TODO In SILC Client Library
===========================
- o TODO in commands (silc/local_command.c, lib/silcclient/command.c and
- silc/silclient/command_reply.c):
-
- o Local command to handle private message keys is not done
- o Local command to handle channel private keys is not done
- o Local command to handle key agreement protocol is not done
- o RESTART command is not implemented
-
o Client library crashes if for example server timeouts protocol
execution and disconnects the client. The client, on the other hand
may still assume that the connection is active, even after receiving
from file and using them (see corresponding code in server, it should
support public key authentication already).
- o Connection Authentication request resolving is missing and must be
- done. This is required by the protocol.
+ o Non-blocking connection on the background must be stopped if some
+ other connection on same window has established. Now it is possible
+ that some non-blocking connection timeouts on the background when
+ we already have a working connection to some other place; things
+ goes bad.
o Add client library parameters or options that handle what kind of
messages the library should print out (using `say' client operation,
for example) and what is left for the application to print. The
appliation could for example set that it handles all command printing
but all error printing should be handled by the library, etc...
-
- o Non-blocking connection on the background must be stopped if some
- other connection on same window has established. Now it is possible
- that some non-blocking connection timeouts on the background when
- we already have a working connection to some other place; things
- goes bad.
+ This is not a showstopper.
o Input line on UI is buggy. Cursor movement etc bugs. Too lazy to
fix it.
o TODO in commands (command.c and command_reply.c):
o RESTART is not implemented
- o CMODE should be rewritten as it uses a lot duplicated code.
- Some of the modes may still not be implemented or is implemented
- the wrong way.
o In servers all command reply funtions should still call the
pending command reply even if the reply was error. In client
it is not called but in server, I think, it must be called.
o SERVER_SIGNOFF notify type is not implemented
- o TODO in authentication protocol (protocol.c):
-
- o Public key authentication is missing in initiator side. It must
- be implemented by creating the authentication data.
-
- o TODO in general server (server.c)
-
- o SILC_PACKET_CONNECTION_AUTH_REQUEST packet type is not
- implemented.
-
- o silc_server_connect_to_router_second checks the authentication
- method to be used in the connection. However, if it does not
- find it it must resolve it from the responder by sending the
- SILC_PACKET_CONNECTION_AUTH_REQUEST packet.
-
o Packet processing can be made faster. All packet function in the
packet_receive.c has same prototypes. Instead of calling those from
huge switch() make a table of callback functions that can be called
o Connection classes should be actually implemented in serverconfig.c.
They can be defined but they are totally ignored currently.
- o Connection redirect, if server is full, is not implemented. I also
- don't know how to do it currently. Maybe it shouldn't be done at all.
-
TODO In SILC Libraries
======================
+ o The SKE Start Payload parsing routines are an overkill. Use the
+ SILC_STR_UI16_NSTRING_ALLOC in the parsing and not parsing them
+ one by one like done now.
+
o Implement PFS (Perfect Forward Secrecy) flag in SKE (and in client and
server, actually). If PFS is set, re-key must cause new key exchange.
This is required by the SILC protocol.
that needs to be commited (from Schneier's Yarrow-160 paper). They
should make the RNG even better.
- o Scheduler needs to be analyzed on high load as it might be unfair
- towards select() because it may run timeout tasks before select() and
- after select(). If it is found to be unfair the timeout task running
- before select() should probably be removed.
-
TODO in the protocol before SILC 0.x
====================================
to various security reasons (the server must not trust the
public keys blindly without third party verification; that's
why SENDKEY is not for servers).
- o Define AWAY command to set the indication flag whether the
- client is present or not. Do not save the away message to the
- server though.
- o Define the channel founder property to be permanent locally in
- the server so that channel founder can regain its rights even
- if it disconnects from the server. Thus, define a new command
- or channel user mode that can be used to set the channel founder
- passphrase or public key that can be used in the authentication
- when regaining the founder rights.
-
- o New packets and features in the packets
- (draft-riikonen-silc-pp-xx.txt):
-
- o Define the Private Message packet to include private message
- flags and define the flags. The flags could indicate whether
- the message is, for example autoreply or the receiver should not
- reply to the private messages. What other flags?
-
- o New feature in the KE/auth protocol
+
+ o New features in the KE/auth protocol
(draft-riikonen-silc-ke-auth-xx.txt):
o Define group exchange support for the SKE so that the SKE
projects / silc.git / blobdiff