-TODO
-====
+TODO/bugs in Irssi SILC client
+==============================
-This is more or less complete list of tasks that has to be done before
-SILC 1.0 could ever be released. It is clear that the list does not
-include all the bugs that exists. At the end of list are tasks that
-needs to be done but are probably post 1.0.
+ o Fix the silc_channels_join to parse the command like, with fe.
+ silc_parse_command_line, because currently it ignores all options,
+ including passphrase which makes autojoin impossible to +a channels.
+ Other important options are ignored too.
-Feel free to contribute if you have the ability and free time - all the
-help is really appreciated - and needed.
+ o Add local command to switch the channel's private key when channel has
+ several private keys. Currently sending channel messages with many
+ keys is not possible because changing the key is not possible by the
+ user.
- - Pekka
+ o /cumode for unknown nick does not give any error message.
-TODO General
-============
+TODO/bugs In SILC Client Library
+================================
- o We should replace all short, int, long, unsigned short, unsigned int,
- unsigned long with some pre-defined datatypes that really are what
- we want on all platforms. int16, uint16, int32, uint32 etc. are
- what we could use or maybe SilcInt16, SilcUInt16 etc. Also, boolean
- datatype should be defined.
+ o The PRIVATE_MESSAGE_KEY packet is not handled (it is implemented
+ though). This should be added and perhaps new client operation
+ should be added to notify application that it was received and
+ set the key only if application wishes to set (accept the key) it.
+ o Additions to do after protocol version 1.1:
-TODO In SILC Client Library
-===========================
-
- o Client library crashes if for example server timeouts protocol
- execution and disconnects the client. The client, on the other hand
- may still assume that the connection is active, even after receiving
- the EOF. Reason for this is that the clien library does not handle
- the SilcSocketConnection reference counter at all. This must be
- fixed.
-
- o Logic for handling multiple same nicknames for example in private
- message sending. I guess the logic is done in server side but is
- missing from client.
-
- o I guess, public key authentication (when connecting to a server)
- is not working currently. It is just matter of loading the keys
- from file and using them (see corresponding code in server, it should
- support public key authentication already).
-
- o Non-blocking connection on the background must be stopped if some
- other connection on same window has established. Now it is possible
- that some non-blocking connection timeouts on the background when
- we already have a working connection to some other place; things
- goes bad.
-
- o Add client library parameters or options that handle what kind of
- messages the library should print out (using `say' client operation,
- for example) and what is left for the application to print. The
- appliation could for example set that it handles all command printing
- but all error printing should be handled by the library, etc...
- This is not a showstopper.
-
- o Input line on UI is buggy. Cursor movement etc bugs. Too lazy to
- fix it.
-
+ o Fix the NICK_CHANGE notify handling not to create new entry
+ for the changed client, but take the nickname from the notify
+ (removes need for resolving as well). Protocol TODO entry 3.
-TODO In SILC Server
-===================
+ o Add support for list of errors in command replies. Protocol
+ TODO entry 1.
- o TODO in commands (command.c and command_reply.c):
- o RESTART is not implemented
- o In servers all command reply funtions should still call the
- pending command reply even if the reply was error. In client
- it is not called but in server, I think, it must be called.
- When implementing this check that all commands handle the
- situation correctly when it is called as pending command
- (it should most likely check that cmd->pending == TRUE/FALSE).
+TODO/bugs In SILC Server
+========================
- o TODO in notify types (packet_receive.c):
+ o Configuration file additions:
- o SERVER_SIGNOFF notify type is not implemented
+ o Add incoming connection frequency, incoming connection frequency
+ for single IP address, key exchange frequency, key exchange
+ frequency for single IP. Add also frequency base.
- o Packet processing can be made faster. All packet function in the
- packet_receive.c has same prototypes. Instead of calling those from
- huge switch() make a table of callback functions that can be called
- directly by the packet type.
+ o Add hashed passwords to config file.
- o DNS/IP lookup blocks the server. This must be fixed. Check the
- resolver stuff (resolver(3), resolver(5)). Either we have to do the
- own resolver stuff (through scheduler, if possible without writing
- too much own stuff) or use threads.
+ o Add rehashing support.
- o Acceptance of incoming connections (client and server connections)
- should be checked before key exchange protocol. Currently it is
- checked at the authentication phase after KE, that is ok, but it should
- be checked before starting KE, as well.
+ o If server send CUMODE_CHANGE notify (like setting founder) to router
+ and router does not have founder on channel (founder is left or there's
+ no founder on channel at all), the router will accept the server's
+ founder mode change, even though it perhaps should not do that.
- o Server says that it is able to listen on multiple ports but currently
- that is bogus. It can, but internals are for single server.
+ o The router should check for validity of received notify packets from
+ servers (after all buggy servers may send notify that is actually
+ something that should have not been sent).
- o Protocol execution timeouts are hard coded, should be configurable.
+ o Add a timeout to handling incoming JOIN commands. It should be
+ enforced that JOIN command is executed only once in a second or two
+ seconds. Now it is possible to accept n incoming JOIN commands
+ and process them without any timeouts. THis must be employed because
+ each JOIN command will create and distribute the new channel key
+ to everybody on the channel.
- o IP address fields in configuration file should accept mask format
- as well, IP/MASK, and not just plain IP.
+ o Backup router related issues
- o Connection classes should be actually implemented in serverconfig.c.
- They can be defined but they are totally ignored currently.
+ o Channel user mode changes are notified unnecessarely when
+ switching to backup router on router crash.
+ o Lots of statistics updating is missing around the server.
-TODO In SILC Libraries
-======================
+ o If client's public key is saved in the server (and doing public key
+ authentication) then the hostname and the username information could
+ be taken from the public key. Should be a configuration option!
- o The SKE Start Payload parsing routines are an overkill. Use the
- SILC_STR_UI16_NSTRING_ALLOC in the parsing and not parsing them
- one by one like done now.
- o Implement PFS (Perfect Forward Secrecy) flag in SKE (and in client and
- server, actually). If PFS is set, re-key must cause new key exchange.
- This is required by the SILC protocol.
-
- o Re-key in general is actually missing (from everywhere) and must be done.
+TODO/bugs In SILC Libraries
+===========================
- o Compression routines are missing. The protocol supports packet
- compression thus it must be implemented. SILC Comp API must be
- defined. zlib package is already included into the lib dir (in CVS,
- not in distribution), but it is not used yet, and it requires some
- tweaking on the Makefiles (we want static lib not shared).
-
- o Rewrite the task system. I made it too complex and too "neat" and
- it really should be rewritten. We don't need priorities really, one
- priority is enough. This will simplify a lot the task system.
-
- o SIM support for SILC PKCS API needs to made so that they could be
- used as SIM's. At the same time some work is required on prime
- generation as the way it is done now sucks. Read from code for
- more (silcpkcs.h).
-
- o Random Number Generator needs some tweaking. Reading /dev/random may
- block resulting slow initialization of RNG. Some other things in the
- RNG may block as well. Also, I have some pending changes to the RNG
- that needs to be commited (from Schneier's Yarrow-160 paper). They
- should make the RNG even better.
-
-
-TODO in the protocol before SILC 0.x
-====================================
-
- o New commands and features in the commands
- (draft-riikonen-silc-spec-xx.txt):
-
- o Define GETKEY command to fetch the public key of a server
- and/or a client in the SILC Network.
- o Define SENDKEY command to send your public key to a client
- in the network. Sending to the server must not be done due
- to various security reasons (the server must not trust the
- public keys blindly without third party verification; that's
- why SENDKEY is not for servers).
- o Define AWAY command to set the indication flag whether the
- client is present or not. Do not save the away message to the
- server though.
- o Define the channel founder property to be permanent locally in
- the server so that channel founder can regain its rights even
- if it disconnects from the server. Thus, define a new command
- or channel user mode that can be used to set the channel founder
- passphrase or public key that can be used in the authentication
- when regaining the founder rights.
-
- o New features in the KE/auth protocol
- (draft-riikonen-silc-ke-auth-xx.txt):
-
- o Merge the KE1 and KE2 payloads into one KE payload that has
- the `signature' field. Provide it only if the perty is
- required to do authentication.
- o Add MUTUAL_AUTH flag to indicate that the party must perform
- authentication (to sign with their private key). Initiator
- may set it to indicate that it can authenticate but responder
- MAY require for the initiator to do authentication by setting
- the flag at the KE Start Payload reply phase. The responder
- performs authentication always as now as well.
- o Define group exchange support for the SKE so that the SKE
- could be performed among more than two entities. This is not
- a showstopper and may be defined later.
+ o WIN32 silc_net_create_connection_async does not work the same way
+ than on Unix. Do it with threads on WIN32. The function works but
+ is not actually async currently.
+
+ o Rewrite the lib/silcsim/silcsim.h. The SilcSimContext should be
+ private and silc_sim_alloc should take necessary arguments.
+
+ o SILC RNG does not implement random seed files, and they should be
+ implemented.
+
+ o The SilcSocketConnection in the SFTP interface is actually redundant
+ and should perhaps be removed. The application can save it in the
+ context it provides, which is delivered by SFTP libary to all
+ callback functions.
+
+
+TODO in Toolkit Documentation
+=============================
+
+Stuff that needs to be done in order to complete the Tooolkit Reference
+Manual.
+
+ o Lots of ROBOdoc header formatting is undone in lib/silcutil, and
+ lib/silccrypt.
+
+ o Write "Programming with Toolkit" document, describing how to build
+ Toolkit, how the build system works, where is everything, how
+ new (external) projects can be glued into Toolkit (use irssi as an
+ example), and how external projects can use Toolkit without gluing into
+ it (how to link etc), debugging, architecture, types, etc.
+
+ o Write "Platform Implementations" document to describe what platforms
+ Toolkit support, what has been implemented, what has not been, what
+ wors differently etc.
+
+
+TODO in SILC Protocol
+=====================
+
+Current protocol version is 1.0. However, it is far from being perfect,
+and needs to include additional features. Following protocol TODO entries
+describe new stuff to be added to protocol versions 1.x.
+
+ 1. Re-define the Status Payload: it is now 16 bits, split it into two
+ 8 bits fields. First field includes status types from 0 - 9 and
+ 10 - n *if* it is not an list of errors. If it is list of errors then
+ the first field includes 1, 2 and/or 3, and the second field includes
+ the error status 10 - n. This way it is possible to send multiple
+ errors (list of errors) and we have a way to tell the receiver that
+ there will be other errors as well. The second field is used only
+ if there is list of errors. If normal status, or normal (single)
+ error status the second field is set to zero, and must be ignored.
+ Hence, the status works same way as now except for list of errors.
+ To be included in protocol version 1.1.
+
+ 2. Define that WHOIS and IDENTIFY commands must send list of errors
+ if multiple Client ID (or Channel ID and Server ID for IDENTIFY) was
+ requested and was not found. Each unfound entry must cause an error
+ command reply to the sender. Also define that errors must be sent
+ *after* sending successfully found entries (this way receiver may
+ ignore them). To be included in protocol version 1.1.
+
+ 3. Define the NICK_CHANGE notify to send the changed nickname as a new
+ third argument. This will make the NICK_CHANGE notify handling easier
+ in the receiver's end (client primarily) since it removes the
+ requirement that receiver must resolve (using IDENTIFY or WHOIS) the
+ new Client ID received in the notify (because of the new nickname is
+ unknown). To be included in protocol version 1.1.
+
+ 4. Add "request parameters" or similar to the WHOIS command, which can
+ be used to request various parameters (something not returned by
+ standard WHOIS command) about clients (info that could be fetched
+ even from clients). Additional specification (or appendix) should
+ be done to define the payload and the parameters. It could be used
+ to make the WHOIS command support various search conditions as well.
+ This would be the way to extend the WHOIS command to support various
+ new features without always making the command incompatible to previous
+ version. To be included in protocol version 1.1.
+
+ 5. Inviting and banning by public key should be made possible. To be
+ included in protocol version 1.x.
+
+ 6. Add perhaps SILENCE_USERS, SILENCE_OPERS channel user modes which
+ can be used to silence (moderate) normal users and opers (this set
+ only by founder). To be included in protocol version 1.1.
+
+ 7. Channel Message Payload needs slight redesining to include the IV
+ field to the MAC generation of the payload. It is authenticated
+ by the packet's MAC but not by the payload's MAC. Since the IV
+ belongs to the payload, its integrity should be protected by the
+ payload MAC and not alone by packet MAC. To be included in protocol
+ version 1.1.
+
+ 8. Remove the administrative commands from the protocol all together.
+ It does not make sense for the protocol to define how a server is
+ reconnected or shutdown, since they are implementation and
+ configuration issues. Besides protocol provides only limited set of
+ administrative commands and cannot define all that one could imagine.
+ To be included in protocol version 1.1.
+
+ 9. Add SILC_MESAGE_FLAG_REPLY for being other side to the
+ SILC_MESSAGE_FLAG_REQUEST. Add generic SILC_MESSAGE_FLAG_DATA, which
+ can include generic payload, which can include generic data. The
+ payload definition is left out for now. To be included in protocol
+ version 1.1.
+
+ 10. Check command reply error status types in various commands,
+ specifically NO_FOPRIV is missing from many commands. To be
+ included in protocol version 1.1.
TODO After 1.0
==============
- o Pthreads support. A lot of problems are solved with server (and with
- client as well) if we add pthread support. We can forget things such
- as non-blocking connecting etc, and we can do things such as DNS/IP
- lookups async. The server itself also benefits great deal from
- threads, especially from performance point of view.
+A rough list of stuff that is going to be done to SILC after 1.0 or at
+least could be done.
- But, this is not a small task and almost entire SILC Library has to
- be made re-entrant. Own API is probably added for the threads support
- to make changes in the future as painless as possible. So the API
- would have things like silc_mutex_lock, silc_mutex_unlock and
- friends...
+ o Implement the defined SilcDH API. The definition is in
+ lib/silccrypt/silcdh.h.
o X.509 certificate support. SILC protocol supports certificates and
it would be great to have support for them. This is a big task as
to start writing one myself. Anyhow, the OpenSSL X.509 lib should
be checked.
- o SSH2 public keys support. Maybe - not really needed but could be
- nice as SSH is widely used all over the place. SILC Protocol
- supports SSH2 public keys.
+ Other package that should be checked is the NSS's X509 library,
+ which I like more over OpenSSL package.
+
+ o SSH2 public keys support, allowing the use of SSH2 public keys in
+ SILC.
+
+ o OpenPGP certificate support, allowing the use of PGP public keys
+ in SILC.
+
+ o Compression routines are missing. The protocol supports packet
+ compression thus it must be implemented. SILC Zip API must be
+ defined.
+
+ o Rewrite the lib/silcutil/silcprotocol.[ch] not to have [un]register
+ functions, but to make it context based all the way. The alloc should
+ take as argument the protocol type and its callback (not only
+ final callback). It is not good that we have now global list of
+ registered protocols.
+
+ o Optimizations in Libraries
+
+ o There is currently three (3) allocations per packet in the
+ silc_packet_receive_process, which is used to process and
+ dispatch all packets in the packet queue to the parser callback
+ function. First allocation is for parse_ctx, second for the
+ SilcPacketContext, and third for packet->buffer where the actual
+ data is saved.
+
+ The parse_ctx allocation can be removed by adding it as a
+ structure to the SilcPacketContext. When the SilcPacketContext
+ is allocated there is space for the parse context already.
+
+ The silc_packet_context_alloc could have a free list of
+ packet contexts. If free packet context is found from the list
+ it is returned instead of allocating a new one. The library
+ could at first allocate them and save them to the free list
+ until enough contexts for smooth processing exists in the list.
+ This would remove a big allocation since the structure is
+ quite big, and even bigger if it would include the parse_ctx.
+
+ The packet->buffer can be optimized too if the SilcBuffer
+ interface would support free lists as well. Maybe such could
+ be done in the same way as for SilcPacketContext. The
+ silc_buffer_alloc would check free list before actually
+ allocating new memory. Since the packets in the SILC protocol
+ usually are about the same size (due to padding) it would be
+ easy to find suitable size buffer from the free list very
+ quickly.
+
+ These naturally cause the overal memory consumption to grow
+ but would take away many allocations that can be done several
+ times in a second.
+
+ o Move the actual file descriptor task callback (the callback that
+ handles the incoming data, outgoing data etc, that is implemnted
+ in server and client separately (silc_server_packet_process and
+ silc_client_packet_proces)) to the low level socket connection
+ handling routines, and create an interface where the application
+ can register a callbacks for incoming data, outoing data and EOF
+ receiving, which the library will call when necessary. This way
+ we can move the data handling in one place.
+
+ o Add silc_id_str2id to accept the destination buffer as argument
+ and thus not require any memory allocation. Same will happen
+ with silc_id_payload_* functions.
+
+ o Remove the `truelen' field from SilcBuffer as it is entirely
+ redundant since we can get the true length of the buffer by
+ doing buffer->end - buffer->header. Add SILC_BUFFER_TRUELEN
+ macro instead. Consider also removing `len' field too since
+ it effectively is buffer->tail - buffer->data, and adding
+ SILC_BUFFER_LEN macro can do the same. These would save
+ totally 8 bytes of memory per buffer.
+
+ Add also perhaps function silc_buffer_alloc_size that would
+ effectively do:
+
+ return silc_buffer_pull_tail(silc_buffer_alloc(size),
+ size);
+
+ to not require the user to give the pull_tail anymore.
+
+ o Optimizations in Server
+
+ o Remove the big switch statement from the function
+ silc_server_packet_parse_type and replace it with predefined
+ table of function pointers where each of the slot in table
+ represents the packet type value.
+
+ Same could be done with notify packets which has big switch
+ statement too. Same kind of table of notify callbacks could be
+ done as well.
+
+ o The parser callback in the server will add a timeout task for
+ all packets. It will require registering and allocating a
+ new task to the SilcSchedule. Maybe, at least, for server
+ and router packets the parser would be called immediately
+ instead of adding it to the scheduler with 0 timeout. It
+ should be analyzed too how slow the task registering process
+ actually is, and find out ways to optimize it.
+
+ o The SERVER_SIGNOFF notify handing is not optimal, because it'll
+ cause sending of multiple SIGNOFF notify's instead of the one
+ SERVER_SIGNOFF notify that the server received. This should be
+ optimized so that the only SERVER_SIGNOFF is sent and not
+ SIGNOFF of notify at all (using SIGNOFF takes the idea about
+ SERVER_SIGNOFF away entirely).
+
+ o Add SilcAsyncOperation to utility library. Any function that takes
+ callback as an argument must return SilcAsyncOperation.
+
+ o Add DSS support.
o Cipher optimizations (asm, that this) at least for i386 would be nice.
+
+ o Add builtin SOCKS and HTTP Proxy support, well the SOCKS at least.
+ SILC currently supports SOCKS4 and SOCKS5 but it needs to be compiled
+ in separately.