updates.

[silc.git] / TODO

TODO/bugs in Irssi SILC client
==============================

 o When autoconnect="yes" is set in silc.conf the irssi complains about
   unknown chat protocol.

 o Rewrite the notify handling in the new Irssi SILC client.

 o /cumode for unknown nick does not give any error message.

 o Add local command to switch the channel's private key when channel has
   several private keys.  Currently sending channel messages with many
   keys is not possible because changing the key is not possible by the
   user.

 o JOINing to +a (requires passphrase to JOIN) does not work on autojoin.
   Seems the passwords in the .silc/config has no effect.

 o Add local commands to list the current server and client public keys
   that the user has.  And a local command to dump the contents of the
   public key to the screen.  Something like LISTKEYS, SHOWKEY...


TODO/bugs In SILC Client Library
================================

 o The PRIVATE_MESSAGE_KEY packet is not handled (it is implemented 
   though).  This should be added and perhaps new client operation
   should be added to notify application that it was received and
   set the key only if application wishes to set (accept the key) it.

 o Additions to do after protocol version 1.1:

        o Fix the NICK_CHANGE notify handling not to create new entry
          for the changed client, but take the nickname from the notify
          (removes need for resolving as well).  Protocol TODO entry 3.

        o Add support for list of errors in command replies.  Protocol
          TODO entry 1.


TODO/bugs In SILC Server
========================

 o Configuration file additions:

        o Allow configuration of protocol execution timeouts.  This 
          includes SKE, CONN_AUTH and REKEY timeouts. Check all
          "XXX hardcoded" from the code for these.

        o IP address fields in configuration file should accept mask
          format as well, IP/MASK, and not just plain IP.  This would
          allow subnet filtering etc.

        o Add channel key rekey default timeout.

        o Add (advanced options in General) to set how often certain ID
          caches are purged (could be used to optimize the server's
          behaviour).

        o Add hashed passwords to config file.

        o Add rehashing support.

 o Assure that server is allowed to connect only once to router.  Meaning
   if server connection is established already, same connection cannot be
   established again.

 o If server send CUMODE_CHANGE notify (like setting founder) to router
   and router does not have founder on channel (founder is left or there's
   no founder on channel at all), the router will accept the server's
   founder mode change, even though it perhaps should not do that.

 o Make the normal server save user counts with LIST command reply.

 o The router should check for validity of received notify packets from
   servers (after all buggy servers may send notify that is actually
   something that should have not been sent).

 o Add a timeout to handling incoming JOIN commands.  It should be 
   enforced that JOIN command is executed only once in a second or two
   seconds.  Now it is possible to accept n incoming JOIN commands
   and process them without any timeouts.  THis must be employed because
   each JOIN command will create and distribute the new channel key
   to everybody on the channel.

 o Backup router related issues

        o Channel user mode changes are notified unnecessarely when
          switching to backup router on router crash.

 o Lots of statistics updating is missing around the server.

 o If client's public key is saved in the server (and doing public key
   authentication) then the hostname and the username information could
   be taken from the public key.  Should be a configuration option!


TODO/bugs In SILC Libraries
===========================

 o WIN32 silc_net_create_connection_async does not work the same way
   than on Unix.  Do it with threads on WIN32.  The function works but
   is not actually async currently.

 o Rewrite the lib/silcsim/silcsim.h.  The SilcSimContext should be
   private and silc_sim_alloc should take necessary arguments.

 o lib/silcsftp/sftp_fs_memory.c use directly open(), close() etc. 
   routines.  Change to use silc_file_* routines.

 o SILC RNG does not implement random seed files, and they should be
   implemented.


TODO in Toolkit Documentation
=============================

Stuff that needs to be done in order to complete the Tooolkit Reference
Manual.

 o Lots of ROBOdoc header formatting is undone in lib/silcske, 
   lib/silcutil, and lib/silccrypt.

 o Write "Programming with Toolkit" document, describing how to build
   Toolkit, how the build system works, where is everything, how
   new (external) projects can be glued into Toolkit (use irssi as an
   example), and how external projects can use Toolkit without gluing into
   it (how to link etc).

 o Write "Programming conventions" document to describe the coding
   and naming conventions used in the Toolkit (should not be 
   actually the CodingStyle document, but something more general).

 o Move the lib/silccrypt/silcrng.h's "how the RNG works" documentation
   to its own html file and link it to the reference manual.


TODO in SILC Protocol
=====================

Current protocol version is 1.0.  However, it is far from being perfect,
and needs to include additional features.  Following protocol TODO entries
describe new stuff to be added to protocol versions 1.x.

 1. Re-define the Status Payload: it is now 16 bits, split it into two
    8 bits fields.  First field includes status types from 0 - 9 and
    10 - n *if* it is not an list of errors.  If it is list of errors then
    the first field includes 1, 2 and/or 3, and the second field includes
    the error status 10 - n.  This way it is possible to send multiple
    errors (list of errors) and we have a way to tell the receiver that
    there will be other errors as well.  The second field is used only
    if there is list of errors.  If normal status, or normal (single)
    error status the second field is set to zero, and must be ignored.
    Hence, the status works same way as now except for list of errors.
    To be included in protocol version 1.1.

 2. Define that WHOIS and IDENTIFY commands must send list of errors
    if multiple Client ID (or Channel ID and Server ID for IDENTIFY) was
    requested and was not found.  Each unfound entry must cause an error
    command reply to the sender.  Also define that errors must be sent
    *after* sending successfully found entries (this way receiver may
    ignore them).  To be included in protocol version 1.1.

 3. Define the NICK_CHANGE notify to send the changed nickname as a new
    third argument.  This will make the NICK_CHANGE notify handling easier
    in the receiver's end (client primarily) since it removes the
    requirement that receiver must resolve (using IDENTIFY or WHOIS) the
    new Client ID received in the notify (because of the new nickname is
    unknown).  To be included in protocol version 1.1.

 4. Add "request parameters" or similar to the WHOIS command, which can
    be used to request various parameters (something not returned by
    standard WHOIS command) about clients (info that could be fetched
    even from clients).  Additional specification (or appendix) should 
    be done to define the payload and the parameters.  It could be used
    to make the WHOIS command support various search conditions as well.
    This would be the way to extend the WHOIS command to support various
    new features without always making the command incompatible to previous
    version.  To be included in protocol version 1.1.

 5. Inviting and banning by public key should be made possible.  To be
    included in protocol version 1.x.

 6. Add perhaps SILENCE_USERS, SILENCE_OPERS channel user modes which
    can be used to silence (moderate) normal users and opers (this set
    only by founder).  To be included in protocol version 1.1.

 7. Channel Message Payload needs slight redesining to include the IV
    field to the MAC generation of the payload.  It is authenticated
    by the packet's MAC but not by the payload's MAC.  Since the IV
    belongs to the payload, its integrity should be protected by the
    payload MAC and not alone by packet MAC.  To be included in protocol 
    version 1.1.

 8. Remove the administrative commands from the protocol all together.
    It does not make sense for the protocol to define how a server is
    reconnected or shutdown, since they are implementation and 
    configuration issues.  Besides protocol provides only limited set of
    administrative commands and cannot define all that one could imagine.
    To be included in protocol version 1.1.

 9. Add SILC_MESAGE_FLAG_REPLY for being other side to the
    SILC_MESSAGE_FLAG_REQUEST.  Add generic SILC_MESSAGE_FLAG_DATA, which
    can include generic payload, which can include generic data.  The
    payload definition is left out for now.  To be included in protocol
    version 1.1.

 10. Check command reply error status types in various commands,
     specifically NO_FOPRIV is missing from many commands.  To be 
     included in protocol version 1.1.


TODO After 1.0
==============

A rough list of stuff that is going to be done to SILC after 1.0 or at
least could be done.

 o Implement the defined SilcDH API.  The definition is in
   lib/silccrypt/silcdh.h.

 o X.509 certificate support.  SILC protocol supports certificates and
   it would be great to have support for them.  This is a big task as
   support has to be made for ASN.1 as well.  I've looked into OpenSSL 
   package as it has X.509 certificate support (and ASN.1 as well).  
   The code does not look very good to my eye but it has some potentials.
   This should be looked at more closely.

   Naturally own SILC Certificate API has to be defined regardles what
   the actual X.509 library is (OpenSSL X.509 or something else).  Other
   choice is to write own X.509 library but I'm not going to do it - 
   I can help to migrate the OpenSSL X.509 into SILC and I can help if 
   someone would like to write the X.509 library - but I'm not going 
   to start writing one myself.  Anyhow, the OpenSSL X.509 lib should
   be checked.

   Other package that should be checked is the NSS's X509 library,
   which I like more over OpenSSL package.

 o SSH2 public keys support, allowing the use of SSH2 public keys in
   SILC.

 o OpenPGP certificate support, allowing the use of PGP public keys
   in SILC.

 o Compression routines are missing.  The protocol supports packet
   compression thus it must be implemented.  SILC Zip API must be
   defined.

 o Rewrite the lib/silcutil/silcprotocol.[ch] not to have [un]register 
   functions, but to make it context based all the way.  The alloc should 
   take as argument the protocol type and its callback (not only 
   final callback).  It is not good that we have now global list of 
   registered protocols.

 o Optimizations in Libraries

        o There is currently three (3) allocations per packet in the
          silc_packet_receive_process, which is used to process and
          dispatch all packets in the packet queue to the parser callback
          function.  First allocation is for parse_ctx, second for the
          SilcPacketContext, and third for packet->buffer where the actual
          data is saved.

          The parse_ctx allocation can be removed by adding it as a
          structure to the SilcPacketContext.  When the SilcPacketContext
          is allocated there is space for the parse context already.

          The silc_packet_context_alloc could have a free list of
          packet contexts.  If free packet context is found from the list
          it is returned instead of allocating a new one.  The library
          could at first allocate them and save them to the free list
          until enough contexts for smooth processing exists in the list.
          This would remove a big allocation since the structure is
          quite big, and even bigger if it would include the parse_ctx.

          The packet->buffer can be optimized too if the SilcBuffer
          interface would support free lists as well.  Maybe such could
          be done in the same way as for SilcPacketContext.  The
          silc_buffer_alloc would check free list before actually 
          allocating new memory.  Since the packets in the SILC protocol
          usually are about the same size (due to padding) it would be
          easy to find suitable size buffer from the free list very
          quickly.

          These naturally cause the overal memory consumption to grow
          but would take away many allocations that can be done several
          times in a second.

        o Move the actual file descriptor task callback (the callback that
          handles the incoming data, outgoing data etc, that is implemnted
          in server and client separately (silc_server_packet_process and
          silc_client_packet_proces)) to the low level socket connection
          handling routines, and create an interface where the application
          can register a callbacks for incoming data, outoing data and EOF
          receiving, which the library will call when necessary.  This way 
          we can move the data handling in one place.

        o Add silc_id_str2id to accept the destination buffer as argument
          and thus not require any memory allocation.  Same will happen
          with silc_id_payload_* functions.

        o Remove the `truelen' field from SilcBuffer as it is entirely
          redundant since we can get the true length of the buffer by
          doing buffer->end - buffer->header.  Add SILC_BUFFER_TRUELEN
          macro instead.  Consider also removing `len' field too since
          it effectively is buffer->tail - buffer->data, and adding
          SILC_BUFFER_LEN macro can do the same.  These would save
          totally 8 bytes of memory per buffer.

          Add also perhaps function silc_buffer_alloc_size that would
          effectively do: 

                return silc_buffer_pull_tail(silc_buffer_alloc(size),
                                             size);

          to not require the user to give the pull_tail anymore.

 o Optimizations in Server

        o Remove the big switch statement from the function 
          silc_server_packet_parse_type and replace it with predefined
          table of function pointers where each of the slot in table
          represents the packet type value.

          Same could be done with notify packets which has big switch 
          statement too.  Same kind of table of notify callbacks could be
          done as well.

        o The parser callback in the server will add a timeout task for
          all packets.  It will require registering and allocating a
          new task to the SilcSchedule.  Maybe, at least, for server
          and router packets the parser would be called immediately
          instead of adding it to the scheduler with 0 timeout.  It
          should be analyzed too how slow the task registering process
          actually is, and find out ways to optimize it.

        o The SERVER_SIGNOFF notify handing is not optimal, because it'll
          cause sending of multiple SIGNOFF notify's instead of the one
          SERVER_SIGNOFF notify that the server received.  This should be
          optimized so that the only SERVER_SIGNOFF is sent and not
          SIGNOFF of notify at all (using SIGNOFF takes the idea about
          SERVER_SIGNOFF away entirely).

 o Add SilcAsyncOperation to utility library.  Any function that takes
   callback as an argument must return SilcAsyncOperation.

 o Add DSS support.

 o Cipher optimizations (asm, that this) at least for i386 would be nice.

 o Add builtin SOCKS and HTTP Proxy support, well the SOCKS at least.
   SILC currently supports SOCKS4 and SOCKS5 but it needs to be compiled
   in separately.