keys is not possible because changing the key is not possible by the
user.
+ o JOINing to +a (requires passphrase to JOIN) does not work on autojoin.
+ Seems the passwords in the .silc/config has no effect.
+
o Add local commands to list the current server and client public keys
that the user has. And a local command to dump the contents of the
public key to the screen. Something like LISTKEYS, SHOWKEY...
- o The QUIT command should wait for server's disconnection (at least for
- a while) before exiting the application.
-
- o The JOIN command's HELP is generated from Irssi IRCs JOIN help and
- the syntax is not same in SILC. This must be fixed. Most likely
- we must forget the Irssi's JOIN command and mimic it to get our
- required syntax for it too.
-
o We should get rid of the clientconfig.[ch] in Irssi SILC and move the
cipher, hash, hmac and pkcs configuration to the Irssi SILC's config
file.
TODO/bugs In SILC Client Library
================================
- o JOIN command's argument handling is buggy. See the XXX in the code.
+ o The PRIVATE_MESSAGE_KEY packet is not handled (it is implemented
+ though). This should be added and perhaps new client operation
+ should be added to notify application that it was received and
+ set the key only if application wishes to set (accept the key) it.
+
+ o Additions to do after protocol version 1.1:
+
+ o Fix the NICK_CHANGE notify handling not to create new entry
+ for the changed client, but take the nickname from the notify
+ (removes need for resolving as well). Protocol TODO entry 3.
+
+ o Add support for list of errors in command replies. Protocol
+ TODO entry 1.
TODO/bugs In SILC Server
========================
- o Add perhaps /var/run/silcd.pid for PID information for the server.
+ o The router should check for validity of received notify packets from
+ servers (after all buggy servers may send notify that is actually
+ something that should have not been sent).
+
+ o Add hashed passwords to silcd.conf file.
+
+ o Backup router related issues
- o Add a timeout to handling incmoing JOIN commands. It should be
+ o Channel user mode changes are notified unnecessarely when
+ switching to backup router on router crash.
+
+ o Add a timeout to handling incoming JOIN commands. It should be
enforced that JOIN command is executed only once in a second or two
seconds. Now it is possible to accept n incoming JOIN commands
and process them without any timeouts. THis must be employed because
each JOIN command will create and distribute the new channel key
to everybody on the channel.
- o The backup router support described in the protocol specification
- should be done at some point.
-
- o Incomplete IPv6 support:
-
- o silcd/serverid.c and its routines supports only IPv4.
-
o New configuration file format must be added. The new one will be
done using the dotconf config library (lib/dotconf). The following
tasks relates closely to this as well and must be done at the same time
o IP address fields in configuration file should accept mask
format as well, IP/MASK, and not just plain IP.
- o Connection classes should be actually implemented in
- serverconfig.c. They can be defined but they are totally
- ignored currently. And they should be redefined also.
+ o Lots of statistics updating is missing around the server.
+
+ o If client's public key is saved in the server (and doing public key
+ authentication) then the hostname and the username information could
+ be taken from the public key. Should be a configuration option!
TODO/bugs In SILC Libraries
===========================
- o Compression routines are missing. The protocol supports packet
- compression thus it must be implemented. SILC Comp API must be
- defined. zlib package is already included into the lib dir (in CVS,
- not in distribution), but it is not used yet, and it requires some
- tweaking on the Makefiles (we want static lib not shared).
-
- o All payload parsing (decoding) functions should take unsigned char *
- and uint32 as data and data length as arguments. Now some of the
- routines do already that but most of the routines use SilcBuffer.
- The SilcBuffer ones should be removed since buf->data and buf->len
- is more convenient to use. However, the silc_buffer_[un]format
- routines support only SilcBuffer so they would require reallocation
- of SilcBuffer. Maybe support for raw data (and not just SilcBuffer)
- should be added silc_buffer_[un]format_? routines. These are currently
- only cosmetic changes but at some point must be done to make the
- payload interfaces consistent.
-
- o Incomplete IPv6 support:
-
- o All network routines in lib/silcutil/silcnet.[ch] does not
- support IPv6.
- o silc_id_render supports only IPv4 based ID's in the file
- lib/silcutil/silcutil.c.
+ o WIN32 silc_net_create_connection_async does not work the same way
+ than on Unix. Do it with threads on WIN32. The function works but
+ is not actually async currently.
- o Add builtin SOCKS and HTTP Proxy support, well the SOCKS at least.
- SILC currently supports SOCKS4 and SOCKS5 but it needs to be compiled
- in separately.
-
-
-TODO/Bugs in native WIN32 support (libraries)
-=============================================
+ o Rewrite the lib/silcsim/silcsim.h. The SilcSimContext should be
+ private and silc_sim_alloc should take necessary arguments.
- o silc_net_create_connection_async does not work the same way than on
- Unix. Do it with threads on WIN32. The function works but is not
- actually async currently.
-
-TODO In SILC Protocol
+TODO in SILC Protocol
=====================
- o If channel founder mode is set and the invite mode is set on channel
- then the founder should be added to the list automatically so that
- if the founder signoff's it will be able join again to the invite only
- channel wihtout being invited.
+Current protocol version is 1.0. However, it is far from being perfect,
+and needs to include additional features. Following protocol TODO entries
+describe new stuff to be added to protocol versions 1.x.
+
+ 1. Re-define the Status Payload: it is now 16 bits, split it into two
+ 8 bits fields. First field includes status types from 0 - 9 and
+ 10 - n *if* it is not an list of errors. If it is list of errors then
+ the first field includes 1, 2 and/or 3, and the second field includes
+ the error status 10 - n. This way it is possible to send multiple
+ errors (list of errors) and we have a way to tell the receiver that
+ there will be other errors as well. The second field is used only
+ if there is list of errors. If normal status, or normal (single)
+ error status the second field is set to zero, and must be ignored.
+ Hence, the status works same way as now except for list of errors.
+ To be included in protocol version 1.1.
+
+ 2. Define that WHOIS and IDENTIFY commands must send list of errors
+ if multiple Client ID (or Channel ID and Server ID for IDENTIFY) was
+ requested and was not found. Each unfound entry must cause an error
+ command reply to the sender. Also define that errors must be sent
+ *after* sending successfully found entries (this way receiver may
+ ignore them). To be included in protocol version 1.1.
+
+ 3. Define the NICK_CHANGE notify to send the changed nickname as a new
+ third argument. This will make the NICK_CHANGE notify handling easier
+ in the receiver's end (client primarily) since it removes the
+ requirement that receiver must resolve (using IDENTIFY or WHOIS) the
+ new Client ID received in the notify (because of the new nickname is
+ unknown). To be included in protocol version 1.1.
+
+ 4. Add "request parameters" or similar to the WHOIS command, which can
+ be used to request various parameters (something not returned by
+ standard WHOIS command) about clients (info that could be fetched
+ even from clients). Additional specification (or appendix) should
+ be done to define the payload and the parameters. It could be used
+ to make the WHOIS command support various search conditions as well.
+ This would be the way to extend the WHOIS command to support various
+ new features without always making the command incompatible to previous
+ version. To be included in protocol version 1.1.
+
+ 5. Inviting and banning by public key should be made possible. To be
+ included in protocol version 1.x.
+
+ 6. Add perhaps SILENCE_USERS, SILENCE_OPERS channel user modes which
+ can be used to silence (moderate) normal users and opers (this set
+ only by founder). To be included in protocol version 1.1.
+
+ 7. Channel Message Payload needs slight redesining to include the IV
+ field to the MAC generation of the payload. It is authenticated
+ by the packet's MAC but not by the payload's MAC. Since the IV
+ belongs to the payload, its integrity should be protected by the
+ payload MAC and not alone by packet MAC. To be included in protocol
+ version 1.1.
+
+ 8. Remove the administrative commands from the protocol all together.
+ It does not make sense for the protocol to define how a server is
+ reconnected or shutdown, since they are implementation and
+ configuration issues. Besides protocol provides only limited set of
+ administrative commands and cannot define all that one could imagine.
+ To be included in protocol version 1.1.
+
+ 9. Add SILC_MESAGE_FLAG_REPLY for being other side to the
+ SILC_MESSAGE_FLAG_REQUEST. Add generic SILC_MESSAGE_FLAG_DATA, which
+ can include generic payload, which can include generic data. The
+ payload definition is left out for now. To be included in protocol
+ version 1.1.
+
+ 10. Check command reply error status types in various commands,
+ specifically NO_FOPRIV is missing from many commands. To be
+ included in protocol version 1.1.
TODO After 1.0
==============
+A rough list of stuff that is going to be done to SILC after 1.0 or at
+least could be done.
+
+ o Implement the defined SilcDH API. The definition is in
+ lib/silccrypt/silcdh.h.
+
o X.509 certificate support. SILC protocol supports certificates and
it would be great to have support for them. This is a big task as
support has to be made for ASN.1 as well. I've looked into OpenSSL
to start writing one myself. Anyhow, the OpenSSL X.509 lib should
be checked.
- Other package that should be checked is the NSS's X509 library.
+ Other package that should be checked is the NSS's X509 library,
+ which I like more over OpenSSL package.
- o SSH2 public keys support. Maybe - not really needed but could be
- nice as SSH is widely used all over the place. SILC Protocol
- supports SSH2 public keys.
+ o SSH2 public keys support, allowing the use of SSH2 public keys in
+ SILC.
+
+ o OpenPGP certificate support, allowing the use of PGP public keys
+ in SILC.
+
+ o Compression routines are missing. The protocol supports packet
+ compression thus it must be implemented. SILC Zip API must be
+ defined.
+
+ o Rewrite the lib/silcutil/silcprotocol.[ch] not to have [un]register
+ functions, but to make it context based all the way. The alloc should
+ take as argument the protocol type and its callback (not only
+ final callback). It is not good that we have now global list of
+ registered protocols.
+
+ o Optimizations in Libraries
+
+ o There is currently three (3) allocations per packet in the
+ silc_packet_receive_process, which is used to process and
+ dispatch all packets in the packet queue to the parser callback
+ function. First allocation is for parse_ctx, second for the
+ SilcPacketContext, and third for packet->buffer where the actual
+ data is saved.
+
+ The parse_ctx allocation can be removed by adding it as a
+ structure to the SilcPacketContext. When the SilcPacketContext
+ is allocated there is space for the parse context already.
+
+ The silc_packet_context_alloc could have a free list of
+ packet contexts. If free packet context is found from the list
+ it is returned instead of allocating a new one. The library
+ could at first allocate them and save them to the free list
+ until enough contexts for smooth processing exists in the list.
+ This would remove a big allocation since the structure is
+ quite big, and even bigger if it would include the parse_ctx.
+
+ The packet->buffer can be optimized too if the SilcBuffer
+ interface would support free lists as well. Maybe such could
+ be done in the same way as for SilcPacketContext. The
+ silc_buffer_alloc would check free list before actually
+ allocating new memory. Since the packets in the SILC protocol
+ usually are about the same size (due to padding) it would be
+ easy to find suitable size buffer from the free list very
+ quickly.
+
+ These naturally cause the overal memory consumption to grow
+ but would take away many allocations that can be done several
+ times in a second.
+
+ o Move the actual file descriptor task callback (the callback that
+ handles the incoming data, outgoing data etc, that is implemnted
+ in server and client separately (silc_server_packet_process and
+ silc_client_packet_proces)) to the low level socket connection
+ handling routines, and create an interface where the application
+ can register a callbacks for incoming data, outoing data and EOF
+ receiving, which the library will call when necessary. This way
+ we can move the data handling in one place.
+
+ o Add silc_id_str2id to accept the destination buffer as argument
+ and thus not require any memory allocation. Same will happen
+ with silc_id_payload_* functions.
+
+ o Optimizations in Server
+
+ o Remove the big switch statement from the function
+ silc_server_packet_parse_type and replace it with predefined
+ table of function pointers where each of the slot in table
+ represents the packet type value.
+
+ Same could be done with notify packets which has big switch
+ statement too. Same kind of table of notify callbacks could be
+ done as well.
+
+ o The parser callback in the server will add a timeout task for
+ all packets. It will require registering and allocating a
+ new task to the SilcSchedule. Maybe, at least, for server
+ and router packets the parser would be called immediately
+ instead of adding it to the scheduler with 0 timeout. It
+ should be analyzed too how slow the task registering process
+ actually is, and find out ways to optimize it.
+
+ o Add SilcAsyncOperation to utility library.
o Cipher optimizations (asm, that this) at least for i386 would be nice.
+
+ o Add builtin SOCKS and HTTP Proxy support, well the SOCKS at least.
+ SILC currently supports SOCKS4 and SOCKS5 but it needs to be compiled
+ in separately.