-Mon Apr 2 1
5:13:23 EEST 2001 Pekka Riikonen <priikone@poseidon.pspt.fi>
+Mon Apr 2 1
3:13:23 EEST 2001 Pekka Riikonen <priikone@poseidon.pspt.fi>
* Updated TODO.
-TODO
-====
-
-This is more or less complete list of tasks that has to be done before
-SILC 1.0 could ever be released. It is clear that the list does not
-include all the bugs that exists. At the end of list are tasks that
-needs to be done but are probably post 1.0.
-
-Feel free to contribute if you have the ability and free time - all the
-help is really appreciated - and needed.
-
- - Pekka
-
-
TODO General
============
the SilcSocketConnection reference counter at all. This must be
fixed.
- o Logic for handling multiple same nicknames for example in private
- message sending. I guess the logic is done in server side but is
- missing from client.
-
o I guess, public key authentication (when connecting to a server)
is not working currently. It is just matter of loading the keys
- from file and using them (see corresponding code in server, it should
- support public key authentication already).
-
- o Non-blocking connection on the background must be stopped if some
- other connection on same window has established. Now it is possible
- that some non-blocking connection timeouts on the background when
- we already have a working connection to some other place; things
- goes bad.
+ from file and using them (see corresponding code in server).
o Add client library parameters or options that handle what kind of
messages the library should print out (using `say' client operation,
o SERVER_SIGNOFF notify type is not implemented
- o Packet processing can be made faster. All packet function in the
- packet_receive.c has same prototypes. Instead of calling those from
- huge switch() make a table of callback functions that can be called
- directly by the packet type.
+ o Acceptance of incoming connections (client and server connections)
+ should be checked before key exchange protocol. Currently it is
+ checked at the authentication phase after KE, that is ok, but it should
+ be checked before starting KE, as well.
o DNS/IP lookup blocks the server. This must be fixed. Check the
resolver stuff (resolver(3), resolver(5)). Either we have to do the
own resolver stuff (through scheduler, if possible without writing
too much own stuff) or use threads.
- o Acceptance of incoming connections (client and server connections)
- should be checked before key exchange protocol. Currently it is
- checked at the authentication phase after KE, that is ok, but it should
- be checked before starting KE, as well.
+ o Packet processing can be made faster. All packet function in the
+ packet_receive.c has same prototypes. Instead of calling those from
+ huge switch() make a table of callback functions that can be called
+ directly by the packet type.
o Server says that it is able to listen on multiple ports but currently
that is bogus. It can, but internals are for single server.
TODO In SILC Libraries
======================
- o The SKE Start Payload parsing routines are an overkill. Use the
- SILC_STR_UI16_NSTRING_ALLOC in the parsing and not parsing them
- one by one like done now.
-
o Implement PFS (Perfect Forward Secrecy) flag in SKE (and in client and
server, actually). If PFS is set, re-key must cause new key exchange.
This is required by the SILC protocol.
public keys blindly without third party verification; that's
why SENDKEY is not for servers).
- o New features in the KE/auth protocol
- (draft-riikonen-silc-ke-auth-xx.txt):
-
- o Define group exchange support for the SKE so that the SKE
- could be performed among more than two entities. This is not
- a showstopper and may be defined later.
-
TODO After 1.0
==============
goto out;
}
- chl->mode |= SILC_CHANNEL_UMODE_CHANFO;
+ sender_mask = chl->mode |= SILC_CHANNEL_UMODE_CHANFO;
notify = TRUE;
} else {
if (chl->mode & SILC_CHANNEL_UMODE_CHANFO) {
}
} else {
/* The entry exists. */
- if (entry->id)
- silc_free(entry->id);
+ if (cache->id)
+ silc_free(cache->id);
entry->id = id;
cache->id = entry->id;
entry->mode = mode;
/* Save channel key */
- if (!(entry->mode & SILC_CHANNEL_MODE_PRIVKEY)) {
+ if (!(entry->mode & SILC_CHANNEL_MODE_PRIVKEY))
silc_server_save_channel_key(server, keyp, entry);
- }
if (keyp)
silc_buffer_free(keyp);
silc_free(entry->cipher);
if (entry->hmac_name)
silc_free(entry->hmac_name);
+ if (entry->rekey)
+ silc_free(entry->rekey);
/* Free all data, free also any reference from the client's channel
list since they share the same memory. */
void *timeout_queue;
} *SilcIDListPurge;
+/* Channel key re-key context. */
+typedef struct {
+ void *context;
+ SilcChannelEntry channel;
+ unsigned int key_len;
+} *SilcServerChannelRekey;
+
/*
Generic ID list data structure.
HMAC of the channel.
+ SilcServerChannelRekey rekey
+
+ Channel key re-key context.
+
*/
struct SilcChannelEntryStruct {
char *channel_name;
unsigned int key_len;
unsigned char iv[SILC_CIPHER_MAX_IV_SIZE];
SilcHmac hmac;
+
+ SilcServerChannelRekey rekey;
};
/*
silc_list_count(channel->user_list) < 2) {
server->stat.my_channels--;
+ if (channel->rekey)
+ silc_task_unregister_by_context(server->timeout_queue, channel->rekey);
+
if (channel->founder_key) {
/* The founder auth data exists, do not remove the channel entry */
SilcChannelClientEntry chl2;
- silc_free(channel->id);
channel->id = NULL;
silc_list_start(channel->user_list);
server->stat.my_channels--;
+ if (channel->rekey)
+ silc_task_unregister_by_context(server->timeout_queue, channel->rekey);
+
if (channel->founder_key) {
/* The founder auth data exists, do not remove the channel entry */
SilcChannelClientEntry chl2;
- silc_free(channel->id);
channel->id = NULL;
silc_list_start(channel->user_list);
/* Remove channel if there is no users anymore */
if (server->server_type == SILC_ROUTER &&
silc_list_count(channel->user_list) < 2) {
+ if (channel->rekey)
+ silc_task_unregister_by_context(server->timeout_queue, channel->rekey);
if (!silc_idlist_del_channel(server->local_list, channel))
silc_idlist_del_channel(server->global_list, channel);
silc_buffer_free(clidp);
server->stat.my_channels--;
silc_buffer_free(clidp);
+ if (channel->rekey)
+ silc_task_unregister_by_context(server->timeout_queue, channel->rekey);
+
if (channel->founder_key) {
/* The founder auth data exists, do not remove the channel entry */
SilcChannelClientEntry chl2;
- silc_free(channel->id);
channel->id = NULL;
silc_list_start(channel->user_list);
return entry;
}
+/* Channel's key re-key timeout callback. */
+
+SILC_TASK_CALLBACK(silc_server_channel_key_rekey)
+{
+ SilcServerChannelRekey rekey = (SilcServerChannelRekey)context;
+ SilcServer server = (SilcServer)rekey->context;
+
+ silc_server_create_channel_key(server, rekey->channel, rekey->key_len);
+ silc_server_send_channel_key(server, NULL, rekey->channel, FALSE);
+
+ silc_task_register(server->timeout_queue, 0,
+ silc_server_channel_key_rekey,
+ (void *)rekey, 3600, 0,
+ SILC_TASK_TIMEOUT,
+ SILC_TASK_PRI_NORMAL);
+}
+
/* Generates new channel key. This is used to create the initial channel key
but also to re-generate new key for channel. If `key_len' is provided
it is the bytes of the key length. */
silc_hash_make(channel->hmac->hash, channel->key, len, hash);
silc_hmac_set_key(channel->hmac, hash, silc_hash_len(channel->hmac->hash));
memset(hash, 0, sizeof(hash));
+
+ if (server->server_type == SILC_ROUTER) {
+ if (!channel->rekey)
+ channel->rekey = silc_calloc(1, sizeof(*channel->rekey));
+ channel->rekey->context = (void *)server;
+ channel->rekey->channel = channel;
+ channel->rekey->key_len = key_len;
+
+ silc_task_unregister_by_callback(server->timeout_queue,
+ silc_server_channel_key_rekey);
+ silc_task_register(server->timeout_queue, 0,
+ silc_server_channel_key_rekey,
+ (void *)channel->rekey, 3600, 0,
+ SILC_TASK_TIMEOUT,
+ SILC_TASK_PRI_NORMAL);
+ }
}
/* Saves the channel key found in the encoded `key_payload' buffer. This
memset(hash, 0, sizeof(hash));
memset(tmp, 0, tmp_len);
+ if (server->server_type == SILC_ROUTER) {
+ if (!channel->rekey)
+ channel->rekey = silc_calloc(1, sizeof(*channel->rekey));
+ channel->rekey->context = (void *)server;
+ channel->rekey->channel = channel;
+
+ silc_task_unregister_by_callback(server->timeout_queue,
+ silc_server_channel_key_rekey);
+ silc_task_register(server->timeout_queue, 0,
+ silc_server_channel_key_rekey,
+ (void *)channel->rekey, 3600, 0,
+ SILC_TASK_TIMEOUT,
+ SILC_TASK_PRI_NORMAL);
+ }
+
out:
if (id)
silc_free(id);
}
}
+/* Unregister a task by context. This invalidates the task. */
+
+void silc_task_unregister_by_context(SilcTaskQueue queue, void *context)
+{
+ SilcTask next;
+
+ SILC_LOG_DEBUG(("Unregister task by context"));
+
+ if (queue->task == NULL)
+ return;
+
+ next = queue->task;
+
+ while(1) {
+ if (next->context == context)
+ next->valid = FALSE;
+ if (queue->task == next->next)
+ break;
+ next = next->next;
+ }
+}
+
/* Sets the I/O mask for the task. Only one I/O type can be set at a
time. */
void silc_task_unregister_by_fd(SilcTaskQueue queue, int fd);
void silc_task_unregister_by_callback(SilcTaskQueue queue,
SilcTaskCallback callback);
+void silc_task_unregister_by_context(SilcTaskQueue queue, void *context);
void silc_task_set_iotype(SilcTask task, int type);
void silc_task_reset_iotype(SilcTask task, int type);
int silc_task_timeout_compare(struct timeval *smaller,
projects / silc.git / commitdiff