New features TODO
=================
+ o Optimization in general. I have not focused to program optimized code
+ in many circumstances. It has been more important to get this up and
+ working. A lot must be optimized especially the ID cache. Instead of
+ using lists some hash tables should be used. The searching by ID and
+ such must be made a lot faster. If someone would like dedicate their
+ efforts purely to generate optimized code I'd be appreaciated.
+
o We should replace all short, int, long, unsigned short, unsigned int,
unsigned long with some pre-defined datatypes that really are what
we want on all platforms. int16, uint16, int32, uint32 etc. are
TODO In SILC Client Library
===========================
+ o Add client library parameters or options that handle what kind of
+ messages the library should print out (using `say' client operation,
+ for example) and what is left for the application to print. The
+ appliation could for example set that it handles all command printing
+ but all error printing should be handled by the library, etc...
+
o Non-blocking connection on the background must be stopped if some
other connection on same window has established. Now it is possible
that some non-blocking connection timeouts on the background when
message sending. I guess the logic is done in server side but is
missing from client.
- o Private message key setting is missing and must be implemented.
- Currently private messages are encrypted with session keys. This
- is required by the protocol.
-
- o Channel private key setting is missing and must be implemented.
- Currently there cannot be private keys for channels. Normal channel
- keys (generated by server) are used. This is required by the protocol.
-
o I guess, public key authentication (when connecting to a server)
is not working currently. It is just matter of loading the keys
from file and using them (see corresponding code in server, it should
o Connection Authentication request resolving is missing and must be
done. This is required by the protocol.
- o Move ssh_client_notify_by_server to its own file (like notify.[ch]).
-
- o Key Exchange protocol's responder side is missing from client.
- Generally it is possible for the client to be responder so it should
- be implemented (See corresponding code from server). Error handling
- in the KE protocol is also in pretty bad shape in client.
-
TODO In SILC Server
===================
+ o Packet processing can be made faster. All packet function in the
+ packet_receive.c has same prototypes. Instead of calling those from
+ huge switch() make a table of callback functions that can be called
+ directly by the packet type.
+
+ o silc_server_send_key_agreement and silc_server_send_private_message_key
+ are one and same function (also silc_server_send_private_message is
+ almost same function). These should be unified to one generic named
+ function and use that.
+
o DNS/IP lookup blocks the server. This must be fixed. Check the
resolver stuff (resolver(3), resolver(5)). Either we have to do the
own resolver stuff (through scheduler, if possible without writing
o Protocol execution timeouts are hard coded, should be configurable.
- o serverconfig.c and the function naming in it is inconsistent. It is
- not silc_config_server* it should be silc_server_config*. As should
- all the SilcConfigServer* types be SilcServerConfig*.
-
- o Implement DENY_CONNECTION section in serverconfig.c and in server.
-
- o Implement REDIRECT_CLIENT section in serverconfig.c and in server.
-
- o Configuration file format - could be better.
-
o IP address fields in configuration file should accept mask format
as well, IP/MASK, and not just plain IP.
checked at the authentication phase after KE, that is ok, but it should
be checked before starting KE, as well.
- o Statistics are totally missing from the server. It would be nice
- to gather some statistics.
-
TODO In SILC Libraries
======================
+ o Rewrite the task system. I made it too complex and too "neat" and
+ it really should be rewritten. We don't need priorities really, one
+ priority is enough. This will simplify a lot the task system.
+
o Implement PFS (Perfect Forward Secrecy) flag in SKE (and in client and
server, actually). If PFS is set, re-key must cause new key exchange.
This is required by the SILC protocol.
- o silc_id_str2id must also take ID length as argument. Otherwise, variable
- length ID's (after we add IPv6) will not work.
-
o Re-key in general is actually missing (from everywhere) and must be done.
o ID Cache expiry does not work.
- o PKCS#1 style RSA public key encryption/decryption/sign/verify is
- missing, and should be added for interoperability reasons. The thing
- I've done now is bad and should be removed as soon as possible (or
- the protocol should then state the method of how they should be done).
-
- o Scheduler needs to be analyzed on high load as it might be unfair
- towards select() because it may run timeout tasks before select() and
- after select(). If it is found to be unfair the timeout task running
- before select() should probably be removed.
-
- o On select() issue; maybe we should use poll() instead if it is
- available? poll() doesn't have max fd limit...
-
- o SIM support for SILC PKCS API needs to made so that they could be
- used as SIM's. At the same time some work is required on prime
- generation as the way it is done now sucks. Read from code for
- more (silcpkcs.h).
-
o Compression routines are missing. The protocol supports packet
compression thus it must be implemented. SILC Comp API must be
defined. zlib package is already included into the lib dir (in CVS,
not in distribution), but it is not used yet, and it requires some
tweaking on the Makefiles (we want static lib not shared).
- o Cipher API needs to be made more consistent. Some parts of the
- code generated with current Cipher API looks really bad. Same
- is with PKCS API, even worse actually. They need to be made
- cleaner. Introducing silc_cipher_encrypt/decrypt/set_key etc.
- functions (I actually don't understand why have I left these un-done).
+ o SIM support for SILC PKCS API needs to made so that they could be
+ used as SIM's. At the same time some work is required on prime
+ generation as the way it is done now sucks. Read from code for
+ more (silcpkcs.h).
o Random Number Generator needs some tweaking. Reading /dev/random may
block resulting slow initialization of RNG. Some other things in the
that needs to be commited (from Schneier's Yarrow-160 paper). They
should make the RNG even better.
- o silc_buffer_[un]format() needs to be made more stable as it may
- crash the SILC if malformed data is sent as argument. There are a
- lot of places in client and server where we trust directly data coming
- from network and try to unformat it. The unformatting routine needs
- to be able handle situations where data sent is malformed, by mistake
- or intentionally. This is important as it is easy to crash the SILC
- now by just sending malformed data. Also, in client and server we
- must start checking the return value from silc_buffer_[un]format.
+ o Scheduler needs to be analyzed on high load as it might be unfair
+ towards select() because it may run timeout tasks before select() and
+ after select(). If it is found to be unfair the timeout task running
+ before select() should probably be removed.
Other Things TODO
projects / silc.git / blobdiff