never joined the channel if this happens. What to do if message is
received from user that hasn't been resolved/joined?
+ o Add the SilcStream (socket stream) from the SilcPacketStream and
+ SilcSocket from the socket stream to SilcClientConnection for easier
+ access to them for programmers. Currently these have to be digged up
+ from the packet stream.
+
+ o Connection option that attemps to connect to remot host with various
+ different mechanisms: UDP 706, TCP 706, TCP 80, TCP 443, UDP 7706 and
+ TCP 7706. This is the so called hole punching mechanism.
+
o Message ACKing support.
o in /cmode and /cumode with +r, maybe the public key and private key
should provide events so that application developer has a choice of
developing the SILC app with callbacks or with events.
+ o Ability to recover from rekey errors, at least try to.
+
Runtime library, lib/silcutil/
==============================
o silc_getopt routines
+ o Add silc_stream_get_root and add get_root stream operation. It
+ returns the root of the stream or NULL if stream doesn't have root.
+
+ o Change some stream routines (like socket stream API) to accept ANY
+ stream and use silc_stream_get_root to get the socket stream from the
+ given stream. This will make various stream APIs more easier to use
+ when user doesn't have to dig up the correct stream.
+
o The SILC Event signals. Asynchronous events that can be created,
connected to and signalled. Either own event routines or glued into
SilcSchedule:
This relationship would be associative only. The schedulers are still
independent and run independently from each other. All schedulers
would be linked and could be accessed from any of the schedulers.
- It should be possible to retrieve the parent and enumate all children
+ It should be possible to retrieve the parent and enumerate all children
from any of the schedulers.
SilcSchedule silc_schedule_init(int max_tasks, void *app_context,
_ua unaligned memory allocation routines. Remove unaligned memory
allocation possibility. (***DONE)
+ o silc_stack_alloc shouldn't require multiple by 8 size argument, it
+ should figure it out itself.
+
+ o silc_malloc et. al. to respect --with-alignment.
+
o Add '%@' format to silc_snprintf functions. It marks for external
rendering function of following type:
}
silc_snprintf(buf, sizeof(buf), "Client ID %@", id_renderer, client_id);
+ (***DONE)
+
+ o SILC Tls (Thread-local storage) API to lib/silcutil/silcthread.[ch].
+ (***DONE)
+
+ o Change silc_gettimeofday on Unix to use clock_gettime with REALTIME
+ clock if it is available, otherwise use gettimeofday(). (***DONE)
+
+ (o SilcIpAddr abstraction. Ipv4 and Ipv6 support to the abstaction.)
+ maybe
(o Generic SilcStatus or SilcResult that includes all possible status and
error conditions, including those of SILC protocol. Though, the SILC
be accelerated. Also take into account that it could use elliptic
curves.
- o ECDSA and ECDH
+ o Add ECDSA support.
+
+ o Add ECDH support.
+
+ o AES CBC is missing proper alignment code (see silc_1_1_branch).
o All cipher, hash, hmac etc. allocation routines should take their name
- in as const char * not const unsigned char *.
+ in as const char * not const unsigned char *. (***DONE)
SILC Accelerator Library
(***DONE)
o Implement software accelerator. It is a thread pool system where the
- public key and private key operations are executed in threads.
+ public key and private key operations are executed in threads.
(***DONE)
+ o Add init options to SilcAcceleratorObject as a SilcAcceleratorOption
+ structure. Each accelerator defines the options that they support and
+ can be retrieved from the SilcAccelerator with silc_acc_get_options.
+ The format must also be machine parseable. The structure can be of the
+ following format:
+
+ typedef struct SilcAcceleratorOptionStruct {
+ const char *option; /* Option name */
+ const char *display_name; /* Option displayable name */
+ SilcParamType type; /* Option data format */
+ } *SilcAcceleratorOption;
+
+ For software accelerator it could be for example:
+
+ { "min_threads", "Minimum threads", SILC_PARAM_UINT32 },
+ { "max_threads", "Maximum threads", SILC_PARAM_UINT32 },
+
+ The accelerator itself doesn't have to use the option structure to
+ parse the options if not wanted. It is defined for the caller so
+ they can learn the supported options in a well defined way.
+
o Diffie-Hellman acceleration
(o Symmetric key cryptosystem acceleration? They are always sycnhronouos
============
o Import TFM. We want TFM's speed but its memory requirements are
- just too much. By default it uses large pre-allocated tables which
+ just too much. By default it uses large pre-allocated tables which
will eat memory when there are thousands of public keys in system.
We probably want to change TFM's fp_int dynamic so that a specific
size can be allocated for the int. We could have two new functions:
any other MP function (including utility ones) that may allocate
memory.
+ o Prime generation progress using callback instead of printing to
+ stdout.
+
o All utility functions should be made non-allocating ones.
lib/silcpgp
===========
- o OpenPGP certificate support, allowing the use of PGP public keys
- in SILC.
+ o OpenPGP certificate support, allowing the use of PGP public keys.
lib/silcssh
===========
- o SSH2 public key/private key support, allowing the use of SSH2 keys
- in SILC. RFC 4716. (***DONE)
+ o SSH2 public key/private key support, allowing the use of SSH2 keys.
+ RFC 4716. (***DONE)
lib/silcpkix
term UDP sessions.
o The server must be able to run behind NAT device. This means that
- Server ID must be based on public IP instead of private IP.
+ Server ID must be based on public IP instead of private IP (See
+ also NAT detection protocol in SILC protocol specification).
o The following data must be in per-connection context: client id cache,
server id cache, channel id cache, all statistics must be
o Do inccoming packet processing in an own FSM thread in the
server-threads FSM. Same as in client library.
+ o Binding to other ports than 706 too. To allow easier traversing
+ through NATs and firewalls server should also bind to 80, 443 and 7706
+ by default (at least try to bind). Connections must work normally
+ even if they were established to some other port other than 706.
+
+ Connection option that attemps to connect to remot server with various
+ different mechanisms: UDP 706, TCP 706, TCP 80, TCP 443, UDP 7706 and
+ TCP 7706. This is the so called hole punching mechanism.
+
+ o Ability to recover from rekey errors, at least try to.
+
o Reference count all Silc*Entry structures.
Some issues that must be kept in mind from 1.0 and 1.1 silcd's:
+ o The server and router software MUST work out of the box. After
+ installation the server must not require any configuration to run the
+ most basic working configuration. No defining IP addresses, etc.
+ The server must work just by running it.
+
o The SERVER_SIGNOFF notify handing is not optimal, because it'll
cause sending of multiple SIGNOFF notify's instead of the one
SERVER_SIGNOFF notify that the server received. This should be
projects / crypto.git / blobdiff