-TODO
-====
+TODO/bugs in Irssi SILC client
+==============================
-This is more or less complete list of tasks that has to be done before
-SILC 1.0 could ever be released. It is clear that the list does not
-include all the bugs that exists. At the end of list are tasks that
-needs to be done but are probably post 1.0.
+ o Add local command to switch the channel's private key when channel has
+ several private keys. Currently sending channel messages with many
+ keys is not possible because changing the key is not possible by the
+ user.
-Feel free to contribute if you have the ability and free time - all the
-help is really appreciated - and needed.
+ o JOINing to +a (requires passphrase to JOIN) does not work on autojoin.
+ Seems the passwords in the .silc/config has no effect.
- - Pekka
+ o Add local commands to list the current server and client public keys
+ that the user has. And a local command to dump the contents of the
+ public key to the screen. Something like LISTKEYS, SHOWKEY...
+ o The JOIN command's HELP is generated from Irssi IRCs JOIN help and
+ the syntax is not same in SILC. This must be fixed. Most likely
+ we must forget the Irssi's JOIN command and mimic it to get our
+ required syntax for it too.
-TODO General
-============
+ o We should get rid of the clientconfig.[ch] in Irssi SILC and move the
+ cipher, hash, hmac and pkcs configuration to the Irssi SILC's config
+ file.
- o We should replace all short, int, long, unsigned short, unsigned int,
- unsigned long with some pre-defined datatypes that really are what
- we want on all platforms. int16, uint16, int32, uint32 etc. are
- what we could use or maybe SilcInt16, SilcUInt16 etc. Also, boolean
- datatype should be defined.
+ o Add PERL scripting support from Irssi CVS.
+ o Extend the /HELP command to support sub commands or something. So
+ that user can say /help set mutual_authentication they would get
+ help of the mutual_authentication setting.
-TODO In SILC Client Library
-===========================
-
- o Client library crashes if for example server timeouts protocol
- execution and disconnects the client. The client, on the other hand
- may still assume that the connection is active, even after receiving
- the EOF. Reason for this is that the clien library does not handle
- the SilcSocketConnection reference counter at all. This must be
- fixed.
-
- o Logic for handling multiple same nicknames for example in private
- message sending. I guess the logic is done in server side but is
- missing from client.
-
- o I guess, public key authentication (when connecting to a server)
- is not working currently. It is just matter of loading the keys
- from file and using them (see corresponding code in server, it should
- support public key authentication already).
-
- o Non-blocking connection on the background must be stopped if some
- other connection on same window has established. Now it is possible
- that some non-blocking connection timeouts on the background when
- we already have a working connection to some other place; things
- goes bad.
-
- o Add client library parameters or options that handle what kind of
- messages the library should print out (using `say' client operation,
- for example) and what is left for the application to print. The
- appliation could for example set that it handles all command printing
- but all error printing should be handled by the library, etc...
- This is not a showstopper.
-
- o Input line on UI is buggy. Cursor movement etc bugs. Too lazy to
- fix it.
-
-
-TODO In SILC Server
-===================
-
- o TODO in commands (command.c and command_reply.c):
-
- o RESTART is not implemented
- o In servers all command reply funtions should still call the
- pending command reply even if the reply was error. In client
- it is not called but in server, I think, it must be called.
- When implementing this check that all commands handle the
- situation correctly when it is called as pending command
- (it should most likely check that cmd->pending == TRUE/FALSE).
+ o Set different kind of settings, like, /set mutual_authentication,
+ /set key_exchange_timeout, /set conn_auth_timeout etc etc.
- o TODO in notify types (packet_receive.c):
- o SERVER_SIGNOFF notify type is not implemented
+TODO/bugs In SILC Client Library
+================================
- o Packet processing can be made faster. All packet function in the
- packet_receive.c has same prototypes. Instead of calling those from
- huge switch() make a table of callback functions that can be called
- directly by the packet type.
+ o JOIN command's argument handling is buggy. See the XXX in the code.
- o DNS/IP lookup blocks the server. This must be fixed. Check the
- resolver stuff (resolver(3), resolver(5)). Either we have to do the
- own resolver stuff (through scheduler, if possible without writing
- too much own stuff) or use threads.
- o Acceptance of incoming connections (client and server connections)
- should be checked before key exchange protocol. Currently it is
- checked at the authentication phase after KE, that is ok, but it should
- be checked before starting KE, as well.
+TODO/bugs In SILC Server
+========================
- o Server says that it is able to listen on multiple ports but currently
- that is bogus. It can, but internals are for single server.
+ o Implement the <founder auth> and founder privileges gaining to
+ the JOIN command. This will bypass invite-only mode as well for
+ the client who got the founder mode during JOIN.
- o Protocol execution timeouts are hard coded, should be configurable.
+ o Optimize the WHOIS and IDENTIFY commands to check if the request
+ includes an ID or multiple IDs, then they are checked from local cache
+ first, and not sent directly to router. This is because if they
+ are found in the local cache there's no need to send them to the
+ router. Only if some ID is not found, or an found entry is
+ incomplete it can be queried from the router. This way these
+ commands become faster, and for example JOIN command becomes a lot
+ faster since the server ends up resolving the same information only
+ once, as opposed to resolve it everytime JOIN command is issued, like
+ it does now.
- o IP address fields in configuration file should accept mask format
- as well, IP/MASK, and not just plain IP.
+ The same thing can be done with WHOWAS command as well.
- o Connection classes should be actually implemented in serverconfig.c.
- They can be defined but they are totally ignored currently.
+ It is important to send these requests to router only if they can be
+ expanded to many results (as when doing WHOIS for nickname). If
+ they are explicit (like requesting by ID) the local cache MUST be
+ searched before sending it to router.
+ o Announcements are incomplete: channel topics are not announced,
+ user modes (UMODE) are not announced.
-TODO In SILC Libraries
-======================
+ o Change the server to connect to another server from low ports (706)
+ and not from high ports. Currently we cannot do incoming connection
+ checking by remote port because the port is not fixed.
- o The SKE Start Payload parsing routines are an overkill. Use the
- SILC_STR_UI16_NSTRING_ALLOC in the parsing and not parsing them
- one by one like done now.
+ o Backup router related issues
- o Implement PFS (Perfect Forward Secrecy) flag in SKE (and in client and
- server, actually). If PFS is set, re-key must cause new key exchange.
- This is required by the SILC protocol.
+ o After backup resume protocol the TOPIC_SET was not handled
+ correctly by all (unknown Channel ID).
- o Re-key in general is actually missing (from everywhere) and must be done.
+ o Channel user mode changes are notified unnecessarely when
+ switching to backup router on router crash.
- o Compression routines are missing. The protocol supports packet
- compression thus it must be implemented. SILC Comp API must be
- defined. zlib package is already included into the lib dir (in CVS,
- not in distribution), but it is not used yet, and it requires some
- tweaking on the Makefiles (we want static lib not shared).
+ o If client's public key is saved in the server (and doing public key
+ authentication) then the hostname and the username information could
+ be taken from the public key. Should be a configuration option!
- o Rewrite the task system. I made it too complex and too "neat" and
- it really should be rewritten. We don't need priorities really, one
- priority is enough. This will simplify a lot the task system.
+ o Add a timeout to handling incoming JOIN commands. It should be
+ enforced that JOIN command is executed only once in a second or two
+ seconds. Now it is possible to accept n incoming JOIN commands
+ and process them without any timeouts. THis must be employed because
+ each JOIN command will create and distribute the new channel key
+ to everybody on the channel.
- o SIM support for SILC PKCS API needs to made so that they could be
- used as SIM's. At the same time some work is required on prime
- generation as the way it is done now sucks. Read from code for
- more (silcpkcs.h).
+ o New configuration file format must be added. The new one will be
+ done using the dotconf config library (lib/dotconf). The following
+ tasks relates closely to this as well and must be done at the same time
+ when adding the new config file format:
- o Random Number Generator needs some tweaking. Reading /dev/random may
- block resulting slow initialization of RNG. Some other things in the
- RNG may block as well. Also, I have some pending changes to the RNG
- that needs to be commited (from Schneier's Yarrow-160 paper). They
- should make the RNG even better.
+ o Server says that it is able to listen on multiple ports but
+ currently that is bogus. It can, but internals are for single
+ server.
+ o Protocol execution timeouts are hard coded, should be
+ configurable.
-TODO in the protocol before SILC 0.x
-====================================
+ o IP address fields in configuration file should accept mask
+ format as well, IP/MASK, and not just plain IP.
- o New commands and features in the commands
- (draft-riikonen-silc-spec-xx.txt):
+ o Connection classes should be actually implemented in
+ serverconfig.c. They can be defined but they are totally
+ ignored currently. And they should be redefined also.
- o Define GETKEY command to fetch the public key of a server
- and/or a client in the SILC Network.
- o Define SENDKEY command to send your public key to a client
- in the network. Sending to the server must not be done due
- to various security reasons (the server must not trust the
- public keys blindly without third party verification; that's
- why SENDKEY is not for servers).
- o New features in the KE/auth protocol
- (draft-riikonen-silc-ke-auth-xx.txt):
+TODO/bugs In SILC Libraries
+===========================
- o Define group exchange support for the SKE so that the SKE
- could be performed among more than two entities. This is not
- a showstopper and may be defined later.
+ o WIN32 silc_net_create_connection_async does not work the same way
+ than on Unix. Do it with threads on WIN32. The function works but
+ is not actually async currently.
TODO After 1.0
==============
- o Pthreads support. A lot of problems are solved with server (and with
- client as well) if we add pthread support. We can forget things such
- as non-blocking connecting etc, and we can do things such as DNS/IP
- lookups async. The server itself also benefits great deal from
- threads, especially from performance point of view.
+ o Compression routines are missing. The protocol supports packet
+ compression thus it must be implemented. SILC Zip API must be
+ defined. zlib package is already included into the lib dir (in CVS,
+ not in distribution), but it is not used yet, and it requires some
+ tweaking on the Makefiles (we want static lib not shared).
- But, this is not a small task and almost entire SILC Library has to
- be made re-entrant. Own API is probably added for the threads support
- to make changes in the future as painless as possible. So the API
- would have things like silc_mutex_lock, silc_mutex_unlock and
- friends...
+ o Add builtin SOCKS and HTTP Proxy support, well the SOCKS at least.
+ SILC currently supports SOCKS4 and SOCKS5 but it needs to be compiled
+ in separately.
o X.509 certificate support. SILC protocol supports certificates and
it would be great to have support for them. This is a big task as
to start writing one myself. Anyhow, the OpenSSL X.509 lib should
be checked.
+ Other package that should be checked is the NSS's X509 library.
+
o SSH2 public keys support. Maybe - not really needed but could be
nice as SSH is widely used all over the place. SILC Protocol
supports SSH2 public keys.
+ o OpenPGP certificate support.
+
o Cipher optimizations (asm, that this) at least for i386 would be nice.