align=center>
<tr>
<td>
+<font face="Arial,Helvetica,Sans-serif">
<p>
<font size=4>
<h1>TODO</h1>
<p>
<pre>
+
TODO
====
Currently there cannot be private keys for channels. Normal channel
keys (generated by server) are used. This is required by the protocol.
- o Public and private key generation is now done everytime the program
- is run. Now, this is only for testing period as I've been lazy to
- do it any better for now. This must be fixed.
-
o I guess, public key authentication (when connecting to a server)
is not working currently. It is just matter of loading the keys
from file and using them (see corresponding code in server, it should
be implemented (See corresponding code from server). Error handling
in the KE protocol is also in pretty bad shape in client.
- o Configuration file loading from global and from local dirs. This
- is currently missing and I guess the global is only used. Old SILC
- version (in 1997) had ~./silc directory that I guess should be done
- now as well. The code for handling those exists but not in current
- source tree.
-
o Configuration file format - could be better.
o Write help files for commands. Nice format for the help files should
own resolver stuff (through scheduler, if possible without writing
too much own stuff) or use threads.
- o Lenght of the packet processing timeouts needs to be checked whether
+ o Length of the packet processing timeouts needs to be checked whether
they are too short or too long. I haven't really tested whether they
are suitable. They should be tested on high load which I haven't done
at all yet.
o INVITE command must set the channel's invite list if channel is
invite-only channel.
- o Public and private key generation is now done everytime the program
- is run. Now, this is only for testing period as I've been lazy to
- do it any better for now. This must be fixed.
-
o Server says that it is able to listen on multiple ports but currently
that is bogus. It can, but internals are for single server.
- o Command lagging must implemented. Those commands (all currently) that
- has the LAG flag set they must not be allowed to be executed more than
- once, say, in 2 seconds.
-
o Command flag usage in general is not implemented yet.
o Client history must be implemented. Protocol says that server must
o Protocol execution timeouts are hard coded, should be configurable.
- o Channel message sending routines uses a lot of common code. Should
- create a common function for those instead of writing the same code
- again everytime, as done now.
-
o serverutil.c I guess should be created for util-like functions that
now resides in server.c, which is getting too big.
TODO In SILC Libraries
======================
- o Public key verification in SKE (SILC Key Exchange) protocol is missing,
- thus currently we trust on all public keys. This probably doesn't cause
- bad problems but the mechanism of verifying it from local database
- (from files) needs to be done (it can open man-in-the-middle-attacks).
-
o Implement PFS (Perfect Forward Secrecy) flag in SKE (and in client and
server, actually). If PFS is set, re-key must cause new key exchange.
This is required by the SILC protocol.
I've done now is bad and should be removed as soon as possible (or
the protocol should then state the method of how they should be done).
- o SILC public key file type is bad. I'd like to see PEM encoded files.
- I have public domain code for base64 encoding but it needs to be
- rewritten.
-
o Slow ciphers should be removed. I think we don't need more than
the AES finalists plus blowfish and RC5.
(silclog.[ch] in core). The actual output of logs should be done
by callback function in the application not in lib.
- o I don't like the ID cache system currenly implemented. Ugly and
- not so good. Must be rewritten very soon.
-
o All allocations and freeing needs to be checked for memory leaks.
o silc_buffer_[un]format() needs to be made more stable as it may