-TODO/bugs in Irssi SILC client
-==============================
+TODO for 1.2 And Beyond
+=======================
- o Fix the silc_channels_join to parse the command like, with fe.
- silc_parse_command_line, because currently it ignores all options,
- including passphrase which makes autojoin impossible to +a channels.
- Other important options are ignored too.
+NOTE: Any item that doesn't have (***DONE) in it, isn't done yet. The
+(***TESTING NEEDED) means that the item has been done but not yet properly
+tested.
- o Add local command to switch the channel's private key when channel has
- several private keys. Currently sending channel messages with many
- keys is not possible because changing the key is not possible by the
- user.
+NOTE: A TODO entry does not mean that it is ever going to be done. Some
+of the entries may be just ideas, good, bad or ugly. If you want to work
+on some of the TODO entries simply let us know about it by dropping a note
+to silc-devel mailing list or appear on 'silc' channel on SILCNet.
- o /cumode for unknown nick does not give any error message.
+lib/silccore
+============
-TODO/bugs In SILC Client Library
-================================
+ o SILC_PACKET_FLAG_ACK support. Implement ACK packet and packet payload
+ to silcpacket.c.
- o The PRIVATE_MESSAGE_KEY packet is not handled (it is implemented
- though). This should be added and perhaps new client operation
- should be added to notify application that it was received and
- set the key only if application wishes to set (accept the key) it.
+ o All payload encoding routines should take SilcStack as argument.
- o Additions to do after protocol version 1.1:
+ o Remove SilcCommandCb from silccommand.h. (***DONE)
- o Fix the NICK_CHANGE notify handling not to create new entry
- for the changed client, but take the nickname from the notify
- (removes need for resolving as well). Protocol TODO entry 3.
+ o All payload test routines into lib/silccore/tests/.
- o Add support for list of errors in command replies. Protocol
- TODO entry 1.
+lib/silcclient, The Client Library
+==================================
-TODO/bugs In SILC Server
+ o LIST command should take server name as argument, a server name whose
+ channels to list. This way it is possible to list channels from
+ any server in internet, eg. /LIST example.com.
+
+ o UDP SILC connection support to SILC server
+
+ o Giving WHOIS for nick that doesn't exist should remove any same
+ named entries from the client cache.
+
+ o peer-to-peer private messages
+
+ o Private message key request notification to application. See XXX in
+ client_prvmsg.c.
+
+ o in JOIN notify handle resolving that timedout. Currently the user is
+ never joined the channel if this happens. What to do if message is
+ received from user that hasn't been resolved/joined?
+
+ o Connection option that attemps to connect to remot host with various
+ different mechanisms: UDP 706, TCP 706, TCP 80, TCP 443, UDP 7706 and
+ TCP 7706. This is the so called hole punching mechanism.
+
+ o Message ACKing support.
+
+ o in /cmode and /cumode with +r, maybe the public key and private key
+ could be just some "string", which would then match to "string.pub" and
+ "string.prv".
+
+ o If the SILC Events (see below) are implemented, perhaps client library
+ should provide events so that application developer has a choice of
+ developing the SILC app with callbacks or with events.
+
+ o Ability to recover from rekey errors, at least try to.
+
+ o Add the SilcStream (socket stream) from the SilcPacketStream and
+ SilcSocket from the socket stream to SilcClientConnection for easier
+ access to them for programmers. Currently these have to be digged up
+ from the packet stream. (***DONE)
+
+
+SFTP Library, lib/silcsftp/
+===========================
+
+ o Read prefetch (read-ahead, reading ahead of time). Maybe if this can
+ be done easily.
+
+
+lib/silcske/silcske.[ch]
========================
- o Configuration file additions:
+ o Ratelimit to UDP/IP transport for incoming packets.
- o Add version handling, to allow, disallow certain versions to
- connect.
- o Add incoming connection frequency, incoming connection frequency
- for single IP address, key exchange frequency, key exchange
- frequency for single IP. Add also frequency base.
+apps/silcd
+==========
- o Add hashed passwords to config file.
+ o Deprecate the old server. Write interface for the new lib/silcserver
+ server library. The interface should work on Unix/Linux systems.
- o Add rehashing support.
+ o Consider deprecating also the old config file format and use XML
+ istead. This should require SILC XML API implementation first.
- o If server send CUMODE_CHANGE notify (like setting founder) to router
- and router does not have founder on channel (founder is left or there's
- no founder on channel at all), the router will accept the server's
- founder mode change, even though it perhaps should not do that.
+ o The configuration must support dynamic router and server connections.
+ The silcd must work without specifying any servers or routers to
+ connect to.
- o The router should check for validity of received notify packets from
- servers (after all buggy servers may send notify that is actually
- something that should have not been sent).
+ o The configuration must support specifying whether the server is
+ SILC Server or SILC Router. This should not be deduced from the
+ configuration as it was in < 1.2.
- o Add a timeout to handling incoming JOIN commands. It should be
- enforced that JOIN command is executed only once in a second or two
- seconds. Now it is possible to accept n incoming JOIN commands
- and process them without any timeouts. THis must be employed because
- each JOIN command will create and distribute the new channel key
- to everybody on the channel.
+ o The configuration must support specifying the ciphers and hmacs and
+ their order so that user can specify which algorithms take preference.
+
+
+lib/silcserver
+==============
+
+ o Rewrite the entire server. Deprecate apps/silcd as the main server
+ implementation and create lib/silcserver/. It is a platform
+ independent server library. The apps/silcd will merely provide a
+ a simple interface for the library.
+
+ o Write the SILC Server library extensively using SILC FSM.
- o Backup router related issues
+ o Server library must support multiple networks. This means that one
+ server must be able to create multiple connections that each reach
+ different SILC network. This means also that all cache's etc. must
+ be either connection-specific or network-specific.
- o Channel user mode changes are notified unnecessarely when
- switching to backup router on router crash.
+ o Library must support dynamic router and server connections. This means
+ that connections are create only when they are needed, like when someone
+ says JOIN foo@foo.bar.com or WHOIS foobar@silcnet.org.
- o Lots of statistics updating is missing around the server.
+ o Library must support server-to-server connections even though protocol
+ prohibits that. The responder of the connection should automatically
+ act as a router. The two servers create an own, isolated, SILC network.
+ To be used specifically with dynamic connections.
+
+ o Library must support multiple threads and must be entirely thread safe.
+
+ o Library must have support for SERVICE command.
+
+ o Both UDP and TCP support for incoming connecetions. Maintaining long
+ term UDP sessions.
+
+ o The server must be able to run behind NAT device. This means that
+ Server ID must be based on public IP instead of private IP (See
+ also NAT detection protocol in SILC protocol specification).
+
+ o The following data must be in per-connection context: client id cache,
+ server id cache, channel id cache, all statistics must be
+ per-connection.
+
+ o The following data must be in per-thread context: command context
+ freelist/pool, pending commands, random number generator.
+
+ o Do inccoming packet processing in an own FSM thread in the
+ server-threads FSM. Same as in client library.
+
+ o Binding to other ports than 706 too. To allow easier traversing
+ through NATs and firewalls server should also bind to 80, 443 and 7706
+ by default (at least try to bind). Connections must work normally
+ even if they were established to some other port other than 706.
+
+ Connection option that attemps to connect to remot server with various
+ different mechanisms: UDP 706, TCP 706, TCP 80, TCP 443, UDP 7706 and
+ TCP 7706. This is the so called hole punching mechanism.
+
+ o Ability to recover from rekey errors, at least try to.
+
+ o Reference count all Silc*Entry structures.
+
+ o All channel names in any command (where appropriate) must be allowed to
+ be in format channel@server so that the server can be connected to do
+ the command for the channel. Change protocol if it doesn't allow it.
+
+ o All nicknames in any command (where appropriate) must be allowed to be
+ in format nick@server so that the server can be connected to do the
+ command for the nickname. Change protocol if it doesn't allow it.
+
+ Some issues that must be kept in mind from 1.0 and 1.1 silcd's:
+
+ o The server and router software MUST work out of the box. After
+ installation the server must not require any configuration to run the
+ most basic working configuration. No defining IP addresses, etc.
+ The server must work just by running it.
+
+ o The SERVER_SIGNOFF notify handing is not optimal, because it'll
+ cause sending of multiple SIGNOFF notify's instead of the one
+ SERVER_SIGNOFF notify that the server received. This should be
+ optimized so that the only SERVER_SIGNOFF is sent and not
+ SIGNOFF of notify at all (using SIGNOFF takes the idea about
+ SERVER_SIGNOFF away entirely).
+
+ o Another SERVER_SIGNOFF opt/bugfix: Currently the signoff is
+ sent to a client if it is on same channel as the client that
+ signoffed. However, the entire SERVER_SIGNOFF list is sent to
+ the client, ie. it may receive clients that was not on the
+ same channel. This is actually against the specs. It must be
+ done per channel. It shouldn't receive the whole list just
+ because one client happened to be on same channel.
o If client's public key is saved in the server (and doing public key
authentication) then the hostname and the username information could
be taken from the public key. Should be a configuration option!
+ o Add a timeout to handling incoming JOIN commands. It should be
+ enforced that JOIN command is executed only once in a second or two
+ seconds. Now it is possible to accept n incoming JOIN commands
+ and process them without any timeouts. THis must be employed because
+ each JOIN command will create and distribute the new channel key
+ to everybody on the channel.
-TODO/bugs In SILC Libraries
-===========================
-
- o Fix possible buffer overflows in silc_id_render function.
-
- o WIN32 silc_net_create_connection_async does not work the same way
- than on Unix. Do it with threads on WIN32. The function works but
- is not actually async currently.
-
- o Rewrite the lib/silcsim/silcsim.h. The SilcSimContext should be
- private and silc_sim_alloc should take necessary arguments.
-
- o SILC RNG does not implement random seed files, and they should be
- implemented.
-
- o The SilcSocketConnection in the SFTP interface is actually redundant
- and should perhaps be removed. The application can save it in the
- context it provides, which is delivered by SFTP libary to all
- callback functions.
-
- o EPOC specific additions/changes required:
-
- o lib/silcutil/epoc routines missing or not completed.
-
- o Rewrite the lib/silcutil/silcprotocol.[ch] not to have
- [un]register functions, but to make it context based all the
- way. The alloc should take as argument the protocol type and
- its callback (not only final callback). It is not good that we
- have now global list of registered protocols.
-
- o Global RNG should not be allowed on EPOC, since it won't
- work. Every function in library that calls the global RNG must
- also take the RNG context as argument so that application can
- provide it if it doesn't want to use global RNG.
-
- o Think some solution to the global crypto lists in lib/silccrypt.
- They won't work on EPOC.
-
- o Something needs to be thought to the logging globals as well,
- like silc_debug etc. They won't work on EPOC. Perhaps logging
- and debugging is to be disabled on EPOC.
-
-
-TODO in Toolkit Documentation
-=============================
-
-Stuff that needs to be done in order to complete the Tooolkit Reference
-Manual.
-
- o Lots of ROBOdoc header formatting is undone in lib/silcutil, and
- lib/silccrypt.
-
- o Write "Programming with Toolkit" document, describing how to build
- Toolkit, how the build system works, where is everything, how
- new (external) projects can be glued into Toolkit (use irssi as an
- example), and how external projects can use Toolkit without gluing into
- it (how to link etc), debugging, architecture, types, etc.
-
- o Write "Platform Implementations" document to describe what platforms
- Toolkit support, what has been implemented, what has not been, what
- wors differently etc.
-
-
-TODO in SILC Protocol
-=====================
-
-Current protocol version is 1.0. However, it is far from being perfect,
-and needs to include additional features. Following protocol TODO entries
-describe new stuff to be added to protocol versions 1.x.
-
- 1. Re-define the Status Payload: it is now 16 bits, split it into two
- 8 bits fields. First field includes status types from 0 - 9 and
- 10 - n *if* it is not an list of errors. If it is list of errors then
- the first field includes 1, 2 and/or 3, and the second field includes
- the error status 10 - n. This way it is possible to send multiple
- errors (list of errors) and we have a way to tell the receiver that
- there will be other errors as well. The second field is used only
- if there is list of errors. If normal status, or normal (single)
- error status the second field is set to zero, and must be ignored.
- Hence, the status works same way as now except for list of errors.
- To be included in protocol version 1.1.
-
- 2. Define that WHOIS and IDENTIFY commands must send list of errors
- if multiple Client ID (or Channel ID and Server ID for IDENTIFY) was
- requested and was not found. Each unfound entry must cause an error
- command reply to the sender. Also define that errors must be sent
- *after* sending successfully found entries (this way receiver may
- ignore them). To be included in protocol version 1.1.
-
- 3. Define the NICK_CHANGE notify to send the changed nickname as a new
- third argument. This will make the NICK_CHANGE notify handling easier
- in the receiver's end (client primarily) since it removes the
- requirement that receiver must resolve (using IDENTIFY or WHOIS) the
- new Client ID received in the notify (because of the new nickname is
- unknown). To be included in protocol version 1.1.
-
- 4. Add "request parameters" or similar to the WHOIS command, which can
- be used to request various parameters (something not returned by
- standard WHOIS command) about clients (info that could be fetched
- even from clients). Additional specification (or appendix) should
- be done to define the payload and the parameters. It could be used
- to make the WHOIS command support various search conditions as well.
- This would be the way to extend the WHOIS command to support various
- new features without always making the command incompatible to previous
- version. To be included in protocol version 1.1.
-
- 5. Inviting and banning by public key should be made possible. To be
- included in protocol version 1.x.
-
- 6. Add perhaps SILENCE_USERS, SILENCE_OPERS channel user modes which
- can be used to silence (moderate) normal users and opers (this set
- only by founder). To be included in protocol version 1.1.
-
- 7. Channel Message Payload needs slight redesining to include the IV
- field to the MAC generation of the payload. It is authenticated
- by the packet's MAC but not by the payload's MAC. Since the IV
- belongs to the payload, its integrity should be protected by the
- payload MAC and not alone by packet MAC. To be included in protocol
- version 1.1.
-
- 8. Remove the administrative commands from the protocol all together.
- It does not make sense for the protocol to define how a server is
- reconnected or shutdown, since they are implementation and
- configuration issues. Besides protocol provides only limited set of
- administrative commands and cannot define all that one could imagine.
- To be included in protocol version 1.1.
-
- 9. Add SILC_MESAGE_FLAG_REPLY for being other side to the
- SILC_MESSAGE_FLAG_REQUEST. Add generic SILC_MESSAGE_FLAG_DATA, which
- can include generic payload, which can include generic data. The
- payload definition is left out for now. To be included in protocol
- version 1.1.
-
- 10. Check command reply error status types in various commands,
- specifically NO_FOPRIV is missing from many commands. To be
- included in protocol version 1.1.
-
- 11. Change the wording in Private Message Key Payload definition to
- describe the problems of trusting the payload, and to indicate that
- the receiver may not accept the key in the payload, and to describe
- other means of distributing a key.
-
- 12. The router to router connection diagram in spec-xx is showing the
- primary routers direction to wrong direction. Swap it.
+ o Related to above. If multiple JOINs are received in sequence perhaps
+ new key should be created only once, if the JOINs are handeled at the same
+ time. Now we create multiple keys and never end up using them because
+ many JOINs are processed at the same time in sequence. Only the last
+ key ends up being used.