs_register, for example, it would take
297 preference over the default once, ie. user can always dictate the
298 order of algorithms. (***DONE)
300 o Add fingerprint to SilcSILCPublicKey and retrieval to silcpk.h, and
301 possibly to silcpkcs.h.
303 /* Return fingerprint of the `public_key'. Returns also the algorithm
304 that has been used to make the fingerprint. */
305 const unsigned char *
306 silc_pkcs_get_fingerprint(SilcPublicKey public_key,
307 const char **hash_algorithm,
308 SilcUInt32 *fingerprint_len);
310 o Change SILC PKCS API to asynchronous, so that accelerators can be used.
311 All PKCS routines should now take callbacks as argument and they should
312 be delivered to SilcPKCSObject and SilcPKCSAlgorithm too. (***DONE)
314 o Change PKCS Algorithm API to take SilcPKCSAlgorithm as argument to
315 encrypt, decrypt, sign and verify functions. We may need to for exmaple
316 check the alg->hash, supported hash functions. Maybe deliver it also
317 to all other functions in SilcPKCSAlgorithm to be consistent. (***DONE)
319 o Add DSS support. Take implementation from Tom or make it yourself.
321 o Implement the defined SilcDH API. The definition is in
322 lib/silccrypt/silcdh.h. Make sure it is asynchronous so that it can
323 be accelerated. Also take into account that it could use elliptic
328 o All cipher, hash, hmac etc. allocation routines should take their name
329 in as const char * not const unsigned char *.
332 SILC Accelerator Library
333 ========================
335 o SILC Accelerator API. Provides generic way to use different kind of
336 accelerators. Basically implements SILC PKCS API so that SilcPublicKey
337 and SilcPrivateKey can be used but they call the accelerators.
339 Something in the lines of (preliminary):
341 /* Register accelerator to system. Initializes the accelerator. */
342 Varargs are optional accelerator specific init parameteres. */
343 SilcBool silc_acc_register(SilcAccelerator acc, ...);
345 silc_acc_register(softacc, "min_threads", 2, "max_threads", 16, NULL);
347 /* Unregister accelerator. Uninitializes the accelerator. */
348 SilcBool silc_acc_unregister(const SilcAccelerator acc);
350 /* Return list of the registered accelerators */
351 SilcDList silc_acc_get_supported(void);
353 /* Find existing accelerator. `name' is accelerator's name. */
354 SilcAccelerator silc_acc_find(const char *name);
356 /* Return accelerator's name */
357 const char *silc_acc_get_name(SilcAccelerator acc);
359 /* Accelerate `public_key'. Return accelerated public key. */
360 SilcPublicKey silc_acc_public_key(SilcAccelerator acc,
361 SilcPublicKey public_key);
363 /* Accelerate `private_key'. Returns accelerated private key. */
364 SilcPrivateKey silc_acc_private_key(SilcAccelerator acc,
365 SilcPrivateKey private_key);
367 /* Return the underlaying public key */
368 SilcPublicKey silc_acc_get_public_key(SilcAccelerator acc,
369 SilcPublicKey public_key);
371 /* Return the underlaying private key */
372 SilcPrivateKey silc_acc_get_private_key(SilcAccelerator acc,
373 SilcPrivateKey private_key);
375 typedef struct SilcAcceleratorObject {
376 const char *name; /* Accelerator's name */
377 SilcBool (*init)(va_list va); /* Initialize accelerator */
378 SilcBool (*uninit)(void); /* Uninitialize accelerator */
379 const SilcPKCSAlgorithm *pkcs; /* Accelerated PKCS algorithms */
380 const SilcDHObject *dh; /* Accelerated Diffie-Hellmans */
381 const SilcCipherObject *cipher; /* Accelerated ciphers */
382 const SilcHashObject *hash; /* Accelerated hashes */
383 const SilcHmacObject *hmac; /* Accelerated HMACs */
384 const SilcRngObject *rng; /* Accelerated RNG's */
385 } *SilcAccelerator, SilcAcceleratorStruct;
387 Allows accelerator to have multiple accelerators (cipher, hash etc)
388 and multiple different algorithms and implementations (SHA-1, SHA-256 etc).
390 SilcPublicKey->SilcSILCPublicKey->RsaPublicKey accelerated as:
391 SilcPublicKey->SilcAcceleratorPublicKey->SilcSoftAccPublicKey->
392 SilcPublicKey->SilcSILCPublicKey->RsaPublicKey
394 silc_acc_public_key creates SilcPublicKey and SilcAcceleratorPublicKey
395 and acc->pkcs->import_public_key creates SilcSoftAccPublicKey.
397 o Implement software accelerator. It is a thread pool system where the
398 public key and private key operations are executed in threads.
400 const struct SilcAcceleratorObject softacc =
402 "softacc", softacc_init, softacc_uninit,
403 softacc_pkcs, NULL, NULL, NULL, NULL
406 /* Called from silc_acc_private_key */
407 int silc_softacc_import_private_key(void *key, SilcUInt32 key_len,
408 void **ret_private_key)
410 SilcSoftAccPrivateKey prv = silc_calloc(1, sizeof(*prv));
411 prv->pkcs = acc->pkcs;
412 prv->private_key = key;
413 *ret_private_key = prv;
416 (o Symmetric key cryptosystem acceleration? They are always sycnhronouos
417 even with hardware acceleration so the crypto API shouldn't require
424 o Import TFM. Talk to Tom to add the missing functions. Use TFM in
425 client and client library, but TMA in server, due to the significantly
426 increased memory consumption with TFM, and the rare need for public
427 key operations in server.
429 We want TFM's speed but not TFM's memory requirements. Talk to Tom
430 about making the TFM mp dynamic just as it is in LTM.
432 o The SILC MP API function must start returning indication of success
433 and failure of the operation.
435 o Do SilcStack support for silc_mp_init, silc_mp_init_size and other
436 any other MP function (including utility ones) that may allocate
439 o All utility functions should be made non-allocating ones.
442 SILC XML Library, lib/silcxml/
443 ==============================
445 o SILC XML API (wrapper to expat). Look at the expat API and simplify
446 it. The SILC XML API should have at most 8-10 API functions. It should
447 be possible to create full XML parser with only one function. And, it
448 should be possible to have a function that is able to parse an entire
449 XML document. It should also have a parser function to be able to
450 parse a stream of XML data (SilcStream). It MUST NOT have operations
451 that require multiple function calls to be able to execute that one
452 operation (like creating parser).
455 lib/silcske/silcske.[ch]
456 ========================
458 o Ratelimit to UDP/IP transport for incoming packets.
464 o Negative integer encoding is missing, add it.
466 o SILC_ASN1_CHOICE should perhaps return an index what choice in the
467 choice list was found. Currently it is left for caller to figure out
468 which choice was found. (***DONE)
470 o SILC_ASN1_NULL in decoding should return SilcBool whether or not
471 the NULL was present. It's important when it's SILC_ASN1_OPTIONAL
472 and we need to know whether it was present or not. (***DONE)
478 o OpenPGP certificate support, allowing the use of PGP public keys
485 o SSH2 public key/private key support, allowing the use of SSH2 keys
492 o PKIX implementation
498 o Deprecate the old server. Write interface for the new lib/silcserver
499 server library. The interface should work on Unix/Linux systems.
501 o Consider deprecating also the old config file format and use XML
502 istead. This should require SILC XML API implementation first.
504 o The configuration must support dynamic router and server connections.
505 The silcd must work without specifying any servers or routers to
508 o The configuration must support specifying whether the server is
509 SILC Server or SILC Router. This should not be deduced from the
510 configuration as it was in < 1.2.
512 o The configuration must support specifying the ciphers and hmacs and
513 their order so that user can specify which algorithms take preference.
519 o Rewrite the entire server. Deprecate apps/silcd as the main server
520 implementation and create lib/silcserver/. It is a platform
521 independent server library. The apps/silcd will merely provide a
522 a simple interface for the library.
524 o Write the SILC Server library extensively using SILC FSM.
526 o Server library must support multiple networks. This means that one
527 server must be able to create multiple connections that each reach
528 different SILC network. This means also that all cache's etc. must
529 be either connection-specific or network-specific.
531 o Library must support dynamic router and server connections. This means
532 that connections are create only when they are needed, like when someone
533 says JOIN foo@foo.bar.com or WHOIS foobar@silcnet.org.
535 o Library must support server-to-server connections even though protocol
536 prohibits that. The responder of the connection should automatically
537 act as a router. The two servers create an own, isolated, SILC network.
538 To be used specifically with dynamic connections.
540 o Library must support multiple threads and must be entirely thread safe.
542 o Library must have support for SERVICE command.
544 o The server must be able to run behind NAT device. This means that
545 Server ID must be based on public IP instead of private IP.
547 o The following data must be in per-connection context: client id cache,
548 server id cache, channel id cache, all statistics must be
551 o The following data must be in per-thread context: command context
552 freelist/pool, pending commands, random number generator.
554 o Do inccoming packet processing in an own FSM thread in the
555 server-threads FSM. Same as in client library.
557 o Reference count all Silc*Entry structures.
559 Some issues that must be kept in mind from 1.0 and 1.1 silcd's:
561 o The SERVER_SIGNOFF notify handing is not optimal, because it'll
562 cause sending of multiple SIGNOFF notify's instead of the one
563 SERVER_SIGNOFF notify that the server received. This should be
564 optimized so that the only SERVER_SIGNOFF is sent and not
565 SIGNOFF of notify at all (using SIGNOFF takes the idea about
566 SERVER_SIGNOFF away entirely).
568 o Another SERVER_SIGNOFF opt/bugfix: Currently the signoff is
569 sent to a client if it is on same channel as the client that
570 signoffed. However, the entire SERVER_SIGNOFF list is sent to
571 the client, ie. it may receive clients that was not on the
572 same channel. This is actually against the specs. It must be
573 done per channel. It shouldn't receive the whole list just
574 because one client happened to be on same channel.
576 o If client's public key is saved in the server (and doing public key
577 authentication) then the hostname and the username information could
578 be taken from the public key. Should be a configuration option!
580 o Add a timeout to handling incoming JOIN commands. It should be
581 enforced that JOIN command is executed only once in a second or two
582 seconds. Now it is possible to accept n incoming JOIN commands
583 and process them without any timeouts. THis must be employed because
584 each JOIN command will create and distribute the new channel key
585 to everybody on the channel.
587 o Related to above. If multiple JOINs are received in sequence perhaps
588 new key should be created only once, if the JOINs are handeled at the same
589 time. Now we create multiple keys and never end up using them because
590 many JOINs are processed at the same time in sequence. Only the last
591 key ends up being used.