1 TODO for 1.2 And Beyond
2 =======================
4 NOTE: Any item that doesn't have (***DONE) in it, isn't done yet. The
5 (***TESTING NEEDED) means that the item has been done but not yet properly
8 NOTE: A TODO entry does not mean that it is ever going to be done. Some
9 of the entries may be just ideas, good, bad or ugly. If you want to work
10 on some of the TODO entries simply let us know about it by dropping a note
11 to silc-devel mailing list or appear on 'silc' channel on SILCNet.
17 o Create apps/tutorial containing various Toolkit API tutorials.
19 o The Toolkit split. The Toolkit is to be splitted in parts. How many
20 parts and what the parts are isn't decided yet. Each part is a separate
21 software package. Current thinking is of the following:
23 SILC Toolkit SILC protocol, client and server library
24 SILC Runtime Toolkit runtime library
25 SILC Crypto Toolkit crypto, asn1, math, skr, pgp, etc.
27 The rationale for this is of course that other than SILC projects
28 might like to use the various libraries SILC Toolkit provides, but
29 naturally they don't want the bloat of SILC protocol related stuff.
31 The Runtime library in SILC Toolkit is a general purpose runtime library,
32 like Glib and APR are. The runtime library is to be developed further
33 to provide alternative to Glib and APR.
35 The Crypto library in SILC Toolkit is a general purpose crypto library
36 providing pretty nice APIs compared to many other crypto libraries,
37 especially OpenSSL. The Crypto library is to be developed further
38 to include support for OpenPGP, X.509 and SSH2.
44 o SILC_PACKET_FLAG_ACK support. Implement ACK packet and packet payload
47 o All payload encoding routines should take SilcStack as argument.
49 o Remove SilcCommandCb from silccommand.h.
51 o All payload test routines into lib/silccore/tests/.
54 lib/silcclient, The Client Library
55 ==================================
57 o UDP SILC connection support to SILC server
59 o Giving WHOIS for nick that doesn't exist should remove any same
60 named entries from the client cache.
62 o peer-to-peer private messages
64 o Private message key request notification to application. See XXX in
67 o in JOIN notify handle resolving that timedout. Currently the user is
68 never joined the channel if this happens. What to do if message is
69 received from user that hasn't been resolved/joined?
71 o Add the SilcStream (socket stream) from the SilcPacketStream and
72 SilcSocket from the socket stream to SilcClientConnection for easier
73 access to them for programmers. Currently these have to be digged up
74 from the packet stream.
76 o Connection option that attemps to connect to remot host with various
77 different mechanisms: UDP 706, TCP 706, TCP 80, TCP 443, UDP 7706 and
78 TCP 7706. This is the so called hole punching mechanism.
80 o Message ACKing support.
82 o in /cmode and /cumode with +r, maybe the public key and private key
83 could be just some "string", which would then match to "string.pub" and
86 o If the SILC Events (see below) are implemented, perhaps client library
87 should provide events so that application developer has a choice of
88 developing the SILC app with callbacks or with events.
90 o Ability to recover from rekey errors, at least try to.
93 Runtime library, lib/silcutil/
94 ==============================
96 o silc_malloc et. al. to respect --with-alignment.
98 o Fix universal time decoding (doesn't accept all formats) in silctime.c.
100 o Add directory opening/traversing functions
102 o regex from /lib/contrib to lib/silcutil, define SILC Regex API. (***DONE)
104 o Additional scheduler changes: optimize silc_schedule_wakeup. Wakeup
105 only if the scheduler is actually waiting something. If it is
106 delivering tasks wakeup is not needed.
108 o silc_stringprep to non-allocating version.
110 o Add builtin SOCKS and HTTP Proxy support, well the SOCKS at least.
111 SILC currently supports SOCKS4 and SOCKS5 but it needs to be compiled
114 o Add functions to manipulate environment variables. (***DONE)
116 o Add functions to loading shared/dynamic object symbols (replaces the
117 SIM library (lib/silcsim) and introduces generic library). Add this
118 to lib/silcutil/silcdll.[ch]. (***TESTING NEEDED WIN32, TODO Symbian)
120 o silc_getopt routines (***DONE)
122 o The SILC Event signals. Asynchronous events that can be created,
123 connected to and signalled. Either own event routines or glued into
124 SilcSchedule. (***DONE)
126 o If the event signals are added, the SILC_PARAM_* stuff needs to be
127 moved from silcbuffmt.h to silctypes.h or something similar. (***DONE)
129 o In case the SILC Events are done we shall create a new concept of
130 parent and child SilcSchedule's. When new SilcSchedule is created a
131 parent can be associated to it. This association could be done either
132 directly by the parent or by any other children. This way the signals
133 would in effect be global and would reach all children schedulers.
135 This relationship would be associative only. The schedulers are still
136 independent and run independently from each other. All schedulers
137 would be linked and could be accessed from any of the schedulers.
138 It should be possible to retrieve the parent and enumerate all children
139 from any of the schedulers.
142 o Base64 to an own API (***DONE)
144 o Timer API (***DONE)
146 o silc_hash_table_replace -> silc_hash_table_set. Retain support for
147 silc_hash_table_replace as macro. (***DONE)
149 o SilcStack aware SilcHashTable. (***DONE)
151 o SilcStack aware SilcDList. (***DONE)
153 o Thread pool API. Add this to lib/silcutil/silcthread.[ch]. (***DONE)
155 o Add new functions to SilcStack API in lib/silcutil/silcstack.[ch]. Add
156 silc_stack_[set|get]_alignment. It defines the default alignment used
157 when allocating memory from stack. It can be used to specify special
158 alignments too when needed (such as for hardware devices like crypto
159 accelerators). Move also the low level silc_stack_malloc and
160 silc_stack_realloc from silcstack_i.h to silcstack.h. Remove the
161 _ua unaligned memory allocation routines. Remove unaligned memory
162 allocation possibility. (***DONE)
164 o silc_stack_alloc shouldn't require multiple by 8 size argument, it
165 should figure it out itself. (***DONE)
167 o Add '%@' format to silc_snprintf functions.
170 o SILC Tls (Thread-local storage) API to lib/silcutil/silcthread.[ch].
173 o Change silc_gettimeofday on Unix to use clock_gettime with REALTIME
174 clock if it is available, otherwise use gettimeofday(). (***DONE)
176 o Generic SilcResult that includes all possible status and
177 error conditions and generic errno API. (***DONE)
179 (o Structured log messages to Log API. Allows machine readable log
180 messages. Would allow sending of any kind of data in a log message.) maybe
182 (o Change some stream routines (like socket stream API) to accept ANY
183 stream and use silc_stream_get_root to get the socket stream from the
184 given stream. This will make various stream APIs more easier to use
185 when user doesn't have to dig up the correct stream.
187 Add silc_stream_get_root and add get_root stream operation. It
188 returns the root of the stream or NULL if stream doesn't have root.) maybe
190 (o Compression routines are missing. The protocol supports packet
191 compression thus it must be implemented. SILC Zip API must be
194 (o SilcIpAddr abstraction. Ipv4 and Ipv6 support to the abstaction.)
197 (o SILC specific socket creation/closing routines to silcnet.h, wrappers
198 to all send(), recv(), sendto() etc. Bad thing is that we'd have to
199 define all socket options, sockaddrs, etc.) maybe
201 (o Fast mutex implementation. Fast rwlock implementation. Mutex and
202 rwlock implementation using atomic operations.) not for now.
207 lib/silcutil/symbian/
208 =====================
210 o Something needs to be thought to the logging globals as well,
211 like silc_debug etc. They won't work on EPOC. Perhaps logging
212 and debugging is to be disabled on EPOC. The logging currently works
213 by it cannot be controlled, same with debugging.
216 SFTP Library, lib/silcsftp/
217 ===========================
219 o Read prefetch (read-ahead, reading ahead of time). Maybe if this can
223 SKR Library, lib/silcskr/
224 =========================
226 o Add fingerprint as search constraint.
228 o Add OpenPGP support. Adding, removing, fetching PGP keys. (Keyring
231 o Add support for importing public keys from a directory and/or from a
232 file. Add support for exporting the repository (different formats for
233 different key types?).
235 o Change the entire silc_skr_find API. Remove SilcSKRFind and just simply
236 add the find constraints as variable argument list to silc_skr_find, eg:
238 silc_skr_find(skr, schedule, callback, context,
239 SILC_SKR_FIND_PUBLIC_KEY, public_key,
240 SILC_SKR_FIND_COUNTRY, "FI",
241 SILC_SKR_FIND_USAGE, SILC_SKR_USAGE_AUTH,
244 NULL argument would be ignored and skipped.
246 o Add OR logical rule in addition of the current default AND, eg:
248 // Found key(s) MUST have this public key AND this country.
249 silc_skr_find(skr, schedule, callback, context,
250 SILC_SKR_FIND_RULE_AND,
251 SILC_SKR_FIND_PUBLIC_KEY, public_key,
252 SILC_SKR_FIND_COUNTRY, "FI",
255 // Found key(s) MUST have this public key OR this key context
256 silc_skr_find(skr, schedule, callback, context,
257 SILC_SKR_FIND_RULE_OR,
258 SILC_SKR_FIND_PUBLIC_KEY, public_key,
259 SILC_SKR_FIND_CONTEXT, key_context,
262 o SilcStack to SKR API.
265 Crypto Library, lib/silccrypt/
266 ==============================
268 o Add silc_crypto_init and silc_crypto_uninit. The _init should take
269 SilcStack that will act as global memory pool for all of crypto
270 library. It should not be necessary anymore to separately register
271 default ciphers, HMACs, etc, the _init would do that. However, if
272 user after _init calls silc_pkcs_register, for example, it would take
273 preference over the default once, ie. user can always dictate the
274 order of algorithms. (***DONE)
276 o Add fingerprint to SilcSILCPublicKey and retrieval to silcpk.h, and
277 possibly to silcpkcs.h.
279 /* Return fingerprint of the `public_key'. Returns also the algorithm
280 that has been used to make the fingerprint. */
281 const unsigned char *
282 silc_pkcs_get_fingerprint(SilcPublicKey public_key,
283 const char **hash_algorithm,
284 SilcUInt32 *fingerprint_len);
286 o Change SILC PKCS API to asynchronous, so that accelerators can be used.
287 All PKCS routines should now take callbacks as argument and they should
288 be delivered to SilcPKCSObject and SilcPKCSAlgorithm too. (***DONE)
290 o The asynchronous functions to perhaps to _async to preserve backwards
291 compatibility with synchronous versions, and make easier to migrate
294 o Change PKCS Algorithm API to take SilcPKCSAlgorithm as argument to
295 encrypt, decrypt, sign and verify functions. We may need to for exmaple
296 check the alg->hash, supported hash functions. Maybe deliver it also
297 to all other functions in SilcPKCSAlgorithm to be consistent. (***DONE)
299 o Add DSA support to SILC public key.
301 o Add DSS support. (***DONE)
303 o Implement the defined SilcDH API. The definition is in
304 lib/silccrypt/silcdh.h. Make sure it is asynchronous so that it can
305 be accelerated. Also take into account that it could use elliptic
312 o AES CBC is missing proper alignment code (see silc_1_1_branch).
314 o All cipher, hash, hmac etc. allocation routines should take their name
315 in as const char * not const unsigned char *. (***DONE)
318 SILC Accelerator Library
319 ========================
321 o SILC Accelerator API. Provides generic way to use different kind of
322 accelerators. Basically implements SILC PKCS API so that SilcPublicKey
323 and SilcPrivateKey can be used but they call the accelerators.
326 o Implement software accelerator. It is a thread pool system where the
327 public key and private key operations are executed in threads.
330 o Add init options to SilcAcceleratorObject as a SilcAcceleratorOption
331 structure. Each accelerator defines the options that they support and
332 can be retrieved from the SilcAccelerator with silc_acc_get_options.
333 The format must also be machine parseable. The structure can be of the
336 typedef struct SilcAcceleratorOptionStruct {
337 const char *option; /* Option name */
338 const char *display_name; /* Option displayable name */
339 SilcParamType type; /* Option data format */
340 void *default_value; /* Option's default value */
341 SilcUInt32 default_value_len; /* Default value length */
342 } *SilcAcceleratorOption;
344 For software accelerator it could be for example:
346 { "min_threads", "Minimum threads", SILC_PARAM_UINT32, (void *)2, 4 },
347 { "max_threads", "Maximum threads", SILC_PARAM_UINT32, (void *)4, 4 },
349 o Diffie-Hellman acceleration
351 (o Symmetric key cryptosystem acceleration? They are always sycnhronouos
352 even with hardware acceleration so the crypto API shouldn't require
359 o Import TFM. We want TFM's speed but its memory requirements are
360 just too much. By default it uses large pre-allocated tables which
361 will eat memory when there are thousands of public keys in system.
362 We probably want to change TFM's fp_int dynamic so that a specific
363 size can be allocated for the int. We could have two new functions:
365 SilcBool silc_mp_init_size(SilcMPInt *mp, SilcUInt32 bit_size);
366 SilcBool silc_mp_sinit_size(SilcStack stack, SilcMPInt *mp,
367 SilcUInt32 bit_size);
369 Which by default allocates `bit_size' bits instead of some default
370 value. silc_mp_init would allocate the default FP_SIZE with TFM
371 and do normal init with TMA and GMP. _init_size with TMA and GMP
372 would be same as _init.
374 o Add AND, OR and XOR support to TFM or ask Tom to do it.
376 o The SILC MP API function must start returning indication of success
377 and failure of the operation.
379 o Do SilcStack support for silc_mp_init, silc_mp_init_size and other
380 any other MP function (including utility ones) that may allocate
383 o Prime generation progress using callback instead of printing to
386 o All utility functions should be made non-allocating ones.
389 SILC XML Library, lib/silcxml/
390 ==============================
392 o SILC XML API (wrapper to expat). Look at the expat API and simplify
393 it. The SILC XML API should have at most 8-10 API functions. It should
394 be possible to create full XML parser with only one function. And, it
395 should be possible to have a function that is able to parse an entire
396 XML document. It should also have a parser function to be able to
397 parse a stream of XML data (SilcStream). It MUST NOT have operations
398 that require multiple function calls to be able to execute that one
399 operation (like creating parser).
402 lib/silcske/silcske.[ch]
403 ========================
405 o Ratelimit to UDP/IP transport for incoming packets.
411 o Negative integer encoding is missing, add it.
413 o SILC_ASN1_CHOICE should perhaps return an index what choice in the
414 choice list was found. Currently it is left for caller to figure out
415 which choice was found. (***DONE)
417 o SILC_ASN1_NULL in decoding should return SilcBool whether or not
418 the NULL was present. It's important when it's SILC_ASN1_OPTIONAL
419 and we need to know whether it was present or not. (***DONE)
425 o OpenPGP certificate support, allowing the use of PGP public keys.
431 o SSH2 public key/private key support, allowing the use of SSH2 keys.
438 o PKIX implementation
444 o Deprecate the old server. Write interface for the new lib/silcserver
445 server library. The interface should work on Unix/Linux systems.
447 o Consider deprecating also the old config file format and use XML
448 istead. This should require SILC XML API implementation first.
450 o The configuration must support dynamic router and server connections.
451 The silcd must work without specifying any servers or routers to
454 o The configuration must support specifying whether the server is
455 SILC Server or SILC Router. This should not be deduced from the
456 configuration as it was in < 1.2.
458 o The configuration must support specifying the ciphers and hmacs and
459 their order so that user can specify which algorithms take preference.
465 o Rewrite the entire server. Deprecate apps/silcd as the main server
466 implementation and create lib/silcserver/. It is a platform
467 independent server library. The apps/silcd will merely provide a
468 a simple interface for the library.
470 o Write the SILC Server library extensively using SILC FSM.
472 o Server library must support multiple networks. This means that one
473 server must be able to create multiple connections that each reach
474 different SILC network. This means also that all cache's etc. must
475 be either connection-specific or network-specific.
477 o Library must support dynamic router and server connections. This means
478 that connections are create only when they are needed, like when someone
479 says JOIN foo@foo.bar.com or WHOIS foobar@silcnet.org.
481 o Library must support server-to-server connections even though protocol
482 prohibits that. The responder of the connection should automatically
483 act as a router. The two servers create an own, isolated, SILC network.
484 To be used specifically with dynamic connections.
486 o Library must support multiple threads and must be entirely thread safe.
488 o Library must have support for SERVICE command.
490 o Both UDP and TCP support for incoming connecetions. Maintaining long
493 o The server must be able to run behind NAT device. This means that
494 Server ID must be based on public IP instead of private IP (See
495 also NAT detection protocol in SILC protocol specification).
497 o The following data must be in per-connection context: client id cache,
498 server id cache, channel id cache, all statistics must be
501 o The following data must be in per-thread context: command context
502 freelist/pool, pending commands, random number generator.
504 o Do inccoming packet processing in an own FSM thread in the
505 server-threads FSM. Same as in client library.
507 o Binding to other ports than 706 too. To allow easier traversing
508 through NATs and firewalls server should also bind to 80, 443 and 7706
509 by default (at least try to bind). Connections must work normally
510 even if they were established to some other port other than 706.
512 Connection option that attemps to connect to remot server with various
513 different mechanisms: UDP 706, TCP 706, TCP 80, TCP 443, UDP 7706 and
514 TCP 7706. This is the so called hole punching mechanism.
516 o Ability to recover from rekey errors, at least try to.
518 o Reference count all Silc*Entry structures.
520 Some issues that must be kept in mind from 1.0 and 1.1 silcd's:
522 o The server and router software MUST work out of the box. After
523 installation the server must not require any configuration to run the
524 most basic working configuration. No defining IP addresses, etc.
525 The server must work just by running it.
527 o The SERVER_SIGNOFF notify handing is not optimal, because it'll
528 cause sending of multiple SIGNOFF notify's instead of the one
529 SERVER_SIGNOFF notify that the server received. This should be
530 optimized so that the only SERVER_SIGNOFF is sent and not
531 SIGNOFF of notify at all (using SIGNOFF takes the idea about
532 SERVER_SIGNOFF away entirely).
534 o Another SERVER_SIGNOFF opt/bugfix: Currently the signoff is
535 sent to a client if it is on same channel as the client that
536 signoffed. However, the entire SERVER_SIGNOFF list is sent to
537 the client, ie. it may receive clients that was not on the
538 same channel. This is actually against the specs. It must be
539 done per channel. It shouldn't receive the whole list just
540 because one client happened to be on same channel.
542 o If client's public key is saved in the server (and doing public key
543 authentication) then the hostname and the username information could
544 be taken from the public key. Should be a configuration option!
546 o Add a timeout to handling incoming JOIN commands. It should be
547 enforced that JOIN command is executed only once in a second or two
548 seconds. Now it is possible to accept n incoming JOIN commands
549 and process them without any timeouts. THis must be employed because
550 each JOIN command will create and distribute the new channel key
551 to everybody on the channel.
553 o Related to above. If multiple JOINs are received in sequence perhaps
554 new key should be created only once, if the JOINs are handeled at the same
555 time. Now we create multiple keys and never end up using them because
556 many JOINs are processed at the same time in sequence. Only the last
557 key ends up being used.