1 TODO for 1.2 And Beyond
2 =======================
4 NOTE: Any item that doesn't have (***DONE) in it, isn't done yet. The
5 (***TESTING NEEDED) means that the item has been done but not yet properly
8 NOTE: A TODO entry does not mean that it is ever going to be done. Some
9 of the entries may be just ideas, good, bad or ugly. If you want to work
10 on some of the TODO entries simply let us know about it by dropping a note
11 to silc-devel mailing list or appear on 'silc' channel on SILCNet.
17 o Create apps/tutorial containing various Toolkit API tutorials.
19 o The Toolkit split. The Toolkit is to be splitted in parts. How many
20 parts and what the parts are isn't decided yet. Each part is a separate
21 software package. Current thinking is of the following:
23 SILC Toolkit SILC protocol, client and server library
24 SILC Runtime Toolkit runtime library
25 SILC Crypto Toolkit crypto, asn1, math, skr, pgp, etc.
27 The rationale for this is of course that other than SILC projects
28 might like to use the various libraries SILC Toolkit provides, but
29 naturally they don't want the bloat of SILC protocol related stuff.
31 The Runtime library in SILC Toolkit is a general purpose runtime library,
32 like Glib and APR are. The runtime library is to be developed further
33 to provide alternative to Glib and APR.
35 The Crypto library in SILC Toolkit is a general purpose crypto library
36 providing pretty nice APIs compared to many other crypto libraries,
37 especially OpenSSL. The Crypto library is to be developed further
38 to include support for OpenPGP, X.509 and SSH2.
44 o SILC_PACKET_FLAG_ACK support. Implement ACK packet and packet payload
47 o All payload encoding routines should take SilcStack as argument.
49 o All payload test routines into lib/silccore/tests/.
52 lib/silcclient, The Client Library
53 ==================================
55 o Giving WHOIS for nick that doesn't exist should remove any same
56 named entries from the client cache.
58 o peer-to-peer private messages
60 o Private message key request notification to application. See XXX in
63 o in JOIN notify handle resolving that timedout. Currently the user is
64 never joined the channel if this happens. What to do if message is
65 received from user that hasn't been resolved/joined?
67 o Message ACKing support.
69 o in /cmode and /cumode with +r, maybe the public key and private key
70 could be just some "string", which would then match to "string.pub" and
73 o If the SILC Events (see below) are implemented, perhaps client library
74 should provide events so that application developer has a choice of
75 developing the SILC app with callbacks or with events.
78 Runtime library, lib/silcutil/
79 ==============================
81 o Fix universal time decoding (doesn't accept all formats) in silctime.c.
83 o Add functions to manipulate environment variables.
85 SilcBool silc_setenv(const char *variable, const char *value);
86 const char *silc_getenv(const char *variable);
87 SilcBool silc_clearenv(const char *variable);
89 o Add functions to loading shared/dynamic object symbols (replaces the
90 SIM library (lib/silcsim) and introduces generic library). Add this
91 to lib/silcutil/silcdll.[ch].
93 SilcDll silc_dll_load(const char *object_path, SilcDllFlags flags);
94 void silc_dll_close(SilcDll dll);
95 void *silc_dll_getsym(SilcDll dll, const char *symbol);
96 const char *silc_dll_error(SilcDll dll);
98 o Add directory opening/traversing functions
100 o silc_getopt routines
102 o silc_hash_table_replace -> silc_hash_table_set. Retain support for
103 silc_hash_table_replace as macro.
105 o The SILC Event signals. Asynchronous events that can be created,
106 connected to and signalled. Either own event routines or glued into
109 SilcTask silc_schedule_task_add_event(SilcSchedule schedule,
110 const char *event, ...);
111 SilcBool silc_schedule_event_connect(SilcSchedule schedule,
113 SilcTaskCallback event_callback,
115 SilcBool silc_schedule_event_signal(SilcSchedule schedule,
116 const char *event, ...);
119 silc_schedule_task_add_event(schedule, "connected",
123 silc_schedule_event_connect(schedule, "connected", connected_cb, ctx);
124 silc_schedule_event_signal(schedule, "connected", integer, buf,
126 SILC_TASK_CALLBACK(connected_cb)
128 FooCtx ctx = context;
133 va_start(args, context);
134 integer = va_arg(args, SilcUInt32);
135 buf = va_arg(args, SilcBuffer);
140 Problems: Events would be SilcSchedule specific, and would not work on
141 multi-thread/multi-scheduler system. The events should be copyable
142 between schedulers. Another problem is the signal delivery. Do we
143 deliver them synchronously possibly from any thread to any other thread
144 or do we deliver them through the target schedulers. If we use the
145 schedulers then signalling would be asynchronous (data must be
146 duplicated and later freed) which is not very nice.
148 o If the event signals are added, the SILC_PARAM_* stuff needs to be
149 moved from silcbuffmt.h to silctypes.h or something similar.
151 o In case the SILC Events are done we shall create a new concept of
152 parent and child SilcSchedule's. When new SilcSchedule is created a
153 parent can be associated to it. This association could be done either
154 directly by the parent or by any other children. This way the signals
155 would in effect be global and would reach all children schedulers.
157 This relationship would be associative only. The schedulers are still
158 independent and run independently from each other. All schedulers
159 would be linked and could be accessed from any of the schedulers.
160 It should be possible to retrieve the parent and enumate all children
161 from any of the schedulers.
163 SilcSchedule silc_schedule_init(int max_tasks, void *app_context,
164 SilcSchedule parent);
165 SilcSchedule silc_schedule_get_parent(SilcSchedule schedule);
167 o Additional scheduler changes: optimize silc_schedule_wakeup. Wakeup
168 only if the scheduler is actually waiting something. If it is
169 delivering tasks wakeup is not needed.
171 o Structured log messages to Log API. Allows machine readable log
172 messages. Would allow sending of any kind of data in a log message.
174 o Base64 to an own API
178 o Add builtin SOCKS and HTTP Proxy support, well the SOCKS at least.
179 SILC currently supports SOCKS4 and SOCKS5 but it needs to be compiled
182 o silc_stringprep to non-allocating version.
184 o SilcStack aware SilcHashTable.
186 o SilcStack aware SilcDList.
188 o Thread pool API. Add this to lib/silcutil/silcthread.[ch].
190 typedef void (*SilcThreadPoolFunc)(SilcSchedule schedule,
193 /* Allocate thread pool with at least `min_threads' and at most
194 `max_threads' many threads. If `stack' is non-NULL all memory
195 is allocated from the `stack'. If `start_min_threads' is TRUE
196 this will start `min_threads' many threads immediately. */
197 SilcThreadPool silc_thread_pool_alloc(SilcStack stack,
198 SilcUInt32 min_threads,
199 SilcUInt32 max_threads,
200 SilcBool start_min_threads);
202 /* Free thread pool. If `wait_unfinished' is TRUE this will block
203 and waits that all remaining active threads finish before freeing
205 void silc_thread_pool_free(SilcThreadPool tp, SilcBool wait_unfinished);
207 /* Run `run' function with `run_context' in one of the threads in the
208 thread pool. Returns FALSE if the thread pool is being freed. If
209 there are no free threads left in the pool this will queue the
210 the `run' and will call it once a thread becomes free.
212 If `completion' is non-NULL it will be called to indicate completion
213 of the `run' function. If `schedule' is non-NULL the `completion'
214 will be called through the scheduler in the main thread. If it is
215 NULL the `completion' is called directly from the thread after the
216 `run' has returned. */
217 SilcBool silc_thread_pool_run(SilcThreadPool tp,
218 SilcSchedule schedule,
219 SilcThreadPoolFunc run,
221 SilcThreadPoolFunc completion,
222 void *completion_context);
224 /* Modify the amount of maximum threads of the pool. */
225 void silc_thread_pool_set_max_threads(SilcThreadPool tp,
226 SilcUInt32 max_threads);
228 /* Returns the amount of maximum size the pool can grow. */
229 SilcUInt32 silc_thread_pool_num_max_threads(SilcThreadPool tp);
231 /* Returns the amount of free threads in the pool currently. */
232 SilcUInt32 silc_thread_pool_num_free_threads(SilcThreadPool tp);
234 /* Stops all free and started threads. The minumum amount of threads
235 specified to silc_thread_pool_alloc always remains. */
236 void silc_thread_pool_purge(SilcThreadPool tp);
238 o Fast mutex implementation. Fast rwlock implementation. Mutex and
239 rwlock implementation using atomic operations.
241 o Compression routines are missing. The protocol supports packet
242 compression thus it must be implemented. SILC Zip API must be
245 (o Generic SilcStatus or SilcResult that includes all possible status and
246 error conditions, including those of SILC protocol. Though, the SILC
247 protocol related status (currently in silcstatus.h) cannot be in
248 runtime library) maybe
250 (o SILC specific socket creation/closing routines to silcnet.h, wrappers
251 to all send(), recv(), sendto() etc. Bad thing is that we'd have to
252 define all socket options, sockaddrs, etc.) maybe
257 lib/silcutil/symbian/
258 =====================
260 o Something needs to be thought to the logging globals as well,
261 like silc_debug etc. They won't work on EPOC. Perhaps logging
262 and debugging is to be disabled on EPOC. The logging currently works
263 by it cannot be controlled, same with debugging.
266 SFTP Library, lib/silcsftp/
267 ===========================
269 o Read prefetch (read-ahead, reading ahead of time). Maybe if this can
273 SKR Library, lib/silcskr/
274 =========================
276 o Add fingerprint as search constraint.
278 o Add OpenPGP support. Adding, removing, fetching PGP keys. (Keyring
281 o Add support for importing public keys from a directory and/or from a
282 file. Add support for exporting the repository (different formats for
283 different key types?).
285 o Change the entire silc_skr_find API. Remove SilcSKRFind and just simply
286 add the find constraints as variable argument list to silc_skr_find, eg:
288 silc_skr_find(skr, schedule, callback, context,
289 SILC_SKR_FIND_PUBLIC_KEY, public_key,
290 SILC_SKR_FIND_COUNTRY, "FI",
291 SILC_SKR_FIND_USAGE, SILC_SKR_USAGE_AUTH,
294 NULL argument would be ignored and skipped.
296 o Add OR logical rule in addition of the current default AND, eg:
298 // Found key(s) MUST have this public key AND this country.
299 silc_skr_find(skr, schedule, callback, context,
300 SILC_SKR_FIND_RULE_AND,
301 SILC_SKR_FIND_PUBLIC_KEY, public_key,
302 SILC_SKR_FIND_COUNTRY, "FI",
305 // Found key(s) MUST have this public key OR this key context
306 silc_skr_find(skr, schedule, callback, context,
307 SILC_SKR_FIND_RULE_OR,
308 SILC_SKR_FIND_PUBLIC_KEY, public_key,
309 SILC_SKR_FIND_CONTEXT, key_context,
312 o SilcStack to SKR API.
315 Crypto Library, lib/silccrypt/
316 ==============================
320 o Add fingerprint to SilcSILCPublicKey and retrieval to silcpk.h, and
321 possibly to silcpkcs.h.
323 /* Return fingerprint of the `public_key'. Returns also the algorithm
324 that has been used to make the fingerprint. */
325 const unsigned char *
326 silc_pkcs_get_fingerprint(SilcPublicKey public_key,
327 const char **hash_algorithm,
328 SilcUInt32 *fingerprint_len);
330 o Change SILC PKCS API to asynchronous, so that accelerators can be used.
331 All PKCS routines should now take callbacks as argument and they should
332 be delivered to SilcPKCSObject and SilcPKCSAlgorithm too.
334 /* Signature computation callback */
335 typedef void (*SilcPKCSSignCb)(SilcBool success,
336 const unsigned char *signature,
337 SilcUInt32 signature_len,
340 /* Signature verification callback */
341 typedef void (*SilcPKCSVerifyCb)(SilcBool success, void *context);
343 /* Encryption callback */
344 typedef void (*SilcPKCSEncryptCb)(SilcBool success,
345 const unsigned char *encrypted,
346 SilcUInt32 encrypted_len,
349 /* Decryption callback */
350 typedef void (*SilcPKCSDecryptCb)(SilcBool success,
351 const unsigned char *decrypted,
352 SilcUInt32 decrypted_len,
355 Either add new _async functions or add the callbacks to existing API
356 and if the callback is NULL then the API is not async and if provided
357 it may be async. For example;
359 SilcBool silc_pkcs_sign(SilcPrivateKey private_key,
360 unsigned char *src, SilcUInt32 src_len,
361 unsigned char *dst, SilcUInt32 dst_size,
363 SilcBool compute_hash, SilcHash hash,
364 SilcPKCSSignCb async_sign,
365 void *async_sign_context);
367 (if this is done then there's no reason why the buffers in the
368 callbacks cannot be the ones user gives here) or allow only async:
370 SilcBool silc_pkcs_sign(SilcPrivateKey private_key,
371 unsigned char *src, SilcUInt32 src_len,
372 SilcBool compute_hash, SilcHash hash,
373 SilcPKCSSignCb async_sign,
374 void *async_sign_context);
378 SilcBool silc_pkcs_sign_async(SilcPrivateKey private_key,
379 unsigned char *src, SilcUInt32 src_len,
380 SilcBool compute_hash, SilcHash hash,
381 SilcPKCSSignCb async_sign,
382 void *async_sign_context);
384 o Change PKCS Algorithm API to take SilcPKCSAlgorithm as argument to
385 encrypt, decrypt, sign and verify functions. We may need to for exmaple
386 check the alg->hash, supported hash functions. Maybe deliver it also
387 to all other functions in SilcPKCSAlgorithm to be consistent.
389 o Add DSS support. Take implementation from Tom or make it yourself.
391 o Implement the defined SilcDH API. The definition is in
392 lib/silccrypt/silcdh.h. Make sure it is asynchronous so that it can
393 be accelerated. Also take into account that it could use elliptic
398 o All cipher, hash, hmac etc. allocation routines should take their name
399 in as const char * not const unsigned char *.
402 SILC Accelerator Library
403 ========================
405 o SILC Accelerator API. Provides generic way to use different kind of
406 accelerators. Basically implements SILC PKCS API so that SilcPublicKey
407 and SilcPrivateKey can be used but they call the accelerators.
409 Something in the lines of (preliminary):
411 /* Register accelerator to system. Initializes the accelerator. */
412 Varargs are optional accelerator specific init parameteres. */
413 SilcBool silc_acc_register(SilcAccelerator acc, ...);
415 silc_acc_register(softacc, "min_threads", 2, "max_threads", 16, NULL);
417 /* Unregister accelerator. Uninitializes the accelerator. */
418 SilcBool silc_acc_unregister(const SilcAccelerator acc);
420 /* Return list of the registered accelerators */
421 SilcDList silc_acc_get_supported(void);
423 /* Find existing accelerator. `name' is accelerator's name. */
424 SilcAccelerator silc_acc_find(const char *name);
426 /* Return accelerator's name */
427 const char *silc_acc_get_name(SilcAccelerator acc);
429 /* Accelerate `public_key'. Return accelerated public key. */
430 SilcPublicKey silc_acc_public_key(SilcAccelerator acc,
431 SilcPublicKey public_key);
433 /* Accelerate `private_key'. Returns accelerated private key. */
434 SilcPrivateKey silc_acc_private_key(SilcAccelerator acc,
435 SilcPrivateKey private_key);
437 /* Return the underlaying public key */
438 SilcPublicKey silc_acc_get_public_key(SilcAccelerator acc,
439 SilcPublicKey public_key);
441 /* Return the underlaying private key */
442 SilcPrivateKey silc_acc_get_private_key(SilcAccelerator acc,
443 SilcPrivateKey private_key);
445 typedef struct SilcAcceleratorObject {
446 const char *name; /* Accelerator's name */
447 SilcBool (*init)(va_list va); /* Initialize accelerator */
448 SilcBool (*uninit)(void); /* Uninitialize accelerator */
449 const SilcPKCSAlgorithm *pkcs; /* Accelerated PKCS algorithms */
450 const SilcDHObject *dh; /* Accelerated Diffie-Hellmans */
451 const SilcCipherObject *cipher; /* Accelerated ciphers */
452 const SilcHashObject *hash; /* Accelerated hashes */
453 const SilcHmacObject *hmac; /* Accelerated HMACs */
454 const SilcRngObject *rng; /* Accelerated RNG's */
455 } *SilcAccelerator, SilcAcceleratorStruct;
457 Allows accelerator to have multiple accelerators (cipher, hash etc)
458 and multiple different algorithms and implementations (SHA-1, SHA-256 etc).
460 SilcPublicKey->SilcSILCPublicKey->RsaPublicKey accelerated as:
461 SilcPublicKey->SilcAcceleratorPublicKey->SilcSoftAccPublicKey->
462 SilcPublicKey->SilcSILCPublicKey->RsaPublicKey
464 silc_acc_public_key creates SilcPublicKey and SilcAcceleratorPublicKey
465 and acc->pkcs->import_public_key creates SilcSoftAccPublicKey.
467 o Implement software accelerator. It is a thread pool system where the
468 public key and private key operations are executed in threads.
470 const struct SilcAcceleratorObject softacc =
472 "softacc", softacc_init, softacc_uninit,
473 softacc_pkcs, NULL, NULL, NULL, NULL
476 /* Called from silc_acc_private_key */
477 int silc_softacc_import_private_key(void *key, SilcUInt32 key_len,
478 void **ret_private_key)
480 SilcSoftAccPrivateKey prv = silc_calloc(1, sizeof(*prv));
481 prv->pkcs = acc->pkcs;
482 prv->private_key = key;
483 *ret_private_key = prv;
486 (o Symmetric key cryptosystem acceleration? They are always sycnhronouos
487 even with hardware acceleration so the crypto API shouldn't require
494 o Import TFM. Talk to Tom to add the missing functions. Use TFM in
495 client and client library, but TMA in server, due to the significantly
496 increased memory consumption with TFM, and the rare need for public
497 key operations in server.
499 We want TFM's speed but not TFM's memory requirements. Talk to Tom
500 about making the TFM mp dynamic just as it is in LTM.
502 o The SILC MP API function must start returning indication of success
503 and failure of the operation.
505 o Do SilcStack support for silc_mp_init, silc_mp_init_size and other
506 any other MP function (including utility ones) that may allocate
509 o All utility functions should be made non-allocating ones.
512 SILC XML Library, lib/silcxml/
513 ==============================
515 o SILC XML API (wrapper to expat). Look at the expat API and simplify
516 it. The SILC XML API should have at most 8-10 API functions. It should
517 be possible to create full XML parser with only one function. And, it
518 should be possible to have a function that is able to parse an entire
519 XML document. It should also have a parser function to be able to
520 parse a stream of XML data (SilcStream). It MUST NOT have operations
521 that require multiple function calls to be able to execute that one
522 operation (like creating parser).
525 lib/silcske/silcske.[ch]
526 ========================
528 o Ratelimit to UDP/IP transport for incoming packets.
534 o Negative integer encoding is missing, add it.
536 o SILC_ASN1_CHOICE should perhaps return an index what choice in the
537 choice list was found. Currently it is left for caller to figure out
538 which choice was found.
540 o SILC_ASN1_NULL in decoding should return SilcBool whether or not
541 the NULL was present. It's important when it's SILC_ASN1_OPTIONAL
542 and we need to know whether it was present or not.
548 o OpenPGP certificate support, allowing the use of PGP public keys
555 o SSH2 public key/private key support, allowing the use of SSH2 keys
562 o PKIX implementation
568 o Deprecate the old server. Write interface for the new lib/silcserver
569 server library. The interface should work on Unix/Linux systems.
571 o Consider deprecating also the old config file format and use XML
572 istead. This should require SILC XML API implementation first.
574 o The configuration must support dynamic router and server connections.
575 The silcd must work without specifying any servers or routers to
578 o The configuration must support specifying whether the server is
579 SILC Server or SILC Router. This should not be deduced from the
580 configuration as it was in < 1.2.
582 o The configuration must support specifying the ciphers and hmacs and
583 their order so that user can specify which algorithms take preference.
589 o Rewrite the entire server. Deprecate apps/silcd as the main server
590 implementation and create lib/silcserver/. It is a platform
591 independent server library. The apps/silcd will merely provide a
592 a simple interface for the library.
594 o Write the SILC Server library extensively using SILC FSM.
596 o Server library must support multiple networks. This means that one
597 server must be able to create multiple connections that each reach
598 different SILC network. This means also that all cache's etc. must
599 be either connection-specific or network-specific.
601 o Library must support dynamic router and server connections. This means
602 that connections are create only when they are needed, like when someone
603 says JOIN foo@foo.bar.com or WHOIS foobar@silcnet.org.
605 o Library must support server-to-server connections even though protocol
606 prohibits that. The responder of the connection should automatically
607 act as a router. The two servers create an own, isolated, SILC network.
608 To be used specifically with dynamic connections.
610 o Library must support multiple threads and must be entirely thread safe.
612 o Library must have support for SERVICE command.
614 o The server must be able to run behind NAT device. This means that
615 Server ID must be based on public IP instead of private IP.
617 o The following data must be in per-connection context: client id cache,
618 server id cache, channel id cache, all statistics must be
621 o The following data must be in per-thread context: command context
622 freelist/pool, pending commands, random number generator.
624 o Do inccoming packet processing in an own FSM thread in the
625 server-threads FSM. Same as in client library.
627 o Reference count all Silc*Entry structures.
629 Some issues that must be kept in mind from 1.0 and 1.1 silcd's:
631 o The SERVER_SIGNOFF notify handing is not optimal, because it'll
632 cause sending of multiple SIGNOFF notify's instead of the one
633 SERVER_SIGNOFF notify that the server received. This should be
634 optimized so that the only SERVER_SIGNOFF is sent and not
635 SIGNOFF of notify at all (using SIGNOFF takes the idea about
636 SERVER_SIGNOFF away entirely).
638 o Another SERVER_SIGNOFF opt/bugfix: Currently the signoff is
639 sent to a client if it is on same channel as the client that
640 signoffed. However, the entire SERVER_SIGNOFF list is sent to
641 the client, ie. it may receive clients that was not on the
642 same channel. This is actually against the specs. It must be
643 done per channel. It shouldn't receive the whole list just
644 because one client happened to be on same channel.
646 o If client's public key is saved in the server (and doing public key
647 authentication) then the hostname and the username information could
648 be taken from the public key. Should be a configuration option!
650 o Add a timeout to handling incoming JOIN commands. It should be
651 enforced that JOIN command is executed only once in a second or two
652 seconds. Now it is possible to accept n incoming JOIN commands
653 and process them without any timeouts. THis must be employed because
654 each JOIN command will create and distribute the new channel key
655 to everybody on the channel.
657 o Related to above. If multiple JOINs are received in sequence perhaps
658 new key should be created only once, if the JOINs are handeled at the same
659 time. Now we create multiple keys and never end up using them because
660 many JOINs are processed at the same time in sequence. Only the last
661 key ends up being used.