TODO In SILC Client Library
===========================
+ o Client library crashes if for example server timeouts protocol
+ execution and disconnects the client. The client, on the other hand
+ may still assume that the connection is active, even after receiving
+ the EOF. Reason for this is that the clien library does not handle
+ the SilcSocketConnection reference counter at all. This must be
+ fixed.
+
+ o Add client library parameters or options that handle what kind of
+ messages the library should print out (using `say' client operation,
+ for example) and what is left for the application to print. The
+ appliation could for example set that it handles all command printing
+ but all error printing should be handled by the library, etc...
+
o Non-blocking connection on the background must be stopped if some
other connection on same window has established. Now it is possible
that some non-blocking connection timeouts on the background when
message sending. I guess the logic is done in server side but is
missing from client.
- o Private message key setting is missing and must be implemented.
- Currently private messages are encrypted with session keys. This
- is required by the protocol.
-
- o Channel private key setting is missing and must be implemented.
- Currently there cannot be private keys for channels. Normal channel
- keys (generated by server) are used. This is required by the protocol.
-
o I guess, public key authentication (when connecting to a server)
is not working currently. It is just matter of loading the keys
from file and using them (see corresponding code in server, it should
o Connection Authentication request resolving is missing and must be
done. This is required by the protocol.
- o Move ssh_client_notify_by_server to its own file (like notify.[ch]).
-
- o Key Exchange protocol's responder side is missing from client.
- Generally it is possible for the client to be responder so it should
- be implemented (See corresponding code from server). Error handling
- in the KE protocol is also in pretty bad shape in client.
-
TODO In SILC Server
===================
+ o TODO in commands (command.c and command_reply.c):
+
+ o RESTART is not implemented
+ o CMODE should be rewritten as it uses a lot duplicated code.
+ Some of the modes may still not be implemented or is implemented
+ the wrong way.
+ o In servers all command reply funtions should still call the
+ pending command reply even if the reply was error. In client
+ it is not called but in server, I think, it must be called.
+ When implementing this check that all commands handle the
+ situation correctly when it is called as pending command
+ (it should most likely check that cmd->pending == TRUE/FALSE).
+
+ o TODO in notify types (packet_receive.c):
+
+ o CHANNEL_CHANGE notify type is not implemented
+ o SERVER_SIGNOFF notify type is not implemented
+
+ o Packet processing can be made faster. All packet function in the
+ packet_receive.c has same prototypes. Instead of calling those from
+ huge switch() make a table of callback functions that can be called
+ directly by the packet type.
+
o DNS/IP lookup blocks the server. This must be fixed. Check the
resolver stuff (resolver(3), resolver(5)). Either we have to do the
own resolver stuff (through scheduler, if possible without writing
too much own stuff) or use threads.
- o Length of the packet processing timeouts needs to be checked whether
- they are too short or too long. I haven't really tested whether they
- are suitable. They should be tested on high load which I haven't done
- at all yet.
-
- o INVITE command must set the channel's invite list if channel is
- invite-only channel.
+ o Acceptance of incoming connections (client and server connections)
+ should be checked before key exchange protocol. Currently it is
+ checked at the authentication phase after KE, that is ok, but it should
+ be checked before starting KE, as well.
o Server says that it is able to listen on multiple ports but currently
that is bogus. It can, but internals are for single server.
- o Command flag usage in general is not implemented yet.
-
- o Client history must be implemented. Protocol says that server must
- keep history information about clients for some period of time.
-
o Protocol execution timeouts are hard coded, should be configurable.
- o Implement DENY_CONNECTION section in serverconfig.c and in server.
-
- o Implement REDIRECT_CLIENT section in serverconfig.c and in server.
-
- o Configuration file format - could be better.
-
o IP address fields in configuration file should accept mask format
as well, IP/MASK, and not just plain IP.
o Connection classes should be actually implemented in serverconfig.c.
They can be defined but they are totally ignored currently.
- o Acceptance of incoming connections (client and server connections)
- should be checked before key exchange protocol. Currently it is
- checked at the authentication phase after KE, that is ok, but it should
- be checked before starting KE, as well.
-
- o Statistics are totally missing from the server. It would be nice
- to gather some statistics.
-
TODO In SILC Libraries
======================
server, actually). If PFS is set, re-key must cause new key exchange.
This is required by the SILC protocol.
- o silc_id_str2id must also take ID length as argument. Otherwise, variable
- length ID's (after we add IPv6) will not work.
-
o Re-key in general is actually missing (from everywhere) and must be done.
o ID Cache expiry does not work.
- o PKCS#1 style RSA public key encryption/decryption/sign/verify is
- missing, and should be added for interoperability reasons. The thing
- I've done now is bad and should be removed as soon as possible (or
- the protocol should then state the method of how they should be done).
-
- o Scheduler needs to be analyzed on high load as it might be unfair
- towards select() because it may run timeout tasks before select() and
- after select(). If it is found to be unfair the timeout task running
- before select() should probably be removed.
-
- o On select() issue; maybe we should use poll() instead if it is
- available? poll() doesn't have max fd limit...
-
- o SIM support for SILC PKCS API needs to made so that they could be
- used as SIM's. At the same time some work is required on prime
- generation as the way it is done now sucks. Read from code for
- more (silcpkcs.h).
-
o Compression routines are missing. The protocol supports packet
compression thus it must be implemented. SILC Comp API must be
defined. zlib package is already included into the lib dir (in CVS,
not in distribution), but it is not used yet, and it requires some
tweaking on the Makefiles (we want static lib not shared).
- o Cipher API needs to be made more consistent. Some parts of the
- code generated with current Cipher API looks really bad. Same
- is with PKCS API, even worse actually. They need to be made
- cleaner. Introducing silc_cipher_encrypt/decrypt/set_key etc.
- functions (I actually don't understand why have I left these un-done).
+ o SIM support for SILC PKCS API needs to made so that they could be
+ used as SIM's. At the same time some work is required on prime
+ generation as the way it is done now sucks. Read from code for
+ more (silcpkcs.h).
o Random Number Generator needs some tweaking. Reading /dev/random may
block resulting slow initialization of RNG. Some other things in the
that needs to be commited (from Schneier's Yarrow-160 paper). They
should make the RNG even better.
- o silc_buffer_[un]format() needs to be made more stable as it may
- crash the SILC if malformed data is sent as argument. There are a
- lot of places in client and server where we trust directly data coming
- from network and try to unformat it. The unformatting routine needs
- to be able handle situations where data sent is malformed, by mistake
- or intentionally. This is important as it is easy to crash the SILC
- now by just sending malformed data. Also, in client and server we
- must start checking the return value from silc_buffer_[un]format.
+ o Scheduler needs to be analyzed on high load as it might be unfair
+ towards select() because it may run timeout tasks before select() and
+ after select(). If it is found to be unfair the timeout task running
+ before select() should probably be removed.
Other Things TODO
projects / runtime.git / blobdiff