|
|
@@ -11,7 +11,58 @@ ARMA - arma claims
|
|
|
D Deferred
|
|
|
X Abandoned
|
|
|
|
|
|
+Short-term:
|
|
|
+NICK . routers have identity key, link key, onion key.
|
|
|
+ - link key certs are signed by identity key
|
|
|
+ - not in descriptor
|
|
|
+ - not in config
|
|
|
+ - not on disk
|
|
|
+ - identity and onion keys are in descriptor (and disk?)
|
|
|
+NICK - upon boot, if it doesn't find identity key, generate it and write it.
|
|
|
+NICK - also write a file with the identity key fingerprint in it
|
|
|
+NICK - router generates descriptor: flesh out router_get_my_descriptor()
|
|
|
+ - figure out what directory generation stuff can be moved out of main.c
|
|
|
+NICK - Routers sign descriptors with identity key
|
|
|
+NICK - routers put version number in descriptor
|
|
|
+NICK - routers should maybe have `uname -a` in descriptor?
|
|
|
+NICK . Give nicknames to routers
|
|
|
+ o in config
|
|
|
+ - in descriptors
|
|
|
+ARMA - router posts descriptor
|
|
|
+ - when it boots
|
|
|
+ - when it changes
|
|
|
+NICK - change tls stuff so certs don't get written to disk, or read from disk
|
|
|
+ARMA - make directory.c threadsafe (or at least safe for multiple posts)
|
|
|
+NICK ? dirserver parses descriptor
|
|
|
+ - dirserver checks signature
|
|
|
+ D client checks signature?
|
|
|
+NICK - dirserver writes directory to file
|
|
|
+ - reads that file upon boot
|
|
|
+NICK - directory includes all routers, up and down
|
|
|
+NICK - add "up" line to directory, listing nicknames
|
|
|
+ARMA - find an application that uses half-open connections, to test
|
|
|
+NICK - instruments ORs to report stats
|
|
|
+ - average cell fullness
|
|
|
+ - average bandwidth used
|
|
|
+ - others?
|
|
|
+ARMA - integrate rep_ok functions, see what breaks
|
|
|
+ARMA - configure log files. separate log file, separate severities.
|
|
|
+ARMA - what assumptions break if we fclose(0) when we daemonize?
|
|
|
+NICK - make buffer struct elements opaque outside buffers.c
|
|
|
+ARMA - Go through log messages, reduce confusing error messages.
|
|
|
+ARMA - make the logs include more info (fd, etc)
|
|
|
+ARMA - add log convention to the HACKING file
|
|
|
+ - make 'make install' do the right thing
|
|
|
+ARMA - change binary name to tor
|
|
|
+ARMA - change config files so you look at commandline, else look in
|
|
|
+ /etc/torrc. no cascading.
|
|
|
+ARMA - have an absolute datadir with fixed names for files, and fixed-name
|
|
|
+ keydir under that with fixed names
|
|
|
+ARMA - tor faq
|
|
|
+ list all other systems, why we're different.
|
|
|
|
|
|
+Mid-term:
|
|
|
+ - What happens when a circuit's length is 1? What breaks?
|
|
|
. streams / circuits
|
|
|
o Implement streams
|
|
|
o Rotate circuits after N minutes?
|
|
|
@@ -41,17 +92,12 @@ ARMA . Exit policies
|
|
|
when the AP get an extended cell.
|
|
|
SPEC!! D Non-clique topologies
|
|
|
D Implement our own memory management, at least for common structs
|
|
|
- . Appropriate logging
|
|
|
- - Come up with convention for what log level means what
|
|
|
- - Make code follow convention
|
|
|
. Put CPU workers in separate processes
|
|
|
o Handle multiple cpu workers (one for each cpu, plus one)
|
|
|
o Queue for pending tasks if all workers full
|
|
|
o Support the 'process this onion' task
|
|
|
-NICK - Support the 'decrypt this RSA blob' handshake1 task
|
|
|
- - Merge dnsworkers and cpuworkers to some extent
|
|
|
+ D Merge dnsworkers and cpuworkers to some extent
|
|
|
- Handle cpuworkers dying
|
|
|
- D Support later handshake parts
|
|
|
o Simple directory servers
|
|
|
o Include key in source; sign directories
|
|
|
o Signed directory backend
|
|
|
@@ -65,15 +111,6 @@ NICK - Support the 'decrypt this RSA blob' handshake1 task
|
|
|
o Command-line option to override quit
|
|
|
o Add more information to directory server entries
|
|
|
o Exit policies
|
|
|
- - More directory servers
|
|
|
- - Add in long-term nicknames
|
|
|
- - Give normal routers signing keys
|
|
|
- - Let dirservers keep only {nickname, signingkey} in routers.or
|
|
|
- - dirport needs to accept 'post' requests
|
|
|
- for routers submitting (signed) new entries
|
|
|
- - routers submit new entries periodically
|
|
|
- - dirserver checks signature
|
|
|
- D client checks signature?
|
|
|
D Advanced directory servers
|
|
|
D Automated reputation management
|
|
|
SPEC!! D Figure out how to do threshold directory servers
|
|
|
@@ -86,7 +123,7 @@ SPEC!! D Figure out how to do threshold directory servers
|
|
|
. Get socks4a support into Mozilla
|
|
|
. Get tor to act like a socks server
|
|
|
o socks4, socks4a
|
|
|
- D socks5
|
|
|
+ARMA - socks5
|
|
|
SPEC!! - Handle socks commands other than connect, eg, bind?
|
|
|
. Develop rendezvous points
|
|
|
o Design
|
|
|
@@ -115,7 +152,7 @@ NICK . Daemonize and package
|
|
|
o Teach it to fork and background
|
|
|
- Red Hat spec file
|
|
|
- Debian spec file equivalent
|
|
|
- . Autoconf
|
|
|
+ . Portability
|
|
|
. Which .h files are we actually using?
|
|
|
. Port to:
|
|
|
o Linux
|
|
|
@@ -124,13 +161,14 @@ NICK . Daemonize and package
|
|
|
o Cygwin
|
|
|
o Win32
|
|
|
o OS X
|
|
|
+ - deal with pollhup / reached_eof on all platforms
|
|
|
o openssl randomness
|
|
|
o inet_ntoa
|
|
|
. stdint.h
|
|
|
- Make a script to set up a local network on your machine
|
|
|
- D Move away from openssl
|
|
|
+ X Move away from openssl
|
|
|
o Abstract out crypto calls
|
|
|
- D Look at nss, others? Just include code?
|
|
|
+ X Look at nss, others? Just include code?
|
|
|
o Clearer bandwidth management
|
|
|
o Do we want to remove bandwidth from OR handshakes?
|
|
|
o What about OP handshakes?
|
|
|
@@ -173,7 +211,7 @@ Older (done) todo stuff:
|
|
|
o An address doesn't resolve
|
|
|
o We have max workers running
|
|
|
o Consider taking the master out of the loop?
|
|
|
- D Implement reply onions
|
|
|
+ X Implement reply onions
|
|
|
o Total rate limiting
|
|
|
o Look at OR handshake in more detail
|
|
|
o Spec it
|
Roger Dingledine