1 TODO for 1.2 And Beyond
2 =======================
4 NOTE: Any item that doesn't have (***DONE) in it, isn't done yet. The
5 (***TESTING NEEDED) means that the item has been done but not yet properly
8 NOTE: A TODO entry does not mean that it is ever going to be done. Some
9 of the entries may be just ideas, good, bad or ugly. If you want to work
10 on some of the TODO entries simply let us know about it by dropping a note
11 to silc-devel mailing list or appear on 'silc' channel on SILCNet.
17 o Create apps/tutorial containing various Toolkit API tutorials.
19 o The Toolkit split. The Toolkit is to be splitted in parts. How many
20 parts and what the parts are isn't decided yet. Each part is a separate
21 software package. Current thinking is of the following:
23 SILC Toolkit SILC protocol, client and server library
24 SILC Runtime Toolkit runtime library
25 SILC Crypto Toolkit crypto, asn1, math, skr, pgp, etc.
27 The rationale for this is of course that other than SILC projects
28 might like to use the various libraries SILC Toolkit provides, but
29 naturally they don't want the bloat of SILC protocol related stuff.
31 The Runtime library in SILC Toolkit is a general purpose runtime library,
32 like Glib and APR are. The runtime library is to be developed further
33 to provide alternative to Glib and APR.
35 The Crypto library in SILC Toolkit is a general purpose crypto library
36 providing pretty nice APIs compared to many other crypto libraries,
37 especially OpenSSL. The Crypto library is to be developed further
38 to include support for OpenPGP, X.509 and SSH2.
44 o SILC_PACKET_FLAG_ACK support. Implement ACK packet and packet payload
47 o All payload encoding routines should take SilcStack as argument.
49 o Remove SilcCommandCb from silccommand.h.
51 o All payload test routines into lib/silccore/tests/.
54 lib/silcclient, The Client Library
55 ==================================
57 o UDP SILC connection support to SILC server
59 o Giving WHOIS for nick that doesn't exist should remove any same
60 named entries from the client cache.
62 o peer-to-peer private messages
64 o Private message key request notification to application. See XXX in
67 o in JOIN notify handle resolving that timedout. Currently the user is
68 never joined the channel if this happens. What to do if message is
69 received from user that hasn't been resolved/joined?
71 o Message ACKing support.
73 o in /cmode and /cumode with +r, maybe the public key and private key
74 could be just some "string", which would then match to "string.pub" and
77 o If the SILC Events (see below) are implemented, perhaps client library
78 should provide events so that application developer has a choice of
79 developing the SILC app with callbacks or with events.
82 Runtime library, lib/silcutil/
83 ==============================
85 o Fix universal time decoding (doesn't accept all formats) in silctime.c.
87 o Add functions to manipulate environment variables. (***DONE)
89 o Add functions to loading shared/dynamic object symbols (replaces the
90 SIM library (lib/silcsim) and introduces generic library). Add this
91 to lib/silcutil/silcdll.[ch]. (***TESTING NEEDED WIN32, TODO Symbian)
93 o Add directory opening/traversing functions
95 o silc_getopt routines
97 o The SILC Event signals. Asynchronous events that can be created,
98 connected to and signalled. Either own event routines or glued into
101 SilcTask silc_schedule_task_add_event(SilcSchedule schedule,
102 const char *event, ...);
103 SilcBool silc_schedule_event_connect(SilcSchedule schedule,
105 SilcTaskCallback event_callback,
107 SilcBool silc_schedule_event_signal(SilcSchedule schedule,
108 const char *event, ...);
111 silc_schedule_task_add_event(schedule, "connected",
115 silc_schedule_event_connect(schedule, "connected", connected_cb, ctx);
116 silc_schedule_event_signal(schedule, "connected", integer, buf,
118 SILC_TASK_CALLBACK(connected_cb)
120 FooCtx ctx = context;
125 va_start(args, context);
126 integer = va_arg(args, SilcUInt32);
127 buf = va_arg(args, SilcBuffer);
132 Problems: Events would be SilcSchedule specific, and would not work on
133 multi-thread/multi-scheduler system. The events should be copyable
134 between schedulers. Another problem is the signal delivery. Do we
135 deliver them synchronously possibly from any thread to any other thread
136 or do we deliver them through the target schedulers. If we use the
137 schedulers then signalling would be asynchronous (data must be
138 duplicated and later freed) which is not very nice.
140 o If the event signals are added, the SILC_PARAM_* stuff needs to be
141 moved from silcbuffmt.h to silctypes.h or something similar.
143 o In case the SILC Events are done we shall create a new concept of
144 parent and child SilcSchedule's. When new SilcSchedule is created a
145 parent can be associated to it. This association could be done either
146 directly by the parent or by any other children. This way the signals
147 would in effect be global and would reach all children schedulers.
149 This relationship would be associative only. The schedulers are still
150 independent and run independently from each other. All schedulers
151 would be linked and could be accessed from any of the schedulers.
152 It should be possible to retrieve the parent and enumate all children
153 from any of the schedulers.
155 SilcSchedule silc_schedule_init(int max_tasks, void *app_context,
156 SilcSchedule parent);
157 SilcSchedule silc_schedule_get_parent(SilcSchedule schedule);
159 o Additional scheduler changes: optimize silc_schedule_wakeup. Wakeup
160 only if the scheduler is actually waiting something. If it is
161 delivering tasks wakeup is not needed.
163 o Structured log messages to Log API. Allows machine readable log
164 messages. Would allow sending of any kind of data in a log message.
166 o Base64 to an own API (***DONE)
168 o Timer API (***DONE)
170 o Add builtin SOCKS and HTTP Proxy support, well the SOCKS at least.
171 SILC currently supports SOCKS4 and SOCKS5 but it needs to be compiled
174 o silc_stringprep to non-allocating version.
176 o silc_hash_table_replace -> silc_hash_table_set. Retain support for
177 silc_hash_table_replace as macro. (***DONE)
179 o SilcStack aware SilcHashTable. (***DONE)
181 o SilcStack aware SilcDList. (***DONE)
183 o Thread pool API. Add this to lib/silcutil/silcthread.[ch]. (***DONE)
185 o Fast mutex implementation. Fast rwlock implementation. Mutex and
186 rwlock implementation using atomic operations.
188 o Compression routines are missing. The protocol supports packet
189 compression thus it must be implemented. SILC Zip API must be
192 o Add new functions to SilcStack API in lib/silcutil/silcstack.[ch]. Add
193 silc_stack_[set|get]_alignment. It defines the default alignment used
194 when allocating memory from stack. It can be used to specify special
195 alignments too when needed (such as for hardware devices like crypto
196 accelerators). Move also the low level silc_stack_malloc and
197 silc_stack_realloc from silcstack_i.h to silcstack.h. Remove the
198 _ua unaligned memory allocation routines. Remove unaligned memory
199 allocation possibility. (***DONE)
201 o Add '%@' format to silc_snprintf functions. It marks for external
202 rendering function of following type:
204 /* Snprintf rendering function. The `data' is rendered into a string
205 and allocated string is returned. If NULL is returned the
206 rendering is skipped and ignored. If the returned string does
207 not fit to the destination buffer it may be truncated. */
208 typedef char *(*SilcSnprintfRender)(void *data);
210 It can work like following:
212 char *id_renderer(void *data)
215 id_to_str(tmp, sizeof(tmp), (SilcID *)data);
219 silc_snprintf(buf, sizeof(buf), "Client ID %@", id_renderer, client_id);
221 (o Generic SilcStatus or SilcResult that includes all possible status and
222 error conditions, including those of SILC protocol. Though, the SILC
223 protocol related status (currently in silcstatus.h) cannot be in
224 runtime library) maybe
226 (o SILC specific socket creation/closing routines to silcnet.h, wrappers
227 to all send(), recv(), sendto() etc. Bad thing is that we'd have to
228 define all socket options, sockaddrs, etc.) maybe
233 lib/silcutil/symbian/
234 =====================
236 o Something needs to be thought to the logging globals as well,
237 like silc_debug etc. They won't work on EPOC. Perhaps logging
238 and debugging is to be disabled on EPOC. The logging currently works
239 by it cannot be controlled, same with debugging.
242 SFTP Library, lib/silcsftp/
243 ===========================
245 o Read prefetch (read-ahead, reading ahead of time). Maybe if this can
249 SKR Library, lib/silcskr/
250 =========================
252 o Add fingerprint as search constraint.
254 o Add OpenPGP support. Adding, removing, fetching PGP keys. (Keyring
257 o Add support for importing public keys from a directory and/or from a
258 file. Add support for exporting the repository (different formats for
259 different key types?).
261 o Change the entire silc_skr_find API. Remove SilcSKRFind and just simply
262 add the find constraints as variable argument list to silc_skr_find, eg:
264 silc_skr_find(skr, schedule, callback, context,
265 SILC_SKR_FIND_PUBLIC_KEY, public_key,
266 SILC_SKR_FIND_COUNTRY, "FI",
267 SILC_SKR_FIND_USAGE, SILC_SKR_USAGE_AUTH,
270 NULL argument would be ignored and skipped.
272 o Add OR logical rule in addition of the current default AND, eg:
274 // Found key(s) MUST have this public key AND this country.
275 silc_skr_find(skr, schedule, callback, context,
276 SILC_SKR_FIND_RULE_AND,
277 SILC_SKR_FIND_PUBLIC_KEY, public_key,
278 SILC_SKR_FIND_COUNTRY, "FI",
281 // Found key(s) MUST have this public key OR this key context
282 silc_skr_find(skr, schedule, callback, context,
283 SILC_SKR_FIND_RULE_OR,
284 SILC_SKR_FIND_PUBLIC_KEY, public_key,
285 SILC_SKR_FIND_CONTEXT, key_context,
288 o SilcStack to SKR API.
291 Crypto Library, lib/silccrypt/
292 ==============================
294 o Add silc_crypto_init and silc_crypto_uninit. The _init should take
295 SilcStack that will act as global memory pool for all of crypto
296 library. It should not be necessary anymore to separately register
297 default ciphers, HMACs, etc, the _init would do that. However, if
298 user after _init calls silc_pkcs_register, for example, it would take
299 preference over the default once, ie. user can always dictate the
300 order of algorithms. (***DONE)
302 o Add fingerprint to SilcSILCPublicKey and retrieval to silcpk.h, and
303 possibly to silcpkcs.h.
305 /* Return fingerprint of the `public_key'. Returns also the algorithm
306 that has been used to make the fingerprint. */
307 const unsigned char *
308 silc_pkcs_get_fingerprint(SilcPublicKey public_key,
309 const char **hash_algorithm,
310 SilcUInt32 *fingerprint_len);
312 o Change SILC PKCS API to asynchronous, so that accelerators can be used.
313 All PKCS routines should now take callbacks as argument and they should
314 be delivered to SilcPKCSObject and SilcPKCSAlgorithm too. (***DONE)
316 o Change PKCS Algorithm API to take SilcPKCSAlgorithm as argument to
317 encrypt, decrypt, sign and verify functions. We may need to for exmaple
318 check the alg->hash, supported hash functions. Maybe deliver it also
319 to all other functions in SilcPKCSAlgorithm to be consistent. (***DONE)
321 o Add DSS support. Take implementation from Tom or make it yourself.
323 o Implement the defined SilcDH API. The definition is in
324 lib/silccrypt/silcdh.h. Make sure it is asynchronous so that it can
325 be accelerated. Also take into account that it could use elliptic
330 o All cipher, hash, hmac etc. allocation routines should take their name
331 in as const char * not const unsigned char *.
334 SILC Accelerator Library
335 ========================
337 o SILC Accelerator API. Provides generic way to use different kind of
338 accelerators. Basically implements SILC PKCS API so that SilcPublicKey
339 and SilcPrivateKey can be used but they call the accelerators.
342 o Implement software accelerator. It is a thread pool system where the
343 public key and private key operations are executed in threads.
346 o Diffie-Hellman acceleration
348 (o Symmetric key cryptosystem acceleration? They are always sycnhronouos
349 even with hardware acceleration so the crypto API shouldn't require
356 o Import TFM. We want TFM's speed but its memory requirements are
357 just too much. By default it uses large pre-allocated tables which
358 will eat memory when there are thousands of public keys in system.
359 We probably want to change TFM's fp_int dynamic so that a specific
360 size can be allocated for the int. We could have two new functions:
362 SilcBool silc_mp_init_size(SilcMPInt *mp, SilcUInt32 bit_size);
363 SilcBool silc_mp_sinit_size(SilcStack stack, SilcMPInt *mp,
364 SilcUInt32 bit_size);
366 Which by default allocates `bit_size' bits instead of some default
367 value. silc_mp_init would allocate the default FP_SIZE with TFM
368 and do normal init with TMA and GMP. _init_size with TMA and GMP
369 would be same as _init.
371 o Add AND, OR and XOR support to TFM or ask Tom to do it.
373 o The SILC MP API function must start returning indication of success
374 and failure of the operation.
376 o Do SilcStack support for silc_mp_init, silc_mp_init_size and other
377 any other MP function (including utility ones) that may allocate
380 o All utility functions should be made non-allocating ones.
383 SILC XML Library, lib/silcxml/
384 ==============================
386 o SILC XML API (wrapper to expat). Look at the expat API and simplify
387 it. The SILC XML API should have at most 8-10 API functions. It should
388 be possible to create full XML parser with only one function. And, it
389 should be possible to have a function that is able to parse an entire
390 XML document. It should also have a parser function to be able to
391 parse a stream of XML data (SilcStream). It MUST NOT have operations
392 that require multiple function calls to be able to execute that one
393 operation (like creating parser).
396 lib/silcske/silcske.[ch]
397 ========================
399 o Ratelimit to UDP/IP transport for incoming packets.
405 o Negative integer encoding is missing, add it.
407 o SILC_ASN1_CHOICE should perhaps return an index what choice in the
408 choice list was found. Currently it is left for caller to figure out
409 which choice was found. (***DONE)
411 o SILC_ASN1_NULL in decoding should return SilcBool whether or not
412 the NULL was present. It's important when it's SILC_ASN1_OPTIONAL
413 and we need to know whether it was present or not. (***DONE)
419 o OpenPGP certificate support, allowing the use of PGP public keys
426 o SSH2 public key/private key support, allowing the use of SSH2 keys
433 o PKIX implementation
439 o Deprecate the old server. Write interface for the new lib/silcserver
440 server library. The interface should work on Unix/Linux systems.
442 o Consider deprecating also the old config file format and use XML
443 istead. This should require SILC XML API implementation first.
445 o The configuration must support dynamic router and server connections.
446 The silcd must work without specifying any servers or routers to
449 o The configuration must support specifying whether the server is
450 SILC Server or SILC Router. This should not be deduced from the
451 configuration as it was in < 1.2.
453 o The configuration must support specifying the ciphers and hmacs and
454 their order so that user can specify which algorithms take preference.
460 o Rewrite the entire server. Deprecate apps/silcd as the main server
461 implementation and create lib/silcserver/. It is a platform
462 independent server library. The apps/silcd will merely provide a
463 a simple interface for the library.
465 o Write the SILC Server library extensively using SILC FSM.
467 o Server library must support multiple networks. This means that one
468 server must be able to create multiple connections that each reach
469 different SILC network. This means also that all cache's etc. must
470 be either connection-specific or network-specific.
472 o Library must support dynamic router and server connections. This means
473 that connections are create only when they are needed, like when someone
474 says JOIN foo@foo.bar.com or WHOIS foobar@silcnet.org.
476 o Library must support server-to-server connections even though protocol
477 prohibits that. The responder of the connection should automatically
478 act as a router. The two servers create an own, isolated, SILC network.
479 To be used specifically with dynamic connections.
481 o Library must support multiple threads and must be entirely thread safe.
483 o Library must have support for SERVICE command.
485 o Both UDP and TCP support for incoming connecetions. Maintaining long
488 o The server must be able to run behind NAT device. This means that
489 Server ID must be based on public IP instead of private IP.
491 o The following data must be in per-connection context: client id cache,
492 server id cache, channel id cache, all statistics must be
495 o The following data must be in per-thread context: command context
496 freelist/pool, pending commands, random number generator.
498 o Do inccoming packet processing in an own FSM thread in the
499 server-threads FSM. Same as in client library.
501 o Reference count all Silc*Entry structures.
503 Some issues that must be kept in mind from 1.0 and 1.1 silcd's:
505 o The SERVER_SIGNOFF notify handing is not optimal, because it'll
506 cause sending of multiple SIGNOFF notify's instead of the one
507 SERVER_SIGNOFF notify that the server received. This should be
508 optimized so that the only SERVER_SIGNOFF is sent and not
509 SIGNOFF of notify at all (using SIGNOFF takes the idea about
510 SERVER_SIGNOFF away entirely).
512 o Another SERVER_SIGNOFF opt/bugfix: Currently the signoff is
513 sent to a client if it is on same channel as the client that
514 signoffed. However, the entire SERVER_SIGNOFF list is sent to
515 the client, ie. it may receive clients that was not on the
516 same channel. This is actually against the specs. It must be
517 done per channel. It shouldn't receive the whole list just
518 because one client happened to be on same channel.
520 o If client's public key is saved in the server (and doing public key
521 authentication) then the hostname and the username information could
522 be taken from the public key. Should be a configuration option!
524 o Add a timeout to handling incoming JOIN commands. It should be
525 enforced that JOIN command is executed only once in a second or two
526 seconds. Now it is possible to accept n incoming JOIN commands
527 and process them without any timeouts. THis must be employed because
528 each JOIN command will create and distribute the new channel key
529 to everybody on the channel.
531 o Related to above. If multiple JOINs are received in sequence perhaps
532 new key should be created only once, if the JOINs are handeled at the same
533 time. Now we create multiple keys and never end up using them because
534 many JOINs are processed at the same time in sequence. Only the last
535 key ends up being used.