updates.

diff --git a/TODO b/TODO
index 9a715bf0d8bd6f25fd75ce17d35527c147e5c1a9..ec487d196b9b277c046f1a4dcb168227d236c582 100644 (file)
--- a/TODO
+++ b/TODO
@@ -1,493 +1,323 @@
-TODO for 1.2 And Beyond
-=======================
+TODO for 1.1
+============

 
 NOTE: Any item that doesn't have (***DONE) in it, isn't done yet.  The
 (***TESTING NEEDED) means that the item has been done but not yet properly
 tested.
 
 
 NOTE: Any item that doesn't have (***DONE) in it, isn't done yet.  The
 (***TESTING NEEDED) means that the item has been done but not yet properly
 tested.
 

-NOTE: A TODO entry does not mean that it is ever going to be done.  Some 
-of the entries may be just ideas, good, bad or ugly.  If you want to work 
-on some of the TODO entries simply let us know about it by dropping a note 
-to silc-devel mailing list or appear on 'silc' channel on SILCNet.

 
 

+apps/silcd, The SILC Server    ****PARTLY DONE****
+===========================

 
 

-General
-=======
+ o Port all code to use SILC Toolkit 1.1 APIs.

 
 

- o Create apps/tutorial containing various Toolkit API tutorials.
+ o Fix/test GETKEY.

 
 

- o The Toolkit split.  The Toolkit is to be splitted in parts.  How many
-   parts and what the parts are isn't decided yet.  Each part is a separate
-   software package.  Current thinking is of the following:
+ o Fix/test MOTD.

 
 

-   SILC Toolkit                        SILC protocol, client and server library
-   SILC Runtime Toolkit                runtime library
-   SILC Crypto Toolkit         crypto, asn1, math, skr, pgp, etc.
+ o Remove protocol.[ch].  (***DONE)

 
 

-   The rationale for this is of course that other than SILC projects
-   might like to use the various libraries SILC Toolkit provides, but
-   naturally they don't want the bloat of SILC protocol related stuff.
+ o Rewrite connecting accepting. (***TESTING NEEDED)

 
 

-   The Runtime library in SILC Toolkit is a general purpose runtime library,
-   like Glib and APR are.  The runtime library is to be developed further
-   to provide alternative to Glib and APR.
+ o Rewrite async connecting. (***TESTING NEEDED)

 
 

-   The Crypto library in SILC Toolkit is a general purpose crypto library
-   providing pretty nice APIs compared to many other crypto libraries,
-   especially OpenSSL.  The Crypto library is to be developed further
-   to include support for OpenPGP, X.509 and SSH2.
+ o Connecting from SILC router to SILC server.

 
 

+ o Rewrite rehash, HUP.

 
 

-lib/silccore
-============
+ o Heartbeat-keepalive.

 
 

- o SILC_PACKET_FLAG_ACK support.  Implement ACK packet and packet payload
-   to silcpacket.c.
+ o Test backup router resuming protocol.

 
 

- o All payload encoding routines should take SilcStack as argument.
+ o Check all packet receive routines that they call silc_packet_free.

 
 

- o All payload test routines into lib/silccore/tests/.
+ o Add Web statistics module using lib/silchttp.  Give out server
+   statistics. (***DONE)

 
 
 
 

-lib/silcclient, The Client Library
-==================================
+SILC Client    ****PARTLY DONE****
+===========

 
 

- o peer-to-peer private messages
+ o Porting to new Toolkit API and new Client Library API (***DONE)

 
 

- o Private message key request notification to application.  See XXX in
-   client_prvmsg.c.
+ o Improve help files, especially /cmode, /cumode and /key. (***DONE)

 
 

- o in JOIN notify handle resolving that timedout.  Currently the user is
-   never joined the channel if this happens.  What to do if message is
-   received from user that hasn't been resolved/joined?

 
 

- o Message ACKing support.
+lib/silcclient, The Client Library     ***PARTLY DONE****
+==================================

 
 

- o in /cmode and /cumode with +r, maybe the public key and private key
-   could be just some "string", which would then match to "string.pub" and
-   "string.prv".
+ o silcclient.h clean up and API rewrites. (***DONE)

 
 

+ o silcclient_entry.h finishing, all entry relates APIs to this header.
+   (***DONE)

 
 

-Runtime library, lib/silcutil/
-==============================
+ o SilcChannelEntry, SilcServerEntry, SilcChannelUser, allocating,
+   freeing, finding, etc. rewrite.  Also making them reference counted for
+   multi threads use. (***DONE)

 
 

- o Fix universal time decoding (doesn't accept all formats) in silctime.c.
+ o Rewrite silc_client_get_clients_by_channel.

 
 

- o Add functions to manipulate environment variables.
+ o Rewrite client side WHOIS command (for whois -details). (***DONE)

 
 

-   SilcBool silc_setenv(const char *variable, const char *value);
-   const char *silc_getenv(const char *variable);
-   SilcBool silc_clearenv(const char *variable);
+ o Finish all the missing SILC packet processings, rewrites. (***DONE)

 
 

- o Add functions to loading shared/dynamic object symbols (replaces the
-   SIM library (lib/silcsim) and introduces generic library).
+ o The client_notify.c rewrite. (***DONE)

 
 

-   SilcDll silc_dll_load(const char *object_path, SilcDllFlags flags);
-   void silc_dll_close(SilcDll dll);
-   void *silc_dll_getsym(SilcDll dll, const char *symbol);
-   const char *silc_dll_error(SilcDll dll);
+ o Resuming to client_register.c (remove client_resume.c) (***DONE)

 
 

- o Add directory opening/traversing functions
+ o Rekey rewrite. (***DONE)

 
 

- o silc_getopt routines
+ o Remove protocol.[ch]. (***DONE)

 
 

- o silc_hash_table_replace -> silc_hash_table_set.  Retain support for
-   silc_hash_table_replace as macro.
+ o File transfer rewrite. (***DONE)

 
 

- o The SILC Event signals.  Asynchronous events that can be created,
-   connected to and signalled.  Either own event routines or glued into
-   SilcSchedule:
+ o File transfer API documentation. (***DONE)

 
 

-   SilcTask silc_schedule_task_add_event(SilcSchedule schedule,
-                                        const char *event, ...);
-   SilcBool silc_schedule_event_connect(SilcSchedule schedule,
-                                       const char *event,
-                                       SilcTaskCallback event_callback,
-                                       void *context);
-   SilcBool silc_schedule_event_signal(SilcSchedule schedule,
-                                      const char *event, ...);
+ o Connection auth request. (***DONE)

 
 

-   Example:
-     silc_schedule_task_add_event(schedule, "connected",
-                                  SILC_PARAM_UI32_INT,
-                                  SILC_PARAM_BUFFER,
-                                  SILC_PARAM_END);
-     silc_schedule_event_connect(schedule, "connected", connected_cb, ctx);
-     silc_schedule_event_signal(schedule, "connected", integer, buf,
-                                 SILC_PARAM_END);
-     SILC_TASK_CALLBACK(connected_cb)
-     {
-       FooCtx ctx = context;
-       va_list args;
-       SilcUInt32 integer;
-       SilcBuffer buf;
- 
-       va_start(args, context);
-       integer = va_arg(args, SilcUInt32);
-       buf = va_arg(args, SilcBuffer);
-       va_end(args);
-       ...
-     }
+ o Password auth test, public key auth test. (***DONE)

 
 

-   Problems: Events would be SilcSchedule specific, and would not work on 
-   multi-thread/multi-scheduler system.  The events should be copyable 
-   between schedulers.
+ o Starting key exchange directly, rewrite. (***DONE)

 
 

- o Structured log messages to Log API.  Allows machine readable log
-   messages.  Would allow sending of any kind of data in a log message.
+ o Channel messages, channel private keys, channel entires, channel
+   search, etc. rewrite. (***TESTING NEEDED)

 
 

- o Base64 to an own API
+ o For many APIs leave the hash context allocations to the caller instead
+   of using client->sha1hash and client->md5hash, or some kind of thread
+   safe (no locking) concept. (***DONE)

 
 

- o Timer API
+ o Key agreement rewrite. (***TESTING NEEDED)

 
 

- o Add builtin SOCKS and HTTP Proxy support, well the SOCKS at least.
-   SILC currently supports SOCKS4 and SOCKS5 but it needs to be compiled
-   in separately.
+ o Connecting to remote client (***DONE)

 
 

- o silc_stringprep to non-allocating version.
+ o Private message waiting API (in threads) (***TESING NEEDED)

 
 

- o SilcStack aware SilcHashTable.
+ o client_attrs.c, attributes rewrite. (***TESTING NEEDED)

 
 

- o SilcStack aware SilcDList.
+ o No SilcBuffer lists back to application in command_reply operations.
+   Convert them all to real lists and/or structures for easier use.
+   (***DONE)

 
 

- o Compression routines are missing.  The protocol supports packet
-   compression thus it must be implemented.  SILC Zip API must be
-   defined.
+ o Nickname formatting rewrite. (***TESTING NEEDED)

 
 

- (o Generic SilcStatus or SilcResult that includes all possible status and 
-    error conditions, including those of SILC protocol.  Though, the SILC
-    protocol related status (currently in silcstatus.h) cannot be in 
-    runtime library) maybe
+ o UDP connections. (***TESTING NEEDED)

 
 

- (o Thread pool) maybe

 
 

- (o SILC specific socket creation/closing routines to silcnet.h, wrappers
-  to all send(), recv(), sendto() etc.  Bad thing is that we'd have to
-  define all socket options, sockaddrs, etc.) maybe
+lib/silcsftp                   ****DONE****
+============

 
 

- (o mmap) maybe
+ o Porting to use the new util library. (***DONE)

 
 
 
 

-lib/silcutil/symbian/
-=====================
+lib/silccore/silcpacket.[ch]   ****PARTLY DONE****
+============================

 
 

- o Something needs to be thought to the logging globals as well,
-   like silc_debug etc.  They won't work on EPOC.  Perhaps logging
-   and debugging is to be disabled on EPOC.  The logging currently works
-   by it cannot be controlled, same with debugging.
+ o SilcPacketEngine. (***DONE)

 
 

+ o New SILC Packet API. (***DONE)

 
 

-SFTP Library, lib/silcsftp/
-===========================
+ o Implement silc_packet_engine_stop and silc_packet_stream_destroy. (***DONE)

 
 

- o Read prefetch (read-ahead, reading ahead of time).  Maybe if this can
-   be done easily.
+ o IV Included flag support, UDP transport support (***TESTING NEEDED)

 
 
 
 

-SKR Library, lib/silcskr/
-=========================
-
- o Add fingerprint as search constraint.
-
- o Add OpenPGP support.  Adding, removing, fetching PGP keys.  (Keyring
-   support?)
-
- o Add support for importing public keys from a directory and/or from a
-   file.  Add support for exporting the repository (different formats for
-   different key types?).
-
- o Change the entire silc_skr_find API.  Remove SilcSKRFind and just simply
-   add the find constraints as variable argument list to silc_skr_find, eg:
-
-  silc_skr_find(skr, schedule, callback, context,
-               SILC_SKR_FIND_PUBLIC_KEY, public_key,
-               SILC_SKR_FIND_COUNTRY, "FI",
-               SILC_SKR_FIND_USAGE, SILC_SKR_USAGE_AUTH,
-               SILC_SKR_FIND_END);
-
-   NULL argument would be ignored and skipped.
+lib/silccore/silcid.[ch]       ****DONE****
+========================

 
 

- o Add OR logical rule in addition of the current default AND, eg:
+ o Add silc_id_str2id to accept the destination buffer as argument
+   and thus not require any memory allocation.  Same will happen
+   with silc_id_payload_* functions. (***DONE)

 
 

-  // Found key(s) MUST have this public key AND this country.
-  silc_skr_find(skr, schedule, callback, context,
-               SILC_SKR_FIND_RULE_AND,
-               SILC_SKR_FIND_PUBLIC_KEY, public_key,
-               SILC_SKR_FIND_COUNTRY, "FI",
-               SILC_SKR_FIND_END);
+ o silc_id_str2id, silc_id2str to non-allocating routines. (***DONE)

 
 

-  // Found key(s) MUST have this public key OR this key context
-  silc_skr_find(skr, schedule, callback, context,
-               SILC_SKR_FIND_RULE_OR,
-               SILC_SKR_FIND_PUBLIC_KEY, public_key,
-               SILC_SKR_FIND_CONTEXT, key_context,
-               SILC_SKR_FIND_END);

 
 

+lib/silcskr    ****DONE****
+===========

 
 

-Crypto Library, lib/silccrypt/
-==============================
+ o Removing key from the repository is not possible currently.  It should
+   be. (***DONE)

 
 

- o Add fingerprint to SilcSILCPublicKey and retrieval to silcpk.h, and
-   possibly to silcpkcs.h.

 
 

-   /* Return fingerprint of the `public_key'.  Returns also the algorithm
-      that has been used to make the fingerprint. */
-   const unsigned char *
-   silc_pkcs_get_fingerprint(SilcPublicKey public_key,
-                            const char **hash_algorithm,
-                            SilcUInt32 *fingerprint_len);
+lib/silcske/silcske.[ch]       ***PARTLY DONE****
+========================

 
 

- o Change SILC PKCS API to asynchronous, so that accelerators can be used.
-   All PKCS routines should now take callbacks as argument and they should
-   be delivered to SilcPKCSObject and SilcPKCSAlgorithm too.
+ o Responder rekey (***TESTING NEEDED)

 
 

-   /* Signature computation callback */
-   typedef void (*SilcPKCSSignCb)(SilcBool success,
-                                 const unsigned char *signature,
-                                 SilcUInt32 signature_len,
-                                 void *context);
+ o IV Included flag support in SKE (***DONE)

 
 

-   /* Signature verification callback */
-   typedef void (*SilcPKCSVerifyCb)(SilcBool success, void *context);
+ o UDP transport changes; retransmission support by using exponential
+   backoff algorithm. (***DONE)

 
 

-   /* Encryption callback */
-   typedef void (*SilcPKCSEncryptCb)(SilcBool success,
-                                    const unsigned char *encrypted,
-                                    SilcUInt32 encrypted_len,
-                                    void *context);
+ o SilcConnAuth header file documentation. (***DONE)

 
 

-   /* Decryption callback */
-   typedef void (*SilcPKCSDecryptCb)(SilcBool success,
-                                    const unsigned char *decrypted,
-                                    SilcUInt32 decrypted_len,
-                                    void *context);

 
 

-   Either add new _async functions or add the callbacks to existing API
-   and if the callback is NULL then the API is not async and if provided
-   it may be async.  For example;
+lib/silccrypt                  ****PARTLY DONE****
+=============

 
 

-   SilcBool silc_pkcs_sign(SilcPrivateKey private_key,
-                          unsigned char *src, SilcUInt32 src_len,
-                          unsigned char *dst, SilcUInt32 dst_size,
-                          SilcUInt32 *dst_len,
-                          SilcBool compute_hash, SilcHash hash,
-                          SilcPKCSSignCb async_sign,
-                          void *async_sign_context);
+ o Implement PKCS #1 sign/verify with hash OID. (***TESTING NEEDED)

 
 

-   (if this is done then there's no reason why the buffers in the 
-    callbacks cannot be the ones user gives here) or allow only async:
+ o Implement SILC Public Key Version 2 handling in sign/verify.  Implement
+   Version (V) identifier (***DONE)

 
 

-   SilcBool silc_pkcs_sign(SilcPrivateKey private_key,
-                          unsigned char *src, SilcUInt32 src_len,
-                          SilcBool compute_hash, SilcHash hash,
-                          SilcPKCSSignCb async_sign,
-                          void *async_sign_context);
+ o SILC PKCS (silcpkcs.h) reorganizing when other PK supports added.
+   Move the SILC Public Key routines away from the crypto library into
+   the core library (silccore).  silc_pkcs_public/private_key_* routines
+   to silc_public/private_key_* routines.  The silc_public_key_* routines
+   should also automatically handle SILC Public Keys, and other keys
+   and certificates as well.  Add fe. silcpk.h into silccore.  It should
+   also include the Public Key Payload encoding and decoding routines.
+   (***DONE)

 
 

-   or add new:
+ o Assembler AES (***DONE)

 
 

-   SilcBool silc_pkcs_sign_async(SilcPrivateKey private_key,
-                                unsigned char *src, SilcUInt32 src_len,
-                                SilcBool compute_hash, SilcHash hash,
-                                SilcPKCSSignCb async_sign,
-                                void *async_sign_context);

 
 

- o Change PKCS Algorithm API to take SilcPKCSAlgorithm as argument to
-   encrypt, decrypt, sign and verify functions.  We may need to for exmaple
-   check the alg->hash, supported hash functions.  Maybe deliver it also
-   to all other functions in SilcPKCSAlgorithm to be consistent.
+lib/silcutil                   ****PARTLY DONE****
+============

 
 

- o Add DSS support.  Take implementation from Tom or make it yourself.
+ o The regex code from lib/contrib might compile fine on all platforms.
+   No need to make it silcutil/unix/ specific.  Add them to generic
+   silcutil.c. (***TESTNG NEEDED)

 
 

- o Implement the defined SilcDH API.  The definition is in
-   lib/silccrypt/silcdh.h.
-
- o All cipher, hash, hmac etc. allocation routines should take their name
-   in as const char * not const unsigned char *.
+ o Silc FD Stream to WIN32 (lib/silcutil/silcfdstream.h) (***TESTING NEEDED)

 
 

- o ECDSA and ECDH
+ o bool -> SilcBool (***DONE)

 
 
 
 

-SILC Accelerator Library
-========================
-
- o SILC Accelerator API.  Provides generic way to use different kind of
-   accelerators.  Basically implements SILC PKCS API so that SilcPublicKey
-   and SilcPrivateKey can be used but they call the accelerators.
+lib/silcutil/silcbuffer.h      ****DONE****
+=========================

 
 

-   Something in the lines of (preliminary):
+ o Remove the `truelen' field from SilcBuffer as it is entirely
+   redundant since we can get the true length of the buffer by
+   doing buffer->end - buffer->header.  Add silc_buffer_truelen
+   macro instead.  Consider also removing `len' field too since
+   it effectively is buffer->tail - buffer->data, and adding
+   silc_buffer_len macro can do the same.  These would save
+   totally 8 bytes of memory per buffer. (***DONE)

 
 

-   /* Register accelerator to system */
-   SilcBool silc_acc_register(const SilcAccelerator acc);

 
 

-   /* Unregister accelerator */
-   SilcBool silc_acc_unregister(const SilcAccelerator acc);
+lib/silcutil/silcbuffmt.[ch]   ****DONE****
+============================

 
 

-   /* Find existing accelerator.  `name' is accelerators name and
-      `params' is optional accelerator specific parameters. */
-   SilcAccelerator silc_acc_find(const char *name, const char *params);
+ o SilcStack aware silc_buffer_unformat (***DONE)

 
 

-   /* Return accelerator's displayable name */
-   const char *silc_ac_get_display_name(SilcAccelerator acc);
+ o SilcStack aware silc_buffer_format (***DONE)

 
 

-   /* Accelerate `public_key'.  Return accelerated public key. */
-   SilcPublicKey silc_acc_public_key(SilcAccelerator acc,
-                                    SilcPublicKey public_key);
+ o silc_buffer_format reallocates automatically (***DONE)

 
 

-   /* Accelerate `private_key'.  Returns accelerated private key. */
-   SilcPrivateKey silc_acc_private_key(SilcAccelerator acc,
-                                      SilcPrivateKey private_key);
+ o SILC_STR_OFFSET (***DONE)

 
 

-   /* Return the underlaying public key */
-   SilcPublicKey silc_acc_get_public_key(SilcAccelerator acc,
-                                        SilcPublicKey public_key);

 
 

-   /* Return the underlaying private key */
-   SilcPrivateKey silc_acc_get_private_key(SilcAccelerator acc,
-                                          SilcPrivateKey private_key);
+lib/silcutil/silcstack.[ch]    ****DONE****
+===========================

 
 

-   typedef struct SilcAcceleratorObject {
-     const char *name;                         /* Accelerator's name */
-     const char *display_name;                 /* Displayable name */
-     SilcAcceleratorType type;                 /* Accelerator type */
-     union {
-       struct {
-        SilcPKCSObject *pkcs;                  /* PKCS, may be NULL */
-        SilcPKCSAlgorithm *algorithm;          /* Accelerator */
-       } pkcs;
+ o Data stack implementation (***DONE)

 
 

-       struct {

 
 

-       } cipher;
-     } u;
-   } *SilcAccelerator, SilcAcceleratorStruct;
+lib/silcutil/silcstream.[ch]   ****DONE****
+============================

 
 

-   SilcPublicKey->SilcSILCPublicKey->RsaPublicKey accelerated as:
-   SilcPublicKey->SilcSILCPublicKey->SilcAcceleratorSoftware->RsaPublicKey or
-   SilcPublicKey->SilcSILCPublicKey->SilcAcceleratorPublicKey->
-     SilcAcceleratorSoftware->RsaPublicKey 
+ o Add abstract SilcStream. (***DONE)

 
 

-   The former one if u.pkcs.pkcs == NULL.

 
 

- o Implement software accelerator.  It is a thread pool system where the
-   public key and private key operations are executed in threads.
+lib/silcutil/silcsocketstream.[ch]     ****PARTY DONE****
+==================================

 
 

-   This implements SilcPKCSAlgorithm (and SilcPKCSObject if needed) that 
-   implements the thread acclerated system.
+ o Add SilcSocketStream (***DONE)

 
 

- (o Symmetric key cryptosystem acceleration?  They are always sycnhronouos
-   even with hardware acceleration so the crypto API shouldn't require
-   changes.) maybe
+ o Add SilcSocketStream for WIN32 (***TESTING NEEDED)

 
 

+ o Test QoS after the changes made to socket stream

 
 

-lib/silcmath
-============

 
 

- o Import TFM.  Talk to Tom to add the missing functions.  Use TFM in
-   client and client library, but TMA in server, due to the significantly
-   increased memory consumption with TFM, and the rare need for public
-   key operations in server.
+lib/silcutil/silcschedule*.[ch]                ****PARTLY DONE****
+===============================

 
 

-   We want TFM's speed but not TFM's memory requirements.  Talk to Tom
-   about making the TFM mp dynamic just as it is in LTM.
+ o Scheduler can be optimized for FD tasks by changing the fd_queue
+   to SilcHashTable instead of using linked list.  We need to do
+   one-to-one mapping of FD to task and hash table is more efficient
+   for this usage.

 
 

- o The SILC MP API function must start returning indication of success
-   and failure of the operation.
+   Also redefine the silc_select to perhaps return a separate
+   structure of the events that actually occurred, instead of
+   returning the events in the fd_list which is then traversed
+   in the generic code to find the changed events.  This can be
+   made faster by having own struct which includes only the
+   changed events, thus the tarversing is faster since the whole
+   fd_list is not traversed anymore (it is still traversed in the
+   silc_select but at least it removes one extra tarversing later
+   for the same list).

 
 

- o Do SilcStack support for silc_mp_init, silc_mp_init_size and other
-   any other MP function (including utility ones) that may allocate
-   memory.
+   Other task queues should be changed to use SilcList.  (***DONE)

 
 

- o All utility functions should be made non-allocating ones.
+ o Add SILC scheduler's internal routines into a table of implementation
+   function pointers, that the generic code then takes as extern from
+   implementation.  These are the silc_schedule_internal_* routines.
+   (***DONE)

 
 

+ o Change SILC_TASK_CALLBACK to non-static, and remove the macro
+   SILC_TASK_CALLBACK_GLOBAL. (***DONE)

 
 

-SILC XML Library, lib/silcxml/
-==============================
+ o SILC Schedule API changes to WIN32. (***TESTING NEEDED)

 
 

- o SILC XML API (wrapper to expat).  The SILC XML API should follow and 
-   resemble Simple API for XML (SAX).

 
 

+lib/silcutil/silcasync.[ch]    ****DONE****
+===========================

 
 

-lib/silcske/silcske.[ch]
-========================
+ o Add SilcAsyncOperation to utility library.  Any function that takes
+   callback as an argument must/should return SilcAsyncOperation.
+   (***DONE)

 
 

- o Ratelimit to UDP/IP transport for incoming packets.

 
 

+lib/silcutil/silctime.[ch]     ****DONE****
+===========================

 
 

-lib/silcasn1
-============
+ o SilcTime. (***DONE)

 
 

- o Negative integer encoding is missing, add it.
+ o system time, universal, generalized. (***DONE)

 
 

- o SILC_ASN1_CHOICE should perhaps return an index what choice in the
-   choice list was found.  Currently it is left for caller to figure out
-   which choice was found.

 
 

- o SILC_ASN1_NULL in decoding should return SilcBool whether or not
-   the NULL was present.  It's important when it's SILC_ASN1_OPTIONAL
-   and we need to know whether it was present or not.
+lib/silcutil/silcfsm.[ch]      ****DONE****
+=========================

 
 

+ o SILC Finite State Machine API.  Replaces SILC Protocol API (***DONE)

 
 

-lib/silcpgp
-===========

 
 

- o OpenPGP certificate support, allowing the use of PGP public keys
-   in SILC.
+lib/silcutil/silcnet*, lib/silcutil/*/silc*net*                ****PARTLY DONE****
+===============================================

 
 

+ o Add UDP interface (***DONE)

 
 

-lib/silcssh
-===========
+ o Add UDP interface for WIN32 (***TESTING NEEDED)

 
 

- o SSH2 public key/private key support, allowing the use of SSH2 keys
-   in SILC.  RFC 4716.
+ o New network interfaces (***DONE)

 
 
 
 

-lib/silcpkix
+lib/silcmath                   ****PARTLY DONE****

 ============
 
 ============
 

- o PKIX implementation
+ o Test on x86_64.

 
 

+ o Change LTM and TFM function names when importing to SILC tree to avoid
+   rare linking problems on system that has same named symbols already in
+   the system. (***DONE)

 
 

-lib/silcserver
-==============

 
 

- o (Re)write commands/command replys.
-
- o (Re)write notify handling.
-
- o The SERVER_SIGNOFF notify handing is not optimal, because it'll
-   cause sending of multiple SIGNOFF notify's instead of the one
-   SERVER_SIGNOFF notify that the server received.  This should be
-   optimized so that the only SERVER_SIGNOFF is sent and not
-   SIGNOFF of notify at all (using SIGNOFF takes the idea about
-   SERVER_SIGNOFF away entirely).
+lib/silcutil/symbian/          ****PARTLY DONE****
+=====================

 
 

- o Another SERVER_SIGNOFF opt/bugfix:  Currently the signoff is
-   sent to a client if it is on same channel as the client that
-   signoffed.  However, the entire SERVER_SIGNOFF list is sent to
-   the client, ie. it may receive clients that was not on the
-   same channel.  This is actually against the specs.  It must be
-   done per channel.  It shouldn't receive the whole list just
-   because one client happened to be on same channel.
+  o lib/silcutil/symbian routines missing or not completed.
+    (****TESTING NEEDED)

 
 

- o Add reference counters to all Silc*Entry structures
+  o Something needs to be thought to the logging globals as well,
+    like silc_debug etc.  They won't work on EPOC.  Perhaps logging
+    and debugging is to be disabled on EPOC.

 
 

- o SERVICEs support (plugin, SIM)

 
 

- o If client's public key is saved in the server (and doing public key
-   authentication) then the hostname and the username information could
-   be taken from the public key.  Should be a configuration option!
+lib/silcasn1                   ****DONE****
+============

 
 

- o Add a timeout to handling incoming JOIN commands.  It should be
-   enforced that JOIN command is executed only once in a second or two
-   seconds.  Now it is possible to accept n incoming JOIN commands
-   and process them without any timeouts.  THis must be employed because
-   each JOIN command will create and distribute the new channel key
-   to everybody on the channel.
+ o ASN.1 library (***DONE)

 
 

- o Related to above.  If multiple JOINs are received in sequence perhaps
-   new key should be created only once, if the JOINs are handeled at the same
-   time.  Now we create multiple keys and never end up using them because
-   many JOINs are processed at the same time in sequence.  Only the last
-   key ends up being used.
+ o Header documentation missing. (***DONE)

 
 

- o The CMODE cipher & hmac change problem (#101).
+ o Some string encodings missing (copy/paste matter). (***DONE)

diff --git a/apps/irssi/docs/help/in/cmode.in b/apps/irssi/docs/help/in/cmode.in
index 7d8f07636176b505b0a7bb4f5706b2c54997650e..37aae68cb47f828c905c51b5855c9424323ceb7b 100644 (file)
--- a/apps/irssi/docs/help/in/cmode.in
+++ b/apps/irssi/docs/help/in/cmode.in
@@ -10,30 +10,51 @@ that mode.  Other modes both channel operator and founder may manage.
 
 The following modes are available:
 
 
 The following modes are available:
 

-    p               Set/unset channel as private channel
+    p               Set/unset channel as private channel.  Private
+                    channels are shown with LIST command with an
+                    indication the channel is private.  Private
+                    channel is not shown on user's joined channel
+                    list (with for example WHOIS command).
+

     s               Set/unset channel as secret channel.  Secret
     s               Set/unset channel as secret channel.  Secret

-                    channel are not shown in user's channel list
-                    or with /LIST command.
-    k               Enable/disable channel private key usage (*)
-    i               Set/unset channel as invite only channel
+                    channels are entirely invisible.  They are not
+                    shown with LIST command and they do not appear
+                    in user's joined channel list.
+
+    k               Enable/disable private channel key usage.   (*)
+                    When enabled KEY command may be used to set
+                    private channel key(s) on the channel.
+
+    i               Set/unset channel as invite only channel.  If
+                    you are the founder of the channel you will
+                    still be able to join the channel by giving
+                    command /JOIN channel -founder.
+

     t               Set/unset that only channel operator or
                     founder may set channel topic
     t               Set/unset that only channel operator or
                     founder may set channel topic

+

     m               Set/unset user silencing.  Normal users
     m               Set/unset user silencing.  Normal users

-                    are not able to talk on channel. (*)
+                    are not able to talk on channel.            (*)
+

     M               Set/unset operator silencing.  Operators
     M               Set/unset operator silencing.  Operators

-                    are not able to talk on channel. (*)
-    l <limit>       Set/unset channel's user limit
+                    are not able to talk on channel.            (*)
+
+    l <limit>       Set/unset channel's user count limit
+

     a <passphrase>  Set/unset passphrase for channel that must
     a <passphrase>  Set/unset passphrase for channel that must

-                    be provided when joining to the channel. (*)
-    c <cipher>      Set/unset channel's cipher (*)
-    h <hmac>        Set/unset channel's hmac (*)
+                    be provided when joining to the channel.    (*)
+
+    c <cipher>      Set/unset channel's cipher                  (*)
+
+    h <hmac>        Set/unset channel's HMAC                    (*)
+

     f [<pubkeyfile> <privkeyfile> [<privkey passphrase>]]
     f [<pubkeyfile> <privkeyfile> [<privkey passphrase>]]

-                    Set/unset channel founder authentication. (*)
+                    Set/unset channel founder authentication.   (*)

                     Channel founder may set this mode so that
                     Channel founder may set this mode so that

-                    if the client leaves the channel it can
+                    when the client leaves the channel it can

                     claim the founder rights when it returns
                     to the channel, and to set the channel to
                     claim the founder rights when it returns
                     to the channel, and to set the channel to

-                    be permanent channel.  You can claim the
+                    be permanent channel.  You can reclaim the

                     founder rights using CUMODE or JOIN commands.
 
                     If the <pubkeyfile> and <privkeyfile> is
                     founder rights using CUMODE or JOIN commands.
 
                     If the <pubkeyfile> and <privkeyfile> is


@@ -43,7 +64,8 @@ The following modes are available:
                     server.  If these are omitted then the default
                     SILC keypair is used.  Normally you do not need
                     to provide these arguments.
                     server.  If these are omitted then the default
                     SILC keypair is used.  Normally you do not need
                     to provide these arguments.

-    C [{[+|-]<pubkeyfile> }]                                (*)
+
+    C [{[+|-]<pubkeyfile> }]                                    (*)

                     Set/unset channel public key mode, and add/remove
                     channel publics key from the channel public key
                     list.  When this mode is set only those users
                     Set/unset channel public key mode, and add/remove
                     channel publics key from the channel public key
                     list.  When this mode is set only those users


@@ -71,10 +93,69 @@ Multiple modes can be set/unset at once if the modes does not
 require any arguments.  If mode requires an argument then only
 one mode can be set at once.
 
 require any arguments.  If mode requires an argument then only
 one mode can be set at once.
 

-When the +k (channel private key mode) mode is set the channel's
+When the +k (private channel key mode) mode is set the channel's

 default cipher and HMAC are not used.  The private key (see /HELP KEY
 default cipher and HMAC are not used.  The private key (see /HELP KEY

-for help how to set the private key) defines the cipher and HMAC for
-the channel while +k mode is set.  Also the +c and +h modes are ignored
-when channel private key is set.
+for help how to set the private channel key) defines the cipher and HMAC
+for the channel while +k mode is set.  Also the +c and +h modes are
+ignored when private channel key mode is set.
+
+Examples:
+
+  Set the channel a permanent (persistent).  The channel won't be
+  deleted when last user leaves the channel.  When you as the founder
+  leave the channel you will be able to reclaim the founder rights later.
+
+    /CMODE * +f
+
+  Reclaim founder rights (and operator privileges) for you channel:
+
+    /CUMODE * +of mynick
+
+  You can do the same during joining:
+
+    /JOIN yourchannel -founder
+
+  Change channel founder keypair on your channel.  You can do this if
+  you want to transfer founder rights to some other user or if you
+  created new keypair.  The operation requires that you have a copy of
+  the old keypair:
+
+    /CUMODE * +f mynick /path/to/old/pubkey /path/to/old/privkey
+    /CMODE * +f /path/to/new/pubkey /path/to/new/privkey
+
+  or simply /CMODE * +f if you are already using the new keypair.
+
+  Here's how to transfer founder rights to different user using
+  temporary keypair:
+
+    Create temporary keypair:
+
+      # silc -C
+
+    Become founder on your channel:
+
+      /CUMODE * +f mynick
+
+    Set the temporary keypair on the channel and then send the key
+    pair to your friend with for example encrypted Email:
+
+      /CMODE * +f /path/to/temp/pubkey /path/to/temp/privkey
+
+    Tell your friend to give the following command to become founder:
+
+      /CUMODE * +f yourfriend /path/to/temp/pubkey /path/to/temp/privkey
+
+    Your friend then sets his own keypair on the channel:
+
+      /CMODE * +f
+
+    After this the temporary keypair can be removed and your friend has
+    become the founder of the channel.  This way the founder rights can
+    be transferred without ever revealing your own keypair.  When your
+    friend becomes the founder your founder rights will be removed by
+    the server automatically.  It is also possible to continue using the
+    temporary keypair, thus sharing founder rights with two or more users.
+    Note that it is possible for only one user at a time to have founder
+    mode on the channel even if they share the keypair.

 
 See also: CUMODE, UMODE, JOIN, KEY
 
 See also: CUMODE, UMODE, JOIN, KEY

diff --git a/apps/irssi/docs/help/in/cumode.in b/apps/irssi/docs/help/in/cumode.in
index e664da9c54495c8c55ccecfbc478a3519d6aff5e..74df0f3f44548c255e5185efbbb19e01fe22c786 100644 (file)
--- a/apps/irssi/docs/help/in/cumode.in
+++ b/apps/irssi/docs/help/in/cumode.in
@@ -19,7 +19,7 @@ are available:
 
         Set/Unset channel founder.  If you are channel
         founder you can set the channel founder authentication
 
         Set/Unset channel founder.  If you are channel
         founder you can set the channel founder authentication

-        using CMODEc command.
+        using the CMODE command.

 
         If the <pubkeyfile> and <privkeyfile> is
         provided then the <pubkeyfile> will the used
 
         If the <pubkeyfile> and <privkeyfile> is
         provided then the <pubkeyfile> will the used


@@ -27,11 +27,12 @@ are available:
         is used to compute a signature for the SILC
         server.  If these are omitted then the default
         SILC keypair is used.  Normally you do not need
         is used to compute a signature for the SILC
         server.  If these are omitted then the default
         SILC keypair is used.  Normally you do not need

-        to provide these arguments.
+        to provide these arguments unless you want to use
+        different keypair for channel founder authentication.

 
     o <nickname>[@<server>]
 
 
     o <nickname>[@<server>]
 

-        Set/unset channel operator.  Requires that 
+        Set/unset channel operator.  Requires that

         you are channel operator or channel founder.
 
     b <nickname>[@<server>]
         you are channel operator or channel founder.
 
     b <nickname>[@<server>]


@@ -67,5 +68,20 @@ are available:
         unset this mode itself.  This mode cannot be set
         or unset to yourself.
 
         unset this mode itself.  This mode cannot be set
         or unset to yourself.
 

+Examples:
+
+  Become a founder (and operator) on the channel that you have
+  founded and have set the founder mode:
+
+    /CUMODE * +of yournick
+    /CUMODE channel_name +f yournick
+
+  Give operator privileges to your Friend on this channel:
+
+    /CUMODE * +o Friend
+
+  Quiet misbehaving user on your channel:
+
+    /CUMODE * +q lamer

 
 See also: CMODE, UMODE
 
 See also: CMODE, UMODE

diff --git a/apps/irssi/docs/help/in/key.in b/apps/irssi/docs/help/in/key.in
index bfc4cdc82190586e4e53277719e6e790bb01e3e0..06e115f51e3b7861604748937f79a73c95e42990 100644 (file)
--- a/apps/irssi/docs/help/in/key.in
+++ b/apps/irssi/docs/help/in/key.in
@@ -1,14 +1,12 @@
 
 @SYNTAX:key@
 
 
 @SYNTAX:key@
 

-This command is used to set and unset private keys for
-channels, set and unset private keys for private messages
-with remote clients and to send key agreement requests and
-negotiate the key agreement protocol with remote client.
-The key agreement is supported only to negotiate private
-message keys, it currently cannot be used to negotiate
-private keys for channels, as it is not convenient for that
-purpose.
+This command is used to set and unset private channel keys,
+set and unset private message keys with remote users, and
+to send key agreement requests and negotiate the key agreement
+protocol with remote user.  The key agreement is supported only
+to negotiate private message keys, it currently cannot be used
+to negotiate channel private keys.

 
 Types:
 
 
 Types: