4 A rough list of stuff that is going to be done to SILC after 1.0 or at
7 o Implement the defined SilcDH API. The definition is in
8 lib/silccrypt/silcdh.h.
10 o X.509 certificate support. SILC protocol supports certificates and
11 it would be great to have support for them. This is a big task as
12 support has to be made for ASN.1 as well. I've looked into OpenSSL
13 package as it has X.509 certificate support (and ASN.1 as well).
14 The code does not look very good to my eye but it has some potentials.
15 This should be looked at more closely.
17 Naturally own SILC Certificate API has to be defined regardles what
18 the actual X.509 library is (OpenSSL X.509 or something else). Other
19 choice is to write own X.509 library but I'm not going to do it -
20 I can help to migrate the OpenSSL X.509 into SILC and I can help if
21 someone would like to write the X.509 library - but I'm not going
22 to start writing one myself. Anyhow, the OpenSSL X.509 lib should
25 Other package that should be checked is the NSS's X509 library,
26 which I like more over OpenSSL package.
28 o SSH2 public keys support, allowing the use of SSH2 public keys in
31 o OpenPGP certificate support, allowing the use of PGP public keys
34 o SILC PKCS (silcpkcs.h) reorganizing when other PK supports added.
35 Move the SILC Public Key routines away from the crypto library into
36 the core library (silccore). silc_pkcs_public/private_key_* routines
37 to silc_public/private_key_* routines. The silc_public_key_* routines
38 should also automatically handle SILC Public Keys, and other keys
39 and certificates as well. Add fe. silcpk.h into silccore. It should
40 also include the Public Key Payload encoding and decoding routines.
42 o Compression routines are missing. The protocol supports packet
43 compression thus it must be implemented. SILC Zip API must be
46 o Optimizations in Libraries
48 o There is currently three (3) allocations per packet in the
49 silc_packet_receive_process, which is used to process and
50 dispatch all packets in the packet queue to the parser callback
51 function. First allocation is for parse_ctx, second for the
52 SilcPacketContext, and third for packet->buffer where the actual
55 The parse_ctx allocation can be removed by adding it as a
56 structure to the SilcPacketContext. When the SilcPacketContext
57 is allocated there is space for the parse context already.
59 The silc_packet_context_alloc could have a free list of
60 packet contexts. If free packet context is found from the list
61 it is returned instead of allocating a new one. The library
62 could at first allocate them and save them to the free list
63 until enough contexts for smooth processing exists in the list.
64 This would remove a big allocation since the structure is
65 quite big, and even bigger if it would include the parse_ctx.
67 The packet->buffer can be optimized too if the SilcBuffer
68 interface would support free lists as well. Maybe such could
69 be done in the same way as for SilcPacketContext. The
70 silc_buffer_alloc would check free list before actually
71 allocating new memory. Since the packets in the SILC protocol
72 usually are about the same size (due to padding) it would be
73 easy to find suitable size buffer from the free list very
76 These naturally cause the overal memory consumption to grow
77 but would take away many allocations that can be done several
78 times in a second (see also ~/silcpacket).
80 o Move the actual file descriptor task callback (the callback that
81 handles the incoming data, outgoing data etc, that is implemnted
82 in server and client separately (silc_server_packet_process and
83 silc_client_packet_proces)) to the low level socket connection
84 handling routines, and create an interface where the application
85 can register a callbacks for incoming data, outoing data and EOF
86 receiving, which the library will call when necessary. This way
87 we can move the data handling in one place.
89 o Add silc_id_str2id to accept the destination buffer as argument
90 and thus not require any memory allocation. Same will happen
91 with silc_id_payload_* functions.
93 o Remove the `truelen' field from SilcBuffer as it is entirely
94 redundant since we can get the true length of the buffer by
95 doing buffer->end - buffer->header. Add SILC_BUFFER_TRUELEN
96 macro instead. Consider also removing `len' field too since
97 it effectively is buffer->tail - buffer->data, and adding
98 SILC_BUFFER_LEN macro can do the same. These would save
99 totally 8 bytes of memory per buffer.
101 o Optimizations in Server
103 o Remove the big switch statement from the function
104 silc_server_packet_parse_type and replace it with predefined
105 table of function pointers where each of the slot in table
106 represents the packet type value.
108 Same could be done with notify packets which has big switch
109 statement too. Same kind of table of notify callbacks could be
112 o The parser callback in the server will add a timeout task for
113 all packets. It will require registering and allocating a
114 new task to the SilcSchedule. Maybe, at least, for server
115 and router packets the parser would be called immediately
116 instead of adding it to the scheduler with 0 timeout. It
117 should be analyzed too how slow the task registering process
118 actually is, and find out ways to optimize it.
120 o The SERVER_SIGNOFF notify handing is not optimal, because it'll
121 cause sending of multiple SIGNOFF notify's instead of the one
122 SERVER_SIGNOFF notify that the server received. This should be
123 optimized so that the only SERVER_SIGNOFF is sent and not
124 SIGNOFF of notify at all (using SIGNOFF takes the idea about
125 SERVER_SIGNOFF away entirely).
127 o Another SERVER_SIGNOFF opt/bugfix: Currently the signoff is
128 sent to a client if it is on same channel as the client that
129 signoffed. However, the entire SERVER_SIGNOFF list is sent to
130 the client, ie. it may receive clients that was not on the
131 same channel. This is actually against the specs. It must be
132 done per channel. It shouldn't receive the whole list just
133 because one client happened to be on same channel.
135 o See also ~/silcserver
137 o Add SilcAsyncOperation to utility library. Any function that takes
138 callback as an argument must/should return SilcAsyncOperation (see
141 o Rewrite SilcProtocol to be SilcFSM (see ~/silcfsm).
143 o Do some scheduler optimizations and interface changes (see
146 o Change the lib/silccore/silcpacket.[ch] interfaces (see ~/silcpacket).
148 o Add abstract SilcStream and SilcSocketStream (see ~/silcstream).
150 o Change some of the SILC Net interfaces (see ~/silcnet).
154 o SILC RNG does not implement random seed files, and they should be
157 o Cipher optimizations (asm, that this) at least for i386 would be nice.
159 o Add builtin SOCKS and HTTP Proxy support, well the SOCKS at least.
160 SILC currently supports SOCKS4 and SOCKS5 but it needs to be compiled
163 o Add a timeout to handling incoming JOIN commands. It should be
164 enforced that JOIN command is executed only once in a second or two
165 seconds. Now it is possible to accept n incoming JOIN commands
166 and process them without any timeouts. THis must be employed because
167 each JOIN command will create and distribute the new channel key
168 to everybody on the channel (Fix this to 0.9.x).
170 o EPOC specific additions/changes required:
172 o lib/silcutil/epoc routines missing or not completed.
174 o The PKCS#1 also calls global RNG (even though it is not used
175 currently in SILC, the interface allows its use).
177 o Something needs to be thought to the logging globals as well,
178 like silc_debug etc. They won't work on EPOC. Perhaps logging
179 and debugging is to be disabled on EPOC.
181 o Check whether we can fully comply with RFC 2779.
183 o The CMODE cipher & hmac change problem (#101).
projects / silc.git / blob